From 90efdb3a5b7eecb23d78cffee24c3181280efa56 Mon Sep 17 00:00:00 2001 From: Adam Malcontenti-Wilson Date: Sat, 23 Jun 2012 11:39:10 +1000 Subject: [PATCH 01/35] build: improve armv7 / hard-float detection --- configure | 68 ++++++++++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 62 insertions(+), 6 deletions(-) diff --git a/configure b/configure index 48d65385e93..3b9c9a3821c 100755 --- a/configure +++ b/configure @@ -164,6 +164,12 @@ parser.add_option("--no-ifaddrs", dest="no_ifaddrs", help="Use on deprecated SunOS systems that do not support ifaddrs.h") +parser.add_option("--with-arm-float-abi", + action="store", + dest="arm_float_abi", + help="Specifies which floating-point ABI to use. Valid values are: " + "soft, softfp, hard") + (options, args) = parser.parse_args() @@ -189,8 +195,8 @@ def pkg_config(pkg): return (libs, cflags) -def host_arch_cc(): - """Host architecture check using the CC command.""" +def cc_macros(): + """Checks predefined macros using the CC command.""" try: p = subprocess.Popen(CC.split() + ['-dM', '-E', '-'], @@ -219,6 +225,52 @@ def host_arch_cc(): key = lst[1] val = lst[2] k[key] = val + return k + + +def is_arch_armv7(): + """Check for ARMv7 instructions""" + cc_macros_cache = cc_macros() + return ('__ARM_ARCH_7__' in cc_macros_cache or + '__ARM_ARCH_7A__' in cc_macros_cache or + '__ARM_ARCH_7R__' in cc_macros_cache or + '__ARM_ARCH_7M__' in cc_macros_cache) + + +def arm_hard_float_abi(): + """Check for hardfloat or softfloat eabi on ARM""" + # GCC versions 4.6 and above define __ARM_PCS or __ARM_PCS_VFP to specify + # the Floating Point ABI used (PCS stands for Procedure Call Standard). + # We use these as well as a couple of other defines to statically determine + # what FP ABI used. + # GCC versions 4.4 and below don't support hard-fp. + # GCC versions 4.5 may support hard-fp without defining __ARM_PCS or + # __ARM_PCS_VFP. + + if compiler_version() >= (4, 6, 0): + return '__ARM_PCS_VFP' in cc_macros() + elif compiler_version() < (4, 5, 0): + return False + elif '__ARM_PCS_VFP' in cc_macros(): + return True + elif ('__ARM_PCS' in cc_macros() or + '__SOFTFP' in cc_macros() or + not '__VFP_FP__' in cc_macros()): + return False + else: + print '''Node.js configure error: Your version of GCC does not report + the Floating-Point ABI to compile for your hardware + + Please manually specify which floating-point ABI to use with the + --with-arm-float-abi option. + ''' + sys.exit() + + +def host_arch_cc(): + """Host architecture check using the CC command.""" + + k = cc_macros() matchup = { '__x86_64__' : 'x64', @@ -277,11 +329,15 @@ def configure_node(o): o['variables']['host_arch'] = host_arch o['variables']['target_arch'] = target_arch - # V8 on ARM requires that armv7 is set. We don't have a good way to detect - # the CPU model right now so we pick a default and hope that it works okay - # for the majority of users. + # V8 on ARM requires that armv7 is set. CPU Model detected by + # the presence of __ARM_ARCH_7__ and the like defines in compiler if target_arch == 'arm': - o['variables']['armv7'] = 0 # FIXME + if options.arm_float_abi: + hard_float = options.arm_float_abi == 'hard' + else: + hard_float = arm_hard_float_abi() + o['variables']['v8_use_arm_eabi_hardfloat'] = b(hard_float) + o['variables']['armv7'] = 1 if is_arch_armv7() else 0 # clang has always supported -fvisibility=hidden, right? cc_version, is_clang = compiler_version() From f70b138fcbf88e23ae5f645fa70041a7ae3f8359 Mon Sep 17 00:00:00 2001 From: Trent Mick Date: Fri, 27 Jul 2012 10:56:40 -0700 Subject: [PATCH 02/35] always link sunos builds with libumem --- node.gyp | 1 + 1 file changed, 1 insertion(+) diff --git a/node.gyp b/node.gyp index 4b6c83fc8ac..84ec69d6b76 100644 --- a/node.gyp +++ b/node.gyp @@ -226,6 +226,7 @@ [ 'OS=="solaris"', { 'libraries': [ '-lkstat', + '-lumem', ], }], ], From d559bed0d59c3666718b847a11a7ba42dd4de54e Mon Sep 17 00:00:00 2001 From: Ben Noordhuis Date: Sat, 28 Jul 2012 14:10:10 +0200 Subject: [PATCH 03/35] node: use variadic functions in ev-emul.h Fixes #3786. --- src/ev-emul.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/ev-emul.h b/src/ev-emul.h index 3d0c77e9160..3ec8613978d 100644 --- a/src/ev-emul.h +++ b/src/ev-emul.h @@ -230,12 +230,12 @@ inline static void __ev_unref(void) { } -inline static double __ev_now(/* variadic */) { +inline static double __ev_now(...) { return uv_hrtime() / 1e9; } -inline static void __ev_set_priority(/* variadic */) { +inline static void __ev_set_priority(...) { } From 879d329a5a8d82d9c30e1439ff36accbf5d8a1e7 Mon Sep 17 00:00:00 2001 From: Ben Noordhuis Date: Sat, 28 Jul 2012 16:50:55 +0200 Subject: [PATCH 04/35] deps: upgrade libuv to 4fe1916 --- deps/uv/include/uv-private/uv-unix.h | 17 ++--- deps/uv/src/unix/linux/inotify.c | 110 +++++++++++++++++---------- deps/uv/src/unix/loop.c | 2 +- deps/uv/src/unix/thread.c | 6 +- deps/uv/test/benchmark-sizes.c | 2 + deps/uv/test/test-fs-event.c | 32 ++++++++ deps/uv/test/test-list.h | 2 + 7 files changed, 116 insertions(+), 55 deletions(-) diff --git a/deps/uv/include/uv-private/uv-unix.h b/deps/uv/include/uv-private/uv-unix.h index 7b86c0ea6dc..40bbdf6ed86 100644 --- a/deps/uv/include/uv-private/uv-unix.h +++ b/deps/uv/include/uv-private/uv-unix.h @@ -105,11 +105,8 @@ struct uv__io_s { #if __linux__ # define UV_LOOP_PRIVATE_PLATFORM_FIELDS \ - /* RB_HEAD(uv__inotify_watchers, uv_fs_event_s) */ \ - struct uv__inotify_watchers { \ - struct uv_fs_event_s* rbh_root; \ - } inotify_watchers; \ uv__io_t inotify_read_watcher; \ + void* inotify_watchers; \ int inotify_fd; #elif defined(PORT_SOURCE_FILE) # define UV_LOOP_PRIVATE_PLATFORM_FIELDS \ @@ -277,15 +274,11 @@ struct uv__io_s { #if defined(__linux__) #define UV_FS_EVENT_PRIVATE_FIELDS \ - /* RB_ENTRY(fs_event_s) node; */ \ - struct { \ - struct uv_fs_event_s* rbe_left; \ - struct uv_fs_event_s* rbe_right; \ - struct uv_fs_event_s* rbe_parent; \ - int rbe_color; \ - } node; \ + ngx_queue_t watchers; \ uv_fs_event_cb cb; \ - int fd; \ + int wd; \ + void* pad0; \ + void* pad1; \ #elif defined(__APPLE__) \ || defined(__FreeBSD__) \ diff --git a/deps/uv/src/unix/linux/inotify.c b/deps/uv/src/unix/linux/inotify.c index 54525bc7f11..51ea996aeeb 100644 --- a/deps/uv/src/unix/linux/inotify.c +++ b/deps/uv/src/unix/linux/inotify.c @@ -33,6 +33,18 @@ #include #include +struct watcher_list { + RB_ENTRY(watcher_list) entry; + ngx_queue_t watchers; + char* path; + int wd; +}; + +struct watcher_root { + struct watcher_list* rbh_root; +}; +#define CAST(p) ((struct watcher_root*)(p)) + /* Don't look aghast, this is exactly how glibc's basename() works. */ static char* basename_r(const char* path) { @@ -41,14 +53,15 @@ static char* basename_r(const char* path) { } -static int compare_watchers(const uv_fs_event_t* a, const uv_fs_event_t* b) { - if (a->fd < b->fd) return -1; - if (a->fd > b->fd) return 1; +static int compare_watchers(const struct watcher_list* a, + const struct watcher_list* b) { + if (a->wd < b->wd) return -1; + if (a->wd > b->wd) return 1; return 0; } -RB_GENERATE_STATIC(uv__inotify_watchers, uv_fs_event_s, node, compare_watchers) +RB_GENERATE_STATIC(watcher_root, watcher_list, entry, compare_watchers) static void uv__inotify_read(uv_loop_t* loop, uv__io_t* w, int revents); @@ -95,36 +108,27 @@ static int init_inotify(uv_loop_t* loop) { } -static void add_watcher(uv_fs_event_t* handle) { - RB_INSERT(uv__inotify_watchers, &handle->loop->inotify_watchers, handle); +static struct watcher_list* find_watcher(uv_loop_t* loop, int wd) { + struct watcher_list w; + w.wd = wd; + return RB_FIND(watcher_root, CAST(&loop->inotify_watchers), &w); } -static uv_fs_event_t* find_watcher(uv_loop_t* loop, int wd) { - uv_fs_event_t handle; - handle.fd = wd; - return RB_FIND(uv__inotify_watchers, &loop->inotify_watchers, &handle); -} - - -static void remove_watcher(uv_fs_event_t* handle) { - RB_REMOVE(uv__inotify_watchers, &handle->loop->inotify_watchers, handle); -} - - -static void uv__inotify_read(uv_loop_t* loop, uv__io_t* w, int events) { +static void uv__inotify_read(uv_loop_t* loop, uv__io_t* dummy, int events) { const struct uv__inotify_event* e; - uv_fs_event_t* handle; - const char* filename; + struct watcher_list* w; + uv_fs_event_t* h; + ngx_queue_t* q; + const char* path; ssize_t size; const char *p; /* needs to be large enough for sizeof(inotify_event) + strlen(filename) */ char buf[4096]; while (1) { - do { - size = read(loop->inotify_fd, buf, sizeof buf); - } + do + size = read(loop->inotify_fd, buf, sizeof(buf)); while (size == -1 && errno == EINTR); if (size == -1) { @@ -144,17 +148,20 @@ static void uv__inotify_read(uv_loop_t* loop, uv__io_t* w, int events) { if (e->mask & ~(UV__IN_ATTRIB|UV__IN_MODIFY)) events |= UV_RENAME; - handle = find_watcher(loop, e->wd); - if (handle == NULL) - continue; /* Handle has already been closed. */ + w = find_watcher(loop, e->wd); + if (w == NULL) + continue; /* Stale event, no watchers left. */ /* inotify does not return the filename when monitoring a single file * for modifications. Repurpose the filename for API compatibility. * I'm not convinced this is a good thing, maybe it should go. */ - filename = e->len ? (const char*) (e + 1) : basename_r(handle->filename); + path = e->len ? (const char*) (e + 1) : basename_r(w->path); - handle->cb(handle, filename, events, 0); + ngx_queue_foreach(q, &w->watchers) { + h = ngx_queue_data(q, uv_fs_event_t, watchers); + h->cb(h, path, events, 0); + } } } } @@ -162,9 +169,10 @@ static void uv__inotify_read(uv_loop_t* loop, uv__io_t* w, int events) { int uv_fs_event_init(uv_loop_t* loop, uv_fs_event_t* handle, - const char* filename, + const char* path, uv_fs_event_cb cb, int flags) { + struct watcher_list* w; int events; int wd; @@ -184,26 +192,50 @@ int uv_fs_event_init(uv_loop_t* loop, | UV__IN_MOVED_FROM | UV__IN_MOVED_TO; - wd = uv__inotify_add_watch(loop->inotify_fd, filename, events); - if (wd == -1) return uv__set_sys_error(loop, errno); + wd = uv__inotify_add_watch(loop->inotify_fd, path, events); + if (wd == -1) + return uv__set_sys_error(loop, errno); + w = find_watcher(loop, wd); + if (w) + goto no_insert; + + w = malloc(sizeof(*w) + strlen(path) + 1); + if (w == NULL) + return uv__set_sys_error(loop, ENOMEM); + + w->wd = wd; + w->path = strcpy((char*)(w + 1), path); + ngx_queue_init(&w->watchers); + RB_INSERT(watcher_root, CAST(&loop->inotify_watchers), w); + +no_insert: uv__handle_init(loop, (uv_handle_t*)handle, UV_FS_EVENT); uv__handle_start(handle); /* FIXME shouldn't start automatically */ - handle->filename = strdup(filename); + ngx_queue_insert_tail(&w->watchers, &handle->watchers); + handle->filename = w->path; handle->cb = cb; - handle->fd = wd; - add_watcher(handle); + handle->wd = wd; return 0; } void uv__fs_event_close(uv_fs_event_t* handle) { - uv__inotify_rm_watch(handle->loop->inotify_fd, handle->fd); - remove_watcher(handle); - handle->fd = -1; + struct watcher_list* w; - free(handle->filename); + w = find_watcher(handle->loop, handle->wd); + assert(w != NULL); + + handle->wd = -1; handle->filename = NULL; uv__handle_stop(handle); + ngx_queue_remove(&handle->watchers); + + if (ngx_queue_empty(&w->watchers)) { + /* No watchers left for this path. Clean up. */ + RB_REMOVE(watcher_root, CAST(&handle->loop->inotify_watchers), w); + uv__inotify_rm_watch(handle->loop->inotify_fd, w->wd); + free(w); + } } diff --git a/deps/uv/src/unix/loop.c b/deps/uv/src/unix/loop.c index 75fad43626f..fcf9faf309d 100644 --- a/deps/uv/src/unix/loop.c +++ b/deps/uv/src/unix/loop.c @@ -54,7 +54,7 @@ int uv__loop_init(uv_loop_t* loop, int default_loop) { eio_channel_init(&loop->uv_eio_channel, loop); #if __linux__ - RB_INIT(&loop->inotify_watchers); + loop->inotify_watchers = NULL; loop->inotify_fd = -1; #endif #if HAVE_PORTS_FS diff --git a/deps/uv/src/unix/thread.c b/deps/uv/src/unix/thread.c index a267d337d76..67c7876988d 100644 --- a/deps/uv/src/unix/thread.c +++ b/deps/uv/src/unix/thread.c @@ -78,7 +78,7 @@ int uv_mutex_trylock(uv_mutex_t* mutex) { r = pthread_mutex_trylock(mutex); - if (r && r != EAGAIN) + if (r && r != EBUSY && r != EAGAIN) abort(); if (r) @@ -119,7 +119,7 @@ int uv_rwlock_tryrdlock(uv_rwlock_t* rwlock) { r = pthread_rwlock_tryrdlock(rwlock); - if (r && r != EAGAIN) + if (r && r != EBUSY && r != EAGAIN) abort(); if (r) @@ -146,7 +146,7 @@ int uv_rwlock_trywrlock(uv_rwlock_t* rwlock) { r = pthread_rwlock_trywrlock(rwlock); - if (r && r != EAGAIN) + if (r && r != EBUSY && r != EAGAIN) abort(); if (r) diff --git a/deps/uv/test/benchmark-sizes.c b/deps/uv/test/benchmark-sizes.c index 6d16e3ca50d..b9cf74f2fbf 100644 --- a/deps/uv/test/benchmark-sizes.c +++ b/deps/uv/test/benchmark-sizes.c @@ -36,7 +36,9 @@ BENCHMARK_IMPL(sizes) { LOGF("uv_idle_t: %u bytes\n", (unsigned int) sizeof(uv_idle_t)); LOGF("uv_async_t: %u bytes\n", (unsigned int) sizeof(uv_async_t)); LOGF("uv_timer_t: %u bytes\n", (unsigned int) sizeof(uv_timer_t)); + LOGF("uv_fs_event_t: %u bytes\n", (unsigned int) sizeof(uv_fs_event_t)); LOGF("uv_process_t: %u bytes\n", (unsigned int) sizeof(uv_process_t)); LOGF("uv_poll_t: %u bytes\n", (unsigned int) sizeof(uv_poll_t)); + LOGF("uv_loop_t: %u bytes\n", (unsigned int) sizeof(uv_loop_t)); return 0; } diff --git a/deps/uv/test/test-fs-event.c b/deps/uv/test/test-fs-event.c index fe7bce2afcf..4d4cfbc31b1 100644 --- a/deps/uv/test/test-fs-event.c +++ b/deps/uv/test/test-fs-event.c @@ -85,6 +85,13 @@ static void close_cb(uv_handle_t* handle) { close_cb_called++; } +static void fail_cb(uv_fs_event_t* handle, + const char* path, + int events, + int status) { + ASSERT(0 && "fail_cb called"); +} + static void fs_event_cb_dir(uv_fs_event_t* handle, const char* filename, int events, int status) { ++fs_event_cb_called; @@ -159,6 +166,13 @@ static void timer_cb_touch(uv_timer_t* timer, int status) { timer_cb_touch_called++; } +static void timer_cb_watch_twice(uv_timer_t* handle, int status) { + uv_fs_event_t* handles = handle->data; + uv_close((uv_handle_t*) (handles + 0), NULL); + uv_close((uv_handle_t*) (handles + 1), NULL); + uv_close((uv_handle_t*) handle, NULL); +} + TEST_IMPL(fs_event_watch_dir) { uv_fs_t fs_req; uv_loop_t* loop = uv_default_loop(); @@ -225,6 +239,24 @@ TEST_IMPL(fs_event_watch_file) { return 0; } +TEST_IMPL(fs_event_watch_file_twice) { + const char path[] = "test/fixtures/empty_file"; + uv_fs_event_t watchers[2]; + uv_timer_t timer; + uv_loop_t* loop; + + loop = uv_default_loop(); + timer.data = watchers; + + ASSERT(0 == uv_fs_event_init(loop, watchers + 0, path, fail_cb, 0)); + ASSERT(0 == uv_fs_event_init(loop, watchers + 1, path, fail_cb, 0)); + ASSERT(0 == uv_timer_init(loop, &timer)); + ASSERT(0 == uv_timer_start(&timer, timer_cb_watch_twice, 10, 0)); + ASSERT(0 == uv_run(loop)); + + return 0; +} + TEST_IMPL(fs_event_watch_file_current_dir) { uv_timer_t timer; uv_loop_t* loop; diff --git a/deps/uv/test/test-list.h b/deps/uv/test/test-list.h index 76651499646..19670e56843 100644 --- a/deps/uv/test/test-list.h +++ b/deps/uv/test/test-list.h @@ -158,6 +158,7 @@ TEST_DECLARE (fs_stat_missing_path) TEST_DECLARE (fs_read_file_eof) TEST_DECLARE (fs_event_watch_dir) TEST_DECLARE (fs_event_watch_file) +TEST_DECLARE (fs_event_watch_file_twice) TEST_DECLARE (fs_event_watch_file_current_dir) TEST_DECLARE (fs_event_no_callback_on_close) TEST_DECLARE (fs_event_immediate_close) @@ -396,6 +397,7 @@ TASK_LIST_START TEST_ENTRY (fs_file_open_append) TEST_ENTRY (fs_event_watch_dir) TEST_ENTRY (fs_event_watch_file) + TEST_ENTRY (fs_event_watch_file_twice) TEST_ENTRY (fs_event_watch_file_current_dir) TEST_ENTRY (fs_event_no_callback_on_close) TEST_ENTRY (fs_event_immediate_close) From aa0650f4444c438d9538135a3707de3f2f313081 Mon Sep 17 00:00:00 2001 From: Ben Noordhuis Date: Sun, 29 Jul 2012 01:59:26 +0200 Subject: [PATCH 05/35] cluster: fix libuv assert in net.listen() Problem: calling `server.listen()` (no port) on a net.Server triggered the following libuv assertion: node: ../deps/uv/src/unix/stream.c:406: uv__write: Assertion `fd_to_send >= 0' failed. Cause: uv_tcp_t handles are lazily initialized. Omitting the port made the handle get initialized even more lazily. Too lazily - it wasn't initialized when the handle was sent over to the child process. Solution: implicitly bind to a random port in listen() when the port number is omitted, it forces the handle to initialize. This is not a change in behavior, listen() has always been identical to listen(0). Fixes #3325. --- lib/net.js | 5 ++-- test/simple/test-cluster-net-listen.js | 41 ++++++++++++++++++++++++++ 2 files changed, 43 insertions(+), 3 deletions(-) create mode 100644 test/simple/test-cluster-net-listen.js diff --git a/lib/net.js b/lib/net.js index 170c06e57a6..b6cbe4f5410 100644 --- a/lib/net.js +++ b/lib/net.js @@ -967,9 +967,8 @@ Server.prototype.listen = function() { var TCP = process.binding('tcp_wrap').TCP; if (arguments.length == 0 || typeof arguments[0] == 'function') { - // Don't bind(). OS will assign a port with INADDR_ANY. - // The port can be found with server.address() - listen(self, null, null, backlog); + // Bind to a random port. + listen(self, '0.0.0.0', 0, null, backlog); } else if (arguments[0] && typeof arguments[0] === 'object') { var h = arguments[0]; diff --git a/test/simple/test-cluster-net-listen.js b/test/simple/test-cluster-net-listen.js new file mode 100644 index 00000000000..927169c7296 --- /dev/null +++ b/test/simple/test-cluster-net-listen.js @@ -0,0 +1,41 @@ +// Copyright Joyent, Inc. and other Node contributors. +// +// Permission is hereby granted, free of charge, to any person obtaining a +// copy of this software and associated documentation files (the +// "Software"), to deal in the Software without restriction, including +// without limitation the rights to use, copy, modify, merge, publish, +// distribute, sublicense, and/or sell copies of the Software, and to permit +// persons to whom the Software is furnished to do so, subject to the +// following conditions: +// +// The above copyright notice and this permission notice shall be included +// in all copies or substantial portions of the Software. +// +// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS +// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN +// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, +// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR +// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE +// USE OR OTHER DEALINGS IN THE SOFTWARE. + +var common = require('../common'); +var assert = require('assert'); +var cluster = require('cluster'); +var net = require('net'); + +if (cluster.isMaster) { + // ensure that the worker exits peacefully + var worker = cluster.fork(); + worker.on('exit', function(statusCode) { + assert.equal(statusCode, 0); + worker = null; + }); + process.on('exit', function() { + assert.equal(worker, null); + }); +} +else { + // listen() without port should not trigger a libuv assert + net.createServer(assert.fail).listen(process.exit); +} From 72bc4dcda4cfa99ed064419e40d104bd1b2e0e25 Mon Sep 17 00:00:00 2001 From: koichik Date: Sat, 24 Mar 2012 16:00:14 +0900 Subject: [PATCH 06/35] assert: fix throws() throws an error without message property Fixes #2893. --- lib/assert.js | 4 ++-- test/simple/test-assert.js | 10 ++++++++++ 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/lib/assert.js b/lib/assert.js index 50a6920a23e..70dc0b0eedc 100644 --- a/lib/assert.js +++ b/lib/assert.js @@ -306,11 +306,11 @@ function _throws(shouldThrow, block, expected, message) { (message ? ' ' + message : '.'); if (shouldThrow && !actual) { - fail('Missing expected exception' + message); + fail(actual, expected, 'Missing expected exception' + message); } if (!shouldThrow && expectedException(actual, expected)) { - fail('Got unwanted exception' + message); + fail(actual, expected, 'Got unwanted exception' + message); } if ((shouldThrow && actual && expected && diff --git a/test/simple/test-assert.js b/test/simple/test-assert.js index 13c7e494e16..081eb76b653 100644 --- a/test/simple/test-assert.js +++ b/test/simple/test-assert.js @@ -283,3 +283,13 @@ testAssertionMessage({a: undefined, b: null}, '{"a":"undefined","b":null}'); testAssertionMessage({a: NaN, b: Infinity, c: -Infinity}, '{"a":"NaN","b":"Infinity","c":"-Infinity"}'); +// #2893 +try { + assert.throws(function () { + assert.ifError(null); + }); +} catch (e) { + threw = true; + assert.equal(e.message, 'Missing expected exception..'); +} +assert.ok(threw); From b3cf3f35fcf192c717e7a393fb984bf6f879d0cc Mon Sep 17 00:00:00 2001 From: isaacs Date: Sat, 28 Jul 2012 14:00:27 -0700 Subject: [PATCH 07/35] Report errors properly from --eval and stdin --- src/node.cc | 49 +++++++++++++++++----------- src/node.js | 16 ++++++++-- src/node_script.cc | 1 + test/message/eval_messages.js | 53 +++++++++++++++++++++++++++++++ test/message/eval_messages.out | 58 ++++++++++++++++++++++++++++++++++ test/simple/test-cli-eval.js | 19 +++++------ 6 files changed, 166 insertions(+), 30 deletions(-) create mode 100644 test/message/eval_messages.js create mode 100644 test/message/eval_messages.out diff --git a/src/node.cc b/src/node.cc index 257b96e9eb9..a1e9fd84758 100644 --- a/src/node.cc +++ b/src/node.cc @@ -1214,8 +1214,15 @@ ssize_t DecodeWrite(char *buf, return buflen; } - void DisplayExceptionLine (TryCatch &try_catch) { + // Prevent re-entry into this function. For example, if there is + // a throw from a program in vm.runInThisContext(code, filename, true), + // then we want to show the original failure, not the secondary one. + static bool displayed_error = false; + + if (displayed_error) return; + displayed_error = true; + HandleScope scope; Handle message = try_catch.Message(); @@ -1234,33 +1241,37 @@ void DisplayExceptionLine (TryCatch &try_catch) { String::Utf8Value sourceline(message->GetSourceLine()); const char* sourceline_string = *sourceline; - // HACK HACK HACK - // - // FIXME - // - // Because of how CommonJS modules work, all scripts are wrapped with a - // "function (function (exports, __filename, ...) {" + // Because of how node modules work, all scripts are wrapped with a + // "function (module, exports, __filename, ...) {" // to provide script local variables. // // When reporting errors on the first line of a script, this wrapper - // function is leaked to the user. This HACK is to remove it. The length - // of the wrapper is 62. That wrapper is defined in src/node.js + // function is leaked to the user. There used to be a hack here to + // truncate off the first 62 characters, but it caused numerous other + // problems when vm.runIn*Context() methods were used for non-module + // code. // - // If that wrapper is ever changed, then this number also has to be - // updated. Or - someone could clean this up so that the two peices - // don't need to be changed. + // If we ever decide to re-instate such a hack, the following steps + // must be taken: // - // Even better would be to get support into V8 for wrappers that - // shouldn't be reported to users. - int offset = linenum == 1 ? 62 : 0; + // 1. Pass a flag around to say "this code was wrapped" + // 2. Update the stack frame output so that it is also correct. + // + // It would probably be simpler to add a line rather than add some + // number of characters to the first line, since V8 truncates the + // sourceline to 78 characters, and we end up not providing very much + // useful debugging info to the user if we remove 62 characters. - fprintf(stderr, "%s\n", sourceline_string + offset); - // Print wavy underline (GetUnderline is deprecated). int start = message->GetStartColumn(); - for (int i = offset; i < start; i++) { + int end = message->GetEndColumn(); + + // fprintf(stderr, "---\nsourceline:%s\noffset:%d\nstart:%d\nend:%d\n---\n", sourceline_string, start, end); + + fprintf(stderr, "%s\n", sourceline_string); + // Print wavy underline (GetUnderline is deprecated). + for (int i = 0; i < start; i++) { fputc((sourceline_string[i] == '\t') ? '\t' : ' ', stderr); } - int end = message->GetEndColumn(); for (int i = start; i < end; i++) { fputc('^', stderr); } diff --git a/src/node.js b/src/node.js index eb31b4b332e..071016e0d04 100644 --- a/src/node.js +++ b/src/node.js @@ -73,7 +73,7 @@ } else if (process._eval != null) { // User passed '-e' or '--eval' arguments to Node. - evalScript('eval'); + evalScript('[eval]'); } else if (process.argv[1]) { // make process.argv[1] into a full path var path = NativeModule.require('path'); @@ -267,7 +267,19 @@ var module = new Module(name); module.filename = path.join(cwd, name); module.paths = Module._nodeModulePaths(cwd); - var result = module._compile('return eval(process._eval)', name); + var script = process._eval; + if (!Module._contextLoad) { + var body = script; + script = 'global.__filename = ' + JSON.stringify(name) + ';\n' + + 'global.exports = exports;\n' + + 'global.module = module;\n' + + 'global.__dirname = __dirname;\n' + + 'global.require = require;\n' + + 'return require("vm").runInThisContext(' + + JSON.stringify(body) + ', ' + + JSON.stringify(name) + ', true);\n'; + } + var result = module._compile(script, name + '-wrapper'); if (process._print_eval) console.log(result); } diff --git a/src/node_script.cc b/src/node_script.cc index 22693dc9b2f..15c56122c7d 100644 --- a/src/node_script.cc +++ b/src/node_script.cc @@ -417,6 +417,7 @@ Handle WrappedScript::EvalMachine(const Arguments& args) { if (output_flag == returnResult) { result = script->Run(); if (result.IsEmpty()) { + if (display_error) DisplayExceptionLine(try_catch); return try_catch.ReThrow(); } } else { diff --git a/test/message/eval_messages.js b/test/message/eval_messages.js new file mode 100644 index 00000000000..d03c0eb1b1d --- /dev/null +++ b/test/message/eval_messages.js @@ -0,0 +1,53 @@ + +// Copyright Joyent, Inc. and other Node contributors. +// +// Permission is hereby granted, free of charge, to any person obtaining a +// copy of this software and associated documentation files (the +// "Software"), to deal in the Software without restriction, including +// without limitation the rights to use, copy, modify, merge, publish, +// distribute, sublicense, and/or sell copies of the Software, and to permit +// persons to whom the Software is furnished to do so, subject to the +// following conditions: +// +// The above copyright notice and this permission notice shall be included +// in all copies or substantial portions of the Software. +// +// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS +// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN +// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, +// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR +// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE +// USE OR OTHER DEALINGS IN THE SOFTWARE. + +var common = require('../common'); +var assert = require('assert'); + +var spawn = require('child_process').spawn; + +function run(cmd, strict, cb) { + var args = []; + if (strict) args.push('--use_strict'); + args.push('-pe', cmd); + var child = spawn(process.execPath, args); + child.stdout.pipe(process.stdout); + child.stderr.pipe(process.stdout); + child.on('close', cb); +} + +var queue = + [ 'with(this){__filename}', + '42', + 'throw new Error("hello")', + 'var x = 100; y = x;', + 'var ______________________________________________; throw 10' ]; + +function go() { + var c = queue.shift(); + if (!c) return console.log('done'); + run(c, false, function() { + run(c, true, go); + }); +} + +go(); diff --git a/test/message/eval_messages.out b/test/message/eval_messages.out new file mode 100644 index 00000000000..f56bbdbddbc --- /dev/null +++ b/test/message/eval_messages.out @@ -0,0 +1,58 @@ +[eval] + +[eval]:1 +with(this){__filename} +^^^^ +SyntaxError: Strict mode code may not include a with statement + at Object. ([eval]-wrapper:6:22) + at Module._compile (module.js:449:26) + at evalScript (node.js:282:25) + at startup (node.js:76:7) + at node.js:623:3 +42 +42 + +[eval]:1 +throw new Error("hello") + ^ +Error: hello + at [eval]:1:7 + at Object. ([eval]-wrapper:6:22) + at Module._compile (module.js:449:26) + at evalScript (node.js:282:25) + at startup (node.js:76:7) + at node.js:623:3 + +[eval]:1 +throw new Error("hello") + ^ +Error: hello + at [eval]:1:7 + at Object. ([eval]-wrapper:6:22) + at Module._compile (module.js:449:26) + at evalScript (node.js:282:25) + at startup (node.js:76:7) + at node.js:623:3 +100 + +[eval]:1 +var x = 100; y = x; + ^ +ReferenceError: y is not defined + at [eval]:1:16 + at Object. ([eval]-wrapper:6:22) + at Module._compile (module.js:449:26) + at evalScript (node.js:282:25) + at startup (node.js:76:7) + at node.js:623:3 + +[eval]:1 +var ______________________________________________; throw 10 + ^ +10 + +[eval]:1 +var ______________________________________________; throw 10 + ^ +10 +done diff --git a/test/simple/test-cli-eval.js b/test/simple/test-cli-eval.js index b47cc141ff3..7e3e0cd6e33 100644 --- a/test/simple/test-cli-eval.js +++ b/test/simple/test-cli-eval.js @@ -19,21 +19,22 @@ // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE // USE OR OTHER DEALINGS IN THE SOFTWARE. -var common = require('../common.js'), - assert = require('assert'), - child = require('child_process'), - nodejs = '"' + process.execPath + '"'; - -// replace \ by / because windows uses backslashes in paths, but they're still -// interpreted as the escape character when put between quotes. -var filename = __filename.replace(/\\/g, '/'); - if (module.parent) { // signal we've been loaded as a module console.log('Loaded as a module, exiting with status code 42.'); process.exit(42); } +var common = require('../common.js'), + assert = require('assert'), + child = require('child_process'), + nodejs = '"' + process.execPath + '"'; + + +// replace \ by / because windows uses backslashes in paths, but they're still +// interpreted as the escape character when put between quotes. +var filename = __filename.replace(/\\/g, '/'); + // assert that nothing is written to stdout child.exec(nodejs + ' --eval 42', function(err, stdout, stderr) { From 5b37da2ac0a7ed16e109d11899cfe0cac21fa378 Mon Sep 17 00:00:00 2001 From: Shigeki Ohtsu Date: Mon, 30 Jul 2012 18:26:25 +0900 Subject: [PATCH 08/35] doc: fix domains example Need `utf8` encoding for JSON.parse and fix to avoid JSON.parse error when only one argument is passed in domain.bind --- doc/api/domain.markdown | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/doc/api/domain.markdown b/doc/api/domain.markdown index 84b178607b4..5e3b34c4f98 100644 --- a/doc/api/domain.markdown +++ b/doc/api/domain.markdown @@ -198,9 +198,9 @@ thrown will be routed to the domain's `error` event. var d = domain.create(); function readSomeFile(filename, cb) { - fs.readFile(filename, d.bind(function(er, data) { + fs.readFile(filename, 'utf8', d.bind(function(er, data) { // if this throws, it will also be passed to the domain - return cb(er, JSON.parse(data)); + return cb(er, data ? JSON.parse(data) : null); })); } @@ -227,7 +227,7 @@ with a single error handler in a single place. var d = domain.create(); function readSomeFile(filename, cb) { - fs.readFile(filename, d.intercept(function(data) { + fs.readFile(filename, 'utf8', d.intercept(function(data) { // note, the first argument is never passed to the // callback since it is assumed to be the 'Error' argument // and thus intercepted by the domain. From f8dab6acb60628d77b7f4438da6c76b37a93bb02 Mon Sep 17 00:00:00 2001 From: isaacs Date: Mon, 30 Jul 2012 11:01:50 -0700 Subject: [PATCH 09/35] doc: Remove timeout arg in child_process.fork Fix #3784 --- doc/api/child_process.markdown | 1 - 1 file changed, 1 deletion(-) diff --git a/doc/api/child_process.markdown b/doc/api/child_process.markdown index 6439fce8742..c87e59b4f2a 100644 --- a/doc/api/child_process.markdown +++ b/doc/api/child_process.markdown @@ -517,7 +517,6 @@ leaner than `child_process.exec`. It has the same options. * `cwd` {String} Current working directory of the child process * `env` {Object} Environment key-value pairs * `encoding` {String} (Default: 'utf8') - * `timeout` {Number} (Default: 0) * Return: ChildProcess object This is a special case of the `spawn()` functionality for spawning Node From 2eb6a62f4fafd6ed7aa4fa22b509686e5e910050 Mon Sep 17 00:00:00 2001 From: Ben Noordhuis Date: Tue, 31 Jul 2012 03:09:04 +0200 Subject: [PATCH 10/35] doc: document child_process.fork() limitation --- doc/api/child_process.markdown | 3 +++ 1 file changed, 3 insertions(+) diff --git a/doc/api/child_process.markdown b/doc/api/child_process.markdown index c87e59b4f2a..5e1094805bd 100644 --- a/doc/api/child_process.markdown +++ b/doc/api/child_process.markdown @@ -528,6 +528,9 @@ By default the spawned Node process will have the stdout, stderr associated with the parent's. To change this behavior set the `silent` property in the `options` object to `true`. +The child process does not automatically exit once it's done, you need to call +`process.exit()` explicitly. This limitation may be lifted in the future. + These child Nodes are still whole new instances of V8. Assume at least 30ms startup and 10mb memory for each new Node. That is, you cannot create many thousands of them. From de16da532e4cff3574b2fe24d998e2dcf49fa2f0 Mon Sep 17 00:00:00 2001 From: Ben Noordhuis Date: Tue, 31 Jul 2012 13:45:16 +0200 Subject: [PATCH 11/35] deps, tools: remove stray reject files --- deps/npm/node_modules/mkdirp/.gitignore.orig | 2 -- deps/npm/node_modules/mkdirp/.gitignore.rej | 5 ----- .../node_modules/mkdirp/examples/pow.js.orig | 6 ------ .../node_modules/mkdirp/examples/pow.js.rej | 19 ------------------- .../blog/node_modules/mkdirp/.gitignore.orig | 2 -- tools/blog/node_modules/mkdirp/.gitignore.rej | 5 ----- .../node_modules/mkdirp/examples/pow.js.orig | 6 ------ .../node_modules/mkdirp/examples/pow.js.rej | 19 ------------------- 8 files changed, 64 deletions(-) delete mode 100644 deps/npm/node_modules/mkdirp/.gitignore.orig delete mode 100644 deps/npm/node_modules/mkdirp/.gitignore.rej delete mode 100644 deps/npm/node_modules/mkdirp/examples/pow.js.orig delete mode 100644 deps/npm/node_modules/mkdirp/examples/pow.js.rej delete mode 100644 tools/blog/node_modules/mkdirp/.gitignore.orig delete mode 100644 tools/blog/node_modules/mkdirp/.gitignore.rej delete mode 100644 tools/blog/node_modules/mkdirp/examples/pow.js.orig delete mode 100644 tools/blog/node_modules/mkdirp/examples/pow.js.rej diff --git a/deps/npm/node_modules/mkdirp/.gitignore.orig b/deps/npm/node_modules/mkdirp/.gitignore.orig deleted file mode 100644 index 9303c347ee6..00000000000 --- a/deps/npm/node_modules/mkdirp/.gitignore.orig +++ /dev/null @@ -1,2 +0,0 @@ -node_modules/ -npm-debug.log \ No newline at end of file diff --git a/deps/npm/node_modules/mkdirp/.gitignore.rej b/deps/npm/node_modules/mkdirp/.gitignore.rej deleted file mode 100644 index 69244ff8773..00000000000 --- a/deps/npm/node_modules/mkdirp/.gitignore.rej +++ /dev/null @@ -1,5 +0,0 @@ ---- /dev/null -+++ .gitignore -@@ -0,0 +1,2 @@ -+node_modules/ -+npm-debug.log \ No newline at end of file diff --git a/deps/npm/node_modules/mkdirp/examples/pow.js.orig b/deps/npm/node_modules/mkdirp/examples/pow.js.orig deleted file mode 100644 index 77414622120..00000000000 --- a/deps/npm/node_modules/mkdirp/examples/pow.js.orig +++ /dev/null @@ -1,6 +0,0 @@ -var mkdirp = require('mkdirp'); - -mkdirp('/tmp/foo/bar/baz', 0755, function (err) { - if (err) console.error(err) - else console.log('pow!') -}); diff --git a/deps/npm/node_modules/mkdirp/examples/pow.js.rej b/deps/npm/node_modules/mkdirp/examples/pow.js.rej deleted file mode 100644 index 81e7f431156..00000000000 --- a/deps/npm/node_modules/mkdirp/examples/pow.js.rej +++ /dev/null @@ -1,19 +0,0 @@ ---- examples/pow.js -+++ examples/pow.js -@@ -1,6 +1,15 @@ --var mkdirp = require('mkdirp').mkdirp; -+var mkdirp = require('../').mkdirp, -+ mkdirpSync = require('../').mkdirpSync; - - mkdirp('/tmp/foo/bar/baz', 0755, function (err) { - if (err) console.error(err) - else console.log('pow!') - }); -+ -+try { -+ mkdirpSync('/tmp/bar/foo/baz', 0755); -+ console.log('double pow!'); -+} -+catch (ex) { -+ console.log(ex); -+} \ No newline at end of file diff --git a/tools/blog/node_modules/mkdirp/.gitignore.orig b/tools/blog/node_modules/mkdirp/.gitignore.orig deleted file mode 100644 index 9303c347ee6..00000000000 --- a/tools/blog/node_modules/mkdirp/.gitignore.orig +++ /dev/null @@ -1,2 +0,0 @@ -node_modules/ -npm-debug.log \ No newline at end of file diff --git a/tools/blog/node_modules/mkdirp/.gitignore.rej b/tools/blog/node_modules/mkdirp/.gitignore.rej deleted file mode 100644 index 69244ff8773..00000000000 --- a/tools/blog/node_modules/mkdirp/.gitignore.rej +++ /dev/null @@ -1,5 +0,0 @@ ---- /dev/null -+++ .gitignore -@@ -0,0 +1,2 @@ -+node_modules/ -+npm-debug.log \ No newline at end of file diff --git a/tools/blog/node_modules/mkdirp/examples/pow.js.orig b/tools/blog/node_modules/mkdirp/examples/pow.js.orig deleted file mode 100644 index 77414622120..00000000000 --- a/tools/blog/node_modules/mkdirp/examples/pow.js.orig +++ /dev/null @@ -1,6 +0,0 @@ -var mkdirp = require('mkdirp'); - -mkdirp('/tmp/foo/bar/baz', 0755, function (err) { - if (err) console.error(err) - else console.log('pow!') -}); diff --git a/tools/blog/node_modules/mkdirp/examples/pow.js.rej b/tools/blog/node_modules/mkdirp/examples/pow.js.rej deleted file mode 100644 index 81e7f431156..00000000000 --- a/tools/blog/node_modules/mkdirp/examples/pow.js.rej +++ /dev/null @@ -1,19 +0,0 @@ ---- examples/pow.js -+++ examples/pow.js -@@ -1,6 +1,15 @@ --var mkdirp = require('mkdirp').mkdirp; -+var mkdirp = require('../').mkdirp, -+ mkdirpSync = require('../').mkdirpSync; - - mkdirp('/tmp/foo/bar/baz', 0755, function (err) { - if (err) console.error(err) - else console.log('pow!') - }); -+ -+try { -+ mkdirpSync('/tmp/bar/foo/baz', 0755); -+ console.log('double pow!'); -+} -+catch (ex) { -+ console.log(ex); -+} \ No newline at end of file From 80ab9a891aa502458c4689dd1bf0bee7a428eae1 Mon Sep 17 00:00:00 2001 From: Bert Belder Date: Tue, 31 Jul 2012 21:26:26 +0200 Subject: [PATCH 12/35] uv: upgrade to 69c2ef8 --- deps/uv/include/uv-private/uv-win.h | 15 +- deps/uv/include/uv.h | 10 +- deps/uv/src/unix/sunos.c | 20 +- deps/uv/src/win/fs.c | 1100 +++++++++++------------ deps/uv/src/win/process-stdio.c | 7 + deps/uv/src/win/winapi.h | 9 + deps/uv/test/test-tcp-unexpected-read.c | 2 + 7 files changed, 595 insertions(+), 568 deletions(-) diff --git a/deps/uv/include/uv-private/uv-win.h b/deps/uv/include/uv-private/uv-win.h index 1bd02993a84..5b0aba619f4 100644 --- a/deps/uv/include/uv-private/uv-win.h +++ b/deps/uv/include/uv-private/uv-win.h @@ -23,6 +23,12 @@ # define _WIN32_WINNT 0x0502 #endif +#if !defined(_SSIZE_T_) && !defined(_SSIZE_T_DEFINED) +typedef intptr_t ssize_t; +# define _SSIZE_T_ +# define _SSIZE_T_DEFINED +#endif + #include #include #include @@ -470,15 +476,16 @@ RB_HEAD(uv_timer_tree_s, uv_timer_s); int flags; \ DWORD sys_errno_; \ union { \ - wchar_t* pathw; \ - int file; \ + /* TODO: remove me in 0.9. */ \ + WCHAR* pathw; \ + int fd; \ }; \ union { \ struct { \ int mode; \ - wchar_t* new_pathw; \ + WCHAR* new_pathw; \ int file_flags; \ - int file_out; \ + int fd_out; \ void* buf; \ size_t length; \ int64_t offset; \ diff --git a/deps/uv/include/uv.h b/deps/uv/include/uv.h index dbea113a3e3..cdde9059479 100644 --- a/deps/uv/include/uv.h +++ b/deps/uv/include/uv.h @@ -57,12 +57,6 @@ extern "C" { #include "ares.h" -#if !defined(_SSIZE_T_) && !defined(_SSIZE_T_DEFINED) - typedef intptr_t ssize_t; -# define _SSIZE_T_ -# define _SSIZE_T_DEFINED -#endif - #if defined(__unix__) || defined(__POSIX__) || defined(__APPLE__) # include "uv-private/uv-unix.h" #else @@ -1410,8 +1404,8 @@ struct uv_fs_s { uv_fs_cb cb; ssize_t result; void* ptr; - char* path; - int errorno; + const char* path; + uv_err_code errorno; UV_FS_PRIVATE_FIELDS }; diff --git a/deps/uv/src/unix/sunos.c b/deps/uv/src/unix/sunos.c index b95a89b456a..6598ea2581e 100644 --- a/deps/uv/src/unix/sunos.c +++ b/deps/uv/src/unix/sunos.c @@ -129,7 +129,7 @@ static void uv__fs_event_rearm(uv_fs_event_t *handle) { static void uv__fs_event_read(EV_P_ ev_io* w, int revents) { - uv_fs_event_t *handle; + uv_fs_event_t *handle = NULL; uv_loop_t *loop_; timespec_t timeout; port_event_t pe; @@ -139,15 +139,25 @@ static void uv__fs_event_read(EV_P_ ev_io* w, int revents) { loop_ = container_of(w, uv_loop_t, fs_event_watcher); do { - /* TODO use port_getn() */ + uint_t n = 1; + + /* + * Note that our use of port_getn() here (and not port_get()) is deliberate: + * there is a bug in event ports (Sun bug 6456558) whereby a zeroed timeout + * causes port_get() to return success instead of ETIME when there aren't + * actually any events (!); by using port_getn() in lieu of port_get(), + * we can at least workaround the bug by checking for zero returned events + * and treating it as we would ETIME. + */ do { memset(&timeout, 0, sizeof timeout); - r = port_get(loop_->fs_fd, &pe, &timeout); + r = port_getn(loop_->fs_fd, &pe, 1, &n, &timeout); } while (r == -1 && errno == EINTR); - if (r == -1 && errno == ETIME) + if ((r == -1 && errno == ETIME) || n == 0) break; + handle = (uv_fs_event_t *)pe.portev_user; assert((r == 0) && "unexpected port_get() error"); @@ -162,7 +172,7 @@ static void uv__fs_event_read(EV_P_ ev_io* w, int revents) { } while (handle->fd != PORT_DELETED); - if (handle->fd != PORT_DELETED) + if (handle != NULL && handle->fd != PORT_DELETED) uv__fs_event_rearm(handle); } diff --git a/deps/uv/src/win/fs.c b/deps/uv/src/win/fs.c index 7d6b4f9d997..26ffb56b63e 100644 --- a/deps/uv/src/win/fs.c +++ b/deps/uv/src/win/fs.c @@ -35,24 +35,11 @@ #include "req-inl.h" -#define UV_FS_ASYNC_QUEUED 0x0001 -#define UV_FS_FREE_PATH 0x0002 -#define UV_FS_FREE_NEW_PATH 0x0004 +#define UV_FS_FREE_PATHS 0x0002 #define UV_FS_FREE_PTR 0x0008 #define UV_FS_CLEANEDUP 0x0010 -#define UTF8_TO_UTF16(s, t) \ - size = uv_utf8_to_utf16(s, NULL, 0) * sizeof(wchar_t); \ - t = (wchar_t*)malloc(size); \ - if (!t) { \ - uv_fatal_error(ERROR_OUTOFMEMORY, "malloc"); \ - } \ - if (!uv_utf8_to_utf16(s, t, size / sizeof(wchar_t))) { \ - uv__set_sys_error(loop, GetLastError()); \ - return -1; \ - } - #define QUEUE_FS_TP_JOB(loop, req) \ if (!QueueUserWorkItem(&uv_fs_thread_proc, \ req, \ @@ -60,7 +47,6 @@ uv__set_sys_error((loop), GetLastError()); \ return -1; \ } \ - req->flags |= UV_FS_ASYNC_QUEUED; \ uv__req_register(loop, req); #define SET_UV_LAST_ERROR_FROM_REQ(req) \ @@ -83,8 +69,8 @@ req->sys_errno_ = (sys_errno); \ req->errorno = (uv_errno); -#define VERIFY_UV_FILE(file, req) \ - if (file == -1) { \ +#define VERIFY_FD(fd, req) \ + if (fd == -1) { \ req->result = -1; \ req->errorno = UV_EBADF; \ req->sys_errno_ = ERROR_INVALID_HANDLE; \ @@ -105,11 +91,11 @@ #define IS_LETTER(c) (((c) >= L'a' && (c) <= L'z') || \ ((c) >= L'A' && (c) <= L'Z')) -const wchar_t JUNCTION_PREFIX[] = L"\\??\\"; -const wchar_t JUNCTION_PREFIX_LEN = 4; +const WCHAR JUNCTION_PREFIX[] = L"\\??\\"; +const WCHAR JUNCTION_PREFIX_LEN = 4; -const wchar_t LONG_PATH_PREFIX[] = L"\\\\?\\"; -const wchar_t LONG_PATH_PREFIX_LEN = 4; +const WCHAR LONG_PATH_PREFIX[] = L"\\\\?\\"; +const WCHAR LONG_PATH_PREFIX_LEN = 4; void uv_fs_init() { @@ -117,40 +103,132 @@ void uv_fs_init() { } -static void uv_fs_req_init_async(uv_loop_t* loop, uv_fs_t* req, - uv_fs_type fs_type, const char* path, const wchar_t* pathw, uv_fs_cb cb) { - uv_req_init(loop, (uv_req_t*) req); - req->type = UV_FS; - req->loop = loop; - req->flags = 0; - req->fs_type = fs_type; - req->cb = cb; - req->result = 0; - req->ptr = NULL; - req->path = path ? strdup(path) : NULL; - req->pathw = (wchar_t*)pathw; - req->errorno = 0; - req->sys_errno_ = 0; - memset(&req->overlapped, 0, sizeof(req->overlapped)); +INLINE static int fs__capture_path(uv_loop_t* loop, uv_fs_t* req, + const char* path, const char* new_path, const int copy_path) { + char* buf; + char* pos; + ssize_t buf_sz = 0, path_len, pathw_len, new_pathw_len; + + /* new_path can only be set if path is also set. */ + assert(new_path == NULL || path != NULL); + + if (path != NULL) { + pathw_len = MultiByteToWideChar(CP_UTF8, + 0, + path, + -1, + NULL, + 0); + if (pathw_len == 0) { + uv__set_sys_error(loop, GetLastError()); + return -1; + } + + buf_sz += pathw_len * sizeof(WCHAR); + } + + if (path != NULL && copy_path) { + path_len = 1 + strlen(path); + buf_sz += path_len; + } + + if (new_path != NULL) { + new_pathw_len = MultiByteToWideChar(CP_UTF8, + 0, + new_path, + -1, + NULL, + 0); + if (new_pathw_len == 0) { + uv__set_sys_error(loop, GetLastError()); + return -1; + } + + buf_sz += new_pathw_len * sizeof(WCHAR); + } + + + if (buf_sz == 0) { + req->pathw = NULL; + req->new_pathw = NULL; + req->path = NULL; + return 0; + } + + buf = (char*) malloc(buf_sz); + if (buf == NULL) { + uv__set_artificial_error(loop, UV_ENOMEM); + return -1; + } + + pos = buf; + + if (path != NULL) { + DWORD r = MultiByteToWideChar(CP_UTF8, + 0, + path, + -1, + (WCHAR*) pos, + pathw_len); + assert(r == pathw_len); + req->pathw = (WCHAR*) pos; + pos += r * sizeof(WCHAR); + } else { + req->pathw = NULL; + } + + if (new_path != NULL) { + DWORD r = MultiByteToWideChar(CP_UTF8, + 0, + new_path, + -1, + (WCHAR*) pos, + new_pathw_len); + assert(r == new_pathw_len); + req->new_pathw = (WCHAR*) pos; + pos += r * sizeof(WCHAR); + } else { + req->new_pathw = NULL; + } + + if (!copy_path) { + req->path = path; + } else if (path) { + memcpy(pos, path, path_len); + assert(path_len == buf_sz - (pos - buf)); + req->path = pos; + } else { + req->path = NULL; + } + + req->flags |= UV_FS_FREE_PATHS; + + return 0; } -static void uv_fs_req_init_sync(uv_loop_t* loop, uv_fs_t* req, - uv_fs_type fs_type) { + +INLINE static void uv_fs_req_init(uv_loop_t* loop, uv_fs_t* req, + uv_fs_type fs_type, const uv_fs_cb cb) { uv_req_init(loop, (uv_req_t*) req); + req->type = UV_FS; req->loop = loop; req->flags = 0; req->fs_type = fs_type; req->result = 0; req->ptr = NULL; + req->errorno = UV_OK; req->path = NULL; - req->pathw = NULL; - req->errorno = 0; + + if (cb != NULL) { + req->cb = cb; + memset(&req->overlapped, 0, sizeof(req->overlapped)); + } } -static int is_path_dir(const wchar_t* path) { +static int is_path_dir(const WCHAR* path) { DWORD attr = GetFileAttributesW(path); if (attr != INVALID_FILE_ATTRIBUTES) { @@ -231,7 +309,7 @@ INLINE static int fs__readlink_handle(HANDLE handle, char** target_ptr, (reparse_data->MountPointReparseBuffer.SubstituteNameOffset / sizeof(WCHAR)); w_target_len = reparse_data->MountPointReparseBuffer.SubstituteNameLength / - sizeof(wchar_t); + sizeof(WCHAR); /* Only treat junctions that look like \??\«drive»:\ as symlink. */ /* Junctions can also be used as mount points, like \??\Volume{«guid»}, */ @@ -261,17 +339,20 @@ INLINE static int fs__readlink_handle(HANDLE handle, char** target_ptr, return -1; } - /* Compute the length of the target. */ - target_len = WideCharToMultiByte(CP_UTF8, - 0, - w_target, - w_target_len, - NULL, - 0, - NULL, - NULL); - if (target_len == 0) { - return -1; + /* If needed, compute the length of the target. */ + if (target_ptr != NULL || target_len_ptr != NULL) { + /* Compute the length of the target. */ + target_len = WideCharToMultiByte(CP_UTF8, + 0, + w_target, + w_target_len, + NULL, + 0, + NULL, + NULL); + if (target_len == 0) { + return -1; + } } /* If requested, allocate memory and convert to UTF8. */ @@ -305,13 +386,14 @@ INLINE static int fs__readlink_handle(HANDLE handle, char** target_ptr, } -void fs__open(uv_fs_t* req, const wchar_t* path, int flags, int mode) { +void fs__open(uv_fs_t* req) { DWORD access; DWORD share; DWORD disposition; DWORD attributes; HANDLE file; int result, current_umask; + int flags = req->file_flags; /* Obtain the active umask. umask() never fails and returns the previous */ /* umask. */ @@ -373,7 +455,7 @@ void fs__open(uv_fs_t* req, const wchar_t* path, int flags, int mode) { attributes = FILE_ATTRIBUTE_NORMAL; if (flags & _O_CREAT) { - if (!((mode & ~current_umask) & _S_IWRITE)) { + if (!((req->mode & ~current_umask) & _S_IWRITE)) { attributes |= FILE_ATTRIBUTE_READONLY; } } @@ -404,7 +486,7 @@ void fs__open(uv_fs_t* req, const wchar_t* path, int flags, int mode) { /* Setting this flag makes it possible to open a directory. */ attributes |= FILE_FLAG_BACKUP_SEMANTICS; - file = CreateFileW(path, + file = CreateFileW(req->pathw, access, share, NULL, @@ -423,32 +505,35 @@ void fs__open(uv_fs_t* req, const wchar_t* path, int flags, int mode) { } return; } - result = _open_osfhandle((intptr_t)file, flags); + result = _open_osfhandle((intptr_t) file, flags); end: SET_REQ_RESULT(req, result); } -void fs__close(uv_fs_t* req, uv_file file) { +void fs__close(uv_fs_t* req) { + int fd = req->fd; int result; - VERIFY_UV_FILE(file, req); + VERIFY_FD(fd, req); - result = _close(file); + result = _close(fd); SET_REQ_RESULT(req, result); } -void fs__read(uv_fs_t* req, uv_file file, void *buf, size_t length, - int64_t offset) { +void fs__read(uv_fs_t* req) { + int fd = req->fd; + size_t length = req->length; + int64_t offset = req->offset; HANDLE handle; OVERLAPPED overlapped, *overlapped_ptr; LARGE_INTEGER offset_; DWORD bytes; DWORD error; - VERIFY_UV_FILE(file, req); + VERIFY_FD(fd, req); - handle = (HANDLE) _get_osfhandle(file); + handle = (HANDLE) _get_osfhandle(fd); if (handle == INVALID_HANDLE_VALUE) { SET_REQ_RESULT(req, -1); return; @@ -471,7 +556,7 @@ void fs__read(uv_fs_t* req, uv_file file, void *buf, size_t length, overlapped_ptr = NULL; } - if (ReadFile(handle, buf, length, &bytes, overlapped_ptr)) { + if (ReadFile(handle, req->buf, req->length, &bytes, overlapped_ptr)) { SET_REQ_RESULT(req, bytes); } else { error = GetLastError(); @@ -484,16 +569,18 @@ void fs__read(uv_fs_t* req, uv_file file, void *buf, size_t length, } -void fs__write(uv_fs_t* req, uv_file file, void *buf, size_t length, - int64_t offset) { +void fs__write(uv_fs_t* req) { + int fd = req->fd; + size_t length = req->length; + int64_t offset = req->offset; HANDLE handle; OVERLAPPED overlapped, *overlapped_ptr; LARGE_INTEGER offset_; DWORD bytes; - VERIFY_UV_FILE(file, req); + VERIFY_FD(fd, req); - handle = (HANDLE) _get_osfhandle(file); + handle = (HANDLE) _get_osfhandle(fd); if (handle == INVALID_HANDLE_VALUE) { SET_REQ_RESULT(req, -1); return; @@ -516,7 +603,7 @@ void fs__write(uv_fs_t* req, uv_file file, void *buf, size_t length, overlapped_ptr = NULL; } - if (WriteFile(handle, buf, length, &bytes, overlapped_ptr)) { + if (WriteFile(handle, req->buf, length, &bytes, overlapped_ptr)) { SET_REQ_RESULT(req, bytes); } else { SET_REQ_WIN32_ERROR(req, GetLastError()); @@ -524,21 +611,23 @@ void fs__write(uv_fs_t* req, uv_file file, void *buf, size_t length, } -void fs__rmdir(uv_fs_t* req, const wchar_t* path) { - int result = _wrmdir(path); +void fs__rmdir(uv_fs_t* req) { + int result = _wrmdir(req->pathw); SET_REQ_RESULT(req, result); } -void fs__unlink(uv_fs_t* req, const wchar_t* path) { - int result; +void fs__unlink(uv_fs_t* req) { + const WCHAR* pathw = req->pathw; HANDLE handle; BY_HANDLE_FILE_INFORMATION info; - int is_dir_symlink; + FILE_DISPOSITION_INFORMATION disposition; + IO_STATUS_BLOCK iosb; + NTSTATUS status; - handle = CreateFileW(path, - 0, - 0, + handle = CreateFileW(pathw, + FILE_READ_ATTRIBUTES | DELETE, + FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE, NULL, OPEN_EXISTING, FILE_FLAG_OPEN_REPARSE_POINT | FILE_FLAG_BACKUP_SEMANTICS, @@ -555,56 +644,90 @@ void fs__unlink(uv_fs_t* req, const wchar_t* path) { return; } - is_dir_symlink = (info.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) && - (info.dwFileAttributes & FILE_ATTRIBUTE_REPARSE_POINT); + if (info.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) { + /* Do not allow deletion of directories, unless it is a symlink. When */ + /* the path refers to a non-symlink directory, report EPERM as mandated */ + /* by POSIX.1. */ + + /* Check if it is a reparse point. If it's not, it's a normal directory. */ + if (!(info.dwFileAttributes & FILE_ATTRIBUTE_REPARSE_POINT)) { + SET_REQ_WIN32_ERROR(req, ERROR_ACCESS_DENIED); + CloseHandle(handle); + return; + } + + /* Read the reparse point and check if it is a valid symlink. */ + /* If not, don't unlink. */ + if (fs__readlink_handle(handle, NULL, NULL) < 0) { + DWORD error = GetLastError(); + if (error == ERROR_SYMLINK_NOT_SUPPORTED) + error = ERROR_ACCESS_DENIED; + SET_REQ_WIN32_ERROR(req, error); + CloseHandle(handle); + return; + } + } + + /* Try to set the delete flag. */ + disposition.DeleteFile = TRUE; + status = pNtSetInformationFile(handle, + &iosb, + &disposition, + sizeof disposition, + FileDispositionInformation); + if (NT_SUCCESS(status)) { + SET_REQ_SUCCESS(req); + } else { + SET_REQ_WIN32_ERROR(req, pRtlNtStatusToDosError(status)); + } CloseHandle(handle); - - /* Todo: very inefficient; fix this. */ - if (is_dir_symlink) { - fs__rmdir(req, path); - } else { - result = _wunlink(path); - SET_REQ_RESULT(req, result); - } } -void fs__mkdir(uv_fs_t* req, const wchar_t* path, int mode) { - int result = _wmkdir(path); +void fs__mkdir(uv_fs_t* req) { + /* TODO: use req->mode. */ + int result = _wmkdir(req->pathw); SET_REQ_RESULT(req, result); } -void fs__readdir(uv_fs_t* req, const wchar_t* path, int flags) { +void fs__readdir(uv_fs_t* req) { + WCHAR* pathw = req->pathw; + size_t len = wcslen(pathw); int result, size; - wchar_t* buf = NULL, *ptr, *name; + WCHAR* buf = NULL, *ptr, *name; HANDLE dir; - WIN32_FIND_DATAW ent = {0}; - size_t len = wcslen(path); + WIN32_FIND_DATAW ent = { 0 }; size_t buf_char_len = 4096; - wchar_t* path2; - const wchar_t* fmt = !len ? L"./*" - : (path[len - 1] == L'/' || path[len - 1] == L'\\') ? L"%s*" - : L"%s\\*"; + WCHAR* path2; + const WCHAR* fmt; + + if (len == 0) { + fmt = L"./*"; + } else if (pathw[len - 1] == L'/' || pathw[len - 1] == L'\\') { + fmt = L"%s*"; + } else { + fmt = L"%s\\*"; + } /* Figure out whether path is a file or a directory. */ - if (!(GetFileAttributesW(path) & FILE_ATTRIBUTE_DIRECTORY)) { + if (!(GetFileAttributesW(pathw) & FILE_ATTRIBUTE_DIRECTORY)) { req->result = -1; req->errorno = UV_ENOTDIR; req->sys_errno_ = ERROR_SUCCESS; return; } - path2 = (wchar_t*)malloc(sizeof(wchar_t) * (len + 4)); + path2 = (WCHAR*)malloc(sizeof(WCHAR) * (len + 4)); if (!path2) { uv_fatal_error(ERROR_OUTOFMEMORY, "malloc"); } #ifdef _MSC_VER - swprintf(path2, len + 3, fmt, path); + swprintf(path2, len + 3, fmt, pathw); #else - swprintf(path2, fmt, path); + swprintf(path2, fmt, pathw); #endif dir = FindFirstFileW(path2, &ent); free(path2); @@ -623,7 +746,7 @@ void fs__readdir(uv_fs_t* req, const wchar_t* path, int flags) { len = wcslen(name); if (!buf) { - buf = (wchar_t*)malloc(buf_char_len * sizeof(wchar_t)); + buf = (WCHAR*)malloc(buf_char_len * sizeof(WCHAR)); if (!buf) { uv_fatal_error(ERROR_OUTOFMEMORY, "malloc"); } @@ -634,7 +757,7 @@ void fs__readdir(uv_fs_t* req, const wchar_t* path, int flags) { while ((ptr - buf) + len + 1 > buf_char_len) { buf_char_len *= 2; path2 = buf; - buf = (wchar_t*)realloc(buf, buf_char_len * sizeof(wchar_t)); + buf = (WCHAR*)realloc(buf, buf_char_len * sizeof(WCHAR)); if (!buf) { uv_fatal_error(ERROR_OUTOFMEMORY, "realloc"); } @@ -732,18 +855,27 @@ INLINE static int fs__stat_handle(HANDLE handle, uv_statbuf_t* statbuf) { } -INLINE static void fs__stat(uv_fs_t* req, const wchar_t* path, int do_lstat) { +INLINE static void fs__stat_prepare_path(WCHAR* pathw) { + size_t len = wcslen(pathw); + + /* TODO: ignore namespaced paths. */ + if (len > 1 && pathw[len - 2] != L':' && + (pathw[len - 1] == L'\\' || pathw[len - 1] == L'/')) { + pathw[len - 1] = '\0'; + } +} + + +INLINE static void fs__stat_impl(uv_fs_t* req, int do_lstat) { HANDLE handle; DWORD flags; - req->ptr = NULL; flags = FILE_FLAG_BACKUP_SEMANTICS; - if (do_lstat) { flags |= FILE_FLAG_OPEN_REPARSE_POINT; } - handle = CreateFileW(path, + handle = CreateFileW(req->pathw, FILE_READ_ATTRIBUTES, FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE, NULL, @@ -759,7 +891,7 @@ INLINE static void fs__stat(uv_fs_t* req, const wchar_t* path, int do_lstat) { DWORD error = GetLastError(); if (do_lstat && error == ERROR_SYMLINK_NOT_SUPPORTED) { /* We opened a reparse point but it was not a symlink. Try again. */ - fs__stat(req, path, 0); + fs__stat_impl(req, 0); } else { /* Stat failed. */ @@ -776,14 +908,25 @@ INLINE static void fs__stat(uv_fs_t* req, const wchar_t* path, int do_lstat) { } -void fs__fstat(uv_fs_t* req, uv_file file) { +static void fs__stat(uv_fs_t* req) { + fs__stat_prepare_path(req->pathw); + fs__stat_impl(req, 0); +} + + +static void fs__lstat(uv_fs_t* req) { + fs__stat_prepare_path(req->pathw); + fs__stat_impl(req, 1); +} + + +static void fs__fstat(uv_fs_t* req) { + int fd = req->fd; HANDLE handle; - req->ptr = NULL; + VERIFY_FD(fd, req); - VERIFY_UV_FILE(file, req); - - handle = (HANDLE) _get_osfhandle(file); + handle = (HANDLE) _get_osfhandle(fd); if (handle == INVALID_HANDLE_VALUE) { SET_REQ_WIN32_ERROR(req, ERROR_INVALID_HANDLE); @@ -800,8 +943,8 @@ void fs__fstat(uv_fs_t* req, uv_file file) { } -void fs__rename(uv_fs_t* req, const wchar_t* path, const wchar_t* new_path) { - if (!MoveFileExW(path, new_path, MOVEFILE_REPLACE_EXISTING)) { +static void fs__rename(uv_fs_t* req) { + if (!MoveFileExW(req->pathw, req->new_pathw, MOVEFILE_REPLACE_EXISTING)) { SET_REQ_WIN32_ERROR(req, GetLastError()); return; } @@ -810,12 +953,13 @@ void fs__rename(uv_fs_t* req, const wchar_t* path, const wchar_t* new_path) { } -void fs__fsync(uv_fs_t* req, uv_file file) { +INLINE static void fs__sync_impl(uv_fs_t* req) { + int fd = req->fd; int result; - VERIFY_UV_FILE(file, req); + VERIFY_FD(fd, req); - result = FlushFileBuffers((HANDLE)_get_osfhandle(file)) ? 0 : -1; + result = FlushFileBuffers((HANDLE) _get_osfhandle(fd)) ? 0 : -1; if (result == -1) { SET_REQ_WIN32_ERROR(req, GetLastError()); } else { @@ -824,17 +968,28 @@ void fs__fsync(uv_fs_t* req, uv_file file) { } -void fs__ftruncate(uv_fs_t* req, uv_file file, int64_t offset) { +static void fs__fsync(uv_fs_t* req) { + fs__sync_impl(req); +} + + +static void fs__fdatasync(uv_fs_t* req) { + fs__sync_impl(req); +} + + +static void fs__ftruncate(uv_fs_t* req) { + int fd = req->fd; HANDLE handle; NTSTATUS status; IO_STATUS_BLOCK io_status; FILE_END_OF_FILE_INFORMATION eof_info; - VERIFY_UV_FILE(file, req); + VERIFY_FD(fd, req); - handle = (HANDLE)_get_osfhandle(file); + handle = (HANDLE)_get_osfhandle(fd); - eof_info.EndOfFile.QuadPart = offset; + eof_info.EndOfFile.QuadPart = req->offset; status = pNtSetInformationFile(handle, &io_status, @@ -850,26 +1005,28 @@ void fs__ftruncate(uv_fs_t* req, uv_file file, int64_t offset) { } -void fs__sendfile(uv_fs_t* req, uv_file out_file, uv_file in_file, - int64_t in_offset, size_t length) { +static void fs__sendfile(uv_fs_t* req) { + int fd_in = req->fd, fd_out = req->fd_out; + size_t length = req->length; + int64_t offset = req->offset; const size_t max_buf_size = 65536; size_t buf_size = length < max_buf_size ? length : max_buf_size; int n, result = 0; int64_t result_offset = 0; - char* buf = (char*)malloc(buf_size); + char* buf = (char*) malloc(buf_size); if (!buf) { uv_fatal_error(ERROR_OUTOFMEMORY, "malloc"); } - if (in_offset != -1) { - result_offset = _lseeki64(in_file, in_offset, SEEK_SET); + if (offset != -1) { + result_offset = _lseeki64(fd_in, offset, SEEK_SET); } if (result_offset == -1) { result = -1; } else { while (length > 0) { - n = _read(in_file, buf, length < buf_size ? length : buf_size); + n = _read(fd_in, buf, length < buf_size ? length : buf_size); if (n == 0) { break; } else if (n == -1) { @@ -879,7 +1036,7 @@ void fs__sendfile(uv_fs_t* req, uv_file out_file, uv_file in_file, length -= n; - n = _write(out_file, buf, n); + n = _write(fd_out, buf, n); if (n == -1) { result = -1; break; @@ -893,22 +1050,23 @@ void fs__sendfile(uv_fs_t* req, uv_file out_file, uv_file in_file, } -void fs__chmod(uv_fs_t* req, const wchar_t* path, int mode) { - int result = _wchmod(path, mode); +static void fs__chmod(uv_fs_t* req) { + int result = _wchmod(req->pathw, req->mode); SET_REQ_RESULT(req, result); } -void fs__fchmod(uv_fs_t* req, uv_file file, int mode) { +static void fs__fchmod(uv_fs_t* req) { + int fd = req->fd; int result; HANDLE handle; NTSTATUS nt_status; IO_STATUS_BLOCK io_status; FILE_BASIC_INFORMATION file_info; - VERIFY_UV_FILE(file, req); + VERIFY_FD(fd, req); - handle = (HANDLE)_get_osfhandle(file); + handle = (HANDLE)_get_osfhandle(fd); nt_status = pNtQueryInformationFile(handle, &io_status, @@ -921,7 +1079,7 @@ void fs__fchmod(uv_fs_t* req, uv_file file, int mode) { goto done; } - if (mode & _S_IWRITE) { + if (req->mode & _S_IWRITE) { file_info.FileAttributes &= ~FILE_ATTRIBUTE_READONLY; } else { file_info.FileAttributes |= FILE_ATTRIBUTE_READONLY; @@ -959,10 +1117,10 @@ INLINE static int fs__utime_handle(HANDLE handle, double atime, double mtime) { } -void fs__utime(uv_fs_t* req, const wchar_t* path, double atime, double mtime) { +static void fs__utime(uv_fs_t* req) { HANDLE handle; - handle = CreateFileW(path, + handle = CreateFileW(req->pathw, FILE_WRITE_ATTRIBUTES, FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE, NULL, @@ -975,7 +1133,7 @@ void fs__utime(uv_fs_t* req, const wchar_t* path, double atime, double mtime) { return; } - if (fs__utime_handle(handle, atime, mtime) != 0) { + if (fs__utime_handle(handle, req->atime, req->mtime) != 0) { SET_REQ_WIN32_ERROR(req, GetLastError()); return; } @@ -984,18 +1142,19 @@ void fs__utime(uv_fs_t* req, const wchar_t* path, double atime, double mtime) { } -void fs__futime(uv_fs_t* req, uv_file file, double atime, double mtime) { +static void fs__futime(uv_fs_t* req) { + int fd = req->fd; HANDLE handle; - VERIFY_UV_FILE(file, req); + VERIFY_FD(fd, req); - handle = (HANDLE) _get_osfhandle(file); + handle = (HANDLE) _get_osfhandle(fd); if (handle == INVALID_HANDLE_VALUE) { SET_REQ_WIN32_ERROR(req, ERROR_INVALID_HANDLE); return; } - if (fs__utime_handle(handle, atime, mtime) != 0) { + if (fs__utime_handle(handle, req->atime, req->mtime) != 0) { SET_REQ_WIN32_ERROR(req, GetLastError()); return; } @@ -1004,17 +1163,18 @@ void fs__futime(uv_fs_t* req, uv_file file, double atime, double mtime) { } -void fs__link(uv_fs_t* req, const wchar_t* path, const wchar_t* new_path) { - int result = CreateHardLinkW(new_path, path, NULL) ? 0 : -1; - if (result == -1) { +static void fs__link(uv_fs_t* req) { + DWORD r = CreateHardLinkW(req->new_pathw, req->pathw, NULL); + if (r == 0) { SET_REQ_WIN32_ERROR(req, GetLastError()); } else { - SET_REQ_RESULT(req, result); + req->result = 0; } } -void fs__create_junction(uv_fs_t* req, const wchar_t* path, const wchar_t* new_path) { +static void fs__create_junction(uv_fs_t* req, const WCHAR* path, + const WCHAR* new_path) { HANDLE handle = INVALID_HANDLE_VALUE; REPARSE_DATA_BUFFER *buffer = NULL; int created = 0; @@ -1024,7 +1184,7 @@ void fs__create_junction(uv_fs_t* req, const wchar_t* path, const wchar_t* new_p int start, len, i; int add_slash; DWORD bytes; - wchar_t* path_buf; + WCHAR* path_buf; target_len = wcslen(path); is_long_path = wcsncmp(path, LONG_PATH_PREFIX, LONG_PATH_PREFIX_LEN) == 0; @@ -1045,8 +1205,8 @@ void fs__create_junction(uv_fs_t* req, const wchar_t* path, const wchar_t* new_p // Do a pessimistic calculation of the required buffer size needed_buf_size = FIELD_OFFSET(REPARSE_DATA_BUFFER, MountPointReparseBuffer.PathBuffer) + - JUNCTION_PREFIX_LEN * sizeof(wchar_t) + - 2 * (target_len + 2) * sizeof(wchar_t); + JUNCTION_PREFIX_LEN * sizeof(WCHAR) + + 2 * (target_len + 2) * sizeof(WCHAR); // Allocate the buffer buffer = (REPARSE_DATA_BUFFER*)malloc(needed_buf_size); @@ -1055,13 +1215,13 @@ void fs__create_junction(uv_fs_t* req, const wchar_t* path, const wchar_t* new_p } // Grab a pointer to the part of the buffer where filenames go - path_buf = (wchar_t*)&(buffer->MountPointReparseBuffer.PathBuffer); + path_buf = (WCHAR*)&(buffer->MountPointReparseBuffer.PathBuffer); path_buf_len = 0; // Copy the substitute (internal) target path start = path_buf_len; - wcsncpy((wchar_t*)&path_buf[path_buf_len], JUNCTION_PREFIX, + wcsncpy((WCHAR*)&path_buf[path_buf_len], JUNCTION_PREFIX, JUNCTION_PREFIX_LEN); path_buf_len += JUNCTION_PREFIX_LEN; @@ -1083,8 +1243,8 @@ void fs__create_junction(uv_fs_t* req, const wchar_t* path, const wchar_t* new_p len = path_buf_len - start; // Set the info about the substitute name - buffer->MountPointReparseBuffer.SubstituteNameOffset = start * sizeof(wchar_t); - buffer->MountPointReparseBuffer.SubstituteNameLength = len * sizeof(wchar_t); + buffer->MountPointReparseBuffer.SubstituteNameOffset = start * sizeof(WCHAR); + buffer->MountPointReparseBuffer.SubstituteNameLength = len * sizeof(WCHAR); // Insert null terminator path_buf[path_buf_len++] = L'\0'; @@ -1112,15 +1272,15 @@ void fs__create_junction(uv_fs_t* req, const wchar_t* path, const wchar_t* new_p } // Set the info about the print name - buffer->MountPointReparseBuffer.PrintNameOffset = start * sizeof(wchar_t); - buffer->MountPointReparseBuffer.PrintNameLength = len * sizeof(wchar_t); + buffer->MountPointReparseBuffer.PrintNameOffset = start * sizeof(WCHAR); + buffer->MountPointReparseBuffer.PrintNameLength = len * sizeof(WCHAR); // Insert another null terminator path_buf[path_buf_len++] = L'\0'; // Calculate how much buffer space was actually used used_buf_size = FIELD_OFFSET(REPARSE_DATA_BUFFER, MountPointReparseBuffer.PathBuffer) + - path_buf_len * sizeof(wchar_t); + path_buf_len * sizeof(WCHAR); used_data_size = used_buf_size - FIELD_OFFSET(REPARSE_DATA_BUFFER, MountPointReparseBuffer); @@ -1183,15 +1343,18 @@ error: } -void fs__symlink(uv_fs_t* req, const wchar_t* path, const wchar_t* new_path, - int flags) { +static void fs__symlink(uv_fs_t* req) { + WCHAR* pathw = req->pathw; + WCHAR* new_pathw = req->new_pathw; + int flags = req->file_flags; int result; + if (flags & UV_FS_SYMLINK_JUNCTION) { - fs__create_junction(req, path, new_path); + fs__create_junction(req, pathw, new_pathw); } else if (pCreateSymbolicLinkW) { - result = pCreateSymbolicLinkW(new_path, - path, + result = pCreateSymbolicLinkW(new_pathw, + pathw, flags & UV_FS_SYMLINK_DIR ? SYMBOLIC_LINK_FLAG_DIRECTORY : 0) ? 0 : -1; if (result == -1) { SET_REQ_WIN32_ERROR(req, GetLastError()); @@ -1204,10 +1367,10 @@ void fs__symlink(uv_fs_t* req, const wchar_t* path, const wchar_t* new_path, } -void fs__readlink(uv_fs_t* req, const wchar_t* path) { +static void fs__readlink(uv_fs_t* req) { HANDLE handle; - handle = CreateFileW(path, + handle = CreateFileW(req->pathw, 0, 0, NULL, @@ -1233,7 +1396,13 @@ void fs__readlink(uv_fs_t* req, const wchar_t* path) { } -void fs__nop(uv_fs_t* req) { + +static void fs__chown(uv_fs_t* req) { + req->result = 0; +} + + +static void fs__fchown(uv_fs_t* req) { req->result = 0; } @@ -1245,665 +1414,507 @@ static DWORD WINAPI uv_fs_thread_proc(void* parameter) { assert(req != NULL); assert(req->type == UV_FS); +#define XX(uc, lc) case UV_FS_##uc: fs__##lc(req); break; switch (req->fs_type) { - case UV_FS_OPEN: - fs__open(req, req->pathw, req->file_flags, (int)req->mode); - break; - case UV_FS_CLOSE: - fs__close(req, req->file); - break; - case UV_FS_READ: - fs__read(req, req->file, req->buf, req->length, req->offset); - break; - case UV_FS_WRITE: - fs__write(req, req->file, req->buf, req->length, req->offset); - break; - case UV_FS_UNLINK: - fs__unlink(req, req->pathw); - break; - case UV_FS_MKDIR: - fs__mkdir(req, req->pathw, req->mode); - break; - case UV_FS_RMDIR: - fs__rmdir(req, req->pathw); - break; - case UV_FS_READDIR: - fs__readdir(req, req->pathw, req->file_flags); - break; - case UV_FS_STAT: - fs__stat(req, req->pathw, 0); - break; - case UV_FS_LSTAT: - fs__stat(req, req->pathw, 1); - break; - case UV_FS_FSTAT: - fs__fstat(req, req->file); - break; - case UV_FS_RENAME: - fs__rename(req, req->pathw, req->new_pathw); - break; - case UV_FS_FSYNC: - case UV_FS_FDATASYNC: - fs__fsync(req, req->file); - break; - case UV_FS_FTRUNCATE: - fs__ftruncate(req, req->file, req->offset); - break; - case UV_FS_SENDFILE: - fs__sendfile(req, req->file_out, req->file, req->offset, req->length); - break; - case UV_FS_CHMOD: - fs__chmod(req, req->pathw, req->mode); - break; - case UV_FS_FCHMOD: - fs__fchmod(req, req->file, req->mode); - break; - case UV_FS_UTIME: - fs__utime(req, req->pathw, req->atime, req->mtime); - break; - case UV_FS_FUTIME: - fs__futime(req, req->file, req->atime, req->mtime); - break; - case UV_FS_LINK: - fs__link(req, req->pathw, req->new_pathw); - break; - case UV_FS_SYMLINK: - fs__symlink(req, req->pathw, req->new_pathw, req->file_flags); - break; - case UV_FS_READLINK: - fs__readlink(req, req->pathw); - break; - case UV_FS_CHOWN: - case UV_FS_FCHOWN: - fs__nop(req); - break; + XX(OPEN, open) + XX(CLOSE, close) + XX(READ, read) + XX(WRITE, write) + XX(SENDFILE, sendfile) + XX(STAT, stat) + XX(LSTAT, lstat) + XX(FSTAT, fstat) + XX(FTRUNCATE, ftruncate) + XX(UTIME, utime) + XX(FUTIME, futime) + XX(CHMOD, chmod) + XX(FCHMOD, fchmod) + XX(FSYNC, fsync) + XX(FDATASYNC, fdatasync) + XX(UNLINK, unlink) + XX(RMDIR, rmdir) + XX(MKDIR, mkdir) + XX(RENAME, rename) + XX(READDIR, readdir) + XX(LINK, link) + XX(SYMLINK, symlink) + XX(READLINK, readlink) + XX(CHOWN, chown) + XX(FCHOWN, fchown); default: assert(!"bad uv_fs_type"); } POST_COMPLETION_FOR_REQ(loop, req); - return 0; } int uv_fs_open(uv_loop_t* loop, uv_fs_t* req, const char* path, int flags, int mode, uv_fs_cb cb) { - wchar_t* pathw; - int size; + uv_fs_req_init(loop, req, UV_FS_OPEN, cb); - /* Convert to UTF16. */ - UTF8_TO_UTF16(path, pathw); + if (fs__capture_path(loop, req, path, NULL, cb != NULL) < 0) { + return -1; + } + + req->file_flags = flags; + req->mode = mode; if (cb) { - uv_fs_req_init_async(loop, req, UV_FS_OPEN, path, pathw, cb); - req->file_flags = flags; - req->mode = mode; QUEUE_FS_TP_JOB(loop, req); + return 0; } else { - uv_fs_req_init_sync(loop, req, UV_FS_OPEN); - fs__open(req, pathw, flags, mode); - free(pathw); + fs__open(req); SET_UV_LAST_ERROR_FROM_REQ(req); return req->result; } - - return 0; } -int uv_fs_close(uv_loop_t* loop, uv_fs_t* req, uv_file file, uv_fs_cb cb) { +int uv_fs_close(uv_loop_t* loop, uv_fs_t* req, uv_file fd, uv_fs_cb cb) { + uv_fs_req_init(loop, req, UV_FS_CLOSE, cb); + req->fd = fd; + if (cb) { - uv_fs_req_init_async(loop, req, UV_FS_CLOSE, NULL, NULL, cb); - req->file = file; QUEUE_FS_TP_JOB(loop, req); + return 0; } else { - uv_fs_req_init_sync(loop, req, UV_FS_CLOSE); - fs__close(req, file); + fs__close(req); SET_UV_LAST_ERROR_FROM_REQ(req); return req->result; } - - return 0; } -int uv_fs_read(uv_loop_t* loop, uv_fs_t* req, uv_file file, void* buf, +int uv_fs_read(uv_loop_t* loop, uv_fs_t* req, uv_file fd, void* buf, size_t length, int64_t offset, uv_fs_cb cb) { + uv_fs_req_init(loop, req, UV_FS_READ, cb); + + req->fd = fd; + req->buf = buf; + req->length = length; + req->offset = offset; + if (cb) { - uv_fs_req_init_async(loop, req, UV_FS_READ, NULL, NULL, cb); - req->file = file; - req->buf = buf; - req->length = length; - req->offset = offset; QUEUE_FS_TP_JOB(loop, req); + return 0; } else { - uv_fs_req_init_sync(loop, req, UV_FS_READ); - fs__read(req, file, buf, length, offset); + fs__read(req); SET_UV_LAST_ERROR_FROM_REQ(req); return req->result; } - - return 0; } -int uv_fs_write(uv_loop_t* loop, uv_fs_t* req, uv_file file, void* buf, +int uv_fs_write(uv_loop_t* loop, uv_fs_t* req, uv_file fd, void* buf, size_t length, int64_t offset, uv_fs_cb cb) { + uv_fs_req_init(loop, req, UV_FS_WRITE, cb); + + req->fd = fd; + req->buf = buf; + req->length = length; + req->offset = offset; + if (cb) { - uv_fs_req_init_async(loop, req, UV_FS_WRITE, NULL, NULL, cb); - req->file = file; - req->buf = buf; - req->length = length; - req->offset = offset; QUEUE_FS_TP_JOB(loop, req); + return 0; } else { - uv_fs_req_init_sync(loop, req, UV_FS_WRITE); - fs__write(req, file, buf, length, offset); + fs__write(req); SET_UV_LAST_ERROR_FROM_REQ(req); return req->result; } - - return 0; } int uv_fs_unlink(uv_loop_t* loop, uv_fs_t* req, const char* path, uv_fs_cb cb) { - wchar_t* pathw; - int size; + uv_fs_req_init(loop, req, UV_FS_UNLINK, cb); - /* Convert to UTF16. */ - UTF8_TO_UTF16(path, pathw); + if (fs__capture_path(loop, req, path, NULL, cb != NULL) < 0) { + return -1; + } if (cb) { - uv_fs_req_init_async(loop, req, UV_FS_UNLINK, path, pathw, cb); QUEUE_FS_TP_JOB(loop, req); + return 0; } else { - uv_fs_req_init_sync(loop, req, UV_FS_UNLINK); - fs__unlink(req, pathw); - free(pathw); + fs__unlink(req); SET_UV_LAST_ERROR_FROM_REQ(req); return req->result; } - - return 0; } int uv_fs_mkdir(uv_loop_t* loop, uv_fs_t* req, const char* path, int mode, uv_fs_cb cb) { - wchar_t* pathw; - int size; + uv_fs_req_init(loop, req, UV_FS_MKDIR, cb); - /* Convert to UTF16. */ - UTF8_TO_UTF16(path, pathw); + if (fs__capture_path(loop, req, path, NULL, cb != NULL) < 0) { + return -1; + } + + req->mode = mode; if (cb) { - uv_fs_req_init_async(loop, req, UV_FS_MKDIR, path, pathw, cb); - req->mode = mode; QUEUE_FS_TP_JOB(loop, req); + return 0; } else { - uv_fs_req_init_sync(loop, req, UV_FS_MKDIR); - fs__mkdir(req, pathw, mode); - free(pathw); + fs__mkdir(req); SET_UV_LAST_ERROR_FROM_REQ(req); return req->result; } - - return 0; } int uv_fs_rmdir(uv_loop_t* loop, uv_fs_t* req, const char* path, uv_fs_cb cb) { - wchar_t* pathw; - int size; + uv_fs_req_init(loop, req, UV_FS_RMDIR, cb); - /* Convert to UTF16. */ - UTF8_TO_UTF16(path, pathw); + if (fs__capture_path(loop, req, path, NULL, cb != NULL) < 0) { + return -1; + } if (cb) { - uv_fs_req_init_async(loop, req, UV_FS_RMDIR, path, pathw, cb); QUEUE_FS_TP_JOB(loop, req); + return 0; } else { - uv_fs_req_init_sync(loop, req, UV_FS_RMDIR); - fs__rmdir(req, pathw); - free(pathw); + fs__rmdir(req); SET_UV_LAST_ERROR_FROM_REQ(req); return req->result; } - - return 0; } int uv_fs_readdir(uv_loop_t* loop, uv_fs_t* req, const char* path, int flags, uv_fs_cb cb) { - wchar_t* pathw; - int size; + uv_fs_req_init(loop, req, UV_FS_READDIR, cb); - /* Convert to UTF16. */ - UTF8_TO_UTF16(path, pathw); + if (fs__capture_path(loop, req, path, NULL, cb != NULL) < 0) { + return -1; + } + + req->file_flags; if (cb) { - uv_fs_req_init_async(loop, req, UV_FS_READDIR, path, pathw, cb); - req->file_flags = flags; QUEUE_FS_TP_JOB(loop, req); + return 0; } else { - uv_fs_req_init_sync(loop, req, UV_FS_READDIR); - fs__readdir(req, pathw, flags); - free(pathw); + fs__readdir(req); SET_UV_LAST_ERROR_FROM_REQ(req); return req->result; } - - return 0; } int uv_fs_link(uv_loop_t* loop, uv_fs_t* req, const char* path, const char* new_path, uv_fs_cb cb) { - wchar_t* pathw; - wchar_t* new_pathw; - int size; + uv_fs_req_init(loop, req, UV_FS_LINK, cb); - /* Convert to UTF16. */ - UTF8_TO_UTF16(path, pathw); - UTF8_TO_UTF16(new_path, new_pathw); + if (fs__capture_path(loop, req, path, new_path, cb != NULL) < 0) { + return -1; + } if (cb) { - uv_fs_req_init_async(loop, req, UV_FS_LINK, path, pathw, cb); - req->new_pathw = new_pathw; - req->flags |= UV_FS_FREE_NEW_PATH; QUEUE_FS_TP_JOB(loop, req); + return 0; } else { - uv_fs_req_init_sync(loop, req, UV_FS_LINK); - fs__link(req, pathw, new_pathw); - free(pathw); - free(new_pathw); + fs__link(req); SET_UV_LAST_ERROR_FROM_REQ(req); return req->result; } - - return 0; } int uv_fs_symlink(uv_loop_t* loop, uv_fs_t* req, const char* path, const char* new_path, int flags, uv_fs_cb cb) { - wchar_t* pathw; - wchar_t* new_pathw; - int size; + uv_fs_req_init(loop, req, UV_FS_SYMLINK, cb); - /* Convert to UTF16. */ - UTF8_TO_UTF16(path, pathw); - UTF8_TO_UTF16(new_path, new_pathw); + if (fs__capture_path(loop, req, path, new_path, cb != NULL) < 0) { + return -1; + } + + req->file_flags = flags; if (cb) { - uv_fs_req_init_async(loop, req, UV_FS_SYMLINK, path, pathw, cb); - req->new_pathw = new_pathw; - req->file_flags = flags; - req->flags |= UV_FS_FREE_NEW_PATH; QUEUE_FS_TP_JOB(loop, req); + return 0; } else { - uv_fs_req_init_sync(loop, req, UV_FS_SYMLINK); - fs__symlink(req, pathw, new_pathw, flags); - free(pathw); - free(new_pathw); + fs__symlink(req); SET_UV_LAST_ERROR_FROM_REQ(req); return req->result; } - - return 0; } int uv_fs_readlink(uv_loop_t* loop, uv_fs_t* req, const char* path, uv_fs_cb cb) { - wchar_t* pathw; - int size; + uv_fs_req_init(loop, req, UV_FS_READLINK, cb); - /* Convert to UTF16. */ - UTF8_TO_UTF16(path, pathw); + if (fs__capture_path(loop, req, path, NULL, cb != NULL) < 0) { + return -1; + } if (cb) { - uv_fs_req_init_async(loop, req, UV_FS_READLINK, path, pathw, cb); QUEUE_FS_TP_JOB(loop, req); + return 0; } else { - uv_fs_req_init_sync(loop, req, UV_FS_READLINK); - fs__readlink(req, pathw); - free(pathw); + fs__readlink(req); SET_UV_LAST_ERROR_FROM_REQ(req); return req->result; } - - return 0; } int uv_fs_chown(uv_loop_t* loop, uv_fs_t* req, const char* path, int uid, int gid, uv_fs_cb cb) { - wchar_t* pathw; - int size; + uv_fs_req_init(loop, req, UV_FS_CHOWN, cb); - /* Convert to UTF16. */ - UTF8_TO_UTF16(path, pathw); + if (fs__capture_path(loop, req, path, NULL, cb != NULL) < 0) { + return -1; + } if (cb) { - uv_fs_req_init_async(loop, req, UV_FS_CHOWN, path, pathw, cb); QUEUE_FS_TP_JOB(loop, req); + return 0; } else { - uv_fs_req_init_sync(loop, req, UV_FS_CHOWN); - fs__nop(req); - free(pathw); + fs__chown(req); SET_UV_LAST_ERROR_FROM_REQ(req); return req->result; } - - return 0; } -int uv_fs_fchown(uv_loop_t* loop, uv_fs_t* req, uv_file file, int uid, +int uv_fs_fchown(uv_loop_t* loop, uv_fs_t* req, uv_file fd, int uid, int gid, uv_fs_cb cb) { + uv_fs_req_init(loop, req, UV_FS_FCHOWN, cb); + if (cb) { - uv_fs_req_init_async(loop, req, UV_FS_FCHOWN, NULL, NULL, cb); QUEUE_FS_TP_JOB(loop, req); + return 0; } else { - uv_fs_req_init_sync(loop, req, UV_FS_FCHOWN); - fs__nop(req); + fs__fchown(req); SET_UV_LAST_ERROR_FROM_REQ(req); return req->result; } - - return 0; } int uv_fs_stat(uv_loop_t* loop, uv_fs_t* req, const char* path, uv_fs_cb cb) { - int len = strlen(path); - char* path2 = NULL; - wchar_t* pathw; - int size; + uv_fs_req_init(loop, req, UV_FS_STAT, cb); - if (len > 1 && path[len - 2] != ':' && - (path[len - 1] == '\\' || path[len - 1] == '/')) { - path2 = strdup(path); - if (!path2) { - uv_fatal_error(ERROR_OUTOFMEMORY, "malloc"); - } - - path2[len - 1] = '\0'; + if (fs__capture_path(loop, req, path, NULL, cb != NULL) < 0) { + return -1; } if (cb) { - uv_fs_req_init_async(loop, req, UV_FS_STAT, NULL, NULL, cb); - if (path2) { - req->path = path2; - UTF8_TO_UTF16(path2, req->pathw); - } else { - req->path = strdup(path); - UTF8_TO_UTF16(path, req->pathw); - } - QUEUE_FS_TP_JOB(loop, req); + return 0; } else { - uv_fs_req_init_sync(loop, req, UV_FS_STAT); - UTF8_TO_UTF16(path2 ? path2 : path, pathw); - fs__stat(req, pathw, 0); - if (path2) { - free(path2); - } - free(pathw); + fs__stat(req); SET_UV_LAST_ERROR_FROM_REQ(req); return req->result; } - - return 0; } -/* TODO: add support for links. */ int uv_fs_lstat(uv_loop_t* loop, uv_fs_t* req, const char* path, uv_fs_cb cb) { - int len = strlen(path); - char* path2 = NULL; - wchar_t* pathw; - int size; + uv_fs_req_init(loop, req, UV_FS_LSTAT, cb); - if (len > 1 && path[len - 2] != ':' && - (path[len - 1] == '\\' || path[len - 1] == '/')) { - path2 = strdup(path); - if (!path2) { - uv_fatal_error(ERROR_OUTOFMEMORY, "malloc"); - } - - path2[len - 1] = '\0'; + if (fs__capture_path(loop, req, path, NULL, cb != NULL) < 0) { + return -1; } if (cb) { - uv_fs_req_init_async(loop, req, UV_FS_LSTAT, NULL, NULL, cb); - if (path2) { - req->path = path2; - UTF8_TO_UTF16(path2, req->pathw); - } else { - req->path = strdup(path); - UTF8_TO_UTF16(path, req->pathw); - } - QUEUE_FS_TP_JOB(loop, req); + return 0; } else { - uv_fs_req_init_sync(loop, req, UV_FS_LSTAT); - UTF8_TO_UTF16(path2 ? path2 : path, pathw); - fs__stat(req, pathw, 1); - if (path2) { - free(path2); - } - free(pathw); + fs__lstat(req); SET_UV_LAST_ERROR_FROM_REQ(req); return req->result; } - - return 0; } -int uv_fs_fstat(uv_loop_t* loop, uv_fs_t* req, uv_file file, uv_fs_cb cb) { +int uv_fs_fstat(uv_loop_t* loop, uv_fs_t* req, uv_file fd, uv_fs_cb cb) { + uv_fs_req_init(loop, req, UV_FS_FSTAT, cb); + req->fd = fd; + if (cb) { - uv_fs_req_init_async(loop, req, UV_FS_FSTAT, NULL, NULL, cb); - req->file = file; QUEUE_FS_TP_JOB(loop, req); + return 0; } else { - uv_fs_req_init_sync(loop, req, UV_FS_FSTAT); - fs__fstat(req, file); + fs__fstat(req); SET_UV_LAST_ERROR_FROM_REQ(req); return req->result; } - - return 0; } int uv_fs_rename(uv_loop_t* loop, uv_fs_t* req, const char* path, const char* new_path, uv_fs_cb cb) { - wchar_t* pathw; - wchar_t* new_pathw; - int size; + uv_fs_req_init(loop, req, UV_FS_RENAME, cb); - /* Convert to UTF16. */ - UTF8_TO_UTF16(path, pathw); - UTF8_TO_UTF16(new_path, new_pathw); + if (fs__capture_path(loop, req, path, new_path, cb != NULL) < 0) { + return -1; + } if (cb) { - uv_fs_req_init_async(loop, req, UV_FS_RENAME, path, pathw, cb); - req->new_pathw = new_pathw; - req->flags |= UV_FS_FREE_NEW_PATH; QUEUE_FS_TP_JOB(loop, req); + return 0; } else { - uv_fs_req_init_sync(loop, req, UV_FS_RENAME); - fs__rename(req, pathw, new_pathw); - free(pathw); - free(new_pathw); + fs__rename(req); SET_UV_LAST_ERROR_FROM_REQ(req); return req->result; } - - return 0; } -int uv_fs_fdatasync(uv_loop_t* loop, uv_fs_t* req, uv_file file, uv_fs_cb cb) { +int uv_fs_fsync(uv_loop_t* loop, uv_fs_t* req, uv_file fd, uv_fs_cb cb) { + uv_fs_req_init(loop, req, UV_FS_FSYNC, cb); + req->fd = fd; + if (cb) { - uv_fs_req_init_async(loop, req, UV_FS_FDATASYNC, NULL, NULL, cb); - req->file = file; QUEUE_FS_TP_JOB(loop, req); + return 0; } else { - uv_fs_req_init_sync(loop, req, UV_FS_FDATASYNC); - fs__fsync(req, file); + fs__fsync(req); SET_UV_LAST_ERROR_FROM_REQ(req); return req->result; } - - return 0; } -int uv_fs_fsync(uv_loop_t* loop, uv_fs_t* req, uv_file file, uv_fs_cb cb) { +int uv_fs_fdatasync(uv_loop_t* loop, uv_fs_t* req, uv_file fd, uv_fs_cb cb) { + uv_fs_req_init(loop, req, UV_FS_FDATASYNC, cb); + req->fd = fd; + if (cb) { - uv_fs_req_init_async(loop, req, UV_FS_FSYNC, NULL, NULL, cb); - req->file = file; QUEUE_FS_TP_JOB(loop, req); + return 0; } else { - uv_fs_req_init_sync(loop, req, UV_FS_FSYNC); - fs__fsync(req, file); + fs__fdatasync(req); SET_UV_LAST_ERROR_FROM_REQ(req); return req->result; } - - return 0; } -int uv_fs_ftruncate(uv_loop_t* loop, uv_fs_t* req, uv_file file, +int uv_fs_ftruncate(uv_loop_t* loop, uv_fs_t* req, uv_file fd, int64_t offset, uv_fs_cb cb) { + uv_fs_req_init(loop, req, UV_FS_FTRUNCATE, cb); + + req->fd = fd; + req->offset = offset; + if (cb) { - uv_fs_req_init_async(loop, req, UV_FS_FTRUNCATE, NULL, NULL, cb); - req->file = file; - req->offset = offset; QUEUE_FS_TP_JOB(loop, req); + return 0; } else { - uv_fs_req_init_sync(loop, req, UV_FS_FTRUNCATE); - fs__ftruncate(req, file, offset); + fs__ftruncate(req); SET_UV_LAST_ERROR_FROM_REQ(req); return req->result; } - - return 0; } -int uv_fs_sendfile(uv_loop_t* loop, uv_fs_t* req, uv_file out_fd, - uv_file in_fd, int64_t in_offset, size_t length, uv_fs_cb cb) { + +int uv_fs_sendfile(uv_loop_t* loop, uv_fs_t* req, uv_file fd_out, + uv_file fd_in, int64_t in_offset, size_t length, uv_fs_cb cb) { + uv_fs_req_init(loop, req, UV_FS_SENDFILE, cb); + + req->fd = fd_in; + req->fd_out = fd_out; + req->offset = in_offset; + req->length = length; + if (cb) { - uv_fs_req_init_async(loop, req, UV_FS_SENDFILE, NULL, NULL, cb); - req->file_out = out_fd; - req->file = in_fd; - req->offset = in_offset; - req->length = length; QUEUE_FS_TP_JOB(loop, req); + return 0; } else { - uv_fs_req_init_sync(loop, req, UV_FS_SENDFILE); - fs__sendfile(req, out_fd, in_fd, in_offset, length); + fs__sendfile(req); SET_UV_LAST_ERROR_FROM_REQ(req); return req->result; } - - return 0; } int uv_fs_chmod(uv_loop_t* loop, uv_fs_t* req, const char* path, int mode, uv_fs_cb cb) { - wchar_t* pathw; - int size; + uv_fs_req_init(loop, req, UV_FS_CHMOD, cb); - /* Convert to UTF16. */ - UTF8_TO_UTF16(path, pathw); + if (fs__capture_path(loop, req, path, NULL, cb != NULL) < 0) { + return -1; + } + + req->mode = mode; if (cb) { - uv_fs_req_init_async(loop, req, UV_FS_CHMOD, path, pathw, cb); - req->mode = mode; QUEUE_FS_TP_JOB(loop, req); + return 0; } else { - uv_fs_req_init_sync(loop, req, UV_FS_CHMOD); - fs__chmod(req, pathw, mode); - free(pathw); + fs__chmod(req); SET_UV_LAST_ERROR_FROM_REQ(req); return req->result; } - - return 0; } -int uv_fs_fchmod(uv_loop_t* loop, uv_fs_t* req, uv_file file, int mode, +int uv_fs_fchmod(uv_loop_t* loop, uv_fs_t* req, uv_file fd, int mode, uv_fs_cb cb) { + uv_fs_req_init(loop, req, UV_FS_FCHMOD, cb); + + req->fd = fd; + req->mode = mode; + if (cb) { - uv_fs_req_init_async(loop, req, UV_FS_FCHMOD, NULL, NULL, cb); - req->file = file; - req->mode = mode; QUEUE_FS_TP_JOB(loop, req); + return 0; } else { - uv_fs_req_init_sync(loop, req, UV_FS_FCHMOD); - fs__fchmod(req, file, mode); + fs__fchmod(req); SET_UV_LAST_ERROR_FROM_REQ(req); return req->result; } - - return 0; } int uv_fs_utime(uv_loop_t* loop, uv_fs_t* req, const char* path, double atime, double mtime, uv_fs_cb cb) { - wchar_t* pathw; - int size; + uv_fs_req_init(loop, req, UV_FS_UTIME, cb); - /* Convert to UTF16. */ - UTF8_TO_UTF16(path, pathw); + if (fs__capture_path(loop, req, path, NULL, cb != NULL) < 0) { + return -1; + } + + req->atime = atime; + req->mtime = mtime; if (cb) { - uv_fs_req_init_async(loop, req, UV_FS_UTIME, path, pathw, cb); - req->atime = atime; - req->mtime = mtime; QUEUE_FS_TP_JOB(loop, req); + return 0; } else { - uv_fs_req_init_sync(loop, req, UV_FS_UTIME); - fs__utime(req, pathw, atime, mtime); - free(pathw); + fs__utime(req); SET_UV_LAST_ERROR_FROM_REQ(req); return req->result; } - - return 0; } -int uv_fs_futime(uv_loop_t* loop, uv_fs_t* req, uv_file file, double atime, +int uv_fs_futime(uv_loop_t* loop, uv_fs_t* req, uv_file fd, double atime, double mtime, uv_fs_cb cb) { + uv_fs_req_init(loop, req, UV_FS_FUTIME, cb); + + req->fd = fd; + req->atime = atime; + req->mtime = mtime; + if (cb) { - uv_fs_req_init_async(loop, req, UV_FS_FUTIME, NULL, NULL, cb); - req->file = file; - req->atime = atime; - req->mtime = mtime; QUEUE_FS_TP_JOB(loop, req); + return 0; } else { - uv_fs_req_init_sync(loop, req, UV_FS_FUTIME); - fs__futime(req, file, atime, mtime); + fs__futime(req); SET_UV_LAST_ERROR_FROM_REQ(req); return req->result; } - - return 0; } @@ -1916,33 +1927,20 @@ void uv_process_fs_req(uv_loop_t* loop, uv_fs_t* req) { void uv_fs_req_cleanup(uv_fs_t* req) { - uv_loop_t* loop = req->loop; - - if (req->flags & UV_FS_CLEANEDUP) { + if (req->flags & UV_FS_CLEANEDUP) return; - } - if (req->flags & UV_FS_FREE_PATH && req->pathw) { + if (req->flags & UV_FS_FREE_PATHS) free(req->pathw); - req->pathw = NULL; - } - if (req->flags & UV_FS_FREE_NEW_PATH && req->new_pathw) { - free(req->new_pathw); - req->new_pathw = NULL; - } - - if (req->flags & UV_FS_FREE_PTR && req->ptr) { + if (req->flags & UV_FS_FREE_PTR) free(req->ptr); - } + req->path = NULL; + req->pathw = NULL; + req->new_pathw = NULL; req->ptr = NULL; - if (req->path) { - free(req->path); - req->path = NULL; - } - req->flags |= UV_FS_CLEANEDUP; } diff --git a/deps/uv/src/win/process-stdio.c b/deps/uv/src/win/process-stdio.c index 2ae9a143388..c98e2e47308 100644 --- a/deps/uv/src/win/process-stdio.c +++ b/deps/uv/src/win/process-stdio.c @@ -330,6 +330,13 @@ int uv__stdio_create(uv_loop_t* loop, uv_process_options_t* options, /* Make an inheritable duplicate of the handle. */ if (uv__duplicate_fd(loop, fdopt.data.fd, &child_handle) < 0) { + /* If fdopt.data.fd is not valid and fd fd <= 2, then ignore the */ + /* error. */ + if (fdopt.data.fd <= 2 && loop->last_err.code == UV_EBADF) { + CHILD_STDIO_CRT_FLAGS(buffer, i) = 0; + CHILD_STDIO_HANDLE(buffer, i) = NULL; + break; + } goto error; } diff --git a/deps/uv/src/win/winapi.h b/deps/uv/src/win/winapi.h index df1e822b765..1bf6304b5e5 100644 --- a/deps/uv/src/win/winapi.h +++ b/deps/uv/src/win/winapi.h @@ -4132,6 +4132,10 @@ typedef struct _FILE_BASIC_INFORMATION { DWORD FileAttributes; } FILE_BASIC_INFORMATION, *PFILE_BASIC_INFORMATION; +typedef struct _FILE_DISPOSITION_INFORMATION { + BOOLEAN DeleteFile; +} FILE_DISPOSITION_INFORMATION, *PFILE_DISPOSITION_INFORMATION; + typedef struct _FILE_MODE_INFORMATION { ULONG Mode; } FILE_MODE_INFORMATION, *PFILE_MODE_INFORMATION; @@ -4375,6 +4379,11 @@ typedef NTSTATUS (NTAPI *sNtQuerySystemInformation) # define ENABLE_EXTENDED_FLAGS 0x80 #endif +/* from winerror.h */ +#ifndef ERROR_SYMLINK_NOT_SUPPORTED +# define ERROR_SYMLINK_NOT_SUPPORTED 1464 +#endif + typedef BOOL (WINAPI *sGetQueuedCompletionStatusEx) (HANDLE CompletionPort, LPOVERLAPPED_ENTRY lpCompletionPortEntries, diff --git a/deps/uv/test/test-tcp-unexpected-read.c b/deps/uv/test/test-tcp-unexpected-read.c index 7adb4dae2c0..45559c01332 100644 --- a/deps/uv/test/test-tcp-unexpected-read.c +++ b/deps/uv/test/test-tcp-unexpected-read.c @@ -49,6 +49,8 @@ static void timer_cb(uv_timer_t* handle, int status) { static uv_buf_t alloc_cb(uv_handle_t* handle, size_t suggested_size) { ASSERT(0 && "alloc_cb should not have been called"); + /* Satisfy the compiler. */ + return uv_buf_init(NULL, 0); } From 9e2319f9772c9d07a3bd51cc67bd465bdb9f210d Mon Sep 17 00:00:00 2001 From: Bert Belder Date: Tue, 31 Jul 2012 21:38:58 +0200 Subject: [PATCH 13/35] docs: remove unused require from example Closes GH-3801 --- doc/api/child_process.markdown | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/doc/api/child_process.markdown b/doc/api/child_process.markdown index 5e1094805bd..3bd79f21309 100644 --- a/doc/api/child_process.markdown +++ b/doc/api/child_process.markdown @@ -449,8 +449,7 @@ See also: `child_process.exec()` and `child_process.fork()` Runs a command in a shell and buffers the output. - var util = require('util'), - exec = require('child_process').exec, + var exec = require('child_process').exec, child; child = exec('cat *.js bad_file | wc -l', From 2981f01b461fc69a25d3b7f0c23d32962dbc5ba7 Mon Sep 17 00:00:00 2001 From: Bert Belder Date: Wed, 1 Aug 2012 00:52:37 +0200 Subject: [PATCH 14/35] v8: don't show performance warnings when compiling with msvc Patch sent upstream: http://codereview.chromium.org/10829109/ --- deps/v8/tools/gyp/v8.gyp | 3 +++ 1 file changed, 3 insertions(+) diff --git a/deps/v8/tools/gyp/v8.gyp b/deps/v8/tools/gyp/v8.gyp index ea82d31814e..f742cc6f3cc 100644 --- a/deps/v8/tools/gyp/v8.gyp +++ b/deps/v8/tools/gyp/v8.gyp @@ -721,6 +721,9 @@ '../../src/win32-math.h', ], 'msvs_disabled_warnings': [4351, 4355, 4800], + 'direct_dependent_settings': { + 'msvs_disabled_warnings': [4351, 4355, 4800], + }, 'link_settings': { 'libraries': [ '-lwinmm.lib', '-lws2_32.lib' ], }, From af699c47d1d333dab2eaf438ed78b504ebdb6b79 Mon Sep 17 00:00:00 2001 From: Eugen Dueck Date: Tue, 31 Jul 2012 13:15:46 +0900 Subject: [PATCH 15/35] doc: http: document res.write() `drain` return value --- doc/api/http.markdown | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/doc/api/http.markdown b/doc/api/http.markdown index dbd31ac2216..df4976115c3 100644 --- a/doc/api/http.markdown +++ b/doc/api/http.markdown @@ -426,6 +426,10 @@ header information and the first body to the client. The second time data, and sends that separately. That is, the response is buffered up to the first chunk of body. +Returns `true` if the entire data was flushed successfully to the kernel +buffer. Returns `false` if all or part of the data was queued in user memory. +`'drain'` will be emitted when the buffer is again free. + ### response.addTrailers(headers) This method adds HTTP trailing headers (a header but at the end of the From 285a46d1ca4d8fe1fb7477b8fdbe1d9b377443c4 Mon Sep 17 00:00:00 2001 From: Bert Belder Date: Wed, 1 Aug 2012 01:42:36 +0200 Subject: [PATCH 16/35] uv: upgrade to 6209fe5 --- deps/uv/src/win/fs.c | 6 ++++-- deps/uv/src/win/process-stdio.c | 2 +- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/deps/uv/src/win/fs.c b/deps/uv/src/win/fs.c index 26ffb56b63e..4a2d93624d2 100644 --- a/deps/uv/src/win/fs.c +++ b/deps/uv/src/win/fs.c @@ -390,7 +390,7 @@ void fs__open(uv_fs_t* req) { DWORD access; DWORD share; DWORD disposition; - DWORD attributes; + DWORD attributes = 0; HANDLE file; int result, current_umask; int flags = req->file_flags; @@ -404,6 +404,7 @@ void fs__open(uv_fs_t* req) { switch (flags & (_O_RDONLY | _O_WRONLY | _O_RDWR)) { case _O_RDONLY: access = FILE_GENERIC_READ; + attributes |= FILE_FLAG_BACKUP_SEMANTICS; break; case _O_WRONLY: access = FILE_GENERIC_WRITE; @@ -419,6 +420,7 @@ void fs__open(uv_fs_t* req) { if (flags & _O_APPEND) { access &= ~FILE_WRITE_DATA; access |= FILE_APPEND_DATA; + attributes &= ~FILE_FLAG_BACKUP_SEMANTICS; } /* @@ -453,7 +455,7 @@ void fs__open(uv_fs_t* req) { goto end; } - attributes = FILE_ATTRIBUTE_NORMAL; + attributes |= FILE_ATTRIBUTE_NORMAL; if (flags & _O_CREAT) { if (!((req->mode & ~current_umask) & _S_IWRITE)) { attributes |= FILE_ATTRIBUTE_READONLY; diff --git a/deps/uv/src/win/process-stdio.c b/deps/uv/src/win/process-stdio.c index c98e2e47308..2fe2b232548 100644 --- a/deps/uv/src/win/process-stdio.c +++ b/deps/uv/src/win/process-stdio.c @@ -334,7 +334,7 @@ int uv__stdio_create(uv_loop_t* loop, uv_process_options_t* options, /* error. */ if (fdopt.data.fd <= 2 && loop->last_err.code == UV_EBADF) { CHILD_STDIO_CRT_FLAGS(buffer, i) = 0; - CHILD_STDIO_HANDLE(buffer, i) = NULL; + CHILD_STDIO_HANDLE(buffer, i) = INVALID_HANDLE_VALUE; break; } goto error; From cccce60b3e9ef2c0cafcc5c5248423900d424a66 Mon Sep 17 00:00:00 2001 From: Ben Noordhuis Date: Wed, 1 Aug 2012 13:36:56 +0200 Subject: [PATCH 17/35] installer: don't assume bash is installed Use `/bin/sh` instead of `bash` when running the relocate.sh script. --- tools/installer.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/installer.js b/tools/installer.js index 092179dc278..46b84d49d27 100644 --- a/tools/installer.js +++ b/tools/installer.js @@ -53,7 +53,7 @@ function remove(files) { function shebang(line, npmDir) { var script = JSON.stringify(path.join(npmDir, 'scripts/relocate.sh')); var bin = JSON.stringify(path.join(npmDir, 'bin/npm-cli.js')); - queue.push('bash ' + script + ' ' + line); + queue.push('/bin/sh ' + script + ' ' + line); } // Run every command in queue, one-by-one From f70be41d80b389cb0d1ce12fa93669b0b44e4005 Mon Sep 17 00:00:00 2001 From: isaacs Date: Wed, 1 Aug 2012 10:11:30 -0700 Subject: [PATCH 18/35] blog: Remove ^M chars from profiling-node-js blog post --- doc/blog/Uncategorized/profiling-node-js.md | 104 ++++++++++---------- 1 file changed, 52 insertions(+), 52 deletions(-) diff --git a/doc/blog/Uncategorized/profiling-node-js.md b/doc/blog/Uncategorized/profiling-node-js.md index ff259c3c42c..7c3930c7578 100644 --- a/doc/blog/Uncategorized/profiling-node-js.md +++ b/doc/blog/Uncategorized/profiling-node-js.md @@ -5,56 +5,56 @@ status: publish category: Uncategorized slug: profiling-node-js -It's incredibly easy to visualize where your Node program spends its time using DTrace and node-stackvis (a Node port of Brendan Gregg's FlameGraph tool): - -
    -
  1. Run your Node.js program as usual.
    2. -
  2. In another terminal, run: - 
    -$ dtrace -o stacks.out -n 'profile-97/execname == "node" && arg1/{
-    @[jstack(100, 8000)] = count(); } tick-60s { exit(0); }'
    - This will sample about 100 times per second for 60 seconds and emit results to stacks.out. Note that this will sample all running programs called "node". If you want a specific process, replace execname == "node" with pid == 12345 (the process id). -
    3. -
  3. Use the "stackvis" tool to transform this directly into a flame graph. First, install it: - 
    $ npm install -g stackvis
    - then use stackvis to convert the DTrace output to a flamegraph: - 
    $ stackvis dtrace flamegraph-svg < stacks.out > stacks.svg
    -
    4. -
  4. Open stacks.svg in your favorite browser.
    5. -
- -You'll be looking at something like this: - - - -This is a visualization of all of the profiled call stacks. This example is from the "hello world" HTTP server on the Node.js home page under load. Start at the bottom, where you have "main", which is present in most Node stacks because Node spends most on-CPU time in the main thread. Above each row, you have the functions called by the frame beneath it. As you move up, you'll see actual JavaScript function names. The boxes in each row are not in chronological order, but their width indicates how much time was spent there. When you hover over each box, you can see exactly what percentage of time is spent in each function. This lets you see at a glance where your program spends its time. - -That's the summary. There are a few prerequisites: - -
    -
  • You must gather data on a system that supports DTrace with the Node.js ustack helper. For now, this pretty much means illumos-based systems like SmartOS, including the Joyent Cloud. MacOS users: OS X supports DTrace, but not ustack helpers. The way to get this changed is to contact your Apple developer liason (if you're lucky enough to have one) or file a bug report at bugreport.apple.com. I'd suggest referencing existing bugs 5273057 and 11206497. More bugs filed (even if closed as dups) show more interest and make it more likely Apple will choose to fix this.
    • -
  • You must be on 32-bit Node.js 0.6.7 or later, built --with-dtrace. The helper doesn't work with 64-bit Node yet. On illumos (including SmartOS), development releases (the 0.7.x train) include DTrace support by default.
    • -
- -There are a few other notes: - -
    -
  • You can absolutely profile apps in production, not just development, since compiling with DTrace support has very minimal overhead. You can start and stop profiling without restarting your program.
    • -
  • You may want to run the stacks.out output through c++filt to demangle C++ symbols. Be sure to use the c++filt that came with the compiler you used to build Node. For example: - 
    c++filt < stacks.out > demangled.out
    - then you can use demangled.out to create the flamegraph. -
    • -
  • If you want, you can filter stacks containing a particular function. The best way to do this is to first collapse the original DTrace output, then grep out what you want: - 
    -$ stackvis dtrace collapsed < stacks.out | grep SomeFunction > collapsed.out
-$ stackvis collapsed flamegraph-svg < collapsed.out > stacks.svg
    -
    • -
  • If you've used Brendan's FlameGraph tools, you'll notice the coloring is a little different in the above flamegraph. I ported his tools to Node first so I could incorporate it more easily into other Node programs, but I've also been playing with different coloring options. The current default uses hue to denote stack depth and saturation to indicate time spent. (These are also indicated by position and size.) Other ideas include coloring by module (so V8, JavaScript, libc, etc. show up as different colors.) -
    • -
- -For more on the underlying pieces, see my previous post on Node.js profiling and Brendan's post on Flame Graphs. - -
- +It's incredibly easy to visualize where your Node program spends its time using DTrace and node-stackvis (a Node port of Brendan Gregg's FlameGraph tool): + +
    +
  1. Run your Node.js program as usual.
    2. +
  2. In another terminal, run: + 
    +$ dtrace -o stacks.out -n 'profile-97/execname == "node" && arg1/{
+    @[jstack(100, 8000)] = count(); } tick-60s { exit(0); }'
    + This will sample about 100 times per second for 60 seconds and emit results to stacks.out. Note that this will sample all running programs called "node". If you want a specific process, replace execname == "node" with pid == 12345 (the process id). +
    3. +
  3. Use the "stackvis" tool to transform this directly into a flame graph. First, install it: + 
    $ npm install -g stackvis
    + then use stackvis to convert the DTrace output to a flamegraph: + 
    $ stackvis dtrace flamegraph-svg < stacks.out > stacks.svg
    +
    4. +
  4. Open stacks.svg in your favorite browser.
    5. +
+ +You'll be looking at something like this: + + + +This is a visualization of all of the profiled call stacks. This example is from the "hello world" HTTP server on the Node.js home page under load. Start at the bottom, where you have "main", which is present in most Node stacks because Node spends most on-CPU time in the main thread. Above each row, you have the functions called by the frame beneath it. As you move up, you'll see actual JavaScript function names. The boxes in each row are not in chronological order, but their width indicates how much time was spent there. When you hover over each box, you can see exactly what percentage of time is spent in each function. This lets you see at a glance where your program spends its time. + +That's the summary. There are a few prerequisites: + +
    +
  • You must gather data on a system that supports DTrace with the Node.js ustack helper. For now, this pretty much means illumos-based systems like SmartOS, including the Joyent Cloud. MacOS users: OS X supports DTrace, but not ustack helpers. The way to get this changed is to contact your Apple developer liason (if you're lucky enough to have one) or file a bug report at bugreport.apple.com. I'd suggest referencing existing bugs 5273057 and 11206497. More bugs filed (even if closed as dups) show more interest and make it more likely Apple will choose to fix this.
    • +
  • You must be on 32-bit Node.js 0.6.7 or later, built --with-dtrace. The helper doesn't work with 64-bit Node yet. On illumos (including SmartOS), development releases (the 0.7.x train) include DTrace support by default.
    • +
+ +There are a few other notes: + +
    +
  • You can absolutely profile apps in production, not just development, since compiling with DTrace support has very minimal overhead. You can start and stop profiling without restarting your program.
    • +
  • You may want to run the stacks.out output through c++filt to demangle C++ symbols. Be sure to use the c++filt that came with the compiler you used to build Node. For example: + 
    c++filt < stacks.out > demangled.out
    + then you can use demangled.out to create the flamegraph. +
    • +
  • If you want, you can filter stacks containing a particular function. The best way to do this is to first collapse the original DTrace output, then grep out what you want: + 
    +$ stackvis dtrace collapsed < stacks.out | grep SomeFunction > collapsed.out
+$ stackvis collapsed flamegraph-svg < collapsed.out > stacks.svg
    +
    • +
  • If you've used Brendan's FlameGraph tools, you'll notice the coloring is a little different in the above flamegraph. I ported his tools to Node first so I could incorporate it more easily into other Node programs, but I've also been playing with different coloring options. The current default uses hue to denote stack depth and saturation to indicate time spent. (These are also indicated by position and size.) Other ideas include coloring by module (so V8, JavaScript, libc, etc. show up as different colors.) +
    • +
+ +For more on the underlying pieces, see my previous post on Node.js profiling and Brendan's post on Flame Graphs. + +
+ Dave Pacheco blogs at dtrace.org From fe659a60179c5816f888585894faa6d4134ec3cc Mon Sep 17 00:00:00 2001 From: Dave Pacheco Date: Wed, 1 Aug 2012 10:04:27 -0700 Subject: [PATCH 19/35] update profiling blog post to use shell redirection instead of -o --- doc/blog/Uncategorized/profiling-node-js.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/blog/Uncategorized/profiling-node-js.md b/doc/blog/Uncategorized/profiling-node-js.md index 7c3930c7578..abb51da26e6 100644 --- a/doc/blog/Uncategorized/profiling-node-js.md +++ b/doc/blog/Uncategorized/profiling-node-js.md @@ -11,8 +11,8 @@ It's incredibly easy to visualize where your Node program spends its time using
  • Run your Node.js program as usual.
  • In another terminal, run: 
    -$ dtrace -o stacks.out -n 'profile-97/execname == "node" && arg1/{
-    @[jstack(100, 8000)] = count(); } tick-60s { exit(0); }'
    +$ dtrace -n 'profile-97/execname == "node" && arg1/{ + @[jstack(150, 8000)] = count(); } tick-60s { exit(0); }' > stacks.out This will sample about 100 times per second for 60 seconds and emit results to stacks.out. Note that this will sample all running programs called "node". If you want a specific process, replace execname == "node" with pid == 12345 (the process id).
  • Use the "stackvis" tool to transform this directly into a flame graph. First, install it: From fd56981b4c3a2de866f9cbeda09df0458d0f51b1 Mon Sep 17 00:00:00 2001 From: isaacs Date: Wed, 1 Aug 2012 10:14:17 -0700 Subject: [PATCH 20/35] blog: Remove all windows line endings once and for all --- ...-way-to-build-scalable-network-programs.md | 16 +- .../Uncategorized/development-environment.md | 34 +- .../evolving-the-node-js-brand.md | 52 +- doc/blog/Uncategorized/growing-up.md | 8 +- doc/blog/Uncategorized/jobs-nodejs-org.md | 12 +- .../Uncategorized/ldapjs-a-reprise-of-ldap.md | 146 ++-- doc/blog/Uncategorized/libuv-status-report.md | 74 +- .../node-meetup-this-thursday.md | 6 +- .../node-office-hours-cut-short.md | 8 +- doc/blog/Uncategorized/office-hours.md | 8 +- ...o-windows-with-microsoft%e2%80%99s-help.md | 8 +- .../Uncategorized/some-new-node-projects.md | 10 +- .../the-videos-from-node-meetup.md | 4 +- doc/blog/Uncategorized/trademark.md | 18 +- doc/blog/Uncategorized/version-0-6.md | 8 +- ...server-continuous-deployment-with-fleet.md | 162 ++--- .../service-logging-in-json-with-bunyan.md | 658 +++++++++--------- ...ng-node-js-dependencies-with-shrinkwrap.md | 312 ++++----- .../npm-1-0-global-vs-local-installation.md | 112 +-- doc/blog/npm/npm-1-0-link.md | 212 +++--- doc/blog/npm/npm-1-0-released.md | 56 +- doc/blog/npm/npm-1-0-the-new-ls.md | 272 ++++---- doc/blog/release/node-v0-4-10.md | 32 +- doc/blog/release/node-v0-4-11.md | 60 +- doc/blog/release/node-v0-4-12.md | 40 +- doc/blog/release/node-v0-4-3.md | 48 +- doc/blog/release/node-v0-4-4.md | 36 +- doc/blog/release/node-v0-4-5.md | 40 +- doc/blog/release/node-v0-4-6.md | 36 +- doc/blog/release/node-v0-4-7.md | 28 +- doc/blog/release/node-v0-4-8.md | 92 +-- doc/blog/release/node-v0-4-9.md | 42 +- doc/blog/release/node-v0-5-0-unstable.md | 60 +- doc/blog/release/node-v0-5-1.md | 42 +- doc/blog/release/node-v0-5-10.md | 64 +- doc/blog/release/node-v0-5-2.md | 36 +- doc/blog/release/node-v0-5-3.md | 88 +-- doc/blog/release/node-v0-5-4.md | 54 +- doc/blog/release/node-v0-5-5.md | 62 +- doc/blog/release/node-v0-5-6.md | 80 +-- doc/blog/release/node-v0-5-7-unstable.md | 52 +- doc/blog/release/node-v0-5-8.md | 34 +- doc/blog/release/node-v0-5-9.md | 36 +- doc/blog/release/node-v0-6-0.md | 142 ++-- doc/blog/release/node-v0-6-1.md | 48 +- doc/blog/release/node-v0-6-10.md | 42 +- doc/blog/release/node-v0-6-2.md | 36 +- doc/blog/release/node-v0-6-3.md | 42 +- doc/blog/release/node-v0-6-4.md | 44 +- doc/blog/release/node-v0-6-5.md | 24 +- doc/blog/release/node-v0-6-6.md | 46 +- doc/blog/release/node-v0-6-7.md | 64 +- doc/blog/release/node-v0-6-8.md | 44 +- doc/blog/release/node-v0-6-9.md | 42 +- doc/blog/release/node-v0-7-0-unstable.md | 40 +- doc/blog/release/node-v0-7-1.md | 42 +- doc/blog/release/node-v0-7-2-unstable.md | 46 +- doc/blog/release/node-v0-7-3.md | 60 +- .../release/node-version-0-6-19-stable.md | 104 +-- .../release/node-version-0-7-9-unstable.md | 128 ++-- doc/blog/release/version-0-6-11-stable.md | 110 +-- doc/blog/release/version-0-6-12-stable.md | 114 +-- doc/blog/release/version-0-6-13-stable.md | 82 +-- doc/blog/release/version-0-6-14-stable.md | 92 +-- doc/blog/release/version-0-6-15-stable.md | 88 +-- doc/blog/release/version-0-6-16-stable.md | 100 +-- doc/blog/release/version-0-6-17-stable.md | 76 +- doc/blog/release/version-0-6-18-stable.md | 100 +-- doc/blog/release/version-0-7-10-unstable.md | 154 ++-- doc/blog/release/version-0-7-11-unstable.md | 142 ++-- doc/blog/release/version-0-7-12.md | 94 +-- doc/blog/release/version-0-7-4-unstable.md | 82 +-- doc/blog/release/version-0-7-5-unstable.md | 106 +-- doc/blog/release/version-0-7-6-unstable.md | 126 ++-- doc/blog/release/version-0-7-7-unstable.md | 124 ++-- doc/blog/release/version-0-7-8-unstable.md | 124 ++-- ...antrill-instrumenting-the-real-time-web.md | 14 +- ...-vulnerability-please-upgrade-to-0-6-17.md | 74 +- 78 files changed, 3027 insertions(+), 3027 deletions(-) diff --git a/doc/blog/Uncategorized/an-easy-way-to-build-scalable-network-programs.md b/doc/blog/Uncategorized/an-easy-way-to-build-scalable-network-programs.md index e1a509ecd78..a555ac6bba7 100644 --- a/doc/blog/Uncategorized/an-easy-way-to-build-scalable-network-programs.md +++ b/doc/blog/Uncategorized/an-easy-way-to-build-scalable-network-programs.md @@ -5,12 +5,12 @@ status: publish category: Uncategorized slug: an-easy-way-to-build-scalable-network-programs -Suppose you're writing a web server which does video encoding on each file upload. Video encoding is very much compute bound. Some recent blog posts suggest that Node.js would fail miserably at this. - -Using Node does not mean that you have to write a video encoding algorithm in JavaScript (a language without even 64 bit integers) and crunch away in the main server event loop. The suggested approach is to separate the I/O bound task of receiving uploads and serving downloads from the compute bound task of video encoding. In the case of video encoding this is accomplished by forking out to ffmpeg. Node provides advanced means of asynchronously controlling subprocesses for work like this. - -It has also been suggested that Node does not take advantage of multicore machines. Node has long supported load-balancing connections over multiple processes in just a few lines of code - in this way a Node server will use the available cores. In coming releases we'll make it even easier: just pass --balance on the command line and Node will manage the cluster of processes. - -Node has a clear purpose: provide an easy way to build scalable network programs. It is not a tool for every problem. Do not write a ray tracer with Node. Do not write a web browser with Node. Do however reach for Node if tasked with writing a DNS server, DHCP server, or even a video encoding server. - +Suppose you're writing a web server which does video encoding on each file upload. Video encoding is very much compute bound. Some recent blog posts suggest that Node.js would fail miserably at this. + +Using Node does not mean that you have to write a video encoding algorithm in JavaScript (a language without even 64 bit integers) and crunch away in the main server event loop. The suggested approach is to separate the I/O bound task of receiving uploads and serving downloads from the compute bound task of video encoding. In the case of video encoding this is accomplished by forking out to ffmpeg. Node provides advanced means of asynchronously controlling subprocesses for work like this. + +It has also been suggested that Node does not take advantage of multicore machines. Node has long supported load-balancing connections over multiple processes in just a few lines of code - in this way a Node server will use the available cores. In coming releases we'll make it even easier: just pass --balance on the command line and Node will manage the cluster of processes. + +Node has a clear purpose: provide an easy way to build scalable network programs. It is not a tool for every problem. Do not write a ray tracer with Node. Do not write a web browser with Node. Do however reach for Node if tasked with writing a DNS server, DHCP server, or even a video encoding server. + By relying on the kernel to schedule and preempt computationally expensive tasks and to load balance incoming connections, Node appears less magical than server platforms that employ userland scheduling. So far, our focus on simplicity and transparency has paid off: the number of success stories from developers and corporations who are adopting the technology continues to grow. diff --git a/doc/blog/Uncategorized/development-environment.md b/doc/blog/Uncategorized/development-environment.md index f7141815890..e6015e04cd1 100644 --- a/doc/blog/Uncategorized/development-environment.md +++ b/doc/blog/Uncategorized/development-environment.md @@ -5,21 +5,21 @@ status: publish category: Uncategorized slug: development-environment -If you're compiling a software package because you need a particular version (e.g. the latest), then it requires a little bit more maintenance than using a package manager like dpkg. Software that you compile yourself should *not* go into /usr, it should go into your home directory. This is part of being a software developer. - -One way of doing this is to install everything into $HOME/local/$PACKAGE. Here is how I install node on my machine:
    ./configure --prefix=$HOME/local/node-v0.4.5 && make install
    - -To have my paths automatically set I put this inside my $HOME/.zshrc:
    PATH="$HOME/local/bin:/opt/local/bin:/usr/bin:/sbin:/bin"
-LD_LIBRARY_PATH="/opt/local/lib:/usr/local/lib:/usr/lib"
-for i in $HOME/local/*; do
-  [ -d $i/bin ] && PATH="${i}/bin:${PATH}"
-  [ -d $i/sbin ] && PATH="${i}/sbin:${PATH}"
-  [ -d $i/include ] && CPATH="${i}/include:${CPATH}"
-  [ -d $i/lib ] && LD_LIBRARY_PATH="${i}/lib:${LD_LIBRARY_PATH}"
-  [ -d $i/lib/pkgconfig ] && PKG_CONFIG_PATH="${i}/lib/pkgconfig:${PKG_CONFIG_PATH}"
-  [ -d $i/share/man ] && MANPATH="${i}/share/man:${MANPATH}"
-done
    - -Node is under sufficiently rapid development that everyone should be compiling it themselves. A corollary of this is that npm (which should be installed alongside Node) does not require root to install packages. - +If you're compiling a software package because you need a particular version (e.g. the latest), then it requires a little bit more maintenance than using a package manager like dpkg. Software that you compile yourself should *not* go into /usr, it should go into your home directory. This is part of being a software developer. + +One way of doing this is to install everything into $HOME/local/$PACKAGE. Here is how I install node on my machine:
    ./configure --prefix=$HOME/local/node-v0.4.5 && make install
    + +To have my paths automatically set I put this inside my $HOME/.zshrc:
    PATH="$HOME/local/bin:/opt/local/bin:/usr/bin:/sbin:/bin"
+LD_LIBRARY_PATH="/opt/local/lib:/usr/local/lib:/usr/lib"
+for i in $HOME/local/*; do
+  [ -d $i/bin ] && PATH="${i}/bin:${PATH}"
+  [ -d $i/sbin ] && PATH="${i}/sbin:${PATH}"
+  [ -d $i/include ] && CPATH="${i}/include:${CPATH}"
+  [ -d $i/lib ] && LD_LIBRARY_PATH="${i}/lib:${LD_LIBRARY_PATH}"
+  [ -d $i/lib/pkgconfig ] && PKG_CONFIG_PATH="${i}/lib/pkgconfig:${PKG_CONFIG_PATH}"
+  [ -d $i/share/man ] && MANPATH="${i}/share/man:${MANPATH}"
+done
    + +Node is under sufficiently rapid development that everyone should be compiling it themselves. A corollary of this is that npm (which should be installed alongside Node) does not require root to install packages. + CPAN and RubyGems have blurred the lines between development tools and system package managers. With npm we wish to draw a clear line: it is not a system package manager. It is not for installing firefox or ffmpeg or OpenSSL; it is for rapidly downloading, building, and setting up Node packages. npm is a development tool. When a program written in Node becomes sufficiently mature it should be distributed as a tarball, .deb, .rpm, or other package system. It should not be distributed to end users with npm. diff --git a/doc/blog/Uncategorized/evolving-the-node-js-brand.md b/doc/blog/Uncategorized/evolving-the-node-js-brand.md index dbb7f852f15..e631a227027 100644 --- a/doc/blog/Uncategorized/evolving-the-node-js-brand.md +++ b/doc/blog/Uncategorized/evolving-the-node-js-brand.md @@ -5,30 +5,30 @@ status: publish category: Uncategorized slug: evolving-the-node-js-brand -To echo Node’s evolutionary nature, we have refreshed the identity to help mark an exciting time for developers, businesses and users who benefit from the pioneering technology. - -Building a brand - -We began exploring elements to express Node.js and jettisoned preconceived notions about what we thought Node should look like, and focused on what Node is: kinetic,connected, scalable, modular, mechanical and organic. Working with designer Chris Glass, our explorations emphasized Node's dynamism and formed a visual language based on structure, relationships and interconnectedness. - - - -Inspired by process visualization, we discovered pattern, form, and by relief, the hex shape. The angled infrastructure encourages energy to move through the letterforms. - - - -This language can expand into the organic network topography of Node or distill down into a single hex connection point. - -This scaling represents the dynamic nature of Node in a simple, distinct manner. - - - -We look forward to exploring this visual language as the technology charges into a very promising future. - - - -We hope you'll have fun using it. - -To download the new logo, visit nodejs.org/logos. - +To echo Node’s evolutionary nature, we have refreshed the identity to help mark an exciting time for developers, businesses and users who benefit from the pioneering technology. + +Building a brand + +We began exploring elements to express Node.js and jettisoned preconceived notions about what we thought Node should look like, and focused on what Node is: kinetic,connected, scalable, modular, mechanical and organic. Working with designer Chris Glass, our explorations emphasized Node's dynamism and formed a visual language based on structure, relationships and interconnectedness. + + + +Inspired by process visualization, we discovered pattern, form, and by relief, the hex shape. The angled infrastructure encourages energy to move through the letterforms. + + + +This language can expand into the organic network topography of Node or distill down into a single hex connection point. + +This scaling represents the dynamic nature of Node in a simple, distinct manner. + + + +We look forward to exploring this visual language as the technology charges into a very promising future. + + + +We hope you'll have fun using it. + +To download the new logo, visit nodejs.org/logos. + diff --git a/doc/blog/Uncategorized/growing-up.md b/doc/blog/Uncategorized/growing-up.md index 6faff59cec7..10e1d58d006 100644 --- a/doc/blog/Uncategorized/growing-up.md +++ b/doc/blog/Uncategorized/growing-up.md @@ -5,8 +5,8 @@ status: publish category: Uncategorized slug: growing-up -This week Microsoft announced support for Node in Windows Azure, their cloud computing platform. For the Node core team and the community, this is an important milestone. We've worked hard over the past six months reworking Node's machinery to support IO completion ports and Visual Studio to provide a good native port to Windows. The overarching goal of the port was to expand our user base to the largest number of developers. Happily, this has paid off in the form of being a first class citizen on Azure. Many users who would have never used Node as a pure unix tool are now up and running on the Windows platform. More users translates into a deeper and better ecosystem of modules, which makes for a better experience for everyone. - -We also redesigned our website - something that we've put off for a long time because we felt that Node was too nascent to dedicate marketing to it. But now that we have binary distributions for Macintosh and Windows, have bundled npm, and are serving millions of users at various companies, we felt ready to indulge in a new website and share of a few of our success stories on the home page. - +This week Microsoft announced support for Node in Windows Azure, their cloud computing platform. For the Node core team and the community, this is an important milestone. We've worked hard over the past six months reworking Node's machinery to support IO completion ports and Visual Studio to provide a good native port to Windows. The overarching goal of the port was to expand our user base to the largest number of developers. Happily, this has paid off in the form of being a first class citizen on Azure. Many users who would have never used Node as a pure unix tool are now up and running on the Windows platform. More users translates into a deeper and better ecosystem of modules, which makes for a better experience for everyone. + +We also redesigned our website - something that we've put off for a long time because we felt that Node was too nascent to dedicate marketing to it. But now that we have binary distributions for Macintosh and Windows, have bundled npm, and are serving millions of users at various companies, we felt ready to indulge in a new website and share of a few of our success stories on the home page. + Work is on-going. We continue to improve the software, making performance improvements and adding isolate support, but Node is growing up. diff --git a/doc/blog/Uncategorized/jobs-nodejs-org.md b/doc/blog/Uncategorized/jobs-nodejs-org.md index bf8278b816c..fe20efe911a 100644 --- a/doc/blog/Uncategorized/jobs-nodejs-org.md +++ b/doc/blog/Uncategorized/jobs-nodejs-org.md @@ -5,10 +5,10 @@ status: publish category: Uncategorized slug: jobs-nodejs-org -We are starting an official jobs board for Node. There are two goals for this - -1. Promote the small emerging economy around this platform by having a central space for employers to find Node programmers. - -2. Make some money. We work hard to build this platform and taking a small tax for job posts seems a like reasonable "tip jar". - +We are starting an official jobs board for Node. There are two goals for this + +1. Promote the small emerging economy around this platform by having a central space for employers to find Node programmers. + +2. Make some money. We work hard to build this platform and taking a small tax for job posts seems a like reasonable "tip jar". + jobs.nodejs.org diff --git a/doc/blog/Uncategorized/ldapjs-a-reprise-of-ldap.md b/doc/blog/Uncategorized/ldapjs-a-reprise-of-ldap.md index 57d4af7fe13..7174e2b7cc6 100644 --- a/doc/blog/Uncategorized/ldapjs-a-reprise-of-ldap.md +++ b/doc/blog/Uncategorized/ldapjs-a-reprise-of-ldap.md @@ -5,80 +5,80 @@ status: publish category: Uncategorized slug: ldapjs-a-reprise-of-ldap -This post has been about 10 years in the making. My first job out of college was at IBM working on the Tivoli Directory Server, and at the time I had a preconceived notion that working on anything related to Internet RFCs was about as hot as you could get. I spent a lot of time back then getting "down and dirty" with everything about LDAP: the protocol, performance, storage engines, indexing and querying, caching, customer use cases and patterns, general network server patterns, etc. Basically, I soaked up as much as I possibly could while I was there. On top of that, I listened to all the "gray beards" tell me about the history of LDAP, which was a bizarre marriage of telecommunications conglomerates and graduate students. The point of this blog post is to give you a crash course in LDAP, and explain what makes ldapjs different. Allow me to be the gray beard for a bit... -

    What is LDAP and where did it come from?

    +This post has been about 10 years in the making. My first job out of college was at IBM working on the Tivoli Directory Server, and at the time I had a preconceived notion that working on anything related to Internet RFCs was about as hot as you could get. I spent a lot of time back then getting "down and dirty" with everything about LDAP: the protocol, performance, storage engines, indexing and querying, caching, customer use cases and patterns, general network server patterns, etc. Basically, I soaked up as much as I possibly could while I was there. On top of that, I listened to all the "gray beards" tell me about the history of LDAP, which was a bizarre marriage of telecommunications conglomerates and graduate students. The point of this blog post is to give you a crash course in LDAP, and explain what makes ldapjs different. Allow me to be the gray beard for a bit... +

    What is LDAP and where did it come from?

    -Directory services were largely pioneered by the telecommunications companies (e.g., AT&T) to allow fast information retrieval of all the crap you'd expect would be in a telephone book and directory. That is, given a name, or an address, or an area code, or a number, or a foo support looking up customer records, billing information, routing information, etc. The efforts of several telcos came to exist in the X.500 standard(s). An X.500 directory is one of the most complicated beasts you can possibly imagine, but on a high note, there's -probably not a thing you can imagine in a directory service that wasn't thought of in there. It is literally the kitchen sink. Oh, and it doesn't run over IP (it's actually on the OSI model). - -Several years after X.500 had been deployed (at telcos, academic institutions, etc.), it became clear that the Internet was "for real." LDAP, the "Lightweight Directory Access Protocol," was invented to act purely as an IP-accessible gateway to an X.500 directory. - -At some point in the early 90's, a graduate student at the University of Michigan (with some help) cooked up the "grandfather" implementation of the LDAP protocol, which wasn't actually a "gateway," but rather a stand-alone implementation of LDAP. Said implementation, like many things at the time, was a process-per-connection concurrency model, and had "backends" (aka storage engine) for the file system and the Unix DB API. At some point the Berkeley Database (BDB) was put in, and still remains the de facto storage engine for most LDAP directories. - -Ok, so some a graduate student at UM wrote an LDAP server that wasn't a gateway. So what? Well, that UM code base turns out to be the thing that pretty much every vendor did a source license for. Those graduate students went off to Netscape later in the 90's, and largely dominated the market of LDAP middleware until Active Directory came along many years later (as far as I know, Active Directory is "from scratch", since while it's "almost" LDAP, it's different in a lot of ways). That Netscape code base was further bought and sold over the years to iPlanet, Sun Microsystems, and Red Hat (I'm probably missing somebody in that chain). It now lives in the Fedora umbrella as '389 Directory Server.' Probably the most popular fork of that code base now is OpenLDAP. - -IBM did the same thing, and the Directory Server I worked on was a fork of the UM code too, but it heavily diverged from the Netscape branches. The divergence was primarily due to: (1) backing to DB2 as opposed to BDB, and (2) needing to run on IBM's big iron like OS/400 and Z series mainframes. - -Macro point is that there have actually been very few "fresh" implementations of LDAP, and it gets a pretty bad reputation because at the end of the day you've got 20 years of "bolt-ons" to grad student code. Oh, and it was born out of ginormous telcos, so of course the protocol is overly complex. - -That said, while there certainly is some wacky stuff in the LDAP protocol itself, it really suffered from poor and buggy implementations more than the fact that LDAP itself was fundamentally flawed. As engine yard pointed out a few years back, you can think of LDAP as the original NoSQL store. -

    LDAP: The Good Parts

    +Directory services were largely pioneered by the telecommunications companies (e.g., AT&T) to allow fast information retrieval of all the crap you'd expect would be in a telephone book and directory. That is, given a name, or an address, or an area code, or a number, or a foo support looking up customer records, billing information, routing information, etc. The efforts of several telcos came to exist in the X.500 standard(s). An X.500 directory is one of the most complicated beasts you can possibly imagine, but on a high note, there's +probably not a thing you can imagine in a directory service that wasn't thought of in there. It is literally the kitchen sink. Oh, and it doesn't run over IP (it's actually on the OSI model). -So what's awesome about LDAP? Since it's a directory system it maintains a hierarchy of your data, which as an information management pattern aligns -with _a lot_ of use case (the quintessential example is white pages for people in your company, but subscriptions to SaaS applications, "host groups" -for tracking machines/instances, physical goods tracking, etc., all have use cases that fit that organization scheme). For example, presumably at your job -you have a "reporting chain." Let's say a given record in LDAP (I'll use myself as a guinea pig here) looks like: -
        firstName: Mark
-    lastName: Cavage
-    city: Seattle
-    uid: markc
-    state: Washington
-    mail: mcavagegmailcom
-    phone: (206) 555-1212
-    title: Software Engineer
-    department: 123456
-    objectclass: joyentPerson
    -The record for me would live under the tree of engineers I report to (and as an example some other popular engineers under said vice president) would look like: -
                       uid=david
-                    /
-               uid=bryan
-            /      |      \
-      uid=markc  uid=ryah  uid=isaacs
    -Ok, so we've got a tree. It's not tremendously different from your filesystem, but how do we find people? LDAP has a rich search filter syntax that makes a lot of sense for key/value data (far more than tacking Map Reduce jobs on does, imo), and all search queries take a "start point" in the tree. Here's an example: let's say I wanted to find all "Software Engineers" in the entire company, a filter would look like: -
         (title="Software Engineer")
    -And I'd just start my search from 'uid=david' in the example above. Let's say I wanted to find all software engineers who worked in Seattle: -
         (&(title="Software Engineer")(city=Seattle))
    -I could keep going, but the gist is that LDAP has "full" boolean predicate logic, wildcard filters, etc. It's really rich. - -Oh, and on top of the technical merits, better or worse, it's an established standard for both administrators and applications (i.e., most "shipped" intranet software has either a local user repository or the ability to leverage an LDAP server somewhere). So there's a lot of compelling reasons to look at leveraging LDAP. -

    ldapjs: Why do I care?

    +Several years after X.500 had been deployed (at telcos, academic institutions, etc.), it became clear that the Internet was "for real." LDAP, the "Lightweight Directory Access Protocol," was invented to act purely as an IP-accessible gateway to an X.500 directory. -As I said earlier, I spent a lot of time at IBM observing how customers used LDAP, and the real items I took away from that experience were: -
      -
    • LDAP implementations have suffered a lot from never having been designed from the ground up for a large number of concurrent connections with asynchronous operations.
      • -
    • There are use cases for LDAP that just don't always fit the traditional "here's my server and storage engine" model. A lot of simple customer use cases wanted an LDAP access point, but not be forced into taking the heavy backends that came with it (they wanted the original gateway model!). There was an entire "sub" industry for this known as "meta directories" back in the late 90's and early 2000's.
      • -
    • Replication was always a sticking point. LDAP vendors all tried to offer a big multi-master, multi-site replication model. It was a lot of "bolt-on" complexity, done before the CAP theorem was written, and certainly before it was accepted as "truth."
      • -
    • Nobody uses all of the protocol. In fact, 20% of the features solve 80% of the use cases (I'm making that number up, but you get the idea).
      • -
    - -For all the good parts of LDAP, those are really damned big failing points, and even I eventually abandoned LDAP for the greener pastures of NoSQL somewhere -along the way. But it always nagged at me that LDAP didn't get it's due because of a lot of implementation problems (to be clear, if I could, I'd change some -aspects of the protocol itself too, but that's a lot harder). - -Well, in the last year, I went to work for Joyent, and like everyone else, we have several use problems that are classic directory service problems. If you break down the list I outlined above: -
      -
    • Connection-oriented and asynchronous: Holy smokes batman, node.js is a completely kick-ass event-driven asynchronous server platform that manages connections like a boss. Check!
      • -
    • Lots of use cases: Yeah, we've got some. Man, the sinatra/express paradigm is so easy to slap over anything. How about we just do that and leave as many use cases open as we can. Check!
      • -
    • Replication is hard. CAP is right: There are a lot of distributed databases out vying to solve exactly this problem. At Joyent we went with Riak. Check!
      • -
    • Don't need all of the protocol: I'm lazy. Let's just skip the stupid things most people don't need. Check!
      • -
    - -So that's the crux of ldapjs right there. Giving you the ability to put LDAP back into your application while nailing those 4 fundamental problems that plague most existing LDAP deployments. - -The obvious question is how it turned out, and the answer is, honestly, better than I thought it would. When I set out to do this, I actually assumed I'd be shipping a much smaller percentage of the RFC than is there. There's actually about 95% of the core RFC implemented. I wasn't sure if the marriage of this protocol to node/JavaScript would work out, but if you've used express ever, this should be _really_ familiar. And I tried to make it as natural as possible to use "pure" JavaScript objects, rather than requiring the developer to understand ASN.1 (the binary wire protocol) or the LDAP RFC in detail (this one mostly worked out; ldap_modify is still kind of a PITA). - -Within 24 hours of releasing ldapjs on Twitter, there was an implementation of an address book that works with Thunderbird/Evolution, by the end of that weekend there was some slick integration with CouchDB, and ldapjs even got used in one of the node knockout apps. Off to a pretty good start! - -

    The Road Ahead

    +At some point in the early 90's, a graduate student at the University of Michigan (with some help) cooked up the "grandfather" implementation of the LDAP protocol, which wasn't actually a "gateway," but rather a stand-alone implementation of LDAP. Said implementation, like many things at the time, was a process-per-connection concurrency model, and had "backends" (aka storage engine) for the file system and the Unix DB API. At some point the Berkeley Database (BDB) was put in, and still remains the de facto storage engine for most LDAP directories. -Hopefully you've been motivated to learn a little bit more about LDAP and try out ldapjs. The best place to start is probably the guide. After that you'll probably need to pick up a book from back in the day. ldapjs itself is still in its infancy; there's quite a bit of room to add some slick client-side logic (e.g., connection pools, automatic reconnects), easy to use schema validation, backends, etc. By the time this post is live, there will be experimental dtrace support if you're running on Mac OS X or preferably Joyent's SmartOS (shameless plug). And that nagging percentage of the protocol I didn't do will get filled in over time I suspect. If you've got an interest in any of this, send me some pull requests, but most importantly, I just want to see LDAP not just be a skeleton in the closet and get used in places where you should be using it. So get out there and write you some LDAP. +Ok, so some a graduate student at UM wrote an LDAP server that wasn't a gateway. So what? Well, that UM code base turns out to be the thing that pretty much every vendor did a source license for. Those graduate students went off to Netscape later in the 90's, and largely dominated the market of LDAP middleware until Active Directory came along many years later (as far as I know, Active Directory is "from scratch", since while it's "almost" LDAP, it's different in a lot of ways). That Netscape code base was further bought and sold over the years to iPlanet, Sun Microsystems, and Red Hat (I'm probably missing somebody in that chain). It now lives in the Fedora umbrella as '389 Directory Server.' Probably the most popular fork of that code base now is OpenLDAP. + +IBM did the same thing, and the Directory Server I worked on was a fork of the UM code too, but it heavily diverged from the Netscape branches. The divergence was primarily due to: (1) backing to DB2 as opposed to BDB, and (2) needing to run on IBM's big iron like OS/400 and Z series mainframes. + +Macro point is that there have actually been very few "fresh" implementations of LDAP, and it gets a pretty bad reputation because at the end of the day you've got 20 years of "bolt-ons" to grad student code. Oh, and it was born out of ginormous telcos, so of course the protocol is overly complex. + +That said, while there certainly is some wacky stuff in the LDAP protocol itself, it really suffered from poor and buggy implementations more than the fact that LDAP itself was fundamentally flawed. As engine yard pointed out a few years back, you can think of LDAP as the original NoSQL store. +

    LDAP: The Good Parts

    + +So what's awesome about LDAP? Since it's a directory system it maintains a hierarchy of your data, which as an information management pattern aligns +with _a lot_ of use case (the quintessential example is white pages for people in your company, but subscriptions to SaaS applications, "host groups" +for tracking machines/instances, physical goods tracking, etc., all have use cases that fit that organization scheme). For example, presumably at your job +you have a "reporting chain." Let's say a given record in LDAP (I'll use myself as a guinea pig here) looks like: +
        firstName: Mark
+    lastName: Cavage
+    city: Seattle
+    uid: markc
+    state: Washington
+    mail: mcavagegmailcom
+    phone: (206) 555-1212
+    title: Software Engineer
+    department: 123456
+    objectclass: joyentPerson
    +The record for me would live under the tree of engineers I report to (and as an example some other popular engineers under said vice president) would look like: +
                       uid=david
+                    /
+               uid=bryan
+            /      |      \
+      uid=markc  uid=ryah  uid=isaacs
    +Ok, so we've got a tree. It's not tremendously different from your filesystem, but how do we find people? LDAP has a rich search filter syntax that makes a lot of sense for key/value data (far more than tacking Map Reduce jobs on does, imo), and all search queries take a "start point" in the tree. Here's an example: let's say I wanted to find all "Software Engineers" in the entire company, a filter would look like: +
         (title="Software Engineer")
    +And I'd just start my search from 'uid=david' in the example above. Let's say I wanted to find all software engineers who worked in Seattle: +
         (&(title="Software Engineer")(city=Seattle))
    +I could keep going, but the gist is that LDAP has "full" boolean predicate logic, wildcard filters, etc. It's really rich. + +Oh, and on top of the technical merits, better or worse, it's an established standard for both administrators and applications (i.e., most "shipped" intranet software has either a local user repository or the ability to leverage an LDAP server somewhere). So there's a lot of compelling reasons to look at leveraging LDAP. +

    ldapjs: Why do I care?

    + +As I said earlier, I spent a lot of time at IBM observing how customers used LDAP, and the real items I took away from that experience were: +
      +
    • LDAP implementations have suffered a lot from never having been designed from the ground up for a large number of concurrent connections with asynchronous operations.
      • +
    • There are use cases for LDAP that just don't always fit the traditional "here's my server and storage engine" model. A lot of simple customer use cases wanted an LDAP access point, but not be forced into taking the heavy backends that came with it (they wanted the original gateway model!). There was an entire "sub" industry for this known as "meta directories" back in the late 90's and early 2000's.
      • +
    • Replication was always a sticking point. LDAP vendors all tried to offer a big multi-master, multi-site replication model. It was a lot of "bolt-on" complexity, done before the CAP theorem was written, and certainly before it was accepted as "truth."
      • +
    • Nobody uses all of the protocol. In fact, 20% of the features solve 80% of the use cases (I'm making that number up, but you get the idea).
      • +
    + +For all the good parts of LDAP, those are really damned big failing points, and even I eventually abandoned LDAP for the greener pastures of NoSQL somewhere +along the way. But it always nagged at me that LDAP didn't get it's due because of a lot of implementation problems (to be clear, if I could, I'd change some +aspects of the protocol itself too, but that's a lot harder). + +Well, in the last year, I went to work for Joyent, and like everyone else, we have several use problems that are classic directory service problems. If you break down the list I outlined above: +
      +
    • Connection-oriented and asynchronous: Holy smokes batman, node.js is a completely kick-ass event-driven asynchronous server platform that manages connections like a boss. Check!
      • +
    • Lots of use cases: Yeah, we've got some. Man, the sinatra/express paradigm is so easy to slap over anything. How about we just do that and leave as many use cases open as we can. Check!
      • +
    • Replication is hard. CAP is right: There are a lot of distributed databases out vying to solve exactly this problem. At Joyent we went with Riak. Check!
      • +
    • Don't need all of the protocol: I'm lazy. Let's just skip the stupid things most people don't need. Check!
      • +
    + +So that's the crux of ldapjs right there. Giving you the ability to put LDAP back into your application while nailing those 4 fundamental problems that plague most existing LDAP deployments. + +The obvious question is how it turned out, and the answer is, honestly, better than I thought it would. When I set out to do this, I actually assumed I'd be shipping a much smaller percentage of the RFC than is there. There's actually about 95% of the core RFC implemented. I wasn't sure if the marriage of this protocol to node/JavaScript would work out, but if you've used express ever, this should be _really_ familiar. And I tried to make it as natural as possible to use "pure" JavaScript objects, rather than requiring the developer to understand ASN.1 (the binary wire protocol) or the LDAP RFC in detail (this one mostly worked out; ldap_modify is still kind of a PITA). + +Within 24 hours of releasing ldapjs on Twitter, there was an implementation of an address book that works with Thunderbird/Evolution, by the end of that weekend there was some slick integration with CouchDB, and ldapjs even got used in one of the node knockout apps. Off to a pretty good start! + +

    The Road Ahead

    + +Hopefully you've been motivated to learn a little bit more about LDAP and try out ldapjs. The best place to start is probably the guide. After that you'll probably need to pick up a book from back in the day. ldapjs itself is still in its infancy; there's quite a bit of room to add some slick client-side logic (e.g., connection pools, automatic reconnects), easy to use schema validation, backends, etc. By the time this post is live, there will be experimental dtrace support if you're running on Mac OS X or preferably Joyent's SmartOS (shameless plug). And that nagging percentage of the protocol I didn't do will get filled in over time I suspect. If you've got an interest in any of this, send me some pull requests, but most importantly, I just want to see LDAP not just be a skeleton in the closet and get used in places where you should be using it. So get out there and write you some LDAP. diff --git a/doc/blog/Uncategorized/libuv-status-report.md b/doc/blog/Uncategorized/libuv-status-report.md index 68637a43b92..4d7f3e987e5 100644 --- a/doc/blog/Uncategorized/libuv-status-report.md +++ b/doc/blog/Uncategorized/libuv-status-report.md @@ -5,41 +5,41 @@ status: publish category: Uncategorized slug: libuv-status-report -We announced back in July that with Microsoft's support Joyent would be porting Node to Windows. This effort is ongoing but I thought it would be nice to make a status report post about the new platform library libuv which has resulted from porting Node to Windows. - -libuv's purpose is to abstract platform-dependent code in Node into one place where it can be tested for correctness and performance before bindings to V8 are added. Since Node is totally non-blocking, libuv turns out to be a rather useful library itself: a BSD-licensed, minimal, high-performance, cross-platform networking library. - -We attempt to not reinvent the wheel where possible. The entire Unix backend sits heavily on Marc Lehmann's beautiful libraries libev and libeio. For DNS we integrated with Daniel Stenberg's C-Ares. For cross-platform build-system support we're relying on Chrome's GYP meta-build system. - -The current implmented features are: -
      -
    • Non-blocking TCP sockets (using IOCP on Windows)
      • -
    • Non-blocking named pipes
      • -
    • UDP
      • -
    • Timers
      • -
    • Child process spawning
      • -
    • Asynchronous DNS via c-ares or uv_getaddrinfo.
      • -
    • Asynchronous file system APIs uv_fs_*
      • -
    • High resolution time uv_hrtime
      • -
    • Current executable path look up uv_exepath
      • -
    • Thread pool scheduling uv_queue_work
      • -
    -The features we are working on still are -
      -
    • File system events (Currently supports inotify, ReadDirectoryChangesW and will support kqueue and event ports in the near future.) uv_fs_event_t
      • -
    • VT100 TTY uv_tty_t
      • -
    • Socket sharing between processes uv_ipc_t (planned API)
      • -
    -For complete documentation see the header file: include/uv.h. There are a number of tests in the test directory which demonstrate the API. - -libuv supports Microsoft Windows operating systems since Windows XP SP2. It can be built with either Visual Studio or MinGW. Solaris 121 and later using GCC toolchain. Linux 2.6 or better using the GCC toolchain. Macinotsh Darwin using the GCC or XCode toolchain. It is known to work on the BSDs but we do not check the build regularly. - -In addition to Node v0.5, a number of projects have begun to use libuv: - +We announced back in July that with Microsoft's support Joyent would be porting Node to Windows. This effort is ongoing but I thought it would be nice to make a status report post about the new platform library libuv which has resulted from porting Node to Windows. + +libuv's purpose is to abstract platform-dependent code in Node into one place where it can be tested for correctness and performance before bindings to V8 are added. Since Node is totally non-blocking, libuv turns out to be a rather useful library itself: a BSD-licensed, minimal, high-performance, cross-platform networking library. + +We attempt to not reinvent the wheel where possible. The entire Unix backend sits heavily on Marc Lehmann's beautiful libraries libev and libeio. For DNS we integrated with Daniel Stenberg's C-Ares. For cross-platform build-system support we're relying on Chrome's GYP meta-build system. + +The current implmented features are: +
      +
    • Non-blocking TCP sockets (using IOCP on Windows)
      • +
    • Non-blocking named pipes
      • +
    • UDP
      • +
    • Timers
      • +
    • Child process spawning
      • +
    • Asynchronous DNS via c-ares or uv_getaddrinfo.
      • +
    • Asynchronous file system APIs uv_fs_*
      • +
    • High resolution time uv_hrtime
      • +
    • Current executable path look up uv_exepath
      • +
    • Thread pool scheduling uv_queue_work
      • +
    +The features we are working on still are +
      +
    • File system events (Currently supports inotify, ReadDirectoryChangesW and will support kqueue and event ports in the near future.) uv_fs_event_t
      • +
    • VT100 TTY uv_tty_t
      • +
    • Socket sharing between processes uv_ipc_t (planned API)
      • +
    +For complete documentation see the header file: include/uv.h. There are a number of tests in the test directory which demonstrate the API. + +libuv supports Microsoft Windows operating systems since Windows XP SP2. It can be built with either Visual Studio or MinGW. Solaris 121 and later using GCC toolchain. Linux 2.6 or better using the GCC toolchain. Macinotsh Darwin using the GCC or XCode toolchain. It is known to work on the BSDs but we do not check the build regularly. + +In addition to Node v0.5, a number of projects have begun to use libuv: + We hope to see more people contributing and using libuv in the future! diff --git a/doc/blog/Uncategorized/node-meetup-this-thursday.md b/doc/blog/Uncategorized/node-meetup-this-thursday.md index 0dfb98dae50..6f38e99988c 100644 --- a/doc/blog/Uncategorized/node-meetup-this-thursday.md +++ b/doc/blog/Uncategorized/node-meetup-this-thursday.md @@ -5,7 +5,7 @@ status: publish category: Uncategorized slug: node-meetup-this-thursday -http://nodejs.org/meetup/ -http://nodemeetup.eventbrite.com/ - +http://nodejs.org/meetup/ +http://nodemeetup.eventbrite.com/ + Three companies will describe their distributed Node applications. Sign up soon, space is limited! diff --git a/doc/blog/Uncategorized/node-office-hours-cut-short.md b/doc/blog/Uncategorized/node-office-hours-cut-short.md index 48d0344057a..743394460cc 100644 --- a/doc/blog/Uncategorized/node-office-hours-cut-short.md +++ b/doc/blog/Uncategorized/node-office-hours-cut-short.md @@ -5,8 +5,8 @@ status: publish category: Uncategorized slug: node-office-hours-cut-short -This week office hours are only from 4pm to 6pm. Isaac will be in the Joyent office in SF - everyone else is out of town. Sign up at http://nodeworkup.eventbrite.com/ if you would like to come. - -The week after, Thursday May 5th, we will all be at NodeConf in Portland. - +This week office hours are only from 4pm to 6pm. Isaac will be in the Joyent office in SF - everyone else is out of town. Sign up at http://nodeworkup.eventbrite.com/ if you would like to come. + +The week after, Thursday May 5th, we will all be at NodeConf in Portland. + Normal office hours resume Thursday May 12th. diff --git a/doc/blog/Uncategorized/office-hours.md b/doc/blog/Uncategorized/office-hours.md index e4c94992ce7..fc2769095f4 100644 --- a/doc/blog/Uncategorized/office-hours.md +++ b/doc/blog/Uncategorized/office-hours.md @@ -5,8 +5,8 @@ status: publish category: Uncategorized slug: office-hours -Starting next Thursday Isaac, Tom, and I will be holding weekly office hours at Joyent HQ in San Francisco. Office hours are meant to be subdued working time - there are no talks and no alcohol. Bring your bugs or just come and hack with us. - -Our building requires that everyone attending be on a list so you must sign up at Event Brite. - +Starting next Thursday Isaac, Tom, and I will be holding weekly office hours at Joyent HQ in San Francisco. Office hours are meant to be subdued working time - there are no talks and no alcohol. Bring your bugs or just come and hack with us. + +Our building requires that everyone attending be on a list so you must sign up at Event Brite. + We start at 4p and end promptly at 8p. diff --git a/doc/blog/Uncategorized/porting-node-to-windows-with-microsoft%e2%80%99s-help.md b/doc/blog/Uncategorized/porting-node-to-windows-with-microsoft%e2%80%99s-help.md index d2be3e3ba2a..cea3e880272 100644 --- a/doc/blog/Uncategorized/porting-node-to-windows-with-microsoft%e2%80%99s-help.md +++ b/doc/blog/Uncategorized/porting-node-to-windows-with-microsoft%e2%80%99s-help.md @@ -5,8 +5,8 @@ status: publish category: Uncategorized slug: porting-node-to-windows-with-microsoft%e2%80%99s-help -I'm pleased to announce that Microsoft is partnering with Joyent in formally contributing resources towards porting Node to Windows. As you may have heard in a talk we gave earlier this year, we have started the undertaking of a native port to Windows - targeting the high-performance IOCP API. - -This requires a rather large modification of the core structure, and we're very happy to have official guidance and engineering resources from Microsoft. Rackspace is also contributing Bert Belder's time to this undertaking. - +I'm pleased to announce that Microsoft is partnering with Joyent in formally contributing resources towards porting Node to Windows. As you may have heard in a talk we gave earlier this year, we have started the undertaking of a native port to Windows - targeting the high-performance IOCP API. + +This requires a rather large modification of the core structure, and we're very happy to have official guidance and engineering resources from Microsoft. Rackspace is also contributing Bert Belder's time to this undertaking. + The result will be an official binary node.exe releases on nodejs.org, which will work on Windows Azure and other Windows versions as far back as Server 2003. diff --git a/doc/blog/Uncategorized/some-new-node-projects.md b/doc/blog/Uncategorized/some-new-node-projects.md index 77515af7364..2590f547a0c 100644 --- a/doc/blog/Uncategorized/some-new-node-projects.md +++ b/doc/blog/Uncategorized/some-new-node-projects.md @@ -5,9 +5,9 @@ status: publish category: Uncategorized slug: some-new-node-projects -
      -
    • Superfeedr released a Node XMPP Server. "Since astro had been doing an amazing work with his node-xmpp library to build Client, Components and even Server to server modules, the logical next step was to try to build a Client to Server module so that we could have a full blown server. That’s what we worked on the past couple days, and it’s now on Github!
      • - -
    • Joyent's Mark Cavage released LDAP.js. "ldapjs is a pure JavaScript, from-scratch framework for implementing LDAP clients and servers in Node.js. It is intended for developers used to interacting with HTTP services in node and express.
      • - +
        +
      • Superfeedr released a Node XMPP Server. "Since astro had been doing an amazing work with his node-xmpp library to build Client, Components and even Server to server modules, the logical next step was to try to build a Client to Server module so that we could have a full blown server. That’s what we worked on the past couple days, and it’s now on Github!
        • + +
      • Joyent's Mark Cavage released LDAP.js. "ldapjs is a pure JavaScript, from-scratch framework for implementing LDAP clients and servers in Node.js. It is intended for developers used to interacting with HTTP services in node and express.
        • +
      • Microsoft's Tomasz Janczuk released iisnode "The iisnode project provides a native IIS 7.x module that allows hosting of node.js applications in IIS.

        Scott Hanselman posted a detailed walkthrough of how to get started with iisnode diff --git a/doc/blog/Uncategorized/the-videos-from-node-meetup.md b/doc/blog/Uncategorized/the-videos-from-node-meetup.md index aa2ce5ac564..68c5effe1cb 100644 --- a/doc/blog/Uncategorized/the-videos-from-node-meetup.md +++ b/doc/blog/Uncategorized/the-videos-from-node-meetup.md @@ -5,6 +5,6 @@ status: publish category: Uncategorized slug: the-videos-from-node-meetup -Uber, Voxer, and Joyent described how they use Node in production - +Uber, Voxer, and Joyent described how they use Node in production + http://joyeur.com/2011/08/11/node-js-meetup-distributed-web-architectures/ diff --git a/doc/blog/Uncategorized/trademark.md b/doc/blog/Uncategorized/trademark.md index fc89cfa044d..1bc177b5895 100644 --- a/doc/blog/Uncategorized/trademark.md +++ b/doc/blog/Uncategorized/trademark.md @@ -5,13 +5,13 @@ status: publish category: Uncategorized slug: trademark -One of the things Joyent accepted when we took on the Node project was to provide resources to help the community grow. The Node project is amazing because of the expertize, dedication and hard work of the community. However in all communities there is the possibility of people acting inappropriately. We decided to introduce trademarks on the “Node.js†and the “Node logo†in order to ensure that people or organisations who are not investing in the Node community misrepresent, or create confusion about the role of themselves or their products with Node. - -We are big fans of the people who have contributed to Node and we have worked hard to make sure that existing members of the community will be unaffected by this change. For most people they don’t have to do anything they are free to use the Node.js marks in their free open source projects (see guidelines). For others we’ve already granted them licenses to use Node.js marks in their domain names and their businesses. We value all of these contributions to the Node community and hope that we can continue to protect their good names and hard work. - -Where does our trademark policy come from? We started by looking at popular open source foundations like the Apache Software Foundation and Linux. By strongly basing our policy on the one used by the Apache Software Foundation we feel that we’ve created a policy which is liberal enough to allow the open source community to easily make use of the mark in the context of free open source software, but secure enough to protect the community’s work from being misrepresented by other organisations. - -While we realise that any changes involving lawyers can be intimidating to the community we want to make this transition as smoothly as possible and welcome your questions and feedback on the policy and how we are implementing it. - -http://nodejs.org/trademark-policy.pdf +One of the things Joyent accepted when we took on the Node project was to provide resources to help the community grow. The Node project is amazing because of the expertize, dedication and hard work of the community. However in all communities there is the possibility of people acting inappropriately. We decided to introduce trademarks on the “Node.js†and the “Node logo†in order to ensure that people or organisations who are not investing in the Node community misrepresent, or create confusion about the role of themselves or their products with Node. + +We are big fans of the people who have contributed to Node and we have worked hard to make sure that existing members of the community will be unaffected by this change. For most people they don’t have to do anything they are free to use the Node.js marks in their free open source projects (see guidelines). For others we’ve already granted them licenses to use Node.js marks in their domain names and their businesses. We value all of these contributions to the Node community and hope that we can continue to protect their good names and hard work. + +Where does our trademark policy come from? We started by looking at popular open source foundations like the Apache Software Foundation and Linux. By strongly basing our policy on the one used by the Apache Software Foundation we feel that we’ve created a policy which is liberal enough to allow the open source community to easily make use of the mark in the context of free open source software, but secure enough to protect the community’s work from being misrepresented by other organisations. + +While we realise that any changes involving lawyers can be intimidating to the community we want to make this transition as smoothly as possible and welcome your questions and feedback on the policy and how we are implementing it. + +http://nodejs.org/trademark-policy.pdf trademark@joyent.com diff --git a/doc/blog/Uncategorized/version-0-6.md b/doc/blog/Uncategorized/version-0-6.md index 9ab82985f97..8dd9719e710 100644 --- a/doc/blog/Uncategorized/version-0-6.md +++ b/doc/blog/Uncategorized/version-0-6.md @@ -5,8 +5,8 @@ status: publish category: Uncategorized slug: version-0-6 -Version 0.6.0 will be released next week. Please spend some time this week upgrading your code to v0.5.10. Report any API differences at https://github.com/joyent/node/wiki/API-changes-between-v0.4-and-v0.6 or report a bug to us at http://github.com/joyent/node/issues if you hit problems. - -The API changes between v0.4.12 and v0.5.10 are 99% cosmetic, minor, and easy to fix. Most people are able to migrate their code in 10 minutes. Don't fear. - +Version 0.6.0 will be released next week. Please spend some time this week upgrading your code to v0.5.10. Report any API differences at https://github.com/joyent/node/wiki/API-changes-between-v0.4-and-v0.6 or report a bug to us at http://github.com/joyent/node/issues if you hit problems. + +The API changes between v0.4.12 and v0.5.10 are 99% cosmetic, minor, and easy to fix. Most people are able to migrate their code in 10 minutes. Don't fear. + Once you've ported your code to v0.5.10 please help out by testing third party modules. Make bug reports. Encourage authors to publish new versions of their modules. Go through the list of modules at http://search.npmjs.org/ and try out random ones. This is especially encouraged of Windows users! diff --git a/doc/blog/module/multi-server-continuous-deployment-with-fleet.md b/doc/blog/module/multi-server-continuous-deployment-with-fleet.md index 7d76ad894cb..7849ee410cd 100644 --- a/doc/blog/module/multi-server-continuous-deployment-with-fleet.md +++ b/doc/blog/module/multi-server-continuous-deployment-with-fleet.md @@ -5,85 +5,85 @@ status: publish category: module slug: multi-server-continuous-deployment-with-fleet -

        substackThis is a guest post by James "SubStack" Halliday, originally posted on his blog, and reposted here with permission.

        - -

        Writing applications as a sequence of tiny services that all talk to each other over the network has many upsides, but it can be annoyingly tedious to get all the subsystems up and running.

        - -

        Running a seaport can help with getting all the services to talk to each other, but running the processes is another matter, especially when you have new code to push into production.

        - -

        fleet aims to make it really easy for anyone on your team to push new code from git to an armada of servers and manage all the processes in your stack.

        - -

        To start using fleet, just install the fleet command with npm:

        - -
        npm install -g fleet
        - -

        Then on one of your servers, start a fleet hub. From a fresh directory, give it a passphrase and a port to listen on:

        - -
        fleet hub --port=7000 --secret=beepboop
        - -

        Now fleet is listening on :7000 for commands and has started a git server on :7001 over http. There's no ssh keys or post commit hooks to configure, just run that command and you're ready to go!

        - -

        Next set up some worker drones to run your processes. You can have as many workers as you like on a single server but each worker should be run from a separate directory. Just do:

        - -
        fleet drone --hub=x.x.x.x:7000 --secret=beepboop
        - -

        where x.x.x.x is the address where the fleet hub is running. Spin up a few of these drones.

        - -

        Now navigate to the directory of the app you want to deploy. First set a remote so you don't need to type --hub and --secret all the time.

        - -
        fleet remote add default --hub=x.x.x.x:7000 --secret=beepboop
        - -

        Fleet just created a fleet.json file for you to save your settings.

        - -

        From the same app directory, to deploy your code just do:

        - -
        fleet deploy
        - -

        The deploy command does a git push to the fleet hub's git http server and then the hub instructs all the drones to pull from it. Your code gets checked out into a new directory on all the fleet drones every time you deploy.

        - -

        Because fleet is designed specifically for managing applications with lots of tiny services, the deploy command isn't tied to running any processes. Starting processes is up to the programmer but it's super simple. Just use the fleet spawn command:

        - -
        fleet spawn -- node server.js 8080
        - -

        By default fleet picks a drone at random to run the process on. You can specify which drone you want to run a particular process on with the --drone switch if it matters.

        - -

        Start a few processes across all your worker drones and then show what is running with the fleet ps command:

        - -
        fleet ps
-drone#3dfe17b8
-├─┬ pid#1e99f4
-│ ├── status:   running
-│ ├── commit:   webapp/1b8050fcaf8f1b02b9175fcb422644cb67dc8cc5
-│ └── command:  node server.js 8888
-└─┬ pid#d7048a
-  ├── status:   running
-  ├── commit:   webapp/1b8050fcaf8f1b02b9175fcb422644cb67dc8cc5
-  └── command:  node server.js 8889
        - -

        Now suppose that you have new code to push out into production. By default, fleet lets you spin up new services without disturbing your existing services. If you fleet deploy again after checking in some new changes to git, the next time you fleet spawn a new process, that process will be spun up in a completely new directory based on the git commit hash. To stop a process, just use fleet stop.

        - -

        This approach lets you verify that the new services work before bringing down the old services. You can even start experimenting with heterogeneous and incremental deployment by hooking into a custom http proxy!

        - -

        Even better, if you use a service registry like seaport for managing the host/port tables, you can spin up new ad-hoc staging clusters all the time without disrupting the normal operation of your site before rolling out new code to users.

        - -

        Fleet has many more commands that you can learn about with its git-style manpage-based help system! Just do fleet help to get a list of all the commands you can run.

        - -
        fleet help
-Usage: fleet <command> [<args>]
-
-The commands are:
-  deploy   Push code to drones.
-  drone    Connect to a hub as a worker.
-  exec     Run commands on drones.
-  hub      Create a hub for drones to connect.
-  monitor  Show service events system-wide.
-  ps       List the running processes on the drones.
-  remote   Manage the set of remote hubs.
-  spawn    Run services on drones.
-  stop     Stop processes running on drones.
-
-For help about a command, try `fleet help `.
        - -

        npm install -g fleet and check out the code on github!

        - +

        substackThis is a guest post by James "SubStack" Halliday, originally posted on his blog, and reposted here with permission.

        + +

        Writing applications as a sequence of tiny services that all talk to each other over the network has many upsides, but it can be annoyingly tedious to get all the subsystems up and running.

        + +

        Running a seaport can help with getting all the services to talk to each other, but running the processes is another matter, especially when you have new code to push into production.

        + +

        fleet aims to make it really easy for anyone on your team to push new code from git to an armada of servers and manage all the processes in your stack.

        + +

        To start using fleet, just install the fleet command with npm:

        + +
        npm install -g fleet
        + +

        Then on one of your servers, start a fleet hub. From a fresh directory, give it a passphrase and a port to listen on:

        + +
        fleet hub --port=7000 --secret=beepboop
        + +

        Now fleet is listening on :7000 for commands and has started a git server on :7001 over http. There's no ssh keys or post commit hooks to configure, just run that command and you're ready to go!

        + +

        Next set up some worker drones to run your processes. You can have as many workers as you like on a single server but each worker should be run from a separate directory. Just do:

        + +
        fleet drone --hub=x.x.x.x:7000 --secret=beepboop
        + +

        where x.x.x.x is the address where the fleet hub is running. Spin up a few of these drones.

        + +

        Now navigate to the directory of the app you want to deploy. First set a remote so you don't need to type --hub and --secret all the time.

        + +
        fleet remote add default --hub=x.x.x.x:7000 --secret=beepboop
        + +

        Fleet just created a fleet.json file for you to save your settings.

        + +

        From the same app directory, to deploy your code just do:

        + +
        fleet deploy
        + +

        The deploy command does a git push to the fleet hub's git http server and then the hub instructs all the drones to pull from it. Your code gets checked out into a new directory on all the fleet drones every time you deploy.

        + +

        Because fleet is designed specifically for managing applications with lots of tiny services, the deploy command isn't tied to running any processes. Starting processes is up to the programmer but it's super simple. Just use the fleet spawn command:

        + +
        fleet spawn -- node server.js 8080
        + +

        By default fleet picks a drone at random to run the process on. You can specify which drone you want to run a particular process on with the --drone switch if it matters.

        + +

        Start a few processes across all your worker drones and then show what is running with the fleet ps command:

        + +
        fleet ps
+drone#3dfe17b8
+├─┬ pid#1e99f4
+│ ├── status:   running
+│ ├── commit:   webapp/1b8050fcaf8f1b02b9175fcb422644cb67dc8cc5
+│ └── command:  node server.js 8888
+└─┬ pid#d7048a
+  ├── status:   running
+  ├── commit:   webapp/1b8050fcaf8f1b02b9175fcb422644cb67dc8cc5
+  └── command:  node server.js 8889
        + +

        Now suppose that you have new code to push out into production. By default, fleet lets you spin up new services without disturbing your existing services. If you fleet deploy again after checking in some new changes to git, the next time you fleet spawn a new process, that process will be spun up in a completely new directory based on the git commit hash. To stop a process, just use fleet stop.

        + +

        This approach lets you verify that the new services work before bringing down the old services. You can even start experimenting with heterogeneous and incremental deployment by hooking into a custom http proxy!

        + +

        Even better, if you use a service registry like seaport for managing the host/port tables, you can spin up new ad-hoc staging clusters all the time without disrupting the normal operation of your site before rolling out new code to users.

        + +

        Fleet has many more commands that you can learn about with its git-style manpage-based help system! Just do fleet help to get a list of all the commands you can run.

        + +
        fleet help
+Usage: fleet <command> [<args>]
+
+The commands are:
+  deploy   Push code to drones.
+  drone    Connect to a hub as a worker.
+  exec     Run commands on drones.
+  hub      Create a hub for drones to connect.
+  monitor  Show service events system-wide.
+  ps       List the running processes on the drones.
+  remote   Manage the set of remote hubs.
+  spawn    Run services on drones.
+  stop     Stop processes running on drones.
+
+For help about a command, try `fleet help `.
        + +

        npm install -g fleet and check out the code on github!

        + diff --git a/doc/blog/module/service-logging-in-json-with-bunyan.md b/doc/blog/module/service-logging-in-json-with-bunyan.md index 2a6891e7dc5..8a323c4aed2 100644 --- a/doc/blog/module/service-logging-in-json-with-bunyan.md +++ b/doc/blog/module/service-logging-in-json-with-bunyan.md @@ -5,333 +5,333 @@ status: publish category: module slug: service-logging-in-json-with-bunyan - - -

        Service logs are gold, if you can mine them. We scan them for occasional debugging. Perhaps we grep them looking for errors or warnings, or setup an occasional nagios log regex monitor. If that. This is a waste of the best channel for data about a service.

        - -

        "Log. (Huh) What is it good for. Absolutely ..."

        - -
          -
        • debugging
          • -
        • monitors tools that alert operators
          • -
        • non real-time analysis (business or operational analysis)
          • -
        • historical analysis
          • -
        - -

        These are what logs are good for. The current state of logging is barely adequate for the first of these. Doing reliable analysis, and even monitoring, of varied "printf-style" logs is a grueling or hacky task that most either don't bother with, fallback to paying someone else to do (viz. Splunk's great successes), or, for web sites, punt and use the plethora of JavaScript-based web analytics tools.

        - -

        Let's log in JSON. Let's format log records with a filter outside the app. Let's put more info in log records by not shoehorning into a printf-message. Debuggability can be improved. Monitoring and analysis can definitely be improved. Let's not write another regex-based parser, and use the time we've saved writing tools to collate logs from multiple nodes and services, to query structured logs (from all services, not just web servers), etc.

        - -

        At Joyent we use node.js for running many core services -- loosely coupled through HTTP REST APIs and/or AMQP. In this post I'll draw on experiences from my work on Joyent's SmartDataCenter product and observations of Joyent Cloud operations to suggest some improvements to service logging. I'll show the (open source) Bunyan logging library and tool that we're developing to improve the logging toolchain.

        - -

        Current State of Log Formatting

        - -
        # apache access log
-10.0.1.22 - - [15/Oct/2010:11:46:46 -0700] "GET /favicon.ico HTTP/1.1" 404 209
-fe80::6233:4bff:fe29:3173 - - [15/Oct/2010:11:46:58 -0700] "GET / HTTP/1.1" 200 44
-
-# apache error log
-[Fri Oct 15 11:46:46 2010] [error] [client 10.0.1.22] File does not exist: /Library/WebServer/Documents/favicon.ico
-[Fri Oct 15 11:46:58 2010] [error] [client fe80::6233:4bff:fe29:3173] File does not exist: /Library/WebServer/Documents/favicon.ico
-
-# Mac /var/log/secure.log
-Oct 14 09:20:56 banana loginwindow[41]: in pam_sm_authenticate(): Failed to determine Kerberos principal name.
-Oct 14 12:32:20 banana com.apple.SecurityServer[25]: UID 501 authenticated as user trentm (UID 501) for right 'system.privilege.admin'
-
-# an internal joyent agent log
-[2012-02-07 00:37:11.898] [INFO] AMQPAgent - Publishing success.
-[2012-02-07 00:37:11.910] [DEBUG] AMQPAgent - { req_id: '8afb8d99-df8e-4724-8535-3d52adaebf25',
-  timestamp: '2012-02-07T00:37:11.898Z',
-
-# typical expressjs log output
-[Mon, 21 Nov 2011 20:52:11 GMT] 200 GET /foo (1ms)
-Blah, some other unstructured output to from a console.log call.
-
        - -

        What're we doing here? Five logs at random. Five different date formats. As Paul Querna points out we haven't improved log parsability in 20 years. Parsability is enemy number one. You can't use your logs until you can parse the records, and faced with the above the inevitable solution is a one-off regular expression.

        - -

        The current state of the art is various parsing libs, analysis tools and homebrew scripts ranging from grep to Perl, whose scope is limited to a few niches log formats.

        - -

        JSON for Logs

        - -

        JSON.parse() solves all that. Let's log in JSON. But it means a change in thinking: The first-level audience for log files shouldn't be a person, but a machine.

        - -

        That is not said lightly. The "Unix Way" of small focused tools lightly coupled with text output is important. JSON is less "text-y" than, e.g., Apache common log format. JSON makes grep and awk awkward. Using less directly on a log is handy.

        - -

        But not handy enough. That 80's pastel jumpsuit awkwardness you're feeling isn't the JSON, it's your tools. Time to find a json tool -- json is one, bunyan described below is another one. Time to learn your JSON library instead of your regex library: JavaScript, Python, Ruby, Java, Perl.

        - -

        Time to burn your log4j Layout classes and move formatting to the tools side. Creating a log message with semantic information and throwing that away to make a string is silly. The win at being able to trivially parse log records is huge. The possibilities at being able to add ad hoc structured information to individual log records is interesting: think program state metrics, think feeding to Splunk, or loggly, think easy audit logs.

        - -

        Introducing Bunyan

        - -

        Bunyan is a node.js module for logging in JSON and a bunyan CLI tool to view those logs.

        - -

        Logging with Bunyan basically looks like this:

        - -
        $ cat hi.js
-var Logger = require('bunyan');
-var log = new Logger({name: 'hello' /*, ... */});
-log.info("hi %s", "paul");
-
        - -

        And you'll get a log record like this:

        - -
        $ node hi.js
-{"name":"hello","hostname":"banana.local","pid":40026,"level":30,"msg":"hi paul","time":"2012-03-28T17:25:37.050Z","v":0}
-
        - -

        Pipe that through the bunyan tool that is part of the "node-bunyan" install to get more readable output:

        - -
        $ node hi.js | ./node_modules/.bin/bunyan       # formatted text output
-[2012-02-07T18:50:18.003Z]  INFO: hello/40026 on banana.local: hi paul
-
-$ node hi.js | ./node_modules/.bin/bunyan -j    # indented JSON output
-{
-  "name": "hello",
-  "hostname": "banana.local",
-  "pid": 40087,
-  "level": 30,
-  "msg": "hi paul",
-  "time": "2012-03-28T17:26:38.431Z",
-  "v": 0
-}
-
        - -

        Bunyan is log4j-like: create a Logger with a name, call log.info(...), etc. However it has no intention of reproducing much of the functionality of log4j. IMO, much of that is overkill for the types of services you'll tend to be writing with node.js.

        - -

        Longer Bunyan Example

        - -

        Let's walk through a bigger example to show some interesting things in Bunyan. We'll create a very small "Hello API" server using the excellent restify library -- which we used heavily here at Joyent. (Bunyan doesn't require restify at all, you can easily use Bunyan with Express or whatever.)

        - -

        You can follow along in https://github.com/trentm/hello-json-logging if you like. Note that I'm using the current HEAD of the bunyan and restify trees here, so details might change a bit. Prerequisite: a node 0.6.x installation.

        - -
        git clone https://github.com/trentm/hello-json-logging.git
-cd hello-json-logging
-make
-
        - -

        Bunyan Logger

        - -

        Our server first creates a Bunyan logger:

        - -
        var Logger = require('bunyan');
-var log = new Logger({
-  name: 'helloapi',
-  streams: [
-    {
-      stream: process.stdout,
-      level: 'debug'
-    },
-    {
-      path: 'hello.log',
-      level: 'trace'
-    }
-  ],
-  serializers: {
-    req: Logger.stdSerializers.req,
-    res: restify.bunyan.serializers.response,
-  },
-});
-
        - -

        Every Bunyan logger must have a name. Unlike log4j, this is not a hierarchical dotted namespace. It is just a name field for the log records.

        - -

        Every Bunyan logger has one or more streams, to which log records are written. Here we've defined two: logging at DEBUG level and above is written to stdout, and logging at TRACE and above is appended to 'hello.log'.

        - -

        Bunyan has the concept of serializers: a registry of functions that know how to convert a JavaScript object for a certain log record field to a nice JSON representation for logging. For example, here we register the Logger.stdSerializers.req function to convert HTTP Request objects (using the field name "req") to JSON. More on serializers later.

        - -

        Restify Server

        - -

        Restify 1.x and above has bunyan support baked in. You pass in your Bunyan logger like this:

        - -
        var server = restify.createServer({
-  name: 'Hello API',
-  log: log   // Pass our logger to restify.
-});
-
        - -

        Our simple API will have a single GET /hello?name=NAME endpoint:

        - -
        server.get({path: '/hello', name: 'SayHello'}, function(req, res, next) {
-  var caller = req.params.name || 'caller';
-  req.log.debug('caller is "%s"', caller);
-  res.send({"hello": caller});
-  return next();
-});
-
        - -

        If we run that, node server.js, and call the endpoint, we get the expected restify response:

        - -
        $ curl -iSs http://0.0.0.0:8080/hello?name=paul
-HTTP/1.1 200 OK
-Access-Control-Allow-Origin: *
-Access-Control-Allow-Headers: Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version
-Access-Control-Expose-Headers: X-Api-Version, X-Request-Id, X-Response-Time
-Server: Hello API
-X-Request-Id: f6aaf942-c60d-4c72-8ddd-bada459db5e3
-Access-Control-Allow-Methods: GET
-Connection: close
-Content-Length: 16
-Content-MD5: Xmn3QcFXaIaKw9RPUARGBA==
-Content-Type: application/json
-Date: Tue, 07 Feb 2012 19:12:35 GMT
-X-Response-Time: 4
-
-{"hello":"paul"}
-
        - -

        Setup Server Logging

        - -

        Let's add two things to our server. First, we'll use the server.pre to hook into restify's request handling before routing where we'll log the request.

        - -
        server.pre(function (request, response, next) {
-  request.log.info({req: request}, 'start');        // (1)
-  return next();
-});
-
        - -

        This is the first time we've seen this log.info style with an object as the first argument. Bunyan logging methods (log.trace, log.debug, ...) all support an optional first object argument with extra log record fields:

        - -
        log.info(<object> fields, <string> msg, ...)
-
        - -

        Here we pass in the restify Request object, req. The "req" serializer we registered above will come into play here, but bear with me.

        - -

        Remember that we already had this debug log statement in our endpoint handler:

        - -
        req.log.debug('caller is "%s"', caller);            // (2)
-
        - -

        Second, use the restify server after event to log the response:

        - -
        server.on('after', function (req, res, route) {
-  req.log.info({res: res}, "finished");             // (3)
-});
-
        - -

        Log Output

        - -

        Now lets see what log output we get when somebody hits our API's endpoint:

        - -
        $ curl -iSs http://0.0.0.0:8080/hello?name=paul
-HTTP/1.1 200 OK
-...
-X-Request-Id: 9496dfdd-4ec7-4b59-aae7-3fed57aed5ba
-...
-
-{"hello":"paul"}
-
        - -

        Here is the server log:

        - -
        [trentm@banana:~/tm/hello-json-logging]$ node server.js
-... intro "listening at" log message elided ...
-{"name":"helloapi","hostname":"banana.local","pid":40341,"level":30,"req":{"method":"GET","url":"/hello?name=paul","headers":{"user-agent":"curl/7.19.7 (universal-apple-darwin10.0) libcurl/7.19.7 OpenSSL/0.9.8r zlib/1.2.3","host":"0.0.0.0:8080","accept":"*/*"},"remoteAddress":"127.0.0.1","remotePort":59831},"msg":"start","time":"2012-03-28T17:37:29.506Z","v":0}
-{"name":"helloapi","hostname":"banana.local","pid":40341,"route":"SayHello","req_id":"9496dfdd-4ec7-4b59-aae7-3fed57aed5ba","level":20,"msg":"caller is \"paul\"","time":"2012-03-28T17:37:29.507Z","v":0}
-{"name":"helloapi","hostname":"banana.local","pid":40341,"route":"SayHello","req_id":"9496dfdd-4ec7-4b59-aae7-3fed57aed5ba","level":30,"res":{"statusCode":200,"headers":{"access-control-allow-origin":"*","access-control-allow-headers":"Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version","access-control-expose-headers":"X-Api-Version, X-Request-Id, X-Response-Time","server":"Hello API","x-request-id":"9496dfdd-4ec7-4b59-aae7-3fed57aed5ba","access-control-allow-methods":"GET","connection":"close","content-length":16,"content-md5":"Xmn3QcFXaIaKw9RPUARGBA==","content-type":"application/json","date":"Wed, 28 Mar 2012 17:37:29 GMT","x-response-time":3}},"msg":"finished","time":"2012-03-28T17:37:29.510Z","v":0}
-
        - -

        Lets look at each in turn to see what is interesting -- pretty-printed with node server.js | ./node_modules/.bin/bunyan -j:

        - -
        {                                                   // (1)
-  "name": "helloapi",
-  "hostname": "banana.local",
-  "pid": 40442,
-  "level": 30,
-  "req": {
-    "method": "GET",
-    "url": "/hello?name=paul",
-    "headers": {
-      "user-agent": "curl/7.19.7 (universal-apple-darwin10.0) libcurl/7.19.7 OpenSSL/0.9.8r zlib/1.2.3",
-      "host": "0.0.0.0:8080",
-      "accept": "*/*"
-    },
-    "remoteAddress": "127.0.0.1",
-    "remotePort": 59834
-  },
-  "msg": "start",
-  "time": "2012-03-28T17:39:44.880Z",
-  "v": 0
-}
-
        - -

        Here we logged the incoming request with request.log.info({req: request}, 'start'). The use of the "req" field triggers the "req" serializer registered at Logger creation.

        - -

        Next the req.log.debug in our handler:

        - -
        {                                                   // (2)
-  "name": "helloapi",
-  "hostname": "banana.local",
-  "pid": 40442,
-  "route": "SayHello",
-  "req_id": "9496dfdd-4ec7-4b59-aae7-3fed57aed5ba",
-  "level": 20,
-  "msg": "caller is \"paul\"",
-  "time": "2012-03-28T17:39:44.883Z",
-  "v": 0
-}
-
        - -

        and the log of response in the "after" event:

        - -
        {                                                   // (3)
-  "name": "helloapi",
-  "hostname": "banana.local",
-  "pid": 40442,
-  "route": "SayHello",
-  "req_id": "9496dfdd-4ec7-4b59-aae7-3fed57aed5ba",
-  "level": 30,
-  "res": {
-    "statusCode": 200,
-    "headers": {
-      "access-control-allow-origin": "*",
-      "access-control-allow-headers": "Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version",
-      "access-control-expose-headers": "X-Api-Version, X-Request-Id, X-Response-Time",
-      "server": "Hello API",
-      "x-request-id": "9496dfdd-4ec7-4b59-aae7-3fed57aed5ba",
-      "access-control-allow-methods": "GET",
-      "connection": "close",
-      "content-length": 16,
-      "content-md5": "Xmn3QcFXaIaKw9RPUARGBA==",
-      "content-type": "application/json",
-      "date": "Wed, 28 Mar 2012 17:39:44 GMT",
-      "x-response-time": 5
-    }
-  },
-  "msg": "finished",
-  "time": "2012-03-28T17:39:44.886Z",
-  "v": 0
-}
-
        - -

        Two useful details of note here:

        - -
          -

        1. The last two log messages include a "req_id" field (added to the req.log logger by restify). Note that this is the same UUID as the "X-Request-Id" header in the curl response. This means that if you use req.log for logging in your API handlers you will get an easy way to collate all logging for particular requests.

          - -

          If your's is an SOA system with many services, a best practice is to carry that X-Request-Id/req_id through your system to enable collating handling of a single top-level request.

          2. -

        2. The last two log messages include a "route" field. This tells you to which handler restify routed the request. While possibly useful for debugging, this can be very helpful for log-based monitoring of endpoints on a server.

          3. -
        - -

        Recall that we also setup all logging to go the "hello.log" file. This was set at the TRACE level. Restify will log more detail of its operation at the trace level. See my "hello.log" for an example. The bunyan tool does a decent job of nicely formatting multiline messages and "req"/"res" keys (with color, not shown in the gist).

        - -

        This is logging you can use effectively.

        - -

        Other Tools

        - -

        Bunyan is just one of many options for logging in node.js-land. Others (that I know of) supporting JSON logging are winston and logmagic. Paul Querna has an excellent post on using JSON for logging, which shows logmagic usage and also touches on topics like the GELF logging format, log transporting, indexing and searching.

        - -

        Final Thoughts

        - -

        Parsing challenges won't ever completely go away, but it can for your logs if you use JSON. Collating log records across logs from multiple nodes is facilitated by a common "time" field. Correlating logging across multiple services is enabled by carrying a common "req_id" (or equivalent) through all such logs.

        - -

        Separate log files for a single service is an anti-pattern. The typical Apache example of separate access and error logs is legacy, not an example to follow. A JSON log provides the structure necessary for tooling to easily filter for log records of a particular type.

        - -

        JSON logs bring possibilities. Feeding to tools like Splunk becomes easy. Ad hoc fields allow for a lightly spec'd comm channel from apps to other services: records with a "metric" could feed to statsd, records with a "loggly: true" could feed to loggly.com.

        - -

        Here I've described a very simple example of restify and bunyan usage for node.js-based API services with easy JSON logging. Restify provides a powerful framework for robust API services. Bunyan provides a light API for nice JSON logging and the beginnings of tooling to help consume Bunyan JSON logs.

        - + + +

        Service logs are gold, if you can mine them. We scan them for occasional debugging. Perhaps we grep them looking for errors or warnings, or setup an occasional nagios log regex monitor. If that. This is a waste of the best channel for data about a service.

        + +

        "Log. (Huh) What is it good for. Absolutely ..."

        + +
          +
        • debugging
          • +
        • monitors tools that alert operators
          • +
        • non real-time analysis (business or operational analysis)
          • +
        • historical analysis
          • +
        + +

        These are what logs are good for. The current state of logging is barely adequate for the first of these. Doing reliable analysis, and even monitoring, of varied "printf-style" logs is a grueling or hacky task that most either don't bother with, fallback to paying someone else to do (viz. Splunk's great successes), or, for web sites, punt and use the plethora of JavaScript-based web analytics tools.

        + +

        Let's log in JSON. Let's format log records with a filter outside the app. Let's put more info in log records by not shoehorning into a printf-message. Debuggability can be improved. Monitoring and analysis can definitely be improved. Let's not write another regex-based parser, and use the time we've saved writing tools to collate logs from multiple nodes and services, to query structured logs (from all services, not just web servers), etc.

        + +

        At Joyent we use node.js for running many core services -- loosely coupled through HTTP REST APIs and/or AMQP. In this post I'll draw on experiences from my work on Joyent's SmartDataCenter product and observations of Joyent Cloud operations to suggest some improvements to service logging. I'll show the (open source) Bunyan logging library and tool that we're developing to improve the logging toolchain.

        + +

        Current State of Log Formatting

        + +
        # apache access log
+10.0.1.22 - - [15/Oct/2010:11:46:46 -0700] "GET /favicon.ico HTTP/1.1" 404 209
+fe80::6233:4bff:fe29:3173 - - [15/Oct/2010:11:46:58 -0700] "GET / HTTP/1.1" 200 44
+
+# apache error log
+[Fri Oct 15 11:46:46 2010] [error] [client 10.0.1.22] File does not exist: /Library/WebServer/Documents/favicon.ico
+[Fri Oct 15 11:46:58 2010] [error] [client fe80::6233:4bff:fe29:3173] File does not exist: /Library/WebServer/Documents/favicon.ico
+
+# Mac /var/log/secure.log
+Oct 14 09:20:56 banana loginwindow[41]: in pam_sm_authenticate(): Failed to determine Kerberos principal name.
+Oct 14 12:32:20 banana com.apple.SecurityServer[25]: UID 501 authenticated as user trentm (UID 501) for right 'system.privilege.admin'
+
+# an internal joyent agent log
+[2012-02-07 00:37:11.898] [INFO] AMQPAgent - Publishing success.
+[2012-02-07 00:37:11.910] [DEBUG] AMQPAgent - { req_id: '8afb8d99-df8e-4724-8535-3d52adaebf25',
+  timestamp: '2012-02-07T00:37:11.898Z',
+
+# typical expressjs log output
+[Mon, 21 Nov 2011 20:52:11 GMT] 200 GET /foo (1ms)
+Blah, some other unstructured output to from a console.log call.
+
        + +

        What're we doing here? Five logs at random. Five different date formats. As Paul Querna points out we haven't improved log parsability in 20 years. Parsability is enemy number one. You can't use your logs until you can parse the records, and faced with the above the inevitable solution is a one-off regular expression.

        + +

        The current state of the art is various parsing libs, analysis tools and homebrew scripts ranging from grep to Perl, whose scope is limited to a few niches log formats.

        + +

        JSON for Logs

        + +

        JSON.parse() solves all that. Let's log in JSON. But it means a change in thinking: The first-level audience for log files shouldn't be a person, but a machine.

        + +

        That is not said lightly. The "Unix Way" of small focused tools lightly coupled with text output is important. JSON is less "text-y" than, e.g., Apache common log format. JSON makes grep and awk awkward. Using less directly on a log is handy.

        + +

        But not handy enough. That 80's pastel jumpsuit awkwardness you're feeling isn't the JSON, it's your tools. Time to find a json tool -- json is one, bunyan described below is another one. Time to learn your JSON library instead of your regex library: JavaScript, Python, Ruby, Java, Perl.

        + +

        Time to burn your log4j Layout classes and move formatting to the tools side. Creating a log message with semantic information and throwing that away to make a string is silly. The win at being able to trivially parse log records is huge. The possibilities at being able to add ad hoc structured information to individual log records is interesting: think program state metrics, think feeding to Splunk, or loggly, think easy audit logs.

        + +

        Introducing Bunyan

        + +

        Bunyan is a node.js module for logging in JSON and a bunyan CLI tool to view those logs.

        + +

        Logging with Bunyan basically looks like this:

        + +
        $ cat hi.js
+var Logger = require('bunyan');
+var log = new Logger({name: 'hello' /*, ... */});
+log.info("hi %s", "paul");
+
        + +

        And you'll get a log record like this:

        + +
        $ node hi.js
+{"name":"hello","hostname":"banana.local","pid":40026,"level":30,"msg":"hi paul","time":"2012-03-28T17:25:37.050Z","v":0}
+
        + +

        Pipe that through the bunyan tool that is part of the "node-bunyan" install to get more readable output:

        + +
        $ node hi.js | ./node_modules/.bin/bunyan       # formatted text output
+[2012-02-07T18:50:18.003Z]  INFO: hello/40026 on banana.local: hi paul
+
+$ node hi.js | ./node_modules/.bin/bunyan -j    # indented JSON output
+{
+  "name": "hello",
+  "hostname": "banana.local",
+  "pid": 40087,
+  "level": 30,
+  "msg": "hi paul",
+  "time": "2012-03-28T17:26:38.431Z",
+  "v": 0
+}
+
        + +

        Bunyan is log4j-like: create a Logger with a name, call log.info(...), etc. However it has no intention of reproducing much of the functionality of log4j. IMO, much of that is overkill for the types of services you'll tend to be writing with node.js.

        + +

        Longer Bunyan Example

        + +

        Let's walk through a bigger example to show some interesting things in Bunyan. We'll create a very small "Hello API" server using the excellent restify library -- which we used heavily here at Joyent. (Bunyan doesn't require restify at all, you can easily use Bunyan with Express or whatever.)

        + +

        You can follow along in https://github.com/trentm/hello-json-logging if you like. Note that I'm using the current HEAD of the bunyan and restify trees here, so details might change a bit. Prerequisite: a node 0.6.x installation.

        + +
        git clone https://github.com/trentm/hello-json-logging.git
+cd hello-json-logging
+make
+
        + +

        Bunyan Logger

        + +

        Our server first creates a Bunyan logger:

        + +
        var Logger = require('bunyan');
+var log = new Logger({
+  name: 'helloapi',
+  streams: [
+    {
+      stream: process.stdout,
+      level: 'debug'
+    },
+    {
+      path: 'hello.log',
+      level: 'trace'
+    }
+  ],
+  serializers: {
+    req: Logger.stdSerializers.req,
+    res: restify.bunyan.serializers.response,
+  },
+});
+
        + +

        Every Bunyan logger must have a name. Unlike log4j, this is not a hierarchical dotted namespace. It is just a name field for the log records.

        + +

        Every Bunyan logger has one or more streams, to which log records are written. Here we've defined two: logging at DEBUG level and above is written to stdout, and logging at TRACE and above is appended to 'hello.log'.

        + +

        Bunyan has the concept of serializers: a registry of functions that know how to convert a JavaScript object for a certain log record field to a nice JSON representation for logging. For example, here we register the Logger.stdSerializers.req function to convert HTTP Request objects (using the field name "req") to JSON. More on serializers later.

        + +

        Restify Server

        + +

        Restify 1.x and above has bunyan support baked in. You pass in your Bunyan logger like this:

        + +
        var server = restify.createServer({
+  name: 'Hello API',
+  log: log   // Pass our logger to restify.
+});
+
        + +

        Our simple API will have a single GET /hello?name=NAME endpoint:

        + +
        server.get({path: '/hello', name: 'SayHello'}, function(req, res, next) {
+  var caller = req.params.name || 'caller';
+  req.log.debug('caller is "%s"', caller);
+  res.send({"hello": caller});
+  return next();
+});
+
        + +

        If we run that, node server.js, and call the endpoint, we get the expected restify response:

        + +
        $ curl -iSs http://0.0.0.0:8080/hello?name=paul
+HTTP/1.1 200 OK
+Access-Control-Allow-Origin: *
+Access-Control-Allow-Headers: Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version
+Access-Control-Expose-Headers: X-Api-Version, X-Request-Id, X-Response-Time
+Server: Hello API
+X-Request-Id: f6aaf942-c60d-4c72-8ddd-bada459db5e3
+Access-Control-Allow-Methods: GET
+Connection: close
+Content-Length: 16
+Content-MD5: Xmn3QcFXaIaKw9RPUARGBA==
+Content-Type: application/json
+Date: Tue, 07 Feb 2012 19:12:35 GMT
+X-Response-Time: 4
+
+{"hello":"paul"}
+
        + +

        Setup Server Logging

        + +

        Let's add two things to our server. First, we'll use the server.pre to hook into restify's request handling before routing where we'll log the request.

        + +
        server.pre(function (request, response, next) {
+  request.log.info({req: request}, 'start');        // (1)
+  return next();
+});
+
        + +

        This is the first time we've seen this log.info style with an object as the first argument. Bunyan logging methods (log.trace, log.debug, ...) all support an optional first object argument with extra log record fields:

        + +
        log.info(<object> fields, <string> msg, ...)
+
        + +

        Here we pass in the restify Request object, req. The "req" serializer we registered above will come into play here, but bear with me.

        + +

        Remember that we already had this debug log statement in our endpoint handler:

        + +
        req.log.debug('caller is "%s"', caller);            // (2)
+
        + +

        Second, use the restify server after event to log the response:

        + +
        server.on('after', function (req, res, route) {
+  req.log.info({res: res}, "finished");             // (3)
+});
+
        + +

        Log Output

        + +

        Now lets see what log output we get when somebody hits our API's endpoint:

        + +
        $ curl -iSs http://0.0.0.0:8080/hello?name=paul
+HTTP/1.1 200 OK
+...
+X-Request-Id: 9496dfdd-4ec7-4b59-aae7-3fed57aed5ba
+...
+
+{"hello":"paul"}
+
        + +

        Here is the server log:

        + +
        [trentm@banana:~/tm/hello-json-logging]$ node server.js
+... intro "listening at" log message elided ...
+{"name":"helloapi","hostname":"banana.local","pid":40341,"level":30,"req":{"method":"GET","url":"/hello?name=paul","headers":{"user-agent":"curl/7.19.7 (universal-apple-darwin10.0) libcurl/7.19.7 OpenSSL/0.9.8r zlib/1.2.3","host":"0.0.0.0:8080","accept":"*/*"},"remoteAddress":"127.0.0.1","remotePort":59831},"msg":"start","time":"2012-03-28T17:37:29.506Z","v":0}
+{"name":"helloapi","hostname":"banana.local","pid":40341,"route":"SayHello","req_id":"9496dfdd-4ec7-4b59-aae7-3fed57aed5ba","level":20,"msg":"caller is \"paul\"","time":"2012-03-28T17:37:29.507Z","v":0}
+{"name":"helloapi","hostname":"banana.local","pid":40341,"route":"SayHello","req_id":"9496dfdd-4ec7-4b59-aae7-3fed57aed5ba","level":30,"res":{"statusCode":200,"headers":{"access-control-allow-origin":"*","access-control-allow-headers":"Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version","access-control-expose-headers":"X-Api-Version, X-Request-Id, X-Response-Time","server":"Hello API","x-request-id":"9496dfdd-4ec7-4b59-aae7-3fed57aed5ba","access-control-allow-methods":"GET","connection":"close","content-length":16,"content-md5":"Xmn3QcFXaIaKw9RPUARGBA==","content-type":"application/json","date":"Wed, 28 Mar 2012 17:37:29 GMT","x-response-time":3}},"msg":"finished","time":"2012-03-28T17:37:29.510Z","v":0}
+
        + +

        Lets look at each in turn to see what is interesting -- pretty-printed with node server.js | ./node_modules/.bin/bunyan -j:

        + +
        {                                                   // (1)
+  "name": "helloapi",
+  "hostname": "banana.local",
+  "pid": 40442,
+  "level": 30,
+  "req": {
+    "method": "GET",
+    "url": "/hello?name=paul",
+    "headers": {
+      "user-agent": "curl/7.19.7 (universal-apple-darwin10.0) libcurl/7.19.7 OpenSSL/0.9.8r zlib/1.2.3",
+      "host": "0.0.0.0:8080",
+      "accept": "*/*"
+    },
+    "remoteAddress": "127.0.0.1",
+    "remotePort": 59834
+  },
+  "msg": "start",
+  "time": "2012-03-28T17:39:44.880Z",
+  "v": 0
+}
+
        + +

        Here we logged the incoming request with request.log.info({req: request}, 'start'). The use of the "req" field triggers the "req" serializer registered at Logger creation.

        + +

        Next the req.log.debug in our handler:

        + +
        {                                                   // (2)
+  "name": "helloapi",
+  "hostname": "banana.local",
+  "pid": 40442,
+  "route": "SayHello",
+  "req_id": "9496dfdd-4ec7-4b59-aae7-3fed57aed5ba",
+  "level": 20,
+  "msg": "caller is \"paul\"",
+  "time": "2012-03-28T17:39:44.883Z",
+  "v": 0
+}
+
        + +

        and the log of response in the "after" event:

        + +
        {                                                   // (3)
+  "name": "helloapi",
+  "hostname": "banana.local",
+  "pid": 40442,
+  "route": "SayHello",
+  "req_id": "9496dfdd-4ec7-4b59-aae7-3fed57aed5ba",
+  "level": 30,
+  "res": {
+    "statusCode": 200,
+    "headers": {
+      "access-control-allow-origin": "*",
+      "access-control-allow-headers": "Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version",
+      "access-control-expose-headers": "X-Api-Version, X-Request-Id, X-Response-Time",
+      "server": "Hello API",
+      "x-request-id": "9496dfdd-4ec7-4b59-aae7-3fed57aed5ba",
+      "access-control-allow-methods": "GET",
+      "connection": "close",
+      "content-length": 16,
+      "content-md5": "Xmn3QcFXaIaKw9RPUARGBA==",
+      "content-type": "application/json",
+      "date": "Wed, 28 Mar 2012 17:39:44 GMT",
+      "x-response-time": 5
+    }
+  },
+  "msg": "finished",
+  "time": "2012-03-28T17:39:44.886Z",
+  "v": 0
+}
+
        + +

        Two useful details of note here:

        + +
          +

        1. The last two log messages include a "req_id" field (added to the req.log logger by restify). Note that this is the same UUID as the "X-Request-Id" header in the curl response. This means that if you use req.log for logging in your API handlers you will get an easy way to collate all logging for particular requests.

          + +

          If your's is an SOA system with many services, a best practice is to carry that X-Request-Id/req_id through your system to enable collating handling of a single top-level request.

          2. +

        2. The last two log messages include a "route" field. This tells you to which handler restify routed the request. While possibly useful for debugging, this can be very helpful for log-based monitoring of endpoints on a server.

          3. +
        + +

        Recall that we also setup all logging to go the "hello.log" file. This was set at the TRACE level. Restify will log more detail of its operation at the trace level. See my "hello.log" for an example. The bunyan tool does a decent job of nicely formatting multiline messages and "req"/"res" keys (with color, not shown in the gist).

        + +

        This is logging you can use effectively.

        + +

        Other Tools

        + +

        Bunyan is just one of many options for logging in node.js-land. Others (that I know of) supporting JSON logging are winston and logmagic. Paul Querna has an excellent post on using JSON for logging, which shows logmagic usage and also touches on topics like the GELF logging format, log transporting, indexing and searching.

        + +

        Final Thoughts

        + +

        Parsing challenges won't ever completely go away, but it can for your logs if you use JSON. Collating log records across logs from multiple nodes is facilitated by a common "time" field. Correlating logging across multiple services is enabled by carrying a common "req_id" (or equivalent) through all such logs.

        + +

        Separate log files for a single service is an anti-pattern. The typical Apache example of separate access and error logs is legacy, not an example to follow. A JSON log provides the structure necessary for tooling to easily filter for log records of a particular type.

        + +

        JSON logs bring possibilities. Feeding to tools like Splunk becomes easy. Ad hoc fields allow for a lightly spec'd comm channel from apps to other services: records with a "metric" could feed to statsd, records with a "loggly: true" could feed to loggly.com.

        + +

        Here I've described a very simple example of restify and bunyan usage for node.js-based API services with easy JSON logging. Restify provides a powerful framework for robust API services. Bunyan provides a light API for nice JSON logging and the beginnings of tooling to help consume Bunyan JSON logs.

        +

        Update (29-Mar-2012): Fix styles somewhat for RSS readers.

        diff --git a/doc/blog/npm/managing-node-js-dependencies-with-shrinkwrap.md b/doc/blog/npm/managing-node-js-dependencies-with-shrinkwrap.md index 26805b7a4c8..403eada642d 100644 --- a/doc/blog/npm/managing-node-js-dependencies-with-shrinkwrap.md +++ b/doc/blog/npm/managing-node-js-dependencies-with-shrinkwrap.md @@ -8,160 +8,160 @@ slug: managing-node-js-dependencies-with-shrinkwrap


        Photo by Luc Viatour (flickr)

        -

        Managing dependencies is a fundamental problem in building complex software. The terrific success of github and npm have made code reuse especially easy in the Node world, where packages don't exist in isolation but rather as nodes in a large graph. The software is constantly changing (releasing new versions), and each package has its own constraints about what other packages it requires to run (dependencies). npm keeps track of these constraints, and authors express what kind of changes are compatible using semantic versioning, allowing authors to specify that their package will work with even future versions of its dependencies as long as the semantic versions are assigned properly. - -

        -

        This does mean that when you "npm install" a package with dependencies, there's no guarantee that you'll get the same set of code now that you would have gotten an hour ago, or that you would get if you were to run it again an hour later. You may get a bunch of bug fixes now that weren't available an hour ago. This is great during development, where you want to keep up with changes upstream. It's not necessarily what you want for deployment, though, where you want to validate whatever bits you're actually shipping. - -

        -

        Put differently, it's understood that all software changes incur some risk, and it's critical to be able to manage this risk on your own terms. Taking that risk in development is good because by definition that's when you're incorporating and testing software changes. On the other hand, if you're shipping production software, you probably don't want to take this risk when cutting a release candidate (i.e. build time) or when you actually ship (i.e. deploy time) because you want to validate whatever you ship. - -

        -

        You can address a simple case of this problem by only depending on specific versions of packages, allowing no semver flexibility at all, but this falls apart when you depend on packages that don't also adopt the same principle. Many of us at Joyent started wondering: can we generalize this approach? - -

        -

        Shrinkwrapping packages

        -

        That brings us to npm shrinkwrap[1]: - -

        -
        NAME
-       npm-shrinkwrap -- Lock down dependency versions
-
-SYNOPSIS
-       npm shrinkwrap
-
-DESCRIPTION
-       This  command  locks down the versions of a package's dependencies so
-       that you can control exactly which versions of each  dependency  will
-       be used when your package is installed.
        -

        Let's consider package A: - -

        -
        {
-    "name": "A",
-    "version": "0.1.0",
-    "dependencies": {
-        "B": "<0.1.0"
-    }
-}
        -

        package B: - -

        -
        {
-    "name": "B",
-    "version": "0.0.1",
-    "dependencies": {
-        "C": "<0.1.0"
-    }
-}
        -

        and package C: - -

        -
        {
-    "name": "C,
-    "version": "0.0.1"
-}
        -

        If these are the only versions of A, B, and C available in the registry, then a normal "npm install A" will install: - -

        -
        A@0.1.0
-└─┬ B@0.0.1
-  └── C@0.0.1
        -

        Then if B@0.0.2 is published, then a fresh "npm install A" will install: - -

        -
        A@0.1.0
-└─┬ B@0.0.2
-  └── C@0.0.1
        -

        assuming the new version did not modify B's dependencies. Of course, the new version of B could include a new version of C and any number of new dependencies. As we said before, if A's author doesn't want that, she could specify a dependency on B@0.0.1. But if A's author and B's author are not the same person, there's no way for A's author to say that she does not want to pull in newly published versions of C when B hasn't changed at all. - -

        -

        In this case, A's author can use - -

        -
        # npm shrinkwrap
        -

        This generates npm-shrinkwrap.json, which will look something like this: - -

        -
        {
-    "name": "A",
-    "dependencies": {
-        "B": {
-            "version": "0.0.1",
-            "dependencies": {
-                "C": {  "version": "0.1.0" }
-            }
-        }
-    }
-}
        -

        The shrinkwrap command has locked down the dependencies based on what's currently installed in node_modules. When "npm install" installs a package with a npm-shrinkwrap.json file in the package root, the shrinkwrap file (rather than package.json files) completely drives the installation of that package and all of its dependencies (recursively). So now the author publishes A@0.1.0, and subsequent installs of this package will use B@0.0.1 and C@0.1.0, regardless the dependencies and versions listed in A's, B's, and C's package.json files. If the authors of B and C publish new versions, they won't be used to install A because the shrinkwrap refers to older versions. Even if you generate a new shrinkwrap, it will still reference the older versions, since "npm shrinkwrap" uses what's installed locally rather than what's available in the registry. - -

        -

        Using shrinkwrapped packages

        -

        Using a shrinkwrapped package is no different than using any other package: you can "npm install" it by hand, or add a dependency to your package.json file and "npm install" it. - -

        -

        Building shrinkwrapped packages

        -

        To shrinkwrap an existing package: - -

        -
          -
        1. Run "npm install" in the package root to install the current versions of all dependencies.
          2. -
        2. Validate that the package works as expected with these versions.
          3. -
        3. Run "npm shrinkwrap", add npm-shrinkwrap.json to git, and publish your package.
          4. -
        -

        To add or update a dependency in a shrinkwrapped package: - -

        -
          -
        1. Run "npm install" in the package root to install the current versions of all dependencies.
          2. -
        2. Add or update dependencies. "npm install" each new or updated package individually and then update package.json.
          3. -
        3. Validate that the package works as expected with the new dependencies.
          4. -
        4. Run "npm shrinkwrap", commit the new npm-shrinkwrap.json, and publish your package.
          5. -
        -

        You can still use npm outdated(1) to view which dependencies have newer versions available. - -

        -

        For more details, check out the full docs on npm shrinkwrap, from which much of the above is taken. - -

        -

        Why not just check node_modules into git?

        -

        One previously proposed solution is to "npm install" your dependencies during development and commit the results into source control. Then you deploy your app from a specific git SHA knowing you've got exactly the same bits that you tested in development. This does address the problem, but it has its own issues: for one, binaries are tricky because you need to "npm install" them to get their sources, but this builds the [system-dependent] binary too. You can avoid checking in the binaries and use "npm rebuild" at build time, but we've had a lot of difficulty trying to do this.[2] At best, this is second-class treatment for binary modules, which are critical for many important types of Node applications.[3] - -

        -

        Besides the issues with binary modules, this approach just felt wrong to many of us. There's a reason we don't check binaries into source control, and it's not just because they're platform-dependent. (After all, we could build and check in binaries for all supported platforms and operating systems.) It's because that approach is error-prone and redundant: error-prone because it introduces a new human failure mode where someone checks in a source change but doesn't regenerate all the binaries, and redundant because the binaries can always be built from the sources alone. An important principle of software version control is that you don't check in files derived directly from other files by a simple transformation.[4] Instead, you check in the original sources and automate the transformations via the build process. - -

        -

        Dependencies are just like binaries in this regard: they're files derived from a simple transformation of something else that is (or could easily be) already available: the name and version of the dependency. Checking them in has all the same problems as checking in binaries: people could update package.json without updating the checked-in module (or vice versa). Besides that, adding new dependencies has to be done by hand, introducing more opportunities for error (checking in the wrong files, not checking in certain files, inadvertently changing files, and so on). Our feeling was: why check in this whole dependency tree (and create a mess for binary add-ons) when we could just check in the package name and version and have the build process do the rest? - -

        -

        Finally, the approach of checking in node_modules doesn't really scale for us. We've got at least a dozen repos that will use restify, and it doesn't make sense to check that in everywhere when we could instead just specify which version each one is using. There's another principle at work here, which is separation of concerns: each repo specifies what it needs, while the build process figures out where to get it. - -

        -

        What if an author republishes an existing version of a package?

        -

        We're not suggesting deploying a shrinkwrapped package directly and running "npm install" to install from shrinkwrap in production. We already have a build process to deal with binary modules and other automateable tasks. That's where we do the "npm install". We tar up the result and distribute the tarball. Since we test each build before shipping, we won't deploy something we didn't test. - -

        -

        It's still possible to pick up newly published versions of existing packages at build time. We assume force publish is not that common in the first place, let alone force publish that breaks compatibility. If you're worried about this, you can use git SHAs in the shrinkwrap or even consider maintaining a mirror of the part of the npm registry that you use and require human confirmation before mirroring unpublishes. - -

        -

        Final thoughts

        -

        Of course, the details of each use case matter a lot, and the world doesn't have to pick just one solution. If you like checking in node_modules, you should keep doing that. We've chosen the shrinkwrap route because that works better for us. - -

        -

        It's not exactly news that Joyent is heavy on Node. Node is the heart of our SmartDataCenter (SDC) product, whose public-facing web portal, public API, Cloud Analytics, provisioning, billing, heartbeating, and other services are all implemented in Node. That's why it's so important to us to have robust components (like logging and REST) and tools for understanding production failures post mortem, profile Node apps in production, and now managing Node dependencies. Again, we're interested to hear feedback from others using these tools. - -

        -
        -Dave Pacheco blogs at dtrace.org. - -

        [1] Much of this section is taken directly from the "npm shrinkwrap" documentation. - -

        -

        [2] We've had a lot of trouble with checking in node_modules with binary dependencies. The first problem is figuring out exactly which files not to check in (.o, .node, .dynlib, .so, *.a, ...). When Mark went to apply this to one of our internal services, the "npm rebuild" step blew away half of the dependency tree because it ran "make clean", which in dependency ldapjs brings the repo to a clean slate by blowing away its dependencies. Later, a new (but highly experienced) engineer on our team was tasked with fixing a bug in our Node-based DHCP server. To fix the bug, we went with a new dependency. He tried checking in node_modules, which added 190,000 lines of code (to this repo that was previously a few hundred LOC). And despite doing everything he could think of to do this correctly and test it properly, the change broke the build because of the binary modules. So having tried this approach a few times now, it appears quite difficult to get right, and as I pointed out above, the lack of actual documentation and real world examples suggests others either aren't using binary modules (which we know isn't true) or haven't had much better luck with this approach. - -

        -

        [3] Like a good Node-based distributed system, our architecture uses lots of small HTTP servers. Each of these serves a REST API using restify. restify uses the binary module node-dtrace-provider, which gives each of our services deep DTrace-based observability for free. So literally almost all of our components are or will soon be depending on a binary add-on. Additionally, the foundation of Cloud Analytics are a pair of binary modules that extract data from DTrace and kstat. So this isn't a corner case for us, and we don't believe we're exceptional in this regard. The popular hiredis package for interfacing with redis from Node is also a binary module. - -

        +

        Managing dependencies is a fundamental problem in building complex software. The terrific success of github and npm have made code reuse especially easy in the Node world, where packages don't exist in isolation but rather as nodes in a large graph. The software is constantly changing (releasing new versions), and each package has its own constraints about what other packages it requires to run (dependencies). npm keeps track of these constraints, and authors express what kind of changes are compatible using semantic versioning, allowing authors to specify that their package will work with even future versions of its dependencies as long as the semantic versions are assigned properly. + +

        +

        This does mean that when you "npm install" a package with dependencies, there's no guarantee that you'll get the same set of code now that you would have gotten an hour ago, or that you would get if you were to run it again an hour later. You may get a bunch of bug fixes now that weren't available an hour ago. This is great during development, where you want to keep up with changes upstream. It's not necessarily what you want for deployment, though, where you want to validate whatever bits you're actually shipping. + +

        +

        Put differently, it's understood that all software changes incur some risk, and it's critical to be able to manage this risk on your own terms. Taking that risk in development is good because by definition that's when you're incorporating and testing software changes. On the other hand, if you're shipping production software, you probably don't want to take this risk when cutting a release candidate (i.e. build time) or when you actually ship (i.e. deploy time) because you want to validate whatever you ship. + +

        +

        You can address a simple case of this problem by only depending on specific versions of packages, allowing no semver flexibility at all, but this falls apart when you depend on packages that don't also adopt the same principle. Many of us at Joyent started wondering: can we generalize this approach? + +

        +

        Shrinkwrapping packages

        +

        That brings us to npm shrinkwrap[1]: + +

        +
        NAME
+       npm-shrinkwrap -- Lock down dependency versions
+
+SYNOPSIS
+       npm shrinkwrap
+
+DESCRIPTION
+       This  command  locks down the versions of a package's dependencies so
+       that you can control exactly which versions of each  dependency  will
+       be used when your package is installed.
        +

        Let's consider package A: + +

        +
        {
+    "name": "A",
+    "version": "0.1.0",
+    "dependencies": {
+        "B": "<0.1.0"
+    }
+}
        +

        package B: + +

        +
        {
+    "name": "B",
+    "version": "0.0.1",
+    "dependencies": {
+        "C": "<0.1.0"
+    }
+}
        +

        and package C: + +

        +
        {
+    "name": "C,
+    "version": "0.0.1"
+}
        +

        If these are the only versions of A, B, and C available in the registry, then a normal "npm install A" will install: + +

        +
        A@0.1.0
+└─┬ B@0.0.1
+  └── C@0.0.1
        +

        Then if B@0.0.2 is published, then a fresh "npm install A" will install: + +

        +
        A@0.1.0
+└─┬ B@0.0.2
+  └── C@0.0.1
        +

        assuming the new version did not modify B's dependencies. Of course, the new version of B could include a new version of C and any number of new dependencies. As we said before, if A's author doesn't want that, she could specify a dependency on B@0.0.1. But if A's author and B's author are not the same person, there's no way for A's author to say that she does not want to pull in newly published versions of C when B hasn't changed at all. + +

        +

        In this case, A's author can use + +

        +
        # npm shrinkwrap
        +

        This generates npm-shrinkwrap.json, which will look something like this: + +

        +
        {
+    "name": "A",
+    "dependencies": {
+        "B": {
+            "version": "0.0.1",
+            "dependencies": {
+                "C": {  "version": "0.1.0" }
+            }
+        }
+    }
+}
        +

        The shrinkwrap command has locked down the dependencies based on what's currently installed in node_modules. When "npm install" installs a package with a npm-shrinkwrap.json file in the package root, the shrinkwrap file (rather than package.json files) completely drives the installation of that package and all of its dependencies (recursively). So now the author publishes A@0.1.0, and subsequent installs of this package will use B@0.0.1 and C@0.1.0, regardless the dependencies and versions listed in A's, B's, and C's package.json files. If the authors of B and C publish new versions, they won't be used to install A because the shrinkwrap refers to older versions. Even if you generate a new shrinkwrap, it will still reference the older versions, since "npm shrinkwrap" uses what's installed locally rather than what's available in the registry. + +

        +

        Using shrinkwrapped packages

        +

        Using a shrinkwrapped package is no different than using any other package: you can "npm install" it by hand, or add a dependency to your package.json file and "npm install" it. + +

        +

        Building shrinkwrapped packages

        +

        To shrinkwrap an existing package: + +

        +
          +
        1. Run "npm install" in the package root to install the current versions of all dependencies.
          2. +
        2. Validate that the package works as expected with these versions.
          3. +
        3. Run "npm shrinkwrap", add npm-shrinkwrap.json to git, and publish your package.
          4. +
        +

        To add or update a dependency in a shrinkwrapped package: + +

        +
          +
        1. Run "npm install" in the package root to install the current versions of all dependencies.
          2. +
        2. Add or update dependencies. "npm install" each new or updated package individually and then update package.json.
          3. +
        3. Validate that the package works as expected with the new dependencies.
          4. +
        4. Run "npm shrinkwrap", commit the new npm-shrinkwrap.json, and publish your package.
          5. +
        +

        You can still use npm outdated(1) to view which dependencies have newer versions available. + +

        +

        For more details, check out the full docs on npm shrinkwrap, from which much of the above is taken. + +

        +

        Why not just check node_modules into git?

        +

        One previously proposed solution is to "npm install" your dependencies during development and commit the results into source control. Then you deploy your app from a specific git SHA knowing you've got exactly the same bits that you tested in development. This does address the problem, but it has its own issues: for one, binaries are tricky because you need to "npm install" them to get their sources, but this builds the [system-dependent] binary too. You can avoid checking in the binaries and use "npm rebuild" at build time, but we've had a lot of difficulty trying to do this.[2] At best, this is second-class treatment for binary modules, which are critical for many important types of Node applications.[3] + +

        +

        Besides the issues with binary modules, this approach just felt wrong to many of us. There's a reason we don't check binaries into source control, and it's not just because they're platform-dependent. (After all, we could build and check in binaries for all supported platforms and operating systems.) It's because that approach is error-prone and redundant: error-prone because it introduces a new human failure mode where someone checks in a source change but doesn't regenerate all the binaries, and redundant because the binaries can always be built from the sources alone. An important principle of software version control is that you don't check in files derived directly from other files by a simple transformation.[4] Instead, you check in the original sources and automate the transformations via the build process. + +

        +

        Dependencies are just like binaries in this regard: they're files derived from a simple transformation of something else that is (or could easily be) already available: the name and version of the dependency. Checking them in has all the same problems as checking in binaries: people could update package.json without updating the checked-in module (or vice versa). Besides that, adding new dependencies has to be done by hand, introducing more opportunities for error (checking in the wrong files, not checking in certain files, inadvertently changing files, and so on). Our feeling was: why check in this whole dependency tree (and create a mess for binary add-ons) when we could just check in the package name and version and have the build process do the rest? + +

        +

        Finally, the approach of checking in node_modules doesn't really scale for us. We've got at least a dozen repos that will use restify, and it doesn't make sense to check that in everywhere when we could instead just specify which version each one is using. There's another principle at work here, which is separation of concerns: each repo specifies what it needs, while the build process figures out where to get it. + +

        +

        What if an author republishes an existing version of a package?

        +

        We're not suggesting deploying a shrinkwrapped package directly and running "npm install" to install from shrinkwrap in production. We already have a build process to deal with binary modules and other automateable tasks. That's where we do the "npm install". We tar up the result and distribute the tarball. Since we test each build before shipping, we won't deploy something we didn't test. + +

        +

        It's still possible to pick up newly published versions of existing packages at build time. We assume force publish is not that common in the first place, let alone force publish that breaks compatibility. If you're worried about this, you can use git SHAs in the shrinkwrap or even consider maintaining a mirror of the part of the npm registry that you use and require human confirmation before mirroring unpublishes. + +

        +

        Final thoughts

        +

        Of course, the details of each use case matter a lot, and the world doesn't have to pick just one solution. If you like checking in node_modules, you should keep doing that. We've chosen the shrinkwrap route because that works better for us. + +

        +

        It's not exactly news that Joyent is heavy on Node. Node is the heart of our SmartDataCenter (SDC) product, whose public-facing web portal, public API, Cloud Analytics, provisioning, billing, heartbeating, and other services are all implemented in Node. That's why it's so important to us to have robust components (like logging and REST) and tools for understanding production failures post mortem, profile Node apps in production, and now managing Node dependencies. Again, we're interested to hear feedback from others using these tools. + +

        +
        +Dave Pacheco blogs at dtrace.org. + +

        [1] Much of this section is taken directly from the "npm shrinkwrap" documentation. + +

        +

        [2] We've had a lot of trouble with checking in node_modules with binary dependencies. The first problem is figuring out exactly which files not to check in (.o, .node, .dynlib, .so, *.a, ...). When Mark went to apply this to one of our internal services, the "npm rebuild" step blew away half of the dependency tree because it ran "make clean", which in dependency ldapjs brings the repo to a clean slate by blowing away its dependencies. Later, a new (but highly experienced) engineer on our team was tasked with fixing a bug in our Node-based DHCP server. To fix the bug, we went with a new dependency. He tried checking in node_modules, which added 190,000 lines of code (to this repo that was previously a few hundred LOC). And despite doing everything he could think of to do this correctly and test it properly, the change broke the build because of the binary modules. So having tried this approach a few times now, it appears quite difficult to get right, and as I pointed out above, the lack of actual documentation and real world examples suggests others either aren't using binary modules (which we know isn't true) or haven't had much better luck with this approach. + +

        +

        [3] Like a good Node-based distributed system, our architecture uses lots of small HTTP servers. Each of these serves a REST API using restify. restify uses the binary module node-dtrace-provider, which gives each of our services deep DTrace-based observability for free. So literally almost all of our components are or will soon be depending on a binary add-on. Additionally, the foundation of Cloud Analytics are a pair of binary modules that extract data from DTrace and kstat. So this isn't a corner case for us, and we don't believe we're exceptional in this regard. The popular hiredis package for interfacing with redis from Node is also a binary module. + +

        [4] Note that I said this is an important principle for software version control, not using git in general. People use git for lots of things where checking in binaries and other derived files is probably fine. Also, I'm not interested in proselytizing; if you want to do this for software version control too, go ahead. But don't do it out of ignorance of existing successful software engineering practices.

        diff --git a/doc/blog/npm/npm-1-0-global-vs-local-installation.md b/doc/blog/npm/npm-1-0-global-vs-local-installation.md index 7c16003d6fa..77a3fa895ea 100644 --- a/doc/blog/npm/npm-1-0-global-vs-local-installation.md +++ b/doc/blog/npm/npm-1-0-global-vs-local-installation.md @@ -5,60 +5,60 @@ status: publish category: npm slug: npm-1-0-global-vs-local-installation -

        npm 1.0 is in release candidate mode. Go get it!

        - -

        More than anything else, the driving force behind the npm 1.0 rearchitecture was the desire to simplify what a package installation directory structure looks like.

        - -

        In npm 0.x, there was a command called bundle that a lot of people liked. bundle let you install your dependencies locally in your project, but even still, it was basically a hack that never really worked very reliably.

        - -

        Also, there was that activation/deactivation thing. That’s confusing.

        - -

        Two paths

        - -

        In npm 1.0, there are two ways to install things:

        - -
        1. globally —- This drops modules in {prefix}/lib/node_modules, and puts executable files in {prefix}/bin, where {prefix} is usually something like /usr/local. It also installs man pages in {prefix}/share/man, if they’re supplied.
        2. locally —- This installs your package in the current working directory. Node modules go in ./node_modules, executables go in ./node_modules/.bin/, and man pages aren’t installed at all.
        - -

        Which to choose

        - -

        Whether to install a package globally or locally depends on the global config, which is aliased to the -g command line switch.

        - -

        Just like how global variables are kind of gross, but also necessary in some cases, global packages are important, but best avoided if not needed.

        - -

        In general, the rule of thumb is:

        - -
        1. If you’re installing something that you want to use in your program, using require('whatever'), then install it locally, at the root of your project.
        2. If you’re installing something that you want to use in your shell, on the command line or something, install it globally, so that its binaries end up in your PATH environment variable.
        - -

        When you can't choose

        - -

        Of course, there are some cases where you want to do both. Coffee-script and Express both are good examples of apps that have a command line interface, as well as a library. In those cases, you can do one of the following:

        - -
        1. Install it in both places. Seriously, are you that short on disk space? It’s fine, really. They’re tiny JavaScript programs.
        2. Install it globally, and then npm link coffee-script or npm link express (if you’re on a platform that supports symbolic links.) Then you only need to update the global copy to update all the symlinks as well.
        - -

        The first option is the best in my opinion. Simple, clear, explicit. The second is really handy if you are going to re-use the same library in a bunch of different projects. (More on npm link in a future installment.)

        - -

        You can probably think of other ways to do it by messing with environment variables. But I don’t recommend those ways. Go with the grain.

        - -

        Slight exception: It’s not always the cwd.

        - -

        Let’s say you do something like this:

        - -
        cd ~/projects/foo     # go into my project
-npm install express   # ./node_modules/express
-cd lib/utils          # move around in there
-vim some-thing.js     # edit some stuff, work work work
-npm install redis     # ./lib/utils/node_modules/redis!? ew.
        - -

        In this case, npm will install redis into ~/projects/foo/node_modules/redis. Sort of like how git will work anywhere within a git repository, npm will work anywhere within a package, defined by having a node_modules folder.

        - -

        Test runners and stuff

        - -

        If your package's scripts.test command uses a command-line program installed by one of your dependencies, not to worry. npm makes ./node_modules/.bin the first entry in the PATH environment variable when running any lifecycle scripts, so this will work fine, even if your program is not globally installed: - -

        { "name" : "my-program"
-, "version" : "1.2.3"
-, "dependencies": { "express": "*", "coffee-script": "*" }
-, "devDependencies": { "vows": "*" }
-, "scripts":
-  { "test": "vows test/*.js"
+
        npm 1.0 is in release candidate mode.  Go get it!
        
+
+
        More than anything else, the driving force behind the npm 1.0 rearchitecture was the desire to simplify what a package installation directory structure looks like.
        
+
+
        In npm 0.x, there was a command called bundle that a lot of people liked. bundle let you install your dependencies locally in your project, but even still, it was basically a hack that never really worked very reliably.
        
+
+
        Also, there was that activation/deactivation thing.  That’s confusing.
        
+
+
        Two paths
        
+
+
        In npm 1.0, there are two ways to install things:
        
+
+
           
        1. globally —- This drops modules in {prefix}/lib/node_modules, and puts executable files in {prefix}/bin, where {prefix} is usually something like /usr/local. It also installs man pages in {prefix}/share/man, if they’re supplied.
          2.  
        2. locally —- This installs your package in the current working directory. Node modules go in ./node_modules, executables go in ./node_modules/.bin/, and man pages aren’t installed at all.
          3.  
        
+
+
        Which to choose
        
+
+
        Whether to install a package globally or locally depends on the global config, which is aliased to the -g command line switch.
        
+
+
        Just like how global variables are kind of gross, but also necessary in some cases, global packages are important, but best avoided if not needed.
        
+
+
        In general, the rule of thumb is:
        
+
+
           
        1. If you’re installing something that you want to use in your program, using require('whatever'), then install it locally, at the root of your project.
          2.  
        2. If you’re installing something that you want to use in your shell, on the command line or something, install it globally, so that its binaries end up in your PATH environment variable.
          3.  
        
+
+
        When you can't choose
        
+
+
        Of course, there are some cases where you want to do both. Coffee-script and Express both are good examples of apps that have a command line interface, as well as a library. In those cases, you can do one of the following:
        
+
+
           
        1. Install it in both places. Seriously, are you that short on disk space? It’s fine, really. They’re tiny JavaScript programs.
          2.  
        2. Install it globally, and then npm link coffee-script or npm link express (if you’re on a platform that supports symbolic links.) Then you only need to update the global copy to update all the symlinks as well.
          3.  
        
+
+
        The first option is the best in my opinion.  Simple, clear, explicit.  The second is really handy if you are going to re-use the same library in a bunch of different projects.  (More on npm link in a future installment.)
        
+
+
        You can probably think of other ways to do it by messing with environment variables. But I don’t recommend those ways. Go with the grain.
        
+
+
        Slight exception: It’s not always the cwd.
        
+
+
        Let’s say you do something like this:
        
+
+
        cd ~/projects/foo     # go into my project
+npm install express   # ./node_modules/express
+cd lib/utils          # move around in there
+vim some-thing.js     # edit some stuff, work work work
+npm install redis     # ./lib/utils/node_modules/redis!? ew.
        
+
+
        In this case, npm will install redis into ~/projects/foo/node_modules/redis. Sort of like how git will work anywhere within a git repository, npm will work anywhere within a package, defined by having a node_modules folder.
        
+
+
        Test runners and stuff
        
+
+
        If your package's scripts.test command uses a command-line program installed by one of your dependencies, not to worry.  npm makes ./node_modules/.bin the first entry in the PATH environment variable when running any lifecycle scripts, so this will work fine, even if your program is not globally installed:
+
+
        { "name" : "my-program"
+, "version" : "1.2.3"
+, "dependencies": { "express": "*", "coffee-script": "*" }
+, "devDependencies": { "vows": "*" }
+, "scripts":
+  { "test": "vows test/*.js"
   , "preinstall": "cake build" } }
        
diff --git a/doc/blog/npm/npm-1-0-link.md b/doc/blog/npm/npm-1-0-link.md
index bb0d2f808c6..9e5c3c8e7fb 100644
--- a/doc/blog/npm/npm-1-0-link.md
+++ b/doc/blog/npm/npm-1-0-link.md
@@ -5,110 +5,110 @@ status: publish
 category: npm
 slug: npm-1-0-link
 
-
        npm 1.0 is in release candidate mode. Go get it!
        
-
-
        In npm 0.x, there was a command called link. With it, you could “link-install” a package so that changes would be reflected in real-time. This is especially handy when you’re actually building something. You could make a few changes, run the command again, and voila, your new code would be run without having to re-install every time.
        
-
-
        Of course, compiled modules still have to be rebuilt. That’s not ideal, but it’s a problem that will take more powerful magic to solve.
        
-
-
        In npm 0.x, this was a pretty awful kludge. Back then, every package existed in some folder like:
        
-
-
        prefix/lib/node/.npm/my-package/1.3.6/package
-
        
-
-
        and the package’s version and name could be inferred from the path. Then, symbolic links were set up that looked like:
        
-
-
        prefix/lib/node/my-package@1.3.6 -> ./.npm/my-package/1.3.6/package
-
        
-
-
        It was easy enough to point that symlink to a different location. However, since the package.json file could change, that meant that the connection between the version and the folder was not reliable.
        
-
-
        At first, this was just sort of something that we dealt with by saying, “Relink if you change the version.” However, as more and more edge cases arose, eventually the solution was to give link packages this fakey version of “9999.0.0-LINK-hash” so that npm knew it was an imposter. Sometimes the package was treated as if it had the 9999.0.0 version, and other times it was treated as if it had the version specified in the package.json.
        
-
-
        A better way
        
-
-
        For npm 1.0, we backed up and looked at what the actual use cases were. Most of the time when you link something you want one of the following:
        
-
-
          
-
        1. globally install this package I’m working on so that I can run the command it creates and test its stuff as I work on it.
          2. 
-
        2. locally install my thing into some other thing that depends on it, so that the other thing can require() it.
          3. 
-
        
-
-
        And, in both cases, changes should be immediately apparent and not require any re-linking.
        
-
-
        Also, there’s a third use case that I didn’t really appreciate until I started writing more programs that had more dependencies:
        
-
-
           
        1. Globally install something, and use it in development in a bunch of projects, and then update them all at once so that they all use the latest version. 
        
-
-
        Really, the second case above is a special-case of this third case.
        
-
-
-
-
        The first step is to link your local project into the global install space. (See global vs local installation for more on this global/local business.)
        
-
-
        I do this as I’m developing node projects (including npm itself).
        
-
-
        cd ~/dev/js/node-tap  # go into the project dir
-npm link              # create symlinks into {prefix}
-
        
-
-
        Because of how I have my computer set up, with /usr/local as my install prefix, I end up with a symlink from /usr/local/lib/node_modules/tap pointing to ~/dev/js/node-tap, and the executable linked to /usr/local/bin/tap.
        
-
-
        Of course, if you set your paths differently, then you’ll have different results. (That’s why I tend to talk in terms of prefix rather than /usr/local.)
        
-
-
-
-
        When you want to link the globally-installed package into your local development folder, you run npm link pkg where pkg is the name of the package that you want to install.
        
-
-
        For example, let’s say that I wanted to write some tap tests for my node-glob package. I’d first do the steps above to link tap into the global install space, and then I’d do this:
        
-
-
        cd ~/dev/js/node-glob  # go to the project that uses the thing.
-npm link tap           # link the global thing into my project.
-
        
-
-
        Now when I make changes in ~/dev/js/node-tap, they’ll be immediately reflected in ~/dev/js/node-glob/node_modules/tap.
        
-
-
-
-
        Let’s say I have 15 sites that all use express. I want the benefits of local development, but I also want to be able to update all my dev folders at once. You can globally install express, and then link it into your local development folder.
        
-
-
        npm install express -g  # install express globally
-cd ~/dev/js/my-blog     # development folder one
-npm link express        # link the global express into ./node_modules
-cd ~/dev/js/photo-site  # other project folder
-npm link express        # link express into here, as well
-
-                        # time passes
-                        # TJ releases some new stuff.
-                        # you want this new stuff.
-
-npm update express -g   # update the global install.
-                        # this also updates my project folders.
-
        
-
-
        Caveat: Not For Real Servers
        
-
-
        npm link is a development tool. It’s awesome for managing packages on your local development box. But deploying with npm link is basically asking for problems, since it makes it super easy to update things without realizing it.
        
-
-
        Caveat 2: Sorry, Windows!
        
-
-
        I highly doubt that a native Windows node will ever have comparable symbolic link support to what Unix systems provide.  I know that there are junctions and such, and I've heard legends about symbolic links on Windows 7.
        
-
-
        When there is a native windows port of Node, if that native windows port has `fs.symlink` and `fs.readlink` support that is exactly identical to the way that they work on Unix, then this should work fine.
        
-
-
        But I wouldn't hold my breath.  Any bugs about this not working on a native Windows system (ie, not Cygwin) will most likely be closed with wontfix.
        
-
-
-
        Aside: Credit where Credit’s Due
        
-
-
        Back before the Great Package Management Wars of Node 0.1, before npm or kiwi or mode or seed.js could do much of anything, and certainly before any of them had more than 2 users, Mikeal Rogers invited me to the Couch.io offices for lunch to talk about this npm registry thingie I’d mentioned wanting to build. (That is, to convince me to use CouchDB for it.)
        
-
-
        Since he was volunteering to build the first version of it, and since couch is pretty much the ideal candidate for this use-case, it was an easy sell.
        
-
-
        While I was there, he said, “Look. You need to be able to link a project directory as if it was installed as a package, and then have it all Just Work. Can you do that?”
        
-
-
        I was like, “Well, I don’t know… I mean, there’s these edge cases, and it doesn’t really fit with the existing folder structure very well…”
        
-
-
        “Dude. Either you do it, or I’m going to have to do it, and then there’ll be another package manager in node, instead of writing a registry for npm, and it won’t be as good anyway. Don’t be python.”
        
-
+
        npm 1.0 is in release candidate mode. Go get it!
        
+
+
        In npm 0.x, there was a command called link. With it, you could “link-install” a package so that changes would be reflected in real-time. This is especially handy when you’re actually building something. You could make a few changes, run the command again, and voila, your new code would be run without having to re-install every time.
        
+
+
        Of course, compiled modules still have to be rebuilt. That’s not ideal, but it’s a problem that will take more powerful magic to solve.
        
+
+
        In npm 0.x, this was a pretty awful kludge. Back then, every package existed in some folder like:
        
+
+
        prefix/lib/node/.npm/my-package/1.3.6/package
+
        
+
+
        and the package’s version and name could be inferred from the path. Then, symbolic links were set up that looked like:
        
+
+
        prefix/lib/node/my-package@1.3.6 -> ./.npm/my-package/1.3.6/package
+
        
+
+
        It was easy enough to point that symlink to a different location. However, since the package.json file could change, that meant that the connection between the version and the folder was not reliable.
        
+
+
        At first, this was just sort of something that we dealt with by saying, “Relink if you change the version.” However, as more and more edge cases arose, eventually the solution was to give link packages this fakey version of “9999.0.0-LINK-hash” so that npm knew it was an imposter. Sometimes the package was treated as if it had the 9999.0.0 version, and other times it was treated as if it had the version specified in the package.json.
        
+
+
        A better way
        
+
+
        For npm 1.0, we backed up and looked at what the actual use cases were. Most of the time when you link something you want one of the following:
        
+
+
          
+
        1. globally install this package I’m working on so that I can run the command it creates and test its stuff as I work on it.
          2. 
+
        2. locally install my thing into some other thing that depends on it, so that the other thing can require() it.
          3. 
+
        
+
+
        And, in both cases, changes should be immediately apparent and not require any re-linking.
        
+
+
        Also, there’s a third use case that I didn’t really appreciate until I started writing more programs that had more dependencies:
        
+
+
           
        1. Globally install something, and use it in development in a bunch of projects, and then update them all at once so that they all use the latest version. 
        
+
+
        Really, the second case above is a special-case of this third case.
        
+
+
+
+
        The first step is to link your local project into the global install space. (See global vs local installation for more on this global/local business.)
        
+
+
        I do this as I’m developing node projects (including npm itself).
        
+
+
        cd ~/dev/js/node-tap  # go into the project dir
+npm link              # create symlinks into {prefix}
+
        
+
+
        Because of how I have my computer set up, with /usr/local as my install prefix, I end up with a symlink from /usr/local/lib/node_modules/tap pointing to ~/dev/js/node-tap, and the executable linked to /usr/local/bin/tap.
        
+
+
        Of course, if you set your paths differently, then you’ll have different results. (That’s why I tend to talk in terms of prefix rather than /usr/local.)
        
+
+
+
+
        When you want to link the globally-installed package into your local development folder, you run npm link pkg where pkg is the name of the package that you want to install.
        
+
+
        For example, let’s say that I wanted to write some tap tests for my node-glob package. I’d first do the steps above to link tap into the global install space, and then I’d do this:
        
+
+
        cd ~/dev/js/node-glob  # go to the project that uses the thing.
+npm link tap           # link the global thing into my project.
+
        
+
+
        Now when I make changes in ~/dev/js/node-tap, they’ll be immediately reflected in ~/dev/js/node-glob/node_modules/tap.
        
+
+
+
+
        Let’s say I have 15 sites that all use express. I want the benefits of local development, but I also want to be able to update all my dev folders at once. You can globally install express, and then link it into your local development folder.
        
+
+
        npm install express -g  # install express globally
+cd ~/dev/js/my-blog     # development folder one
+npm link express        # link the global express into ./node_modules
+cd ~/dev/js/photo-site  # other project folder
+npm link express        # link express into here, as well
+
+                        # time passes
+                        # TJ releases some new stuff.
+                        # you want this new stuff.
+
+npm update express -g   # update the global install.
+                        # this also updates my project folders.
+
        
+
+
        Caveat: Not For Real Servers
        
+
+
        npm link is a development tool. It’s awesome for managing packages on your local development box. But deploying with npm link is basically asking for problems, since it makes it super easy to update things without realizing it.
        
+
+
        Caveat 2: Sorry, Windows!
        
+
+
        I highly doubt that a native Windows node will ever have comparable symbolic link support to what Unix systems provide.  I know that there are junctions and such, and I've heard legends about symbolic links on Windows 7.
        
+
+
        When there is a native windows port of Node, if that native windows port has `fs.symlink` and `fs.readlink` support that is exactly identical to the way that they work on Unix, then this should work fine.
        
+
+
        But I wouldn't hold my breath.  Any bugs about this not working on a native Windows system (ie, not Cygwin) will most likely be closed with wontfix.
        
+
+
+
        Aside: Credit where Credit’s Due
        
+
+
        Back before the Great Package Management Wars of Node 0.1, before npm or kiwi or mode or seed.js could do much of anything, and certainly before any of them had more than 2 users, Mikeal Rogers invited me to the Couch.io offices for lunch to talk about this npm registry thingie I’d mentioned wanting to build. (That is, to convince me to use CouchDB for it.)
        
+
+
        Since he was volunteering to build the first version of it, and since couch is pretty much the ideal candidate for this use-case, it was an easy sell.
        
+
+
        While I was there, he said, “Look. You need to be able to link a project directory as if it was installed as a package, and then have it all Just Work. Can you do that?”
        
+
+
        I was like, “Well, I don’t know… I mean, there’s these edge cases, and it doesn’t really fit with the existing folder structure very well…”
        
+
+
        “Dude. Either you do it, or I’m going to have to do it, and then there’ll be another package manager in node, instead of writing a registry for npm, and it won’t be as good anyway. Don’t be python.”
        
+
 
        The rest is history.
        
diff --git a/doc/blog/npm/npm-1-0-released.md b/doc/blog/npm/npm-1-0-released.md
index ea26989c670..d91b2793ea7 100644
--- a/doc/blog/npm/npm-1-0-released.md
+++ b/doc/blog/npm/npm-1-0-released.md
@@ -5,32 +5,32 @@ status: publish
 category: npm
 slug: npm-1-0-released
 
-
        npm 1.0 has been released. Here are the highlights:
        
-
-
           
        • Global vs local installation
          •  
        • ls displays a tree, instead of being a remote search
          •  
        • No more “activation” concept - dependencies are nested
          •  
        • Updates to link command
          •  
        • Install script cleans up any 0.x cruft it finds. (That is, it removes old packages, so that they can be installed properly.)
          •  
        • Simplified “search” command. One line per package, rather than one line per version.
          •  
        • Renovated “completion” approach
          •  
        • More help topics
          •  
        • Simplified folder structure
          •  
        
-
-
        The focus is on npm being a development tool, rather than an apt-wannabe.
        
-
-
        Installing it
        
-
-
        To get the new version, run this command:
        
-
-
        curl http://npmjs.org/install.sh | sh 
        
-
-
        This will prompt to ask you if it’s ok to remove all the old 0.x cruft. If you want to not be asked, then do this:
        
-
-
        curl http://npmjs.org/install.sh | clean=yes sh 
        
-
-
        Or, if you want to not do the cleanup, and leave the old stuff behind, then do this:
        
-
-
        curl http://npmjs.org/install.sh | clean=no sh 
        
-
-
        A lot of people in the node community were brave testers and helped make this release a lot better (and swifter) than it would have otherwise been. Thanks :)
        
-
-
        Code Freeze
        
-
-
        npm will not have any major feature enhancements or architectural changes for at least 6 months. There are interesting developments planned that leverage npm in some ways, but it’s time to let the client itself settle. Also, I want to focus attention on some other problems for a little while.
        
-
-
        Of course, bug reports are always welcome.
        
-
+
        npm 1.0 has been released. Here are the highlights:
        
+
+
           
        • Global vs local installation
          •  
        • ls displays a tree, instead of being a remote search
          •  
        • No more “activation” concept - dependencies are nested
          •  
        • Updates to link command
          •  
        • Install script cleans up any 0.x cruft it finds. (That is, it removes old packages, so that they can be installed properly.)
          •  
        • Simplified “search” command. One line per package, rather than one line per version.
          •  
        • Renovated “completion” approach
          •  
        • More help topics
          •  
        • Simplified folder structure
          •  
        
+
+
        The focus is on npm being a development tool, rather than an apt-wannabe.
        
+
+
        Installing it
        
+
+
        To get the new version, run this command:
        
+
+
        curl http://npmjs.org/install.sh | sh 
        
+
+
        This will prompt to ask you if it’s ok to remove all the old 0.x cruft. If you want to not be asked, then do this:
        
+
+
        curl http://npmjs.org/install.sh | clean=yes sh 
        
+
+
        Or, if you want to not do the cleanup, and leave the old stuff behind, then do this:
        
+
+
        curl http://npmjs.org/install.sh | clean=no sh 
        
+
+
        A lot of people in the node community were brave testers and helped make this release a lot better (and swifter) than it would have otherwise been. Thanks :)
        
+
+
        Code Freeze
        
+
+
        npm will not have any major feature enhancements or architectural changes for at least 6 months. There are interesting developments planned that leverage npm in some ways, but it’s time to let the client itself settle. Also, I want to focus attention on some other problems for a little while.
        
+
+
        Of course, bug reports are always welcome.
        
+
 
        See you at NodeConf!
        
diff --git a/doc/blog/npm/npm-1-0-the-new-ls.md b/doc/blog/npm/npm-1-0-the-new-ls.md
index da820a0d8b1..9fef76c315e 100644
--- a/doc/blog/npm/npm-1-0-the-new-ls.md
+++ b/doc/blog/npm/npm-1-0-the-new-ls.md
@@ -5,140 +5,140 @@ status: publish
 category: npm
 slug: npm-1-0-the-new-ls
 
-
        This is the first in a series of hopefully more than 1 posts, each detailing some aspect of npm 1.0.
        
-
-
        In npm 0.x, the ls command was a combination of both searching the registry as well as reporting on what you have installed.
        
-
-
        As the registry has grown in size, this has gotten unwieldy.  Also, since npm 1.0 manages dependencies differently, nesting them in node_modules folder and installing locally by default, there are different things that you want to view.
        
-
-
        The functionality of the ls command was split into two different parts.  search is now the way to find things on the registry (and it only reports one line per package, instead of one line per version), and ls shows a tree view of the packages that are installed locally.
        
-
-
        Here’s an example of the output:
        
-
-
        $ npm ls
-npm@1.0.0 /Users/isaacs/dev-src/js/npm
-├── semver@1.0.1 
-├─┬ ronn@0.3.5 
-│ └── opts@1.2.1 
-└─┬ express@2.0.0rc3 extraneous 
-  ├─┬ connect@1.1.0 
-  │ ├── qs@0.0.7 
-  │ └── mime@1.2.1 
-  ├── mime@1.2.1 
-  └── qs@0.0.7
-
        
-
-
        This is after I’ve done npm install semver ronn express in the npm source directory.  Since express isn’t actually a dependency of npm, it shows up with that “extraneous” marker.
        
-
-
        Let’s see what happens when we create a broken situation:
        
-
-
        $ rm -rf ./node_modules/express/node_modules/connect
-$ npm ls
-npm@1.0.0 /Users/isaacs/dev-src/js/npm
-├── semver@1.0.1 
-├─┬ ronn@0.3.5 
-│ └── opts@1.2.1 
-└─┬ express@2.0.0rc3 extraneous 
-  ├── UNMET DEPENDENCY connect >= 1.1.0 < 2.0.0
-  ├── mime@1.2.1 
-  └── qs@0.0.7
-
        
-
-
        Tree views are great for human readability, but some times you want to pipe that stuff to another program.  For that output, I took the same datastructure, but instead of building up a treeview string for each line, it spits out just the folders like this:
        
-
-
        $ npm ls -p
-/Users/isaacs/dev-src/js/npm
-/Users/isaacs/dev-src/js/npm/node_modules/semver
-/Users/isaacs/dev-src/js/npm/node_modules/ronn
-/Users/isaacs/dev-src/js/npm/node_modules/ronn/node_modules/opts
-/Users/isaacs/dev-src/js/npm/node_modules/express
-/Users/isaacs/dev-src/js/npm/node_modules/express/node_modules/connect
-/Users/isaacs/dev-src/js/npm/node_modules/express/node_modules/connect/node_modules/qs
-/Users/isaacs/dev-src/js/npm/node_modules/express/node_modules/connect/node_modules/mime
-/Users/isaacs/dev-src/js/npm/node_modules/express/node_modules/mime
-/Users/isaacs/dev-src/js/npm/node_modules/express/node_modules/qs
-
        
-
-
        Since you sometimes want a bigger view, I added the --long option to (shorthand: -l) to spit out more info:
        
-
-
        $ npm ls -l
-npm@1.0.0 
-│ /Users/isaacs/dev-src/js/npm
-│ A package manager for node
-│ git://github.com/isaacs/npm.git
-│ http://npmjs.org/
-├── semver@1.0.1 
-│   ./node_modules/semver
-│   The semantic version parser used by npm.
-│   git://github.com/isaacs/node-semver.git
-├─┬ ronn@0.3.5 
-│ │ ./node_modules/ronn
-│ │ markdown to roff and html converter
-│ └── opts@1.2.1 
-│     ./node_modules/ronn/node_modules/opts
-│     Command line argument parser written in the style of commonjs. To be used with node.js
-└─┬ express@2.0.0rc3 extraneous 
-  │ ./node_modules/express
-  │ Sinatra inspired web development framework
-  ├─┬ connect@1.1.0 
-  │ │ ./node_modules/express/node_modules/connect
-  │ │ High performance middleware framework
-  │ │ git://github.com/senchalabs/connect.git
-  │ ├── qs@0.0.7 
-  │ │   ./node_modules/express/node_modules/connect/node_modules/qs
-  │ │   querystring parser
-  │ └── mime@1.2.1 
-  │     ./node_modules/express/node_modules/connect/node_modules/mime
-  │     A comprehensive library for mime-type mapping
-  ├── mime@1.2.1 
-  │   ./node_modules/express/node_modules/mime
-  │   A comprehensive library for mime-type mapping
-  └── qs@0.0.7 
-      ./node_modules/express/node_modules/qs
-      querystring parser
-
-$ npm ls -lp
-/Users/isaacs/dev-src/js/npm:npm@1.0.0::::
-/Users/isaacs/dev-src/js/npm/node_modules/semver:semver@1.0.1::::
-/Users/isaacs/dev-src/js/npm/node_modules/ronn:ronn@0.3.5::::
-/Users/isaacs/dev-src/js/npm/node_modules/ronn/node_modules/opts:opts@1.2.1::::
-/Users/isaacs/dev-src/js/npm/node_modules/express:express@2.0.0rc3:EXTRANEOUS:::
-/Users/isaacs/dev-src/js/npm/node_modules/express/node_modules/connect:connect@1.1.0::::
-/Users/isaacs/dev-src/js/npm/node_modules/express/node_modules/connect/node_modules/qs:qs@0.0.7::::
-/Users/isaacs/dev-src/js/npm/node_modules/express/node_modules/connect/node_modules/mime:mime@1.2.1::::
-/Users/isaacs/dev-src/js/npm/node_modules/express/node_modules/mime:mime@1.2.1::::
-/Users/isaacs/dev-src/js/npm/node_modules/express/node_modules/qs:qs@0.0.7::::
-
        
-
-
        And, if you want to get at the globally-installed modules, you can use ls with the global flag:
        
-
-
        $ npm ls -g
-/usr/local
-├─┬ A@1.2.3 -> /Users/isaacs/dev-src/js/A
-│ ├── B@1.2.3 -> /Users/isaacs/dev-src/js/B
-│ └─┬ npm@0.3.15 
-│   └── semver@1.0.1 
-├─┬ B@1.2.3 -> /Users/isaacs/dev-src/js/B
-│ └── A@1.2.3 -> /Users/isaacs/dev-src/js/A
-├── glob@2.0.5 
-├─┬ npm@1.0.0 -> /Users/isaacs/dev-src/js/npm
-│ ├── semver@1.0.1 
-│ └─┬ ronn@0.3.5 
-│   └── opts@1.2.1 
-└── supervisor@0.1.2 -> /Users/isaacs/dev-src/js/node-supervisor
-
-$ npm ls -gpl
-/usr/local:::::
-/usr/local/lib/node_modules/A:A@1.2.3::::/Users/isaacs/dev-src/js/A
-/usr/local/lib/node_modules/A/node_modules/npm:npm@0.3.15::::/Users/isaacs/dev-src/js/A/node_modules/npm
-/usr/local/lib/node_modules/A/node_modules/npm/node_modules/semver:semver@1.0.1::::/Users/isaacs/dev-src/js/A/node_modules/npm/node_modules/semver
-/usr/local/lib/node_modules/B:B@1.2.3::::/Users/isaacs/dev-src/js/B
-/usr/local/lib/node_modules/glob:glob@2.0.5::::
-/usr/local/lib/node_modules/npm:npm@1.0.0::::/Users/isaacs/dev-src/js/npm
-/usr/local/lib/node_modules/npm/node_modules/semver:semver@1.0.1::::/Users/isaacs/dev-src/js/npm/node_modules/semver
-/usr/local/lib/node_modules/npm/node_modules/ronn:ronn@0.3.5::::/Users/isaacs/dev-src/js/npm/node_modules/ronn
-/usr/local/lib/node_modules/npm/node_modules/ronn/node_modules/opts:opts@1.2.1::::/Users/isaacs/dev-src/js/npm/node_modules/ronn/node_modules/opts
-/usr/local/lib/node_modules/supervisor:supervisor@0.1.2::::/Users/isaacs/dev-src/js/node-supervisor
-
        
-
+
        This is the first in a series of hopefully more than 1 posts, each detailing some aspect of npm 1.0.
        
+
+
        In npm 0.x, the ls command was a combination of both searching the registry as well as reporting on what you have installed.
        
+
+
        As the registry has grown in size, this has gotten unwieldy.  Also, since npm 1.0 manages dependencies differently, nesting them in node_modules folder and installing locally by default, there are different things that you want to view.
        
+
+
        The functionality of the ls command was split into two different parts.  search is now the way to find things on the registry (and it only reports one line per package, instead of one line per version), and ls shows a tree view of the packages that are installed locally.
        
+
+
        Here’s an example of the output:
        
+
+
        $ npm ls
+npm@1.0.0 /Users/isaacs/dev-src/js/npm
+├── semver@1.0.1 
+├─┬ ronn@0.3.5 
+│ └── opts@1.2.1 
+└─┬ express@2.0.0rc3 extraneous 
+  ├─┬ connect@1.1.0 
+  │ ├── qs@0.0.7 
+  │ └── mime@1.2.1 
+  ├── mime@1.2.1 
+  └── qs@0.0.7
+
        
+
+
        This is after I’ve done npm install semver ronn express in the npm source directory.  Since express isn’t actually a dependency of npm, it shows up with that “extraneous” marker.
        
+
+
        Let’s see what happens when we create a broken situation:
        
+
+
        $ rm -rf ./node_modules/express/node_modules/connect
+$ npm ls
+npm@1.0.0 /Users/isaacs/dev-src/js/npm
+├── semver@1.0.1 
+├─┬ ronn@0.3.5 
+│ └── opts@1.2.1 
+└─┬ express@2.0.0rc3 extraneous 
+  ├── UNMET DEPENDENCY connect >= 1.1.0 < 2.0.0
+  ├── mime@1.2.1 
+  └── qs@0.0.7
+
        
+
+
        Tree views are great for human readability, but some times you want to pipe that stuff to another program.  For that output, I took the same datastructure, but instead of building up a treeview string for each line, it spits out just the folders like this:
        
+
+
        $ npm ls -p
+/Users/isaacs/dev-src/js/npm
+/Users/isaacs/dev-src/js/npm/node_modules/semver
+/Users/isaacs/dev-src/js/npm/node_modules/ronn
+/Users/isaacs/dev-src/js/npm/node_modules/ronn/node_modules/opts
+/Users/isaacs/dev-src/js/npm/node_modules/express
+/Users/isaacs/dev-src/js/npm/node_modules/express/node_modules/connect
+/Users/isaacs/dev-src/js/npm/node_modules/express/node_modules/connect/node_modules/qs
+/Users/isaacs/dev-src/js/npm/node_modules/express/node_modules/connect/node_modules/mime
+/Users/isaacs/dev-src/js/npm/node_modules/express/node_modules/mime
+/Users/isaacs/dev-src/js/npm/node_modules/express/node_modules/qs
+
        
+
+
        Since you sometimes want a bigger view, I added the --long option to (shorthand: -l) to spit out more info:
        
+
+
        $ npm ls -l
+npm@1.0.0 
+│ /Users/isaacs/dev-src/js/npm
+│ A package manager for node
+│ git://github.com/isaacs/npm.git
+│ http://npmjs.org/
+├── semver@1.0.1 
+│   ./node_modules/semver
+│   The semantic version parser used by npm.
+│   git://github.com/isaacs/node-semver.git
+├─┬ ronn@0.3.5 
+│ │ ./node_modules/ronn
+│ │ markdown to roff and html converter
+│ └── opts@1.2.1 
+│     ./node_modules/ronn/node_modules/opts
+│     Command line argument parser written in the style of commonjs. To be used with node.js
+└─┬ express@2.0.0rc3 extraneous 
+  │ ./node_modules/express
+  │ Sinatra inspired web development framework
+  ├─┬ connect@1.1.0 
+  │ │ ./node_modules/express/node_modules/connect
+  │ │ High performance middleware framework
+  │ │ git://github.com/senchalabs/connect.git
+  │ ├── qs@0.0.7 
+  │ │   ./node_modules/express/node_modules/connect/node_modules/qs
+  │ │   querystring parser
+  │ └── mime@1.2.1 
+  │     ./node_modules/express/node_modules/connect/node_modules/mime
+  │     A comprehensive library for mime-type mapping
+  ├── mime@1.2.1 
+  │   ./node_modules/express/node_modules/mime
+  │   A comprehensive library for mime-type mapping
+  └── qs@0.0.7 
+      ./node_modules/express/node_modules/qs
+      querystring parser
+
+$ npm ls -lp
+/Users/isaacs/dev-src/js/npm:npm@1.0.0::::
+/Users/isaacs/dev-src/js/npm/node_modules/semver:semver@1.0.1::::
+/Users/isaacs/dev-src/js/npm/node_modules/ronn:ronn@0.3.5::::
+/Users/isaacs/dev-src/js/npm/node_modules/ronn/node_modules/opts:opts@1.2.1::::
+/Users/isaacs/dev-src/js/npm/node_modules/express:express@2.0.0rc3:EXTRANEOUS:::
+/Users/isaacs/dev-src/js/npm/node_modules/express/node_modules/connect:connect@1.1.0::::
+/Users/isaacs/dev-src/js/npm/node_modules/express/node_modules/connect/node_modules/qs:qs@0.0.7::::
+/Users/isaacs/dev-src/js/npm/node_modules/express/node_modules/connect/node_modules/mime:mime@1.2.1::::
+/Users/isaacs/dev-src/js/npm/node_modules/express/node_modules/mime:mime@1.2.1::::
+/Users/isaacs/dev-src/js/npm/node_modules/express/node_modules/qs:qs@0.0.7::::
+
        
+
+
        And, if you want to get at the globally-installed modules, you can use ls with the global flag:
        
+
+
        $ npm ls -g
+/usr/local
+├─┬ A@1.2.3 -> /Users/isaacs/dev-src/js/A
+│ ├── B@1.2.3 -> /Users/isaacs/dev-src/js/B
+│ └─┬ npm@0.3.15 
+│   └── semver@1.0.1 
+├─┬ B@1.2.3 -> /Users/isaacs/dev-src/js/B
+│ └── A@1.2.3 -> /Users/isaacs/dev-src/js/A
+├── glob@2.0.5 
+├─┬ npm@1.0.0 -> /Users/isaacs/dev-src/js/npm
+│ ├── semver@1.0.1 
+│ └─┬ ronn@0.3.5 
+│   └── opts@1.2.1 
+└── supervisor@0.1.2 -> /Users/isaacs/dev-src/js/node-supervisor
+
+$ npm ls -gpl
+/usr/local:::::
+/usr/local/lib/node_modules/A:A@1.2.3::::/Users/isaacs/dev-src/js/A
+/usr/local/lib/node_modules/A/node_modules/npm:npm@0.3.15::::/Users/isaacs/dev-src/js/A/node_modules/npm
+/usr/local/lib/node_modules/A/node_modules/npm/node_modules/semver:semver@1.0.1::::/Users/isaacs/dev-src/js/A/node_modules/npm/node_modules/semver
+/usr/local/lib/node_modules/B:B@1.2.3::::/Users/isaacs/dev-src/js/B
+/usr/local/lib/node_modules/glob:glob@2.0.5::::
+/usr/local/lib/node_modules/npm:npm@1.0.0::::/Users/isaacs/dev-src/js/npm
+/usr/local/lib/node_modules/npm/node_modules/semver:semver@1.0.1::::/Users/isaacs/dev-src/js/npm/node_modules/semver
+/usr/local/lib/node_modules/npm/node_modules/ronn:ronn@0.3.5::::/Users/isaacs/dev-src/js/npm/node_modules/ronn
+/usr/local/lib/node_modules/npm/node_modules/ronn/node_modules/opts:opts@1.2.1::::/Users/isaacs/dev-src/js/npm/node_modules/ronn/node_modules/opts
+/usr/local/lib/node_modules/supervisor:supervisor@0.1.2::::/Users/isaacs/dev-src/js/node-supervisor
+
        
+
 
        Those -> flags are indications that the package is link-installed, which will be covered in the next installment.
        
diff --git a/doc/blog/release/node-v0-4-10.md b/doc/blog/release/node-v0-4-10.md
index a7a14d60d59..5af354ee425 100644
--- a/doc/blog/release/node-v0-4-10.md
+++ b/doc/blog/release/node-v0-4-10.md
@@ -6,20 +6,20 @@ status: publish
 category: release
 slug: node-v0-4-10
 
-2011.07.19, Version 0.4.10 (stable)
-
        • #394 Fix Buffer drops last null character in UTF-8
-
        • #829 Backport r8577 from V8 (Ben Noordhuis)
-
        • #877 Don't wait for HTTP Agent socket pool to establish connections.
-
        • #915 Find kqueue on FreeBSD correctly (Brett Kiefer) 
-
        • #1085 HTTP: Fix race in abort/dispatch code (Stefan Rusu)
-
        • #1274 debugger improvement (Yoshihiro Kikuchi)
-
        • #1291 Properly respond to HEAD during end(body) hot path (Reid Burke)
-
        • #1304 TLS: Fix race in abort/connection code (Stefan Rusu)
-
        • #1360 Allow _ in url hostnames.
-
        • Revert 37d529f8 - unbreaks debugger command parsing.
-
        • Bring back global execScript
-
        • Doc improvements
        
-
-Download: http://nodejs.org/dist/node-v0.4.10.tar.gz
-Website: http://nodejs.org/docs/v0.4.10
+2011.07.19, Version 0.4.10 (stable)
+
        • #394 Fix Buffer drops last null character in UTF-8
+
        • #829 Backport r8577 from V8 (Ben Noordhuis)
+
        • #877 Don't wait for HTTP Agent socket pool to establish connections.
+
        • #915 Find kqueue on FreeBSD correctly (Brett Kiefer) 
+
        • #1085 HTTP: Fix race in abort/dispatch code (Stefan Rusu)
+
        • #1274 debugger improvement (Yoshihiro Kikuchi)
+
        • #1291 Properly respond to HEAD during end(body) hot path (Reid Burke)
+
        • #1304 TLS: Fix race in abort/connection code (Stefan Rusu)
+
        • #1360 Allow _ in url hostnames.
+
        • Revert 37d529f8 - unbreaks debugger command parsing.
+
        • Bring back global execScript
+
        • Doc improvements
        
+
+Download: http://nodejs.org/dist/node-v0.4.10.tar.gz
+Website: http://nodejs.org/docs/v0.4.10
 Documentation: http://nodejs.org/docs/v0.4.10/api
diff --git a/doc/blog/release/node-v0-4-11.md b/doc/blog/release/node-v0-4-11.md
index eca36d3ac33..0bcbc37f52d 100644
--- a/doc/blog/release/node-v0-4-11.md
+++ b/doc/blog/release/node-v0-4-11.md
@@ -6,34 +6,34 @@ status: publish
 category: release
 slug: node-v0-4-11
 
-2011.08.17, Version 0.4.11 (stable)
-
        • #738 Fix crypto encryption/decryption with Base64. (SAWADA Tadashi)
-
-
        • #1202 net.createConnection defer DNS lookup error events to next tick (Ben Noordhuis)
-
-
        • #1374 fix setting ServerResponse.statusCode in writeHead (Trent Mick)
-
-
        • #1417 Fix http.ClientRequest crashes if end() was called twice
-
-
        • #1497 querystring: Replace 'in' test with 'hasOwnProperty' (isaacs)
-
-
        • #1546 http perf improvement
-
-
        • fix memleak in libeio (Tom Hughes)
-
-
        • cmake improvements (Tom Hughes)
-
-
        • node_net.cc: fix incorrect sizeof() (Tom Hughes)
-
-
        • Windows/cygwin: no more GetConsoleTitleW errors on XP (Bert Belder)
-
-
        • Doc improvements (koichik, Logan Smyth, Ben Noordhuis, Arnout Kazemier)
        
-
-
-
-
-Download: http://nodejs.org/dist/node-v0.4.11.tar.gz
-
-Website: http://nodejs.org/docs/v0.4.11/
-
+2011.08.17, Version 0.4.11 (stable)
+
        • #738 Fix crypto encryption/decryption with Base64. (SAWADA Tadashi)
+
+
        • #1202 net.createConnection defer DNS lookup error events to next tick (Ben Noordhuis)
+
+
        • #1374 fix setting ServerResponse.statusCode in writeHead (Trent Mick)
+
+
        • #1417 Fix http.ClientRequest crashes if end() was called twice
+
+
        • #1497 querystring: Replace 'in' test with 'hasOwnProperty' (isaacs)
+
+
        • #1546 http perf improvement
+
+
        • fix memleak in libeio (Tom Hughes)
+
+
        • cmake improvements (Tom Hughes)
+
+
        • node_net.cc: fix incorrect sizeof() (Tom Hughes)
+
+
        • Windows/cygwin: no more GetConsoleTitleW errors on XP (Bert Belder)
+
+
        • Doc improvements (koichik, Logan Smyth, Ben Noordhuis, Arnout Kazemier)
        
+
+
+
+
+Download: http://nodejs.org/dist/node-v0.4.11.tar.gz
+
+Website: http://nodejs.org/docs/v0.4.11/
+
 Documentation: http://nodejs.org/docs/v0.4.11/api/
diff --git a/doc/blog/release/node-v0-4-12.md b/doc/blog/release/node-v0-4-12.md
index 0e9aedd7045..8eb53d1fe53 100644
--- a/doc/blog/release/node-v0-4-12.md
+++ b/doc/blog/release/node-v0-4-12.md
@@ -6,24 +6,24 @@ status: publish
 category: release
 slug: node-v0-4-12
 
-2011.09.15, Version 0.4.12 (stable)
-
-
          
-
        • Improve docs
-
        • #1563 overflow in ChildProcess custom_fd.
-
        • #1569, parse error on multi-line HTTP headers. (Ben Noordhuis)
-
        • #1586 net: Socket write encoding case sensitivity (koichik)
-
        • #1610 Remove DigiNotar CA from trusted list (isaacs)
-
        • #1624 buffer: Avoid overrun with 'binary' encoding. (koichik)
-
        • #1633 buffer: write() should always set _charsWritten. (koichik)
-
        • #1707 hasOwnProperty usage security hole in querystring (isaacs)
-
        • #1719 Drain OpenSSL error queue
-
        • Fix error reporting in net.Server.listen
        
-
-
-
-Download: http://nodejs.org/dist/node-v0.4.12.tar.gz
-
-Website: http://nodejs.org/docs/v0.4.12/
-
+2011.09.15, Version 0.4.12 (stable)
+
+
          
+
        • Improve docs
+
        • #1563 overflow in ChildProcess custom_fd.
+
        • #1569, parse error on multi-line HTTP headers. (Ben Noordhuis)
+
        • #1586 net: Socket write encoding case sensitivity (koichik)
+
        • #1610 Remove DigiNotar CA from trusted list (isaacs)
+
        • #1624 buffer: Avoid overrun with 'binary' encoding. (koichik)
+
        • #1633 buffer: write() should always set _charsWritten. (koichik)
+
        • #1707 hasOwnProperty usage security hole in querystring (isaacs)
+
        • #1719 Drain OpenSSL error queue
+
        • Fix error reporting in net.Server.listen
        
+
+
+
+Download: http://nodejs.org/dist/node-v0.4.12.tar.gz
+
+Website: http://nodejs.org/docs/v0.4.12/
+
 Documentation: http://nodejs.org/docs/v0.4.12/api/
diff --git a/doc/blog/release/node-v0-4-3.md b/doc/blog/release/node-v0-4-3.md
index e7672f84936..10a3a5b29e8 100644
--- a/doc/blog/release/node-v0-4-3.md
+++ b/doc/blog/release/node-v0-4-3.md
@@ -6,28 +6,28 @@ status: publish
 category: release
 slug: node-v0-4-3
 
-2011.03.18, Version 0.4.3 (stable)
-
          
-
        •  Don't decrease server connection counter again if destroy() is called more  than once GH-431 (Andreas Reich, Anders Conbere)
-
        •  Documentation improvements (koichik)
-
        •  Fix bug with setMaxListeners GH-682
-
        •  Start up memory footprint improvement. (Tom Hughes)
-
        •  Solaris improvements.
-
        •  Buffer::Length(Buffer*) should not invoke itself recursively GH-759 (Ben Noordhuis)
-
        •  TLS: Advertise support for client certs GH-774 (Theo Schlossnagle)
-
        •  HTTP Agent bugs: GH-787, GH-784, GH-803.
-
        •  Don't call GetMemoryUsage every 5 seconds.
-
        •  Upgrade V8 to 3.1.8.3
-
        
-
-
-
-Download: http://nodejs.org/dist/node-v0.4.3.tar.gz
-
-Website: http://nodejs.org/docs/v0.4.3/
-
-Documentation: http://nodejs.org/docs/v0.4.3/api
-
-Announcement
-
+2011.03.18, Version 0.4.3 (stable)
+
          
+
        •  Don't decrease server connection counter again if destroy() is called more  than once GH-431 (Andreas Reich, Anders Conbere)
+
        •  Documentation improvements (koichik)
+
        •  Fix bug with setMaxListeners GH-682
+
        •  Start up memory footprint improvement. (Tom Hughes)
+
        •  Solaris improvements.
+
        •  Buffer::Length(Buffer*) should not invoke itself recursively GH-759 (Ben Noordhuis)
+
        •  TLS: Advertise support for client certs GH-774 (Theo Schlossnagle)
+
        •  HTTP Agent bugs: GH-787, GH-784, GH-803.
+
        •  Don't call GetMemoryUsage every 5 seconds.
+
        •  Upgrade V8 to 3.1.8.3
+
        
+
+
+
+Download: http://nodejs.org/dist/node-v0.4.3.tar.gz
+
+Website: http://nodejs.org/docs/v0.4.3/
+
+Documentation: http://nodejs.org/docs/v0.4.3/api
+
+Announcement
+
 commit
diff --git a/doc/blog/release/node-v0-4-4.md b/doc/blog/release/node-v0-4-4.md
index 6c911ccebd2..417d73c54e5 100644
--- a/doc/blog/release/node-v0-4-4.md
+++ b/doc/blog/release/node-v0-4-4.md
@@ -6,22 +6,22 @@ status: publish
 category: release
 slug: node-v0-4-4
 
-2011.03.26, Version 0.4.4 (stable)
-
          
-
        •  CryptoStream.end shouldn't throw if not writable GH-820
-
        •  Drop out if connection destroyed before connect() GH-819
-
        •  expose https.Agent
-
        •  Correctly setsid in tty.open GH-815
-
        •  Bug fix for failed buffer construction
-
        •  Added support for removing .once listeners (GH-806)
-
        •  Upgrade V8 to 3.1.8.5
        
-
-
-
-Download: http://nodejs.org/dist/node-v0.4.4.tar.gz
-
-Website: http://nodejs.org/docs/v0.4.4
-
-Documentation: http://nodejs.org/docs/v0.4.4/api
-
+2011.03.26, Version 0.4.4 (stable)
+
          
+
        •  CryptoStream.end shouldn't throw if not writable GH-820
+
        •  Drop out if connection destroyed before connect() GH-819
+
        •  expose https.Agent
+
        •  Correctly setsid in tty.open GH-815
+
        •  Bug fix for failed buffer construction
+
        •  Added support for removing .once listeners (GH-806)
+
        •  Upgrade V8 to 3.1.8.5
        
+
+
+
+Download: http://nodejs.org/dist/node-v0.4.4.tar.gz
+
+Website: http://nodejs.org/docs/v0.4.4
+
+Documentation: http://nodejs.org/docs/v0.4.4/api
+
 announcement
diff --git a/doc/blog/release/node-v0-4-5.md b/doc/blog/release/node-v0-4-5.md
index a27c56cc771..6935de06253 100644
--- a/doc/blog/release/node-v0-4-5.md
+++ b/doc/blog/release/node-v0-4-5.md
@@ -6,24 +6,24 @@ status: publish
 category: release
 slug: node-v0-4-5
 
-2011.04.01, Version 0.4.5 (stable)
-
          
-
        •  Fix listener leak in stream.pipe() (Mikeal Rogers)
-
        •  Retain buffers in fs.read/write() GH-814 (Jorge Chamorro Bieling)
-
        •  TLS performance improvements
-
        •  SlowBuffer.prototype.slice bug GH-843
-
        •  process.stderr.write should return true
-
        •  Immediate pause/resume race condition GH-535 (isaacs)
-
        •  Set default host header properly GH-721 (isaacs)
-
        •  Upgrade V8 to 3.1.8.8
        
-
-
-
-Download: http://nodejs.org/dist/node-v0.4.5.tar.gz
-
-Website: http://nodejs.org/docs/v0.4.5
-
-Documentation: http://nodejs.org/docs/v0.4.5/api
-
-
+2011.04.01, Version 0.4.5 (stable)
+
          
+
        •  Fix listener leak in stream.pipe() (Mikeal Rogers)
+
        •  Retain buffers in fs.read/write() GH-814 (Jorge Chamorro Bieling)
+
        •  TLS performance improvements
+
        •  SlowBuffer.prototype.slice bug GH-843
+
        •  process.stderr.write should return true
+
        •  Immediate pause/resume race condition GH-535 (isaacs)
+
        •  Set default host header properly GH-721 (isaacs)
+
        •  Upgrade V8 to 3.1.8.8
        
+
+
+
+Download: http://nodejs.org/dist/node-v0.4.5.tar.gz
+
+Website: http://nodejs.org/docs/v0.4.5
+
+Documentation: http://nodejs.org/docs/v0.4.5/api
+
+
 announcement
diff --git a/doc/blog/release/node-v0-4-6.md b/doc/blog/release/node-v0-4-6.md
index 0e4e8871229..964f3a2e935 100644
--- a/doc/blog/release/node-v0-4-6.md
+++ b/doc/blog/release/node-v0-4-6.md
@@ -6,22 +6,22 @@ status: publish
 category: release
 slug: node-v0-4-6
 
-2011.04.13, Version 0.4.6 (stable)
-
        •  Don't error on ENOTCONN from shutdown() #670
-
        •  Auto completion of built-in debugger suggests prefix match rather than partial match. (koichik)
-
        •  circular reference in vm modules. #822 (Jakub Lekstan)
-
        •  http response.readable should be false after 'end' #867 (Abe Fettig)
-
        •  Implemenet os.cpus() and os.uptime() on Solaris (Scott McWhirter)
-
        •  fs.ReadStream: Allow omission of end option for range reads #801 (Felix Geisendörfer)
-
        •  Buffer.write() with UCS-2 should not be write partial char #916 (koichik)
-
        •  Pass secureProtocol through on tls.Server creation (Theo Schlossnagle)
-
        •  TLS use RC4-SHA by default
-
        •  Don't strangely drop out of event loop on HTTPS client uploads #892
-
        •  Doc improvements
-
        •  Upgrade v8 to 3.1.8.10
        
-
-Download: http://nodejs.org/dist/node-v0.4.6.tar.gz
-
-Website: http://nodejs.org/docs/v0.4.6/
-
+2011.04.13, Version 0.4.6 (stable)
+
        •  Don't error on ENOTCONN from shutdown() #670
+
        •  Auto completion of built-in debugger suggests prefix match rather than partial match. (koichik)
+
        •  circular reference in vm modules. #822 (Jakub Lekstan)
+
        •  http response.readable should be false after 'end' #867 (Abe Fettig)
+
        •  Implemenet os.cpus() and os.uptime() on Solaris (Scott McWhirter)
+
        •  fs.ReadStream: Allow omission of end option for range reads #801 (Felix Geisendörfer)
+
        •  Buffer.write() with UCS-2 should not be write partial char #916 (koichik)
+
        •  Pass secureProtocol through on tls.Server creation (Theo Schlossnagle)
+
        •  TLS use RC4-SHA by default
+
        •  Don't strangely drop out of event loop on HTTPS client uploads #892
+
        •  Doc improvements
+
        •  Upgrade v8 to 3.1.8.10
        
+
+Download: http://nodejs.org/dist/node-v0.4.6.tar.gz
+
+Website: http://nodejs.org/docs/v0.4.6/
+
 Documentation: http://nodejs.org/docs/v0.4.6/api/
diff --git a/doc/blog/release/node-v0-4-7.md b/doc/blog/release/node-v0-4-7.md
index 38816c8134e..44e2715dcff 100644
--- a/doc/blog/release/node-v0-4-7.md
+++ b/doc/blog/release/node-v0-4-7.md
@@ -6,18 +6,18 @@ status: publish
 category: release
 slug: node-v0-4-7
 
-2011.04.22, Version 0.4.7 (stable)
-
        •  Don't emit error on ECONNRESET from read() #670
-
        •  Fix: Multiple pipes to the same stream were broken #929 (Felix Geisendörfer)
-
        •  URL parsing/formatting corrections #954 (isaacs)
-
        •  make it possible to do repl.start('', stream) (Wade Simmons)
-
        •  Add os.loadavg for SunOS (Robert Mustacchi)
-
        •  Fix timeouts with floating point numbers #897  (Jorge Chamorro Bieling)
-
        •  Improve docs.
        
-
-
-Download: http://nodejs.org/dist/node-v0.4.7.tar.gz
-
-Website: http://nodejs.org/docs/v0.4.7/
-
+2011.04.22, Version 0.4.7 (stable)
+
        •  Don't emit error on ECONNRESET from read() #670
+
        •  Fix: Multiple pipes to the same stream were broken #929 (Felix Geisendörfer)
+
        •  URL parsing/formatting corrections #954 (isaacs)
+
        •  make it possible to do repl.start('', stream) (Wade Simmons)
+
        •  Add os.loadavg for SunOS (Robert Mustacchi)
+
        •  Fix timeouts with floating point numbers #897  (Jorge Chamorro Bieling)
+
        •  Improve docs.
        
+
+
+Download: http://nodejs.org/dist/node-v0.4.7.tar.gz
+
+Website: http://nodejs.org/docs/v0.4.7/
+
 Documentation: http://nodejs.org/docs/v0.4.7/api
diff --git a/doc/blog/release/node-v0-4-8.md b/doc/blog/release/node-v0-4-8.md
index b7859edec0d..a25aedf600b 100644
--- a/doc/blog/release/node-v0-4-8.md
+++ b/doc/blog/release/node-v0-4-8.md
@@ -6,50 +6,50 @@ status: publish
 category: release
 slug: node-v0-4-8
 
-2011.05.20, Version 0.4.8 (stable)
-
-* #974 Properly report traceless errors (isaacs)
-
-* #983 Better JSON.parse error detection in REPL (isaacs)
-
-* #836 Agent socket errors bubble up to req only if req exists
-
-* #1041 Fix event listener leak check timing (koichik)
-
-* #1038 Fix dns.resolve() with 'PTR' throws Error: Unknown type "PTR"
-  (koichik)
-
-* #1073 Share SSL context between server connections (Fedor Indutny)
-
-* Disable compression with OpenSSL. Improves memory perf.
-
-* Implement os.totalmem() and os.freemem() for SunOS (Alexandre Marangone)
-
-* Fix a special characters in URL regression (isaacs)
-
-* Fix idle timeouts in HTTPS (Felix Geisendörfer)
-
-* SlowBuffer.write() with 'ucs2' throws ReferenceError. (koichik)
-
-* http.ServerRequest 'close' sometimes gets an error argument
-  (Felix Geisendörfer)
-
-* Doc improvements
-
-* cleartextstream.destroy() should close(2) the socket. Previously was being
-  mapped to a shutdown(2) syscall.
-
-* No longer compile out asserts and debug statements in normal build.
-
-* Debugger improvements.
-
-* Upgrade V8 to 3.1.8.16.
-
-
-
-
-Website: http://nodejs.org/docs/v0.4.8/
-
-Download: http://nodejs.org/dist/node-v0.4.8.tar.gz
-
+2011.05.20, Version 0.4.8 (stable)
+
+* #974 Properly report traceless errors (isaacs)
+
+* #983 Better JSON.parse error detection in REPL (isaacs)
+
+* #836 Agent socket errors bubble up to req only if req exists
+
+* #1041 Fix event listener leak check timing (koichik)
+
+* #1038 Fix dns.resolve() with 'PTR' throws Error: Unknown type "PTR"
+  (koichik)
+
+* #1073 Share SSL context between server connections (Fedor Indutny)
+
+* Disable compression with OpenSSL. Improves memory perf.
+
+* Implement os.totalmem() and os.freemem() for SunOS (Alexandre Marangone)
+
+* Fix a special characters in URL regression (isaacs)
+
+* Fix idle timeouts in HTTPS (Felix Geisendörfer)
+
+* SlowBuffer.write() with 'ucs2' throws ReferenceError. (koichik)
+
+* http.ServerRequest 'close' sometimes gets an error argument
+  (Felix Geisendörfer)
+
+* Doc improvements
+
+* cleartextstream.destroy() should close(2) the socket. Previously was being
+  mapped to a shutdown(2) syscall.
+
+* No longer compile out asserts and debug statements in normal build.
+
+* Debugger improvements.
+
+* Upgrade V8 to 3.1.8.16.
+
+
+
+
+Website: http://nodejs.org/docs/v0.4.8/
+
+Download: http://nodejs.org/dist/node-v0.4.8.tar.gz
+
 Documentation: http://nodejs.org/docs/v0.4.8/api/
diff --git a/doc/blog/release/node-v0-4-9.md b/doc/blog/release/node-v0-4-9.md
index e2eccf2e0c9..8b71bd9628e 100644
--- a/doc/blog/release/node-v0-4-9.md
+++ b/doc/blog/release/node-v0-4-9.md
@@ -6,25 +6,25 @@ status: publish
 category: release
 slug: node-v0-4-9
 
-2011.06.29, Version 0.4.9 (stable)
          
-
        •  Improve documentation
-
        •  #1095 error handling bug in stream.pipe() (Felix Geisendörfer)
-
        •  #1097 Fix a few leaks in node_crypto.cc (Ben Noordhuis)
-
        •  #562 #1078 Parse file:// urls properly (Ryan Petrello)
-
        •  #880 Option to disable SSLv2 (Jérémy Lal)
-
        •  #1087 Disabling SSL compression disabled with early OpenSSLs.
-
        •  #1144 debugger: don't allow users to input non-valid commands (Siddharth Mahendraker)
-
        •  Perf improvement for util.inherits
-
        •  #1166 Support for signature verification with RSA/DSA public keys (Mark Cavage)
-
        •  #1177 Remove node_modules lookup optimization to better support nested project structures (Mathias Buus)
-
        •  #1203 Add missing scope.Close to fs.sendfileSync
-
        •  #1187 Support multiple 'link' headers
-
        •  #1196 Fix -e/--eval can't load module from node_modules (Koichi Kobayashi)
-
        •  Upgrade V8 to 3.1.8.25, upgrade http-parser.
        
-
-
-Download: http://nodejs.org/dist/node-v0.4.9.tar.gz
-
-Website: http://nodejs.org/docs/v0.4.9
-
+2011.06.29, Version 0.4.9 (stable)
          
+
        •  Improve documentation
+
        •  #1095 error handling bug in stream.pipe() (Felix Geisendörfer)
+
        •  #1097 Fix a few leaks in node_crypto.cc (Ben Noordhuis)
+
        •  #562 #1078 Parse file:// urls properly (Ryan Petrello)
+
        •  #880 Option to disable SSLv2 (Jérémy Lal)
+
        •  #1087 Disabling SSL compression disabled with early OpenSSLs.
+
        •  #1144 debugger: don't allow users to input non-valid commands (Siddharth Mahendraker)
+
        •  Perf improvement for util.inherits
+
        •  #1166 Support for signature verification with RSA/DSA public keys (Mark Cavage)
+
        •  #1177 Remove node_modules lookup optimization to better support nested project structures (Mathias Buus)
+
        •  #1203 Add missing scope.Close to fs.sendfileSync
+
        •  #1187 Support multiple 'link' headers
+
        •  #1196 Fix -e/--eval can't load module from node_modules (Koichi Kobayashi)
+
        •  Upgrade V8 to 3.1.8.25, upgrade http-parser.
        
+
+
+Download: http://nodejs.org/dist/node-v0.4.9.tar.gz
+
+Website: http://nodejs.org/docs/v0.4.9
+
 Documentation: http://nodejs.org/docs/v0.4.9/api
diff --git a/doc/blog/release/node-v0-5-0-unstable.md b/doc/blog/release/node-v0-5-0-unstable.md
index 883b9a7f319..68ff2d117ff 100644
--- a/doc/blog/release/node-v0-5-0-unstable.md
+++ b/doc/blog/release/node-v0-5-0-unstable.md
@@ -6,34 +6,34 @@ status: publish
 category: release
 slug: node-v0-5-0-unstable
 
-2011.07.05, Version 0.5.0 (unstable)
-
-
      •  New non-default libuv backend to support IOCP on Windows. Use --use-uv to enable.
-
      •  deprecate http.cat
-
      •  docs improved.
-
      •  add child_process.fork
-
      •  add fs.utimes() and fs.futimes() support (Ben Noordhuis)
-
      •  add process.uptime() (Tom Huges)
-
      •  add path.relative (Tony Huang)
-
      •  add os.getNetworkInterfaces()
-
      •  add remoteAddress and remotePort for client TCP connections (Brian White)
-
      •  add secureOptions flag, setting ciphers, SSL_OP_CRYPTOPRO_TLSEXT_BUG to TLS (Theo Schlossnagle)
-
      •  add process.arch (Nathan Rajlich)
-
      •  add reading/writing of floats and doubles from/to buffers (Brian White)
-
      •  Allow script to be read from stdin
-
      •  #477 add Buffer::fill method to do memset (Konstantin Käfer)
-
      •  #573 Diffie-Hellman support to crypto module (HÃ¥vard Stranden)
-
      •  #695 add 'hex' encoding to buffer (isaacs)
-
      •  #851 Update how REPLServer uses contexts (Ben Weaver)
-
      •  #853 add fs.lchow, fs.lchmod, fs.fchmod, fs.fchown (isaacs)
-
      •  #889 Allow to remove all EventEmitter listeners at once (Felix Geisendörfer)
-
      •  #926 OpenSSL NPN support (Fedor Indutny)
-
      •  #955 Change ^C handling in REPL (isaacs)
-
      •  #979 add support for Unix Domain Sockets to HTTP (Mark Cavage)
-
      •  #1173 #1170 add AMD, asynchronous module definition (isaacs)
-
      •  DTrace probes: support X-Forwarded-For (Dave Pacheco)
      -Download: http://nodejs.org/dist/node-v0.5.0.tar.gz - -Website: http://nodejs.org/docs/v0.5.0/ - +2011.07.05, Version 0.5.0 (unstable) + +
    • New non-default libuv backend to support IOCP on Windows. Use --use-uv to enable. +
    • deprecate http.cat +
    • docs improved. +
    • add child_process.fork +
    • add fs.utimes() and fs.futimes() support (Ben Noordhuis) +
    • add process.uptime() (Tom Huges) +
    • add path.relative (Tony Huang) +
    • add os.getNetworkInterfaces() +
    • add remoteAddress and remotePort for client TCP connections (Brian White) +
    • add secureOptions flag, setting ciphers, SSL_OP_CRYPTOPRO_TLSEXT_BUG to TLS (Theo Schlossnagle) +
    • add process.arch (Nathan Rajlich) +
    • add reading/writing of floats and doubles from/to buffers (Brian White) +
    • Allow script to be read from stdin +
    • #477 add Buffer::fill method to do memset (Konstantin Käfer) +
    • #573 Diffie-Hellman support to crypto module (HÃ¥vard Stranden) +
    • #695 add 'hex' encoding to buffer (isaacs) +
    • #851 Update how REPLServer uses contexts (Ben Weaver) +
    • #853 add fs.lchow, fs.lchmod, fs.fchmod, fs.fchown (isaacs) +
    • #889 Allow to remove all EventEmitter listeners at once (Felix Geisendörfer) +
    • #926 OpenSSL NPN support (Fedor Indutny) +
    • #955 Change ^C handling in REPL (isaacs) +
    • #979 add support for Unix Domain Sockets to HTTP (Mark Cavage) +
    • #1173 #1170 add AMD, asynchronous module definition (isaacs) +
    • DTrace probes: support X-Forwarded-For (Dave Pacheco)
    +Download: http://nodejs.org/dist/node-v0.5.0.tar.gz + +Website: http://nodejs.org/docs/v0.5.0/ + Documentation: http://nodejs.org/docs/v0.5.0/api/ diff --git a/doc/blog/release/node-v0-5-1.md b/doc/blog/release/node-v0-5-1.md index f9799d40bc1..8137e8c88a2 100644 --- a/doc/blog/release/node-v0-5-1.md +++ b/doc/blog/release/node-v0-5-1.md @@ -6,25 +6,25 @@ status: publish category: release slug: node-v0-5-1 -2011.07.14, Version 0.5.1 (unstable) -
    • #1233 Fix os.totalmem on FreeBSD amd64 (Artem Zaytsev) -
    • #1149 IDNA and Punycode support in url.parse (Jeremy Selier, Ben Noordhuis, isaacs) -
    • Export $CC and $CXX to uv and V8's build systems -
    • Include pthread-win32 static libraries in build (Igor Zinkovsky) -
    • #1199, #1094 Fix fs can't handle large file on 64bit platform (koichik) -
    • #1281 Make require a public member of module (isaacs) -
    • #1303 Stream.pipe returns the destination (Elijah Insua) -
    • #1229 Addons should not -DEV_MULTIPLICITY=0 (Brian White) -
    • libuv backend improvements -
    • Upgrade V8 to 3.4.10
    - - - - -Download: http://nodejs.org/dist/v0.5.1/node-v0.5.1.tar.gz - -Windows Build: http://nodejs.org/dist/v0.5.1/node.exe - -Documentation: http://nodejs.org/dist/v0.5.1/docs/api/ - +2011.07.14, Version 0.5.1 (unstable) +
    • #1233 Fix os.totalmem on FreeBSD amd64 (Artem Zaytsev) +
    • #1149 IDNA and Punycode support in url.parse (Jeremy Selier, Ben Noordhuis, isaacs) +
    • Export $CC and $CXX to uv and V8's build systems +
    • Include pthread-win32 static libraries in build (Igor Zinkovsky) +
    • #1199, #1094 Fix fs can't handle large file on 64bit platform (koichik) +
    • #1281 Make require a public member of module (isaacs) +
    • #1303 Stream.pipe returns the destination (Elijah Insua) +
    • #1229 Addons should not -DEV_MULTIPLICITY=0 (Brian White) +
    • libuv backend improvements +
    • Upgrade V8 to 3.4.10
    + + + + +Download: http://nodejs.org/dist/v0.5.1/node-v0.5.1.tar.gz + +Windows Build: http://nodejs.org/dist/v0.5.1/node.exe + +Documentation: http://nodejs.org/dist/v0.5.1/docs/api/ + Website: http://nodejs.org/dist/v0.5.1/docs diff --git a/doc/blog/release/node-v0-5-10.md b/doc/blog/release/node-v0-5-10.md index 47fb9264273..305813ecfd9 100644 --- a/doc/blog/release/node-v0-5-10.md +++ b/doc/blog/release/node-v0-5-10.md @@ -6,36 +6,36 @@ status: publish category: release slug: node-v0-5-10 -2011.10.21, Version 0.5.10 (unstable) -
    • Remove cmake build system, support for Cygwin, legacy code base, process.ENV, process.ARGV, process.memoryUsage().vsize, os.openOSHandle
      • -
    • Documentation improvments (Igor Zinkovsky, Bert Belder, Ilya Dmitrichenko, koichik, Maciej MaÅ‚ecki, Guglielmo Ferri, isaacs)
      • -
    • Performance improvements (Daniel Ennis, Bert Belder, Ben Noordhuis)
      • -
    • Long process.title support (Ben Noordhuis)
      • -
    • net: register net.Server callback only once (Simen Brekken)
      • -
    • net: fix connect queue bugs (Ben Noordhuis)
      • -
    • debugger: fix backtrace err handling (Fedor Indutny)
      • -
    • Use getaddrinfo instead of c-ares for dns.lookup
      • -
    • Emit 'end' from crypto streams on close
      • -
    • repl: print out `undefined` (Nathan Rajlich)
      • -
    • #1902 buffer: use NO_NULL_TERMINATION flag (koichik)
      • -
    • #1907 http: Added support for HTTP PATCH verb (Thomas Parslow)
      • -
    • #1644 add GetCPUInfo on windows (Karl Skomski)
      • -
    • #1484, #1834, #1482, #771 Don't use a separate context for the repl. (isaacs)
      • -
    • #1882 zlib Update 'availOutBefore' value, and test (isaacs)
      • -
    • #1888 child_process.fork: don't modify args (koichik)
      • -
    • #1516 tls: requestCert unusable with Firefox and Chrome (koichik)
      • -
    • #1467 tls: The TLS API is inconsistent with the TCP API (koichik)
      • -
    • #1894 net: fix error handling in listen() (koichik)
      • -
    • #1860 console.error now goes through uv_tty_t
      • -
    • Upgrade V8 to 3.7.0
      • -
    • Upgrade GYP to r1081
    - - - -Download: http://nodejs.org/dist/v0.5.10/node-v0.5.10.tar.gz - -Windows Executable: http://nodejs.org/dist/v0.5.10/node.exe - -Website: http://nodejs.org/docs/v0.5.10/ - +2011.10.21, Version 0.5.10 (unstable) +
    • Remove cmake build system, support for Cygwin, legacy code base, process.ENV, process.ARGV, process.memoryUsage().vsize, os.openOSHandle
      • +
    • Documentation improvments (Igor Zinkovsky, Bert Belder, Ilya Dmitrichenko, koichik, Maciej MaÅ‚ecki, Guglielmo Ferri, isaacs)
      • +
    • Performance improvements (Daniel Ennis, Bert Belder, Ben Noordhuis)
      • +
    • Long process.title support (Ben Noordhuis)
      • +
    • net: register net.Server callback only once (Simen Brekken)
      • +
    • net: fix connect queue bugs (Ben Noordhuis)
      • +
    • debugger: fix backtrace err handling (Fedor Indutny)
      • +
    • Use getaddrinfo instead of c-ares for dns.lookup
      • +
    • Emit 'end' from crypto streams on close
      • +
    • repl: print out `undefined` (Nathan Rajlich)
      • +
    • #1902 buffer: use NO_NULL_TERMINATION flag (koichik)
      • +
    • #1907 http: Added support for HTTP PATCH verb (Thomas Parslow)
      • +
    • #1644 add GetCPUInfo on windows (Karl Skomski)
      • +
    • #1484, #1834, #1482, #771 Don't use a separate context for the repl. (isaacs)
      • +
    • #1882 zlib Update 'availOutBefore' value, and test (isaacs)
      • +
    • #1888 child_process.fork: don't modify args (koichik)
      • +
    • #1516 tls: requestCert unusable with Firefox and Chrome (koichik)
      • +
    • #1467 tls: The TLS API is inconsistent with the TCP API (koichik)
      • +
    • #1894 net: fix error handling in listen() (koichik)
      • +
    • #1860 console.error now goes through uv_tty_t
      • +
    • Upgrade V8 to 3.7.0
      • +
    • Upgrade GYP to r1081
    + + + +Download: http://nodejs.org/dist/v0.5.10/node-v0.5.10.tar.gz + +Windows Executable: http://nodejs.org/dist/v0.5.10/node.exe + +Website: http://nodejs.org/docs/v0.5.10/ + Documentation: http://nodejs.org/docs/v0.5.10/api/ diff --git a/doc/blog/release/node-v0-5-2.md b/doc/blog/release/node-v0-5-2.md index c44690f346b..e87fda36f42 100644 --- a/doc/blog/release/node-v0-5-2.md +++ b/doc/blog/release/node-v0-5-2.md @@ -6,22 +6,22 @@ status: publish category: release slug: node-v0-5-2 -2011.07.22, Version 0.5.2 (unstable) -
    • libuv improvements; named pipe support -
    • #1242 check for SSL_COMP_get_compression_methods() (Ben Noordhuis) -
    • #1348 remove require.paths (isaacs) -
    • #1349 Delimit NODE_PATH with ; on Windows (isaacs) -
    • #1335 Remove EventEmitter from C++ -
    • #1357 Load json files with require() (isaacs) -
    • #1374 fix setting ServerResponse.statusCode in writeHead (Trent Mick) -
    • Fixed: GC was being run too often. -
    • Upgrade V8 to 3.4.14 -
    • doc improvements
    - -Download: http://nodejs.org/dist/v0.5.2/node-v0.5.2.tar.gz - -Windows Executable: http://nodejs.org/dist/v0.5.2/node.exe - -Website: http://nodejs.org/dist/v0.5.2/docs/ - +2011.07.22, Version 0.5.2 (unstable) +
    • libuv improvements; named pipe support +
    • #1242 check for SSL_COMP_get_compression_methods() (Ben Noordhuis) +
    • #1348 remove require.paths (isaacs) +
    • #1349 Delimit NODE_PATH with ; on Windows (isaacs) +
    • #1335 Remove EventEmitter from C++ +
    • #1357 Load json files with require() (isaacs) +
    • #1374 fix setting ServerResponse.statusCode in writeHead (Trent Mick) +
    • Fixed: GC was being run too often. +
    • Upgrade V8 to 3.4.14 +
    • doc improvements
    + +Download: http://nodejs.org/dist/v0.5.2/node-v0.5.2.tar.gz + +Windows Executable: http://nodejs.org/dist/v0.5.2/node.exe + +Website: http://nodejs.org/dist/v0.5.2/docs/ + Documentation: http://nodejs.org/dist/v0.5.2/docs/api diff --git a/doc/blog/release/node-v0-5-3.md b/doc/blog/release/node-v0-5-3.md index f84a955f554..0b9e7b83bb2 100644 --- a/doc/blog/release/node-v0-5-3.md +++ b/doc/blog/release/node-v0-5-3.md @@ -6,48 +6,48 @@ status: publish category: release slug: node-v0-5-3 -2011.08.01, Version 0.5.3 (unstable) - -
    • Fix crypto encryption/decryption with Base64. (SAWADA Tadashi) - -
    • #243 Add an optional length argument to Buffer.write() (koichik) - -
    • #657 convert nonbuffer data to string in fs.writeFile/Sync (Daniel Pihlström) - -
    • Add process.features, remove process.useUV (Ben Noordhuis) - -
    • #324 Fix crypto hmac to accept binary keys + add test cases from rfc 2202 and 4231 (Stefan Bühler) - -
    • Add Socket::bytesRead, Socket::bytesWritten (Alexander Uvarov) - -
    • #572 Don't print result of --eval in CLI (Ben Noordhuis) - -
    • #1223 Fix http.ClientRequest crashes if end() was called twice (koichik) - -
    • #1383 Emit 'close' after all connections have closed (Felix Geisendörfer) - -
    • Add sprintf-like util.format() function (Ben Noordhuis) - -
    • Add support for TLS SNI (Fedor Indutny) - -
    • New http agent implementation. Off by default the command line flag --use-http2 will enable it. make test-http2 will run the tests for the new implementation. (Mikeal Rogers) - -
    • Revert AMD compatibility. (isaacs) - -
    • Windows: improvements, child_process support. - -
    • Remove pkg-config file. - -
    • Fix startup time regressions. - -
    • doc improvements
    - - - -Download: http://nodejs.org/dist/v0.5.3/node-v0.5.3.tar.gz - -Windows Executable: http://nodejs.org/dist/v0.5.3/node.exe - -Website: http://nodejs.org/dist/v0.5.3/docs - +2011.08.01, Version 0.5.3 (unstable) + +
    • Fix crypto encryption/decryption with Base64. (SAWADA Tadashi) + +
    • #243 Add an optional length argument to Buffer.write() (koichik) + +
    • #657 convert nonbuffer data to string in fs.writeFile/Sync (Daniel Pihlström) + +
    • Add process.features, remove process.useUV (Ben Noordhuis) + +
    • #324 Fix crypto hmac to accept binary keys + add test cases from rfc 2202 and 4231 (Stefan Bühler) + +
    • Add Socket::bytesRead, Socket::bytesWritten (Alexander Uvarov) + +
    • #572 Don't print result of --eval in CLI (Ben Noordhuis) + +
    • #1223 Fix http.ClientRequest crashes if end() was called twice (koichik) + +
    • #1383 Emit 'close' after all connections have closed (Felix Geisendörfer) + +
    • Add sprintf-like util.format() function (Ben Noordhuis) + +
    • Add support for TLS SNI (Fedor Indutny) + +
    • New http agent implementation. Off by default the command line flag --use-http2 will enable it. make test-http2 will run the tests for the new implementation. (Mikeal Rogers) + +
    • Revert AMD compatibility. (isaacs) + +
    • Windows: improvements, child_process support. + +
    • Remove pkg-config file. + +
    • Fix startup time regressions. + +
    • doc improvements
    + + + +Download: http://nodejs.org/dist/v0.5.3/node-v0.5.3.tar.gz + +Windows Executable: http://nodejs.org/dist/v0.5.3/node.exe + +Website: http://nodejs.org/dist/v0.5.3/docs + Documentation: http://nodejs.org/dist/v0.5.3/docs/api diff --git a/doc/blog/release/node-v0-5-4.md b/doc/blog/release/node-v0-5-4.md index 2dd02e12ad7..9f5f4e28aa5 100644 --- a/doc/blog/release/node-v0-5-4.md +++ b/doc/blog/release/node-v0-5-4.md @@ -6,31 +6,31 @@ status: publish category: release slug: node-v0-5-4 -2011.08.12, Version 0.5.4 (unstable) - -
    • libuv/Windows compatibility improvements - -
    • Build on Microsoft Visual Studio via GYP. Use generate-projects.bat in the to build sln files. (Peter Bright, Igor Zinkovsky) - -
    • Make Mikeal's HTTP agent client the default. Use old HTTP client with --use-http1 - -
    • Fixes https host header default port handling. (Mikeal Rogers) - -
    • #1440 strip byte order marker when loading *.js and *.json files (Ben Noordhuis) - -
    • #1434 Improve util.format() compatibility with browser. (Koichi Kobayashi) - -
    • Provide unchecked uint entry points for integer Buffer.read/writeInt methods. (Robert Mustacchi) - -
    • CMake improvements (Tom Huges) - -
    • Upgrade V8 to 3.5.4.
    - - -Download: http://nodejs.org/dist/v0.5.4/node-v0.5.4.tar.gz - -Windows Executable: http://nodejs.org/dist/v0.5.4/node.exe - -Website: http://nodejs.org/dist/v0.5.4/docs - +2011.08.12, Version 0.5.4 (unstable) + +
    • libuv/Windows compatibility improvements + +
    • Build on Microsoft Visual Studio via GYP. Use generate-projects.bat in the to build sln files. (Peter Bright, Igor Zinkovsky) + +
    • Make Mikeal's HTTP agent client the default. Use old HTTP client with --use-http1 + +
    • Fixes https host header default port handling. (Mikeal Rogers) + +
    • #1440 strip byte order marker when loading *.js and *.json files (Ben Noordhuis) + +
    • #1434 Improve util.format() compatibility with browser. (Koichi Kobayashi) + +
    • Provide unchecked uint entry points for integer Buffer.read/writeInt methods. (Robert Mustacchi) + +
    • CMake improvements (Tom Huges) + +
    • Upgrade V8 to 3.5.4.
    + + +Download: http://nodejs.org/dist/v0.5.4/node-v0.5.4.tar.gz + +Windows Executable: http://nodejs.org/dist/v0.5.4/node.exe + +Website: http://nodejs.org/dist/v0.5.4/docs + Documentation: http://nodejs.org/dist/v0.5.4/docs/api diff --git a/doc/blog/release/node-v0-5-5.md b/doc/blog/release/node-v0-5-5.md index 886fac90ef0..683fed49c6c 100644 --- a/doc/blog/release/node-v0-5-5.md +++ b/doc/blog/release/node-v0-5-5.md @@ -6,35 +6,35 @@ status: publish category: release slug: node-v0-5-5 -

    2011.08.26, Version 0.5.5 (unstable)

    -
      -
    • typed arrays, implementation from Plesk -
    • fix IP multicast on SunOS -
    • fix DNS lookup order: IPv4 first, IPv6 second (--use-uv only) -
    • remove support for UNIX datagram sockets (--use-uv only) -
    • UDP support for Windows (Bert Belder) -
    • #1572 improve tab completion for objects in the REPL (Nathan Rajlich) -
    • #1563 fix buffer overflow in child_process module (reported by Dean McNamee) -
    • #1546 fix performance regression in http module (reported by Brian Geffon) -
    • #1491 add PBKDF2 crypto support (Glen Low) -
    • #1447 remove deprecated http.cat() function (Mikeal Rogers) -
    • #1140 fix incorrect dispatch of vm.runInContext's filename argument
      - (Antranig Basman)

      -
    • #1140 document vm.runInContext() and vm.createContext() (Antranig Basman) -
    • #1428 fix os.freemem() on 64 bits freebsd (Artem Zaytsev) -
    • #1164 make all DNS lookups async, fixes uncatchable exceptions
      - (Koichi Kobayashi)

      -
    • fix incorrect ssl shutdown check (Tom Hughes) -
    • various cmake fixes (Tom Hughes) -
    • improved documentation (Koichi Kobayashi, Logan Smyth, Fedor Indutny,
      - Mikeal Rogers, Maciej Małecki, Antranig Basman, Mickaël Delahaye)

      -
    • upgrade libuv to commit 835782a -
    • upgrade V8 to 3.5.8 -
    -

    Download: http://nodejs.org/dist/node-v0.5.5.tar.gz

    -

    Windows Executable: http://nodejs.org/dist/v0.5.5/node.exe

    -

    Website: http://nodejs.org/docs/v0.5.5/

    -

    Documentation: http://nodejs.org/docs/v0.5.5/api/

    -

    - +

    2011.08.26, Version 0.5.5 (unstable)

    +
      +
    • typed arrays, implementation from Plesk +
    • fix IP multicast on SunOS +
    • fix DNS lookup order: IPv4 first, IPv6 second (--use-uv only) +
    • remove support for UNIX datagram sockets (--use-uv only) +
    • UDP support for Windows (Bert Belder) +
    • #1572 improve tab completion for objects in the REPL (Nathan Rajlich) +
    • #1563 fix buffer overflow in child_process module (reported by Dean McNamee) +
    • #1546 fix performance regression in http module (reported by Brian Geffon) +
    • #1491 add PBKDF2 crypto support (Glen Low) +
    • #1447 remove deprecated http.cat() function (Mikeal Rogers) +
    • #1140 fix incorrect dispatch of vm.runInContext's filename argument
      + (Antranig Basman)

      +
    • #1140 document vm.runInContext() and vm.createContext() (Antranig Basman) +
    • #1428 fix os.freemem() on 64 bits freebsd (Artem Zaytsev) +
    • #1164 make all DNS lookups async, fixes uncatchable exceptions
      + (Koichi Kobayashi)

      +
    • fix incorrect ssl shutdown check (Tom Hughes) +
    • various cmake fixes (Tom Hughes) +
    • improved documentation (Koichi Kobayashi, Logan Smyth, Fedor Indutny,
      + Mikeal Rogers, Maciej Małecki, Antranig Basman, Mickaël Delahaye)

      +
    • upgrade libuv to commit 835782a +
    • upgrade V8 to 3.5.8 +
    +

    Download: http://nodejs.org/dist/node-v0.5.5.tar.gz

    +

    Windows Executable: http://nodejs.org/dist/v0.5.5/node.exe

    +

    Website: http://nodejs.org/docs/v0.5.5/

    +

    Documentation: http://nodejs.org/docs/v0.5.5/api/

    +

    + Update: The .exe has a bug that results in incompatibility with Windows XP and Server 2003. This has been reported in issue #1592 and fixed. A new binary was made that is compatibile with the older Windows: http://nodejs.org/dist/v0.5.5/node-186364e.exe. diff --git a/doc/blog/release/node-v0-5-6.md b/doc/blog/release/node-v0-5-6.md index ca1a392b013..452878c3004 100644 --- a/doc/blog/release/node-v0-5-6.md +++ b/doc/blog/release/node-v0-5-6.md @@ -6,44 +6,44 @@ status: publish category: release slug: node-v0-5-6 -2011.09.08, Version 0.5.6 (unstable) -
      -
    • #345, #1635, #1648 Documentation improvements (Thomas Shinnick, Abimanyu Raja, AJ ONeal, Koichi Kobayashi, Michael Jackson, Logan Smyth, Ben Noordhuis)
      • -
    • #650 Improve path parsing on windows (Bert Belder)
      • -
    • #752 Remove headers sent check in OutgoingMessage.getHeader() (Peter Lyons)
      • -
    • #1236, #1438, #1506, #1513, #1621, #1640, #1647 Libuv-related bugs fixed (Jorge Chamorro Bieling, Peter Bright, Luis Lavena, Igor Zinkovsky)
      • -
    • #1296, #1612 crypto: Fix BIO's usage. (Koichi Kobayashi)
      • -
    • #1345 Correctly set socket.remoteAddress with libuv backend (Bert Belder)
      • -
    • #1429 Don't clobber quick edit mode on windows (Peter Bright)
      • -
    • #1503 Make libuv backend default on unix, override with `node --use-legacy`
      • -
    • #1565 Fix fs.stat for paths ending with \ on windows (Igor Zinkovsky)
      • -
    • #1568 Fix x509 certificate subject parsing (Koichi Kobayashi)
      • -
    • #1586 Make socket write encoding case-insensitive (Koichi Kobayashi)
      • -
    • #1591, #1656, #1657 Implement fs in libuv, remove libeio and pthread-win32 dependency on windows (Igor Zinkovsky, Ben Noordhuis, Ryan Dahl, Isaac Schlueter)
      • -
    • #1592 Don't load-time link against CreateSymbolicLink on windows (Peter Bright)
      • -
    • #1601 Improve API consistency when dealing with the socket underlying a HTTP client request (Mikeal Rogers)
      • -
    • #1610 Remove DigiNotar CA from trusted list (Isaac Schlueter)
      • -
    • #1617 Added some win32 os functions (Karl Skomski)
      • -
    • #1624 avoid buffer overrun with 'binary' encoding (Koichi Kobayashi)
      • -
    • #1633 make Buffer.write() always set _charsWritten (Koichi Kobayashi)
      • -
    • #1644 Windows: set executables to be console programs (Peter Bright)
      • -
    • #1651 improve inspection for sparse array (Koichi Kobayashi)
      • -
    • #1672 set .code='ECONNRESET' on socket hang up errors (Ben Noordhuis)
      • -
    • Add test case for foaf+ssl client certificate (Niclas Hoyer)
      • -
    • Added RPATH environment variable to override run-time library paths (Ashok Mudukutore)
      • -
    • Added TLS client-side session resumption support (Sean Cunningham)
      • -
    • Added additional properties to getPeerCertificate (Nathan Rixham, Niclas Hoyer)
      • -
    • Don't eval repl command twice when an error is thrown (Nathan Rajlich)
      • -
    • Improve util.isDate() (Nathan Rajlich)
      • -
    • Improvements in libuv backend and bindings, upgrade libuv to bd6066cb349a9b3a1b0d87b146ddaee06db31d10
      • -
    • Show warning when using lib/sys.js (Maciej Malecki)
      • -
    • Support plus sign in url protocol (Maciej Malecki)
      • -
    • Upgrade V8 to 3.6.2
      • -
    -Download: http://nodejs.org/dist/v0.5.6/node-v0.5.6.tar.gz - -Windows Executable: http://nodejs.org/dist/v0.5.6/node.exe - -Website: http://nodejs.org/docs/v0.5.6/ - +2011.09.08, Version 0.5.6 (unstable) +
      +
    • #345, #1635, #1648 Documentation improvements (Thomas Shinnick, Abimanyu Raja, AJ ONeal, Koichi Kobayashi, Michael Jackson, Logan Smyth, Ben Noordhuis)
      • +
    • #650 Improve path parsing on windows (Bert Belder)
      • +
    • #752 Remove headers sent check in OutgoingMessage.getHeader() (Peter Lyons)
      • +
    • #1236, #1438, #1506, #1513, #1621, #1640, #1647 Libuv-related bugs fixed (Jorge Chamorro Bieling, Peter Bright, Luis Lavena, Igor Zinkovsky)
      • +
    • #1296, #1612 crypto: Fix BIO's usage. (Koichi Kobayashi)
      • +
    • #1345 Correctly set socket.remoteAddress with libuv backend (Bert Belder)
      • +
    • #1429 Don't clobber quick edit mode on windows (Peter Bright)
      • +
    • #1503 Make libuv backend default on unix, override with `node --use-legacy`
      • +
    • #1565 Fix fs.stat for paths ending with \ on windows (Igor Zinkovsky)
      • +
    • #1568 Fix x509 certificate subject parsing (Koichi Kobayashi)
      • +
    • #1586 Make socket write encoding case-insensitive (Koichi Kobayashi)
      • +
    • #1591, #1656, #1657 Implement fs in libuv, remove libeio and pthread-win32 dependency on windows (Igor Zinkovsky, Ben Noordhuis, Ryan Dahl, Isaac Schlueter)
      • +
    • #1592 Don't load-time link against CreateSymbolicLink on windows (Peter Bright)
      • +
    • #1601 Improve API consistency when dealing with the socket underlying a HTTP client request (Mikeal Rogers)
      • +
    • #1610 Remove DigiNotar CA from trusted list (Isaac Schlueter)
      • +
    • #1617 Added some win32 os functions (Karl Skomski)
      • +
    • #1624 avoid buffer overrun with 'binary' encoding (Koichi Kobayashi)
      • +
    • #1633 make Buffer.write() always set _charsWritten (Koichi Kobayashi)
      • +
    • #1644 Windows: set executables to be console programs (Peter Bright)
      • +
    • #1651 improve inspection for sparse array (Koichi Kobayashi)
      • +
    • #1672 set .code='ECONNRESET' on socket hang up errors (Ben Noordhuis)
      • +
    • Add test case for foaf+ssl client certificate (Niclas Hoyer)
      • +
    • Added RPATH environment variable to override run-time library paths (Ashok Mudukutore)
      • +
    • Added TLS client-side session resumption support (Sean Cunningham)
      • +
    • Added additional properties to getPeerCertificate (Nathan Rixham, Niclas Hoyer)
      • +
    • Don't eval repl command twice when an error is thrown (Nathan Rajlich)
      • +
    • Improve util.isDate() (Nathan Rajlich)
      • +
    • Improvements in libuv backend and bindings, upgrade libuv to bd6066cb349a9b3a1b0d87b146ddaee06db31d10
      • +
    • Show warning when using lib/sys.js (Maciej Malecki)
      • +
    • Support plus sign in url protocol (Maciej Malecki)
      • +
    • Upgrade V8 to 3.6.2
      • +
    +Download: http://nodejs.org/dist/v0.5.6/node-v0.5.6.tar.gz + +Windows Executable: http://nodejs.org/dist/v0.5.6/node.exe + +Website: http://nodejs.org/docs/v0.5.6/ + Documentation: http://nodejs.org/docs/v0.5.6/api/ diff --git a/doc/blog/release/node-v0-5-7-unstable.md b/doc/blog/release/node-v0-5-7-unstable.md index 1b640e7dbee..b125a14975f 100644 --- a/doc/blog/release/node-v0-5-7-unstable.md +++ b/doc/blog/release/node-v0-5-7-unstable.md @@ -6,30 +6,30 @@ status: publish category: release slug: node-v0-5-7-unstable -2011.09.16, Version 0.5.7 (unstable) -
      -
    • Upgrade V8 to 3.6.4 -
    • Improve Windows compatibility -
    • Documentation improvements -
    • Debugger and REPL improvements (Fedor Indutny) -
    • Add legacy API support: net.Stream(fd), process.stdout.writable, process.stdout.fd -
    • Fix mkdir EEXIST handling (isaacs) -
    • Use net_uv instead of net_legacy for stdio -
    • Do not load readline from util.inspect -
    • #1673 Fix bug related to V8 context with accessors (Fedor Indutny) -
    • #1634 util: Fix inspection for Error (koichik) -
    • #1645 fs: Add positioned file writing feature to fs.WriteStream (Thomas Shinnick) -
    • #1637 fs: Unguarded fs.watchFile cache statWatchers checking fixed (Thomas Shinnick) -
    • #1695 Forward customFds to ChildProcess.spawn -
    • #1707 Fix hasOwnProperty security problem in querystring (isaacs) -
    • #1719 Drain OpenSSL error queue
    - - - -Download: http://nodejs.org/dist/v0.5.7/node-v0.5.7.tar.gz - -Windows Executable: http://nodejs.org/dist/v0.5.7/node.exe - -Website: http://nodejs.org/docs/v0.5.7/ - +2011.09.16, Version 0.5.7 (unstable) +
      +
    • Upgrade V8 to 3.6.4 +
    • Improve Windows compatibility +
    • Documentation improvements +
    • Debugger and REPL improvements (Fedor Indutny) +
    • Add legacy API support: net.Stream(fd), process.stdout.writable, process.stdout.fd +
    • Fix mkdir EEXIST handling (isaacs) +
    • Use net_uv instead of net_legacy for stdio +
    • Do not load readline from util.inspect +
    • #1673 Fix bug related to V8 context with accessors (Fedor Indutny) +
    • #1634 util: Fix inspection for Error (koichik) +
    • #1645 fs: Add positioned file writing feature to fs.WriteStream (Thomas Shinnick) +
    • #1637 fs: Unguarded fs.watchFile cache statWatchers checking fixed (Thomas Shinnick) +
    • #1695 Forward customFds to ChildProcess.spawn +
    • #1707 Fix hasOwnProperty security problem in querystring (isaacs) +
    • #1719 Drain OpenSSL error queue
    + + + +Download: http://nodejs.org/dist/v0.5.7/node-v0.5.7.tar.gz + +Windows Executable: http://nodejs.org/dist/v0.5.7/node.exe + +Website: http://nodejs.org/docs/v0.5.7/ + Documentation: http://nodejs.org/docs/v0.5.7/api/ diff --git a/doc/blog/release/node-v0-5-8.md b/doc/blog/release/node-v0-5-8.md index 9f0fc146c3a..6924ff372c1 100644 --- a/doc/blog/release/node-v0-5-8.md +++ b/doc/blog/release/node-v0-5-8.md @@ -6,21 +6,21 @@ status: publish category: release slug: node-v0-5-8 -2011.09.30, Version 0.5.8 (unstable)
    • zlib bindings (isaacs) -
    • Windows supports TTY ANSI escape codes (Bert Belder) -
    • Debugger improvements (Fedor Indutny) -
    • crypto: look up SSL errors with ERR_print_errors() (Ben Noordhuis) -
    • dns callbacks go through MakeCallback now -
    • Raise an error when a malformed package.json file is found. (Ben Leslie) -
    • buffers: handle bad length argument in constructor (Ben Noordhuis) -
    • #1726, unref process.stdout -
    • Doc improvements (Ben Noordhuis, Fedor Indutny, koichik) -
    • Upgrade libuv to fe18438
    - -Download: http://nodejs.org/dist/v0.5.8/node-v0.5.8.tar.gz - -Windows Executable: http://nodejs.org/dist/v0.5.8/node.exe - -Website: http://nodejs.org/docs/v0.5.8/ - +2011.09.30, Version 0.5.8 (unstable)
    • zlib bindings (isaacs) +
    • Windows supports TTY ANSI escape codes (Bert Belder) +
    • Debugger improvements (Fedor Indutny) +
    • crypto: look up SSL errors with ERR_print_errors() (Ben Noordhuis) +
    • dns callbacks go through MakeCallback now +
    • Raise an error when a malformed package.json file is found. (Ben Leslie) +
    • buffers: handle bad length argument in constructor (Ben Noordhuis) +
    • #1726, unref process.stdout +
    • Doc improvements (Ben Noordhuis, Fedor Indutny, koichik) +
    • Upgrade libuv to fe18438
    + +Download: http://nodejs.org/dist/v0.5.8/node-v0.5.8.tar.gz + +Windows Executable: http://nodejs.org/dist/v0.5.8/node.exe + +Website: http://nodejs.org/docs/v0.5.8/ + Documentation: http://nodejs.org/docs/v0.5.8/api/ diff --git a/doc/blog/release/node-v0-5-9.md b/doc/blog/release/node-v0-5-9.md index 6e361bcc4f8..8cf7e8101c7 100644 --- a/doc/blog/release/node-v0-5-9.md +++ b/doc/blog/release/node-v0-5-9.md @@ -6,22 +6,22 @@ status: publish category: release slug: node-v0-5-9 -2011.10.10, Version 0.5.9 (unstable) -
    • fs.watch interface backed by kqueue, inotify, and ReadDirectoryChangesW (Igor Zinkovsky, Ben Noordhuis)
      • -
    • add dns.resolveTxt (Christian Tellnes)
      • -
    • Remove legacy http library (Ben Noordhuis)
      • -
    • child_process.fork returns and works on Windows. Allows passing handles. (Igor Zinkovsky, Bert Belder)
      • -
    • #1774 Lint and clean up for --harmony_block_scoping (Tyler Larson, Colton Baker)
      • -
    • #1813 Fix ctrl+c on Windows (Bert Belder)
      • -
    • #1844 unbreak --use-legacy (Ben Noordhuis)
      • -
    • process.stderr now goes through libuv. Both process.stdout and process.stderr are blocking when referencing a TTY.
      • -
    • net_uv performance improvements (Ben Noordhuis, Bert Belder)
    - - -Download: http://nodejs.org/dist/v0.5.9/node-v0.5.9.tar.gz - -Windows Executable: http://nodejs.org/dist/v0.5.9/node.exe - -Website: http://nodejs.org/docs/v0.5.9/ - +2011.10.10, Version 0.5.9 (unstable) +
    • fs.watch interface backed by kqueue, inotify, and ReadDirectoryChangesW (Igor Zinkovsky, Ben Noordhuis)
      • +
    • add dns.resolveTxt (Christian Tellnes)
      • +
    • Remove legacy http library (Ben Noordhuis)
      • +
    • child_process.fork returns and works on Windows. Allows passing handles. (Igor Zinkovsky, Bert Belder)
      • +
    • #1774 Lint and clean up for --harmony_block_scoping (Tyler Larson, Colton Baker)
      • +
    • #1813 Fix ctrl+c on Windows (Bert Belder)
      • +
    • #1844 unbreak --use-legacy (Ben Noordhuis)
      • +
    • process.stderr now goes through libuv. Both process.stdout and process.stderr are blocking when referencing a TTY.
      • +
    • net_uv performance improvements (Ben Noordhuis, Bert Belder)
    + + +Download: http://nodejs.org/dist/v0.5.9/node-v0.5.9.tar.gz + +Windows Executable: http://nodejs.org/dist/v0.5.9/node.exe + +Website: http://nodejs.org/docs/v0.5.9/ + Documentation: http://nodejs.org/docs/v0.5.9/api/ diff --git a/doc/blog/release/node-v0-6-0.md b/doc/blog/release/node-v0-6-0.md index ea0e71373b5..5c796e74b74 100644 --- a/doc/blog/release/node-v0-6-0.md +++ b/doc/blog/release/node-v0-6-0.md @@ -6,75 +6,75 @@ status: publish category: release slug: node-v0-6-0 -We are happy to announce the third stable branch of Node v0.6. We will be freezing JavaScript, C++, and binary interfaces for all v0.6 releases. - -The major differences between v0.4 and v0.6 are
      -
    • Native Windows support using I/O Completion Ports for sockets. -
    • Integrated load balancing over multiple processes. docs -
    • Better support for IPC between Node instances docs -
    • Improved command line debugger docs -
    • Built-in binding to zlib for compression docs -
    • Upgrade v8 from 3.1 to 3.6
    - -In order to support Windows we reworked much of the core architecture. There was some fear that our work would degrade performance on UNIX systems but this was not the case. Here is a Linux system we benched for demonstration: - - - - - -
    v0.4.12 (linux)v0.6.0 (linux)
    http_simple.js /bytes/1024 5461 r/s 6263 r/s
    io.js read 19.75 mB/s 26.63 mB/s
    io.js write 21.60 mB/s 17.40 mB/s
    startup.js 74.7 ms 49.6 ms
    - -Bigger is better in http and io benchmarks, smaller is better in startup. The http benchmark was done with 600 clients on a 10GE network served from three load generation machines. - -In the last version of Node, v0.4, we could only run Node on Windows with Cygwin. Therefore we've gotten massive improvements by targeting the native APIs. Benchmarks on the same machine: - - - - - -
    v0.4.12 (windows)v0.6.0 (windows)
    http_simple.js /bytes/1024 3858 r/s 5823 r/s
    io.js read 12.41 mB/s 26.51 mB/s
    io.js write 12.61 mB/s 33.58 mB/s
    startup.js 152.81 ms 52.04 ms
    - -We consider this a good intermediate stage for the Windows port. There is still work to be done. For example, we are not yet providing users with a blessed path for building addon modules in MS Visual Studio. Work will continue in later releases. - -For users upgrading code bases from v0.4 to v0.6 we've documented most of the issues that you will run into. Most people find the change painless. Despite the long list of changes most core APIs remain untouched. - -Our release cycle will be tightened dramatically now. Expect to see a new stable branch in January. We wish to eventually have our releases in sync with Chrome and V8's 6 week cycle. - -Thank you to everyone who contributed code, tests, docs, or sent in bug reports. - -Here are the changes between v0.5.12 and v0.6.0: - -2011.11.04, Version 0.6.0 (stable) -
    • print undefined on undefined values in REPL (Nathan Rajlich)
      • -
    • doc improvements (koichik, seebees, bnoordhuis, Maciej MaÅ‚ecki, Jacob Kragh)
      • -
    • support native addon loading in windows (Bert Belder)
      • -
    • rename getNetworkInterfaces() to networkInterfaces() (bnoordhuis)
      • -
    • add pending accepts knob for windows (igorzi)
      • -
    • http.request(url.parse(x)) (seebees)
      • -
    • #1929 zlib Respond to 'resume' events properly (isaacs)
      • -
    • stream.pipe: Remove resume and pause events
      • -
    • test fixes for windows (igorzi)
      • -
    • build system improvements (bnoordhuis)
      • -
    • #1936 tls: does not emit 'end' from EncryptedStream (koichik)
      • -
    • #758 tls: add address(), remoteAddress/remotePort
      • -
    • #1399 http: emit Error object after .abort() (bnoordhuis)
      • -
    • #1999 fs: make mkdir() default to 0777 permissions (bnoordhuis)
      • -
    • #2001 fix pipe error codes
      • -
    • #2002 Socket.write should reset timeout timer
      • -
    • stdout and stderr are blocking when associated with file too.
      • -
    • remote debugger support on windows (Bert Belder)
      • -
    • convenience methods for zlib (Matt Robenolt)
      • -
    • process.kill support on windows (igorzi)
      • -
    • process.uptime() support on windows (igorzi)
      • -
    • Return IPv4 addresses before IPv6 addresses from getaddrinfo
      • -
    • util.inspect improvements (Nathan Rajlich)
      • -
    • cluster module api changes
      • -
    • Downgrade V8 to 3.6.6.6
    - -Download: http://nodejs.org/dist/v0.6.0/node-v0.6.0.tar.gz - -Windows Executable: http://nodejs.org/dist/v0.6.0/node.exe - -Website: http://nodejs.org/docs/v0.6.0/ - +We are happy to announce the third stable branch of Node v0.6. We will be freezing JavaScript, C++, and binary interfaces for all v0.6 releases. + +The major differences between v0.4 and v0.6 are
      +
    • Native Windows support using I/O Completion Ports for sockets. +
    • Integrated load balancing over multiple processes. docs +
    • Better support for IPC between Node instances docs +
    • Improved command line debugger docs +
    • Built-in binding to zlib for compression docs +
    • Upgrade v8 from 3.1 to 3.6
    + +In order to support Windows we reworked much of the core architecture. There was some fear that our work would degrade performance on UNIX systems but this was not the case. Here is a Linux system we benched for demonstration: + + + + + +
    v0.4.12 (linux)v0.6.0 (linux)
    http_simple.js /bytes/1024 5461 r/s 6263 r/s
    io.js read 19.75 mB/s 26.63 mB/s
    io.js write 21.60 mB/s 17.40 mB/s
    startup.js 74.7 ms 49.6 ms
    + +Bigger is better in http and io benchmarks, smaller is better in startup. The http benchmark was done with 600 clients on a 10GE network served from three load generation machines. + +In the last version of Node, v0.4, we could only run Node on Windows with Cygwin. Therefore we've gotten massive improvements by targeting the native APIs. Benchmarks on the same machine: + + + + + +
    v0.4.12 (windows)v0.6.0 (windows)
    http_simple.js /bytes/1024 3858 r/s 5823 r/s
    io.js read 12.41 mB/s 26.51 mB/s
    io.js write 12.61 mB/s 33.58 mB/s
    startup.js 152.81 ms 52.04 ms
    + +We consider this a good intermediate stage for the Windows port. There is still work to be done. For example, we are not yet providing users with a blessed path for building addon modules in MS Visual Studio. Work will continue in later releases. + +For users upgrading code bases from v0.4 to v0.6 we've documented most of the issues that you will run into. Most people find the change painless. Despite the long list of changes most core APIs remain untouched. + +Our release cycle will be tightened dramatically now. Expect to see a new stable branch in January. We wish to eventually have our releases in sync with Chrome and V8's 6 week cycle. + +Thank you to everyone who contributed code, tests, docs, or sent in bug reports. + +Here are the changes between v0.5.12 and v0.6.0: + +2011.11.04, Version 0.6.0 (stable) +
    • print undefined on undefined values in REPL (Nathan Rajlich)
      • +
    • doc improvements (koichik, seebees, bnoordhuis, Maciej MaÅ‚ecki, Jacob Kragh)
      • +
    • support native addon loading in windows (Bert Belder)
      • +
    • rename getNetworkInterfaces() to networkInterfaces() (bnoordhuis)
      • +
    • add pending accepts knob for windows (igorzi)
      • +
    • http.request(url.parse(x)) (seebees)
      • +
    • #1929 zlib Respond to 'resume' events properly (isaacs)
      • +
    • stream.pipe: Remove resume and pause events
      • +
    • test fixes for windows (igorzi)
      • +
    • build system improvements (bnoordhuis)
      • +
    • #1936 tls: does not emit 'end' from EncryptedStream (koichik)
      • +
    • #758 tls: add address(), remoteAddress/remotePort
      • +
    • #1399 http: emit Error object after .abort() (bnoordhuis)
      • +
    • #1999 fs: make mkdir() default to 0777 permissions (bnoordhuis)
      • +
    • #2001 fix pipe error codes
      • +
    • #2002 Socket.write should reset timeout timer
      • +
    • stdout and stderr are blocking when associated with file too.
      • +
    • remote debugger support on windows (Bert Belder)
      • +
    • convenience methods for zlib (Matt Robenolt)
      • +
    • process.kill support on windows (igorzi)
      • +
    • process.uptime() support on windows (igorzi)
      • +
    • Return IPv4 addresses before IPv6 addresses from getaddrinfo
      • +
    • util.inspect improvements (Nathan Rajlich)
      • +
    • cluster module api changes
      • +
    • Downgrade V8 to 3.6.6.6
    + +Download: http://nodejs.org/dist/v0.6.0/node-v0.6.0.tar.gz + +Windows Executable: http://nodejs.org/dist/v0.6.0/node.exe + +Website: http://nodejs.org/docs/v0.6.0/ + Documentation: http://nodejs.org/docs/v0.6.0/api/ diff --git a/doc/blog/release/node-v0-6-1.md b/doc/blog/release/node-v0-6-1.md index 14a0db49529..d7fb09cdd63 100644 --- a/doc/blog/release/node-v0-6-1.md +++ b/doc/blog/release/node-v0-6-1.md @@ -6,28 +6,28 @@ status: publish category: release slug: node-v0-6-1 -2011.11.11, Version 0.6.1 (stable) -
    • doc improvements (Eric Lovett, Ben Noordhuis, Scott Anderson, Yoji SHIDARA)
      • -
    • crypto: make thread-safe (Ben Noordhuis)
      • -
    • fix process.kill error object
      • -
    • debugger: correctly handle source with multi-byte characters (Shigeki Ohtsu)
      • -
    • make stdout and stderr non-destroyable (Igor Zinkovsky)
      • -
    • fs: don't close uninitialized fs.watch handle (Ben Noordhuis)
      • -
    • #2026 fix man page install on BSDs (Ben Noordhuis)
      • -
    • #2040 fix unrecognized errno assert in uv_err_name
      • -
    • #2043 fs: mkdir() should call callback if mode is omitted
      • -
    • #2045 fs: fix fs.realpath on windows to return on error (Benjamin Pasero)
      • -
    • #2047 minor cluster improvements
      • -
    • #2052 readline get window columns correctly
      • -
    • Upgrade V8 to 3.6.6.7
    - - -Source Code: http://nodejs.org/dist/v0.6.1/node-v0.6.1.tar.gz - -Windows Installer: http://nodejs.org/dist/v0.6.1/node-v0.6.1.msi - -Macintosh Installer: http://nodejs.org/dist/v0.6.1/node-v0.6.1.pkg - -Website: http://nodejs.org/docs/v0.6.1/ - +2011.11.11, Version 0.6.1 (stable) +
    • doc improvements (Eric Lovett, Ben Noordhuis, Scott Anderson, Yoji SHIDARA)
      • +
    • crypto: make thread-safe (Ben Noordhuis)
      • +
    • fix process.kill error object
      • +
    • debugger: correctly handle source with multi-byte characters (Shigeki Ohtsu)
      • +
    • make stdout and stderr non-destroyable (Igor Zinkovsky)
      • +
    • fs: don't close uninitialized fs.watch handle (Ben Noordhuis)
      • +
    • #2026 fix man page install on BSDs (Ben Noordhuis)
      • +
    • #2040 fix unrecognized errno assert in uv_err_name
      • +
    • #2043 fs: mkdir() should call callback if mode is omitted
      • +
    • #2045 fs: fix fs.realpath on windows to return on error (Benjamin Pasero)
      • +
    • #2047 minor cluster improvements
      • +
    • #2052 readline get window columns correctly
      • +
    • Upgrade V8 to 3.6.6.7
    + + +Source Code: http://nodejs.org/dist/v0.6.1/node-v0.6.1.tar.gz + +Windows Installer: http://nodejs.org/dist/v0.6.1/node-v0.6.1.msi + +Macintosh Installer: http://nodejs.org/dist/v0.6.1/node-v0.6.1.pkg + +Website: http://nodejs.org/docs/v0.6.1/ + Documentation: http://nodejs.org/docs/v0.6.1/api/ diff --git a/doc/blog/release/node-v0-6-10.md b/doc/blog/release/node-v0-6-10.md index a0ca4e4a37d..7d489932dda 100644 --- a/doc/blog/release/node-v0-6-10.md +++ b/doc/blog/release/node-v0-6-10.md @@ -6,25 +6,25 @@ status: publish category: release slug: node-v0-6-10 -

    2012.02.02, Version 0.6.10 (stable)

    - -
      -

    • Update V8 to 3.6.6.20

      • -

    • Add npm msysgit bash shim to msi installer (isaacs)

      • -

    • buffers: fix intermittent out of bounds error (Ben Noordhuis)

      • -

    • buffers: honor length argument in base64 decoder (Ben Noordhuis)

      • -

    • windows: Fix path.exists regression (Bert Belder)

      • -

    • Make QueryString.parse run faster (Philip Tellis)

      • -

    • http: avoid freeing http-parser objects too early (koichik)

      • -

    • timers: add v0.4 compatibility hack (Ben Noordhuis)

      • -

    • Proper EPERM error code support (Igor Zinkovsky, Brandon Philips)

      • -

    • dgram: Implement udp multicast methods on windows (Bert Belder)

      • -

    Source Code: http://nodejs.org/dist/v0.6.10/node-v0.6.10.tar.gz

    - -

    Windows Installer: http://nodejs.org/dist/v0.6.10/node-v0.6.10.msi

    - -

    Macintosh Installer: http://nodejs.org/dist/v0.6.10/node-v0.6.10.pkg

    - -

    Website: http://nodejs.org/docs/v0.6.10/

    - +

    2012.02.02, Version 0.6.10 (stable)

    + +
      +

    • Update V8 to 3.6.6.20

      • +

    • Add npm msysgit bash shim to msi installer (isaacs)

      • +

    • buffers: fix intermittent out of bounds error (Ben Noordhuis)

      • +

    • buffers: honor length argument in base64 decoder (Ben Noordhuis)

      • +

    • windows: Fix path.exists regression (Bert Belder)

      • +

    • Make QueryString.parse run faster (Philip Tellis)

      • +

    • http: avoid freeing http-parser objects too early (koichik)

      • +

    • timers: add v0.4 compatibility hack (Ben Noordhuis)

      • +

    • Proper EPERM error code support (Igor Zinkovsky, Brandon Philips)

      • +

    • dgram: Implement udp multicast methods on windows (Bert Belder)

      • +

    Source Code: http://nodejs.org/dist/v0.6.10/node-v0.6.10.tar.gz

    + +

    Windows Installer: http://nodejs.org/dist/v0.6.10/node-v0.6.10.msi

    + +

    Macintosh Installer: http://nodejs.org/dist/v0.6.10/node-v0.6.10.pkg

    + +

    Website: http://nodejs.org/docs/v0.6.10/

    +

    Documentation: http://nodejs.org/docs/v0.6.10/api/

    diff --git a/doc/blog/release/node-v0-6-2.md b/doc/blog/release/node-v0-6-2.md index b405268bc7b..9a75dcb167c 100644 --- a/doc/blog/release/node-v0-6-2.md +++ b/doc/blog/release/node-v0-6-2.md @@ -6,22 +6,22 @@ status: publish category: release slug: node-v0-6-2 -

    2011.11.18, Version 0.6.2 (stable)

    -
      -
    • doc improvements (Artur Adib, Trevor Burnham, Ryan Emery, Trent Mick)
      • -
    • timers: remember extra setTimeout() arguments when timeout==0
      • -
    • punycode: use Mathias Bynens's punycode library, it's more compliant
      • -
    • repl: improved tab completion (Ryan Emery)
      • -
    • buffer: fix range checks in .writeInt() functions (Lukasz Walukiewicz)
      • -
    • tls: make cipher list configurable
      • -
    • addons: make Buffer and ObjectWrap visible to Windows add-ons (Bert Belder)
      • -
    • crypto: add PKCS#1 a.k.a RSA public key verification support
      • -
    • windows: fix stdout writes when redirected to nul
      • -
    • sunos: fix build on Solaris and Illumos
      • -
    • Upgrade V8 to 3.6.6.8
      • -
    -

    Source Code: http://nodejs.org/dist/v0.6.2/node-v0.6.2.tar.gz

    -

    Windows Installer: http://nodejs.org/dist/v0.6.2/node-v0.6.2.msi

    -

    Macintosh Installer: http://nodejs.org/dist/v0.6.2/node-v0.6.2.pkg

    -

    Website: http://nodejs.org/docs/v0.6.2/

    +

    2011.11.18, Version 0.6.2 (stable)

    +
      +
    • doc improvements (Artur Adib, Trevor Burnham, Ryan Emery, Trent Mick)
      • +
    • timers: remember extra setTimeout() arguments when timeout==0
      • +
    • punycode: use Mathias Bynens's punycode library, it's more compliant
      • +
    • repl: improved tab completion (Ryan Emery)
      • +
    • buffer: fix range checks in .writeInt() functions (Lukasz Walukiewicz)
      • +
    • tls: make cipher list configurable
      • +
    • addons: make Buffer and ObjectWrap visible to Windows add-ons (Bert Belder)
      • +
    • crypto: add PKCS#1 a.k.a RSA public key verification support
      • +
    • windows: fix stdout writes when redirected to nul
      • +
    • sunos: fix build on Solaris and Illumos
      • +
    • Upgrade V8 to 3.6.6.8
      • +
    +

    Source Code: http://nodejs.org/dist/v0.6.2/node-v0.6.2.tar.gz

    +

    Windows Installer: http://nodejs.org/dist/v0.6.2/node-v0.6.2.msi

    +

    Macintosh Installer: http://nodejs.org/dist/v0.6.2/node-v0.6.2.pkg

    +

    Website: http://nodejs.org/docs/v0.6.2/

    Documentation: http://nodejs.org/docs/v0.6.2/api/

    diff --git a/doc/blog/release/node-v0-6-3.md b/doc/blog/release/node-v0-6-3.md index 559c3d352a6..e61c5f714e8 100644 --- a/doc/blog/release/node-v0-6-3.md +++ b/doc/blog/release/node-v0-6-3.md @@ -6,25 +6,25 @@ status: publish category: release slug: node-v0-6-3 -2011.11.25, Version 0.6.3 (stable) -
      -
    • #2083 Land NPM in Node. It is included in packages/installers and installed on `make install`.
      • -
    • #2076 Add logos to windows installer.
      • -
    • #1711 Correctly handle http requests without headers. (Ben Noordhuis, Felix Geisendörfer)
      • -
    • TLS: expose more openssl SSL context options and constants. (Ben Noordhuis)
      • -
    • #2177 Windows: don't kill UDP socket when a packet fails to reach its destination. (Bert Belder)
      • -
    • Windows: support paths longer than 260 characters. (Igor Zinkovsky)
      • -
    • Windows: correctly resolve drive-relative paths. (Bert Belder)
      • -
    • #2166 Don't leave file descriptor open after lchmod. (Isaac Schlueter)
      • -
    • #2084 Add OS X .pkg build script to make file.
      • -
    • #2160 Documentation improvements. (Ben Noordhuis)
      • -
    -Source Code: http://nodejs.org/dist/v0.6.3/node-v0.6.3.tar.gz - -Windows Installer: http://nodejs.org/dist/v0.6.3/node-v0.6.3.msi - -Macintosh Installer: http://nodejs.org/dist/v0.6.3/node-v0.6.3.pkg - -Website: http://nodejs.org/docs/v0.6.3/ - +2011.11.25, Version 0.6.3 (stable) +
      +
    • #2083 Land NPM in Node. It is included in packages/installers and installed on `make install`.
      • +
    • #2076 Add logos to windows installer.
      • +
    • #1711 Correctly handle http requests without headers. (Ben Noordhuis, Felix Geisendörfer)
      • +
    • TLS: expose more openssl SSL context options and constants. (Ben Noordhuis)
      • +
    • #2177 Windows: don't kill UDP socket when a packet fails to reach its destination. (Bert Belder)
      • +
    • Windows: support paths longer than 260 characters. (Igor Zinkovsky)
      • +
    • Windows: correctly resolve drive-relative paths. (Bert Belder)
      • +
    • #2166 Don't leave file descriptor open after lchmod. (Isaac Schlueter)
      • +
    • #2084 Add OS X .pkg build script to make file.
      • +
    • #2160 Documentation improvements. (Ben Noordhuis)
      • +
    +Source Code: http://nodejs.org/dist/v0.6.3/node-v0.6.3.tar.gz + +Windows Installer: http://nodejs.org/dist/v0.6.3/node-v0.6.3.msi + +Macintosh Installer: http://nodejs.org/dist/v0.6.3/node-v0.6.3.pkg + +Website: http://nodejs.org/docs/v0.6.3/ + Documentation: http://nodejs.org/docs/v0.6.3/api/ diff --git a/doc/blog/release/node-v0-6-4.md b/doc/blog/release/node-v0-6-4.md index f99f15fc594..ee5f6335aa1 100644 --- a/doc/blog/release/node-v0-6-4.md +++ b/doc/blog/release/node-v0-6-4.md @@ -6,26 +6,26 @@ status: publish category: release slug: node-v0-6-4 -2011.12.02, Version 0.6.4 (stable) -
      -
    • doc improvements (Kyle Young, Tim Oxley, Roman Shtylman, Mathias Bynens)
      • -
    • upgrade bundled npm (Isaac Schlueter)
      • -
    • polish Windows installer (Igor Zinkovsky, Isaac Schlueter)
      • -
    • punycode: upgrade to v0.2.1 (Mathias Bynens)
      • -
    • build: add --without-npm flag to configure script
      • -
    • sys: deprecate module some more, print stack trace if NODE_DEBUG=sys
      • -
    • cli: add -p switch, prints result of --eval
      • -
    • #1997: fix Blowfish ECB encryption and decryption (Ingmar Runge)
      • -
    • #2223: fix socket 'close' event being emitted twice
      • -
    • #2224: fix RSS memory usage > 4 GB reporting (Russ Bradberry)
      • -
    • #2225: fix util.inspect() object stringification bug (Nathan Rajlich)
      • -
    -Source Code: http://nodejs.org/dist/v0.6.4/node-v0.6.4.tar.gz - -Windows Installer: http://nodejs.org/dist/v0.6.4/node-v0.6.4.msi - -Macintosh Installer: http://nodejs.org/dist/v0.6.4/node-v0.6.4.pkg - -Website: http://nodejs.org/docs/v0.6.4/ - +2011.12.02, Version 0.6.4 (stable) +
      +
    • doc improvements (Kyle Young, Tim Oxley, Roman Shtylman, Mathias Bynens)
      • +
    • upgrade bundled npm (Isaac Schlueter)
      • +
    • polish Windows installer (Igor Zinkovsky, Isaac Schlueter)
      • +
    • punycode: upgrade to v0.2.1 (Mathias Bynens)
      • +
    • build: add --without-npm flag to configure script
      • +
    • sys: deprecate module some more, print stack trace if NODE_DEBUG=sys
      • +
    • cli: add -p switch, prints result of --eval
      • +
    • #1997: fix Blowfish ECB encryption and decryption (Ingmar Runge)
      • +
    • #2223: fix socket 'close' event being emitted twice
      • +
    • #2224: fix RSS memory usage > 4 GB reporting (Russ Bradberry)
      • +
    • #2225: fix util.inspect() object stringification bug (Nathan Rajlich)
      • +
    +Source Code: http://nodejs.org/dist/v0.6.4/node-v0.6.4.tar.gz + +Windows Installer: http://nodejs.org/dist/v0.6.4/node-v0.6.4.msi + +Macintosh Installer: http://nodejs.org/dist/v0.6.4/node-v0.6.4.pkg + +Website: http://nodejs.org/docs/v0.6.4/ + Documentation: http://nodejs.org/docs/v0.6.4/api/ diff --git a/doc/blog/release/node-v0-6-5.md b/doc/blog/release/node-v0-6-5.md index 832da74148f..3035894cb66 100644 --- a/doc/blog/release/node-v0-6-5.md +++ b/doc/blog/release/node-v0-6-5.md @@ -6,16 +6,16 @@ status: publish category: release slug: node-v0-6-5 -2011.12.04, Version 0.6.5 (stable) -
    • npm workaround Windows antivirus software (isaacs) -
    • Upgrade V8 to 3.6.6.11
    - -Source Code: http://nodejs.org/dist/v0.6.5/node-v0.6.5.tar.gz - -Windows Installer: http://nodejs.org/dist/v0.6.5/node-v0.6.5.msi - -Macintosh Installer: http://nodejs.org/dist/v0.6.5/node-v0.6.5.pkg - -Website: http://nodejs.org/docs/v0.6.5/ - +2011.12.04, Version 0.6.5 (stable) +
    • npm workaround Windows antivirus software (isaacs) +
    • Upgrade V8 to 3.6.6.11
    + +Source Code: http://nodejs.org/dist/v0.6.5/node-v0.6.5.tar.gz + +Windows Installer: http://nodejs.org/dist/v0.6.5/node-v0.6.5.msi + +Macintosh Installer: http://nodejs.org/dist/v0.6.5/node-v0.6.5.pkg + +Website: http://nodejs.org/docs/v0.6.5/ + Documentation: http://nodejs.org/docs/v0.6.5/api/ diff --git a/doc/blog/release/node-v0-6-6.md b/doc/blog/release/node-v0-6-6.md index c52169a15a7..df5339854f5 100644 --- a/doc/blog/release/node-v0-6-6.md +++ b/doc/blog/release/node-v0-6-6.md @@ -6,27 +6,27 @@ status: publish category: release slug: node-v0-6-6 -2011.12.14, Version 0.6.6 (stable) - -
      -
    • npm update to 1.1.0-beta-4 (Isaac Z. Schlueter)
      • -
    • cli: fix output of --help (Ben Noordhuis)
      • -
    • new website
      • -
    • pause/resume semantics for stdin (Isaac Z. Schlueter)
      • -
    • Travis CI integration (Maciej MaÅ‚ecki)
      • -
    • child_process: Fix bug regarding closed stdin (Ben Noordhuis)
      • -
    • Enable upgrades in MSI. (Igor Zinkovsky)
      • -
    • net: Fixes memory leak (Ben Noordhuis)
      • -
    • fs: handle fractional or NaN ReadStream buffer size (Ben Noordhuis)
      • -
    • crypto: fix memory leaks in PBKDF2 error path (Ben Noordhuis)
      • -
    - -Source Code: http://nodejs.org/dist/v0.6.6/node-v0.6.6.tar.gz - -Windows Installer: http://nodejs.org/dist/v0.6.6/node-v0.6.6.msi - -Macintosh Installer: http://nodejs.org/dist/v0.6.6/node-v0.6.6.pkg - -Website: http://nodejs.org/docs/v0.6.6/ - +2011.12.14, Version 0.6.6 (stable) + +
      +
    • npm update to 1.1.0-beta-4 (Isaac Z. Schlueter)
      • +
    • cli: fix output of --help (Ben Noordhuis)
      • +
    • new website
      • +
    • pause/resume semantics for stdin (Isaac Z. Schlueter)
      • +
    • Travis CI integration (Maciej MaÅ‚ecki)
      • +
    • child_process: Fix bug regarding closed stdin (Ben Noordhuis)
      • +
    • Enable upgrades in MSI. (Igor Zinkovsky)
      • +
    • net: Fixes memory leak (Ben Noordhuis)
      • +
    • fs: handle fractional or NaN ReadStream buffer size (Ben Noordhuis)
      • +
    • crypto: fix memory leaks in PBKDF2 error path (Ben Noordhuis)
      • +
    + +Source Code: http://nodejs.org/dist/v0.6.6/node-v0.6.6.tar.gz + +Windows Installer: http://nodejs.org/dist/v0.6.6/node-v0.6.6.msi + +Macintosh Installer: http://nodejs.org/dist/v0.6.6/node-v0.6.6.pkg + +Website: http://nodejs.org/docs/v0.6.6/ + Documentation: http://nodejs.org/docs/v0.6.6/api/ diff --git a/doc/blog/release/node-v0-6-7.md b/doc/blog/release/node-v0-6-7.md index 0346f51c0c5..06d939751b1 100644 --- a/doc/blog/release/node-v0-6-7.md +++ b/doc/blog/release/node-v0-6-7.md @@ -6,36 +6,36 @@ status: publish category: release slug: node-v0-6-7 -

    2012.01.06, Version 0.6.7 (stable)

    - -
      -

    • V8 hash collision fix (Breaks MIPS) (Bert Belder, Erik Corry)

      • -

    • Upgrade V8 to 3.6.6.15

      • -

    • Upgrade npm to 1.1.0-beta-10 (isaacs)

      • -

    • many doc updates (Ben Noordhuis, Jeremy Martin, koichik, Dave Irvine, -Seong-Rak Choi, Shannen, Adam Malcontenti-Wilson, koichik)

      • -

    • Fix segfault in node_http_parser.cc

      • -

    • dgram, timers: fix memory leaks (Ben Noordhuis, Yoshihiro Kikuchi)

      • -

    • repl: fix repl.start not passing the ignoreUndefined arg (Damon Oehlman)

      • -

    • #1980: Socket.pause null reference when called on a closed Stream (koichik)

      • -

    • #2263: XMLHttpRequest piped in a writable file stream hang (koichik)

      • -

    • #2069: http resource leak (koichik)

      • -

    • buffer.readInt global pollution fix (Phil Sung)

      • -

    • timers: fix performance regression (Ben Noordhuis)

      • -

    • #2308, #2246: node swallows openssl error on request (koichik)

      • -

    • #2114: timers: remove _idleTimeout from item in .unenroll() (James Hartig)

      • -

    • #2379: debugger: Request backtrace w/o refs (Fedor Indutny)

      • -

    • simple DTrace ustack helper (Dave Pacheco)

      • -

    • crypto: rewrite HexDecode without snprintf (Roman Shtylman)

      • -

    • crypto: don’t ignore DH init errors (Ben Noordhuis)

      • -
    - -

    Source Code: http://nodejs.org/dist/v0.6.7/node-v0.6.7.tar.gz

    - -

    Windows Installer: http://nodejs.org/dist/v0.6.7/node-v0.6.7.msi

    - -

    Macintosh Installer: http://nodejs.org/dist/v0.6.7/node-v0.6.7.pkg

    - -

    Website: http://nodejs.org/docs/v0.6.7/

    - +

    2012.01.06, Version 0.6.7 (stable)

    + +
      +

    • V8 hash collision fix (Breaks MIPS) (Bert Belder, Erik Corry)

      • +

    • Upgrade V8 to 3.6.6.15

      • +

    • Upgrade npm to 1.1.0-beta-10 (isaacs)

      • +

    • many doc updates (Ben Noordhuis, Jeremy Martin, koichik, Dave Irvine, +Seong-Rak Choi, Shannen, Adam Malcontenti-Wilson, koichik)

      • +

    • Fix segfault in node_http_parser.cc

      • +

    • dgram, timers: fix memory leaks (Ben Noordhuis, Yoshihiro Kikuchi)

      • +

    • repl: fix repl.start not passing the ignoreUndefined arg (Damon Oehlman)

      • +

    • #1980: Socket.pause null reference when called on a closed Stream (koichik)

      • +

    • #2263: XMLHttpRequest piped in a writable file stream hang (koichik)

      • +

    • #2069: http resource leak (koichik)

      • +

    • buffer.readInt global pollution fix (Phil Sung)

      • +

    • timers: fix performance regression (Ben Noordhuis)

      • +

    • #2308, #2246: node swallows openssl error on request (koichik)

      • +

    • #2114: timers: remove _idleTimeout from item in .unenroll() (James Hartig)

      • +

    • #2379: debugger: Request backtrace w/o refs (Fedor Indutny)

      • +

    • simple DTrace ustack helper (Dave Pacheco)

      • +

    • crypto: rewrite HexDecode without snprintf (Roman Shtylman)

      • +

    • crypto: don’t ignore DH init errors (Ben Noordhuis)

      • +
    + +

    Source Code: http://nodejs.org/dist/v0.6.7/node-v0.6.7.tar.gz

    + +

    Windows Installer: http://nodejs.org/dist/v0.6.7/node-v0.6.7.msi

    + +

    Macintosh Installer: http://nodejs.org/dist/v0.6.7/node-v0.6.7.pkg

    + +

    Website: http://nodejs.org/docs/v0.6.7/

    +

    Documentation: http://nodejs.org/docs/v0.6.7/api/

    diff --git a/doc/blog/release/node-v0-6-8.md b/doc/blog/release/node-v0-6-8.md index 55de31eb6b1..81f7ace947b 100644 --- a/doc/blog/release/node-v0-6-8.md +++ b/doc/blog/release/node-v0-6-8.md @@ -6,26 +6,26 @@ status: publish category: release slug: node-v0-6-8 -

    2012.01.19, Version 0.6.8 (stable)

    - -
      -

    • Update V8 to 3.6.6.19

      • -

    • Numeric key hash collision fix for V8 (Erik Corry, Fedor Indutny)

      • -

    • Add missing TTY key translations for F1-F5 on Windows (Brandon Benvie)

      • -

    • path.extname bugfix with . and .. paths (Bert Belder)

      • -

    • cluster: don't always kill the master on uncaughtException (Ben Noordhuis)

      • -

    • Update npm to 1.1.0-2 (isaacs)

      • -

    • typed arrays: set class name (Ben Noordhuis)

      • -

    • zlib binding cleanup (isaacs, Bert Belder)

      • -

    • dgram: use slab memory allocator (Michael Bernstein)

      • -

    • fix segfault #2473

      • -

    • #2521 60% improvement in fs.stat on Windows (Igor Zinkovsky)

      • -

    Source Code: http://nodejs.org/dist/v0.6.8/node-v0.6.8.tar.gz

    - -

    Windows Installer: http://nodejs.org/dist/v0.6.8/node-v0.6.8.msi

    - -

    Macintosh Installer: http://nodejs.org/dist/v0.6.8/node-v0.6.8.pkg

    - -

    Website: http://nodejs.org/docs/v0.6.8/

    - +

    2012.01.19, Version 0.6.8 (stable)

    + +
      +

    • Update V8 to 3.6.6.19

      • +

    • Numeric key hash collision fix for V8 (Erik Corry, Fedor Indutny)

      • +

    • Add missing TTY key translations for F1-F5 on Windows (Brandon Benvie)

      • +

    • path.extname bugfix with . and .. paths (Bert Belder)

      • +

    • cluster: don't always kill the master on uncaughtException (Ben Noordhuis)

      • +

    • Update npm to 1.1.0-2 (isaacs)

      • +

    • typed arrays: set class name (Ben Noordhuis)

      • +

    • zlib binding cleanup (isaacs, Bert Belder)

      • +

    • dgram: use slab memory allocator (Michael Bernstein)

      • +

    • fix segfault #2473

      • +

    • #2521 60% improvement in fs.stat on Windows (Igor Zinkovsky)

      • +

    Source Code: http://nodejs.org/dist/v0.6.8/node-v0.6.8.tar.gz

    + +

    Windows Installer: http://nodejs.org/dist/v0.6.8/node-v0.6.8.msi

    + +

    Macintosh Installer: http://nodejs.org/dist/v0.6.8/node-v0.6.8.pkg

    + +

    Website: http://nodejs.org/docs/v0.6.8/

    +

    Documentation: http://nodejs.org/docs/v0.6.8/api/

    diff --git a/doc/blog/release/node-v0-6-9.md b/doc/blog/release/node-v0-6-9.md index 05d992febdd..6e95bfdd745 100644 --- a/doc/blog/release/node-v0-6-9.md +++ b/doc/blog/release/node-v0-6-9.md @@ -6,25 +6,25 @@ status: publish category: release slug: node-v0-6-9 -

    2012.01.27, Version 0.6.9 (stable)

    - -
      -
    • -

      dgram: Bring back missing functionality for Unix (Dan VerWeire, -Roman Shtylman, Ben Noordhuis)

      -

      - Note: Windows UDP support not yet complete.

      • -

    • http: Fix parser memory leak (koichik)

      • -

    • zlib: Fix #2365 crashes on invalid input (Nicolas LaCasse)

      • -

    • module: fix --debug-brk on symlinked scripts (Fedor Indutny)

      • -

    • Documentation Restyling (Matthew Fitzsimmons)

      • -

    • Update npm to 1.1.0-3 (isaacs)

      • -

    • Windows: fix regression in stat() calls to C:\ (Bert Belder)

      • -

    Source Code: http://nodejs.org/dist/v0.6.9/node-v0.6.9.tar.gz

    - -

    Windows Installer: http://nodejs.org/dist/v0.6.9/node-v0.6.9.msi

    - -

    Macintosh Installer: http://nodejs.org/dist/v0.6.9/node-v0.6.9.pkg

    - -

    Website: http://nodejs.org/docs/v0.6.9/

    - +

    2012.01.27, Version 0.6.9 (stable)

    + +
      +
    • +

      dgram: Bring back missing functionality for Unix (Dan VerWeire, +Roman Shtylman, Ben Noordhuis)

      +

      - Note: Windows UDP support not yet complete.

      • +

    • http: Fix parser memory leak (koichik)

      • +

    • zlib: Fix #2365 crashes on invalid input (Nicolas LaCasse)

      • +

    • module: fix --debug-brk on symlinked scripts (Fedor Indutny)

      • +

    • Documentation Restyling (Matthew Fitzsimmons)

      • +

    • Update npm to 1.1.0-3 (isaacs)

      • +

    • Windows: fix regression in stat() calls to C:\ (Bert Belder)

      • +

    Source Code: http://nodejs.org/dist/v0.6.9/node-v0.6.9.tar.gz

    + +

    Windows Installer: http://nodejs.org/dist/v0.6.9/node-v0.6.9.msi

    + +

    Macintosh Installer: http://nodejs.org/dist/v0.6.9/node-v0.6.9.pkg

    + +

    Website: http://nodejs.org/docs/v0.6.9/

    +

    Documentation: http://nodejs.org/docs/v0.6.9/api/

    diff --git a/doc/blog/release/node-v0-7-0-unstable.md b/doc/blog/release/node-v0-7-0-unstable.md index 3036b9228f8..2bf3ad59cf7 100644 --- a/doc/blog/release/node-v0-7-0-unstable.md +++ b/doc/blog/release/node-v0-7-0-unstable.md @@ -6,24 +6,24 @@ status: publish category: release slug: node-v0-7-0-unstable -This is the first release in the unstable v0.7 series. Almost all users will want to remain using the stable v0.6 releases. - -2012.01.16, Version 0.7.0 (unstable) -
      -
    • Upgrade V8 to 3.8.6 -
    • Use GYP build system on unix (Ben Noordhuis) -
    • Experimenetal isolates support (Ben Noordhuis) -
    • Improvements to Cluster API (Andreas Madsen) -
    • Use isolates for internal debugger (Fedor Indutny) -
    • Bug fixes
    - - -Source Code: http://nodejs.org/dist/v0.7.0/node-v0.7.0.tar.gz - -Windows Installer: http://nodejs.org/dist/v0.7.0/node-v0.7.0.msi - -Macintosh Installer: http://nodejs.org/dist/v0.7.0/node-v0.7.0.pkg - -Website: http://nodejs.org/docs/v0.7.0/ - +This is the first release in the unstable v0.7 series. Almost all users will want to remain using the stable v0.6 releases. + +2012.01.16, Version 0.7.0 (unstable) +
      +
    • Upgrade V8 to 3.8.6 +
    • Use GYP build system on unix (Ben Noordhuis) +
    • Experimenetal isolates support (Ben Noordhuis) +
    • Improvements to Cluster API (Andreas Madsen) +
    • Use isolates for internal debugger (Fedor Indutny) +
    • Bug fixes
    + + +Source Code: http://nodejs.org/dist/v0.7.0/node-v0.7.0.tar.gz + +Windows Installer: http://nodejs.org/dist/v0.7.0/node-v0.7.0.msi + +Macintosh Installer: http://nodejs.org/dist/v0.7.0/node-v0.7.0.pkg + +Website: http://nodejs.org/docs/v0.7.0/ + Documentation: http://nodejs.org/docs/v0.7.0/api/ diff --git a/doc/blog/release/node-v0-7-1.md b/doc/blog/release/node-v0-7-1.md index efb89d045dc..cd3666d7230 100644 --- a/doc/blog/release/node-v0-7-1.md +++ b/doc/blog/release/node-v0-7-1.md @@ -6,25 +6,25 @@ status: publish category: release slug: node-v0-7-1 -

    2012.01.23, Version 0.7.1 (unstable)

    - -
      -

    • Update V8 to 3.8.8

      • -

    • Install node-waf by default (Fedor Indutny)

      • -

    • crypto: Add ability to turn off PKCS padding (Ingmar Runge)

      • -

    • v8: implement VirtualMemory class on SunOS (Ben Noordhuis)

      • -

    • Add cluster.setupMaster (Andreas Madsen)

      • -

    • move path.exists* to fs.exists* (Maciej MaÅ‚ecki)

      • -

    • typed arrays: set class name (Ben Noordhuis)

      • -

    • libuv bug fixes (Igor Zinkovsky, Ben Noordhuis, Dan VerWeire)

      • -
    - -

    Source: http://nodejs.org/dist/v0.7.1/node-v0.7.1.tar.gz

    - -

    Windows Installer: http://nodejs.org/dist/v0.7.1/node-v0.7.1.msi

    - -

    Macintosh Installer: http://nodejs.org/dist/v0.7.1/node-v0.7.1.pkg

    - -

    Website: http://nodejs.org/docs/v0.7.1/

    - +

    2012.01.23, Version 0.7.1 (unstable)

    + +
      +

    • Update V8 to 3.8.8

      • +

    • Install node-waf by default (Fedor Indutny)

      • +

    • crypto: Add ability to turn off PKCS padding (Ingmar Runge)

      • +

    • v8: implement VirtualMemory class on SunOS (Ben Noordhuis)

      • +

    • Add cluster.setupMaster (Andreas Madsen)

      • +

    • move path.exists* to fs.exists* (Maciej MaÅ‚ecki)

      • +

    • typed arrays: set class name (Ben Noordhuis)

      • +

    • libuv bug fixes (Igor Zinkovsky, Ben Noordhuis, Dan VerWeire)

      • +
    + +

    Source: http://nodejs.org/dist/v0.7.1/node-v0.7.1.tar.gz

    + +

    Windows Installer: http://nodejs.org/dist/v0.7.1/node-v0.7.1.msi

    + +

    Macintosh Installer: http://nodejs.org/dist/v0.7.1/node-v0.7.1.pkg

    + +

    Website: http://nodejs.org/docs/v0.7.1/

    +

    Documentation: http://nodejs.org/docs/v0.7.1/api/

    diff --git a/doc/blog/release/node-v0-7-2-unstable.md b/doc/blog/release/node-v0-7-2-unstable.md index d5c1f8fb820..e25e1b442dc 100644 --- a/doc/blog/release/node-v0-7-2-unstable.md +++ b/doc/blog/release/node-v0-7-2-unstable.md @@ -6,27 +6,27 @@ status: publish category: release slug: node-v0-7-2-unstable -

    2012.02.01, Version 0.7.2 (unstable)

    - -
      -

    • Update V8 to 3.8.9

      • -

    • Support for sharing streams across Isolates (Igor Zinkovsky)

      • -

    • #2636 - Fix case where http_parsers are freed too early (koichik)

      • -

    • url: Support for IPv6 addresses in URLs (Åukasz Walukiewicz)

      • -

    • child_process: Add disconnect() method to child processes (Andreas Madsen)

      • -

    • fs: add O_EXCL support, exclusive open file (Ben Noordhuis)

      • -

    • fs: more specific error messages (Tj Holowaychuk)

      • -

    • tty: emit 'unknown' key event if key sequence not found (Dan VerWeire, Nathan Rajlich)

      • -

    • build: compile release build too if BUILDTYPE=Debug (Ben Noordhuis)

      • -

    • module: fix --debug-brk on symlinked scripts (Fedor Indutny)

      • -

    • zlib: fix Failed to set dictionary issue (Fedor Indutny)

      • -

    • waf: predict target arch for OS X (Fedor Indutny)

      • -

    Source Code: http://nodejs.org/dist/v0.7.2/node-v0.7.2.tar.gz

    - -

    Windows Installer: http://nodejs.org/dist/v0.7.2/node-v0.7.2.msi

    - -

    Macintosh Installer: http://nodejs.org/dist/v0.7.2/node-v0.7.2.pkg

    - -

    Website: http://nodejs.org/docs/v0.7.2/

    - +

    2012.02.01, Version 0.7.2 (unstable)

    + +
      +

    • Update V8 to 3.8.9

      • +

    • Support for sharing streams across Isolates (Igor Zinkovsky)

      • +

    • #2636 - Fix case where http_parsers are freed too early (koichik)

      • +

    • url: Support for IPv6 addresses in URLs (Åukasz Walukiewicz)

      • +

    • child_process: Add disconnect() method to child processes (Andreas Madsen)

      • +

    • fs: add O_EXCL support, exclusive open file (Ben Noordhuis)

      • +

    • fs: more specific error messages (Tj Holowaychuk)

      • +

    • tty: emit 'unknown' key event if key sequence not found (Dan VerWeire, Nathan Rajlich)

      • +

    • build: compile release build too if BUILDTYPE=Debug (Ben Noordhuis)

      • +

    • module: fix --debug-brk on symlinked scripts (Fedor Indutny)

      • +

    • zlib: fix Failed to set dictionary issue (Fedor Indutny)

      • +

    • waf: predict target arch for OS X (Fedor Indutny)

      • +

    Source Code: http://nodejs.org/dist/v0.7.2/node-v0.7.2.tar.gz

    + +

    Windows Installer: http://nodejs.org/dist/v0.7.2/node-v0.7.2.msi

    + +

    Macintosh Installer: http://nodejs.org/dist/v0.7.2/node-v0.7.2.pkg

    + +

    Website: http://nodejs.org/docs/v0.7.2/

    +

    Documentation: http://nodejs.org/docs/v0.7.2/api/

    diff --git a/doc/blog/release/node-v0-7-3.md b/doc/blog/release/node-v0-7-3.md index a0d93df12d4..e4942bd68fc 100644 --- a/doc/blog/release/node-v0-7-3.md +++ b/doc/blog/release/node-v0-7-3.md @@ -6,34 +6,34 @@ status: publish category: release slug: node-v0-7-3 -

    2012.02.07, Version 0.7.3 (unstable) - -

    -
      -

    • Upgrade V8 to 3.9.2

      -
      • -

    • Revert support for isolates. (Ben Noordhuis)

      -
      • -

    • cluster: Cleanup docs, event handling, and process.disconnect (Andreas Madsen)

      -
      • -

    • gyp_addon: link with node.lib on Windows (Nathan Rajlich)

      -
      • -

    • http: fix case where http-parser is freed twice (koichik)

      -
      • -

    • Windows: disable RTTI and exceptions (Bert Belder)

      -
      • -
    -

    Source Code: http://nodejs.org/dist/v0.7.3/node-v0.7.3.tar.gz - -

    -

    Windows Installer: http://nodejs.org/dist/v0.7.3/node-v0.7.3.msi - -

    -

    Macintosh Installer: http://nodejs.org/dist/v0.7.3/node-v0.7.3.pkg - -

    -

    Website: http://nodejs.org/docs/v0.7.3/ - -

    -

    Documentation: http://nodejs.org/docs/v0.7.3/api/ +

    2012.02.07, Version 0.7.3 (unstable) + +

    +
      +

    • Upgrade V8 to 3.9.2

      +
      • +

    • Revert support for isolates. (Ben Noordhuis)

      +
      • +

    • cluster: Cleanup docs, event handling, and process.disconnect (Andreas Madsen)

      +
      • +

    • gyp_addon: link with node.lib on Windows (Nathan Rajlich)

      +
      • +

    • http: fix case where http-parser is freed twice (koichik)

      +
      • +

    • Windows: disable RTTI and exceptions (Bert Belder)

      +
      • +
    +

    Source Code: http://nodejs.org/dist/v0.7.3/node-v0.7.3.tar.gz + +

    +

    Windows Installer: http://nodejs.org/dist/v0.7.3/node-v0.7.3.msi + +

    +

    Macintosh Installer: http://nodejs.org/dist/v0.7.3/node-v0.7.3.pkg + +

    +

    Website: http://nodejs.org/docs/v0.7.3/ + +

    +

    Documentation: http://nodejs.org/docs/v0.7.3/api/

    diff --git a/doc/blog/release/node-version-0-6-19-stable.md b/doc/blog/release/node-version-0-6-19-stable.md index 3a29556c578..cb8febe3590 100644 --- a/doc/blog/release/node-version-0-6-19-stable.md +++ b/doc/blog/release/node-version-0-6-19-stable.md @@ -6,56 +6,56 @@ status: publish category: release slug: node-version-0-6-19-stable -

    2012.06.06 Version 0.6.19 (stable) - -

    -
      -

    • npm: upgrade to 1.1.24

      -
      • -

    • fs: no end emit after createReadStream.pause() (Andreas Madsen)

      -
      • -

    • vm: cleanup module memory leakage (Marcel Laverdet)

      -
      • -

    • unix: fix loop starvation under high network load (Ben Noordhuis)

      -
      • -

    • unix: remove abort() in ev_unref() (Ben Noordhuis)

      -
      • -

    • windows/tty: never report error after forcibly aborting line-buffered read (Bert Belder)

      -
      • -

    • windows: skip GetFileAttributes call when opening a file (Bert Belder)

      -
      • -
    -

    Source Code: http://nodejs.org/dist/v0.6.19/node-v0.6.19.tar.gz - -

    -

    Windows Installer: http://nodejs.org/dist/v0.6.19/node-v0.6.19.msi - -

    -

    Windows x64 Files: http://nodejs.org/dist/v0.6.19/x64/ - -

    -

    Macintosh Installer (Universal): http://nodejs.org/dist/v0.6.19/node-v0.6.19.pkg - -

    -

    Other release files: http://nodejs.org/dist/v0.6.19/ - -

    -

    Website: http://nodejs.org/docs/v0.6.19/ - -

    -

    Documentation: http://nodejs.org/docs/v0.6.19/api/ -

    - -

    Shasums:

    -
    ef4f5c1e5f12f6ef3478a794d6a81f59669332f9  node-v0.6.19.msi
-781616f33208f532f168633758a648c20e1ea68b  node-v0.6.19.pkg
-f6c5cfbadff4788ac3a95f8263a0c2f4e07444b6  node-v0.6.19.tar.gz
-10f729ca236825821d97556441fa64f994cb4ca8  node.exe
-5b8cd02e5f92ed6512aabdac11766ad8c1abc436  node.exp
-20037e4901de605e08e48d0c85531334912844e3  node.lib
-c44f62852918d449850014d9b29dd073cb6920a5  node.pdb
-04db25c93c5357394941dd2de12cb61959eb82d1  x64/node-v0.6.19.msi
-f77c77f2e470cfc9071853af2f277ba91d660b9c  x64/node.exe
-fcf26a3f984a3f19804e0567414604b77b1d3bac  x64/node.exp
-bfed2a24f253dbac99379d6f22fc8e9e85ade7ed  x64/node.lib
+
    2012.06.06 Version 0.6.19 (stable)
+
+
    
+
      
+
    • npm: upgrade to 1.1.24
      
+
      • 
+
    • fs: no end emit after createReadStream.pause() (Andreas Madsen)
      
+
      • 
+
    • vm: cleanup module memory leakage (Marcel Laverdet)
      
+
      • 
+
    • unix: fix loop starvation under high network load (Ben Noordhuis)
      
+
      • 
+
    • unix: remove abort() in ev_unref() (Ben Noordhuis)
      
+
      • 
+
    • windows/tty: never report error after forcibly aborting line-buffered read (Bert Belder)
      
+
      • 
+
    • windows: skip GetFileAttributes call when opening a file (Bert Belder)
      
+
      • 
+
    
+
    Source Code: http://nodejs.org/dist/v0.6.19/node-v0.6.19.tar.gz
+
+
    
+
    Windows Installer: http://nodejs.org/dist/v0.6.19/node-v0.6.19.msi
+
+
    
+
    Windows x64 Files: http://nodejs.org/dist/v0.6.19/x64/
+
+
    
+
    Macintosh Installer (Universal): http://nodejs.org/dist/v0.6.19/node-v0.6.19.pkg
+
+
    
+
    Other release files: http://nodejs.org/dist/v0.6.19/
+
+
    
+
    Website: http://nodejs.org/docs/v0.6.19/
+
+
    
+
    Documentation: http://nodejs.org/docs/v0.6.19/api/
+
    
+
+
    Shasums:
    
+
    ef4f5c1e5f12f6ef3478a794d6a81f59669332f9  node-v0.6.19.msi
+781616f33208f532f168633758a648c20e1ea68b  node-v0.6.19.pkg
+f6c5cfbadff4788ac3a95f8263a0c2f4e07444b6  node-v0.6.19.tar.gz
+10f729ca236825821d97556441fa64f994cb4ca8  node.exe
+5b8cd02e5f92ed6512aabdac11766ad8c1abc436  node.exp
+20037e4901de605e08e48d0c85531334912844e3  node.lib
+c44f62852918d449850014d9b29dd073cb6920a5  node.pdb
+04db25c93c5357394941dd2de12cb61959eb82d1  x64/node-v0.6.19.msi
+f77c77f2e470cfc9071853af2f277ba91d660b9c  x64/node.exe
+fcf26a3f984a3f19804e0567414604b77b1d3bac  x64/node.exp
+bfed2a24f253dbac99379d6f22fc8e9e85ade7ed  x64/node.lib
 95226c1cc5170ea05c2e54431040f06c3e95e99f  x64/node.pdb
    
diff --git a/doc/blog/release/node-version-0-7-9-unstable.md b/doc/blog/release/node-version-0-7-9-unstable.md
index cb077d62582..74076c04c46 100644
--- a/doc/blog/release/node-version-0-7-9-unstable.md
+++ b/doc/blog/release/node-version-0-7-9-unstable.md
@@ -6,68 +6,68 @@ status: publish
 category: release
 slug: node-version-0-7-9-unstable
 
-
    2012.05.28, Version 0.7.9 (unstable)
-
-
    
-
      
-
    • Upgrade V8 to 3.11.1
      
-
      • 
-
    • Upgrade npm to 1.1.23
      
-
      • 
-
    • uv: rework reference counting scheme (Ben Noordhuis)
      
-
      • 
-
    • uv: add interface for joining external event loops (Bert Belder)
      
-
      • 
-
    • repl, readline: Handle Ctrl+Z and SIGCONT better (Nathan Rajlich)
      
-
      • 
-
    • fs: 64bit offsets for fs calls (Igor Zinkovsky)
      
-
      • 
-
    • fs: add sync open flags 'rs' and 'rs+' (Kevin Bowman)
      
-
      • 
-
    • windows: enable creating directory junctions with fs.symlink (Igor Zinkovsky, Bert Belder)
      
-
      • 
-
    • windows: fix fs.lstat to properly detect symlinks. (Igor Zinkovsky)
      
-
      • 
-
    • Fix #3270 Escape url.parse delims (isaacs)
      
-
      • 
-
    • http: make http.get() accept a URL (Adam Malcontenti-Wilson)
      
-
      • 
-
    • Cleanup vm module memory leakage (Marcel Laverdet)
      
-
      • 
-
    • Optimize writing strings with Socket.write (Bert Belder)
      
-
      • 
-
    • add support for CESU-8 and UTF-16LE encodings (koichik)
      
-
      • 
-
    • path: add path.sep to get the path separator. (Yi, EungJun)
      
-
      • 
-
    • net, http: add backlog parameter to .listen() (Erik Dubbelboer)
      
-
      • 
-
    • debugger: support mirroring Date objects (Fedor Indutny)
      
-
      • 
-
    • addon: add AtExit() function (Ben Noordhuis)
      
-
      • 
-
    • net: signal localAddress bind failure in connect (Brian Schroeder)
      
-
      • 
-
    • util: handle non-string return value in .inspect() (Alex Kocharin)
      
-
      • 
-
    
-
    Source Code: http://nodejs.org/dist/v0.7.9/node-v0.7.9.tar.gz
-
-
    
-
    Windows Installer: http://nodejs.org/dist/v0.7.9/node-v0.7.9.msi
-
-
    
-
    Windows x64 Files: http://nodejs.org/dist/v0.7.9/x64/
-
-
    
-
    Macintosh Installer (Universal): http://nodejs.org/dist/v0.7.9/node-v0.7.9.pkg
-
-
    
-
    Other release files: http://nodejs.org/dist/v0.7.9/
-
-
    
-
    Website: http://nodejs.org/docs/v0.7.9/
-
-
    
-
    Documentation: http://nodejs.org/docs/v0.7.9/api/
+
    2012.05.28, Version 0.7.9 (unstable)
+
+
    
+
      
+
    • Upgrade V8 to 3.11.1
      
+
      • 
+
    • Upgrade npm to 1.1.23
      
+
      • 
+
    • uv: rework reference counting scheme (Ben Noordhuis)
      
+
      • 
+
    • uv: add interface for joining external event loops (Bert Belder)
      
+
      • 
+
    • repl, readline: Handle Ctrl+Z and SIGCONT better (Nathan Rajlich)
      
+
      • 
+
    • fs: 64bit offsets for fs calls (Igor Zinkovsky)
      
+
      • 
+
    • fs: add sync open flags 'rs' and 'rs+' (Kevin Bowman)
      
+
      • 
+
    • windows: enable creating directory junctions with fs.symlink (Igor Zinkovsky, Bert Belder)
      
+
      • 
+
    • windows: fix fs.lstat to properly detect symlinks. (Igor Zinkovsky)
      
+
      • 
+
    • Fix #3270 Escape url.parse delims (isaacs)
      
+
      • 
+
    • http: make http.get() accept a URL (Adam Malcontenti-Wilson)
      
+
      • 
+
    • Cleanup vm module memory leakage (Marcel Laverdet)
      
+
      • 
+
    • Optimize writing strings with Socket.write (Bert Belder)
      
+
      • 
+
    • add support for CESU-8 and UTF-16LE encodings (koichik)
      
+
      • 
+
    • path: add path.sep to get the path separator. (Yi, EungJun)
      
+
      • 
+
    • net, http: add backlog parameter to .listen() (Erik Dubbelboer)
      
+
      • 
+
    • debugger: support mirroring Date objects (Fedor Indutny)
      
+
      • 
+
    • addon: add AtExit() function (Ben Noordhuis)
      
+
      • 
+
    • net: signal localAddress bind failure in connect (Brian Schroeder)
      
+
      • 
+
    • util: handle non-string return value in .inspect() (Alex Kocharin)
      
+
      • 
+
    
+
    Source Code: http://nodejs.org/dist/v0.7.9/node-v0.7.9.tar.gz
+
+
    
+
    Windows Installer: http://nodejs.org/dist/v0.7.9/node-v0.7.9.msi
+
+
    
+
    Windows x64 Files: http://nodejs.org/dist/v0.7.9/x64/
+
+
    
+
    Macintosh Installer (Universal): http://nodejs.org/dist/v0.7.9/node-v0.7.9.pkg
+
+
    
+
    Other release files: http://nodejs.org/dist/v0.7.9/
+
+
    
+
    Website: http://nodejs.org/docs/v0.7.9/
+
+
    
+
    Documentation: http://nodejs.org/docs/v0.7.9/api/
 
    
diff --git a/doc/blog/release/version-0-6-11-stable.md b/doc/blog/release/version-0-6-11-stable.md
index d57068f2750..15fbe337c78 100644
--- a/doc/blog/release/version-0-6-11-stable.md
+++ b/doc/blog/release/version-0-6-11-stable.md
@@ -6,59 +6,59 @@ status: publish
 category: release
 slug: version-0-6-11-stable
 
-
    2012.02.17 Version 0.6.11 (stable)
-
-
    
-
      
-
    • http: allow multiple WebSocket RFC6455 headers (Einar Otto Stangvik)
      
-
      • 
-
    • http: allow multiple WWW-Authenticate headers (Ben Noordhuis)
      
-
      • 
-
    • windows: support unicode argv and environment variables (Bert Belder)
      
-
      • 
-
    • tls: mitigate session renegotiation attacks (Ben Noordhuis)
      
-
      • 
-
    • tcp, pipe: don't assert on uv_accept() errors (Ben Noordhuis)
      
-
      • 
-
    • tls: Allow establishing secure connection on the existing socket (koichik)
      
-
      • 
-
    • dgram: handle close of dgram socket before DNS lookup completes (Seth Fitzsimmons)
      
-
      • 
-
    • windows: Support half-duplex pipes (Igor Zinkovsky)
      
-
      • 
-
    • build: disable omit-frame-pointer on solaris systems (Dave Pacheco)
      
-
      • 
-
    • debugger: fix --debug-brk (Ben Noordhuis)
      
-
      • 
-
    • net: fix large file downloads failing (koichik)
      
-
      • 
-
    • fs: fix ReadStream failure to read from existing fd (Christopher Jeffrey)
      
-
      • 
-
    • net: destroy socket on DNS error (Stefan Rusu)
      
-
      • 
-
    • dtrace: add missing translator (Dave Pacheco)
      
-
      • 
-
    • unix: don't flush tty on switch to raw mode (Ben Noordhuis)
      
-
      • 
-
    • windows: reset brightness when reverting to default text color (Bert Belder)
      
-
      • 
-
    • npm: update to 1.1.1
      
-
-
      - Update which, fstream, mkdirp, request, and rimraf
      - Fix #2123 Set path properly for lifecycle scripts on windows
      - Mark the root as seen, so we don't recurse into it. Fixes #1838. (Martin Cooper)
      
-
-
      • 
-
    
-
    Source Code: http://nodejs.org/dist/v0.6.11/node-v0.6.11.tar.gz
-
-
    
-
    Windows Installer: http://nodejs.org/dist/v0.6.11/node-v0.6.11.msi
-
-
    
-
    Macintosh Installer: http://nodejs.org/dist/v0.6.11/node-v0.6.11.pkg
-
-
    
-
    Website: http://nodejs.org/docs/v0.6.11/
-
-
    
-
    Documentation: http://nodejs.org/docs/v0.6.11/api/
+
    2012.02.17 Version 0.6.11 (stable)
+
+
    
+
      
+
    • http: allow multiple WebSocket RFC6455 headers (Einar Otto Stangvik)
      
+
      • 
+
    • http: allow multiple WWW-Authenticate headers (Ben Noordhuis)
      
+
      • 
+
    • windows: support unicode argv and environment variables (Bert Belder)
      
+
      • 
+
    • tls: mitigate session renegotiation attacks (Ben Noordhuis)
      
+
      • 
+
    • tcp, pipe: don't assert on uv_accept() errors (Ben Noordhuis)
      
+
      • 
+
    • tls: Allow establishing secure connection on the existing socket (koichik)
      
+
      • 
+
    • dgram: handle close of dgram socket before DNS lookup completes (Seth Fitzsimmons)
      
+
      • 
+
    • windows: Support half-duplex pipes (Igor Zinkovsky)
      
+
      • 
+
    • build: disable omit-frame-pointer on solaris systems (Dave Pacheco)
      
+
      • 
+
    • debugger: fix --debug-brk (Ben Noordhuis)
      
+
      • 
+
    • net: fix large file downloads failing (koichik)
      
+
      • 
+
    • fs: fix ReadStream failure to read from existing fd (Christopher Jeffrey)
      
+
      • 
+
    • net: destroy socket on DNS error (Stefan Rusu)
      
+
      • 
+
    • dtrace: add missing translator (Dave Pacheco)
      
+
      • 
+
    • unix: don't flush tty on switch to raw mode (Ben Noordhuis)
      
+
      • 
+
    • windows: reset brightness when reverting to default text color (Bert Belder)
      
+
      • 
+
    • npm: update to 1.1.1
      
+
+
      - Update which, fstream, mkdirp, request, and rimraf
      - Fix #2123 Set path properly for lifecycle scripts on windows
      - Mark the root as seen, so we don't recurse into it. Fixes #1838. (Martin Cooper)
      
+
+
      • 
+
    
+
    Source Code: http://nodejs.org/dist/v0.6.11/node-v0.6.11.tar.gz
+
+
    
+
    Windows Installer: http://nodejs.org/dist/v0.6.11/node-v0.6.11.msi
+
+
    
+
    Macintosh Installer: http://nodejs.org/dist/v0.6.11/node-v0.6.11.pkg
+
+
    
+
    Website: http://nodejs.org/docs/v0.6.11/
+
+
    
+
    Documentation: http://nodejs.org/docs/v0.6.11/api/
 
    
diff --git a/doc/blog/release/version-0-6-12-stable.md b/doc/blog/release/version-0-6-12-stable.md
index bd20ef7da9f..3e5acd61c49 100644
--- a/doc/blog/release/version-0-6-12-stable.md
+++ b/doc/blog/release/version-0-6-12-stable.md
@@ -6,61 +6,61 @@ status: publish
 category: release
 slug: version-0-6-12-stable
 
-
    2012.03.02 Version 0.6.12 (stable)
-
-
    
-
      
-
    • Upgrade V8 to 3.6.6.24
      
-
      • 
-
    • dtrace ustack helper improvements (Dave Pacheco)
      
-
      • 
-
    • API Documentation refactor (isaacs)
      
-
      • 
-
    • #2827 net: fix race write() before and after connect() (koichik)
      
-
      • 
-
    • #2554 #2567 throw if fs args for 'start' or 'end' are strings (AJ ONeal)
      
-
      • 
-
    • punycode: Update to v1.0.0 (Mathias Bynens)
      
-
      • 
-
    • Make a fat binary for the OS X pkg (isaacs)
      
-
      • 
-
    • Fix hang on accessing process.stdin (isaacs)
      
-
      • 
-
    • repl: make tab completion work on non-objects (Nathan Rajlich)
      
-
      • 
-
    • Fix fs.watch on OS X (Ben Noordhuis)
      
-
      • 
-
    • Fix #2515 nested setTimeouts cause premature process exit (Ben Noordhuis)
      
-
      • 
-
    • windows: fix time conversion in stat (Igor Zinkovsky)
      
-
      • 
-
    • windows: fs: handle EOF in read (Brandon Philips)
      
-
      • 
-
    • windows: avoid IOCP short-circuit on non-ifs lsps (Igor Zinkovsky)
      
-
      • 
-
    • Upgrade npm to 1.1.4 (isaacs)
      
-
      
-- windows fixes
      
-- Bundle nested bundleDependencies properly
      
-- install: support --save with url install targets
      
-- shrinkwrap: behave properly with url-installed modules
      
-- support installing uncompressed tars or single file modules from urls etc.
      
-- don't run make clean on rebuild
      
-- support HTTPS-over-HTTP proxy tunneling
      
-
      
-
      • 
-
    
-
    Source Code: http://nodejs.org/dist/v0.6.12/node-v0.6.12.tar.gz
-
-
    
-
    Windows Installer: http://nodejs.org/dist/v0.6.12/node-v0.6.12.msi
-
-
    
-
    Macintosh Installer: http://nodejs.org/dist/v0.6.12/node-v0.6.12.pkg
-
-
    
-
    Website: http://nodejs.org/docs/v0.6.12/
-
-
    
-
    Documentation: http://nodejs.org/docs/v0.6.12/api/
+
    2012.03.02 Version 0.6.12 (stable)
+
+
    
+
      
+
    • Upgrade V8 to 3.6.6.24
      
+
      • 
+
    • dtrace ustack helper improvements (Dave Pacheco)
      
+
      • 
+
    • API Documentation refactor (isaacs)
      
+
      • 
+
    • #2827 net: fix race write() before and after connect() (koichik)
      
+
      • 
+
    • #2554 #2567 throw if fs args for 'start' or 'end' are strings (AJ ONeal)
      
+
      • 
+
    • punycode: Update to v1.0.0 (Mathias Bynens)
      
+
      • 
+
    • Make a fat binary for the OS X pkg (isaacs)
      
+
      • 
+
    • Fix hang on accessing process.stdin (isaacs)
      
+
      • 
+
    • repl: make tab completion work on non-objects (Nathan Rajlich)
      
+
      • 
+
    • Fix fs.watch on OS X (Ben Noordhuis)
      
+
      • 
+
    • Fix #2515 nested setTimeouts cause premature process exit (Ben Noordhuis)
      
+
      • 
+
    • windows: fix time conversion in stat (Igor Zinkovsky)
      
+
      • 
+
    • windows: fs: handle EOF in read (Brandon Philips)
      
+
      • 
+
    • windows: avoid IOCP short-circuit on non-ifs lsps (Igor Zinkovsky)
      
+
      • 
+
    • Upgrade npm to 1.1.4 (isaacs)
      
+
      
+- windows fixes
      
+- Bundle nested bundleDependencies properly
      
+- install: support --save with url install targets
      
+- shrinkwrap: behave properly with url-installed modules
      
+- support installing uncompressed tars or single file modules from urls etc.
      
+- don't run make clean on rebuild
      
+- support HTTPS-over-HTTP proxy tunneling
      
+
      
+
      • 
+
    
+
    Source Code: http://nodejs.org/dist/v0.6.12/node-v0.6.12.tar.gz
+
+
    
+
    Windows Installer: http://nodejs.org/dist/v0.6.12/node-v0.6.12.msi
+
+
    
+
    Macintosh Installer: http://nodejs.org/dist/v0.6.12/node-v0.6.12.pkg
+
+
    
+
    Website: http://nodejs.org/docs/v0.6.12/
+
+
    
+
    Documentation: http://nodejs.org/docs/v0.6.12/api/
 
    
diff --git a/doc/blog/release/version-0-6-13-stable.md b/doc/blog/release/version-0-6-13-stable.md
index 2561c1df46f..356c0ae7df2 100644
--- a/doc/blog/release/version-0-6-13-stable.md
+++ b/doc/blog/release/version-0-6-13-stable.md
@@ -6,45 +6,45 @@ status: publish
 category: release
 slug: version-0-6-13-stable
 
-
    2012.03.15 Version 0.6.13 (stable)
-
-
    
-
      
-
    • Windows: Many libuv test fixes (Bert Belder)
      
-
      • 
-
    • Windows: avoid uv_guess_handle crash in when fd < 0 (Bert Belder)
      
-
      • 
-
    • Map EBUSY and ENOTEMPTY errors (Bert Belder)
      
-
      • 
-
    • Windows: include syscall in fs errors (Bert Belder)
      
-
      • 
-
    • Fix fs.watch ENOSYS on Linux kernel version mismatch (Ben Noordhuis)
      
-
      • 
-
    • Update npm to 1.1.9
      
-
      
-- upgrade node-gyp to 0.3.5 (Nathan Rajlich)
      
-- Fix isaacs/npm#2249 Add cache-max and cache-min configs
      
-- Properly redirect across https/http registry requests
      
-- log config usage if undefined key in set function (Kris Windham)
      
-- Add support for os/cpu fields in package.json (Adam Blackburn)
      
-- Automatically node-gyp packages containing a binding.gyp
      
-- Fix failures unpacking in UNC shares
      
-- Never create un-listable directories
      
-- Handle cases where an optionalDependency fails to build
-
      
-
      • 
-
    
-
    Source Code: http://nodejs.org/dist/v0.6.13/node-v0.6.13.tar.gz
-
-
    
-
    Windows Installer: http://nodejs.org/dist/v0.6.13/node-v0.6.13.msi
-
-
    
-
    Macintosh Installer: http://nodejs.org/dist/v0.6.13/node-v0.6.13.pkg
-
-
    
-
    Website: http://nodejs.org/docs/v0.6.13/
-
-
    
-
    Documentation: http://nodejs.org/docs/v0.6.13/api/
+
    2012.03.15 Version 0.6.13 (stable)
+
+
    
+
      
+
    • Windows: Many libuv test fixes (Bert Belder)
      
+
      • 
+
    • Windows: avoid uv_guess_handle crash in when fd < 0 (Bert Belder)
      
+
      • 
+
    • Map EBUSY and ENOTEMPTY errors (Bert Belder)
      
+
      • 
+
    • Windows: include syscall in fs errors (Bert Belder)
      
+
      • 
+
    • Fix fs.watch ENOSYS on Linux kernel version mismatch (Ben Noordhuis)
      
+
      • 
+
    • Update npm to 1.1.9
      
+
      
+- upgrade node-gyp to 0.3.5 (Nathan Rajlich)
      
+- Fix isaacs/npm#2249 Add cache-max and cache-min configs
      
+- Properly redirect across https/http registry requests
      
+- log config usage if undefined key in set function (Kris Windham)
      
+- Add support for os/cpu fields in package.json (Adam Blackburn)
      
+- Automatically node-gyp packages containing a binding.gyp
      
+- Fix failures unpacking in UNC shares
      
+- Never create un-listable directories
      
+- Handle cases where an optionalDependency fails to build
+
      
+
      • 
+
    
+
    Source Code: http://nodejs.org/dist/v0.6.13/node-v0.6.13.tar.gz
+
+
    
+
    Windows Installer: http://nodejs.org/dist/v0.6.13/node-v0.6.13.msi
+
+
    
+
    Macintosh Installer: http://nodejs.org/dist/v0.6.13/node-v0.6.13.pkg
+
+
    
+
    Website: http://nodejs.org/docs/v0.6.13/
+
+
    
+
    Documentation: http://nodejs.org/docs/v0.6.13/api/
 
    
diff --git a/doc/blog/release/version-0-6-14-stable.md b/doc/blog/release/version-0-6-14-stable.md
index ba5183414c6..4f33a2697eb 100644
--- a/doc/blog/release/version-0-6-14-stable.md
+++ b/doc/blog/release/version-0-6-14-stable.md
@@ -6,50 +6,50 @@ status: publish
 category: release
 slug: version-0-6-14-stable
 
-
    2012.03.22 Version 0.6.14 (stable)
-
-
    
-
      
-
    • net: don't crash when queued write fails (Igor Zinkovsky)
      
-
      • 
-
    • sunos: fix EMFILE on process.memoryUsage() (Bryan Cantrill)
      
-
      • 
-
    • crypto: fix compile-time error with openssl 0.9.7e (Ben Noordhuis)
      
-
      • 
-
    • unix: ignore ECONNABORTED errors from accept() (Ben Noordhuis)
      
-
      • 
-
    • Add UV_ENOSPC and mappings to it (Bert Belder)
      
-
      • 
-
    • http-parser: Fix response body is not read (koichik)
      
-
      • 
-
    • Upgrade npm to 1.1.12
      
-
      
-- upgrade node-gyp to 0.3.7
      
-- work around AV-locked directories on Windows
      
-- Fix isaacs/npm#2293 Don't try to 'uninstall' /
      
-- Exclude symbolic links from packages.
      
-- Fix isaacs/npm#2275 Spurious 'unresolvable cycle' error.
      
-- Exclude/include dot files as if they were normal files
-
      
-
      • 
-
    
-
    Source Code: http://nodejs.org/dist/v0.6.14/node-v0.6.14.tar.gz
-
-
    
-
    Windows Installer: http://nodejs.org/dist/v0.6.14/node-v0.6.14.msi
-
-
    
-
    Windows x64 Files: http://nodejs.org/dist/v0.6.14/x64/
-
-
    
-
    Macintosh Installer (Universal): http://nodejs.org/dist/v0.6.14/node-v0.6.14.pkg
-
-
    
-
    Other release files: http://nodejs.org/dist/v0.6.14/
-
-
    
-
    Website: http://nodejs.org/docs/v0.6.14/
-
-
    
-
    Documentation: http://nodejs.org/docs/v0.6.14/api/
+
    2012.03.22 Version 0.6.14 (stable)
+
+
    
+
      
+
    • net: don't crash when queued write fails (Igor Zinkovsky)
      
+
      • 
+
    • sunos: fix EMFILE on process.memoryUsage() (Bryan Cantrill)
      
+
      • 
+
    • crypto: fix compile-time error with openssl 0.9.7e (Ben Noordhuis)
      
+
      • 
+
    • unix: ignore ECONNABORTED errors from accept() (Ben Noordhuis)
      
+
      • 
+
    • Add UV_ENOSPC and mappings to it (Bert Belder)
      
+
      • 
+
    • http-parser: Fix response body is not read (koichik)
      
+
      • 
+
    • Upgrade npm to 1.1.12
      
+
      
+- upgrade node-gyp to 0.3.7
      
+- work around AV-locked directories on Windows
      
+- Fix isaacs/npm#2293 Don't try to 'uninstall' /
      
+- Exclude symbolic links from packages.
      
+- Fix isaacs/npm#2275 Spurious 'unresolvable cycle' error.
      
+- Exclude/include dot files as if they were normal files
+
      
+
      • 
+
    
+
    Source Code: http://nodejs.org/dist/v0.6.14/node-v0.6.14.tar.gz
+
+
    
+
    Windows Installer: http://nodejs.org/dist/v0.6.14/node-v0.6.14.msi
+
+
    
+
    Windows x64 Files: http://nodejs.org/dist/v0.6.14/x64/
+
+
    
+
    Macintosh Installer (Universal): http://nodejs.org/dist/v0.6.14/node-v0.6.14.pkg
+
+
    
+
    Other release files: http://nodejs.org/dist/v0.6.14/
+
+
    
+
    Website: http://nodejs.org/docs/v0.6.14/
+
+
    
+
    Documentation: http://nodejs.org/docs/v0.6.14/api/
 
    
diff --git a/doc/blog/release/version-0-6-15-stable.md b/doc/blog/release/version-0-6-15-stable.md
index e6f0502f74b..4196876fe6d 100644
--- a/doc/blog/release/version-0-6-15-stable.md
+++ b/doc/blog/release/version-0-6-15-stable.md
@@ -6,48 +6,48 @@ status: publish
 category: release
 slug: version-0-6-15-stable
 
-
    2012.04.09 Version 0.6.15 (stable)
-
-
    
-
      
-
    • Update npm to 1.1.16
      
-
      • 
-
    • Show licenses in binary installers.
      
-
      • 
-
    • unix: add uv_fs_read64, uv_fs_write64 and uv_fs_ftruncate64 (Ben Noordhuis)
      
-
      • 
-
    • add 64bit offset fs functions (Igor Zinkovsky)
      
-
      • 
-
    • windows: don't report ENOTSOCK when attempting to bind an udp handle twice (Bert Belder)
      
-
      • 
-
    • windows: backport pipe-connect-to-file fixes from master (Bert Belder)
      
-
      • 
-
    • windows: never call fs event callbacks after closing the watcher (Bert Belder)
      
-
      • 
-
    • fs.readFile: don't make the callback before the fd is closed (Bert Belder)
      
-
      • 
-
    • windows: use 64bit offsets for uv_fs apis (Igor Zinkovsky)
      
-
      • 
-
    • Fix #2061: segmentation fault on OS X due to stat size mismatch (Ben Noordhuis)
      
-
      • 
-
    
-
    Source Code: http://nodejs.org/dist/v0.6.15/node-v0.6.15.tar.gz
-
-
    
-
    Windows Installer: http://nodejs.org/dist/v0.6.15/node-v0.6.15.msi
-
-
    
-
    Windows x64 Files: http://nodejs.org/dist/v0.6.15/x64/
-
-
    
-
    Macintosh Installer (Universal): http://nodejs.org/dist/v0.6.15/node-v0.6.15.pkg
-
-
    
-
    Other release files: http://nodejs.org/dist/v0.6.15/
-
-
    
-
    Website: http://nodejs.org/docs/v0.6.15/
-
-
    
-
    Documentation: http://nodejs.org/docs/v0.6.15/api/
+
    2012.04.09 Version 0.6.15 (stable)
+
+
    
+
      
+
    • Update npm to 1.1.16
      
+
      • 
+
    • Show licenses in binary installers.
      
+
      • 
+
    • unix: add uv_fs_read64, uv_fs_write64 and uv_fs_ftruncate64 (Ben Noordhuis)
      
+
      • 
+
    • add 64bit offset fs functions (Igor Zinkovsky)
      
+
      • 
+
    • windows: don't report ENOTSOCK when attempting to bind an udp handle twice (Bert Belder)
      
+
      • 
+
    • windows: backport pipe-connect-to-file fixes from master (Bert Belder)
      
+
      • 
+
    • windows: never call fs event callbacks after closing the watcher (Bert Belder)
      
+
      • 
+
    • fs.readFile: don't make the callback before the fd is closed (Bert Belder)
      
+
      • 
+
    • windows: use 64bit offsets for uv_fs apis (Igor Zinkovsky)
      
+
      • 
+
    • Fix #2061: segmentation fault on OS X due to stat size mismatch (Ben Noordhuis)
      
+
      • 
+
    
+
    Source Code: http://nodejs.org/dist/v0.6.15/node-v0.6.15.tar.gz
+
+
    
+
    Windows Installer: http://nodejs.org/dist/v0.6.15/node-v0.6.15.msi
+
+
    
+
    Windows x64 Files: http://nodejs.org/dist/v0.6.15/x64/
+
+
    
+
    Macintosh Installer (Universal): http://nodejs.org/dist/v0.6.15/node-v0.6.15.pkg
+
+
    
+
    Other release files: http://nodejs.org/dist/v0.6.15/
+
+
    
+
    Website: http://nodejs.org/docs/v0.6.15/
+
+
    
+
    Documentation: http://nodejs.org/docs/v0.6.15/api/
 
    
diff --git a/doc/blog/release/version-0-6-16-stable.md b/doc/blog/release/version-0-6-16-stable.md
index 69f8b31700f..980296c1ab8 100644
--- a/doc/blog/release/version-0-6-16-stable.md
+++ b/doc/blog/release/version-0-6-16-stable.md
@@ -6,54 +6,54 @@ status: publish
 category: release
 slug: version-0-6-16-stable
 
-
    2012.04.30 Version 0.6.16 (stable)
-
-
    
-
      
-
    • Upgrade V8 to 3.6.6.25
      
-
      • 
-
    • Upgrade npm to 1.1.18
      
-
      • 
-
    • Windows: add mappings for UV_ENOENT (Bert Belder)
      
-
      • 
-
    • linux: add IN_MOVE_SELF to inotify event mask (Ben Noordhuis)
      
-
      • 
-
    • unix: call pipe handle connection cb on accept() error (Ben Noordhuis)
      
-
      • 
-
    • unix: handle EWOULDBLOCK (Ben Noordhuis)
      
-
      • 
-
    • map EWOULDBLOCK to UV_EAGAIN (Ben Noordhuis)
      
-
      • 
-
    • Map ENOMEM to UV_ENOMEM (isaacs)
      
-
      • 
-
    • Child process: support the gid and uid options (Bert Belder)
      
-
      • 
-
    • test: cluster: add worker death event test (Ben Noordhuis)
      
-
      • 
-
    • typo in node_http_parser (isaacs)
      
-
      • 
-
    • http_parser: Eat CRLF between requests, even on connection:close. (Ben Noordhuis)
      
-
      • 
-
    • don't check return value of unsetenv (Ben Noordhuis)
      
-
      • 
-
    
-
    Source Code: http://nodejs.org/dist/v0.6.16/node-v0.6.16.tar.gz
-
-
    
-
    Windows Installer: http://nodejs.org/dist/v0.6.16/node-v0.6.16.msi
-
-
    
-
    Windows x64 Files: http://nodejs.org/dist/v0.6.16/x64/
-
-
    
-
    Macintosh Installer (Universal): http://nodejs.org/dist/v0.6.16/node-v0.6.16.pkg
-
-
    
-
    Other release files: http://nodejs.org/dist/v0.6.16/
-
-
    
-
    Website: http://nodejs.org/docs/v0.6.16/
-
-
    
-
    Documentation: http://nodejs.org/docs/v0.6.16/api/
+
    2012.04.30 Version 0.6.16 (stable)
+
+
    
+
      
+
    • Upgrade V8 to 3.6.6.25
      
+
      • 
+
    • Upgrade npm to 1.1.18
      
+
      • 
+
    • Windows: add mappings for UV_ENOENT (Bert Belder)
      
+
      • 
+
    • linux: add IN_MOVE_SELF to inotify event mask (Ben Noordhuis)
      
+
      • 
+
    • unix: call pipe handle connection cb on accept() error (Ben Noordhuis)
      
+
      • 
+
    • unix: handle EWOULDBLOCK (Ben Noordhuis)
      
+
      • 
+
    • map EWOULDBLOCK to UV_EAGAIN (Ben Noordhuis)
      
+
      • 
+
    • Map ENOMEM to UV_ENOMEM (isaacs)
      
+
      • 
+
    • Child process: support the gid and uid options (Bert Belder)
      
+
      • 
+
    • test: cluster: add worker death event test (Ben Noordhuis)
      
+
      • 
+
    • typo in node_http_parser (isaacs)
      
+
      • 
+
    • http_parser: Eat CRLF between requests, even on connection:close. (Ben Noordhuis)
      
+
      • 
+
    • don't check return value of unsetenv (Ben Noordhuis)
      
+
      • 
+
    
+
    Source Code: http://nodejs.org/dist/v0.6.16/node-v0.6.16.tar.gz
+
+
    
+
    Windows Installer: http://nodejs.org/dist/v0.6.16/node-v0.6.16.msi
+
+
    
+
    Windows x64 Files: http://nodejs.org/dist/v0.6.16/x64/
+
+
    
+
    Macintosh Installer (Universal): http://nodejs.org/dist/v0.6.16/node-v0.6.16.pkg
+
+
    
+
    Other release files: http://nodejs.org/dist/v0.6.16/
+
+
    
+
    Website: http://nodejs.org/docs/v0.6.16/
+
+
    
+
    Documentation: http://nodejs.org/docs/v0.6.16/api/
 
    
diff --git a/doc/blog/release/version-0-6-17-stable.md b/doc/blog/release/version-0-6-17-stable.md
index 3512e1df2f2..32124435438 100644
--- a/doc/blog/release/version-0-6-17-stable.md
+++ b/doc/blog/release/version-0-6-17-stable.md
@@ -6,42 +6,42 @@ status: publish
 category: release
 slug: version-0-6-17-stable
 
-
    2012.05.04 Version 0.6.17 (stable)
-
-
    
-
      
-
    • Upgrade npm to 1.1.21
      
-
      • 
-
    • uv: Add support for EROFS errors (Ben Noordhuis, Maciej MaÅ‚ecki)
      
-
      • 
-
    • uv: Add support for EIO and ENOSPC errors (Fedor Indutny)
      
-
      • 
-
    • windows: Add support for EXDEV errors (Bert Belder)
      
-
      • 
-
    • http: Fix client memory leaks (isaacs, Vincent Voyer)
      
-
      • 
-
    • fs: fix file descriptor leak in sync functions (Ben Noordhuis)
      
-
      • 
-
    • fs: fix ReadStream / WriteStream double close bug (Ben Noordhuis)
      
-
      • 
-
    
-
    Source Code: http://nodejs.org/dist/v0.6.17/node-v0.6.17.tar.gz
-
-
    
-
    Windows Installer: http://nodejs.org/dist/v0.6.17/node-v0.6.17.msi
-
-
    
-
    Windows x64 Files: http://nodejs.org/dist/v0.6.17/x64/
-
-
    
-
    Macintosh Installer (Universal): http://nodejs.org/dist/v0.6.17/node-v0.6.17.pkg
-
-
    
-
    Other release files: http://nodejs.org/dist/v0.6.17/
-
-
    
-
    Website: http://nodejs.org/docs/v0.6.17/
-
-
    
-
    Documentation: http://nodejs.org/docs/v0.6.17/api/
+
    2012.05.04 Version 0.6.17 (stable)
+
+
    
+
      
+
    • Upgrade npm to 1.1.21
      
+
      • 
+
    • uv: Add support for EROFS errors (Ben Noordhuis, Maciej MaÅ‚ecki)
      
+
      • 
+
    • uv: Add support for EIO and ENOSPC errors (Fedor Indutny)
      
+
      • 
+
    • windows: Add support for EXDEV errors (Bert Belder)
      
+
      • 
+
    • http: Fix client memory leaks (isaacs, Vincent Voyer)
      
+
      • 
+
    • fs: fix file descriptor leak in sync functions (Ben Noordhuis)
      
+
      • 
+
    • fs: fix ReadStream / WriteStream double close bug (Ben Noordhuis)
      
+
      • 
+
    
+
    Source Code: http://nodejs.org/dist/v0.6.17/node-v0.6.17.tar.gz
+
+
    
+
    Windows Installer: http://nodejs.org/dist/v0.6.17/node-v0.6.17.msi
+
+
    
+
    Windows x64 Files: http://nodejs.org/dist/v0.6.17/x64/
+
+
    
+
    Macintosh Installer (Universal): http://nodejs.org/dist/v0.6.17/node-v0.6.17.pkg
+
+
    
+
    Other release files: http://nodejs.org/dist/v0.6.17/
+
+
    
+
    Website: http://nodejs.org/docs/v0.6.17/
+
+
    
+
    Documentation: http://nodejs.org/docs/v0.6.17/api/
 
    
diff --git a/doc/blog/release/version-0-6-18-stable.md b/doc/blog/release/version-0-6-18-stable.md
index 0cf179bfce7..fe0c1f16637 100644
--- a/doc/blog/release/version-0-6-18-stable.md
+++ b/doc/blog/release/version-0-6-18-stable.md
@@ -6,54 +6,54 @@ status: publish
 category: release
 slug: version-0-6-18-stable
 
-
    2012.05.15 Version 0.6.18 (stable)
-
-
    
-
      
-
    • windows: skip GetFileAttributes call when opening a file (Bert Belder)
      
-
      • 
-
    • crypto: add PKCS12/PFX support (Sambasiva Suda)
      
-
      • 
-
    • #3240: child_process: delete NODE_CHANNEL_FD from env in spawn (Ben Noordhuis)
      
-
      • 
-
    • windows: add test for path.normalize with UNC paths (Bert Belder)
      
-
      • 
-
    • windows: make path.normalize convert all slashes to backslashes (Bert Belder)
      
-
      • 
-
    • fs: Automatically close FSWatcher on error (Bert Belder)
      
-
      • 
-
    • #3258: fs.ReadStream.pause() emits duplicate data event (koichik)
      
-
      • 
-
    • pipe_wrap: don't assert() on pipe accept errors (Ben Noordhuis)
      
-
      • 
-
    • Better exception output for module load and process.nextTick (Felix Geisendörfer)
      
-
      • 
-
    • zlib: fix error reporting (Ben Noordhuis)
      
-
      • 
-
    • http: Don't destroy on timeout (isaacs)
      
-
      • 
-
    • #3231: http: Don't try to emit error on a null'ed req object (isaacs)
      
-
      • 
-
    • #3236: http: Refactor ClientRequest.onSocket (isaacs)
      
-
      • 
-
    
-
    Source Code: http://nodejs.org/dist/v0.6.18/node-v0.6.18.tar.gz
-
-
    
-
    Windows Installer: http://nodejs.org/dist/v0.6.18/node-v0.6.18.msi
-
-
    
-
    Windows x64 Files: http://nodejs.org/dist/v0.6.18/x64/
-
-
    
-
    Macintosh Installer (Universal): http://nodejs.org/dist/v0.6.18/node-v0.6.18.pkg
-
-
    
-
    Other release files: http://nodejs.org/dist/v0.6.18/
-
-
    
-
    Website: http://nodejs.org/docs/v0.6.18/
-
-
    
-
    Documentation: http://nodejs.org/docs/v0.6.18/api/
+
    2012.05.15 Version 0.6.18 (stable)
+
+
    
+
      
+
    • windows: skip GetFileAttributes call when opening a file (Bert Belder)
      
+
      • 
+
    • crypto: add PKCS12/PFX support (Sambasiva Suda)
      
+
      • 
+
    • #3240: child_process: delete NODE_CHANNEL_FD from env in spawn (Ben Noordhuis)
      
+
      • 
+
    • windows: add test for path.normalize with UNC paths (Bert Belder)
      
+
      • 
+
    • windows: make path.normalize convert all slashes to backslashes (Bert Belder)
      
+
      • 
+
    • fs: Automatically close FSWatcher on error (Bert Belder)
      
+
      • 
+
    • #3258: fs.ReadStream.pause() emits duplicate data event (koichik)
      
+
      • 
+
    • pipe_wrap: don't assert() on pipe accept errors (Ben Noordhuis)
      
+
      • 
+
    • Better exception output for module load and process.nextTick (Felix Geisendörfer)
      
+
      • 
+
    • zlib: fix error reporting (Ben Noordhuis)
      
+
      • 
+
    • http: Don't destroy on timeout (isaacs)
      
+
      • 
+
    • #3231: http: Don't try to emit error on a null'ed req object (isaacs)
      
+
      • 
+
    • #3236: http: Refactor ClientRequest.onSocket (isaacs)
      
+
      • 
+
    
+
    Source Code: http://nodejs.org/dist/v0.6.18/node-v0.6.18.tar.gz
+
+
    
+
    Windows Installer: http://nodejs.org/dist/v0.6.18/node-v0.6.18.msi
+
+
    
+
    Windows x64 Files: http://nodejs.org/dist/v0.6.18/x64/
+
+
    
+
    Macintosh Installer (Universal): http://nodejs.org/dist/v0.6.18/node-v0.6.18.pkg
+
+
    
+
    Other release files: http://nodejs.org/dist/v0.6.18/
+
+
    
+
    Website: http://nodejs.org/docs/v0.6.18/
+
+
    
+
    Documentation: http://nodejs.org/docs/v0.6.18/api/
 
    
diff --git a/doc/blog/release/version-0-7-10-unstable.md b/doc/blog/release/version-0-7-10-unstable.md
index 3e149111478..9ecfb01f173 100644
--- a/doc/blog/release/version-0-7-10-unstable.md
+++ b/doc/blog/release/version-0-7-10-unstable.md
@@ -6,81 +6,81 @@ status: publish
 category: release
 slug: version-0-7-10-unstable
 
-
    2012.06.11, Version 0.7.10 (unstable)
-
-
    
-
    This is the second-to-last release on the 0.7 branch.  Version 0.8.0
-will be released some time next week.  As other even-numbered Node
-releases before it, the v0.8.x releases will maintain API and binary
-compatibility.
-
-
    
-
    The major changes are detailed in
-https://github.com/joyent/node/wiki/API-changes-between-v0.6-and-v0.8
-
-
    
-
    Please try out this release.  There will be very few changes between
-this and the v0.8.x release family.  This is the last chance to comment
-on the API before it is locked down for stability.
-
-
-
    
-
      
-
    • Roll V8 back to 3.9.24.31
      
-
      • 
-
    • build: x64 target should always pass -m64 (Robert Mustacchi)
      
-
      • 
-
    • add NODE_EXTERN to node::Start (Joel Brandt)
      
-
      • 
-
    • repl: Warn about running npm commands (isaacs)
      
-
      • 
-
    • slab_allocator: fix crash in dtor if V8 is dead (Ben Noordhuis)
      
-
      • 
-
    • slab_allocator: fix leak of Persistent handles (Shigeki Ohtsu)
      
-
      • 
-
    • windows/msi: add node.js prompt to startmenu (Jeroen Janssen)
      
-
      • 
-
    • windows/msi: fix adding node to PATH (Jeroen Janssen)
      
-
      • 
-
    • windows/msi: add start menu links when installing (Jeroen Janssen)
      
-
      • 
-
    • windows: don't install x64 version into the 'program files (x86)' folder (Matt Gollob)
      
-
      • 
-
    • domain: Fix #3379 domain.intercept no longer passes error arg to cb (Marc Harter)
      
-
      • 
-
    • fs: make callbacks run in global context (Ben Noordhuis)
      
-
      • 
-
    • fs: enable fs.realpath on windows (isaacs)
      
-
      • 
-
    • child_process: expose UV_PROCESS_DETACHED as options.detached (Charlie McConnell)
      
-
      • 
-
    • child_process: new stdio API for .spawn() method (Fedor Indutny)
      
-
      • 
-
    • child_process: spawn().ref() and spawn().unref() (Fedor Indutny)
      
-
      • 
-
    • Upgrade npm to 1.1.25
      
-
      • 
-
      • Enable npm link on windows
        • 
-
      • Properly remove sh-shim on Windows
        • 
-
      • Abstract out registry client and logger
      
-
    
-
    Source Code: http://nodejs.org/dist/v0.7.10/node-v0.7.10.tar.gz
-
-
    
-
    Windows Installer: http://nodejs.org/dist/v0.7.10/node-v0.7.10.msi
-
-
    
-
    Windows x64 Files: http://nodejs.org/dist/v0.7.10/x64/
-
-
    
-
    Macintosh Installer (Universal): http://nodejs.org/dist/v0.7.10/node-v0.7.10.pkg
-
-
    
-
    Other release files: http://nodejs.org/dist/v0.7.10/
-
-
    
-
    Website: http://nodejs.org/docs/v0.7.10/
-
-
    
-
    Documentation: http://nodejs.org/docs/v0.7.10/api/
+
    2012.06.11, Version 0.7.10 (unstable)
+
+
    
+
    This is the second-to-last release on the 0.7 branch.  Version 0.8.0
+will be released some time next week.  As other even-numbered Node
+releases before it, the v0.8.x releases will maintain API and binary
+compatibility.
+
+
    
+
    The major changes are detailed in
+https://github.com/joyent/node/wiki/API-changes-between-v0.6-and-v0.8
+
+
    
+
    Please try out this release.  There will be very few changes between
+this and the v0.8.x release family.  This is the last chance to comment
+on the API before it is locked down for stability.
+
+
+
    
+
      
+
    • Roll V8 back to 3.9.24.31
      
+
      • 
+
    • build: x64 target should always pass -m64 (Robert Mustacchi)
      
+
      • 
+
    • add NODE_EXTERN to node::Start (Joel Brandt)
      
+
      • 
+
    • repl: Warn about running npm commands (isaacs)
      
+
      • 
+
    • slab_allocator: fix crash in dtor if V8 is dead (Ben Noordhuis)
      
+
      • 
+
    • slab_allocator: fix leak of Persistent handles (Shigeki Ohtsu)
      
+
      • 
+
    • windows/msi: add node.js prompt to startmenu (Jeroen Janssen)
      
+
      • 
+
    • windows/msi: fix adding node to PATH (Jeroen Janssen)
      
+
      • 
+
    • windows/msi: add start menu links when installing (Jeroen Janssen)
      
+
      • 
+
    • windows: don't install x64 version into the 'program files (x86)' folder (Matt Gollob)
      
+
      • 
+
    • domain: Fix #3379 domain.intercept no longer passes error arg to cb (Marc Harter)
      
+
      • 
+
    • fs: make callbacks run in global context (Ben Noordhuis)
      
+
      • 
+
    • fs: enable fs.realpath on windows (isaacs)
      
+
      • 
+
    • child_process: expose UV_PROCESS_DETACHED as options.detached (Charlie McConnell)
      
+
      • 
+
    • child_process: new stdio API for .spawn() method (Fedor Indutny)
      
+
      • 
+
    • child_process: spawn().ref() and spawn().unref() (Fedor Indutny)
      
+
      • 
+
    • Upgrade npm to 1.1.25
      
+
      • 
+
      • Enable npm link on windows
        • 
+
      • Properly remove sh-shim on Windows
        • 
+
      • Abstract out registry client and logger
      
+
    
+
    Source Code: http://nodejs.org/dist/v0.7.10/node-v0.7.10.tar.gz
+
+
    
+
    Windows Installer: http://nodejs.org/dist/v0.7.10/node-v0.7.10.msi
+
+
    
+
    Windows x64 Files: http://nodejs.org/dist/v0.7.10/x64/
+
+
    
+
    Macintosh Installer (Universal): http://nodejs.org/dist/v0.7.10/node-v0.7.10.pkg
+
+
    
+
    Other release files: http://nodejs.org/dist/v0.7.10/
+
+
    
+
    Website: http://nodejs.org/docs/v0.7.10/
+
+
    
+
    Documentation: http://nodejs.org/docs/v0.7.10/api/
 
    
diff --git a/doc/blog/release/version-0-7-11-unstable.md b/doc/blog/release/version-0-7-11-unstable.md
index e8fd71a4e19..28c2f6813c4 100644
--- a/doc/blog/release/version-0-7-11-unstable.md
+++ b/doc/blog/release/version-0-7-11-unstable.md
@@ -6,75 +6,75 @@ status: publish
 category: release
 slug: version-0-7-11-unstable
 
-
    This is the most stable 0.7 release yet.  Please try it out.
-
-
    
-
    Version 0.8 will be out very soon.  You can follow the remaining issues
-on the github issue tracker.
-
-
    
-
    https://github.com/joyent/node/issues?milestone=10&state=open
-
-
    
-
    2012.06.15, Version 0.7.11 (unstable)
-
-
    
-
      
-
    • V8: Upgrade to v3.11.10
      
-
      • 
-
    • npm: Upgrade to 1.1.26
      
-
      • 
-
    • doc: Improve cross-linking in API docs markdown (Ben Kelly)
      
-
      • 
-
    • Fix #3425: removeAllListeners should delete array (Reid Burke)
      
-
      • 
-
    • cluster: don't silently drop messages when the write queue gets big (Bert Belder)
      
-
      • 
-
    • Add Buffer.concat method (isaacs)
      
-
      • 
-
    • windows: make symlinks tolerant to forward slashes (Bert Belder)
      
-
      • 
-
    • build: Add node.d and node.1 to installer (isaacs)
      
-
      • 
-
    • cluster: rename worker.unqiueID to worker.id (Andreas Madsen)
      
-
      • 
-
    • Windows: Enable ETW events on Windows for existing DTrace probes. (Igor Zinkovsky)
      
-
      • 
-
    • test: bundle node-weak in test/gc so that it doesn't need to be downloaded (Nathan Rajlich)
      
-
      • 
-
    • Make many tests pass on Windows (Bert Belder)
      
-
      • 
-
    • Fix #3388 Support listening on file descriptors (isaacs)
      
-
      • 
-
    • Fix #3407 Add os.tmpDir() (isaacs)
      
-
      • 
-
    • Unbreak the snapshotted build on Windows (Bert Belder)
      
-
      • 
-
    • Clean up child_process.kill throws (Bert Belder)
      
-
      • 
-
    • crypto: make cipher/decipher accept buffer args (Ben Noordhuis)
      
-
      • 
-
    
-
    Source Code: http://nodejs.org/dist/v0.7.11/node-v0.7.11.tar.gz
-
-
    
-
    Macintosh Installer (Universal): http://nodejs.org/dist/v0.7.11/node-v0.7.11.pkg
-
-
    
-
    Windows Installer: http://nodejs.org/dist/v0.7.11/node-v0.7.11-x86.msi
-
-
    
-
    Windows x64 Installer: http://nodejs.org/dist/v0.7.11/node-v0.7.11-x64.msi
-
-
    
-
    Windows x64 Files: http://nodejs.org/dist/v0.7.11/x64/
-
-
    
-
    Other release files: http://nodejs.org/dist/v0.7.11/
-
-
    
-
    Website: http://nodejs.org/docs/v0.7.11/
-
-
    
-
    Documentation: http://nodejs.org/docs/v0.7.11/api/
+
    This is the most stable 0.7 release yet.  Please try it out.
+
+
    
+
    Version 0.8 will be out very soon.  You can follow the remaining issues
+on the github issue tracker.
+
+
    
+
    https://github.com/joyent/node/issues?milestone=10&state=open
+
+
    
+
    2012.06.15, Version 0.7.11 (unstable)
+
+
    
+
      
+
    • V8: Upgrade to v3.11.10
      
+
      • 
+
    • npm: Upgrade to 1.1.26
      
+
      • 
+
    • doc: Improve cross-linking in API docs markdown (Ben Kelly)
      
+
      • 
+
    • Fix #3425: removeAllListeners should delete array (Reid Burke)
      
+
      • 
+
    • cluster: don't silently drop messages when the write queue gets big (Bert Belder)
      
+
      • 
+
    • Add Buffer.concat method (isaacs)
      
+
      • 
+
    • windows: make symlinks tolerant to forward slashes (Bert Belder)
      
+
      • 
+
    • build: Add node.d and node.1 to installer (isaacs)
      
+
      • 
+
    • cluster: rename worker.unqiueID to worker.id (Andreas Madsen)
      
+
      • 
+
    • Windows: Enable ETW events on Windows for existing DTrace probes. (Igor Zinkovsky)
      
+
      • 
+
    • test: bundle node-weak in test/gc so that it doesn't need to be downloaded (Nathan Rajlich)
      
+
      • 
+
    • Make many tests pass on Windows (Bert Belder)
      
+
      • 
+
    • Fix #3388 Support listening on file descriptors (isaacs)
      
+
      • 
+
    • Fix #3407 Add os.tmpDir() (isaacs)
      
+
      • 
+
    • Unbreak the snapshotted build on Windows (Bert Belder)
      
+
      • 
+
    • Clean up child_process.kill throws (Bert Belder)
      
+
      • 
+
    • crypto: make cipher/decipher accept buffer args (Ben Noordhuis)
      
+
      • 
+
    
+
    Source Code: http://nodejs.org/dist/v0.7.11/node-v0.7.11.tar.gz
+
+
    
+
    Macintosh Installer (Universal): http://nodejs.org/dist/v0.7.11/node-v0.7.11.pkg
+
+
    
+
    Windows Installer: http://nodejs.org/dist/v0.7.11/node-v0.7.11-x86.msi
+
+
    
+
    Windows x64 Installer: http://nodejs.org/dist/v0.7.11/node-v0.7.11-x64.msi
+
+
    
+
    Windows x64 Files: http://nodejs.org/dist/v0.7.11/x64/
+
+
    
+
    Other release files: http://nodejs.org/dist/v0.7.11/
+
+
    
+
    Website: http://nodejs.org/docs/v0.7.11/
+
+
    
+
    Documentation: http://nodejs.org/docs/v0.7.11/api/
 
    
diff --git a/doc/blog/release/version-0-7-12.md b/doc/blog/release/version-0-7-12.md
index 91e571d2e39..c9c448de6a3 100644
--- a/doc/blog/release/version-0-7-12.md
+++ b/doc/blog/release/version-0-7-12.md
@@ -6,51 +6,51 @@ status: publish
 category: release
 slug: version-0-7-12
 
-
    2012.06.19, Version 0.7.12 (unstable)  
    
-
    This is the last release on the 0.7 branch.  Version 0.8.0 will be released some time later this week, barring any major problems.  
    
-
    As with other even-numbered Node releases before it, the v0.8.x releases will maintain API and binary compatibility.  
    
-
    The major changes between v0.6 and v0.8 are detailed in https://github.com/joyent/node/wiki/API-changes-between-v0.6-and-v0.8  
    
-
    Please try out this release.  There will be very virtually no changes between this and the v0.8.x release family.  This is the last chance to comment before it is locked down for stability.  The API is effectively frozen now.  
    
-
    This version adds backwards-compatible shims for binary addons that use libeio and libev directly.  If you find that binary modules that could compile on v0.6 can not compile on this version, please let us know. Note that libev is officially deprecated in v0.8, and will be removed in v0.9.  You should be porting your modules to use libuv as soon as possible.  
    
-
    V8 is on 3.11.10 currently, and will remain on the V8 3.11.x branch for the duration of Node v0.8.x.   
    
-
         
    • npm: Upgrade to 1.1.30
       - Improved 'npm init'
       - Fix the 'cb never called' error from 'oudated' and 'update'
       - Add --save-bundle|-B config
       - Fix isaacs/npm#2465: Make npm script and windows shims cygwin-aware
       - Fix isaacs/npm#2452 Use --save(-dev|-optional) in npm rm
       - logstream option to replace removed logfd (Rod Vagg)
       - Read default descriptions from README.md files 
      
-  
      •  
    • Shims to support deprecated ev_* and eio_* methods (Ben Noordhuis)
      
-  
      •  
    • #3118 net.Socket: Delay pause/resume until after connect (isaacs)
      
-  
      •  
    • #3465 Add ./configure --no-ifaddrs flag (isaacs)
      
-  
      •  
    • child_process: add .stdin stream to forks (Fedor Indutny)
      
-  
      •  
    • build: fix make install DESTDIR=/path (Ben Noordhuis)
      
-  
      •  
    • tls: fix off-by-one error in renegotiation check (Ben Noordhuis)
      
-  
      •  
    • crypto: Fix diffie-hellman key generation UTF-8 errors (Fedor Indutny)
      
-  
      •  
    • node: change the constructor name of process from EventEmitter to process (Andreas Madsen)
      
-  
      •  
    • net: Prevent property access throws during close (Reid Burke)
      
-  
      •  
    • querystring: improved speed and code cleanup (Felix Böhm)
      
-  
      •  
    • sunos: fix assertion errors breaking fs.watch() (Fedor Indutny)
      
-  
      •  
    • unix: stat: detect sub-second changes (Ben Noordhuis)
      
-  
      •  
    • add stat() based file watcher (Ben Noordhuis)
      
-  
      •  
     
    Source Code: http://nodejs.org/dist/v0.7.12/node-v0.7.12.tar.gz  
    
-  
    Macintosh Installer (Universal): http://nodejs.org/dist/v0.7.12/node-v0.7.12.pkg  
    
-  
    Windows Installer: http://nodejs.org/dist/v0.7.12/node-v0.7.12-x86.msi  
    
-  
    Windows x64 Installer: http://nodejs.org/dist/v0.7.12/x64/node-v0.7.12-x64.msi  
    
-  
    Windows x64 Files: http://nodejs.org/dist/v0.7.12/x64/  
    
-  
    Other release files: http://nodejs.org/dist/v0.7.12/  
    
-  
    Website: http://nodejs.org/docs/v0.7.12/  
    
-  
    Documentation: http://nodejs.org/docs/v0.7.12/api/ 
    
-
-
    Shasums
    
-
-
    ded6a2197b1149b594eb45fea921e8538ba442aa  blog.html
-dfabff0923d4b4f1d53bd9831514c1ac8c4b1876  email.md
-be313d35511e6d7e43cae5fa2b18f3e0d2275ba1  node-v0.7.12-x86.msi
-8f7ba0c8283e3863de32fd5c034f5b599c78f830  node-v0.7.12.pkg
-cb570abacbf4eb7e23c3d2620d00dd3080d9c19d  node-v0.7.12.tar.gz
-e13a6edfcba1c67ffe794982dd20a222ce8ce40f  node.exe
-20906ad76a43eca52795b2a089654a105e11c1e6  node.exp
-acbcbb87b6f7f2af34a3ed0abe6131d9e7a237af  node.lib
-4013d5b25fe36ae4245433b972818686cd9a2205  node.pdb
-6c0a7a2e8ee360e2800156293fb2f6a5c1a57382  npm-1.1.30.tgz
-9d23e42e8260fa20001d5618d2583a62792bf63f  npm-1.1.30.zip
-840157b2d6f7389ba70b07fc9ddc048b92c501cc  x64/node-v0.7.12-x64.msi
-862d42706c21ea83bf73cd827101f0fe598b0cf7  x64/node.exe
-de0af95fac083762f99c875f91bab830dc030f71  x64/node.exp
-3122bd886dfb96f3b41846cef0bdd7e97326044a  x64/node.lib
+
    2012.06.19, Version 0.7.12 (unstable)  
    
+
    This is the last release on the 0.7 branch.  Version 0.8.0 will be released some time later this week, barring any major problems.  
    
+
    As with other even-numbered Node releases before it, the v0.8.x releases will maintain API and binary compatibility.  
    
+
    The major changes between v0.6 and v0.8 are detailed in https://github.com/joyent/node/wiki/API-changes-between-v0.6-and-v0.8  
    
+
    Please try out this release.  There will be very virtually no changes between this and the v0.8.x release family.  This is the last chance to comment before it is locked down for stability.  The API is effectively frozen now.  
    
+
    This version adds backwards-compatible shims for binary addons that use libeio and libev directly.  If you find that binary modules that could compile on v0.6 can not compile on this version, please let us know. Note that libev is officially deprecated in v0.8, and will be removed in v0.9.  You should be porting your modules to use libuv as soon as possible.  
    
+
    V8 is on 3.11.10 currently, and will remain on the V8 3.11.x branch for the duration of Node v0.8.x.   
    
+
         
    • npm: Upgrade to 1.1.30
       - Improved 'npm init'
       - Fix the 'cb never called' error from 'oudated' and 'update'
       - Add --save-bundle|-B config
       - Fix isaacs/npm#2465: Make npm script and windows shims cygwin-aware
       - Fix isaacs/npm#2452 Use --save(-dev|-optional) in npm rm
       - logstream option to replace removed logfd (Rod Vagg)
       - Read default descriptions from README.md files 
      
+  
      •  
    • Shims to support deprecated ev_* and eio_* methods (Ben Noordhuis)
      
+  
      •  
    • #3118 net.Socket: Delay pause/resume until after connect (isaacs)
      
+  
      •  
    • #3465 Add ./configure --no-ifaddrs flag (isaacs)
      
+  
      •  
    • child_process: add .stdin stream to forks (Fedor Indutny)
      
+  
      •  
    • build: fix make install DESTDIR=/path (Ben Noordhuis)
      
+  
      •  
    • tls: fix off-by-one error in renegotiation check (Ben Noordhuis)
      
+  
      •  
    • crypto: Fix diffie-hellman key generation UTF-8 errors (Fedor Indutny)
      
+  
      •  
    • node: change the constructor name of process from EventEmitter to process (Andreas Madsen)
      
+  
      •  
    • net: Prevent property access throws during close (Reid Burke)
      
+  
      •  
    • querystring: improved speed and code cleanup (Felix Böhm)
      
+  
      •  
    • sunos: fix assertion errors breaking fs.watch() (Fedor Indutny)
      
+  
      •  
    • unix: stat: detect sub-second changes (Ben Noordhuis)
      
+  
      •  
    • add stat() based file watcher (Ben Noordhuis)
      
+  
      •  
     
    Source Code: http://nodejs.org/dist/v0.7.12/node-v0.7.12.tar.gz  
    
+  
    Macintosh Installer (Universal): http://nodejs.org/dist/v0.7.12/node-v0.7.12.pkg  
    
+  
    Windows Installer: http://nodejs.org/dist/v0.7.12/node-v0.7.12-x86.msi  
    
+  
    Windows x64 Installer: http://nodejs.org/dist/v0.7.12/x64/node-v0.7.12-x64.msi  
    
+  
    Windows x64 Files: http://nodejs.org/dist/v0.7.12/x64/  
    
+  
    Other release files: http://nodejs.org/dist/v0.7.12/  
    
+  
    Website: http://nodejs.org/docs/v0.7.12/  
    
+  
    Documentation: http://nodejs.org/docs/v0.7.12/api/ 
    
+
+
    Shasums
    
+
+
    ded6a2197b1149b594eb45fea921e8538ba442aa  blog.html
+dfabff0923d4b4f1d53bd9831514c1ac8c4b1876  email.md
+be313d35511e6d7e43cae5fa2b18f3e0d2275ba1  node-v0.7.12-x86.msi
+8f7ba0c8283e3863de32fd5c034f5b599c78f830  node-v0.7.12.pkg
+cb570abacbf4eb7e23c3d2620d00dd3080d9c19d  node-v0.7.12.tar.gz
+e13a6edfcba1c67ffe794982dd20a222ce8ce40f  node.exe
+20906ad76a43eca52795b2a089654a105e11c1e6  node.exp
+acbcbb87b6f7f2af34a3ed0abe6131d9e7a237af  node.lib
+4013d5b25fe36ae4245433b972818686cd9a2205  node.pdb
+6c0a7a2e8ee360e2800156293fb2f6a5c1a57382  npm-1.1.30.tgz
+9d23e42e8260fa20001d5618d2583a62792bf63f  npm-1.1.30.zip
+840157b2d6f7389ba70b07fc9ddc048b92c501cc  x64/node-v0.7.12-x64.msi
+862d42706c21ea83bf73cd827101f0fe598b0cf7  x64/node.exe
+de0af95fac083762f99c875f91bab830dc030f71  x64/node.exp
+3122bd886dfb96f3b41846cef0bdd7e97326044a  x64/node.lib
 e0fa4e42cd19cadf8179e492ca606b7232bbc018  x64/node.pdb
    
diff --git a/doc/blog/release/version-0-7-4-unstable.md b/doc/blog/release/version-0-7-4-unstable.md
index 01bc92ae55e..38d6615c09e 100644
--- a/doc/blog/release/version-0-7-4-unstable.md
+++ b/doc/blog/release/version-0-7-4-unstable.md
@@ -6,45 +6,45 @@ status: publish
 category: release
 slug: version-0-7-4-unstable
 
-
    2012.02.14, Version 0.7.4 (unstable)
-
-
    
-
      
-
    • Upgrade V8 to 3.9.5
      
-
      • 
-
    • Upgrade npm to 1.1.1
      
-
      • 
-
    • build: Detect host_arch better (Karl Skomski)
      
-
      • 
-
    • debugger: export debug_port to process (Fedor Indutny)
      
-
      • 
-
    • api docs: CSS bug fixes (isaacs)
      
-
      • 
-
    • build: use -fPIC for native addons on UNIX (Nathan Rajlich)
      
-
      • 
-
    • Re-add top-level v8::Locker (Marcel Laverdet)
      
-
      • 
-
    • Move images out of the dist tarballs (isaacs)
      
-
      • 
-
    • libuv: Remove uv_export and uv_import (Ben Noordhuis)
      
-
      • 
-
    • build: Support x64 build on Windows (Igor Zinkovsky)
      
-
      • 
-
    
-
    Source Code: http://nodejs.org/dist/v0.7.4/node-v0.7.4.tar.gz
-
-
    
-
    Windows Installer: http://nodejs.org/dist/v0.7.4/node-v0.7.4.msi
-
-
    
-
    Macintosh Installer: http://nodejs.org/dist/v0.7.4/node-v0.7.4.pkg
-
-
    
-
    Other release files: http://nodejs.org/dist/v0.7.4/
-
-
    
-
    Website: http://nodejs.org/docs/v0.7.4/
-
-
    
-
    Documentation: http://nodejs.org/docs/v0.7.4/api/
+
    2012.02.14, Version 0.7.4 (unstable)
+
+
    
+
      
+
    • Upgrade V8 to 3.9.5
      
+
      • 
+
    • Upgrade npm to 1.1.1
      
+
      • 
+
    • build: Detect host_arch better (Karl Skomski)
      
+
      • 
+
    • debugger: export debug_port to process (Fedor Indutny)
      
+
      • 
+
    • api docs: CSS bug fixes (isaacs)
      
+
      • 
+
    • build: use -fPIC for native addons on UNIX (Nathan Rajlich)
      
+
      • 
+
    • Re-add top-level v8::Locker (Marcel Laverdet)
      
+
      • 
+
    • Move images out of the dist tarballs (isaacs)
      
+
      • 
+
    • libuv: Remove uv_export and uv_import (Ben Noordhuis)
      
+
      • 
+
    • build: Support x64 build on Windows (Igor Zinkovsky)
      
+
      • 
+
    
+
    Source Code: http://nodejs.org/dist/v0.7.4/node-v0.7.4.tar.gz
+
+
    
+
    Windows Installer: http://nodejs.org/dist/v0.7.4/node-v0.7.4.msi
+
+
    
+
    Macintosh Installer: http://nodejs.org/dist/v0.7.4/node-v0.7.4.pkg
+
+
    
+
    Other release files: http://nodejs.org/dist/v0.7.4/
+
+
    
+
    Website: http://nodejs.org/docs/v0.7.4/
+
+
    
+
    Documentation: http://nodejs.org/docs/v0.7.4/api/
 
    
diff --git a/doc/blog/release/version-0-7-5-unstable.md b/doc/blog/release/version-0-7-5-unstable.md
index bc1e6047dd3..b493cde895b 100644
--- a/doc/blog/release/version-0-7-5-unstable.md
+++ b/doc/blog/release/version-0-7-5-unstable.md
@@ -6,57 +6,57 @@ status: publish
 category: release
 slug: version-0-7-5-unstable
 
-
    2012.02.23, Version 0.7.5 (unstable)
-
-
    
-
      
-
    • startup speed improvements (Maciej MaÅ‚ecki)
      
-
      • 
-
    • crypto: add function getDiffieHellman() (Tomasz Buchert)
      
-
      • 
-
    • buffer: support decoding of URL-safe base64 (Ben Noordhuis)
      
-
      • 
-
    • Make QueryString.parse() even faster (Brian White)
      
-
      • 
-
    • url: decode url entities in auth section (Ben Noordhuis)
      
-
      • 
-
    • http: support PURGE request method (Ben Noordhuis)
      
-
      • 
-
    • http: Generate Date headers on responses (Mark Nottingham)
      
-
      • 
-
    • Fix #2762: Add callback to close function. (Mikeal Rogers)
      
-
      • 
-
    • dgram: fix out-of-bound memory read (Ben Noordhuis)
      
-
      • 
-
    • repl: add automatic loading of built-in libs (Brandon Benvie)
      
-
      • 
-
    • repl: remove double calls where possible (Fedor Indutny)
      
-
      • 
-
    • Readline improvements. Related: #2737 #2756 (Colton Baker)
      
-
      • 
-
    • build: disable -fomit-frame-pointer on solaris (Dave Pacheco)
      
-
      • 
-
    • build: arch detection improvements (Nathan Rajlich)
      
-
      • 
-
    • build: Make a fat binary for the OS X make pkg. (Nathan Rajlich)
      
-
      • 
-
    • jslint src/ and lib/ on 'make test' (isaacs)
      
-
      • 
-
    
-
    Source Code: http://nodejs.org/dist/v0.7.5/node-v0.7.5.tar.gz
-
-
    
-
    Windows Installer: http://nodejs.org/dist/v0.7.5/node-v0.7.5.msi
-
-
    
-
    Macintosh Installer: http://nodejs.org/dist/v0.7.5/node-v0.7.5.pkg
-
-
    
-
    Other release files: http://nodejs.org/dist/v0.7.5/
-
-
    
-
    Website: http://nodejs.org/docs/v0.7.5/
-
-
    
-
    Documentation: http://nodejs.org/docs/v0.7.5/api/
+
    2012.02.23, Version 0.7.5 (unstable)
+
+
    
+
      
+
    • startup speed improvements (Maciej MaÅ‚ecki)
      
+
      • 
+
    • crypto: add function getDiffieHellman() (Tomasz Buchert)
      
+
      • 
+
    • buffer: support decoding of URL-safe base64 (Ben Noordhuis)
      
+
      • 
+
    • Make QueryString.parse() even faster (Brian White)
      
+
      • 
+
    • url: decode url entities in auth section (Ben Noordhuis)
      
+
      • 
+
    • http: support PURGE request method (Ben Noordhuis)
      
+
      • 
+
    • http: Generate Date headers on responses (Mark Nottingham)
      
+
      • 
+
    • Fix #2762: Add callback to close function. (Mikeal Rogers)
      
+
      • 
+
    • dgram: fix out-of-bound memory read (Ben Noordhuis)
      
+
      • 
+
    • repl: add automatic loading of built-in libs (Brandon Benvie)
      
+
      • 
+
    • repl: remove double calls where possible (Fedor Indutny)
      
+
      • 
+
    • Readline improvements. Related: #2737 #2756 (Colton Baker)
      
+
      • 
+
    • build: disable -fomit-frame-pointer on solaris (Dave Pacheco)
      
+
      • 
+
    • build: arch detection improvements (Nathan Rajlich)
      
+
      • 
+
    • build: Make a fat binary for the OS X make pkg. (Nathan Rajlich)
      
+
      • 
+
    • jslint src/ and lib/ on 'make test' (isaacs)
      
+
      • 
+
    
+
    Source Code: http://nodejs.org/dist/v0.7.5/node-v0.7.5.tar.gz
+
+
    
+
    Windows Installer: http://nodejs.org/dist/v0.7.5/node-v0.7.5.msi
+
+
    
+
    Macintosh Installer: http://nodejs.org/dist/v0.7.5/node-v0.7.5.pkg
+
+
    
+
    Other release files: http://nodejs.org/dist/v0.7.5/
+
+
    
+
    Website: http://nodejs.org/docs/v0.7.5/
+
+
    
+
    Documentation: http://nodejs.org/docs/v0.7.5/api/
 
    
diff --git a/doc/blog/release/version-0-7-6-unstable.md b/doc/blog/release/version-0-7-6-unstable.md
index ecf67f3ea06..342c792a0a1 100644
--- a/doc/blog/release/version-0-7-6-unstable.md
+++ b/doc/blog/release/version-0-7-6-unstable.md
@@ -6,67 +6,67 @@ status: publish
 category: release
 slug: version-0-7-6-unstable
 
-
    2012.03.13, Version 0.7.6 (unstable)
-
-
    
-
      
-
    • Upgrade v8 to 3.9.17
      
-
      • 
-
    • Upgrade npm to 1.1.8
      
-
      
-- Add support for os/cpu fields in package.json (Adam Blackburn)
      
-- Automatically node-gyp packages containing a binding.gyp
      
-- Fix failures unpacking in UNC shares
      
-- Never create un-listable directories
      
-- Handle cases where an optionalDependency fails to build
      
-
      
-
      • 
-
    • events: newListener emit correct fn when using 'once' (Roly Fentanes)
      
-
      • 
-
    • url: Ignore empty port component (Åukasz Walukiewicz)
      
-
      • 
-
    • module: replace 'children' array (isaacs)
      
-
      • 
-
    • tls: parse multiple values of a key in ssl certificate (Sambasiva Suda)
      
-
      • 
-
    • cluster: support passing of named pipes (Ben Noordhuis)
      
-
      • 
-
    • Windows: include syscall in fs errors (Bert Belder)
      
-
      • 
-
    • http: #2888 Emit end event only once (Igor Zinkovsky)
      
-
      • 
-
    • readline: add multiline support (Rlidwka)
      
-
      • 
-
    • process: add process.hrtime() (Nathan Rajlich)
      
-
      • 
-
    • net, http, https: add localAddress option (Dmitry Nizovtsev)
      
-
      • 
-
    • addon improvements (Nathan Rajlich)
      
-
      • 
-
    • build improvements (Ben Noordhuis, Sadique Ali, T.C. Hollingsworth, Nathan Rajlich)
      
-
      • 
-
    • add support for "SEARCH" request methods (Nathan Rajlich)
      
-
      • 
-
    • expose the zlib and http_parser version in process.versions (Nathan Rajlich)
      
-
      • 
-
    
-
    Source Code: http://nodejs.org/dist/v0.7.6/node-v0.7.6.tar.gz
-
-
    
-
    Windows Installer: http://nodejs.org/dist/v0.7.6/node-v0.7.6.msi
-
-
    
-
    Windows x64 Files: http://nodejs.org/dist/v0.7.6/x64/
-
-
    
-
    Macintosh Installer (Universal): http://nodejs.org/dist/v0.7.6/node-v0.7.6.pkg
-
-
    
-
    Other release files: http://nodejs.org/dist/v0.7.6/
-
-
    
-
    Website: http://nodejs.org/docs/v0.7.6/
-
-
    
-
    Documentation: http://nodejs.org/docs/v0.7.6/api/
+
    2012.03.13, Version 0.7.6 (unstable)
+
+
    
+
      
+
    • Upgrade v8 to 3.9.17
      
+
      • 
+
    • Upgrade npm to 1.1.8
      
+
      
+- Add support for os/cpu fields in package.json (Adam Blackburn)
      
+- Automatically node-gyp packages containing a binding.gyp
      
+- Fix failures unpacking in UNC shares
      
+- Never create un-listable directories
      
+- Handle cases where an optionalDependency fails to build
      
+
      
+
      • 
+
    • events: newListener emit correct fn when using 'once' (Roly Fentanes)
      
+
      • 
+
    • url: Ignore empty port component (Åukasz Walukiewicz)
      
+
      • 
+
    • module: replace 'children' array (isaacs)
      
+
      • 
+
    • tls: parse multiple values of a key in ssl certificate (Sambasiva Suda)
      
+
      • 
+
    • cluster: support passing of named pipes (Ben Noordhuis)
      
+
      • 
+
    • Windows: include syscall in fs errors (Bert Belder)
      
+
      • 
+
    • http: #2888 Emit end event only once (Igor Zinkovsky)
      
+
      • 
+
    • readline: add multiline support (Rlidwka)
      
+
      • 
+
    • process: add process.hrtime() (Nathan Rajlich)
      
+
      • 
+
    • net, http, https: add localAddress option (Dmitry Nizovtsev)
      
+
      • 
+
    • addon improvements (Nathan Rajlich)
      
+
      • 
+
    • build improvements (Ben Noordhuis, Sadique Ali, T.C. Hollingsworth, Nathan Rajlich)
      
+
      • 
+
    • add support for "SEARCH" request methods (Nathan Rajlich)
      
+
      • 
+
    • expose the zlib and http_parser version in process.versions (Nathan Rajlich)
      
+
      • 
+
    
+
    Source Code: http://nodejs.org/dist/v0.7.6/node-v0.7.6.tar.gz
+
+
    
+
    Windows Installer: http://nodejs.org/dist/v0.7.6/node-v0.7.6.msi
+
+
    
+
    Windows x64 Files: http://nodejs.org/dist/v0.7.6/x64/
+
+
    
+
    Macintosh Installer (Universal): http://nodejs.org/dist/v0.7.6/node-v0.7.6.pkg
+
+
    
+
    Other release files: http://nodejs.org/dist/v0.7.6/
+
+
    
+
    Website: http://nodejs.org/docs/v0.7.6/
+
+
    
+
    Documentation: http://nodejs.org/docs/v0.7.6/api/
 
    
diff --git a/doc/blog/release/version-0-7-7-unstable.md b/doc/blog/release/version-0-7-7-unstable.md
index 6cdcc231285..4ba17658a3d 100644
--- a/doc/blog/release/version-0-7-7-unstable.md
+++ b/doc/blog/release/version-0-7-7-unstable.md
@@ -6,66 +6,66 @@ status: publish
 category: release
 slug: version-0-7-7-unstable
 
-
    2012.03.30, Version 0.7.7 (unstable)
-
-
    
-
      
-
    • Upgrade V8 to 3.9.24.7
      
-
      • 
-
    • Upgrade npm to 1.1.15
      
-
      • 
-
    • Handle Emoji characters properly (Erik Corry, Bert Belder)
      
-
      • 
-
    • readline: migrate ansi/vt100 logic from tty to readline (Nathan Rajlich)
      
-
      • 
-
    • readline: Fix multiline handling (Alex Kocharin)
      
-
      • 
-
    • add a -i/--interactive flag to force the REPL (Nathan Rajlich)
      
-
      • 
-
    • debugger: add breakOnException command (Fedor Indutny)
      
-
      • 
-
    • cluster: kill workers when master dies (Andreas Madsen)
      
-
      • 
-
    • cluster: add graceful disconnect support (Andreas Madsen)
      
-
      • 
-
    • child_process: Separate 'close' event from 'exit' (Charlie McConnell)
      
-
      • 
-
    • typed arrays: add Uint8ClampedArray (Mikael Bourges-Sevenier)
      
-
      • 
-
    • buffer: Fix byte alignment issues (Ben Noordhuis, Erik Lundin)
      
-
      • 
-
    • tls: fix CryptoStream.setKeepAlive() (Shigeki Ohtsu)
      
-
      • 
-
    • Expose http parse error codes (Felix Geisendörfer)
      
-
      • 
-
    • events: don't delete the listeners array (Ben Noordhuis, Nathan Rajlich)
      
-
      • 
-
    • process: add process.config to view node's ./configure settings (Nathan Rajlich)
      
-
      • 
-
    • process: process.execArgv to see node's arguments (Micheil Smith)
      
-
      • 
-
    • process: fix process.title setter (Ben Noordhuis)
      
-
      • 
-
    • timers: handle negative or non-numeric timeout values (Ben Noordhuis)
      
-
      • 
-
    
-
    Source Code: http://nodejs.org/dist/v0.7.7/node-v0.7.7.tar.gz
-
-
    
-
    Windows Installer: http://nodejs.org/dist/v0.7.7/node-v0.7.7.msi
-
-
    
-
    Windows x64 Files: http://nodejs.org/dist/v0.7.7/x64/
-
-
    
-
    Macintosh Installer (Universal): http://nodejs.org/dist/v0.7.7/node-v0.7.7.pkg
-
-
    
-
    Other release files: http://nodejs.org/dist/v0.7.7/
-
-
    
-
    Website: http://nodejs.org/docs/v0.7.7/
-
-
    
-
    Documentation: http://nodejs.org/docs/v0.7.7/api/
+
    2012.03.30, Version 0.7.7 (unstable)
+
+
    
+
      
+
    • Upgrade V8 to 3.9.24.7
      
+
      • 
+
    • Upgrade npm to 1.1.15
      
+
      • 
+
    • Handle Emoji characters properly (Erik Corry, Bert Belder)
      
+
      • 
+
    • readline: migrate ansi/vt100 logic from tty to readline (Nathan Rajlich)
      
+
      • 
+
    • readline: Fix multiline handling (Alex Kocharin)
      
+
      • 
+
    • add a -i/--interactive flag to force the REPL (Nathan Rajlich)
      
+
      • 
+
    • debugger: add breakOnException command (Fedor Indutny)
      
+
      • 
+
    • cluster: kill workers when master dies (Andreas Madsen)
      
+
      • 
+
    • cluster: add graceful disconnect support (Andreas Madsen)
      
+
      • 
+
    • child_process: Separate 'close' event from 'exit' (Charlie McConnell)
      
+
      • 
+
    • typed arrays: add Uint8ClampedArray (Mikael Bourges-Sevenier)
      
+
      • 
+
    • buffer: Fix byte alignment issues (Ben Noordhuis, Erik Lundin)
      
+
      • 
+
    • tls: fix CryptoStream.setKeepAlive() (Shigeki Ohtsu)
      
+
      • 
+
    • Expose http parse error codes (Felix Geisendörfer)
      
+
      • 
+
    • events: don't delete the listeners array (Ben Noordhuis, Nathan Rajlich)
      
+
      • 
+
    • process: add process.config to view node's ./configure settings (Nathan Rajlich)
      
+
      • 
+
    • process: process.execArgv to see node's arguments (Micheil Smith)
      
+
      • 
+
    • process: fix process.title setter (Ben Noordhuis)
      
+
      • 
+
    • timers: handle negative or non-numeric timeout values (Ben Noordhuis)
      
+
      • 
+
    
+
    Source Code: http://nodejs.org/dist/v0.7.7/node-v0.7.7.tar.gz
+
+
    
+
    Windows Installer: http://nodejs.org/dist/v0.7.7/node-v0.7.7.msi
+
+
    
+
    Windows x64 Files: http://nodejs.org/dist/v0.7.7/x64/
+
+
    
+
    Macintosh Installer (Universal): http://nodejs.org/dist/v0.7.7/node-v0.7.7.pkg
+
+
    
+
    Other release files: http://nodejs.org/dist/v0.7.7/
+
+
    
+
    Website: http://nodejs.org/docs/v0.7.7/
+
+
    
+
    Documentation: http://nodejs.org/docs/v0.7.7/api/
 
    
diff --git a/doc/blog/release/version-0-7-8-unstable.md b/doc/blog/release/version-0-7-8-unstable.md
index 8e87a9007d4..9c829fa6ad9 100644
--- a/doc/blog/release/version-0-7-8-unstable.md
+++ b/doc/blog/release/version-0-7-8-unstable.md
@@ -6,66 +6,66 @@ status: publish
 category: release
 slug: version-0-7-8-unstable
 
-
    2012.04.18, Version 0.7.8, (unstable)
-
-
    
-
      
-
    • Upgrade V8 to 3.9.24.9
      
-
      • 
-
    • Upgrade OpenSSL to 1.0.0f
      
-
      • 
-
    • Upgrade npm to 1.1.18
      
-
      • 
-
    • Show licenses in Binary installers
      
-
      • 
-
    • Domains (isaacs)
      
-
      • 
-
    • readline: rename "end" to "close" (Nathan Rajlich)
      
-
      • 
-
    • tcp: make getsockname() return address family as string (Shigeki Ohtsu)
      
-
      • 
-
    • http, https: fix .setTimeout() (ssuda)
      
-
      • 
-
    • os: add cross platform EOL character (Mustansir Golawala)
      
-
      • 
-
    • typed arrays: unexport SizeOfArrayElementForType() (Aaron Jacobs)
      
-
      • 
-
    • net: honor 'enable' flag in .setNoDelay() (Ben Noordhuis)
      
-
      • 
-
    • child_process: emit error when .kill fails (Andreas Madsen)
      
-
      • 
-
    • gyp: fix 'argument list too long' build error (Ben Noordhuis)
      
-
      • 
-
    • fs.WriteStream: Handle modifications to fs.open (isaacs)
      
-
      • 
-
    • repl, readline: Handle newlines better (Nathan Rajlich, Nathan Friedly)
      
-
      • 
-
    • build: target OSX 10.5 when building on darwin (Nathan Rajlich)
      
-
      • 
-
    • Fix #3052 Handle errors properly in zlib (isaacs)
      
-
      • 
-
    • build: add support for DTrace and postmortem (Dave Pacheco)
      
-
      • 
-
    • core: add reusable Slab allocator (Ben Noordhuis)
      
-
      • 
-
    
-
    Source Code: http://nodejs.org/dist/v0.7.8/node-v0.7.8.tar.gz
-
-
    
-
    Windows Installer: http://nodejs.org/dist/v0.7.8/node-v0.7.8.msi
-
-
    
-
    Windows x64 Files: http://nodejs.org/dist/v0.7.8/x64/
-
-
    
-
    Macintosh Installer (Universal): http://nodejs.org/dist/v0.7.8/node-v0.7.8.pkg
-
-
    
-
    Other release files: http://nodejs.org/dist/v0.7.8/
-
-
    
-
    Website: http://nodejs.org/docs/v0.7.8/
-
-
    
-
    Documentation: http://nodejs.org/docs/v0.7.8/api/
+
    2012.04.18, Version 0.7.8, (unstable)
+
+
    
+
      
+
    • Upgrade V8 to 3.9.24.9
      
+
      • 
+
    • Upgrade OpenSSL to 1.0.0f
      
+
      • 
+
    • Upgrade npm to 1.1.18
      
+
      • 
+
    • Show licenses in Binary installers
      
+
      • 
+
    • Domains (isaacs)
      
+
      • 
+
    • readline: rename "end" to "close" (Nathan Rajlich)
      
+
      • 
+
    • tcp: make getsockname() return address family as string (Shigeki Ohtsu)
      
+
      • 
+
    • http, https: fix .setTimeout() (ssuda)
      
+
      • 
+
    • os: add cross platform EOL character (Mustansir Golawala)
      
+
      • 
+
    • typed arrays: unexport SizeOfArrayElementForType() (Aaron Jacobs)
      
+
      • 
+
    • net: honor 'enable' flag in .setNoDelay() (Ben Noordhuis)
      
+
      • 
+
    • child_process: emit error when .kill fails (Andreas Madsen)
      
+
      • 
+
    • gyp: fix 'argument list too long' build error (Ben Noordhuis)
      
+
      • 
+
    • fs.WriteStream: Handle modifications to fs.open (isaacs)
      
+
      • 
+
    • repl, readline: Handle newlines better (Nathan Rajlich, Nathan Friedly)
      
+
      • 
+
    • build: target OSX 10.5 when building on darwin (Nathan Rajlich)
      
+
      • 
+
    • Fix #3052 Handle errors properly in zlib (isaacs)
      
+
      • 
+
    • build: add support for DTrace and postmortem (Dave Pacheco)
      
+
      • 
+
    • core: add reusable Slab allocator (Ben Noordhuis)
      
+
      • 
+
    
+
    Source Code: http://nodejs.org/dist/v0.7.8/node-v0.7.8.tar.gz
+
+
    
+
    Windows Installer: http://nodejs.org/dist/v0.7.8/node-v0.7.8.msi
+
+
    
+
    Windows x64 Files: http://nodejs.org/dist/v0.7.8/x64/
+
+
    
+
    Macintosh Installer (Universal): http://nodejs.org/dist/v0.7.8/node-v0.7.8.pkg
+
+
    
+
    Other release files: http://nodejs.org/dist/v0.7.8/
+
+
    
+
    Website: http://nodejs.org/docs/v0.7.8/
+
+
    
+
    Documentation: http://nodejs.org/docs/v0.7.8/api/
 
    
diff --git a/doc/blog/video/bryan-cantrill-instrumenting-the-real-time-web.md b/doc/blog/video/bryan-cantrill-instrumenting-the-real-time-web.md
index 0c26cb7a493..fa982135d2c 100644
--- a/doc/blog/video/bryan-cantrill-instrumenting-the-real-time-web.md
+++ b/doc/blog/video/bryan-cantrill-instrumenting-the-real-time-web.md
@@ -5,15 +5,15 @@ status: publish
 category: video
 slug: bryan-cantrill-instrumenting-the-real-time-web
 
-Bryan Cantrill, VP of Engineering at Joyent, describes the challenges of instrumenting a distributed, dynamic, highly virtualized system -- and what their experiences taught them about the problem, the technologies used to tackle it, and promising approaches.
-
-This talk was given at Velocity Conf in 2011.
-
-
    
+Bryan Cantrill, VP of Engineering at Joyent, describes the challenges of instrumenting a distributed, dynamic, highly virtualized system -- and what their experiences taught them about the problem, the technologies used to tackle it, and promising approaches.
+
+This talk was given at Velocity Conf in 2011.
+
+
    
 
-
+allowfullscreen>
+
   
    
     tl;dr
-
-
-
-
    Details
    
-
-
    A few weeks ago, Matthew Daley found a security vulnerability in Node's HTTP implementation, and thankfully did the responsible thing and reported it to us via email.  He explained it quite well, so I'll quote him here:
    
-
    
-
    There is a vulnerability in node's `http_parser` binding which allows information disclosure to a remote attacker:
-
-
    
-
    In node::StringPtr::Update, an attempt is made at an optimization on certain inputs (`node_http_parser.cc`, line 151). The intent is that if the current string pointer plus the current string size is equal to the incoming string pointer, the current string size is just increased to match, as the incoming string lies just beyond the current string pointer. However, the check to see whether or not this can be done is incorrect; "size" is used whereas "size_" should be used. Therefore, an attacker can call Update with a string of certain length and cause the current string to have other data appended to it. In the case of HTTP being parsed out of incoming socket data, this can be incoming data from other sockets.
-
-
    
-
    Normally node::StringPtr::Save, which is called after each execution of `http_parser`, would stop this from being exploitable as it converts strings to non-optimizable heap-based strings. However, this is not done to 0-length strings. An attacker can therefore exploit the mistake by making Update set a 0-length string, and then Update past its boundary, so long as it is done in one `http_parser` execution. This can be done with an HTTP header with empty value, followed by a continuation with a value of certain length.
-
-
    
-
    The attached files demonstrate the issue:  
    
-
    $ ./node ~/stringptr-update-poc-server.js &
-[1] 11801
-$ ~/stringptr-update-poc-client.py
-HTTP/1.1 200 OK
-Content-Type: text/plain
-Date: Wed, 18 Apr 2012 00:05:11 GMT
-Connection: close
-Transfer-Encoding: chunked
-
-64
-X header:
- This is private data, perhaps an HTTP request with a Cookie in it.
-0
    
-
    
-
    The fix landed on 7b3fb22 and c9a231d, for master and v0.6, respectively.  The innocuous commit message does not give away the security implications, precisely because we wanted to get a fix out before making a big deal about it.  
    
-
    The first releases with the fix are v0.7.8 and 0.6.17.  So now is a good time to make a big deal about it.  
    
-
    If you are using node version 0.6 in production, please upgrade to at least v0.6.17, or at least apply the fix in c9a231d to your system. (Version 0.6.17 also fixes some other important bugs, and is without doubt the most stable release of Node 0.6 to date, so it's a good idea to upgrade anyway.)  
    
+
    tl;dr
    
+
+
    • A carefully crafted attack request can cause the contents of the HTTP parser's buffer to be appended to the attacking request's header, making it appear to come from the attacker.  Since it is generally safe to echo back contents of a request, this can allow an attacker to get an otherwise correctly designed server to divulge information about other requests.  It is theoretically possible that it could enable header-spoofing attacks, though such an attack has not been demonstrated.
      • 
+
    • Versions affected: All versions of the 0.5/0.6 branch prior to 0.6.17, and all versions of the 0.7 branch prior to 0.7.8.  Versions in the 0.4 branch are not affected.
      • 
+
    • Fix: Upgrade to v0.6.17, or apply the fix in c9a231d to your system.
    
+
+
    Details
    
+
+
    A few weeks ago, Matthew Daley found a security vulnerability in Node's HTTP implementation, and thankfully did the responsible thing and reported it to us via email.  He explained it quite well, so I'll quote him here:
    
+
    
+
    There is a vulnerability in node's `http_parser` binding which allows information disclosure to a remote attacker:
+
+
    
+
    In node::StringPtr::Update, an attempt is made at an optimization on certain inputs (`node_http_parser.cc`, line 151). The intent is that if the current string pointer plus the current string size is equal to the incoming string pointer, the current string size is just increased to match, as the incoming string lies just beyond the current string pointer. However, the check to see whether or not this can be done is incorrect; "size" is used whereas "size_" should be used. Therefore, an attacker can call Update with a string of certain length and cause the current string to have other data appended to it. In the case of HTTP being parsed out of incoming socket data, this can be incoming data from other sockets.
+
+
    
+
    Normally node::StringPtr::Save, which is called after each execution of `http_parser`, would stop this from being exploitable as it converts strings to non-optimizable heap-based strings. However, this is not done to 0-length strings. An attacker can therefore exploit the mistake by making Update set a 0-length string, and then Update past its boundary, so long as it is done in one `http_parser` execution. This can be done with an HTTP header with empty value, followed by a continuation with a value of certain length.
+
+
    
+
    The attached files demonstrate the issue:  
    
+
    $ ./node ~/stringptr-update-poc-server.js &
+[1] 11801
+$ ~/stringptr-update-poc-client.py
+HTTP/1.1 200 OK
+Content-Type: text/plain
+Date: Wed, 18 Apr 2012 00:05:11 GMT
+Connection: close
+Transfer-Encoding: chunked
+
+64
+X header:
+ This is private data, perhaps an HTTP request with a Cookie in it.
+0
    
+
    
+
    The fix landed on 7b3fb22 and c9a231d, for master and v0.6, respectively.  The innocuous commit message does not give away the security implications, precisely because we wanted to get a fix out before making a big deal about it.  
    
+
    The first releases with the fix are v0.7.8 and 0.6.17.  So now is a good time to make a big deal about it.  
    
+
    If you are using node version 0.6 in production, please upgrade to at least v0.6.17, or at least apply the fix in c9a231d to your system. (Version 0.6.17 also fixes some other important bugs, and is without doubt the most stable release of Node 0.6 to date, so it's a good idea to upgrade anyway.)  
    
 
    I'm extremely grateful that Matthew took the time to report the problem to us with such an elegant explanation, and in such a way that we had a reasonable amount of time to fix the issue before making it public. 
    

From 23f09d7e024f326ea0466af10b97ad46e76ac5e6 Mon Sep 17 00:00:00 2001
From: Ben Noordhuis 
Date: Wed, 1 Aug 2012 20:25:24 +0200
Subject: [PATCH 21/35] fs: fix readFileSync("/proc/cpuinfo") regression

Don't use positional reads. Not all proc files support pread(), especially on
older linux kernels.

Fixes #3808.
---
 lib/fs.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/fs.js b/lib/fs.js
index 51dfe562932..d9d07401c5c 100644
--- a/lib/fs.js
+++ b/lib/fs.js
@@ -205,12 +205,12 @@ fs.readFileSync = function(path, encoding) {
     var threw = true;
     try {
       if (size !== 0) {
-        var bytesRead = fs.readSync(fd, buffer, pos, size - pos, pos);
+        var bytesRead = fs.readSync(fd, buffer, pos, size - pos);
       } else {
         // the kernel lies about many files.
         // Go ahead and try to read some bytes.
         buffer = new Buffer(8192);
-        var bytesRead = fs.readSync(fd, buffer, 0, 8192, pos);
+        var bytesRead = fs.readSync(fd, buffer, 0, 8192);
         if (bytesRead) {
           buffers.push(buffer.slice(0, bytesRead));
         }

From f1fba8d1f5e7411f055c00ca4b46646e5b840cf2 Mon Sep 17 00:00:00 2001
From: Gil Pedersen 
Date: Wed, 1 Aug 2012 16:04:28 +0200
Subject: [PATCH 22/35] fs: fix ReadStream / WriteStream missing callback

The (undocumented) callback argument to .destroy() was not called if the
stream was no longer readable / writable.
---
 lib/fs.js                          | 10 ++++++++--
 test/simple/test-fs-read-stream.js |  7 ++++++-
 2 files changed, 14 insertions(+), 3 deletions(-)

diff --git a/lib/fs.js b/lib/fs.js
index d9d07401c5c..d53c3605cf0 100644
--- a/lib/fs.js
+++ b/lib/fs.js
@@ -1367,7 +1367,10 @@ ReadStream.prototype._emitData = function(d) {
 ReadStream.prototype.destroy = function(cb) {
   var self = this;
 
-  if (!this.readable) return;
+  if (!this.readable) {
+    if (cb) process.nextTick(function() { cb(null); });
+    return;
+  }
   this.readable = false;
 
   function close() {
@@ -1570,7 +1573,10 @@ WriteStream.prototype.end = function(data, encoding, cb) {
 WriteStream.prototype.destroy = function(cb) {
   var self = this;
 
-  if (!this.writable) return;
+  if (!this.writable) {
+    if (cb) process.nextTick(function() { cb(null); });
+    return;
+  }
   this.writable = false;
 
   function close() {
diff --git a/test/simple/test-fs-read-stream.js b/test/simple/test-fs-read-stream.js
index dbb5fbf8473..d500fc45ea8 100644
--- a/test/simple/test-fs-read-stream.js
+++ b/test/simple/test-fs-read-stream.js
@@ -86,6 +86,11 @@ var file2 = fs.createReadStream(fn);
 file2.destroy(function(err) {
   assert.ok(!err);
   callbacks.destroy++;
+
+  file2.destroy(function(err) {
+    assert.ok(!err);
+    callbacks.destroy++;
+  });
 });
 
 var file3 = fs.createReadStream(fn, {encoding: 'utf8'});
@@ -107,7 +112,7 @@ file3.on('close', function() {
 process.on('exit', function() {
   assert.equal(1, callbacks.open);
   assert.equal(1, callbacks.end);
-  assert.equal(1, callbacks.destroy);
+  assert.equal(2, callbacks.destroy);
 
   assert.equal(2, callbacks.close);
 

From 53f3b128f5efd5fdca2dcab9ff3e5d3e2b9debf1 Mon Sep 17 00:00:00 2001
From: Ben Noordhuis 
Date: Thu, 2 Aug 2012 01:35:51 +0200
Subject: [PATCH 23/35] node: tag Encode and friends NODE_EXTERN

Makes the symbols visible on Windows. They were already visible on Unices.

Fixes #3811.
---
 src/node.h | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/src/node.h b/src/node.h
index 2e443507153..40e9705c2b6 100644
--- a/src/node.h
+++ b/src/node.h
@@ -133,18 +133,18 @@ enum encoding ParseEncoding(v8::Handle encoding_v,
 NODE_EXTERN void FatalException(v8::TryCatch &try_catch);
 void DisplayExceptionLine(v8::TryCatch &try_catch); // hack
 
-v8::Local Encode(const void *buf, size_t len,
-                            enum encoding encoding = BINARY);
+NODE_EXTERN v8::Local Encode(const void *buf, size_t len,
+                                        enum encoding encoding = BINARY);
 
 // Returns -1 if the handle was not valid for decoding
-ssize_t DecodeBytes(v8::Handle,
-                    enum encoding encoding = BINARY);
+NODE_EXTERN ssize_t DecodeBytes(v8::Handle,
+                                enum encoding encoding = BINARY);
 
 // returns bytes written.
-ssize_t DecodeWrite(char *buf,
-                    size_t buflen,
-                    v8::Handle,
-                    enum encoding encoding = BINARY);
+NODE_EXTERN ssize_t DecodeWrite(char *buf,
+                                size_t buflen,
+                                v8::Handle,
+                                enum encoding encoding = BINARY);
 
 v8::Local BuildStatsObject(const uv_statbuf_t* s);
 

From 6db9e12de5e35f360249f4dab190b3bd052fccf0 Mon Sep 17 00:00:00 2001
From: Ben Noordhuis 
Date: Thu, 2 Aug 2012 12:11:35 +0200
Subject: [PATCH 24/35] deps: remove openssl apps and tests

Shrinks the tarball by a few hundred kilobytes and fixes a broken symlinks
issue on Windows.

Fixes #3813.
---
 deps/openssl/openssl/apps/CA.com              |  236 --
 deps/openssl/openssl/apps/CA.pl               |  189 -
 deps/openssl/openssl/apps/CA.pl.in            |  189 -
 deps/openssl/openssl/apps/CA.sh               |  198 --
 deps/openssl/openssl/apps/Makefile            | 1035 ------
 deps/openssl/openssl/apps/app_rand.c          |  218 --
 deps/openssl/openssl/apps/apps.c              | 3063 -----------------
 deps/openssl/openssl/apps/apps.h              |  364 --
 deps/openssl/openssl/apps/asn1pars.c          |  445 ---
 deps/openssl/openssl/apps/ca-cert.srl         |    1 -
 deps/openssl/openssl/apps/ca-key.pem          |   15 -
 deps/openssl/openssl/apps/ca-req.pem          |   11 -
 deps/openssl/openssl/apps/ca.c                | 2985 ----------------
 deps/openssl/openssl/apps/cert.pem            |   11 -
 deps/openssl/openssl/apps/ciphers.c           |  231 --
 deps/openssl/openssl/apps/client.pem          |   24 -
 deps/openssl/openssl/apps/cms.c               | 1362 --------
 deps/openssl/openssl/apps/crl.c               |  446 ---
 deps/openssl/openssl/apps/crl2p7.c            |  337 --
 deps/openssl/openssl/apps/demoCA/cacert.pem   |   14 -
 deps/openssl/openssl/apps/demoCA/index.txt    |   39 -
 .../openssl/apps/demoCA/private/cakey.pem     |   24 -
 deps/openssl/openssl/apps/demoCA/serial       |    1 -
 deps/openssl/openssl/apps/dgst.c              |  632 ----
 deps/openssl/openssl/apps/dh.c                |  355 --
 deps/openssl/openssl/apps/dh1024.pem          |   10 -
 deps/openssl/openssl/apps/dh2048.pem          |   12 -
 deps/openssl/openssl/apps/dh4096.pem          |   18 -
 deps/openssl/openssl/apps/dh512.pem           |    9 -
 deps/openssl/openssl/apps/dhparam.c           |  560 ---
 deps/openssl/openssl/apps/dsa-ca.pem          |   40 -
 deps/openssl/openssl/apps/dsa-pca.pem         |   46 -
 deps/openssl/openssl/apps/dsa.c               |  376 --
 deps/openssl/openssl/apps/dsa1024.pem         |    9 -
 deps/openssl/openssl/apps/dsa512.pem          |    6 -
 deps/openssl/openssl/apps/dsap.pem            |    6 -
 deps/openssl/openssl/apps/dsaparam.c          |  479 ---
 deps/openssl/openssl/apps/ec.c                |  406 ---
 deps/openssl/openssl/apps/ecparam.c           |  731 ----
 deps/openssl/openssl/apps/enc.c               |  724 ----
 deps/openssl/openssl/apps/engine.c            |  549 ---
 deps/openssl/openssl/apps/errstr.c            |  128 -
 deps/openssl/openssl/apps/gendh.c             |  241 --
 deps/openssl/openssl/apps/gendsa.c            |  285 --
 deps/openssl/openssl/apps/genpkey.c           |  440 ---
 deps/openssl/openssl/apps/genrsa.c            |  335 --
 deps/openssl/openssl/apps/install-apps.com    |  107 -
 deps/openssl/openssl/apps/makeapps.com        | 1169 -------
 deps/openssl/openssl/apps/md4.c               |    1 -
 deps/openssl/openssl/apps/nseq.c              |  167 -
 deps/openssl/openssl/apps/ocsp.c              | 1421 --------
 deps/openssl/openssl/apps/oid.cnf             |    6 -
 deps/openssl/openssl/apps/openssl-vms.cnf     |  350 --
 deps/openssl/openssl/apps/openssl.c           |  714 ----
 deps/openssl/openssl/apps/openssl.cnf         |  350 --
 deps/openssl/openssl/apps/passwd.c            |  512 ---
 deps/openssl/openssl/apps/pca-cert.srl        |    1 -
 deps/openssl/openssl/apps/pca-key.pem         |   15 -
 deps/openssl/openssl/apps/pca-req.pem         |   11 -
 deps/openssl/openssl/apps/pkcs12.c            |  977 ------
 deps/openssl/openssl/apps/pkcs7.c             |  320 --
 deps/openssl/openssl/apps/pkcs8.c             |  439 ---
 deps/openssl/openssl/apps/pkey.c              |  284 --
 deps/openssl/openssl/apps/pkeyparam.c         |  200 --
 deps/openssl/openssl/apps/pkeyutl.c           |  570 ---
 deps/openssl/openssl/apps/prime.c             |  160 -
 deps/openssl/openssl/apps/privkey.pem         |   18 -
 deps/openssl/openssl/apps/progs.h             |  364 --
 deps/openssl/openssl/apps/progs.pl            |  102 -
 deps/openssl/openssl/apps/rand.c              |  245 --
 deps/openssl/openssl/apps/req.c               | 1758 ----------
 deps/openssl/openssl/apps/req.pem             |   11 -
 deps/openssl/openssl/apps/rsa.c               |  450 ---
 deps/openssl/openssl/apps/rsa8192.pem         |  101 -
 deps/openssl/openssl/apps/rsautl.c            |  351 --
 deps/openssl/openssl/apps/s1024key.pem        |   15 -
 deps/openssl/openssl/apps/s1024req.pem        |   11 -
 deps/openssl/openssl/apps/s512-key.pem        |    9 -
 deps/openssl/openssl/apps/s512-req.pem        |    8 -
 deps/openssl/openssl/apps/s_apps.h            |  176 -
 deps/openssl/openssl/apps/s_cb.c              |  862 -----
 deps/openssl/openssl/apps/s_client.c          | 1873 ----------
 deps/openssl/openssl/apps/s_server.c          | 2752 ---------------
 deps/openssl/openssl/apps/s_socket.c          |  620 ----
 deps/openssl/openssl/apps/s_time.c            |  632 ----
 deps/openssl/openssl/apps/server.pem          |  369 --
 deps/openssl/openssl/apps/server.srl          |    1 -
 deps/openssl/openssl/apps/server2.pem         |  376 --
 deps/openssl/openssl/apps/sess_id.c           |  320 --
 deps/openssl/openssl/apps/set/set-g-ca.pem    |   21 -
 deps/openssl/openssl/apps/set/set-m-ca.pem    |   21 -
 deps/openssl/openssl/apps/set/set_b_ca.pem    |   23 -
 deps/openssl/openssl/apps/set/set_c_ca.pem    |   21 -
 deps/openssl/openssl/apps/set/set_d_ct.pem    |   21 -
 deps/openssl/openssl/apps/set/set_root.pem    |   21 -
 deps/openssl/openssl/apps/smime.c             |  857 -----
 deps/openssl/openssl/apps/speed.c             | 2787 ---------------
 deps/openssl/openssl/apps/spkac.c             |  308 --
 deps/openssl/openssl/apps/testCA.pem          |    8 -
 deps/openssl/openssl/apps/testdsa.h           |  217 --
 deps/openssl/openssl/apps/testrsa.h           |  518 ---
 deps/openssl/openssl/apps/timeouts.h          |   67 -
 deps/openssl/openssl/apps/ts.c                | 1147 ------
 deps/openssl/openssl/apps/tsget               |  196 --
 deps/openssl/openssl/apps/verify.c            |  350 --
 deps/openssl/openssl/apps/version.c           |  217 --
 deps/openssl/openssl/apps/vms_decc_init.c     |  188 -
 deps/openssl/openssl/apps/winrand.c           |  148 -
 deps/openssl/openssl/apps/x509.c              | 1292 -------
 deps/openssl/openssl/test/CAss.cnf            |   76 -
 deps/openssl/openssl/test/CAssdh.cnf          |   24 -
 deps/openssl/openssl/test/CAssdsa.cnf         |   23 -
 deps/openssl/openssl/test/CAssrsa.cnf         |   24 -
 deps/openssl/openssl/test/CAtsa.cnf           |  163 -
 deps/openssl/openssl/test/Makefile            |  698 ----
 deps/openssl/openssl/test/P1ss.cnf            |   37 -
 deps/openssl/openssl/test/P2ss.cnf            |   45 -
 deps/openssl/openssl/test/Sssdsa.cnf          |   27 -
 deps/openssl/openssl/test/Sssrsa.cnf          |   26 -
 deps/openssl/openssl/test/Uss.cnf             |   36 -
 deps/openssl/openssl/test/VMSca-response.1    |    1 -
 deps/openssl/openssl/test/VMSca-response.2    |    2 -
 deps/openssl/openssl/test/asn1test.c          |   22 -
 deps/openssl/openssl/test/bctest              |  111 -
 deps/openssl/openssl/test/bctest.com          |  152 -
 deps/openssl/openssl/test/bftest.c            |    1 -
 deps/openssl/openssl/test/bntest.c            |    1 -
 deps/openssl/openssl/test/bntest.com          |   76 -
 deps/openssl/openssl/test/casttest.c          |    1 -
 deps/openssl/openssl/test/clean_test.com      |   35 -
 deps/openssl/openssl/test/cms-examples.pl     |  409 ---
 deps/openssl/openssl/test/cms-test.pl         |  457 ---
 deps/openssl/openssl/test/destest.c           |    1 -
 deps/openssl/openssl/test/dhtest.c            |    1 -
 deps/openssl/openssl/test/dsatest.c           |    1 -
 deps/openssl/openssl/test/dummytest.c         |   48 -
 deps/openssl/openssl/test/ecdhtest.c          |    1 -
 deps/openssl/openssl/test/ecdsatest.c         |    1 -
 deps/openssl/openssl/test/ectest.c            |    1 -
 deps/openssl/openssl/test/enginetest.c        |    1 -
 deps/openssl/openssl/test/evp_test.c          |    1 -
 deps/openssl/openssl/test/evptests.txt        |  321 --
 deps/openssl/openssl/test/exptest.c           |    1 -
 deps/openssl/openssl/test/fips_aesavs.c       |    1 -
 deps/openssl/openssl/test/fips_desmovs.c      |    1 -
 deps/openssl/openssl/test/fips_dsatest.c      |    1 -
 deps/openssl/openssl/test/fips_dssvs.c        |    1 -
 deps/openssl/openssl/test/fips_hmactest.c     |    1 -
 deps/openssl/openssl/test/fips_randtest.c     |    1 -
 deps/openssl/openssl/test/fips_rngvs.c        |    1 -
 deps/openssl/openssl/test/fips_rsagtest.c     |    1 -
 deps/openssl/openssl/test/fips_rsastest.c     |    1 -
 deps/openssl/openssl/test/fips_rsavtest.c     |    1 -
 deps/openssl/openssl/test/fips_shatest.c      |    1 -
 deps/openssl/openssl/test/fips_test_suite.c   |    1 -
 deps/openssl/openssl/test/hmactest.c          |    1 -
 deps/openssl/openssl/test/ideatest.c          |    1 -
 deps/openssl/openssl/test/igetest.c           |  503 ---
 deps/openssl/openssl/test/jpaketest.c         |    1 -
 deps/openssl/openssl/test/maketests.com       | 1085 ------
 deps/openssl/openssl/test/md2test.c           |    1 -
 deps/openssl/openssl/test/md4test.c           |    1 -
 deps/openssl/openssl/test/md5test.c           |    1 -
 deps/openssl/openssl/test/mdc2test.c          |    1 -
 deps/openssl/openssl/test/methtest.c          |  105 -
 deps/openssl/openssl/test/pkcs7-1.pem         |   15 -
 deps/openssl/openssl/test/pkcs7.pem           |   54 -
 deps/openssl/openssl/test/pkits-test.pl       |  940 -----
 deps/openssl/openssl/test/r160test.c          |   57 -
 deps/openssl/openssl/test/randtest.c          |    1 -
 deps/openssl/openssl/test/rc2test.c           |    1 -
 deps/openssl/openssl/test/rc4test.c           |    1 -
 deps/openssl/openssl/test/rc5test.c           |    1 -
 deps/openssl/openssl/test/rmdtest.c           |    1 -
 deps/openssl/openssl/test/rsa_test.c          |    1 -
 deps/openssl/openssl/test/sha1test.c          |    1 -
 deps/openssl/openssl/test/sha256t.c           |    1 -
 deps/openssl/openssl/test/sha512t.c           |    1 -
 deps/openssl/openssl/test/shatest.c           |    1 -
 deps/openssl/openssl/test/smcont.txt          |    1 -
 .../openssl/test/smime-certs/smdsa1.pem       |   34 -
 .../openssl/test/smime-certs/smdsa2.pem       |   34 -
 .../openssl/test/smime-certs/smdsa3.pem       |   34 -
 .../openssl/test/smime-certs/smdsap.pem       |    9 -
 .../openssl/test/smime-certs/smroot.pem       |   30 -
 .../openssl/test/smime-certs/smrsa1.pem       |   31 -
 .../openssl/test/smime-certs/smrsa2.pem       |   31 -
 .../openssl/test/smime-certs/smrsa3.pem       |   31 -
 deps/openssl/openssl/test/ssltest.c           |    1 -
 deps/openssl/openssl/test/tcrl                |   78 -
 deps/openssl/openssl/test/tcrl.com            |   88 -
 deps/openssl/openssl/test/test.cnf            |   88 -
 deps/openssl/openssl/test/test_padlock        |   64 -
 deps/openssl/openssl/test/testca              |   51 -
 deps/openssl/openssl/test/testca.com          |   52 -
 deps/openssl/openssl/test/testcrl.pem         |   16 -
 deps/openssl/openssl/test/testenc             |   54 -
 deps/openssl/openssl/test/testenc.com         |   66 -
 deps/openssl/openssl/test/testgen             |   44 -
 deps/openssl/openssl/test/testgen.com         |   58 -
 deps/openssl/openssl/test/testp7.pem          |   46 -
 deps/openssl/openssl/test/testreq2.pem        |    7 -
 deps/openssl/openssl/test/testrsa.pem         |    9 -
 deps/openssl/openssl/test/tests.com           |  366 --
 deps/openssl/openssl/test/testsid.pem         |   12 -
 deps/openssl/openssl/test/testss              |  163 -
 deps/openssl/openssl/test/testss.com          |  123 -
 deps/openssl/openssl/test/testssl             |  163 -
 deps/openssl/openssl/test/testssl.com         |  208 --
 deps/openssl/openssl/test/testsslproxy        |   10 -
 deps/openssl/openssl/test/testtsa             |  238 --
 deps/openssl/openssl/test/testtsa.com         |  255 --
 deps/openssl/openssl/test/testx509.pem        |   10 -
 deps/openssl/openssl/test/times               |  113 -
 deps/openssl/openssl/test/tpkcs7              |   48 -
 deps/openssl/openssl/test/tpkcs7.com          |   59 -
 deps/openssl/openssl/test/tpkcs7d             |   41 -
 deps/openssl/openssl/test/tpkcs7d.com         |   52 -
 deps/openssl/openssl/test/treq                |   83 -
 deps/openssl/openssl/test/treq.com            |   88 -
 deps/openssl/openssl/test/trsa                |   83 -
 deps/openssl/openssl/test/trsa.com            |   99 -
 deps/openssl/openssl/test/tsid                |   78 -
 deps/openssl/openssl/test/tsid.com            |   88 -
 deps/openssl/openssl/test/tverify.com         |   65 -
 deps/openssl/openssl/test/tx509               |   78 -
 deps/openssl/openssl/test/tx509.com           |   88 -
 deps/openssl/openssl/test/v3-cert1.pem        |   16 -
 deps/openssl/openssl/test/v3-cert2.pem        |   16 -
 deps/openssl/openssl/test/wp_test.c           |    1 -
 230 files changed, 54675 deletions(-)
 delete mode 100644 deps/openssl/openssl/apps/CA.com
 delete mode 100644 deps/openssl/openssl/apps/CA.pl
 delete mode 100644 deps/openssl/openssl/apps/CA.pl.in
 delete mode 100644 deps/openssl/openssl/apps/CA.sh
 delete mode 100644 deps/openssl/openssl/apps/Makefile
 delete mode 100644 deps/openssl/openssl/apps/app_rand.c
 delete mode 100644 deps/openssl/openssl/apps/apps.c
 delete mode 100644 deps/openssl/openssl/apps/apps.h
 delete mode 100644 deps/openssl/openssl/apps/asn1pars.c
 delete mode 100644 deps/openssl/openssl/apps/ca-cert.srl
 delete mode 100644 deps/openssl/openssl/apps/ca-key.pem
 delete mode 100644 deps/openssl/openssl/apps/ca-req.pem
 delete mode 100644 deps/openssl/openssl/apps/ca.c
 delete mode 100644 deps/openssl/openssl/apps/cert.pem
 delete mode 100644 deps/openssl/openssl/apps/ciphers.c
 delete mode 100644 deps/openssl/openssl/apps/client.pem
 delete mode 100644 deps/openssl/openssl/apps/cms.c
 delete mode 100644 deps/openssl/openssl/apps/crl.c
 delete mode 100644 deps/openssl/openssl/apps/crl2p7.c
 delete mode 100644 deps/openssl/openssl/apps/demoCA/cacert.pem
 delete mode 100644 deps/openssl/openssl/apps/demoCA/index.txt
 delete mode 100644 deps/openssl/openssl/apps/demoCA/private/cakey.pem
 delete mode 100644 deps/openssl/openssl/apps/demoCA/serial
 delete mode 100644 deps/openssl/openssl/apps/dgst.c
 delete mode 100644 deps/openssl/openssl/apps/dh.c
 delete mode 100644 deps/openssl/openssl/apps/dh1024.pem
 delete mode 100644 deps/openssl/openssl/apps/dh2048.pem
 delete mode 100644 deps/openssl/openssl/apps/dh4096.pem
 delete mode 100644 deps/openssl/openssl/apps/dh512.pem
 delete mode 100644 deps/openssl/openssl/apps/dhparam.c
 delete mode 100644 deps/openssl/openssl/apps/dsa-ca.pem
 delete mode 100644 deps/openssl/openssl/apps/dsa-pca.pem
 delete mode 100644 deps/openssl/openssl/apps/dsa.c
 delete mode 100644 deps/openssl/openssl/apps/dsa1024.pem
 delete mode 100644 deps/openssl/openssl/apps/dsa512.pem
 delete mode 100644 deps/openssl/openssl/apps/dsap.pem
 delete mode 100644 deps/openssl/openssl/apps/dsaparam.c
 delete mode 100644 deps/openssl/openssl/apps/ec.c
 delete mode 100644 deps/openssl/openssl/apps/ecparam.c
 delete mode 100644 deps/openssl/openssl/apps/enc.c
 delete mode 100644 deps/openssl/openssl/apps/engine.c
 delete mode 100644 deps/openssl/openssl/apps/errstr.c
 delete mode 100644 deps/openssl/openssl/apps/gendh.c
 delete mode 100644 deps/openssl/openssl/apps/gendsa.c
 delete mode 100644 deps/openssl/openssl/apps/genpkey.c
 delete mode 100644 deps/openssl/openssl/apps/genrsa.c
 delete mode 100644 deps/openssl/openssl/apps/install-apps.com
 delete mode 100644 deps/openssl/openssl/apps/makeapps.com
 delete mode 120000 deps/openssl/openssl/apps/md4.c
 delete mode 100644 deps/openssl/openssl/apps/nseq.c
 delete mode 100644 deps/openssl/openssl/apps/ocsp.c
 delete mode 100644 deps/openssl/openssl/apps/oid.cnf
 delete mode 100644 deps/openssl/openssl/apps/openssl-vms.cnf
 delete mode 100644 deps/openssl/openssl/apps/openssl.c
 delete mode 100644 deps/openssl/openssl/apps/openssl.cnf
 delete mode 100644 deps/openssl/openssl/apps/passwd.c
 delete mode 100644 deps/openssl/openssl/apps/pca-cert.srl
 delete mode 100644 deps/openssl/openssl/apps/pca-key.pem
 delete mode 100644 deps/openssl/openssl/apps/pca-req.pem
 delete mode 100644 deps/openssl/openssl/apps/pkcs12.c
 delete mode 100644 deps/openssl/openssl/apps/pkcs7.c
 delete mode 100644 deps/openssl/openssl/apps/pkcs8.c
 delete mode 100644 deps/openssl/openssl/apps/pkey.c
 delete mode 100644 deps/openssl/openssl/apps/pkeyparam.c
 delete mode 100644 deps/openssl/openssl/apps/pkeyutl.c
 delete mode 100644 deps/openssl/openssl/apps/prime.c
 delete mode 100644 deps/openssl/openssl/apps/privkey.pem
 delete mode 100644 deps/openssl/openssl/apps/progs.h
 delete mode 100644 deps/openssl/openssl/apps/progs.pl
 delete mode 100644 deps/openssl/openssl/apps/rand.c
 delete mode 100644 deps/openssl/openssl/apps/req.c
 delete mode 100644 deps/openssl/openssl/apps/req.pem
 delete mode 100644 deps/openssl/openssl/apps/rsa.c
 delete mode 100644 deps/openssl/openssl/apps/rsa8192.pem
 delete mode 100644 deps/openssl/openssl/apps/rsautl.c
 delete mode 100644 deps/openssl/openssl/apps/s1024key.pem
 delete mode 100644 deps/openssl/openssl/apps/s1024req.pem
 delete mode 100644 deps/openssl/openssl/apps/s512-key.pem
 delete mode 100644 deps/openssl/openssl/apps/s512-req.pem
 delete mode 100644 deps/openssl/openssl/apps/s_apps.h
 delete mode 100644 deps/openssl/openssl/apps/s_cb.c
 delete mode 100644 deps/openssl/openssl/apps/s_client.c
 delete mode 100644 deps/openssl/openssl/apps/s_server.c
 delete mode 100644 deps/openssl/openssl/apps/s_socket.c
 delete mode 100644 deps/openssl/openssl/apps/s_time.c
 delete mode 100644 deps/openssl/openssl/apps/server.pem
 delete mode 100644 deps/openssl/openssl/apps/server.srl
 delete mode 100644 deps/openssl/openssl/apps/server2.pem
 delete mode 100644 deps/openssl/openssl/apps/sess_id.c
 delete mode 100644 deps/openssl/openssl/apps/set/set-g-ca.pem
 delete mode 100644 deps/openssl/openssl/apps/set/set-m-ca.pem
 delete mode 100644 deps/openssl/openssl/apps/set/set_b_ca.pem
 delete mode 100644 deps/openssl/openssl/apps/set/set_c_ca.pem
 delete mode 100644 deps/openssl/openssl/apps/set/set_d_ct.pem
 delete mode 100644 deps/openssl/openssl/apps/set/set_root.pem
 delete mode 100644 deps/openssl/openssl/apps/smime.c
 delete mode 100644 deps/openssl/openssl/apps/speed.c
 delete mode 100644 deps/openssl/openssl/apps/spkac.c
 delete mode 100644 deps/openssl/openssl/apps/testCA.pem
 delete mode 100644 deps/openssl/openssl/apps/testdsa.h
 delete mode 100644 deps/openssl/openssl/apps/testrsa.h
 delete mode 100644 deps/openssl/openssl/apps/timeouts.h
 delete mode 100644 deps/openssl/openssl/apps/ts.c
 delete mode 100644 deps/openssl/openssl/apps/tsget
 delete mode 100644 deps/openssl/openssl/apps/verify.c
 delete mode 100644 deps/openssl/openssl/apps/version.c
 delete mode 100644 deps/openssl/openssl/apps/vms_decc_init.c
 delete mode 100644 deps/openssl/openssl/apps/winrand.c
 delete mode 100644 deps/openssl/openssl/apps/x509.c
 delete mode 100644 deps/openssl/openssl/test/CAss.cnf
 delete mode 100644 deps/openssl/openssl/test/CAssdh.cnf
 delete mode 100644 deps/openssl/openssl/test/CAssdsa.cnf
 delete mode 100644 deps/openssl/openssl/test/CAssrsa.cnf
 delete mode 100644 deps/openssl/openssl/test/CAtsa.cnf
 delete mode 100644 deps/openssl/openssl/test/Makefile
 delete mode 100644 deps/openssl/openssl/test/P1ss.cnf
 delete mode 100644 deps/openssl/openssl/test/P2ss.cnf
 delete mode 100644 deps/openssl/openssl/test/Sssdsa.cnf
 delete mode 100644 deps/openssl/openssl/test/Sssrsa.cnf
 delete mode 100644 deps/openssl/openssl/test/Uss.cnf
 delete mode 100644 deps/openssl/openssl/test/VMSca-response.1
 delete mode 100644 deps/openssl/openssl/test/VMSca-response.2
 delete mode 100644 deps/openssl/openssl/test/asn1test.c
 delete mode 100755 deps/openssl/openssl/test/bctest
 delete mode 100644 deps/openssl/openssl/test/bctest.com
 delete mode 120000 deps/openssl/openssl/test/bftest.c
 delete mode 120000 deps/openssl/openssl/test/bntest.c
 delete mode 100644 deps/openssl/openssl/test/bntest.com
 delete mode 120000 deps/openssl/openssl/test/casttest.c
 delete mode 100644 deps/openssl/openssl/test/clean_test.com
 delete mode 100644 deps/openssl/openssl/test/cms-examples.pl
 delete mode 100644 deps/openssl/openssl/test/cms-test.pl
 delete mode 120000 deps/openssl/openssl/test/destest.c
 delete mode 120000 deps/openssl/openssl/test/dhtest.c
 delete mode 120000 deps/openssl/openssl/test/dsatest.c
 delete mode 100644 deps/openssl/openssl/test/dummytest.c
 delete mode 120000 deps/openssl/openssl/test/ecdhtest.c
 delete mode 120000 deps/openssl/openssl/test/ecdsatest.c
 delete mode 120000 deps/openssl/openssl/test/ectest.c
 delete mode 120000 deps/openssl/openssl/test/enginetest.c
 delete mode 120000 deps/openssl/openssl/test/evp_test.c
 delete mode 100644 deps/openssl/openssl/test/evptests.txt
 delete mode 120000 deps/openssl/openssl/test/exptest.c
 delete mode 120000 deps/openssl/openssl/test/fips_aesavs.c
 delete mode 120000 deps/openssl/openssl/test/fips_desmovs.c
 delete mode 120000 deps/openssl/openssl/test/fips_dsatest.c
 delete mode 120000 deps/openssl/openssl/test/fips_dssvs.c
 delete mode 120000 deps/openssl/openssl/test/fips_hmactest.c
 delete mode 120000 deps/openssl/openssl/test/fips_randtest.c
 delete mode 120000 deps/openssl/openssl/test/fips_rngvs.c
 delete mode 120000 deps/openssl/openssl/test/fips_rsagtest.c
 delete mode 120000 deps/openssl/openssl/test/fips_rsastest.c
 delete mode 120000 deps/openssl/openssl/test/fips_rsavtest.c
 delete mode 120000 deps/openssl/openssl/test/fips_shatest.c
 delete mode 120000 deps/openssl/openssl/test/fips_test_suite.c
 delete mode 120000 deps/openssl/openssl/test/hmactest.c
 delete mode 120000 deps/openssl/openssl/test/ideatest.c
 delete mode 100644 deps/openssl/openssl/test/igetest.c
 delete mode 120000 deps/openssl/openssl/test/jpaketest.c
 delete mode 100644 deps/openssl/openssl/test/maketests.com
 delete mode 120000 deps/openssl/openssl/test/md2test.c
 delete mode 120000 deps/openssl/openssl/test/md4test.c
 delete mode 120000 deps/openssl/openssl/test/md5test.c
 delete mode 120000 deps/openssl/openssl/test/mdc2test.c
 delete mode 100644 deps/openssl/openssl/test/methtest.c
 delete mode 100644 deps/openssl/openssl/test/pkcs7-1.pem
 delete mode 100644 deps/openssl/openssl/test/pkcs7.pem
 delete mode 100644 deps/openssl/openssl/test/pkits-test.pl
 delete mode 100644 deps/openssl/openssl/test/r160test.c
 delete mode 120000 deps/openssl/openssl/test/randtest.c
 delete mode 120000 deps/openssl/openssl/test/rc2test.c
 delete mode 120000 deps/openssl/openssl/test/rc4test.c
 delete mode 120000 deps/openssl/openssl/test/rc5test.c
 delete mode 120000 deps/openssl/openssl/test/rmdtest.c
 delete mode 120000 deps/openssl/openssl/test/rsa_test.c
 delete mode 120000 deps/openssl/openssl/test/sha1test.c
 delete mode 120000 deps/openssl/openssl/test/sha256t.c
 delete mode 120000 deps/openssl/openssl/test/sha512t.c
 delete mode 120000 deps/openssl/openssl/test/shatest.c
 delete mode 100644 deps/openssl/openssl/test/smcont.txt
 delete mode 100644 deps/openssl/openssl/test/smime-certs/smdsa1.pem
 delete mode 100644 deps/openssl/openssl/test/smime-certs/smdsa2.pem
 delete mode 100644 deps/openssl/openssl/test/smime-certs/smdsa3.pem
 delete mode 100644 deps/openssl/openssl/test/smime-certs/smdsap.pem
 delete mode 100644 deps/openssl/openssl/test/smime-certs/smroot.pem
 delete mode 100644 deps/openssl/openssl/test/smime-certs/smrsa1.pem
 delete mode 100644 deps/openssl/openssl/test/smime-certs/smrsa2.pem
 delete mode 100644 deps/openssl/openssl/test/smime-certs/smrsa3.pem
 delete mode 120000 deps/openssl/openssl/test/ssltest.c
 delete mode 100644 deps/openssl/openssl/test/tcrl
 delete mode 100644 deps/openssl/openssl/test/tcrl.com
 delete mode 100644 deps/openssl/openssl/test/test.cnf
 delete mode 100644 deps/openssl/openssl/test/test_padlock
 delete mode 100644 deps/openssl/openssl/test/testca
 delete mode 100644 deps/openssl/openssl/test/testca.com
 delete mode 100644 deps/openssl/openssl/test/testcrl.pem
 delete mode 100644 deps/openssl/openssl/test/testenc
 delete mode 100644 deps/openssl/openssl/test/testenc.com
 delete mode 100644 deps/openssl/openssl/test/testgen
 delete mode 100644 deps/openssl/openssl/test/testgen.com
 delete mode 100644 deps/openssl/openssl/test/testp7.pem
 delete mode 100644 deps/openssl/openssl/test/testreq2.pem
 delete mode 100644 deps/openssl/openssl/test/testrsa.pem
 delete mode 100644 deps/openssl/openssl/test/tests.com
 delete mode 100644 deps/openssl/openssl/test/testsid.pem
 delete mode 100644 deps/openssl/openssl/test/testss
 delete mode 100644 deps/openssl/openssl/test/testss.com
 delete mode 100644 deps/openssl/openssl/test/testssl
 delete mode 100644 deps/openssl/openssl/test/testssl.com
 delete mode 100644 deps/openssl/openssl/test/testsslproxy
 delete mode 100644 deps/openssl/openssl/test/testtsa
 delete mode 100644 deps/openssl/openssl/test/testtsa.com
 delete mode 100644 deps/openssl/openssl/test/testx509.pem
 delete mode 100644 deps/openssl/openssl/test/times
 delete mode 100644 deps/openssl/openssl/test/tpkcs7
 delete mode 100644 deps/openssl/openssl/test/tpkcs7.com
 delete mode 100644 deps/openssl/openssl/test/tpkcs7d
 delete mode 100644 deps/openssl/openssl/test/tpkcs7d.com
 delete mode 100644 deps/openssl/openssl/test/treq
 delete mode 100644 deps/openssl/openssl/test/treq.com
 delete mode 100644 deps/openssl/openssl/test/trsa
 delete mode 100644 deps/openssl/openssl/test/trsa.com
 delete mode 100644 deps/openssl/openssl/test/tsid
 delete mode 100644 deps/openssl/openssl/test/tsid.com
 delete mode 100644 deps/openssl/openssl/test/tverify.com
 delete mode 100644 deps/openssl/openssl/test/tx509
 delete mode 100644 deps/openssl/openssl/test/tx509.com
 delete mode 100644 deps/openssl/openssl/test/v3-cert1.pem
 delete mode 100644 deps/openssl/openssl/test/v3-cert2.pem
 delete mode 100644 deps/openssl/openssl/test/wp_test.c

diff --git a/deps/openssl/openssl/apps/CA.com b/deps/openssl/openssl/apps/CA.com
deleted file mode 100644
index 2c0d465274f..00000000000
--- a/deps/openssl/openssl/apps/CA.com
+++ /dev/null
@@ -1,236 +0,0 @@
-$! CA - wrapper around ca to make it easier to use ... basically ca requires
-$!      some setup stuff to be done before you can use it and this makes
-$!      things easier between now and when Eric is convinced to fix it :-)
-$!
-$! CA -newca ... will setup the right stuff
-$! CA -newreq ... will generate a certificate request 
-$! CA -sign ... will sign the generated request and output 
-$!
-$! At the end of that grab newreq.pem and newcert.pem (one has the key 
-$! and the other the certificate) and cat them together and that is what
-$! you want/need ... I'll make even this a little cleaner later.
-$!
-$!
-$! 12-Jan-96 tjh    Added more things ... including CA -signcert which
-$!                  converts a certificate to a request and then signs it.
-$! 10-Jan-96 eay    Fixed a few more bugs and added the SSLEAY_CONFIG
-$!                 environment variable so this can be driven from
-$!                 a script.
-$! 25-Jul-96 eay    Cleaned up filenames some more.
-$! 11-Jun-96 eay    Fixed a few filename missmatches.
-$! 03-May-96 eay    Modified to use 'openssl cmd' instead of 'cmd'.
-$! 18-Apr-96 tjh    Original hacking
-$!
-$! Tim Hudson
-$! tjh@cryptsoft.com
-$!
-$!
-$! default ssleay.cnf file has setup as per the following
-$! demoCA ... where everything is stored
-$
-$ IF F$TYPE(SSLEAY_CONFIG) .EQS. "" THEN SSLEAY_CONFIG := SSLLIB:SSLEAY.CNF
-$
-$ DAYS   = "-days 365"
-$ REQ    = openssl + " req " + SSLEAY_CONFIG
-$ CA     = openssl + " ca " + SSLEAY_CONFIG
-$ VERIFY = openssl + " verify"
-$ X509   = openssl + " x509"
-$ PKCS12 = openssl + " pkcs12"
-$ echo   = "write sys$Output"
-$ RET = 1
-$!
-$! 2010-12-20 SMS.
-$! Use a concealed logical name to reduce command line lengths, to
-$! avoid DCL errors on VAX:
-$!     %DCL-W-TKNOVF, command element is too long - shorten
-$! (Path segments like "openssl-1_0_1-stable-SNAP-20101217" accumulate
-$! quickly.)
-$!
-$ CATOP = F$PARSE( F$ENVIRONMENT( "DEFAULT"), "[]")- "].;"+ ".demoCA.]"
-$ define /translation_attributes = concealed CATOP 'CATOP'
-$!
-$ on error then goto clean_up
-$ on control_y then goto clean_up
-$!
-$ CAKEY  = "CATOP:[private]cakey.pem"
-$ CACERT = "CATOP:[000000]cacert.pem"
-$
-$ __INPUT := SYS$COMMAND
-$!
-$ i = 1
-$opt_loop:
-$ if i .gt. 8 then goto opt_loop_end
-$
-$ prog_opt = F$EDIT(P'i',"lowercase")
-$
-$ IF (prog_opt .EQS. "?" .OR. prog_opt .EQS. "-h" .OR. prog_opt .EQS. "-help") 
-$ THEN
-$   echo "usage: CA -newcert|-newreq|-newca|-sign|-verify" 
-$   goto clean_up
-$ ENDIF
-$!
-$ IF (prog_opt .EQS. "-input")
-$ THEN
-$   ! Get input from somewhere other than SYS$COMMAND
-$   i = i + 1
-$   __INPUT = P'i'
-$   GOTO opt_loop_continue
-$ ENDIF
-$!
-$ IF (prog_opt .EQS. "-newcert")
-$ THEN
-$   ! Create a certificate.
-$   DEFINE /USER_MODE SYS$INPUT '__INPUT'
-$   REQ -new -x509 -keyout newreq.pem -out newreq.pem 'DAYS'
-$   RET=$STATUS
-$   echo "Certificate (and private key) is in newreq.pem"
-$   GOTO opt_loop_continue
-$ ENDIF
-$!
-$ IF (prog_opt .EQS. "-newreq")
-$ THEN
-$   ! Create a certificate request
-$   DEFINE /USER_MODE SYS$INPUT '__INPUT'
-$   REQ -new -keyout newreq.pem -out newreq.pem 'DAYS'
-$   RET=$STATUS
-$   echo "Request (and private key) is in newreq.pem"
-$   GOTO opt_loop_continue
-$ ENDIF
-$!
-$ IF (prog_opt .EQS. "-newca")
-$ THEN
-$   ! If explicitly asked for or it doesn't exist then setup the directory
-$   ! structure that Eric likes to manage things.
-$   IF F$SEARCH( "CATOP:[000000]serial.") .EQS. ""
-$   THEN
-$     CREATE /DIRECTORY /PROTECTION=OWNER:RWED CATOP:[000000]
-$     CREATE /DIRECTORY /PROTECTION=OWNER:RWED CATOP:[certs]
-$     CREATE /DIRECTORY /PROTECTION=OWNER:RWED CATOP:[crl]
-$     CREATE /DIRECTORY /PROTECTION=OWNER:RWED CATOP:[newcerts]
-$     CREATE /DIRECTORY /PROTECTION=OWNER:RWED CATOP:[private]
-$
-$     OPEN /WRITE ser_file CATOP:[000000]serial. 
-$     WRITE ser_file "01"
-$     CLOSE ser_file
-$     APPEND /NEW_VERSION NL: CATOP:[000000]index.txt
-$
-$     ! The following is to make sure access() doesn't get confused.  It
-$     ! really needs one file in the directory to give correct answers...
-$     COPY NLA0: CATOP:[certs].;
-$     COPY NLA0: CATOP:[crl].;
-$     COPY NLA0: CATOP:[newcerts].;
-$     COPY NLA0: CATOP:[private].;
-$   ENDIF
-$!
-$   IF F$SEARCH( CAKEY) .EQS. ""
-$   THEN
-$     READ '__INPUT' FILE -
-       /PROMPT="CA certificate filename (or enter to create): "
-$     IF (FILE .NES. "") .AND. (F$SEARCH(FILE) .NES. "")
-$     THEN
-$       COPY 'FILE' 'CAKEY'
-$       RET=$STATUS
-$     ELSE
-$       echo "Making CA certificate ..."
-$       DEFINE /USER_MODE SYS$INPUT '__INPUT'
-$       REQ -new -x509 -keyout 'CAKEY' -out 'CACERT' 'DAYS'
-$       RET=$STATUS
-$     ENDIF
-$   ENDIF
-$   GOTO opt_loop_continue
-$ ENDIF
-$!
-$ IF (prog_opt .EQS. "-pkcs12")
-$ THEN
-$   i = i + 1
-$   cname = P'i'
-$   IF cname .EQS. "" THEN cname = "My certificate"
-$   PKCS12 -in newcert.pem -inkey newreq.pem -certfile 'CACERT' -
-     -out newcert.p12 -export -name "''cname'"
-$   RET=$STATUS
-$   goto clean_up
-$ ENDIF
-$!
-$ IF (prog_opt .EQS. "-xsign")
-$ THEN
-$!
-$   DEFINE /USER_MODE SYS$INPUT '__INPUT'
-$   CA -policy policy_anything -infiles newreq.pem
-$   RET=$STATUS
-$   GOTO opt_loop_continue
-$ ENDIF
-$!
-$ IF ((prog_opt .EQS. "-sign") .OR. (prog_opt .EQS. "-signreq"))
-$ THEN
-$!   
-$   DEFINE /USER_MODE SYS$INPUT '__INPUT'
-$   CA -policy policy_anything -out newcert.pem -infiles newreq.pem
-$   RET=$STATUS
-$   type newcert.pem
-$   echo "Signed certificate is in newcert.pem"
-$   GOTO opt_loop_continue
-$ ENDIF
-$!
-$ IF (prog_opt .EQS. "-signcert")
-$  THEN
-$!   
-$   echo "Cert passphrase will be requested twice - bug?"
-$   DEFINE /USER_MODE SYS$INPUT '__INPUT'
-$   X509 -x509toreq -in newreq.pem -signkey newreq.pem -out tmp.pem
-$   DEFINE /USER_MODE SYS$INPUT '__INPUT'
-$   CA -policy policy_anything -out newcert.pem -infiles tmp.pem
-y
-y
-$   type newcert.pem
-$   echo "Signed certificate is in newcert.pem"
-$   GOTO opt_loop_continue
-$ ENDIF
-$!
-$ IF (prog_opt .EQS. "-verify")
-$ THEN
-$!   
-$   i = i + 1
-$   IF (p'i' .EQS. "")
-$   THEN
-$     DEFINE /USER_MODE SYS$INPUT '__INPUT'
-$     VERIFY "-CAfile" 'CACERT' newcert.pem
-$   ELSE
-$     j = i
-$    verify_opt_loop:
-$     IF j .GT. 8 THEN GOTO verify_opt_loop_end
-$     IF p'j' .NES. ""
-$     THEN 
-$       DEFINE /USER_MODE SYS$INPUT '__INPUT'
-$       __tmp = p'j'
-$       VERIFY "-CAfile" 'CACERT' '__tmp'
-$       tmp=$STATUS
-$       IF tmp .NE. 0 THEN RET=tmp
-$     ENDIF
-$     j = j + 1
-$     GOTO verify_opt_loop
-$    verify_opt_loop_end:
-$   ENDIF
-$   
-$   GOTO opt_loop_end
-$ ENDIF
-$!
-$ IF (prog_opt .NES. "")
-$ THEN
-$!   
-$   echo "Unknown argument ''prog_opt'"
-$   RET = 3
-$   goto clean_up
-$ ENDIF
-$
-$opt_loop_continue:
-$ i = i + 1
-$ GOTO opt_loop
-$
-$opt_loop_end:
-$!
-$clean_up:
-$!
-$ if f$trnlnm( "CATOP", "LNM$PROCESS") .nes. "" then -
-   deassign /process CATOP
-$!
-$ EXIT 'RET'
diff --git a/deps/openssl/openssl/apps/CA.pl b/deps/openssl/openssl/apps/CA.pl
deleted file mode 100644
index a3965ecea96..00000000000
--- a/deps/openssl/openssl/apps/CA.pl
+++ /dev/null
@@ -1,189 +0,0 @@
-#!/usr/bin/perl
-#
-# CA - wrapper around ca to make it easier to use ... basically ca requires
-#      some setup stuff to be done before you can use it and this makes
-#      things easier between now and when Eric is convinced to fix it :-)
-#
-# CA -newca ... will setup the right stuff
-# CA -newreq[-nodes] ... will generate a certificate request 
-# CA -sign ... will sign the generated request and output 
-#
-# At the end of that grab newreq.pem and newcert.pem (one has the key 
-# and the other the certificate) and cat them together and that is what
-# you want/need ... I'll make even this a little cleaner later.
-#
-#
-# 12-Jan-96 tjh    Added more things ... including CA -signcert which
-#                  converts a certificate to a request and then signs it.
-# 10-Jan-96 eay    Fixed a few more bugs and added the SSLEAY_CONFIG
-#		   environment variable so this can be driven from
-#		   a script.
-# 25-Jul-96 eay    Cleaned up filenames some more.
-# 11-Jun-96 eay    Fixed a few filename missmatches.
-# 03-May-96 eay    Modified to use 'ssleay cmd' instead of 'cmd'.
-# 18-Apr-96 tjh    Original hacking
-#
-# Tim Hudson
-# tjh@cryptsoft.com
-#
-
-# 27-Apr-98 snh    Translation into perl, fix existing CA bug.
-#
-#
-# Steve Henson
-# shenson@bigfoot.com
-
-# default openssl.cnf file has setup as per the following
-# demoCA ... where everything is stored
-
-my $openssl;
-if(defined $ENV{OPENSSL}) {
-	$openssl = $ENV{OPENSSL};
-} else {
-	$openssl = "openssl";
-	$ENV{OPENSSL} = $openssl;
-}
-
-$SSLEAY_CONFIG=$ENV{"SSLEAY_CONFIG"};
-$DAYS="-days 365";	# 1 year
-$CADAYS="-days 1095";	# 3 years
-$REQ="$openssl req $SSLEAY_CONFIG";
-$CA="$openssl ca $SSLEAY_CONFIG";
-$VERIFY="$openssl verify";
-$X509="$openssl x509";
-$PKCS12="$openssl pkcs12";
-
-$CATOP="./demoCA";
-$CAKEY="cakey.pem";
-$CAREQ="careq.pem";
-$CACERT="cacert.pem";
-
-$DIRMODE = 0777;
-
-$RET = 0;
-
-foreach (@ARGV) {
-	if ( /^(-\?|-h|-help)$/ ) {
-	    print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
-	    exit 0;
-	} elsif (/^-newcert$/) {
-	    # create a certificate
-	    system ("$REQ -new -x509 -keyout newkey.pem -out newcert.pem $DAYS");
-	    $RET=$?;
-	    print "Certificate is in newcert.pem, private key is in newkey.pem\n"
-	} elsif (/^-newreq$/) {
-	    # create a certificate request
-	    system ("$REQ -new -keyout newkey.pem -out newreq.pem $DAYS");
-	    $RET=$?;
-	    print "Request is in newreq.pem, private key is in newkey.pem\n";
-	} elsif (/^-newreq-nodes$/) {
-	    # create a certificate request
-	    system ("$REQ -new -nodes -keyout newkey.pem -out newreq.pem $DAYS");
-	    $RET=$?;
-	    print "Request is in newreq.pem, private key is in newkey.pem\n";
-	} elsif (/^-newca$/) {
-		# if explicitly asked for or it doesn't exist then setup the
-		# directory structure that Eric likes to manage things 
-	    $NEW="1";
-	    if ( "$NEW" || ! -f "${CATOP}/serial" ) {
-		# create the directory hierarchy
-		mkdir $CATOP, $DIRMODE;
-		mkdir "${CATOP}/certs", $DIRMODE;
-		mkdir "${CATOP}/crl", $DIRMODE ;
-		mkdir "${CATOP}/newcerts", $DIRMODE;
-		mkdir "${CATOP}/private", $DIRMODE;
-		open OUT, ">${CATOP}/index.txt";
-		close OUT;
-		open OUT, ">${CATOP}/crlnumber";
-		print OUT "01\n";
-		close OUT;
-	    }
-	    if ( ! -f "${CATOP}/private/$CAKEY" ) {
-		print "CA certificate filename (or enter to create)\n";
-		$FILE = ;
-
-		chop $FILE;
-
-		# ask user for existing CA certificate
-		if ($FILE) {
-		    cp_pem($FILE,"${CATOP}/private/$CAKEY", "PRIVATE");
-		    cp_pem($FILE,"${CATOP}/$CACERT", "CERTIFICATE");
-		    $RET=$?;
-		} else {
-		    print "Making CA certificate ...\n";
-		    system ("$REQ -new -keyout " .
-			"${CATOP}/private/$CAKEY -out ${CATOP}/$CAREQ");
-		    system ("$CA -create_serial " .
-			"-out ${CATOP}/$CACERT $CADAYS -batch " . 
-			"-keyfile ${CATOP}/private/$CAKEY -selfsign " .
-			"-extensions v3_ca " .
-			"-infiles ${CATOP}/$CAREQ ");
-		    $RET=$?;
-		}
-	    }
-	} elsif (/^-pkcs12$/) {
-	    my $cname = $ARGV[1];
-	    $cname = "My Certificate" unless defined $cname;
-	    system ("$PKCS12 -in newcert.pem -inkey newkey.pem " .
-			"-certfile ${CATOP}/$CACERT -out newcert.p12 " .
-			"-export -name \"$cname\"");
-	    $RET=$?;
-	    print "PKCS #12 file is in newcert.p12\n";
-	    exit $RET;
-	} elsif (/^-xsign$/) {
-	    system ("$CA -policy policy_anything -infiles newreq.pem");
-	    $RET=$?;
-	} elsif (/^(-sign|-signreq)$/) {
-	    system ("$CA -policy policy_anything -out newcert.pem " .
-							"-infiles newreq.pem");
-	    $RET=$?;
-	    print "Signed certificate is in newcert.pem\n";
-	} elsif (/^(-signCA)$/) {
-	    system ("$CA -policy policy_anything -out newcert.pem " .
-					"-extensions v3_ca -infiles newreq.pem");
-	    $RET=$?;
-	    print "Signed CA certificate is in newcert.pem\n";
-	} elsif (/^-signcert$/) {
-	    system ("$X509 -x509toreq -in newreq.pem -signkey newreq.pem " .
-								"-out tmp.pem");
-	    system ("$CA -policy policy_anything -out newcert.pem " .
-							"-infiles tmp.pem");
-	    $RET = $?;
-	    print "Signed certificate is in newcert.pem\n";
-	} elsif (/^-verify$/) {
-	    if (shift) {
-		foreach $j (@ARGV) {
-		    system ("$VERIFY -CAfile $CATOP/$CACERT $j");
-		    $RET=$? if ($? != 0);
-		}
-		exit $RET;
-	    } else {
-		    system ("$VERIFY -CAfile $CATOP/$CACERT newcert.pem");
-		    $RET=$?;
-	    	    exit 0;
-	    }
-	} else {
-	    print STDERR "Unknown arg $_\n";
-	    print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
-	    exit 1;
-	}
-}
-
-exit $RET;
-
-sub cp_pem {
-my ($infile, $outfile, $bound) = @_;
-open IN, $infile;
-open OUT, ">$outfile";
-my $flag = 0;
-while () {
-	$flag = 1 if (/^-----BEGIN.*$bound/) ;
-	print OUT $_ if ($flag);
-	if (/^-----END.*$bound/) {
-		close IN;
-		close OUT;
-		return;
-	}
-}
-}
-
diff --git a/deps/openssl/openssl/apps/CA.pl.in b/deps/openssl/openssl/apps/CA.pl.in
deleted file mode 100644
index c783a6e6a54..00000000000
--- a/deps/openssl/openssl/apps/CA.pl.in
+++ /dev/null
@@ -1,189 +0,0 @@
-#!/usr/local/bin/perl
-#
-# CA - wrapper around ca to make it easier to use ... basically ca requires
-#      some setup stuff to be done before you can use it and this makes
-#      things easier between now and when Eric is convinced to fix it :-)
-#
-# CA -newca ... will setup the right stuff
-# CA -newreq[-nodes] ... will generate a certificate request 
-# CA -sign ... will sign the generated request and output 
-#
-# At the end of that grab newreq.pem and newcert.pem (one has the key 
-# and the other the certificate) and cat them together and that is what
-# you want/need ... I'll make even this a little cleaner later.
-#
-#
-# 12-Jan-96 tjh    Added more things ... including CA -signcert which
-#                  converts a certificate to a request and then signs it.
-# 10-Jan-96 eay    Fixed a few more bugs and added the SSLEAY_CONFIG
-#		   environment variable so this can be driven from
-#		   a script.
-# 25-Jul-96 eay    Cleaned up filenames some more.
-# 11-Jun-96 eay    Fixed a few filename missmatches.
-# 03-May-96 eay    Modified to use 'ssleay cmd' instead of 'cmd'.
-# 18-Apr-96 tjh    Original hacking
-#
-# Tim Hudson
-# tjh@cryptsoft.com
-#
-
-# 27-Apr-98 snh    Translation into perl, fix existing CA bug.
-#
-#
-# Steve Henson
-# shenson@bigfoot.com
-
-# default openssl.cnf file has setup as per the following
-# demoCA ... where everything is stored
-
-my $openssl;
-if(defined $ENV{OPENSSL}) {
-	$openssl = $ENV{OPENSSL};
-} else {
-	$openssl = "openssl";
-	$ENV{OPENSSL} = $openssl;
-}
-
-$SSLEAY_CONFIG=$ENV{"SSLEAY_CONFIG"};
-$DAYS="-days 365";	# 1 year
-$CADAYS="-days 1095";	# 3 years
-$REQ="$openssl req $SSLEAY_CONFIG";
-$CA="$openssl ca $SSLEAY_CONFIG";
-$VERIFY="$openssl verify";
-$X509="$openssl x509";
-$PKCS12="$openssl pkcs12";
-
-$CATOP="./demoCA";
-$CAKEY="cakey.pem";
-$CAREQ="careq.pem";
-$CACERT="cacert.pem";
-
-$DIRMODE = 0777;
-
-$RET = 0;
-
-foreach (@ARGV) {
-	if ( /^(-\?|-h|-help)$/ ) {
-	    print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
-	    exit 0;
-	} elsif (/^-newcert$/) {
-	    # create a certificate
-	    system ("$REQ -new -x509 -keyout newkey.pem -out newcert.pem $DAYS");
-	    $RET=$?;
-	    print "Certificate is in newcert.pem, private key is in newkey.pem\n"
-	} elsif (/^-newreq$/) {
-	    # create a certificate request
-	    system ("$REQ -new -keyout newkey.pem -out newreq.pem $DAYS");
-	    $RET=$?;
-	    print "Request is in newreq.pem, private key is in newkey.pem\n";
-	} elsif (/^-newreq-nodes$/) {
-	    # create a certificate request
-	    system ("$REQ -new -nodes -keyout newkey.pem -out newreq.pem $DAYS");
-	    $RET=$?;
-	    print "Request is in newreq.pem, private key is in newkey.pem\n";
-	} elsif (/^-newca$/) {
-		# if explicitly asked for or it doesn't exist then setup the
-		# directory structure that Eric likes to manage things 
-	    $NEW="1";
-	    if ( "$NEW" || ! -f "${CATOP}/serial" ) {
-		# create the directory hierarchy
-		mkdir $CATOP, $DIRMODE;
-		mkdir "${CATOP}/certs", $DIRMODE;
-		mkdir "${CATOP}/crl", $DIRMODE ;
-		mkdir "${CATOP}/newcerts", $DIRMODE;
-		mkdir "${CATOP}/private", $DIRMODE;
-		open OUT, ">${CATOP}/index.txt";
-		close OUT;
-		open OUT, ">${CATOP}/crlnumber";
-		print OUT "01\n";
-		close OUT;
-	    }
-	    if ( ! -f "${CATOP}/private/$CAKEY" ) {
-		print "CA certificate filename (or enter to create)\n";
-		$FILE = ;
-
-		chop $FILE;
-
-		# ask user for existing CA certificate
-		if ($FILE) {
-		    cp_pem($FILE,"${CATOP}/private/$CAKEY", "PRIVATE");
-		    cp_pem($FILE,"${CATOP}/$CACERT", "CERTIFICATE");
-		    $RET=$?;
-		} else {
-		    print "Making CA certificate ...\n";
-		    system ("$REQ -new -keyout " .
-			"${CATOP}/private/$CAKEY -out ${CATOP}/$CAREQ");
-		    system ("$CA -create_serial " .
-			"-out ${CATOP}/$CACERT $CADAYS -batch " . 
-			"-keyfile ${CATOP}/private/$CAKEY -selfsign " .
-			"-extensions v3_ca " .
-			"-infiles ${CATOP}/$CAREQ ");
-		    $RET=$?;
-		}
-	    }
-	} elsif (/^-pkcs12$/) {
-	    my $cname = $ARGV[1];
-	    $cname = "My Certificate" unless defined $cname;
-	    system ("$PKCS12 -in newcert.pem -inkey newkey.pem " .
-			"-certfile ${CATOP}/$CACERT -out newcert.p12 " .
-			"-export -name \"$cname\"");
-	    $RET=$?;
-	    print "PKCS #12 file is in newcert.p12\n";
-	    exit $RET;
-	} elsif (/^-xsign$/) {
-	    system ("$CA -policy policy_anything -infiles newreq.pem");
-	    $RET=$?;
-	} elsif (/^(-sign|-signreq)$/) {
-	    system ("$CA -policy policy_anything -out newcert.pem " .
-							"-infiles newreq.pem");
-	    $RET=$?;
-	    print "Signed certificate is in newcert.pem\n";
-	} elsif (/^(-signCA)$/) {
-	    system ("$CA -policy policy_anything -out newcert.pem " .
-					"-extensions v3_ca -infiles newreq.pem");
-	    $RET=$?;
-	    print "Signed CA certificate is in newcert.pem\n";
-	} elsif (/^-signcert$/) {
-	    system ("$X509 -x509toreq -in newreq.pem -signkey newreq.pem " .
-								"-out tmp.pem");
-	    system ("$CA -policy policy_anything -out newcert.pem " .
-							"-infiles tmp.pem");
-	    $RET = $?;
-	    print "Signed certificate is in newcert.pem\n";
-	} elsif (/^-verify$/) {
-	    if (shift) {
-		foreach $j (@ARGV) {
-		    system ("$VERIFY -CAfile $CATOP/$CACERT $j");
-		    $RET=$? if ($? != 0);
-		}
-		exit $RET;
-	    } else {
-		    system ("$VERIFY -CAfile $CATOP/$CACERT newcert.pem");
-		    $RET=$?;
-	    	    exit 0;
-	    }
-	} else {
-	    print STDERR "Unknown arg $_\n";
-	    print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
-	    exit 1;
-	}
-}
-
-exit $RET;
-
-sub cp_pem {
-my ($infile, $outfile, $bound) = @_;
-open IN, $infile;
-open OUT, ">$outfile";
-my $flag = 0;
-while () {
-	$flag = 1 if (/^-----BEGIN.*$bound/) ;
-	print OUT $_ if ($flag);
-	if (/^-----END.*$bound/) {
-		close IN;
-		close OUT;
-		return;
-	}
-}
-}
-
diff --git a/deps/openssl/openssl/apps/CA.sh b/deps/openssl/openssl/apps/CA.sh
deleted file mode 100644
index 7ad6b8c52e7..00000000000
--- a/deps/openssl/openssl/apps/CA.sh
+++ /dev/null
@@ -1,198 +0,0 @@
-#!/bin/sh
-#
-# CA - wrapper around ca to make it easier to use ... basically ca requires
-#      some setup stuff to be done before you can use it and this makes
-#      things easier between now and when Eric is convinced to fix it :-)
-#
-# CA -newca ... will setup the right stuff
-# CA -newreq ... will generate a certificate request
-# CA -sign ... will sign the generated request and output
-#
-# At the end of that grab newreq.pem and newcert.pem (one has the key
-# and the other the certificate) and cat them together and that is what
-# you want/need ... I'll make even this a little cleaner later.
-#
-#
-# 12-Jan-96 tjh    Added more things ... including CA -signcert which
-#                  converts a certificate to a request and then signs it.
-# 10-Jan-96 eay    Fixed a few more bugs and added the SSLEAY_CONFIG
-#                  environment variable so this can be driven from
-#                  a script.
-# 25-Jul-96 eay    Cleaned up filenames some more.
-# 11-Jun-96 eay    Fixed a few filename missmatches.
-# 03-May-96 eay    Modified to use 'ssleay cmd' instead of 'cmd'.
-# 18-Apr-96 tjh    Original hacking
-#
-# Tim Hudson
-# tjh@cryptsoft.com
-#
-
-# default openssl.cnf file has setup as per the following
-# demoCA ... where everything is stored
-cp_pem() {
-    infile=$1
-    outfile=$2
-    bound=$3
-    flag=0
-    exec <$infile;
-    while read line; do
-	if [ $flag -eq 1 ]; then
-		echo $line|grep "^-----END.*$bound"  2>/dev/null 1>/dev/null
-		if [ $? -eq 0 ] ; then
-			echo $line >>$outfile
-			break
-		else
-			echo $line >>$outfile
-		fi
-	fi
-
-	echo $line|grep "^-----BEGIN.*$bound"  2>/dev/null 1>/dev/null
-	if [ $? -eq 0 ]; then
-		echo $line >$outfile
-		flag=1
-	fi
-    done
-}
-
-usage() {
- echo "usage: $0 -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify" >&2
-}
-
-if [ -z "$OPENSSL" ]; then OPENSSL=openssl; fi
-
-if [ -z "$DAYS" ] ; then DAYS="-days 365" ; fi	# 1 year
-CADAYS="-days 1095"	# 3 years
-REQ="$OPENSSL req $SSLEAY_CONFIG"
-CA="$OPENSSL ca $SSLEAY_CONFIG"
-VERIFY="$OPENSSL verify"
-X509="$OPENSSL x509"
-PKCS12="openssl pkcs12"
-
-if [ -z "$CATOP" ] ; then CATOP=./demoCA ; fi
-CAKEY=./cakey.pem
-CAREQ=./careq.pem
-CACERT=./cacert.pem
-
-RET=0
-
-while [ "$1" != "" ] ; do
-case $1 in
--\?|-h|-help)
-    usage
-    exit 0
-    ;;
--newcert)
-    # create a certificate
-    $REQ -new -x509 -keyout newkey.pem -out newcert.pem $DAYS
-    RET=$?
-    echo "Certificate is in newcert.pem, private key is in newkey.pem"
-    ;;
--newreq)
-    # create a certificate request
-    $REQ -new -keyout newkey.pem -out newreq.pem $DAYS
-    RET=$?
-    echo "Request is in newreq.pem, private key is in newkey.pem"
-    ;;
--newreq-nodes) 
-    # create a certificate request
-    $REQ -new -nodes -keyout newreq.pem -out newreq.pem $DAYS
-    RET=$?
-    echo "Request (and private key) is in newreq.pem"
-    ;;
--newca)
-    # if explicitly asked for or it doesn't exist then setup the directory
-    # structure that Eric likes to manage things
-    NEW="1"
-    if [ "$NEW" -o ! -f ${CATOP}/serial ]; then
-	# create the directory hierarchy
-	mkdir -p ${CATOP}
-	mkdir -p ${CATOP}/certs
-	mkdir -p ${CATOP}/crl
-	mkdir -p ${CATOP}/newcerts
-	mkdir -p ${CATOP}/private
-	touch ${CATOP}/index.txt
-    fi
-    if [ ! -f ${CATOP}/private/$CAKEY ]; then
-	echo "CA certificate filename (or enter to create)"
-	read FILE
-
-	# ask user for existing CA certificate
-	if [ "$FILE" ]; then
-	    cp_pem $FILE ${CATOP}/private/$CAKEY PRIVATE
-	    cp_pem $FILE ${CATOP}/$CACERT CERTIFICATE
-	    RET=$?
-	    if [ ! -f "${CATOP}/serial" ]; then
-		$X509 -in ${CATOP}/$CACERT -noout -next_serial \
-		      -out ${CATOP}/serial
-	    fi
-	else
-	    echo "Making CA certificate ..."
-	    $REQ -new -keyout ${CATOP}/private/$CAKEY \
-			   -out ${CATOP}/$CAREQ
-	    $CA -create_serial -out ${CATOP}/$CACERT $CADAYS -batch \
-			   -keyfile ${CATOP}/private/$CAKEY -selfsign \
-			   -extensions v3_ca \
-			   -infiles ${CATOP}/$CAREQ
-	    RET=$?
-	fi
-    fi
-    ;;
--xsign)
-    $CA -policy policy_anything -infiles newreq.pem
-    RET=$?
-    ;;
--pkcs12)
-    if [ -z "$2" ] ; then
-	CNAME="My Certificate"
-    else
-	CNAME="$2"
-    fi
-    $PKCS12 -in newcert.pem -inkey newreq.pem -certfile ${CATOP}/$CACERT \
-	    -out newcert.p12 -export -name "$CNAME"
-    RET=$?
-    exit $RET
-    ;;
--sign|-signreq)
-    $CA -policy policy_anything -out newcert.pem -infiles newreq.pem
-    RET=$?
-    cat newcert.pem
-    echo "Signed certificate is in newcert.pem"
-    ;;
--signCA)
-    $CA -policy policy_anything -out newcert.pem -extensions v3_ca -infiles newreq.pem
-    RET=$?
-    echo "Signed CA certificate is in newcert.pem"
-    ;;
--signcert)
-    echo "Cert passphrase will be requested twice - bug?"
-    $X509 -x509toreq -in newreq.pem -signkey newreq.pem -out tmp.pem
-    $CA -policy policy_anything -out newcert.pem -infiles tmp.pem
-    RET=$?
-    cat newcert.pem
-    echo "Signed certificate is in newcert.pem"
-    ;;
--verify)
-    shift
-    if [ -z "$1" ]; then
-	    $VERIFY -CAfile $CATOP/$CACERT newcert.pem
-	    RET=$?
-    else
-	for j
-	do
-	    $VERIFY -CAfile $CATOP/$CACERT $j
-	    if [ $? != 0 ]; then
-		    RET=$?
-	    fi
-	done
-    fi
-    exit $RET
-    ;;
-*)
-    echo "Unknown arg $i" >&2
-    usage
-    exit 1
-    ;;
-esac
-shift
-done
-exit $RET
diff --git a/deps/openssl/openssl/apps/Makefile b/deps/openssl/openssl/apps/Makefile
deleted file mode 100644
index fa32d2d7e71..00000000000
--- a/deps/openssl/openssl/apps/Makefile
+++ /dev/null
@@ -1,1035 +0,0 @@
-#
-#  apps/Makefile
-#
-
-DIR=		apps
-TOP=		..
-CC=		cc
-INCLUDES=	-I$(TOP) -I../include $(KRB5_INCLUDES)
-CFLAG=		-g -static
-MAKEFILE=	Makefile
-PERL=		perl
-RM=		rm -f
-# KRB5 stuff
-KRB5_INCLUDES=
-LIBKRB5=
-
-PEX_LIBS=
-EX_LIBS= 
-EXE_EXT= 
-
-SHLIB_TARGET=
-
-CFLAGS= -DMONOLITH $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile makeapps.com install.com
-
-DLIBCRYPTO=../libcrypto.a
-DLIBSSL=../libssl.a
-LIBCRYPTO=-L.. -lcrypto
-LIBSSL=-L.. -lssl
-
-PROGRAM= openssl
-
-SCRIPTS=CA.sh CA.pl tsget
-
-EXE= $(PROGRAM)$(EXE_EXT)
-
-E_EXE=	verify asn1pars req dgst dh dhparam enc passwd gendh errstr \
-	ca crl rsa rsautl dsa dsaparam ec ecparam \
-	x509 genrsa gendsa genpkey s_server s_client speed \
-	s_time version pkcs7 cms crl2pkcs7 sess_id ciphers nseq pkcs12 \
-	pkcs8 pkey pkeyparam pkeyutl spkac smime rand engine ocsp prime ts
-
-PROGS= $(PROGRAM).c
-
-A_OBJ=apps.o
-A_SRC=apps.c
-S_OBJ=	s_cb.o s_socket.o
-S_SRC=	s_cb.c s_socket.c
-RAND_OBJ=app_rand.o
-RAND_SRC=app_rand.c
-
-E_OBJ=	verify.o asn1pars.o req.o dgst.o dh.o dhparam.o enc.o passwd.o gendh.o errstr.o \
-	ca.o pkcs7.o crl2p7.o crl.o \
-	rsa.o rsautl.o dsa.o dsaparam.o ec.o ecparam.o \
-	x509.o genrsa.o gendsa.o genpkey.o s_server.o s_client.o speed.o \
-	s_time.o $(A_OBJ) $(S_OBJ) $(RAND_OBJ) version.o sess_id.o \
-	ciphers.o nseq.o pkcs12.o pkcs8.o pkey.o pkeyparam.o pkeyutl.o \
-	spkac.o smime.o cms.o rand.o engine.o ocsp.o prime.o ts.o
-
-E_SRC=	verify.c asn1pars.c req.c dgst.c dh.c enc.c passwd.c gendh.c errstr.c ca.c \
-	pkcs7.c crl2p7.c crl.c \
-	rsa.c rsautl.c dsa.c dsaparam.c ec.c ecparam.c \
-	x509.c genrsa.c gendsa.c genpkey.c s_server.c s_client.c speed.c \
-	s_time.c $(A_SRC) $(S_SRC) $(RAND_SRC) version.c sess_id.c \
-	ciphers.c nseq.c pkcs12.c pkcs8.c pkey.c pkeyparam.c pkeyutl.c \
-	spkac.c smime.c cms.c rand.c engine.c ocsp.c prime.c ts.c
-
-SRC=$(E_SRC)
-
-EXHEADER=
-HEADER=	apps.h progs.h s_apps.h \
-	testdsa.h testrsa.h \
-	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	@(cd ..; $(MAKE) DIRS=$(DIR) all)
-
-all:	exe
-
-exe:	$(EXE)
-
-req: sreq.o $(A_OBJ) $(DLIBCRYPTO)
-	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
-		shlib_target="$(SHLIB_TARGET)"; \
-	fi; \
-	$(MAKE) -f $(TOP)/Makefile.shared -e \
-		APPNAME=req OBJECTS="sreq.o $(A_OBJ) $(RAND_OBJ)" \
-		LIBDEPS="$(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)" \
-		link_app.$${shlib_target}
-
-sreq.o: req.c 
-	$(CC) -c $(INCLUDES) $(CFLAG) -o sreq.o req.c
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
-
-install:
-	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
-	@set -e; for i in $(EXE); \
-	do  \
-	(echo installing $$i; \
-	 cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
-	 chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
-	 mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \
-	 done;
-	@set -e; for i in $(SCRIPTS); \
-	do  \
-	(echo installing $$i; \
-	 cp $$i $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \
-	 chmod 755 $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \
-	 mv -f $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i ); \
-	 done
-	@cp openssl.cnf $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new; \
-	chmod 644 $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new; \
-	mv -f  $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-links:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	@if [ -z "$(THIS)" ]; then \
-	    $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; \
-	else \
-	    $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC); \
-	fi
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-	rm -f CA.pl
-
-clean:
-	rm -f *.o *.obj *.dll lib tags core .pure .nfs* *.old *.bak fluff $(EXE)
-	rm -f req
-
-$(DLIBSSL):
-	(cd ..; $(MAKE) DIRS=ssl all)
-
-$(DLIBCRYPTO):
-	(cd ..; $(MAKE) DIRS=crypto all)
-
-$(EXE): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL)
-	$(RM) $(EXE)
-	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
-		shlib_target="$(SHLIB_TARGET)"; \
-	fi; \
-	LIBRARIES="$(LIBSSL) $(LIBKRB5) $(LIBCRYPTO)" ; \
-	$(MAKE) -f $(TOP)/Makefile.shared -e \
-		APPNAME=$(EXE) OBJECTS="$(PROGRAM).o $(E_OBJ)" \
-		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
-		link_app.$${shlib_target}
-	@(cd ..; $(MAKE) rehash)
-
-progs.h: progs.pl
-	$(PERL) progs.pl $(E_EXE) >progs.h
-	$(RM) $(PROGRAM).o
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-app_rand.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-app_rand.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-app_rand.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-app_rand.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-app_rand.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-app_rand.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-app_rand.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-app_rand.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-app_rand.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-app_rand.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-app_rand.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-app_rand.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-app_rand.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-app_rand.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h
-app_rand.o: app_rand.c apps.h
-apps.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-apps.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-apps.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-apps.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-apps.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-apps.o: ../include/openssl/engine.h ../include/openssl/err.h
-apps.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-apps.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-apps.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-apps.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-apps.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-apps.o: ../include/openssl/pkcs12.h ../include/openssl/pkcs7.h
-apps.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-apps.o: ../include/openssl/sha.h ../include/openssl/stack.h
-apps.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-apps.o: ../include/openssl/ui.h ../include/openssl/x509.h
-apps.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.c apps.h
-asn1pars.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-asn1pars.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-asn1pars.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-asn1pars.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-asn1pars.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-asn1pars.o: ../include/openssl/err.h ../include/openssl/evp.h
-asn1pars.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-asn1pars.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-asn1pars.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-asn1pars.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-asn1pars.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-asn1pars.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-asn1pars.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-asn1pars.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-asn1pars.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
-asn1pars.o: asn1pars.c
-ca.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ca.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ca.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-ca.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-ca.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-ca.o: ../include/openssl/engine.h ../include/openssl/err.h
-ca.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-ca.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-ca.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-ca.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-ca.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ca.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-ca.o: ../include/openssl/sha.h ../include/openssl/stack.h
-ca.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-ca.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-ca.o: ../include/openssl/x509v3.h apps.h ca.c
-ciphers.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ciphers.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-ciphers.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-ciphers.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-ciphers.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-ciphers.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-ciphers.o: ../include/openssl/err.h ../include/openssl/evp.h
-ciphers.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
-ciphers.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-ciphers.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-ciphers.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ciphers.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-ciphers.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ciphers.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h
-ciphers.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-ciphers.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-ciphers.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-ciphers.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-ciphers.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-ciphers.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
-ciphers.o: ciphers.c
-cms.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-cms.o: ../include/openssl/buffer.h ../include/openssl/cms.h
-cms.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-cms.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-cms.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-cms.o: ../include/openssl/engine.h ../include/openssl/err.h
-cms.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-cms.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-cms.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-cms.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-cms.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-cms.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-cms.o: ../include/openssl/sha.h ../include/openssl/stack.h
-cms.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-cms.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-cms.o: ../include/openssl/x509v3.h apps.h cms.c
-crl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-crl.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-crl.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-crl.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-crl.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-crl.o: ../include/openssl/err.h ../include/openssl/evp.h
-crl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-crl.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-crl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-crl.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-crl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-crl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-crl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-crl.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-crl.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h crl.c
-crl2p7.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-crl2p7.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-crl2p7.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-crl2p7.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-crl2p7.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-crl2p7.o: ../include/openssl/err.h ../include/openssl/evp.h
-crl2p7.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-crl2p7.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-crl2p7.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-crl2p7.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-crl2p7.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-crl2p7.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-crl2p7.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-crl2p7.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-crl2p7.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
-crl2p7.o: crl2p7.c
-dgst.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-dgst.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-dgst.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-dgst.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-dgst.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-dgst.o: ../include/openssl/err.h ../include/openssl/evp.h
-dgst.o: ../include/openssl/hmac.h ../include/openssl/lhash.h
-dgst.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-dgst.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-dgst.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-dgst.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-dgst.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-dgst.o: ../include/openssl/sha.h ../include/openssl/stack.h
-dgst.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-dgst.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-dgst.o: ../include/openssl/x509v3.h apps.h dgst.c
-dh.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-dh.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-dh.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-dh.o: ../include/openssl/dh.h ../include/openssl/e_os2.h
-dh.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-dh.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-dh.o: ../include/openssl/err.h ../include/openssl/evp.h
-dh.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-dh.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-dh.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-dh.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-dh.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-dh.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-dh.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-dh.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-dh.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h dh.c
-dsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-dsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-dsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-dsa.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-dsa.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-dsa.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-dsa.o: ../include/openssl/err.h ../include/openssl/evp.h
-dsa.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-dsa.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-dsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-dsa.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-dsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-dsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-dsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-dsa.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-dsa.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h dsa.c
-dsaparam.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-dsaparam.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-dsaparam.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-dsaparam.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-dsaparam.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-dsaparam.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-dsaparam.o: ../include/openssl/engine.h ../include/openssl/err.h
-dsaparam.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-dsaparam.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-dsaparam.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-dsaparam.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-dsaparam.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-dsaparam.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-dsaparam.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-dsaparam.o: ../include/openssl/sha.h ../include/openssl/stack.h
-dsaparam.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-dsaparam.o: ../include/openssl/ui.h ../include/openssl/x509.h
-dsaparam.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
-dsaparam.o: dsaparam.c
-ec.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ec.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-ec.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-ec.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-ec.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-ec.o: ../include/openssl/err.h ../include/openssl/evp.h
-ec.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-ec.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-ec.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ec.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-ec.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ec.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ec.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ec.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-ec.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h ec.c
-ecparam.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ecparam.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ecparam.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-ecparam.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-ecparam.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-ecparam.o: ../include/openssl/engine.h ../include/openssl/err.h
-ecparam.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-ecparam.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-ecparam.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-ecparam.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-ecparam.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ecparam.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-ecparam.o: ../include/openssl/sha.h ../include/openssl/stack.h
-ecparam.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-ecparam.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-ecparam.o: ../include/openssl/x509v3.h apps.h ecparam.c
-enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-enc.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-enc.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-enc.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-enc.o: ../include/openssl/engine.h ../include/openssl/err.h
-enc.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-enc.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-enc.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-enc.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-enc.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h enc.c
-engine.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-engine.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-engine.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-engine.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-engine.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-engine.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-engine.o: ../include/openssl/err.h ../include/openssl/evp.h
-engine.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
-engine.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-engine.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-engine.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-engine.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-engine.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-engine.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h
-engine.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-engine.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-engine.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-engine.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-engine.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-engine.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
-engine.o: engine.c
-errstr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-errstr.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-errstr.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-errstr.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-errstr.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-errstr.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-errstr.o: ../include/openssl/err.h ../include/openssl/evp.h
-errstr.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
-errstr.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-errstr.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-errstr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-errstr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-errstr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-errstr.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h
-errstr.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-errstr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-errstr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-errstr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-errstr.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-errstr.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
-errstr.o: errstr.c
-gendh.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-gendh.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-gendh.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-gendh.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-gendh.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-gendh.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-gendh.o: ../include/openssl/engine.h ../include/openssl/err.h
-gendh.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-gendh.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-gendh.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-gendh.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-gendh.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-gendh.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-gendh.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-gendh.o: ../include/openssl/sha.h ../include/openssl/stack.h
-gendh.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-gendh.o: ../include/openssl/ui.h ../include/openssl/x509.h
-gendh.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
-gendh.o: gendh.c
-gendsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-gendsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-gendsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-gendsa.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-gendsa.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-gendsa.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-gendsa.o: ../include/openssl/err.h ../include/openssl/evp.h
-gendsa.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-gendsa.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-gendsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-gendsa.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-gendsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-gendsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-gendsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-gendsa.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-gendsa.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
-gendsa.o: gendsa.c
-genpkey.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-genpkey.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-genpkey.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-genpkey.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-genpkey.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-genpkey.o: ../include/openssl/err.h ../include/openssl/evp.h
-genpkey.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-genpkey.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-genpkey.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-genpkey.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-genpkey.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-genpkey.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-genpkey.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-genpkey.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-genpkey.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
-genpkey.o: genpkey.c
-genrsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-genrsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-genrsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-genrsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-genrsa.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-genrsa.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-genrsa.o: ../include/openssl/engine.h ../include/openssl/err.h
-genrsa.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-genrsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-genrsa.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-genrsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-genrsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-genrsa.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-genrsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-genrsa.o: ../include/openssl/sha.h ../include/openssl/stack.h
-genrsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-genrsa.o: ../include/openssl/ui.h ../include/openssl/x509.h
-genrsa.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
-genrsa.o: genrsa.c
-nseq.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-nseq.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-nseq.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-nseq.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-nseq.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-nseq.o: ../include/openssl/err.h ../include/openssl/evp.h
-nseq.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-nseq.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-nseq.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-nseq.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-nseq.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-nseq.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-nseq.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-nseq.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-nseq.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h nseq.c
-ocsp.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ocsp.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ocsp.o: ../include/openssl/comp.h ../include/openssl/conf.h
-ocsp.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
-ocsp.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-ocsp.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-ocsp.o: ../include/openssl/engine.h ../include/openssl/err.h
-ocsp.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-ocsp.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-ocsp.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-ocsp.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-ocsp.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-ocsp.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ocsp.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
-ocsp.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ocsp.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ocsp.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ocsp.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ocsp.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h
-ocsp.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-ocsp.o: ../include/openssl/x509v3.h apps.h ocsp.c
-openssl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-openssl.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-openssl.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-openssl.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-openssl.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-openssl.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-openssl.o: ../include/openssl/err.h ../include/openssl/evp.h
-openssl.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
-openssl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-openssl.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-openssl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-openssl.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-openssl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-openssl.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h
-openssl.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-openssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-openssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-openssl.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-openssl.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-openssl.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
-openssl.o: openssl.c progs.h s_apps.h
-passwd.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-passwd.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-passwd.o: ../include/openssl/crypto.h ../include/openssl/des.h
-passwd.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h
-passwd.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-passwd.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-passwd.o: ../include/openssl/err.h ../include/openssl/evp.h
-passwd.o: ../include/openssl/lhash.h ../include/openssl/md5.h
-passwd.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-passwd.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-passwd.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-passwd.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-passwd.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-passwd.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-passwd.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
-passwd.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-passwd.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
-passwd.o: passwd.c
-pkcs12.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-pkcs12.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-pkcs12.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-pkcs12.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-pkcs12.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-pkcs12.o: ../include/openssl/err.h ../include/openssl/evp.h
-pkcs12.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-pkcs12.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-pkcs12.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-pkcs12.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-pkcs12.o: ../include/openssl/pem2.h ../include/openssl/pkcs12.h
-pkcs12.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-pkcs12.o: ../include/openssl/sha.h ../include/openssl/stack.h
-pkcs12.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-pkcs12.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-pkcs12.o: ../include/openssl/x509v3.h apps.h pkcs12.c
-pkcs7.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-pkcs7.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-pkcs7.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-pkcs7.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-pkcs7.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-pkcs7.o: ../include/openssl/err.h ../include/openssl/evp.h
-pkcs7.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-pkcs7.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-pkcs7.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-pkcs7.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-pkcs7.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-pkcs7.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-pkcs7.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-pkcs7.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-pkcs7.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
-pkcs7.o: pkcs7.c
-pkcs8.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-pkcs8.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-pkcs8.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-pkcs8.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-pkcs8.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-pkcs8.o: ../include/openssl/err.h ../include/openssl/evp.h
-pkcs8.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-pkcs8.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-pkcs8.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-pkcs8.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-pkcs8.o: ../include/openssl/pem2.h ../include/openssl/pkcs12.h
-pkcs8.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-pkcs8.o: ../include/openssl/sha.h ../include/openssl/stack.h
-pkcs8.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-pkcs8.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-pkcs8.o: ../include/openssl/x509v3.h apps.h pkcs8.c
-pkey.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-pkey.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-pkey.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-pkey.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-pkey.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-pkey.o: ../include/openssl/err.h ../include/openssl/evp.h
-pkey.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-pkey.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-pkey.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-pkey.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-pkey.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-pkey.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-pkey.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-pkey.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-pkey.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h pkey.c
-pkeyparam.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-pkeyparam.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-pkeyparam.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-pkeyparam.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-pkeyparam.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-pkeyparam.o: ../include/openssl/err.h ../include/openssl/evp.h
-pkeyparam.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-pkeyparam.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-pkeyparam.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-pkeyparam.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-pkeyparam.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-pkeyparam.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-pkeyparam.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-pkeyparam.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-pkeyparam.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
-pkeyparam.o: pkeyparam.c
-pkeyutl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-pkeyutl.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-pkeyutl.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-pkeyutl.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-pkeyutl.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-pkeyutl.o: ../include/openssl/err.h ../include/openssl/evp.h
-pkeyutl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-pkeyutl.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-pkeyutl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-pkeyutl.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-pkeyutl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-pkeyutl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-pkeyutl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-pkeyutl.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-pkeyutl.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
-pkeyutl.o: pkeyutl.c
-prime.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-prime.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-prime.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-prime.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-prime.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-prime.o: ../include/openssl/engine.h ../include/openssl/evp.h
-prime.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-prime.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-prime.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-prime.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
-prime.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-prime.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-prime.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-prime.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
-prime.o: prime.c
-rand.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-rand.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-rand.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-rand.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-rand.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-rand.o: ../include/openssl/err.h ../include/openssl/evp.h
-rand.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-rand.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-rand.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-rand.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
-rand.o: ../include/openssl/rand.h ../include/openssl/safestack.h
-rand.o: ../include/openssl/sha.h ../include/openssl/stack.h
-rand.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-rand.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-rand.o: ../include/openssl/x509v3.h apps.h rand.c
-req.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-req.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-req.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-req.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-req.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-req.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-req.o: ../include/openssl/engine.h ../include/openssl/err.h
-req.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-req.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-req.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-req.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-req.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-req.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-req.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-req.o: ../include/openssl/sha.h ../include/openssl/stack.h
-req.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-req.o: ../include/openssl/ui.h ../include/openssl/x509.h
-req.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h req.c
-rsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-rsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-rsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-rsa.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-rsa.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-rsa.o: ../include/openssl/engine.h ../include/openssl/err.h
-rsa.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-rsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-rsa.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-rsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-rsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-rsa.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
-rsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-rsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-rsa.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-rsa.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h rsa.c
-rsautl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-rsautl.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-rsautl.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-rsautl.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-rsautl.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-rsautl.o: ../include/openssl/err.h ../include/openssl/evp.h
-rsautl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-rsautl.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-rsautl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-rsautl.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-rsautl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-rsautl.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-rsautl.o: ../include/openssl/sha.h ../include/openssl/stack.h
-rsautl.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-rsautl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-rsautl.o: ../include/openssl/x509v3.h apps.h rsautl.c
-s_cb.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s_cb.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s_cb.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-s_cb.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-s_cb.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-s_cb.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-s_cb.o: ../include/openssl/err.h ../include/openssl/evp.h
-s_cb.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
-s_cb.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-s_cb.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-s_cb.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s_cb.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s_cb.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s_cb.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
-s_cb.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s_cb.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s_cb.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s_cb.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s_cb.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h
-s_cb.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-s_cb.o: ../include/openssl/x509v3.h apps.h s_apps.h s_cb.c
-s_client.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s_client.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s_client.o: ../include/openssl/comp.h ../include/openssl/conf.h
-s_client.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
-s_client.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s_client.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s_client.o: ../include/openssl/engine.h ../include/openssl/err.h
-s_client.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-s_client.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s_client.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s_client.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-s_client.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-s_client.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s_client.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
-s_client.o: ../include/openssl/rand.h ../include/openssl/safestack.h
-s_client.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s_client.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s_client.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s_client.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s_client.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-s_client.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
-s_client.o: s_apps.h s_client.c timeouts.h
-s_server.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s_server.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s_server.o: ../include/openssl/comp.h ../include/openssl/conf.h
-s_server.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-s_server.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-s_server.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s_server.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s_server.o: ../include/openssl/engine.h ../include/openssl/err.h
-s_server.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-s_server.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s_server.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s_server.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-s_server.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-s_server.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s_server.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
-s_server.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-s_server.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s_server.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s_server.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s_server.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s_server.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h
-s_server.o: ../include/openssl/ui.h ../include/openssl/x509.h
-s_server.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
-s_server.o: s_apps.h s_server.c timeouts.h
-s_socket.o: ../e_os.h ../e_os2.h ../include/openssl/asn1.h
-s_socket.o: ../include/openssl/bio.h ../include/openssl/buffer.h
-s_socket.o: ../include/openssl/comp.h ../include/openssl/conf.h
-s_socket.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
-s_socket.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s_socket.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s_socket.o: ../include/openssl/engine.h ../include/openssl/evp.h
-s_socket.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
-s_socket.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-s_socket.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-s_socket.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s_socket.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s_socket.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s_socket.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h
-s_socket.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s_socket.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s_socket.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s_socket.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s_socket.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-s_socket.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
-s_socket.o: s_apps.h s_socket.c
-s_time.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s_time.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s_time.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-s_time.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-s_time.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-s_time.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-s_time.o: ../include/openssl/err.h ../include/openssl/evp.h
-s_time.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
-s_time.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-s_time.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-s_time.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s_time.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s_time.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s_time.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h
-s_time.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s_time.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s_time.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s_time.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s_time.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-s_time.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
-s_time.o: s_apps.h s_time.c
-sess_id.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-sess_id.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-sess_id.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-sess_id.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-sess_id.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-sess_id.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-sess_id.o: ../include/openssl/err.h ../include/openssl/evp.h
-sess_id.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
-sess_id.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-sess_id.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-sess_id.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-sess_id.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-sess_id.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-sess_id.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h
-sess_id.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-sess_id.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-sess_id.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-sess_id.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-sess_id.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-sess_id.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
-sess_id.o: sess_id.c
-smime.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-smime.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-smime.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-smime.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-smime.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-smime.o: ../include/openssl/err.h ../include/openssl/evp.h
-smime.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-smime.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-smime.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-smime.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-smime.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-smime.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-smime.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-smime.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-smime.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
-smime.o: smime.c
-speed.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-speed.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-speed.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-speed.o: ../include/openssl/camellia.h ../include/openssl/cast.h
-speed.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-speed.o: ../include/openssl/des.h ../include/openssl/des_old.h
-speed.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-speed.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-speed.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-speed.o: ../include/openssl/err.h ../include/openssl/evp.h
-speed.o: ../include/openssl/hmac.h ../include/openssl/idea.h
-speed.o: ../include/openssl/lhash.h ../include/openssl/md4.h
-speed.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-speed.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-speed.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-speed.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-speed.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-speed.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-speed.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-speed.o: ../include/openssl/safestack.h ../include/openssl/seed.h
-speed.o: ../include/openssl/sha.h ../include/openssl/stack.h
-speed.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-speed.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-speed.o: ../include/openssl/whrlpool.h ../include/openssl/x509.h
-speed.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
-speed.o: speed.c testdsa.h testrsa.h
-spkac.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-spkac.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-spkac.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-spkac.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-spkac.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-spkac.o: ../include/openssl/err.h ../include/openssl/evp.h
-spkac.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-spkac.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-spkac.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-spkac.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-spkac.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-spkac.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-spkac.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-spkac.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-spkac.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
-spkac.o: spkac.c
-ts.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ts.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ts.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-ts.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-ts.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-ts.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-ts.o: ../include/openssl/engine.h ../include/openssl/err.h
-ts.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-ts.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-ts.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-ts.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-ts.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ts.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-ts.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-ts.o: ../include/openssl/sha.h ../include/openssl/stack.h
-ts.o: ../include/openssl/symhacks.h ../include/openssl/ts.h
-ts.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-ts.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h ts.c
-verify.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-verify.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-verify.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-verify.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-verify.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-verify.o: ../include/openssl/err.h ../include/openssl/evp.h
-verify.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-verify.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-verify.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-verify.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-verify.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-verify.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-verify.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-verify.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-verify.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
-verify.o: verify.c
-version.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-version.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-version.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-version.o: ../include/openssl/crypto.h ../include/openssl/des.h
-version.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h
-version.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-version.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-version.o: ../include/openssl/evp.h ../include/openssl/idea.h
-version.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-version.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-version.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-version.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
-version.o: ../include/openssl/rc4.h ../include/openssl/safestack.h
-version.o: ../include/openssl/sha.h ../include/openssl/stack.h
-version.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-version.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-version.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-version.o: ../include/openssl/x509v3.h apps.h version.c
-x509.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-x509.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-x509.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-x509.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-x509.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-x509.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-x509.o: ../include/openssl/err.h ../include/openssl/evp.h
-x509.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-x509.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-x509.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-x509.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-x509.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-x509.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-x509.o: ../include/openssl/sha.h ../include/openssl/stack.h
-x509.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-x509.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-x509.o: ../include/openssl/x509v3.h apps.h x509.c
diff --git a/deps/openssl/openssl/apps/app_rand.c b/deps/openssl/openssl/apps/app_rand.c
deleted file mode 100644
index b7b6128c1eb..00000000000
--- a/deps/openssl/openssl/apps/app_rand.c
+++ /dev/null
@@ -1,218 +0,0 @@
-/* apps/app_rand.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#define NON_MAIN
-#include "apps.h"
-#undef NON_MAIN
-#include 
-#include 
-
-
-static int seeded = 0;
-static int egdsocket = 0;
-
-int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn)
-	{
-	int consider_randfile = (file == NULL);
-	char buffer[200];
-	
-#ifdef OPENSSL_SYS_WINDOWS
-	BIO_printf(bio_e,"Loading 'screen' into random state -");
-	BIO_flush(bio_e);
-	RAND_screen();
-	BIO_printf(bio_e," done\n");
-#endif
-
-	if (file == NULL)
-		file = RAND_file_name(buffer, sizeof buffer);
-	else if (RAND_egd(file) > 0)
-		{
-		/* we try if the given filename is an EGD socket.
-		   if it is, we don't write anything back to the file. */
-		egdsocket = 1;
-		return 1;
-		}
-	if (file == NULL || !RAND_load_file(file, -1))
-		{
-		if (RAND_status() == 0)
-			{
-			if (!dont_warn)
-				{
-				BIO_printf(bio_e,"unable to load 'random state'\n");
-				BIO_printf(bio_e,"This means that the random number generator has not been seeded\n");
-				BIO_printf(bio_e,"with much random data.\n");
-				if (consider_randfile) /* explanation does not apply when a file is explicitly named */
-					{
-					BIO_printf(bio_e,"Consider setting the RANDFILE environment variable to point at a file that\n");
-					BIO_printf(bio_e,"'random' data can be kept in (the file will be overwritten).\n");
-					}
-				}
-			return 0;
-			}
-		}
-	seeded = 1;
-	return 1;
-	}
-
-long app_RAND_load_files(char *name)
-	{
-	char *p,*n;
-	int last;
-	long tot=0;
-	int egd;
-	
-	for (;;)
-		{
-		last=0;
-		for (p=name; ((*p != '\0') && (*p != LIST_SEPARATOR_CHAR)); p++);
-		if (*p == '\0') last=1;
-		*p='\0';
-		n=name;
-		name=p+1;
-		if (*n == '\0') break;
-
-		egd=RAND_egd(n);
-		if (egd > 0)
-			tot+=egd;
-		else
-			tot+=RAND_load_file(n,-1);
-		if (last) break;
-		}
-	if (tot > 512)
-		app_RAND_allow_write_file();
-	return(tot);
-	}
-
-int app_RAND_write_file(const char *file, BIO *bio_e)
-	{
-	char buffer[200];
-	
-	if (egdsocket || !seeded)
-		/* If we did not manage to read the seed file,
-		 * we should not write a low-entropy seed file back --
-		 * it would suppress a crucial warning the next time
-		 * we want to use it. */
-		return 0;
-
-	if (file == NULL)
-		file = RAND_file_name(buffer, sizeof buffer);
-	if (file == NULL || !RAND_write_file(file))
-		{
-		BIO_printf(bio_e,"unable to write 'random state'\n");
-		return 0;
-		}
-	return 1;
-	}
-
-void app_RAND_allow_write_file(void)
-	{
-	seeded = 1;
-	}
diff --git a/deps/openssl/openssl/apps/apps.c b/deps/openssl/openssl/apps/apps.c
deleted file mode 100644
index 38e61970a52..00000000000
--- a/deps/openssl/openssl/apps/apps.c
+++ /dev/null
@@ -1,3063 +0,0 @@
-/* apps/apps.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef _POSIX_C_SOURCE
-#define _POSIX_C_SOURCE 2	/* On VMS, you need to define this to get
-				   the declaration of fileno().  The value
-				   2 is to make sure no function defined
-				   in POSIX-2 is left undefined. */
-#endif
-#include 
-#include 
-#include 
-#if !defined(OPENSSL_SYSNAME_WIN32) && !defined(NETWARE_CLIB)
-#include 
-#endif
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#ifndef OPENSSL_NO_ENGINE
-#include 
-#endif
-#ifndef OPENSSL_NO_RSA
-#include 
-#endif
-#include 
-#ifndef OPENSSL_NO_JPAKE
-#include 
-#endif
-
-#define NON_MAIN
-#include "apps.h"
-#undef NON_MAIN
-
-#ifdef _WIN32
-static int WIN32_rename(const char *from, const char *to);
-#define rename(from,to) WIN32_rename((from),(to))
-#endif
-
-typedef struct {
-	const char *name;
-	unsigned long flag;
-	unsigned long mask;
-} NAME_EX_TBL;
-
-static UI_METHOD *ui_method = NULL;
-
-static int set_table_opts(unsigned long *flags, const char *arg, const NAME_EX_TBL *in_tbl);
-static int set_multi_opts(unsigned long *flags, const char *arg, const NAME_EX_TBL *in_tbl);
-
-#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
-/* Looks like this stuff is worth moving into separate function */
-static EVP_PKEY *
-load_netscape_key(BIO *err, BIO *key, const char *file,
-		const char *key_descrip, int format);
-#endif
-
-int app_init(long mesgwin);
-#ifdef undef /* never finished - probably never will be :-) */
-int args_from_file(char *file, int *argc, char **argv[])
-	{
-	FILE *fp;
-	int num,i;
-	unsigned int len;
-	static char *buf=NULL;
-	static char **arg=NULL;
-	char *p;
-
-	fp=fopen(file,"r");
-	if (fp == NULL)
-		return(0);
-
-	if (fseek(fp,0,SEEK_END)==0)
-		len=ftell(fp), rewind(fp);
-	else	len=-1;
-	if (len<=0)
-		{
-		fclose(fp);
-		return(0);
-		}
-
-	*argc=0;
-	*argv=NULL;
-
-	if (buf != NULL) OPENSSL_free(buf);
-	buf=(char *)OPENSSL_malloc(len+1);
-	if (buf == NULL) return(0);
-
-	len=fread(buf,1,len,fp);
-	if (len <= 1) return(0);
-	buf[len]='\0';
-
-	i=0;
-	for (p=buf; *p; p++)
-		if (*p == '\n') i++;
-	if (arg != NULL) OPENSSL_free(arg);
-	arg=(char **)OPENSSL_malloc(sizeof(char *)*(i*2));
-
-	*argv=arg;
-	num=0;
-	p=buf;
-	for (;;)
-		{
-		if (!*p) break;
-		if (*p == '#') /* comment line */
-			{
-			while (*p && (*p != '\n')) p++;
-			continue;
-			}
-		/* else we have a line */
-		*(arg++)=p;
-		num++;
-		while (*p && ((*p != ' ') && (*p != '\t') && (*p != '\n')))
-			p++;
-		if (!*p) break;
-		if (*p == '\n')
-			{
-			*(p++)='\0';
-			continue;
-			}
-		/* else it is a tab or space */
-		p++;
-		while (*p && ((*p == ' ') || (*p == '\t') || (*p == '\n')))
-			p++;
-		if (!*p) break;
-		if (*p == '\n')
-			{
-			p++;
-			continue;
-			}
-		*(arg++)=p++;
-		num++;
-		while (*p && (*p != '\n')) p++;
-		if (!*p) break;
-		/* else *p == '\n' */
-		*(p++)='\0';
-		}
-	*argc=num;
-	return(1);
-	}
-#endif
-
-int str2fmt(char *s)
-	{
-	if (s == NULL)
-		return FORMAT_UNDEF;
-	if 	((*s == 'D') || (*s == 'd'))
-		return(FORMAT_ASN1);
-	else if ((*s == 'T') || (*s == 't'))
-		return(FORMAT_TEXT);
-  	else if ((*s == 'N') || (*s == 'n'))
-  		return(FORMAT_NETSCAPE);
-  	else if ((*s == 'S') || (*s == 's'))
-  		return(FORMAT_SMIME);
- 	else if ((*s == 'M') || (*s == 'm'))
- 		return(FORMAT_MSBLOB);
-	else if ((*s == '1')
-		|| (strcmp(s,"PKCS12") == 0) || (strcmp(s,"pkcs12") == 0)
-		|| (strcmp(s,"P12") == 0) || (strcmp(s,"p12") == 0))
-		return(FORMAT_PKCS12);
-	else if ((*s == 'E') || (*s == 'e'))
-		return(FORMAT_ENGINE);
-	else if ((*s == 'P') || (*s == 'p'))
- 		{
- 		if (s[1] == 'V' || s[1] == 'v')
- 			return FORMAT_PVK;
- 		else
-  			return(FORMAT_PEM);
- 		}
-	else
-		return(FORMAT_UNDEF);
-	}
-
-#if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_SYS_NETWARE)
-void program_name(char *in, char *out, int size)
-	{
-	int i,n;
-	char *p=NULL;
-
-	n=strlen(in);
-	/* find the last '/', '\' or ':' */
-	for (i=n-1; i>0; i--)
-		{
-		if ((in[i] == '/') || (in[i] == '\\') || (in[i] == ':'))
-			{
-			p= &(in[i+1]);
-			break;
-			}
-		}
-	if (p == NULL)
-		p=in;
-	n=strlen(p);
-
-#if defined(OPENSSL_SYS_NETWARE)
-   /* strip off trailing .nlm if present. */
-   if ((n > 4) && (p[n-4] == '.') &&
-      ((p[n-3] == 'n') || (p[n-3] == 'N')) &&
-      ((p[n-2] == 'l') || (p[n-2] == 'L')) &&
-      ((p[n-1] == 'm') || (p[n-1] == 'M')))
-      n-=4;
-#else
-	/* strip off trailing .exe if present. */
-	if ((n > 4) && (p[n-4] == '.') &&
-		((p[n-3] == 'e') || (p[n-3] == 'E')) &&
-		((p[n-2] == 'x') || (p[n-2] == 'X')) &&
-		((p[n-1] == 'e') || (p[n-1] == 'E')))
-		n-=4;
-#endif
-
-	if (n > size-1)
-		n=size-1;
-
-	for (i=0; i= 'A') && (p[i] <= 'Z'))
-			out[i]=p[i]-'A'+'a';
-		else
-			out[i]=p[i];
-		}
-	out[n]='\0';
-	}
-#else
-#ifdef OPENSSL_SYS_VMS
-void program_name(char *in, char *out, int size)
-	{
-	char *p=in, *q;
-	char *chars=":]>";
-
-	while(*chars != '\0')
-		{
-		q=strrchr(p,*chars);
-		if (q > p)
-			p = q + 1;
-		chars++;
-		}
-
-	q=strrchr(p,'.');
-	if (q == NULL)
-		q = p + strlen(p);
-	strncpy(out,p,size-1);
-	if (q-p >= size)
-		{
-		out[size-1]='\0';
-		}
-	else
-		{
-		out[q-p]='\0';
-		}
-	}
-#else
-void program_name(char *in, char *out, int size)
-	{
-	char *p;
-
-	p=strrchr(in,'/');
-	if (p != NULL)
-		p++;
-	else
-		p=in;
-	BUF_strlcpy(out,p,size);
-	}
-#endif
-#endif
-
-int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[])
-	{
-	int num,i;
-	char *p;
-
-	*argc=0;
-	*argv=NULL;
-
-	i=0;
-	if (arg->count == 0)
-		{
-		arg->count=20;
-		arg->data=(char **)OPENSSL_malloc(sizeof(char *)*arg->count);
-		}
-	for (i=0; icount; i++)
-		arg->data[i]=NULL;
-
-	num=0;
-	p=buf;
-	for (;;)
-		{
-		/* first scan over white space */
-		if (!*p) break;
-		while (*p && ((*p == ' ') || (*p == '\t') || (*p == '\n')))
-			p++;
-		if (!*p) break;
-
-		/* The start of something good :-) */
-		if (num >= arg->count)
-			{
-			char **tmp_p;
-			int tlen = arg->count + 20;
-			tmp_p = (char **)OPENSSL_realloc(arg->data,
-				sizeof(char *)*tlen);
-			if (tmp_p == NULL)
-				return 0;
-			arg->data  = tmp_p;
-			arg->count = tlen;
-			/* initialize newly allocated data */
-			for (i = num; i < arg->count; i++)
-				arg->data[i] = NULL;
-			}
-		arg->data[num++]=p;
-
-		/* now look for the end of this */
-		if ((*p == '\'') || (*p == '\"')) /* scan for closing quote */
-			{
-			i= *(p++);
-			arg->data[num-1]++; /* jump over quote */
-			while (*p && (*p != i))
-				p++;
-			*p='\0';
-			}
-		else
-			{
-			while (*p && ((*p != ' ') &&
-				(*p != '\t') && (*p != '\n')))
-				p++;
-
-			if (*p == '\0')
-				p--;
-			else
-				*p='\0';
-			}
-		p++;
-		}
-	*argc=num;
-	*argv=arg->data;
-	return(1);
-	}
-
-#ifndef APP_INIT
-int app_init(long mesgwin)
-	{
-	return(1);
-	}
-#endif
-
-
-int dump_cert_text (BIO *out, X509 *x)
-{
-	char *p;
-
-	p=X509_NAME_oneline(X509_get_subject_name(x),NULL,0);
-	BIO_puts(out,"subject=");
-	BIO_puts(out,p);
-	OPENSSL_free(p);
-
-	p=X509_NAME_oneline(X509_get_issuer_name(x),NULL,0);
-	BIO_puts(out,"\nissuer=");
-	BIO_puts(out,p);
-	BIO_puts(out,"\n");
-	OPENSSL_free(p);
-
-	return 0;
-}
-
-static int ui_open(UI *ui)
-	{
-	return UI_method_get_opener(UI_OpenSSL())(ui);
-	}
-static int ui_read(UI *ui, UI_STRING *uis)
-	{
-	if (UI_get_input_flags(uis) & UI_INPUT_FLAG_DEFAULT_PWD
-		&& UI_get0_user_data(ui))
-		{
-		switch(UI_get_string_type(uis))
-			{
-		case UIT_PROMPT:
-		case UIT_VERIFY:
-			{
-			const char *password =
-				((PW_CB_DATA *)UI_get0_user_data(ui))->password;
-			if (password && password[0] != '\0')
-				{
-				UI_set_result(ui, uis, password);
-				return 1;
-				}
-			}
-		default:
-			break;
-			}
-		}
-	return UI_method_get_reader(UI_OpenSSL())(ui, uis);
-	}
-static int ui_write(UI *ui, UI_STRING *uis)
-	{
-	if (UI_get_input_flags(uis) & UI_INPUT_FLAG_DEFAULT_PWD
-		&& UI_get0_user_data(ui))
-		{
-		switch(UI_get_string_type(uis))
-			{
-		case UIT_PROMPT:
-		case UIT_VERIFY:
-			{
-			const char *password =
-				((PW_CB_DATA *)UI_get0_user_data(ui))->password;
-			if (password && password[0] != '\0')
-				return 1;
-			}
-		default:
-			break;
-			}
-		}
-	return UI_method_get_writer(UI_OpenSSL())(ui, uis);
-	}
-static int ui_close(UI *ui)
-	{
-	return UI_method_get_closer(UI_OpenSSL())(ui);
-	}
-int setup_ui_method(void)
-	{
-	ui_method = UI_create_method("OpenSSL application user interface");
-	UI_method_set_opener(ui_method, ui_open);
-	UI_method_set_reader(ui_method, ui_read);
-	UI_method_set_writer(ui_method, ui_write);
-	UI_method_set_closer(ui_method, ui_close);
-	return 0;
-	}
-void destroy_ui_method(void)
-	{
-	if(ui_method)
-		{
-		UI_destroy_method(ui_method);
-		ui_method = NULL;
-		}
-	}
-int password_callback(char *buf, int bufsiz, int verify,
-	PW_CB_DATA *cb_tmp)
-	{
-	UI *ui = NULL;
-	int res = 0;
-	const char *prompt_info = NULL;
-	const char *password = NULL;
-	PW_CB_DATA *cb_data = (PW_CB_DATA *)cb_tmp;
-
-	if (cb_data)
-		{
-		if (cb_data->password)
-			password = cb_data->password;
-		if (cb_data->prompt_info)
-			prompt_info = cb_data->prompt_info;
-		}
-
-	if (password)
-		{
-		res = strlen(password);
-		if (res > bufsiz)
-			res = bufsiz;
-		memcpy(buf, password, res);
-		return res;
-		}
-
-	ui = UI_new_method(ui_method);
-	if (ui)
-		{
-		int ok = 0;
-		char *buff = NULL;
-		int ui_flags = 0;
-		char *prompt = NULL;
-
-		prompt = UI_construct_prompt(ui, "pass phrase",
-			prompt_info);
-
-		ui_flags |= UI_INPUT_FLAG_DEFAULT_PWD;
-		UI_ctrl(ui, UI_CTRL_PRINT_ERRORS, 1, 0, 0);
-
-		if (ok >= 0)
-			ok = UI_add_input_string(ui,prompt,ui_flags,buf,
-				PW_MIN_LENGTH,BUFSIZ-1);
-		if (ok >= 0 && verify)
-			{
-			buff = (char *)OPENSSL_malloc(bufsiz);
-			ok = UI_add_verify_string(ui,prompt,ui_flags,buff,
-				PW_MIN_LENGTH,BUFSIZ-1, buf);
-			}
-		if (ok >= 0)
-			do
-				{
-				ok = UI_process(ui);
-				}
-			while (ok < 0 && UI_ctrl(ui, UI_CTRL_IS_REDOABLE, 0, 0, 0));
-
-		if (buff)
-			{
-			OPENSSL_cleanse(buff,(unsigned int)bufsiz);
-			OPENSSL_free(buff);
-			}
-
-		if (ok >= 0)
-			res = strlen(buf);
-		if (ok == -1)
-			{
-			BIO_printf(bio_err, "User interface error\n");
-			ERR_print_errors(bio_err);
-			OPENSSL_cleanse(buf,(unsigned int)bufsiz);
-			res = 0;
-			}
-		if (ok == -2)
-			{
-			BIO_printf(bio_err,"aborted!\n");
-			OPENSSL_cleanse(buf,(unsigned int)bufsiz);
-			res = 0;
-			}
-		UI_free(ui);
-		OPENSSL_free(prompt);
-		}
-	return res;
-	}
-
-static char *app_get_pass(BIO *err, char *arg, int keepbio);
-
-int app_passwd(BIO *err, char *arg1, char *arg2, char **pass1, char **pass2)
-{
-	int same;
-	if(!arg2 || !arg1 || strcmp(arg1, arg2)) same = 0;
-	else same = 1;
-	if(arg1) {
-		*pass1 = app_get_pass(err, arg1, same);
-		if(!*pass1) return 0;
-	} else if(pass1) *pass1 = NULL;
-	if(arg2) {
-		*pass2 = app_get_pass(err, arg2, same ? 2 : 0);
-		if(!*pass2) return 0;
-	} else if(pass2) *pass2 = NULL;
-	return 1;
-}
-
-static char *app_get_pass(BIO *err, char *arg, int keepbio)
-{
-	char *tmp, tpass[APP_PASS_LEN];
-	static BIO *pwdbio = NULL;
-	int i;
-	if(!strncmp(arg, "pass:", 5)) return BUF_strdup(arg + 5);
-	if(!strncmp(arg, "env:", 4)) {
-		tmp = getenv(arg + 4);
-		if(!tmp) {
-			BIO_printf(err, "Can't read environment variable %s\n", arg + 4);
-			return NULL;
-		}
-		return BUF_strdup(tmp);
-	}
-	if(!keepbio || !pwdbio) {
-		if(!strncmp(arg, "file:", 5)) {
-			pwdbio = BIO_new_file(arg + 5, "r");
-			if(!pwdbio) {
-				BIO_printf(err, "Can't open file %s\n", arg + 5);
-				return NULL;
-			}
-#if !defined(_WIN32)
-		/*
-		 * Under _WIN32, which covers even Win64 and CE, file
-		 * descriptors referenced by BIO_s_fd are not inherited
-		 * by child process and therefore below is not an option.
-		 * It could have been an option if bss_fd.c was operating
-		 * on real Windows descriptors, such as those obtained
-		 * with CreateFile.
-		 */
-		} else if(!strncmp(arg, "fd:", 3)) {
-			BIO *btmp;
-			i = atoi(arg + 3);
-			if(i >= 0) pwdbio = BIO_new_fd(i, BIO_NOCLOSE);
-			if((i < 0) || !pwdbio) {
-				BIO_printf(err, "Can't access file descriptor %s\n", arg + 3);
-				return NULL;
-			}
-			/* Can't do BIO_gets on an fd BIO so add a buffering BIO */
-			btmp = BIO_new(BIO_f_buffer());
-			pwdbio = BIO_push(btmp, pwdbio);
-#endif
-		} else if(!strcmp(arg, "stdin")) {
-			pwdbio = BIO_new_fp(stdin, BIO_NOCLOSE);
-			if(!pwdbio) {
-				BIO_printf(err, "Can't open BIO for stdin\n");
-				return NULL;
-			}
-		} else {
-			BIO_printf(err, "Invalid password argument \"%s\"\n", arg);
-			return NULL;
-		}
-	}
-	i = BIO_gets(pwdbio, tpass, APP_PASS_LEN);
-	if(keepbio != 1) {
-		BIO_free_all(pwdbio);
-		pwdbio = NULL;
-	}
-	if(i <= 0) {
-		BIO_printf(err, "Error reading password from BIO\n");
-		return NULL;
-	}
-	tmp = strchr(tpass, '\n');
-	if(tmp) *tmp = 0;
-	return BUF_strdup(tpass);
-}
-
-int add_oid_section(BIO *err, CONF *conf)
-{	
-	char *p;
-	STACK_OF(CONF_VALUE) *sktmp;
-	CONF_VALUE *cnf;
-	int i;
-	if(!(p=NCONF_get_string(conf,NULL,"oid_section")))
-		{
-		ERR_clear_error();
-		return 1;
-		}
-	if(!(sktmp = NCONF_get_section(conf, p))) {
-		BIO_printf(err, "problem loading oid section %s\n", p);
-		return 0;
-	}
-	for(i = 0; i < sk_CONF_VALUE_num(sktmp); i++) {
-		cnf = sk_CONF_VALUE_value(sktmp, i);
-		if(OBJ_create(cnf->value, cnf->name, cnf->name) == NID_undef) {
-			BIO_printf(err, "problem creating object %s=%s\n",
-							 cnf->name, cnf->value);
-			return 0;
-		}
-	}
-	return 1;
-}
-
-static int load_pkcs12(BIO *err, BIO *in, const char *desc,
-		pem_password_cb *pem_cb,  void *cb_data,
-		EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca)
-	{
- 	const char *pass;
-	char tpass[PEM_BUFSIZE];
-	int len, ret = 0;
-	PKCS12 *p12;
-	p12 = d2i_PKCS12_bio(in, NULL);
-	if (p12 == NULL)
-		{
-		BIO_printf(err, "Error loading PKCS12 file for %s\n", desc);	
-		goto die;
-		}
-	/* See if an empty password will do */
-	if (PKCS12_verify_mac(p12, "", 0) || PKCS12_verify_mac(p12, NULL, 0))
-		pass = "";
-	else
-		{
-		if (!pem_cb)
-			pem_cb = (pem_password_cb *)password_callback;
-		len = pem_cb(tpass, PEM_BUFSIZE, 0, cb_data);
-		if (len < 0) 
-			{
-			BIO_printf(err, "Passpharse callback error for %s\n",
-					desc);
-			goto die;
-			}
-		if (len < PEM_BUFSIZE)
-			tpass[len] = 0;
-		if (!PKCS12_verify_mac(p12, tpass, len))
-			{
-			BIO_printf(err,
-	"Mac verify error (wrong password?) in PKCS12 file for %s\n", desc);	
-			goto die;
-			}
-		pass = tpass;
-		}
-	ret = PKCS12_parse(p12, pass, pkey, cert, ca);
-	die:
-	if (p12)
-		PKCS12_free(p12);
-	return ret;
-	}
-
-X509 *load_cert(BIO *err, const char *file, int format,
-	const char *pass, ENGINE *e, const char *cert_descrip)
-	{
-	X509 *x=NULL;
-	BIO *cert;
-
-	if ((cert=BIO_new(BIO_s_file())) == NULL)
-		{
-		ERR_print_errors(err);
-		goto end;
-		}
-
-	if (file == NULL)
-		{
-#ifdef _IONBF
-# ifndef OPENSSL_NO_SETVBUF_IONBF
-		setvbuf(stdin, NULL, _IONBF, 0);
-# endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
-#endif
-		BIO_set_fp(cert,stdin,BIO_NOCLOSE);
-		}
-	else
-		{
-		if (BIO_read_filename(cert,file) <= 0)
-			{
-			BIO_printf(err, "Error opening %s %s\n",
-				cert_descrip, file);
-			ERR_print_errors(err);
-			goto end;
-			}
-		}
-
-	if 	(format == FORMAT_ASN1)
-		x=d2i_X509_bio(cert,NULL);
-	else if (format == FORMAT_NETSCAPE)
-		{
-		NETSCAPE_X509 *nx;
-		nx=ASN1_item_d2i_bio(ASN1_ITEM_rptr(NETSCAPE_X509),cert,NULL);
-		if (nx == NULL)
-				goto end;
-
-		if ((strncmp(NETSCAPE_CERT_HDR,(char *)nx->header->data,
-			nx->header->length) != 0))
-			{
-			NETSCAPE_X509_free(nx);
-			BIO_printf(err,"Error reading header on certificate\n");
-			goto end;
-			}
-		x=nx->cert;
-		nx->cert = NULL;
-		NETSCAPE_X509_free(nx);
-		}
-	else if (format == FORMAT_PEM)
-		x=PEM_read_bio_X509_AUX(cert,NULL,
-			(pem_password_cb *)password_callback, NULL);
-	else if (format == FORMAT_PKCS12)
-		{
-		if (!load_pkcs12(err, cert,cert_descrip, NULL, NULL,
-					NULL, &x, NULL))
-			goto end;
-		}
-	else	{
-		BIO_printf(err,"bad input format specified for %s\n",
-			cert_descrip);
-		goto end;
-		}
-end:
-	if (x == NULL)
-		{
-		BIO_printf(err,"unable to load certificate\n");
-		ERR_print_errors(err);
-		}
-	if (cert != NULL) BIO_free(cert);
-	return(x);
-	}
-
-EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin,
-	const char *pass, ENGINE *e, const char *key_descrip)
-	{
-	BIO *key=NULL;
-	EVP_PKEY *pkey=NULL;
-	PW_CB_DATA cb_data;
-
-	cb_data.password = pass;
-	cb_data.prompt_info = file;
-
-	if (file == NULL && (!maybe_stdin || format == FORMAT_ENGINE))
-		{
-		BIO_printf(err,"no keyfile specified\n");
-		goto end;
-		}
-#ifndef OPENSSL_NO_ENGINE
-	if (format == FORMAT_ENGINE)
-		{
-		if (!e)
-			BIO_printf(err,"no engine specified\n");
-		else
-			{
-			pkey = ENGINE_load_private_key(e, file,
-				ui_method, &cb_data);
-			if (!pkey) 
-				{
-				BIO_printf(err,"cannot load %s from engine\n",key_descrip);
-				ERR_print_errors(err);
-				}	
-			}
-		goto end;
-		}
-#endif
-	key=BIO_new(BIO_s_file());
-	if (key == NULL)
-		{
-		ERR_print_errors(err);
-		goto end;
-		}
-	if (file == NULL && maybe_stdin)
-		{
-#ifdef _IONBF
-# ifndef OPENSSL_NO_SETVBUF_IONBF
-		setvbuf(stdin, NULL, _IONBF, 0);
-# endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
-#endif
-		BIO_set_fp(key,stdin,BIO_NOCLOSE);
-		}
-	else
-		if (BIO_read_filename(key,file) <= 0)
-			{
-			BIO_printf(err, "Error opening %s %s\n",
-				key_descrip, file);
-			ERR_print_errors(err);
-			goto end;
-			}
-	if (format == FORMAT_ASN1)
-		{
-		pkey=d2i_PrivateKey_bio(key, NULL);
-		}
-	else if (format == FORMAT_PEM)
-		{
-		pkey=PEM_read_bio_PrivateKey(key,NULL,
-			(pem_password_cb *)password_callback, &cb_data);
-		}
-#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
-	else if (format == FORMAT_NETSCAPE || format == FORMAT_IISSGC)
-		pkey = load_netscape_key(err, key, file, key_descrip, format);
-#endif
-	else if (format == FORMAT_PKCS12)
-		{
-		if (!load_pkcs12(err, key, key_descrip,
-				(pem_password_cb *)password_callback, &cb_data,
-				&pkey, NULL, NULL))
-			goto end;
-		}
-#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA) && !defined (OPENSSL_NO_RC4)
-	else if (format == FORMAT_MSBLOB)
-		pkey = b2i_PrivateKey_bio(key);
-	else if (format == FORMAT_PVK)
-		pkey = b2i_PVK_bio(key, (pem_password_cb *)password_callback,
-								&cb_data);
-#endif
-	else
-		{
-		BIO_printf(err,"bad input format specified for key file\n");
-		goto end;
-		}
- end:
-	if (key != NULL) BIO_free(key);
-	if (pkey == NULL) 
-		{
-		BIO_printf(err,"unable to load %s\n", key_descrip);
-		ERR_print_errors(err);
-		}	
-	return(pkey);
-	}
-
-EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin,
-	const char *pass, ENGINE *e, const char *key_descrip)
-	{
-	BIO *key=NULL;
-	EVP_PKEY *pkey=NULL;
-	PW_CB_DATA cb_data;
-
-	cb_data.password = pass;
-	cb_data.prompt_info = file;
-
-	if (file == NULL && (!maybe_stdin || format == FORMAT_ENGINE))
-		{
-		BIO_printf(err,"no keyfile specified\n");
-		goto end;
-		}
-#ifndef OPENSSL_NO_ENGINE
-	if (format == FORMAT_ENGINE)
-		{
-		if (!e)
-			BIO_printf(bio_err,"no engine specified\n");
-		else
-			pkey = ENGINE_load_public_key(e, file,
-				ui_method, &cb_data);
-		goto end;
-		}
-#endif
-	key=BIO_new(BIO_s_file());
-	if (key == NULL)
-		{
-		ERR_print_errors(err);
-		goto end;
-		}
-	if (file == NULL && maybe_stdin)
-		{
-#ifdef _IONBF
-# ifndef OPENSSL_NO_SETVBUF_IONBF
-		setvbuf(stdin, NULL, _IONBF, 0);
-# endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
-#endif
-		BIO_set_fp(key,stdin,BIO_NOCLOSE);
-		}
-	else
-		if (BIO_read_filename(key,file) <= 0)
-			{
-			BIO_printf(err, "Error opening %s %s\n",
-				key_descrip, file);
-			ERR_print_errors(err);
-			goto end;
-		}
-	if (format == FORMAT_ASN1)
-		{
-		pkey=d2i_PUBKEY_bio(key, NULL);
-		}
-#ifndef OPENSSL_NO_RSA
-	else if (format == FORMAT_ASN1RSA)
-		{
-		RSA *rsa;
-		rsa = d2i_RSAPublicKey_bio(key, NULL);
-		if (rsa)
-			{
-			pkey = EVP_PKEY_new();
-			if (pkey)
-				EVP_PKEY_set1_RSA(pkey, rsa);
-			RSA_free(rsa);
-			}
-		else
-			pkey = NULL;
-		}
-	else if (format == FORMAT_PEMRSA)
-		{
-		RSA *rsa;
-		rsa = PEM_read_bio_RSAPublicKey(key, NULL, 
-			(pem_password_cb *)password_callback, &cb_data);
-		if (rsa)
-			{
-			pkey = EVP_PKEY_new();
-			if (pkey)
-				EVP_PKEY_set1_RSA(pkey, rsa);
-			RSA_free(rsa);
-			}
-		else
-			pkey = NULL;
-		}
-#endif
-	else if (format == FORMAT_PEM)
-		{
-		pkey=PEM_read_bio_PUBKEY(key,NULL,
-			(pem_password_cb *)password_callback, &cb_data);
-		}
-#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
-	else if (format == FORMAT_NETSCAPE || format == FORMAT_IISSGC)
-		pkey = load_netscape_key(err, key, file, key_descrip, format);
-#endif
-#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA)
-	else if (format == FORMAT_MSBLOB)
-		pkey = b2i_PublicKey_bio(key);
-#endif
-	else
-		{
-		BIO_printf(err,"bad input format specified for key file\n");
-		goto end;
-		}
- end:
-	if (key != NULL) BIO_free(key);
-	if (pkey == NULL)
-		BIO_printf(err,"unable to load %s\n", key_descrip);
-	return(pkey);
-	}
-
-#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
-static EVP_PKEY *
-load_netscape_key(BIO *err, BIO *key, const char *file,
-		const char *key_descrip, int format)
-	{
-	EVP_PKEY *pkey;
-	BUF_MEM *buf;
-	RSA	*rsa;
-	const unsigned char *p;
-	int size, i;
-
-	buf=BUF_MEM_new();
-	pkey = EVP_PKEY_new();
-	size = 0;
-	if (buf == NULL || pkey == NULL)
-		goto error;
-	for (;;)
-		{
-		if (!BUF_MEM_grow_clean(buf,size+1024*10))
-			goto error;
-		i = BIO_read(key, &(buf->data[size]), 1024*10);
-		size += i;
-		if (i == 0)
-			break;
-		if (i < 0)
-			{
-				BIO_printf(err, "Error reading %s %s",
-					key_descrip, file);
-				goto error;
-			}
-		}
-	p=(unsigned char *)buf->data;
-	rsa = d2i_RSA_NET(NULL,&p,(long)size,NULL,
-		(format == FORMAT_IISSGC ? 1 : 0));
-	if (rsa == NULL)
-		goto error;
-	BUF_MEM_free(buf);
-	EVP_PKEY_set1_RSA(pkey, rsa);
-	return pkey;
-error:
-	BUF_MEM_free(buf);
-	EVP_PKEY_free(pkey);
-	return NULL;
-	}
-#endif /* ndef OPENSSL_NO_RC4 */
-
-static int load_certs_crls(BIO *err, const char *file, int format,
-	const char *pass, ENGINE *e, const char *desc,
-	STACK_OF(X509) **pcerts, STACK_OF(X509_CRL) **pcrls)
-	{
-	int i;
-	BIO *bio;
-	STACK_OF(X509_INFO) *xis = NULL;
-	X509_INFO *xi;
-	PW_CB_DATA cb_data;
-	int rv = 0;
-
-	cb_data.password = pass;
-	cb_data.prompt_info = file;
-
-	if (format != FORMAT_PEM)
-		{
-		BIO_printf(err,"bad input format specified for %s\n", desc);
-		return 0;
-		}
-
-	if (file == NULL)
-		bio = BIO_new_fp(stdin,BIO_NOCLOSE);
-	else
-		bio = BIO_new_file(file, "r");
-
-	if (bio == NULL)
-		{
-		BIO_printf(err, "Error opening %s %s\n",
-				desc, file ? file : "stdin");
-		ERR_print_errors(err);
-		return 0;
-		}
-
-	xis = PEM_X509_INFO_read_bio(bio, NULL,
-				(pem_password_cb *)password_callback, &cb_data);
-
-	BIO_free(bio);
-
-	if (pcerts)
-		{
-		*pcerts = sk_X509_new_null();
-		if (!*pcerts)
-			goto end;
-		}
-
-	if (pcrls)
-		{
-		*pcrls = sk_X509_CRL_new_null();
-		if (!*pcrls)
-			goto end;
-		}
-
-	for(i = 0; i < sk_X509_INFO_num(xis); i++)
-		{
-		xi = sk_X509_INFO_value (xis, i);
-		if (xi->x509 && pcerts)
-			{
-			if (!sk_X509_push(*pcerts, xi->x509))
-				goto end;
-			xi->x509 = NULL;
-			}
-		if (xi->crl && pcrls)
-			{
-			if (!sk_X509_CRL_push(*pcrls, xi->crl))
-				goto end;
-			xi->crl = NULL;
-			}
-		}
-
-	if (pcerts && sk_X509_num(*pcerts) > 0)
-		rv = 1;
-
-	if (pcrls && sk_X509_CRL_num(*pcrls) > 0)
-		rv = 1;
-
-	end:
-
-	if (xis)
-		sk_X509_INFO_pop_free(xis, X509_INFO_free);
-
-	if (rv == 0)
-		{
-		if (pcerts)
-			{
-			sk_X509_pop_free(*pcerts, X509_free);
-			*pcerts = NULL;
-			}
-		if (pcrls)
-			{
-			sk_X509_CRL_pop_free(*pcrls, X509_CRL_free);
-			*pcrls = NULL;
-			}
-		BIO_printf(err,"unable to load %s\n",
-				pcerts ? "certificates" : "CRLs");
-		ERR_print_errors(err);
-		}
-	return rv;
-	}
-
-STACK_OF(X509) *load_certs(BIO *err, const char *file, int format,
-	const char *pass, ENGINE *e, const char *desc)
-	{
-	STACK_OF(X509) *certs;
-	load_certs_crls(err, file, format, pass, e, desc, &certs, NULL);
-	return certs;
-	}	
-
-STACK_OF(X509_CRL) *load_crls(BIO *err, const char *file, int format,
-	const char *pass, ENGINE *e, const char *desc)
-	{
-	STACK_OF(X509_CRL) *crls;
-	load_certs_crls(err, file, format, pass, e, desc, NULL, &crls);
-	return crls;
-	}	
-
-#define X509V3_EXT_UNKNOWN_MASK		(0xfL << 16)
-/* Return error for unknown extensions */
-#define X509V3_EXT_DEFAULT		0
-/* Print error for unknown extensions */
-#define X509V3_EXT_ERROR_UNKNOWN	(1L << 16)
-/* ASN1 parse unknown extensions */
-#define X509V3_EXT_PARSE_UNKNOWN	(2L << 16)
-/* BIO_dump unknown extensions */
-#define X509V3_EXT_DUMP_UNKNOWN		(3L << 16)
-
-#define X509_FLAG_CA (X509_FLAG_NO_ISSUER | X509_FLAG_NO_PUBKEY | \
-			 X509_FLAG_NO_HEADER | X509_FLAG_NO_VERSION)
-
-int set_cert_ex(unsigned long *flags, const char *arg)
-{
-	static const NAME_EX_TBL cert_tbl[] = {
-		{ "compatible", X509_FLAG_COMPAT, 0xffffffffl},
-		{ "ca_default", X509_FLAG_CA, 0xffffffffl},
-		{ "no_header", X509_FLAG_NO_HEADER, 0},
-		{ "no_version", X509_FLAG_NO_VERSION, 0},
-		{ "no_serial", X509_FLAG_NO_SERIAL, 0},
-		{ "no_signame", X509_FLAG_NO_SIGNAME, 0},
-		{ "no_validity", X509_FLAG_NO_VALIDITY, 0},
-		{ "no_subject", X509_FLAG_NO_SUBJECT, 0},
-		{ "no_issuer", X509_FLAG_NO_ISSUER, 0},
-		{ "no_pubkey", X509_FLAG_NO_PUBKEY, 0},
-		{ "no_extensions", X509_FLAG_NO_EXTENSIONS, 0},
-		{ "no_sigdump", X509_FLAG_NO_SIGDUMP, 0},
-		{ "no_aux", X509_FLAG_NO_AUX, 0},
-		{ "no_attributes", X509_FLAG_NO_ATTRIBUTES, 0},
-		{ "ext_default", X509V3_EXT_DEFAULT, X509V3_EXT_UNKNOWN_MASK},
-		{ "ext_error", X509V3_EXT_ERROR_UNKNOWN, X509V3_EXT_UNKNOWN_MASK},
-		{ "ext_parse", X509V3_EXT_PARSE_UNKNOWN, X509V3_EXT_UNKNOWN_MASK},
-		{ "ext_dump", X509V3_EXT_DUMP_UNKNOWN, X509V3_EXT_UNKNOWN_MASK},
-		{ NULL, 0, 0}
-	};
-	return set_multi_opts(flags, arg, cert_tbl);
-}
-
-int set_name_ex(unsigned long *flags, const char *arg)
-{
-	static const NAME_EX_TBL ex_tbl[] = {
-		{ "esc_2253", ASN1_STRFLGS_ESC_2253, 0},
-		{ "esc_ctrl", ASN1_STRFLGS_ESC_CTRL, 0},
-		{ "esc_msb", ASN1_STRFLGS_ESC_MSB, 0},
-		{ "use_quote", ASN1_STRFLGS_ESC_QUOTE, 0},
-		{ "utf8", ASN1_STRFLGS_UTF8_CONVERT, 0},
-		{ "ignore_type", ASN1_STRFLGS_IGNORE_TYPE, 0},
-		{ "show_type", ASN1_STRFLGS_SHOW_TYPE, 0},
-		{ "dump_all", ASN1_STRFLGS_DUMP_ALL, 0},
-		{ "dump_nostr", ASN1_STRFLGS_DUMP_UNKNOWN, 0},
-		{ "dump_der", ASN1_STRFLGS_DUMP_DER, 0},
-		{ "compat", XN_FLAG_COMPAT, 0xffffffffL},
-		{ "sep_comma_plus", XN_FLAG_SEP_COMMA_PLUS, XN_FLAG_SEP_MASK},
-		{ "sep_comma_plus_space", XN_FLAG_SEP_CPLUS_SPC, XN_FLAG_SEP_MASK},
-		{ "sep_semi_plus_space", XN_FLAG_SEP_SPLUS_SPC, XN_FLAG_SEP_MASK},
-		{ "sep_multiline", XN_FLAG_SEP_MULTILINE, XN_FLAG_SEP_MASK},
-		{ "dn_rev", XN_FLAG_DN_REV, 0},
-		{ "nofname", XN_FLAG_FN_NONE, XN_FLAG_FN_MASK},
-		{ "sname", XN_FLAG_FN_SN, XN_FLAG_FN_MASK},
-		{ "lname", XN_FLAG_FN_LN, XN_FLAG_FN_MASK},
-		{ "align", XN_FLAG_FN_ALIGN, 0},
-		{ "oid", XN_FLAG_FN_OID, XN_FLAG_FN_MASK},
-		{ "space_eq", XN_FLAG_SPC_EQ, 0},
-		{ "dump_unknown", XN_FLAG_DUMP_UNKNOWN_FIELDS, 0},
-		{ "RFC2253", XN_FLAG_RFC2253, 0xffffffffL},
-		{ "oneline", XN_FLAG_ONELINE, 0xffffffffL},
-		{ "multiline", XN_FLAG_MULTILINE, 0xffffffffL},
-		{ "ca_default", XN_FLAG_MULTILINE, 0xffffffffL},
-		{ NULL, 0, 0}
-	};
-	return set_multi_opts(flags, arg, ex_tbl);
-}
-
-int set_ext_copy(int *copy_type, const char *arg)
-{
-	if (!strcasecmp(arg, "none"))
-		*copy_type = EXT_COPY_NONE;
-	else if (!strcasecmp(arg, "copy"))
-		*copy_type = EXT_COPY_ADD;
-	else if (!strcasecmp(arg, "copyall"))
-		*copy_type = EXT_COPY_ALL;
-	else
-		return 0;
-	return 1;
-}
-
-int copy_extensions(X509 *x, X509_REQ *req, int copy_type)
-{
-	STACK_OF(X509_EXTENSION) *exts = NULL;
-	X509_EXTENSION *ext, *tmpext;
-	ASN1_OBJECT *obj;
-	int i, idx, ret = 0;
-	if (!x || !req || (copy_type == EXT_COPY_NONE))
-		return 1;
-	exts = X509_REQ_get_extensions(req);
-
-	for(i = 0; i < sk_X509_EXTENSION_num(exts); i++) {
-		ext = sk_X509_EXTENSION_value(exts, i);
-		obj = X509_EXTENSION_get_object(ext);
-		idx = X509_get_ext_by_OBJ(x, obj, -1);
-		/* Does extension exist? */
-		if (idx != -1) {
-			/* If normal copy don't override existing extension */
-			if (copy_type == EXT_COPY_ADD)
-				continue;
-			/* Delete all extensions of same type */
-			do {
-				tmpext = X509_get_ext(x, idx);
-				X509_delete_ext(x, idx);
-				X509_EXTENSION_free(tmpext);
-				idx = X509_get_ext_by_OBJ(x, obj, -1);
-			} while (idx != -1);
-		}
-		if (!X509_add_ext(x, ext, -1))
-			goto end;
-	}
-
-	ret = 1;
-
-	end:
-
-	sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
-
-	return ret;
-}
-		
-		
-			
-
-static int set_multi_opts(unsigned long *flags, const char *arg, const NAME_EX_TBL *in_tbl)
-{
-	STACK_OF(CONF_VALUE) *vals;
-	CONF_VALUE *val;
-	int i, ret = 1;
-	if(!arg) return 0;
-	vals = X509V3_parse_list(arg);
-	for (i = 0; i < sk_CONF_VALUE_num(vals); i++) {
-		val = sk_CONF_VALUE_value(vals, i);
-		if (!set_table_opts(flags, val->name, in_tbl))
-			ret = 0;
-	}
-	sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
-	return ret;
-}
-
-static int set_table_opts(unsigned long *flags, const char *arg, const NAME_EX_TBL *in_tbl)
-{
-	char c;
-	const NAME_EX_TBL *ptbl;
-	c = arg[0];
-
-	if(c == '-') {
-		c = 0;
-		arg++;
-	} else if (c == '+') {
-		c = 1;
-		arg++;
-	} else c = 1;
-
-	for(ptbl = in_tbl; ptbl->name; ptbl++) {
-		if(!strcasecmp(arg, ptbl->name)) {
-			*flags &= ~ptbl->mask;
-			if(c) *flags |= ptbl->flag;
-			else *flags &= ~ptbl->flag;
-			return 1;
-		}
-	}
-	return 0;
-}
-
-void print_name(BIO *out, const char *title, X509_NAME *nm, unsigned long lflags)
-{
-	char *buf;
-	char mline = 0;
-	int indent = 0;
-
-	if(title) BIO_puts(out, title);
-	if((lflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
-		mline = 1;
-		indent = 4;
-	}
-	if(lflags == XN_FLAG_COMPAT) {
-		buf = X509_NAME_oneline(nm, 0, 0);
-		BIO_puts(out, buf);
-		BIO_puts(out, "\n");
-		OPENSSL_free(buf);
-	} else {
-		if(mline) BIO_puts(out, "\n");
-		X509_NAME_print_ex(out, nm, indent, lflags);
-		BIO_puts(out, "\n");
-	}
-}
-
-X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath)
-{
-	X509_STORE *store;
-	X509_LOOKUP *lookup;
-	if(!(store = X509_STORE_new())) goto end;
-	lookup=X509_STORE_add_lookup(store,X509_LOOKUP_file());
-	if (lookup == NULL) goto end;
-	if (CAfile) {
-		if(!X509_LOOKUP_load_file(lookup,CAfile,X509_FILETYPE_PEM)) {
-			BIO_printf(bp, "Error loading file %s\n", CAfile);
-			goto end;
-		}
-	} else X509_LOOKUP_load_file(lookup,NULL,X509_FILETYPE_DEFAULT);
-		
-	lookup=X509_STORE_add_lookup(store,X509_LOOKUP_hash_dir());
-	if (lookup == NULL) goto end;
-	if (CApath) {
-		if(!X509_LOOKUP_add_dir(lookup,CApath,X509_FILETYPE_PEM)) {
-			BIO_printf(bp, "Error loading directory %s\n", CApath);
-			goto end;
-		}
-	} else X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT);
-
-	ERR_clear_error();
-	return store;
-	end:
-	X509_STORE_free(store);
-	return NULL;
-}
-
-#ifndef OPENSSL_NO_ENGINE
-/* Try to load an engine in a shareable library */
-static ENGINE *try_load_engine(BIO *err, const char *engine, int debug)
-	{
-	ENGINE *e = ENGINE_by_id("dynamic");
-	if (e)
-		{
-		if (!ENGINE_ctrl_cmd_string(e, "SO_PATH", engine, 0)
-			|| !ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0))
-			{
-			ENGINE_free(e);
-			e = NULL;
-			}
-		}
-	return e;
-	}
-
-ENGINE *setup_engine(BIO *err, const char *engine, int debug)
-        {
-        ENGINE *e = NULL;
-
-        if (engine)
-                {
-		if(strcmp(engine, "auto") == 0)
-			{
-			BIO_printf(err,"enabling auto ENGINE support\n");
-			ENGINE_register_all_complete();
-			return NULL;
-			}
-		if((e = ENGINE_by_id(engine)) == NULL
-			&& (e = try_load_engine(err, engine, debug)) == NULL)
-			{
-			BIO_printf(err,"invalid engine \"%s\"\n", engine);
-			ERR_print_errors(err);
-			return NULL;
-			}
-		if (debug)
-			{
-			ENGINE_ctrl(e, ENGINE_CTRL_SET_LOGSTREAM,
-				0, err, 0);
-			}
-                ENGINE_ctrl_cmd(e, "SET_USER_INTERFACE", 0, ui_method, 0, 1);
-		if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
-			{
-			BIO_printf(err,"can't use that engine\n");
-			ERR_print_errors(err);
-			ENGINE_free(e);
-			return NULL;
-			}
-
-		BIO_printf(err,"engine \"%s\" set.\n", ENGINE_get_id(e));
-
-		/* Free our "structural" reference. */
-		ENGINE_free(e);
-		}
-        return e;
-        }
-#endif
-
-int load_config(BIO *err, CONF *cnf)
-	{
-	static int load_config_called = 0;
-	if (load_config_called)
-		return 1;
-	load_config_called = 1;
-	if (!cnf)
-		cnf = config;
-	if (!cnf)
-		return 1;
-
-	OPENSSL_load_builtin_modules();
-
-	if (CONF_modules_load(cnf, NULL, 0) <= 0)
-		{
-		BIO_printf(err, "Error configuring OpenSSL\n");
-		ERR_print_errors(err);
-		return 0;
-		}
-	return 1;
-	}
-
-char *make_config_name()
-	{
-	const char *t=X509_get_default_cert_area();
-	size_t len;
-	char *p;
-
-	len=strlen(t)+strlen(OPENSSL_CONF)+2;
-	p=OPENSSL_malloc(len);
-	BUF_strlcpy(p,t,len);
-#ifndef OPENSSL_SYS_VMS
-	BUF_strlcat(p,"/",len);
-#endif
-	BUF_strlcat(p,OPENSSL_CONF,len);
-
-	return p;
-	}
-
-static unsigned long index_serial_hash(const OPENSSL_CSTRING *a)
-	{
-	const char *n;
-
-	n=a[DB_serial];
-	while (*n == '0') n++;
-	return(lh_strhash(n));
-	}
-
-static int index_serial_cmp(const OPENSSL_CSTRING *a, const OPENSSL_CSTRING *b)
-	{
-	const char *aa,*bb;
-
-	for (aa=a[DB_serial]; *aa == '0'; aa++);
-	for (bb=b[DB_serial]; *bb == '0'; bb++);
-	return(strcmp(aa,bb));
-	}
-
-static int index_name_qual(char **a)
-	{ return(a[0][0] == 'V'); }
-
-static unsigned long index_name_hash(const OPENSSL_CSTRING *a)
-	{ return(lh_strhash(a[DB_name])); }
-
-int index_name_cmp(const OPENSSL_CSTRING *a, const OPENSSL_CSTRING *b)
-	{ return(strcmp(a[DB_name], b[DB_name])); }
-
-static IMPLEMENT_LHASH_HASH_FN(index_serial, OPENSSL_CSTRING)
-static IMPLEMENT_LHASH_COMP_FN(index_serial, OPENSSL_CSTRING)
-static IMPLEMENT_LHASH_HASH_FN(index_name, OPENSSL_CSTRING)
-static IMPLEMENT_LHASH_COMP_FN(index_name, OPENSSL_CSTRING)
-
-#undef BSIZE
-#define BSIZE 256
-
-BIGNUM *load_serial(char *serialfile, int create, ASN1_INTEGER **retai)
-	{
-	BIO *in=NULL;
-	BIGNUM *ret=NULL;
-	MS_STATIC char buf[1024];
-	ASN1_INTEGER *ai=NULL;
-
-	ai=ASN1_INTEGER_new();
-	if (ai == NULL) goto err;
-
-	if ((in=BIO_new(BIO_s_file())) == NULL)
-		{
-		ERR_print_errors(bio_err);
-		goto err;
-		}
-
-	if (BIO_read_filename(in,serialfile) <= 0)
-		{
-		if (!create)
-			{
-			perror(serialfile);
-			goto err;
-			}
-		else
-			{
-			ret=BN_new();
-			if (ret == NULL || !rand_serial(ret, ai))
-				BIO_printf(bio_err, "Out of memory\n");
-			}
-		}
-	else
-		{
-		if (!a2i_ASN1_INTEGER(in,ai,buf,1024))
-			{
-			BIO_printf(bio_err,"unable to load number from %s\n",
-				serialfile);
-			goto err;
-			}
-		ret=ASN1_INTEGER_to_BN(ai,NULL);
-		if (ret == NULL)
-			{
-			BIO_printf(bio_err,"error converting number from bin to BIGNUM\n");
-			goto err;
-			}
-		}
-
-	if (ret && retai)
-		{
-		*retai = ai;
-		ai = NULL;
-		}
- err:
-	if (in != NULL) BIO_free(in);
-	if (ai != NULL) ASN1_INTEGER_free(ai);
-	return(ret);
-	}
-
-int save_serial(char *serialfile, char *suffix, BIGNUM *serial, ASN1_INTEGER **retai)
-	{
-	char buf[1][BSIZE];
-	BIO *out = NULL;
-	int ret=0;
-	ASN1_INTEGER *ai=NULL;
-	int j;
-
-	if (suffix == NULL)
-		j = strlen(serialfile);
-	else
-		j = strlen(serialfile) + strlen(suffix) + 1;
-	if (j >= BSIZE)
-		{
-		BIO_printf(bio_err,"file name too long\n");
-		goto err;
-		}
-
-	if (suffix == NULL)
-		BUF_strlcpy(buf[0], serialfile, BSIZE);
-	else
-		{
-#ifndef OPENSSL_SYS_VMS
-		j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", serialfile, suffix);
-#else
-		j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", serialfile, suffix);
-#endif
-		}
-#ifdef RL_DEBUG
-	BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[0]);
-#endif
-	out=BIO_new(BIO_s_file());
-	if (out == NULL)
-		{
-		ERR_print_errors(bio_err);
-		goto err;
-		}
-	if (BIO_write_filename(out,buf[0]) <= 0)
-		{
-		perror(serialfile);
-		goto err;
-		}
-
-	if ((ai=BN_to_ASN1_INTEGER(serial,NULL)) == NULL)
-		{
-		BIO_printf(bio_err,"error converting serial to ASN.1 format\n");
-		goto err;
-		}
-	i2a_ASN1_INTEGER(out,ai);
-	BIO_puts(out,"\n");
-	ret=1;
-	if (retai)
-		{
-		*retai = ai;
-		ai = NULL;
-		}
-err:
-	if (out != NULL) BIO_free_all(out);
-	if (ai != NULL) ASN1_INTEGER_free(ai);
-	return(ret);
-	}
-
-int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix)
-	{
-	char buf[5][BSIZE];
-	int i,j;
-
-	i = strlen(serialfile) + strlen(old_suffix);
-	j = strlen(serialfile) + strlen(new_suffix);
-	if (i > j) j = i;
-	if (j + 1 >= BSIZE)
-		{
-		BIO_printf(bio_err,"file name too long\n");
-		goto err;
-		}
-
-#ifndef OPENSSL_SYS_VMS
-	j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s",
-		serialfile, new_suffix);
-#else
-	j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s",
-		serialfile, new_suffix);
-#endif
-#ifndef OPENSSL_SYS_VMS
-	j = BIO_snprintf(buf[1], sizeof buf[1], "%s.%s",
-		serialfile, old_suffix);
-#else
-	j = BIO_snprintf(buf[1], sizeof buf[1], "%s-%s",
-		serialfile, old_suffix);
-#endif
-#ifdef RL_DEBUG
-	BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
-		serialfile, buf[1]);
-#endif
-	if (rename(serialfile,buf[1]) < 0 && errno != ENOENT
-#ifdef ENOTDIR
-			&& errno != ENOTDIR
-#endif
-	   )		{
-			BIO_printf(bio_err,
-				"unable to rename %s to %s\n",
-				serialfile, buf[1]);
-			perror("reason");
-			goto err;
-			}
-#ifdef RL_DEBUG
-	BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
-		buf[0],serialfile);
-#endif
-	if (rename(buf[0],serialfile) < 0)
-		{
-		BIO_printf(bio_err,
-			"unable to rename %s to %s\n",
-			buf[0],serialfile);
-		perror("reason");
-		rename(buf[1],serialfile);
-		goto err;
-		}
-	return 1;
- err:
-	return 0;
-	}
-
-int rand_serial(BIGNUM *b, ASN1_INTEGER *ai)
-	{
-	BIGNUM *btmp;
-	int ret = 0;
-	if (b)
-		btmp = b;
-	else
-		btmp = BN_new();
-
-	if (!btmp)
-		return 0;
-
-	if (!BN_pseudo_rand(btmp, SERIAL_RAND_BITS, 0, 0))
-		goto error;
-	if (ai && !BN_to_ASN1_INTEGER(btmp, ai))
-		goto error;
-
-	ret = 1;
-	
-	error:
-
-	if (!b)
-		BN_free(btmp);
-	
-	return ret;
-	}
-
-CA_DB *load_index(char *dbfile, DB_ATTR *db_attr)
-	{
-	CA_DB *retdb = NULL;
-	TXT_DB *tmpdb = NULL;
-	BIO *in = BIO_new(BIO_s_file());
-	CONF *dbattr_conf = NULL;
-	char buf[1][BSIZE];
-	long errorline= -1;
-
-	if (in == NULL)
-		{
-		ERR_print_errors(bio_err);
-		goto err;
-		}
-	if (BIO_read_filename(in,dbfile) <= 0)
-		{
-		perror(dbfile);
-		BIO_printf(bio_err,"unable to open '%s'\n",dbfile);
-		goto err;
-		}
-	if ((tmpdb = TXT_DB_read(in,DB_NUMBER)) == NULL)
-		goto err;
-
-#ifndef OPENSSL_SYS_VMS
-	BIO_snprintf(buf[0], sizeof buf[0], "%s.attr", dbfile);
-#else
-	BIO_snprintf(buf[0], sizeof buf[0], "%s-attr", dbfile);
-#endif
-	dbattr_conf = NCONF_new(NULL);
-	if (NCONF_load(dbattr_conf,buf[0],&errorline) <= 0)
-		{
-		if (errorline > 0)
-			{
-			BIO_printf(bio_err,
-				"error on line %ld of db attribute file '%s'\n"
-				,errorline,buf[0]);
-			goto err;
-			}
-		else
-			{
-			NCONF_free(dbattr_conf);
-			dbattr_conf = NULL;
-			}
-		}
-
-	if ((retdb = OPENSSL_malloc(sizeof(CA_DB))) == NULL)
-		{
-		fprintf(stderr, "Out of memory\n");
-		goto err;
-		}
-
-	retdb->db = tmpdb;
-	tmpdb = NULL;
-	if (db_attr)
-		retdb->attributes = *db_attr;
-	else
-		{
-		retdb->attributes.unique_subject = 1;
-		}
-
-	if (dbattr_conf)
-		{
-		char *p = NCONF_get_string(dbattr_conf,NULL,"unique_subject");
-		if (p)
-			{
-#ifdef RL_DEBUG
-			BIO_printf(bio_err, "DEBUG[load_index]: unique_subject = \"%s\"\n", p);
-#endif
-			retdb->attributes.unique_subject = parse_yesno(p,1);
-			}
-		}
-
- err:
-	if (dbattr_conf) NCONF_free(dbattr_conf);
-	if (tmpdb) TXT_DB_free(tmpdb);
-	if (in) BIO_free_all(in);
-	return retdb;
-	}
-
-int index_index(CA_DB *db)
-	{
-	if (!TXT_DB_create_index(db->db, DB_serial, NULL,
-				LHASH_HASH_FN(index_serial),
-				LHASH_COMP_FN(index_serial)))
-		{
-		BIO_printf(bio_err,
-		  "error creating serial number index:(%ld,%ld,%ld)\n",
-		  			db->db->error,db->db->arg1,db->db->arg2);
-			return 0;
-		}
-
-	if (db->attributes.unique_subject
-		&& !TXT_DB_create_index(db->db, DB_name, index_name_qual,
-			LHASH_HASH_FN(index_name),
-			LHASH_COMP_FN(index_name)))
-		{
-		BIO_printf(bio_err,"error creating name index:(%ld,%ld,%ld)\n",
-			db->db->error,db->db->arg1,db->db->arg2);
-		return 0;
-		}
-	return 1;
-	}
-
-int save_index(const char *dbfile, const char *suffix, CA_DB *db)
-	{
-	char buf[3][BSIZE];
-	BIO *out = BIO_new(BIO_s_file());
-	int j;
-
-	if (out == NULL)
-		{
-		ERR_print_errors(bio_err);
-		goto err;
-		}
-
-	j = strlen(dbfile) + strlen(suffix);
-	if (j + 6 >= BSIZE)
-		{
-		BIO_printf(bio_err,"file name too long\n");
-		goto err;
-		}
-
-#ifndef OPENSSL_SYS_VMS
-	j = BIO_snprintf(buf[2], sizeof buf[2], "%s.attr", dbfile);
-#else
-	j = BIO_snprintf(buf[2], sizeof buf[2], "%s-attr", dbfile);
-#endif
-#ifndef OPENSSL_SYS_VMS
-	j = BIO_snprintf(buf[1], sizeof buf[1], "%s.attr.%s", dbfile, suffix);
-#else
-	j = BIO_snprintf(buf[1], sizeof buf[1], "%s-attr-%s", dbfile, suffix);
-#endif
-#ifndef OPENSSL_SYS_VMS
-	j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", dbfile, suffix);
-#else
-	j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", dbfile, suffix);
-#endif
-#ifdef RL_DEBUG
-	BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[0]);
-#endif
-	if (BIO_write_filename(out,buf[0]) <= 0)
-		{
-		perror(dbfile);
-		BIO_printf(bio_err,"unable to open '%s'\n", dbfile);
-		goto err;
-		}
-	j=TXT_DB_write(out,db->db);
-	if (j <= 0) goto err;
-			
-	BIO_free(out);
-
-	out = BIO_new(BIO_s_file());
-#ifdef RL_DEBUG
-	BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[1]);
-#endif
-	if (BIO_write_filename(out,buf[1]) <= 0)
-		{
-		perror(buf[2]);
-		BIO_printf(bio_err,"unable to open '%s'\n", buf[2]);
-		goto err;
-		}
-	BIO_printf(out,"unique_subject = %s\n",
-		db->attributes.unique_subject ? "yes" : "no");
-	BIO_free(out);
-
-	return 1;
- err:
-	return 0;
-	}
-
-int rotate_index(const char *dbfile, const char *new_suffix, const char *old_suffix)
-	{
-	char buf[5][BSIZE];
-	int i,j;
-
-	i = strlen(dbfile) + strlen(old_suffix);
-	j = strlen(dbfile) + strlen(new_suffix);
-	if (i > j) j = i;
-	if (j + 6 >= BSIZE)
-		{
-		BIO_printf(bio_err,"file name too long\n");
-		goto err;
-		}
-
-#ifndef OPENSSL_SYS_VMS
-	j = BIO_snprintf(buf[4], sizeof buf[4], "%s.attr", dbfile);
-#else
-	j = BIO_snprintf(buf[4], sizeof buf[4], "%s-attr", dbfile);
-#endif
-#ifndef OPENSSL_SYS_VMS
-	j = BIO_snprintf(buf[2], sizeof buf[2], "%s.attr.%s",
-		dbfile, new_suffix);
-#else
-	j = BIO_snprintf(buf[2], sizeof buf[2], "%s-attr-%s",
-		dbfile, new_suffix);
-#endif
-#ifndef OPENSSL_SYS_VMS
-	j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s",
-		dbfile, new_suffix);
-#else
-	j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s",
-		dbfile, new_suffix);
-#endif
-#ifndef OPENSSL_SYS_VMS
-	j = BIO_snprintf(buf[1], sizeof buf[1], "%s.%s",
-		dbfile, old_suffix);
-#else
-	j = BIO_snprintf(buf[1], sizeof buf[1], "%s-%s",
-		dbfile, old_suffix);
-#endif
-#ifndef OPENSSL_SYS_VMS
-	j = BIO_snprintf(buf[3], sizeof buf[3], "%s.attr.%s",
-		dbfile, old_suffix);
-#else
-	j = BIO_snprintf(buf[3], sizeof buf[3], "%s-attr-%s",
-		dbfile, old_suffix);
-#endif
-#ifdef RL_DEBUG
-	BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
-		dbfile, buf[1]);
-#endif
-	if (rename(dbfile,buf[1]) < 0 && errno != ENOENT
-#ifdef ENOTDIR
-		&& errno != ENOTDIR
-#endif
-	   )		{
-			BIO_printf(bio_err,
-				"unable to rename %s to %s\n",
-				dbfile, buf[1]);
-			perror("reason");
-			goto err;
-			}
-#ifdef RL_DEBUG
-	BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
-		buf[0],dbfile);
-#endif
-	if (rename(buf[0],dbfile) < 0)
-		{
-		BIO_printf(bio_err,
-			"unable to rename %s to %s\n",
-			buf[0],dbfile);
-		perror("reason");
-		rename(buf[1],dbfile);
-		goto err;
-		}
-#ifdef RL_DEBUG
-	BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
-		buf[4],buf[3]);
-#endif
-	if (rename(buf[4],buf[3]) < 0 && errno != ENOENT
-#ifdef ENOTDIR
-		&& errno != ENOTDIR
-#endif
-	   )		{
-			BIO_printf(bio_err,
-				"unable to rename %s to %s\n",
-				buf[4], buf[3]);
-			perror("reason");
-			rename(dbfile,buf[0]);
-			rename(buf[1],dbfile);
-			goto err;
-			}
-#ifdef RL_DEBUG
-	BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
-		buf[2],buf[4]);
-#endif
-	if (rename(buf[2],buf[4]) < 0)
-		{
-		BIO_printf(bio_err,
-			"unable to rename %s to %s\n",
-			buf[2],buf[4]);
-		perror("reason");
-		rename(buf[3],buf[4]);
-		rename(dbfile,buf[0]);
-		rename(buf[1],dbfile);
-		goto err;
-		}
-	return 1;
- err:
-	return 0;
-	}
-
-void free_index(CA_DB *db)
-	{
-	if (db)
-		{
-		if (db->db) TXT_DB_free(db->db);
-		OPENSSL_free(db);
-		}
-	}
-
-int parse_yesno(const char *str, int def)
-	{
-	int ret = def;
-	if (str)
-		{
-		switch (*str)
-			{
-		case 'f': /* false */
-		case 'F': /* FALSE */
-		case 'n': /* no */
-		case 'N': /* NO */
-		case '0': /* 0 */
-			ret = 0;
-			break;
-		case 't': /* true */
-		case 'T': /* TRUE */
-		case 'y': /* yes */
-		case 'Y': /* YES */
-		case '1': /* 1 */
-			ret = 1;
-			break;
-		default:
-			ret = def;
-			break;
-			}
-		}
-	return ret;
-	}
-
-/*
- * subject is expected to be in the format /type0=value0/type1=value1/type2=...
- * where characters may be escaped by \
- */
-X509_NAME *parse_name(char *subject, long chtype, int multirdn)
-	{
-	size_t buflen = strlen(subject)+1; /* to copy the types and values into. due to escaping, the copy can only become shorter */
-	char *buf = OPENSSL_malloc(buflen);
-	size_t max_ne = buflen / 2 + 1; /* maximum number of name elements */
-	char **ne_types = OPENSSL_malloc(max_ne * sizeof (char *));
-	char **ne_values = OPENSSL_malloc(max_ne * sizeof (char *));
-	int *mval = OPENSSL_malloc (max_ne * sizeof (int));
-
-	char *sp = subject, *bp = buf;
-	int i, ne_num = 0;
-
-	X509_NAME *n = NULL;
-	int nid;
-
-	if (!buf || !ne_types || !ne_values)
-		{
-		BIO_printf(bio_err, "malloc error\n");
-		goto error;
-		}	
-
-	if (*subject != '/')
-		{
-		BIO_printf(bio_err, "Subject does not start with '/'.\n");
-		goto error;
-		}
-	sp++; /* skip leading / */
-
-	/* no multivalued RDN by default */
-	mval[ne_num] = 0;
-
-	while (*sp)
-		{
-		/* collect type */
-		ne_types[ne_num] = bp;
-		while (*sp)
-			{
-			if (*sp == '\\') /* is there anything to escape in the type...? */
-				{
-				if (*++sp)
-					*bp++ = *sp++;
-				else	
-					{
-					BIO_printf(bio_err, "escape character at end of string\n");
-					goto error;
-					}
-				}	
-			else if (*sp == '=')
-				{
-				sp++;
-				*bp++ = '\0';
-				break;
-				}
-			else
-				*bp++ = *sp++;
-			}
-		if (!*sp)
-			{
-			BIO_printf(bio_err, "end of string encountered while processing type of subject name element #%d\n", ne_num);
-			goto error;
-			}
-		ne_values[ne_num] = bp;
-		while (*sp)
-			{
-			if (*sp == '\\')
-				{
-				if (*++sp)
-					*bp++ = *sp++;
-				else
-					{
-					BIO_printf(bio_err, "escape character at end of string\n");
-					goto error;
-					}
-				}
-			else if (*sp == '/')
-				{
-				sp++;
-				/* no multivalued RDN by default */
-				mval[ne_num+1] = 0;
-				break;
-				}
-			else if (*sp == '+' && multirdn)
-				{
-				/* a not escaped + signals a mutlivalued RDN */
-				sp++;
-				mval[ne_num+1] = -1;
-				break;
-				}
-			else
-				*bp++ = *sp++;
-			}
-		*bp++ = '\0';
-		ne_num++;
-		}	
-
-	if (!(n = X509_NAME_new()))
-		goto error;
-
-	for (i = 0; i < ne_num; i++)
-		{
-		if ((nid=OBJ_txt2nid(ne_types[i])) == NID_undef)
-			{
-			BIO_printf(bio_err, "Subject Attribute %s has no known NID, skipped\n", ne_types[i]);
-			continue;
-			}
-
-		if (!*ne_values[i])
-			{
-			BIO_printf(bio_err, "No value provided for Subject Attribute %s, skipped\n", ne_types[i]);
-			continue;
-			}
-
-		if (!X509_NAME_add_entry_by_NID(n, nid, chtype, (unsigned char*)ne_values[i], -1,-1,mval[i]))
-			goto error;
-		}
-
-	OPENSSL_free(ne_values);
-	OPENSSL_free(ne_types);
-	OPENSSL_free(buf);
-	return n;
-
-error:
-	X509_NAME_free(n);
-	if (ne_values)
-		OPENSSL_free(ne_values);
-	if (ne_types)
-		OPENSSL_free(ne_types);
-	if (buf)
-		OPENSSL_free(buf);
-	return NULL;
-}
-
-int args_verify(char ***pargs, int *pargc,
-			int *badarg, BIO *err, X509_VERIFY_PARAM **pm)
-	{
-	ASN1_OBJECT *otmp = NULL;
-	unsigned long flags = 0;
-	int i;
-	int purpose = 0, depth = -1;
-	char **oldargs = *pargs;
-	char *arg = **pargs, *argn = (*pargs)[1];
-	if (!strcmp(arg, "-policy"))
-		{
-		if (!argn)
-			*badarg = 1;
-		else
-			{
-			otmp = OBJ_txt2obj(argn, 0);
-			if (!otmp)
-				{
-				BIO_printf(err, "Invalid Policy \"%s\"\n",
-									argn);
-				*badarg = 1;
-				}
-			}
-		(*pargs)++;
-		}
-	else if (strcmp(arg,"-purpose") == 0)
-		{
-		X509_PURPOSE *xptmp;
-		if (!argn)
-			*badarg = 1;
-		else
-			{
-			i = X509_PURPOSE_get_by_sname(argn);
-			if(i < 0)
-				{
-				BIO_printf(err, "unrecognized purpose\n");
-				*badarg = 1;
-				}
-			else
-				{
-				xptmp = X509_PURPOSE_get0(i);
-				purpose = X509_PURPOSE_get_id(xptmp);
-				}
-			}
-		(*pargs)++;
-		}
-	else if (strcmp(arg,"-verify_depth") == 0)
-		{
-		if (!argn)
-			*badarg = 1;
-		else
-			{
-			depth = atoi(argn);
-			if(depth < 0)
-				{
-				BIO_printf(err, "invalid depth\n");
-				*badarg = 1;
-				}
-			}
-		(*pargs)++;
-		}
-	else if (!strcmp(arg, "-ignore_critical"))
-		flags |= X509_V_FLAG_IGNORE_CRITICAL;
-	else if (!strcmp(arg, "-issuer_checks"))
-		flags |= X509_V_FLAG_CB_ISSUER_CHECK;
-	else if (!strcmp(arg, "-crl_check"))
-		flags |=  X509_V_FLAG_CRL_CHECK;
-	else if (!strcmp(arg, "-crl_check_all"))
-		flags |= X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL;
-	else if (!strcmp(arg, "-policy_check"))
-		flags |= X509_V_FLAG_POLICY_CHECK;
-	else if (!strcmp(arg, "-explicit_policy"))
-		flags |= X509_V_FLAG_EXPLICIT_POLICY;
-	else if (!strcmp(arg, "-inhibit_any"))
-		flags |= X509_V_FLAG_INHIBIT_ANY;
-	else if (!strcmp(arg, "-inhibit_map"))
-		flags |= X509_V_FLAG_INHIBIT_MAP;
-	else if (!strcmp(arg, "-x509_strict"))
-		flags |= X509_V_FLAG_X509_STRICT;
-	else if (!strcmp(arg, "-extended_crl"))
-		flags |= X509_V_FLAG_EXTENDED_CRL_SUPPORT;
-	else if (!strcmp(arg, "-use_deltas"))
-		flags |= X509_V_FLAG_USE_DELTAS;
-	else if (!strcmp(arg, "-policy_print"))
-		flags |= X509_V_FLAG_NOTIFY_POLICY;
-	else if (!strcmp(arg, "-check_ss_sig"))
-		flags |= X509_V_FLAG_CHECK_SS_SIGNATURE;
-	else
-		return 0;
-
-	if (*badarg)
-		{
-		if (*pm)
-			X509_VERIFY_PARAM_free(*pm);
-		*pm = NULL;
-		goto end;
-		}
-
-	if (!*pm && !(*pm = X509_VERIFY_PARAM_new()))
-		{
-		*badarg = 1;
-		goto end;
-		}
-
-	if (otmp)
-		X509_VERIFY_PARAM_add0_policy(*pm, otmp);
-	if (flags)
-		X509_VERIFY_PARAM_set_flags(*pm, flags);
-
-	if (purpose)
-		X509_VERIFY_PARAM_set_purpose(*pm, purpose);
-
-	if (depth >= 0)
-		X509_VERIFY_PARAM_set_depth(*pm, depth);
-
-	end:
-
-	(*pargs)++;
-
-	if (pargc)
-		*pargc -= *pargs - oldargs;
-
-	return 1;
-
-	}
-
-/* Read whole contents of a BIO into an allocated memory buffer and
- * return it.
- */
-
-int bio_to_mem(unsigned char **out, int maxlen, BIO *in)
-	{
-	BIO *mem;
-	int len, ret;
-	unsigned char tbuf[1024];
-	mem = BIO_new(BIO_s_mem());
-	if (!mem)
-		return -1;
-	for(;;)
-		{
-		if ((maxlen != -1) && maxlen < 1024)
-			len = maxlen;
-		else
-			len = 1024;
-		len = BIO_read(in, tbuf, len);
-		if (len <= 0)
-			break;
-		if (BIO_write(mem, tbuf, len) != len)
-			{
-			BIO_free(mem);
-			return -1;
-			}
-		maxlen -= len;
-
-		if (maxlen == 0)
-			break;
-		}
-	ret = BIO_get_mem_data(mem, (char **)out);
-	BIO_set_flags(mem, BIO_FLAGS_MEM_RDONLY);
-	BIO_free(mem);
-	return ret;
-	}
-
-int pkey_ctrl_string(EVP_PKEY_CTX *ctx, char *value)
-	{
-	int rv;
-	char *stmp, *vtmp = NULL;
-	stmp = BUF_strdup(value);
-	if (!stmp)
-		return -1;
-	vtmp = strchr(stmp, ':');
-	if (vtmp)
-		{
-		*vtmp = 0;
-		vtmp++;
-		}
-	rv = EVP_PKEY_CTX_ctrl_str(ctx, stmp, vtmp);
-	OPENSSL_free(stmp);
-	return rv;
-	}
-
-static void nodes_print(BIO *out, const char *name,
-	STACK_OF(X509_POLICY_NODE) *nodes)
-	{
-	X509_POLICY_NODE *node;
-	int i;
-	BIO_printf(out, "%s Policies:", name);
-	if (nodes)
-		{
-		BIO_puts(out, "\n");
-		for (i = 0; i < sk_X509_POLICY_NODE_num(nodes); i++)
-			{
-			node = sk_X509_POLICY_NODE_value(nodes, i);
-			X509_POLICY_NODE_print(out, node, 2);
-			}
-		}
-	else
-		BIO_puts(out, " \n");
-	}
-
-void policies_print(BIO *out, X509_STORE_CTX *ctx)
-	{
-	X509_POLICY_TREE *tree;
-	int explicit_policy;
-	int free_out = 0;
-	if (out == NULL)
-		{
-		out = BIO_new_fp(stderr, BIO_NOCLOSE);
-		free_out = 1;
-		}
-	tree = X509_STORE_CTX_get0_policy_tree(ctx);
-	explicit_policy = X509_STORE_CTX_get_explicit_policy(ctx);
-
-	BIO_printf(out, "Require explicit Policy: %s\n",
-				explicit_policy ? "True" : "False");
-
-	nodes_print(out, "Authority", X509_policy_tree_get0_policies(tree));
-	nodes_print(out, "User", X509_policy_tree_get0_user_policies(tree));
-	if (free_out)
-		BIO_free(out);
-	}
-
-#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
-
-static JPAKE_CTX *jpake_init(const char *us, const char *them,
-							 const char *secret)
-	{
-	BIGNUM *p = NULL;
-	BIGNUM *g = NULL;
-	BIGNUM *q = NULL;
-	BIGNUM *bnsecret = BN_new();
-	JPAKE_CTX *ctx;
-
-	/* Use a safe prime for p (that we found earlier) */
-	BN_hex2bn(&p, "F9E5B365665EA7A05A9C534502780FEE6F1AB5BD4F49947FD036DBD7E905269AF46EF28B0FC07487EE4F5D20FB3C0AF8E700F3A2FA3414970CBED44FEDFF80CE78D800F184BB82435D137AADA2C6C16523247930A63B85661D1FC817A51ACD96168E95898A1F83A79FFB529368AA7833ABD1B0C3AEDDB14D2E1A2F71D99F763F");
-	g = BN_new();
-	BN_set_word(g, 2);
-	q = BN_new();
-	BN_rshift1(q, p);
-
-	BN_bin2bn((const unsigned char *)secret, strlen(secret), bnsecret);
-
-	ctx = JPAKE_CTX_new(us, them, p, g, q, bnsecret);
-	BN_free(bnsecret);
-	BN_free(q);
-	BN_free(g);
-	BN_free(p);
-
-	return ctx;
-	}
-
-static void jpake_send_part(BIO *conn, const JPAKE_STEP_PART *p)
-	{
-	BN_print(conn, p->gx);
-	BIO_puts(conn, "\n");
-	BN_print(conn, p->zkpx.gr);
-	BIO_puts(conn, "\n");
-	BN_print(conn, p->zkpx.b);
-	BIO_puts(conn, "\n");
-	}
-
-static void jpake_send_step1(BIO *bconn, JPAKE_CTX *ctx)
-	{
-	JPAKE_STEP1 s1;
-
-	JPAKE_STEP1_init(&s1);
-	JPAKE_STEP1_generate(&s1, ctx);
-	jpake_send_part(bconn, &s1.p1);
-	jpake_send_part(bconn, &s1.p2);
-	(void)BIO_flush(bconn);
-	JPAKE_STEP1_release(&s1);
-	}
-
-static void jpake_send_step2(BIO *bconn, JPAKE_CTX *ctx)
-	{
-	JPAKE_STEP2 s2;
-
-	JPAKE_STEP2_init(&s2);
-	JPAKE_STEP2_generate(&s2, ctx);
-	jpake_send_part(bconn, &s2);
-	(void)BIO_flush(bconn);
-	JPAKE_STEP2_release(&s2);
-	}
-
-static void jpake_send_step3a(BIO *bconn, JPAKE_CTX *ctx)
-	{
-	JPAKE_STEP3A s3a;
-
-	JPAKE_STEP3A_init(&s3a);
-	JPAKE_STEP3A_generate(&s3a, ctx);
-	BIO_write(bconn, s3a.hhk, sizeof s3a.hhk);
-	(void)BIO_flush(bconn);
-	JPAKE_STEP3A_release(&s3a);
-	}
-
-static void jpake_send_step3b(BIO *bconn, JPAKE_CTX *ctx)
-	{
-	JPAKE_STEP3B s3b;
-
-	JPAKE_STEP3B_init(&s3b);
-	JPAKE_STEP3B_generate(&s3b, ctx);
-	BIO_write(bconn, s3b.hk, sizeof s3b.hk);
-	(void)BIO_flush(bconn);
-	JPAKE_STEP3B_release(&s3b);
-	}
-
-static void readbn(BIGNUM **bn, BIO *bconn)
-	{
-	char buf[10240];
-	int l;
-
-	l = BIO_gets(bconn, buf, sizeof buf);
-	assert(l > 0);
-	assert(buf[l-1] == '\n');
-	buf[l-1] = '\0';
-	BN_hex2bn(bn, buf);
-	}
-
-static void jpake_receive_part(JPAKE_STEP_PART *p, BIO *bconn)
-	{
-	readbn(&p->gx, bconn);
-	readbn(&p->zkpx.gr, bconn);
-	readbn(&p->zkpx.b, bconn);
-	}
-
-static void jpake_receive_step1(JPAKE_CTX *ctx, BIO *bconn)
-	{
-	JPAKE_STEP1 s1;
-
-	JPAKE_STEP1_init(&s1);
-	jpake_receive_part(&s1.p1, bconn);
-	jpake_receive_part(&s1.p2, bconn);
-	if(!JPAKE_STEP1_process(ctx, &s1))
-		{
-		ERR_print_errors(bio_err);
-		exit(1);
-		}
-	JPAKE_STEP1_release(&s1);
-	}
-
-static void jpake_receive_step2(JPAKE_CTX *ctx, BIO *bconn)
-	{
-	JPAKE_STEP2 s2;
-
-	JPAKE_STEP2_init(&s2);
-	jpake_receive_part(&s2, bconn);
-	if(!JPAKE_STEP2_process(ctx, &s2))
-		{
-		ERR_print_errors(bio_err);
-		exit(1);
-		}
-	JPAKE_STEP2_release(&s2);
-	}
-
-static void jpake_receive_step3a(JPAKE_CTX *ctx, BIO *bconn)
-	{
-	JPAKE_STEP3A s3a;
-	int l;
-
-	JPAKE_STEP3A_init(&s3a);
-	l = BIO_read(bconn, s3a.hhk, sizeof s3a.hhk);
-	assert(l == sizeof s3a.hhk);
-	if(!JPAKE_STEP3A_process(ctx, &s3a))
-		{
-		ERR_print_errors(bio_err);
-		exit(1);
-		}
-	JPAKE_STEP3A_release(&s3a);
-	}
-
-static void jpake_receive_step3b(JPAKE_CTX *ctx, BIO *bconn)
-	{
-	JPAKE_STEP3B s3b;
-	int l;
-
-	JPAKE_STEP3B_init(&s3b);
-	l = BIO_read(bconn, s3b.hk, sizeof s3b.hk);
-	assert(l == sizeof s3b.hk);
-	if(!JPAKE_STEP3B_process(ctx, &s3b))
-		{
-		ERR_print_errors(bio_err);
-		exit(1);
-		}
-	JPAKE_STEP3B_release(&s3b);
-	}
-
-void jpake_client_auth(BIO *out, BIO *conn, const char *secret)
-	{
-	JPAKE_CTX *ctx;
-	BIO *bconn;
-
-	BIO_puts(out, "Authenticating with JPAKE\n");
-
-	ctx = jpake_init("client", "server", secret);
-
-	bconn = BIO_new(BIO_f_buffer());
-	BIO_push(bconn, conn);
-
-	jpake_send_step1(bconn, ctx);
-	jpake_receive_step1(ctx, bconn);
-	jpake_send_step2(bconn, ctx);
-	jpake_receive_step2(ctx, bconn);
-	jpake_send_step3a(bconn, ctx);
-	jpake_receive_step3b(ctx, bconn);
-
-	BIO_puts(out, "JPAKE authentication succeeded, setting PSK\n");
-
-	psk_key = BN_bn2hex(JPAKE_get_shared_key(ctx));
-
-	BIO_pop(bconn);
-	BIO_free(bconn);
-
-	JPAKE_CTX_free(ctx);
-	}
-
-void jpake_server_auth(BIO *out, BIO *conn, const char *secret)
-	{
-	JPAKE_CTX *ctx;
-	BIO *bconn;
-
-	BIO_puts(out, "Authenticating with JPAKE\n");
-
-	ctx = jpake_init("server", "client", secret);
-
-	bconn = BIO_new(BIO_f_buffer());
-	BIO_push(bconn, conn);
-
-	jpake_receive_step1(ctx, bconn);
-	jpake_send_step1(bconn, ctx);
-	jpake_receive_step2(ctx, bconn);
-	jpake_send_step2(bconn, ctx);
-	jpake_receive_step3a(ctx, bconn);
-	jpake_send_step3b(bconn, ctx);
-
-	BIO_puts(out, "JPAKE authentication succeeded, setting PSK\n");
-
-	psk_key = BN_bn2hex(JPAKE_get_shared_key(ctx));
-
-	BIO_pop(bconn);
-	BIO_free(bconn);
-
-	JPAKE_CTX_free(ctx);
-	}
-
-#endif
-
-/*
- * Platform-specific sections
- */
-#if defined(_WIN32)
-# ifdef fileno
-#  undef fileno
-#  define fileno(a) (int)_fileno(a)
-# endif
-
-# include 
-# include 
-
-static int WIN32_rename(const char *from, const char *to)
-	{
-	TCHAR  *tfrom=NULL,*tto;
-	DWORD	err;
-	int	ret=0;
-
-	if (sizeof(TCHAR) == 1)
-		{
-		tfrom = (TCHAR *)from;
-		tto   = (TCHAR *)to;
-		}
-	else	/* UNICODE path */
-		{
-		size_t i,flen=strlen(from)+1,tlen=strlen(to)+1;
-		tfrom = (TCHAR *)malloc(sizeof(TCHAR)*(flen+tlen));
-		if (tfrom==NULL) goto err;
-		tto=tfrom+flen;
-#if !defined(_WIN32_WCE) || _WIN32_WCE>=101
-		if (!MultiByteToWideChar(CP_ACP,0,from,flen,(WCHAR *)tfrom,flen))
-#endif
-			for (i=0;i=101
-		if (!MultiByteToWideChar(CP_ACP,0,to,  tlen,(WCHAR *)tto,  tlen))
-#endif
-			for (i=0;i
-
-double app_tminterval(int stop,int usertime)
-	{
-	double		ret=0;
-	static clock_t	tmstart;
-	static int	warning=1;
-
-	if (usertime && warning)
-		{
-		BIO_printf(bio_err,"To get meaningful results, run "
-				   "this program on idle system.\n");
-		warning=0;
-		}
-
-	if (stop==TM_START)	tmstart = clock();
-	else			ret     = (clock()-tmstart)/(double)CLOCKS_PER_SEC;
-
-	return (ret);
-	}
-
-#elif defined(OPENSSL_SYSTEM_VXWORKS)
-#include 
-
-double app_tminterval(int stop,int usertime)
-	{
-	double ret=0;
-#ifdef CLOCK_REALTIME
-	static struct timespec	tmstart;
-	struct timespec		now;
-#else
-	static unsigned long	tmstart;
-	unsigned long		now;
-#endif
-	static int warning=1;
-
-	if (usertime && warning)
-		{
-		BIO_printf(bio_err,"To get meaningful results, run "
-				   "this program on idle system.\n");
-		warning=0;
-		}
-
-#ifdef CLOCK_REALTIME
-	clock_gettime(CLOCK_REALTIME,&now);
-	if (stop==TM_START)	tmstart = now;
-	else	ret = ( (now.tv_sec+now.tv_nsec*1e-9)
-			- (tmstart.tv_sec+tmstart.tv_nsec*1e-9) );
-#else
-	now = tickGet();
-	if (stop==TM_START)	tmstart = now;
-	else			ret = (now - tmstart)/(double)sysClkRateGet();
-#endif
-	return (ret);
-	}
-
-#elif defined(OPENSSL_SYSTEM_VMS)
-#include 
-#include 
-
-double app_tminterval(int stop,int usertime)
-	{
-	static clock_t	tmstart;
-	double		ret = 0;
-	clock_t		now;
-#ifdef __TMS
-	struct tms	rus;
-
-	now = times(&rus);
-	if (usertime)	now = rus.tms_utime;
-#else
-	if (usertime)
-		now = clock(); /* sum of user and kernel times */
-	else	{
-		struct timeval tv;
-		gettimeofday(&tv,NULL);
-		now = (clock_t)(
-			(unsigned long long)tv.tv_sec*CLK_TCK +
-			(unsigned long long)tv.tv_usec*(1000000/CLK_TCK)
-			);
-		}
-#endif
-	if (stop==TM_START)	tmstart = now;
-	else			ret = (now - tmstart)/(double)(CLK_TCK);
-
-	return (ret);
-	}
-
-#elif defined(_SC_CLK_TCK)	/* by means of unistd.h */
-#include 
-
-double app_tminterval(int stop,int usertime)
-	{
-	double		ret = 0;
-	struct tms	rus;
-	clock_t		now = times(&rus);
-	static clock_t	tmstart;
-
-	if (usertime)		now = rus.tms_utime;
-
-	if (stop==TM_START)	tmstart = now;
-	else
-		{
-		long int tck = sysconf(_SC_CLK_TCK);
-		ret = (now - tmstart)/(double)tck;
-		}
-
-	return (ret);
-	}
-
-#else
-#include 
-#include 
-
-double app_tminterval(int stop,int usertime)
-	{
-	double		ret = 0;
-	struct rusage	rus;
-	struct timeval	now;
-	static struct timeval tmstart;
-
-	if (usertime)		getrusage(RUSAGE_SELF,&rus), now = rus.ru_utime;
-	else			gettimeofday(&now,NULL);
-
-	if (stop==TM_START)	tmstart = now;
-	else			ret = ( (now.tv_sec+now.tv_usec*1e-6)
-					- (tmstart.tv_sec+tmstart.tv_usec*1e-6) );
-
-	return ret;
-	}
-#endif
-
-/* app_isdir section */
-#ifdef _WIN32
-int app_isdir(const char *name)
-	{
-	HANDLE		hList;
-	WIN32_FIND_DATA	FileData;
-#if defined(UNICODE) || defined(_UNICODE)
-	size_t i, len_0 = strlen(name)+1;
-
-	if (len_0 > sizeof(FileData.cFileName)/sizeof(FileData.cFileName[0]))
-		return -1;
-
-#if !defined(_WIN32_WCE) || _WIN32_WCE>=101
-	if (!MultiByteToWideChar(CP_ACP,0,name,len_0,FileData.cFileName,len_0))
-#endif
-		for (i=0;i
-#ifndef S_ISDIR
-# if defined(_S_IFMT) && defined(_S_IFDIR)
-#  define S_ISDIR(a)   (((a) & _S_IFMT) == _S_IFDIR)
-# else 
-#  define S_ISDIR(a)   (((a) & S_IFMT) == S_IFDIR)
-# endif 
-#endif 
-
-int app_isdir(const char *name)
-	{
-#if defined(S_ISDIR)
-	struct stat st;
-
-	if (stat(name,&st)==0)	return S_ISDIR(st.st_mode);
-	else			return -1;
-#else
-	return -1;
-#endif
-	}
-#endif
-
-/* raw_read|write section */
-#if defined(_WIN32) && defined(STD_INPUT_HANDLE)
-int raw_read_stdin(void *buf,int siz)
-	{
-	DWORD n;
-	if (ReadFile(GetStdHandle(STD_INPUT_HANDLE),buf,siz,&n,NULL))
-		return (n);
-	else	return (-1);
-	}
-#else
-int raw_read_stdin(void *buf,int siz)
-	{	return read(fileno(stdin),buf,siz);	}
-#endif
-
-#if defined(_WIN32) && defined(STD_OUTPUT_HANDLE)
-int raw_write_stdout(const void *buf,int siz)
-	{
-	DWORD n;
-	if (WriteFile(GetStdHandle(STD_OUTPUT_HANDLE),buf,siz,&n,NULL))
-		return (n);
-	else	return (-1);
-	}
-#else
-int raw_write_stdout(const void *buf,int siz)
-	{	return write(fileno(stdout),buf,siz);	}
-#endif
-
-#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
-/* next_protos_parse parses a comma separated list of strings into a string
- * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
- *   outlen: (output) set to the length of the resulting buffer on success.
- *   in: a NUL termianted string like "abc,def,ghi"
- *
- *   returns: a malloced buffer or NULL on failure.
- */
-unsigned char *next_protos_parse(unsigned short *outlen, const char *in)
-	{
-	size_t len;
-	unsigned char *out;
-	size_t i, start = 0;
-
-	len = strlen(in);
-	if (len >= 65535)
-		return NULL;
-
-	out = OPENSSL_malloc(strlen(in) + 1);
-	if (!out)
-		return NULL;
-
-	for (i = 0; i <= len; ++i)
-		{
-		if (i == len || in[i] == ',')
-			{
-			if (i - start > 255)
-				{
-				OPENSSL_free(out);
-				return NULL;
-				}
-			out[start] = i - start;
-			start = i + 1;
-			}
-		else
-			out[i+1] = in[i];
-		}
-
-	*outlen = len + 1;
-	return out;
-	}
-#endif  /* !OPENSSL_NO_TLSEXT && !OPENSSL_NO_NEXTPROTONEG */
diff --git a/deps/openssl/openssl/apps/apps.h b/deps/openssl/openssl/apps/apps.h
deleted file mode 100644
index 42072ec49d4..00000000000
--- a/deps/openssl/openssl/apps/apps.h
+++ /dev/null
@@ -1,364 +0,0 @@
-/* apps/apps.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_APPS_H
-#define HEADER_APPS_H
-
-#include "e_os.h"
-
-#include 
-#include 
-#include 
-#include 
-#include 
-#ifndef OPENSSL_NO_ENGINE
-#include 
-#endif
-#ifndef OPENSSL_NO_OCSP
-#include 
-#endif
-#include 
-
-int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn);
-int app_RAND_write_file(const char *file, BIO *bio_e);
-/* When `file' is NULL, use defaults.
- * `bio_e' is for error messages. */
-void app_RAND_allow_write_file(void);
-long app_RAND_load_files(char *file); /* `file' is a list of files to read,
-                                       * separated by LIST_SEPARATOR_CHAR
-                                       * (see e_os.h).  The string is
-                                       * destroyed! */
-
-#ifndef MONOLITH
-
-#define MAIN(a,v)	main(a,v)
-
-#ifndef NON_MAIN
-CONF *config=NULL;
-BIO *bio_err=NULL;
-#else
-extern CONF *config;
-extern BIO *bio_err;
-#endif
-
-#else
-
-#define MAIN(a,v)	PROG(a,v)
-extern CONF *config;
-extern char *default_config_file;
-extern BIO *bio_err;
-
-#endif
-
-#ifndef OPENSSL_SYS_NETWARE
-#include 
-#endif
-
-#ifdef SIGPIPE
-#define do_pipe_sig()	signal(SIGPIPE,SIG_IGN)
-#else
-#define do_pipe_sig()
-#endif
-
-#ifdef OPENSSL_NO_COMP
-#define zlib_cleanup() 
-#else
-#define zlib_cleanup() COMP_zlib_cleanup()
-#endif
-
-#if defined(MONOLITH) && !defined(OPENSSL_C)
-#  define apps_startup() \
-		do_pipe_sig()
-#  define apps_shutdown()
-#else
-#  ifndef OPENSSL_NO_ENGINE
-#    define apps_startup() \
-			do { do_pipe_sig(); CRYPTO_malloc_init(); \
-			ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
-			ENGINE_load_builtin_engines(); setup_ui_method(); } while(0)
-#    define apps_shutdown() \
-			do { CONF_modules_unload(1); destroy_ui_method(); \
-			OBJ_cleanup(); EVP_cleanup(); ENGINE_cleanup(); \
-			CRYPTO_cleanup_all_ex_data(); ERR_remove_thread_state(NULL); \
-			ERR_free_strings(); zlib_cleanup();} while(0)
-#  else
-#    define apps_startup() \
-			do { do_pipe_sig(); CRYPTO_malloc_init(); \
-			ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
-			setup_ui_method(); } while(0)
-#    define apps_shutdown() \
-			do { CONF_modules_unload(1); destroy_ui_method(); \
-			OBJ_cleanup(); EVP_cleanup(); \
-			CRYPTO_cleanup_all_ex_data(); ERR_remove_thread_state(NULL); \
-			ERR_free_strings(); zlib_cleanup(); } while(0)
-#  endif
-#endif
-
-#ifdef OPENSSL_SYSNAME_WIN32
-#  define openssl_fdset(a,b) FD_SET((unsigned int)a, b)
-#else
-#  define openssl_fdset(a,b) FD_SET(a, b)
-#endif
-
-
-typedef struct args_st
-	{
-	char **data;
-	int count;
-	} ARGS;
-
-#define PW_MIN_LENGTH 4
-typedef struct pw_cb_data
-	{
-	const void *password;
-	const char *prompt_info;
-	} PW_CB_DATA;
-
-int password_callback(char *buf, int bufsiz, int verify,
-	PW_CB_DATA *cb_data);
-
-int setup_ui_method(void);
-void destroy_ui_method(void);
-
-int should_retry(int i);
-int args_from_file(char *file, int *argc, char **argv[]);
-int str2fmt(char *s);
-void program_name(char *in,char *out,int size);
-int chopup_args(ARGS *arg,char *buf, int *argc, char **argv[]);
-#ifdef HEADER_X509_H
-int dump_cert_text(BIO *out, X509 *x);
-void print_name(BIO *out, const char *title, X509_NAME *nm, unsigned long lflags);
-#endif
-int set_cert_ex(unsigned long *flags, const char *arg);
-int set_name_ex(unsigned long *flags, const char *arg);
-int set_ext_copy(int *copy_type, const char *arg);
-int copy_extensions(X509 *x, X509_REQ *req, int copy_type);
-int app_passwd(BIO *err, char *arg1, char *arg2, char **pass1, char **pass2);
-int add_oid_section(BIO *err, CONF *conf);
-X509 *load_cert(BIO *err, const char *file, int format,
-	const char *pass, ENGINE *e, const char *cert_descrip);
-EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin,
-	const char *pass, ENGINE *e, const char *key_descrip);
-EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin,
-	const char *pass, ENGINE *e, const char *key_descrip);
-STACK_OF(X509) *load_certs(BIO *err, const char *file, int format,
-	const char *pass, ENGINE *e, const char *cert_descrip);
-STACK_OF(X509_CRL) *load_crls(BIO *err, const char *file, int format,
-	const char *pass, ENGINE *e, const char *cert_descrip);
-X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath);
-#ifndef OPENSSL_NO_ENGINE
-ENGINE *setup_engine(BIO *err, const char *engine, int debug);
-#endif
-
-#ifndef OPENSSL_NO_OCSP
-OCSP_RESPONSE *process_responder(BIO *err, OCSP_REQUEST *req,
-			char *host, char *path, char *port, int use_ssl,
-			STACK_OF(CONF_VALUE) *headers,
-			int req_timeout);
-#endif
-
-int load_config(BIO *err, CONF *cnf);
-char *make_config_name(void);
-
-/* Functions defined in ca.c and also used in ocsp.c */
-int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold,
-			ASN1_GENERALIZEDTIME **pinvtm, const char *str);
-
-#define DB_type         0
-#define DB_exp_date     1
-#define DB_rev_date     2
-#define DB_serial       3       /* index - unique */
-#define DB_file         4       
-#define DB_name         5       /* index - unique when active and not disabled */
-#define DB_NUMBER       6
-
-#define DB_TYPE_REV	'R'
-#define DB_TYPE_EXP	'E'
-#define DB_TYPE_VAL	'V'
-
-typedef struct db_attr_st
-	{
-	int unique_subject;
-	} DB_ATTR;
-typedef struct ca_db_st
-	{
-	DB_ATTR attributes;
-	TXT_DB *db;
-	} CA_DB;
-
-BIGNUM *load_serial(char *serialfile, int create, ASN1_INTEGER **retai);
-int save_serial(char *serialfile, char *suffix, BIGNUM *serial, ASN1_INTEGER **retai);
-int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix);
-int rand_serial(BIGNUM *b, ASN1_INTEGER *ai);
-CA_DB *load_index(char *dbfile, DB_ATTR *dbattr);
-int index_index(CA_DB *db);
-int save_index(const char *dbfile, const char *suffix, CA_DB *db);
-int rotate_index(const char *dbfile, const char *new_suffix, const char *old_suffix);
-void free_index(CA_DB *db);
-#define index_name_cmp_noconst(a, b) \
-	index_name_cmp((const OPENSSL_CSTRING *)CHECKED_PTR_OF(OPENSSL_STRING, a), \
-	(const OPENSSL_CSTRING *)CHECKED_PTR_OF(OPENSSL_STRING, b))
-int index_name_cmp(const OPENSSL_CSTRING *a, const OPENSSL_CSTRING *b);
-int parse_yesno(const char *str, int def);
-
-X509_NAME *parse_name(char *str, long chtype, int multirdn);
-int args_verify(char ***pargs, int *pargc,
-			int *badarg, BIO *err, X509_VERIFY_PARAM **pm);
-void policies_print(BIO *out, X509_STORE_CTX *ctx);
-int bio_to_mem(unsigned char **out, int maxlen, BIO *in);
-int pkey_ctrl_string(EVP_PKEY_CTX *ctx, char *value);
-int init_gen_str(BIO *err, EVP_PKEY_CTX **pctx,
-			const char *algname, ENGINE *e, int do_param);
-#ifndef OPENSSL_NO_PSK
-extern char *psk_key;
-#endif
-#ifndef OPENSSL_NO_JPAKE
-void jpake_client_auth(BIO *out, BIO *conn, const char *secret);
-void jpake_server_auth(BIO *out, BIO *conn, const char *secret);
-#endif
-
-#define FORMAT_UNDEF    0
-#define FORMAT_ASN1     1
-#define FORMAT_TEXT     2
-#define FORMAT_PEM      3
-#define FORMAT_NETSCAPE 4
-#define FORMAT_PKCS12   5
-#define FORMAT_SMIME    6
-#define FORMAT_ENGINE   7
-#define FORMAT_IISSGC	8	/* XXX this stupid macro helps us to avoid
-				 * adding yet another param to load_*key() */
-#define FORMAT_PEMRSA	9	/* PEM RSAPubicKey format */
-#define FORMAT_ASN1RSA	10	/* DER RSAPubicKey format */
-#define FORMAT_MSBLOB	11	/* MS Key blob format */
-#define FORMAT_PVK	12	/* MS PVK file format */
-
-#define EXT_COPY_NONE	0
-#define EXT_COPY_ADD	1
-#define EXT_COPY_ALL	2
-
-#define NETSCAPE_CERT_HDR	"certificate"
-
-#define APP_PASS_LEN	1024
-
-#define SERIAL_RAND_BITS	64
-
-int app_isdir(const char *);
-int raw_read_stdin(void *,int);
-int raw_write_stdout(const void *,int);
-
-#define TM_START	0
-#define TM_STOP		1
-double app_tminterval (int stop,int usertime);
-#endif
-
-#ifndef OPENSSL_NO_NEXTPROTONEG
-unsigned char *next_protos_parse(unsigned short *outlen, const char *in);
-#endif
diff --git a/deps/openssl/openssl/apps/asn1pars.c b/deps/openssl/openssl/apps/asn1pars.c
deleted file mode 100644
index 0d6607071fe..00000000000
--- a/deps/openssl/openssl/apps/asn1pars.c
+++ /dev/null
@@ -1,445 +0,0 @@
-/* apps/asn1pars.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* A nice addition from Dr Stephen Henson  to 
- * add the -strparse option which parses nested binary structures
- */
-
-#include 
-#include 
-#include 
-#include "apps.h"
-#include 
-#include 
-#include 
-#include 
-
-/* -inform arg	- input format - default PEM (DER or PEM)
- * -in arg	- input file - default stdin
- * -i		- indent the details by depth
- * -offset	- where in the file to start
- * -length	- how many bytes to use
- * -oid file	- extra oid description file
- */
-
-#undef PROG
-#define PROG	asn1parse_main
-
-int MAIN(int, char **);
-
-static int do_generate(BIO *bio, char *genstr, char *genconf, BUF_MEM *buf);
-
-int MAIN(int argc, char **argv)
-	{
-	int i,badops=0,offset=0,ret=1,j;
-	unsigned int length=0;
-	long num,tmplen;
-	BIO *in=NULL,*out=NULL,*b64=NULL, *derout = NULL;
-	int informat,indent=0, noout = 0, dump = 0;
-	char *infile=NULL,*str=NULL,*prog,*oidfile=NULL, *derfile=NULL;
-	char *genstr=NULL, *genconf=NULL;
-	unsigned char *tmpbuf;
-	const unsigned char *ctmpbuf;
-	BUF_MEM *buf=NULL;
-	STACK_OF(OPENSSL_STRING) *osk=NULL;
-	ASN1_TYPE *at=NULL;
-
-	informat=FORMAT_PEM;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	prog=argv[0];
-	argc--;
-	argv++;
-	if ((osk=sk_OPENSSL_STRING_new_null()) == NULL)
-		{
-		BIO_printf(bio_err,"Memory allocation failure\n");
-		goto end;
-		}
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			derfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-i") == 0)
-			{
-			indent=1;
-			}
-		else if (strcmp(*argv,"-noout") == 0) noout = 1;
-		else if (strcmp(*argv,"-oid") == 0)
-			{
-			if (--argc < 1) goto bad;
-			oidfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-offset") == 0)
-			{
-			if (--argc < 1) goto bad;
-			offset= atoi(*(++argv));
-			}
-		else if (strcmp(*argv,"-length") == 0)
-			{
-			if (--argc < 1) goto bad;
-			length= atoi(*(++argv));
-			if (length == 0) goto bad;
-			}
-		else if (strcmp(*argv,"-dump") == 0)
-			{
-			dump= -1;
-			}
-		else if (strcmp(*argv,"-dlimit") == 0)
-			{
-			if (--argc < 1) goto bad;
-			dump= atoi(*(++argv));
-			if (dump <= 0) goto bad;
-			}
-		else if (strcmp(*argv,"-strparse") == 0)
-			{
-			if (--argc < 1) goto bad;
-			sk_OPENSSL_STRING_push(osk,*(++argv));
-			}
-		else if (strcmp(*argv,"-genstr") == 0)
-			{
-			if (--argc < 1) goto bad;
-			genstr= *(++argv);
-			}
-		else if (strcmp(*argv,"-genconf") == 0)
-			{
-			if (--argc < 1) goto bad;
-			genconf= *(++argv);
-			}
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options] data[num]),BUFSIZ);
-			if (i <= 0) break;
-			num+=i;
-			}
-		}
-	str=buf->data;
-
-	/* If any structs to parse go through in sequence */
-
-	if (sk_OPENSSL_STRING_num(osk))
-		{
-		tmpbuf=(unsigned char *)str;
-		tmplen=num;
-		for (i=0; ivalue.asn1_string->data;
-			tmplen=at->value.asn1_string->length;
-			}
-		str=(char *)tmpbuf;
-		num=tmplen;
-		}
-
-	if (offset >= num)
-		{
-		BIO_printf(bio_err, "Error: offset too large\n");
-		goto end;
-		}
-
-	num -= offset;
-
-	if ((length == 0) || ((long)length > num)) length=(unsigned int)num;
-	if(derout) {
-		if(BIO_write(derout, str + offset, length) != (int)length) {
-			BIO_printf(bio_err, "Error writing output\n");
-			ERR_print_errors(bio_err);
-			goto end;
-		}
-	}
-	if (!noout &&
-	    !ASN1_parse_dump(out,(unsigned char *)&(str[offset]),length,
-		    indent,dump))
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-	ret=0;
-end:
-	BIO_free(derout);
-	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free_all(out);
-	if (b64 != NULL) BIO_free(b64);
-	if (ret != 0)
-		ERR_print_errors(bio_err);
-	if (buf != NULL) BUF_MEM_free(buf);
-	if (at != NULL) ASN1_TYPE_free(at);
-	if (osk != NULL) sk_OPENSSL_STRING_free(osk);
-	OBJ_cleanup();
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-
-static int do_generate(BIO *bio, char *genstr, char *genconf, BUF_MEM *buf)
-	{
-	CONF *cnf = NULL;
-	int len;
-	long errline;
-	unsigned char *p;
-	ASN1_TYPE *atyp = NULL;
-
-	if (genconf)
-		{
-		cnf = NCONF_new(NULL);
-		if (!NCONF_load(cnf, genconf, &errline))
-			goto conferr;
-		if (!genstr)
-			genstr = NCONF_get_string(cnf, "default", "asn1");
-		if (!genstr)
-			{
-			BIO_printf(bio, "Can't find 'asn1' in '%s'\n", genconf);
-			goto err;
-			}
-		}
-
-	atyp = ASN1_generate_nconf(genstr, cnf);
-	NCONF_free(cnf);
-	cnf = NULL;
-
-	if (!atyp)
-		return -1;
-
-	len = i2d_ASN1_TYPE(atyp, NULL);
-
-	if (len <= 0)
-		goto err;
-
-	if (!BUF_MEM_grow(buf,len))
-		goto err;
-
-	p=(unsigned char *)buf->data;
-
-	i2d_ASN1_TYPE(atyp, &p);
-
-	ASN1_TYPE_free(atyp);
-	return len;
-
-	conferr:
-
-	if (errline > 0)
-		BIO_printf(bio, "Error on line %ld of config file '%s'\n",
-							errline, genconf);
-	else
-		BIO_printf(bio, "Error loading config file '%s'\n", genconf);
-
-	err:
-	NCONF_free(cnf);
-	ASN1_TYPE_free(atyp);
-
-	return -1;
-
-	}
diff --git a/deps/openssl/openssl/apps/ca-cert.srl b/deps/openssl/openssl/apps/ca-cert.srl
deleted file mode 100644
index 2c7456e3eb6..00000000000
--- a/deps/openssl/openssl/apps/ca-cert.srl
+++ /dev/null
@@ -1 +0,0 @@
-07
diff --git a/deps/openssl/openssl/apps/ca-key.pem b/deps/openssl/openssl/apps/ca-key.pem
deleted file mode 100644
index 3a520b238f5..00000000000
--- a/deps/openssl/openssl/apps/ca-key.pem
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQCju6PLddelT+nIMm07GQwmYa/eZ2JWbsmt2gotSCqM7asFp425
-gxSK4jqhhT62UPpqDBEwvQ+fYkVv3RV0r9ReuZGv12NoS4fXsQgqO17lHA7Od0Kd
-2yNwJjKh44MxPKDt2o8iQMyZE0zlHnEFNpsP4COLTDNC6ljEEu5bk8uPsQIDAQAB
-AoGAVZmpFZsDZfr0l2S9tLLwpjRWNOlKATQkno6q2WesT0eGLQufTciY+c8ypfU6
-hyio8r5iUl/VhhdjhAtKx1mRpiotftHo/eYf8rtsrnprOnWG0bWjLjtIoMbcxGn2
-J3bN6LJmbJMjDs0eJ3KnTu646F3nDUw2oGAwmpzKXA1KAP0CQQDRvQhxk2D3Pehs
-HvG665u2pB5ipYQngEFlZO7RHJZzJOZEWSLuuMqaF/7pTfA5jiBvWqCgJeCRRInL
-21ru4dlPAkEAx9jj7BgKn5TYnMoBSSe0afjsV9oApVpN1Nacb1YDtCwy+scp3++s
-nFxlv98wxIlSdpwMUn+AUWfjiWR7Tu/G/wJBAJ/KjwZIrFVxewP0x2ILYsTRYLzz
-MS4PDsO7FB+I0i7DbBOifXS2oNSpd3I0CNMwrxFnUHzynpbOStVfN3ZL5w0CQQCa
-pwFahxBRhkJKsxhjoFJBX9yl75JoY4Wvm5Tbo9ih6UJaRx3kqfkN14L2BKYcsZgb
-KY9vmDOYy6iNfjDeWTfJAkBkfPUb8oTJ/nSP5zN6sqGxSY4krc4xLxpRmxoJ8HL2
-XfhqXkTzbU13RX9JJ/NZ8vQN9Vm2NhxRGJocQkmcdVtJ
------END RSA PRIVATE KEY-----
diff --git a/deps/openssl/openssl/apps/ca-req.pem b/deps/openssl/openssl/apps/ca-req.pem
deleted file mode 100644
index 77bf7ec308b..00000000000
--- a/deps/openssl/openssl/apps/ca-req.pem
+++ /dev/null
@@ -1,11 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIBmTCCAQICAQAwWzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQx
-GjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYDVQQDExJUZXN0IENBICgx
-MDI0IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKO7o8t116VP6cgy
-bTsZDCZhr95nYlZuya3aCi1IKoztqwWnjbmDFIriOqGFPrZQ+moMETC9D59iRW/d
-FXSv1F65ka/XY2hLh9exCCo7XuUcDs53Qp3bI3AmMqHjgzE8oO3ajyJAzJkTTOUe
-cQU2mw/gI4tMM0LqWMQS7luTy4+xAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAKlk7
-cxu9gCJN3/iQFyJXQ6YphaiQAT5VBXTx9ftRrQIjA3vxlDzPWGDy+V5Tqa7h8PtR
-5Bn00JShII2zf0hjyjKils6x/UkWmjEiwSiFp4hR70iE8XwSNEHY2P6j6nQEIpgW
-kbfgmmUqk7dl2V+ossTJ80B8SBpEhrn81V/cHxA=
------END CERTIFICATE REQUEST-----
diff --git a/deps/openssl/openssl/apps/ca.c b/deps/openssl/openssl/apps/ca.c
deleted file mode 100644
index 6b8b0ef8fd1..00000000000
--- a/deps/openssl/openssl/apps/ca.c
+++ /dev/null
@@ -1,2985 +0,0 @@
-/* apps/ca.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* The PPKI stuff has been donated by Jeff Barber  */
-
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-
-#ifndef W_OK
-#  ifdef OPENSSL_SYS_VMS
-#    if defined(__DECC)
-#      include 
-#    else
-#      include 
-#    endif
-#  elif !defined(OPENSSL_SYS_VXWORKS) && !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_NETWARE)
-#    include 
-#  endif
-#endif
-
-#include "apps.h"
-
-#ifndef W_OK
-#  define F_OK 0
-#  define X_OK 1
-#  define W_OK 2
-#  define R_OK 4
-#endif
-
-#undef PROG
-#define PROG ca_main
-
-#define BASE_SECTION	"ca"
-#define CONFIG_FILE "openssl.cnf"
-
-#define ENV_DEFAULT_CA		"default_ca"
-
-#define STRING_MASK	"string_mask"
-#define UTF8_IN			"utf8"
-
-#define ENV_DIR			"dir"
-#define ENV_CERTS		"certs"
-#define ENV_CRL_DIR		"crl_dir"
-#define ENV_CA_DB		"CA_DB"
-#define ENV_NEW_CERTS_DIR	"new_certs_dir"
-#define ENV_CERTIFICATE 	"certificate"
-#define ENV_SERIAL		"serial"
-#define ENV_CRLNUMBER		"crlnumber"
-#define ENV_CRL			"crl"
-#define ENV_PRIVATE_KEY		"private_key"
-#define ENV_RANDFILE		"RANDFILE"
-#define ENV_DEFAULT_DAYS 	"default_days"
-#define ENV_DEFAULT_STARTDATE 	"default_startdate"
-#define ENV_DEFAULT_ENDDATE 	"default_enddate"
-#define ENV_DEFAULT_CRL_DAYS 	"default_crl_days"
-#define ENV_DEFAULT_CRL_HOURS 	"default_crl_hours"
-#define ENV_DEFAULT_MD		"default_md"
-#define ENV_DEFAULT_EMAIL_DN	"email_in_dn"
-#define ENV_PRESERVE		"preserve"
-#define ENV_POLICY      	"policy"
-#define ENV_EXTENSIONS      	"x509_extensions"
-#define ENV_CRLEXT      	"crl_extensions"
-#define ENV_MSIE_HACK		"msie_hack"
-#define ENV_NAMEOPT		"name_opt"
-#define ENV_CERTOPT		"cert_opt"
-#define ENV_EXTCOPY		"copy_extensions"
-#define ENV_UNIQUE_SUBJECT	"unique_subject"
-
-#define ENV_DATABASE		"database"
-
-/* Additional revocation information types */
-
-#define REV_NONE		0	/* No addditional information */
-#define REV_CRL_REASON		1	/* Value is CRL reason code */
-#define REV_HOLD		2	/* Value is hold instruction */
-#define REV_KEY_COMPROMISE	3	/* Value is cert key compromise time */
-#define REV_CA_COMPROMISE	4	/* Value is CA key compromise time */
-
-static const char *ca_usage[]={
-"usage: ca args\n",
-"\n",
-" -verbose        - Talk alot while doing things\n",
-" -config file    - A config file\n",
-" -name arg       - The particular CA definition to use\n",
-" -gencrl         - Generate a new CRL\n",
-" -crldays days   - Days is when the next CRL is due\n",
-" -crlhours hours - Hours is when the next CRL is due\n",
-" -startdate YYMMDDHHMMSSZ  - certificate validity notBefore\n",
-" -enddate YYMMDDHHMMSSZ    - certificate validity notAfter (overrides -days)\n",
-" -days arg       - number of days to certify the certificate for\n",
-" -md arg         - md to use, one of md2, md5, sha or sha1\n",
-" -policy arg     - The CA 'policy' to support\n",
-" -keyfile arg    - private key file\n",
-" -keyform arg    - private key file format (PEM or ENGINE)\n",
-" -key arg        - key to decode the private key if it is encrypted\n",
-" -cert file      - The CA certificate\n",
-" -selfsign       - sign a certificate with the key associated with it\n",
-" -in file        - The input PEM encoded certificate request(s)\n",
-" -out file       - Where to put the output file(s)\n",
-" -outdir dir     - Where to put output certificates\n",
-" -infiles ....   - The last argument, requests to process\n",
-" -spkac file     - File contains DN and signed public key and challenge\n",
-" -ss_cert file   - File contains a self signed cert to sign\n",
-" -preserveDN     - Don't re-order the DN\n",
-" -noemailDN      - Don't add the EMAIL field into certificate' subject\n",
-" -batch          - Don't ask questions\n",
-" -msie_hack      - msie modifications to handle all those universal strings\n",
-" -revoke file    - Revoke a certificate (given in file)\n",
-" -subj arg       - Use arg instead of request's subject\n",
-" -utf8           - input characters are UTF8 (default ASCII)\n",
-" -multivalue-rdn - enable support for multivalued RDNs\n",
-" -extensions ..  - Extension section (override value in config file)\n",
-" -extfile file   - Configuration file with X509v3 extentions to add\n",
-" -crlexts ..     - CRL extension section (override value in config file)\n",
-#ifndef OPENSSL_NO_ENGINE
-" -engine e       - use engine e, possibly a hardware device.\n",
-#endif
-" -status serial  - Shows certificate status given the serial number\n",
-" -updatedb       - Updates db for expired certificates\n",
-NULL
-};
-
-#ifdef EFENCE
-extern int EF_PROTECT_FREE;
-extern int EF_PROTECT_BELOW;
-extern int EF_ALIGNMENT;
-#endif
-
-static void lookup_fail(const char *name, const char *tag);
-static int certify(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509,
-		   const EVP_MD *dgst,STACK_OF(CONF_VALUE) *policy,CA_DB *db,
-		   BIGNUM *serial, char *subj,unsigned long chtype, int multirdn, int email_dn, char *startdate,
-		   char *enddate, long days, int batch, char *ext_sect, CONF *conf,
-		   int verbose, unsigned long certopt, unsigned long nameopt,
-		   int default_op, int ext_copy, int selfsign);
-static int certify_cert(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509,
-			const EVP_MD *dgst,STACK_OF(CONF_VALUE) *policy,
-			CA_DB *db, BIGNUM *serial, char *subj,unsigned long chtype, int multirdn, int email_dn,
-			char *startdate, char *enddate, long days, int batch,
-			char *ext_sect, CONF *conf,int verbose, unsigned long certopt,
-			unsigned long nameopt, int default_op, int ext_copy,
-			ENGINE *e);
-static int certify_spkac(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509,
-			 const EVP_MD *dgst,STACK_OF(CONF_VALUE) *policy,
-			 CA_DB *db, BIGNUM *serial,char *subj,unsigned long chtype, int multirdn, int email_dn,
-			 char *startdate, char *enddate, long days, char *ext_sect,
-			 CONF *conf, int verbose, unsigned long certopt, 
-			 unsigned long nameopt, int default_op, int ext_copy);
-static void write_new_certificate(BIO *bp, X509 *x, int output_der, int notext);
-static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst,
-	STACK_OF(CONF_VALUE) *policy, CA_DB *db, BIGNUM *serial,char *subj,unsigned long chtype, int multirdn,
-	int email_dn, char *startdate, char *enddate, long days, int batch,
-       	int verbose, X509_REQ *req, char *ext_sect, CONF *conf,
-	unsigned long certopt, unsigned long nameopt, int default_op,
-	int ext_copy, int selfsign);
-static int do_revoke(X509 *x509, CA_DB *db, int ext, char *extval);
-static int get_certificate_status(const char *ser_status, CA_DB *db);
-static int do_updatedb(CA_DB *db);
-static int check_time_format(const char *str);
-char *make_revocation_str(int rev_type, char *rev_arg);
-int make_revoked(X509_REVOKED *rev, const char *str);
-int old_entry_print(BIO *bp, ASN1_OBJECT *obj, ASN1_STRING *str);
-static CONF *conf=NULL;
-static CONF *extconf=NULL;
-static char *section=NULL;
-
-static int preserve=0;
-static int msie_hack=0;
-
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	ENGINE *e = NULL;
-	char *key=NULL,*passargin=NULL;
-	int create_ser = 0;
-	int free_key = 0;
-	int total=0;
-	int total_done=0;
-	int badops=0;
-	int ret=1;
-	int email_dn=1;
-	int req=0;
-	int verbose=0;
-	int gencrl=0;
-	int dorevoke=0;
-	int doupdatedb=0;
-	long crldays=0;
-	long crlhours=0;
-	long crlsec=0;
-	long errorline= -1;
-	char *configfile=NULL;
-	char *md=NULL;
-	char *policy=NULL;
-	char *keyfile=NULL;
-	char *certfile=NULL;
-	int keyform=FORMAT_PEM;
-	char *infile=NULL;
-	char *spkac_file=NULL;
-	char *ss_cert_file=NULL;
-	char *ser_status=NULL;
-	EVP_PKEY *pkey=NULL;
-	int output_der = 0;
-	char *outfile=NULL;
-	char *outdir=NULL;
-	char *serialfile=NULL;
-	char *crlnumberfile=NULL;
-	char *extensions=NULL;
-	char *extfile=NULL;
-	char *subj=NULL;
-	unsigned long chtype = MBSTRING_ASC;
-	int multirdn = 0;
-	char *tmp_email_dn=NULL;
-	char *crl_ext=NULL;
-	int rev_type = REV_NONE;
-	char *rev_arg = NULL;
-	BIGNUM *serial=NULL;
-	BIGNUM *crlnumber=NULL;
-	char *startdate=NULL;
-	char *enddate=NULL;
-	long days=0;
-	int batch=0;
-	int notext=0;
-	unsigned long nameopt = 0, certopt = 0;
-	int default_op = 1;
-	int ext_copy = EXT_COPY_NONE;
-	int selfsign = 0;
-	X509 *x509=NULL, *x509p = NULL;
-	X509 *x=NULL;
-	BIO *in=NULL,*out=NULL,*Sout=NULL,*Cout=NULL;
-	char *dbfile=NULL;
-	CA_DB *db=NULL;
-	X509_CRL *crl=NULL;
-	X509_REVOKED *r=NULL;
-	ASN1_TIME *tmptm;
-	ASN1_INTEGER *tmpser;
-	char *f;
-	const char *p;
-	char * const *pp;
-	int i,j;
-	const EVP_MD *dgst=NULL;
-	STACK_OF(CONF_VALUE) *attribs=NULL;
-	STACK_OF(X509) *cert_sk=NULL;
-#undef BSIZE
-#define BSIZE 256
-	MS_STATIC char buf[3][BSIZE];
-	char *randfile=NULL;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine = NULL;
-#endif
-	char *tofree=NULL;
-	DB_ATTR db_attr;
-
-#ifdef EFENCE
-EF_PROTECT_FREE=1;
-EF_PROTECT_BELOW=1;
-EF_ALIGNMENT=0;
-#endif
-
-	apps_startup();
-
-	conf = NULL;
-	key = NULL;
-	section = NULL;
-
-	preserve=0;
-	msie_hack=0;
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if	(strcmp(*argv,"-verbose") == 0)
-			verbose=1;
-		else if	(strcmp(*argv,"-config") == 0)
-			{
-			if (--argc < 1) goto bad;
-			configfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-name") == 0)
-			{
-			if (--argc < 1) goto bad;
-			section= *(++argv);
-			}
-		else if (strcmp(*argv,"-subj") == 0)
-			{
-			if (--argc < 1) goto bad;
-			subj= *(++argv);
-			/* preserve=1; */
-			}
-		else if (strcmp(*argv,"-utf8") == 0)
-			chtype = MBSTRING_UTF8;
-		else if (strcmp(*argv,"-create_serial") == 0)
-			create_ser = 1;
-		else if (strcmp(*argv,"-multivalue-rdn") == 0)
-			multirdn=1;
-		else if (strcmp(*argv,"-startdate") == 0)
-			{
-			if (--argc < 1) goto bad;
-			startdate= *(++argv);
-			}
-		else if (strcmp(*argv,"-enddate") == 0)
-			{
-			if (--argc < 1) goto bad;
-			enddate= *(++argv);
-			}
-		else if (strcmp(*argv,"-days") == 0)
-			{
-			if (--argc < 1) goto bad;
-			days=atoi(*(++argv));
-			}
-		else if (strcmp(*argv,"-md") == 0)
-			{
-			if (--argc < 1) goto bad;
-			md= *(++argv);
-			}
-		else if (strcmp(*argv,"-policy") == 0)
-			{
-			if (--argc < 1) goto bad;
-			policy= *(++argv);
-			}
-		else if (strcmp(*argv,"-keyfile") == 0)
-			{
-			if (--argc < 1) goto bad;
-			keyfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-keyform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			keyform=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-passin") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passargin= *(++argv);
-			}
-		else if (strcmp(*argv,"-key") == 0)
-			{
-			if (--argc < 1) goto bad;
-			key= *(++argv);
-			}
-		else if (strcmp(*argv,"-cert") == 0)
-			{
-			if (--argc < 1) goto bad;
-			certfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-selfsign") == 0)
-			selfsign=1;
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			req=1;
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-outdir") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outdir= *(++argv);
-			}
-		else if (strcmp(*argv,"-notext") == 0)
-			notext=1;
-		else if (strcmp(*argv,"-batch") == 0)
-			batch=1;
-		else if (strcmp(*argv,"-preserveDN") == 0)
-			preserve=1;
-		else if (strcmp(*argv,"-noemailDN") == 0)
-			email_dn=0;
-		else if (strcmp(*argv,"-gencrl") == 0)
-			gencrl=1;
-		else if (strcmp(*argv,"-msie_hack") == 0)
-			msie_hack=1;
-		else if (strcmp(*argv,"-crldays") == 0)
-			{
-			if (--argc < 1) goto bad;
-			crldays= atol(*(++argv));
-			}
-		else if (strcmp(*argv,"-crlhours") == 0)
-			{
-			if (--argc < 1) goto bad;
-			crlhours= atol(*(++argv));
-			}
-		else if (strcmp(*argv,"-crlsec") == 0)
-			{
-			if (--argc < 1) goto bad;
-			crlsec = atol(*(++argv));
-			}
-		else if (strcmp(*argv,"-infiles") == 0)
-			{
-			argc--;
-			argv++;
-			req=1;
-			break;
-			}
-		else if (strcmp(*argv, "-ss_cert") == 0)
-			{
-			if (--argc < 1) goto bad;
-			ss_cert_file = *(++argv);
-			req=1;
-			}
-		else if (strcmp(*argv, "-spkac") == 0)
-			{
-			if (--argc < 1) goto bad;
-			spkac_file = *(++argv);
-			req=1;
-			}
-		else if (strcmp(*argv,"-revoke") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			dorevoke=1;
-			}
-		else if (strcmp(*argv,"-extensions") == 0)
-			{
-			if (--argc < 1) goto bad;
-			extensions= *(++argv);
-			}
-		else if (strcmp(*argv,"-extfile") == 0)
-			{
-			if (--argc < 1) goto bad;
-			extfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-status") == 0)
-			{
-			if (--argc < 1) goto bad;
-			ser_status= *(++argv);
-			}
-		else if (strcmp(*argv,"-updatedb") == 0)
-			{
-			doupdatedb=1;
-			}
-		else if (strcmp(*argv,"-crlexts") == 0)
-			{
-			if (--argc < 1) goto bad;
-			crl_ext= *(++argv);
-			}
-		else if (strcmp(*argv,"-crl_reason") == 0)
-			{
-			if (--argc < 1) goto bad;
-			rev_arg = *(++argv);
-			rev_type = REV_CRL_REASON;
-			}
-		else if (strcmp(*argv,"-crl_hold") == 0)
-			{
-			if (--argc < 1) goto bad;
-			rev_arg = *(++argv);
-			rev_type = REV_HOLD;
-			}
-		else if (strcmp(*argv,"-crl_compromise") == 0)
-			{
-			if (--argc < 1) goto bad;
-			rev_arg = *(++argv);
-			rev_type = REV_KEY_COMPROMISE;
-			}
-		else if (strcmp(*argv,"-crl_CA_compromise") == 0)
-			{
-			if (--argc < 1) goto bad;
-			rev_arg = *(++argv);
-			rev_type = REV_CA_COMPROMISE;
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
-			}
-#endif
-		else
-			{
-bad:
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-		const char **pp2;
-
-		for (pp2=ca_usage; (*pp2 != NULL); pp2++)
-			BIO_printf(bio_err,"%s",*pp2);
-		goto err;
-		}
-
-	ERR_load_crypto_strings();
-
-	/*****************************************************************/
-	tofree=NULL;
-	if (configfile == NULL) configfile = getenv("OPENSSL_CONF");
-	if (configfile == NULL) configfile = getenv("SSLEAY_CONF");
-	if (configfile == NULL)
-		{
-		const char *s=X509_get_default_cert_area();
-		size_t len;
-
-#ifdef OPENSSL_SYS_VMS
-		len = strlen(s)+sizeof(CONFIG_FILE);
-		tofree=OPENSSL_malloc(len);
-		strcpy(tofree,s);
-#else
-		len = strlen(s)+sizeof(CONFIG_FILE)+1;
-		tofree=OPENSSL_malloc(len);
-		BUF_strlcpy(tofree,s,len);
-		BUF_strlcat(tofree,"/",len);
-#endif
-		BUF_strlcat(tofree,CONFIG_FILE,len);
-		configfile=tofree;
-		}
-
-	BIO_printf(bio_err,"Using configuration from %s\n",configfile);
-	conf = NCONF_new(NULL);
-	if (NCONF_load(conf,configfile,&errorline) <= 0)
-		{
-		if (errorline <= 0)
-			BIO_printf(bio_err,"error loading the config file '%s'\n",
-				configfile);
-		else
-			BIO_printf(bio_err,"error on line %ld of config file '%s'\n"
-				,errorline,configfile);
-		goto err;
-		}
-	if(tofree)
-		{
-		OPENSSL_free(tofree);
-		tofree = NULL;
-		}
-
-	if (!load_config(bio_err, conf))
-		goto err;
-
-#ifndef OPENSSL_NO_ENGINE
-	e = setup_engine(bio_err, engine, 0);
-#endif
-
-	/* Lets get the config section we are using */
-	if (section == NULL)
-		{
-		section=NCONF_get_string(conf,BASE_SECTION,ENV_DEFAULT_CA);
-		if (section == NULL)
-			{
-			lookup_fail(BASE_SECTION,ENV_DEFAULT_CA);
-			goto err;
-			}
-		}
-
-	if (conf != NULL)
-		{
-		p=NCONF_get_string(conf,NULL,"oid_file");
-		if (p == NULL)
-			ERR_clear_error();
-		if (p != NULL)
-			{
-			BIO *oid_bio;
-
-			oid_bio=BIO_new_file(p,"r");
-			if (oid_bio == NULL) 
-				{
-				/*
-				BIO_printf(bio_err,"problems opening %s for extra oid's\n",p);
-				ERR_print_errors(bio_err);
-				*/
-				ERR_clear_error();
-				}
-			else
-				{
-				OBJ_create_objects(oid_bio);
-				BIO_free(oid_bio);
-				}
-			}
-		if (!add_oid_section(bio_err,conf)) 
-			{
-			ERR_print_errors(bio_err);
-			goto err;
-			}
-		}
-
-	randfile = NCONF_get_string(conf, BASE_SECTION, "RANDFILE");
-	if (randfile == NULL)
-		ERR_clear_error();
-	app_RAND_load_file(randfile, bio_err, 0);
-
-	f = NCONF_get_string(conf, section, STRING_MASK);
-	if (!f)
-		ERR_clear_error();
-
-	if(f && !ASN1_STRING_set_default_mask_asc(f)) {
-		BIO_printf(bio_err, "Invalid global string mask setting %s\n", f);
-		goto err;
-	}
-
-	if (chtype != MBSTRING_UTF8){
-		f = NCONF_get_string(conf, section, UTF8_IN);
-		if (!f)
-			ERR_clear_error();
-		else if (!strcmp(f, "yes"))
-			chtype = MBSTRING_UTF8;
-	}
-
-	db_attr.unique_subject = 1;
-	p = NCONF_get_string(conf, section, ENV_UNIQUE_SUBJECT);
-	if (p)
-		{
-#ifdef RL_DEBUG
-		BIO_printf(bio_err, "DEBUG: unique_subject = \"%s\"\n", p);
-#endif
-		db_attr.unique_subject = parse_yesno(p,1);
-		}
-	else
-		ERR_clear_error();
-#ifdef RL_DEBUG
-	if (!p)
-		BIO_printf(bio_err, "DEBUG: unique_subject undefined\n", p);
-#endif
-#ifdef RL_DEBUG
-	BIO_printf(bio_err, "DEBUG: configured unique_subject is %d\n",
-		db_attr.unique_subject);
-#endif
-	
-	in=BIO_new(BIO_s_file());
-	out=BIO_new(BIO_s_file());
-	Sout=BIO_new(BIO_s_file());
-	Cout=BIO_new(BIO_s_file());
-	if ((in == NULL) || (out == NULL) || (Sout == NULL) || (Cout == NULL))
-		{
-		ERR_print_errors(bio_err);
-		goto err;
-		}
-
-	/*****************************************************************/
-	/* report status of cert with serial number given on command line */
-	if (ser_status)
-	{
-		if ((dbfile=NCONF_get_string(conf,section,ENV_DATABASE)) == NULL)
-			{
-			lookup_fail(section,ENV_DATABASE);
-			goto err;
-			}
-		db = load_index(dbfile,&db_attr);
-		if (db == NULL) goto err;
-
-		if (!index_index(db)) goto err;
-
-		if (get_certificate_status(ser_status,db) != 1)
-			BIO_printf(bio_err,"Error verifying serial %s!\n",
-				 ser_status);
-		goto err;
-	}
-
-	/*****************************************************************/
-	/* we definitely need a private key, so let's get it */
-
-	if ((keyfile == NULL) && ((keyfile=NCONF_get_string(conf,
-		section,ENV_PRIVATE_KEY)) == NULL))
-		{
-		lookup_fail(section,ENV_PRIVATE_KEY);
-		goto err;
-		}
-	if (!key)
-		{
-		free_key = 1;
-		if (!app_passwd(bio_err, passargin, NULL, &key, NULL))
-			{
-			BIO_printf(bio_err,"Error getting password\n");
-			goto err;
-			}
-		}
-	pkey = load_key(bio_err, keyfile, keyform, 0, key, e, 
-		"CA private key");
-	if (key) OPENSSL_cleanse(key,strlen(key));
-	if (pkey == NULL)
-		{
-		/* load_key() has already printed an appropriate message */
-		goto err;
-		}
-
-	/*****************************************************************/
-	/* we need a certificate */
-	if (!selfsign || spkac_file || ss_cert_file || gencrl)
-		{
-		if ((certfile == NULL)
-			&& ((certfile=NCONF_get_string(conf,
-				     section,ENV_CERTIFICATE)) == NULL))
-			{
-			lookup_fail(section,ENV_CERTIFICATE);
-			goto err;
-			}
-		x509=load_cert(bio_err, certfile, FORMAT_PEM, NULL, e,
-			"CA certificate");
-		if (x509 == NULL)
-			goto err;
-
-		if (!X509_check_private_key(x509,pkey))
-			{
-			BIO_printf(bio_err,"CA certificate and CA private key do not match\n");
-			goto err;
-			}
-		}
-	if (!selfsign) x509p = x509;
-
-	f=NCONF_get_string(conf,BASE_SECTION,ENV_PRESERVE);
-	if (f == NULL)
-		ERR_clear_error();
-	if ((f != NULL) && ((*f == 'y') || (*f == 'Y')))
-		preserve=1;
-	f=NCONF_get_string(conf,BASE_SECTION,ENV_MSIE_HACK);
-	if (f == NULL)
-		ERR_clear_error();
-	if ((f != NULL) && ((*f == 'y') || (*f == 'Y')))
-		msie_hack=1;
-
-	f=NCONF_get_string(conf,section,ENV_NAMEOPT);
-
-	if (f)
-		{
-		if (!set_name_ex(&nameopt, f))
-			{
-			BIO_printf(bio_err, "Invalid name options: \"%s\"\n", f);
-			goto err;
-			}
-		default_op = 0;
-		}
-	else
-		ERR_clear_error();
-
-	f=NCONF_get_string(conf,section,ENV_CERTOPT);
-
-	if (f)
-		{
-		if (!set_cert_ex(&certopt, f))
-			{
-			BIO_printf(bio_err, "Invalid certificate options: \"%s\"\n", f);
-			goto err;
-			}
-		default_op = 0;
-		}
-	else
-		ERR_clear_error();
-
-	f=NCONF_get_string(conf,section,ENV_EXTCOPY);
-
-	if (f)
-		{
-		if (!set_ext_copy(&ext_copy, f))
-			{
-			BIO_printf(bio_err, "Invalid extension copy option: \"%s\"\n", f);
-			goto err;
-			}
-		}
-	else
-		ERR_clear_error();
-
-	/*****************************************************************/
-	/* lookup where to write new certificates */
-	if ((outdir == NULL) && (req))
-		{
-
-		if ((outdir=NCONF_get_string(conf,section,ENV_NEW_CERTS_DIR))
-			== NULL)
-			{
-			BIO_printf(bio_err,"there needs to be defined a directory for new certificate to be placed in\n");
-			goto err;
-			}
-#ifndef OPENSSL_SYS_VMS
-	    /* outdir is a directory spec, but access() for VMS demands a
-	       filename.  In any case, stat(), below, will catch the problem
-	       if outdir is not a directory spec, and the fopen() or open()
-	       will catch an error if there is no write access.
-
-	       Presumably, this problem could also be solved by using the DEC
-	       C routines to convert the directory syntax to Unixly, and give
-	       that to access().  However, time's too short to do that just
-	       now.
-	    */
-#ifndef _WIN32
-		if (access(outdir,R_OK|W_OK|X_OK) != 0)
-#else
-		if (_access(outdir,R_OK|W_OK|X_OK) != 0)
-#endif
-			{
-			BIO_printf(bio_err,"I am unable to access the %s directory\n",outdir);
-			perror(outdir);
-			goto err;
-			}
-
-		if (app_isdir(outdir)<=0)
-			{
-			BIO_printf(bio_err,"%s need to be a directory\n",outdir);
-			perror(outdir);
-			goto err;
-			}
-#endif
-		}
-
-	/*****************************************************************/
-	/* we need to load the database file */
-	if ((dbfile=NCONF_get_string(conf,section,ENV_DATABASE)) == NULL)
-		{
-		lookup_fail(section,ENV_DATABASE);
-		goto err;
-		}
-	db = load_index(dbfile, &db_attr);
-	if (db == NULL) goto err;
-
-	/* Lets check some fields */
-	for (i=0; idb->data); i++)
-		{
-		pp=sk_OPENSSL_PSTRING_value(db->db->data,i);
-		if ((pp[DB_type][0] != DB_TYPE_REV) &&
-			(pp[DB_rev_date][0] != '\0'))
-			{
-			BIO_printf(bio_err,"entry %d: not revoked yet, but has a revocation date\n",i+1);
-			goto err;
-			}
-		if ((pp[DB_type][0] == DB_TYPE_REV) &&
-			!make_revoked(NULL, pp[DB_rev_date]))
-			{
-			BIO_printf(bio_err," in entry %d\n", i+1);
-			goto err;
-			}
-		if (!check_time_format((char *)pp[DB_exp_date]))
-			{
-			BIO_printf(bio_err,"entry %d: invalid expiry date\n",i+1);
-			goto err;
-			}
-		p=pp[DB_serial];
-		j=strlen(p);
-		if (*p == '-')
-			{
-			p++;
-			j--;
-			}
-		if ((j&1) || (j < 2))
-			{
-			BIO_printf(bio_err,"entry %d: bad serial number length (%d)\n",i+1,j);
-			goto err;
-			}
-		while (*p)
-			{
-			if (!(	((*p >= '0') && (*p <= '9')) ||
-				((*p >= 'A') && (*p <= 'F')) ||
-				((*p >= 'a') && (*p <= 'f')))  )
-				{
-				BIO_printf(bio_err,"entry %d: bad serial number characters, char pos %ld, char is '%c'\n",i+1,(long)(p-pp[DB_serial]),*p);
-				goto err;
-				}
-			p++;
-			}
-		}
-	if (verbose)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE|BIO_FP_TEXT); /* cannot fail */
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		TXT_DB_write(out,db->db);
-		BIO_printf(bio_err,"%d entries loaded from the database\n",
-			   sk_OPENSSL_PSTRING_num(db->db->data));
-		BIO_printf(bio_err,"generating index\n");
-		}
-	
-	if (!index_index(db)) goto err;
-
-	/*****************************************************************/
-	/* Update the db file for expired certificates */
-	if (doupdatedb)
-		{
-		if (verbose)
-			BIO_printf(bio_err, "Updating %s ...\n",
-							dbfile);
-
-		i = do_updatedb(db);
-		if (i == -1)
-			{
-			BIO_printf(bio_err,"Malloc failure\n");
-			goto err;
-			}
-		else if (i == 0)
-			{
-			if (verbose) BIO_printf(bio_err,
-					"No entries found to mark expired\n"); 
-			}
-	    	else
-			{
-			if (!save_index(dbfile,"new",db)) goto err;
-				
-			if (!rotate_index(dbfile,"new","old")) goto err;
-				
-			if (verbose) BIO_printf(bio_err,
-				"Done. %d entries marked as expired\n",i); 
-	      		}
-	  	}
-
- 	/*****************************************************************/
-	/* Read extentions config file                                   */
-	if (extfile)
-		{
-		extconf = NCONF_new(NULL);
-		if (NCONF_load(extconf,extfile,&errorline) <= 0)
-			{
-			if (errorline <= 0)
-				BIO_printf(bio_err, "ERROR: loading the config file '%s'\n",
-					extfile);
-			else
-				BIO_printf(bio_err, "ERROR: on line %ld of config file '%s'\n",
-					errorline,extfile);
-			ret = 1;
-			goto err;
-			}
-
-		if (verbose)
-			BIO_printf(bio_err, "Successfully loaded extensions file %s\n", extfile);
-
-		/* We can have sections in the ext file */
-		if (!extensions && !(extensions = NCONF_get_string(extconf, "default", "extensions")))
-			extensions = "default";
-		}
-
-	/*****************************************************************/
-	if (req || gencrl)
-		{
-		if (outfile != NULL)
-			{
-			if (BIO_write_filename(Sout,outfile) <= 0)
-				{
-				perror(outfile);
-				goto err;
-				}
-			}
-		else
-			{
-			BIO_set_fp(Sout,stdout,BIO_NOCLOSE|BIO_FP_TEXT);
-#ifdef OPENSSL_SYS_VMS
-			{
-			BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-			Sout = BIO_push(tmpbio, Sout);
-			}
-#endif
-			}
-		}
-
-	if ((md == NULL) && ((md=NCONF_get_string(conf,
-		section,ENV_DEFAULT_MD)) == NULL))
-		{
-		lookup_fail(section,ENV_DEFAULT_MD);
-		goto err;
-		}
-
-	if (!strcmp(md, "default"))
-		{
-		int def_nid;
-		if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) <= 0)
-			{
-			BIO_puts(bio_err,"no default digest\n");
-			goto err;
-			}
-		md = (char *)OBJ_nid2sn(def_nid);
-		}
-
-	if ((dgst=EVP_get_digestbyname(md)) == NULL)
-		{
-		BIO_printf(bio_err,"%s is an unsupported message digest type\n",md);
-		goto err;
-		}
-
-	if (req)
-		{
-		if ((email_dn == 1) && ((tmp_email_dn=NCONF_get_string(conf,
-			section,ENV_DEFAULT_EMAIL_DN)) != NULL ))
-			{
-			if(strcmp(tmp_email_dn,"no") == 0)
-				email_dn=0;
-			}
-		if (verbose)
-			BIO_printf(bio_err,"message digest is %s\n",
-				OBJ_nid2ln(dgst->type));
-		if ((policy == NULL) && ((policy=NCONF_get_string(conf,
-			section,ENV_POLICY)) == NULL))
-			{
-			lookup_fail(section,ENV_POLICY);
-			goto err;
-			}
-		if (verbose)
-			BIO_printf(bio_err,"policy is %s\n",policy);
-
-		if ((serialfile=NCONF_get_string(conf,section,ENV_SERIAL))
-			== NULL)
-			{
-			lookup_fail(section,ENV_SERIAL);
-			goto err;
-			}
-
-		if (!extconf)
-			{
-			/* no '-extfile' option, so we look for extensions
-			 * in the main configuration file */
-			if (!extensions)
-				{
-				extensions=NCONF_get_string(conf,section,
-								ENV_EXTENSIONS);
-				if (!extensions)
-					ERR_clear_error();
-				}
-			if (extensions)
-				{
-				/* Check syntax of file */
-				X509V3_CTX ctx;
-				X509V3_set_ctx_test(&ctx);
-				X509V3_set_nconf(&ctx, conf);
-				if (!X509V3_EXT_add_nconf(conf, &ctx, extensions,
-								NULL))
-					{
-					BIO_printf(bio_err,
-				 	"Error Loading extension section %s\n",
-								 extensions);
-					ret = 1;
-					goto err;
-					}
-				}
-			}
-
-		if (startdate == NULL)
-			{
-			startdate=NCONF_get_string(conf,section,
-				ENV_DEFAULT_STARTDATE);
-			if (startdate == NULL)
-				ERR_clear_error();
-			}
-		if (startdate && !ASN1_TIME_set_string(NULL, startdate))
-			{
-			BIO_printf(bio_err,"start date is invalid, it should be YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ\n");
-			goto err;
-			}
-		if (startdate == NULL) startdate="today";
-
-		if (enddate == NULL)
-			{
-			enddate=NCONF_get_string(conf,section,
-				ENV_DEFAULT_ENDDATE);
-			if (enddate == NULL)
-				ERR_clear_error();
-			}
-		if (enddate && !ASN1_TIME_set_string(NULL, enddate))
-			{
-			BIO_printf(bio_err,"end date is invalid, it should be YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ\n");
-			goto err;
-			}
-
-		if (days == 0)
-			{
-			if(!NCONF_get_number(conf,section, ENV_DEFAULT_DAYS, &days))
-				days = 0;
-			}
-		if (!enddate && (days == 0))
-			{
-			BIO_printf(bio_err,"cannot lookup how many days to certify for\n");
-			goto err;
-			}
-
-		if ((serial=load_serial(serialfile, create_ser, NULL)) == NULL)
-			{
-			BIO_printf(bio_err,"error while loading serial number\n");
-			goto err;
-			}
-		if (verbose)
-			{
-			if (BN_is_zero(serial))
-				BIO_printf(bio_err,"next serial number is 00\n");
-			else
-				{
-				if ((f=BN_bn2hex(serial)) == NULL) goto err;
-				BIO_printf(bio_err,"next serial number is %s\n",f);
-				OPENSSL_free(f);
-				}
-			}
-
-		if ((attribs=NCONF_get_section(conf,policy)) == NULL)
-			{
-			BIO_printf(bio_err,"unable to find 'section' for %s\n",policy);
-			goto err;
-			}
-
-		if ((cert_sk=sk_X509_new_null()) == NULL)
-			{
-			BIO_printf(bio_err,"Memory allocation failure\n");
-			goto err;
-			}
-		if (spkac_file != NULL)
-			{
-			total++;
-			j=certify_spkac(&x,spkac_file,pkey,x509,dgst,attribs,db,
-				serial,subj,chtype,multirdn,email_dn,startdate,enddate,days,extensions,
-				conf,verbose,certopt,nameopt,default_op,ext_copy);
-			if (j < 0) goto err;
-			if (j > 0)
-				{
-				total_done++;
-				BIO_printf(bio_err,"\n");
-				if (!BN_add_word(serial,1)) goto err;
-				if (!sk_X509_push(cert_sk,x))
-					{
-					BIO_printf(bio_err,"Memory allocation failure\n");
-					goto err;
-					}
-				if (outfile)
-					{
-					output_der = 1;
-					batch = 1;
-					}
-				}
-			}
-		if (ss_cert_file != NULL)
-			{
-			total++;
-			j=certify_cert(&x,ss_cert_file,pkey,x509,dgst,attribs,
-				db,serial,subj,chtype,multirdn,email_dn,startdate,enddate,days,batch,
-				extensions,conf,verbose, certopt, nameopt,
-				default_op, ext_copy, e);
-			if (j < 0) goto err;
-			if (j > 0)
-				{
-				total_done++;
-				BIO_printf(bio_err,"\n");
-				if (!BN_add_word(serial,1)) goto err;
-				if (!sk_X509_push(cert_sk,x))
-					{
-					BIO_printf(bio_err,"Memory allocation failure\n");
-					goto err;
-					}
-				}
-			}
-		if (infile != NULL)
-			{
-			total++;
-			j=certify(&x,infile,pkey,x509p,dgst,attribs,db,
-				serial,subj,chtype,multirdn,email_dn,startdate,enddate,days,batch,
-				extensions,conf,verbose, certopt, nameopt,
-				default_op, ext_copy, selfsign);
-			if (j < 0) goto err;
-			if (j > 0)
-				{
-				total_done++;
-				BIO_printf(bio_err,"\n");
-				if (!BN_add_word(serial,1)) goto err;
-				if (!sk_X509_push(cert_sk,x))
-					{
-					BIO_printf(bio_err,"Memory allocation failure\n");
-					goto err;
-					}
-				}
-			}
-		for (i=0; i 0)
-				{
-				total_done++;
-				BIO_printf(bio_err,"\n");
-				if (!BN_add_word(serial,1)) goto err;
-				if (!sk_X509_push(cert_sk,x))
-					{
-					BIO_printf(bio_err,"Memory allocation failure\n");
-					goto err;
-					}
-				}
-			}	
-		/* we have a stack of newly certified certificates
-		 * and a data base and serial number that need
-		 * updating */
-
-		if (sk_X509_num(cert_sk) > 0)
-			{
-			if (!batch)
-				{
-				BIO_printf(bio_err,"\n%d out of %d certificate requests certified, commit? [y/n]",total_done,total);
-				(void)BIO_flush(bio_err);
-				buf[0][0]='\0';
-				if (!fgets(buf[0],10,stdin))
-					{
-					BIO_printf(bio_err,"CERTIFICATION CANCELED: I/O error\n"); 
-					ret=0;
-					goto err;
-					}
-				if ((buf[0][0] != 'y') && (buf[0][0] != 'Y'))
-					{
-					BIO_printf(bio_err,"CERTIFICATION CANCELED\n"); 
-					ret=0;
-					goto err;
-					}
-				}
-
-			BIO_printf(bio_err,"Write out database with %d new entries\n",sk_X509_num(cert_sk));
-
-			if (!save_serial(serialfile,"new",serial,NULL)) goto err;
-
-			if (!save_index(dbfile, "new", db)) goto err;
-			}
-	
-		if (verbose)
-			BIO_printf(bio_err,"writing new certificates\n");
-		for (i=0; icert_info->serialNumber->length;
-			p=(const char *)x->cert_info->serialNumber->data;
-			
-			if(strlen(outdir) >= (size_t)(j ? BSIZE-j*2-6 : BSIZE-8))
-				{
-				BIO_printf(bio_err,"certificate file name too long\n");
-				goto err;
-				}
-
-			strcpy(buf[2],outdir);
-
-#ifndef OPENSSL_SYS_VMS
-			BUF_strlcat(buf[2],"/",sizeof(buf[2]));
-#endif
-
-			n=(char *)&(buf[2][strlen(buf[2])]);
-			if (j > 0)
-				{
-				for (k=0; k= &(buf[2][sizeof(buf[2])]))
-						break;
-					BIO_snprintf(n,
-						     &buf[2][0] + sizeof(buf[2]) - n,
-						     "%02X",(unsigned char)*(p++));
-					n+=2;
-					}
-				}
-			else
-				{
-				*(n++)='0';
-				*(n++)='0';
-				}
-			*(n++)='.'; *(n++)='p'; *(n++)='e'; *(n++)='m';
-			*n='\0';
-			if (verbose)
-				BIO_printf(bio_err,"writing %s\n",buf[2]);
-
-			if (BIO_write_filename(Cout,buf[2]) <= 0)
-				{
-				perror(buf[2]);
-				goto err;
-				}
-			write_new_certificate(Cout,x, 0, notext);
-			write_new_certificate(Sout,x, output_der, notext);
-			}
-
-		if (sk_X509_num(cert_sk))
-			{
-			/* Rename the database and the serial file */
-			if (!rotate_serial(serialfile,"new","old")) goto err;
-
-			if (!rotate_index(dbfile,"new","old")) goto err;
-
-			BIO_printf(bio_err,"Data Base Updated\n");
-			}
-		}
-	
-	/*****************************************************************/
-	if (gencrl)
-		{
-		int crl_v2 = 0;
-		if (!crl_ext)
-			{
-			crl_ext=NCONF_get_string(conf,section,ENV_CRLEXT);
-			if (!crl_ext)
-				ERR_clear_error();
-			}
-		if (crl_ext)
-			{
-			/* Check syntax of file */
-			X509V3_CTX ctx;
-			X509V3_set_ctx_test(&ctx);
-			X509V3_set_nconf(&ctx, conf);
-			if (!X509V3_EXT_add_nconf(conf, &ctx, crl_ext, NULL))
-				{
-				BIO_printf(bio_err,
-				 "Error Loading CRL extension section %s\n",
-								 crl_ext);
-				ret = 1;
-				goto err;
-				}
-			}
-
-		if ((crlnumberfile=NCONF_get_string(conf,section,ENV_CRLNUMBER))
-			!= NULL)
-			if ((crlnumber=load_serial(crlnumberfile,0,NULL)) == NULL)
-				{
-				BIO_printf(bio_err,"error while loading CRL number\n");
-				goto err;
-				}
-
-		if (!crldays && !crlhours && !crlsec)
-			{
-			if (!NCONF_get_number(conf,section,
-				ENV_DEFAULT_CRL_DAYS, &crldays))
-				crldays = 0;
-			if (!NCONF_get_number(conf,section,
-				ENV_DEFAULT_CRL_HOURS, &crlhours))
-				crlhours = 0;
-			}
-		if ((crldays == 0) && (crlhours == 0) && (crlsec == 0))
-			{
-			BIO_printf(bio_err,"cannot lookup how long until the next CRL is issued\n");
-			goto err;
-			}
-
-		if (verbose) BIO_printf(bio_err,"making CRL\n");
-		if ((crl=X509_CRL_new()) == NULL) goto err;
-		if (!X509_CRL_set_issuer_name(crl, X509_get_subject_name(x509))) goto err;
-
-		tmptm = ASN1_TIME_new();
-		if (!tmptm) goto err;
-		X509_gmtime_adj(tmptm,0);
-		X509_CRL_set_lastUpdate(crl, tmptm);	
-		if (!X509_time_adj_ex(tmptm, crldays, crlhours*60*60 + crlsec,
-			NULL))
-			{
-			BIO_puts(bio_err, "error setting CRL nextUpdate\n");
-			goto err;
-			}
-		X509_CRL_set_nextUpdate(crl, tmptm);	
-
-		ASN1_TIME_free(tmptm);
-
-		for (i=0; idb->data); i++)
-			{
-			pp=sk_OPENSSL_PSTRING_value(db->db->data,i);
-			if (pp[DB_type][0] == DB_TYPE_REV)
-				{
-				if ((r=X509_REVOKED_new()) == NULL) goto err;
-				j = make_revoked(r, pp[DB_rev_date]);
-				if (!j) goto err;
-				if (j == 2) crl_v2 = 1;
-				if (!BN_hex2bn(&serial, pp[DB_serial]))
-					goto err;
-				tmpser = BN_to_ASN1_INTEGER(serial, NULL);
-				BN_free(serial);
-				serial = NULL;
-				if (!tmpser)
-					goto err;
-				X509_REVOKED_set_serialNumber(r, tmpser);
-				ASN1_INTEGER_free(tmpser);
-				X509_CRL_add0_revoked(crl,r);
-				}
-			}
-
-		/* sort the data so it will be written in serial
-		 * number order */
-		X509_CRL_sort(crl);
-
-		/* we now have a CRL */
-		if (verbose) BIO_printf(bio_err,"signing CRL\n");
-
-		/* Add any extensions asked for */
-
-		if (crl_ext || crlnumberfile != NULL)
-			{
-			X509V3_CTX crlctx;
-			X509V3_set_ctx(&crlctx, x509, NULL, NULL, crl, 0);
-			X509V3_set_nconf(&crlctx, conf);
-
-			if (crl_ext)
-				if (!X509V3_EXT_CRL_add_nconf(conf, &crlctx,
-					crl_ext, crl)) goto err;
-			if (crlnumberfile != NULL)
-				{
-				tmpser = BN_to_ASN1_INTEGER(crlnumber, NULL);
-				if (!tmpser) goto err;
-				X509_CRL_add1_ext_i2d(crl,NID_crl_number,tmpser,0,0);
-				ASN1_INTEGER_free(tmpser);
-				crl_v2 = 1;
-				if (!BN_add_word(crlnumber,1)) goto err;
-				}
-			}
-		if (crl_ext || crl_v2)
-			{
-			if (!X509_CRL_set_version(crl, 1))
-				goto err; /* version 2 CRL */
-			}
-
-		
-		if (crlnumberfile != NULL)	/* we have a CRL number that need updating */
-			if (!save_serial(crlnumberfile,"new",crlnumber,NULL)) goto err;
-
-		if (crlnumber)
-			{
-			BN_free(crlnumber);
-			crlnumber = NULL;
-			}
-
-		if (!X509_CRL_sign(crl,pkey,dgst)) goto err;
-
-		PEM_write_bio_X509_CRL(Sout,crl);
-
-		if (crlnumberfile != NULL)	/* Rename the crlnumber file */
-			if (!rotate_serial(crlnumberfile,"new","old")) goto err;
-
-		}
-	/*****************************************************************/
-	if (dorevoke)
-		{
-		if (infile == NULL) 
-			{
-			BIO_printf(bio_err,"no input files\n");
-			goto err;
-			}
-		else
-			{
-			X509 *revcert;
-			revcert=load_cert(bio_err, infile, FORMAT_PEM,
-				NULL, e, infile);
-			if (revcert == NULL)
-				goto err;
-			j=do_revoke(revcert,db, rev_type, rev_arg);
-			if (j <= 0) goto err;
-			X509_free(revcert);
-
-			if (!save_index(dbfile, "new", db)) goto err;
-
-			if (!rotate_index(dbfile, "new", "old")) goto err;
-
-			BIO_printf(bio_err,"Data Base Updated\n"); 
-			}
-		}
-	/*****************************************************************/
-	ret=0;
-err:
-	if(tofree)
-		OPENSSL_free(tofree);
-	BIO_free_all(Cout);
-	BIO_free_all(Sout);
-	BIO_free_all(out);
-	BIO_free_all(in);
-
-	if (cert_sk)
-		sk_X509_pop_free(cert_sk,X509_free);
-
-	if (ret) ERR_print_errors(bio_err);
-	app_RAND_write_file(randfile, bio_err);
-	if (free_key && key)
-		OPENSSL_free(key);
-	BN_free(serial);
-	BN_free(crlnumber);
-	free_index(db);
-	EVP_PKEY_free(pkey);
-	if (x509) X509_free(x509);
-	X509_CRL_free(crl);
-	NCONF_free(conf);
-	NCONF_free(extconf);
-	OBJ_cleanup();
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-
-static void lookup_fail(const char *name, const char *tag)
-	{
-	BIO_printf(bio_err,"variable lookup failed for %s::%s\n",name,tag);
-	}
-
-static int certify(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
-	     const EVP_MD *dgst, STACK_OF(CONF_VALUE) *policy, CA_DB *db,
-	     BIGNUM *serial, char *subj,unsigned long chtype, int multirdn, int email_dn, char *startdate, char *enddate,
-	     long days, int batch, char *ext_sect, CONF *lconf, int verbose,
-	     unsigned long certopt, unsigned long nameopt, int default_op,
-	     int ext_copy, int selfsign)
-	{
-	X509_REQ *req=NULL;
-	BIO *in=NULL;
-	EVP_PKEY *pktmp=NULL;
-	int ok= -1,i;
-
-	in=BIO_new(BIO_s_file());
-
-	if (BIO_read_filename(in,infile) <= 0)
-		{
-		perror(infile);
-		goto err;
-		}
-	if ((req=PEM_read_bio_X509_REQ(in,NULL,NULL,NULL)) == NULL)
-		{
-		BIO_printf(bio_err,"Error reading certificate request in %s\n",
-			infile);
-		goto err;
-		}
-	if (verbose)
-		X509_REQ_print(bio_err,req);
-
-	BIO_printf(bio_err,"Check that the request matches the signature\n");
-
-	if (selfsign && !X509_REQ_check_private_key(req,pkey))
-		{
-		BIO_printf(bio_err,"Certificate request and CA private key do not match\n");
-		ok=0;
-		goto err;
-		}
-	if ((pktmp=X509_REQ_get_pubkey(req)) == NULL)
-		{
-		BIO_printf(bio_err,"error unpacking public key\n");
-		goto err;
-		}
-	i=X509_REQ_verify(req,pktmp);
-	EVP_PKEY_free(pktmp);
-	if (i < 0)
-		{
-		ok=0;
-		BIO_printf(bio_err,"Signature verification problems....\n");
-		goto err;
-		}
-	if (i == 0)
-		{
-		ok=0;
-		BIO_printf(bio_err,"Signature did not match the certificate request\n");
-		goto err;
-		}
-	else
-		BIO_printf(bio_err,"Signature ok\n");
-
-	ok=do_body(xret,pkey,x509,dgst,policy,db,serial,subj,chtype,multirdn, email_dn,
-		startdate,enddate,days,batch,verbose,req,ext_sect,lconf,
-		certopt, nameopt, default_op, ext_copy, selfsign);
-
-err:
-	if (req != NULL) X509_REQ_free(req);
-	if (in != NULL) BIO_free(in);
-	return(ok);
-	}
-
-static int certify_cert(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
-	     const EVP_MD *dgst, STACK_OF(CONF_VALUE) *policy, CA_DB *db,
-	     BIGNUM *serial, char *subj, unsigned long chtype, int multirdn, int email_dn, char *startdate, char *enddate,
-	     long days, int batch, char *ext_sect, CONF *lconf, int verbose,
-	     unsigned long certopt, unsigned long nameopt, int default_op,
-	     int ext_copy, ENGINE *e)
-	{
-	X509 *req=NULL;
-	X509_REQ *rreq=NULL;
-	EVP_PKEY *pktmp=NULL;
-	int ok= -1,i;
-
-	if ((req=load_cert(bio_err, infile, FORMAT_PEM, NULL, e, infile)) == NULL)
-		goto err;
-	if (verbose)
-		X509_print(bio_err,req);
-
-	BIO_printf(bio_err,"Check that the request matches the signature\n");
-
-	if ((pktmp=X509_get_pubkey(req)) == NULL)
-		{
-		BIO_printf(bio_err,"error unpacking public key\n");
-		goto err;
-		}
-	i=X509_verify(req,pktmp);
-	EVP_PKEY_free(pktmp);
-	if (i < 0)
-		{
-		ok=0;
-		BIO_printf(bio_err,"Signature verification problems....\n");
-		goto err;
-		}
-	if (i == 0)
-		{
-		ok=0;
-		BIO_printf(bio_err,"Signature did not match the certificate\n");
-		goto err;
-		}
-	else
-		BIO_printf(bio_err,"Signature ok\n");
-
-	if ((rreq=X509_to_X509_REQ(req,NULL,EVP_md5())) == NULL)
-		goto err;
-
-	ok=do_body(xret,pkey,x509,dgst,policy,db,serial,subj,chtype,multirdn,email_dn,startdate,enddate,
-		days,batch,verbose,rreq,ext_sect,lconf, certopt, nameopt, default_op,
-		ext_copy, 0);
-
-err:
-	if (rreq != NULL) X509_REQ_free(rreq);
-	if (req != NULL) X509_free(req);
-	return(ok);
-	}
-
-static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst,
-	     STACK_OF(CONF_VALUE) *policy, CA_DB *db, BIGNUM *serial, char *subj,
-	     unsigned long chtype, int multirdn,
-	     int email_dn, char *startdate, char *enddate, long days, int batch,
-	     int verbose, X509_REQ *req, char *ext_sect, CONF *lconf,
-	     unsigned long certopt, unsigned long nameopt, int default_op,
-	     int ext_copy, int selfsign)
-	{
-	X509_NAME *name=NULL,*CAname=NULL,*subject=NULL, *dn_subject=NULL;
-	ASN1_UTCTIME *tm,*tmptm;
-	ASN1_STRING *str,*str2;
-	ASN1_OBJECT *obj;
-	X509 *ret=NULL;
-	X509_CINF *ci;
-	X509_NAME_ENTRY *ne;
-	X509_NAME_ENTRY *tne,*push;
-	EVP_PKEY *pktmp;
-	int ok= -1,i,j,last,nid;
-	const char *p;
-	CONF_VALUE *cv;
-	OPENSSL_STRING row[DB_NUMBER];
-	OPENSSL_STRING *irow=NULL;
-	OPENSSL_STRING *rrow=NULL;
-	char buf[25];
-
-	tmptm=ASN1_UTCTIME_new();
-	if (tmptm == NULL)
-		{
-		BIO_printf(bio_err,"malloc error\n");
-		return(0);
-		}
-
-	for (i=0; ireq_info->enc.modified = 1;
-		X509_NAME_free(n);
-		}
-
-	if (default_op)
-		BIO_printf(bio_err,"The Subject's Distinguished Name is as follows\n");
-
-	name=X509_REQ_get_subject_name(req);
-	for (i=0; iobject);
-
-			if (str->type == V_ASN1_UNIVERSALSTRING)
-				ASN1_UNIVERSALSTRING_to_string(str);
-
-			if ((str->type == V_ASN1_IA5STRING) &&
-				(nid != NID_pkcs9_emailAddress))
-				str->type=V_ASN1_T61STRING;
-
-			if ((nid == NID_pkcs9_emailAddress) &&
-				(str->type == V_ASN1_PRINTABLESTRING))
-				str->type=V_ASN1_IA5STRING;
-			}
-
-		/* If no EMAIL is wanted in the subject */
-		if ((OBJ_obj2nid(obj) == NID_pkcs9_emailAddress) && (!email_dn))
-			continue;
-
-		/* check some things */
-		if ((OBJ_obj2nid(obj) == NID_pkcs9_emailAddress) &&
-			(str->type != V_ASN1_IA5STRING))
-			{
-			BIO_printf(bio_err,"\nemailAddress type needs to be of type IA5STRING\n");
-			goto err;
-			}
-		if ((str->type != V_ASN1_BMPSTRING) && (str->type != V_ASN1_UTF8STRING))
-			{
-			j=ASN1_PRINTABLE_type(str->data,str->length);
-			if (	((j == V_ASN1_T61STRING) &&
-				 (str->type != V_ASN1_T61STRING)) ||
-				((j == V_ASN1_IA5STRING) &&
-				 (str->type == V_ASN1_PRINTABLESTRING)))
-				{
-				BIO_printf(bio_err,"\nThe string contains characters that are illegal for the ASN.1 type\n");
-				goto err;
-				}
-			}
-
-		if (default_op)
-			old_entry_print(bio_err, obj, str);
-		}
-
-	/* Ok, now we check the 'policy' stuff. */
-	if ((subject=X509_NAME_new()) == NULL)
-		{
-		BIO_printf(bio_err,"Memory allocation failure\n");
-		goto err;
-		}
-
-	/* take a copy of the issuer name before we mess with it. */
-	if (selfsign)
-		CAname=X509_NAME_dup(name);
-	else
-		CAname=X509_NAME_dup(x509->cert_info->subject);
-	if (CAname == NULL) goto err;
-	str=str2=NULL;
-
-	for (i=0; iname)) == NID_undef)
-			{
-			BIO_printf(bio_err,"%s:unknown object type in 'policy' configuration\n",cv->name);
-			goto err;
-			}
-		obj=OBJ_nid2obj(j);
-
-		last= -1;
-		for (;;)
-			{
-			/* lookup the object in the supplied name list */
-			j=X509_NAME_get_index_by_OBJ(name,obj,last);
-			if (j < 0)
-				{
-				if (last != -1) break;
-				tne=NULL;
-				}
-			else
-				{
-				tne=X509_NAME_get_entry(name,j);
-				}
-			last=j;
-
-			/* depending on the 'policy', decide what to do. */
-			push=NULL;
-			if (strcmp(cv->value,"optional") == 0)
-				{
-				if (tne != NULL)
-					push=tne;
-				}
-			else if (strcmp(cv->value,"supplied") == 0)
-				{
-				if (tne == NULL)
-					{
-					BIO_printf(bio_err,"The %s field needed to be supplied and was missing\n",cv->name);
-					goto err;
-					}
-				else
-					push=tne;
-				}
-			else if (strcmp(cv->value,"match") == 0)
-				{
-				int last2;
-
-				if (tne == NULL)
-					{
-					BIO_printf(bio_err,"The mandatory %s field was missing\n",cv->name);
-					goto err;
-					}
-
-				last2= -1;
-
-again2:
-				j=X509_NAME_get_index_by_OBJ(CAname,obj,last2);
-				if ((j < 0) && (last2 == -1))
-					{
-					BIO_printf(bio_err,"The %s field does not exist in the CA certificate,\nthe 'policy' is misconfigured\n",cv->name);
-					goto err;
-					}
-				if (j >= 0)
-					{
-					push=X509_NAME_get_entry(CAname,j);
-					str=X509_NAME_ENTRY_get_data(tne);
-					str2=X509_NAME_ENTRY_get_data(push);
-					last2=j;
-					if (ASN1_STRING_cmp(str,str2) != 0)
-						goto again2;
-					}
-				if (j < 0)
-					{
-					BIO_printf(bio_err,"The %s field needed to be the same in the\nCA certificate (%s) and the request (%s)\n",cv->name,((str2 == NULL)?"NULL":(char *)str2->data),((str == NULL)?"NULL":(char *)str->data));
-					goto err;
-					}
-				}
-			else
-				{
-				BIO_printf(bio_err,"%s:invalid type in 'policy' configuration\n",cv->value);
-				goto err;
-				}
-
-			if (push != NULL)
-				{
-				if (!X509_NAME_add_entry(subject,push, -1, 0))
-					{
-					if (push != NULL)
-						X509_NAME_ENTRY_free(push);
-					BIO_printf(bio_err,"Memory allocation failure\n");
-					goto err;
-					}
-				}
-			if (j < 0) break;
-			}
-		}
-
-	if (preserve)
-		{
-		X509_NAME_free(subject);
-		/* subject=X509_NAME_dup(X509_REQ_get_subject_name(req)); */
-		subject=X509_NAME_dup(name);
-		if (subject == NULL) goto err;
-		}
-
-	if (verbose)
-		BIO_printf(bio_err,"The subject name appears to be ok, checking data base for clashes\n");
-
-	/* Build the correct Subject if no e-mail is wanted in the subject */
-	/* and add it later on because of the method extensions are added (altName) */
-	 
-	if (email_dn)
-		dn_subject = subject;
-	else
-		{
-		X509_NAME_ENTRY *tmpne;
-		/* Its best to dup the subject DN and then delete any email
-		 * addresses because this retains its structure.
-		 */
-		if (!(dn_subject = X509_NAME_dup(subject)))
-			{
-			BIO_printf(bio_err,"Memory allocation failure\n");
-			goto err;
-			}
-		while((i = X509_NAME_get_index_by_NID(dn_subject,
-					NID_pkcs9_emailAddress, -1)) >= 0)
-			{
-			tmpne = X509_NAME_get_entry(dn_subject, i);
-			X509_NAME_delete_entry(dn_subject, i);
-			X509_NAME_ENTRY_free(tmpne);
-			}
-		}
-
-	if (BN_is_zero(serial))
-		row[DB_serial]=BUF_strdup("00");
-	else
-		row[DB_serial]=BN_bn2hex(serial);
-	if (row[DB_serial] == NULL)
-		{
-		BIO_printf(bio_err,"Memory allocation failure\n");
-		goto err;
-		}
-
-	if (db->attributes.unique_subject)
-		{
-		OPENSSL_STRING *crow=row;
-
-		rrow=TXT_DB_get_by_index(db->db,DB_name,crow);
-		if (rrow != NULL)
-			{
-			BIO_printf(bio_err,
-				"ERROR:There is already a certificate for %s\n",
-				row[DB_name]);
-			}
-		}
-	if (rrow == NULL)
-		{
-		rrow=TXT_DB_get_by_index(db->db,DB_serial,row);
-		if (rrow != NULL)
-			{
-			BIO_printf(bio_err,"ERROR:Serial number %s has already been issued,\n",
-				row[DB_serial]);
-			BIO_printf(bio_err,"      check the database/serial_file for corruption\n");
-			}
-		}
-
-	if (rrow != NULL)
-		{
-		BIO_printf(bio_err,
-			"The matching entry has the following details\n");
-		if (rrow[DB_type][0] == 'E')
-			p="Expired";
-		else if (rrow[DB_type][0] == 'R')
-			p="Revoked";
-		else if (rrow[DB_type][0] == 'V')
-			p="Valid";
-		else
-			p="\ninvalid type, Data base error\n";
-		BIO_printf(bio_err,"Type	  :%s\n",p);;
-		if (rrow[DB_type][0] == 'R')
-			{
-			p=rrow[DB_exp_date]; if (p == NULL) p="undef";
-			BIO_printf(bio_err,"Was revoked on:%s\n",p);
-			}
-		p=rrow[DB_exp_date]; if (p == NULL) p="undef";
-		BIO_printf(bio_err,"Expires on    :%s\n",p);
-		p=rrow[DB_serial]; if (p == NULL) p="undef";
-		BIO_printf(bio_err,"Serial Number :%s\n",p);
-		p=rrow[DB_file]; if (p == NULL) p="undef";
-		BIO_printf(bio_err,"File name     :%s\n",p);
-		p=rrow[DB_name]; if (p == NULL) p="undef";
-		BIO_printf(bio_err,"Subject Name  :%s\n",p);
-		ok= -1; /* This is now a 'bad' error. */
-		goto err;
-		}
-
-	/* We are now totally happy, lets make and sign the certificate */
-	if (verbose)
-		BIO_printf(bio_err,"Everything appears to be ok, creating and signing the certificate\n");
-
-	if ((ret=X509_new()) == NULL) goto err;
-	ci=ret->cert_info;
-
-#ifdef X509_V3
-	/* Make it an X509 v3 certificate. */
-	if (!X509_set_version(ret,2)) goto err;
-#endif
-
-	if (BN_to_ASN1_INTEGER(serial,ci->serialNumber) == NULL)
-		goto err;
-	if (selfsign)
-		{
-		if (!X509_set_issuer_name(ret,subject))
-			goto err;
-		}
-	else
-		{
-		if (!X509_set_issuer_name(ret,X509_get_subject_name(x509)))
-			goto err;
-		}
-
-	if (strcmp(startdate,"today") == 0)
-		X509_gmtime_adj(X509_get_notBefore(ret),0);
-	else ASN1_TIME_set_string(X509_get_notBefore(ret),startdate);
-
-	if (enddate == NULL)
-		X509_time_adj_ex(X509_get_notAfter(ret),days, 0, NULL);
-	else ASN1_TIME_set_string(X509_get_notAfter(ret),enddate);
-
-	if (!X509_set_subject_name(ret,subject)) goto err;
-
-	pktmp=X509_REQ_get_pubkey(req);
-	i = X509_set_pubkey(ret,pktmp);
-	EVP_PKEY_free(pktmp);
-	if (!i) goto err;
-
-	/* Lets add the extensions, if there are any */
-	if (ext_sect)
-		{
-		X509V3_CTX ctx;
-		if (ci->version == NULL)
-			if ((ci->version=ASN1_INTEGER_new()) == NULL)
-				goto err;
-		ASN1_INTEGER_set(ci->version,2); /* version 3 certificate */
-
-		/* Free the current entries if any, there should not
-		 * be any I believe */
-		if (ci->extensions != NULL)
-			sk_X509_EXTENSION_pop_free(ci->extensions,
-						   X509_EXTENSION_free);
-
-		ci->extensions = NULL;
-
-		/* Initialize the context structure */
-		if (selfsign)
-			X509V3_set_ctx(&ctx, ret, ret, req, NULL, 0);
-		else
-			X509V3_set_ctx(&ctx, x509, ret, req, NULL, 0);
-
-		if (extconf)
-			{
-			if (verbose)
-				BIO_printf(bio_err, "Extra configuration file found\n");
- 
-			/* Use the extconf configuration db LHASH */
-			X509V3_set_nconf(&ctx, extconf);
- 
-			/* Test the structure (needed?) */
-			/* X509V3_set_ctx_test(&ctx); */
-
-			/* Adds exts contained in the configuration file */
-			if (!X509V3_EXT_add_nconf(extconf, &ctx, ext_sect,ret))
-				{
-				BIO_printf(bio_err,
-				    "ERROR: adding extensions in section %s\n",
-								ext_sect);
-				ERR_print_errors(bio_err);
-				goto err;
-				}
-			if (verbose)
-				BIO_printf(bio_err, "Successfully added extensions from file.\n");
-			}
-		else if (ext_sect)
-			{
-			/* We found extensions to be set from config file */
-			X509V3_set_nconf(&ctx, lconf);
-
-			if(!X509V3_EXT_add_nconf(lconf, &ctx, ext_sect, ret))
-				{
-				BIO_printf(bio_err, "ERROR: adding extensions in section %s\n", ext_sect);
-				ERR_print_errors(bio_err);
-				goto err;
-				}
-
-			if (verbose) 
-				BIO_printf(bio_err, "Successfully added extensions from config\n");
-			}
-		}
-
-	/* Copy extensions from request (if any) */
-
-	if (!copy_extensions(ret, req, ext_copy))
-		{
-		BIO_printf(bio_err, "ERROR: adding extensions from request\n");
-		ERR_print_errors(bio_err);
-		goto err;
-		}
-
-	/* Set the right value for the noemailDN option */
-	if( email_dn == 0 )
-		{
-		if (!X509_set_subject_name(ret,dn_subject)) goto err;
-		}
-
-	if (!default_op)
-		{
-		BIO_printf(bio_err, "Certificate Details:\n");
-		/* Never print signature details because signature not present */
-		certopt |= X509_FLAG_NO_SIGDUMP | X509_FLAG_NO_SIGNAME;
-		X509_print_ex(bio_err, ret, nameopt, certopt); 
-		}
-
-	BIO_printf(bio_err,"Certificate is to be certified until ");
-	ASN1_TIME_print(bio_err,X509_get_notAfter(ret));
-	if (days) BIO_printf(bio_err," (%ld days)",days);
-	BIO_printf(bio_err, "\n");
-
-	if (!batch)
-		{
-
-		BIO_printf(bio_err,"Sign the certificate? [y/n]:");
-		(void)BIO_flush(bio_err);
-		buf[0]='\0';
-		if (!fgets(buf,sizeof(buf)-1,stdin))
-			{
-			BIO_printf(bio_err,"CERTIFICATE WILL NOT BE CERTIFIED: I/O error\n");
-			ok=0;
-			goto err;
-			}
-		if (!((buf[0] == 'y') || (buf[0] == 'Y')))
-			{
-			BIO_printf(bio_err,"CERTIFICATE WILL NOT BE CERTIFIED\n");
-			ok=0;
-			goto err;
-			}
-		}
-
-	pktmp=X509_get_pubkey(ret);
-	if (EVP_PKEY_missing_parameters(pktmp) &&
-		!EVP_PKEY_missing_parameters(pkey))
-		EVP_PKEY_copy_parameters(pktmp,pkey);
-	EVP_PKEY_free(pktmp);
-
-	if (!X509_sign(ret,pkey,dgst))
-		goto err;
-
-	/* We now just add it to the database */
-	row[DB_type]=(char *)OPENSSL_malloc(2);
-
-	tm=X509_get_notAfter(ret);
-	row[DB_exp_date]=(char *)OPENSSL_malloc(tm->length+1);
-	memcpy(row[DB_exp_date],tm->data,tm->length);
-	row[DB_exp_date][tm->length]='\0';
-
-	row[DB_rev_date]=NULL;
-
-	/* row[DB_serial] done already */
-	row[DB_file]=(char *)OPENSSL_malloc(8);
-	row[DB_name]=X509_NAME_oneline(X509_get_subject_name(ret),NULL,0);
-
-	if ((row[DB_type] == NULL) || (row[DB_exp_date] == NULL) ||
-		(row[DB_file] == NULL) || (row[DB_name] == NULL))
-		{
-		BIO_printf(bio_err,"Memory allocation failure\n");
-		goto err;
-		}
-	BUF_strlcpy(row[DB_file],"unknown",8);
-	row[DB_type][0]='V';
-	row[DB_type][1]='\0';
-
-	if ((irow=(char **)OPENSSL_malloc(sizeof(char *)*(DB_NUMBER+1))) == NULL)
-		{
-		BIO_printf(bio_err,"Memory allocation failure\n");
-		goto err;
-		}
-
-	for (i=0; idb,irow))
-		{
-		BIO_printf(bio_err,"failed to update database\n");
-		BIO_printf(bio_err,"TXT_DB error number %ld\n",db->db->error);
-		goto err;
-		}
-	ok=1;
-err:
-	for (i=0; icert_info->serialNumber);
-	BIO_puts(bp,"\n\n");
-#endif
-	if (!notext)X509_print(bp,x);
-	PEM_write_bio_X509(bp,x);
-	}
-
-static int certify_spkac(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
-	     const EVP_MD *dgst, STACK_OF(CONF_VALUE) *policy, CA_DB *db,
-	     BIGNUM *serial, char *subj,unsigned long chtype, int multirdn, int email_dn, char *startdate, char *enddate,
-	     long days, char *ext_sect, CONF *lconf, int verbose, unsigned long certopt,
-	     unsigned long nameopt, int default_op, int ext_copy)
-	{
-	STACK_OF(CONF_VALUE) *sk=NULL;
-	LHASH_OF(CONF_VALUE) *parms=NULL;
-	X509_REQ *req=NULL;
-	CONF_VALUE *cv=NULL;
-	NETSCAPE_SPKI *spki = NULL;
-	X509_REQ_INFO *ri;
-	char *type,*buf;
-	EVP_PKEY *pktmp=NULL;
-	X509_NAME *n=NULL;
-	X509_NAME_ENTRY *ne=NULL;
-	int ok= -1,i,j;
-	long errline;
-	int nid;
-
-	/*
-	 * Load input file into a hash table.  (This is just an easy
-	 * way to read and parse the file, then put it into a convenient
-	 * STACK format).
-	 */
-	parms=CONF_load(NULL,infile,&errline);
-	if (parms == NULL)
-		{
-		BIO_printf(bio_err,"error on line %ld of %s\n",errline,infile);
-		ERR_print_errors(bio_err);
-		goto err;
-		}
-
-	sk=CONF_get_section(parms, "default");
-	if (sk_CONF_VALUE_num(sk) == 0)
-		{
-		BIO_printf(bio_err, "no name/value pairs found in %s\n", infile);
-		CONF_free(parms);
-		goto err;
-		}
-
-	/*
-	 * Now create a dummy X509 request structure.  We don't actually
-	 * have an X509 request, but we have many of the components
-	 * (a public key, various DN components).  The idea is that we
-	 * put these components into the right X509 request structure
-	 * and we can use the same code as if you had a real X509 request.
-	 */
-	req=X509_REQ_new();
-	if (req == NULL)
-		{
-		ERR_print_errors(bio_err);
-		goto err;
-		}
-
-	/*
-	 * Build up the subject name set.
-	 */
-	ri=req->req_info;
-	n = ri->subject;
-
-	for (i = 0; ; i++)
-		{
-		if (sk_CONF_VALUE_num(sk) <= i) break;
-
-		cv=sk_CONF_VALUE_value(sk,i);
-		type=cv->name;
-		/* Skip past any leading X. X: X, etc to allow for
-		 * multiple instances
-		 */
-		for (buf = cv->name; *buf ; buf++)
-			if ((*buf == ':') || (*buf == ',') || (*buf == '.'))
-				{
-				buf++;
-				if (*buf) type = buf;
-				break;
-				}
-
-		buf=cv->value;
-		if ((nid=OBJ_txt2nid(type)) == NID_undef)
-			{
-			if (strcmp(type, "SPKAC") == 0)
-				{
-				spki = NETSCAPE_SPKI_b64_decode(cv->value, -1);
-				if (spki == NULL)
-					{
-					BIO_printf(bio_err,"unable to load Netscape SPKAC structure\n");
-					ERR_print_errors(bio_err);
-					goto err;
-					}
-				}
-			continue;
-			}
-
-		if (!X509_NAME_add_entry_by_NID(n, nid, chtype,
-				(unsigned char *)buf, -1, -1, 0))
-			goto err;
-		}
-	if (spki == NULL)
-		{
-		BIO_printf(bio_err,"Netscape SPKAC structure not found in %s\n",
-			infile);
-		goto err;
-		}
-
-	/*
-	 * Now extract the key from the SPKI structure.
-	 */
-
-	BIO_printf(bio_err,"Check that the SPKAC request matches the signature\n");
-
-	if ((pktmp=NETSCAPE_SPKI_get_pubkey(spki)) == NULL)
-		{
-		BIO_printf(bio_err,"error unpacking SPKAC public key\n");
-		goto err;
-		}
-
-	j = NETSCAPE_SPKI_verify(spki, pktmp);
-	if (j <= 0)
-		{
-		BIO_printf(bio_err,"signature verification failed on SPKAC public key\n");
-		goto err;
-		}
-	BIO_printf(bio_err,"Signature ok\n");
-
-	X509_REQ_set_pubkey(req,pktmp);
-	EVP_PKEY_free(pktmp);
-	ok=do_body(xret,pkey,x509,dgst,policy,db,serial,subj,chtype,multirdn,email_dn,startdate,enddate,
-		   days,1,verbose,req,ext_sect,lconf, certopt, nameopt, default_op,
-			ext_copy, 0);
-err:
-	if (req != NULL) X509_REQ_free(req);
-	if (parms != NULL) CONF_free(parms);
-	if (spki != NULL) NETSCAPE_SPKI_free(spki);
-	if (ne != NULL) X509_NAME_ENTRY_free(ne);
-
-	return(ok);
-	}
-
-static int check_time_format(const char *str)
-	{
-	return ASN1_TIME_set_string(NULL, str);
-	}
-
-static int do_revoke(X509 *x509, CA_DB *db, int type, char *value)
-	{
-	ASN1_UTCTIME *tm=NULL;
-	char *row[DB_NUMBER],**rrow,**irow;
-	char *rev_str = NULL;
-	BIGNUM *bn = NULL;
-	int ok=-1,i;
-
-	for (i=0; idb,DB_serial,row);
-	if (rrow == NULL)
-		{
-		BIO_printf(bio_err,"Adding Entry with serial number %s to DB for %s\n", row[DB_serial], row[DB_name]);
-
-		/* We now just add it to the database */
-		row[DB_type]=(char *)OPENSSL_malloc(2);
-
-		tm=X509_get_notAfter(x509);
-		row[DB_exp_date]=(char *)OPENSSL_malloc(tm->length+1);
-		memcpy(row[DB_exp_date],tm->data,tm->length);
-		row[DB_exp_date][tm->length]='\0';
-
-		row[DB_rev_date]=NULL;
-
-		/* row[DB_serial] done already */
-		row[DB_file]=(char *)OPENSSL_malloc(8);
-
-		/* row[DB_name] done already */
-
-		if ((row[DB_type] == NULL) || (row[DB_exp_date] == NULL) ||
-			(row[DB_file] == NULL))
-			{
-			BIO_printf(bio_err,"Memory allocation failure\n");
-			goto err;
-			}
-		BUF_strlcpy(row[DB_file],"unknown",8);
-		row[DB_type][0]='V';
-		row[DB_type][1]='\0';
-
-		if ((irow=(char **)OPENSSL_malloc(sizeof(char *)*(DB_NUMBER+1))) == NULL)
-			{
-			BIO_printf(bio_err,"Memory allocation failure\n");
-			goto err;
-			}
-
-		for (i=0; idb,irow))
-			{
-			BIO_printf(bio_err,"failed to update database\n");
-			BIO_printf(bio_err,"TXT_DB error number %ld\n",db->db->error);
-			goto err;
-			}
-
-		/* Revoke Certificate */
-		ok = do_revoke(x509,db, type, value);
-
-		goto err;
-
-		}
-	else if (index_name_cmp_noconst(row, rrow))
-		{
-		BIO_printf(bio_err,"ERROR:name does not match %s\n",
-			   row[DB_name]);
-		goto err;
-		}
-	else if (rrow[DB_type][0]=='R')
-		{
-		BIO_printf(bio_err,"ERROR:Already revoked, serial number %s\n",
-			   row[DB_serial]);
-		goto err;
-		}
-	else
-		{
-		BIO_printf(bio_err,"Revoking Certificate %s.\n", rrow[DB_serial]);
-		rev_str = make_revocation_str(type, value);
-		if (!rev_str)
-			{
-			BIO_printf(bio_err, "Error in revocation arguments\n");
-			goto err;
-			}
-		rrow[DB_type][0]='R';
-		rrow[DB_type][1]='\0';
-		rrow[DB_rev_date] = rev_str;
-		}
-	ok=1;
-err:
-	for (i=0; idb,DB_serial,row);
-	if (rrow == NULL)
-		{
-		BIO_printf(bio_err,"Serial %s not present in db.\n",
-				 row[DB_serial]);
-		ok=-1;
-		goto err;
-		}
-	else if (rrow[DB_type][0]=='V')
-		{
-		BIO_printf(bio_err,"%s=Valid (%c)\n",
-			row[DB_serial], rrow[DB_type][0]);
-		goto err;
-		}
-	else if (rrow[DB_type][0]=='R')
-		{
-		BIO_printf(bio_err,"%s=Revoked (%c)\n",
-			row[DB_serial], rrow[DB_type][0]);
-		goto err;
-		}
-	else if (rrow[DB_type][0]=='E')
-		{
-		BIO_printf(bio_err,"%s=Expired (%c)\n",
-			row[DB_serial], rrow[DB_type][0]);
-		goto err;
-		}
-	else if (rrow[DB_type][0]=='S')
-		{
-		BIO_printf(bio_err,"%s=Suspended (%c)\n",
-			row[DB_serial], rrow[DB_type][0]);
-		goto err;
-		}
-	else
-		{
-		BIO_printf(bio_err,"%s=Unknown (%c).\n",
-			row[DB_serial], rrow[DB_type][0]);
-		ok=-1;
-		}
-err:
-	for (i=0; i= 2000 */ 
-	char **rrow, *a_tm_s;
-
-	a_tm = ASN1_UTCTIME_new();
-
-	/* get actual time and make a string */
-	a_tm = X509_gmtime_adj(a_tm, 0);
-	a_tm_s = (char *) OPENSSL_malloc(a_tm->length+1);
-	if (a_tm_s == NULL)
-		{
-		cnt = -1;
-		goto err;
-		}
-
-	memcpy(a_tm_s, a_tm->data, a_tm->length);
-	a_tm_s[a_tm->length] = '\0';
-
-	if (strncmp(a_tm_s, "49", 2) <= 0)
-		a_y2k = 1;
-	else
-		a_y2k = 0;
-
-	for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++)
-		{
-		rrow = sk_OPENSSL_PSTRING_value(db->db->data, i);
-
-		if (rrow[DB_type][0] == 'V')
-		 	{
-			/* ignore entries that are not valid */
-			if (strncmp(rrow[DB_exp_date], "49", 2) <= 0)
-				db_y2k = 1;
-			else
-				db_y2k = 0;
-
-			if (db_y2k == a_y2k)
-				{
-				/* all on the same y2k side */
-				if (strcmp(rrow[DB_exp_date], a_tm_s) <= 0)
-				       	{
-				       	rrow[DB_type][0]  = 'E';
-				       	rrow[DB_type][1]  = '\0';
-	  				cnt++;
-
-					BIO_printf(bio_err, "%s=Expired\n",
-							rrow[DB_serial]);
-					}
-				}
-			else if (db_y2k < a_y2k)
-				{
-		  		rrow[DB_type][0]  = 'E';
-		  		rrow[DB_type][1]  = '\0';
-	  			cnt++;
-
-				BIO_printf(bio_err, "%s=Expired\n",
-							rrow[DB_serial]);
-				}
-
-			}
-    		}
-
-err:
-
-	ASN1_UTCTIME_free(a_tm);
-	OPENSSL_free(a_tm_s);
-
-	return (cnt);
-	}
-
-static const char *crl_reasons[] = {
-	/* CRL reason strings */
-	"unspecified",
-	"keyCompromise",
-	"CACompromise",
-	"affiliationChanged",
-	"superseded", 
-	"cessationOfOperation",
-	"certificateHold",
-	"removeFromCRL",
-	/* Additional pseudo reasons */
-	"holdInstruction",
-	"keyTime",
-	"CAkeyTime"
-};
-
-#define NUM_REASONS (sizeof(crl_reasons) / sizeof(char *))
-
-/* Given revocation information convert to a DB string.
- * The format of the string is:
- * revtime[,reason,extra]. Where 'revtime' is the
- * revocation time (the current time). 'reason' is the
- * optional CRL reason and 'extra' is any additional
- * argument
- */
-
-char *make_revocation_str(int rev_type, char *rev_arg)
-	{
-	char *other = NULL, *str;
-	const char *reason = NULL;
-	ASN1_OBJECT *otmp;
-	ASN1_UTCTIME *revtm = NULL;
-	int i;
-	switch (rev_type)
-		{
-	case REV_NONE:
-		break;
-
-	case REV_CRL_REASON:
-		for (i = 0; i < 8; i++)
-			{
-			if (!strcasecmp(rev_arg, crl_reasons[i]))
-				{
-				reason = crl_reasons[i];
-				break;
-				}
-			}
-		if (reason == NULL)
-			{
-			BIO_printf(bio_err, "Unknown CRL reason %s\n", rev_arg);
-			return NULL;
-			}
-		break;
-
-	case REV_HOLD:
-		/* Argument is an OID */
-
-		otmp = OBJ_txt2obj(rev_arg, 0);
-		ASN1_OBJECT_free(otmp);
-
-		if (otmp == NULL)
-			{
-			BIO_printf(bio_err, "Invalid object identifier %s\n", rev_arg);
-			return NULL;
-			}
-
-		reason = "holdInstruction";
-		other = rev_arg;
-		break;
-		
-	case REV_KEY_COMPROMISE:
-	case REV_CA_COMPROMISE:
-
-		/* Argument is the key compromise time  */
-		if (!ASN1_GENERALIZEDTIME_set_string(NULL, rev_arg))
-			{	
-			BIO_printf(bio_err, "Invalid time format %s. Need YYYYMMDDHHMMSSZ\n", rev_arg);
-			return NULL;
-			}
-		other = rev_arg;
-		if (rev_type == REV_KEY_COMPROMISE)
-			reason = "keyTime";
-		else 
-			reason = "CAkeyTime";
-
-		break;
-
-		}
-
-	revtm = X509_gmtime_adj(NULL, 0);
-
-	i = revtm->length + 1;
-
-	if (reason) i += strlen(reason) + 1;
-	if (other) i += strlen(other) + 1;
-
-	str = OPENSSL_malloc(i);
-
-	if (!str) return NULL;
-
-	BUF_strlcpy(str, (char *)revtm->data, i);
-	if (reason)
-		{
-		BUF_strlcat(str, ",", i);
-		BUF_strlcat(str, reason, i);
-		}
-	if (other)
-		{
-		BUF_strlcat(str, ",", i);
-		BUF_strlcat(str, other, i);
-		}
-	ASN1_UTCTIME_free(revtm);
-	return str;
-	}
-
-/* Convert revocation field to X509_REVOKED entry 
- * return code:
- * 0 error
- * 1 OK
- * 2 OK and some extensions added (i.e. V2 CRL)
- */
-
-
-int make_revoked(X509_REVOKED *rev, const char *str)
-	{
-	char *tmp = NULL;
-	int reason_code = -1;
-	int i, ret = 0;
-	ASN1_OBJECT *hold = NULL;
-	ASN1_GENERALIZEDTIME *comp_time = NULL;
-	ASN1_ENUMERATED *rtmp = NULL;
-
-	ASN1_TIME *revDate = NULL;
-
-	i = unpack_revinfo(&revDate, &reason_code, &hold, &comp_time, str);
-
-	if (i == 0)
-		goto err;
-
-	if (rev && !X509_REVOKED_set_revocationDate(rev, revDate))
-		goto err;
-
-	if (rev && (reason_code != OCSP_REVOKED_STATUS_NOSTATUS))
-		{
-		rtmp = ASN1_ENUMERATED_new();
-		if (!rtmp || !ASN1_ENUMERATED_set(rtmp, reason_code))
-			goto err;
-		if (!X509_REVOKED_add1_ext_i2d(rev, NID_crl_reason, rtmp, 0, 0))
-			goto err;
-		}
-
-	if (rev && comp_time)
-		{
-		if (!X509_REVOKED_add1_ext_i2d(rev, NID_invalidity_date, comp_time, 0, 0))
-			goto err;
-		}
-	if (rev && hold)
-		{
-		if (!X509_REVOKED_add1_ext_i2d(rev, NID_hold_instruction_code, hold, 0, 0))
-			goto err;
-		}
-
-	if (reason_code != OCSP_REVOKED_STATUS_NOSTATUS)
-		ret = 2;
-	else ret = 1;
-
-	err:
-
-	if (tmp) OPENSSL_free(tmp);
-	ASN1_OBJECT_free(hold);
-	ASN1_GENERALIZEDTIME_free(comp_time);
-	ASN1_ENUMERATED_free(rtmp);
-	ASN1_TIME_free(revDate);
-
-	return ret;
-	}
-
-int old_entry_print(BIO *bp, ASN1_OBJECT *obj, ASN1_STRING *str)
-	{
-	char buf[25],*pbuf, *p;
-	int j;
-	j=i2a_ASN1_OBJECT(bp,obj);
-	pbuf=buf;
-	for (j=22-j; j>0; j--)
-		*(pbuf++)=' ';
-	*(pbuf++)=':';
-	*(pbuf++)='\0';
-	BIO_puts(bp,buf);
-
-	if (str->type == V_ASN1_PRINTABLESTRING)
-		BIO_printf(bp,"PRINTABLE:'");
-	else if (str->type == V_ASN1_T61STRING)
-		BIO_printf(bp,"T61STRING:'");
-	else if (str->type == V_ASN1_IA5STRING)
-		BIO_printf(bp,"IA5STRING:'");
-	else if (str->type == V_ASN1_UNIVERSALSTRING)
-		BIO_printf(bp,"UNIVERSALSTRING:'");
-	else
-		BIO_printf(bp,"ASN.1 %2d:'",str->type);
-			
-	p=(char *)str->data;
-	for (j=str->length; j>0; j--)
-		{
-		if ((*p >= ' ') && (*p <= '~'))
-			BIO_printf(bp,"%c",*p);
-		else if (*p & 0x80)
-			BIO_printf(bp,"\\0x%02X",*p);
-		else if ((unsigned char)*p == 0xf7)
-			BIO_printf(bp,"^?");
-		else	BIO_printf(bp,"^%c",*p+'@');
-		p++;
-		}
-	BIO_printf(bp,"'\n");
-	return 1;
-	}
-
-int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold, ASN1_GENERALIZEDTIME **pinvtm, const char *str)
-	{
-	char *tmp = NULL;
-	char *rtime_str, *reason_str = NULL, *arg_str = NULL, *p;
-	int reason_code = -1;
-	int ret = 0;
-	unsigned int i;
-	ASN1_OBJECT *hold = NULL;
-	ASN1_GENERALIZEDTIME *comp_time = NULL;
-	tmp = BUF_strdup(str);
-
-	p = strchr(tmp, ',');
-
-	rtime_str = tmp;
-
-	if (p)
-		{
-		*p = '\0';
-		p++;
-		reason_str = p;
-		p = strchr(p, ',');
-		if (p)
-			{
-			*p = '\0';
-			arg_str = p + 1;
-			}
-		}
-
-	if (prevtm)
-		{
-		*prevtm = ASN1_UTCTIME_new();
-		if (!ASN1_UTCTIME_set_string(*prevtm, rtime_str))
-			{
-			BIO_printf(bio_err, "invalid revocation date %s\n", rtime_str);
-			goto err;
-			}
-		}
-	if (reason_str)
-		{
-		for (i = 0; i < NUM_REASONS; i++)
-			{
-			if(!strcasecmp(reason_str, crl_reasons[i]))
-				{
-				reason_code = i;
-				break;
-				}
-			}
-		if (reason_code == OCSP_REVOKED_STATUS_NOSTATUS)
-			{
-			BIO_printf(bio_err, "invalid reason code %s\n", reason_str);
-			goto err;
-			}
-
-		if (reason_code == 7)
-			reason_code = OCSP_REVOKED_STATUS_REMOVEFROMCRL;
-		else if (reason_code == 8)		/* Hold instruction */
-			{
-			if (!arg_str)
-				{	
-				BIO_printf(bio_err, "missing hold instruction\n");
-				goto err;
-				}
-			reason_code = OCSP_REVOKED_STATUS_CERTIFICATEHOLD;
-			hold = OBJ_txt2obj(arg_str, 0);
-
-			if (!hold)
-				{
-				BIO_printf(bio_err, "invalid object identifier %s\n", arg_str);
-				goto err;
-				}
-			if (phold) *phold = hold;
-			}
-		else if ((reason_code == 9) || (reason_code == 10))
-			{
-			if (!arg_str)
-				{	
-				BIO_printf(bio_err, "missing compromised time\n");
-				goto err;
-				}
-			comp_time = ASN1_GENERALIZEDTIME_new();
-			if (!ASN1_GENERALIZEDTIME_set_string(comp_time, arg_str))
-				{	
-				BIO_printf(bio_err, "invalid compromised time %s\n", arg_str);
-				goto err;
-				}
-			if (reason_code == 9)
-				reason_code = OCSP_REVOKED_STATUS_KEYCOMPROMISE;
-			else
-				reason_code = OCSP_REVOKED_STATUS_CACOMPROMISE;
-			}
-		}
-
-	if (preason) *preason = reason_code;
-	if (pinvtm) *pinvtm = comp_time;
-	else ASN1_GENERALIZEDTIME_free(comp_time);
-
-	ret = 1;
-
-	err:
-
-	if (tmp) OPENSSL_free(tmp);
-	if (!phold) ASN1_OBJECT_free(hold);
-	if (!pinvtm) ASN1_GENERALIZEDTIME_free(comp_time);
-
-	return ret;
-	}
diff --git a/deps/openssl/openssl/apps/cert.pem b/deps/openssl/openssl/apps/cert.pem
deleted file mode 100644
index de4a77ac6db..00000000000
--- a/deps/openssl/openssl/apps/cert.pem
+++ /dev/null
@@ -1,11 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIBoDCCAUoCAQAwDQYJKoZIhvcNAQEEBQAwYzELMAkGA1UEBhMCQVUxEzARBgNV
-BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMSMwIQYD
-VQQDExpTZXJ2ZXIgdGVzdCBjZXJ0ICg1MTIgYml0KTAeFw05NzA5MDkwMzQxMjZa
-Fw05NzEwMDkwMzQxMjZaMF4xCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0
-YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxFzAVBgNVBAMT
-DkVyaWMgdGhlIFlvdW5nMFEwCQYFKw4DAgwFAANEAAJBALVEqPODnpI4rShlY8S7
-tB713JNvabvn6Gned7zylwLLiXQAo/PAT6mfdWPTyCX9RlId/Aroh1ou893BA32Q
-sggwDQYJKoZIhvcNAQEEBQADQQCU5SSgapJSdRXJoX+CpCvFy+JVh9HpSjCpSNKO
-19raHv98hKAUJuP9HyM+SUsffO6mAIgitUaqW8/wDMePhEC3
------END CERTIFICATE-----
diff --git a/deps/openssl/openssl/apps/ciphers.c b/deps/openssl/openssl/apps/ciphers.c
deleted file mode 100644
index 3d4c60db9e1..00000000000
--- a/deps/openssl/openssl/apps/ciphers.c
+++ /dev/null
@@ -1,231 +0,0 @@
-/* apps/ciphers.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include 
-#include 
-#include 
-#ifdef OPENSSL_NO_STDIO
-#define APPS_WIN16
-#endif
-#include "apps.h"
-#include 
-#include 
-
-#undef PROG
-#define PROG	ciphers_main
-
-static const char *ciphers_usage[]={
-"usage: ciphers args\n",
-" -v          - verbose mode, a textual listing of the SSL/TLS ciphers in OpenSSL\n",
-" -V          - even more verbose\n",
-" -ssl2       - SSL2 mode\n",
-" -ssl3       - SSL3 mode\n",
-" -tls1       - TLS1 mode\n",
-NULL
-};
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	int ret=1,i;
-	int verbose=0,Verbose=0;
-	const char **pp;
-	const char *p;
-	int badops=0;
-	SSL_CTX *ctx=NULL;
-	SSL *ssl=NULL;
-	char *ciphers=NULL;
-	const SSL_METHOD *meth=NULL;
-	STACK_OF(SSL_CIPHER) *sk;
-	char buf[512];
-	BIO *STDout=NULL;
-
-#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
-	meth=SSLv23_server_method();
-#elif !defined(OPENSSL_NO_SSL3)
-	meth=SSLv3_server_method();
-#elif !defined(OPENSSL_NO_SSL2)
-	meth=SSLv2_server_method();
-#endif
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
-	STDout=BIO_new_fp(stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-	{
-	BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-	STDout = BIO_push(tmpbio, STDout);
-	}
-#endif
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if (strcmp(*argv,"-v") == 0)
-			verbose=1;
-		else if (strcmp(*argv,"-V") == 0)
-			verbose=Verbose=1;
-#ifndef OPENSSL_NO_SSL2
-		else if (strcmp(*argv,"-ssl2") == 0)
-			meth=SSLv2_client_method();
-#endif
-#ifndef OPENSSL_NO_SSL3
-		else if (strcmp(*argv,"-ssl3") == 0)
-			meth=SSLv3_client_method();
-#endif
-#ifndef OPENSSL_NO_TLS1
-		else if (strcmp(*argv,"-tls1") == 0)
-			meth=TLSv1_client_method();
-#endif
-		else if ((strncmp(*argv,"-h",2) == 0) ||
-			 (strcmp(*argv,"-?") == 0))
-			{
-			badops=1;
-			break;
-			}
-		else
-			{
-			ciphers= *argv;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-		for (pp=ciphers_usage; (*pp != NULL); pp++)
-			BIO_printf(bio_err,"%s",*pp);
-		goto end;
-		}
-
-	OpenSSL_add_ssl_algorithms();
-
-	ctx=SSL_CTX_new(meth);
-	if (ctx == NULL) goto err;
-	if (ciphers != NULL) {
-		if(!SSL_CTX_set_cipher_list(ctx,ciphers)) {
-			BIO_printf(bio_err, "Error in cipher list\n");
-			goto err;
-		}
-	}
-	ssl=SSL_new(ctx);
-	if (ssl == NULL) goto err;
-
-
-	if (!verbose)
-		{
-		for (i=0; ; i++)
-			{
-			p=SSL_get_cipher_list(ssl,i);
-			if (p == NULL) break;
-			if (i != 0) BIO_printf(STDout,":");
-			BIO_printf(STDout,"%s",p);
-			}
-		BIO_printf(STDout,"\n");
-		}
-	else /* verbose */
-		{
-		sk=SSL_get_ciphers(ssl);
-
-		for (i=0; iid;
-				int id0 = (int)(id >> 24);
-				int id1 = (int)((id >> 16) & 0xffL);
-				int id2 = (int)((id >> 8) & 0xffL);
-				int id3 = (int)(id & 0xffL);
-				
-				if ((id & 0xff000000L) == 0x02000000L)
-					BIO_printf(STDout, "     0x%02X,0x%02X,0x%02X - ", id1, id2, id3); /* SSL2 cipher */
-				else if ((id & 0xff000000L) == 0x03000000L)
-					BIO_printf(STDout, "          0x%02X,0x%02X - ", id2, id3); /* SSL3 cipher */
-				else
-					BIO_printf(STDout, "0x%02X,0x%02X,0x%02X,0x%02X - ", id0, id1, id2, id3); /* whatever */
-				}
-
-			BIO_puts(STDout,SSL_CIPHER_description(c,buf,sizeof buf));
-			}
-		}
-
-	ret=0;
-	if (0)
-		{
-err:
-		SSL_load_error_strings();
-		ERR_print_errors(bio_err);
-		}
-end:
-	if (ctx != NULL) SSL_CTX_free(ctx);
-	if (ssl != NULL) SSL_free(ssl);
-	if (STDout != NULL) BIO_free_all(STDout);
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-
diff --git a/deps/openssl/openssl/apps/client.pem b/deps/openssl/openssl/apps/client.pem
deleted file mode 100644
index 307910e56e5..00000000000
--- a/deps/openssl/openssl/apps/client.pem
+++ /dev/null
@@ -1,24 +0,0 @@
-issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
-subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Client test cert (512 bit)
------BEGIN CERTIFICATE-----
-MIIB6TCCAVICAQIwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
-BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD
-VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTcwNjA5MTM1NzU2WhcNOTgwNjA5
-MTM1NzU2WjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
-A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGkNsaWVudCB0ZXN0IGNl
-cnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALtv55QyzG6i2Plw
-Z1pah7++Gv8L5j6Hnyr/uTZE1NLG0ABDDexmq/R4KedLjFEIYjocDui+IXs62NNt
-XrT8odkCAwEAATANBgkqhkiG9w0BAQQFAAOBgQBwtMmI7oGUG8nKmftQssATViH5
-NRRtoEw07DxJp/LfatHdrhqQB73eGdL5WILZJXk46Xz2e9WMSUjVCSYhdKxtflU3
-UR2Ajv1Oo0sTNdfz0wDqJNirLNtzyhhsaq8qMTrLwXrCP31VxBiigFSQSUFnZyTE
-9TKwhS4GlwbtCfxSKQ==
------END CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-MIIBOwIBAAJBALtv55QyzG6i2PlwZ1pah7++Gv8L5j6Hnyr/uTZE1NLG0ABDDexm
-q/R4KedLjFEIYjocDui+IXs62NNtXrT8odkCAwEAAQJAbwXq0vJ/+uyEvsNgxLko
-/V86mGXQ/KrSkeKlL0r4ENxjcyeMAGoKu6J9yMY7+X9+Zm4nxShNfTsf/+Freoe1
-HQIhAPOSm5Q1YI+KIsII2GeVJx1U69+wnd71OasIPakS1L1XAiEAxQAW+J3/JWE0
-ftEYakbhUOKL8tD1OaFZS71/5GdG7E8CIQCefUMmySSvwd6kC0VlATSWbW+d+jp/
-nWmM1KvqnAo5uQIhALqEADu5U1Wvt8UN8UDGBRPQulHWNycuNV45d3nnskWPAiAw
-ueTyr6WsZ5+SD8g/Hy3xuvF3nPmJRH+rwvVihlcFOg==
------END RSA PRIVATE KEY-----
diff --git a/deps/openssl/openssl/apps/cms.c b/deps/openssl/openssl/apps/cms.c
deleted file mode 100644
index 3f5ee1b577c..00000000000
--- a/deps/openssl/openssl/apps/cms.c
+++ /dev/null
@@ -1,1362 +0,0 @@
-/* apps/cms.c */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-/* CMS utility function */
-
-#include 
-#include 
-#include "apps.h"
-
-#ifndef OPENSSL_NO_CMS
-
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-
-#undef PROG
-#define PROG cms_main
-static int save_certs(char *signerfile, STACK_OF(X509) *signers);
-static int cms_cb(int ok, X509_STORE_CTX *ctx);
-static void receipt_request_print(BIO *out, CMS_ContentInfo *cms);
-static CMS_ReceiptRequest *make_receipt_request(STACK_OF(OPENSSL_STRING) *rr_to,
-						int rr_allorfirst,
-					STACK_OF(OPENSSL_STRING) *rr_from);
-
-#define SMIME_OP	0x10
-#define SMIME_IP	0x20
-#define SMIME_SIGNERS	0x40
-#define SMIME_ENCRYPT		(1 | SMIME_OP)
-#define SMIME_DECRYPT		(2 | SMIME_IP)
-#define SMIME_SIGN		(3 | SMIME_OP | SMIME_SIGNERS)
-#define SMIME_VERIFY		(4 | SMIME_IP)
-#define SMIME_CMSOUT		(5 | SMIME_IP | SMIME_OP)
-#define SMIME_RESIGN		(6 | SMIME_IP | SMIME_OP | SMIME_SIGNERS)
-#define SMIME_DATAOUT		(7 | SMIME_IP)
-#define SMIME_DATA_CREATE	(8 | SMIME_OP)
-#define SMIME_DIGEST_VERIFY	(9 | SMIME_IP)
-#define SMIME_DIGEST_CREATE	(10 | SMIME_OP)
-#define SMIME_UNCOMPRESS	(11 | SMIME_IP)
-#define SMIME_COMPRESS		(12 | SMIME_OP)
-#define SMIME_ENCRYPTED_DECRYPT	(13 | SMIME_IP)
-#define SMIME_ENCRYPTED_ENCRYPT	(14 | SMIME_OP)
-#define SMIME_SIGN_RECEIPT	(15 | SMIME_IP | SMIME_OP)
-#define SMIME_VERIFY_RECEIPT	(16 | SMIME_IP)
-
-int verify_err = 0;
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	ENGINE *e = NULL;
-	int operation = 0;
-	int ret = 0;
-	char **args;
-	const char *inmode = "r", *outmode = "w";
-	char *infile = NULL, *outfile = NULL, *rctfile = NULL;
-	char *signerfile = NULL, *recipfile = NULL;
-	STACK_OF(OPENSSL_STRING) *sksigners = NULL, *skkeys = NULL;
-	char *certfile = NULL, *keyfile = NULL, *contfile=NULL;
-	char *certsoutfile = NULL;
-	const EVP_CIPHER *cipher = NULL;
-	CMS_ContentInfo *cms = NULL, *rcms = NULL;
-	X509_STORE *store = NULL;
-	X509 *cert = NULL, *recip = NULL, *signer = NULL;
-	EVP_PKEY *key = NULL;
-	STACK_OF(X509) *encerts = NULL, *other = NULL;
-	BIO *in = NULL, *out = NULL, *indata = NULL, *rctin = NULL;
-	int badarg = 0;
-	int flags = CMS_DETACHED, noout = 0, print = 0;
-	int verify_retcode = 0;
-	int rr_print = 0, rr_allorfirst = -1;
-	STACK_OF(OPENSSL_STRING) *rr_to = NULL, *rr_from = NULL;
-	CMS_ReceiptRequest *rr = NULL;
-	char *to = NULL, *from = NULL, *subject = NULL;
-	char *CAfile = NULL, *CApath = NULL;
-	char *passargin = NULL, *passin = NULL;
-	char *inrand = NULL;
-	int need_rand = 0;
-	const EVP_MD *sign_md = NULL;
-	int informat = FORMAT_SMIME, outformat = FORMAT_SMIME;
-        int rctformat = FORMAT_SMIME, keyform = FORMAT_PEM;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-	unsigned char *secret_key = NULL, *secret_keyid = NULL;
-	size_t secret_keylen = 0, secret_keyidlen = 0;
-
-	ASN1_OBJECT *econtent_type = NULL;
-
-	X509_VERIFY_PARAM *vpm = NULL;
-
-	args = argv + 1;
-	ret = 1;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		{
-		if ((bio_err = BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err, stderr, BIO_NOCLOSE|BIO_FP_TEXT);
-		}
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	while (!badarg && *args && *args[0] == '-')
-		{
-		if (!strcmp (*args, "-encrypt"))
-			operation = SMIME_ENCRYPT;
-		else if (!strcmp (*args, "-decrypt"))
-			operation = SMIME_DECRYPT;
-		else if (!strcmp (*args, "-sign"))
-			operation = SMIME_SIGN;
-		else if (!strcmp (*args, "-sign_receipt"))
-			operation = SMIME_SIGN_RECEIPT;
-		else if (!strcmp (*args, "-resign"))
-			operation = SMIME_RESIGN;
-		else if (!strcmp (*args, "-verify"))
-			operation = SMIME_VERIFY;
-		else if (!strcmp (*args, "-verify_retcode"))
-			verify_retcode = 1;
-		else if (!strcmp(*args,"-verify_receipt"))
-			{
-			operation = SMIME_VERIFY_RECEIPT;
-			if (!args[1])
-				goto argerr;
-			args++;
-			rctfile = *args;
-			}
-		else if (!strcmp (*args, "-cmsout"))
-			operation = SMIME_CMSOUT;
-		else if (!strcmp (*args, "-data_out"))
-			operation = SMIME_DATAOUT;
-		else if (!strcmp (*args, "-data_create"))
-			operation = SMIME_DATA_CREATE;
-		else if (!strcmp (*args, "-digest_verify"))
-			operation = SMIME_DIGEST_VERIFY;
-		else if (!strcmp (*args, "-digest_create"))
-			operation = SMIME_DIGEST_CREATE;
-		else if (!strcmp (*args, "-compress"))
-			operation = SMIME_COMPRESS;
-		else if (!strcmp (*args, "-uncompress"))
-			operation = SMIME_UNCOMPRESS;
-		else if (!strcmp (*args, "-EncryptedData_decrypt"))
-			operation = SMIME_ENCRYPTED_DECRYPT;
-		else if (!strcmp (*args, "-EncryptedData_encrypt"))
-			operation = SMIME_ENCRYPTED_ENCRYPT;
-#ifndef OPENSSL_NO_DES
-		else if (!strcmp (*args, "-des3")) 
-				cipher = EVP_des_ede3_cbc();
-		else if (!strcmp (*args, "-des")) 
-				cipher = EVP_des_cbc();
-#endif
-#ifndef OPENSSL_NO_SEED
-		else if (!strcmp (*args, "-seed")) 
-				cipher = EVP_seed_cbc();
-#endif
-#ifndef OPENSSL_NO_RC2
-		else if (!strcmp (*args, "-rc2-40")) 
-				cipher = EVP_rc2_40_cbc();
-		else if (!strcmp (*args, "-rc2-128")) 
-				cipher = EVP_rc2_cbc();
-		else if (!strcmp (*args, "-rc2-64")) 
-				cipher = EVP_rc2_64_cbc();
-#endif
-#ifndef OPENSSL_NO_AES
-		else if (!strcmp(*args,"-aes128"))
-				cipher = EVP_aes_128_cbc();
-		else if (!strcmp(*args,"-aes192"))
-				cipher = EVP_aes_192_cbc();
-		else if (!strcmp(*args,"-aes256"))
-				cipher = EVP_aes_256_cbc();
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-		else if (!strcmp(*args,"-camellia128"))
-				cipher = EVP_camellia_128_cbc();
-		else if (!strcmp(*args,"-camellia192"))
-				cipher = EVP_camellia_192_cbc();
-		else if (!strcmp(*args,"-camellia256"))
-				cipher = EVP_camellia_256_cbc();
-#endif
-		else if (!strcmp (*args, "-text")) 
-				flags |= CMS_TEXT;
-		else if (!strcmp (*args, "-nointern")) 
-				flags |= CMS_NOINTERN;
-		else if (!strcmp (*args, "-noverify") 
-			|| !strcmp (*args, "-no_signer_cert_verify")) 
-				flags |= CMS_NO_SIGNER_CERT_VERIFY;
-		else if (!strcmp (*args, "-nocerts")) 
-				flags |= CMS_NOCERTS;
-		else if (!strcmp (*args, "-noattr")) 
-				flags |= CMS_NOATTR;
-		else if (!strcmp (*args, "-nodetach")) 
-				flags &= ~CMS_DETACHED;
-		else if (!strcmp (*args, "-nosmimecap"))
-				flags |= CMS_NOSMIMECAP;
-		else if (!strcmp (*args, "-binary"))
-				flags |= CMS_BINARY;
-		else if (!strcmp (*args, "-keyid"))
-				flags |= CMS_USE_KEYID;
-		else if (!strcmp (*args, "-nosigs"))
-				flags |= CMS_NOSIGS;
-		else if (!strcmp (*args, "-no_content_verify"))
-				flags |= CMS_NO_CONTENT_VERIFY;
-		else if (!strcmp (*args, "-no_attr_verify"))
-				flags |= CMS_NO_ATTR_VERIFY;
-		else if (!strcmp (*args, "-stream"))
-				flags |= CMS_STREAM;
-		else if (!strcmp (*args, "-indef"))
-				flags |= CMS_STREAM;
-		else if (!strcmp (*args, "-noindef"))
-				flags &= ~CMS_STREAM;
-		else if (!strcmp (*args, "-nooldmime"))
-				flags |= CMS_NOOLDMIMETYPE;
-		else if (!strcmp (*args, "-crlfeol"))
-				flags |= CMS_CRLFEOL;
-		else if (!strcmp (*args, "-noout"))
-				noout = 1;
-		else if (!strcmp (*args, "-receipt_request_print"))
-				rr_print = 1;
-		else if (!strcmp (*args, "-receipt_request_all"))
-				rr_allorfirst = 0;
-		else if (!strcmp (*args, "-receipt_request_first"))
-				rr_allorfirst = 1;
-		else if (!strcmp(*args,"-receipt_request_from"))
-			{
-			if (!args[1])
-				goto argerr;
-			args++;
-			if (!rr_from)
-				rr_from = sk_OPENSSL_STRING_new_null();
-			sk_OPENSSL_STRING_push(rr_from, *args);
-			}
-		else if (!strcmp(*args,"-receipt_request_to"))
-			{
-			if (!args[1])
-				goto argerr;
-			args++;
-			if (!rr_to)
-				rr_to = sk_OPENSSL_STRING_new_null();
-			sk_OPENSSL_STRING_push(rr_to, *args);
-			}
-		else if (!strcmp (*args, "-print"))
-				{
-				noout = 1;
-				print = 1;
-				}
-		else if (!strcmp(*args,"-secretkey"))
-			{
-			long ltmp;
-			if (!args[1])
-				goto argerr;
-			args++;
-			secret_key = string_to_hex(*args, <mp);
-			if (!secret_key)
-				{
-				BIO_printf(bio_err, "Invalid key %s\n", *args);
-				goto argerr;
-				}
-			secret_keylen = (size_t)ltmp;
-			}
-		else if (!strcmp(*args,"-secretkeyid"))
-			{
-			long ltmp;
-			if (!args[1])
-				goto argerr;
-			args++;
-			secret_keyid = string_to_hex(*args, <mp);
-			if (!secret_keyid)
-				{
-				BIO_printf(bio_err, "Invalid id %s\n", *args);
-				goto argerr;
-				}
-			secret_keyidlen = (size_t)ltmp;
-			}
-		else if (!strcmp(*args,"-econtent_type"))
-			{
-			if (!args[1])
-				goto argerr;
-			args++;
-			econtent_type = OBJ_txt2obj(*args, 0);
-			if (!econtent_type)
-				{
-				BIO_printf(bio_err, "Invalid OID %s\n", *args);
-				goto argerr;
-				}
-			}
-		else if (!strcmp(*args,"-rand"))
-			{
-			if (!args[1])
-				goto argerr;
-			args++;
-			inrand = *args;
-			need_rand = 1;
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (!strcmp(*args,"-engine"))
-			{
-			if (!args[1])
-				goto argerr;
-			engine = *++args;
-			}
-#endif
-		else if (!strcmp(*args,"-passin"))
-			{
-			if (!args[1])
-				goto argerr;
-			passargin = *++args;
-			}
-		else if (!strcmp (*args, "-to"))
-			{
-			if (!args[1])
-				goto argerr;
-			to = *++args;
-			}
-		else if (!strcmp (*args, "-from"))
-			{
-			if (!args[1])
-				goto argerr;
-			from = *++args;
-			}
-		else if (!strcmp (*args, "-subject"))
-			{
-			if (!args[1])
-				goto argerr;
-			subject = *++args;
-			}
-		else if (!strcmp (*args, "-signer"))
-			{
-			if (!args[1])
-				goto argerr;
-			/* If previous -signer argument add signer to list */
-
-			if (signerfile)
-				{
-				if (!sksigners)
-					sksigners = sk_OPENSSL_STRING_new_null();
-				sk_OPENSSL_STRING_push(sksigners, signerfile);
-				if (!keyfile)
-					keyfile = signerfile;
-				if (!skkeys)
-					skkeys = sk_OPENSSL_STRING_new_null();
-				sk_OPENSSL_STRING_push(skkeys, keyfile);
-				keyfile = NULL;
-				}
-			signerfile = *++args;
-			}
-		else if (!strcmp (*args, "-recip"))
-			{
-			if (!args[1])
-				goto argerr;
-			recipfile = *++args;
-			}
-		else if (!strcmp (*args, "-certsout"))
-			{
-			if (!args[1])
-				goto argerr;
-			certsoutfile = *++args;
-			}
-		else if (!strcmp (*args, "-md"))
-			{
-			if (!args[1])
-				goto argerr;
-			sign_md = EVP_get_digestbyname(*++args);
-			if (sign_md == NULL)
-				{
-				BIO_printf(bio_err, "Unknown digest %s\n",
-							*args);
-				goto argerr;
-				}
-			}
-		else if (!strcmp (*args, "-inkey"))
-			{
-			if (!args[1])	
-				goto argerr;
-			/* If previous -inkey arument add signer to list */
-			if (keyfile)
-				{
-				if (!signerfile)
-					{
-					BIO_puts(bio_err, "Illegal -inkey without -signer\n");
-					goto argerr;
-					}
-				if (!sksigners)
-					sksigners = sk_OPENSSL_STRING_new_null();
-				sk_OPENSSL_STRING_push(sksigners, signerfile);
-				signerfile = NULL;
-				if (!skkeys)
-					skkeys = sk_OPENSSL_STRING_new_null();
-				sk_OPENSSL_STRING_push(skkeys, keyfile);
-				}
-			keyfile = *++args;
-			}
-		else if (!strcmp (*args, "-keyform"))
-			{
-			if (!args[1])
-				goto argerr;
-			keyform = str2fmt(*++args);
-			}
-		else if (!strcmp (*args, "-rctform"))
-			{
-			if (!args[1])
-				goto argerr;
-			rctformat = str2fmt(*++args);
-			}
-		else if (!strcmp (*args, "-certfile"))
-			{
-			if (!args[1])
-				goto argerr;
-			certfile = *++args;
-			}
-		else if (!strcmp (*args, "-CAfile"))
-			{
-			if (!args[1])
-				goto argerr;
-			CAfile = *++args;
-			}
-		else if (!strcmp (*args, "-CApath"))
-			{
-			if (!args[1])
-				goto argerr;
-			CApath = *++args;
-			}
-		else if (!strcmp (*args, "-in"))
-			{
-			if (!args[1])
-				goto argerr;
-			infile = *++args;
-			}
-		else if (!strcmp (*args, "-inform"))
-			{
-			if (!args[1])
-				goto argerr;
-			informat = str2fmt(*++args);
-			}
-		else if (!strcmp (*args, "-outform"))
-			{
-			if (!args[1])
-				goto argerr;
-			outformat = str2fmt(*++args);
-			}
-		else if (!strcmp (*args, "-out"))
-			{
-			if (!args[1])
-				goto argerr;
-			outfile = *++args;
-			}
-		else if (!strcmp (*args, "-content"))
-			{
-			if (!args[1])
-				goto argerr;
-			contfile = *++args;
-			}
-		else if (args_verify(&args, NULL, &badarg, bio_err, &vpm))
-			continue;
-		else if ((cipher = EVP_get_cipherbyname(*args + 1)) == NULL)
-			badarg = 1;
-		args++;
-		}
-
-	if (((rr_allorfirst != -1) || rr_from) && !rr_to)
-		{
-		BIO_puts(bio_err, "No Signed Receipts Recipients\n");
-		goto argerr;
-		}
-
-	if (!(operation & SMIME_SIGNERS)  && (rr_to || rr_from))
-		{
-		BIO_puts(bio_err, "Signed receipts only allowed with -sign\n");
-		goto argerr;
-		}
-	if (!(operation & SMIME_SIGNERS) && (skkeys || sksigners))
-		{
-		BIO_puts(bio_err, "Multiple signers or keys not allowed\n");
-		goto argerr;
-		}
-
-	if (operation & SMIME_SIGNERS)
-		{
-		if (keyfile && !signerfile)
-			{
-			BIO_puts(bio_err, "Illegal -inkey without -signer\n");
-			goto argerr;
-			}
-		/* Check to see if any final signer needs to be appended */
-		if (signerfile)
-			{
-			if (!sksigners)
-				sksigners = sk_OPENSSL_STRING_new_null();
-			sk_OPENSSL_STRING_push(sksigners, signerfile);
-			if (!skkeys)
-				skkeys = sk_OPENSSL_STRING_new_null();
-			if (!keyfile)
-				keyfile = signerfile;
-			sk_OPENSSL_STRING_push(skkeys, keyfile);
-			}
-		if (!sksigners)
-			{
-			BIO_printf(bio_err, "No signer certificate specified\n");
-			badarg = 1;
-			}
-		signerfile = NULL;
-		keyfile = NULL;
-		need_rand = 1;
-		}
-
-	else if (operation == SMIME_DECRYPT)
-		{
-		if (!recipfile && !keyfile && !secret_key)
-			{
-			BIO_printf(bio_err, "No recipient certificate or key specified\n");
-			badarg = 1;
-			}
-		}
-	else if (operation == SMIME_ENCRYPT)
-		{
-		if (!*args && !secret_key)
-			{
-			BIO_printf(bio_err, "No recipient(s) certificate(s) specified\n");
-			badarg = 1;
-			}
-		need_rand = 1;
-		}
-	else if (!operation)
-		badarg = 1;
-
-	if (badarg)
-		{
-		argerr:
-		BIO_printf (bio_err, "Usage cms [options] cert.pem ...\n");
-		BIO_printf (bio_err, "where options are\n");
-		BIO_printf (bio_err, "-encrypt       encrypt message\n");
-		BIO_printf (bio_err, "-decrypt       decrypt encrypted message\n");
-		BIO_printf (bio_err, "-sign          sign message\n");
-		BIO_printf (bio_err, "-verify        verify signed message\n");
-		BIO_printf (bio_err, "-cmsout        output CMS structure\n");
-#ifndef OPENSSL_NO_DES
-		BIO_printf (bio_err, "-des3          encrypt with triple DES\n");
-		BIO_printf (bio_err, "-des           encrypt with DES\n");
-#endif
-#ifndef OPENSSL_NO_SEED
-		BIO_printf (bio_err, "-seed          encrypt with SEED\n");
-#endif
-#ifndef OPENSSL_NO_RC2
-		BIO_printf (bio_err, "-rc2-40        encrypt with RC2-40 (default)\n");
-		BIO_printf (bio_err, "-rc2-64        encrypt with RC2-64\n");
-		BIO_printf (bio_err, "-rc2-128       encrypt with RC2-128\n");
-#endif
-#ifndef OPENSSL_NO_AES
-		BIO_printf (bio_err, "-aes128, -aes192, -aes256\n");
-		BIO_printf (bio_err, "               encrypt PEM output with cbc aes\n");
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-		BIO_printf (bio_err, "-camellia128, -camellia192, -camellia256\n");
-		BIO_printf (bio_err, "               encrypt PEM output with cbc camellia\n");
-#endif
-		BIO_printf (bio_err, "-nointern      don't search certificates in message for signer\n");
-		BIO_printf (bio_err, "-nosigs        don't verify message signature\n");
-		BIO_printf (bio_err, "-noverify      don't verify signers certificate\n");
-		BIO_printf (bio_err, "-nocerts       don't include signers certificate when signing\n");
-		BIO_printf (bio_err, "-nodetach      use opaque signing\n");
-		BIO_printf (bio_err, "-noattr        don't include any signed attributes\n");
-		BIO_printf (bio_err, "-binary        don't translate message to text\n");
-		BIO_printf (bio_err, "-certfile file other certificates file\n");
-		BIO_printf (bio_err, "-certsout file certificate output file\n");
-		BIO_printf (bio_err, "-signer file   signer certificate file\n");
-		BIO_printf (bio_err, "-recip  file   recipient certificate file for decryption\n");
-		BIO_printf (bio_err, "-keyid        use subject key identifier\n");
-		BIO_printf (bio_err, "-in file       input file\n");
-		BIO_printf (bio_err, "-inform arg    input format SMIME (default), PEM or DER\n");
-		BIO_printf (bio_err, "-inkey file    input private key (if not signer or recipient)\n");
-		BIO_printf (bio_err, "-keyform arg   input private key format (PEM or ENGINE)\n");
-		BIO_printf (bio_err, "-out file      output file\n");
-		BIO_printf (bio_err, "-outform arg   output format SMIME (default), PEM or DER\n");
-		BIO_printf (bio_err, "-content file  supply or override content for detached signature\n");
-		BIO_printf (bio_err, "-to addr       to address\n");
-		BIO_printf (bio_err, "-from ad       from address\n");
-		BIO_printf (bio_err, "-subject s     subject\n");
-		BIO_printf (bio_err, "-text          include or delete text MIME headers\n");
-		BIO_printf (bio_err, "-CApath dir    trusted certificates directory\n");
-		BIO_printf (bio_err, "-CAfile file   trusted certificates file\n");
-		BIO_printf (bio_err, "-crl_check     check revocation status of signer's certificate using CRLs\n");
-		BIO_printf (bio_err, "-crl_check_all check revocation status of signer's certificate chain using CRLs\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf (bio_err, "-engine e      use engine e, possibly a hardware device.\n");
-#endif
-		BIO_printf (bio_err, "-passin arg    input file pass phrase source\n");
-		BIO_printf(bio_err,  "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
-		BIO_printf(bio_err,  "               load the file (or the files in the directory) into\n");
-		BIO_printf(bio_err,  "               the random number generator\n");
-		BIO_printf (bio_err, "cert.pem       recipient certificate(s) for encryption\n");
-		goto end;
-		}
-
-#ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
-#endif
-
-	if (!app_passwd(bio_err, passargin, NULL, &passin, NULL))
-		{
-		BIO_printf(bio_err, "Error getting password\n");
-		goto end;
-		}
-
-	if (need_rand)
-		{
-		app_RAND_load_file(NULL, bio_err, (inrand != NULL));
-		if (inrand != NULL)
-			BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
-				app_RAND_load_files(inrand));
-		}
-
-	ret = 2;
-
-	if (!(operation & SMIME_SIGNERS))
-		flags &= ~CMS_DETACHED;
-
-	if (operation & SMIME_OP)
-		{
-		if (outformat == FORMAT_ASN1)
-			outmode = "wb";
-		}
-	else
-		{
-		if (flags & CMS_BINARY)
-			outmode = "wb";
-		}
-
-	if (operation & SMIME_IP)
-		{
-		if (informat == FORMAT_ASN1)
-			inmode = "rb";
-		}
-	else
-		{
-		if (flags & CMS_BINARY)
-			inmode = "rb";
-		}
-
-	if (operation == SMIME_ENCRYPT)
-		{
-		if (!cipher)
-			{
-#ifndef OPENSSL_NO_DES			
-			cipher = EVP_des_ede3_cbc();
-#else
-			BIO_printf(bio_err, "No cipher selected\n");
-			goto end;
-#endif
-			}
-
-		if (secret_key && !secret_keyid)
-			{
-			BIO_printf(bio_err, "No secret key id\n");
-			goto end;
-			}
-
-		if (*args)
-			encerts = sk_X509_new_null();
-		while (*args)
-			{
-			if (!(cert = load_cert(bio_err,*args,FORMAT_PEM,
-				NULL, e, "recipient certificate file")))
-				goto end;
-			sk_X509_push(encerts, cert);
-			cert = NULL;
-			args++;
-			}
-		}
-
-	if (certfile)
-		{
-		if (!(other = load_certs(bio_err,certfile,FORMAT_PEM, NULL,
-			e, "certificate file")))
-			{
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		}
-
-	if (recipfile && (operation == SMIME_DECRYPT))
-		{
-		if (!(recip = load_cert(bio_err,recipfile,FORMAT_PEM,NULL,
-			e, "recipient certificate file")))
-			{
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		}
-
-	if (operation == SMIME_SIGN_RECEIPT)
-		{
-		if (!(signer = load_cert(bio_err,signerfile,FORMAT_PEM,NULL,
-			e, "receipt signer certificate file")))
-			{
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		}
-
-	if (operation == SMIME_DECRYPT)
-		{
-		if (!keyfile)
-			keyfile = recipfile;
-		}
-	else if ((operation == SMIME_SIGN) || (operation == SMIME_SIGN_RECEIPT))
-		{
-		if (!keyfile)
-			keyfile = signerfile;
-		}
-	else keyfile = NULL;
-
-	if (keyfile)
-		{
-		key = load_key(bio_err, keyfile, keyform, 0, passin, e,
-			       "signing key file");
-		if (!key)
-			goto end;
-		}
-
-	if (infile)
-		{
-		if (!(in = BIO_new_file(infile, inmode)))
-			{
-			BIO_printf (bio_err,
-				 "Can't open input file %s\n", infile);
-			goto end;
-			}
-		}
-	else
-		in = BIO_new_fp(stdin, BIO_NOCLOSE);
-
-	if (operation & SMIME_IP)
-		{
-		if (informat == FORMAT_SMIME) 
-			cms = SMIME_read_CMS(in, &indata);
-		else if (informat == FORMAT_PEM) 
-			cms = PEM_read_bio_CMS(in, NULL, NULL, NULL);
-		else if (informat == FORMAT_ASN1) 
-			cms = d2i_CMS_bio(in, NULL);
-		else
-			{
-			BIO_printf(bio_err, "Bad input format for CMS file\n");
-			goto end;
-			}
-
-		if (!cms)
-			{
-			BIO_printf(bio_err, "Error reading S/MIME message\n");
-			goto end;
-			}
-		if (contfile)
-			{
-			BIO_free(indata);
-			if (!(indata = BIO_new_file(contfile, "rb")))
-				{
-				BIO_printf(bio_err, "Can't read content file %s\n", contfile);
-				goto end;
-				}
-			}
-		if (certsoutfile)
-			{
-			STACK_OF(X509) *allcerts;
-			allcerts = CMS_get1_certs(cms);
-			if (!save_certs(certsoutfile, allcerts))
-				{
-				BIO_printf(bio_err,
-						"Error writing certs to %s\n",
-								certsoutfile);
-				ret = 5;
-				goto end;
-				}
-			sk_X509_pop_free(allcerts, X509_free);
-			}
-		}
-
-	if (rctfile)
-		{
-		char *rctmode = (rctformat == FORMAT_ASN1) ? "rb" : "r";
-		if (!(rctin = BIO_new_file(rctfile, rctmode)))
-			{
-			BIO_printf (bio_err,
-				 "Can't open receipt file %s\n", rctfile);
-			goto end;
-			}
-		
-		if (rctformat == FORMAT_SMIME) 
-			rcms = SMIME_read_CMS(rctin, NULL);
-		else if (rctformat == FORMAT_PEM) 
-			rcms = PEM_read_bio_CMS(rctin, NULL, NULL, NULL);
-		else if (rctformat == FORMAT_ASN1) 
-			rcms = d2i_CMS_bio(rctin, NULL);
-		else
-			{
-			BIO_printf(bio_err, "Bad input format for receipt\n");
-			goto end;
-			}
-
-		if (!rcms)
-			{
-			BIO_printf(bio_err, "Error reading receipt\n");
-			goto end;
-			}
-		}
-
-	if (outfile)
-		{
-		if (!(out = BIO_new_file(outfile, outmode)))
-			{
-			BIO_printf (bio_err,
-				 "Can't open output file %s\n", outfile);
-			goto end;
-			}
-		}
-	else
-		{
-		out = BIO_new_fp(stdout, BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		    BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		    out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
-
-	if ((operation == SMIME_VERIFY) || (operation == SMIME_VERIFY_RECEIPT))
-		{
-		if (!(store = setup_verify(bio_err, CAfile, CApath)))
-			goto end;
-		X509_STORE_set_verify_cb(store, cms_cb);
-		if (vpm)
-			X509_STORE_set1_param(store, vpm);
-		}
-
-
-	ret = 3;
-
-	if (operation == SMIME_DATA_CREATE)
-		{
-		cms = CMS_data_create(in, flags);
-		}
-	else if (operation == SMIME_DIGEST_CREATE)
-		{
-		cms = CMS_digest_create(in, sign_md, flags);
-		}
-	else if (operation == SMIME_COMPRESS)
-		{
-		cms = CMS_compress(in, -1, flags);
-		}
-	else if (operation == SMIME_ENCRYPT)
-		{
-		flags |= CMS_PARTIAL;
-		cms = CMS_encrypt(encerts, in, cipher, flags);
-		if (!cms)
-			goto end;
-		if (secret_key)
-			{
-			if (!CMS_add0_recipient_key(cms, NID_undef, 
-						secret_key, secret_keylen,
-						secret_keyid, secret_keyidlen,
-						NULL, NULL, NULL))
-				goto end;
-			/* NULL these because call absorbs them */
-			secret_key = NULL;
-			secret_keyid = NULL;
-			}
-		if (!(flags & CMS_STREAM))
-			{
-			if (!CMS_final(cms, in, NULL, flags))
-				goto end;
-			}
-		}
-	else if (operation == SMIME_ENCRYPTED_ENCRYPT)
-		{
-		cms = CMS_EncryptedData_encrypt(in, cipher,
-						secret_key, secret_keylen,
-						flags);
-
-		}
-	else if (operation == SMIME_SIGN_RECEIPT)
-		{
-		CMS_ContentInfo *srcms = NULL;
-		STACK_OF(CMS_SignerInfo) *sis;
-		CMS_SignerInfo *si;
-		sis = CMS_get0_SignerInfos(cms);
-		if (!sis)
-			goto end;
-		si = sk_CMS_SignerInfo_value(sis, 0);
-		srcms = CMS_sign_receipt(si, signer, key, other, flags);
-		if (!srcms)
-			goto end;
-		CMS_ContentInfo_free(cms);
-		cms = srcms;
-		}
-	else if (operation & SMIME_SIGNERS)
-		{
-		int i;
-		/* If detached data content we enable streaming if
-		 * S/MIME output format.
-		 */
-		if (operation == SMIME_SIGN)
-			{
-				
-			if (flags & CMS_DETACHED)
-				{
-				if (outformat == FORMAT_SMIME)
-					flags |= CMS_STREAM;
-				}
-			flags |= CMS_PARTIAL;
-			cms = CMS_sign(NULL, NULL, other, in, flags);
-			if (!cms)
-				goto end;
-			if (econtent_type)
-				CMS_set1_eContentType(cms, econtent_type);
-
-			if (rr_to)
-				{
-				rr = make_receipt_request(rr_to, rr_allorfirst,
-								rr_from);
-				if (!rr)
-					{
-					BIO_puts(bio_err,
-				"Signed Receipt Request Creation Error\n");
-					goto end;
-					}
-				}
-			}
-		else
-			flags |= CMS_REUSE_DIGEST;
-		for (i = 0; i < sk_OPENSSL_STRING_num(sksigners); i++)
-			{
-			CMS_SignerInfo *si;
-			signerfile = sk_OPENSSL_STRING_value(sksigners, i);
-			keyfile = sk_OPENSSL_STRING_value(skkeys, i);
-			signer = load_cert(bio_err, signerfile,FORMAT_PEM, NULL,
-					e, "signer certificate");
-			if (!signer)
-				goto end;
-			key = load_key(bio_err, keyfile, keyform, 0, passin, e,
-			       "signing key file");
-			if (!key)
-				goto end;
-			si = CMS_add1_signer(cms, signer, key, sign_md, flags);
-			if (!si)
-				goto end;
-			if (rr && !CMS_add1_ReceiptRequest(si, rr))
-				goto end;
-			X509_free(signer);
-			signer = NULL;
-			EVP_PKEY_free(key);
-			key = NULL;
-			}
-		/* If not streaming or resigning finalize structure */
-		if ((operation == SMIME_SIGN) && !(flags & CMS_STREAM))
-			{
-			if (!CMS_final(cms, in, NULL, flags))
-				goto end;
-			}
-		}
-
-	if (!cms)
-		{
-		BIO_printf(bio_err, "Error creating CMS structure\n");
-		goto end;
-		}
-
-	ret = 4;
-	if (operation == SMIME_DECRYPT)
-		{
-
-		if (secret_key)
-			{
-			if (!CMS_decrypt_set1_key(cms,
-						secret_key, secret_keylen,
-						secret_keyid, secret_keyidlen))
-				{
-				BIO_puts(bio_err,
-					"Error decrypting CMS using secret key\n");
-				goto end;
-				}
-			}
-
-		if (key)
-			{
-			if (!CMS_decrypt_set1_pkey(cms, key, recip))
-				{
-				BIO_puts(bio_err,
-					"Error decrypting CMS using private key\n");
-				goto end;
-				}
-			}
-
-		if (!CMS_decrypt(cms, NULL, NULL, indata, out, flags))
-			{
-			BIO_printf(bio_err, "Error decrypting CMS structure\n");
-			goto end;
-			}
-		}
-	else if (operation == SMIME_DATAOUT)
-		{
-		if (!CMS_data(cms, out, flags))
-			goto end;
-		}
-	else if (operation == SMIME_UNCOMPRESS)
-		{
-		if (!CMS_uncompress(cms, indata, out, flags))
-			goto end;
-		}
-	else if (operation == SMIME_DIGEST_VERIFY)
-		{
-		if (CMS_digest_verify(cms, indata, out, flags) > 0)
-			BIO_printf(bio_err, "Verification successful\n");
-		else
-			{
-			BIO_printf(bio_err, "Verification failure\n");
-			goto end;
-			}
-		}
-	else if (operation == SMIME_ENCRYPTED_DECRYPT)
-		{
-		if (!CMS_EncryptedData_decrypt(cms, secret_key, secret_keylen,
-						indata, out, flags))
-			goto end;
-		}
-	else if (operation == SMIME_VERIFY)
-		{
-		if (CMS_verify(cms, other, store, indata, out, flags) > 0)
-			BIO_printf(bio_err, "Verification successful\n");
-		else
-			{
-			BIO_printf(bio_err, "Verification failure\n");
-			if (verify_retcode)
-				ret = verify_err + 32;
-			goto end;
-			}
-		if (signerfile)
-			{
-			STACK_OF(X509) *signers;
-			signers = CMS_get0_signers(cms);
-			if (!save_certs(signerfile, signers))
-				{
-				BIO_printf(bio_err,
-						"Error writing signers to %s\n",
-								signerfile);
-				ret = 5;
-				goto end;
-				}
-			sk_X509_free(signers);
-			}
-		if (rr_print)
-			receipt_request_print(bio_err, cms);
-					
-		}
-	else if (operation == SMIME_VERIFY_RECEIPT)
-		{
-		if (CMS_verify_receipt(rcms, cms, other, store, flags) > 0)
-			BIO_printf(bio_err, "Verification successful\n");
-		else
-			{
-			BIO_printf(bio_err, "Verification failure\n");
-			goto end;
-			}
-		}
-	else
-		{
-		if (noout)
-			{
-			if (print)
-				CMS_ContentInfo_print_ctx(out, cms, 0, NULL);
-			}
-		else if (outformat == FORMAT_SMIME)
-			{
-			if (to)
-				BIO_printf(out, "To: %s\n", to);
-			if (from)
-				BIO_printf(out, "From: %s\n", from);
-			if (subject)
-				BIO_printf(out, "Subject: %s\n", subject);
-			if (operation == SMIME_RESIGN)
-				ret = SMIME_write_CMS(out, cms, indata, flags);
-			else
-				ret = SMIME_write_CMS(out, cms, in, flags);
-			}
-		else if (outformat == FORMAT_PEM) 
-			ret = PEM_write_bio_CMS_stream(out, cms, in, flags);
-		else if (outformat == FORMAT_ASN1) 
-			ret = i2d_CMS_bio_stream(out,cms, in, flags);
-		else
-			{
-			BIO_printf(bio_err, "Bad output format for CMS file\n");
-			goto end;
-			}
-		if (ret <= 0)
-			{
-			ret = 6;
-			goto end;
-			}
-		}
-	ret = 0;
-end:
-	if (ret)
-		ERR_print_errors(bio_err);
-	if (need_rand)
-		app_RAND_write_file(NULL, bio_err);
-	sk_X509_pop_free(encerts, X509_free);
-	sk_X509_pop_free(other, X509_free);
-	if (vpm)
-		X509_VERIFY_PARAM_free(vpm);
-	if (sksigners)
-		sk_OPENSSL_STRING_free(sksigners);
-	if (skkeys)
-		sk_OPENSSL_STRING_free(skkeys);
-	if (secret_key)
-		OPENSSL_free(secret_key);
-	if (secret_keyid)
-		OPENSSL_free(secret_keyid);
-	if (econtent_type)
-		ASN1_OBJECT_free(econtent_type);
-	if (rr)
-		CMS_ReceiptRequest_free(rr);
-	if (rr_to)
-		sk_OPENSSL_STRING_free(rr_to);
-	if (rr_from)
-		sk_OPENSSL_STRING_free(rr_from);
-	X509_STORE_free(store);
-	X509_free(cert);
-	X509_free(recip);
-	X509_free(signer);
-	EVP_PKEY_free(key);
-	CMS_ContentInfo_free(cms);
-	CMS_ContentInfo_free(rcms);
-	BIO_free(rctin);
-	BIO_free(in);
-	BIO_free(indata);
-	BIO_free_all(out);
-	if (passin) OPENSSL_free(passin);
-	return (ret);
-}
-
-static int save_certs(char *signerfile, STACK_OF(X509) *signers)
-	{
-	int i;
-	BIO *tmp;
-	if (!signerfile)
-		return 1;
-	tmp = BIO_new_file(signerfile, "w");
-	if (!tmp) return 0;
-	for(i = 0; i < sk_X509_num(signers); i++)
-		PEM_write_bio_X509(tmp, sk_X509_value(signers, i));
-	BIO_free(tmp);
-	return 1;
-	}
-	
-
-/* Minimal callback just to output policy info (if any) */
-
-static int cms_cb(int ok, X509_STORE_CTX *ctx)
-	{
-	int error;
-
-	error = X509_STORE_CTX_get_error(ctx);
-
-	verify_err = error;
-
-	if ((error != X509_V_ERR_NO_EXPLICIT_POLICY)
-		&& ((error != X509_V_OK) || (ok != 2)))
-		return ok;
-
-	policies_print(NULL, ctx);
-
-	return ok;
-
-	}
-
-static void gnames_stack_print(BIO *out, STACK_OF(GENERAL_NAMES) *gns)
-	{
-	STACK_OF(GENERAL_NAME) *gens;
-	GENERAL_NAME *gen;
-	int i, j;
-	for (i = 0; i < sk_GENERAL_NAMES_num(gns); i++)
-		{
-		gens = sk_GENERAL_NAMES_value(gns, i);
-		for (j = 0; j < sk_GENERAL_NAME_num(gens); j++)
-			{
-			gen = sk_GENERAL_NAME_value(gens, j);
-			BIO_puts(out, "    ");
-			GENERAL_NAME_print(out, gen);
-			BIO_puts(out, "\n");
-			}
-		}
-	return;
-	}
-
-static void receipt_request_print(BIO *out, CMS_ContentInfo *cms)
-	{
-	STACK_OF(CMS_SignerInfo) *sis;
-	CMS_SignerInfo *si;
-	CMS_ReceiptRequest *rr;
-	int allorfirst;
-	STACK_OF(GENERAL_NAMES) *rto, *rlist;
-	ASN1_STRING *scid;
-	int i, rv;
-	sis = CMS_get0_SignerInfos(cms);
-	for (i = 0; i < sk_CMS_SignerInfo_num(sis); i++)
-		{
-		si = sk_CMS_SignerInfo_value(sis, i);
-		rv = CMS_get1_ReceiptRequest(si, &rr);
-		BIO_printf(bio_err, "Signer %d:\n", i + 1);
-		if (rv == 0)
-			BIO_puts(bio_err, "  No Receipt Request\n");
-		else if (rv < 0)
-			{
-			BIO_puts(bio_err, "  Receipt Request Parse Error\n");
-			ERR_print_errors(bio_err);
-			}
-		else
-			{
-			char *id;
-			int idlen;
-			CMS_ReceiptRequest_get0_values(rr, &scid, &allorfirst,
-							&rlist, &rto);
-			BIO_puts(out, "  Signed Content ID:\n");
-			idlen = ASN1_STRING_length(scid);
-			id = (char *)ASN1_STRING_data(scid);
-			BIO_dump_indent(out, id, idlen, 4);
-			BIO_puts(out, "  Receipts From");
-			if (rlist)
-				{
-				BIO_puts(out, " List:\n");
-				gnames_stack_print(out, rlist);
-				}
-			else if (allorfirst == 1)
-				BIO_puts(out, ": First Tier\n");
-			else if (allorfirst == 0)
-				BIO_puts(out, ": All\n");
-			else
-				BIO_printf(out, " Unknown (%d)\n", allorfirst);
-			BIO_puts(out, "  Receipts To:\n");
-			gnames_stack_print(out, rto);
-			}
-		if (rr)
-			CMS_ReceiptRequest_free(rr);
-		}
-	}
-
-static STACK_OF(GENERAL_NAMES) *make_names_stack(STACK_OF(OPENSSL_STRING) *ns)
-	{
-	int i;
-	STACK_OF(GENERAL_NAMES) *ret;
-	GENERAL_NAMES *gens = NULL;
-	GENERAL_NAME *gen = NULL;
-	ret = sk_GENERAL_NAMES_new_null();
-	if (!ret)
-		goto err;
-	for (i = 0; i < sk_OPENSSL_STRING_num(ns); i++)
-		{
-		char *str = sk_OPENSSL_STRING_value(ns, i);
-		gen = a2i_GENERAL_NAME(NULL, NULL, NULL, GEN_EMAIL, str, 0);
-		if (!gen)
-			goto err;
-		gens = GENERAL_NAMES_new();
-		if (!gens)
-			goto err;
-		if (!sk_GENERAL_NAME_push(gens, gen))
-			goto err;
-		gen = NULL;
-		if (!sk_GENERAL_NAMES_push(ret, gens))
-			goto err;
-		gens = NULL;
-		}
-
-	return ret;
-
-	err:
-	if (ret)
-		sk_GENERAL_NAMES_pop_free(ret, GENERAL_NAMES_free);
-	if (gens)
-		GENERAL_NAMES_free(gens);
-	if (gen)
-		GENERAL_NAME_free(gen);
-	return NULL;
-	}
-
-
-static CMS_ReceiptRequest *make_receipt_request(STACK_OF(OPENSSL_STRING) *rr_to,
-						int rr_allorfirst,
-						STACK_OF(OPENSSL_STRING) *rr_from)
-	{
-	STACK_OF(GENERAL_NAMES) *rct_to, *rct_from;
-	CMS_ReceiptRequest *rr;
-	rct_to = make_names_stack(rr_to);
-	if (!rct_to)
-		goto err;
-	if (rr_from)
-		{
-		rct_from = make_names_stack(rr_from);
-		if (!rct_from)
-			goto err;
-		}
-	else
-		rct_from = NULL;
-	rr = CMS_ReceiptRequest_create0(NULL, -1, rr_allorfirst, rct_from,
-						rct_to);
-	return rr;
-	err:
-	return NULL;
-	}
-
-#endif
diff --git a/deps/openssl/openssl/apps/crl.c b/deps/openssl/openssl/apps/crl.c
deleted file mode 100644
index c395b2afd5d..00000000000
--- a/deps/openssl/openssl/apps/crl.c
+++ /dev/null
@@ -1,446 +0,0 @@
-/* apps/crl.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include 
-#include 
-#include 
-#include "apps.h"
-#include 
-#include 
-#include 
-#include 
-#include 
-
-#undef PROG
-#define PROG	crl_main
-
-#undef POSTFIX
-#define	POSTFIX	".rvk"
-
-static const char *crl_usage[]={
-"usage: crl args\n",
-"\n",
-" -inform arg     - input format - default PEM (DER or PEM)\n",
-" -outform arg    - output format - default PEM\n",
-" -text           - print out a text format version\n",
-" -in arg         - input file - default stdin\n",
-" -out arg        - output file - default stdout\n",
-" -hash           - print hash value\n",
-" -fingerprint    - print the crl fingerprint\n",
-" -issuer         - print issuer DN\n",
-" -lastupdate     - lastUpdate field\n",
-" -nextupdate     - nextUpdate field\n",
-" -crlnumber      - print CRL number\n",
-" -noout          - no CRL output\n",
-" -CAfile  name   - verify CRL using certificates in file \"name\"\n",
-" -CApath  dir    - verify CRL using certificates in \"dir\"\n",
-" -nameopt arg    - various certificate name options\n",
-NULL
-};
-
-static X509_CRL *load_crl(char *file, int format);
-static BIO *bio_out=NULL;
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	unsigned long nmflag = 0;
-	X509_CRL *x=NULL;
-	char *CAfile = NULL, *CApath = NULL;
-	int ret=1,i,num,badops=0;
-	BIO *out=NULL;
-	int informat,outformat;
-	char *infile=NULL,*outfile=NULL;
-	int hash=0,issuer=0,lastupdate=0,nextupdate=0,noout=0,text=0;
-	int fingerprint = 0, crlnumber = 0;
-	const char **pp;
-	X509_STORE *store = NULL;
-	X509_STORE_CTX ctx;
-	X509_LOOKUP *lookup = NULL;
-	X509_OBJECT xobj;
-	EVP_PKEY *pkey;
-	int do_ver = 0;
-	const EVP_MD *md_alg,*digest=EVP_sha1();
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	if (bio_out == NULL)
-		if ((bio_out=BIO_new(BIO_s_file())) != NULL)
-			{
-			BIO_set_fp(bio_out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-			{
-			BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-			bio_out = BIO_push(tmpbio, bio_out);
-			}
-#endif
-			}
-
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
-
-	argc--;
-	argv++;
-	num=0;
-	while (argc >= 1)
-		{
-#ifdef undef
-		if	(strcmp(*argv,"-p") == 0)
-			{
-			if (--argc < 1) goto bad;
-			if (!args_from_file(++argv,Nargc,Nargv)) { goto end; }*/
-			}
-#endif
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-CApath") == 0)
-			{
-			if (--argc < 1) goto bad;
-			CApath = *(++argv);
-			do_ver = 1;
-			}
-		else if (strcmp(*argv,"-CAfile") == 0)
-			{
-			if (--argc < 1) goto bad;
-			CAfile = *(++argv);
-			do_ver = 1;
-			}
-		else if (strcmp(*argv,"-verify") == 0)
-			do_ver = 1;
-		else if (strcmp(*argv,"-text") == 0)
-			text = 1;
-		else if (strcmp(*argv,"-hash") == 0)
-			hash= ++num;
-		else if (strcmp(*argv,"-nameopt") == 0)
-			{
-			if (--argc < 1) goto bad;
-			if (!set_name_ex(&nmflag, *(++argv))) goto bad;
-			}
-		else if (strcmp(*argv,"-issuer") == 0)
-			issuer= ++num;
-		else if (strcmp(*argv,"-lastupdate") == 0)
-			lastupdate= ++num;
-		else if (strcmp(*argv,"-nextupdate") == 0)
-			nextupdate= ++num;
-		else if (strcmp(*argv,"-noout") == 0)
-			noout= ++num;
-		else if (strcmp(*argv,"-fingerprint") == 0)
-			fingerprint= ++num;
-		else if (strcmp(*argv,"-crlnumber") == 0)
-			crlnumber= ++num;
-		else if ((md_alg=EVP_get_digestbyname(*argv + 1)))
-			{
-			/* ok */
-			digest=md_alg;
-			}
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		for (pp=crl_usage; (*pp != NULL); pp++)
-			BIO_printf(bio_err,"%s",*pp);
-		goto end;
-		}
-
-	ERR_load_crypto_strings();
-	x=load_crl(infile,informat);
-	if (x == NULL) { goto end; }
-
-	if(do_ver) {
-		store = X509_STORE_new();
-		lookup=X509_STORE_add_lookup(store,X509_LOOKUP_file());
-		if (lookup == NULL) goto end;
-		if (!X509_LOOKUP_load_file(lookup,CAfile,X509_FILETYPE_PEM))
-			X509_LOOKUP_load_file(lookup,NULL,X509_FILETYPE_DEFAULT);
-			
-		lookup=X509_STORE_add_lookup(store,X509_LOOKUP_hash_dir());
-		if (lookup == NULL) goto end;
-		if (!X509_LOOKUP_add_dir(lookup,CApath,X509_FILETYPE_PEM))
-			X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT);
-		ERR_clear_error();
-
-		if(!X509_STORE_CTX_init(&ctx, store, NULL, NULL)) {
-			BIO_printf(bio_err,
-				"Error initialising X509 store\n");
-			goto end;
-		}
-
-		i = X509_STORE_get_by_subject(&ctx, X509_LU_X509, 
-					X509_CRL_get_issuer(x), &xobj);
-		if(i <= 0) {
-			BIO_printf(bio_err,
-				"Error getting CRL issuer certificate\n");
-			goto end;
-		}
-		pkey = X509_get_pubkey(xobj.data.x509);
-		X509_OBJECT_free_contents(&xobj);
-		if(!pkey) {
-			BIO_printf(bio_err,
-				"Error getting CRL issuer public key\n");
-			goto end;
-		}
-		i = X509_CRL_verify(x, pkey);
-		EVP_PKEY_free(pkey);
-		if(i < 0) goto end;
-		if(i == 0) BIO_printf(bio_err, "verify failure\n");
-		else BIO_printf(bio_err, "verify OK\n");
-	}
-
-	if (num)
-		{
-		for (i=1; i<=num; i++)
-			{
-			if (issuer == i)
-				{
-				print_name(bio_out, "issuer=", X509_CRL_get_issuer(x), nmflag);
-				}
-			if (crlnumber == i)
-				{
-				ASN1_INTEGER *crlnum;
-				crlnum = X509_CRL_get_ext_d2i(x, NID_crl_number,
-							      NULL, NULL);
-				BIO_printf(bio_out,"crlNumber=");
-				if (crlnum)
-					{
-					i2a_ASN1_INTEGER(bio_out, crlnum);
-					ASN1_INTEGER_free(crlnum);
-					}
-				else
-					BIO_puts(bio_out, "");
-				BIO_printf(bio_out,"\n");
-				}
-			if (hash == i)
-				{
-				BIO_printf(bio_out,"%08lx\n",
-					X509_NAME_hash(X509_CRL_get_issuer(x)));
-				}
-			if (lastupdate == i)
-				{
-				BIO_printf(bio_out,"lastUpdate=");
-				ASN1_TIME_print(bio_out,
-						X509_CRL_get_lastUpdate(x));
-				BIO_printf(bio_out,"\n");
-				}
-			if (nextupdate == i)
-				{
-				BIO_printf(bio_out,"nextUpdate=");
-				if (X509_CRL_get_nextUpdate(x)) 
-					ASN1_TIME_print(bio_out,
-						X509_CRL_get_nextUpdate(x));
-				else
-					BIO_printf(bio_out,"NONE");
-				BIO_printf(bio_out,"\n");
-				}
-			if (fingerprint == i)
-				{
-				int j;
-				unsigned int n;
-				unsigned char md[EVP_MAX_MD_SIZE];
-
-				if (!X509_CRL_digest(x,digest,md,&n))
-					{
-					BIO_printf(bio_err,"out of memory\n");
-					goto end;
-					}
-				BIO_printf(bio_out,"%s Fingerprint=",
-						OBJ_nid2sn(EVP_MD_type(digest)));
-				for (j=0; j<(int)n; j++)
-					{
-					BIO_printf(bio_out,"%02X%c",md[j],
-						(j+1 == (int)n)
-						?'\n':':');
-					}
-				}
-			}
-		}
-
-	out=BIO_new(BIO_s_file());
-	if (out == NULL)
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
-			perror(outfile);
-			goto end;
-			}
-		}
-
-	if (text) X509_CRL_print(out, x);
-
-	if (noout) 
-		{
-		ret = 0;
-		goto end;
-		}
-
-	if 	(outformat == FORMAT_ASN1)
-		i=(int)i2d_X509_CRL_bio(out,x);
-	else if (outformat == FORMAT_PEM)
-		i=PEM_write_bio_X509_CRL(out,x);
-	else	
-		{
-		BIO_printf(bio_err,"bad output format specified for outfile\n");
-		goto end;
-		}
-	if (!i) { BIO_printf(bio_err,"unable to write CRL\n"); goto end; }
-	ret=0;
-end:
-	BIO_free_all(out);
-	BIO_free_all(bio_out);
-	bio_out=NULL;
-	X509_CRL_free(x);
-	if(store) {
-		X509_STORE_CTX_cleanup(&ctx);
-		X509_STORE_free(store);
-	}
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-
-static X509_CRL *load_crl(char *infile, int format)
-	{
-	X509_CRL *x=NULL;
-	BIO *in=NULL;
-
-	in=BIO_new(BIO_s_file());
-	if (in == NULL)
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (infile == NULL)
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(in,infile) <= 0)
-			{
-			perror(infile);
-			goto end;
-			}
-		}
-	if 	(format == FORMAT_ASN1)
-		x=d2i_X509_CRL_bio(in,NULL);
-	else if (format == FORMAT_PEM)
-		x=PEM_read_bio_X509_CRL(in,NULL,NULL,NULL);
-	else	{
-		BIO_printf(bio_err,"bad input format specified for input crl\n");
-		goto end;
-		}
-	if (x == NULL)
-		{
-		BIO_printf(bio_err,"unable to load CRL\n");
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-	
-end:
-	BIO_free(in);
-	return(x);
-	}
-
diff --git a/deps/openssl/openssl/apps/crl2p7.c b/deps/openssl/openssl/apps/crl2p7.c
deleted file mode 100644
index bbc83774dbe..00000000000
--- a/deps/openssl/openssl/apps/crl2p7.c
+++ /dev/null
@@ -1,337 +0,0 @@
-/* apps/crl2p7.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* This was written by Gordon Chaffee 
- * and donated 'to the cause' along with lots and lots of other fixes to
- * the library. */
-
-#include 
-#include 
-#include 
-#include "apps.h"
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-
-static int add_certs_from_file(STACK_OF(X509) *stack, char *certfile);
-#undef PROG
-#define PROG	crl2pkcs7_main
-
-/* -inform arg	- input format - default PEM (DER or PEM)
- * -outform arg - output format - default PEM
- * -in arg	- input file - default stdin
- * -out arg	- output file - default stdout
- */
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	int i,badops=0;
-	BIO *in=NULL,*out=NULL;
-	int informat,outformat;
-	char *infile,*outfile,*prog,*certfile;
-	PKCS7 *p7 = NULL;
-	PKCS7_SIGNED *p7s = NULL;
-	X509_CRL *crl=NULL;
-	STACK_OF(OPENSSL_STRING) *certflst=NULL;
-	STACK_OF(X509_CRL) *crl_stack=NULL;
-	STACK_OF(X509) *cert_stack=NULL;
-	int ret=1,nocrl=0;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	infile=NULL;
-	outfile=NULL;
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
-
-	prog=argv[0];
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-nocrl") == 0)
-			{
-			nocrl=1;
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-certfile") == 0)
-			{
-			if (--argc < 1) goto bad;
-			if(!certflst) certflst = sk_OPENSSL_STRING_new_null();
-			sk_OPENSSL_STRING_push(certflst,*(++argv));
-			}
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options] outfile\n",prog);
-		BIO_printf(bio_err,"where options are\n");
-		BIO_printf(bio_err," -inform arg    input format - DER or PEM\n");
-		BIO_printf(bio_err," -outform arg   output format - DER or PEM\n");
-		BIO_printf(bio_err," -in arg        input file\n");
-		BIO_printf(bio_err," -out arg       output file\n");
-		BIO_printf(bio_err," -certfile arg  certificates file of chain to a trusted CA\n");
-		BIO_printf(bio_err,"                (can be used more than once)\n");
-		BIO_printf(bio_err," -nocrl         no crl to load, just certs from '-certfile'\n");
-		ret = 1;
-		goto end;
-		}
-
-	ERR_load_crypto_strings();
-
-	in=BIO_new(BIO_s_file());
-	out=BIO_new(BIO_s_file());
-	if ((in == NULL) || (out == NULL))
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (!nocrl)
-		{
-		if (infile == NULL)
-			BIO_set_fp(in,stdin,BIO_NOCLOSE);
-		else
-			{
-			if (BIO_read_filename(in,infile) <= 0)
-				{
-				perror(infile);
-				goto end;
-				}
-			}
-
-		if 	(informat == FORMAT_ASN1)
-			crl=d2i_X509_CRL_bio(in,NULL);
-		else if (informat == FORMAT_PEM)
-			crl=PEM_read_bio_X509_CRL(in,NULL,NULL,NULL);
-		else	{
-			BIO_printf(bio_err,"bad input format specified for input crl\n");
-			goto end;
-			}
-		if (crl == NULL)
-			{
-			BIO_printf(bio_err,"unable to load CRL\n");
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		}
-	
-	if ((p7=PKCS7_new()) == NULL) goto end;
-	if ((p7s=PKCS7_SIGNED_new()) == NULL) goto end;
-	p7->type=OBJ_nid2obj(NID_pkcs7_signed);
-	p7->d.sign=p7s;
-	p7s->contents->type=OBJ_nid2obj(NID_pkcs7_data);
-
-	if (!ASN1_INTEGER_set(p7s->version,1)) goto end;
-	if ((crl_stack=sk_X509_CRL_new_null()) == NULL) goto end;
-	p7s->crl=crl_stack;
-	if (crl != NULL)
-		{
-		sk_X509_CRL_push(crl_stack,crl);
-		crl=NULL; /* now part of p7 for OPENSSL_freeing */
-		}
-
-	if ((cert_stack=sk_X509_new_null()) == NULL) goto end;
-	p7s->cert=cert_stack;
-
-	if(certflst) for(i = 0; i < sk_OPENSSL_STRING_num(certflst); i++) {
-		certfile = sk_OPENSSL_STRING_value(certflst, i);
-		if (add_certs_from_file(cert_stack,certfile) < 0)
-			{
-			BIO_printf(bio_err, "error loading certificates\n");
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-	}
-
-	sk_OPENSSL_STRING_free(certflst);
-
-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
-			perror(outfile);
-			goto end;
-			}
-		}
-
-	if 	(outformat == FORMAT_ASN1)
-		i=i2d_PKCS7_bio(out,p7);
-	else if (outformat == FORMAT_PEM)
-		i=PEM_write_bio_PKCS7(out,p7);
-	else	{
-		BIO_printf(bio_err,"bad output format specified for outfile\n");
-		goto end;
-		}
-	if (!i)
-		{
-		BIO_printf(bio_err,"unable to write pkcs7 object\n");
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-	ret=0;
-end:
-	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free_all(out);
-	if (p7 != NULL) PKCS7_free(p7);
-	if (crl != NULL) X509_CRL_free(crl);
-
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-
-/*
- *----------------------------------------------------------------------
- * int add_certs_from_file
- *
- *	Read a list of certificates to be checked from a file.
- *
- * Results:
- *	number of certs added if successful, -1 if not.
- *----------------------------------------------------------------------
- */
-static int add_certs_from_file(STACK_OF(X509) *stack, char *certfile)
-	{
-	BIO *in=NULL;
-	int count=0;
-	int ret= -1;
-	STACK_OF(X509_INFO) *sk=NULL;
-	X509_INFO *xi;
-
-	in=BIO_new(BIO_s_file());
-	if ((in == NULL) || (BIO_read_filename(in,certfile) <= 0))
-		{
-		BIO_printf(bio_err,"error opening the file, %s\n",certfile);
-		goto end;
-		}
-
-	/* This loads from a file, a stack of x509/crl/pkey sets */
-	sk=PEM_X509_INFO_read_bio(in,NULL,NULL,NULL);
-	if (sk == NULL) {
-		BIO_printf(bio_err,"error reading the file, %s\n",certfile);
-		goto end;
-	}
-
-	/* scan over it and pull out the CRL's */
-	while (sk_X509_INFO_num(sk))
-		{
-		xi=sk_X509_INFO_shift(sk);
-		if (xi->x509 != NULL)
-			{
-			sk_X509_push(stack,xi->x509);
-			xi->x509=NULL;
-			count++;
-			}
-		X509_INFO_free(xi);
-		}
-
-	ret=count;
-end:
- 	/* never need to OPENSSL_free x */
-	if (in != NULL) BIO_free(in);
-	if (sk != NULL) sk_X509_INFO_free(sk);
-	return(ret);
-	}
-
diff --git a/deps/openssl/openssl/apps/demoCA/cacert.pem b/deps/openssl/openssl/apps/demoCA/cacert.pem
deleted file mode 100644
index affbce3bc94..00000000000
--- a/deps/openssl/openssl/apps/demoCA/cacert.pem
+++ /dev/null
@@ -1,14 +0,0 @@
-subject=/C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
-issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
------BEGIN X509 CERTIFICATE-----
-
-MIIBgjCCASwCAQQwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV
-BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MTAwOTIz
-MzIwNVoXDTk4MDcwNTIzMzIwNVowYDELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM
-RDEZMBcGA1UEChMQTWluY29tIFB0eS4gTHRkLjELMAkGA1UECxMCQ1MxGzAZBgNV
-BAMTElNTTGVheSBkZW1vIHNlcnZlcjBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQC3
-LCXcScWua0PFLkHBLm2VejqpA1F4RQ8q0VjRiPafjx/Z/aWH3ipdMVvuJGa/wFXb
-/nDFLDlfWp+oCPwhBtVPAgMBAAEwDQYJKoZIhvcNAQEEBQADQQArNFsihWIjBzb0
-DCsU0BvL2bvSwJrPEqFlkDq3F4M6EGutL9axEcANWgbbEdAvNJD1dmEmoWny27Pn
-IMs6ZOZB
------END X509 CERTIFICATE-----
diff --git a/deps/openssl/openssl/apps/demoCA/index.txt b/deps/openssl/openssl/apps/demoCA/index.txt
deleted file mode 100644
index 2cdd252d67c..00000000000
--- a/deps/openssl/openssl/apps/demoCA/index.txt
+++ /dev/null
@@ -1,39 +0,0 @@
-R	980705233205Z	951009233205Z	01	certs/00000001	/CN=Eric Young
-E	951009233205Z		02	certs/00000002	/CN=Duncan Young
-R	980705233205Z	951201010000Z	03	certs/00000003	/CN=Tim Hudson
-V	980705233205Z		04	certs/00000004	/CN=Eric Young4
-V	980705233205Z		05	certs/00000004	/CN=Eric Young5
-V	980705233205Z		06	certs/00000004	/CN=Eric Young6
-V	980705233205Z		07	certs/00000004	/CN=Eric Young7
-V	980705233205Z		08	certs/00000004	/CN=Eric Young8
-V	980705233205Z		09	certs/00000004	/CN=Eric Young9
-V	980705233205Z		0A	certs/00000004	/CN=Eric YoungA
-V	980705233205Z		0B	certs/00000004	/CN=Eric YoungB
-V	980705233205Z		0C	certs/00000004	/CN=Eric YoungC
-V	980705233205Z		0D	certs/00000004	/CN=Eric YoungD
-V	980705233205Z		0E	certs/00000004	/CN=Eric YoungE
-V	980705233205Z		0F	certs/00000004	/CN=Eric YoungF
-V	980705233205Z		10	certs/00000004	/CN=Eric Young10
-V	980705233205Z		11	certs/00000004	/CN=Eric Young11
-V	980705233205Z		12	certs/00000004	/CN=Eric Young12
-V	980705233205Z		13	certs/00000004	/CN=Eric Young13
-V	980705233205Z		14	certs/00000004	/CN=Eric Young14
-V	980705233205Z		15	certs/00000004	/CN=Eric Young15
-V	980705233205Z		16	certs/00000004	/CN=Eric Young16
-V	980705233205Z		17	certs/00000004	/CN=Eric Young17
-V	961206150305Z		010C	unknown	/C=AU/SP=QLD/O=Mincom Pty. Ltd./OU=MTR/CN=Eric Young/Email=eay@mincom.oz.au
-V	961206153245Z		010D	unknown	/C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=Eric Young/Email=eay@mincom.oz.au
-V	970322074816Z		010E	unknown	/CN=Eric Young/Email=eay@mincom.oz.au
-V	970322075152Z		010F	unknown	/CN=Eric Young
-V	970322075906Z		0110	unknown	/CN=Eric Youngg
-V	970324092238Z		0111	unknown	/C=AU/SP=Queensland/CN=Eric Young
-V	970324221931Z		0112	unknown	/CN=Fred
-V	970324224934Z		0113	unknown	/C=AU/CN=eay
-V	971001005237Z		0114	unknown	/C=AU/SP=QLD/O=Mincom Pty Ltd/OU=MTR/CN=x509v3 test
-V	971001010331Z		0115	unknown	/C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=test again - x509v3
-V	971001013945Z		0117	unknown	/C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=x509v3 test
-V	971014225415Z		0118	unknown	/C=AU/SP=Queensland/CN=test
-V	971015004448Z		0119	unknown	/C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=test2
-V	971016035001Z		011A	unknown	/C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=test64
-V	971016080129Z		011B	unknown	/C=FR/O=ALCATEL/OU=Alcatel Mobile Phones/CN=bourque/Email=bourque@art.alcatel.fr
-V	971016224000Z		011D	unknown	/L=Bedford/O=Cranfield University/OU=Computer Centre/CN=Peter R Lister/Email=P.Lister@cranfield.ac.uk
diff --git a/deps/openssl/openssl/apps/demoCA/private/cakey.pem b/deps/openssl/openssl/apps/demoCA/private/cakey.pem
deleted file mode 100644
index 48fb18c7d80..00000000000
--- a/deps/openssl/openssl/apps/demoCA/private/cakey.pem
+++ /dev/null
@@ -1,24 +0,0 @@
-issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
-subject=/C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
------BEGIN X509 CERTIFICATE-----
-
-MIIBgjCCASwCAQQwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV
-BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MTAwOTIz
-MzIwNVoXDTk4MDcwNTIzMzIwNVowYDELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM
-RDEZMBcGA1UEChMQTWluY29tIFB0eS4gTHRkLjELMAkGA1UECxMCQ1MxGzAZBgNV
-BAMTElNTTGVheSBkZW1vIHNlcnZlcjBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQC3
-LCXcScWua0PFLkHBLm2VejqpA1F4RQ8q0VjRiPafjx/Z/aWH3ipdMVvuJGa/wFXb
-/nDFLDlfWp+oCPwhBtVPAgMBAAEwDQYJKoZIhvcNAQEEBQADQQArNFsihWIjBzb0
-DCsU0BvL2bvSwJrPEqFlkDq3F4M6EGutL9axEcANWgbbEdAvNJD1dmEmoWny27Pn
-IMs6ZOZB
------END X509 CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-
-MIIBPAIBAAJBALcsJdxJxa5rQ8UuQcEubZV6OqkDUXhFDyrRWNGI9p+PH9n9pYfe
-Kl0xW+4kZr/AVdv+cMUsOV9an6gI/CEG1U8CAwEAAQJAXJMBZ34ZXHd1vtgL/3hZ
-hexKbVTx/djZO4imXO/dxPGRzG2ylYZpHmG32/T1kaHpZlCHoEPgHoSzmxYXfxjG
-sQIhAPmZ/bQOjmRUHM/VM2X5zrjjM6z18R1P6l3ObFwt9FGdAiEAu943Yh9SqMRw
-tL0xHGxKmM/YJueUw1gB6sLkETN71NsCIQCeT3RhoqXfrpXDoEcEU+gwzjI1bpxq
-agiNTOLfqGoA5QIhAIQFYjgzONxex7FLrsKBm16N2SFl5pXsN9SpRqqL2n63AiEA
-g9VNIQ3xwpw7og3IbONifeku+J9qGMGQJMKwSTwrFtI=
------END RSA PRIVATE KEY-----
diff --git a/deps/openssl/openssl/apps/demoCA/serial b/deps/openssl/openssl/apps/demoCA/serial
deleted file mode 100644
index 69fa0ffe28e..00000000000
--- a/deps/openssl/openssl/apps/demoCA/serial
+++ /dev/null
@@ -1 +0,0 @@
-011E
diff --git a/deps/openssl/openssl/apps/dgst.c b/deps/openssl/openssl/apps/dgst.c
deleted file mode 100644
index 9bf38ce73b7..00000000000
--- a/deps/openssl/openssl/apps/dgst.c
+++ /dev/null
@@ -1,632 +0,0 @@
-/* apps/dgst.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include 
-#include 
-#include 
-#include "apps.h"
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-
-#undef BUFSIZE
-#define BUFSIZE	1024*8
-
-#undef PROG
-#define PROG	dgst_main
-
-int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
-	  EVP_PKEY *key, unsigned char *sigin, int siglen,
-	  const char *sig_name, const char *md_name,
-	  const char *file,BIO *bmd);
-
-static void list_md_fn(const EVP_MD *m,
-			const char *from, const char *to, void *arg)
-	{
-	const char *mname;
-	/* Skip aliases */
-	if (!m)
-		return;
-	mname = OBJ_nid2ln(EVP_MD_type(m));
-	/* Skip shortnames */
-	if (strcmp(from, mname))
-		return;
-	/* Skip clones */
-	if (EVP_MD_flags(m) & EVP_MD_FLAG_PKEY_DIGEST)
-		return;
-	if (strchr(mname, ' '))
-		mname= EVP_MD_name(m);
-	BIO_printf(arg, "-%-14s to use the %s message digest algorithm\n",
-			mname, mname);
-	}
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	ENGINE *e = NULL;
-	unsigned char *buf=NULL;
-	int i,err=1;
-	const EVP_MD *md=NULL,*m;
-	BIO *in=NULL,*inp;
-	BIO *bmd=NULL;
-	BIO *out = NULL;
-#define PROG_NAME_SIZE  39
-	char pname[PROG_NAME_SIZE+1];
-	int separator=0;
-	int debug=0;
-	int keyform=FORMAT_PEM;
-	const char *outfile = NULL, *keyfile = NULL;
-	const char *sigfile = NULL, *randfile = NULL;
-	int out_bin = -1, want_pub = 0, do_verify = 0;
-	EVP_PKEY *sigkey = NULL;
-	unsigned char *sigbuf = NULL;
-	int siglen = 0;
-	char *passargin = NULL, *passin = NULL;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-	char *hmac_key=NULL;
-	char *mac_name=NULL;
-	STACK_OF(OPENSSL_STRING) *sigopts = NULL, *macopts = NULL;
-
-	apps_startup();
-
-	if ((buf=(unsigned char *)OPENSSL_malloc(BUFSIZE)) == NULL)
-		{
-		BIO_printf(bio_err,"out of memory\n");
-		goto end;
-		}
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	/* first check the program name */
-	program_name(argv[0],pname,sizeof pname);
-
-	md=EVP_get_digestbyname(pname);
-
-	argc--;
-	argv++;
-	while (argc > 0)
-		{
-		if ((*argv)[0] != '-') break;
-		if (strcmp(*argv,"-c") == 0)
-			separator=1;
-		else if (strcmp(*argv,"-r") == 0)
-			separator=2;
-		else if (strcmp(*argv,"-rand") == 0)
-			{
-			if (--argc < 1) break;
-			randfile=*(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) break;
-			outfile=*(++argv);
-			}
-		else if (strcmp(*argv,"-sign") == 0)
-			{
-			if (--argc < 1) break;
-			keyfile=*(++argv);
-			}
-		else if (!strcmp(*argv,"-passin"))
-			{
-			if (--argc < 1)
-				break;
-			passargin=*++argv;
-			}
-		else if (strcmp(*argv,"-verify") == 0)
-			{
-			if (--argc < 1) break;
-			keyfile=*(++argv);
-			want_pub = 1;
-			do_verify = 1;
-			}
-		else if (strcmp(*argv,"-prverify") == 0)
-			{
-			if (--argc < 1) break;
-			keyfile=*(++argv);
-			do_verify = 1;
-			}
-		else if (strcmp(*argv,"-signature") == 0)
-			{
-			if (--argc < 1) break;
-			sigfile=*(++argv);
-			}
-		else if (strcmp(*argv,"-keyform") == 0)
-			{
-			if (--argc < 1) break;
-			keyform=str2fmt(*(++argv));
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) break;
-			engine= *(++argv);
-        		e = setup_engine(bio_err, engine, 0);
-			}
-#endif
-		else if (strcmp(*argv,"-hex") == 0)
-			out_bin = 0;
-		else if (strcmp(*argv,"-binary") == 0)
-			out_bin = 1;
-		else if (strcmp(*argv,"-d") == 0)
-			debug=1;
-		else if (!strcmp(*argv,"-hmac"))
-			{
-			if (--argc < 1)
-				break;
-			hmac_key=*++argv;
-			}
-		else if (!strcmp(*argv,"-mac"))
-			{
-			if (--argc < 1)
-				break;
-			mac_name=*++argv;
-			}
-		else if (strcmp(*argv,"-sigopt") == 0)
-			{
-			if (--argc < 1)
-				break;
-			if (!sigopts)
-				sigopts = sk_OPENSSL_STRING_new_null();
-			if (!sigopts || !sk_OPENSSL_STRING_push(sigopts, *(++argv)))
-				break;
-			}
-		else if (strcmp(*argv,"-macopt") == 0)
-			{
-			if (--argc < 1)
-				break;
-			if (!macopts)
-				macopts = sk_OPENSSL_STRING_new_null();
-			if (!macopts || !sk_OPENSSL_STRING_push(macopts, *(++argv)))
-				break;
-			}
-		else if ((m=EVP_get_digestbyname(&((*argv)[1]))) != NULL)
-			md=m;
-		else
-			break;
-		argc--;
-		argv++;
-		}
-
-
-	if(do_verify && !sigfile) {
-		BIO_printf(bio_err, "No signature to verify: use the -signature option\n");
-		goto end;
-	}
-
-	if ((argc > 0) && (argv[0][0] == '-')) /* bad option */
-		{
-		BIO_printf(bio_err,"unknown option '%s'\n",*argv);
-		BIO_printf(bio_err,"options are\n");
-		BIO_printf(bio_err,"-c              to output the digest with separating colons\n");
-		BIO_printf(bio_err,"-r              to output the digest in coreutils format\n");
-		BIO_printf(bio_err,"-d              to output debug info\n");
-		BIO_printf(bio_err,"-hex            output as hex dump\n");
-		BIO_printf(bio_err,"-binary         output in binary form\n");
-		BIO_printf(bio_err,"-sign   file    sign digest using private key in file\n");
-		BIO_printf(bio_err,"-verify file    verify a signature using public key in file\n");
-		BIO_printf(bio_err,"-prverify file  verify a signature using private key in file\n");
-		BIO_printf(bio_err,"-keyform arg    key file format (PEM or ENGINE)\n");
-		BIO_printf(bio_err,"-out filename   output to filename rather than stdout\n");
-		BIO_printf(bio_err,"-signature file signature to verify\n");
-		BIO_printf(bio_err,"-sigopt nm:v    signature parameter\n");
-		BIO_printf(bio_err,"-hmac key       create hashed MAC with key\n");
-		BIO_printf(bio_err,"-mac algorithm  create MAC (not neccessarily HMAC)\n"); 
-		BIO_printf(bio_err,"-macopt nm:v    MAC algorithm parameters or key\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err,"-engine e       use engine e, possibly a hardware device.\n");
-#endif
-
-		EVP_MD_do_all_sorted(list_md_fn, bio_err);
-		goto end;
-		}
-
-	in=BIO_new(BIO_s_file());
-	bmd=BIO_new(BIO_f_md());
-	if (debug)
-		{
-		BIO_set_callback(in,BIO_debug_callback);
-		/* needed for windows 3.1 */
-		BIO_set_callback_arg(in,(char *)bio_err);
-		}
-
-	if(!app_passwd(bio_err, passargin, NULL, &passin, NULL))
-		{
-		BIO_printf(bio_err, "Error getting password\n");
-		goto end;
-		}
-
-	if ((in == NULL) || (bmd == NULL))
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if(out_bin == -1) {
-		if(keyfile)
-			out_bin = 1;
-		else
-			out_bin = 0;
-	}
-
-	if(randfile)
-		app_RAND_load_file(randfile, bio_err, 0);
-
-	if(outfile) {
-		if(out_bin)
-			out = BIO_new_file(outfile, "wb");
-		else    out = BIO_new_file(outfile, "w");
-	} else {
-		out = BIO_new_fp(stdout, BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-	}
-
-	if(!out) {
-		BIO_printf(bio_err, "Error opening output file %s\n", 
-					outfile ? outfile : "(stdout)");
-		ERR_print_errors(bio_err);
-		goto end;
-	}
-	if ((!!mac_name + !!keyfile + !!hmac_key) > 1)
-		{
-		BIO_printf(bio_err, "MAC and Signing key cannot both be specified\n");
-		goto end;
-		}
-
-	if(keyfile)
-		{
-		if (want_pub)
-			sigkey = load_pubkey(bio_err, keyfile, keyform, 0, NULL,
-				e, "key file");
-		else
-			sigkey = load_key(bio_err, keyfile, keyform, 0, passin,
-				e, "key file");
-		if (!sigkey)
-			{
-			/* load_[pub]key() has already printed an appropriate
-			   message */
-			goto end;
-			}
-		}
-
-	if (mac_name)
-		{
-		EVP_PKEY_CTX *mac_ctx = NULL;
-		int r = 0;
-		if (!init_gen_str(bio_err, &mac_ctx, mac_name,e, 0))
-			goto mac_end;
-		if (macopts)
-			{
-			char *macopt;
-			for (i = 0; i < sk_OPENSSL_STRING_num(macopts); i++)
-				{
-				macopt = sk_OPENSSL_STRING_value(macopts, i);
-				if (pkey_ctrl_string(mac_ctx, macopt) <= 0)
-					{
-					BIO_printf(bio_err,
-						"MAC parameter error \"%s\"\n",
-						macopt);
-					ERR_print_errors(bio_err);
-					goto mac_end;
-					}
-				}
-			}
-		if (EVP_PKEY_keygen(mac_ctx, &sigkey) <= 0)
-			{
-			BIO_puts(bio_err, "Error generating key\n");
-			ERR_print_errors(bio_err);
-			goto mac_end;
-			}
-		r = 1;
-		mac_end:
-		if (mac_ctx)
-			EVP_PKEY_CTX_free(mac_ctx);
-		if (r == 0)
-			goto end;
-		}
-
-	if (hmac_key)
-		{
-		sigkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, e,
-					(unsigned char *)hmac_key, -1);
-		if (!sigkey)
-			goto end;
-		}
-
-	if (sigkey)
-		{
-		EVP_MD_CTX *mctx = NULL;
-		EVP_PKEY_CTX *pctx = NULL;
-		int r;
-		if (!BIO_get_md_ctx(bmd, &mctx))
-			{
-			BIO_printf(bio_err, "Error getting context\n");
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		if (do_verify)
-			r = EVP_DigestVerifyInit(mctx, &pctx, md, e, sigkey);
-		else
-			r = EVP_DigestSignInit(mctx, &pctx, md, e, sigkey);
-		if (!r)
-			{
-			BIO_printf(bio_err, "Error setting context\n");
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		if (sigopts)
-			{
-			char *sigopt;
-			for (i = 0; i < sk_OPENSSL_STRING_num(sigopts); i++)
-				{
-				sigopt = sk_OPENSSL_STRING_value(sigopts, i);
-				if (pkey_ctrl_string(pctx, sigopt) <= 0)
-					{
-					BIO_printf(bio_err,
-						"parameter error \"%s\"\n",
-						sigopt);
-					ERR_print_errors(bio_err);
-					goto end;
-					}
-				}
-			}
-		}
-	/* we use md as a filter, reading from 'in' */
-	else
-		{
-		if (md == NULL)
-			md = EVP_md5(); 
-		if (!BIO_set_md(bmd,md))
-			{
-			BIO_printf(bio_err, "Error setting digest %s\n", pname);
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		}
-
-	if(sigfile && sigkey) {
-		BIO *sigbio;
-		sigbio = BIO_new_file(sigfile, "rb");
-		siglen = EVP_PKEY_size(sigkey);
-		sigbuf = OPENSSL_malloc(siglen);
-		if(!sigbio) {
-			BIO_printf(bio_err, "Error opening signature file %s\n",
-								sigfile);
-			ERR_print_errors(bio_err);
-			goto end;
-		}
-		siglen = BIO_read(sigbio, sigbuf, siglen);
-		BIO_free(sigbio);
-		if(siglen <= 0) {
-			BIO_printf(bio_err, "Error reading signature file %s\n",
-								sigfile);
-			ERR_print_errors(bio_err);
-			goto end;
-		}
-	}
-	inp=BIO_push(bmd,in);
-
-	if (md == NULL)
-		{
-		EVP_MD_CTX *tctx;
-		BIO_get_md_ctx(bmd, &tctx);
-		md = EVP_MD_CTX_md(tctx);
-		}
-
-	if (argc == 0)
-		{
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-		err=do_fp(out, buf,inp,separator, out_bin, sigkey, sigbuf,
-			  siglen,NULL,NULL,"stdin",bmd);
-		}
-	else
-		{
-		const char *md_name = NULL, *sig_name = NULL;
-		if(!out_bin)
-			{
-			if (sigkey)
-				{
-				const EVP_PKEY_ASN1_METHOD *ameth;
-				ameth = EVP_PKEY_get0_asn1(sigkey);
-				if (ameth)
-					EVP_PKEY_asn1_get0_info(NULL, NULL,
-						NULL, NULL, &sig_name, ameth);
-				}
-			md_name = EVP_MD_name(md);
-			}
-		err = 0;
-		for (i=0; i 0)
-			BIO_printf(out, "Verified OK\n");
-		else if(i == 0)
-			{
-			BIO_printf(out, "Verification Failure\n");
-			return 1;
-			}
-		else
-			{
-			BIO_printf(bio_err, "Error Verifying Data\n");
-			ERR_print_errors(bio_err);
-			return 1;
-			}
-		return 0;
-		}
-	if(key)
-		{
-		EVP_MD_CTX *ctx;
-		BIO_get_md_ctx(bp, &ctx);
-		len = BUFSIZE;
-		if(!EVP_DigestSignFinal(ctx, buf, &len)) 
-			{
-			BIO_printf(bio_err, "Error Signing Data\n");
-			ERR_print_errors(bio_err);
-			return 1;
-			}
-		}
-	else
-		{
-		len=BIO_gets(bp,(char *)buf,BUFSIZE);
-		if ((int)len <0)
-			{
-			ERR_print_errors(bio_err);
-			return 1;
-			}
-		}
-
-	if(binout) BIO_write(out, buf, len);
-	else if (sep == 2)
-		{
-		for (i=0; i<(int)len; i++)
-			BIO_printf(out, "%02x",buf[i]);
-		BIO_printf(out, " *%s\n", file);
-		}
-	else 
-		{
-		if (sig_name)
-			BIO_printf(out, "%s-%s(%s)= ", sig_name, md_name, file);
-		else if (md_name)
-			BIO_printf(out, "%s(%s)= ", md_name, file);
-		else
-			BIO_printf(out, "(%s)= ", file);
-		for (i=0; i<(int)len; i++)
-			{
-			if (sep && (i != 0))
-				BIO_printf(out, ":");
-			BIO_printf(out, "%02x",buf[i]);
-			}
-		BIO_printf(out, "\n");
-		}
-	return 0;
-	}
-
diff --git a/deps/openssl/openssl/apps/dh.c b/deps/openssl/openssl/apps/dh.c
deleted file mode 100644
index dee9c01fcec..00000000000
--- a/deps/openssl/openssl/apps/dh.c
+++ /dev/null
@@ -1,355 +0,0 @@
-/* apps/dh.c */
-/* obsoleted by dhparam.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include 	/* for OPENSSL_NO_DH */
-#ifndef OPENSSL_NO_DH
-#include 
-#include 
-#include 
-#include 
-#include "apps.h"
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-
-#undef PROG
-#define PROG	dh_main
-
-/* -inform arg	- input format - default PEM (DER or PEM)
- * -outform arg - output format - default PEM
- * -in arg	- input file - default stdin
- * -out arg	- output file - default stdout
- * -check	- check the parameters are ok
- * -noout
- * -text
- * -C
- */
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	DH *dh=NULL;
-	int i,badops=0,text=0;
-	BIO *in=NULL,*out=NULL;
-	int informat,outformat,check=0,noout=0,C=0,ret=1;
-	char *infile,*outfile,*prog;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine;
-#endif
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-#ifndef OPENSSL_NO_ENGINE
-	engine=NULL;
-#endif
-	infile=NULL;
-	outfile=NULL;
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
-
-	prog=argv[0];
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
-			}
-#endif
-		else if (strcmp(*argv,"-check") == 0)
-			check=1;
-		else if (strcmp(*argv,"-text") == 0)
-			text=1;
-		else if (strcmp(*argv,"-C") == 0)
-			C=1;
-		else if (strcmp(*argv,"-noout") == 0)
-			noout=1;
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options] outfile\n",prog);
-		BIO_printf(bio_err,"where options are\n");
-		BIO_printf(bio_err," -inform arg   input format - one of DER PEM\n");
-		BIO_printf(bio_err," -outform arg  output format - one of DER PEM\n");
-		BIO_printf(bio_err," -in arg       input file\n");
-		BIO_printf(bio_err," -out arg      output file\n");
-		BIO_printf(bio_err," -check        check the DH parameters\n");
-		BIO_printf(bio_err," -text         print a text form of the DH parameters\n");
-		BIO_printf(bio_err," -C            Output C code\n");
-		BIO_printf(bio_err," -noout        no output\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," -engine e     use engine e, possibly a hardware device.\n");
-#endif
-		goto end;
-		}
-
-	ERR_load_crypto_strings();
-
-#ifndef OPENSSL_NO_ENGINE
-        setup_engine(bio_err, engine, 0);
-#endif
-
-	in=BIO_new(BIO_s_file());
-	out=BIO_new(BIO_s_file());
-	if ((in == NULL) || (out == NULL))
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (infile == NULL)
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(in,infile) <= 0)
-			{
-			perror(infile);
-			goto end;
-			}
-		}
-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
-			perror(outfile);
-			goto end;
-			}
-		}
-
-	if	(informat == FORMAT_ASN1)
-		dh=d2i_DHparams_bio(in,NULL);
-	else if (informat == FORMAT_PEM)
-		dh=PEM_read_bio_DHparams(in,NULL,NULL,NULL);
-	else
-		{
-		BIO_printf(bio_err,"bad input format specified\n");
-		goto end;
-		}
-	if (dh == NULL)
-		{
-		BIO_printf(bio_err,"unable to load DH parameters\n");
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	
-
-	if (text)
-		{
-		DHparams_print(out,dh);
-#ifdef undef
-		printf("p=");
-		BN_print(stdout,dh->p);
-		printf("\ng=");
-		BN_print(stdout,dh->g);
-		printf("\n");
-		if (dh->length != 0)
-			printf("recommended private length=%ld\n",dh->length);
-#endif
-		}
-	
-	if (check)
-		{
-		if (!DH_check(dh,&i))
-			{
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		if (i & DH_CHECK_P_NOT_PRIME)
-			printf("p value is not prime\n");
-		if (i & DH_CHECK_P_NOT_SAFE_PRIME)
-			printf("p value is not a safe prime\n");
-		if (i & DH_UNABLE_TO_CHECK_GENERATOR)
-			printf("unable to check the generator value\n");
-		if (i & DH_NOT_SUITABLE_GENERATOR)
-			printf("the g value is not a generator\n");
-		if (i == 0)
-			printf("DH parameters appear to be ok.\n");
-		}
-	if (C)
-		{
-		unsigned char *data;
-		int len,l,bits;
-
-		len=BN_num_bytes(dh->p);
-		bits=BN_num_bits(dh->p);
-		data=(unsigned char *)OPENSSL_malloc(len);
-		if (data == NULL)
-			{
-			perror("OPENSSL_malloc");
-			goto end;
-			}
-		l=BN_bn2bin(dh->p,data);
-		printf("static unsigned char dh%d_p[]={",bits);
-		for (i=0; ig,data);
-		printf("static unsigned char dh%d_g[]={",bits);
-		for (i=0; ip=BN_bin2bn(dh%d_p,sizeof(dh%d_p),NULL);\n",
-			bits,bits);
-		printf("\tdh->g=BN_bin2bn(dh%d_g,sizeof(dh%d_g),NULL);\n",
-			bits,bits);
-		printf("\tif ((dh->p == NULL) || (dh->g == NULL))\n");
-		printf("\t\treturn(NULL);\n");
-		printf("\treturn(dh);\n\t}\n");
-		OPENSSL_free(data);
-		}
-
-
-	if (!noout)
-		{
-		if 	(outformat == FORMAT_ASN1)
-			i=i2d_DHparams_bio(out,dh);
-		else if (outformat == FORMAT_PEM)
-			i=PEM_write_bio_DHparams(out,dh);
-		else	{
-			BIO_printf(bio_err,"bad output format specified for outfile\n");
-			goto end;
-			}
-		if (!i)
-			{
-			BIO_printf(bio_err,"unable to write DH parameters\n");
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		}
-	ret=0;
-end:
-	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free_all(out);
-	if (dh != NULL) DH_free(dh);
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-#else /* !OPENSSL_NO_DH */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/deps/openssl/openssl/apps/dh1024.pem b/deps/openssl/openssl/apps/dh1024.pem
deleted file mode 100644
index 6eaeca9b8eb..00000000000
--- a/deps/openssl/openssl/apps/dh1024.pem
+++ /dev/null
@@ -1,10 +0,0 @@
------BEGIN DH PARAMETERS-----
-MIGHAoGBAPSI/VhOSdvNILSd5JEHNmszbDgNRR0PfIizHHxbLY7288kjwEPwpVsY
-jY67VYy4XTjTNP18F1dDox0YbN4zISy1Kv884bEpQBgRjXyEpwpy1obEAxnIByl6
-ypUM2Zafq9AKUJsCRtMIPWakXUGfnHy9iUsiGSa6q6Jew1XpL3jHAgEC
------END DH PARAMETERS-----
-
-These are the 1024 bit DH parameters from "Assigned Number for SKIP Protocols"
-(http://www.skip-vpn.org/spec/numbers.html).
-See there for how they were generated.
-Note that g is not a generator, but this is not a problem since p is a safe prime.
diff --git a/deps/openssl/openssl/apps/dh2048.pem b/deps/openssl/openssl/apps/dh2048.pem
deleted file mode 100644
index dcd0b8d01b8..00000000000
--- a/deps/openssl/openssl/apps/dh2048.pem
+++ /dev/null
@@ -1,12 +0,0 @@
------BEGIN DH PARAMETERS-----
-MIIBCAKCAQEA9kJXtwh/CBdyorrWqULzBej5UxE5T7bxbrlLOCDaAadWoxTpj0BV
-89AHxstDqZSt90xkhkn4DIO9ZekX1KHTUPj1WV/cdlJPPT2N286Z4VeSWc39uK50
-T8X8dryDxUcwYc58yWb/Ffm7/ZFexwGq01uejaClcjrUGvC/RgBYK+X0iP1YTknb
-zSC0neSRBzZrM2w4DUUdD3yIsxx8Wy2O9vPJI8BD8KVbGI2Ou1WMuF040zT9fBdX
-Q6MdGGzeMyEstSr/POGxKUAYEY18hKcKctaGxAMZyAcpesqVDNmWn6vQClCbAkbT
-CD1mpF1Bn5x8vYlLIhkmuquiXsNV6TILOwIBAg==
------END DH PARAMETERS-----
-
-These are the 2048 bit DH parameters from "Assigned Number for SKIP Protocols"
-(http://www.skip-vpn.org/spec/numbers.html).
-See there for how they were generated.
diff --git a/deps/openssl/openssl/apps/dh4096.pem b/deps/openssl/openssl/apps/dh4096.pem
deleted file mode 100644
index 1b35ad8e62e..00000000000
--- a/deps/openssl/openssl/apps/dh4096.pem
+++ /dev/null
@@ -1,18 +0,0 @@
------BEGIN DH PARAMETERS-----
-MIICCAKCAgEA+hRyUsFN4VpJ1O8JLcCo/VWr19k3BCgJ4uk+d+KhehjdRqNDNyOQ
-l/MOyQNQfWXPeGKmOmIig6Ev/nm6Nf9Z2B1h3R4hExf+zTiHnvVPeRBhjdQi81rt
-Xeoh6TNrSBIKIHfUJWBh3va0TxxjQIs6IZOLeVNRLMqzeylWqMf49HsIXqbcokUS
-Vt1BkvLdW48j8PPv5DsKRN3tloTxqDJGo9tKvj1Fuk74A+Xda1kNhB7KFlqMyN98
-VETEJ6c7KpfOo30mnK30wqw3S8OtaIR/maYX72tGOno2ehFDkq3pnPtEbD2CScxc
-alJC+EL7RPk5c/tgeTvCngvc1KZn92Y//EI7G9tPZtylj2b56sHtMftIoYJ9+ODM
-sccD5Piz/rejE3Ome8EOOceUSCYAhXn8b3qvxVI1ddd1pED6FHRhFvLrZxFvBEM9
-ERRMp5QqOaHJkM+Dxv8Cj6MqrCbfC4u+ZErxodzuusgDgvZiLF22uxMZbobFWyte
-OvOzKGtwcTqO/1wV5gKkzu1ZVswVUQd5Gg8lJicwqRWyyNRczDDoG9jVDxmogKTH
-AaqLulO7R8Ifa1SwF2DteSGVtgWEN8gDpN3RBmmPTDngyF2DHb5qmpnznwtFKdTL
-KWbuHn491xNO25CQWMtem80uKw+pTnisBRF/454n1Jnhub144YRBoN8CAQI=
------END DH PARAMETERS-----
-
-These are the 4096 bit DH parameters from "Assigned Number for SKIP Protocols"
-(http://www.skip-vpn.org/spec/numbers.html).
-See there for how they were generated.
-Note that g is not a generator, but this is not a problem since p is a safe prime.
diff --git a/deps/openssl/openssl/apps/dh512.pem b/deps/openssl/openssl/apps/dh512.pem
deleted file mode 100644
index 200d16cd897..00000000000
--- a/deps/openssl/openssl/apps/dh512.pem
+++ /dev/null
@@ -1,9 +0,0 @@
------BEGIN DH PARAMETERS-----
-MEYCQQD1Kv884bEpQBgRjXyEpwpy1obEAxnIByl6ypUM2Zafq9AKUJsCRtMIPWak
-XUGfnHy9iUsiGSa6q6Jew1XpKgVfAgEC
------END DH PARAMETERS-----
-
-These are the 512 bit DH parameters from "Assigned Number for SKIP Protocols"
-(http://www.skip-vpn.org/spec/numbers.html).
-See there for how they were generated.
-Note that g is not a generator, but this is not a problem since p is a safe prime.
diff --git a/deps/openssl/openssl/apps/dhparam.c b/deps/openssl/openssl/apps/dhparam.c
deleted file mode 100644
index b47097cbb22..00000000000
--- a/deps/openssl/openssl/apps/dhparam.c
+++ /dev/null
@@ -1,560 +0,0 @@
-/* apps/dhparam.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include 	/* for OPENSSL_NO_DH */
-#ifndef OPENSSL_NO_DH
-#include 
-#include 
-#include 
-#include 
-#include "apps.h"
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-
-#ifndef OPENSSL_NO_DSA
-#include 
-#endif
-
-#undef PROG
-#define PROG	dhparam_main
-
-#define DEFBITS	512
-
-/* -inform arg	- input format - default PEM (DER or PEM)
- * -outform arg - output format - default PEM
- * -in arg	- input file - default stdin
- * -out arg	- output file - default stdout
- * -dsaparam  - read or generate DSA parameters, convert to DH
- * -check	- check the parameters are ok
- * -noout
- * -text
- * -C
- */
-
-static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb);
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	DH *dh=NULL;
-	int i,badops=0,text=0;
-#ifndef OPENSSL_NO_DSA
-	int dsaparam=0;
-#endif
-	BIO *in=NULL,*out=NULL;
-	int informat,outformat,check=0,noout=0,C=0,ret=1;
-	char *infile,*outfile,*prog;
-	char *inrand=NULL;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-	int num = 0, g = 0;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	infile=NULL;
-	outfile=NULL;
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
-
-	prog=argv[0];
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
-			}
-#endif
-		else if (strcmp(*argv,"-check") == 0)
-			check=1;
-		else if (strcmp(*argv,"-text") == 0)
-			text=1;
-#ifndef OPENSSL_NO_DSA
-		else if (strcmp(*argv,"-dsaparam") == 0)
-			dsaparam=1;
-#endif
-		else if (strcmp(*argv,"-C") == 0)
-			C=1;
-		else if (strcmp(*argv,"-noout") == 0)
-			noout=1;
-		else if (strcmp(*argv,"-2") == 0)
-			g=2;
-		else if (strcmp(*argv,"-5") == 0)
-			g=5;
-		else if (strcmp(*argv,"-rand") == 0)
-			{
-			if (--argc < 1) goto bad;
-			inrand= *(++argv);
-			}
-		else if (((sscanf(*argv,"%d",&num) == 0) || (num <= 0)))
-			goto bad;
-		argv++;
-		argc--;
-		}
-
-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options] [numbits]\n",prog);
-		BIO_printf(bio_err,"where options are\n");
-		BIO_printf(bio_err," -inform arg   input format - one of DER PEM\n");
-		BIO_printf(bio_err," -outform arg  output format - one of DER PEM\n");
-		BIO_printf(bio_err," -in arg       input file\n");
-		BIO_printf(bio_err," -out arg      output file\n");
-#ifndef OPENSSL_NO_DSA
-		BIO_printf(bio_err," -dsaparam     read or generate DSA parameters, convert to DH\n");
-#endif
-		BIO_printf(bio_err," -check        check the DH parameters\n");
-		BIO_printf(bio_err," -text         print a text form of the DH parameters\n");
-		BIO_printf(bio_err," -C            Output C code\n");
-		BIO_printf(bio_err," -2            generate parameters using  2 as the generator value\n");
-		BIO_printf(bio_err," -5            generate parameters using  5 as the generator value\n");
-		BIO_printf(bio_err," numbits       number of bits in to generate (default 512)\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," -engine e     use engine e, possibly a hardware device.\n");
-#endif
-		BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
-		BIO_printf(bio_err,"               - load the file (or the files in the directory) into\n");
-		BIO_printf(bio_err,"               the random number generator\n");
-		BIO_printf(bio_err," -noout        no output\n");
-		goto end;
-		}
-
-	ERR_load_crypto_strings();
-
-#ifndef OPENSSL_NO_ENGINE
-        setup_engine(bio_err, engine, 0);
-#endif
-
-	if (g && !num)
-		num = DEFBITS;
-
-#ifndef OPENSSL_NO_DSA
-	if (dsaparam)
-		{
-		if (g)
-			{
-			BIO_printf(bio_err, "generator may not be chosen for DSA parameters\n");
-			goto end;
-			}
-		}
-	else
-#endif
-		{
-		/* DH parameters */
-		if (num && !g)
-			g = 2;
-		}
-
-	if(num) {
-
-		BN_GENCB cb;
-		BN_GENCB_set(&cb, dh_cb, bio_err);
-		if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)
-			{
-			BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
-			}
-		if (inrand != NULL)
-			BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
-				app_RAND_load_files(inrand));
-
-#ifndef OPENSSL_NO_DSA
-		if (dsaparam)
-			{
-			DSA *dsa = DSA_new();
-			
-			BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num);
-			if(!dsa || !DSA_generate_parameters_ex(dsa, num,
-						NULL, 0, NULL, NULL, &cb))
-				{
-				if(dsa) DSA_free(dsa);
-				ERR_print_errors(bio_err);
-				goto end;
-				}
-
-			dh = DSA_dup_DH(dsa);
-			DSA_free(dsa);
-			if (dh == NULL)
-				{
-				ERR_print_errors(bio_err);
-				goto end;
-				}
-			}
-		else
-#endif
-			{
-			dh = DH_new();
-			BIO_printf(bio_err,"Generating DH parameters, %d bit long safe prime, generator %d\n",num,g);
-			BIO_printf(bio_err,"This is going to take a long time\n");
-			if(!dh || !DH_generate_parameters_ex(dh, num, g, &cb))
-				{
-				if(dh) DH_free(dh);
-				ERR_print_errors(bio_err);
-				goto end;
-				}
-			}
-
-		app_RAND_write_file(NULL, bio_err);
-	} else {
-
-		in=BIO_new(BIO_s_file());
-		if (in == NULL)
-			{
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		if (infile == NULL)
-			BIO_set_fp(in,stdin,BIO_NOCLOSE);
-		else
-			{
-			if (BIO_read_filename(in,infile) <= 0)
-				{
-				perror(infile);
-				goto end;
-				}
-			}
-
-		if	(informat != FORMAT_ASN1 && informat != FORMAT_PEM)
-			{
-			BIO_printf(bio_err,"bad input format specified\n");
-			goto end;
-			}
-
-#ifndef OPENSSL_NO_DSA
-		if (dsaparam)
-			{
-			DSA *dsa;
-			
-			if (informat == FORMAT_ASN1)
-				dsa=d2i_DSAparams_bio(in,NULL);
-			else /* informat == FORMAT_PEM */
-				dsa=PEM_read_bio_DSAparams(in,NULL,NULL,NULL);
-			
-			if (dsa == NULL)
-				{
-				BIO_printf(bio_err,"unable to load DSA parameters\n");
-				ERR_print_errors(bio_err);
-				goto end;
-				}
-			
-			dh = DSA_dup_DH(dsa);
-			DSA_free(dsa);
-			if (dh == NULL)
-				{
-				ERR_print_errors(bio_err);
-				goto end;
-				}
-			}
-		else
-#endif
-			{
-			if (informat == FORMAT_ASN1)
-				dh=d2i_DHparams_bio(in,NULL);
-			else /* informat == FORMAT_PEM */
-				dh=PEM_read_bio_DHparams(in,NULL,NULL,NULL);
-			
-			if (dh == NULL)
-				{
-				BIO_printf(bio_err,"unable to load DH parameters\n");
-				ERR_print_errors(bio_err);
-				goto end;
-				}
-			}
-		
-		/* dh != NULL */
-	}
-	
-	out=BIO_new(BIO_s_file());
-	if (out == NULL)
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
-			perror(outfile);
-			goto end;
-			}
-		}
-
-
-	if (text)
-		{
-		DHparams_print(out,dh);
-		}
-	
-	if (check)
-		{
-		if (!DH_check(dh,&i))
-			{
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		if (i & DH_CHECK_P_NOT_PRIME)
-			printf("p value is not prime\n");
-		if (i & DH_CHECK_P_NOT_SAFE_PRIME)
-			printf("p value is not a safe prime\n");
-		if (i & DH_UNABLE_TO_CHECK_GENERATOR)
-			printf("unable to check the generator value\n");
-		if (i & DH_NOT_SUITABLE_GENERATOR)
-			printf("the g value is not a generator\n");
-		if (i == 0)
-			printf("DH parameters appear to be ok.\n");
-		}
-	if (C)
-		{
-		unsigned char *data;
-		int len,l,bits;
-
-		len=BN_num_bytes(dh->p);
-		bits=BN_num_bits(dh->p);
-		data=(unsigned char *)OPENSSL_malloc(len);
-		if (data == NULL)
-			{
-			perror("OPENSSL_malloc");
-			goto end;
-			}
-		printf("#ifndef HEADER_DH_H\n"
-		       "#include \n"
-		       "#endif\n");
-		printf("DH *get_dh%d()\n\t{\n",bits);
-
-		l=BN_bn2bin(dh->p,data);
-		printf("\tstatic unsigned char dh%d_p[]={",bits);
-		for (i=0; ig,data);
-		printf("\tstatic unsigned char dh%d_g[]={",bits);
-		for (i=0; ip=BN_bin2bn(dh%d_p,sizeof(dh%d_p),NULL);\n",
-			bits,bits);
-		printf("\tdh->g=BN_bin2bn(dh%d_g,sizeof(dh%d_g),NULL);\n",
-			bits,bits);
-		printf("\tif ((dh->p == NULL) || (dh->g == NULL))\n");
-		printf("\t\t{ DH_free(dh); return(NULL); }\n");
-		if (dh->length)
-			printf("\tdh->length = %ld;\n", dh->length);
-		printf("\treturn(dh);\n\t}\n");
-		OPENSSL_free(data);
-		}
-
-
-	if (!noout)
-		{
-		if 	(outformat == FORMAT_ASN1)
-			i=i2d_DHparams_bio(out,dh);
-		else if (outformat == FORMAT_PEM)
-			i=PEM_write_bio_DHparams(out,dh);
-		else	{
-			BIO_printf(bio_err,"bad output format specified for outfile\n");
-			goto end;
-			}
-		if (!i)
-			{
-			BIO_printf(bio_err,"unable to write DH parameters\n");
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		}
-	ret=0;
-end:
-	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free_all(out);
-	if (dh != NULL) DH_free(dh);
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-
-/* dh_cb is identical to dsa_cb in apps/dsaparam.c */
-static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb)
-	{
-	char c='*';
-
-	if (p == 0) c='.';
-	if (p == 1) c='+';
-	if (p == 2) c='*';
-	if (p == 3) c='\n';
-	BIO_write(cb->arg,&c,1);
-	(void)BIO_flush(cb->arg);
-#ifdef LINT
-	p=n;
-#endif
-	return 1;
-	}
-
-#else /* !OPENSSL_NO_DH */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/deps/openssl/openssl/apps/dsa-ca.pem b/deps/openssl/openssl/apps/dsa-ca.pem
deleted file mode 100644
index cccc14208fc..00000000000
--- a/deps/openssl/openssl/apps/dsa-ca.pem
+++ /dev/null
@@ -1,40 +0,0 @@
------BEGIN DSA PRIVATE KEY-----
-MIIBugIBAAKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2GlrMV4FMuj+BZgnOQ
-PnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7OZq5riDb77Cjcwtel
-u+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR5HCVW1DNSQIVAPcH
-Me36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnlaG8w42nh5bNdmLso
-hkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6kQmdtvFNnFQPWAbu
-SXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15AlsQReVkusBtXOlan7Y
-Mu0OArgCgYAapll6iqz9XrZFlk2GCVcB+KihxWnH7IuHvSLw9YUrJahcBHmbpvt4
-94lF4gC5w3WPM+vXJofbusk4GoQEEsQNMDaah4m49uUqAylOVFJJJXuirVJ+o+0T
-tOFDITEAl+YZZariXOD7tdOSOl9RLMPC6+daHKS9e68u3enxhqnDGQIUB78dhW77
-J6zsFbSEHaQGUmfSeoM=
------END DSA PRIVATE KEY-----
------BEGIN CERTIFICATE REQUEST-----
-MIICUjCCAhECAQAwUjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
-ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDELMAkGA1UEAxMCQ0Ew
-ggG0MIIBKQYFKw4DAgwwggEeAoGBAKc/boW/QWopffCfRxkwkJoJHdpqMx7FPYaW
-sxXgUy6P4FmCc5A+dTGZR3pS+4Xk2aZ7OJtoioSbh8YetX6GS1NbWc9xZRmIbs5m
-rmuINvvsKNzC16W75Sw5JkvamnAYlTeVEFYj9hXtugRe3jlP/bdDH7WkZW/NgBHk
-cJVbUM1JAhUA9wcx7fpsBgPVhYocrJxl51BmZW8CgYBN30wDppGK9RlvUEYlmeVo
-bzDjaeHls12YuyiGSPzemQQ/X4gMnHMkDSBduSqaPxiWJ+Rih8F7dGJT/GEnqHqR
-CZ228U2cVA9YBu5JdAfOVX4jzhb2ytxaYQF+yXG1TfbcNCmHaPZeIJOz2/XkCWxB
-F5WS6wG1c6Vqftgy7Q4CuAOBhAACgYAapll6iqz9XrZFlk2GCVcB+KihxWnH7IuH
-vSLw9YUrJahcBHmbpvt494lF4gC5w3WPM+vXJofbusk4GoQEEsQNMDaah4m49uUq
-AylOVFJJJXuirVJ+o+0TtOFDITEAl+YZZariXOD7tdOSOl9RLMPC6+daHKS9e68u
-3enxhqnDGaAAMAkGBSsOAwIbBQADMAAwLQIVAJGVuFsG/0DBuSZ0jF7ypdU0/G0v
-AhQfeF5BoMMDbX/kidUVpQ6gadPlZA==
------END CERTIFICATE REQUEST-----
------BEGIN CERTIFICATE-----
-MIIBrjCCAWwCAQswCQYFKw4DAhsFADBTMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
-U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQww
-CgYDVQQDEwNQQ0EwHhcNOTcwNjE1MDIxNDI5WhcNOTcwNzE1MDIxNDI5WjBSMQsw
-CQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJu
-ZXQgV2lkZ2l0cyBQdHkgTHRkMQswCQYDVQQDEwJDQTCBkjAJBgUrDgMCDAUAA4GE
-AAKBgBqmWXqKrP1etkWWTYYJVwH4qKHFacfsi4e9IvD1hSslqFwEeZum+3j3iUXi
-ALnDdY8z69cmh9u6yTgahAQSxA0wNpqHibj25SoDKU5UUkkle6KtUn6j7RO04UMh
-MQCX5hllquJc4Pu105I6X1Esw8Lr51ocpL17ry7d6fGGqcMZMAkGBSsOAwIbBQAD
-MQAwLgIVAJ4wtQsANPxHo7Q4IQZYsL12SKdbAhUAjJ9n38zxT+iai2164xS+LIfa
-C1Q=
------END CERTIFICATE-----
-
diff --git a/deps/openssl/openssl/apps/dsa-pca.pem b/deps/openssl/openssl/apps/dsa-pca.pem
deleted file mode 100644
index d23774edd61..00000000000
--- a/deps/openssl/openssl/apps/dsa-pca.pem
+++ /dev/null
@@ -1,46 +0,0 @@
------BEGIN DSA PRIVATE KEY-----
-MIIBvAIBAAKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2GlrMV4FMuj+BZgnOQ
-PnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7OZq5riDb77Cjcwtel
-u+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR5HCVW1DNSQIVAPcH
-Me36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnlaG8w42nh5bNdmLso
-hkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6kQmdtvFNnFQPWAbu
-SXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15AlsQReVkusBtXOlan7Y
-Mu0OArgCgYEApu25HkB1b4gKMIV7aLGNSIknMzYgrB7o1kQxeDf34dDVRM9OZ8tk
-umz6tl+iUcNe5EoxdsYV1IXSddjOi08LOLsZq7AQlNnKvbtlmMDULpqkZJD0bO7A
-29nisJfKy1URqABLw5DgfcPh1ZLXtmDfUgJvmjgTmvTPT2j9TPjq7RUCFQDNvrBz
-6TicfImU7UFRn9h00j0lJQ==
------END DSA PRIVATE KEY-----
------BEGIN CERTIFICATE REQUEST-----
-MIICVTCCAhMCAQAwUzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
-ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEMMAoGA1UEAxMDUENB
-MIIBtTCCASkGBSsOAwIMMIIBHgKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2G
-lrMV4FMuj+BZgnOQPnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7O
-Zq5riDb77Cjcwtelu+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR
-5HCVW1DNSQIVAPcHMe36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnl
-aG8w42nh5bNdmLsohkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6
-kQmdtvFNnFQPWAbuSXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15Als
-QReVkusBtXOlan7YMu0OArgDgYUAAoGBAKbtuR5AdW+ICjCFe2ixjUiJJzM2IKwe
-6NZEMXg39+HQ1UTPTmfLZLps+rZfolHDXuRKMXbGFdSF0nXYzotPCzi7GauwEJTZ
-yr27ZZjA1C6apGSQ9GzuwNvZ4rCXystVEagAS8OQ4H3D4dWS17Zg31ICb5o4E5r0
-z09o/Uz46u0VoAAwCQYFKw4DAhsFAAMxADAuAhUArRubTxsbIXy3AhtjQ943AbNB
-nSICFQCu+g1iW3jwF+gOcbroD4S/ZcvB3w==
------END CERTIFICATE REQUEST-----
------BEGIN CERTIFICATE-----
-MIIC0zCCApECAQAwCQYFKw4DAhsFADBTMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
-U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQww
-CgYDVQQDEwNQQ0EwHhcNOTcwNjE0MjI1NDQ1WhcNOTcwNzE0MjI1NDQ1WjBTMQsw
-CQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJu
-ZXQgV2lkZ2l0cyBQdHkgTHRkMQwwCgYDVQQDEwNQQ0EwggG1MIIBKQYFKw4DAgww
-ggEeAoGBAKc/boW/QWopffCfRxkwkJoJHdpqMx7FPYaWsxXgUy6P4FmCc5A+dTGZ
-R3pS+4Xk2aZ7OJtoioSbh8YetX6GS1NbWc9xZRmIbs5mrmuINvvsKNzC16W75Sw5
-JkvamnAYlTeVEFYj9hXtugRe3jlP/bdDH7WkZW/NgBHkcJVbUM1JAhUA9wcx7fps
-BgPVhYocrJxl51BmZW8CgYBN30wDppGK9RlvUEYlmeVobzDjaeHls12YuyiGSPze
-mQQ/X4gMnHMkDSBduSqaPxiWJ+Rih8F7dGJT/GEnqHqRCZ228U2cVA9YBu5JdAfO
-VX4jzhb2ytxaYQF+yXG1TfbcNCmHaPZeIJOz2/XkCWxBF5WS6wG1c6Vqftgy7Q4C
-uAOBhQACgYEApu25HkB1b4gKMIV7aLGNSIknMzYgrB7o1kQxeDf34dDVRM9OZ8tk
-umz6tl+iUcNe5EoxdsYV1IXSddjOi08LOLsZq7AQlNnKvbtlmMDULpqkZJD0bO7A
-29nisJfKy1URqABLw5DgfcPh1ZLXtmDfUgJvmjgTmvTPT2j9TPjq7RUwCQYFKw4D
-AhsFAAMxADAuAhUAvtv6AkMolix1Jvy3UnVEIUqdCUICFQC+jq8P49mwrY9oJ24n
-5rKUjNBhSg==
------END CERTIFICATE-----
-
diff --git a/deps/openssl/openssl/apps/dsa.c b/deps/openssl/openssl/apps/dsa.c
deleted file mode 100644
index 5222487ab9c..00000000000
--- a/deps/openssl/openssl/apps/dsa.c
+++ /dev/null
@@ -1,376 +0,0 @@
-/* apps/dsa.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include 	/* for OPENSSL_NO_DSA */
-#ifndef OPENSSL_NO_DSA
-#include 
-#include 
-#include 
-#include 
-#include "apps.h"
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-
-#undef PROG
-#define PROG	dsa_main
-
-/* -inform arg	- input format - default PEM (one of DER, NET or PEM)
- * -outform arg - output format - default PEM
- * -in arg	- input file - default stdin
- * -out arg	- output file - default stdout
- * -des		- encrypt output if PEM format with DES in cbc mode
- * -des3	- encrypt output if PEM format
- * -idea	- encrypt output if PEM format
- * -aes128	- encrypt output if PEM format
- * -aes192	- encrypt output if PEM format
- * -aes256	- encrypt output if PEM format
- * -camellia128 - encrypt output if PEM format
- * -camellia192 - encrypt output if PEM format
- * -camellia256 - encrypt output if PEM format
- * -seed        - encrypt output if PEM format
- * -text	- print a text version
- * -modulus	- print the DSA public key
- */
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	ENGINE *e = NULL;
-	int ret=1;
-	DSA *dsa=NULL;
-	int i,badops=0;
-	const EVP_CIPHER *enc=NULL;
-	BIO *in=NULL,*out=NULL;
-	int informat,outformat,text=0,noout=0;
-	int pubin = 0, pubout = 0;
-	char *infile,*outfile,*prog;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine;
-#endif
-	char *passargin = NULL, *passargout = NULL;
-	char *passin = NULL, *passout = NULL;
-	int modulus=0;
-
-	int pvk_encr = 2;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-#ifndef OPENSSL_NO_ENGINE
-	engine=NULL;
-#endif
-	infile=NULL;
-	outfile=NULL;
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
-
-	prog=argv[0];
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-passin") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passargin= *(++argv);
-			}
-		else if (strcmp(*argv,"-passout") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passargout= *(++argv);
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
-			}
-#endif
-		else if (strcmp(*argv,"-pvk-strong") == 0)
-			pvk_encr=2;
-		else if (strcmp(*argv,"-pvk-weak") == 0)
-			pvk_encr=1;
-		else if (strcmp(*argv,"-pvk-none") == 0)
-			pvk_encr=0;
-		else if (strcmp(*argv,"-noout") == 0)
-			noout=1;
-		else if (strcmp(*argv,"-text") == 0)
-			text=1;
-		else if (strcmp(*argv,"-modulus") == 0)
-			modulus=1;
-		else if (strcmp(*argv,"-pubin") == 0)
-			pubin=1;
-		else if (strcmp(*argv,"-pubout") == 0)
-			pubout=1;
-		else if ((enc=EVP_get_cipherbyname(&(argv[0][1]))) == NULL)
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options] outfile\n",prog);
-		BIO_printf(bio_err,"where options are\n");
-		BIO_printf(bio_err," -inform arg     input format - DER or PEM\n");
-		BIO_printf(bio_err," -outform arg    output format - DER or PEM\n");
-		BIO_printf(bio_err," -in arg         input file\n");
-		BIO_printf(bio_err," -passin arg     input file pass phrase source\n");
-		BIO_printf(bio_err," -out arg        output file\n");
-		BIO_printf(bio_err," -passout arg    output file pass phrase source\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," -engine e       use engine e, possibly a hardware device.\n");
-#endif
-		BIO_printf(bio_err," -des            encrypt PEM output with cbc des\n");
-		BIO_printf(bio_err," -des3           encrypt PEM output with ede cbc des using 168 bit key\n");
-#ifndef OPENSSL_NO_IDEA
-		BIO_printf(bio_err," -idea           encrypt PEM output with cbc idea\n");
-#endif
-#ifndef OPENSSL_NO_AES
-		BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
-		BIO_printf(bio_err,"                 encrypt PEM output with cbc aes\n");
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-		BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n");
-		BIO_printf(bio_err,"                 encrypt PEM output with cbc camellia\n");
-#endif
-#ifndef OPENSSL_NO_SEED
-		BIO_printf(bio_err," -seed           encrypt PEM output with cbc seed\n");
-#endif
-		BIO_printf(bio_err," -text           print the key in text\n");
-		BIO_printf(bio_err," -noout          don't print key out\n");
-		BIO_printf(bio_err," -modulus        print the DSA public value\n");
-		goto end;
-		}
-
-	ERR_load_crypto_strings();
-
-#ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
-#endif
-
-	if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
-		BIO_printf(bio_err, "Error getting passwords\n");
-		goto end;
-	}
-
-	in=BIO_new(BIO_s_file());
-	out=BIO_new(BIO_s_file());
-	if ((in == NULL) || (out == NULL))
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (infile == NULL)
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(in,infile) <= 0)
-			{
-			perror(infile);
-			goto end;
-			}
-		}
-
-	BIO_printf(bio_err,"read DSA key\n");
-
-		{
-		EVP_PKEY	*pkey;
-
-		if (pubin)
-			pkey = load_pubkey(bio_err, infile, informat, 1,
-				passin, e, "Public Key");
-		else
-			pkey = load_key(bio_err, infile, informat, 1,
-				passin, e, "Private Key");
-
-		if (pkey)
-			{
-			dsa = EVP_PKEY_get1_DSA(pkey);
-			EVP_PKEY_free(pkey);
-			}
-		}
-	if (dsa == NULL)
-		{
-		BIO_printf(bio_err,"unable to load Key\n");
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
-			perror(outfile);
-			goto end;
-			}
-		}
-
-	if (text) 
-		if (!DSA_print(out,dsa,0))
-			{
-			perror(outfile);
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-
-	if (modulus)
-		{
-		fprintf(stdout,"Public Key=");
-		BN_print(out,dsa->pub_key);
-		fprintf(stdout,"\n");
-		}
-
-	if (noout) goto end;
-	BIO_printf(bio_err,"writing DSA key\n");
-	if 	(outformat == FORMAT_ASN1) {
-		if(pubin || pubout) i=i2d_DSA_PUBKEY_bio(out,dsa);
-		else i=i2d_DSAPrivateKey_bio(out,dsa);
-	} else if (outformat == FORMAT_PEM) {
-		if(pubin || pubout)
-			i=PEM_write_bio_DSA_PUBKEY(out,dsa);
-		else i=PEM_write_bio_DSAPrivateKey(out,dsa,enc,
-							NULL,0,NULL, passout);
-#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_RC4)
-	} else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) {
-		EVP_PKEY *pk;
-		pk = EVP_PKEY_new();
-		EVP_PKEY_set1_DSA(pk, dsa);
-		if (outformat == FORMAT_PVK)
-			i = i2b_PVK_bio(out, pk, pvk_encr, 0, passout);
-		else if (pubin || pubout)
-			i = i2b_PublicKey_bio(out, pk);
-		else
-			i = i2b_PrivateKey_bio(out, pk);
-		EVP_PKEY_free(pk);
-#endif
-	} else {
-		BIO_printf(bio_err,"bad output format specified for outfile\n");
-		goto end;
-		}
-	if (i <= 0)
-		{
-		BIO_printf(bio_err,"unable to write private key\n");
-		ERR_print_errors(bio_err);
-		}
-	else
-		ret=0;
-end:
-	if(in != NULL) BIO_free(in);
-	if(out != NULL) BIO_free_all(out);
-	if(dsa != NULL) DSA_free(dsa);
-	if(passin) OPENSSL_free(passin);
-	if(passout) OPENSSL_free(passout);
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-#else /* !OPENSSL_NO_DSA */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/deps/openssl/openssl/apps/dsa1024.pem b/deps/openssl/openssl/apps/dsa1024.pem
deleted file mode 100644
index 082dec38978..00000000000
--- a/deps/openssl/openssl/apps/dsa1024.pem
+++ /dev/null
@@ -1,9 +0,0 @@
------BEGIN DSA PARAMETERS-----
-MIIBHgKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2GlrMV4FMuj+BZgnOQPnUx
-mUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7OZq5riDb77Cjcwtelu+Us
-OSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR5HCVW1DNSQIVAPcHMe36
-bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnlaG8w42nh5bNdmLsohkj8
-3pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6kQmdtvFNnFQPWAbuSXQH
-zlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15AlsQReVkusBtXOlan7YMu0O
-Arg=
------END DSA PARAMETERS-----
diff --git a/deps/openssl/openssl/apps/dsa512.pem b/deps/openssl/openssl/apps/dsa512.pem
deleted file mode 100644
index 5f86d1a6e7e..00000000000
--- a/deps/openssl/openssl/apps/dsa512.pem
+++ /dev/null
@@ -1,6 +0,0 @@
------BEGIN DSA PARAMETERS-----
-MIGdAkEAnRtpjibb8isRcBmG9hnI+BnyGFOURgbQYlAzSwI8UjADizv5X9EkBk97
-TLqqQJv9luQ3M7stWtdaEUBmonZ9MQIVAPtT71C0QJIxVoZTeuiLIppJ+3GPAkEA
-gz6I5cWJc847bAFJv7PHnwrqRJHlMKrZvltftxDXibeOdPvPKR7rqCxUUbgQ3qDO
-L8wka5B33qJoplISogOdIA==
------END DSA PARAMETERS-----
diff --git a/deps/openssl/openssl/apps/dsap.pem b/deps/openssl/openssl/apps/dsap.pem
deleted file mode 100644
index d4dfdb3054f..00000000000
--- a/deps/openssl/openssl/apps/dsap.pem
+++ /dev/null
@@ -1,6 +0,0 @@
------BEGIN DSA PARAMETERS-----
-MIGcAkEA+ZiKEvZmc9MtnaFZh4NiZ3oZS4J1PHvPrm9MXj5ntVheDPkdmBDTncya
-GAJcMjwsyB/GvLDGd6yGCw/8eF+09wIVAK3VagOxGd/Q4Af5NbxR5FB7CXEjAkA2
-t/q7HgVLi0KeKvcDG8BRl3wuy7bCvpjgtWiJc/tpvcuzeuAayH89UofjAGueKjXD
-ADiRffvSdhrNw5dkqdql
------END DSA PARAMETERS-----
diff --git a/deps/openssl/openssl/apps/dsaparam.c b/deps/openssl/openssl/apps/dsaparam.c
deleted file mode 100644
index fe72c1d3dfa..00000000000
--- a/deps/openssl/openssl/apps/dsaparam.c
+++ /dev/null
@@ -1,479 +0,0 @@
-/* apps/dsaparam.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include 	/* for OPENSSL_NO_DSA */
-/* Until the key-gen callbacks are modified to use newer prototypes, we allow
- * deprecated functions for openssl-internal code */
-#ifdef OPENSSL_NO_DEPRECATED
-#undef OPENSSL_NO_DEPRECATED
-#endif
-
-#ifndef OPENSSL_NO_DSA
-#include 
-#include 
-#include 
-#include 
-#include 
-#include "apps.h"
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-
-#undef PROG
-#define PROG	dsaparam_main
-
-/* -inform arg	- input format - default PEM (DER or PEM)
- * -outform arg - output format - default PEM
- * -in arg	- input file - default stdin
- * -out arg	- output file - default stdout
- * -noout
- * -text
- * -C
- * -noout
- * -genkey
- *  #ifdef GENCB_TEST
- * -timebomb n  - interrupt keygen after  seconds
- *  #endif
- */
-
-#ifdef GENCB_TEST
-
-static int stop_keygen_flag = 0;
-
-static void timebomb_sigalarm(int foo)
-	{
-	stop_keygen_flag = 1;
-	}
-
-#endif
-
-static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *cb);
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	DSA *dsa=NULL;
-	int i,badops=0,text=0;
-	BIO *in=NULL,*out=NULL;
-	int informat,outformat,noout=0,C=0,ret=1;
-	char *infile,*outfile,*prog,*inrand=NULL;
-	int numbits= -1,num,genkey=0;
-	int need_rand=0;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-#ifdef GENCB_TEST
-	int timebomb=0;
-#endif
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	infile=NULL;
-	outfile=NULL;
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
-
-	prog=argv[0];
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if(strcmp(*argv, "-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine = *(++argv);
-			}
-#endif
-#ifdef GENCB_TEST
-		else if(strcmp(*argv, "-timebomb") == 0)
-			{
-			if (--argc < 1) goto bad;
-			timebomb = atoi(*(++argv));
-			}
-#endif
-		else if (strcmp(*argv,"-text") == 0)
-			text=1;
-		else if (strcmp(*argv,"-C") == 0)
-			C=1;
-		else if (strcmp(*argv,"-genkey") == 0)
-			{
-			genkey=1;
-			need_rand=1;
-			}
-		else if (strcmp(*argv,"-rand") == 0)
-			{
-			if (--argc < 1) goto bad;
-			inrand= *(++argv);
-			need_rand=1;
-			}
-		else if (strcmp(*argv,"-noout") == 0)
-			noout=1;
-		else if (sscanf(*argv,"%d",&num) == 1)
-			{
-			/* generate a key */
-			numbits=num;
-			need_rand=1;
-			}
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options] [bits] outfile\n",prog);
-		BIO_printf(bio_err,"where options are\n");
-		BIO_printf(bio_err," -inform arg   input format - DER or PEM\n");
-		BIO_printf(bio_err," -outform arg  output format - DER or PEM\n");
-		BIO_printf(bio_err," -in arg       input file\n");
-		BIO_printf(bio_err," -out arg      output file\n");
-		BIO_printf(bio_err," -text         print as text\n");
-		BIO_printf(bio_err," -C            Output C code\n");
-		BIO_printf(bio_err," -noout        no output\n");
-		BIO_printf(bio_err," -genkey       generate a DSA key\n");
-		BIO_printf(bio_err," -rand         files to use for random number input\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," -engine e     use engine e, possibly a hardware device.\n");
-#endif
-#ifdef GENCB_TEST
-		BIO_printf(bio_err," -timebomb n   interrupt keygen after  seconds\n");
-#endif
-		BIO_printf(bio_err," number        number of bits to use for generating private key\n");
-		goto end;
-		}
-
-	ERR_load_crypto_strings();
-
-	in=BIO_new(BIO_s_file());
-	out=BIO_new(BIO_s_file());
-	if ((in == NULL) || (out == NULL))
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (infile == NULL)
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(in,infile) <= 0)
-			{
-			perror(infile);
-			goto end;
-			}
-		}
-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
-			perror(outfile);
-			goto end;
-			}
-		}
-
-#ifndef OPENSSL_NO_ENGINE
-        setup_engine(bio_err, engine, 0);
-#endif
-
-	if (need_rand)
-		{
-		app_RAND_load_file(NULL, bio_err, (inrand != NULL));
-		if (inrand != NULL)
-			BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
-				app_RAND_load_files(inrand));
-		}
-
-	if (numbits > 0)
-		{
-		BN_GENCB cb;
-		BN_GENCB_set(&cb, dsa_cb, bio_err);
-		assert(need_rand);
-		dsa = DSA_new();
-		if(!dsa)
-			{
-			BIO_printf(bio_err,"Error allocating DSA object\n");
-			goto end;
-			}
-		BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num);
-	        BIO_printf(bio_err,"This could take some time\n");
-#ifdef GENCB_TEST
-		if(timebomb > 0)
-	{
-		struct sigaction act;
-		act.sa_handler = timebomb_sigalarm;
-		act.sa_flags = 0;
-		BIO_printf(bio_err,"(though I'll stop it if not done within %d secs)\n",
-				timebomb);
-		if(sigaction(SIGALRM, &act, NULL) != 0)
-			{
-			BIO_printf(bio_err,"Error, couldn't set SIGALRM handler\n");
-			goto end;
-			}
-		alarm(timebomb);
-	}
-#endif
-	        if(!DSA_generate_parameters_ex(dsa,num,NULL,0,NULL,NULL, &cb))
-			{
-#ifdef GENCB_TEST
-			if(stop_keygen_flag)
-				{
-				BIO_printf(bio_err,"DSA key generation time-stopped\n");
-				/* This is an asked-for behaviour! */
-				ret = 0;
-				goto end;
-				}
-#endif
-			BIO_printf(bio_err,"Error, DSA key generation failed\n");
-			goto end;
-			}
-		}
-	else if	(informat == FORMAT_ASN1)
-		dsa=d2i_DSAparams_bio(in,NULL);
-	else if (informat == FORMAT_PEM)
-		dsa=PEM_read_bio_DSAparams(in,NULL,NULL,NULL);
-	else
-		{
-		BIO_printf(bio_err,"bad input format specified\n");
-		goto end;
-		}
-	if (dsa == NULL)
-		{
-		BIO_printf(bio_err,"unable to load DSA parameters\n");
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (text)
-		{
-		DSAparams_print(out,dsa);
-		}
-	
-	if (C)
-		{
-		unsigned char *data;
-		int l,len,bits_p;
-
-		len=BN_num_bytes(dsa->p);
-		bits_p=BN_num_bits(dsa->p);
-		data=(unsigned char *)OPENSSL_malloc(len+20);
-		if (data == NULL)
-			{
-			perror("OPENSSL_malloc");
-			goto end;
-			}
-		l=BN_bn2bin(dsa->p,data);
-		printf("static unsigned char dsa%d_p[]={",bits_p);
-		for (i=0; iq,data);
-		printf("static unsigned char dsa%d_q[]={",bits_p);
-		for (i=0; ig,data);
-		printf("static unsigned char dsa%d_g[]={",bits_p);
-		for (i=0; ip=BN_bin2bn(dsa%d_p,sizeof(dsa%d_p),NULL);\n",
-			bits_p,bits_p);
-		printf("\tdsa->q=BN_bin2bn(dsa%d_q,sizeof(dsa%d_q),NULL);\n",
-			bits_p,bits_p);
-		printf("\tdsa->g=BN_bin2bn(dsa%d_g,sizeof(dsa%d_g),NULL);\n",
-			bits_p,bits_p);
-		printf("\tif ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))\n");
-		printf("\t\t{ DSA_free(dsa); return(NULL); }\n");
-		printf("\treturn(dsa);\n\t}\n");
-		}
-
-
-	if (!noout)
-		{
-		if 	(outformat == FORMAT_ASN1)
-			i=i2d_DSAparams_bio(out,dsa);
-		else if (outformat == FORMAT_PEM)
-			i=PEM_write_bio_DSAparams(out,dsa);
-		else	{
-			BIO_printf(bio_err,"bad output format specified for outfile\n");
-			goto end;
-			}
-		if (!i)
-			{
-			BIO_printf(bio_err,"unable to write DSA parameters\n");
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		}
-	if (genkey)
-		{
-		DSA *dsakey;
-
-		assert(need_rand);
-		if ((dsakey=DSAparams_dup(dsa)) == NULL) goto end;
-		if (!DSA_generate_key(dsakey)) goto end;
-		if 	(outformat == FORMAT_ASN1)
-			i=i2d_DSAPrivateKey_bio(out,dsakey);
-		else if (outformat == FORMAT_PEM)
-			i=PEM_write_bio_DSAPrivateKey(out,dsakey,NULL,NULL,0,NULL,NULL);
-		else	{
-			BIO_printf(bio_err,"bad output format specified for outfile\n");
-			goto end;
-			}
-		DSA_free(dsakey);
-		}
-	if (need_rand)
-		app_RAND_write_file(NULL, bio_err);
-	ret=0;
-end:
-	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free_all(out);
-	if (dsa != NULL) DSA_free(dsa);
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-
-static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *cb)
-	{
-	char c='*';
-
-	if (p == 0) c='.';
-	if (p == 1) c='+';
-	if (p == 2) c='*';
-	if (p == 3) c='\n';
-	BIO_write(cb->arg,&c,1);
-	(void)BIO_flush(cb->arg);
-#ifdef LINT
-	p=n;
-#endif
-#ifdef GENCB_TEST
-	if(stop_keygen_flag)
-		return 0;
-#endif
-	return 1;
-	}
-#else /* !OPENSSL_NO_DSA */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/deps/openssl/openssl/apps/ec.c b/deps/openssl/openssl/apps/ec.c
deleted file mode 100644
index 896eabc13fb..00000000000
--- a/deps/openssl/openssl/apps/ec.c
+++ /dev/null
@@ -1,406 +0,0 @@
-/* apps/ec.c */
-/*
- * Written by Nils Larsch for the OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include 
-#ifndef OPENSSL_NO_EC
-#include 
-#include 
-#include 
-#include "apps.h"
-#include 
-#include 
-#include 
-#include 
-
-#undef PROG
-#define PROG	ec_main
-
-/* -inform arg    - input format - default PEM (one of DER, NET or PEM)
- * -outform arg   - output format - default PEM
- * -in arg        - input file - default stdin
- * -out arg       - output file - default stdout
- * -des           - encrypt output if PEM format with DES in cbc mode
- * -text          - print a text version
- * -param_out     - print the elliptic curve parameters
- * -conv_form arg - specifies the point encoding form
- * -param_enc arg - specifies the parameter encoding
- */
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-{
-	int 	ret = 1;
-	EC_KEY 	*eckey = NULL;
-	const EC_GROUP *group;
-	int 	i, badops = 0;
-	const EVP_CIPHER *enc = NULL;
-	BIO 	*in = NULL, *out = NULL;
-	int 	informat, outformat, text=0, noout=0;
-	int  	pubin = 0, pubout = 0, param_out = 0;
-	char 	*infile, *outfile, *prog, *engine;
-	char 	*passargin = NULL, *passargout = NULL;
-	char 	*passin = NULL, *passout = NULL;
-	point_conversion_form_t form = POINT_CONVERSION_UNCOMPRESSED;
-	int	new_form = 0;
-	int	asn1_flag = OPENSSL_EC_NAMED_CURVE;
-	int 	new_asn1_flag = 0;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err, stderr, BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	engine = NULL;
-	infile = NULL;
-	outfile = NULL;
-	informat = FORMAT_PEM;
-	outformat = FORMAT_PEM;
-
-	prog = argv[0];
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if (strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-passin") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passargin= *(++argv);
-			}
-		else if (strcmp(*argv,"-passout") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passargout= *(++argv);
-			}
-		else if (strcmp(*argv, "-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
-			}
-		else if (strcmp(*argv, "-noout") == 0)
-			noout = 1;
-		else if (strcmp(*argv, "-text") == 0)
-			text = 1;
-		else if (strcmp(*argv, "-conv_form") == 0)
-			{
-			if (--argc < 1)
-				goto bad;
-			++argv;
-			new_form = 1;
-			if (strcmp(*argv, "compressed") == 0)
-				form = POINT_CONVERSION_COMPRESSED;
-			else if (strcmp(*argv, "uncompressed") == 0)
-				form = POINT_CONVERSION_UNCOMPRESSED;
-			else if (strcmp(*argv, "hybrid") == 0)
-				form = POINT_CONVERSION_HYBRID;
-			else
-				goto bad;
-			}
-		else if (strcmp(*argv, "-param_enc") == 0)
-			{
-			if (--argc < 1)
-				goto bad;
-			++argv;
-			new_asn1_flag = 1;
-			if (strcmp(*argv, "named_curve") == 0)
-				asn1_flag = OPENSSL_EC_NAMED_CURVE;
-			else if (strcmp(*argv, "explicit") == 0)
-				asn1_flag = 0;
-			else
-				goto bad;
-			}
-		else if (strcmp(*argv, "-param_out") == 0)
-			param_out = 1;
-		else if (strcmp(*argv, "-pubin") == 0)
-			pubin=1;
-		else if (strcmp(*argv, "-pubout") == 0)
-			pubout=1;
-		else if ((enc=EVP_get_cipherbyname(&(argv[0][1]))) == NULL)
-			{
-			BIO_printf(bio_err, "unknown option %s\n", *argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err, "%s [options] outfile\n", prog);
-		BIO_printf(bio_err, "where options are\n");
-		BIO_printf(bio_err, " -inform arg     input format - "
-				"DER or PEM\n");
-		BIO_printf(bio_err, " -outform arg    output format - "
-				"DER or PEM\n");
-		BIO_printf(bio_err, " -in arg         input file\n");
-		BIO_printf(bio_err, " -passin arg     input file pass "
-				"phrase source\n");
-		BIO_printf(bio_err, " -out arg        output file\n");
-		BIO_printf(bio_err, " -passout arg    output file pass "
-				"phrase source\n");
-		BIO_printf(bio_err, " -engine e       use engine e, "
-				"possibly a hardware device.\n");
-		BIO_printf(bio_err, " -des            encrypt PEM output, "
-				"instead of 'des' every other \n"
-				"                 cipher "
-				"supported by OpenSSL can be used\n");
-		BIO_printf(bio_err, " -text           print the key\n");
-		BIO_printf(bio_err, " -noout          don't print key out\n");
-		BIO_printf(bio_err, " -param_out      print the elliptic "
-				"curve parameters\n");
-		BIO_printf(bio_err, " -conv_form arg  specifies the "
-				"point conversion form \n");
-		BIO_printf(bio_err, "                 possible values:"
-				" compressed\n");
-		BIO_printf(bio_err, "                                 "
-				" uncompressed (default)\n");
-		BIO_printf(bio_err, "                                  "
-				" hybrid\n");
-		BIO_printf(bio_err, " -param_enc arg  specifies the way"
-				" the ec parameters are encoded\n");
-		BIO_printf(bio_err, "                 in the asn1 der "
-				"encoding\n");
-		BIO_printf(bio_err, "                 possible values:"
-				" named_curve (default)\n");
-		BIO_printf(bio_err,"                                  "
-				"explicit\n");
-		goto end;
-		}
-
-	ERR_load_crypto_strings();
-
-#ifndef OPENSSL_NO_ENGINE
-        setup_engine(bio_err, engine, 0);
-#endif
-
-	if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) 
-		{
-		BIO_printf(bio_err, "Error getting passwords\n");
-		goto end;
-		}
-
-	in = BIO_new(BIO_s_file());
-	out = BIO_new(BIO_s_file());
-	if ((in == NULL) || (out == NULL))
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (infile == NULL)
-		BIO_set_fp(in, stdin, BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(in, infile) <= 0)
-			{
-			perror(infile);
-			goto end;
-			}
-		}
-
-	BIO_printf(bio_err, "read EC key\n");
-	if (informat == FORMAT_ASN1) 
-		{
-		if (pubin) 
-			eckey = d2i_EC_PUBKEY_bio(in, NULL);
-		else 
-			eckey = d2i_ECPrivateKey_bio(in, NULL);
-		} 
-	else if (informat == FORMAT_PEM) 
-		{
-		if (pubin) 
-			eckey = PEM_read_bio_EC_PUBKEY(in, NULL, NULL, 
-				NULL);
-		else 
-			eckey = PEM_read_bio_ECPrivateKey(in, NULL, NULL,
-				passin);
-		} 
-	else
-		{
-		BIO_printf(bio_err, "bad input format specified for key\n");
-		goto end;
-		}
-	if (eckey == NULL)
-		{
-		BIO_printf(bio_err,"unable to load Key\n");
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (outfile == NULL)
-		{
-		BIO_set_fp(out, stdout, BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-			{
-			BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-			out = BIO_push(tmpbio, out);
-			}
-#endif
-		}
-	else
-		{
-		if (BIO_write_filename(out, outfile) <= 0)
-			{
-			perror(outfile);
-			goto end;
-			}
-		}
-
-	group = EC_KEY_get0_group(eckey);
-
-	if (new_form)
-		EC_KEY_set_conv_form(eckey, form);
-
-	if (new_asn1_flag)
-		EC_KEY_set_asn1_flag(eckey, asn1_flag);
-
-	if (text) 
-		if (!EC_KEY_print(out, eckey, 0))
-			{
-			perror(outfile);
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-
-	if (noout) 
-		{
-		ret = 0;
-		goto end;
-		}
-
-	BIO_printf(bio_err, "writing EC key\n");
-	if (outformat == FORMAT_ASN1) 
-		{
-		if (param_out)
-			i = i2d_ECPKParameters_bio(out, group);
-		else if (pubin || pubout) 
-			i = i2d_EC_PUBKEY_bio(out, eckey);
-		else 
-			i = i2d_ECPrivateKey_bio(out, eckey);
-		} 
-	else if (outformat == FORMAT_PEM) 
-		{
-		if (param_out)
-			i = PEM_write_bio_ECPKParameters(out, group);
-		else if (pubin || pubout)
-			i = PEM_write_bio_EC_PUBKEY(out, eckey);
-		else 
-			i = PEM_write_bio_ECPrivateKey(out, eckey, enc,
-						NULL, 0, NULL, passout);
-		} 
-	else 
-		{
-		BIO_printf(bio_err, "bad output format specified for "
-			"outfile\n");
-		goto end;
-		}
-
-	if (!i)
-		{
-		BIO_printf(bio_err, "unable to write private key\n");
-		ERR_print_errors(bio_err);
-		}
-	else
-		ret=0;
-end:
-	if (in)
-		BIO_free(in);
-	if (out)
-		BIO_free_all(out);
-	if (eckey)
-		EC_KEY_free(eckey);
-	if (passin)
-		OPENSSL_free(passin);
-	if (passout)
-		OPENSSL_free(passout);
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-}
-#else /* !OPENSSL_NO_EC */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/deps/openssl/openssl/apps/ecparam.c b/deps/openssl/openssl/apps/ecparam.c
deleted file mode 100644
index 465480bedd0..00000000000
--- a/deps/openssl/openssl/apps/ecparam.c
+++ /dev/null
@@ -1,731 +0,0 @@
-/* apps/ecparam.c */
-/*
- * Written by Nils Larsch for the OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by 
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the OpenSSL open source
- * license provided above.
- *
- * The elliptic curve binary polynomial software is originally written by 
- * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
- *
- */
-
-#include 
-#ifndef OPENSSL_NO_EC
-#include 
-#include 
-#include 
-#include 
-#include 
-#include "apps.h"
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-
-#undef PROG
-#define PROG	ecparam_main
-
-/* -inform arg      - input format - default PEM (DER or PEM)
- * -outform arg     - output format - default PEM
- * -in  arg         - input file  - default stdin
- * -out arg         - output file - default stdout
- * -noout           - do not print the ec parameter
- * -text            - print the ec parameters in text form
- * -check           - validate the ec parameters
- * -C               - print a 'C' function creating the parameters
- * -name arg        - use the ec parameters with 'short name' name
- * -list_curves     - prints a list of all currently available curve 'short names'
- * -conv_form arg   - specifies the point conversion form 
- *                  - possible values: compressed
- *                                     uncompressed (default)
- *                                     hybrid
- * -param_enc arg   - specifies the way the ec parameters are encoded
- *                    in the asn1 der encoding
- *                    possible values: named_curve (default)
- *                                     explicit
- * -no_seed         - if 'explicit' parameters are choosen do not use the seed
- * -genkey          - generate ec key
- * -rand file       - files to use for random number input
- * -engine e        - use engine e, possibly a hardware device
- */
-
-
-static int ecparam_print_var(BIO *,BIGNUM *,const char *,int,unsigned char *);
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	EC_GROUP *group = NULL;
-	point_conversion_form_t form = POINT_CONVERSION_UNCOMPRESSED; 
-	int 	new_form = 0;
-	int 	asn1_flag = OPENSSL_EC_NAMED_CURVE;
-	int 	new_asn1_flag = 0;
-	char 	*curve_name = NULL, *inrand = NULL;
-	int	list_curves = 0, no_seed = 0, check = 0,
-		badops = 0, text = 0, i, need_rand = 0, genkey = 0;
-	char	*infile = NULL, *outfile = NULL, *prog;
-	BIO 	*in = NULL, *out = NULL;
-	int 	informat, outformat, noout = 0, C = 0, ret = 1;
-	char	*engine = NULL;
-
-	BIGNUM	*ec_p = NULL, *ec_a = NULL, *ec_b = NULL,
-		*ec_gen = NULL, *ec_order = NULL, *ec_cofactor = NULL;
-	unsigned char *buffer = NULL;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
-
-	prog=argv[0];
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-text") == 0)
-			text = 1;
-		else if (strcmp(*argv,"-C") == 0)
-			C = 1;
-		else if (strcmp(*argv,"-check") == 0)
-			check = 1;
-		else if (strcmp (*argv, "-name") == 0)
-			{
-			if (--argc < 1)
-				goto bad;
-			curve_name = *(++argv);
-			}
-		else if (strcmp(*argv, "-list_curves") == 0)
-			list_curves = 1;
-		else if (strcmp(*argv, "-conv_form") == 0)
-			{
-			if (--argc < 1)
-				goto bad;
-			++argv;
-			new_form = 1;
-			if (strcmp(*argv, "compressed") == 0)
-				form = POINT_CONVERSION_COMPRESSED;
-			else if (strcmp(*argv, "uncompressed") == 0)
-				form = POINT_CONVERSION_UNCOMPRESSED;
-			else if (strcmp(*argv, "hybrid") == 0)
-				form = POINT_CONVERSION_HYBRID;
-			else
-				goto bad;
-			}
-		else if (strcmp(*argv, "-param_enc") == 0)
-			{
-			if (--argc < 1)
-				goto bad;
-			++argv;
-			new_asn1_flag = 1;
-			if (strcmp(*argv, "named_curve") == 0)
-				asn1_flag = OPENSSL_EC_NAMED_CURVE;
-			else if (strcmp(*argv, "explicit") == 0)
-				asn1_flag = 0;
-			else
-				goto bad;
-			}
-		else if (strcmp(*argv, "-no_seed") == 0)
-			no_seed = 1;
-		else if (strcmp(*argv, "-noout") == 0)
-			noout=1;
-		else if (strcmp(*argv,"-genkey") == 0)
-			{
-			genkey=1;
-			need_rand=1;
-			}
-		else if (strcmp(*argv, "-rand") == 0)
-			{
-			if (--argc < 1) goto bad;
-			inrand= *(++argv);
-			need_rand=1;
-			}
-		else if(strcmp(*argv, "-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine = *(++argv);
-			}	
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err, "%s [options] outfile\n",prog);
-		BIO_printf(bio_err, "where options are\n");
-		BIO_printf(bio_err, " -inform arg       input format - "
-				"default PEM (DER or PEM)\n");
-		BIO_printf(bio_err, " -outform arg      output format - "
-				"default PEM\n");
-		BIO_printf(bio_err, " -in  arg          input file  - "
-				"default stdin\n");
-		BIO_printf(bio_err, " -out arg          output file - "
-				"default stdout\n");
-		BIO_printf(bio_err, " -noout            do not print the "
-				"ec parameter\n");
-		BIO_printf(bio_err, " -text             print the ec "
-				"parameters in text form\n");
-		BIO_printf(bio_err, " -check            validate the ec "
-				"parameters\n");
-		BIO_printf(bio_err, " -C                print a 'C' "
-				"function creating the parameters\n");
-		BIO_printf(bio_err, " -name arg         use the "
-				"ec parameters with 'short name' name\n");
-		BIO_printf(bio_err, " -list_curves      prints a list of "
-				"all currently available curve 'short names'\n");
-		BIO_printf(bio_err, " -conv_form arg    specifies the "
-				"point conversion form \n");
-		BIO_printf(bio_err, "                   possible values:"
-				" compressed\n");
-		BIO_printf(bio_err, "                                   "
-				" uncompressed (default)\n");
-		BIO_printf(bio_err, "                                   "
-				" hybrid\n");
-		BIO_printf(bio_err, " -param_enc arg    specifies the way"
-				" the ec parameters are encoded\n");
-		BIO_printf(bio_err, "                   in the asn1 der "
-				"encoding\n");
-		BIO_printf(bio_err, "                   possible values:"
-				" named_curve (default)\n");
-		BIO_printf(bio_err, "                                   "
-				" explicit\n");
-		BIO_printf(bio_err, " -no_seed          if 'explicit'"
-				" parameters are choosen do not"
-				" use the seed\n");
-		BIO_printf(bio_err, " -genkey           generate ec"
-				" key\n");
-		BIO_printf(bio_err, " -rand file        files to use for"
-				" random number input\n");
-		BIO_printf(bio_err, " -engine e         use engine e, "
-				"possibly a hardware device\n");
-		goto end;
-		}
-
-	ERR_load_crypto_strings();
-
-	in=BIO_new(BIO_s_file());
-	out=BIO_new(BIO_s_file());
-	if ((in == NULL) || (out == NULL))
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (infile == NULL)
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(in,infile) <= 0)
-			{
-			perror(infile);
-			goto end;
-			}
-		}
-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
-			perror(outfile);
-			goto end;
-			}
-		}
-
-#ifndef OPENSSL_NO_ENGINE
-	setup_engine(bio_err, engine, 0);
-#endif
-
-	if (list_curves)
-		{
-		EC_builtin_curve *curves = NULL;
-		size_t crv_len = 0;
-		size_t n = 0;
-
-		crv_len = EC_get_builtin_curves(NULL, 0);
-
-		curves = OPENSSL_malloc((int)(sizeof(EC_builtin_curve) * crv_len));
-
-		if (curves == NULL)
-			goto end;
-
-		if (!EC_get_builtin_curves(curves, crv_len))
-			{
-			OPENSSL_free(curves);
-			goto end;
-			}
-
-		
-		for (n = 0; n < crv_len; n++)
-			{
-			const char *comment;
-			const char *sname;
-			comment = curves[n].comment;
-			sname   = OBJ_nid2sn(curves[n].nid);
-			if (comment == NULL)
-				comment = "CURVE DESCRIPTION NOT AVAILABLE";
-			if (sname == NULL)
-				sname = "";
-
-			BIO_printf(out, "  %-10s: ", sname);
-			BIO_printf(out, "%s\n", comment);
-			} 
-
-		OPENSSL_free(curves);
-		ret = 0;
-		goto end;
-		}
-
-	if (curve_name != NULL)
-		{
-		int nid;
-
-		/* workaround for the SECG curve names secp192r1
-		 * and secp256r1 (which are the same as the curves
-		 * prime192v1 and prime256v1 defined in X9.62)
-		 */
-		if (!strcmp(curve_name, "secp192r1"))
-			{
-			BIO_printf(bio_err, "using curve name prime192v1 "
-				"instead of secp192r1\n");
-			nid = NID_X9_62_prime192v1;
-			}
-		else if (!strcmp(curve_name, "secp256r1"))
-			{
-			BIO_printf(bio_err, "using curve name prime256v1 "
-				"instead of secp256r1\n");
-			nid = NID_X9_62_prime256v1;
-			}
-		else
-			nid = OBJ_sn2nid(curve_name);
-	
-		if (nid == 0)
-			{
-			BIO_printf(bio_err, "unknown curve name (%s)\n", 
-				curve_name);
-			goto end;
-			}
-
-		group = EC_GROUP_new_by_curve_name(nid);
-		if (group == NULL)
-			{
-			BIO_printf(bio_err, "unable to create curve (%s)\n", 
-				curve_name);
-			goto end;
-			}
-		EC_GROUP_set_asn1_flag(group, asn1_flag);
-		EC_GROUP_set_point_conversion_form(group, form);
-		}
-	else if (informat == FORMAT_ASN1)
-		{
-		group = d2i_ECPKParameters_bio(in, NULL);
-		}
-	else if (informat == FORMAT_PEM)
-		{
-		group = PEM_read_bio_ECPKParameters(in,NULL,NULL,NULL);
-		}
-	else
-		{
-		BIO_printf(bio_err, "bad input format specified\n");
-		goto end;
-		}
-
-	if (group == NULL)
-		{
-		BIO_printf(bio_err, 
-			"unable to load elliptic curve parameters\n");
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (new_form)
-		EC_GROUP_set_point_conversion_form(group, form);
-
-	if (new_asn1_flag)
-		EC_GROUP_set_asn1_flag(group, asn1_flag);
-
-	if (no_seed)
-		{
-		EC_GROUP_set_seed(group, NULL, 0);
-		}
-
-	if (text)
-		{
-		if (!ECPKParameters_print(out, group, 0))
-			goto end;
-		}
-
-	if (check)
-		{
-		if (group == NULL)
-			BIO_printf(bio_err, "no elliptic curve parameters\n");
-		BIO_printf(bio_err, "checking elliptic curve parameters: ");
-		if (!EC_GROUP_check(group, NULL))
-			{
-			BIO_printf(bio_err, "failed\n");
-			ERR_print_errors(bio_err);
-			}
-		else
-			BIO_printf(bio_err, "ok\n");
-			
-		}
-
-	if (C)
-		{
-		size_t	buf_len = 0, tmp_len = 0;
-		const EC_POINT *point;
-		int	is_prime, len = 0;
-		const EC_METHOD *meth = EC_GROUP_method_of(group);
-
-		if ((ec_p = BN_new()) == NULL || (ec_a = BN_new()) == NULL ||
-		    (ec_b = BN_new()) == NULL || (ec_gen = BN_new()) == NULL ||
-		    (ec_order = BN_new()) == NULL || 
-		    (ec_cofactor = BN_new()) == NULL )
-			{
-			perror("OPENSSL_malloc");
-			goto end;
-			}
-
-		is_prime = (EC_METHOD_get_field_type(meth) == 
-			NID_X9_62_prime_field);
-
-		if (is_prime)
-			{
-			if (!EC_GROUP_get_curve_GFp(group, ec_p, ec_a,
-				ec_b, NULL))
-				goto end;
-			}
-		else
-			{
-			/* TODO */
-			goto end;
-			}
-
-		if ((point = EC_GROUP_get0_generator(group)) == NULL)
-			goto end;
-		if (!EC_POINT_point2bn(group, point, 
-			EC_GROUP_get_point_conversion_form(group), ec_gen, 
-			NULL))
-			goto end;
-		if (!EC_GROUP_get_order(group, ec_order, NULL))
-			goto end;
-		if (!EC_GROUP_get_cofactor(group, ec_cofactor, NULL))
-			goto end;
-
-		if (!ec_p || !ec_a || !ec_b || !ec_gen || 
-			!ec_order || !ec_cofactor)
-			goto end;
-
-		len = BN_num_bits(ec_order);
-
-		if ((tmp_len = (size_t)BN_num_bytes(ec_p)) > buf_len)
-			buf_len = tmp_len;
-		if ((tmp_len = (size_t)BN_num_bytes(ec_a)) > buf_len)
-			buf_len = tmp_len;
-		if ((tmp_len = (size_t)BN_num_bytes(ec_b)) > buf_len)
-			buf_len = tmp_len;
-		if ((tmp_len = (size_t)BN_num_bytes(ec_gen)) > buf_len)
-			buf_len = tmp_len;
-		if ((tmp_len = (size_t)BN_num_bytes(ec_order)) > buf_len)
-			buf_len = tmp_len;
-		if ((tmp_len = (size_t)BN_num_bytes(ec_cofactor)) > buf_len)
-			buf_len = tmp_len;
-
-		buffer = (unsigned char *)OPENSSL_malloc(buf_len);
-
-		if (buffer == NULL)
-			{
-			perror("OPENSSL_malloc");
-			goto end;
-			}
-
-		ecparam_print_var(out, ec_p, "ec_p", len, buffer);
-		ecparam_print_var(out, ec_a, "ec_a", len, buffer);
-		ecparam_print_var(out, ec_b, "ec_b", len, buffer);
-		ecparam_print_var(out, ec_gen, "ec_gen", len, buffer);
-		ecparam_print_var(out, ec_order, "ec_order", len, buffer);
-		ecparam_print_var(out, ec_cofactor, "ec_cofactor", len, 
-			buffer);
-
-		BIO_printf(out, "\n\n");
-
-		BIO_printf(out, "EC_GROUP *get_ec_group_%d(void)\n\t{\n", len);
-		BIO_printf(out, "\tint ok=0;\n");
-		BIO_printf(out, "\tEC_GROUP *group = NULL;\n");
-		BIO_printf(out, "\tEC_POINT *point = NULL;\n");
-		BIO_printf(out, "\tBIGNUM   *tmp_1 = NULL, *tmp_2 = NULL, "
-				"*tmp_3 = NULL;\n\n");
-		BIO_printf(out, "\tif ((tmp_1 = BN_bin2bn(ec_p_%d, "
-				"sizeof(ec_p_%d), NULL)) == NULL)\n\t\t"
-				"goto err;\n", len, len);
-		BIO_printf(out, "\tif ((tmp_2 = BN_bin2bn(ec_a_%d, "
-				"sizeof(ec_a_%d), NULL)) == NULL)\n\t\t"
-				"goto err;\n", len, len);
-		BIO_printf(out, "\tif ((tmp_3 = BN_bin2bn(ec_b_%d, "
-				"sizeof(ec_b_%d), NULL)) == NULL)\n\t\t"
-				"goto err;\n", len, len);
-		if (is_prime)
-			{
-			BIO_printf(out, "\tif ((group = EC_GROUP_new_curve_"
-				"GFp(tmp_1, tmp_2, tmp_3, NULL)) == NULL)"
-				"\n\t\tgoto err;\n\n");
-			}
-		else
-			{
-			/* TODO */
-			goto end;
-			}
-		BIO_printf(out, "\t/* build generator */\n");
-		BIO_printf(out, "\tif ((tmp_1 = BN_bin2bn(ec_gen_%d, "
-				"sizeof(ec_gen_%d), tmp_1)) == NULL)"
-				"\n\t\tgoto err;\n", len, len);
-		BIO_printf(out, "\tpoint = EC_POINT_bn2point(group, tmp_1, "
-				"NULL, NULL);\n");
-		BIO_printf(out, "\tif (point == NULL)\n\t\tgoto err;\n");
-		BIO_printf(out, "\tif ((tmp_2 = BN_bin2bn(ec_order_%d, "
-				"sizeof(ec_order_%d), tmp_2)) == NULL)"
-				"\n\t\tgoto err;\n", len, len);
-		BIO_printf(out, "\tif ((tmp_3 = BN_bin2bn(ec_cofactor_%d, "
-				"sizeof(ec_cofactor_%d), tmp_3)) == NULL)"
-				"\n\t\tgoto err;\n", len, len);
-		BIO_printf(out, "\tif (!EC_GROUP_set_generator(group, point,"
-				" tmp_2, tmp_3))\n\t\tgoto err;\n");
-		BIO_printf(out, "\n\tok=1;\n");
-		BIO_printf(out, "err:\n");
-		BIO_printf(out, "\tif (tmp_1)\n\t\tBN_free(tmp_1);\n");
-		BIO_printf(out, "\tif (tmp_2)\n\t\tBN_free(tmp_2);\n");
-		BIO_printf(out, "\tif (tmp_3)\n\t\tBN_free(tmp_3);\n");
-		BIO_printf(out, "\tif (point)\n\t\tEC_POINT_free(point);\n");
-		BIO_printf(out, "\tif (!ok)\n");
-		BIO_printf(out, "\t\t{\n");
-		BIO_printf(out, "\t\tEC_GROUP_free(group);\n");
-		BIO_printf(out, "\t\tgroup = NULL;\n");
-		BIO_printf(out, "\t\t}\n");
-		BIO_printf(out, "\treturn(group);\n\t}\n");
-	}
-
-	if (!noout)
-		{
-		if (outformat == FORMAT_ASN1)
-			i = i2d_ECPKParameters_bio(out, group);
-		else if (outformat == FORMAT_PEM)
-			i = PEM_write_bio_ECPKParameters(out, group);
-		else	
-			{
-			BIO_printf(bio_err,"bad output format specified for"
-				" outfile\n");
-			goto end;
-			}
-		if (!i)
-			{
-			BIO_printf(bio_err, "unable to write elliptic "
-				"curve parameters\n");
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		}
-	
-	if (need_rand)
-		{
-		app_RAND_load_file(NULL, bio_err, (inrand != NULL));
-		if (inrand != NULL)
-			BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
-				app_RAND_load_files(inrand));
-		}
-
-	if (genkey)
-		{
-		EC_KEY *eckey = EC_KEY_new();
-
-		if (eckey == NULL)
-			goto end;
-
-		assert(need_rand);
-
-		if (EC_KEY_set_group(eckey, group) == 0)
-			goto end;
-		
-		if (!EC_KEY_generate_key(eckey))
-			{
-			EC_KEY_free(eckey);
-			goto end;
-			}
-		if (outformat == FORMAT_ASN1)
-			i = i2d_ECPrivateKey_bio(out, eckey);
-		else if (outformat == FORMAT_PEM)
-			i = PEM_write_bio_ECPrivateKey(out, eckey, NULL,
-				NULL, 0, NULL, NULL);
-		else	
-			{
-			BIO_printf(bio_err, "bad output format specified "
-				"for outfile\n");
-			EC_KEY_free(eckey);
-			goto end;
-			}
-		EC_KEY_free(eckey);
-		}
-
-	if (need_rand)
-		app_RAND_write_file(NULL, bio_err);
-
-	ret=0;
-end:
-	if (ec_p)
-		BN_free(ec_p);
-	if (ec_a)
-		BN_free(ec_a);
-	if (ec_b)
-		BN_free(ec_b);
-	if (ec_gen)
-		BN_free(ec_gen);
-	if (ec_order)
-		BN_free(ec_order);
-	if (ec_cofactor)
-		BN_free(ec_cofactor);
-	if (buffer)
-		OPENSSL_free(buffer);
-	if (in != NULL)
-		BIO_free(in);
-	if (out != NULL)
-		BIO_free_all(out);
-	if (group != NULL)
-		EC_GROUP_free(group);
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-}
-
-static int ecparam_print_var(BIO *out, BIGNUM *in, const char *var,
-	int len, unsigned char *buffer)
-	{
-	BIO_printf(out, "static unsigned char %s_%d[] = {", var, len);
-	if (BN_is_zero(in))
-		BIO_printf(out, "\n\t0x00");
-	else 
-		{
-		int i, l;
-
-		l = BN_bn2bin(in, buffer);
-		for (i=0; i
-#include 
-#include 
-#include "apps.h"
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-
-int set_hex(char *in,unsigned char *out,int size);
-#undef SIZE
-#undef BSIZE
-#undef PROG
-
-#define SIZE	(512)
-#define BSIZE	(8*1024)
-#define	PROG	enc_main
-
-static void show_ciphers(const OBJ_NAME *name,void *bio_)
-	{
-	BIO *bio=bio_;
-	static int n;
-
-	if(!islower((unsigned char)*name->name))
-		return;
-
-	BIO_printf(bio,"-%-25s",name->name);
-	if(++n == 3)
-		{
-		BIO_printf(bio,"\n");
-		n=0;
-		}
-	else
-		BIO_printf(bio," ");
-	}
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	static const char magic[]="Salted__";
-	char mbuf[sizeof magic-1];
-	char *strbuf=NULL;
-	unsigned char *buff=NULL,*bufsize=NULL;
-	int bsize=BSIZE,verbose=0;
-	int ret=1,inl;
-	int nopad = 0;
-	unsigned char key[EVP_MAX_KEY_LENGTH],iv[EVP_MAX_IV_LENGTH];
-	unsigned char salt[PKCS5_SALT_LEN];
-	char *str=NULL, *passarg = NULL, *pass = NULL;
-	char *hkey=NULL,*hiv=NULL,*hsalt = NULL;
-	char *md=NULL;
-	int enc=1,printkey=0,i,base64=0;
-#ifdef ZLIB
-	int do_zlib=0;
-	BIO *bzl = NULL;
-#endif
-	int debug=0,olb64=0,nosalt=0;
-	const EVP_CIPHER *cipher=NULL,*c;
-	EVP_CIPHER_CTX *ctx = NULL;
-	char *inf=NULL,*outf=NULL;
-	BIO *in=NULL,*out=NULL,*b64=NULL,*benc=NULL,*rbio=NULL,*wbio=NULL;
-#define PROG_NAME_SIZE  39
-	char pname[PROG_NAME_SIZE+1];
-#ifndef OPENSSL_NO_ENGINE
-	char *engine = NULL;
-#endif
-	const EVP_MD *dgst=NULL;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	/* first check the program name */
-	program_name(argv[0],pname,sizeof pname);
-	if (strcmp(pname,"base64") == 0)
-		base64=1;
-#ifdef ZLIB
-	if (strcmp(pname,"zlib") == 0)
-		do_zlib=1;
-#endif
-
-	cipher=EVP_get_cipherbyname(pname);
-#ifdef ZLIB
-	if (!do_zlib && !base64 && (cipher == NULL)
-				&& (strcmp(pname,"enc") != 0))
-#else
-	if (!base64 && (cipher == NULL) && (strcmp(pname,"enc") != 0))
-#endif
-		{
-		BIO_printf(bio_err,"%s is an unknown cipher\n",pname);
-		goto bad;
-		}
-
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if	(strcmp(*argv,"-e") == 0)
-			enc=1;
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			inf= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outf= *(++argv);
-			}
-		else if (strcmp(*argv,"-pass") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passarg= *(++argv);
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
-			}
-#endif
-		else if	(strcmp(*argv,"-d") == 0)
-			enc=0;
-		else if	(strcmp(*argv,"-p") == 0)
-			printkey=1;
-		else if	(strcmp(*argv,"-v") == 0)
-			verbose=1;
-		else if	(strcmp(*argv,"-nopad") == 0)
-			nopad=1;
-		else if	(strcmp(*argv,"-salt") == 0)
-			nosalt=0;
-		else if	(strcmp(*argv,"-nosalt") == 0)
-			nosalt=1;
-		else if	(strcmp(*argv,"-debug") == 0)
-			debug=1;
-		else if	(strcmp(*argv,"-P") == 0)
-			printkey=2;
-		else if	(strcmp(*argv,"-A") == 0)
-			olb64=1;
-		else if	(strcmp(*argv,"-a") == 0)
-			base64=1;
-		else if	(strcmp(*argv,"-base64") == 0)
-			base64=1;
-#ifdef ZLIB
-		else if	(strcmp(*argv,"-z") == 0)
-			do_zlib=1;
-#endif
-		else if (strcmp(*argv,"-bufsize") == 0)
-			{
-			if (--argc < 1) goto bad;
-			bufsize=(unsigned char *)*(++argv);
-			}
-		else if (strcmp(*argv,"-k") == 0)
-			{
-			if (--argc < 1) goto bad;
-			str= *(++argv);
-			}
-		else if (strcmp(*argv,"-kfile") == 0)
-			{
-			static char buf[128];
-			FILE *infile;
-			char *file;
-
-			if (--argc < 1) goto bad;
-			file= *(++argv);
-			infile=fopen(file,"r");
-			if (infile == NULL)
-				{
-				BIO_printf(bio_err,"unable to read key from '%s'\n",
-					file);
-				goto bad;
-				}
-			buf[0]='\0';
-			if (!fgets(buf,sizeof buf,infile))
-				{
-				BIO_printf(bio_err,"unable to read key from '%s'\n",
-					file);
-				goto bad;
-				}
-			fclose(infile);
-			i=strlen(buf);
-			if ((i > 0) &&
-				((buf[i-1] == '\n') || (buf[i-1] == '\r')))
-				buf[--i]='\0';
-			if ((i > 0) &&
-				((buf[i-1] == '\n') || (buf[i-1] == '\r')))
-				buf[--i]='\0';
-			if (i < 1)
-				{
-				BIO_printf(bio_err,"zero length password\n");
-				goto bad;
-				}
-			str=buf;
-			}
-		else if (strcmp(*argv,"-K") == 0)
-			{
-			if (--argc < 1) goto bad;
-			hkey= *(++argv);
-			}
-		else if (strcmp(*argv,"-S") == 0)
-			{
-			if (--argc < 1) goto bad;
-			hsalt= *(++argv);
-			}
-		else if (strcmp(*argv,"-iv") == 0)
-			{
-			if (--argc < 1) goto bad;
-			hiv= *(++argv);
-			}
-		else if (strcmp(*argv,"-md") == 0)
-			{
-			if (--argc < 1) goto bad;
-			md= *(++argv);
-			}
-		else if	((argv[0][0] == '-') &&
-			((c=EVP_get_cipherbyname(&(argv[0][1]))) != NULL))
-			{
-			cipher=c;
-			}
-		else if (strcmp(*argv,"-none") == 0)
-			cipher=NULL;
-		else
-			{
-			BIO_printf(bio_err,"unknown option '%s'\n",*argv);
-bad:
-			BIO_printf(bio_err,"options are\n");
-			BIO_printf(bio_err,"%-14s input file\n","-in ");
-			BIO_printf(bio_err,"%-14s output file\n","-out ");
-			BIO_printf(bio_err,"%-14s pass phrase source\n","-pass ");
-			BIO_printf(bio_err,"%-14s encrypt\n","-e");
-			BIO_printf(bio_err,"%-14s decrypt\n","-d");
-			BIO_printf(bio_err,"%-14s base64 encode/decode, depending on encryption flag\n","-a/-base64");
-			BIO_printf(bio_err,"%-14s passphrase is the next argument\n","-k");
-			BIO_printf(bio_err,"%-14s passphrase is the first line of the file argument\n","-kfile");
-			BIO_printf(bio_err,"%-14s the next argument is the md to use to create a key\n","-md");
-			BIO_printf(bio_err,"%-14s   from a passphrase.  One of md2, md5, sha or sha1\n","");
-			BIO_printf(bio_err,"%-14s salt in hex is the next argument\n","-S");
-			BIO_printf(bio_err,"%-14s key/iv in hex is the next argument\n","-K/-iv");
-			BIO_printf(bio_err,"%-14s print the iv/key (then exit if -P)\n","-[pP]");
-			BIO_printf(bio_err,"%-14s buffer size\n","-bufsize ");
-			BIO_printf(bio_err,"%-14s disable standard block padding\n","-nopad");
-#ifndef OPENSSL_NO_ENGINE
-			BIO_printf(bio_err,"%-14s use engine e, possibly a hardware device.\n","-engine e");
-#endif
-
-			BIO_printf(bio_err,"Cipher Types\n");
-			OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH,
-					       show_ciphers,
-					       bio_err);
-			BIO_printf(bio_err,"\n");
-
-			goto end;
-			}
-		argc--;
-		argv++;
-		}
-
-#ifndef OPENSSL_NO_ENGINE
-        setup_engine(bio_err, engine, 0);
-#endif
-
-	if (md && (dgst=EVP_get_digestbyname(md)) == NULL)
-		{
-		BIO_printf(bio_err,"%s is an unsupported message digest type\n",md);
-		goto end;
-		}
-
-	if (dgst == NULL)
-		{
-		dgst = EVP_md5();
-		}
-
-	if (bufsize != NULL)
-		{
-		unsigned long n;
-
-		for (n=0; *bufsize; bufsize++)
-			{
-			i= *bufsize;
-			if ((i <= '9') && (i >= '0'))
-				n=n*10+i-'0';
-			else if (i == 'k')
-				{
-				n*=1024;
-				bufsize++;
-				break;
-				}
-			}
-		if (*bufsize != '\0')
-			{
-			BIO_printf(bio_err,"invalid 'bufsize' specified.\n");
-			goto end;
-			}
-
-		/* It must be large enough for a base64 encoded line */
-		if (base64 && n < 80) n=80;
-
-		bsize=(int)n;
-		if (verbose) BIO_printf(bio_err,"bufsize=%d\n",bsize);
-		}
-
-	strbuf=OPENSSL_malloc(SIZE);
-	buff=(unsigned char *)OPENSSL_malloc(EVP_ENCODE_LENGTH(bsize));
-	if ((buff == NULL) || (strbuf == NULL))
-		{
-		BIO_printf(bio_err,"OPENSSL_malloc failure %ld\n",(long)EVP_ENCODE_LENGTH(bsize));
-		goto end;
-		}
-
-	in=BIO_new(BIO_s_file());
-	out=BIO_new(BIO_s_file());
-	if ((in == NULL) || (out == NULL))
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-	if (debug)
-		{
-		BIO_set_callback(in,BIO_debug_callback);
-		BIO_set_callback(out,BIO_debug_callback);
-		BIO_set_callback_arg(in,(char *)bio_err);
-		BIO_set_callback_arg(out,(char *)bio_err);
-		}
-
-	if (inf == NULL)
-	        {
-#ifndef OPENSSL_NO_SETVBUF_IONBF
-		if (bufsize != NULL)
-			setvbuf(stdin, (char *)NULL, _IONBF, 0);
-#endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-	        }
-	else
-		{
-		if (BIO_read_filename(in,inf) <= 0)
-			{
-			perror(inf);
-			goto end;
-			}
-		}
-
-	if(!str && passarg) {
-		if(!app_passwd(bio_err, passarg, NULL, &pass, NULL)) {
-			BIO_printf(bio_err, "Error getting password\n");
-			goto end;
-		}
-		str = pass;
-	}
-
-	if ((str == NULL) && (cipher != NULL) && (hkey == NULL))
-		{
-		for (;;)
-			{
-			char buf[200];
-
-			BIO_snprintf(buf,sizeof buf,"enter %s %s password:",
-				     OBJ_nid2ln(EVP_CIPHER_nid(cipher)),
-				     (enc)?"encryption":"decryption");
-			strbuf[0]='\0';
-			i=EVP_read_pw_string((char *)strbuf,SIZE,buf,enc);
-			if (i == 0)
-				{
-				if (strbuf[0] == '\0')
-					{
-					ret=1;
-					goto end;
-					}
-				str=strbuf;
-				break;
-				}
-			if (i < 0)
-				{
-				BIO_printf(bio_err,"bad password read\n");
-				goto end;
-				}
-			}
-		}
-
-
-	if (outf == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifndef OPENSSL_NO_SETVBUF_IONBF
-		if (bufsize != NULL)
-			setvbuf(stdout, (char *)NULL, _IONBF, 0);
-#endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outf) <= 0)
-			{
-			perror(outf);
-			goto end;
-			}
-		}
-
-	rbio=in;
-	wbio=out;
-
-#ifdef ZLIB
-
-	if (do_zlib)
-		{
-		if ((bzl=BIO_new(BIO_f_zlib())) == NULL)
-			goto end;
-		if (enc)
-			wbio=BIO_push(bzl,wbio);
-		else
-			rbio=BIO_push(bzl,rbio);
-		}
-#endif
-
-	if (base64)
-		{
-		if ((b64=BIO_new(BIO_f_base64())) == NULL)
-			goto end;
-		if (debug)
-			{
-			BIO_set_callback(b64,BIO_debug_callback);
-			BIO_set_callback_arg(b64,(char *)bio_err);
-			}
-		if (olb64)
-			BIO_set_flags(b64,BIO_FLAGS_BASE64_NO_NL);
-		if (enc)
-			wbio=BIO_push(b64,wbio);
-		else
-			rbio=BIO_push(b64,rbio);
-		}
-
-	if (cipher != NULL)
-		{
-		/* Note that str is NULL if a key was passed on the command
-		 * line, so we get no salt in that case. Is this a bug?
-		 */
-		if (str != NULL)
-			{
-			/* Salt handling: if encrypting generate a salt and
-			 * write to output BIO. If decrypting read salt from
-			 * input BIO.
-			 */
-			unsigned char *sptr;
-			if(nosalt) sptr = NULL;
-			else {
-				if(enc) {
-					if(hsalt) {
-						if(!set_hex(hsalt,salt,sizeof salt)) {
-							BIO_printf(bio_err,
-								"invalid hex salt value\n");
-							goto end;
-						}
-					} else if (RAND_pseudo_bytes(salt, sizeof salt) < 0)
-						goto end;
-					/* If -P option then don't bother writing */
-					if((printkey != 2)
-					   && (BIO_write(wbio,magic,
-							 sizeof magic-1) != sizeof magic-1
-					       || BIO_write(wbio,
-							    (char *)salt,
-							    sizeof salt) != sizeof salt)) {
-						BIO_printf(bio_err,"error writing output file\n");
-						goto end;
-					}
-				} else if(BIO_read(rbio,mbuf,sizeof mbuf) != sizeof mbuf
-					  || BIO_read(rbio,
-						      (unsigned char *)salt,
-				    sizeof salt) != sizeof salt) {
-					BIO_printf(bio_err,"error reading input file\n");
-					goto end;
-				} else if(memcmp(mbuf,magic,sizeof magic-1)) {
-				    BIO_printf(bio_err,"bad magic number\n");
-				    goto end;
-				}
-
-				sptr = salt;
-			}
-
-			EVP_BytesToKey(cipher,dgst,sptr,
-				(unsigned char *)str,
-				strlen(str),1,key,iv);
-			/* zero the complete buffer or the string
-			 * passed from the command line
-			 * bug picked up by
-			 * Larry J. Hughes Jr.  */
-			if (str == strbuf)
-				OPENSSL_cleanse(str,SIZE);
-			else
-				OPENSSL_cleanse(str,strlen(str));
-			}
-		if ((hiv != NULL) && !set_hex(hiv,iv,sizeof iv))
-			{
-			BIO_printf(bio_err,"invalid hex iv value\n");
-			goto end;
-			}
-		if ((hiv == NULL) && (str == NULL)
-		    && EVP_CIPHER_iv_length(cipher) != 0)
-			{
-			/* No IV was explicitly set and no IV was generated
-			 * during EVP_BytesToKey. Hence the IV is undefined,
-			 * making correct decryption impossible. */
-			BIO_printf(bio_err, "iv undefined\n");
-			goto end;
-			}
-		if ((hkey != NULL) && !set_hex(hkey,key,sizeof key))
-			{
-			BIO_printf(bio_err,"invalid hex key value\n");
-			goto end;
-			}
-
-		if ((benc=BIO_new(BIO_f_cipher())) == NULL)
-			goto end;
-
-		/* Since we may be changing parameters work on the encryption
-		 * context rather than calling BIO_set_cipher().
-		 */
-
-		BIO_get_cipher_ctx(benc, &ctx);
-		if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, enc))
-			{
-			BIO_printf(bio_err, "Error setting cipher %s\n",
-				EVP_CIPHER_name(cipher));
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-
-		if (nopad)
-			EVP_CIPHER_CTX_set_padding(ctx, 0);
-
-		if (!EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, enc))
-			{
-			BIO_printf(bio_err, "Error setting cipher %s\n",
-				EVP_CIPHER_name(cipher));
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-
-		if (debug)
-			{
-			BIO_set_callback(benc,BIO_debug_callback);
-			BIO_set_callback_arg(benc,(char *)bio_err);
-			}
-
-		if (printkey)
-			{
-			if (!nosalt)
-				{
-				printf("salt=");
-				for (i=0; i<(int)sizeof(salt); i++)
-					printf("%02X",salt[i]);
-				printf("\n");
-				}
-			if (cipher->key_len > 0)
-				{
-				printf("key=");
-				for (i=0; ikey_len; i++)
-					printf("%02X",key[i]);
-				printf("\n");
-				}
-			if (cipher->iv_len > 0)
-				{
-				printf("iv =");
-				for (i=0; iiv_len; i++)
-					printf("%02X",iv[i]);
-				printf("\n");
-				}
-			if (printkey == 2)
-				{
-				ret=0;
-				goto end;
-				}
-			}
-		}
-
-	/* Only encrypt/decrypt as we write the file */
-	if (benc != NULL)
-		wbio=BIO_push(benc,wbio);
-
-	for (;;)
-		{
-		inl=BIO_read(rbio,(char *)buff,bsize);
-		if (inl <= 0) break;
-		if (BIO_write(wbio,(char *)buff,inl) != inl)
-			{
-			BIO_printf(bio_err,"error writing output file\n");
-			goto end;
-			}
-		}
-	if (!BIO_flush(wbio))
-		{
-		BIO_printf(bio_err,"bad decrypt\n");
-		goto end;
-		}
-
-	ret=0;
-	if (verbose)
-		{
-		BIO_printf(bio_err,"bytes read   :%8ld\n",BIO_number_read(in));
-		BIO_printf(bio_err,"bytes written:%8ld\n",BIO_number_written(out));
-		}
-end:
-	ERR_print_errors(bio_err);
-	if (strbuf != NULL) OPENSSL_free(strbuf);
-	if (buff != NULL) OPENSSL_free(buff);
-	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free_all(out);
-	if (benc != NULL) BIO_free(benc);
-	if (b64 != NULL) BIO_free(b64);
-#ifdef ZLIB
-	if (bzl != NULL) BIO_free(bzl);
-#endif
-	if(pass) OPENSSL_free(pass);
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-
-int set_hex(char *in, unsigned char *out, int size)
-	{
-	int i,n;
-	unsigned char j;
-
-	n=strlen(in);
-	if (n > (size*2))
-		{
-		BIO_printf(bio_err,"hex string is too long\n");
-		return(0);
-		}
-	memset(out,0,size);
-	for (i=0; i= '0') && (j <= '9'))
-			j-='0';
-		else if ((j >= 'A') && (j <= 'F'))
-			j=j-'A'+10;
-		else if ((j >= 'a') && (j <= 'f'))
-			j=j-'a'+10;
-		else
-			{
-			BIO_printf(bio_err,"non-hex digit\n");
-			return(0);
-			}
-		if (i&1)
-			out[i/2]|=j;
-		else
-			out[i/2]=(j<<4);
-		}
-	return(1);
-	}
diff --git a/deps/openssl/openssl/apps/engine.c b/deps/openssl/openssl/apps/engine.c
deleted file mode 100644
index 9a0294398e8..00000000000
--- a/deps/openssl/openssl/apps/engine.c
+++ /dev/null
@@ -1,549 +0,0 @@
-/* apps/engine.c -*- mode: C; c-file-style: "eay" -*- */
-/* Written by Richard Levitte  for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-#include 
-#include 
-#include 
-#ifdef OPENSSL_NO_STDIO
-#define APPS_WIN16
-#endif
-#include "apps.h"
-#include 
-#ifndef OPENSSL_NO_ENGINE
-#include 
-#include 
-
-#undef PROG
-#define PROG	engine_main
-
-static const char *engine_usage[]={
-"usage: engine opts [engine ...]\n",
-" -v[v[v[v]]] - verbose mode, for each engine, list its 'control commands'\n",
-"               -vv will additionally display each command's description\n",
-"               -vvv will also add the input flags for each command\n",
-"               -vvvv will also show internal input flags\n",
-" -c          - for each engine, also list the capabilities\n",
-" -t[t]       - for each engine, check that they are really available\n",
-"               -tt will display error trace for unavailable engines\n",
-" -pre   - runs command 'cmd' against the ENGINE before any attempts\n",
-"               to load it (if -t is used)\n",
-" -post  - runs command 'cmd' against the ENGINE after loading it\n",
-"               (only used if -t is also provided)\n",
-" NB: -pre and -post will be applied to all ENGINEs supplied on the command\n",
-" line, or all supported ENGINEs if none are specified.\n",
-" Eg. '-pre \"SO_PATH:/lib/libdriver.so\"' calls command \"SO_PATH\" with\n",
-" argument \"/lib/libdriver.so\".\n",
-NULL
-};
-
-static void identity(char *ptr)
-	{
-	return;
-	}
-
-static int append_buf(char **buf, const char *s, int *size, int step)
-	{
-	int l = strlen(s);
-
-	if (*buf == NULL)
-		{
-		*size = step;
-		*buf = OPENSSL_malloc(*size);
-		if (*buf == NULL)
-			return 0;
-		**buf = '\0';
-		}
-
-	if (**buf != '\0')
-		l += 2;		/* ", " */
-
-	if (strlen(*buf) + strlen(s) >= (unsigned int)*size)
-		{
-		*size += step;
-		*buf = OPENSSL_realloc(*buf, *size);
-		}
-
-	if (*buf == NULL)
-		return 0;
-
-	if (**buf != '\0')
-		BUF_strlcat(*buf, ", ", *size);
-	BUF_strlcat(*buf, s, *size);
-
-	return 1;
-	}
-
-static int util_flags(BIO *bio_out, unsigned int flags, const char *indent)
-	{
-	int started = 0, err = 0;
-	/* Indent before displaying input flags */
-	BIO_printf(bio_out, "%s%s(input flags): ", indent, indent);
-	if(flags == 0)
-		{
-		BIO_printf(bio_out, "\n");
-		return 1;
-		}
-        /* If the object is internal, mark it in a way that shows instead of
-         * having it part of all the other flags, even if it really is. */
-	if(flags & ENGINE_CMD_FLAG_INTERNAL)
-		{
-		BIO_printf(bio_out, "[Internal] ");
-		}
-
-	if(flags & ENGINE_CMD_FLAG_NUMERIC)
-		{
-		BIO_printf(bio_out, "NUMERIC");
-		started = 1;
-		}
-	/* Now we check that no combinations of the mutually exclusive NUMERIC,
-	 * STRING, and NO_INPUT flags have been used. Future flags that can be
-	 * OR'd together with these would need to added after these to preserve
-	 * the testing logic. */
-	if(flags & ENGINE_CMD_FLAG_STRING)
-		{
-		if(started)
-			{
-			BIO_printf(bio_out, "|");
-			err = 1;
-			}
-		BIO_printf(bio_out, "STRING");
-		started = 1;
-		}
-	if(flags & ENGINE_CMD_FLAG_NO_INPUT)
-		{
-		if(started)
-			{
-			BIO_printf(bio_out, "|");
-			err = 1;
-			}
-		BIO_printf(bio_out, "NO_INPUT");
-		started = 1;
-		}
-	/* Check for unknown flags */
-	flags = flags & ~ENGINE_CMD_FLAG_NUMERIC &
-			~ENGINE_CMD_FLAG_STRING &
-			~ENGINE_CMD_FLAG_NO_INPUT &
-			~ENGINE_CMD_FLAG_INTERNAL;
-	if(flags)
-		{
-		if(started) BIO_printf(bio_out, "|");
-		BIO_printf(bio_out, "<0x%04X>", flags);
-		}
-	if(err)
-		BIO_printf(bio_out, "  ");
-	BIO_printf(bio_out, "\n");
-	return 1;
-	}
-
-static int util_verbose(ENGINE *e, int verbose, BIO *bio_out, const char *indent)
-	{
-	static const int line_wrap = 78;
-	int num;
-	int ret = 0;
-	char *name = NULL;
-	char *desc = NULL;
-	int flags;
-	int xpos = 0;
-	STACK_OF(OPENSSL_STRING) *cmds = NULL;
-	if(!ENGINE_ctrl(e, ENGINE_CTRL_HAS_CTRL_FUNCTION, 0, NULL, NULL) ||
-			((num = ENGINE_ctrl(e, ENGINE_CTRL_GET_FIRST_CMD_TYPE,
-					0, NULL, NULL)) <= 0))
-		{
-#if 0
-		BIO_printf(bio_out, "%s\n", indent);
-#endif
-		return 1;
-		}
-
-	cmds = sk_OPENSSL_STRING_new_null();
-
-	if(!cmds)
-		goto err;
-	do {
-		int len;
-		/* Get the command input flags */
-		if((flags = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, num,
-					NULL, NULL)) < 0)
-			goto err;
-                if (!(flags & ENGINE_CMD_FLAG_INTERNAL) || verbose >= 4)
-                        {
-                        /* Get the command name */
-                        if((len = ENGINE_ctrl(e, ENGINE_CTRL_GET_NAME_LEN_FROM_CMD, num,
-                                NULL, NULL)) <= 0)
-                                goto err;
-                        if((name = OPENSSL_malloc(len + 1)) == NULL)
-                                goto err;
-                        if(ENGINE_ctrl(e, ENGINE_CTRL_GET_NAME_FROM_CMD, num, name,
-                                NULL) <= 0)
-                                goto err;
-                        /* Get the command description */
-                        if((len = ENGINE_ctrl(e, ENGINE_CTRL_GET_DESC_LEN_FROM_CMD, num,
-                                NULL, NULL)) < 0)
-                                goto err;
-                        if(len > 0)
-                                {
-                                if((desc = OPENSSL_malloc(len + 1)) == NULL)
-                                        goto err;
-                                if(ENGINE_ctrl(e, ENGINE_CTRL_GET_DESC_FROM_CMD, num, desc,
-                                        NULL) <= 0)
-                                        goto err;
-                                }
-                        /* Now decide on the output */
-                        if(xpos == 0)
-                                /* Do an indent */
-                                xpos = BIO_puts(bio_out, indent);
-                        else
-                                /* Otherwise prepend a ", " */
-                                xpos += BIO_printf(bio_out, ", ");
-                        if(verbose == 1)
-                                {
-                                /* We're just listing names, comma-delimited */
-                                if((xpos > (int)strlen(indent)) &&
-					(xpos + (int)strlen(name) > line_wrap))
-                                        {
-                                        BIO_printf(bio_out, "\n");
-                                        xpos = BIO_puts(bio_out, indent);
-                                        }
-                                xpos += BIO_printf(bio_out, "%s", name);
-                                }
-                        else
-                                {
-                                /* We're listing names plus descriptions */
-                                BIO_printf(bio_out, "%s: %s\n", name,
-                                        (desc == NULL) ? "" : desc);
-                                /* ... and sometimes input flags */
-                                if((verbose >= 3) && !util_flags(bio_out, flags,
-                                        indent))
-                                        goto err;
-                                xpos = 0;
-                                }
-                        }
-		OPENSSL_free(name); name = NULL;
-		if(desc) { OPENSSL_free(desc); desc = NULL; }
-		/* Move to the next command */
-		num = ENGINE_ctrl(e, ENGINE_CTRL_GET_NEXT_CMD_TYPE,
-					num, NULL, NULL);
-		} while(num > 0);
-	if(xpos > 0)
-		BIO_printf(bio_out, "\n");
-	ret = 1;
-err:
-	if(cmds) sk_OPENSSL_STRING_pop_free(cmds, identity);
-	if(name) OPENSSL_free(name);
-	if(desc) OPENSSL_free(desc);
-	return ret;
-	}
-
-static void util_do_cmds(ENGINE *e, STACK_OF(OPENSSL_STRING) *cmds,
-			BIO *bio_out, const char *indent)
-	{
-	int loop, res, num = sk_OPENSSL_STRING_num(cmds);
-
-	if(num < 0)
-		{
-		BIO_printf(bio_out, "[Error]: internal stack error\n");
-		return;
-		}
-	for(loop = 0; loop < num; loop++)
-		{
-		char buf[256];
-		const char *cmd, *arg;
-		cmd = sk_OPENSSL_STRING_value(cmds, loop);
-		res = 1; /* assume success */
-		/* Check if this command has no ":arg" */
-		if((arg = strstr(cmd, ":")) == NULL)
-			{
-			if(!ENGINE_ctrl_cmd_string(e, cmd, NULL, 0))
-				res = 0;
-			}
-		else
-			{
-			if((int)(arg - cmd) > 254)
-				{
-				BIO_printf(bio_out,"[Error]: command name too long\n");
-				return;
-				}
-			memcpy(buf, cmd, (int)(arg - cmd));
-			buf[arg-cmd] = '\0';
-			arg++; /* Move past the ":" */
-			/* Call the command with the argument */
-			if(!ENGINE_ctrl_cmd_string(e, buf, arg, 0))
-				res = 0;
-			}
-		if(res)
-			BIO_printf(bio_out, "[Success]: %s\n", cmd);
-		else
-			{
-			BIO_printf(bio_out, "[Failure]: %s\n", cmd);
-			ERR_print_errors(bio_out);
-			}
-		}
-	}
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	int ret=1,i;
-	const char **pp;
-	int verbose=0, list_cap=0, test_avail=0, test_avail_noise = 0;
-	ENGINE *e;
-	STACK_OF(OPENSSL_STRING) *engines = sk_OPENSSL_STRING_new_null();
-	STACK_OF(OPENSSL_STRING) *pre_cmds = sk_OPENSSL_STRING_new_null();
-	STACK_OF(OPENSSL_STRING) *post_cmds = sk_OPENSSL_STRING_new_null();
-	int badops=1;
-	BIO *bio_out=NULL;
-	const char *indent = "     ";
-
-	apps_startup();
-	SSL_load_error_strings();
-
-	if (bio_err == NULL)
-		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-	bio_out=BIO_new_fp(stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-	{
-	BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-	bio_out = BIO_push(tmpbio, bio_out);
-	}
-#endif
-
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if (strncmp(*argv,"-v",2) == 0)
-			{
-			if(strspn(*argv + 1, "v") < strlen(*argv + 1))
-				goto skip_arg_loop;
-			if((verbose=strlen(*argv + 1)) > 4)
-				goto skip_arg_loop;
-			}
-		else if (strcmp(*argv,"-c") == 0)
-			list_cap=1;
-		else if (strncmp(*argv,"-t",2) == 0)
-			{
-			test_avail=1;
-			if(strspn(*argv + 1, "t") < strlen(*argv + 1))
-				goto skip_arg_loop;
-			if((test_avail_noise = strlen(*argv + 1) - 1) > 1)
-				goto skip_arg_loop;
-			}
-		else if (strcmp(*argv,"-pre") == 0)
-			{
-			argc--; argv++;
-			if (argc == 0)
-				goto skip_arg_loop;
-			sk_OPENSSL_STRING_push(pre_cmds,*argv);
-			}
-		else if (strcmp(*argv,"-post") == 0)
-			{
-			argc--; argv++;
-			if (argc == 0)
-				goto skip_arg_loop;
-			sk_OPENSSL_STRING_push(post_cmds,*argv);
-			}
-		else if ((strncmp(*argv,"-h",2) == 0) ||
-				(strcmp(*argv,"-?") == 0))
-			goto skip_arg_loop;
-		else
-			sk_OPENSSL_STRING_push(engines,*argv);
-		argc--;
-		argv++;
-		}
-	/* Looks like everything went OK */
-	badops = 0;
-skip_arg_loop:
-
-	if (badops)
-		{
-		for (pp=engine_usage; (*pp != NULL); pp++)
-			BIO_printf(bio_err,"%s",*pp);
-		goto end;
-		}
-
-	if (sk_OPENSSL_STRING_num(engines) == 0)
-		{
-		for(e = ENGINE_get_first(); e != NULL; e = ENGINE_get_next(e))
-			{
-			sk_OPENSSL_STRING_push(engines,(char *)ENGINE_get_id(e));
-			}
-		}
-
-	for (i=0; i 0) && !util_verbose(e, verbose, bio_out, indent))
-				goto end;
-			ENGINE_free(e);
-			}
-		else
-			ERR_print_errors(bio_err);
-		}
-
-	ret=0;
-end:
-
-	ERR_print_errors(bio_err);
-	sk_OPENSSL_STRING_pop_free(engines, identity);
-	sk_OPENSSL_STRING_pop_free(pre_cmds, identity);
-	sk_OPENSSL_STRING_pop_free(post_cmds, identity);
-	if (bio_out != NULL) BIO_free_all(bio_out);
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-#else
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/deps/openssl/openssl/apps/errstr.c b/deps/openssl/openssl/apps/errstr.c
deleted file mode 100644
index fe3b98077ee..00000000000
--- a/deps/openssl/openssl/apps/errstr.c
+++ /dev/null
@@ -1,128 +0,0 @@
-/* apps/errstr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include 
-#include 
-#include 
-#include "apps.h"
-#include 
-#include 
-#include 
-#include 
-
-#undef PROG
-#define PROG	errstr_main
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	int i,ret=0;
-	char buf[256];
-	unsigned long l;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	SSL_load_error_strings();
-
-	if ((argc > 1) && (strcmp(argv[1],"-stats") == 0))
-		{
-		BIO *out=NULL;
-
-		out=BIO_new(BIO_s_file());
-		if ((out != NULL) && BIO_set_fp(out,stdout,BIO_NOCLOSE))
-			{
-#ifdef OPENSSL_SYS_VMS
-			{
-			BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-			out = BIO_push(tmpbio, out);
-			}
-#endif
-			lh_ERR_STRING_DATA_node_stats_bio(
-						  ERR_get_string_table(), out);
-			lh_ERR_STRING_DATA_stats_bio(ERR_get_string_table(),
-						     out);
-			lh_ERR_STRING_DATA_node_usage_stats_bio(
-						    ERR_get_string_table(),out);
-			}
-		if (out != NULL) BIO_free_all(out);
-		argc--;
-		argv++;
-		}
-
-	for (i=1; i ...\n");
-			ret++;
-			}
-		}
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
diff --git a/deps/openssl/openssl/apps/gendh.c b/deps/openssl/openssl/apps/gendh.c
deleted file mode 100644
index 4ec776ba939..00000000000
--- a/deps/openssl/openssl/apps/gendh.c
+++ /dev/null
@@ -1,241 +0,0 @@
-/* apps/gendh.c */
-/* obsoleted by dhparam.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include 
-/* Until the key-gen callbacks are modified to use newer prototypes, we allow
- * deprecated functions for openssl-internal code */
-#ifdef OPENSSL_NO_DEPRECATED
-#undef OPENSSL_NO_DEPRECATED
-#endif
-
-#ifndef OPENSSL_NO_DH
-#include 
-#include 
-#include 
-#include 
-#include "apps.h"
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-
-#define DEFBITS	512
-#undef PROG
-#define PROG gendh_main
-
-static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb);
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	BN_GENCB cb;
-	DH *dh=NULL;
-	int ret=1,num=DEFBITS;
-	int g=2;
-	char *outfile=NULL;
-	char *inrand=NULL;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-	BIO *out=NULL;
-
-	apps_startup();
-
-	BN_GENCB_set(&cb, dh_cb, bio_err);
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	argv++;
-	argc--;
-	for (;;)
-		{
-		if (argc <= 0) break;
-		if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-2") == 0)
-			g=2;
-	/*	else if (strcmp(*argv,"-3") == 0)
-			g=3; */
-		else if (strcmp(*argv,"-5") == 0)
-			g=5;
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
-			}
-#endif
-		else if (strcmp(*argv,"-rand") == 0)
-			{
-			if (--argc < 1) goto bad;
-			inrand= *(++argv);
-			}
-		else
-			break;
-		argv++;
-		argc--;
-		}
-	if ((argc >= 1) && ((sscanf(*argv,"%d",&num) == 0) || (num < 0)))
-		{
-bad:
-		BIO_printf(bio_err,"usage: gendh [args] [numbits]\n");
-		BIO_printf(bio_err," -out file - output the key to 'file\n");
-		BIO_printf(bio_err," -2        - use 2 as the generator value\n");
-	/*	BIO_printf(bio_err," -3        - use 3 as the generator value\n"); */
-		BIO_printf(bio_err," -5        - use 5 as the generator value\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n");
-#endif
-		BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
-		BIO_printf(bio_err,"           - load the file (or the files in the directory) into\n");
-		BIO_printf(bio_err,"             the random number generator\n");
-		goto end;
-		}
-		
-#ifndef OPENSSL_NO_ENGINE
-        setup_engine(bio_err, engine, 0);
-#endif
-
-	out=BIO_new(BIO_s_file());
-	if (out == NULL)
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
-			perror(outfile);
-			goto end;
-			}
-		}
-
-	if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)
-		{
-		BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
-		}
-	if (inrand != NULL)
-		BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
-			app_RAND_load_files(inrand));
-
-	BIO_printf(bio_err,"Generating DH parameters, %d bit long safe prime, generator %d\n",num,g);
-	BIO_printf(bio_err,"This is going to take a long time\n");
-
-	if(((dh = DH_new()) == NULL) || !DH_generate_parameters_ex(dh, num, g, &cb))
-		goto end;
-		
-	app_RAND_write_file(NULL, bio_err);
-
-	if (!PEM_write_bio_DHparams(out,dh))
-		goto end;
-	ret=0;
-end:
-	if (ret != 0)
-		ERR_print_errors(bio_err);
-	if (out != NULL) BIO_free_all(out);
-	if (dh != NULL) DH_free(dh);
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-
-static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb)
-	{
-	char c='*';
-
-	if (p == 0) c='.';
-	if (p == 1) c='+';
-	if (p == 2) c='*';
-	if (p == 3) c='\n';
-	BIO_write(cb->arg,&c,1);
-	(void)BIO_flush(cb->arg);
-#ifdef LINT
-	p=n;
-#endif
-	return 1;
-	}
-#else /* !OPENSSL_NO_DH */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/deps/openssl/openssl/apps/gendsa.c b/deps/openssl/openssl/apps/gendsa.c
deleted file mode 100644
index 62ea9779051..00000000000
--- a/deps/openssl/openssl/apps/gendsa.c
+++ /dev/null
@@ -1,285 +0,0 @@
-/* apps/gendsa.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include 	/* for OPENSSL_NO_DSA */
-#ifndef OPENSSL_NO_DSA
-#include 
-#include 
-#include 
-#include 
-#include "apps.h"
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-
-#define DEFBITS	512
-#undef PROG
-#define PROG gendsa_main
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	DSA *dsa=NULL;
-	int ret=1;
-	char *outfile=NULL;
-	char *inrand=NULL,*dsaparams=NULL;
-	char *passargout = NULL, *passout = NULL;
-	BIO *out=NULL,*in=NULL;
-	const EVP_CIPHER *enc=NULL;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	argv++;
-	argc--;
-	for (;;)
-		{
-		if (argc <= 0) break;
-		if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-passout") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passargout= *(++argv);
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
-			}
-#endif
-		else if (strcmp(*argv,"-rand") == 0)
-			{
-			if (--argc < 1) goto bad;
-			inrand= *(++argv);
-			}
-		else if (strcmp(*argv,"-") == 0)
-			goto bad;
-#ifndef OPENSSL_NO_DES
-		else if (strcmp(*argv,"-des") == 0)
-			enc=EVP_des_cbc();
-		else if (strcmp(*argv,"-des3") == 0)
-			enc=EVP_des_ede3_cbc();
-#endif
-#ifndef OPENSSL_NO_IDEA
-		else if (strcmp(*argv,"-idea") == 0)
-			enc=EVP_idea_cbc();
-#endif
-#ifndef OPENSSL_NO_SEED
-		else if (strcmp(*argv,"-seed") == 0)
-			enc=EVP_seed_cbc();
-#endif
-#ifndef OPENSSL_NO_AES
-		else if (strcmp(*argv,"-aes128") == 0)
-			enc=EVP_aes_128_cbc();
-		else if (strcmp(*argv,"-aes192") == 0)
-			enc=EVP_aes_192_cbc();
-		else if (strcmp(*argv,"-aes256") == 0)
-			enc=EVP_aes_256_cbc();
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-		else if (strcmp(*argv,"-camellia128") == 0)
-			enc=EVP_camellia_128_cbc();
-		else if (strcmp(*argv,"-camellia192") == 0)
-			enc=EVP_camellia_192_cbc();
-		else if (strcmp(*argv,"-camellia256") == 0)
-			enc=EVP_camellia_256_cbc();
-#endif
-		else if (**argv != '-' && dsaparams == NULL)
-			{
-			dsaparams = *argv;
-			}
-		else
-			goto bad;
-		argv++;
-		argc--;
-		}
-
-	if (dsaparams == NULL)
-		{
-bad:
-		BIO_printf(bio_err,"usage: gendsa [args] dsaparam-file\n");
-		BIO_printf(bio_err," -out file - output the key to 'file'\n");
-#ifndef OPENSSL_NO_DES
-		BIO_printf(bio_err," -des      - encrypt the generated key with DES in cbc mode\n");
-		BIO_printf(bio_err," -des3     - encrypt the generated key with DES in ede cbc mode (168 bit key)\n");
-#endif
-#ifndef OPENSSL_NO_IDEA
-		BIO_printf(bio_err," -idea     - encrypt the generated key with IDEA in cbc mode\n");
-#endif
-#ifndef OPENSSL_NO_SEED
-		BIO_printf(bio_err," -seed\n");
-		BIO_printf(bio_err,"                 encrypt PEM output with cbc seed\n");
-#endif
-#ifndef OPENSSL_NO_AES
-		BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
-		BIO_printf(bio_err,"                 encrypt PEM output with cbc aes\n");
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-		BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n");
-		BIO_printf(bio_err,"                 encrypt PEM output with cbc camellia\n");
-#endif
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n");
-#endif
-		BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
-		BIO_printf(bio_err,"           - load the file (or the files in the directory) into\n");
-		BIO_printf(bio_err,"             the random number generator\n");
-		BIO_printf(bio_err," dsaparam-file\n");
-		BIO_printf(bio_err,"           - a DSA parameter file as generated by the dsaparam command\n");
-		goto end;
-		}
-
-#ifndef OPENSSL_NO_ENGINE
-        setup_engine(bio_err, engine, 0);
-#endif
-
-	if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {
-		BIO_printf(bio_err, "Error getting password\n");
-		goto end;
-	}
-
-
-	in=BIO_new(BIO_s_file());
-	if (!(BIO_read_filename(in,dsaparams)))
-		{
-		perror(dsaparams);
-		goto end;
-		}
-
-	if ((dsa=PEM_read_bio_DSAparams(in,NULL,NULL,NULL)) == NULL)
-		{
-		BIO_printf(bio_err,"unable to load DSA parameter file\n");
-		goto end;
-		}
-	BIO_free(in);
-	in = NULL;
-		
-	out=BIO_new(BIO_s_file());
-	if (out == NULL) goto end;
-
-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
-			perror(outfile);
-			goto end;
-			}
-		}
-
-	if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)
-		{
-		BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
-		}
-	if (inrand != NULL)
-		BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
-			app_RAND_load_files(inrand));
-
-	BIO_printf(bio_err,"Generating DSA key, %d bits\n",
-							BN_num_bits(dsa->p));
-	if (!DSA_generate_key(dsa)) goto end;
-
-	app_RAND_write_file(NULL, bio_err);
-
-	if (!PEM_write_bio_DSAPrivateKey(out,dsa,enc,NULL,0,NULL, passout))
-		goto end;
-	ret=0;
-end:
-	if (ret != 0)
-		ERR_print_errors(bio_err);
-	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free_all(out);
-	if (dsa != NULL) DSA_free(dsa);
-	if(passout) OPENSSL_free(passout);
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-#else /* !OPENSSL_NO_DSA */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/deps/openssl/openssl/apps/genpkey.c b/deps/openssl/openssl/apps/genpkey.c
deleted file mode 100644
index 6dfda08b9e0..00000000000
--- a/deps/openssl/openssl/apps/genpkey.c
+++ /dev/null
@@ -1,440 +0,0 @@
-/* apps/genpkey.c */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2006
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#include 
-#include 
-#include "apps.h"
-#include 
-#include 
-#include 
-#ifndef OPENSSL_NO_ENGINE
-#include 
-#endif
-
-static int init_keygen_file(BIO *err, EVP_PKEY_CTX **pctx,
-				const char *file, ENGINE *e);
-static int genpkey_cb(EVP_PKEY_CTX *ctx);
-
-#define PROG genpkey_main
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	ENGINE *e = NULL;
-	char **args, *outfile = NULL;
-	char *passarg = NULL;
-	BIO *in = NULL, *out = NULL;
-	const EVP_CIPHER *cipher = NULL;
-	int outformat;
-	int text = 0;
-	EVP_PKEY *pkey=NULL;
-	EVP_PKEY_CTX *ctx = NULL;
-	char *pass = NULL;
-	int badarg = 0;
-	int ret = 1, rv;
-
-	int do_param = 0;
-
-	if (bio_err == NULL)
-		bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	outformat=FORMAT_PEM;
-
-	ERR_load_crypto_strings();
-	OpenSSL_add_all_algorithms();
-	args = argv + 1;
-	while (!badarg && *args && *args[0] == '-')
-		{
-		if (!strcmp(*args,"-outform"))
-			{
-			if (args[1])
-				{
-				args++;
-				outformat=str2fmt(*args);
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args,"-pass"))
-			{
-			if (!args[1]) goto bad;
-			passarg= *(++args);
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*args,"-engine") == 0)
-			{
-			if (!args[1])
-				goto bad;
-        		e = setup_engine(bio_err, *(++args), 0);
-			}
-#endif
-		else if (!strcmp (*args, "-paramfile"))
-			{
-			if (!args[1])
-				goto bad;
-			args++;
-			if (do_param == 1)
-				goto bad;
-			if (!init_keygen_file(bio_err, &ctx, *args, e))
-				goto end;
-			}
-		else if (!strcmp (*args, "-out"))
-			{
-			if (args[1])
-				{
-				args++;
-				outfile = *args;
-				}
-			else badarg = 1;
-			}
-		else if (strcmp(*args,"-algorithm") == 0)
-			{
-			if (!args[1])
-				goto bad;
-			if (!init_gen_str(bio_err, &ctx, *(++args),e, do_param))
-				goto end;
-			}
-		else if (strcmp(*args,"-pkeyopt") == 0)
-			{
-			if (!args[1])
-				goto bad;
-			if (!ctx)
-				{
-				BIO_puts(bio_err, "No keytype specified\n");
-				goto bad;
-				}
-			else if (pkey_ctrl_string(ctx, *(++args)) <= 0)
-				{
-				BIO_puts(bio_err, "parameter setting error\n");
-				ERR_print_errors(bio_err);
-				goto end;
-				}
-			}
-		else if (strcmp(*args,"-genparam") == 0)
-			{
-			if (ctx)
-				goto bad;
-			do_param = 1;
-			}
-		else if (strcmp(*args,"-text") == 0)
-			text=1;
-		else
-			{
-			cipher = EVP_get_cipherbyname(*args + 1);
-			if (!cipher)
-				{
-				BIO_printf(bio_err, "Unknown cipher %s\n",
-								*args + 1);
-				badarg = 1;
-				}
-			if (do_param == 1)
-				badarg = 1;
-			}
-		args++;
-		}
-
-	if (!ctx)
-		badarg = 1;
-
-	if (badarg)
-		{
-		bad:
-		BIO_printf(bio_err, "Usage: genpkey [options]\n");
-		BIO_printf(bio_err, "where options may be\n");
-		BIO_printf(bio_err, "-out file          output file\n");
-		BIO_printf(bio_err, "-outform X         output format (DER or PEM)\n");
-		BIO_printf(bio_err, "-pass arg          output file pass phrase source\n");
-		BIO_printf(bio_err, "-          use cipher  to encrypt the key\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err, "-engine e          use engine e, possibly a hardware device.\n");
-#endif
-		BIO_printf(bio_err, "-paramfile file    parameters file\n");
-		BIO_printf(bio_err, "-algorithm alg     the public key algorithm\n");
-		BIO_printf(bio_err, "-pkeyopt opt:value set the public key algorithm option \n"
-				            "                   to value \n");
-		BIO_printf(bio_err, "-genparam          generate parameters, not key\n");
-		BIO_printf(bio_err, "-text              print the in text\n");
-		BIO_printf(bio_err, "NB: options order may be important!  See the manual page.\n");
-		goto end;
-		}
-
-	if (!app_passwd(bio_err, passarg, NULL, &pass, NULL))
-		{
-		BIO_puts(bio_err, "Error getting password\n");
-		goto end;
-		}
-
-	if (outfile)
-		{
-		if (!(out = BIO_new_file (outfile, "wb")))
-			{
-			BIO_printf(bio_err,
-				 "Can't open output file %s\n", outfile);
-			goto end;
-			}
-		}
-	else
-		{
-		out = BIO_new_fp (stdout, BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-			{
-			BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-			out = BIO_push(tmpbio, out);
-			}
-#endif
-		}
-
-	EVP_PKEY_CTX_set_cb(ctx, genpkey_cb);
-	EVP_PKEY_CTX_set_app_data(ctx, bio_err);
-
-	if (do_param)
-		{
-		if (EVP_PKEY_paramgen(ctx, &pkey) <= 0)
-			{
-			BIO_puts(bio_err, "Error generating parameters\n");
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		}
-	else
-		{
-		if (EVP_PKEY_keygen(ctx, &pkey) <= 0)
-			{
-			BIO_puts(bio_err, "Error generating key\n");
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		}
-
-	if (do_param)
-		rv = PEM_write_bio_Parameters(out, pkey);
-	else if (outformat == FORMAT_PEM) 
-		rv = PEM_write_bio_PrivateKey(out, pkey, cipher, NULL, 0,
-								NULL, pass);
-	else if (outformat == FORMAT_ASN1)
-		rv = i2d_PrivateKey_bio(out, pkey);
-	else
-		{
-		BIO_printf(bio_err, "Bad format specified for key\n");
-		goto end;
-		}
-
-	if (rv <= 0)
-		{
-		BIO_puts(bio_err, "Error writing key\n");
-		ERR_print_errors(bio_err);
-		}
-
-	if (text)
-		{
-		if (do_param)
-			rv = EVP_PKEY_print_params(out, pkey, 0, NULL);
-		else
-			rv = EVP_PKEY_print_private(out, pkey, 0, NULL);
-
-		if (rv <= 0)
-			{
-			BIO_puts(bio_err, "Error printing key\n");
-			ERR_print_errors(bio_err);
-			}
-		}
-
-	ret = 0;
-
-	end:
-	if (pkey)
-		EVP_PKEY_free(pkey);
-	if (ctx)
-		EVP_PKEY_CTX_free(ctx);
-	if (out)
-		BIO_free_all(out);
-	BIO_free(in);
-	if (pass)
-		OPENSSL_free(pass);
-
-	return ret;
-	}
-
-static int init_keygen_file(BIO *err, EVP_PKEY_CTX **pctx,
-				const char *file, ENGINE *e)
-	{
-	BIO *pbio;
-	EVP_PKEY *pkey = NULL;
-	EVP_PKEY_CTX *ctx = NULL;
-	if (*pctx)
-		{
-		BIO_puts(err, "Parameters already set!\n");
-		return 0;
-		}
-
-	pbio = BIO_new_file(file, "r");
-	if (!pbio)
-		{
-		BIO_printf(err, "Can't open parameter file %s\n", file);
-		return 0;
-		}
-
-	pkey = PEM_read_bio_Parameters(pbio, NULL);
-	BIO_free(pbio);
-
-	if (!pkey)
-		{
-		BIO_printf(bio_err, "Error reading parameter file %s\n", file);
-		return 0;
-		}
-
-	ctx = EVP_PKEY_CTX_new(pkey, e);
-	if (!ctx)
-		goto err;
-	if (EVP_PKEY_keygen_init(ctx) <= 0)
-		goto err;
-	EVP_PKEY_free(pkey);
-	*pctx = ctx;
-	return 1;
-
-	err:
-	BIO_puts(err, "Error initializing context\n");
-	ERR_print_errors(err);
-	if (ctx)
-		EVP_PKEY_CTX_free(ctx);
-	if (pkey)
-		EVP_PKEY_free(pkey);
-	return 0;
-
-	}
-
-int init_gen_str(BIO *err, EVP_PKEY_CTX **pctx,
-			const char *algname, ENGINE *e, int do_param)
-	{
-	EVP_PKEY_CTX *ctx = NULL;
-	const EVP_PKEY_ASN1_METHOD *ameth;
-	ENGINE *tmpeng = NULL;
-	int pkey_id;
-
-	if (*pctx)
-		{
-		BIO_puts(err, "Algorithm already set!\n");
-		return 0;
-		}
-
-	ameth = EVP_PKEY_asn1_find_str(&tmpeng, algname, -1);
-
-#ifndef OPENSSL_NO_ENGINE
-	if (!ameth && e)
-		ameth = ENGINE_get_pkey_asn1_meth_str(e, algname, -1);
-#endif
-
-	if (!ameth)
-		{
-		BIO_printf(bio_err, "Algorithm %s not found\n", algname);
-		return 0;
-		}
-
-	ERR_clear_error();
-
-	EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL, ameth);
-#ifndef OPENSSL_NO_ENGINE
-	if (tmpeng)
-		ENGINE_finish(tmpeng);
-#endif
-	ctx = EVP_PKEY_CTX_new_id(pkey_id, e);
-
-	if (!ctx)
-		goto err;
-	if (do_param)
-		{
-		if (EVP_PKEY_paramgen_init(ctx) <= 0)
-			goto err;
-		}
-	else
-		{
-		if (EVP_PKEY_keygen_init(ctx) <= 0)
-			goto err;
-		}
-
-	*pctx = ctx;
-	return 1;
-
-	err:
-	BIO_printf(err, "Error initializing %s context\n", algname);
-	ERR_print_errors(err);
-	if (ctx)
-		EVP_PKEY_CTX_free(ctx);
-	return 0;
-
-	}
-
-static int genpkey_cb(EVP_PKEY_CTX *ctx)
-	{
-	char c='*';
-	BIO *b = EVP_PKEY_CTX_get_app_data(ctx);
-	int p;
-	p = EVP_PKEY_CTX_get_keygen_info(ctx, 0);
-	if (p == 0) c='.';
-	if (p == 1) c='+';
-	if (p == 2) c='*';
-	if (p == 3) c='\n';
-	BIO_write(b,&c,1);
-	(void)BIO_flush(b);
-#ifdef LINT
-	p=n;
-#endif
-	return 1;
-	}
diff --git a/deps/openssl/openssl/apps/genrsa.c b/deps/openssl/openssl/apps/genrsa.c
deleted file mode 100644
index 37e9310910b..00000000000
--- a/deps/openssl/openssl/apps/genrsa.c
+++ /dev/null
@@ -1,335 +0,0 @@
-/* apps/genrsa.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include 
-/* Until the key-gen callbacks are modified to use newer prototypes, we allow
- * deprecated functions for openssl-internal code */
-#ifdef OPENSSL_NO_DEPRECATED
-#undef OPENSSL_NO_DEPRECATED
-#endif
-
-#ifndef OPENSSL_NO_RSA
-#include 
-#include 
-#include 
-#include 
-#include "apps.h"
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-
-#define DEFBITS	512
-#undef PROG
-#define PROG genrsa_main
-
-static int MS_CALLBACK genrsa_cb(int p, int n, BN_GENCB *cb);
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	BN_GENCB cb;
-#ifndef OPENSSL_NO_ENGINE
-	ENGINE *e = NULL;
-#endif
-	int ret=1;
-	int i,num=DEFBITS;
-	long l;
-	const EVP_CIPHER *enc=NULL;
-	unsigned long f4=RSA_F4;
-	char *outfile=NULL;
-	char *passargout = NULL, *passout = NULL;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-	char *inrand=NULL;
-	BIO *out=NULL;
-	BIGNUM *bn = BN_new();
-	RSA *rsa = NULL;
-
-	if(!bn) goto err;
-
-	apps_startup();
-	BN_GENCB_set(&cb, genrsa_cb, bio_err);
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (!load_config(bio_err, NULL))
-		goto err;
-	if ((out=BIO_new(BIO_s_file())) == NULL)
-		{
-		BIO_printf(bio_err,"unable to create BIO for output\n");
-		goto err;
-		}
-
-	argv++;
-	argc--;
-	for (;;)
-		{
-		if (argc <= 0) break;
-		if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-3") == 0)
-			f4=3;
-		else if (strcmp(*argv,"-F4") == 0 || strcmp(*argv,"-f4") == 0)
-			f4=RSA_F4;
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
-			}
-#endif
-		else if (strcmp(*argv,"-rand") == 0)
-			{
-			if (--argc < 1) goto bad;
-			inrand= *(++argv);
-			}
-#ifndef OPENSSL_NO_DES
-		else if (strcmp(*argv,"-des") == 0)
-			enc=EVP_des_cbc();
-		else if (strcmp(*argv,"-des3") == 0)
-			enc=EVP_des_ede3_cbc();
-#endif
-#ifndef OPENSSL_NO_IDEA
-		else if (strcmp(*argv,"-idea") == 0)
-			enc=EVP_idea_cbc();
-#endif
-#ifndef OPENSSL_NO_SEED
-		else if (strcmp(*argv,"-seed") == 0)
-			enc=EVP_seed_cbc();
-#endif
-#ifndef OPENSSL_NO_AES
-		else if (strcmp(*argv,"-aes128") == 0)
-			enc=EVP_aes_128_cbc();
-		else if (strcmp(*argv,"-aes192") == 0)
-			enc=EVP_aes_192_cbc();
-		else if (strcmp(*argv,"-aes256") == 0)
-			enc=EVP_aes_256_cbc();
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-		else if (strcmp(*argv,"-camellia128") == 0)
-			enc=EVP_camellia_128_cbc();
-		else if (strcmp(*argv,"-camellia192") == 0)
-			enc=EVP_camellia_192_cbc();
-		else if (strcmp(*argv,"-camellia256") == 0)
-			enc=EVP_camellia_256_cbc();
-#endif
-		else if (strcmp(*argv,"-passout") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passargout= *(++argv);
-			}
-		else
-			break;
-		argv++;
-		argc--;
-		}
-	if ((argc >= 1) && ((sscanf(*argv,"%d",&num) == 0) || (num < 0)))
-		{
-bad:
-		BIO_printf(bio_err,"usage: genrsa [args] [numbits]\n");
-		BIO_printf(bio_err," -des            encrypt the generated key with DES in cbc mode\n");
-		BIO_printf(bio_err," -des3           encrypt the generated key with DES in ede cbc mode (168 bit key)\n");
-#ifndef OPENSSL_NO_IDEA
-		BIO_printf(bio_err," -idea           encrypt the generated key with IDEA in cbc mode\n");
-#endif
-#ifndef OPENSSL_NO_SEED
-		BIO_printf(bio_err," -seed\n");
-		BIO_printf(bio_err,"                 encrypt PEM output with cbc seed\n");
-#endif
-#ifndef OPENSSL_NO_AES
-		BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
-		BIO_printf(bio_err,"                 encrypt PEM output with cbc aes\n");
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-		BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n");
-		BIO_printf(bio_err,"                 encrypt PEM output with cbc camellia\n");
-#endif
-		BIO_printf(bio_err," -out file       output the key to 'file\n");
-		BIO_printf(bio_err," -passout arg    output file pass phrase source\n");
-		BIO_printf(bio_err," -f4             use F4 (0x10001) for the E value\n");
-		BIO_printf(bio_err," -3              use 3 for the E value\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," -engine e       use engine e, possibly a hardware device.\n");
-#endif
-		BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
-		BIO_printf(bio_err,"                 load the file (or the files in the directory) into\n");
-		BIO_printf(bio_err,"                 the random number generator\n");
-		goto err;
-		}
-		
-	ERR_load_crypto_strings();
-
-	if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {
-		BIO_printf(bio_err, "Error getting password\n");
-		goto err;
-	}
-
-#ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
-#endif
-
-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
-			perror(outfile);
-			goto err;
-			}
-		}
-
-	if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
-		&& !RAND_status())
-		{
-		BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
-		}
-	if (inrand != NULL)
-		BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
-			app_RAND_load_files(inrand));
-
-	BIO_printf(bio_err,"Generating RSA private key, %d bit long modulus\n",
-		num);
-#ifdef OPENSSL_NO_ENGINE
-	rsa = RSA_new();
-#else
-	rsa = RSA_new_method(e);
-#endif
-	if (!rsa)
-		goto err;
-
-	if(!BN_set_word(bn, f4) || !RSA_generate_key_ex(rsa, num, bn, &cb))
-		goto err;
-		
-	app_RAND_write_file(NULL, bio_err);
-
-	/* We need to do the following for when the base number size is <
-	 * long, esp windows 3.1 :-(. */
-	l=0L;
-	for (i=0; ie->top; i++)
-		{
-#ifndef SIXTY_FOUR_BIT
-		l<<=BN_BITS4;
-		l<<=BN_BITS4;
-#endif
-		l+=rsa->e->d[i];
-		}
-	BIO_printf(bio_err,"e is %ld (0x%lX)\n",l,l);
-	{
-	PW_CB_DATA cb_data;
-	cb_data.password = passout;
-	cb_data.prompt_info = outfile;
-	if (!PEM_write_bio_RSAPrivateKey(out,rsa,enc,NULL,0,
-		(pem_password_cb *)password_callback,&cb_data))
-		goto err;
-	}
-
-	ret=0;
-err:
-	if (bn) BN_free(bn);
-	if (rsa) RSA_free(rsa);
-	if (out) BIO_free_all(out);
-	if(passout) OPENSSL_free(passout);
-	if (ret != 0)
-		ERR_print_errors(bio_err);
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-
-static int MS_CALLBACK genrsa_cb(int p, int n, BN_GENCB *cb)
-	{
-	char c='*';
-
-	if (p == 0) c='.';
-	if (p == 1) c='+';
-	if (p == 2) c='*';
-	if (p == 3) c='\n';
-	BIO_write(cb->arg,&c,1);
-	(void)BIO_flush(cb->arg);
-#ifdef LINT
-	p=n;
-#endif
-	return 1;
-	}
-#else /* !OPENSSL_NO_RSA */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/deps/openssl/openssl/apps/install-apps.com b/deps/openssl/openssl/apps/install-apps.com
deleted file mode 100644
index 7a553aa12ec..00000000000
--- a/deps/openssl/openssl/apps/install-apps.com
+++ /dev/null
@@ -1,107 +0,0 @@
-$! INSTALL.COM -- Installs the files in a given directory tree
-$!
-$! Author: Richard Levitte 
-$! Time of creation: 22-MAY-1998 10:13
-$!
-$! P1  root of the directory tree
-$! P2  "64" for 64-bit pointers.
-$!
-$!
-$! Announce/identify.
-$!
-$ proc = f$environment( "procedure")
-$ write sys$output "@@@ "+ -
-   f$parse( proc, , , "name")+ f$parse( proc, , , "type")
-$!
-$ on error then goto tidy
-$ on control_c then goto tidy
-$!
-$ if (p1 .eqs. "")
-$ then
-$   write sys$output "First argument missing."
-$   write sys$output -
-     "It should be the directory where you want things installed."
-$   exit
-$ endif
-$!
-$ if (f$getsyi("cpu") .lt. 128)
-$ then
-$   arch = "VAX"
-$ else
-$   arch = f$edit( f$getsyi( "arch_name"), "upcase")
-$   if (arch .eqs. "") then arch = "UNK"
-$ endif
-$!
-$ archd = arch
-$!
-$ if (p2 .nes. "")
-$ then
-$   if (p2 .eqs. "64")
-$   then
-$     archd = arch+ "_64"
-$   else
-$     if (p2 .nes. "32")
-$     then
-$       write sys$output "Second argument invalid."
-$       write sys$output "It should be "32", "64", or nothing."
-$       exit
-$     endif
-$   endif
-$ endif
-$!
-$ root = f$parse( p1, "[]A.;0", , , "syntax_only, no_conceal") - "A.;0"
-$ root_dev = f$parse(root,,,"device","syntax_only")
-$ root_dir = f$parse(root,,,"directory","syntax_only") - -
-   "[000000." - "][" - "[" - "]"
-$ root = root_dev + "[" + root_dir
-$!
-$ define /nolog wrk_sslroot 'root'.] /trans=conc
-$ define /nolog wrk_sslxexe wrk_sslroot:['archd'_exe]
-$!
-$ if f$parse("wrk_sslroot:[000000]") .eqs. "" then -
-   create /directory /log wrk_sslroot:[000000]
-$ if f$parse("wrk_sslxexe:") .eqs. "" then -
-   create /directory /log wrk_sslxexe:
-$!
-$ exe := openssl
-$!
-$ exe_dir := [-.'archd'.exe.apps]
-$!
-$! Executables.
-$!
-$ i = 0
-$ loop_exe:
-$   e = f$edit(f$element( i, ",", exe), "trim")
-$   i = i + 1
-$   if e .eqs. "," then goto loop_exe_end
-$   set noon
-$   file = exe_dir+ e+ ".exe"
-$   if f$search( file) .nes. ""
-$   then
-$     copy /protection = w:re 'file' wrk_sslxexe: /log
-$   endif
-$   set on
-$ goto loop_exe
-$ loop_exe_end:
-$!
-$! Miscellaneous.
-$!
-$ set noon
-$ copy /protection = w:re ca.com wrk_sslxexe:ca.com /log
-$ copy /protection = w:re openssl-vms.cnf wrk_sslroot:[000000]openssl.cnf /log
-$ set on
-$!
-$ tidy:
-$!
-$ call deass wrk_sslroot
-$ call deass wrk_sslxexe
-$!
-$ exit
-$!
-$ deass: subroutine
-$ if (f$trnlnm( p1, "LNM$PROCESS") .nes. "")
-$ then
-$   deassign /process 'p1'
-$ endif
-$ endsubroutine
-$!
diff --git a/deps/openssl/openssl/apps/makeapps.com b/deps/openssl/openssl/apps/makeapps.com
deleted file mode 100644
index 71417a86b06..00000000000
--- a/deps/openssl/openssl/apps/makeapps.com
+++ /dev/null
@@ -1,1169 +0,0 @@
-$!
-$!  MAKEAPPS.COM
-$!  Written By:  Robert Byer
-$!               Vice-President
-$!               A-Com Computing, Inc.
-$!               byer@mail.all-net.net
-$!
-$!  Changes by Richard Levitte 
-$!             Zoltan Arpadffy    
-$!
-$!  This command files compiles and creates all the various different
-$!  "application" programs for the different types of encryption for OpenSSL.
-$!  The EXE's are placed in the directory [.xxx.EXE.APPS] where "xxx" denotes
-$!  ALPHA, IA64 or VAX, depending on your machine architecture.
-$!
-$!  It was written so it would try to determine what "C" compiler to
-$!  use or you can specify which "C" compiler to use.
-$!
-$!  Specify DEBUG or NODEBUG as P1 to compile with or without debugger
-$!  information.
-$!
-$!  Specify which compiler at P2 to try to compile under.
-$!
-$!	   VAXC	 For VAX C.
-$!	   DECC	 For DEC C.
-$!	   GNUC	 For GNU C.
-$!
-$!  If you don't specify a compiler, it will try to determine which
-$!  "C" compiler to use.
-$!
-$!  P3, if defined, sets a TCP/IP library to use, through one of the following
-$!  keywords:
-$!
-$!	UCX		for UCX
-$!	SOCKETSHR	for SOCKETSHR+NETLIB
-$!	TCPIP		for TCPIP (post UCX)
-$!
-$!  P4, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up)
-$!
-$!  P5, if defined, sets a choice of programs to compile.
-$!
-$!  P6, if defined, specifies the C pointer size.  Ignored on VAX.
-$!      ("64=ARGV" gives more efficient code with HP C V7.3 or newer.)
-$!      Supported values are:
-$!
-$!      ""       Compile with default (/NOPOINTER_SIZE)
-$!      32       Compile with /POINTER_SIZE=32 (SHORT)
-$!      64       Compile with /POINTER_SIZE=64[=ARGV] (LONG[=ARGV])
-$!               (Automatically select ARGV if compiler supports it.)
-$!      64=      Compile with /POINTER_SIZE=64 (LONG).
-$!      64=ARGV  Compile with /POINTER_SIZE=64=ARGV (LONG=ARGV).
-$!
-$!  P7, if defined, specifies a directory where ZLIB files (zlib.h,
-$!  libz.olb) may be found.  Optionally, a non-default object library
-$!  name may be included ("dev:[dir]libz_64.olb", for example).
-$!
-$!
-$! Announce/identify.
-$!
-$ proc = f$environment( "procedure")
-$ write sys$output "@@@ "+ -
-   f$parse( proc, , , "name")+ f$parse( proc, , , "type")
-$!
-$ on control_c then goto exit
-$!
-$! Define A TCP/IP Library That We Will Need To Link To.
-$! (That Is, If We Need To Link To One.)
-$!
-$ TCPIP_LIB = ""
-$ ZLIB_LIB = ""
-$!
-$! Check What Architecture We Are Using.
-$!
-$ IF (F$GETSYI("CPU").LT.128)
-$ THEN
-$!
-$!  The Architecture Is VAX.
-$!
-$   ARCH = "VAX"
-$!
-$! Else...
-$!
-$ ELSE
-$!
-$!  The Architecture Is Alpha, IA64 or whatever comes in the future.
-$!
-$   ARCH = F$EDIT( F$GETSYI( "ARCH_NAME"), "UPCASE")
-$   IF (ARCH .EQS. "") THEN ARCH = "UNK"
-$!
-$! End The Architecture Check.
-$!
-$ ENDIF
-$!
-$ ARCHD = ARCH
-$ LIB32 = "32"
-$ OPT_FILE = ""
-$ POINTER_SIZE = ""
-$!
-$! Define what programs should be compiled
-$!
-$ PROGRAMS := OPENSSL
-$!
-$! Check To Make Sure We Have Valid Command Line Parameters.
-$!
-$ GOSUB CHECK_OPTIONS
-$!
-$! Define The CRYPTO Library.
-$!
-$ CRYPTO_LIB := SYS$DISK:[-.'ARCHD'.EXE.CRYPTO]SSL_LIBCRYPTO'LIB32'.OLB
-$!
-$! Define The SSL Library.
-$!
-$ SSL_LIB := SYS$DISK:[-.'ARCHD'.EXE.SSL]SSL_LIBSSL'LIB32'.OLB
-$!
-$! Define The OBJ and EXE Directories.
-$!
-$ OBJ_DIR := SYS$DISK:[-.'ARCHD'.OBJ.APPS]
-$ EXE_DIR := SYS$DISK:[-.'ARCHD'.EXE.APPS]
-$!
-$! Specify the destination directory in any /MAP option.
-$!
-$ if (LINKMAP .eqs. "MAP")
-$ then
-$   LINKMAP = LINKMAP+ "=''EXE_DIR'"
-$ endif
-$!
-$! Add the location prefix to the linker options file name.
-$!
-$ if (OPT_FILE .nes. "")
-$ then
-$   OPT_FILE = EXE_DIR+ OPT_FILE
-$ endif
-$!
-$! Initialise logical names and such
-$!
-$ GOSUB INITIALISE
-$!
-$! Tell The User What Kind of Machine We Run On.
-$!
-$ WRITE SYS$OUTPUT "Host system architecture: ''ARCHD'"
-$!
-$! Check To See If The OBJ Directory Exists.
-$!
-$ IF (F$PARSE(OBJ_DIR).EQS."")
-$ THEN
-$!
-$!  It Dosen't Exist, So Create It.
-$!
-$   CREATE/DIRECTORY 'OBJ_DIR'
-$!
-$! End The OBJ Directory Check.
-$!
-$ ENDIF
-$!
-$! Check To See If The EXE Directory Exists.
-$!
-$ IF (F$PARSE(EXE_DIR).EQS."")
-$ THEN
-$!
-$!  It Dosen't Exist, So Create It.
-$!
-$   CREATE/DIRECTORY 'EXE_DIR'
-$!
-$! End The EXE Directory Check.
-$!
-$ ENDIF
-$!
-$! Check To See If We Have The Proper Libraries.
-$!
-$ GOSUB LIB_CHECK
-$!
-$! Check To See If We Have A Linker Option File.
-$!
-$ GOSUB CHECK_OPT_FILE
-$!
-$! Define The Application Files.
-$! NOTE: Some might think this list ugly.  However, it's made this way to
-$! reflect the E_OBJ variable in Makefile as closely as possible, thereby
-$! making it fairly easy to verify that the lists are the same.
-$!
-$ LIB_OPENSSL = "VERIFY,ASN1PARS,REQ,DGST,DH,DHPARAM,ENC,PASSWD,GENDH,ERRSTR,"+-
-	     	"CA,PKCS7,CRL2P7,CRL,"+-
-	      	"RSA,RSAUTL,DSA,DSAPARAM,EC,ECPARAM,"+-
-	      	"X509,GENRSA,GENDSA,GENPKEY,S_SERVER,S_CLIENT,SPEED,"+-
-	      	"S_TIME,APPS,S_CB,S_SOCKET,APP_RAND,VERSION,SESS_ID,"+-
-	      	"CIPHERS,NSEQ,PKCS12,PKCS8,PKEY,PKEYPARAM,PKEYUTL,"+ -
-	      	"SPKAC,SMIME,CMS,RAND,ENGINE,OCSP,PRIME,TS"
-$!
-$ LIB_OPENSSL = LIB_OPENSSL+ ",VMS_DECC_INIT"
-$!
-$ TCPIP_PROGRAMS = ",,"
-$ IF COMPILER .EQS. "VAXC" THEN -
-     TCPIP_PROGRAMS = ",OPENSSL,"
-$!
-$! Setup exceptional compilations
-$!
-$ COMPILEWITH_CC2 = ",S_SOCKET,S_SERVER,S_CLIENT,"
-$!
-$ PHASE := LIB
-$!
-$ RESTART: 
-$!
-$!  Define An App Counter And Set It To "0".
-$!
-$ APP_COUNTER = 0
-$!
-$!  Top Of The App Loop.
-$!
-$ NEXT_APP:
-$!
-$!  Make The Application File Name
-$!
-$ CURRENT_APP = F$EDIT(F$ELEMENT(APP_COUNTER,",",PROGRAMS),"TRIM")
-$!
-$!  Create The Executable File Name.
-$!
-$   EXE_FILE = EXE_DIR + CURRENT_APP + ".EXE"
-$!
-$!  Check To See If We Are At The End Of The File List.
-$!
-$ IF (CURRENT_APP.EQS.",")
-$ THEN
-$   IF (PHASE.EQS."LIB")
-$   THEN
-$     PHASE := APP
-$     GOTO RESTART
-$   ELSE
-$     GOTO APP_DONE
-$   ENDIF
-$ ENDIF
-$!
-$!  Increment The Counter.
-$!
-$ APP_COUNTER = APP_COUNTER + 1
-$!
-$!  Decide if we're building the object files or not.
-$!
-$ IF (PHASE.EQS."LIB")
-$ THEN
-$!
-$!  Define A Library File Counter And Set It To "-1".
-$!  -1 Means The Application File Name Is To Be Used.
-$!
-$   LIB_COUNTER = -1
-$!
-$!  Create a .OPT file for the object files
-$!
-$   OPEN /WRITE OBJECTS 'EXE_DIR''CURRENT_APP'.OPT
-$!
-$!  Top Of The File Loop.
-$!
-$  NEXT_LIB:
-$!
-$!  O.K, Extract The File Name From The File List.
-$!
-$   IF LIB_COUNTER .GE. 0
-$   THEN
-$     FILE_NAME = F$EDIT(F$ELEMENT(LIB_COUNTER,",",LIB_'CURRENT_APP'),"TRIM")
-$   ELSE
-$     FILE_NAME = CURRENT_APP
-$   ENDIF
-$!
-$!  Check To See If We Are At The End Of The File List.
-$!
-$   IF (FILE_NAME.EQS.",")
-$   THEN
-$     CLOSE OBJECTS
-$     GOTO NEXT_APP
-$   ENDIF
-$!
-$!  Increment The Counter.
-$!
-$   LIB_COUNTER = LIB_COUNTER + 1
-$!
-$!  Create The Source File Name.
-$!
-$   SOURCE_FILE = "SYS$DISK:[]" + FILE_NAME + ".C"
-$!
-$!  Create The Object File Name.
-$!
-$   OBJECT_FILE = OBJ_DIR + FILE_NAME + ".OBJ"
-$   ON WARNING THEN GOTO NEXT_LIB
-$!
-$!  Check To See If The File We Want To Compile Actually Exists.
-$!
-$   IF (F$SEARCH(SOURCE_FILE).EQS."")
-$   THEN
-$!
-$!    Tell The User That The File Dosen't Exist.
-$!
-$     WRITE SYS$OUTPUT ""
-$     WRITE SYS$OUTPUT "The File ",SOURCE_FILE," Dosen't Exist."
-$     WRITE SYS$OUTPUT ""
-$!
-$!    Exit The Build.
-$!
-$     GOTO EXIT
-$!
-$!  End The File Exist Check.
-$!
-$   ENDIF
-$!
-$!  Tell The User What We Are Building.
-$!
-$   IF (PHASE.EQS."LIB")
-$   THEN
-$     WRITE SYS$OUTPUT "Compiling The ",FILE_NAME,".C File."
-$   ELSE
-$     WRITE SYS$OUTPUT "Building The ",FILE_NAME," Application Program."
-$   ENDIF
-$!
-$!  Compile The File.
-$!
-$   ON ERROR THEN GOTO NEXT_LIB
-$   IF COMPILEWITH_CC2 - FILE_NAME .NES. COMPILEWITH_CC2
-$   THEN
-$     CC2/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
-$   ELSE
-$     CC/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
-$   ENDIF
-$   WRITE OBJECTS OBJECT_FILE
-$!
-$   GOTO NEXT_LIB
-$ ENDIF
-$!
-$!  Check if this program works well without a TCPIP library
-$!
-$ IF TCPIP_LIB .EQS. "" .AND. TCPIP_PROGRAMS - CURRENT_APP .NES. TCPIP_PROGRAMS
-$ THEN
-$   WRITE SYS$OUTPUT CURRENT_APP," needs a TCP/IP library.  Can't link.  Skipping..."
-$   GOTO NEXT_APP
-$ ENDIF
-$!
-$! Link The Program.
-$!
-$ ON WARNING THEN GOTO NEXT_APP
-$!
-$! Don't Link With The RSAREF Routines And TCP/IP Library.
-$!
-$ LINK /'DEBUGGER' /'LINKMAP' /'TRACEBACK' /EXE='EXE_FILE' -
-  'EXE_DIR''CURRENT_APP'.OPT /OPTIONS, -
-  'SSL_LIB' /LIBRARY, -
-  'CRYPTO_LIB' /LIBRARY -
-  'TCPIP_LIB' -
-  'ZLIB_LIB' -
-  ,'OPT_FILE' /OPTIONS
-$!
-$! Go Back And Do It Again.
-$!
-$ GOTO NEXT_APP
-$!
-$! All Done With This File.
-$!
-$ APP_DONE:
-$ EXIT:
-$!
-$! All Done, Time To Clean Up And Exit.
-$!
-$ GOSUB CLEANUP
-$ EXIT
-$!
-$! Check For The Link Option FIle.
-$!
-$ CHECK_OPT_FILE:
-$!
-$! Check To See If We Need To Make A VAX C Option File.
-$!
-$ IF (COMPILER.EQS."VAXC")
-$ THEN
-$!
-$!  Check To See If We Already Have A VAX C Linker Option File.
-$!
-$   IF (F$SEARCH(OPT_FILE).EQS."")
-$   THEN
-$!
-$!    We Need A VAX C Linker Option File.
-$!
-$     CREATE 'OPT_FILE'
-$DECK
-!
-! Default System Options File To Link Against 
-! The Sharable VAX C Runtime Library.
-!
-SYS$SHARE:VAXCRTL.EXE/SHARE
-$EOD
-$!
-$!  End The Option File Check.
-$!
-$   ENDIF
-$!
-$! End The VAXC Check.
-$!
-$ ENDIF
-$!
-$! Check To See If We Need A GNU C Option File.
-$!
-$ IF (COMPILER.EQS."GNUC")
-$ THEN
-$!
-$!  Check To See If We Already Have A GNU C Linker Option File.
-$!
-$   IF (F$SEARCH(OPT_FILE).EQS."")
-$   THEN
-$!
-$!    We Need A GNU C Linker Option File.
-$!
-$     CREATE 'OPT_FILE'
-$DECK
-!
-! Default System Options File To Link Against 
-! The Sharable C Runtime Library.
-!
-GNU_CC:[000000]GCCLIB/LIBRARY
-SYS$SHARE:VAXCRTL/SHARE
-$EOD
-$!
-$!  End The Option File Check.
-$!
-$   ENDIF
-$!
-$! End The GNU C Check.
-$!
-$ ENDIF
-$!
-$! Check To See If We Need A DEC C Option File.
-$!
-$ IF (COMPILER.EQS."DECC")
-$ THEN
-$!
-$!  Check To See If We Already Have A DEC C Linker Option File.
-$!
-$   IF (F$SEARCH(OPT_FILE).EQS."")
-$   THEN
-$!
-$!    Figure Out If We Need An AXP Or A VAX Linker Option File.
-$!
-$     IF ARCH.EQS."VAX"
-$     THEN
-$!
-$!      We Need A DEC C Linker Option File For VAX.
-$!
-$       CREATE 'OPT_FILE'
-$DECK
-!
-! Default System Options File To Link Against 
-! The Sharable DEC C Runtime Library.
-!
-SYS$SHARE:DECC$SHR.EXE/SHARE
-$EOD
-$!
-$!    Else...
-$!
-$     ELSE
-$!
-$!      Create The non-VAX Linker Option File.
-$!
-$       CREATE 'OPT_FILE'
-$DECK
-!
-! Default System Options File For non-VAX To Link Against 
-! The Sharable C Runtime Library.
-!
-SYS$SHARE:CMA$OPEN_LIB_SHR/SHARE
-SYS$SHARE:CMA$OPEN_RTL/SHARE
-$EOD
-$!
-$!    End The DEC C Option File Check.
-$!
-$     ENDIF
-$!
-$!  End The Option File Search.
-$!
-$   ENDIF
-$!
-$! End The DEC C Check.
-$!
-$ ENDIF
-$!
-$!  Tell The User What Linker Option File We Are Using.
-$!
-$ WRITE SYS$OUTPUT "Using Linker Option File ",OPT_FILE,"."	
-$!
-$! Time To RETURN.
-$!
-$ RETURN
-$!
-$! Check To See If We Have The Appropiate Libraries.
-$!
-$ LIB_CHECK:
-$!
-$! Look For The Library LIBCRYPTO.OLB.
-$!
-$ IF (F$SEARCH(CRYPTO_LIB).EQS."")
-$ THEN
-$!
-$!  Tell The User We Can't Find The LIBCRYPTO.OLB Library.
-$!
-$   WRITE SYS$OUTPUT ""
-$   WRITE SYS$OUTPUT "Can't Find The Library ",CRYPTO_LIB,"."
-$   WRITE SYS$OUTPUT "We Can't Link Without It."
-$   WRITE SYS$OUTPUT ""
-$!
-$!  Since We Can't Link Without It, Exit.
-$!
-$   EXIT
-$!
-$! End The Crypto Library Check.
-$!
-$ ENDIF
-$!
-$! Look For The Library LIBSSL.OLB.
-$!
-$ IF (F$SEARCH(SSL_LIB).EQS."")
-$ THEN
-$!
-$!  Tell The User We Can't Find The LIBSSL.OLB Library.
-$!
-$   WRITE SYS$OUTPUT ""
-$   WRITE SYS$OUTPUT "Can't Find The Library ",SSL_LIB,"."
-$   WRITE SYS$OUTPUT "Some Of The Test Programs Need To Link To It."
-$   WRITE SYS$OUTPUT ""
-$!
-$!  Since We Can't Link Without It, Exit.
-$!
-$   EXIT
-$!
-$! End The SSL Library Check.
-$!
-$ ENDIF
-$!
-$! Time To Return.
-$!
-$ RETURN
-$!
-$! Check The User's Options.
-$!
-$ CHECK_OPTIONS:
-$!
-$! Check To See If P1 Is Blank.
-$!
-$ IF (P1.EQS."NODEBUG")
-$ THEN
-$!
-$!  P1 Is NODEBUG, So Compile Without Debugger Information.
-$!
-$   DEBUGGER  = "NODEBUG"
-$   LINKMAP = "NOMAP"
-$   TRACEBACK = "NOTRACEBACK" 
-$   GCC_OPTIMIZE = "OPTIMIZE"
-$   CC_OPTIMIZE = "OPTIMIZE"
-$   WRITE SYS$OUTPUT "No Debugger Information Will Be Produced During Compile."
-$   WRITE SYS$OUTPUT "Compiling With Compiler Optimization."
-$!
-$! Else...
-$!
-$ ELSE
-$!
-$!  Check To See If We Are To Compile With Debugger Information.
-$!
-$   IF (P1.EQS."DEBUG")
-$   THEN
-$!
-$!    Compile With Debugger Information.
-$!
-$     DEBUGGER  = "DEBUG"
-$     LINKMAP = "MAP"
-$     TRACEBACK = "TRACEBACK"
-$     GCC_OPTIMIZE = "NOOPTIMIZE"
-$     CC_OPTIMIZE = "NOOPTIMIZE"
-$     WRITE SYS$OUTPUT "Debugger Information Will Be Produced During Compile."
-$     WRITE SYS$OUTPUT "Compiling Without Compiler Optimization."
-$   ELSE
-$!
-$!    Tell The User Entered An Invalid Option.
-$!
-$     WRITE SYS$OUTPUT ""
-$     WRITE SYS$OUTPUT "The Option ",P1," Is Invalid.  The Valid Options Are:"
-$     WRITE SYS$OUTPUT ""
-$     WRITE SYS$OUTPUT "    DEBUG    :  Compile With The Debugger Information."
-$     WRITE SYS$OUTPUT "    NODEBUG  :  Compile Without The Debugger Information."
-$     WRITE SYS$OUTPUT ""
-$!
-$!    Time To EXIT.
-$!
-$     EXIT
-$!
-$!  End The Valid Argument Check.
-$!
-$   ENDIF
-$!
-$! End The P1 Check.
-$!
-$ ENDIF
-$!
-$! Check P6 (POINTER_SIZE).
-$!
-$ IF (P6 .NES. "") .AND. (ARCH .NES. "VAX")
-$ THEN
-$!
-$   IF (P6 .EQS. "32")
-$   THEN
-$     POINTER_SIZE = " /POINTER_SIZE=32"
-$   ELSE
-$     POINTER_SIZE = F$EDIT( P6, "COLLAPSE, UPCASE")
-$     IF ((POINTER_SIZE .EQS. "64") .OR. -
-       (POINTER_SIZE .EQS. "64=") .OR. -
-       (POINTER_SIZE .EQS. "64=ARGV"))
-$     THEN
-$       ARCHD = ARCH+ "_64"
-$       LIB32 = ""
-$       IF (F$EXTRACT( 2, 1, POINTER_SIZE) .EQS. "=")
-$       THEN
-$!        Explicit user choice: "64" or "64=ARGV".
-$         IF (POINTER_SIZE .EQS. "64=") THEN POINTER_SIZE = "64"
-$       ELSE
-$         SET NOON
-$         DEFINE /USER_MODE SYS$OUTPUT NL:
-$         DEFINE /USER_MODE SYS$ERROR NL:
-$         CC /NOLIST /NOOBJECT /POINTER_SIZE=64=ARGV NL:
-$         IF ($STATUS .AND. %X0FFF0000) .EQ. %X00030000
-$         THEN
-$           ! If we got here, it means DCL complained like this:
-$           ! %DCL-W-NOVALU, value not allowed - remove value specification
-$           !  \64=\
-$           !
-$           ! If the compiler was run, logicals defined in /USER would
-$           ! have been deassigned automatically.  However, when DCL
-$           ! complains, they aren't, so we do it here (it might be
-$           ! unnecessary, but just in case there will be another error
-$           ! message further on that we don't want to miss)
-$           DEASSIGN /USER_MODE SYS$ERROR
-$           DEASSIGN /USER_MODE SYS$OUTPUT
-$         ELSE
-$           POINTER_SIZE = POINTER_SIZE + "=ARGV"
-$         ENDIF
-$         SET ON
-$       ENDIF
-$       POINTER_SIZE = " /POINTER_SIZE=''POINTER_SIZE'"
-$!
-$     ELSE
-$!
-$!      Tell The User Entered An Invalid Option.
-$!
-$       WRITE SYS$OUTPUT ""
-$       WRITE SYS$OUTPUT "The Option ", P6, -
-         " Is Invalid.  The Valid Options Are:"
-$       WRITE SYS$OUTPUT ""
-$       WRITE SYS$OUTPUT -
-         "    """"  :  Compile with default (short) pointers."
-$       WRITE SYS$OUTPUT -
-         "    32  :  Compile with 32-bit (short) pointers."
-$       WRITE SYS$OUTPUT -
-         "    64       :  Compile with 64-bit (long) pointers (auto ARGV)."
-$       WRITE SYS$OUTPUT -
-         "    64=      :  Compile with 64-bit (long) pointers (no ARGV)."
-$       WRITE SYS$OUTPUT -
-         "    64=ARGV  :  Compile with 64-bit (long) pointers (ARGV)."
-$       WRITE SYS$OUTPUT ""
-$! 
-$!      Time To EXIT.
-$!
-$       EXIT
-$!
-$     ENDIF
-$!
-$   ENDIF
-$!
-$! End The P6 (POINTER_SIZE) Check.
-$!
-$ ENDIF
-$!
-$! Set basic C compiler /INCLUDE directories.
-$!
-$ CC_INCLUDES = "SYS$DISK:[-],SYS$DISK:[-.CRYPTO]"
-$!
-$! Check To See If P2 Is Blank.
-$!
-$ IF (P2.EQS."")
-$ THEN
-$!
-$!  O.K., The User Didn't Specify A Compiler, Let's Try To
-$!  Find Out Which One To Use.
-$!
-$!  Check To See If We Have GNU C.
-$!
-$   IF (F$TRNLNM("GNU_CC").NES."")
-$   THEN
-$!
-$!    Looks Like GNUC, Set To Use GNUC.
-$!
-$     P2 = "GNUC"
-$!
-$!  Else...
-$!
-$   ELSE
-$!
-$!  Check To See If We Have VAXC Or DECC.
-$!
-$     IF (ARCH.NES."VAX").OR.(F$TRNLNM("DECC$CC_DEFAULT").NES."")
-$     THEN 
-$!
-$!      Looks Like DECC, Set To Use DECC.
-$!
-$       P2 = "DECC"
-$!
-$!    Else...
-$!
-$     ELSE
-$!
-$!      Looks Like VAXC, Set To Use VAXC.
-$!
-$       P2 = "VAXC"
-$!
-$!    End The VAXC Compiler Check.
-$!
-$     ENDIF
-$!
-$!  End The DECC & VAXC Compiler Check.
-$!
-$   ENDIF
-$!
-$!  End The Compiler Check.
-$!
-$ ENDIF
-$!
-$! Check To See If We Have A Option For P3.
-$!
-$ IF (P3.EQS."")
-$ THEN
-$!
-$!  Find out what socket library we have available
-$!
-$   IF F$PARSE("SOCKETSHR:") .NES. ""
-$   THEN
-$!
-$!    We have SOCKETSHR, and it is my opinion that it's the best to use.
-$!
-$     P3 = "SOCKETSHR"
-$!
-$!    Tell the user
-$!
-$     WRITE SYS$OUTPUT "Using SOCKETSHR for TCP/IP"
-$!
-$!    Else, let's look for something else
-$!
-$   ELSE
-$!
-$!    Like UCX (the reason to do this before Multinet is that the UCX
-$!    emulation is easier to use...)
-$!
-$     IF F$TRNLNM("UCX$IPC_SHR") .NES. "" -
-	 .OR. F$PARSE("SYS$SHARE:UCX$IPC_SHR.EXE") .NES. "" -
-	 .OR. F$PARSE("SYS$LIBRARY:UCX$IPC.OLB") .NES. ""
-$     THEN
-$!
-$!	Last resort: a UCX or UCX-compatible library
-$!
-$	P3 = "UCX"
-$!
-$!      Tell the user
-$!
-$       WRITE SYS$OUTPUT "Using UCX or an emulation thereof for TCP/IP"
-$!
-$!	That was all...
-$!
-$     ENDIF
-$   ENDIF
-$ ENDIF
-$!
-$! Set Up Initial CC Definitions, Possibly With User Ones
-$!
-$ CCDEFS = "MONOLITH"
-$ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS
-$ CCEXTRAFLAGS = ""
-$ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
-$ CCDISABLEWARNINGS = "" !!! "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR"
-$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
-	CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS
-$!
-$! Check To See If We Have A ZLIB Option.
-$!
-$ ZLIB = P7
-$ IF (ZLIB .NES. "")
-$ THEN
-$!
-$!  Check for expected ZLIB files.
-$!
-$   err = 0
-$   file1 = f$parse( "zlib.h", ZLIB, , , "SYNTAX_ONLY")
-$   if (f$search( file1) .eqs. "")
-$   then
-$     WRITE SYS$OUTPUT ""
-$     WRITE SYS$OUTPUT "The Option ", ZLIB, " Is Invalid."
-$     WRITE SYS$OUTPUT "    Can't find header: ''file1'"
-$     err = 1
-$   endif
-$   file1 = f$parse( "A.;", ZLIB)- "A.;"
-$!
-$   file2 = f$parse( ZLIB, "libz.olb", , , "SYNTAX_ONLY")
-$   if (f$search( file2) .eqs. "")
-$   then
-$     if (err .eq. 0)
-$     then
-$       WRITE SYS$OUTPUT ""
-$       WRITE SYS$OUTPUT "The Option ", ZLIB, " Is Invalid."
-$     endif
-$     WRITE SYS$OUTPUT "    Can't find library: ''file2'"
-$     WRITE SYS$OUTPUT ""
-$     err = err+ 2
-$   endif
-$   if (err .eq. 1)
-$   then
-$     WRITE SYS$OUTPUT ""
-$   endif
-$!
-$   if (err .ne. 0)
-$   then
-$     EXIT
-$   endif
-$!
-$   CCDEFS = """ZLIB=1"", "+ CCDEFS
-$   CC_INCLUDES = CC_INCLUDES+ ", "+ file1
-$   ZLIB_LIB = ", ''file2' /library"
-$!
-$!  Print info
-$!
-$   WRITE SYS$OUTPUT "ZLIB library spec: ", file2
-$!
-$! End The ZLIB Check.
-$!
-$ ENDIF
-$!
-$!  Check To See If The User Entered A Valid Parameter.
-$!
-$ IF (P2.EQS."VAXC").OR.(P2.EQS."DECC").OR.(P2.EQS."GNUC")
-$ THEN
-$!
-$!  Check To See If The User Wanted DECC.
-$!
-$   IF (P2.EQS."DECC")
-$   THEN
-$!
-$!    Looks Like DECC, Set To Use DECC.
-$!
-$     COMPILER = "DECC"
-$!
-$!    Tell The User We Are Using DECC.
-$!
-$     WRITE SYS$OUTPUT "Using DECC 'C' Compiler."
-$!
-$!    Use DECC...
-$!
-$     CC = "CC"
-$     IF ARCH.EQS."VAX" .AND. F$TRNLNM("DECC$CC_DEFAULT").NES."/DECC" -
-	 THEN CC = "CC/DECC"
-$     CC = CC + " /''CC_OPTIMIZE' /''DEBUGGER' /STANDARD=RELAXED"+ -
-       "''POINTER_SIZE' /NOLIST /PREFIX=ALL" + -
-       " /INCLUDE=(''CC_INCLUDES') " + CCEXTRAFLAGS
-$!
-$!    Define The Linker Options File Name.
-$!
-$     OPT_FILE = "VAX_DECC_OPTIONS.OPT"
-$!
-$!  End DECC Check.
-$!
-$   ENDIF
-$!
-$!  Check To See If We Are To Use VAXC.
-$!
-$   IF (P2.EQS."VAXC")
-$   THEN
-$!
-$!    Looks Like VAXC, Set To Use VAXC.
-$!
-$     COMPILER = "VAXC"
-$!
-$!    Tell The User We Are Using VAX C.
-$     WRITE SYS$OUTPUT "Using VAXC 'C' Compiler."
-$!
-$!    Compile Using VAXC.
-$!
-$     CC = "CC"
-$     IF ARCH.NES."VAX"
-$     THEN
-$	WRITE SYS$OUTPUT "There is no VAX C on ''ARCH'!"
-$	EXIT
-$     ENDIF
-$     IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC/VAXC"
-$     CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/NOLIST" + -
-	   "/INCLUDE=(''CC_INCLUDES')" + CCEXTRAFLAGS
-$     CCDEFS = CCDEFS + ",""VAXC"""
-$!
-$!    Define  As SYS$COMMON:[SYSLIB]
-$!
-$     DEFINE/NOLOG SYS SYS$COMMON:[SYSLIB]
-$!
-$!    Define The Linker Options File Name.
-$!
-$     OPT_FILE = "VAX_VAXC_OPTIONS.OPT"
-$!
-$!  End VAXC Check
-$!
-$   ENDIF
-$!
-$!  Check To See If We Are To Use GNU C.
-$!
-$   IF (P2.EQS."GNUC")
-$   THEN
-$!
-$!    Looks Like GNUC, Set To Use GNUC.
-$!
-$     COMPILER = "GNUC"
-$!
-$!    Tell The User We Are Using GNUC.
-$!
-$     WRITE SYS$OUTPUT "Using GNU 'C' Compiler."
-$!
-$!    Use GNU C...
-$!
-$     IF F$TYPE(GCC) .EQS. "" THEN GCC := GCC
-$     CC = GCC+"/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'/NOLIST" + -
-	   "/INCLUDE=(''CC_INCLUDES')" + CCEXTRAFLAGS
-$!
-$!    Define The Linker Options File Name.
-$!
-$     OPT_FILE = "VAX_GNUC_OPTIONS.OPT"
-$!
-$!  End The GNU C Check.
-$!
-$   ENDIF
-$!
-$!  Set up default defines
-$!
-$   CCDEFS = """FLAT_INC=1""," + CCDEFS
-$!
-$!  Else The User Entered An Invalid Argument.
-$!
-$ ELSE
-$!
-$!  Tell The User We Don't Know What They Want.
-$!
-$   WRITE SYS$OUTPUT ""
-$   WRITE SYS$OUTPUT "The Option ",P2," Is Invalid.  The Valid Options Are:"
-$   WRITE SYS$OUTPUT ""
-$   WRITE SYS$OUTPUT "    VAXC  :  To Compile With VAX C."
-$   WRITE SYS$OUTPUT "    DECC  :  To Compile With DEC C."
-$   WRITE SYS$OUTPUT "    GNUC  :  To Compile With GNU C."
-$   WRITE SYS$OUTPUT ""
-$!
-$!  Time To EXIT.
-$!
-$   EXIT
-$ ENDIF
-$!
-$! Time to check the contents, and to make sure we get the correct library.
-$!
-$ IF P3.EQS."SOCKETSHR" .OR. P3.EQS."MULTINET" .OR. P3.EQS."UCX" -
-     .OR. P3.EQS."TCPIP" .OR. P3.EQS."NONE"
-$ THEN
-$!
-$!  Check to see if SOCKETSHR was chosen
-$!
-$   IF P3.EQS."SOCKETSHR"
-$   THEN
-$!
-$!    Set the library to use SOCKETSHR
-$!
-$     TCPIP_LIB = ",SYS$DISK:[-.VMS]SOCKETSHR_SHR.OPT /OPTIONS"
-$!
-$!    Done with SOCKETSHR
-$!
-$   ENDIF
-$!
-$!  Check to see if MULTINET was chosen
-$!
-$   IF P3.EQS."MULTINET"
-$   THEN
-$!
-$!    Set the library to use UCX emulation.
-$!
-$     P3 = "UCX"
-$!
-$!    Done with MULTINET
-$!
-$   ENDIF
-$!
-$!  Check to see if UCX was chosen
-$!
-$   IF P3.EQS."UCX"
-$   THEN
-$!
-$!    Set the library to use UCX.
-$!
-$     TCPIP_LIB = ",SYS$DISK:[-.VMS]UCX_SHR_DECC.OPT /OPTIONS"
-$     IF F$TRNLNM("UCX$IPC_SHR") .NES. ""
-$     THEN
-$       TCPIP_LIB = ",SYS$DISK:[-.VMS]UCX_SHR_DECC_LOG.OPT /OPTIONS"
-$     ELSE
-$       IF COMPILER .NES. "DECC" .AND. ARCH .EQS. "VAX" THEN -
-	  TCPIP_LIB = ",SYS$DISK:[-.VMS]UCX_SHR_VAXC.OPT /OPTIONS"
-$     ENDIF
-$!
-$!    Done with UCX
-$!
-$   ENDIF
-$!
-$!  Check to see if TCPIP (post UCX) was chosen
-$!
-$   IF P3.EQS."TCPIP"
-$   THEN
-$!
-$!    Set the library to use TCPIP.
-$!
-$     TCPIP_LIB = ",SYS$DISK:[-.VMS]TCPIP_SHR_DECC.OPT /OPTIONS"
-$!
-$!    Done with TCPIP
-$!
-$   ENDIF
-$!
-$!  Check to see if NONE was chosen
-$!
-$   IF P3.EQS."NONE"
-$   THEN
-$!
-$!    Do not use TCPIP.
-$!
-$     TCPIP_LIB = ""
-$!
-$!    Done with TCPIP
-$!
-$   ENDIF
-$!
-$!  Add TCP/IP type to CC definitions.
-$!
-$   CCDEFS = CCDEFS + ",TCPIP_TYPE_''P3'"
-$!
-$!  Print info
-$!
-$   WRITE SYS$OUTPUT "TCP/IP library spec: ", TCPIP_LIB- ","
-$!
-$!  Else The User Entered An Invalid Argument.
-$!
-$ ELSE
-$!
-$!  Tell The User We Don't Know What They Want.
-$!
-$   WRITE SYS$OUTPUT ""
-$   WRITE SYS$OUTPUT "The Option ",P3," Is Invalid.  The Valid Options Are:"
-$   WRITE SYS$OUTPUT ""
-$   WRITE SYS$OUTPUT "    SOCKETSHR  :  To link with SOCKETSHR TCP/IP library."
-$   WRITE SYS$OUTPUT "    UCX        :  To link with UCX TCP/IP library."
-$   WRITE SYS$OUTPUT "    TCPIP      :  To link with TCPIP (post UCX) TCP/IP library."
-$   WRITE SYS$OUTPUT ""
-$!
-$!  Time To EXIT.
-$!
-$   EXIT
-$!
-$!  Done with TCP/IP libraries
-$!
-$ ENDIF
-$!
-$! Finish up the definition of CC.
-$!
-$ IF COMPILER .EQS. "DECC"
-$ THEN
-$   IF CCDISABLEWARNINGS .NES. ""
-$   THEN
-$     CCDISABLEWARNINGS = " /WARNING=(DISABLE=(" + CCDISABLEWARNINGS + "))"
-$   ENDIF
-$ ELSE
-$   CCDISABLEWARNINGS = ""
-$ ENDIF
-$ CC2 = CC + " /DEFINE=(" + CCDEFS + ",_POSIX_C_SOURCE)" + CCDISABLEWARNINGS
-$ CC = CC + " /DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS
-$!
-$! Show user the result
-$!
-$ WRITE/SYMBOL SYS$OUTPUT "Main Compiling Command: ",CC
-$!
-$! Special Threads For OpenVMS v7.1 Or Later
-$!
-$! Written By:  Richard Levitte
-$!              richard@levitte.org
-$!
-$!
-$! Check To See If We Have A Option For P4.
-$!
-$ IF (P4.EQS."")
-$ THEN
-$!
-$!  Get The Version Of VMS We Are Using.
-$!
-$   ISSEVEN :=
-$   TMP = F$ELEMENT(0,"-",F$EXTRACT(1,4,F$GETSYI("VERSION")))
-$   TMP = F$INTEGER(F$ELEMENT(0,".",TMP)+F$ELEMENT(1,".",TMP))
-$!
-$!  Check To See If The VMS Version Is v7.1 Or Later.
-$!
-$   IF (TMP.GE.71)
-$   THEN
-$!
-$!    We Have OpenVMS v7.1 Or Later, So Use The Special Threads.
-$!
-$     ISSEVEN := ,PTHREAD_USE_D4
-$!
-$!  End The VMS Version Check.
-$!
-$   ENDIF
-$!
-$! End The P4 Check.
-$!
-$ ENDIF
-$!
-$! Check if the user wanted to compile just a subset of all the programs.
-$!
-$ IF P5 .NES. ""
-$ THEN
-$   PROGRAMS = P5
-$ ENDIF
-$!
-$!  Time To RETURN...
-$!
-$ RETURN
-$!
-$ INITIALISE:
-$!
-$! Save old value of the logical name OPENSSL
-$!
-$ __SAVE_OPENSSL = F$TRNLNM("OPENSSL","LNM$PROCESS_TABLE")
-$!
-$! Save directory information
-$!
-$ __HERE = F$PARSE(F$PARSE("A.;",F$ENVIRONMENT("PROCEDURE"))-"A.;","[]A.;") - "A.;"
-$ __HERE = F$EDIT(__HERE,"UPCASE")
-$ __TOP = __HERE - "APPS]"
-$ __INCLUDE = __TOP + "INCLUDE.OPENSSL]"
-$!
-$! Set up the logical name OPENSSL to point at the include directory
-$!
-$ DEFINE OPENSSL /NOLOG '__INCLUDE'
-$!
-$! Done
-$!
-$ RETURN
-$!
-$ CLEANUP:
-$!
-$! Restore the saved logical name OPENSSL, if it had a value.
-$!
-$ if (f$type( __SAVE_OPENSSL) .nes. "")
-$ then
-$   IF __SAVE_OPENSSL .EQS. ""
-$   THEN
-$     DEASSIGN OPENSSL
-$   ELSE
-$     DEFINE /NOLOG OPENSSL '__SAVE_OPENSSL'
-$   ENDIF
-$ endif
-$!
-$! Close any open files.
-$!
-$ if (f$trnlnm( "objects", "LNM$PROCESS", 0, "SUPERVISOR") .nes. "") then -
-   close objects
-$!
-$! Done
-$!
-$ RETURN
-$!
diff --git a/deps/openssl/openssl/apps/md4.c b/deps/openssl/openssl/apps/md4.c
deleted file mode 120000
index 7f457b2ab1e..00000000000
--- a/deps/openssl/openssl/apps/md4.c
+++ /dev/null
@@ -1 +0,0 @@
-../crypto/md4/md4.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/apps/nseq.c b/deps/openssl/openssl/apps/nseq.c
deleted file mode 100644
index e3c4dba5473..00000000000
--- a/deps/openssl/openssl/apps/nseq.c
+++ /dev/null
@@ -1,167 +0,0 @@
-/* nseq.c */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include 
-#include 
-#include "apps.h"
-#include 
-#include 
-
-#undef PROG
-#define PROG nseq_main
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-{
-	char **args, *infile = NULL, *outfile = NULL;
-	BIO *in = NULL, *out = NULL;
-	int toseq = 0;
-	X509 *x509 = NULL;
-	NETSCAPE_CERT_SEQUENCE *seq = NULL;
-	int i, ret = 1;
-	int badarg = 0;
-	if (bio_err == NULL) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
-	ERR_load_crypto_strings();
-	args = argv + 1;
-	while (!badarg && *args && *args[0] == '-') {
-		if (!strcmp (*args, "-toseq")) toseq = 1;
-		else if (!strcmp (*args, "-in")) {
-			if (args[1]) {
-				args++;
-				infile = *args;
-			} else badarg = 1;
-		} else if (!strcmp (*args, "-out")) {
-			if (args[1]) {
-				args++;
-				outfile = *args;
-			} else badarg = 1;
-		} else badarg = 1;
-		args++;
-	}
-
-	if (badarg) {
-		BIO_printf (bio_err, "Netscape certificate sequence utility\n");
-		BIO_printf (bio_err, "Usage nseq [options]\n");
-		BIO_printf (bio_err, "where options are\n");
-		BIO_printf (bio_err, "-in file  input file\n");
-		BIO_printf (bio_err, "-out file output file\n");
-		BIO_printf (bio_err, "-toseq    output NS Sequence file\n");
-		OPENSSL_EXIT(1);
-	}
-
-	if (infile) {
-		if (!(in = BIO_new_file (infile, "r"))) {
-			BIO_printf (bio_err,
-				 "Can't open input file %s\n", infile);
-			goto end;
-		}
-	} else in = BIO_new_fp(stdin, BIO_NOCLOSE);
-
-	if (outfile) {
-		if (!(out = BIO_new_file (outfile, "w"))) {
-			BIO_printf (bio_err,
-				 "Can't open output file %s\n", outfile);
-			goto end;
-		}
-	} else {
-		out = BIO_new_fp(stdout, BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-	}
-	if (toseq) {
-		seq = NETSCAPE_CERT_SEQUENCE_new();
-		seq->certs = sk_X509_new_null();
-		while((x509 = PEM_read_bio_X509(in, NULL, NULL, NULL))) 
-		    sk_X509_push(seq->certs,x509);
-
-		if(!sk_X509_num(seq->certs))
-		{
-			BIO_printf (bio_err, "Error reading certs file %s\n", infile);
-			ERR_print_errors(bio_err);
-			goto end;
-		}
-		PEM_write_bio_NETSCAPE_CERT_SEQUENCE(out, seq);
-		ret = 0;
-		goto end;
-	}
-
-	if (!(seq = PEM_read_bio_NETSCAPE_CERT_SEQUENCE(in, NULL, NULL, NULL))) {
-		BIO_printf (bio_err, "Error reading sequence file %s\n", infile);
-		ERR_print_errors(bio_err);
-		goto end;
-	}
-
-	for(i = 0; i < sk_X509_num(seq->certs); i++) {
-		x509 = sk_X509_value(seq->certs, i);
-		dump_cert_text(out, x509);
-		PEM_write_bio_X509(out, x509);
-	}
-	ret = 0;
-end:
-	BIO_free(in);
-	BIO_free_all(out);
-	NETSCAPE_CERT_SEQUENCE_free(seq);
-
-	OPENSSL_EXIT(ret);
-}
-
diff --git a/deps/openssl/openssl/apps/ocsp.c b/deps/openssl/openssl/apps/ocsp.c
deleted file mode 100644
index 01847dfad74..00000000000
--- a/deps/openssl/openssl/apps/ocsp.c
+++ /dev/null
@@ -1,1421 +0,0 @@
-/* ocsp.c */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#ifndef OPENSSL_NO_OCSP
-
-#ifdef OPENSSL_SYS_VMS
-#define _XOPEN_SOURCE_EXTENDED	/* So fd_set and friends get properly defined
-				   on OpenVMS */
-#endif
-
-#define USE_SOCKETS
-
-#include 
-#include 
-#include 
-#include 
-#include "apps.h" /* needs to be included before the openssl headers! */
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-
-#if defined(NETWARE_CLIB)
-#  ifdef NETWARE_BSDSOCK
-#    include 
-#    include 
-#  else
-#    include 
-#  endif
-#elif defined(NETWARE_LIBC)
-#  ifdef NETWARE_BSDSOCK
-#    include 
-#  else
-#    include 
-#  endif
-#endif
-  
-/* Maximum leeway in validity period: default 5 minutes */
-#define MAX_VALIDITY_PERIOD	(5 * 60)
-
-static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert, const EVP_MD *cert_id_md, X509 *issuer,
-				STACK_OF(OCSP_CERTID) *ids);
-static int add_ocsp_serial(OCSP_REQUEST **req, char *serial, const EVP_MD * cert_id_md, X509 *issuer,
-				STACK_OF(OCSP_CERTID) *ids);
-static int print_ocsp_summary(BIO *out, OCSP_BASICRESP *bs, OCSP_REQUEST *req,
-			      STACK_OF(OPENSSL_STRING) *names,
-			      STACK_OF(OCSP_CERTID) *ids, long nsec,
-			      long maxage);
-
-static int make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req, CA_DB *db,
-			X509 *ca, X509 *rcert, EVP_PKEY *rkey,
-			STACK_OF(X509) *rother, unsigned long flags,
-			int nmin, int ndays);
-
-static char **lookup_serial(CA_DB *db, ASN1_INTEGER *ser);
-static BIO *init_responder(char *port);
-static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio, char *port);
-static int send_ocsp_response(BIO *cbio, OCSP_RESPONSE *resp);
-static OCSP_RESPONSE *query_responder(BIO *err, BIO *cbio, char *path,
-				STACK_OF(CONF_VALUE) *headers,
-				OCSP_REQUEST *req, int req_timeout);
-
-#undef PROG
-#define PROG ocsp_main
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	ENGINE *e = NULL;
-	char **args;
-	char *host = NULL, *port = NULL, *path = "/";
-	char *reqin = NULL, *respin = NULL;
-	char *reqout = NULL, *respout = NULL;
-	char *signfile = NULL, *keyfile = NULL;
-	char *rsignfile = NULL, *rkeyfile = NULL;
-	char *outfile = NULL;
-	int add_nonce = 1, noverify = 0, use_ssl = -1;
-	STACK_OF(CONF_VALUE) *headers = NULL;
-	OCSP_REQUEST *req = NULL;
-	OCSP_RESPONSE *resp = NULL;
-	OCSP_BASICRESP *bs = NULL;
-	X509 *issuer = NULL, *cert = NULL;
-	X509 *signer = NULL, *rsigner = NULL;
-	EVP_PKEY *key = NULL, *rkey = NULL;
-	BIO *acbio = NULL, *cbio = NULL;
-	BIO *derbio = NULL;
-	BIO *out = NULL;
-	int req_timeout = -1;
-	int req_text = 0, resp_text = 0;
-	long nsec = MAX_VALIDITY_PERIOD, maxage = -1;
-	char *CAfile = NULL, *CApath = NULL;
-	X509_STORE *store = NULL;
-	STACK_OF(X509) *sign_other = NULL, *verify_other = NULL, *rother = NULL;
-	char *sign_certfile = NULL, *verify_certfile = NULL, *rcertfile = NULL;
-	unsigned long sign_flags = 0, verify_flags = 0, rflags = 0;
-	int ret = 1;
-	int accept_count = -1;
-	int badarg = 0;
-	int i;
-	int ignore_err = 0;
-	STACK_OF(OPENSSL_STRING) *reqnames = NULL;
-	STACK_OF(OCSP_CERTID) *ids = NULL;
-
-	X509 *rca_cert = NULL;
-	char *ridx_filename = NULL;
-	char *rca_filename = NULL;
-	CA_DB *rdb = NULL;
-	int nmin = 0, ndays = -1;
-	const EVP_MD *cert_id_md = NULL;
-
-	if (bio_err == NULL) bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-	SSL_load_error_strings();
-	OpenSSL_add_ssl_algorithms();
-	args = argv + 1;
-	reqnames = sk_OPENSSL_STRING_new_null();
-	ids = sk_OCSP_CERTID_new_null();
-	while (!badarg && *args && *args[0] == '-')
-		{
-		if (!strcmp(*args, "-out"))
-			{
-			if (args[1])
-				{
-				args++;
-				outfile = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args, "-timeout"))
-			{
-			if (args[1])
-				{
-				args++;
-				req_timeout = atol(*args);
-				if (req_timeout < 0)
-					{
-					BIO_printf(bio_err,
-						"Illegal timeout value %s\n",
-						*args);
-					badarg = 1;
-					}
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args, "-url"))
-			{
-			if (args[1])
-				{
-				args++;
-				if (!OCSP_parse_url(*args, &host, &port, &path, &use_ssl))
-					{
-					BIO_printf(bio_err, "Error parsing URL\n");
-					badarg = 1;
-					}
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args, "-host"))
-			{
-			if (args[1])
-				{
-				args++;
-				host = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args, "-port"))
-			{
-			if (args[1])
-				{
-				args++;
-				port = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args, "-header"))
-			{
-			if (args[1] && args[2])
-				{
-				if (!X509V3_add_value(args[1], args[2], &headers))
-					goto end;
-				args += 2;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args, "-ignore_err"))
-			ignore_err = 1;
-		else if (!strcmp(*args, "-noverify"))
-			noverify = 1;
-		else if (!strcmp(*args, "-nonce"))
-			add_nonce = 2;
-		else if (!strcmp(*args, "-no_nonce"))
-			add_nonce = 0;
-		else if (!strcmp(*args, "-resp_no_certs"))
-			rflags |= OCSP_NOCERTS;
-		else if (!strcmp(*args, "-resp_key_id"))
-			rflags |= OCSP_RESPID_KEY;
-		else if (!strcmp(*args, "-no_certs"))
-			sign_flags |= OCSP_NOCERTS;
-		else if (!strcmp(*args, "-no_signature_verify"))
-			verify_flags |= OCSP_NOSIGS;
-		else if (!strcmp(*args, "-no_cert_verify"))
-			verify_flags |= OCSP_NOVERIFY;
-		else if (!strcmp(*args, "-no_chain"))
-			verify_flags |= OCSP_NOCHAIN;
-		else if (!strcmp(*args, "-no_cert_checks"))
-			verify_flags |= OCSP_NOCHECKS;
-		else if (!strcmp(*args, "-no_explicit"))
-			verify_flags |= OCSP_NOEXPLICIT;
-		else if (!strcmp(*args, "-trust_other"))
-			verify_flags |= OCSP_TRUSTOTHER;
-		else if (!strcmp(*args, "-no_intern"))
-			verify_flags |= OCSP_NOINTERN;
-		else if (!strcmp(*args, "-text"))
-			{
-			req_text = 1;
-			resp_text = 1;
-			}
-		else if (!strcmp(*args, "-req_text"))
-			req_text = 1;
-		else if (!strcmp(*args, "-resp_text"))
-			resp_text = 1;
-		else if (!strcmp(*args, "-reqin"))
-			{
-			if (args[1])
-				{
-				args++;
-				reqin = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args, "-respin"))
-			{
-			if (args[1])
-				{
-				args++;
-				respin = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args, "-signer"))
-			{
-			if (args[1])
-				{
-				args++;
-				signfile = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp (*args, "-VAfile"))
-			{
-			if (args[1])
-				{
-				args++;
-				verify_certfile = *args;
-				verify_flags |= OCSP_TRUSTOTHER;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args, "-sign_other"))
-			{
-			if (args[1])
-				{
-				args++;
-				sign_certfile = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args, "-verify_other"))
-			{
-			if (args[1])
-				{
-				args++;
-				verify_certfile = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp (*args, "-CAfile"))
-			{
-			if (args[1])
-				{
-				args++;
-				CAfile = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp (*args, "-CApath"))
-			{
-			if (args[1])
-				{
-				args++;
-				CApath = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp (*args, "-validity_period"))
-			{
-			if (args[1])
-				{
-				args++;
-				nsec = atol(*args);
-				if (nsec < 0)
-					{
-					BIO_printf(bio_err,
-						"Illegal validity period %s\n",
-						*args);
-					badarg = 1;
-					}
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp (*args, "-status_age"))
-			{
-			if (args[1])
-				{
-				args++;
-				maxage = atol(*args);
-				if (maxage < 0)
-					{
-					BIO_printf(bio_err,
-						"Illegal validity age %s\n",
-						*args);
-					badarg = 1;
-					}
-				}
-			else badarg = 1;
-			}
-		 else if (!strcmp(*args, "-signkey"))
-			{
-			if (args[1])
-				{
-				args++;
-				keyfile = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args, "-reqout"))
-			{
-			if (args[1])
-				{
-				args++;
-				reqout = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args, "-respout"))
-			{
-			if (args[1])
-				{
-				args++;
-				respout = *args;
-				}
-			else badarg = 1;
-			}
-		 else if (!strcmp(*args, "-path"))
-			{
-			if (args[1])
-				{
-				args++;
-				path = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args, "-issuer"))
-			{
-			if (args[1])
-				{
-				args++;
-				X509_free(issuer);
-				issuer = load_cert(bio_err, *args, FORMAT_PEM,
-					NULL, e, "issuer certificate");
-				if(!issuer) goto end;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp (*args, "-cert"))
-			{
-			if (args[1])
-				{
-				args++;
-				X509_free(cert);
-				cert = load_cert(bio_err, *args, FORMAT_PEM,
-					NULL, e, "certificate");
-				if(!cert) goto end;
-				if (!cert_id_md) cert_id_md = EVP_sha1();
-				if(!add_ocsp_cert(&req, cert, cert_id_md, issuer, ids))
-					goto end;
-				if(!sk_OPENSSL_STRING_push(reqnames, *args))
-					goto end;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args, "-serial"))
-			{
-			if (args[1])
-				{
-				args++;
-				if (!cert_id_md) cert_id_md = EVP_sha1();
-				if(!add_ocsp_serial(&req, *args, cert_id_md, issuer, ids))
-					goto end;
-				if(!sk_OPENSSL_STRING_push(reqnames, *args))
-					goto end;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args, "-index"))
-			{
-			if (args[1])
-				{
-				args++;
-				ridx_filename = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args, "-CA"))
-			{
-			if (args[1])
-				{
-				args++;
-				rca_filename = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp (*args, "-nmin"))
-			{
-			if (args[1])
-				{
-				args++;
-				nmin = atol(*args);
-				if (nmin < 0)
-					{
-					BIO_printf(bio_err,
-						"Illegal update period %s\n",
-						*args);
-					badarg = 1;
-					}
-				}
-				if (ndays == -1)
-					ndays = 0;
-			else badarg = 1;
-			}
-		else if (!strcmp (*args, "-nrequest"))
-			{
-			if (args[1])
-				{
-				args++;
-				accept_count = atol(*args);
-				if (accept_count < 0)
-					{
-					BIO_printf(bio_err,
-						"Illegal accept count %s\n",
-						*args);
-					badarg = 1;
-					}
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp (*args, "-ndays"))
-			{
-			if (args[1])
-				{
-				args++;
-				ndays = atol(*args);
-				if (ndays < 0)
-					{
-					BIO_printf(bio_err,
-						"Illegal update period %s\n",
-						*args);
-					badarg = 1;
-					}
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args, "-rsigner"))
-			{
-			if (args[1])
-				{
-				args++;
-				rsignfile = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args, "-rkey"))
-			{
-			if (args[1])
-				{
-				args++;
-				rkeyfile = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args, "-rother"))
-			{
-			if (args[1])
-				{
-				args++;
-				rcertfile = *args;
-				}
-			else badarg = 1;
-			}
-		else if ((cert_id_md = EVP_get_digestbyname((*args)+1))==NULL)
-			{
-			badarg = 1;
-			}
-		args++;
-		}
-
-	/* Have we anything to do? */
-	if (!req && !reqin && !respin && !(port && ridx_filename)) badarg = 1;
-
-	if (badarg)
-		{
-		BIO_printf (bio_err, "OCSP utility\n");
-		BIO_printf (bio_err, "Usage ocsp [options]\n");
-		BIO_printf (bio_err, "where options are\n");
-		BIO_printf (bio_err, "-out file          output filename\n");
-		BIO_printf (bio_err, "-issuer file       issuer certificate\n");
-		BIO_printf (bio_err, "-cert file         certificate to check\n");
-		BIO_printf (bio_err, "-serial n          serial number to check\n");
-		BIO_printf (bio_err, "-signer file       certificate to sign OCSP request with\n");
-		BIO_printf (bio_err, "-signkey file      private key to sign OCSP request with\n");
-		BIO_printf (bio_err, "-sign_other file   additional certificates to include in signed request\n");
-		BIO_printf (bio_err, "-no_certs          don't include any certificates in signed request\n");
-		BIO_printf (bio_err, "-req_text          print text form of request\n");
-		BIO_printf (bio_err, "-resp_text         print text form of response\n");
-		BIO_printf (bio_err, "-text              print text form of request and response\n");
-		BIO_printf (bio_err, "-reqout file       write DER encoded OCSP request to \"file\"\n");
-		BIO_printf (bio_err, "-respout file      write DER encoded OCSP reponse to \"file\"\n");
-		BIO_printf (bio_err, "-reqin file        read DER encoded OCSP request from \"file\"\n");
-		BIO_printf (bio_err, "-respin file       read DER encoded OCSP reponse from \"file\"\n");
-		BIO_printf (bio_err, "-nonce             add OCSP nonce to request\n");
-		BIO_printf (bio_err, "-no_nonce          don't add OCSP nonce to request\n");
-		BIO_printf (bio_err, "-url URL           OCSP responder URL\n");
-		BIO_printf (bio_err, "-host host:n       send OCSP request to host on port n\n");
-		BIO_printf (bio_err, "-path              path to use in OCSP request\n");
-		BIO_printf (bio_err, "-CApath dir        trusted certificates directory\n");
-		BIO_printf (bio_err, "-CAfile file       trusted certificates file\n");
-		BIO_printf (bio_err, "-VAfile file       validator certificates file\n");
-		BIO_printf (bio_err, "-validity_period n maximum validity discrepancy in seconds\n");
-		BIO_printf (bio_err, "-status_age n      maximum status age in seconds\n");
-		BIO_printf (bio_err, "-noverify          don't verify response at all\n");
-		BIO_printf (bio_err, "-verify_other file additional certificates to search for signer\n");
-		BIO_printf (bio_err, "-trust_other       don't verify additional certificates\n");
-		BIO_printf (bio_err, "-no_intern         don't search certificates contained in response for signer\n");
-		BIO_printf (bio_err, "-no_signature_verify don't check signature on response\n");
-		BIO_printf (bio_err, "-no_cert_verify    don't check signing certificate\n");
-		BIO_printf (bio_err, "-no_chain          don't chain verify response\n");
-		BIO_printf (bio_err, "-no_cert_checks    don't do additional checks on signing certificate\n");
-		BIO_printf (bio_err, "-port num		 port to run responder on\n");
-		BIO_printf (bio_err, "-index file	 certificate status index file\n");
-		BIO_printf (bio_err, "-CA file		 CA certificate\n");
-		BIO_printf (bio_err, "-rsigner file	 responder certificate to sign responses with\n");
-		BIO_printf (bio_err, "-rkey file	 responder key to sign responses with\n");
-		BIO_printf (bio_err, "-rother file	 other certificates to include in response\n");
-		BIO_printf (bio_err, "-resp_no_certs     don't include any certificates in response\n");
-		BIO_printf (bio_err, "-nmin n	 	 number of minutes before next update\n");
-		BIO_printf (bio_err, "-ndays n	 	 number of days before next update\n");
-		BIO_printf (bio_err, "-resp_key_id       identify reponse by signing certificate key ID\n");
-		BIO_printf (bio_err, "-nrequest n        number of requests to accept (default unlimited)\n");
-		BIO_printf (bio_err, "-     use specified digest in the request");
-		goto end;
-		}
-
-	if(outfile) out = BIO_new_file(outfile, "w");
-	else out = BIO_new_fp(stdout, BIO_NOCLOSE);
-
-	if(!out)
-		{
-		BIO_printf(bio_err, "Error opening output file\n");
-		goto end;
-		}
-
-	if (!req && (add_nonce != 2)) add_nonce = 0;
-
-	if (!req && reqin)
-		{
-		derbio = BIO_new_file(reqin, "rb");
-		if (!derbio)
-			{
-			BIO_printf(bio_err, "Error Opening OCSP request file\n");
-			goto end;
-			}
-		req = d2i_OCSP_REQUEST_bio(derbio, NULL);
-		BIO_free(derbio);
-		if(!req)
-			{
-			BIO_printf(bio_err, "Error reading OCSP request\n");
-			goto end;
-			}
-		}
-
-	if (!req && port)
-		{
-		acbio = init_responder(port);
-		if (!acbio)
-			goto end;
-		}
-
-	if (rsignfile && !rdb)
-		{
-		if (!rkeyfile) rkeyfile = rsignfile;
-		rsigner = load_cert(bio_err, rsignfile, FORMAT_PEM,
-			NULL, e, "responder certificate");
-		if (!rsigner)
-			{
-			BIO_printf(bio_err, "Error loading responder certificate\n");
-			goto end;
-			}
-		rca_cert = load_cert(bio_err, rca_filename, FORMAT_PEM,
-			NULL, e, "CA certificate");
-		if (rcertfile)
-			{
-			rother = load_certs(bio_err, rcertfile, FORMAT_PEM,
-				NULL, e, "responder other certificates");
-			if (!rother) goto end;
-			}
-		rkey = load_key(bio_err, rkeyfile, FORMAT_PEM, 0, NULL, NULL,
-			"responder private key");
-		if (!rkey)
-			goto end;
-		}
-	if(acbio)
-		BIO_printf(bio_err, "Waiting for OCSP client connections...\n");
-
-	redo_accept:
-
-	if (acbio)
-		{
-		if (!do_responder(&req, &cbio, acbio, port))
-			goto end;
-		if (!req)
-			{
-			resp = OCSP_response_create(OCSP_RESPONSE_STATUS_MALFORMEDREQUEST, NULL);
-			send_ocsp_response(cbio, resp);
-			goto done_resp;
-			}
-		}
-
-	if (!req && (signfile || reqout || host || add_nonce || ridx_filename))
-		{
-		BIO_printf(bio_err, "Need an OCSP request for this operation!\n");
-		goto end;
-		}
-
-	if (req && add_nonce) OCSP_request_add1_nonce(req, NULL, -1);
-
-	if (signfile)
-		{
-		if (!keyfile) keyfile = signfile;
-		signer = load_cert(bio_err, signfile, FORMAT_PEM,
-			NULL, e, "signer certificate");
-		if (!signer)
-			{
-			BIO_printf(bio_err, "Error loading signer certificate\n");
-			goto end;
-			}
-		if (sign_certfile)
-			{
-			sign_other = load_certs(bio_err, sign_certfile, FORMAT_PEM,
-				NULL, e, "signer certificates");
-			if (!sign_other) goto end;
-			}
-		key = load_key(bio_err, keyfile, FORMAT_PEM, 0, NULL, NULL,
-			"signer private key");
-		if (!key)
-			goto end;
-
-		if (!OCSP_request_sign(req, signer, key, NULL, sign_other, sign_flags))
-			{
-			BIO_printf(bio_err, "Error signing OCSP request\n");
-			goto end;
-			}
-		}
-
-	if (req_text && req) OCSP_REQUEST_print(out, req, 0);
-
-	if (reqout)
-		{
-		derbio = BIO_new_file(reqout, "wb");
-		if(!derbio)
-			{
-			BIO_printf(bio_err, "Error opening file %s\n", reqout);
-			goto end;
-			}
-		i2d_OCSP_REQUEST_bio(derbio, req);
-		BIO_free(derbio);
-		}
-
-	if (ridx_filename && (!rkey || !rsigner || !rca_cert))
-		{
-		BIO_printf(bio_err, "Need a responder certificate, key and CA for this operation!\n");
-		goto end;
-		}
-
-	if (ridx_filename && !rdb)
-		{
-		rdb = load_index(ridx_filename, NULL);
-		if (!rdb) goto end;
-		if (!index_index(rdb)) goto end;
-		}
-
-	if (rdb)
-		{
-		i = make_ocsp_response(&resp, req, rdb, rca_cert, rsigner, rkey, rother, rflags, nmin, ndays);
-		if (cbio)
-			send_ocsp_response(cbio, resp);
-		}
-	else if (host)
-		{
-#ifndef OPENSSL_NO_SOCK
-		resp = process_responder(bio_err, req, host, path,
-					port, use_ssl, headers, req_timeout);
-		if (!resp)
-			goto end;
-#else
-		BIO_printf(bio_err, "Error creating connect BIO - sockets not supported.\n");
-		goto end;
-#endif
-		}
-	else if (respin)
-		{
-		derbio = BIO_new_file(respin, "rb");
-		if (!derbio)
-			{
-			BIO_printf(bio_err, "Error Opening OCSP response file\n");
-			goto end;
-			}
-		resp = d2i_OCSP_RESPONSE_bio(derbio, NULL);
-		BIO_free(derbio);
-		if(!resp)
-			{
-			BIO_printf(bio_err, "Error reading OCSP response\n");
-			goto end;
-			}
-	
-		}
-	else
-		{
-		ret = 0;
-		goto end;
-		}
-
-	done_resp:
-
-	if (respout)
-		{
-		derbio = BIO_new_file(respout, "wb");
-		if(!derbio)
-			{
-			BIO_printf(bio_err, "Error opening file %s\n", respout);
-			goto end;
-			}
-		i2d_OCSP_RESPONSE_bio(derbio, resp);
-		BIO_free(derbio);
-		}
-
-	i = OCSP_response_status(resp);
-
-	if (i != OCSP_RESPONSE_STATUS_SUCCESSFUL)
-		{
-		BIO_printf(out, "Responder Error: %s (%d)\n",
-				OCSP_response_status_str(i), i);
-		if (ignore_err)
-			goto redo_accept;
-		ret = 0;
-		goto end;
-		}
-
-	if (resp_text) OCSP_RESPONSE_print(out, resp, 0);
-
-	/* If running as responder don't verify our own response */
-	if (cbio)
-		{
-		if (accept_count > 0)
-			accept_count--;
-		/* Redo if more connections needed */
-		if (accept_count)
-			{
-			BIO_free_all(cbio);
-			cbio = NULL;
-			OCSP_REQUEST_free(req);
-			req = NULL;
-			OCSP_RESPONSE_free(resp);
-			resp = NULL;
-			goto redo_accept;
-			}
-		goto end;
-		}
-
-	if (!store)
-		store = setup_verify(bio_err, CAfile, CApath);
-	if (!store)
-		goto end;
-	if (verify_certfile)
-		{
-		verify_other = load_certs(bio_err, verify_certfile, FORMAT_PEM,
-			NULL, e, "validator certificate");
-		if (!verify_other) goto end;
-		}
-
-	bs = OCSP_response_get1_basic(resp);
-
-	if (!bs)
-		{
-		BIO_printf(bio_err, "Error parsing response\n");
-		goto end;
-		}
-
-	if (!noverify)
-		{
-		if (req && ((i = OCSP_check_nonce(req, bs)) <= 0))
-			{
-			if (i == -1)
-				BIO_printf(bio_err, "WARNING: no nonce in response\n");
-			else
-				{
-				BIO_printf(bio_err, "Nonce Verify error\n");
-				goto end;
-				}
-			}
-
-		i = OCSP_basic_verify(bs, verify_other, store, verify_flags);
-                if (i < 0) i = OCSP_basic_verify(bs, NULL, store, 0);
-
-		if(i <= 0)
-			{
-			BIO_printf(bio_err, "Response Verify Failure\n");
-			ERR_print_errors(bio_err);
-			}
-		else
-			BIO_printf(bio_err, "Response verify OK\n");
-
-		}
-
-	if (!print_ocsp_summary(out, bs, req, reqnames, ids, nsec, maxage))
-		goto end;
-
-	ret = 0;
-
-end:
-	ERR_print_errors(bio_err);
-	X509_free(signer);
-	X509_STORE_free(store);
-	EVP_PKEY_free(key);
-	EVP_PKEY_free(rkey);
-	X509_free(issuer);
-	X509_free(cert);
-	X509_free(rsigner);
-	X509_free(rca_cert);
-	free_index(rdb);
-	BIO_free_all(cbio);
-	BIO_free_all(acbio);
-	BIO_free(out);
-	OCSP_REQUEST_free(req);
-	OCSP_RESPONSE_free(resp);
-	OCSP_BASICRESP_free(bs);
-	sk_OPENSSL_STRING_free(reqnames);
-	sk_OCSP_CERTID_free(ids);
-	sk_X509_pop_free(sign_other, X509_free);
-	sk_X509_pop_free(verify_other, X509_free);
-	sk_CONF_VALUE_pop_free(headers, X509V3_conf_free);
-
-	if (use_ssl != -1)
-		{
-		OPENSSL_free(host);
-		OPENSSL_free(port);
-		OPENSSL_free(path);
-		}
-
-	OPENSSL_EXIT(ret);
-}
-
-static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert, const EVP_MD *cert_id_md,X509 *issuer,
-				STACK_OF(OCSP_CERTID) *ids)
-	{
-	OCSP_CERTID *id;
-	if(!issuer)
-		{
-		BIO_printf(bio_err, "No issuer certificate specified\n");
-		return 0;
-		}
-	if(!*req) *req = OCSP_REQUEST_new();
-	if(!*req) goto err;
-	id = OCSP_cert_to_id(cert_id_md, cert, issuer);
-	if(!id || !sk_OCSP_CERTID_push(ids, id)) goto err;
-	if(!OCSP_request_add0_id(*req, id)) goto err;
-	return 1;
-
-	err:
-	BIO_printf(bio_err, "Error Creating OCSP request\n");
-	return 0;
-	}
-
-static int add_ocsp_serial(OCSP_REQUEST **req, char *serial,const EVP_MD *cert_id_md, X509 *issuer,
-				STACK_OF(OCSP_CERTID) *ids)
-	{
-	OCSP_CERTID *id;
-	X509_NAME *iname;
-	ASN1_BIT_STRING *ikey;
-	ASN1_INTEGER *sno;
-	if(!issuer)
-		{
-		BIO_printf(bio_err, "No issuer certificate specified\n");
-		return 0;
-		}
-	if(!*req) *req = OCSP_REQUEST_new();
-	if(!*req) goto err;
-	iname = X509_get_subject_name(issuer);
-	ikey = X509_get0_pubkey_bitstr(issuer);
-	sno = s2i_ASN1_INTEGER(NULL, serial);
-	if(!sno)
-		{
-		BIO_printf(bio_err, "Error converting serial number %s\n", serial);
-		return 0;
-		}
-	id = OCSP_cert_id_new(cert_id_md, iname, ikey, sno);
-	ASN1_INTEGER_free(sno);
-	if(!id || !sk_OCSP_CERTID_push(ids, id)) goto err;
-	if(!OCSP_request_add0_id(*req, id)) goto err;
-	return 1;
-
-	err:
-	BIO_printf(bio_err, "Error Creating OCSP request\n");
-	return 0;
-	}
-
-static int print_ocsp_summary(BIO *out, OCSP_BASICRESP *bs, OCSP_REQUEST *req,
-			      STACK_OF(OPENSSL_STRING) *names,
-			      STACK_OF(OCSP_CERTID) *ids, long nsec,
-			      long maxage)
-	{
-	OCSP_CERTID *id;
-	char *name;
-	int i;
-
-	int status, reason;
-
-	ASN1_GENERALIZEDTIME *rev, *thisupd, *nextupd;
-
-	if (!bs || !req || !sk_OPENSSL_STRING_num(names) || !sk_OCSP_CERTID_num(ids))
-		return 1;
-
-	for (i = 0; i < sk_OCSP_CERTID_num(ids); i++)
-		{
-		id = sk_OCSP_CERTID_value(ids, i);
-		name = sk_OPENSSL_STRING_value(names, i);
-		BIO_printf(out, "%s: ", name);
-
-		if(!OCSP_resp_find_status(bs, id, &status, &reason,
-					&rev, &thisupd, &nextupd))
-			{
-			BIO_puts(out, "ERROR: No Status found.\n");
-			continue;
-			}
-
-		/* Check validity: if invalid write to output BIO so we
-		 * know which response this refers to.
-		 */
-		if (!OCSP_check_validity(thisupd, nextupd, nsec, maxage))
-			{
-			BIO_puts(out, "WARNING: Status times invalid.\n");
-			ERR_print_errors(out);
-			}
-		BIO_printf(out, "%s\n", OCSP_cert_status_str(status));
-
-		BIO_puts(out, "\tThis Update: ");
-		ASN1_GENERALIZEDTIME_print(out, thisupd);
-		BIO_puts(out, "\n");
-
-		if(nextupd)
-			{
-			BIO_puts(out, "\tNext Update: ");
-			ASN1_GENERALIZEDTIME_print(out, nextupd);
-			BIO_puts(out, "\n");
-			}
-
-		if (status != V_OCSP_CERTSTATUS_REVOKED)
-			continue;
-
-		if (reason != -1)
-			BIO_printf(out, "\tReason: %s\n",
-				OCSP_crl_reason_str(reason));
-
-		BIO_puts(out, "\tRevocation Time: ");
-		ASN1_GENERALIZEDTIME_print(out, rev);
-		BIO_puts(out, "\n");
-		}
-
-	return 1;
-	}
-
-
-static int make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req, CA_DB *db,
-			X509 *ca, X509 *rcert, EVP_PKEY *rkey,
-			STACK_OF(X509) *rother, unsigned long flags,
-			int nmin, int ndays)
-	{
-	ASN1_TIME *thisupd = NULL, *nextupd = NULL;
-	OCSP_CERTID *cid, *ca_id = NULL;
-	OCSP_BASICRESP *bs = NULL;
-	int i, id_count, ret = 1;
-
-	id_count = OCSP_request_onereq_count(req);
-
-	if (id_count <= 0)
-		{
-		*resp = OCSP_response_create(OCSP_RESPONSE_STATUS_MALFORMEDREQUEST, NULL);
-		goto end;
-		}
-
-
-	bs = OCSP_BASICRESP_new();
-	thisupd = X509_gmtime_adj(NULL, 0);
-	if (ndays != -1)
-		nextupd = X509_gmtime_adj(NULL, nmin * 60 + ndays * 3600 * 24 );
-
-	/* Examine each certificate id in the request */
-	for (i = 0; i < id_count; i++)
-		{
-		OCSP_ONEREQ *one;
-		ASN1_INTEGER *serial;
-		char **inf;
-		ASN1_OBJECT *cert_id_md_oid;
-		const EVP_MD *cert_id_md;
-		one = OCSP_request_onereq_get0(req, i);
-		cid = OCSP_onereq_get0_id(one);
-
-		OCSP_id_get0_info(NULL,&cert_id_md_oid, NULL,NULL, cid);
-
-		cert_id_md = EVP_get_digestbyobj(cert_id_md_oid);	
-		if (! cert_id_md) 
-			{
-			*resp = OCSP_response_create(OCSP_RESPONSE_STATUS_INTERNALERROR,
-				NULL);
-				goto end;
-			}	
-		if (ca_id) OCSP_CERTID_free(ca_id);
-		ca_id = OCSP_cert_to_id(cert_id_md, NULL, ca);
-
-		/* Is this request about our CA? */
-		if (OCSP_id_issuer_cmp(ca_id, cid))
-			{
-			OCSP_basic_add1_status(bs, cid,
-						V_OCSP_CERTSTATUS_UNKNOWN,
-						0, NULL,
-						thisupd, nextupd);
-			continue;
-			}
-		OCSP_id_get0_info(NULL, NULL, NULL, &serial, cid);
-		inf = lookup_serial(db, serial);
-		if (!inf)
-			OCSP_basic_add1_status(bs, cid,
-						V_OCSP_CERTSTATUS_UNKNOWN,
-						0, NULL,
-						thisupd, nextupd);
-		else if (inf[DB_type][0] == DB_TYPE_VAL)
-			OCSP_basic_add1_status(bs, cid,
-						V_OCSP_CERTSTATUS_GOOD,
-						0, NULL,
-						thisupd, nextupd);
-		else if (inf[DB_type][0] == DB_TYPE_REV)
-			{
-			ASN1_OBJECT *inst = NULL;
-			ASN1_TIME *revtm = NULL;
-			ASN1_GENERALIZEDTIME *invtm = NULL;
-			OCSP_SINGLERESP *single;
-			int reason = -1;
-			unpack_revinfo(&revtm, &reason, &inst, &invtm, inf[DB_rev_date]);
-			single = OCSP_basic_add1_status(bs, cid,
-						V_OCSP_CERTSTATUS_REVOKED,
-						reason, revtm,
-						thisupd, nextupd);
-			if (invtm)
-				OCSP_SINGLERESP_add1_ext_i2d(single, NID_invalidity_date, invtm, 0, 0);
-			else if (inst)
-				OCSP_SINGLERESP_add1_ext_i2d(single, NID_hold_instruction_code, inst, 0, 0);
-			ASN1_OBJECT_free(inst);
-			ASN1_TIME_free(revtm);
-			ASN1_GENERALIZEDTIME_free(invtm);
-			}
-		}
-
-	OCSP_copy_nonce(bs, req);
-	
-	OCSP_basic_sign(bs, rcert, rkey, NULL, rother, flags);
-
-	*resp = OCSP_response_create(OCSP_RESPONSE_STATUS_SUCCESSFUL, bs);
-
-	end:
-	ASN1_TIME_free(thisupd);
-	ASN1_TIME_free(nextupd);
-	OCSP_CERTID_free(ca_id);
-	OCSP_BASICRESP_free(bs);
-	return ret;
-
-	}
-
-static char **lookup_serial(CA_DB *db, ASN1_INTEGER *ser)
-	{
-	int i;
-	BIGNUM *bn = NULL;
-	char *itmp, *row[DB_NUMBER],**rrow;
-	for (i = 0; i < DB_NUMBER; i++) row[i] = NULL;
-	bn = ASN1_INTEGER_to_BN(ser,NULL);
-	OPENSSL_assert(bn); /* FIXME: should report an error at this point and abort */
-	if (BN_is_zero(bn))
-		itmp = BUF_strdup("00");
-	else
-		itmp = BN_bn2hex(bn);
-	row[DB_serial] = itmp;
-	BN_free(bn);
-	rrow=TXT_DB_get_by_index(db->db,DB_serial,row);
-	OPENSSL_free(itmp);
-	return rrow;
-	}
-
-/* Quick and dirty OCSP server: read in and parse input request */
-
-static BIO *init_responder(char *port)
-	{
-	BIO *acbio = NULL, *bufbio = NULL;
-	bufbio = BIO_new(BIO_f_buffer());
-	if (!bufbio) 
-		goto err;
-#ifndef OPENSSL_NO_SOCK
-	acbio = BIO_new_accept(port);
-#else
-	BIO_printf(bio_err, "Error setting up accept BIO - sockets not supported.\n");
-#endif
-	if (!acbio)
-		goto err;
-	BIO_set_accept_bios(acbio, bufbio);
-	bufbio = NULL;
-
-	if (BIO_do_accept(acbio) <= 0)
-		{
-			BIO_printf(bio_err, "Error setting up accept BIO\n");
-			ERR_print_errors(bio_err);
-			goto err;
-		}
-
-	return acbio;
-
-	err:
-	BIO_free_all(acbio);
-	BIO_free(bufbio);
-	return NULL;
-	}
-
-static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio, char *port)
-	{
-	int have_post = 0, len;
-	OCSP_REQUEST *req = NULL;
-	char inbuf[1024];
-	BIO *cbio = NULL;
-
-	if (BIO_do_accept(acbio) <= 0)
-		{
-			BIO_printf(bio_err, "Error accepting connection\n");
-			ERR_print_errors(bio_err);
-			return 0;
-		}
-
-	cbio = BIO_pop(acbio);
-	*pcbio = cbio;
-
-	for(;;)
-		{
-		len = BIO_gets(cbio, inbuf, sizeof inbuf);
-		if (len <= 0)
-			return 1;
-		/* Look for "POST" signalling start of query */
-		if (!have_post)
-			{
-			if(strncmp(inbuf, "POST", 4))
-				{
-				BIO_printf(bio_err, "Invalid request\n");
-				return 1;
-				}
-			have_post = 1;
-			}
-		/* Look for end of headers */
-		if ((inbuf[0] == '\r') || (inbuf[0] == '\n'))
-			break;
-		}
-
-	/* Try to read OCSP request */
-
-	req = d2i_OCSP_REQUEST_bio(cbio, NULL);
-
-	if (!req)
-		{
-		BIO_printf(bio_err, "Error parsing OCSP request\n");
-		ERR_print_errors(bio_err);
-		}
-
-	*preq = req;
-
-	return 1;
-
-	}
-
-static int send_ocsp_response(BIO *cbio, OCSP_RESPONSE *resp)
-	{
-	char http_resp[] = 
-		"HTTP/1.0 200 OK\r\nContent-type: application/ocsp-response\r\n"
-		"Content-Length: %d\r\n\r\n";
-	if (!cbio)
-		return 0;
-	BIO_printf(cbio, http_resp, i2d_OCSP_RESPONSE(resp, NULL));
-	i2d_OCSP_RESPONSE_bio(cbio, resp);
-	(void)BIO_flush(cbio);
-	return 1;
-	}
-
-static OCSP_RESPONSE *query_responder(BIO *err, BIO *cbio, char *path,
-				STACK_OF(CONF_VALUE) *headers,
-				OCSP_REQUEST *req, int req_timeout)
-	{
-	int fd;
-	int rv;
-	int i;
-	OCSP_REQ_CTX *ctx = NULL;
-	OCSP_RESPONSE *rsp = NULL;
-	fd_set confds;
-	struct timeval tv;
-
-	if (req_timeout != -1)
-		BIO_set_nbio(cbio, 1);
-
-	rv = BIO_do_connect(cbio);
-
-	if ((rv <= 0) && ((req_timeout == -1) || !BIO_should_retry(cbio)))
-		{
-		BIO_puts(err, "Error connecting BIO\n");
-		return NULL;
-		}
-
-	if (BIO_get_fd(cbio, &fd) <= 0)
-		{
-		BIO_puts(err, "Can't get connection fd\n");
-		goto err;
-		}
-
-	if (req_timeout != -1 && rv <= 0)
-		{
-		FD_ZERO(&confds);
-		openssl_fdset(fd, &confds);
-		tv.tv_usec = 0;
-		tv.tv_sec = req_timeout;
-		rv = select(fd + 1, NULL, (void *)&confds, NULL, &tv);
-		if (rv == 0)
-			{
-			BIO_puts(err, "Timeout on connect\n");
-			return NULL;
-			}
-		}
-
-
-	ctx = OCSP_sendreq_new(cbio, path, NULL, -1);
-	if (!ctx)
-		return NULL;
-
-	for (i = 0; i < sk_CONF_VALUE_num(headers); i++)
-		{
-		CONF_VALUE *hdr = sk_CONF_VALUE_value(headers, i);
-		if (!OCSP_REQ_CTX_add1_header(ctx, hdr->name, hdr->value))
-			goto err;
-		}
-
-	if (!OCSP_REQ_CTX_set1_req(ctx, req))
-		goto err;
-	
-	for (;;)
-		{
-		rv = OCSP_sendreq_nbio(&rsp, ctx);
-		if (rv != -1)
-			break;
-		if (req_timeout == -1)
-			continue;
-		FD_ZERO(&confds);
-		openssl_fdset(fd, &confds);
-		tv.tv_usec = 0;
-		tv.tv_sec = req_timeout;
-		if (BIO_should_read(cbio))
-			rv = select(fd + 1, (void *)&confds, NULL, NULL, &tv);
-		else if (BIO_should_write(cbio))
-			rv = select(fd + 1, NULL, (void *)&confds, NULL, &tv);
-		else
-			{
-			BIO_puts(err, "Unexpected retry condition\n");
-			goto err;
-			}
-		if (rv == 0)
-			{
-			BIO_puts(err, "Timeout on request\n");
-			break;
-			}
-		if (rv == -1)
-			{
-			BIO_puts(err, "Select error\n");
-			break;
-			}
-
-		}
-	err:
-	if (ctx)
-		OCSP_REQ_CTX_free(ctx);
-
-	return rsp;
-	}
-
-OCSP_RESPONSE *process_responder(BIO *err, OCSP_REQUEST *req,
-			char *host, char *path, char *port, int use_ssl,
-			STACK_OF(CONF_VALUE) *headers,
-			int req_timeout)
-	{
-	BIO *cbio = NULL;
-	SSL_CTX *ctx = NULL;
-	OCSP_RESPONSE *resp = NULL;
-	cbio = BIO_new_connect(host);
-	if (!cbio)
-		{
-		BIO_printf(err, "Error creating connect BIO\n");
-		goto end;
-		}
-	if (port) BIO_set_conn_port(cbio, port);
-	if (use_ssl == 1)
-		{
-		BIO *sbio;
-#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
-		ctx = SSL_CTX_new(SSLv23_client_method());
-#elif !defined(OPENSSL_NO_SSL3)
-		ctx = SSL_CTX_new(SSLv3_client_method());
-#elif !defined(OPENSSL_NO_SSL2)
-		ctx = SSL_CTX_new(SSLv2_client_method());
-#else
-		BIO_printf(err, "SSL is disabled\n");
-			goto end;
-#endif
-		if (ctx == NULL)
-			{
-			BIO_printf(err, "Error creating SSL context.\n");
-			goto end;
-			}
-		SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY);
-		sbio = BIO_new_ssl(ctx, 1);
-		cbio = BIO_push(sbio, cbio);
-		}
-	resp = query_responder(err, cbio, path, headers, req, req_timeout);
-	if (!resp)
-		BIO_printf(bio_err, "Error querying OCSP responsder\n");
-	end:
-	if (cbio)
-		BIO_free_all(cbio);
-	if (ctx)
-		SSL_CTX_free(ctx);
-	return resp;
-	}
-
-#endif
diff --git a/deps/openssl/openssl/apps/oid.cnf b/deps/openssl/openssl/apps/oid.cnf
deleted file mode 100644
index faf425a156b..00000000000
--- a/deps/openssl/openssl/apps/oid.cnf
+++ /dev/null
@@ -1,6 +0,0 @@
-2.99999.1       SET.ex1         SET x509v3 extension 1
-2.99999.2       SET.ex2         SET x509v3 extension 2
-2.99999.3       SET.ex3         SET x509v3 extension 3
-2.99999.4       SET.ex4         SET x509v3 extension 4
-2.99999.5       SET.ex5         SET x509v3 extension 5
-2.99999.6       SET.ex6         SET x509v3 extension 6
diff --git a/deps/openssl/openssl/apps/openssl-vms.cnf b/deps/openssl/openssl/apps/openssl-vms.cnf
deleted file mode 100644
index 45e46a0fb43..00000000000
--- a/deps/openssl/openssl/apps/openssl-vms.cnf
+++ /dev/null
@@ -1,350 +0,0 @@
-#
-# OpenSSL example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-
-# This definition stops the following lines choking if HOME isn't
-# defined.
-HOME			= .
-RANDFILE		= $ENV::HOME/.rnd
-
-# Extra OBJECT IDENTIFIER info:
-#oid_file		= $ENV::HOME/.oid
-oid_section		= new_oids
-
-# To use this configuration file with the "-extfile" option of the
-# "openssl x509" utility, name here the section containing the
-# X.509v3 extensions to use:
-# extensions		= 
-# (Alternatively, use a configuration file that has only
-# X.509v3 extensions in its main [= default] section.)
-
-[ new_oids ]
-
-# We can add new OIDs in here for use by 'ca', 'req' and 'ts'.
-# Add a simple OID like this:
-# testoid1=1.2.3.4
-# Or use config file substitution like this:
-# testoid2=${testoid1}.5.6
-
-# Policies used by the TSA examples.
-tsa_policy1 = 1.2.3.4.1
-tsa_policy2 = 1.2.3.4.5.6
-tsa_policy3 = 1.2.3.4.5.7
-
-####################################################################
-[ ca ]
-default_ca	= CA_default		# The default ca section
-
-####################################################################
-[ CA_default ]
-
-dir		= sys\$disk:[.demoCA		# Where everything is kept
-certs		= $dir.certs]		# Where the issued certs are kept
-crl_dir		= $dir.crl]		# Where the issued crl are kept
-database	= $dir]index.txt	# database index file.
-#unique_subject	= no			# Set to 'no' to allow creation of
-					# several ctificates with same subject.
-new_certs_dir	= $dir.newcerts]		# default place for new certs.
-
-certificate	= $dir]cacert.pem 	# The CA certificate
-serial		= $dir]serial. 		# The current serial number
-crlnumber	= $dir]crlnumber.	# the current crl number
-					# must be commented out to leave a V1 CRL
-crl		= $dir]crl.pem 		# The current CRL
-private_key	= $dir.private]cakey.pem# The private key
-RANDFILE	= $dir.private].rand	# private random number file
-
-x509_extensions	= usr_cert		# The extentions to add to the cert
-
-# Comment out the following two lines for the "traditional"
-# (and highly broken) format.
-name_opt 	= ca_default		# Subject Name options
-cert_opt 	= ca_default		# Certificate field options
-
-# Extension copying option: use with caution.
-# copy_extensions = copy
-
-# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
-# so this is commented out by default to leave a V1 CRL.
-# crlnumber must also be commented out to leave a V1 CRL.
-# crl_extensions	= crl_ext
-
-default_days	= 365			# how long to certify for
-default_crl_days= 30			# how long before next CRL
-default_md	= default		# use public key default MD
-preserve	= no			# keep passed DN ordering
-
-# A few difference way of specifying how similar the request should look
-# For type CA, the listed attributes must be the same, and the optional
-# and supplied fields are just that :-)
-policy		= policy_match
-
-# For the CA policy
-[ policy_match ]
-countryName		= match
-stateOrProvinceName	= match
-organizationName	= match
-organizationalUnitName	= optional
-commonName		= supplied
-emailAddress		= optional
-
-# For the 'anything' policy
-# At this point in time, you must list all acceptable 'object'
-# types.
-[ policy_anything ]
-countryName		= optional
-stateOrProvinceName	= optional
-localityName		= optional
-organizationName	= optional
-organizationalUnitName	= optional
-commonName		= supplied
-emailAddress		= optional
-
-####################################################################
-[ req ]
-default_bits		= 1024
-default_keyfile 	= privkey.pem
-distinguished_name	= req_distinguished_name
-attributes		= req_attributes
-x509_extensions	= v3_ca	# The extentions to add to the self signed cert
-
-# Passwords for private keys if not present they will be prompted for
-# input_password = secret
-# output_password = secret
-
-# This sets a mask for permitted string types. There are several options. 
-# default: PrintableString, T61String, BMPString.
-# pkix	 : PrintableString, BMPString (PKIX recommendation before 2004)
-# utf8only: only UTF8Strings (PKIX recommendation after 2004).
-# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
-# MASK:XXXX a literal mask value.
-# WARNING: ancient versions of Netscape crash on BMPStrings or UTF8Strings.
-string_mask = utf8only
-
-# req_extensions = v3_req # The extensions to add to a certificate request
-
-[ req_distinguished_name ]
-countryName			= Country Name (2 letter code)
-countryName_default		= AU
-countryName_min			= 2
-countryName_max			= 2
-
-stateOrProvinceName		= State or Province Name (full name)
-stateOrProvinceName_default	= Some-State
-
-localityName			= Locality Name (eg, city)
-
-0.organizationName		= Organization Name (eg, company)
-0.organizationName_default	= Internet Widgits Pty Ltd
-
-# we can do this but it is not needed normally :-)
-#1.organizationName		= Second Organization Name (eg, company)
-#1.organizationName_default	= World Wide Web Pty Ltd
-
-organizationalUnitName		= Organizational Unit Name (eg, section)
-#organizationalUnitName_default	=
-
-commonName			= Common Name (e.g. server FQDN or YOUR name)
-commonName_max			= 64
-
-emailAddress			= Email Address
-emailAddress_max		= 64
-
-# SET-ex3			= SET extension number 3
-
-[ req_attributes ]
-challengePassword		= A challenge password
-challengePassword_min		= 4
-challengePassword_max		= 20
-
-unstructuredName		= An optional company name
-
-[ usr_cert ]
-
-# These extensions are added when 'ca' signs a request.
-
-# This goes against PKIX guidelines but some CAs do it and some software
-# requires this to avoid interpreting an end user certificate as a CA.
-
-basicConstraints=CA:FALSE
-
-# Here are some examples of the usage of nsCertType. If it is omitted
-# the certificate can be used for anything *except* object signing.
-
-# This is OK for an SSL server.
-# nsCertType			= server
-
-# For an object signing certificate this would be used.
-# nsCertType = objsign
-
-# For normal client use this is typical
-# nsCertType = client, email
-
-# and for everything including object signing:
-# nsCertType = client, email, objsign
-
-# This is typical in keyUsage for a client certificate.
-# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-# This will be displayed in Netscape's comment listbox.
-nsComment			= "OpenSSL Generated Certificate"
-
-# PKIX recommendations harmless if included in all certificates.
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer
-
-# This stuff is for subjectAltName and issuerAltname.
-# Import the email address.
-# subjectAltName=email:copy
-# An alternative to produce certificates that aren't
-# deprecated according to PKIX.
-# subjectAltName=email:move
-
-# Copy subject details
-# issuerAltName=issuer:copy
-
-#nsCaRevocationUrl		= http://www.domain.dom/ca-crl.pem
-#nsBaseUrl
-#nsRevocationUrl
-#nsRenewalUrl
-#nsCaPolicyUrl
-#nsSslServerName
-
-# This is required for TSA certificates.
-# extendedKeyUsage = critical,timeStamping
-
-[ v3_req ]
-
-# Extensions to add to a certificate request
-
-basicConstraints = CA:FALSE
-keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-[ v3_ca ]
-
-
-# Extensions for a typical CA
-
-
-# PKIX recommendation.
-
-subjectKeyIdentifier=hash
-
-authorityKeyIdentifier=keyid:always,issuer
-
-# This is what PKIX recommends but some broken software chokes on critical
-# extensions.
-#basicConstraints = critical,CA:true
-# So we do this instead.
-basicConstraints = CA:true
-
-# Key usage: this is typical for a CA certificate. However since it will
-# prevent it being used as an test self-signed certificate it is best
-# left out by default.
-# keyUsage = cRLSign, keyCertSign
-
-# Some might want this also
-# nsCertType = sslCA, emailCA
-
-# Include email address in subject alt name: another PKIX recommendation
-# subjectAltName=email:copy
-# Copy issuer details
-# issuerAltName=issuer:copy
-
-# DER hex encoding of an extension: beware experts only!
-# obj=DER:02:03
-# Where 'obj' is a standard or added object
-# You can even override a supported extension:
-# basicConstraints= critical, DER:30:03:01:01:FF
-
-[ crl_ext ]
-
-# CRL extensions.
-# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
-
-# issuerAltName=issuer:copy
-authorityKeyIdentifier=keyid:always
-
-[ proxy_cert_ext ]
-# These extensions should be added when creating a proxy certificate
-
-# This goes against PKIX guidelines but some CAs do it and some software
-# requires this to avoid interpreting an end user certificate as a CA.
-
-basicConstraints=CA:FALSE
-
-# Here are some examples of the usage of nsCertType. If it is omitted
-# the certificate can be used for anything *except* object signing.
-
-# This is OK for an SSL server.
-# nsCertType			= server
-
-# For an object signing certificate this would be used.
-# nsCertType = objsign
-
-# For normal client use this is typical
-# nsCertType = client, email
-
-# and for everything including object signing:
-# nsCertType = client, email, objsign
-
-# This is typical in keyUsage for a client certificate.
-# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-# This will be displayed in Netscape's comment listbox.
-nsComment			= "OpenSSL Generated Certificate"
-
-# PKIX recommendations harmless if included in all certificates.
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer
-
-# This stuff is for subjectAltName and issuerAltname.
-# Import the email address.
-# subjectAltName=email:copy
-# An alternative to produce certificates that aren't
-# deprecated according to PKIX.
-# subjectAltName=email:move
-
-# Copy subject details
-# issuerAltName=issuer:copy
-
-#nsCaRevocationUrl		= http://www.domain.dom/ca-crl.pem
-#nsBaseUrl
-#nsRevocationUrl
-#nsRenewalUrl
-#nsCaPolicyUrl
-#nsSslServerName
-
-# This really needs to be in place for it to be a proxy certificate.
-proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo
-
-####################################################################
-[ tsa ]
-
-default_tsa = tsa_config1	# the default TSA section
-
-[ tsa_config1 ]
-
-# These are used by the TSA reply generation only.
-dir		= sys\$disk:[.demoCA		# TSA root directory
-serial		= $dir]tsaserial.	# The current serial number (mandatory)
-crypto_device	= builtin		# OpenSSL engine to use for signing
-signer_cert	= $dir/tsacert.pem 	# The TSA signing certificate
-					# (optional)
-certs		= $dir.cacert.pem]	# Certificate chain to include in reply
-					# (optional)
-signer_key	= $dir/private/tsakey.pem # The TSA private key (optional)
-
-default_policy	= tsa_policy1		# Policy if request did not specify it
-					# (optional)
-other_policies	= tsa_policy2, tsa_policy3	# acceptable policies (optional)
-digests		= md5, sha1		# Acceptable message digests (mandatory)
-accuracy	= secs:1, millisecs:500, microsecs:100	# (optional)
-clock_precision_digits  = 0	# number of digits after dot. (optional)
-ordering		= yes	# Is ordering defined for timestamps?
-				# (optional, default: no)
-tsa_name		= yes	# Must the TSA name be included in the reply?
-				# (optional, default: no)
-ess_cert_id_chain	= no	# Must the ESS cert id chain be included?
-				# (optional, default: no)
diff --git a/deps/openssl/openssl/apps/openssl.c b/deps/openssl/openssl/apps/openssl.c
deleted file mode 100644
index 106895739ce..00000000000
--- a/deps/openssl/openssl/apps/openssl.c
+++ /dev/null
@@ -1,714 +0,0 @@
-/* apps/openssl.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-#include 
-#include 
-#include 
-#define OPENSSL_C /* tells apps.h to use complete apps_startup() */
-#include "apps.h"
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#ifndef OPENSSL_NO_ENGINE
-#include 
-#endif
-#define USE_SOCKETS /* needed for the _O_BINARY defs in the MS world */
-#include "progs.h"
-#include "s_apps.h"
-#include 
-
-/* The LHASH callbacks ("hash" & "cmp") have been replaced by functions with the
- * base prototypes (we cast each variable inside the function to the required
- * type of "FUNCTION*"). This removes the necessity for macro-generated wrapper
- * functions. */
-
-static LHASH_OF(FUNCTION) *prog_init(void );
-static int do_cmd(LHASH_OF(FUNCTION) *prog,int argc,char *argv[]);
-static void list_pkey(BIO *out);
-static void list_cipher(BIO *out);
-static void list_md(BIO *out);
-char *default_config_file=NULL;
-
-/* Make sure there is only one when MONOLITH is defined */
-#ifdef MONOLITH
-CONF *config=NULL;
-BIO *bio_err=NULL;
-#endif
-
-
-static void lock_dbg_cb(int mode, int type, const char *file, int line)
-	{
-	static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */
-	const char *errstr = NULL;
-	int rw;
-	
-	rw = mode & (CRYPTO_READ|CRYPTO_WRITE);
-	if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE)))
-		{
-		errstr = "invalid mode";
-		goto err;
-		}
-
-	if (type < 0 || type >= CRYPTO_NUM_LOCKS)
-		{
-		errstr = "type out of bounds";
-		goto err;
-		}
-
-	if (mode & CRYPTO_LOCK)
-		{
-		if (modes[type])
-			{
-			errstr = "already locked";
-			/* must not happen in a single-threaded program
-			 * (would deadlock) */
-			goto err;
-			}
-
-		modes[type] = rw;
-		}
-	else if (mode & CRYPTO_UNLOCK)
-		{
-		if (!modes[type])
-			{
-			errstr = "not locked";
-			goto err;
-			}
-		
-		if (modes[type] != rw)
-			{
-			errstr = (rw == CRYPTO_READ) ?
-				"CRYPTO_r_unlock on write lock" :
-				"CRYPTO_w_unlock on read lock";
-			}
-
-		modes[type] = 0;
-		}
-	else
-		{
-		errstr = "invalid mode";
-		goto err;
-		}
-
- err:
-	if (errstr)
-		{
-		/* we cannot use bio_err here */
-		fprintf(stderr, "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
-			errstr, mode, type, file, line);
-		}
-	}
-
-#if defined( OPENSSL_SYS_VMS) && (__INITIAL_POINTER_SIZE == 64)
-# define ARGV _Argv
-#else
-# define ARGV Argv
-#endif
-
-int main(int Argc, char *ARGV[])
-	{
-	ARGS arg;
-#define PROG_NAME_SIZE	39
-	char pname[PROG_NAME_SIZE+1];
-	FUNCTION f,*fp;
-	MS_STATIC const char *prompt;
-	MS_STATIC char buf[1024];
-	char *to_free=NULL;
-	int n,i,ret=0;
-	int argc;
-	char **argv,*p;
-	LHASH_OF(FUNCTION) *prog=NULL;
-	long errline;
-
-#if defined( OPENSSL_SYS_VMS) && (__INITIAL_POINTER_SIZE == 64)
-	/* 2011-03-22 SMS.
-	 * If we have 32-bit pointers everywhere, then we're safe, and
-	 * we bypass this mess, as on non-VMS systems.  (See ARGV,
-	 * above.)
-	 * Problem 1: Compaq/HP C before V7.3 always used 32-bit
-	 * pointers for argv[].
-	 * Fix 1: For a 32-bit argv[], when we're using 64-bit pointers
-	 * everywhere else, we always allocate and use a 64-bit
-	 * duplicate of argv[].
-	 * Problem 2: Compaq/HP C V7.3 (Alpha, IA64) before ECO1 failed
-	 * to NULL-terminate a 64-bit argv[].  (As this was written, the
-	 * compiler ECO was available only on IA64.)
-	 * Fix 2: Unless advised not to (VMS_TRUST_ARGV), we test a
-	 * 64-bit argv[argc] for NULL, and, if necessary, use a
-	 * (properly) NULL-terminated (64-bit) duplicate of argv[].
-	 * The same code is used in either case to duplicate argv[].
-	 * Some of these decisions could be handled in preprocessing,
-	 * but the code tends to get even uglier, and the penalty for
-	 * deciding at compile- or run-time is tiny.
-	 */
-	char **Argv = NULL;
-	int free_Argv = 0;
-
-	if ((sizeof( _Argv) < 8)        /* 32-bit argv[]. */
-# if !defined( VMS_TRUST_ARGV)
-	 || (_Argv[ Argc] != NULL)      /* Untrusted argv[argc] not NULL. */
-# endif
-		)
-		{
-		int i;
-		Argv = OPENSSL_malloc( (Argc+ 1)* sizeof( char *));
-		if (Argv == NULL)
-			{ ret = -1; goto end; }
-		for(i = 0; i < Argc; i++)
-			Argv[i] = _Argv[i];
-		Argv[ Argc] = NULL;     /* Certain NULL termination. */
-		free_Argv = 1;
-		}
-	else
-		{
-		/* Use the known-good 32-bit argv[] (which needs the
-		 * type cast to satisfy the compiler), or the trusted or
-		 * tested-good 64-bit argv[] as-is. */
-		Argv = (char **)_Argv;
-		}
-#endif /* defined( OPENSSL_SYS_VMS) && (__INITIAL_POINTER_SIZE == 64) */
-
-	arg.data=NULL;
-	arg.count=0;
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (getenv("OPENSSL_DEBUG_MEMORY") != NULL) /* if not defined, use compiled-in library defaults */
-		{
-		if (!(0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))
-			{
-			CRYPTO_malloc_debug_init();
-			CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
-			}
-		else
-			{
-			/* OPENSSL_DEBUG_MEMORY=off */
-			CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
-			}
-		}
-	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
-
-#if 0
-	if (getenv("OPENSSL_DEBUG_LOCKING") != NULL)
-#endif
-		{
-		CRYPTO_set_locking_callback(lock_dbg_cb);
-		}
-
-	apps_startup();
-
-	/* Lets load up our environment a little */
-	p=getenv("OPENSSL_CONF");
-	if (p == NULL)
-		p=getenv("SSLEAY_CONF");
-	if (p == NULL)
-		p=to_free=make_config_name();
-
-	default_config_file=p;
-
-	config=NCONF_new(NULL);
-	i=NCONF_load(config,p,&errline);
-	if (i == 0)
-		{
-		if (ERR_GET_REASON(ERR_peek_last_error())
-		    == CONF_R_NO_SUCH_FILE)
-			{
-#if 0 /* ANDROID */
-			BIO_printf(bio_err,
-				   "WARNING: can't open config file: %s\n",p);
-#endif
-			ERR_clear_error();
-			NCONF_free(config);
-			config = NULL;
-			}
-		else
-			{
-			ERR_print_errors(bio_err);
-			NCONF_free(config);
-			exit(1);
-			}
-		}
-
-	prog=prog_init();
-
-	/* first check the program name */
-	program_name(Argv[0],pname,sizeof pname);
-
-	f.name=pname;
-	fp=lh_FUNCTION_retrieve(prog,&f);
-	if (fp != NULL)
-		{
-		Argv[0]=pname;
-		ret=fp->func(Argc,Argv);
-		goto end;
-		}
-
-	/* ok, now check that there are not arguments, if there are,
-	 * run with them, shifting the ssleay off the front */
-	if (Argc != 1)
-		{
-		Argc--;
-		Argv++;
-		ret=do_cmd(prog,Argc,Argv);
-		if (ret < 0) ret=0;
-		goto end;
-		}
-
-	/* ok, lets enter the old 'OpenSSL>' mode */
-	
-	for (;;)
-		{
-		ret=0;
-		p=buf;
-		n=sizeof buf;
-		i=0;
-		for (;;)
-			{
-			p[0]='\0';
-			if (i++)
-				prompt=">";
-			else	prompt="OpenSSL> ";
-			fputs(prompt,stdout);
-			fflush(stdout);
-			if (!fgets(p,n,stdin))
-				goto end;
-			if (p[0] == '\0') goto end;
-			i=strlen(p);
-			if (i <= 1) break;
-			if (p[i-2] != '\\') break;
-			i-=2;
-			p+=i;
-			n-=i;
-			}
-		if (!chopup_args(&arg,buf,&argc,&argv)) break;
-
-		ret=do_cmd(prog,argc,argv);
-		if (ret < 0)
-			{
-			ret=0;
-			goto end;
-			}
-		if (ret != 0)
-			BIO_printf(bio_err,"error in %s\n",argv[0]);
-		(void)BIO_flush(bio_err);
-		}
-	BIO_printf(bio_err,"bad exit\n");
-	ret=1;
-end:
-	if (to_free)
-		OPENSSL_free(to_free);
-	if (config != NULL)
-		{
-		NCONF_free(config);
-		config=NULL;
-		}
-	if (prog != NULL) lh_FUNCTION_free(prog);
-	if (arg.data != NULL) OPENSSL_free(arg.data);
-
-	apps_shutdown();
-
-	CRYPTO_mem_leaks(bio_err);
-	if (bio_err != NULL)
-		{
-		BIO_free(bio_err);
-		bio_err=NULL;
-		}
-#if defined( OPENSSL_SYS_VMS) && (__INITIAL_POINTER_SIZE == 64)
-	/* Free any duplicate Argv[] storage. */
-	if (free_Argv)
-		{
-		OPENSSL_free(Argv);
-		}
-#endif
-	OPENSSL_EXIT(ret);
-	}
-
-#define LIST_STANDARD_COMMANDS "list-standard-commands"
-#define LIST_MESSAGE_DIGEST_COMMANDS "list-message-digest-commands"
-#define LIST_MESSAGE_DIGEST_ALGORITHMS "list-message-digest-algorithms"
-#define LIST_CIPHER_COMMANDS "list-cipher-commands"
-#define LIST_CIPHER_ALGORITHMS "list-cipher-algorithms"
-#define LIST_PUBLIC_KEY_ALGORITHMS "list-public-key-algorithms"
-
-
-static int do_cmd(LHASH_OF(FUNCTION) *prog, int argc, char *argv[])
-	{
-	FUNCTION f,*fp;
-	int i,ret=1,tp,nl;
-
-	if ((argc <= 0) || (argv[0] == NULL))
-		{ ret=0; goto end; }
-	f.name=argv[0];
-	fp=lh_FUNCTION_retrieve(prog,&f);
-	if (fp == NULL)
-		{
-		if (EVP_get_digestbyname(argv[0]))
-			{
-			f.type = FUNC_TYPE_MD;
-			f.func = dgst_main;
-			fp = &f;
-			}
-		else if (EVP_get_cipherbyname(argv[0]))
-			{
-			f.type = FUNC_TYPE_CIPHER;
-			f.func = enc_main;
-			fp = &f;
-			}
-		}
-	if (fp != NULL)
-		{
-		ret=fp->func(argc,argv);
-		}
-	else if ((strncmp(argv[0],"no-",3)) == 0)
-		{
-		BIO *bio_stdout = BIO_new_fp(stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		bio_stdout = BIO_push(tmpbio, bio_stdout);
-		}
-#endif
-		f.name=argv[0]+3;
-		ret = (lh_FUNCTION_retrieve(prog,&f) != NULL);
-		if (!ret)
-			BIO_printf(bio_stdout, "%s\n", argv[0]);
-		else
-			BIO_printf(bio_stdout, "%s\n", argv[0]+3);
-		BIO_free_all(bio_stdout);
-		goto end;
-		}
-	else if ((strcmp(argv[0],"quit") == 0) ||
-		(strcmp(argv[0],"q") == 0) ||
-		(strcmp(argv[0],"exit") == 0) ||
-		(strcmp(argv[0],"bye") == 0))
-		{
-		ret= -1;
-		goto end;
-		}
-	else if ((strcmp(argv[0],LIST_STANDARD_COMMANDS) == 0) ||
-		(strcmp(argv[0],LIST_MESSAGE_DIGEST_COMMANDS) == 0) ||
-		(strcmp(argv[0],LIST_MESSAGE_DIGEST_ALGORITHMS) == 0) ||
-		(strcmp(argv[0],LIST_CIPHER_COMMANDS) == 0) ||
-		(strcmp(argv[0],LIST_CIPHER_ALGORITHMS) == 0) ||
-		(strcmp(argv[0],LIST_PUBLIC_KEY_ALGORITHMS) == 0))
-		{
-		int list_type;
-		BIO *bio_stdout;
-
-		if (strcmp(argv[0],LIST_STANDARD_COMMANDS) == 0)
-			list_type = FUNC_TYPE_GENERAL;
-		else if (strcmp(argv[0],LIST_MESSAGE_DIGEST_COMMANDS) == 0)
-			list_type = FUNC_TYPE_MD;
-		else if (strcmp(argv[0],LIST_MESSAGE_DIGEST_ALGORITHMS) == 0)
-			list_type = FUNC_TYPE_MD_ALG;
-		else if (strcmp(argv[0],LIST_PUBLIC_KEY_ALGORITHMS) == 0)
-			list_type = FUNC_TYPE_PKEY;
-		else if (strcmp(argv[0],LIST_CIPHER_ALGORITHMS) == 0)
-			list_type = FUNC_TYPE_CIPHER_ALG;
-		else /* strcmp(argv[0],LIST_CIPHER_COMMANDS) == 0 */
-			list_type = FUNC_TYPE_CIPHER;
-		bio_stdout = BIO_new_fp(stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		bio_stdout = BIO_push(tmpbio, bio_stdout);
-		}
-#endif
-
-		if (!load_config(bio_err, NULL))
-			goto end;
-
-		if (list_type == FUNC_TYPE_PKEY)
-			list_pkey(bio_stdout);	
-		if (list_type == FUNC_TYPE_MD_ALG)
-			list_md(bio_stdout);	
-		if (list_type == FUNC_TYPE_CIPHER_ALG)
-			list_cipher(bio_stdout);	
-		else
-			{
-			for (fp=functions; fp->name != NULL; fp++)
-				if (fp->type == list_type)
-					BIO_printf(bio_stdout, "%s\n",
-								fp->name);
-			}
-		BIO_free_all(bio_stdout);
-		ret=0;
-		goto end;
-		}
-	else
-		{
-		BIO_printf(bio_err,"openssl:Error: '%s' is an invalid command.\n",
-			argv[0]);
-		BIO_printf(bio_err, "\nStandard commands");
-		i=0;
-		tp=0;
-		for (fp=functions; fp->name != NULL; fp++)
-			{
-			nl=0;
-#ifdef OPENSSL_NO_CAMELLIA
-			if (((i++) % 5) == 0)
-#else
-			if (((i++) % 4) == 0)
-#endif
-				{
-				BIO_printf(bio_err,"\n");
-				nl=1;
-				}
-			if (fp->type != tp)
-				{
-				tp=fp->type;
-				if (!nl) BIO_printf(bio_err,"\n");
-				if (tp == FUNC_TYPE_MD)
-					{
-					i=1;
-					BIO_printf(bio_err,
-						"\nMessage Digest commands (see the `dgst' command for more details)\n");
-					}
-				else if (tp == FUNC_TYPE_CIPHER)
-					{
-					i=1;
-					BIO_printf(bio_err,"\nCipher commands (see the `enc' command for more details)\n");
-					}
-				}
-#ifdef OPENSSL_NO_CAMELLIA
-			BIO_printf(bio_err,"%-15s",fp->name);
-#else
-			BIO_printf(bio_err,"%-18s",fp->name);
-#endif
-			}
-		BIO_printf(bio_err,"\n\n");
-		ret=0;
-		}
-end:
-	return(ret);
-	}
-
-static int SortFnByName(const void *_f1,const void *_f2)
-    {
-    const FUNCTION *f1=_f1;
-    const FUNCTION *f2=_f2;
-
-    if(f1->type != f2->type)
-	return f1->type-f2->type;
-    return strcmp(f1->name,f2->name);
-    }
-
-static void list_pkey(BIO *out)
-	{
-	int i;
-	for (i = 0; i < EVP_PKEY_asn1_get_count(); i++)
-		{
-		const EVP_PKEY_ASN1_METHOD *ameth;
-		int pkey_id, pkey_base_id, pkey_flags;
-		const char *pinfo, *pem_str;
-		ameth = EVP_PKEY_asn1_get0(i);
-		EVP_PKEY_asn1_get0_info(&pkey_id, &pkey_base_id, &pkey_flags,
-						&pinfo, &pem_str, ameth);
-		if (pkey_flags & ASN1_PKEY_ALIAS)
-			{
-			BIO_printf(out, "Name: %s\n", 
-					OBJ_nid2ln(pkey_id));
-			BIO_printf(out, "\tType: Alias to %s\n",
-					OBJ_nid2ln(pkey_base_id));
-			}
-		else
-			{
-			BIO_printf(out, "Name: %s\n", pinfo);
-			BIO_printf(out, "\tType: %s Algorithm\n", 
-				pkey_flags & ASN1_PKEY_DYNAMIC ?
-					"External" : "Builtin");
-			BIO_printf(out, "\tOID: %s\n", OBJ_nid2ln(pkey_id));
-			if (pem_str == NULL)
-				pem_str = "(none)";
-			BIO_printf(out, "\tPEM string: %s\n", pem_str);
-			}
-					
-		}
-	}
-
-static void list_cipher_fn(const EVP_CIPHER *c,
-			const char *from, const char *to, void *arg)
-	{
-	if (c)
-		BIO_printf(arg, "%s\n", EVP_CIPHER_name(c));
-	else
-		{
-		if (!from)
-			from = "";
-		if (!to)
-			to = "";
-		BIO_printf(arg, "%s => %s\n", from, to);
-		}
-	}
-
-static void list_cipher(BIO *out)
-	{
-	EVP_CIPHER_do_all_sorted(list_cipher_fn, out);
-	}
-
-static void list_md_fn(const EVP_MD *m,
-			const char *from, const char *to, void *arg)
-	{
-	if (m)
-		BIO_printf(arg, "%s\n", EVP_MD_name(m));
-	else
-		{
-		if (!from)
-			from = "";
-		if (!to)
-			to = "";
-		BIO_printf(arg, "%s => %s\n", from, to);
-		}
-	}
-
-static void list_md(BIO *out)
-	{
-	EVP_MD_do_all_sorted(list_md_fn, out);
-	}
-
-static int MS_CALLBACK function_cmp(const FUNCTION *a, const FUNCTION *b)
-	{
-	return strncmp(a->name,b->name,8);
-	}
-static IMPLEMENT_LHASH_COMP_FN(function, FUNCTION)
-
-static unsigned long MS_CALLBACK function_hash(const FUNCTION *a)
-	{
-	return lh_strhash(a->name);
-	}	
-static IMPLEMENT_LHASH_HASH_FN(function, FUNCTION)
-
-static LHASH_OF(FUNCTION) *prog_init(void)
-	{
-	LHASH_OF(FUNCTION) *ret;
-	FUNCTION *f;
-	size_t i;
-
-	/* Purely so it looks nice when the user hits ? */
-	for(i=0,f=functions ; f->name != NULL ; ++f,++i)
-	    ;
-	qsort(functions,i,sizeof *functions,SortFnByName);
-
-	if ((ret=lh_FUNCTION_new()) == NULL)
-		return(NULL);
-
-	for (f=functions; f->name != NULL; f++)
-		(void)lh_FUNCTION_insert(ret,f);
-	return(ret);
-	}
-
diff --git a/deps/openssl/openssl/apps/openssl.cnf b/deps/openssl/openssl/apps/openssl.cnf
deleted file mode 100644
index 18760c6e673..00000000000
--- a/deps/openssl/openssl/apps/openssl.cnf
+++ /dev/null
@@ -1,350 +0,0 @@
-#
-# OpenSSL example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-
-# This definition stops the following lines choking if HOME isn't
-# defined.
-HOME			= .
-RANDFILE		= $ENV::HOME/.rnd
-
-# Extra OBJECT IDENTIFIER info:
-#oid_file		= $ENV::HOME/.oid
-oid_section		= new_oids
-
-# To use this configuration file with the "-extfile" option of the
-# "openssl x509" utility, name here the section containing the
-# X.509v3 extensions to use:
-# extensions		= 
-# (Alternatively, use a configuration file that has only
-# X.509v3 extensions in its main [= default] section.)
-
-[ new_oids ]
-
-# We can add new OIDs in here for use by 'ca', 'req' and 'ts'.
-# Add a simple OID like this:
-# testoid1=1.2.3.4
-# Or use config file substitution like this:
-# testoid2=${testoid1}.5.6
-
-# Policies used by the TSA examples.
-tsa_policy1 = 1.2.3.4.1
-tsa_policy2 = 1.2.3.4.5.6
-tsa_policy3 = 1.2.3.4.5.7
-
-####################################################################
-[ ca ]
-default_ca	= CA_default		# The default ca section
-
-####################################################################
-[ CA_default ]
-
-dir		= ./demoCA		# Where everything is kept
-certs		= $dir/certs		# Where the issued certs are kept
-crl_dir		= $dir/crl		# Where the issued crl are kept
-database	= $dir/index.txt	# database index file.
-#unique_subject	= no			# Set to 'no' to allow creation of
-					# several ctificates with same subject.
-new_certs_dir	= $dir/newcerts		# default place for new certs.
-
-certificate	= $dir/cacert.pem 	# The CA certificate
-serial		= $dir/serial 		# The current serial number
-crlnumber	= $dir/crlnumber	# the current crl number
-					# must be commented out to leave a V1 CRL
-crl		= $dir/crl.pem 		# The current CRL
-private_key	= $dir/private/cakey.pem# The private key
-RANDFILE	= $dir/private/.rand	# private random number file
-
-x509_extensions	= usr_cert		# The extentions to add to the cert
-
-# Comment out the following two lines for the "traditional"
-# (and highly broken) format.
-name_opt 	= ca_default		# Subject Name options
-cert_opt 	= ca_default		# Certificate field options
-
-# Extension copying option: use with caution.
-# copy_extensions = copy
-
-# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
-# so this is commented out by default to leave a V1 CRL.
-# crlnumber must also be commented out to leave a V1 CRL.
-# crl_extensions	= crl_ext
-
-default_days	= 365			# how long to certify for
-default_crl_days= 30			# how long before next CRL
-default_md	= default		# use public key default MD
-preserve	= no			# keep passed DN ordering
-
-# A few difference way of specifying how similar the request should look
-# For type CA, the listed attributes must be the same, and the optional
-# and supplied fields are just that :-)
-policy		= policy_match
-
-# For the CA policy
-[ policy_match ]
-countryName		= match
-stateOrProvinceName	= match
-organizationName	= match
-organizationalUnitName	= optional
-commonName		= supplied
-emailAddress		= optional
-
-# For the 'anything' policy
-# At this point in time, you must list all acceptable 'object'
-# types.
-[ policy_anything ]
-countryName		= optional
-stateOrProvinceName	= optional
-localityName		= optional
-organizationName	= optional
-organizationalUnitName	= optional
-commonName		= supplied
-emailAddress		= optional
-
-####################################################################
-[ req ]
-default_bits		= 1024
-default_keyfile 	= privkey.pem
-distinguished_name	= req_distinguished_name
-attributes		= req_attributes
-x509_extensions	= v3_ca	# The extentions to add to the self signed cert
-
-# Passwords for private keys if not present they will be prompted for
-# input_password = secret
-# output_password = secret
-
-# This sets a mask for permitted string types. There are several options. 
-# default: PrintableString, T61String, BMPString.
-# pkix	 : PrintableString, BMPString (PKIX recommendation before 2004)
-# utf8only: only UTF8Strings (PKIX recommendation after 2004).
-# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
-# MASK:XXXX a literal mask value.
-# WARNING: ancient versions of Netscape crash on BMPStrings or UTF8Strings.
-string_mask = utf8only
-
-# req_extensions = v3_req # The extensions to add to a certificate request
-
-[ req_distinguished_name ]
-countryName			= Country Name (2 letter code)
-countryName_default		= AU
-countryName_min			= 2
-countryName_max			= 2
-
-stateOrProvinceName		= State or Province Name (full name)
-stateOrProvinceName_default	= Some-State
-
-localityName			= Locality Name (eg, city)
-
-0.organizationName		= Organization Name (eg, company)
-0.organizationName_default	= Internet Widgits Pty Ltd
-
-# we can do this but it is not needed normally :-)
-#1.organizationName		= Second Organization Name (eg, company)
-#1.organizationName_default	= World Wide Web Pty Ltd
-
-organizationalUnitName		= Organizational Unit Name (eg, section)
-#organizationalUnitName_default	=
-
-commonName			= Common Name (e.g. server FQDN or YOUR name)
-commonName_max			= 64
-
-emailAddress			= Email Address
-emailAddress_max		= 64
-
-# SET-ex3			= SET extension number 3
-
-[ req_attributes ]
-challengePassword		= A challenge password
-challengePassword_min		= 4
-challengePassword_max		= 20
-
-unstructuredName		= An optional company name
-
-[ usr_cert ]
-
-# These extensions are added when 'ca' signs a request.
-
-# This goes against PKIX guidelines but some CAs do it and some software
-# requires this to avoid interpreting an end user certificate as a CA.
-
-basicConstraints=CA:FALSE
-
-# Here are some examples of the usage of nsCertType. If it is omitted
-# the certificate can be used for anything *except* object signing.
-
-# This is OK for an SSL server.
-# nsCertType			= server
-
-# For an object signing certificate this would be used.
-# nsCertType = objsign
-
-# For normal client use this is typical
-# nsCertType = client, email
-
-# and for everything including object signing:
-# nsCertType = client, email, objsign
-
-# This is typical in keyUsage for a client certificate.
-# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-# This will be displayed in Netscape's comment listbox.
-nsComment			= "OpenSSL Generated Certificate"
-
-# PKIX recommendations harmless if included in all certificates.
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer
-
-# This stuff is for subjectAltName and issuerAltname.
-# Import the email address.
-# subjectAltName=email:copy
-# An alternative to produce certificates that aren't
-# deprecated according to PKIX.
-# subjectAltName=email:move
-
-# Copy subject details
-# issuerAltName=issuer:copy
-
-#nsCaRevocationUrl		= http://www.domain.dom/ca-crl.pem
-#nsBaseUrl
-#nsRevocationUrl
-#nsRenewalUrl
-#nsCaPolicyUrl
-#nsSslServerName
-
-# This is required for TSA certificates.
-# extendedKeyUsage = critical,timeStamping
-
-[ v3_req ]
-
-# Extensions to add to a certificate request
-
-basicConstraints = CA:FALSE
-keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-[ v3_ca ]
-
-
-# Extensions for a typical CA
-
-
-# PKIX recommendation.
-
-subjectKeyIdentifier=hash
-
-authorityKeyIdentifier=keyid:always,issuer
-
-# This is what PKIX recommends but some broken software chokes on critical
-# extensions.
-#basicConstraints = critical,CA:true
-# So we do this instead.
-basicConstraints = CA:true
-
-# Key usage: this is typical for a CA certificate. However since it will
-# prevent it being used as an test self-signed certificate it is best
-# left out by default.
-# keyUsage = cRLSign, keyCertSign
-
-# Some might want this also
-# nsCertType = sslCA, emailCA
-
-# Include email address in subject alt name: another PKIX recommendation
-# subjectAltName=email:copy
-# Copy issuer details
-# issuerAltName=issuer:copy
-
-# DER hex encoding of an extension: beware experts only!
-# obj=DER:02:03
-# Where 'obj' is a standard or added object
-# You can even override a supported extension:
-# basicConstraints= critical, DER:30:03:01:01:FF
-
-[ crl_ext ]
-
-# CRL extensions.
-# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
-
-# issuerAltName=issuer:copy
-authorityKeyIdentifier=keyid:always
-
-[ proxy_cert_ext ]
-# These extensions should be added when creating a proxy certificate
-
-# This goes against PKIX guidelines but some CAs do it and some software
-# requires this to avoid interpreting an end user certificate as a CA.
-
-basicConstraints=CA:FALSE
-
-# Here are some examples of the usage of nsCertType. If it is omitted
-# the certificate can be used for anything *except* object signing.
-
-# This is OK for an SSL server.
-# nsCertType			= server
-
-# For an object signing certificate this would be used.
-# nsCertType = objsign
-
-# For normal client use this is typical
-# nsCertType = client, email
-
-# and for everything including object signing:
-# nsCertType = client, email, objsign
-
-# This is typical in keyUsage for a client certificate.
-# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-# This will be displayed in Netscape's comment listbox.
-nsComment			= "OpenSSL Generated Certificate"
-
-# PKIX recommendations harmless if included in all certificates.
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer
-
-# This stuff is for subjectAltName and issuerAltname.
-# Import the email address.
-# subjectAltName=email:copy
-# An alternative to produce certificates that aren't
-# deprecated according to PKIX.
-# subjectAltName=email:move
-
-# Copy subject details
-# issuerAltName=issuer:copy
-
-#nsCaRevocationUrl		= http://www.domain.dom/ca-crl.pem
-#nsBaseUrl
-#nsRevocationUrl
-#nsRenewalUrl
-#nsCaPolicyUrl
-#nsSslServerName
-
-# This really needs to be in place for it to be a proxy certificate.
-proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo
-
-####################################################################
-[ tsa ]
-
-default_tsa = tsa_config1	# the default TSA section
-
-[ tsa_config1 ]
-
-# These are used by the TSA reply generation only.
-dir		= ./demoCA		# TSA root directory
-serial		= $dir/tsaserial	# The current serial number (mandatory)
-crypto_device	= builtin		# OpenSSL engine to use for signing
-signer_cert	= $dir/tsacert.pem 	# The TSA signing certificate
-					# (optional)
-certs		= $dir/cacert.pem	# Certificate chain to include in reply
-					# (optional)
-signer_key	= $dir/private/tsakey.pem # The TSA private key (optional)
-
-default_policy	= tsa_policy1		# Policy if request did not specify it
-					# (optional)
-other_policies	= tsa_policy2, tsa_policy3	# acceptable policies (optional)
-digests		= md5, sha1		# Acceptable message digests (mandatory)
-accuracy	= secs:1, millisecs:500, microsecs:100	# (optional)
-clock_precision_digits  = 0	# number of digits after dot. (optional)
-ordering		= yes	# Is ordering defined for timestamps?
-				# (optional, default: no)
-tsa_name		= yes	# Must the TSA name be included in the reply?
-				# (optional, default: no)
-ess_cert_id_chain	= no	# Must the ESS cert id chain be included?
-				# (optional, default: no)
diff --git a/deps/openssl/openssl/apps/passwd.c b/deps/openssl/openssl/apps/passwd.c
deleted file mode 100644
index 9ca25dd1da8..00000000000
--- a/deps/openssl/openssl/apps/passwd.c
+++ /dev/null
@@ -1,512 +0,0 @@
-/* apps/passwd.c */
-
-#if defined OPENSSL_NO_MD5 || defined CHARSET_EBCDIC
-# define NO_MD5CRYPT_1
-#endif
-
-#if !defined(OPENSSL_NO_DES) || !defined(NO_MD5CRYPT_1)
-
-#include 
-#include 
-
-#include "apps.h"
-
-#include 
-#include 
-#include 
-#include 
-#ifndef OPENSSL_NO_DES
-# include 
-#endif
-#ifndef NO_MD5CRYPT_1
-# include 
-#endif
-
-
-#undef PROG
-#define PROG passwd_main
-
-
-static unsigned const char cov_2char[64]={
-	/* from crypto/des/fcrypt.c */
-	0x2E,0x2F,0x30,0x31,0x32,0x33,0x34,0x35,
-	0x36,0x37,0x38,0x39,0x41,0x42,0x43,0x44,
-	0x45,0x46,0x47,0x48,0x49,0x4A,0x4B,0x4C,
-	0x4D,0x4E,0x4F,0x50,0x51,0x52,0x53,0x54,
-	0x55,0x56,0x57,0x58,0x59,0x5A,0x61,0x62,
-	0x63,0x64,0x65,0x66,0x67,0x68,0x69,0x6A,
-	0x6B,0x6C,0x6D,0x6E,0x6F,0x70,0x71,0x72,
-	0x73,0x74,0x75,0x76,0x77,0x78,0x79,0x7A
-};
-
-static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
-	char *passwd, BIO *out, int quiet, int table, int reverse,
-	size_t pw_maxlen, int usecrypt, int use1, int useapr1);
-
-/* -crypt        - standard Unix password algorithm (default)
- * -1            - MD5-based password algorithm
- * -apr1         - MD5-based password algorithm, Apache variant
- * -salt string  - salt
- * -in file      - read passwords from file
- * -stdin        - read passwords from stdin
- * -noverify     - never verify when reading password from terminal
- * -quiet        - no warnings
- * -table        - format output as table
- * -reverse      - switch table columns
- */
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	int ret = 1;
-	char *infile = NULL;
-	int in_stdin = 0;
-	int in_noverify = 0;
-	char *salt = NULL, *passwd = NULL, **passwds = NULL;
-	char *salt_malloc = NULL, *passwd_malloc = NULL;
-	size_t passwd_malloc_size = 0;
-	int pw_source_defined = 0;
-	BIO *in = NULL, *out = NULL;
-	int i, badopt, opt_done;
-	int passed_salt = 0, quiet = 0, table = 0, reverse = 0;
-	int usecrypt = 0, use1 = 0, useapr1 = 0;
-	size_t pw_maxlen = 0;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (!load_config(bio_err, NULL))
-		goto err;
-	out = BIO_new(BIO_s_file());
-	if (out == NULL)
-		goto err;
-	BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT);
-#ifdef OPENSSL_SYS_VMS
-	{
-	BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-	out = BIO_push(tmpbio, out);
-	}
-#endif
-
-	badopt = 0, opt_done = 0;
-	i = 0;
-	while (!badopt && !opt_done && argv[++i] != NULL)
-		{
-		if (strcmp(argv[i], "-crypt") == 0)
-			usecrypt = 1;
-		else if (strcmp(argv[i], "-1") == 0)
-			use1 = 1;
-		else if (strcmp(argv[i], "-apr1") == 0)
-			useapr1 = 1;
-		else if (strcmp(argv[i], "-salt") == 0)
-			{
-			if ((argv[i+1] != NULL) && (salt == NULL))
-				{
-				passed_salt = 1;
-				salt = argv[++i];
-				}
-			else
-				badopt = 1;
-			}
-		else if (strcmp(argv[i], "-in") == 0)
-			{
-			if ((argv[i+1] != NULL) && !pw_source_defined)
-				{
-				pw_source_defined = 1;
-				infile = argv[++i];
-				}
-			else
-				badopt = 1;
-			}
-		else if (strcmp(argv[i], "-stdin") == 0)
-			{
-			if (!pw_source_defined)
-				{
-				pw_source_defined = 1;
-				in_stdin = 1;
-				}
-			else
-				badopt = 1;
-			}
-		else if (strcmp(argv[i], "-noverify") == 0)
-			in_noverify = 1;
-		else if (strcmp(argv[i], "-quiet") == 0)
-			quiet = 1;
-		else if (strcmp(argv[i], "-table") == 0)
-			table = 1;
-		else if (strcmp(argv[i], "-reverse") == 0)
-			reverse = 1;
-		else if (argv[i][0] == '-')
-			badopt = 1;
-		else if (!pw_source_defined)
-			/* non-option arguments, use as passwords */
-			{
-			pw_source_defined = 1;
-			passwds = &argv[i];
-			opt_done = 1;
-			}
-		else
-			badopt = 1;
-		}
-
-	if (!usecrypt && !use1 && !useapr1) /* use default */
-		usecrypt = 1;
-	if (usecrypt + use1 + useapr1 > 1) /* conflict */
-		badopt = 1;
-
-	/* reject unsupported algorithms */
-#ifdef OPENSSL_NO_DES
-	if (usecrypt) badopt = 1;
-#endif
-#ifdef NO_MD5CRYPT_1
-	if (use1 || useapr1) badopt = 1;
-#endif
-
-	if (badopt) 
-		{
-		BIO_printf(bio_err, "Usage: passwd [options] [passwords]\n");
-		BIO_printf(bio_err, "where options are\n");
-#ifndef OPENSSL_NO_DES
-		BIO_printf(bio_err, "-crypt             standard Unix password algorithm (default)\n");
-#endif
-#ifndef NO_MD5CRYPT_1
-		BIO_printf(bio_err, "-1                 MD5-based password algorithm\n");
-		BIO_printf(bio_err, "-apr1              MD5-based password algorithm, Apache variant\n");
-#endif
-		BIO_printf(bio_err, "-salt string       use provided salt\n");
-		BIO_printf(bio_err, "-in file           read passwords from file\n");
-		BIO_printf(bio_err, "-stdin             read passwords from stdin\n");
-		BIO_printf(bio_err, "-noverify          never verify when reading password from terminal\n");
-		BIO_printf(bio_err, "-quiet             no warnings\n");
-		BIO_printf(bio_err, "-table             format output as table\n");
-		BIO_printf(bio_err, "-reverse           switch table columns\n");
-		
-		goto err;
-		}
-
-	if ((infile != NULL) || in_stdin)
-		{
-		in = BIO_new(BIO_s_file());
-		if (in == NULL)
-			goto err;
-		if (infile != NULL)
-			{
-			assert(in_stdin == 0);
-			if (BIO_read_filename(in, infile) <= 0)
-				goto err;
-			}
-		else
-			{
-			assert(in_stdin);
-			BIO_set_fp(in, stdin, BIO_NOCLOSE);
-			}
-		}
-	
-	if (usecrypt)
-		pw_maxlen = 8;
-	else if (use1 || useapr1)
-		pw_maxlen = 256; /* arbitrary limit, should be enough for most passwords */
-
-	if (passwds == NULL)
-		{
-		/* no passwords on the command line */
-
-		passwd_malloc_size = pw_maxlen + 2;
-		/* longer than necessary so that we can warn about truncation */
-		passwd = passwd_malloc = OPENSSL_malloc(passwd_malloc_size);
-		if (passwd_malloc == NULL)
-			goto err;
-		}
-
-	if ((in == NULL) && (passwds == NULL))
-		{
-		/* build a null-terminated list */
-		static char *passwds_static[2] = {NULL, NULL};
-		
-		passwds = passwds_static;
-		if (in == NULL)
-			if (EVP_read_pw_string(passwd_malloc, passwd_malloc_size, "Password: ", !(passed_salt || in_noverify)) != 0)
-				goto err;
-		passwds[0] = passwd_malloc;
-		}
-
-	if (in == NULL)
-		{
-		assert(passwds != NULL);
-		assert(*passwds != NULL);
-		
-		do /* loop over list of passwords */
-			{
-			passwd = *passwds++;
-			if (!do_passwd(passed_salt, &salt, &salt_malloc, passwd, out,
-				quiet, table, reverse, pw_maxlen, usecrypt, use1, useapr1))
-				goto err;
-			}
-		while (*passwds != NULL);
-		}
-	else
-		/* in != NULL */
-		{
-		int done;
-
-		assert (passwd != NULL);
-		do
-			{
-			int r = BIO_gets(in, passwd, pw_maxlen + 1);
-			if (r > 0)
-				{
-				char *c = (strchr(passwd, '\n')) ;
-				if (c != NULL)
-					*c = 0; /* truncate at newline */
-				else
-					{
-					/* ignore rest of line */
-					char trash[BUFSIZ];
-					do
-						r = BIO_gets(in, trash, sizeof trash);
-					while ((r > 0) && (!strchr(trash, '\n')));
-					}
-				
-				if (!do_passwd(passed_salt, &salt, &salt_malloc, passwd, out,
-					quiet, table, reverse, pw_maxlen, usecrypt, use1, useapr1))
-					goto err;
-				}
-			done = (r <= 0);
-			}
-		while (!done);
-		}
-	ret = 0;
-
-err:
-	ERR_print_errors(bio_err);
-	if (salt_malloc)
-		OPENSSL_free(salt_malloc);
-	if (passwd_malloc)
-		OPENSSL_free(passwd_malloc);
-	if (in)
-		BIO_free(in);
-	if (out)
-		BIO_free_all(out);
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-
-
-#ifndef NO_MD5CRYPT_1
-/* MD5-based password algorithm (should probably be available as a library
- * function; then the static buffer would not be acceptable).
- * For magic string "1", this should be compatible to the MD5-based BSD
- * password algorithm.
- * For 'magic' string "apr1", this is compatible to the MD5-based Apache
- * password algorithm.
- * (Apparently, the Apache password algorithm is identical except that the
- * 'magic' string was changed -- the laziest application of the NIH principle
- * I've ever encountered.)
- */
-static char *md5crypt(const char *passwd, const char *magic, const char *salt)
-	{
-	static char out_buf[6 + 9 + 24 + 2]; /* "$apr1$..salt..$.......md5hash..........\0" */
-	unsigned char buf[MD5_DIGEST_LENGTH];
-	char *salt_out;
-	int n;
-	unsigned int i;
-	EVP_MD_CTX md,md2;
-	size_t passwd_len, salt_len;
-
-	passwd_len = strlen(passwd);
-	out_buf[0] = '$';
-	out_buf[1] = 0;
-	assert(strlen(magic) <= 4); /* "1" or "apr1" */
-	strncat(out_buf, magic, 4);
-	strncat(out_buf, "$", 1);
-	strncat(out_buf, salt, 8);
-	assert(strlen(out_buf) <= 6 + 8); /* "$apr1$..salt.." */
-	salt_out = out_buf + 2 + strlen(magic);
-	salt_len = strlen(salt_out);
-	assert(salt_len <= 8);
-	
-	EVP_MD_CTX_init(&md);
-	EVP_DigestInit_ex(&md,EVP_md5(), NULL);
-	EVP_DigestUpdate(&md, passwd, passwd_len);
-	EVP_DigestUpdate(&md, "$", 1);
-	EVP_DigestUpdate(&md, magic, strlen(magic));
-	EVP_DigestUpdate(&md, "$", 1);
-	EVP_DigestUpdate(&md, salt_out, salt_len);
-	
-	EVP_MD_CTX_init(&md2);
-	EVP_DigestInit_ex(&md2,EVP_md5(), NULL);
-	EVP_DigestUpdate(&md2, passwd, passwd_len);
-	EVP_DigestUpdate(&md2, salt_out, salt_len);
-	EVP_DigestUpdate(&md2, passwd, passwd_len);
-	EVP_DigestFinal_ex(&md2, buf, NULL);
-
-	for (i = passwd_len; i > sizeof buf; i -= sizeof buf)
-		EVP_DigestUpdate(&md, buf, sizeof buf);
-	EVP_DigestUpdate(&md, buf, i);
-	
-	n = passwd_len;
-	while (n)
-		{
-		EVP_DigestUpdate(&md, (n & 1) ? "\0" : passwd, 1);
-		n >>= 1;
-		}
-	EVP_DigestFinal_ex(&md, buf, NULL);
-
-	for (i = 0; i < 1000; i++)
-		{
-		EVP_DigestInit_ex(&md2,EVP_md5(), NULL);
-		EVP_DigestUpdate(&md2, (i & 1) ? (unsigned const char *) passwd : buf,
-		                       (i & 1) ? passwd_len : sizeof buf);
-		if (i % 3)
-			EVP_DigestUpdate(&md2, salt_out, salt_len);
-		if (i % 7)
-			EVP_DigestUpdate(&md2, passwd, passwd_len);
-		EVP_DigestUpdate(&md2, (i & 1) ? buf : (unsigned const char *) passwd,
-		                       (i & 1) ? sizeof buf : passwd_len);
-		EVP_DigestFinal_ex(&md2, buf, NULL);
-		}
-	EVP_MD_CTX_cleanup(&md2);
-	
-	 {
-		/* transform buf into output string */
-	
-		unsigned char buf_perm[sizeof buf];
-		int dest, source;
-		char *output;
-
-		/* silly output permutation */
-		for (dest = 0, source = 0; dest < 14; dest++, source = (source + 6) % 17)
-			buf_perm[dest] = buf[source];
-		buf_perm[14] = buf[5];
-		buf_perm[15] = buf[11];
-#ifndef PEDANTIC /* Unfortunately, this generates a "no effect" warning */
-		assert(16 == sizeof buf_perm);
-#endif
-		
-		output = salt_out + salt_len;
-		assert(output == out_buf + strlen(out_buf));
-		
-		*output++ = '$';
-
-		for (i = 0; i < 15; i += 3)
-			{
-			*output++ = cov_2char[buf_perm[i+2] & 0x3f];
-			*output++ = cov_2char[((buf_perm[i+1] & 0xf) << 2) |
-				                  (buf_perm[i+2] >> 6)];
-			*output++ = cov_2char[((buf_perm[i] & 3) << 4) |
-				                  (buf_perm[i+1] >> 4)];
-			*output++ = cov_2char[buf_perm[i] >> 2];
-			}
-		assert(i == 15);
-		*output++ = cov_2char[buf_perm[i] & 0x3f];
-		*output++ = cov_2char[buf_perm[i] >> 6];
-		*output = 0;
-		assert(strlen(out_buf) < sizeof(out_buf));
-	 }
-	EVP_MD_CTX_cleanup(&md);
-
-	return out_buf;
-	}
-#endif
-
-
-static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
-	char *passwd, BIO *out,	int quiet, int table, int reverse,
-	size_t pw_maxlen, int usecrypt, int use1, int useapr1)
-	{
-	char *hash = NULL;
-
-	assert(salt_p != NULL);
-	assert(salt_malloc_p != NULL);
-
-	/* first make sure we have a salt */
-	if (!passed_salt)
-		{
-#ifndef OPENSSL_NO_DES
-		if (usecrypt)
-			{
-			if (*salt_malloc_p == NULL)
-				{
-				*salt_p = *salt_malloc_p = OPENSSL_malloc(3);
-				if (*salt_malloc_p == NULL)
-					goto err;
-				}
-			if (RAND_pseudo_bytes((unsigned char *)*salt_p, 2) < 0)
-				goto err;
-			(*salt_p)[0] = cov_2char[(*salt_p)[0] & 0x3f]; /* 6 bits */
-			(*salt_p)[1] = cov_2char[(*salt_p)[1] & 0x3f]; /* 6 bits */
-			(*salt_p)[2] = 0;
-#ifdef CHARSET_EBCDIC
-			ascii2ebcdic(*salt_p, *salt_p, 2); /* des_crypt will convert
-			                                    * back to ASCII */
-#endif
-			}
-#endif /* !OPENSSL_NO_DES */
-
-#ifndef NO_MD5CRYPT_1
-		if (use1 || useapr1)
-			{
-			int i;
-			
-			if (*salt_malloc_p == NULL)
-				{
-				*salt_p = *salt_malloc_p = OPENSSL_malloc(9);
-				if (*salt_malloc_p == NULL)
-					goto err;
-				}
-			if (RAND_pseudo_bytes((unsigned char *)*salt_p, 8) < 0)
-				goto err;
-			
-			for (i = 0; i < 8; i++)
-				(*salt_p)[i] = cov_2char[(*salt_p)[i] & 0x3f]; /* 6 bits */
-			(*salt_p)[8] = 0;
-			}
-#endif /* !NO_MD5CRYPT_1 */
-		}
-	
-	assert(*salt_p != NULL);
-	
-	/* truncate password if necessary */
-	if ((strlen(passwd) > pw_maxlen))
-		{
-		if (!quiet)
-			/* XXX: really we should know how to print a size_t, not cast it */
-			BIO_printf(bio_err, "Warning: truncating password to %u characters\n", (unsigned)pw_maxlen);
-		passwd[pw_maxlen] = 0;
-		}
-	assert(strlen(passwd) <= pw_maxlen);
-	
-	/* now compute password hash */
-#ifndef OPENSSL_NO_DES
-	if (usecrypt)
-		hash = DES_crypt(passwd, *salt_p);
-#endif
-#ifndef NO_MD5CRYPT_1
-	if (use1 || useapr1)
-		hash = md5crypt(passwd, (use1 ? "1" : "apr1"), *salt_p);
-#endif
-	assert(hash != NULL);
-
-	if (table && !reverse)
-		BIO_printf(out, "%s\t%s\n", passwd, hash);
-	else if (table && reverse)
-		BIO_printf(out, "%s\t%s\n", hash, passwd);
-	else
-		BIO_printf(out, "%s\n", hash);
-	return 1;
-	
-err:
-	return 0;
-	}
-#else
-
-int MAIN(int argc, char **argv)
-	{
-	fputs("Program not available.\n", stderr)
-	OPENSSL_EXIT(1);
-	}
-#endif
diff --git a/deps/openssl/openssl/apps/pca-cert.srl b/deps/openssl/openssl/apps/pca-cert.srl
deleted file mode 100644
index 2c7456e3eb6..00000000000
--- a/deps/openssl/openssl/apps/pca-cert.srl
+++ /dev/null
@@ -1 +0,0 @@
-07
diff --git a/deps/openssl/openssl/apps/pca-key.pem b/deps/openssl/openssl/apps/pca-key.pem
deleted file mode 100644
index 20029ab779f..00000000000
--- a/deps/openssl/openssl/apps/pca-key.pem
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQCdoWk/3+WcMlfjIrkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPg
-wgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp22Jp85PmemiDzyUIStwk72qhp1imbANZ
-vlmlCFKiQrjUyuDfu4TABmn+kkt3vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQAB
-AoGAba4fTtuap5l7/8ZsbE7Z1O32KJY4ZcOZukLOLUUhXxXduT+FTgGWujc0/rgc
-z9qYCLlNZHOouMYTgtSfYvuMuLZ11VIt0GYH+nRioLShE59Yy+zCRyC+gPigS1kz
-xvo14AsOIPYV14Tk/SsHyq6E0eTk7VzaIE197giiINUERPECQQDSKmtPTh/lRKw7
-HSZSM0I1mFWn/1zqrAbontRQY5w98QWIOe5qmzYyFbPXYT3d9BzlsMyhgiRNoBbD
-yvohSHXJAkEAwAHx6ezAZeWWzD5yXD36nyjpkVCw7Tk7TSmOceLJMWt1QcrCfqlS
-xA5jjpQ6Z8suU5DdtWAryM2sAir1WisYzwJAd6Zcx56jvAQ3xcPXsE6scBTVFzrj
-7FqZ6E+cclPzfLQ+QQsyOBE7bpI6e/FJppY26XGZXo3YGzV8IGXrt40oOQJALETG
-h86EFXo3qGOFbmsDy4pdP5nBERCu8X1xUCSfintiD4c2DInxgS5oGclnJeMcjTvL
-QjQoJCX3UJCi/OUO1QJBAKgcDHWjMvt+l1pjJBsSEZ0HX9AAIIVx0RQmbFGS+F2Q
-hhu5l77WnnZOQ9vvhV5u7NPCUF9nhU3jh60qWWO8mkc=
------END RSA PRIVATE KEY-----
diff --git a/deps/openssl/openssl/apps/pca-req.pem b/deps/openssl/openssl/apps/pca-req.pem
deleted file mode 100644
index 33f155337b3..00000000000
--- a/deps/openssl/openssl/apps/pca-req.pem
+++ /dev/null
@@ -1,11 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIBmjCCAQMCAQAwXDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQx
-GjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYDVQQDExNUZXN0IFBDQSAo
-MTAyNCBiaXQpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCdoWk/3+WcMlfj
-Irkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPgwgsabJ/wn8TxA1yy3eKJbFl3OiUX
-MRsp22Jp85PmemiDzyUIStwk72qhp1imbANZvlmlCFKiQrjUyuDfu4TABmn+kkt3
-vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAEzz
-IG8NnfpnPTQSCN5zJhOfy6p9AcDyQzuJirYv1HR/qoYWalPh/U2uiK0lAim7qMcv
-wOlK3I7A8B7/4dLqvIqgtUj9b1WT8zIrnwdvJI4osLI2BY+c1pVlp174DHLMol1L
-Cl1e3N5BTm7lCitTYjuUhsw6hiA8IcdNKDo6sktV
------END CERTIFICATE REQUEST-----
diff --git a/deps/openssl/openssl/apps/pkcs12.c b/deps/openssl/openssl/apps/pkcs12.c
deleted file mode 100644
index b54c6f84a4a..00000000000
--- a/deps/openssl/openssl/apps/pkcs12.c
+++ /dev/null
@@ -1,977 +0,0 @@
-/* pkcs12.c */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include 
-#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1)
-
-#include 
-#include 
-#include 
-#include "apps.h"
-#include 
-#include 
-#include 
-#include 
-
-#define PROG pkcs12_main
-
-const EVP_CIPHER *enc;
-
-
-#define NOKEYS		0x1
-#define NOCERTS 	0x2
-#define INFO		0x4
-#define CLCERTS		0x8
-#define CACERTS		0x10
-
-int get_cert_chain (X509 *cert, X509_STORE *store, STACK_OF(X509) **chain);
-int dump_certs_keys_p12(BIO *out, PKCS12 *p12, char *pass, int passlen, int options, char *pempass);
-int dump_certs_pkeys_bags(BIO *out, STACK_OF(PKCS12_SAFEBAG) *bags, char *pass,
-			  int passlen, int options, char *pempass);
-int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bags, char *pass, int passlen, int options, char *pempass);
-int print_attribs(BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst,const char *name);
-void hex_prin(BIO *out, unsigned char *buf, int len);
-int alg_print(BIO *x, X509_ALGOR *alg);
-int cert_load(BIO *in, STACK_OF(X509) *sk);
-static int set_pbe(BIO *err, int *ppbe, const char *str);
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-{
-    ENGINE *e = NULL;
-    char *infile=NULL, *outfile=NULL, *keyname = NULL;	
-    char *certfile=NULL;
-    BIO *in=NULL, *out = NULL;
-    char **args;
-    char *name = NULL;
-    char *csp_name = NULL;
-    int add_lmk = 0;
-    PKCS12 *p12 = NULL;
-    char pass[50], macpass[50];
-    int export_cert = 0;
-    int options = 0;
-    int chain = 0;
-    int badarg = 0;
-    int iter = PKCS12_DEFAULT_ITER;
-    int maciter = PKCS12_DEFAULT_ITER;
-    int twopass = 0;
-    int keytype = 0;
-    int cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC;
-    int key_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
-    int ret = 1;
-    int macver = 1;
-    int noprompt = 0;
-    STACK_OF(OPENSSL_STRING) *canames = NULL;
-    char *cpass = NULL, *mpass = NULL;
-    char *passargin = NULL, *passargout = NULL, *passarg = NULL;
-    char *passin = NULL, *passout = NULL;
-    char *inrand = NULL;
-    char *macalg = NULL;
-    char *CApath = NULL, *CAfile = NULL;
-#ifndef OPENSSL_NO_ENGINE
-    char *engine=NULL;
-#endif
-
-    apps_startup();
-
-    enc = EVP_des_ede3_cbc();
-    if (bio_err == NULL ) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-    args = argv + 1;
-
-
-    while (*args) {
-	if (*args[0] == '-') {
-		if (!strcmp (*args, "-nokeys")) options |= NOKEYS;
-		else if (!strcmp (*args, "-keyex")) keytype = KEY_EX;
-		else if (!strcmp (*args, "-keysig")) keytype = KEY_SIG;
-		else if (!strcmp (*args, "-nocerts")) options |= NOCERTS;
-		else if (!strcmp (*args, "-clcerts")) options |= CLCERTS;
-		else if (!strcmp (*args, "-cacerts")) options |= CACERTS;
-		else if (!strcmp (*args, "-noout")) options |= (NOKEYS|NOCERTS);
-		else if (!strcmp (*args, "-info")) options |= INFO;
-		else if (!strcmp (*args, "-chain")) chain = 1;
-		else if (!strcmp (*args, "-twopass")) twopass = 1;
-		else if (!strcmp (*args, "-nomacver")) macver = 0;
-		else if (!strcmp (*args, "-descert"))
-    			cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
-		else if (!strcmp (*args, "-export")) export_cert = 1;
-		else if (!strcmp (*args, "-des")) enc=EVP_des_cbc();
-		else if (!strcmp (*args, "-des3")) enc = EVP_des_ede3_cbc();
-#ifndef OPENSSL_NO_IDEA
-		else if (!strcmp (*args, "-idea")) enc=EVP_idea_cbc();
-#endif
-#ifndef OPENSSL_NO_SEED
-		else if (!strcmp(*args, "-seed")) enc=EVP_seed_cbc();
-#endif
-#ifndef OPENSSL_NO_AES
-		else if (!strcmp(*args,"-aes128")) enc=EVP_aes_128_cbc();
-		else if (!strcmp(*args,"-aes192")) enc=EVP_aes_192_cbc();
-		else if (!strcmp(*args,"-aes256")) enc=EVP_aes_256_cbc();
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-		else if (!strcmp(*args,"-camellia128")) enc=EVP_camellia_128_cbc();
-		else if (!strcmp(*args,"-camellia192")) enc=EVP_camellia_192_cbc();
-		else if (!strcmp(*args,"-camellia256")) enc=EVP_camellia_256_cbc();
-#endif
-		else if (!strcmp (*args, "-noiter")) iter = 1;
-		else if (!strcmp (*args, "-maciter"))
-					 maciter = PKCS12_DEFAULT_ITER;
-		else if (!strcmp (*args, "-nomaciter"))
-					 maciter = 1;
-		else if (!strcmp (*args, "-nomac"))
-					 maciter = -1;
-		else if (!strcmp (*args, "-macalg"))
-		    if (args[1]) {
-			args++;	
-			macalg = *args;
-		    } else badarg = 1;
-		else if (!strcmp (*args, "-nodes")) enc=NULL;
-		else if (!strcmp (*args, "-certpbe")) {
-			if (!set_pbe(bio_err, &cert_pbe, *++args))
-				badarg = 1;
-		} else if (!strcmp (*args, "-keypbe")) {
-			if (!set_pbe(bio_err, &key_pbe, *++args))
-				badarg = 1;
-		} else if (!strcmp (*args, "-rand")) {
-		    if (args[1]) {
-			args++;	
-			inrand = *args;
-		    } else badarg = 1;
-		} else if (!strcmp (*args, "-inkey")) {
-		    if (args[1]) {
-			args++;	
-			keyname = *args;
-		    } else badarg = 1;
-		} else if (!strcmp (*args, "-certfile")) {
-		    if (args[1]) {
-			args++;	
-			certfile = *args;
-		    } else badarg = 1;
-		} else if (!strcmp (*args, "-name")) {
-		    if (args[1]) {
-			args++;	
-			name = *args;
-		    } else badarg = 1;
-		} else if (!strcmp (*args, "-LMK"))
-			add_lmk = 1;
-		else if (!strcmp (*args, "-CSP")) {
-		    if (args[1]) {
-			args++;	
-			csp_name = *args;
-		    } else badarg = 1;
-		} else if (!strcmp (*args, "-caname")) {
-		    if (args[1]) {
-			args++;	
-			if (!canames) canames = sk_OPENSSL_STRING_new_null();
-			sk_OPENSSL_STRING_push(canames, *args);
-		    } else badarg = 1;
-		} else if (!strcmp (*args, "-in")) {
-		    if (args[1]) {
-			args++;	
-			infile = *args;
-		    } else badarg = 1;
-		} else if (!strcmp (*args, "-out")) {
-		    if (args[1]) {
-			args++;	
-			outfile = *args;
-		    } else badarg = 1;
-		} else if (!strcmp(*args,"-passin")) {
-		    if (args[1]) {
-			args++;	
-			passargin = *args;
-		    } else badarg = 1;
-		} else if (!strcmp(*args,"-passout")) {
-		    if (args[1]) {
-			args++;	
-			passargout = *args;
-		    } else badarg = 1;
-		} else if (!strcmp (*args, "-password")) {
-		    if (args[1]) {
-			args++;	
-			passarg = *args;
-		    	noprompt = 1;
-		    } else badarg = 1;
-		} else if (!strcmp(*args,"-CApath")) {
-		    if (args[1]) {
-			args++;	
-			CApath = *args;
-		    } else badarg = 1;
-		} else if (!strcmp(*args,"-CAfile")) {
-		    if (args[1]) {
-			args++;	
-			CAfile = *args;
-		    } else badarg = 1;
-#ifndef OPENSSL_NO_ENGINE
-		} else if (!strcmp(*args,"-engine")) {
-		    if (args[1]) {
-			args++;	
-			engine = *args;
-		    } else badarg = 1;
-#endif
-		} else badarg = 1;
-
-	} else badarg = 1;
-	args++;
-    }
-
-    if (badarg) {
-	BIO_printf (bio_err, "Usage: pkcs12 [options]\n");
-	BIO_printf (bio_err, "where options are\n");
-	BIO_printf (bio_err, "-export       output PKCS12 file\n");
-	BIO_printf (bio_err, "-chain        add certificate chain\n");
-	BIO_printf (bio_err, "-inkey file   private key if not infile\n");
-	BIO_printf (bio_err, "-certfile f   add all certs in f\n");
-	BIO_printf (bio_err, "-CApath arg   - PEM format directory of CA's\n");
-	BIO_printf (bio_err, "-CAfile arg   - PEM format file of CA's\n");
-	BIO_printf (bio_err, "-name \"name\"  use name as friendly name\n");
-	BIO_printf (bio_err, "-caname \"nm\"  use nm as CA friendly name (can be used more than once).\n");
-	BIO_printf (bio_err, "-in  infile   input filename\n");
-	BIO_printf (bio_err, "-out outfile  output filename\n");
-	BIO_printf (bio_err, "-noout        don't output anything, just verify.\n");
-	BIO_printf (bio_err, "-nomacver     don't verify MAC.\n");
-	BIO_printf (bio_err, "-nocerts      don't output certificates.\n");
-	BIO_printf (bio_err, "-clcerts      only output client certificates.\n");
-	BIO_printf (bio_err, "-cacerts      only output CA certificates.\n");
-	BIO_printf (bio_err, "-nokeys       don't output private keys.\n");
-	BIO_printf (bio_err, "-info         give info about PKCS#12 structure.\n");
-	BIO_printf (bio_err, "-des          encrypt private keys with DES\n");
-	BIO_printf (bio_err, "-des3         encrypt private keys with triple DES (default)\n");
-#ifndef OPENSSL_NO_IDEA
-	BIO_printf (bio_err, "-idea         encrypt private keys with idea\n");
-#endif
-#ifndef OPENSSL_NO_SEED
-	BIO_printf (bio_err, "-seed         encrypt private keys with seed\n");
-#endif
-#ifndef OPENSSL_NO_AES
-	BIO_printf (bio_err, "-aes128, -aes192, -aes256\n");
-	BIO_printf (bio_err, "              encrypt PEM output with cbc aes\n");
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-	BIO_printf (bio_err, "-camellia128, -camellia192, -camellia256\n");
-	BIO_printf (bio_err, "              encrypt PEM output with cbc camellia\n");
-#endif
-	BIO_printf (bio_err, "-nodes        don't encrypt private keys\n");
-	BIO_printf (bio_err, "-noiter       don't use encryption iteration\n");
-	BIO_printf (bio_err, "-nomaciter    don't use MAC iteration\n");
-	BIO_printf (bio_err, "-maciter      use MAC iteration\n");
-	BIO_printf (bio_err, "-nomac        don't generate MAC\n");
-	BIO_printf (bio_err, "-twopass      separate MAC, encryption passwords\n");
-	BIO_printf (bio_err, "-descert      encrypt PKCS#12 certificates with triple DES (default RC2-40)\n");
-	BIO_printf (bio_err, "-certpbe alg  specify certificate PBE algorithm (default RC2-40)\n");
-	BIO_printf (bio_err, "-keypbe alg   specify private key PBE algorithm (default 3DES)\n");
-	BIO_printf (bio_err, "-macalg alg   digest algorithm used in MAC (default SHA1)\n");
-	BIO_printf (bio_err, "-keyex        set MS key exchange type\n");
-	BIO_printf (bio_err, "-keysig       set MS key signature type\n");
-	BIO_printf (bio_err, "-password p   set import/export password source\n");
-	BIO_printf (bio_err, "-passin p     input file pass phrase source\n");
-	BIO_printf (bio_err, "-passout p    output file pass phrase source\n");
-#ifndef OPENSSL_NO_ENGINE
-	BIO_printf (bio_err, "-engine e     use engine e, possibly a hardware device.\n");
-#endif
-	BIO_printf(bio_err,  "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
-	BIO_printf(bio_err,  "              load the file (or the files in the directory) into\n");
-	BIO_printf(bio_err,  "              the random number generator\n");
-	BIO_printf(bio_err,  "-CSP name     Microsoft CSP name\n");
-	BIO_printf(bio_err,  "-LMK          Add local machine keyset attribute to private key\n");
-    	goto end;
-    }
-
-#ifndef OPENSSL_NO_ENGINE
-    e = setup_engine(bio_err, engine, 0);
-#endif
-
-    if(passarg) {
-	if(export_cert) passargout = passarg;
-	else passargin = passarg;
-    }
-
-    if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
-	BIO_printf(bio_err, "Error getting passwords\n");
-	goto end;
-    }
-
-    if(!cpass) {
-    	if(export_cert) cpass = passout;
-    	else cpass = passin;
-    }
-
-    if(cpass) {
-	mpass = cpass;
-	noprompt = 1;
-    } else {
-	cpass = pass;
-	mpass = macpass;
-    }
-
-    if(export_cert || inrand) {
-    	app_RAND_load_file(NULL, bio_err, (inrand != NULL));
-        if (inrand != NULL)
-		BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
-			app_RAND_load_files(inrand));
-    }
-    ERR_load_crypto_strings();
-
-#ifdef CRYPTO_MDEBUG
-    CRYPTO_push_info("read files");
-#endif
-
-    if (!infile) in = BIO_new_fp(stdin, BIO_NOCLOSE);
-    else in = BIO_new_file(infile, "rb");
-    if (!in) {
-	    BIO_printf(bio_err, "Error opening input file %s\n",
-						infile ? infile : "");
-	    perror (infile);
-	    goto end;
-   }
-
-#ifdef CRYPTO_MDEBUG
-    CRYPTO_pop_info();
-    CRYPTO_push_info("write files");
-#endif
-
-    if (!outfile) {
-	out = BIO_new_fp(stdout, BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-	{
-	    BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-	    out = BIO_push(tmpbio, out);
-	}
-#endif
-    } else out = BIO_new_file(outfile, "wb");
-    if (!out) {
-	BIO_printf(bio_err, "Error opening output file %s\n",
-						outfile ? outfile : "");
-	perror (outfile);
-	goto end;
-    }
-    if (twopass) {
-#ifdef CRYPTO_MDEBUG
-    CRYPTO_push_info("read MAC password");
-#endif
-	if(EVP_read_pw_string (macpass, sizeof macpass, "Enter MAC Password:", export_cert))
-	{
-    	    BIO_printf (bio_err, "Can't read Password\n");
-    	    goto end;
-       	}
-#ifdef CRYPTO_MDEBUG
-    CRYPTO_pop_info();
-#endif
-    }
-
-    if (export_cert) {
-	EVP_PKEY *key = NULL;
-	X509 *ucert = NULL, *x = NULL;
-	STACK_OF(X509) *certs=NULL;
-	const EVP_MD *macmd = NULL;
-	unsigned char *catmp = NULL;
-	int i;
-
-	if ((options & (NOCERTS|NOKEYS)) == (NOCERTS|NOKEYS))
-		{	
-		BIO_printf(bio_err, "Nothing to do!\n");
-		goto export_end;
-		}
-
-	if (options & NOCERTS)
-		chain = 0;
-
-#ifdef CRYPTO_MDEBUG
-	CRYPTO_push_info("process -export_cert");
-	CRYPTO_push_info("reading private key");
-#endif
-	if (!(options & NOKEYS))
-		{
-		key = load_key(bio_err, keyname ? keyname : infile,
-				FORMAT_PEM, 1, passin, e, "private key");
-		if (!key)
-			goto export_end;
-		}
-
-#ifdef CRYPTO_MDEBUG
-	CRYPTO_pop_info();
-	CRYPTO_push_info("reading certs from input");
-#endif
-
-	/* Load in all certs in input file */
-	if(!(options & NOCERTS))
-		{
-		certs = load_certs(bio_err, infile, FORMAT_PEM, NULL, e,
-							"certificates");
-		if (!certs)
-			goto export_end;
-
-		if (key)
-			{
-			/* Look for matching private key */
-			for(i = 0; i < sk_X509_num(certs); i++)
-				{
-				x = sk_X509_value(certs, i);
-				if(X509_check_private_key(x, key))
-					{
-					ucert = x;
-					/* Zero keyid and alias */
-					X509_keyid_set1(ucert, NULL, 0);
-					X509_alias_set1(ucert, NULL, 0);
-					/* Remove from list */
-					(void)sk_X509_delete(certs, i);
-					break;
-					}
-				}
-			if (!ucert)
-				{
-				BIO_printf(bio_err, "No certificate matches private key\n");
-				goto export_end;
-				}
-			}
-
-		}
-
-#ifdef CRYPTO_MDEBUG
-	CRYPTO_pop_info();
-	CRYPTO_push_info("reading certs from input 2");
-#endif
-
-	/* Add any more certificates asked for */
-	if(certfile)
-		{
-		STACK_OF(X509) *morecerts=NULL;
-		if(!(morecerts = load_certs(bio_err, certfile, FORMAT_PEM,
-					    NULL, e,
-					    "certificates from certfile")))
-			goto export_end;
-		while(sk_X509_num(morecerts) > 0)
-			sk_X509_push(certs, sk_X509_shift(morecerts));
-		sk_X509_free(morecerts);
- 		}
-
-#ifdef CRYPTO_MDEBUG
-	CRYPTO_pop_info();
-	CRYPTO_push_info("reading certs from certfile");
-#endif
-
-#ifdef CRYPTO_MDEBUG
-	CRYPTO_pop_info();
-	CRYPTO_push_info("building chain");
-#endif
-
-	/* If chaining get chain from user cert */
-	if (chain) {
-        	int vret;
-		STACK_OF(X509) *chain2;
-		X509_STORE *store = X509_STORE_new();
-		if (!store)
-			{
-			BIO_printf (bio_err, "Memory allocation error\n");
-			goto export_end;
-			}
-		if (!X509_STORE_load_locations(store, CAfile, CApath))
-			X509_STORE_set_default_paths (store);
-
-		vret = get_cert_chain (ucert, store, &chain2);
-		X509_STORE_free(store);
-
-		if (!vret) {
-		    /* Exclude verified certificate */
-		    for (i = 1; i < sk_X509_num (chain2) ; i++) 
-			sk_X509_push(certs, sk_X509_value (chain2, i));
-		    /* Free first certificate */
-		    X509_free(sk_X509_value(chain2, 0));
-		    sk_X509_free(chain2);
-		} else {
-			if (vret >= 0)
-				BIO_printf (bio_err, "Error %s getting chain.\n",
-					X509_verify_cert_error_string(vret));
-			else
-				ERR_print_errors(bio_err);
-			goto export_end;
-		}			
-    	}
-
-	/* Add any CA names */
-
-	for (i = 0; i < sk_OPENSSL_STRING_num(canames); i++)
-		{
-		catmp = (unsigned char *)sk_OPENSSL_STRING_value(canames, i);
-		X509_alias_set1(sk_X509_value(certs, i), catmp, -1);
-		}
-
-	if (csp_name && key)
-		EVP_PKEY_add1_attr_by_NID(key, NID_ms_csp_name,
-				MBSTRING_ASC, (unsigned char *)csp_name, -1);
-
-	if (add_lmk && key)
-		EVP_PKEY_add1_attr_by_NID(key, NID_LocalKeySet, 0, NULL, -1);
-
-#ifdef CRYPTO_MDEBUG
-	CRYPTO_pop_info();
-	CRYPTO_push_info("reading password");
-#endif
-
-	if(!noprompt &&
-		EVP_read_pw_string(pass, sizeof pass, "Enter Export Password:", 1))
-		{
-	    	BIO_printf (bio_err, "Can't read Password\n");
-	    	goto export_end;
-        	}
-	if (!twopass) BUF_strlcpy(macpass, pass, sizeof macpass);
-
-#ifdef CRYPTO_MDEBUG
-	CRYPTO_pop_info();
-	CRYPTO_push_info("creating PKCS#12 structure");
-#endif
-
-	p12 = PKCS12_create(cpass, name, key, ucert, certs,
-				key_pbe, cert_pbe, iter, -1, keytype);
-
-	if (!p12)
-		{
-	    	ERR_print_errors (bio_err);
-		goto export_end;
-		}
-
-	if (macalg)
-		{
-		macmd = EVP_get_digestbyname(macalg);
-		if (!macmd)
-			{
-			BIO_printf(bio_err, "Unknown digest algorithm %s\n", 
-						macalg);
-			}
-		}
-
-	if (maciter != -1)
-		PKCS12_set_mac(p12, mpass, -1, NULL, 0, maciter, macmd);
-
-#ifdef CRYPTO_MDEBUG
-	CRYPTO_pop_info();
-	CRYPTO_push_info("writing pkcs12");
-#endif
-
-	i2d_PKCS12_bio(out, p12);
-
-	ret = 0;
-
-    export_end:
-#ifdef CRYPTO_MDEBUG
-	CRYPTO_pop_info();
-	CRYPTO_pop_info();
-	CRYPTO_push_info("process -export_cert: freeing");
-#endif
-
-	if (key) EVP_PKEY_free(key);
-	if (certs) sk_X509_pop_free(certs, X509_free);
-	if (ucert) X509_free(ucert);
-
-#ifdef CRYPTO_MDEBUG
-	CRYPTO_pop_info();
-#endif
-	goto end;
-	
-    }
-
-    if (!(p12 = d2i_PKCS12_bio (in, NULL))) {
-	ERR_print_errors(bio_err);
-	goto end;
-    }
-
-#ifdef CRYPTO_MDEBUG
-    CRYPTO_push_info("read import password");
-#endif
-    if(!noprompt && EVP_read_pw_string(pass, sizeof pass, "Enter Import Password:", 0)) {
-	BIO_printf (bio_err, "Can't read Password\n");
-	goto end;
-    }
-#ifdef CRYPTO_MDEBUG
-    CRYPTO_pop_info();
-#endif
-
-    if (!twopass) BUF_strlcpy(macpass, pass, sizeof macpass);
-
-    if ((options & INFO) && p12->mac) BIO_printf (bio_err, "MAC Iteration %ld\n", p12->mac->iter ? ASN1_INTEGER_get (p12->mac->iter) : 1);
-    if(macver) {
-#ifdef CRYPTO_MDEBUG
-    CRYPTO_push_info("verify MAC");
-#endif
-	/* If we enter empty password try no password first */
-	if(!mpass[0] && PKCS12_verify_mac(p12, NULL, 0)) {
-		/* If mac and crypto pass the same set it to NULL too */
-		if(!twopass) cpass = NULL;
-	} else if (!PKCS12_verify_mac(p12, mpass, -1)) {
-	    BIO_printf (bio_err, "Mac verify error: invalid password?\n");
-	    ERR_print_errors (bio_err);
-	    goto end;
-	}
-	BIO_printf (bio_err, "MAC verified OK\n");
-#ifdef CRYPTO_MDEBUG
-    CRYPTO_pop_info();
-#endif
-    }
-
-#ifdef CRYPTO_MDEBUG
-    CRYPTO_push_info("output keys and certificates");
-#endif
-    if (!dump_certs_keys_p12 (out, p12, cpass, -1, options, passout)) {
-	BIO_printf(bio_err, "Error outputting keys and certificates\n");
-	ERR_print_errors (bio_err);
-	goto end;
-    }
-#ifdef CRYPTO_MDEBUG
-    CRYPTO_pop_info();
-#endif
-    ret = 0;
- end:
-    if (p12) PKCS12_free(p12);
-    if(export_cert || inrand) app_RAND_write_file(NULL, bio_err);
-#ifdef CRYPTO_MDEBUG
-    CRYPTO_remove_all_info();
-#endif
-    BIO_free(in);
-    BIO_free_all(out);
-    if (canames) sk_OPENSSL_STRING_free(canames);
-    if(passin) OPENSSL_free(passin);
-    if(passout) OPENSSL_free(passout);
-    apps_shutdown();
-    OPENSSL_EXIT(ret);
-}
-
-int dump_certs_keys_p12 (BIO *out, PKCS12 *p12, char *pass,
-	     int passlen, int options, char *pempass)
-{
-	STACK_OF(PKCS7) *asafes = NULL;
-	STACK_OF(PKCS12_SAFEBAG) *bags;
-	int i, bagnid;
-	int ret = 0;
-	PKCS7 *p7;
-
-	if (!( asafes = PKCS12_unpack_authsafes(p12))) return 0;
-	for (i = 0; i < sk_PKCS7_num (asafes); i++) {
-		p7 = sk_PKCS7_value (asafes, i);
-		bagnid = OBJ_obj2nid (p7->type);
-		if (bagnid == NID_pkcs7_data) {
-			bags = PKCS12_unpack_p7data(p7);
-			if (options & INFO) BIO_printf (bio_err, "PKCS7 Data\n");
-		} else if (bagnid == NID_pkcs7_encrypted) {
-			if (options & INFO) {
-				BIO_printf(bio_err, "PKCS7 Encrypted data: ");
-				alg_print(bio_err, 
-					p7->d.encrypted->enc_data->algorithm);
-			}
-			bags = PKCS12_unpack_p7encdata(p7, pass, passlen);
-		} else continue;
-		if (!bags) goto err;
-	    	if (!dump_certs_pkeys_bags (out, bags, pass, passlen, 
-						 options, pempass)) {
-			sk_PKCS12_SAFEBAG_pop_free (bags, PKCS12_SAFEBAG_free);
-			goto err;
-		}
-		sk_PKCS12_SAFEBAG_pop_free (bags, PKCS12_SAFEBAG_free);
-		bags = NULL;
-	}
-	ret = 1;
-
-	err:
-
-	if (asafes)
-		sk_PKCS7_pop_free (asafes, PKCS7_free);
-	return ret;
-}
-
-int dump_certs_pkeys_bags (BIO *out, STACK_OF(PKCS12_SAFEBAG) *bags,
-			   char *pass, int passlen, int options, char *pempass)
-{
-	int i;
-	for (i = 0; i < sk_PKCS12_SAFEBAG_num (bags); i++) {
-		if (!dump_certs_pkeys_bag (out,
-					   sk_PKCS12_SAFEBAG_value (bags, i),
-					   pass, passlen,
-					   options, pempass))
-		    return 0;
-	}
-	return 1;
-}
-
-int dump_certs_pkeys_bag (BIO *out, PKCS12_SAFEBAG *bag, char *pass,
-	     int passlen, int options, char *pempass)
-{
-	EVP_PKEY *pkey;
-	PKCS8_PRIV_KEY_INFO *p8;
-	X509 *x509;
-	
-	switch (M_PKCS12_bag_type(bag))
-	{
-	case NID_keyBag:
-		if (options & INFO) BIO_printf (bio_err, "Key bag\n");
-		if (options & NOKEYS) return 1;
-		print_attribs (out, bag->attrib, "Bag Attributes");
-		p8 = bag->value.keybag;
-		if (!(pkey = EVP_PKCS82PKEY (p8))) return 0;
-		print_attribs (out, p8->attributes, "Key Attributes");
-		PEM_write_bio_PrivateKey (out, pkey, enc, NULL, 0, NULL, pempass);
-		EVP_PKEY_free(pkey);
-	break;
-
-	case NID_pkcs8ShroudedKeyBag:
-		if (options & INFO) {
-			BIO_printf (bio_err, "Shrouded Keybag: ");
-			alg_print (bio_err, bag->value.shkeybag->algor);
-		}
-		if (options & NOKEYS) return 1;
-		print_attribs (out, bag->attrib, "Bag Attributes");
-		if (!(p8 = PKCS12_decrypt_skey(bag, pass, passlen)))
-				return 0;
-		if (!(pkey = EVP_PKCS82PKEY (p8))) {
-			PKCS8_PRIV_KEY_INFO_free(p8);
-			return 0;
-		}
-		print_attribs (out, p8->attributes, "Key Attributes");
-		PKCS8_PRIV_KEY_INFO_free(p8);
-		PEM_write_bio_PrivateKey (out, pkey, enc, NULL, 0, NULL, pempass);
-		EVP_PKEY_free(pkey);
-	break;
-
-	case NID_certBag:
-		if (options & INFO) BIO_printf (bio_err, "Certificate bag\n");
-		if (options & NOCERTS) return 1;
-                if (PKCS12_get_attr(bag, NID_localKeyID)) {
-			if (options & CACERTS) return 1;
-		} else if (options & CLCERTS) return 1;
-		print_attribs (out, bag->attrib, "Bag Attributes");
-		if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate )
-								 return 1;
-		if (!(x509 = PKCS12_certbag2x509(bag))) return 0;
-		dump_cert_text (out, x509);
-		PEM_write_bio_X509 (out, x509);
-		X509_free(x509);
-	break;
-
-	case NID_safeContentsBag:
-		if (options & INFO) BIO_printf (bio_err, "Safe Contents bag\n");
-		print_attribs (out, bag->attrib, "Bag Attributes");
-		return dump_certs_pkeys_bags (out, bag->value.safes, pass,
-							    passlen, options, pempass);
-					
-	default:
-		BIO_printf (bio_err, "Warning unsupported bag type: ");
-		i2a_ASN1_OBJECT (bio_err, bag->type);
-		BIO_printf (bio_err, "\n");
-		return 1;
-	break;
-	}
-	return 1;
-}
-
-/* Given a single certificate return a verified chain or NULL if error */
-
-/* Hope this is OK .... */
-
-int get_cert_chain (X509 *cert, X509_STORE *store, STACK_OF(X509) **chain)
-{
-	X509_STORE_CTX store_ctx;
-	STACK_OF(X509) *chn;
-	int i = 0;
-
-	/* FIXME: Should really check the return status of X509_STORE_CTX_init
-	 * for an error, but how that fits into the return value of this
-	 * function is less obvious. */
-	X509_STORE_CTX_init(&store_ctx, store, cert, NULL);
-	if (X509_verify_cert(&store_ctx) <= 0) {
-		i = X509_STORE_CTX_get_error (&store_ctx);
-		if (i == 0)
-			/* avoid returning 0 if X509_verify_cert() did not
-			 * set an appropriate error value in the context */
-			i = -1;
-		chn = NULL;
-		goto err;
-	} else
-		chn = X509_STORE_CTX_get1_chain(&store_ctx);
-err:
-	X509_STORE_CTX_cleanup(&store_ctx);
-	*chain = chn;
-	
-	return i;
-}	
-
-int alg_print (BIO *x, X509_ALGOR *alg)
-{
-	PBEPARAM *pbe;
-	const unsigned char *p;
-	p = alg->parameter->value.sequence->data;
-	pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence->length);
-	if (!pbe)
-		return 1;
-	BIO_printf (bio_err, "%s, Iteration %ld\n", 
-		OBJ_nid2ln(OBJ_obj2nid(alg->algorithm)),
-		ASN1_INTEGER_get(pbe->iter));
-	PBEPARAM_free (pbe);
-	return 1;
-}
-
-/* Load all certificates from a given file */
-
-int cert_load(BIO *in, STACK_OF(X509) *sk)
-{
-	int ret;
-	X509 *cert;
-	ret = 0;
-#ifdef CRYPTO_MDEBUG
-	CRYPTO_push_info("cert_load(): reading one cert");
-#endif
-	while((cert = PEM_read_bio_X509(in, NULL, NULL, NULL))) {
-#ifdef CRYPTO_MDEBUG
-		CRYPTO_pop_info();
-#endif
-		ret = 1;
-		sk_X509_push(sk, cert);
-#ifdef CRYPTO_MDEBUG
-		CRYPTO_push_info("cert_load(): reading one cert");
-#endif
-	}
-#ifdef CRYPTO_MDEBUG
-	CRYPTO_pop_info();
-#endif
-	if(ret) ERR_clear_error();
-	return ret;
-}
-
-/* Generalised attribute print: handle PKCS#8 and bag attributes */
-
-int print_attribs (BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst,const char *name)
-{
-	X509_ATTRIBUTE *attr;
-	ASN1_TYPE *av;
-	char *value;
-	int i, attr_nid;
-	if(!attrlst) {
-		BIO_printf(out, "%s: \n", name);
-		return 1;
-	}
-	if(!sk_X509_ATTRIBUTE_num(attrlst)) {
-		BIO_printf(out, "%s: \n", name);
-		return 1;
-	}
-	BIO_printf(out, "%s\n", name);
-	for(i = 0; i < sk_X509_ATTRIBUTE_num(attrlst); i++) {
-		attr = sk_X509_ATTRIBUTE_value(attrlst, i);
-		attr_nid = OBJ_obj2nid(attr->object);
-		BIO_printf(out, "    ");
-		if(attr_nid == NID_undef) {
-			i2a_ASN1_OBJECT (out, attr->object);
-			BIO_printf(out, ": ");
-		} else BIO_printf(out, "%s: ", OBJ_nid2ln(attr_nid));
-
-		if(sk_ASN1_TYPE_num(attr->value.set)) {
-			av = sk_ASN1_TYPE_value(attr->value.set, 0);
-			switch(av->type) {
-				case V_ASN1_BMPSTRING:
-        			value = OPENSSL_uni2asc(av->value.bmpstring->data,
-                                	       av->value.bmpstring->length);
-				BIO_printf(out, "%s\n", value);
-				OPENSSL_free(value);
-				break;
-
-				case V_ASN1_OCTET_STRING:
-				hex_prin(out, av->value.octet_string->data,
-					av->value.octet_string->length);
-				BIO_printf(out, "\n");	
-				break;
-
-				case V_ASN1_BIT_STRING:
-				hex_prin(out, av->value.bit_string->data,
-					av->value.bit_string->length);
-				BIO_printf(out, "\n");	
-				break;
-
-				default:
-					BIO_printf(out, "\n", av->type);
-				break;
-			}
-		} else BIO_printf(out, "\n");
-	}
-	return 1;
-}
-
-void hex_prin(BIO *out, unsigned char *buf, int len)
-{
-	int i;
-	for (i = 0; i < len; i++) BIO_printf (out, "%02X ", buf[i]);
-}
-
-static int set_pbe(BIO *err, int *ppbe, const char *str)
-	{
-	if (!str)
-		return 0;
-	if (!strcmp(str, "NONE"))
-		{
-		*ppbe = -1;
-		return 1;
-		}
-	*ppbe=OBJ_txt2nid(str);
-	if (*ppbe == NID_undef)
-		{
-		BIO_printf(bio_err, "Unknown PBE algorithm %s\n", str);
-		return 0;
-		}
-	return 1;
-	}
-			
-#endif
diff --git a/deps/openssl/openssl/apps/pkcs7.c b/deps/openssl/openssl/apps/pkcs7.c
deleted file mode 100644
index ae6cd33f738..00000000000
--- a/deps/openssl/openssl/apps/pkcs7.c
+++ /dev/null
@@ -1,320 +0,0 @@
-/* apps/pkcs7.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include 
-#include 
-#include 
-#include 
-#include "apps.h"
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-
-#undef PROG
-#define PROG	pkcs7_main
-
-/* -inform arg	- input format - default PEM (DER or PEM)
- * -outform arg - output format - default PEM
- * -in arg	- input file - default stdin
- * -out arg	- output file - default stdout
- * -print_certs
- */
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	PKCS7 *p7=NULL;
-	int i,badops=0;
-	BIO *in=NULL,*out=NULL;
-	int informat,outformat;
-	char *infile,*outfile,*prog;
-	int print_certs=0,text=0,noout=0,p7_print=0;
-	int ret=1;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	infile=NULL;
-	outfile=NULL;
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
-
-	prog=argv[0];
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-noout") == 0)
-			noout=1;
-		else if (strcmp(*argv,"-text") == 0)
-			text=1;
-		else if (strcmp(*argv,"-print") == 0)
-			p7_print=1;
-		else if (strcmp(*argv,"-print_certs") == 0)
-			print_certs=1;
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
-			}
-#endif
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options] outfile\n",prog);
-		BIO_printf(bio_err,"where options are\n");
-		BIO_printf(bio_err," -inform arg   input format - DER or PEM\n");
-		BIO_printf(bio_err," -outform arg  output format - DER or PEM\n");
-		BIO_printf(bio_err," -in arg       input file\n");
-		BIO_printf(bio_err," -out arg      output file\n");
-		BIO_printf(bio_err," -print_certs  print any certs or crl in the input\n");
-		BIO_printf(bio_err," -text         print full details of certificates\n");
-		BIO_printf(bio_err," -noout        don't output encoded data\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," -engine e     use engine e, possibly a hardware device.\n");
-#endif
-		ret = 1;
-		goto end;
-		}
-
-	ERR_load_crypto_strings();
-
-#ifndef OPENSSL_NO_ENGINE
-        setup_engine(bio_err, engine, 0);
-#endif
-
-	in=BIO_new(BIO_s_file());
-	out=BIO_new(BIO_s_file());
-	if ((in == NULL) || (out == NULL))
-		{
-		ERR_print_errors(bio_err);
-                goto end;
-                }
-
-	if (infile == NULL)
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(in,infile) <= 0)
-		if (in == NULL)
-			{
-			perror(infile);
-			goto end;
-			}
-		}
-
-	if	(informat == FORMAT_ASN1)
-		p7=d2i_PKCS7_bio(in,NULL);
-	else if (informat == FORMAT_PEM)
-		p7=PEM_read_bio_PKCS7(in,NULL,NULL,NULL);
-	else
-		{
-		BIO_printf(bio_err,"bad input format specified for pkcs7 object\n");
-		goto end;
-		}
-	if (p7 == NULL)
-		{
-		BIO_printf(bio_err,"unable to load PKCS7 object\n");
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
-			perror(outfile);
-			goto end;
-			}
-		}
-
-	if (p7_print)
-		PKCS7_print_ctx(out, p7, 0, NULL);
-
-	if (print_certs)
-		{
-		STACK_OF(X509) *certs=NULL;
-		STACK_OF(X509_CRL) *crls=NULL;
-
-		i=OBJ_obj2nid(p7->type);
-		switch (i)
-			{
-		case NID_pkcs7_signed:
-			certs=p7->d.sign->cert;
-			crls=p7->d.sign->crl;
-			break;
-		case NID_pkcs7_signedAndEnveloped:
-			certs=p7->d.signed_and_enveloped->cert;
-			crls=p7->d.signed_and_enveloped->crl;
-			break;
-		default:
-			break;
-			}
-
-		if (certs != NULL)
-			{
-			X509 *x;
-
-			for (i=0; i
-#include 
-#include "apps.h"
-#include 
-#include 
-#include 
-#include 
-
-#define PROG pkcs8_main
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	ENGINE *e = NULL;
-	char **args, *infile = NULL, *outfile = NULL;
-	char *passargin = NULL, *passargout = NULL;
-	BIO *in = NULL, *out = NULL;
-	int topk8 = 0;
-	int pbe_nid = -1;
-	const EVP_CIPHER *cipher = NULL;
-	int iter = PKCS12_DEFAULT_ITER;
-	int informat, outformat;
-	int p8_broken = PKCS8_OK;
-	int nocrypt = 0;
-	X509_SIG *p8 = NULL;
-	PKCS8_PRIV_KEY_INFO *p8inf = NULL;
-	EVP_PKEY *pkey=NULL;
-	char pass[50], *passin = NULL, *passout = NULL, *p8pass = NULL;
-	int badarg = 0;
-	int ret = 1;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-
-	if (bio_err == NULL) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
-
-	ERR_load_crypto_strings();
-	OpenSSL_add_all_algorithms();
-	args = argv + 1;
-	while (!badarg && *args && *args[0] == '-')
-		{
-		if (!strcmp(*args,"-v2"))
-			{
-			if (args[1])
-				{
-				args++;
-				cipher=EVP_get_cipherbyname(*args);
-				if (!cipher)
-					{
-					BIO_printf(bio_err,
-						 "Unknown cipher %s\n", *args);
-					badarg = 1;
-					}
-				}
-			else
-				badarg = 1;
-			}
-		else if (!strcmp(*args,"-v1"))
-			{
-			if (args[1])
-				{
-				args++;
-				pbe_nid=OBJ_txt2nid(*args);
-				if (pbe_nid == NID_undef)
-					{
-					BIO_printf(bio_err,
-						 "Unknown PBE algorithm %s\n", *args);
-					badarg = 1;
-					}
-				}
-			else
-				badarg = 1;
-			}
-		else if (!strcmp(*args,"-inform"))
-			{
-			if (args[1])
-				{
-				args++;
-				informat=str2fmt(*args);
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args,"-outform"))
-			{
-			if (args[1])
-				{
-				args++;
-				outformat=str2fmt(*args);
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp (*args, "-topk8"))
-			topk8 = 1;
-		else if (!strcmp (*args, "-noiter"))
-			iter = 1;
-		else if (!strcmp (*args, "-nocrypt"))
-			nocrypt = 1;
-		else if (!strcmp (*args, "-nooct"))
-			p8_broken = PKCS8_NO_OCTET;
-		else if (!strcmp (*args, "-nsdb"))
-			p8_broken = PKCS8_NS_DB;
-		else if (!strcmp (*args, "-embed"))
-			p8_broken = PKCS8_EMBEDDED_PARAM;
-		else if (!strcmp(*args,"-passin"))
-			{
-			if (!args[1]) goto bad;
-			passargin= *(++args);
-			}
-		else if (!strcmp(*args,"-passout"))
-			{
-			if (!args[1]) goto bad;
-			passargout= *(++args);
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*args,"-engine") == 0)
-			{
-			if (!args[1]) goto bad;
-			engine= *(++args);
-			}
-#endif
-		else if (!strcmp (*args, "-in"))
-			{
-			if (args[1])
-				{
-				args++;
-				infile = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp (*args, "-out"))
-			{
-			if (args[1])
-				{
-				args++;
-				outfile = *args;
-				}
-			else badarg = 1;
-			}
-		else badarg = 1;
-		args++;
-		}
-
-	if (badarg)
-		{
-		bad:
-		BIO_printf(bio_err, "Usage pkcs8 [options]\n");
-		BIO_printf(bio_err, "where options are\n");
-		BIO_printf(bio_err, "-in file        input file\n");
-		BIO_printf(bio_err, "-inform X       input format (DER or PEM)\n");
-		BIO_printf(bio_err, "-passin arg     input file pass phrase source\n");
-		BIO_printf(bio_err, "-outform X      output format (DER or PEM)\n");
-		BIO_printf(bio_err, "-out file       output file\n");
-		BIO_printf(bio_err, "-passout arg    output file pass phrase source\n");
-		BIO_printf(bio_err, "-topk8          output PKCS8 file\n");
-		BIO_printf(bio_err, "-nooct          use (nonstandard) no octet format\n");
-		BIO_printf(bio_err, "-embed          use (nonstandard) embedded DSA parameters format\n");
-		BIO_printf(bio_err, "-nsdb           use (nonstandard) DSA Netscape DB format\n");
-		BIO_printf(bio_err, "-noiter         use 1 as iteration count\n");
-		BIO_printf(bio_err, "-nocrypt        use or expect unencrypted private key\n");
-		BIO_printf(bio_err, "-v2 alg         use PKCS#5 v2.0 and cipher \"alg\"\n");
-		BIO_printf(bio_err, "-v1 obj         use PKCS#5 v1.5 and cipher \"alg\"\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," -engine e       use engine e, possibly a hardware device.\n");
-#endif
-		goto end;
-		}
-
-#ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
-#endif
-
-	if (!app_passwd(bio_err, passargin, passargout, &passin, &passout))
-		{
-		BIO_printf(bio_err, "Error getting passwords\n");
-		goto end;
-		}
-
-	if ((pbe_nid == -1) && !cipher)
-		pbe_nid = NID_pbeWithMD5AndDES_CBC;
-
-	if (infile)
-		{
-		if (!(in = BIO_new_file(infile, "rb")))
-			{
-			BIO_printf(bio_err,
-				 "Can't open input file %s\n", infile);
-			goto end;
-			}
-		}
-	else
-		in = BIO_new_fp (stdin, BIO_NOCLOSE);
-
-	if (outfile)
-		{
-		if (!(out = BIO_new_file (outfile, "wb")))
-			{
-			BIO_printf(bio_err,
-				 "Can't open output file %s\n", outfile);
-			goto end;
-			}
-		}
-	else
-		{
-		out = BIO_new_fp (stdout, BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-			{
-			BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-			out = BIO_push(tmpbio, out);
-			}
-#endif
-		}
-	if (topk8)
-		{
-		pkey = load_key(bio_err, infile, informat, 1,
-			passin, e, "key");
-		if (!pkey)
-			goto end;
-		if (!(p8inf = EVP_PKEY2PKCS8_broken(pkey, p8_broken)))
-			{
-			BIO_printf(bio_err, "Error converting key\n");
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		if (nocrypt)
-			{
-			if (outformat == FORMAT_PEM) 
-				PEM_write_bio_PKCS8_PRIV_KEY_INFO(out, p8inf);
-			else if (outformat == FORMAT_ASN1)
-				i2d_PKCS8_PRIV_KEY_INFO_bio(out, p8inf);
-			else
-				{
-				BIO_printf(bio_err, "Bad format specified for key\n");
-				goto end;
-				}
-			}
-		else
-			{
-			if (passout)
-				p8pass = passout;
-			else
-				{
-				p8pass = pass;
-				if (EVP_read_pw_string(pass, sizeof pass, "Enter Encryption Password:", 1))
-					goto end;
-				}
-			app_RAND_load_file(NULL, bio_err, 0);
-			if (!(p8 = PKCS8_encrypt(pbe_nid, cipher,
-					p8pass, strlen(p8pass),
-					NULL, 0, iter, p8inf)))
-				{
-				BIO_printf(bio_err, "Error encrypting key\n");
-				ERR_print_errors(bio_err);
-				goto end;
-				}
-			app_RAND_write_file(NULL, bio_err);
-			if (outformat == FORMAT_PEM) 
-				PEM_write_bio_PKCS8(out, p8);
-			else if (outformat == FORMAT_ASN1)
-				i2d_PKCS8_bio(out, p8);
-			else
-				{
-				BIO_printf(bio_err, "Bad format specified for key\n");
-				goto end;
-				}
-			}
-
-		ret = 0;
-		goto end;
-		}
-
-	if (nocrypt)
-		{
-		if (informat == FORMAT_PEM) 
-			p8inf = PEM_read_bio_PKCS8_PRIV_KEY_INFO(in,NULL,NULL, NULL);
-		else if (informat == FORMAT_ASN1)
-			p8inf = d2i_PKCS8_PRIV_KEY_INFO_bio(in, NULL);
-		else
-			{
-			BIO_printf(bio_err, "Bad format specified for key\n");
-			goto end;
-			}
-		}
-	else
-		{
-		if (informat == FORMAT_PEM) 
-			p8 = PEM_read_bio_PKCS8(in, NULL, NULL, NULL);
-		else if (informat == FORMAT_ASN1)
-			p8 = d2i_PKCS8_bio(in, NULL);
-		else
-			{
-			BIO_printf(bio_err, "Bad format specified for key\n");
-			goto end;
-			}
-
-		if (!p8)
-			{
-			BIO_printf (bio_err, "Error reading key\n");
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		if (passin)
-			p8pass = passin;
-		else
-			{
-			p8pass = pass;
-			EVP_read_pw_string(pass, sizeof pass, "Enter Password:", 0);
-			}
-		p8inf = PKCS8_decrypt(p8, p8pass, strlen(p8pass));
-		}
-
-	if (!p8inf)
-		{
-		BIO_printf(bio_err, "Error decrypting key\n");
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (!(pkey = EVP_PKCS82PKEY(p8inf)))
-		{
-		BIO_printf(bio_err, "Error converting key\n");
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-	
-	if (p8inf->broken)
-		{
-		BIO_printf(bio_err, "Warning: broken key encoding: ");
-		switch (p8inf->broken)
-			{
-			case PKCS8_NO_OCTET:
-			BIO_printf(bio_err, "No Octet String in PrivateKey\n");
-			break;
-
-			case PKCS8_EMBEDDED_PARAM:
-			BIO_printf(bio_err, "DSA parameters included in PrivateKey\n");
-			break;
-
-			case PKCS8_NS_DB:
-			BIO_printf(bio_err, "DSA public key include in PrivateKey\n");
-			break;
-
-			case PKCS8_NEG_PRIVKEY:
-			BIO_printf(bio_err, "DSA private key value is negative\n");
-			break;
-
-			default:
-			BIO_printf(bio_err, "Unknown broken type\n");
-			break;
-		}
-	}
-	
-	if (outformat == FORMAT_PEM) 
-		PEM_write_bio_PrivateKey(out, pkey, NULL, NULL, 0, NULL, passout);
-	else if (outformat == FORMAT_ASN1)
-		i2d_PrivateKey_bio(out, pkey);
-	else
-		{
-		BIO_printf(bio_err, "Bad format specified for key\n");
-			goto end;
-		}
-	ret = 0;
-
-	end:
-	X509_SIG_free(p8);
-	PKCS8_PRIV_KEY_INFO_free(p8inf);
-	EVP_PKEY_free(pkey);
-	BIO_free_all(out);
-	BIO_free(in);
-	if (passin)
-		OPENSSL_free(passin);
-	if (passout)
-		OPENSSL_free(passout);
-
-	return ret;
-	}
diff --git a/deps/openssl/openssl/apps/pkey.c b/deps/openssl/openssl/apps/pkey.c
deleted file mode 100644
index 17e6702fb17..00000000000
--- a/deps/openssl/openssl/apps/pkey.c
+++ /dev/null
@@ -1,284 +0,0 @@
-/* apps/pkey.c */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2006
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#include 
-#include 
-#include "apps.h"
-#include 
-#include 
-#include 
-
-#define PROG pkey_main
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	ENGINE *e = NULL;
-	char **args, *infile = NULL, *outfile = NULL;
-	char *passargin = NULL, *passargout = NULL;
-	BIO *in = NULL, *out = NULL;
-	const EVP_CIPHER *cipher = NULL;
-	int informat, outformat;
-	int pubin = 0, pubout = 0, pubtext = 0, text = 0, noout = 0;
-	EVP_PKEY *pkey=NULL;
-	char *passin = NULL, *passout = NULL;
-	int badarg = 0;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-	int ret = 1;
-
-	if (bio_err == NULL)
-		bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
-
-	ERR_load_crypto_strings();
-	OpenSSL_add_all_algorithms();
-	args = argv + 1;
-	while (!badarg && *args && *args[0] == '-')
-		{
-		if (!strcmp(*args,"-inform"))
-			{
-			if (args[1])
-				{
-				args++;
-				informat=str2fmt(*args);
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args,"-outform"))
-			{
-			if (args[1])
-				{
-				args++;
-				outformat=str2fmt(*args);
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args,"-passin"))
-			{
-			if (!args[1]) goto bad;
-			passargin= *(++args);
-			}
-		else if (!strcmp(*args,"-passout"))
-			{
-			if (!args[1]) goto bad;
-			passargout= *(++args);
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*args,"-engine") == 0)
-			{
-			if (!args[1]) goto bad;
-			engine= *(++args);
-			}
-#endif
-		else if (!strcmp (*args, "-in"))
-			{
-			if (args[1])
-				{
-				args++;
-				infile = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp (*args, "-out"))
-			{
-			if (args[1])
-				{
-				args++;
-				outfile = *args;
-				}
-			else badarg = 1;
-			}
-		else if (strcmp(*args,"-pubin") == 0)
-			{
-			pubin=1;
-			pubout=1;
-			pubtext=1;
-			}
-		else if (strcmp(*args,"-pubout") == 0)
-			pubout=1;
-		else if (strcmp(*args,"-text_pub") == 0)
-			{
-			pubtext=1;
-			text=1;
-			}
-		else if (strcmp(*args,"-text") == 0)
-			text=1;
-		else if (strcmp(*args,"-noout") == 0)
-			noout=1;
-		else
-			{
-			cipher = EVP_get_cipherbyname(*args + 1);
-			if (!cipher)
-				{
-				BIO_printf(bio_err, "Unknown cipher %s\n",
-								*args + 1);
-				badarg = 1;
-				}
-			}
-		args++;
-		}
-
-	if (badarg)
-		{
-		bad:
-		BIO_printf(bio_err, "Usage pkey [options]\n");
-		BIO_printf(bio_err, "where options are\n");
-		BIO_printf(bio_err, "-in file        input file\n");
-		BIO_printf(bio_err, "-inform X       input format (DER or PEM)\n");
-		BIO_printf(bio_err, "-passin arg     input file pass phrase source\n");
-		BIO_printf(bio_err, "-outform X      output format (DER or PEM)\n");
-		BIO_printf(bio_err, "-out file       output file\n");
-		BIO_printf(bio_err, "-passout arg    output file pass phrase source\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err, "-engine e       use engine e, possibly a hardware device.\n");
-#endif
-		return 1;
-		}
-
-#ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
-#endif
-
-	if (!app_passwd(bio_err, passargin, passargout, &passin, &passout))
-		{
-		BIO_printf(bio_err, "Error getting passwords\n");
-		goto end;
-		}
-
-	if (outfile)
-		{
-		if (!(out = BIO_new_file (outfile, "wb")))
-			{
-			BIO_printf(bio_err,
-				 "Can't open output file %s\n", outfile);
-			goto end;
-			}
-		}
-	else
-		{
-		out = BIO_new_fp (stdout, BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-			{
-			BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-			out = BIO_push(tmpbio, out);
-			}
-#endif
-		}
-
-	if (pubin)
-		pkey = load_pubkey(bio_err, infile, informat, 1,
-			passin, e, "Public Key");
-	else
-		pkey = load_key(bio_err, infile, informat, 1,
-			passin, e, "key");
-	if (!pkey)
-		goto end;
-
-	if (!noout)
-		{
-		if (outformat == FORMAT_PEM) 
-			{
-			if (pubout)
-				PEM_write_bio_PUBKEY(out,pkey);
-			else
-				PEM_write_bio_PrivateKey(out, pkey, cipher,
-							NULL, 0, NULL, passout);
-			}
-		else if (outformat == FORMAT_ASN1)
-			{
-			if (pubout)
-				i2d_PUBKEY_bio(out, pkey);
-			else
-				i2d_PrivateKey_bio(out, pkey);
-			}
-		else
-			{
-			BIO_printf(bio_err, "Bad format specified for key\n");
-			goto end;
-			}
-
-		}
-
-	if (text)
-		{
-		if (pubtext)
-			EVP_PKEY_print_public(out, pkey, 0, NULL);
-		else
-			EVP_PKEY_print_private(out, pkey, 0, NULL);
-		}
-
-	ret = 0;
-
-	end:
-	EVP_PKEY_free(pkey);
-	BIO_free_all(out);
-	BIO_free(in);
-	if (passin)
-		OPENSSL_free(passin);
-	if (passout)
-		OPENSSL_free(passout);
-
-	return ret;
-	}
diff --git a/deps/openssl/openssl/apps/pkeyparam.c b/deps/openssl/openssl/apps/pkeyparam.c
deleted file mode 100644
index 6f7a357a36c..00000000000
--- a/deps/openssl/openssl/apps/pkeyparam.c
+++ /dev/null
@@ -1,200 +0,0 @@
-/* apps/pkeyparam.c */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2006
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#include 
-#include 
-#include "apps.h"
-#include 
-#include 
-#include 
-
-#define PROG pkeyparam_main
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	char **args, *infile = NULL, *outfile = NULL;
-	BIO *in = NULL, *out = NULL;
-	int text = 0, noout = 0;
-	EVP_PKEY *pkey=NULL;
-	int badarg = 0;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-	int ret = 1;
-
-	if (bio_err == NULL)
-		bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	ERR_load_crypto_strings();
-	OpenSSL_add_all_algorithms();
-	args = argv + 1;
-	while (!badarg && *args && *args[0] == '-')
-		{
-		if (!strcmp (*args, "-in"))
-			{
-			if (args[1])
-				{
-				args++;
-				infile = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp (*args, "-out"))
-			{
-			if (args[1])
-				{
-				args++;
-				outfile = *args;
-				}
-			else badarg = 1;
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*args,"-engine") == 0)
-			{
-			if (!args[1]) goto bad;
-			engine= *(++args);
-			}
-#endif
-
-		else if (strcmp(*args,"-text") == 0)
-			text=1;
-		else if (strcmp(*args,"-noout") == 0)
-			noout=1;
-		args++;
-		}
-
-	if (badarg)
-		{
-#ifndef OPENSSL_NO_ENGINE
-		bad:
-#endif
-		BIO_printf(bio_err, "Usage pkeyparam [options]\n");
-		BIO_printf(bio_err, "where options are\n");
-		BIO_printf(bio_err, "-in file        input file\n");
-		BIO_printf(bio_err, "-out file       output file\n");
-		BIO_printf(bio_err, "-text           print parameters as text\n");
-		BIO_printf(bio_err, "-noout          don't output encoded parameters\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err, "-engine e       use engine e, possibly a hardware device.\n");
-#endif
-		return 1;
-		}
-
-#ifndef OPENSSL_NO_ENGINE
-        setup_engine(bio_err, engine, 0);
-#endif
-
-	if (infile)
-		{
-		if (!(in = BIO_new_file (infile, "r")))
-			{
-			BIO_printf(bio_err,
-				 "Can't open input file %s\n", infile);
-			goto end;
-			}
-		}
-	else
-		in = BIO_new_fp (stdin, BIO_NOCLOSE);
-
-	if (outfile)
-		{
-		if (!(out = BIO_new_file (outfile, "w")))
-			{
-			BIO_printf(bio_err,
-				 "Can't open output file %s\n", outfile);
-			goto end;
-			}
-		}
-	else
-		{
-		out = BIO_new_fp (stdout, BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-			{
-			BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-			out = BIO_push(tmpbio, out);
-			}
-#endif
-		}
-
-	pkey = PEM_read_bio_Parameters(in, NULL);
-	if (!pkey)
-		{
-		BIO_printf(bio_err, "Error reading parameters\n");
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (!noout)
-		PEM_write_bio_Parameters(out,pkey);
-
-	if (text)
-		EVP_PKEY_print_params(out, pkey, 0, NULL);
-
-	ret = 0;
-
-	end:
-	EVP_PKEY_free(pkey);
-	BIO_free_all(out);
-	BIO_free(in);
-
-	return ret;
-	}
diff --git a/deps/openssl/openssl/apps/pkeyutl.c b/deps/openssl/openssl/apps/pkeyutl.c
deleted file mode 100644
index 7eb3f5c544d..00000000000
--- a/deps/openssl/openssl/apps/pkeyutl.c
+++ /dev/null
@@ -1,570 +0,0 @@
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-#include "apps.h"
-#include 
-#include 
-#include 
-#include 
-
-#define KEY_PRIVKEY	1
-#define KEY_PUBKEY	2
-#define KEY_CERT	3
-
-static void usage(void);
-
-#undef PROG
-
-#define PROG pkeyutl_main
-
-static EVP_PKEY_CTX *init_ctx(int *pkeysize,
-				char *keyfile, int keyform, int key_type,
-				char *passargin, int pkey_op, ENGINE *e);
-
-static int setup_peer(BIO *err, EVP_PKEY_CTX *ctx, int peerform,
-							const char *file);
-
-static int do_keyop(EVP_PKEY_CTX *ctx, int pkey_op,
-		unsigned char *out, size_t *poutlen,
-		unsigned char *in, size_t inlen);
-
-int MAIN(int argc, char **);
-
-int MAIN(int argc, char **argv)
-{
-	BIO *in = NULL, *out = NULL;
-	char *infile = NULL, *outfile = NULL, *sigfile = NULL;
-	ENGINE *e = NULL;
-	int pkey_op = EVP_PKEY_OP_SIGN, key_type = KEY_PRIVKEY;
-	int keyform = FORMAT_PEM, peerform = FORMAT_PEM;
-	char badarg = 0, rev = 0;
-	char hexdump = 0, asn1parse = 0;
-	EVP_PKEY_CTX *ctx = NULL;
-	char *passargin = NULL;
-	int keysize = -1;
-
-	unsigned char *buf_in = NULL, *buf_out = NULL, *sig = NULL;
-	size_t buf_outlen;
-	int buf_inlen = 0, siglen = -1;
-
-	int ret = 1, rv = -1;
-
-	argc--;
-	argv++;
-
-	if(!bio_err) bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-	ERR_load_crypto_strings();
-	OpenSSL_add_all_algorithms();
-	
-	while(argc >= 1)
-		{
-		if (!strcmp(*argv,"-in"))
-			{
-			if (--argc < 1) badarg = 1;
-                        else infile= *(++argv);
-			}
-		else if (!strcmp(*argv,"-out"))
-			{
-			if (--argc < 1) badarg = 1;
-			else outfile= *(++argv);
-			}
-		else if (!strcmp(*argv,"-sigfile"))
-			{
-			if (--argc < 1) badarg = 1;
-			else sigfile= *(++argv);
-			}
-		else if(!strcmp(*argv, "-inkey"))
-			{
-			if (--argc < 1)
-				badarg = 1;
-			else
-				{
-				ctx = init_ctx(&keysize,
-						*(++argv), keyform, key_type,
-						passargin, pkey_op, e);
-				if (!ctx)
-					{
-					BIO_puts(bio_err,
-						"Error initializing context\n");
-					ERR_print_errors(bio_err);
-					badarg = 1;
-					}
-				}
-			}
-		else if (!strcmp(*argv,"-peerkey"))
-			{
-			if (--argc < 1)
-				badarg = 1;
-			else if (!setup_peer(bio_err, ctx, peerform, *(++argv)))
-				badarg = 1;
-			}
-		else if (!strcmp(*argv,"-passin"))
-			{
-			if (--argc < 1) badarg = 1;
-			else passargin= *(++argv);
-			}
-		else if (strcmp(*argv,"-peerform") == 0)
-			{
-			if (--argc < 1) badarg = 1;
-			else peerform=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-keyform") == 0)
-			{
-			if (--argc < 1) badarg = 1;
-			else keyform=str2fmt(*(++argv));
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if(!strcmp(*argv, "-engine"))
-			{
-			if (--argc < 1)
-				badarg = 1;
-			else
-				e = setup_engine(bio_err, *(++argv), 0);
-			}
-#endif
-		else if(!strcmp(*argv, "-pubin"))
-			key_type = KEY_PUBKEY;
-		else if(!strcmp(*argv, "-certin"))
-			key_type = KEY_CERT;
-		else if(!strcmp(*argv, "-asn1parse"))
-			asn1parse = 1;
-		else if(!strcmp(*argv, "-hexdump"))
-			hexdump = 1;
-		else if(!strcmp(*argv, "-sign"))
-			pkey_op = EVP_PKEY_OP_SIGN;
-		else if(!strcmp(*argv, "-verify"))
-			pkey_op = EVP_PKEY_OP_VERIFY;
-		else if(!strcmp(*argv, "-verifyrecover"))
-			pkey_op = EVP_PKEY_OP_VERIFYRECOVER;
-		else if(!strcmp(*argv, "-rev"))
-			rev = 1;
-		else if(!strcmp(*argv, "-encrypt"))
-			pkey_op = EVP_PKEY_OP_ENCRYPT;
-		else if(!strcmp(*argv, "-decrypt"))
-			pkey_op = EVP_PKEY_OP_DECRYPT;
-		else if(!strcmp(*argv, "-derive"))
-			pkey_op = EVP_PKEY_OP_DERIVE;
-		else if (strcmp(*argv,"-pkeyopt") == 0)
-			{
-			if (--argc < 1)
-				badarg = 1;
-			else if (!ctx)
-				{
-				BIO_puts(bio_err,
-					"-pkeyopt command before -inkey\n");
-				badarg = 1;
-				}
-			else if (pkey_ctrl_string(ctx, *(++argv)) <= 0)
-				{
-				BIO_puts(bio_err, "parameter setting error\n");
-				ERR_print_errors(bio_err);
-				goto end;
-				}
-			}
-		else badarg = 1;
-		if(badarg)
-			{
-			usage();
-			goto end;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (!ctx)
-		{
-		usage();
-		goto end;
-		}
-
-	if (sigfile && (pkey_op != EVP_PKEY_OP_VERIFY))
-		{
-		BIO_puts(bio_err, "Signature file specified for non verify\n");
-		goto end;
-		}
-
-	if (!sigfile && (pkey_op == EVP_PKEY_OP_VERIFY))
-		{
-		BIO_puts(bio_err, "No signature file specified for verify\n");
-		goto end;
-		}
-
-/* FIXME: seed PRNG only if needed */
-	app_RAND_load_file(NULL, bio_err, 0);
-
-	if (pkey_op != EVP_PKEY_OP_DERIVE)
-		{
-		if(infile)
-			{
-			if(!(in = BIO_new_file(infile, "rb")))
-				{
-				BIO_puts(bio_err,
-					"Error Opening Input File\n");
-				ERR_print_errors(bio_err);	
-				goto end;
-				}
-			}
-		else
-			in = BIO_new_fp(stdin, BIO_NOCLOSE);
-		}
-
-	if(outfile)
-		{
-		if(!(out = BIO_new_file(outfile, "wb")))
-			{
-			BIO_printf(bio_err, "Error Creating Output File\n");
-			ERR_print_errors(bio_err);	
-			goto end;
-			}
-		}
-	else
-		{
-		out = BIO_new_fp(stdout, BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		    BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		    out = BIO_push(tmpbio, out);
-		}
-#endif
-	}
-
-	if (sigfile)
-		{
-		BIO *sigbio = BIO_new_file(sigfile, "rb");
-		if (!sigbio)
-			{
-			BIO_printf(bio_err, "Can't open signature file %s\n",
-								sigfile);
-			goto end;
-			}
-		siglen = bio_to_mem(&sig, keysize * 10, sigbio);
-		BIO_free(sigbio);
-		if (siglen <= 0)
-			{
-			BIO_printf(bio_err, "Error reading signature data\n");
-			goto end;
-			}
-		}
-	
-	if (in)
-		{
-		/* Read the input data */
-		buf_inlen = bio_to_mem(&buf_in, keysize * 10, in);
-		if(buf_inlen <= 0)
-			{
-			BIO_printf(bio_err, "Error reading input Data\n");
-			exit(1);
-			}
-		if(rev)
-			{
-			size_t i;
-			unsigned char ctmp;
-			size_t l = (size_t)buf_inlen;
-			for(i = 0; i < l/2; i++)
-				{
-				ctmp = buf_in[i];
-				buf_in[i] = buf_in[l - 1 - i];
-				buf_in[l - 1 - i] = ctmp;
-				}
-			}
-		}
-
-	if(pkey_op == EVP_PKEY_OP_VERIFY)
-		{
-		rv  = EVP_PKEY_verify(ctx, sig, (size_t)siglen,
-				      buf_in, (size_t)buf_inlen);
-		if (rv == 0)
-			BIO_puts(out, "Signature Verification Failure\n");
-		else if (rv == 1)
-			BIO_puts(out, "Signature Verified Successfully\n");
-		if (rv >= 0)
-			goto end;
-		}
-	else
-		{	
-		rv = do_keyop(ctx, pkey_op, NULL, (size_t *)&buf_outlen,
-			      buf_in, (size_t)buf_inlen);
-		if (rv > 0)
-			{
-			buf_out = OPENSSL_malloc(buf_outlen);
-			if (!buf_out)
-				rv = -1;
-			else
-				rv = do_keyop(ctx, pkey_op,
-						buf_out, (size_t *)&buf_outlen,
-						buf_in, (size_t)buf_inlen);
-			}
-		}
-
-	if(rv <= 0)
-		{
-		BIO_printf(bio_err, "Public Key operation error\n");
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-	ret = 0;
-	if(asn1parse)
-		{
-		if(!ASN1_parse_dump(out, buf_out, buf_outlen, 1, -1))
-			ERR_print_errors(bio_err);
-		}
-	else if(hexdump)
-		BIO_dump(out, (char *)buf_out, buf_outlen);
-	else
-		BIO_write(out, buf_out, buf_outlen);
-
-	end:
-	if (ctx)
-		EVP_PKEY_CTX_free(ctx);
-	BIO_free(in);
-	BIO_free_all(out);
-	if (buf_in)
-		OPENSSL_free(buf_in);
-	if (buf_out)
-		OPENSSL_free(buf_out);
-	if (sig)
-		OPENSSL_free(sig);
-	return ret;
-}
-
-static void usage()
-{
-	BIO_printf(bio_err, "Usage: pkeyutl [options]\n");
-	BIO_printf(bio_err, "-in file        input file\n");
-	BIO_printf(bio_err, "-out file       output file\n");
-	BIO_printf(bio_err, "-sigfile file signature file (verify operation only)\n");
-	BIO_printf(bio_err, "-inkey file     input key\n");
-	BIO_printf(bio_err, "-keyform arg    private key format - default PEM\n");
-	BIO_printf(bio_err, "-pubin          input is a public key\n");
-	BIO_printf(bio_err, "-certin         input is a certificate carrying a public key\n");
-	BIO_printf(bio_err, "-pkeyopt X:Y    public key options\n");
-	BIO_printf(bio_err, "-sign           sign with private key\n");
-	BIO_printf(bio_err, "-verify         verify with public key\n");
-	BIO_printf(bio_err, "-verifyrecover  verify with public key, recover original data\n");
-	BIO_printf(bio_err, "-encrypt        encrypt with public key\n");
-	BIO_printf(bio_err, "-decrypt        decrypt with private key\n");
-	BIO_printf(bio_err, "-derive         derive shared secret\n");
-	BIO_printf(bio_err, "-hexdump        hex dump output\n");
-#ifndef OPENSSL_NO_ENGINE
-	BIO_printf(bio_err, "-engine e       use engine e, possibly a hardware device.\n");
-#endif
-	BIO_printf(bio_err, "-passin arg     pass phrase source\n");
-
-}
-
-static EVP_PKEY_CTX *init_ctx(int *pkeysize,
-				char *keyfile, int keyform, int key_type,
-				char *passargin, int pkey_op, ENGINE *e)
-	{
-	EVP_PKEY *pkey = NULL;
-	EVP_PKEY_CTX *ctx = NULL;
-	char *passin = NULL;
-	int rv = -1;
-	X509 *x;
-	if(((pkey_op == EVP_PKEY_OP_SIGN) || (pkey_op == EVP_PKEY_OP_DECRYPT) 
-		|| (pkey_op == EVP_PKEY_OP_DERIVE))
-		&& (key_type != KEY_PRIVKEY))
-		{
-		BIO_printf(bio_err, "A private key is needed for this operation\n");
-		goto end;
-		}
-	if(!app_passwd(bio_err, passargin, NULL, &passin, NULL))
-		{
-		BIO_printf(bio_err, "Error getting password\n");
-		goto end;
-		}
-	switch(key_type)
-		{
-		case KEY_PRIVKEY:
-		pkey = load_key(bio_err, keyfile, keyform, 0,
-			passin, e, "Private Key");
-		break;
-
-		case KEY_PUBKEY:
-		pkey = load_pubkey(bio_err, keyfile, keyform, 0,
-			NULL, e, "Public Key");
-		break;
-
-		case KEY_CERT:
-		x = load_cert(bio_err, keyfile, keyform,
-			NULL, e, "Certificate");
-		if(x)
-			{
-			pkey = X509_get_pubkey(x);
-			X509_free(x);
-			}
-		break;
-
-		}
-
-	*pkeysize = EVP_PKEY_size(pkey);
-
-	if (!pkey)
-		goto end;
-
-	ctx = EVP_PKEY_CTX_new(pkey, e);
-
-	EVP_PKEY_free(pkey);
-
-	if (!ctx)
-		goto end;
-
-	switch(pkey_op)
-		{
-		case EVP_PKEY_OP_SIGN:
-		rv = EVP_PKEY_sign_init(ctx);
-		break;
-
-		case EVP_PKEY_OP_VERIFY:
-		rv = EVP_PKEY_verify_init(ctx);
-		break;
-
-		case EVP_PKEY_OP_VERIFYRECOVER:
-		rv = EVP_PKEY_verify_recover_init(ctx);
-		break;
-
-		case EVP_PKEY_OP_ENCRYPT:
-		rv = EVP_PKEY_encrypt_init(ctx);
-		break;
-
-		case EVP_PKEY_OP_DECRYPT:
-		rv = EVP_PKEY_decrypt_init(ctx);
-		break;
-
-		case EVP_PKEY_OP_DERIVE:
-		rv = EVP_PKEY_derive_init(ctx);
-		break;
-		}
-
-	if (rv <= 0)
-		{
-		EVP_PKEY_CTX_free(ctx);
-		ctx = NULL;
-		}
-
-	end:
-
-	if (passin)
-		OPENSSL_free(passin);
-
-	return ctx;
-
-
-	}
-
-static int setup_peer(BIO *err, EVP_PKEY_CTX *ctx, int peerform,
-							const char *file)
-	{
-	EVP_PKEY *peer = NULL;
-	int ret;
-	if (!ctx)
-		{
-		BIO_puts(err, "-peerkey command before -inkey\n");
-		return 0;
-		}
-		
-	peer = load_pubkey(bio_err, file, peerform, 0, NULL, NULL, "Peer Key");
-
-	if (!peer)
-		{
-		BIO_printf(bio_err, "Error reading peer key %s\n", file);
-		ERR_print_errors(err);
-		return 0;
-		}
-
-	ret = EVP_PKEY_derive_set_peer(ctx, peer);
-
-	EVP_PKEY_free(peer);
-	if (ret <= 0)
-		ERR_print_errors(err);
-	return ret;
-	}
-
-static int do_keyop(EVP_PKEY_CTX *ctx, int pkey_op,
-		unsigned char *out, size_t *poutlen,
-		unsigned char *in, size_t inlen)
-	{
-	int rv = 0;
-	switch(pkey_op)
-		{
-		case EVP_PKEY_OP_VERIFYRECOVER:
-		rv  = EVP_PKEY_verify_recover(ctx, out, poutlen, in, inlen);
-		break;
-
-		case EVP_PKEY_OP_SIGN:
-		rv  = EVP_PKEY_sign(ctx, out, poutlen, in, inlen);
-		break;
-
-		case EVP_PKEY_OP_ENCRYPT:
-		rv  = EVP_PKEY_encrypt(ctx, out, poutlen, in, inlen);
-		break;
-
-		case EVP_PKEY_OP_DECRYPT:
-		rv  = EVP_PKEY_decrypt(ctx, out, poutlen, in, inlen);
-		break; 
-
-		case EVP_PKEY_OP_DERIVE:
-		rv  = EVP_PKEY_derive(ctx, out, poutlen);
-		break;
-
-		}
-	return rv;
-	}
diff --git a/deps/openssl/openssl/apps/prime.c b/deps/openssl/openssl/apps/prime.c
deleted file mode 100644
index f1aaef8725e..00000000000
--- a/deps/openssl/openssl/apps/prime.c
+++ /dev/null
@@ -1,160 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#include 
-
-#include "apps.h"
-#include 
-
-
-#undef PROG
-#define PROG prime_main
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-    {
-    int hex=0;
-    int checks=20;
-    int generate=0;
-    int bits=0;
-    int safe=0;
-    BIGNUM *bn=NULL;
-    BIO *bio_out;
-
-    apps_startup();
-
-    if (bio_err == NULL)
-	if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-	    BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-    --argc;
-    ++argv;
-    while (argc >= 1 && **argv == '-')
-	{
-	if(!strcmp(*argv,"-hex"))
-	    hex=1;
-	else if(!strcmp(*argv,"-generate"))
-	    generate=1;
-	else if(!strcmp(*argv,"-bits"))
-	    if(--argc < 1)
-		goto bad;
-	    else
-		bits=atoi(*++argv);
-	else if(!strcmp(*argv,"-safe"))
-	    safe=1;
-	else if(!strcmp(*argv,"-checks"))
-	    if(--argc < 1)
-		goto bad;
-	    else
-		checks=atoi(*++argv);
-	else
-	    {
-	    BIO_printf(bio_err,"Unknown option '%s'\n",*argv);
-	    goto bad;
-	    }
-	--argc;
-	++argv;
-	}
-
-    if (argv[0] == NULL && !generate)
-	{
-	BIO_printf(bio_err,"No prime specified\n");
-	goto bad;
-	}
-
-    if ((bio_out=BIO_new(BIO_s_file())) != NULL)
-	{
-	BIO_set_fp(bio_out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-	    {
-	    BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-	    bio_out = BIO_push(tmpbio, bio_out);
-	    }
-#endif
-	}
-
-    if(generate)
-	{
-	char *s;
-
-	if(!bits)
-	    {
-	    BIO_printf(bio_err,"Specifiy the number of bits.\n");
-	    return 1;
-	    }
-	bn=BN_new();
-	BN_generate_prime_ex(bn,bits,safe,NULL,NULL,NULL);
-	s=hex ? BN_bn2hex(bn) : BN_bn2dec(bn);
-	BIO_printf(bio_out,"%s\n",s);
-	OPENSSL_free(s);
-	}
-    else
-	{
-	if(hex)
-	    BN_hex2bn(&bn,argv[0]);
-	else
-	    BN_dec2bn(&bn,argv[0]);
-
-	BN_print(bio_out,bn);
-	BIO_printf(bio_out," is %sprime\n",
-		   BN_is_prime_ex(bn,checks,NULL,NULL) ? "" : "not ");
-	}
-
-    BN_free(bn);
-    BIO_free_all(bio_out);
-
-    return 0;
-
-    bad:
-    BIO_printf(bio_err,"options are\n");
-    BIO_printf(bio_err,"%-14s hex\n","-hex");
-    BIO_printf(bio_err,"%-14s number of checks\n","-checks ");
-    return 1;
-    }
diff --git a/deps/openssl/openssl/apps/privkey.pem b/deps/openssl/openssl/apps/privkey.pem
deleted file mode 100644
index 0af46474a7e..00000000000
--- a/deps/openssl/openssl/apps/privkey.pem
+++ /dev/null
@@ -1,18 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,BA26229A1653B7FF
-
-6nhWG8PKhTPO/s3ZvjUa6226NlKdvPDZFsNXOOoSUs9ejxpb/aj5huhs6qRYzsz9
-Year47uaAZYhGD0vAagnNiBnYmjWEpN9G/wQxG7pgZThK1ZxDi63qn8aQ8UjuGHo
-F6RpnnBQIAnWTWqr/Qsybtc5EoNkrj/Cpx0OfbSr6gZsFBCxwX1R1hT3/mhJ45f3
-XMofY32Vdfx9/vtw1O7HmlHXQnXaqnbd9/nn1EpvFJG9+UjPoW7gV4jCOLuR4deE
-jS8hm+cpkwXmFtk3VGjT9tQXPpMv3JpYfBqgGQoMAJ5Toq0DWcHi6Wg08PsD8lgy
-vmTioPsRg+JGkJkJ8GnusgLpQdlQJbjzd7wGE6ElUFLfOxLo8bLlRHoriHNdWYhh
-JjY0LyeTkovcmWxVjImc6ZyBz5Ly4t0BYf1gq3OkjsV91Q1taBxnhiavfizqMCAf
-PPB3sLQnlXG77TOXkNxpqbZfEYrVZW2Nsqqdn8s07Uj4IMONZyq2odYKWFPMJBiM
-POYwXjMAOcmFMTHYsVlhcUJuV6LOuipw/FEbTtPH/MYMxLe4zx65dYo1rb4iLKLS
-gMtB0o/Wl4Xno3ZXh1ucicYnV2J7NpVcjVq+3SFiCRu2SrSkZHZ23EPS13Ec6fcz
-8X/YGA2vTJ8MAOozAzQUwHQYvLk7bIoQVekqDq4p0AZQbhdspHpArCk0Ifqqzg/v
-Uyky/zZiQYanzDenTSRVI/8wac3olxpU8QvbySxYqmbkgq6bTpXJfYFQfnAttEsC
-dA4S5UFgyOPZluxCAM4yaJF3Ft6neutNwftuJQMbgCUi9vYg2tGdSw==
------END RSA PRIVATE KEY-----
diff --git a/deps/openssl/openssl/apps/progs.h b/deps/openssl/openssl/apps/progs.h
deleted file mode 100644
index 728bb6dd8c1..00000000000
--- a/deps/openssl/openssl/apps/progs.h
+++ /dev/null
@@ -1,364 +0,0 @@
-/* apps/progs.h */
-/* automatically generated by progs.pl for openssl.c */
-
-extern int verify_main(int argc,char *argv[]);
-extern int asn1parse_main(int argc,char *argv[]);
-extern int req_main(int argc,char *argv[]);
-extern int dgst_main(int argc,char *argv[]);
-extern int dh_main(int argc,char *argv[]);
-extern int dhparam_main(int argc,char *argv[]);
-extern int enc_main(int argc,char *argv[]);
-extern int passwd_main(int argc,char *argv[]);
-extern int gendh_main(int argc,char *argv[]);
-extern int errstr_main(int argc,char *argv[]);
-extern int ca_main(int argc,char *argv[]);
-extern int crl_main(int argc,char *argv[]);
-extern int rsa_main(int argc,char *argv[]);
-extern int rsautl_main(int argc,char *argv[]);
-extern int dsa_main(int argc,char *argv[]);
-extern int dsaparam_main(int argc,char *argv[]);
-extern int ec_main(int argc,char *argv[]);
-extern int ecparam_main(int argc,char *argv[]);
-extern int x509_main(int argc,char *argv[]);
-extern int genrsa_main(int argc,char *argv[]);
-extern int gendsa_main(int argc,char *argv[]);
-extern int genpkey_main(int argc,char *argv[]);
-extern int s_server_main(int argc,char *argv[]);
-extern int s_client_main(int argc,char *argv[]);
-extern int speed_main(int argc,char *argv[]);
-extern int s_time_main(int argc,char *argv[]);
-extern int version_main(int argc,char *argv[]);
-extern int pkcs7_main(int argc,char *argv[]);
-extern int cms_main(int argc,char *argv[]);
-extern int crl2pkcs7_main(int argc,char *argv[]);
-extern int sess_id_main(int argc,char *argv[]);
-extern int ciphers_main(int argc,char *argv[]);
-extern int nseq_main(int argc,char *argv[]);
-extern int pkcs12_main(int argc,char *argv[]);
-extern int pkcs8_main(int argc,char *argv[]);
-extern int pkey_main(int argc,char *argv[]);
-extern int pkeyparam_main(int argc,char *argv[]);
-extern int pkeyutl_main(int argc,char *argv[]);
-extern int spkac_main(int argc,char *argv[]);
-extern int smime_main(int argc,char *argv[]);
-extern int rand_main(int argc,char *argv[]);
-extern int engine_main(int argc,char *argv[]);
-extern int ocsp_main(int argc,char *argv[]);
-extern int prime_main(int argc,char *argv[]);
-extern int ts_main(int argc,char *argv[]);
-
-#define FUNC_TYPE_GENERAL	1
-#define FUNC_TYPE_MD		2
-#define FUNC_TYPE_CIPHER	3
-#define FUNC_TYPE_PKEY		4
-#define FUNC_TYPE_MD_ALG	5
-#define FUNC_TYPE_CIPHER_ALG	6
-
-typedef struct {
-	int type;
-	const char *name;
-	int (*func)(int argc,char *argv[]);
-	} FUNCTION;
-DECLARE_LHASH_OF(FUNCTION);
-
-FUNCTION functions[] = {
-	{FUNC_TYPE_GENERAL,"verify",verify_main},
-	{FUNC_TYPE_GENERAL,"asn1parse",asn1parse_main},
-	{FUNC_TYPE_GENERAL,"req",req_main},
-	{FUNC_TYPE_GENERAL,"dgst",dgst_main},
-#ifndef OPENSSL_NO_DH
-	{FUNC_TYPE_GENERAL,"dh",dh_main},
-#endif
-#ifndef OPENSSL_NO_DH
-	{FUNC_TYPE_GENERAL,"dhparam",dhparam_main},
-#endif
-	{FUNC_TYPE_GENERAL,"enc",enc_main},
-	{FUNC_TYPE_GENERAL,"passwd",passwd_main},
-#ifndef OPENSSL_NO_DH
-	{FUNC_TYPE_GENERAL,"gendh",gendh_main},
-#endif
-	{FUNC_TYPE_GENERAL,"errstr",errstr_main},
-	{FUNC_TYPE_GENERAL,"ca",ca_main},
-	{FUNC_TYPE_GENERAL,"crl",crl_main},
-#ifndef OPENSSL_NO_RSA
-	{FUNC_TYPE_GENERAL,"rsa",rsa_main},
-#endif
-#ifndef OPENSSL_NO_RSA
-	{FUNC_TYPE_GENERAL,"rsautl",rsautl_main},
-#endif
-#ifndef OPENSSL_NO_DSA
-	{FUNC_TYPE_GENERAL,"dsa",dsa_main},
-#endif
-#ifndef OPENSSL_NO_DSA
-	{FUNC_TYPE_GENERAL,"dsaparam",dsaparam_main},
-#endif
-#ifndef OPENSSL_NO_EC
-	{FUNC_TYPE_GENERAL,"ec",ec_main},
-#endif
-#ifndef OPENSSL_NO_EC
-	{FUNC_TYPE_GENERAL,"ecparam",ecparam_main},
-#endif
-	{FUNC_TYPE_GENERAL,"x509",x509_main},
-#ifndef OPENSSL_NO_RSA
-	{FUNC_TYPE_GENERAL,"genrsa",genrsa_main},
-#endif
-#ifndef OPENSSL_NO_DSA
-	{FUNC_TYPE_GENERAL,"gendsa",gendsa_main},
-#endif
-	{FUNC_TYPE_GENERAL,"genpkey",genpkey_main},
-#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))
-	{FUNC_TYPE_GENERAL,"s_server",s_server_main},
-#endif
-#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))
-	{FUNC_TYPE_GENERAL,"s_client",s_client_main},
-#endif
-#ifndef OPENSSL_NO_SPEED
-	{FUNC_TYPE_GENERAL,"speed",speed_main},
-#endif
-#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))
-	{FUNC_TYPE_GENERAL,"s_time",s_time_main},
-#endif
-	{FUNC_TYPE_GENERAL,"version",version_main},
-	{FUNC_TYPE_GENERAL,"pkcs7",pkcs7_main},
-#ifndef OPENSSL_NO_CMS
-	{FUNC_TYPE_GENERAL,"cms",cms_main},
-#endif
-	{FUNC_TYPE_GENERAL,"crl2pkcs7",crl2pkcs7_main},
-	{FUNC_TYPE_GENERAL,"sess_id",sess_id_main},
-#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))
-	{FUNC_TYPE_GENERAL,"ciphers",ciphers_main},
-#endif
-	{FUNC_TYPE_GENERAL,"nseq",nseq_main},
-#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1)
-	{FUNC_TYPE_GENERAL,"pkcs12",pkcs12_main},
-#endif
-	{FUNC_TYPE_GENERAL,"pkcs8",pkcs8_main},
-	{FUNC_TYPE_GENERAL,"pkey",pkey_main},
-	{FUNC_TYPE_GENERAL,"pkeyparam",pkeyparam_main},
-	{FUNC_TYPE_GENERAL,"pkeyutl",pkeyutl_main},
-	{FUNC_TYPE_GENERAL,"spkac",spkac_main},
-	{FUNC_TYPE_GENERAL,"smime",smime_main},
-	{FUNC_TYPE_GENERAL,"rand",rand_main},
-#ifndef OPENSSL_NO_ENGINE
-	{FUNC_TYPE_GENERAL,"engine",engine_main},
-#endif
-#ifndef OPENSSL_NO_OCSP
-	{FUNC_TYPE_GENERAL,"ocsp",ocsp_main},
-#endif
-	{FUNC_TYPE_GENERAL,"prime",prime_main},
-#if 0 /* ANDROID */
-	{FUNC_TYPE_GENERAL,"ts",ts_main},
-#endif
-#ifndef OPENSSL_NO_MD2
-	{FUNC_TYPE_MD,"md2",dgst_main},
-#endif
-#ifndef OPENSSL_NO_MD4
-	{FUNC_TYPE_MD,"md4",dgst_main},
-#endif
-#ifndef OPENSSL_NO_MD5
-	{FUNC_TYPE_MD,"md5",dgst_main},
-#endif
-#ifndef OPENSSL_NO_SHA
-	{FUNC_TYPE_MD,"sha",dgst_main},
-#endif
-#ifndef OPENSSL_NO_SHA1
-	{FUNC_TYPE_MD,"sha1",dgst_main},
-#endif
-#ifndef OPENSSL_NO_MDC2
-	{FUNC_TYPE_MD,"mdc2",dgst_main},
-#endif
-#ifndef OPENSSL_NO_RMD160
-	{FUNC_TYPE_MD,"rmd160",dgst_main},
-#endif
-#ifndef OPENSSL_NO_AES
-	{FUNC_TYPE_CIPHER,"aes-128-cbc",enc_main},
-#endif
-#ifndef OPENSSL_NO_AES
-	{FUNC_TYPE_CIPHER,"aes-128-ecb",enc_main},
-#endif
-#ifndef OPENSSL_NO_AES
-	{FUNC_TYPE_CIPHER,"aes-192-cbc",enc_main},
-#endif
-#ifndef OPENSSL_NO_AES
-	{FUNC_TYPE_CIPHER,"aes-192-ecb",enc_main},
-#endif
-#ifndef OPENSSL_NO_AES
-	{FUNC_TYPE_CIPHER,"aes-256-cbc",enc_main},
-#endif
-#ifndef OPENSSL_NO_AES
-	{FUNC_TYPE_CIPHER,"aes-256-ecb",enc_main},
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-	{FUNC_TYPE_CIPHER,"camellia-128-cbc",enc_main},
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-	{FUNC_TYPE_CIPHER,"camellia-128-ecb",enc_main},
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-	{FUNC_TYPE_CIPHER,"camellia-192-cbc",enc_main},
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-	{FUNC_TYPE_CIPHER,"camellia-192-ecb",enc_main},
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-	{FUNC_TYPE_CIPHER,"camellia-256-cbc",enc_main},
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-	{FUNC_TYPE_CIPHER,"camellia-256-ecb",enc_main},
-#endif
-	{FUNC_TYPE_CIPHER,"base64",enc_main},
-#ifdef ZLIB
-	{FUNC_TYPE_CIPHER,"zlib",enc_main},
-#endif
-#ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des",enc_main},
-#endif
-#ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des3",enc_main},
-#endif
-#ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"desx",enc_main},
-#endif
-#ifndef OPENSSL_NO_IDEA
-	{FUNC_TYPE_CIPHER,"idea",enc_main},
-#endif
-#ifndef OPENSSL_NO_SEED
-	{FUNC_TYPE_CIPHER,"seed",enc_main},
-#endif
-#ifndef OPENSSL_NO_RC4
-	{FUNC_TYPE_CIPHER,"rc4",enc_main},
-#endif
-#ifndef OPENSSL_NO_RC4
-	{FUNC_TYPE_CIPHER,"rc4-40",enc_main},
-#endif
-#ifndef OPENSSL_NO_RC2
-	{FUNC_TYPE_CIPHER,"rc2",enc_main},
-#endif
-#ifndef OPENSSL_NO_BF
-	{FUNC_TYPE_CIPHER,"bf",enc_main},
-#endif
-#ifndef OPENSSL_NO_CAST
-	{FUNC_TYPE_CIPHER,"cast",enc_main},
-#endif
-#ifndef OPENSSL_NO_RC5
-	{FUNC_TYPE_CIPHER,"rc5",enc_main},
-#endif
-#ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des-ecb",enc_main},
-#endif
-#ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des-ede",enc_main},
-#endif
-#ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des-ede3",enc_main},
-#endif
-#ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des-cbc",enc_main},
-#endif
-#ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des-ede-cbc",enc_main},
-#endif
-#ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des-ede3-cbc",enc_main},
-#endif
-#ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des-cfb",enc_main},
-#endif
-#ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des-ede-cfb",enc_main},
-#endif
-#ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des-ede3-cfb",enc_main},
-#endif
-#ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des-ofb",enc_main},
-#endif
-#ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des-ede-ofb",enc_main},
-#endif
-#ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des-ede3-ofb",enc_main},
-#endif
-#ifndef OPENSSL_NO_IDEA
-	{FUNC_TYPE_CIPHER,"idea-cbc",enc_main},
-#endif
-#ifndef OPENSSL_NO_IDEA
-	{FUNC_TYPE_CIPHER,"idea-ecb",enc_main},
-#endif
-#ifndef OPENSSL_NO_IDEA
-	{FUNC_TYPE_CIPHER,"idea-cfb",enc_main},
-#endif
-#ifndef OPENSSL_NO_IDEA
-	{FUNC_TYPE_CIPHER,"idea-ofb",enc_main},
-#endif
-#ifndef OPENSSL_NO_SEED
-	{FUNC_TYPE_CIPHER,"seed-cbc",enc_main},
-#endif
-#ifndef OPENSSL_NO_SEED
-	{FUNC_TYPE_CIPHER,"seed-ecb",enc_main},
-#endif
-#ifndef OPENSSL_NO_SEED
-	{FUNC_TYPE_CIPHER,"seed-cfb",enc_main},
-#endif
-#ifndef OPENSSL_NO_SEED
-	{FUNC_TYPE_CIPHER,"seed-ofb",enc_main},
-#endif
-#ifndef OPENSSL_NO_RC2
-	{FUNC_TYPE_CIPHER,"rc2-cbc",enc_main},
-#endif
-#ifndef OPENSSL_NO_RC2
-	{FUNC_TYPE_CIPHER,"rc2-ecb",enc_main},
-#endif
-#ifndef OPENSSL_NO_RC2
-	{FUNC_TYPE_CIPHER,"rc2-cfb",enc_main},
-#endif
-#ifndef OPENSSL_NO_RC2
-	{FUNC_TYPE_CIPHER,"rc2-ofb",enc_main},
-#endif
-#ifndef OPENSSL_NO_RC2
-	{FUNC_TYPE_CIPHER,"rc2-64-cbc",enc_main},
-#endif
-#ifndef OPENSSL_NO_RC2
-	{FUNC_TYPE_CIPHER,"rc2-40-cbc",enc_main},
-#endif
-#ifndef OPENSSL_NO_BF
-	{FUNC_TYPE_CIPHER,"bf-cbc",enc_main},
-#endif
-#ifndef OPENSSL_NO_BF
-	{FUNC_TYPE_CIPHER,"bf-ecb",enc_main},
-#endif
-#ifndef OPENSSL_NO_BF
-	{FUNC_TYPE_CIPHER,"bf-cfb",enc_main},
-#endif
-#ifndef OPENSSL_NO_BF
-	{FUNC_TYPE_CIPHER,"bf-ofb",enc_main},
-#endif
-#ifndef OPENSSL_NO_CAST
-	{FUNC_TYPE_CIPHER,"cast5-cbc",enc_main},
-#endif
-#ifndef OPENSSL_NO_CAST
-	{FUNC_TYPE_CIPHER,"cast5-ecb",enc_main},
-#endif
-#ifndef OPENSSL_NO_CAST
-	{FUNC_TYPE_CIPHER,"cast5-cfb",enc_main},
-#endif
-#ifndef OPENSSL_NO_CAST
-	{FUNC_TYPE_CIPHER,"cast5-ofb",enc_main},
-#endif
-#ifndef OPENSSL_NO_CAST
-	{FUNC_TYPE_CIPHER,"cast-cbc",enc_main},
-#endif
-#ifndef OPENSSL_NO_RC5
-	{FUNC_TYPE_CIPHER,"rc5-cbc",enc_main},
-#endif
-#ifndef OPENSSL_NO_RC5
-	{FUNC_TYPE_CIPHER,"rc5-ecb",enc_main},
-#endif
-#ifndef OPENSSL_NO_RC5
-	{FUNC_TYPE_CIPHER,"rc5-cfb",enc_main},
-#endif
-#ifndef OPENSSL_NO_RC5
-	{FUNC_TYPE_CIPHER,"rc5-ofb",enc_main},
-#endif
-	{0,NULL,NULL}
-	};
diff --git a/deps/openssl/openssl/apps/progs.pl b/deps/openssl/openssl/apps/progs.pl
deleted file mode 100644
index de6fdeabbd6..00000000000
--- a/deps/openssl/openssl/apps/progs.pl
+++ /dev/null
@@ -1,102 +0,0 @@
-#!/usr/local/bin/perl
-
-print "/* apps/progs.h */\n";
-print "/* automatically generated by progs.pl for openssl.c */\n\n";
-
-grep(s/^asn1pars$/asn1parse/,@ARGV);
-
-foreach (@ARGV)
-	{ printf "extern int %s_main(int argc,char *argv[]);\n",$_; }
-
-print <<'EOF';
-
-#define FUNC_TYPE_GENERAL	1
-#define FUNC_TYPE_MD		2
-#define FUNC_TYPE_CIPHER	3
-#define FUNC_TYPE_PKEY		4
-#define FUNC_TYPE_MD_ALG	5
-#define FUNC_TYPE_CIPHER_ALG	6
-
-typedef struct {
-	int type;
-	const char *name;
-	int (*func)(int argc,char *argv[]);
-	} FUNCTION;
-DECLARE_LHASH_OF(FUNCTION);
-
-FUNCTION functions[] = {
-EOF
-
-foreach (@ARGV)
-	{
-	push(@files,$_);
-	$str="\t{FUNC_TYPE_GENERAL,\"$_\",${_}_main},\n";
-	if (($_ =~ /^s_/) || ($_ =~ /^ciphers$/))
-		{ print "#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))\n${str}#endif\n"; } 
-	elsif ( ($_ =~ /^speed$/))
-		{ print "#ifndef OPENSSL_NO_SPEED\n${str}#endif\n"; }
-	elsif ( ($_ =~ /^engine$/))
-		{ print "#ifndef OPENSSL_NO_ENGINE\n${str}#endif\n"; }
-	elsif ( ($_ =~ /^rsa$/) || ($_ =~ /^genrsa$/) || ($_ =~ /^rsautl$/)) 
-		{ print "#ifndef OPENSSL_NO_RSA\n${str}#endif\n";  }
-	elsif ( ($_ =~ /^dsa$/) || ($_ =~ /^gendsa$/) || ($_ =~ /^dsaparam$/))
-		{ print "#ifndef OPENSSL_NO_DSA\n${str}#endif\n"; }
-	elsif ( ($_ =~ /^ec$/) || ($_ =~ /^ecparam$/))
-		{ print "#ifndef OPENSSL_NO_EC\n${str}#endif\n";}
-	elsif ( ($_ =~ /^dh$/) || ($_ =~ /^gendh$/) || ($_ =~ /^dhparam$/))
-		{ print "#ifndef OPENSSL_NO_DH\n${str}#endif\n"; }
-	elsif ( ($_ =~ /^pkcs12$/))
-		{ print "#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1)\n${str}#endif\n"; }
-	elsif ( ($_ =~ /^cms$/))
-		{ print "#ifndef OPENSSL_NO_CMS\n${str}#endif\n"; }
-	elsif ( ($_ =~ /^ocsp$/))
-		{ print "#ifndef OPENSSL_NO_OCSP\n${str}#endif\n"; }
-	else
-		{ print $str; }
-	}
-
-foreach ("md2","md4","md5","sha","sha1","mdc2","rmd160")
-	{
-	push(@files,$_);
-	printf "#ifndef OPENSSL_NO_".uc($_)."\n\t{FUNC_TYPE_MD,\"".$_."\",dgst_main},\n#endif\n";
-	}
-
-foreach (
-	"aes-128-cbc", "aes-128-ecb",
-	"aes-192-cbc", "aes-192-ecb",
-	"aes-256-cbc", "aes-256-ecb",
-	"camellia-128-cbc", "camellia-128-ecb",
-	"camellia-192-cbc", "camellia-192-ecb",
-	"camellia-256-cbc", "camellia-256-ecb",
-	"base64", "zlib",
-	"des", "des3", "desx", "idea", "seed", "rc4", "rc4-40",
-	"rc2", "bf", "cast", "rc5",
-	"des-ecb", "des-ede",    "des-ede3",
-	"des-cbc", "des-ede-cbc","des-ede3-cbc",
-	"des-cfb", "des-ede-cfb","des-ede3-cfb",
-	"des-ofb", "des-ede-ofb","des-ede3-ofb",
-	"idea-cbc","idea-ecb",    "idea-cfb", "idea-ofb",
-	"seed-cbc","seed-ecb",    "seed-cfb", "seed-ofb",
-	"rc2-cbc", "rc2-ecb", "rc2-cfb","rc2-ofb", "rc2-64-cbc", "rc2-40-cbc",
-	"bf-cbc",  "bf-ecb",     "bf-cfb",   "bf-ofb",
-	"cast5-cbc","cast5-ecb", "cast5-cfb","cast5-ofb",
-	"cast-cbc", "rc5-cbc",   "rc5-ecb",  "rc5-cfb",  "rc5-ofb")
-	{
-	push(@files,$_);
-
-	$t=sprintf("\t{FUNC_TYPE_CIPHER,\"%s\",enc_main},\n",$_);
-	if    ($_ =~ /des/)  { $t="#ifndef OPENSSL_NO_DES\n${t}#endif\n"; }
-	elsif ($_ =~ /aes/)  { $t="#ifndef OPENSSL_NO_AES\n${t}#endif\n"; }
-	elsif ($_ =~ /camellia/)  { $t="#ifndef OPENSSL_NO_CAMELLIA\n${t}#endif\n"; }
-	elsif ($_ =~ /idea/) { $t="#ifndef OPENSSL_NO_IDEA\n${t}#endif\n"; }
-	elsif ($_ =~ /seed/) { $t="#ifndef OPENSSL_NO_SEED\n${t}#endif\n"; }
-	elsif ($_ =~ /rc4/)  { $t="#ifndef OPENSSL_NO_RC4\n${t}#endif\n"; }
-	elsif ($_ =~ /rc2/)  { $t="#ifndef OPENSSL_NO_RC2\n${t}#endif\n"; }
-	elsif ($_ =~ /bf/)   { $t="#ifndef OPENSSL_NO_BF\n${t}#endif\n"; }
-	elsif ($_ =~ /cast/) { $t="#ifndef OPENSSL_NO_CAST\n${t}#endif\n"; }
-	elsif ($_ =~ /rc5/)  { $t="#ifndef OPENSSL_NO_RC5\n${t}#endif\n"; }
-	elsif ($_ =~ /zlib/)  { $t="#ifdef ZLIB\n${t}#endif\n"; }
-	print $t;
-	}
-
-print "\t{0,NULL,NULL}\n\t};\n";
diff --git a/deps/openssl/openssl/apps/rand.c b/deps/openssl/openssl/apps/rand.c
deleted file mode 100644
index 790e79592c1..00000000000
--- a/deps/openssl/openssl/apps/rand.c
+++ /dev/null
@@ -1,245 +0,0 @@
-/* apps/rand.c */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "apps.h"
-
-#include 
-#include 
-#include 
-
-#include 
-#include 
-#include 
-
-#undef PROG
-#define PROG rand_main
-
-/* -out file         - write to file
- * -rand file:file   - PRNG seed files
- * -base64           - base64 encode output
- * -hex              - hex encode output
- * num               - write 'num' bytes
- */
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	int i, r, ret = 1;
-	int badopt;
-	char *outfile = NULL;
-	char *inrand = NULL;
-	int base64 = 0;
-	int hex = 0;
-	BIO *out = NULL;
-	int num = -1;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err = BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err, stderr, BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (!load_config(bio_err, NULL))
-		goto err;
-
-	badopt = 0;
-	i = 0;
-	while (!badopt && argv[++i] != NULL)
-		{
-		if (strcmp(argv[i], "-out") == 0)
-			{
-			if ((argv[i+1] != NULL) && (outfile == NULL))
-				outfile = argv[++i];
-			else
-				badopt = 1;
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(argv[i], "-engine") == 0)
-			{
-			if ((argv[i+1] != NULL) && (engine == NULL))
-				engine = argv[++i];
-			else
-				badopt = 1;
-			}
-#endif
-		else if (strcmp(argv[i], "-rand") == 0)
-			{
-			if ((argv[i+1] != NULL) && (inrand == NULL))
-				inrand = argv[++i];
-			else
-				badopt = 1;
-			}
-		else if (strcmp(argv[i], "-base64") == 0)
-			{
-			if (!base64)
-				base64 = 1;
-			else
-				badopt = 1;
-			}
-		else if (strcmp(argv[i], "-hex") == 0)
-			{
-			if (!hex)
-				hex = 1;
-			else
-				badopt = 1;
-			}
-		else if (isdigit((unsigned char)argv[i][0]))
-			{
-			if (num < 0)
-				{
-				r = sscanf(argv[i], "%d", &num);
-				if (r == 0 || num < 0)
-					badopt = 1;
-				}
-			else
-				badopt = 1;
-			}
-		else
-			badopt = 1;
-		}
-
-	if (hex && base64)
-		badopt = 1;
-
-	if (num < 0)
-		badopt = 1;
-	
-	if (badopt) 
-		{
-		BIO_printf(bio_err, "Usage: rand [options] num\n");
-		BIO_printf(bio_err, "where options are\n");
-		BIO_printf(bio_err, "-out file             - write to file\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err, "-engine e             - use engine e, possibly a hardware device.\n");
-#endif
-		BIO_printf(bio_err, "-rand file%cfile%c... - seed PRNG from files\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
-		BIO_printf(bio_err, "-base64               - base64 encode output\n");
-		BIO_printf(bio_err, "-hex                  - hex encode output\n");
-		goto err;
-		}
-
-#ifndef OPENSSL_NO_ENGINE
-        setup_engine(bio_err, engine, 0);
-#endif
-
-	app_RAND_load_file(NULL, bio_err, (inrand != NULL));
-	if (inrand != NULL)
-		BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
-			app_RAND_load_files(inrand));
-
-	out = BIO_new(BIO_s_file());
-	if (out == NULL)
-		goto err;
-	if (outfile != NULL)
-		r = BIO_write_filename(out, outfile);
-	else
-		{
-		r = BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT);
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
-	if (r <= 0)
-		goto err;
-
-	if (base64)
-		{
-		BIO *b64 = BIO_new(BIO_f_base64());
-		if (b64 == NULL)
-			goto err;
-		out = BIO_push(b64, out);
-		}
-	
-	while (num > 0) 
-		{
-		unsigned char buf[4096];
-		int chunk;
-
-		chunk = num;
-		if (chunk > (int)sizeof(buf))
-			chunk = sizeof buf;
-		r = RAND_bytes(buf, chunk);
-		if (r <= 0)
-			goto err;
-		if (!hex) 
-			BIO_write(out, buf, chunk);
-		else
-			{
-			for (i = 0; i < chunk; i++)
-				BIO_printf(out, "%02x", buf[i]);
-			}
-		num -= chunk;
-		}
-	if (hex)
-		BIO_puts(out, "\n");
-	(void)BIO_flush(out);
-
-	app_RAND_write_file(NULL, bio_err);
-	ret = 0;
-	
-err:
-	ERR_print_errors(bio_err);
-	if (out)
-		BIO_free_all(out);
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
diff --git a/deps/openssl/openssl/apps/req.c b/deps/openssl/openssl/apps/req.c
deleted file mode 100644
index 820cd18fc70..00000000000
--- a/deps/openssl/openssl/apps/req.c
+++ /dev/null
@@ -1,1758 +0,0 @@
-/* apps/req.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Until the key-gen callbacks are modified to use newer prototypes, we allow
- * deprecated functions for openssl-internal code */
-#ifdef OPENSSL_NO_DEPRECATED
-#undef OPENSSL_NO_DEPRECATED
-#endif
-
-#include 
-#include 
-#include 
-#include 
-#ifdef OPENSSL_NO_STDIO
-#define APPS_WIN16
-#endif
-#include "apps.h"
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#ifndef OPENSSL_NO_RSA
-#include 
-#endif
-#ifndef OPENSSL_NO_DSA
-#include 
-#endif
-
-#define SECTION		"req"
-
-#define BITS		"default_bits"
-#define KEYFILE		"default_keyfile"
-#define PROMPT		"prompt"
-#define DISTINGUISHED_NAME	"distinguished_name"
-#define ATTRIBUTES	"attributes"
-#define V3_EXTENSIONS	"x509_extensions"
-#define REQ_EXTENSIONS	"req_extensions"
-#define STRING_MASK	"string_mask"
-#define UTF8_IN		"utf8"
-
-#define DEFAULT_KEY_LENGTH	512
-#define MIN_KEY_LENGTH		384
-
-#undef PROG
-#define PROG	req_main
-
-/* -inform arg	- input format - default PEM (DER or PEM)
- * -outform arg - output format - default PEM
- * -in arg	- input file - default stdin
- * -out arg	- output file - default stdout
- * -verify	- check request signature
- * -noout	- don't print stuff out.
- * -text	- print out human readable text.
- * -nodes	- no des encryption
- * -config file	- Load configuration file.
- * -key file	- make a request using key in file (or use it for verification).
- * -keyform arg	- key file format.
- * -rand file(s) - load the file(s) into the PRNG.
- * -newkey	- make a key and a request.
- * -modulus	- print RSA modulus.
- * -pubkey	- output Public Key.
- * -x509	- output a self signed X509 structure instead.
- * -asn1-kludge	- output new certificate request in a format that some CA's
- *		  require.  This format is wrong
- */
-
-static int make_REQ(X509_REQ *req,EVP_PKEY *pkey,char *dn,int mutlirdn,
-		int attribs,unsigned long chtype);
-static int build_subject(X509_REQ *req, char *subj, unsigned long chtype,
-		int multirdn);
-static int prompt_info(X509_REQ *req,
-		STACK_OF(CONF_VALUE) *dn_sk, char *dn_sect,
-		STACK_OF(CONF_VALUE) *attr_sk, char *attr_sect, int attribs,
-		unsigned long chtype);
-static int auto_info(X509_REQ *req, STACK_OF(CONF_VALUE) *sk,
-				STACK_OF(CONF_VALUE) *attr, int attribs,
-				unsigned long chtype);
-static int add_attribute_object(X509_REQ *req, char *text, const char *def,
-				char *value, int nid, int n_min,
-				int n_max, unsigned long chtype);
-static int add_DN_object(X509_NAME *n, char *text, const char *def, char *value,
-	int nid,int n_min,int n_max, unsigned long chtype, int mval);
-static int genpkey_cb(EVP_PKEY_CTX *ctx);
-static int req_check_len(int len,int n_min,int n_max);
-static int check_end(const char *str, const char *end);
-static EVP_PKEY_CTX *set_keygen_ctx(BIO *err, const char *gstr, int *pkey_type,
-					long *pkeylen, char **palgnam,
-					ENGINE *keygen_engine);
-#ifndef MONOLITH
-static char *default_config_file=NULL;
-#endif
-static CONF *req_conf=NULL;
-static int batch=0;
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	ENGINE *e = NULL, *gen_eng = NULL;
-	unsigned long nmflag = 0, reqflag = 0;
-	int ex=1,x509=0,days=30;
-	X509 *x509ss=NULL;
-	X509_REQ *req=NULL;
-	EVP_PKEY_CTX *genctx = NULL;
-	const char *keyalg = NULL;
-	char *keyalgstr = NULL;
-	STACK_OF(OPENSSL_STRING) *pkeyopts = NULL;
-	EVP_PKEY *pkey=NULL;
-	int i=0,badops=0,newreq=0,verbose=0,pkey_type=-1;
-	long newkey = -1;
-	BIO *in=NULL,*out=NULL;
-	int informat,outformat,verify=0,noout=0,text=0,keyform=FORMAT_PEM;
-	int nodes=0,kludge=0,newhdr=0,subject=0,pubkey=0;
-	char *infile,*outfile,*prog,*keyfile=NULL,*template=NULL,*keyout=NULL;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-	char *extensions = NULL;
-	char *req_exts = NULL;
-	const EVP_CIPHER *cipher=NULL;
-	ASN1_INTEGER *serial = NULL;
-	int modulus=0;
-	char *inrand=NULL;
-	char *passargin = NULL, *passargout = NULL;
-	char *passin = NULL, *passout = NULL;
-	char *p;
-	char *subj = NULL;
-	int multirdn = 0;
-	const EVP_MD *md_alg=NULL,*digest=NULL;
-	unsigned long chtype = MBSTRING_ASC;
-#ifndef MONOLITH
-	char *to_free;
-	long errline;
-#endif
-
-	req_conf = NULL;
-#ifndef OPENSSL_NO_DES
-	cipher=EVP_des_ede3_cbc();
-#endif
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	infile=NULL;
-	outfile=NULL;
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
-
-	prog=argv[0];
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
-			}
-		else if (strcmp(*argv,"-keygen_engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			gen_eng = ENGINE_by_id(*(++argv));
-			if (gen_eng == NULL)
-				{
-				BIO_printf(bio_err, "Can't find keygen engine %s\n", *argv);
-				goto end;
-				}
-			}
-#endif
-		else if (strcmp(*argv,"-key") == 0)
-			{
-			if (--argc < 1) goto bad;
-			keyfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-pubkey") == 0)
-			{
-			pubkey=1;
-			}
-		else if (strcmp(*argv,"-new") == 0)
-			{
-			newreq=1;
-			}
-		else if (strcmp(*argv,"-config") == 0)
-			{	
-			if (--argc < 1) goto bad;
-			template= *(++argv);
-			}
-		else if (strcmp(*argv,"-keyform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			keyform=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-keyout") == 0)
-			{
-			if (--argc < 1) goto bad;
-			keyout= *(++argv);
-			}
-		else if (strcmp(*argv,"-passin") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passargin= *(++argv);
-			}
-		else if (strcmp(*argv,"-passout") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passargout= *(++argv);
-			}
-		else if (strcmp(*argv,"-rand") == 0)
-			{
-			if (--argc < 1) goto bad;
-			inrand= *(++argv);
-			}
-		else if (strcmp(*argv,"-newkey") == 0)
-			{
-			if (--argc < 1)
-				goto bad;
-			keyalg = *(++argv);
-			newreq=1;
-			}
-		else if (strcmp(*argv,"-pkeyopt") == 0)
-			{
-			if (--argc < 1)
-				goto bad;
-			if (!pkeyopts)
-				pkeyopts = sk_OPENSSL_STRING_new_null();
-			if (!pkeyopts || !sk_OPENSSL_STRING_push(pkeyopts, *(++argv)))
-				goto bad;
-			}
-		else if (strcmp(*argv,"-batch") == 0)
-			batch=1;
-		else if (strcmp(*argv,"-newhdr") == 0)
-			newhdr=1;
-		else if (strcmp(*argv,"-modulus") == 0)
-			modulus=1;
-		else if (strcmp(*argv,"-verify") == 0)
-			verify=1;
-		else if (strcmp(*argv,"-nodes") == 0)
-			nodes=1;
-		else if (strcmp(*argv,"-noout") == 0)
-			noout=1;
-		else if (strcmp(*argv,"-verbose") == 0)
-			verbose=1;
-		else if (strcmp(*argv,"-utf8") == 0)
-			chtype = MBSTRING_UTF8;
-		else if (strcmp(*argv,"-nameopt") == 0)
-			{
-			if (--argc < 1) goto bad;
-			if (!set_name_ex(&nmflag, *(++argv))) goto bad;
-			}
-		else if (strcmp(*argv,"-reqopt") == 0)
-			{
-			if (--argc < 1) goto bad;
-			if (!set_cert_ex(&reqflag, *(++argv))) goto bad;
-			}
-		else if (strcmp(*argv,"-subject") == 0)
-			subject=1;
-		else if (strcmp(*argv,"-text") == 0)
-			text=1;
-		else if (strcmp(*argv,"-x509") == 0)
-			x509=1;
-		else if (strcmp(*argv,"-asn1-kludge") == 0)
-			kludge=1;
-		else if (strcmp(*argv,"-no-asn1-kludge") == 0)
-			kludge=0;
-		else if (strcmp(*argv,"-subj") == 0)
-			{
-			if (--argc < 1) goto bad;
-			subj= *(++argv);
-			}
-		else if (strcmp(*argv,"-multivalue-rdn") == 0)
-			multirdn=1;
-		else if (strcmp(*argv,"-days") == 0)
-			{
-			if (--argc < 1) goto bad;
-			days= atoi(*(++argv));
-			if (days == 0) days=30;
-			}
-		else if (strcmp(*argv,"-set_serial") == 0)
-			{
-			if (--argc < 1) goto bad;
-			serial = s2i_ASN1_INTEGER(NULL, *(++argv));
-			if (!serial) goto bad;
-			}
-		else if (strcmp(*argv,"-extensions") == 0)
-			{
-			if (--argc < 1) goto bad;
-			extensions = *(++argv);
-			}
-		else if (strcmp(*argv,"-reqexts") == 0)
-			{
-			if (--argc < 1) goto bad;
-			req_exts = *(++argv);
-			}
-		else if ((md_alg=EVP_get_digestbyname(&((*argv)[1]))) != NULL)
-			{
-			/* ok */
-			digest=md_alg;
-			}
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options] outfile\n",prog);
-		BIO_printf(bio_err,"where options  are\n");
-		BIO_printf(bio_err," -inform arg    input format - DER or PEM\n");
-		BIO_printf(bio_err," -outform arg   output format - DER or PEM\n");
-		BIO_printf(bio_err," -in arg        input file\n");
-		BIO_printf(bio_err," -out arg       output file\n");
-		BIO_printf(bio_err," -text          text form of request\n");
-		BIO_printf(bio_err," -pubkey        output public key\n");
-		BIO_printf(bio_err," -noout         do not output REQ\n");
-		BIO_printf(bio_err," -verify        verify signature on REQ\n");
-		BIO_printf(bio_err," -modulus       RSA modulus\n");
-		BIO_printf(bio_err," -nodes         don't encrypt the output key\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," -engine e      use engine e, possibly a hardware device\n");
-#endif
-		BIO_printf(bio_err," -subject       output the request's subject\n");
-		BIO_printf(bio_err," -passin        private key password source\n");
-		BIO_printf(bio_err," -key file      use the private key contained in file\n");
-		BIO_printf(bio_err," -keyform arg   key file format\n");
-		BIO_printf(bio_err," -keyout arg    file to send the key to\n");
-		BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
-		BIO_printf(bio_err,"                load the file (or the files in the directory) into\n");
-		BIO_printf(bio_err,"                the random number generator\n");
-		BIO_printf(bio_err," -newkey rsa:bits generate a new RSA key of 'bits' in size\n");
-		BIO_printf(bio_err," -newkey dsa:file generate a new DSA key, parameters taken from CA in 'file'\n");
-#ifndef OPENSSL_NO_ECDSA
-		BIO_printf(bio_err," -newkey ec:file generate a new EC key, parameters taken from CA in 'file'\n");
-#endif
-		BIO_printf(bio_err," -[digest]      Digest to sign with (md5, sha1, md2, mdc2, md4)\n");
-		BIO_printf(bio_err," -config file   request template file.\n");
-		BIO_printf(bio_err," -subj arg      set or modify request subject\n");
-		BIO_printf(bio_err," -multivalue-rdn enable support for multivalued RDNs\n");
-		BIO_printf(bio_err," -new           new request.\n");
-		BIO_printf(bio_err," -batch         do not ask anything during request generation\n");
-		BIO_printf(bio_err," -x509          output a x509 structure instead of a cert. req.\n");
-		BIO_printf(bio_err," -days          number of days a certificate generated by -x509 is valid for.\n");
-		BIO_printf(bio_err," -set_serial    serial number to use for a certificate generated by -x509.\n");
-		BIO_printf(bio_err," -newhdr        output \"NEW\" in the header lines\n");
-		BIO_printf(bio_err," -asn1-kludge   Output the 'request' in a format that is wrong but some CA's\n");
-		BIO_printf(bio_err,"                have been reported as requiring\n");
-		BIO_printf(bio_err," -extensions .. specify certificate extension section (override value in config file)\n");
-		BIO_printf(bio_err," -reqexts ..    specify request extension section (override value in config file)\n");
-		BIO_printf(bio_err," -utf8          input characters are UTF8 (default ASCII)\n");
-		BIO_printf(bio_err," -nameopt arg    - various certificate name options\n");
-		BIO_printf(bio_err," -reqopt arg    - various request text options\n\n");
-		goto end;
-		}
-
-	ERR_load_crypto_strings();
-	if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
-		BIO_printf(bio_err, "Error getting passwords\n");
-		goto end;
-	}
-
-#ifndef MONOLITH /* else this has happened in openssl.c (global `config') */
-	/* Lets load up our environment a little */
-	p=getenv("OPENSSL_CONF");
-	if (p == NULL)
-		p=getenv("SSLEAY_CONF");
-	if (p == NULL)
-		p=to_free=make_config_name();
-	default_config_file=p;
-	config=NCONF_new(NULL);
-	i=NCONF_load(config, p, &errline);
-#endif
-
-	if (template != NULL)
-		{
-		long errline = -1;
-
-		if( verbose )
-			BIO_printf(bio_err,"Using configuration from %s\n",template);
-		req_conf=NCONF_new(NULL);
-		i=NCONF_load(req_conf,template,&errline);
-		if (i == 0)
-			{
-			BIO_printf(bio_err,"error on line %ld of %s\n",errline,template);
-			goto end;
-			}
-		}
-	else
-		{
-		req_conf=config;
-
-		if (req_conf == NULL)
-			{
-			BIO_printf(bio_err,"Unable to load config info from %s\n", default_config_file);
-			if (newreq)
-				goto end;
-			}
-		else if( verbose )
-			BIO_printf(bio_err,"Using configuration from %s\n",
-			default_config_file);
-		}
-
-	if (req_conf != NULL)
-		{
-		if (!load_config(bio_err, req_conf))
-			goto end;
-		p=NCONF_get_string(req_conf,NULL,"oid_file");
-		if (p == NULL)
-			ERR_clear_error();
-		if (p != NULL)
-			{
-			BIO *oid_bio;
-
-			oid_bio=BIO_new_file(p,"r");
-			if (oid_bio == NULL) 
-				{
-				/*
-				BIO_printf(bio_err,"problems opening %s for extra oid's\n",p);
-				ERR_print_errors(bio_err);
-				*/
-				}
-			else
-				{
-				OBJ_create_objects(oid_bio);
-				BIO_free(oid_bio);
-				}
-			}
-		}
-	if(!add_oid_section(bio_err, req_conf)) goto end;
-
-	if (md_alg == NULL)
-		{
-		p=NCONF_get_string(req_conf,SECTION,"default_md");
-		if (p == NULL)
-			ERR_clear_error();
-		if (p != NULL)
-			{
-			if ((md_alg=EVP_get_digestbyname(p)) != NULL)
-				digest=md_alg;
-			}
-		}
-
-	if (!extensions)
-		{
-		extensions = NCONF_get_string(req_conf, SECTION, V3_EXTENSIONS);
-		if (!extensions)
-			ERR_clear_error();
-		}
-	if (extensions) {
-		/* Check syntax of file */
-		X509V3_CTX ctx;
-		X509V3_set_ctx_test(&ctx);
-		X509V3_set_nconf(&ctx, req_conf);
-		if(!X509V3_EXT_add_nconf(req_conf, &ctx, extensions, NULL)) {
-			BIO_printf(bio_err,
-			 "Error Loading extension section %s\n", extensions);
-			goto end;
-		}
-	}
-
-	if(!passin)
-		{
-		passin = NCONF_get_string(req_conf, SECTION, "input_password");
-		if (!passin)
-			ERR_clear_error();
-		}
-	
-	if(!passout)
-		{
-		passout = NCONF_get_string(req_conf, SECTION, "output_password");
-		if (!passout)
-			ERR_clear_error();
-		}
-
-	p = NCONF_get_string(req_conf, SECTION, STRING_MASK);
-	if (!p)
-		ERR_clear_error();
-
-	if(p && !ASN1_STRING_set_default_mask_asc(p)) {
-		BIO_printf(bio_err, "Invalid global string mask setting %s\n", p);
-		goto end;
-	}
-
-	if (chtype != MBSTRING_UTF8)
-		{
-		p = NCONF_get_string(req_conf, SECTION, UTF8_IN);
-		if (!p)
-			ERR_clear_error();
-		else if (!strcmp(p, "yes"))
-			chtype = MBSTRING_UTF8;
-		}
-
-
-	if(!req_exts)
-		{
-		req_exts = NCONF_get_string(req_conf, SECTION, REQ_EXTENSIONS);
-		if (!req_exts)
-			ERR_clear_error();
-		}
-	if(req_exts) {
-		/* Check syntax of file */
-		X509V3_CTX ctx;
-		X509V3_set_ctx_test(&ctx);
-		X509V3_set_nconf(&ctx, req_conf);
-		if(!X509V3_EXT_add_nconf(req_conf, &ctx, req_exts, NULL)) {
-			BIO_printf(bio_err,
-			 "Error Loading request extension section %s\n",
-								req_exts);
-			goto end;
-		}
-	}
-
-	in=BIO_new(BIO_s_file());
-	out=BIO_new(BIO_s_file());
-	if ((in == NULL) || (out == NULL))
-		goto end;
-
-#ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
-#endif
-
-	if (keyfile != NULL)
-		{
-		pkey = load_key(bio_err, keyfile, keyform, 0, passin, e,
-			"Private Key");
-		if (!pkey)
-			{
-			/* load_key() has already printed an appropriate
-			   message */
-			goto end;
-			}
-		else
-			{
-			char *randfile = NCONF_get_string(req_conf,SECTION,"RANDFILE");
-			if (randfile == NULL)
-				ERR_clear_error();
-			app_RAND_load_file(randfile, bio_err, 0);
-			}
-		}
-
-	if (newreq && (pkey == NULL))
-		{
-		char *randfile = NCONF_get_string(req_conf,SECTION,"RANDFILE");
-		if (randfile == NULL)
-			ERR_clear_error();
-		app_RAND_load_file(randfile, bio_err, 0);
-		if (inrand)
-			app_RAND_load_files(inrand);
-
-		if (keyalg)
-			{
-			genctx = set_keygen_ctx(bio_err, keyalg, &pkey_type, &newkey,
-							&keyalgstr, gen_eng);
-			if (!genctx)
-				goto end;
-			}
-	
-		if (newkey <= 0)
-			{
-			if (!NCONF_get_number(req_conf,SECTION,BITS, &newkey))
-				newkey=DEFAULT_KEY_LENGTH;
-			}
-
-		if (newkey < MIN_KEY_LENGTH && (pkey_type == EVP_PKEY_RSA || pkey_type == EVP_PKEY_DSA))
-			{
-			BIO_printf(bio_err,"private key length is too short,\n");
-			BIO_printf(bio_err,"it needs to be at least %d bits, not %ld\n",MIN_KEY_LENGTH,newkey);
-			goto end;
-			}
-
-		if (!genctx)
-			{
-			genctx = set_keygen_ctx(bio_err, NULL, &pkey_type, &newkey,
-							&keyalgstr, gen_eng);
-			if (!genctx)
-				goto end;
-			}
-
-		if (pkeyopts)
-			{
-			char *genopt;
-			for (i = 0; i < sk_OPENSSL_STRING_num(pkeyopts); i++)
-				{
-				genopt = sk_OPENSSL_STRING_value(pkeyopts, i);
-				if (pkey_ctrl_string(genctx, genopt) <= 0)
-					{
-					BIO_printf(bio_err,
-						"parameter error \"%s\"\n",
-						genopt);
-					ERR_print_errors(bio_err);
-					goto end;
-					}
-				}
-			}
-
-		BIO_printf(bio_err,"Generating a %ld bit %s private key\n",
-				newkey, keyalgstr);
-
-		EVP_PKEY_CTX_set_cb(genctx, genpkey_cb);
-		EVP_PKEY_CTX_set_app_data(genctx, bio_err);
-
-		if (EVP_PKEY_keygen(genctx, &pkey) <= 0)
-			{
-			BIO_puts(bio_err, "Error Generating Key\n");
-			goto end;
-			}
-
-		EVP_PKEY_CTX_free(genctx);
-		genctx = NULL;
-
-		app_RAND_write_file(randfile, bio_err);
-
-		if (keyout == NULL)
-			{
-			keyout=NCONF_get_string(req_conf,SECTION,KEYFILE);
-			if (keyout == NULL)
-				ERR_clear_error();
-			}
-		
-		if (keyout == NULL)
-			{
-			BIO_printf(bio_err,"writing new private key to stdout\n");
-			BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-			{
-			BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-			out = BIO_push(tmpbio, out);
-			}
-#endif
-			}
-		else
-			{
-			BIO_printf(bio_err,"writing new private key to '%s'\n",keyout);
-			if (BIO_write_filename(out,keyout) <= 0)
-				{
-				perror(keyout);
-				goto end;
-				}
-			}
-
-		p=NCONF_get_string(req_conf,SECTION,"encrypt_rsa_key");
-		if (p == NULL)
-			{
-			ERR_clear_error();
-			p=NCONF_get_string(req_conf,SECTION,"encrypt_key");
-			if (p == NULL)
-				ERR_clear_error();
-			}
-		if ((p != NULL) && (strcmp(p,"no") == 0))
-			cipher=NULL;
-		if (nodes) cipher=NULL;
-		
-		i=0;
-loop:
-		if (!PEM_write_bio_PrivateKey(out,pkey,cipher,
-			NULL,0,NULL,passout))
-			{
-			if ((ERR_GET_REASON(ERR_peek_error()) ==
-				PEM_R_PROBLEMS_GETTING_PASSWORD) && (i < 3))
-				{
-				ERR_clear_error();
-				i++;
-				goto loop;
-				}
-			goto end;
-			}
-		BIO_printf(bio_err,"-----\n");
-		}
-
-	if (!newreq)
-		{
-		/* Since we are using a pre-existing certificate
-		 * request, the kludge 'format' info should not be
-		 * changed. */
-		kludge= -1;
-		if (infile == NULL)
-			BIO_set_fp(in,stdin,BIO_NOCLOSE);
-		else
-			{
-			if (BIO_read_filename(in,infile) <= 0)
-				{
-				perror(infile);
-				goto end;
-				}
-			}
-
-		if	(informat == FORMAT_ASN1)
-			req=d2i_X509_REQ_bio(in,NULL);
-		else if (informat == FORMAT_PEM)
-			req=PEM_read_bio_X509_REQ(in,NULL,NULL,NULL);
-		else
-			{
-			BIO_printf(bio_err,"bad input format specified for X509 request\n");
-			goto end;
-			}
-		if (req == NULL)
-			{
-			BIO_printf(bio_err,"unable to load X509 request\n");
-			goto end;
-			}
-		}
-
-	if (newreq || x509)
-		{
-		if (pkey == NULL)
-			{
-			BIO_printf(bio_err,"you need to specify a private key\n");
-			goto end;
-			}
-
-		if (req == NULL)
-			{
-			req=X509_REQ_new();
-			if (req == NULL)
-				{
-				goto end;
-				}
-
-			i=make_REQ(req,pkey,subj,multirdn,!x509, chtype);
-			subj=NULL; /* done processing '-subj' option */
-			if ((kludge > 0) && !sk_X509_ATTRIBUTE_num(req->req_info->attributes))
-				{
-				sk_X509_ATTRIBUTE_free(req->req_info->attributes);
-				req->req_info->attributes = NULL;
-				}
-			if (!i)
-				{
-				BIO_printf(bio_err,"problems making Certificate Request\n");
-				goto end;
-				}
-			}
-		if (x509)
-			{
-			EVP_PKEY *tmppkey;
-			X509V3_CTX ext_ctx;
-			if ((x509ss=X509_new()) == NULL) goto end;
-
-			/* Set version to V3 */
-			if(extensions && !X509_set_version(x509ss, 2)) goto end;
-			if (serial)
-				{
-				if (!X509_set_serialNumber(x509ss, serial)) goto end;
-				}
-			else
-				{
-				if (!rand_serial(NULL,
-					X509_get_serialNumber(x509ss)))
-						goto end;
-				}
-
-			if (!X509_set_issuer_name(x509ss, X509_REQ_get_subject_name(req))) goto end;
-			if (!X509_gmtime_adj(X509_get_notBefore(x509ss),0)) goto end;
-			if (!X509_time_adj_ex(X509_get_notAfter(x509ss), days, 0, NULL)) goto end;
-			if (!X509_set_subject_name(x509ss, X509_REQ_get_subject_name(req))) goto end;
-			tmppkey = X509_REQ_get_pubkey(req);
-			if (!tmppkey || !X509_set_pubkey(x509ss,tmppkey)) goto end;
-			EVP_PKEY_free(tmppkey);
-
-			/* Set up V3 context struct */
-
-			X509V3_set_ctx(&ext_ctx, x509ss, x509ss, NULL, NULL, 0);
-			X509V3_set_nconf(&ext_ctx, req_conf);
-
-			/* Add extensions */
-			if(extensions && !X509V3_EXT_add_nconf(req_conf, 
-				 	&ext_ctx, extensions, x509ss))
-				{
-				BIO_printf(bio_err,
-					"Error Loading extension section %s\n",
-					extensions);
-				goto end;
-				}
-			
-			if (!(i=X509_sign(x509ss,pkey,digest)))
-				{
-				ERR_print_errors(bio_err);
-				goto end;
-				}
-			}
-		else
-			{
-			X509V3_CTX ext_ctx;
-
-			/* Set up V3 context struct */
-
-			X509V3_set_ctx(&ext_ctx, NULL, NULL, req, NULL, 0);
-			X509V3_set_nconf(&ext_ctx, req_conf);
-
-			/* Add extensions */
-			if(req_exts && !X509V3_EXT_REQ_add_nconf(req_conf, 
-				 	&ext_ctx, req_exts, req))
-				{
-				BIO_printf(bio_err,
-					"Error Loading extension section %s\n",
-					req_exts);
-				goto end;
-				}
-			if (!(i=X509_REQ_sign(req,pkey,digest)))
-				{
-				ERR_print_errors(bio_err);
-				goto end;
-				}
-			}
-		}
-
-	if (subj && x509)
-		{
-		BIO_printf(bio_err, "Cannot modifiy certificate subject\n");
-		goto end;
-		}
-
-	if (subj && !x509)
-		{
-		if (verbose)
-			{
-			BIO_printf(bio_err, "Modifying Request's Subject\n");
-			print_name(bio_err, "old subject=", X509_REQ_get_subject_name(req), nmflag);
-			}
-
-		if (build_subject(req, subj, chtype, multirdn) == 0)
-			{
-			BIO_printf(bio_err, "ERROR: cannot modify subject\n");
-			ex=1;
-			goto end;
-			}
-
-		req->req_info->enc.modified = 1;
-
-		if (verbose)
-			{
-			print_name(bio_err, "new subject=", X509_REQ_get_subject_name(req), nmflag);
-			}
-		}
-
-	if (verify && !x509)
-		{
-		int tmp=0;
-
-		if (pkey == NULL)
-			{
-			pkey=X509_REQ_get_pubkey(req);
-			tmp=1;
-			if (pkey == NULL) goto end;
-			}
-
-		i=X509_REQ_verify(req,pkey);
-		if (tmp) {
-			EVP_PKEY_free(pkey);
-			pkey=NULL;
-		}
-
-		if (i < 0)
-			{
-			goto end;
-			}
-		else if (i == 0)
-			{
-			BIO_printf(bio_err,"verify failure\n");
-			ERR_print_errors(bio_err);
-			}
-		else /* if (i > 0) */
-			BIO_printf(bio_err,"verify OK\n");
-		}
-
-	if (noout && !text && !modulus && !subject && !pubkey)
-		{
-		ex=0;
-		goto end;
-		}
-
-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
-	else
-		{
-		if ((keyout != NULL) && (strcmp(outfile,keyout) == 0))
-			i=(int)BIO_append_filename(out,outfile);
-		else
-			i=(int)BIO_write_filename(out,outfile);
-		if (!i)
-			{
-			perror(outfile);
-			goto end;
-			}
-		}
-
-	if (pubkey)
-		{
-		EVP_PKEY *tpubkey; 
-		tpubkey=X509_REQ_get_pubkey(req);
-		if (tpubkey == NULL)
-			{
-			BIO_printf(bio_err,"Error getting public key\n");
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		PEM_write_bio_PUBKEY(out, tpubkey);
-		EVP_PKEY_free(tpubkey);
-		}
-
-	if (text)
-		{
-		if (x509)
-			X509_print_ex(out, x509ss, nmflag, reqflag);
-		else	
-			X509_REQ_print_ex(out, req, nmflag, reqflag);
-		}
-
-	if(subject) 
-		{
-		if(x509)
-			print_name(out, "subject=", X509_get_subject_name(x509ss), nmflag);
-		else
-			print_name(out, "subject=", X509_REQ_get_subject_name(req), nmflag);
-		}
-
-	if (modulus)
-		{
-		EVP_PKEY *tpubkey;
-
-		if (x509)
-			tpubkey=X509_get_pubkey(x509ss);
-		else
-			tpubkey=X509_REQ_get_pubkey(req);
-		if (tpubkey == NULL)
-			{
-			fprintf(stdout,"Modulus=unavailable\n");
-			goto end; 
-			}
-		fprintf(stdout,"Modulus=");
-#ifndef OPENSSL_NO_RSA
-		if (EVP_PKEY_base_id(tpubkey) == EVP_PKEY_RSA)
-			BN_print(out,tpubkey->pkey.rsa->n);
-		else
-#endif
-			fprintf(stdout,"Wrong Algorithm type");
-		EVP_PKEY_free(tpubkey);
-		fprintf(stdout,"\n");
-		}
-
-	if (!noout && !x509)
-		{
-		if 	(outformat == FORMAT_ASN1)
-			i=i2d_X509_REQ_bio(out,req);
-		else if (outformat == FORMAT_PEM) {
-			if(newhdr) i=PEM_write_bio_X509_REQ_NEW(out,req);
-			else i=PEM_write_bio_X509_REQ(out,req);
-		} else {
-			BIO_printf(bio_err,"bad output format specified for outfile\n");
-			goto end;
-			}
-		if (!i)
-			{
-			BIO_printf(bio_err,"unable to write X509 request\n");
-			goto end;
-			}
-		}
-	if (!noout && x509 && (x509ss != NULL))
-		{
-		if 	(outformat == FORMAT_ASN1)
-			i=i2d_X509_bio(out,x509ss);
-		else if (outformat == FORMAT_PEM)
-			i=PEM_write_bio_X509(out,x509ss);
-		else	{
-			BIO_printf(bio_err,"bad output format specified for outfile\n");
-			goto end;
-			}
-		if (!i)
-			{
-			BIO_printf(bio_err,"unable to write X509 certificate\n");
-			goto end;
-			}
-		}
-	ex=0;
-end:
-#ifndef MONOLITH
-	if(to_free)
-		OPENSSL_free(to_free);
-#endif
-	if (ex)
-		{
-		ERR_print_errors(bio_err);
-		}
-	if ((req_conf != NULL) && (req_conf != config)) NCONF_free(req_conf);
-	BIO_free(in);
-	BIO_free_all(out);
-	EVP_PKEY_free(pkey);
-	if (genctx)
-		EVP_PKEY_CTX_free(genctx);
-	if (pkeyopts)
-		sk_OPENSSL_STRING_free(pkeyopts);
-#ifndef OPENSSL_NO_ENGINE
-	if (gen_eng)
-		ENGINE_free(gen_eng);
-#endif
-	if (keyalgstr)
-		OPENSSL_free(keyalgstr);
-	X509_REQ_free(req);
-	X509_free(x509ss);
-	ASN1_INTEGER_free(serial);
-	if(passargin && passin) OPENSSL_free(passin);
-	if(passargout && passout) OPENSSL_free(passout);
-	OBJ_cleanup();
-	apps_shutdown();
-	OPENSSL_EXIT(ex);
-	}
-
-static int make_REQ(X509_REQ *req, EVP_PKEY *pkey, char *subj, int multirdn,
-			int attribs, unsigned long chtype)
-	{
-	int ret=0,i;
-	char no_prompt = 0;
-	STACK_OF(CONF_VALUE) *dn_sk, *attr_sk = NULL;
-	char *tmp, *dn_sect,*attr_sect;
-
-	tmp=NCONF_get_string(req_conf,SECTION,PROMPT);
-	if (tmp == NULL)
-		ERR_clear_error();
-	if((tmp != NULL) && !strcmp(tmp, "no")) no_prompt = 1;
-
-	dn_sect=NCONF_get_string(req_conf,SECTION,DISTINGUISHED_NAME);
-	if (dn_sect == NULL)
-		{
-		BIO_printf(bio_err,"unable to find '%s' in config\n",
-			DISTINGUISHED_NAME);
-		goto err;
-		}
-	dn_sk=NCONF_get_section(req_conf,dn_sect);
-	if (dn_sk == NULL)
-		{
-		BIO_printf(bio_err,"unable to get '%s' section\n",dn_sect);
-		goto err;
-		}
-
-	attr_sect=NCONF_get_string(req_conf,SECTION,ATTRIBUTES);
-	if (attr_sect == NULL)
-		{
-		ERR_clear_error();		
-		attr_sk=NULL;
-		}
-	else
-		{
-		attr_sk=NCONF_get_section(req_conf,attr_sect);
-		if (attr_sk == NULL)
-			{
-			BIO_printf(bio_err,"unable to get '%s' section\n",attr_sect);
-			goto err;
-			}
-		}
-
-	/* setup version number */
-	if (!X509_REQ_set_version(req,0L)) goto err; /* version 1 */
-
-	if (no_prompt) 
-		i = auto_info(req, dn_sk, attr_sk, attribs, chtype);
-	else 
-		{
-		if (subj)
-			i = build_subject(req, subj, chtype, multirdn);
-		else
-			i = prompt_info(req, dn_sk, dn_sect, attr_sk, attr_sect, attribs, chtype);
-		}
-	if(!i) goto err;
-
-	if (!X509_REQ_set_pubkey(req,pkey)) goto err;
-
-	ret=1;
-err:
-	return(ret);
-	}
-
-/*
- * subject is expected to be in the format /type0=value0/type1=value1/type2=...
- * where characters may be escaped by \
- */
-static int build_subject(X509_REQ *req, char *subject, unsigned long chtype, int multirdn)
-	{
-	X509_NAME *n;
-
-	if (!(n = parse_name(subject, chtype, multirdn)))
-		return 0;
-
-	if (!X509_REQ_set_subject_name(req, n))
-		{
-		X509_NAME_free(n);
-		return 0;
-		}
-	X509_NAME_free(n);
-	return 1;
-}
-
-
-static int prompt_info(X509_REQ *req,
-		STACK_OF(CONF_VALUE) *dn_sk, char *dn_sect,
-		STACK_OF(CONF_VALUE) *attr_sk, char *attr_sect, int attribs,
-		unsigned long chtype)
-	{
-	int i;
-	char *p,*q;
-	char buf[100];
-	int nid, mval;
-	long n_min,n_max;
-	char *type, *value;
-	const char *def;
-	CONF_VALUE *v;
-	X509_NAME *subj;
-	subj = X509_REQ_get_subject_name(req);
-
-	if(!batch)
-		{
-		BIO_printf(bio_err,"You are about to be asked to enter information that will be incorporated\n");
-		BIO_printf(bio_err,"into your certificate request.\n");
-		BIO_printf(bio_err,"What you are about to enter is what is called a Distinguished Name or a DN.\n");
-		BIO_printf(bio_err,"There are quite a few fields but you can leave some blank\n");
-		BIO_printf(bio_err,"For some fields there will be a default value,\n");
-		BIO_printf(bio_err,"If you enter '.', the field will be left blank.\n");
-		BIO_printf(bio_err,"-----\n");
-		}
-
-
-	if (sk_CONF_VALUE_num(dn_sk))
-		{
-		i= -1;
-start:		for (;;)
-			{
-			i++;
-			if (sk_CONF_VALUE_num(dn_sk) <= i) break;
-
-			v=sk_CONF_VALUE_value(dn_sk,i);
-			p=q=NULL;
-			type=v->name;
-			if(!check_end(type,"_min") || !check_end(type,"_max") ||
-				!check_end(type,"_default") ||
-					 !check_end(type,"_value")) continue;
-			/* Skip past any leading X. X: X, etc to allow for
-			 * multiple instances 
-			 */
-			for(p = v->name; *p ; p++) 
-				if ((*p == ':') || (*p == ',') ||
-							 (*p == '.')) {
-					p++;
-					if(*p) type = p;
-					break;
-				}
-			if (*type == '+')
-				{
-				mval = -1;
-				type++;
-				}
-			else
-				mval = 0;
-			/* If OBJ not recognised ignore it */
-			if ((nid=OBJ_txt2nid(type)) == NID_undef) goto start;
-			if (BIO_snprintf(buf,sizeof buf,"%s_default",v->name)
-				>= (int)sizeof(buf))
-			   {
-			   BIO_printf(bio_err,"Name '%s' too long\n",v->name);
-			   return 0;
-			   }
-
-			if ((def=NCONF_get_string(req_conf,dn_sect,buf)) == NULL)
-				{
-				ERR_clear_error();
-				def="";
-				}
-				
-			BIO_snprintf(buf,sizeof buf,"%s_value",v->name);
-			if ((value=NCONF_get_string(req_conf,dn_sect,buf)) == NULL)
-				{
-				ERR_clear_error();
-				value=NULL;
-				}
-
-			BIO_snprintf(buf,sizeof buf,"%s_min",v->name);
-			if (!NCONF_get_number(req_conf,dn_sect,buf, &n_min))
-				{
-				ERR_clear_error();
-				n_min = -1;
-				}
-
-			BIO_snprintf(buf,sizeof buf,"%s_max",v->name);
-			if (!NCONF_get_number(req_conf,dn_sect,buf, &n_max))
-				{
-				ERR_clear_error();
-				n_max = -1;
-				}
-
-			if (!add_DN_object(subj,v->value,def,value,nid,
-				n_min,n_max, chtype, mval))
-				return 0;
-			}
-		if (X509_NAME_entry_count(subj) == 0)
-			{
-			BIO_printf(bio_err,"error, no objects specified in config file\n");
-			return 0;
-			}
-
-		if (attribs)
-			{
-			if ((attr_sk != NULL) && (sk_CONF_VALUE_num(attr_sk) > 0) && (!batch))
-				{
-				BIO_printf(bio_err,"\nPlease enter the following 'extra' attributes\n");
-				BIO_printf(bio_err,"to be sent with your certificate request\n");
-				}
-
-			i= -1;
-start2:			for (;;)
-				{
-				i++;
-				if ((attr_sk == NULL) ||
-					    (sk_CONF_VALUE_num(attr_sk) <= i))
-					break;
-
-				v=sk_CONF_VALUE_value(attr_sk,i);
-				type=v->name;
-				if ((nid=OBJ_txt2nid(type)) == NID_undef)
-					goto start2;
-
-				if (BIO_snprintf(buf,sizeof buf,"%s_default",type)
-					>= (int)sizeof(buf))
-				   {
-				   BIO_printf(bio_err,"Name '%s' too long\n",v->name);
-				   return 0;
-				   }
-
-				if ((def=NCONF_get_string(req_conf,attr_sect,buf))
-					== NULL)
-					{
-					ERR_clear_error();
-					def="";
-					}
-				
-				
-				BIO_snprintf(buf,sizeof buf,"%s_value",type);
-				if ((value=NCONF_get_string(req_conf,attr_sect,buf))
-					== NULL)
-					{
-					ERR_clear_error();
-					value=NULL;
-					}
-
-				BIO_snprintf(buf,sizeof buf,"%s_min",type);
-				if (!NCONF_get_number(req_conf,attr_sect,buf, &n_min))
-					{
-					ERR_clear_error();
-					n_min = -1;
-					}
-
-				BIO_snprintf(buf,sizeof buf,"%s_max",type);
-				if (!NCONF_get_number(req_conf,attr_sect,buf, &n_max))
-					{
-					ERR_clear_error();
-					n_max = -1;
-					}
-
-				if (!add_attribute_object(req,
-					v->value,def,value,nid,n_min,n_max, chtype))
-					return 0;
-				}
-			}
-		}
-	else
-		{
-		BIO_printf(bio_err,"No template, please set one up.\n");
-		return 0;
-		}
-
-	return 1;
-
-	}
-
-static int auto_info(X509_REQ *req, STACK_OF(CONF_VALUE) *dn_sk,
-			STACK_OF(CONF_VALUE) *attr_sk, int attribs, unsigned long chtype)
-	{
-	int i;
-	char *p,*q;
-	char *type;
-	CONF_VALUE *v;
-	X509_NAME *subj;
-
-	subj = X509_REQ_get_subject_name(req);
-
-	for (i = 0; i < sk_CONF_VALUE_num(dn_sk); i++)
-		{
-		int mval;
-		v=sk_CONF_VALUE_value(dn_sk,i);
-		p=q=NULL;
-		type=v->name;
-		/* Skip past any leading X. X: X, etc to allow for
-		 * multiple instances 
-		 */
-		for(p = v->name; *p ; p++) 
-#ifndef CHARSET_EBCDIC
-			if ((*p == ':') || (*p == ',') || (*p == '.')) {
-#else
-			if ((*p == os_toascii[':']) || (*p == os_toascii[',']) || (*p == os_toascii['.'])) {
-#endif
-				p++;
-				if(*p) type = p;
-				break;
-			}
-#ifndef CHARSET_EBCDIC
-		if (*p == '+')
-#else
-		if (*p == os_toascii['+'])
-#endif
-			{
-			p++;
-			mval = -1;
-			}
-		else
-			mval = 0;
-		if (!X509_NAME_add_entry_by_txt(subj,type, chtype,
-				(unsigned char *) v->value,-1,-1,mval)) return 0;
-
-		}
-
-		if (!X509_NAME_entry_count(subj))
-			{
-			BIO_printf(bio_err,"error, no objects specified in config file\n");
-			return 0;
-			}
-		if (attribs)
-			{
-			for (i = 0; i < sk_CONF_VALUE_num(attr_sk); i++)
-				{
-				v=sk_CONF_VALUE_value(attr_sk,i);
-				if(!X509_REQ_add1_attr_by_txt(req, v->name, chtype,
-					(unsigned char *)v->value, -1)) return 0;
-				}
-			}
-	return 1;
-	}
-
-
-static int add_DN_object(X509_NAME *n, char *text, const char *def, char *value,
-	     int nid, int n_min, int n_max, unsigned long chtype, int mval)
-	{
-	int i,ret=0;
-	MS_STATIC char buf[1024];
-start:
-	if (!batch) BIO_printf(bio_err,"%s [%s]:",text,def);
-	(void)BIO_flush(bio_err);
-	if(value != NULL)
-		{
-		BUF_strlcpy(buf,value,sizeof buf);
-		BUF_strlcat(buf,"\n",sizeof buf);
-		BIO_printf(bio_err,"%s\n",value);
-		}
-	else
-		{
-		buf[0]='\0';
-		if (!batch)
-			{
-			if (!fgets(buf,sizeof buf,stdin))
-				return 0;
-			}
-		else
-			{
-			buf[0] = '\n';
-			buf[1] = '\0';
-			}
-		}
-
-	if (buf[0] == '\0') return(0);
-	else if (buf[0] == '\n')
-		{
-		if ((def == NULL) || (def[0] == '\0'))
-			return(1);
-		BUF_strlcpy(buf,def,sizeof buf);
-		BUF_strlcat(buf,"\n",sizeof buf);
-		}
-	else if ((buf[0] == '.') && (buf[1] == '\n')) return(1);
-
-	i=strlen(buf);
-	if (buf[i-1] != '\n')
-		{
-		BIO_printf(bio_err,"weird input :-(\n");
-		return(0);
-		}
-	buf[--i]='\0';
-#ifdef CHARSET_EBCDIC
-	ebcdic2ascii(buf, buf, i);
-#endif
-	if(!req_check_len(i, n_min, n_max)) goto start;
-	if (!X509_NAME_add_entry_by_NID(n,nid, chtype,
-				(unsigned char *) buf, -1,-1,mval)) goto err;
-	ret=1;
-err:
-	return(ret);
-	}
-
-static int add_attribute_object(X509_REQ *req, char *text, const char *def,
-				char *value, int nid, int n_min,
-				int n_max, unsigned long chtype)
-	{
-	int i;
-	static char buf[1024];
-
-start:
-	if (!batch) BIO_printf(bio_err,"%s [%s]:",text,def);
-	(void)BIO_flush(bio_err);
-	if (value != NULL)
-		{
-		BUF_strlcpy(buf,value,sizeof buf);
-		BUF_strlcat(buf,"\n",sizeof buf);
-		BIO_printf(bio_err,"%s\n",value);
-		}
-	else
-		{
-		buf[0]='\0';
-		if (!batch)
-			{
-			if (!fgets(buf,sizeof buf,stdin))
-				return 0;
-			}
-		else
-			{
-			buf[0] = '\n';
-			buf[1] = '\0';
-			}
-		}
-
-	if (buf[0] == '\0') return(0);
-	else if (buf[0] == '\n')
-		{
-		if ((def == NULL) || (def[0] == '\0'))
-			return(1);
-		BUF_strlcpy(buf,def,sizeof buf);
-		BUF_strlcat(buf,"\n",sizeof buf);
-		}
-	else if ((buf[0] == '.') && (buf[1] == '\n')) return(1);
-
-	i=strlen(buf);
-	if (buf[i-1] != '\n')
-		{
-		BIO_printf(bio_err,"weird input :-(\n");
-		return(0);
-		}
-	buf[--i]='\0';
-#ifdef CHARSET_EBCDIC
-	ebcdic2ascii(buf, buf, i);
-#endif
-	if(!req_check_len(i, n_min, n_max)) goto start;
-
-	if(!X509_REQ_add1_attr_by_NID(req, nid, chtype,
-					(unsigned char *)buf, -1)) {
-		BIO_printf(bio_err, "Error adding attribute\n");
-		ERR_print_errors(bio_err);
-		goto err;
-	}
-
-	return(1);
-err:
-	return(0);
-	}
-
-static int req_check_len(int len, int n_min, int n_max)
-	{
-	if ((n_min > 0) && (len < n_min))
-		{
-		BIO_printf(bio_err,"string is too short, it needs to be at least %d bytes long\n",n_min);
-		return(0);
-		}
-	if ((n_max >= 0) && (len > n_max))
-		{
-		BIO_printf(bio_err,"string is too long, it needs to be less than  %d bytes long\n",n_max);
-		return(0);
-		}
-	return(1);
-	}
-
-/* Check if the end of a string matches 'end' */
-static int check_end(const char *str, const char *end)
-{
-	int elen, slen;	
-	const char *tmp;
-	elen = strlen(end);
-	slen = strlen(str);
-	if(elen > slen) return 1;
-	tmp = str + slen - elen;
-	return strcmp(tmp, end);
-}
-
-static EVP_PKEY_CTX *set_keygen_ctx(BIO *err, const char *gstr, int *pkey_type,
-					long *pkeylen, char **palgnam,
-					ENGINE *keygen_engine)
-	{
-	EVP_PKEY_CTX *gctx = NULL;
-	EVP_PKEY *param = NULL;
-	long keylen = -1;
-	BIO *pbio = NULL;
-	const char *paramfile = NULL;
-
-	if (gstr == NULL)
-		{
-		*pkey_type = EVP_PKEY_RSA;
-		keylen = *pkeylen;
-		}
-	else if (gstr[0] >= '0' && gstr[0] <= '9')
-		{
-		*pkey_type = EVP_PKEY_RSA;
-		keylen = atol(gstr);
-		*pkeylen = keylen;
-		}
-	else if (!strncmp(gstr, "param:", 6))
-		paramfile = gstr + 6;
-	else
-		{
-		const char *p = strchr(gstr, ':');
-		int len;
-		ENGINE *tmpeng;
-		const EVP_PKEY_ASN1_METHOD *ameth;
-
-		if (p)
-			len = p - gstr;
-		else
-			len = strlen(gstr);
-		/* The lookup of a the string will cover all engines so
-		 * keep a note of the implementation.
-		 */
-
-		ameth = EVP_PKEY_asn1_find_str(&tmpeng, gstr, len);
-
-		if (!ameth)
-			{
-			BIO_printf(err, "Unknown algorithm %.*s\n", len, gstr);
-			return NULL;
-			}
-
-		EVP_PKEY_asn1_get0_info(NULL, pkey_type, NULL, NULL, NULL,
-									ameth);
-#ifndef OPENSSL_NO_ENGINE
-		if (tmpeng)
-			ENGINE_finish(tmpeng);
-#endif
-		if (*pkey_type == EVP_PKEY_RSA)
-			{
-			if (p)
-				{
-				keylen = atol(p + 1);
-				*pkeylen = keylen;
-				}
-			}
-		else if (p)
-			paramfile = p + 1;
-		}
-
-	if (paramfile)
-		{
-		pbio = BIO_new_file(paramfile, "r");
-		if (!pbio)
-			{
-			BIO_printf(err, "Can't open parameter file %s\n",
-					paramfile);
-			return NULL;
-			}
-		param = PEM_read_bio_Parameters(pbio, NULL);
-
-		if (!param)
-			{
-			X509 *x;
-			(void)BIO_reset(pbio);
-			x = PEM_read_bio_X509(pbio, NULL, NULL, NULL);
-			if (x)
-				{
-				param = X509_get_pubkey(x);
-				X509_free(x);
-				}
-			}
-
-		BIO_free(pbio);
-
-		if (!param)
-			{
-			BIO_printf(err, "Error reading parameter file %s\n",
-					paramfile);
-			return NULL;
-			}
-		if (*pkey_type == -1)
-			*pkey_type = EVP_PKEY_id(param);
-		else if (*pkey_type != EVP_PKEY_base_id(param))
-			{
-			BIO_printf(err, "Key Type does not match parameters\n");
-			EVP_PKEY_free(param);
-			return NULL;
-			}
-		}
-
-	if (palgnam)
-		{
-		const EVP_PKEY_ASN1_METHOD *ameth;
-		ENGINE *tmpeng;
-		const char *anam;
-		ameth = EVP_PKEY_asn1_find(&tmpeng, *pkey_type);
-		if (!ameth)
-			{
-			BIO_puts(err, "Internal error: can't find key algorithm\n");
-			return NULL;
-			}
-		EVP_PKEY_asn1_get0_info(NULL, NULL, NULL, NULL, &anam, ameth);
-		*palgnam = BUF_strdup(anam);
-#ifndef OPENSSL_NO_ENGINE
-		if (tmpeng)
-			ENGINE_finish(tmpeng);
-#endif
-		}
-
-	if (param)
-		{
-		gctx = EVP_PKEY_CTX_new(param, keygen_engine);
-		*pkeylen = EVP_PKEY_bits(param);
-		EVP_PKEY_free(param);
-		}
-	else
-		gctx = EVP_PKEY_CTX_new_id(*pkey_type, keygen_engine);
-
-	if (!gctx)
-		{
-		BIO_puts(err, "Error allocating keygen context\n");
-		ERR_print_errors(err);
-		return NULL;
-		}
-
-	if (EVP_PKEY_keygen_init(gctx) <= 0)
-		{
-		BIO_puts(err, "Error initializing keygen context\n");
-		ERR_print_errors(err);
-		return NULL;
-		}
-#ifndef OPENSSL_NO_RSA
-	if ((*pkey_type == EVP_PKEY_RSA) && (keylen != -1))
-		{
-		if (EVP_PKEY_CTX_set_rsa_keygen_bits(gctx, keylen) <= 0)
-			{
-			BIO_puts(err, "Error setting RSA keysize\n");
-			ERR_print_errors(err);
-			EVP_PKEY_CTX_free(gctx);
-			return NULL;
-			}
-		}
-#endif
-
-	return gctx;
-	}
-
-static int genpkey_cb(EVP_PKEY_CTX *ctx)
-	{
-	char c='*';
-	BIO *b = EVP_PKEY_CTX_get_app_data(ctx);
-	int p;
-	p = EVP_PKEY_CTX_get_keygen_info(ctx, 0);
-	if (p == 0) c='.';
-	if (p == 1) c='+';
-	if (p == 2) c='*';
-	if (p == 3) c='\n';
-	BIO_write(b,&c,1);
-	(void)BIO_flush(b);
-#ifdef LINT
-	p=n;
-#endif
-	return 1;
-	}
diff --git a/deps/openssl/openssl/apps/req.pem b/deps/openssl/openssl/apps/req.pem
deleted file mode 100644
index 5537df601df..00000000000
--- a/deps/openssl/openssl/apps/req.pem
+++ /dev/null
@@ -1,11 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIBlzCCAVcCAQAwXjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
-ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEXMBUGA1UEAxMORXJp
-YyB0aGUgWW91bmcwge8wgaYGBSsOAwIMMIGcAkEA+ZiKEvZmc9MtnaFZh4NiZ3oZ
-S4J1PHvPrm9MXj5ntVheDPkdmBDTncyaGAJcMjwsyB/GvLDGd6yGCw/8eF+09wIV
-AK3VagOxGd/Q4Af5NbxR5FB7CXEjAkA2t/q7HgVLi0KeKvcDG8BRl3wuy7bCvpjg
-tWiJc/tpvcuzeuAayH89UofjAGueKjXDADiRffvSdhrNw5dkqdqlA0QAAkEAtUSo
-84OekjitKGVjxLu0HvXck29pu+foad53vPKXAsuJdACj88BPqZ91Y9PIJf1GUh38
-CuiHWi7z3cEDfZCyCKAAMAkGBSsOAwIbBQADLwAwLAIUTg8amKVBE9oqC5B75dDQ
-Chy3LdQCFHKodGEj3LjuTzdm/RTe2KZL9Uzf
------END CERTIFICATE REQUEST-----
diff --git a/deps/openssl/openssl/apps/rsa.c b/deps/openssl/openssl/apps/rsa.c
deleted file mode 100644
index a17708fe9ca..00000000000
--- a/deps/openssl/openssl/apps/rsa.c
+++ /dev/null
@@ -1,450 +0,0 @@
-/* apps/rsa.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include 
-#ifndef OPENSSL_NO_RSA
-#include 
-#include 
-#include 
-#include 
-#include "apps.h"
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-
-#undef PROG
-#define PROG	rsa_main
-
-/* -inform arg	- input format - default PEM (one of DER, NET or PEM)
- * -outform arg - output format - default PEM
- * -in arg	- input file - default stdin
- * -out arg	- output file - default stdout
- * -des		- encrypt output if PEM format with DES in cbc mode
- * -des3	- encrypt output if PEM format
- * -idea	- encrypt output if PEM format
- * -seed	- encrypt output if PEM format
- * -aes128	- encrypt output if PEM format
- * -aes192	- encrypt output if PEM format
- * -aes256	- encrypt output if PEM format
- * -camellia128 - encrypt output if PEM format
- * -camellia192 - encrypt output if PEM format
- * -camellia256 - encrypt output if PEM format
- * -text	- print a text version
- * -modulus	- print the RSA key modulus
- * -check	- verify key consistency
- * -pubin	- Expect a public key in input file.
- * -pubout	- Output a public key.
- */
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	ENGINE *e = NULL;
-	int ret=1;
-	RSA *rsa=NULL;
-	int i,badops=0, sgckey=0;
-	const EVP_CIPHER *enc=NULL;
-	BIO *out=NULL;
-	int informat,outformat,text=0,check=0,noout=0;
-	int pubin = 0, pubout = 0;
-	char *infile,*outfile,*prog;
-	char *passargin = NULL, *passargout = NULL;
-	char *passin = NULL, *passout = NULL;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-	int modulus=0;
-
-	int pvk_encr = 2;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	infile=NULL;
-	outfile=NULL;
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
-
-	prog=argv[0];
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-passin") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passargin= *(++argv);
-			}
-		else if (strcmp(*argv,"-passout") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passargout= *(++argv);
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
-			}
-#endif
-		else if (strcmp(*argv,"-sgckey") == 0)
-			sgckey=1;
-		else if (strcmp(*argv,"-pubin") == 0)
-			pubin=1;
-		else if (strcmp(*argv,"-pubout") == 0)
-			pubout=1;
-		else if (strcmp(*argv,"-RSAPublicKey_in") == 0)
-			pubin = 2;
-		else if (strcmp(*argv,"-RSAPublicKey_out") == 0)
-			pubout = 2;
-		else if (strcmp(*argv,"-pvk-strong") == 0)
-			pvk_encr=2;
-		else if (strcmp(*argv,"-pvk-weak") == 0)
-			pvk_encr=1;
-		else if (strcmp(*argv,"-pvk-none") == 0)
-			pvk_encr=0;
-		else if (strcmp(*argv,"-noout") == 0)
-			noout=1;
-		else if (strcmp(*argv,"-text") == 0)
-			text=1;
-		else if (strcmp(*argv,"-modulus") == 0)
-			modulus=1;
-		else if (strcmp(*argv,"-check") == 0)
-			check=1;
-		else if ((enc=EVP_get_cipherbyname(&(argv[0][1]))) == NULL)
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options] outfile\n",prog);
-		BIO_printf(bio_err,"where options are\n");
-		BIO_printf(bio_err," -inform arg     input format - one of DER NET PEM\n");
-		BIO_printf(bio_err," -outform arg    output format - one of DER NET PEM\n");
-		BIO_printf(bio_err," -in arg         input file\n");
-		BIO_printf(bio_err," -sgckey         Use IIS SGC key format\n");
-		BIO_printf(bio_err," -passin arg     input file pass phrase source\n");
-		BIO_printf(bio_err," -out arg        output file\n");
-		BIO_printf(bio_err," -passout arg    output file pass phrase source\n");
-		BIO_printf(bio_err," -des            encrypt PEM output with cbc des\n");
-		BIO_printf(bio_err," -des3           encrypt PEM output with ede cbc des using 168 bit key\n");
-#ifndef OPENSSL_NO_IDEA
-		BIO_printf(bio_err," -idea           encrypt PEM output with cbc idea\n");
-#endif
-#ifndef OPENSSL_NO_SEED
-		BIO_printf(bio_err," -seed           encrypt PEM output with cbc seed\n");
-#endif
-#ifndef OPENSSL_NO_AES
-		BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
-		BIO_printf(bio_err,"                 encrypt PEM output with cbc aes\n");
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-		BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n");
-		BIO_printf(bio_err,"                 encrypt PEM output with cbc camellia\n");
-#endif
-		BIO_printf(bio_err," -text           print the key in text\n");
-		BIO_printf(bio_err," -noout          don't print key out\n");
-		BIO_printf(bio_err," -modulus        print the RSA key modulus\n");
-		BIO_printf(bio_err," -check          verify key consistency\n");
-		BIO_printf(bio_err," -pubin          expect a public key in input file\n");
-		BIO_printf(bio_err," -pubout         output a public key\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," -engine e       use engine e, possibly a hardware device.\n");
-#endif
-		goto end;
-		}
-
-	ERR_load_crypto_strings();
-
-#ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
-#endif
-
-	if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
-		BIO_printf(bio_err, "Error getting passwords\n");
-		goto end;
-	}
-
-	if(check && pubin) {
-		BIO_printf(bio_err, "Only private keys can be checked\n");
-		goto end;
-	}
-
-	out=BIO_new(BIO_s_file());
-
-	{
-		EVP_PKEY	*pkey;
-
-		if (pubin)
-			{
-			int tmpformat=-1;
-			if (pubin == 2)
-				{
-				if (informat == FORMAT_PEM)
-					tmpformat = FORMAT_PEMRSA;
-				else if (informat == FORMAT_ASN1)
-					tmpformat = FORMAT_ASN1RSA;
-				}
-			else if (informat == FORMAT_NETSCAPE && sgckey)
-				tmpformat = FORMAT_IISSGC;
-			else
-				tmpformat = informat;
-					
-			pkey = load_pubkey(bio_err, infile, tmpformat, 1,
-				passin, e, "Public Key");
-			}
-		else
-			pkey = load_key(bio_err, infile,
-				(informat == FORMAT_NETSCAPE && sgckey ?
-					FORMAT_IISSGC : informat), 1,
-				passin, e, "Private Key");
-
-		if (pkey != NULL)
-			rsa = EVP_PKEY_get1_RSA(pkey);
-		EVP_PKEY_free(pkey);
-	}
-
-	if (rsa == NULL)
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
-			perror(outfile);
-			goto end;
-			}
-		}
-
-	if (text) 
-		if (!RSA_print(out,rsa,0))
-			{
-			perror(outfile);
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-
-	if (modulus)
-		{
-		BIO_printf(out,"Modulus=");
-		BN_print(out,rsa->n);
-		BIO_printf(out,"\n");
-		}
-
-	if (check)
-		{
-		int r = RSA_check_key(rsa);
-
-		if (r == 1)
-			BIO_printf(out,"RSA key ok\n");
-		else if (r == 0)
-			{
-			unsigned long err;
-
-			while ((err = ERR_peek_error()) != 0 &&
-				ERR_GET_LIB(err) == ERR_LIB_RSA &&
-				ERR_GET_FUNC(err) == RSA_F_RSA_CHECK_KEY &&
-				ERR_GET_REASON(err) != ERR_R_MALLOC_FAILURE)
-				{
-				BIO_printf(out, "RSA key error: %s\n", ERR_reason_error_string(err));
-				ERR_get_error(); /* remove e from error stack */
-				}
-			}
-		
-		if (r == -1 || ERR_peek_error() != 0) /* should happen only if r == -1 */
-			{
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		}
-		
-	if (noout)
-		{
-		ret = 0;
-		goto end;
-		}
-	BIO_printf(bio_err,"writing RSA key\n");
-	if 	(outformat == FORMAT_ASN1) {
-		if(pubout || pubin) 
-			{
-			if (pubout == 2)
-				i=i2d_RSAPublicKey_bio(out,rsa);
-			else
-				i=i2d_RSA_PUBKEY_bio(out,rsa);
-			}
-		else i=i2d_RSAPrivateKey_bio(out,rsa);
-	}
-#ifndef OPENSSL_NO_RC4
-	else if (outformat == FORMAT_NETSCAPE)
-		{
-		unsigned char *p,*pp;
-		int size;
-
-		i=1;
-		size=i2d_RSA_NET(rsa,NULL,NULL, sgckey);
-		if ((p=(unsigned char *)OPENSSL_malloc(size)) == NULL)
-			{
-			BIO_printf(bio_err,"Memory allocation failure\n");
-			goto end;
-			}
-		pp=p;
-		i2d_RSA_NET(rsa,&p,NULL, sgckey);
-		BIO_write(out,(char *)pp,size);
-		OPENSSL_free(pp);
-		}
-#endif
-	else if (outformat == FORMAT_PEM) {
-		if(pubout || pubin)
-			{
-			if (pubout == 2)
-		    		i=PEM_write_bio_RSAPublicKey(out,rsa);
-			else
-		    		i=PEM_write_bio_RSA_PUBKEY(out,rsa);
-			}
-		else i=PEM_write_bio_RSAPrivateKey(out,rsa,
-						enc,NULL,0,NULL,passout);
-#if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
-	} else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) {
-		EVP_PKEY *pk;
-		pk = EVP_PKEY_new();
-		EVP_PKEY_set1_RSA(pk, rsa);
-		if (outformat == FORMAT_PVK)
-			i = i2b_PVK_bio(out, pk, pvk_encr, 0, passout);
-		else if (pubin || pubout)
-			i = i2b_PublicKey_bio(out, pk);
-		else
-			i = i2b_PrivateKey_bio(out, pk);
-		EVP_PKEY_free(pk);
-#endif
-	} else	{
-		BIO_printf(bio_err,"bad output format specified for outfile\n");
-		goto end;
-		}
-	if (i <= 0)
-		{
-		BIO_printf(bio_err,"unable to write key\n");
-		ERR_print_errors(bio_err);
-		}
-	else
-		ret=0;
-end:
-	if(out != NULL) BIO_free_all(out);
-	if(rsa != NULL) RSA_free(rsa);
-	if(passin) OPENSSL_free(passin);
-	if(passout) OPENSSL_free(passout);
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-#else /* !OPENSSL_NO_RSA */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/deps/openssl/openssl/apps/rsa8192.pem b/deps/openssl/openssl/apps/rsa8192.pem
deleted file mode 100644
index 946a6e5433c..00000000000
--- a/deps/openssl/openssl/apps/rsa8192.pem
+++ /dev/null
@@ -1,101 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-
-MIISKAIBAAKCBAEAiQ2f1X6Bte1DKD0OoCBKEikzPW+5w3oXk3WwnE97Wxzy6wJZ
-ebbZC3CZKKBnJeBMrysPf+lK+9+fP6Vm8bp1wvbcSIA59BDrX6irFSuM/bdnkbuF
-MFlDjt+uVrxwoyqfPi2IPot1HQg3l5mdyBqcTWvbOnU2L9HZxJfPUCjfzdTMPrMY
-55/A20XL7tlV2opEfwhy3uVlveQBM0DnZ3MUQfrk+lRRNWv7yE4ScbOfER9fjvOm
-yJc3ZbOa3e+AMGGU9OqJ/fyOl0SGYyP2k23omy/idBV4uOs8QWdnAvq8UOzDdua3
-tuf5Tn17XBurPJ8juwyPBNispkwwn8BjxAZVPhwUIcxFBg339IxJ9cW0WdVy4nNA
-LWo/8Ahlf+kZNnFNGCPFytU9gGMLMhab9w/rLrwa9qNe4L8Fmu1JxONn1WfhMOKE
-aFmycf2olJsYLgUIGYZrjnYu0p/7P3yhTOv8JIhmK+SzmA/I0xiQoF84rpaQzH2d
-PvxICOA9oQSowou0gLuBSZWm6LiXirg1DZCziU46v33ErQlWM1dSyNaUSzihcV59
-mVD0nmzboXH75lGiyiZlp8cLbozzoCwvk9rYqpUGSBzbAy0ECCpabGpzO2Ug+oDi
-71e5z4WMpeoR4IS8MaOG/GsJnwaXhiB/gNYfK+8pRADVk5StEAZDE2alSuCbDs0z
-d9zYr4/em5T9VZsLetxRE7pm/Es9yELuViz8/Tm0/8MVdmNYc/xZU1t6qYYFdyQ2
-wlGDTiNPsjR8yXCkmBjKwqnuleu1X6LaZu3VPhEkXGcyFAquQUkSiMv0Yu74qAe0
-bQ2v+jjZzP6AM9LUo89cW4Kd8SGD96BdNlAVPNMXoBcIOsZBwsOtETBd4KAyvkXE
-Ob17u+PLl4UPnSxm9ypKZunUNFRPxtKUyjySYnvlGL+kTjAXrIrZwKJqIn0uhnfa
-Ck3o7bU6yVMK22ODxy2/Vi3E0P6k5JLwnrF0VIOBqGhts66qo6mWDP8l6MZHARFd
-pU+nofssVmr8tLKmMmjYGMM5GmKIXRNBs0ksTwFnKRs9AmpE5owC8tTSVdTAkGuS
-os7QwLvyvNzq7BGJiVr0Iy3Dhsl1vzR35acNOrCsDl3DcCQONKJ2sVXV4pD3dBah
-mG3sR/jHgjasffJJ35uiGoAua9dbT7HG/+D0z1SHYaVqH8zO4VZSOnGJh/P9rtxx
-cckFDbiag/JMWig2lbnCjebTtp/BcUsK3TNaDOb7vb0LvbAeRJadd1EFu6PSlH3K
-LykSUPm4UedvUU3cWjqkSY5lITFJkVaIYOv/EljYtK7p7kFZFTaEwMAWxgsXU3pQ
-tTzVmq1gZ4vXPwcUq0zK50Frq0F7SQc21ZsunwIDAQABAoIEADuQAkDEpBausJsS
-PgL1RXuzECPJJJCBxTE+2qx0FoY4hJICCWTORHGmU8nGPE3Ht0wBiNDsULw6KXl9
-psmzYW6D3qRbpdQebky6fu/KZ5H0XTyGpJGomaXELH5hkwo2gdKB805LSXB+m7p0
-9o96kSdMkpBLVGtf5iZ8W4rY2LsZmlI9f7taQHSLVt/M8HTz1mTnBRU92QO3zZW6
-xVa+OrWaFl18u3ZeIaSh2X40tBK68cqstXVD0r2OWuXNKobcQeJW8/XABzBShZ0c
-ihL0lzyqiN4uXrLu+Nbr22b+FU2OODy6dGk3U6/69NvI4piMCPlHsfhHOnFjd1ZW
-RIVywyUlCtLNdcn11CchuRro+0J3c2Ba+i9Cl9r3qzT11xFEGF8/XLyUBBCB+uGf
-1dR/xJQhCA7cXWWLXyI/semxcvTaGpImP6kiIl1MAjHjXZTSdvyw4JmfXyYGhSjI
-P0mw3Xn7FXxJ/os9gOfNKz2nZHjr0q4sgWRYO+4vllkeL0GteZrg4oVaVpmZb7LH
-77afhodLylhijlEtV5skfkPujbBLQk6E5Ez3U/huEt2NLg6guADmwxMxfBRliZO4
-4Ex/td4cuggpEj3FGJV74qRvdvj/MF/uF7IxC/3WapPIsFBFH4zrJsUYt6u3L68I
-/KC/bfioDeUR/8ANw1DNh+UsnPV3GJIwDkIJKdppi2uXPahJyJQQ8Inps53nn8Gg
-GifS+HnOXNgMoKOJnZ9IDGjXpfjIs8dJNrGfDHF0mH30N2WARq2v/a3cNUC+f8Bq
-HSKQ9YrZopktMunsut8u7ZYbTmjIqJpXCaM0CCrSlzSMTDHFSj2tzLk6+qnxeGxB
-ZwIdShbdeK+0ETG91lE1e9RPQs/uXQP9+uCHJV0YpqQcA6pkCLYJfYpoSMu/Bafy
-AgfVZz6l5tyEnV0wCcbopsQShc1k9xtTbYNF1h9AQHknj6zeDW4iZMvmVeh3RovT
-52OA2R8oLyauF+QaG6x2wUjEx13SJlaBarJZ4seZIOJ+a8+oNzKsbgokXc2cyC9p
-5FAZz1OsOb68o93qD1Xvl7bY97fq2q55L7G1XHPPLtZE5lGiLGDtnAuwY8UPrdpr
-7Mv2yIxB7xVGurXyHb5PvusR88XED6HMPfLBG/55ENHTal7G5mRix+IWSBAIkxA5
-KZ0j8r5Ng4+wELZhqFQai39799bIAyiV6CEz4kyDXlo0kSSexp8o4iz5sPq5vp6h
-cCb7rdRw7uRnbXrHmXahxoB+ibXaurgV/6B2yurrU/UFoxEp2sHp8LXZGfF6ztY1
-dMhSQAACK2vGy5yNagbkTHLgVaHicG5zavJBqzCE+lbPlCqhOUQPdOIwvjHNjdS/
-DL3WV/ECggIBAMbW65wPk/i43nSyeZeYwcHtR1SUJqDXavYfBPC0VRhKz+7DVMFw
-Nwnocn6gITABc445W1yl7U3uww+LGuDlSlFnd8WuiXpVYud9/jeNu6Mu4wvNsnWr
-f4f4ua8CcS03GmqmcbROD2Z6by1AblCZ2UL1kv9cUX1FLVjPP1ESAGKoePt3BmZQ
-J1uJfK8HilNT8dcUlj/5CBi2uHxttDhoG0sxXE/SVsG9OD/Pjme0mj7gdzc6Ztd+
-TALuvpNQR4pRzfo5XWDZBcEYntcEE3PxYJB1+vnZ8509ew5/yLHTbLjFxIcx71zY
-fhH0gM36Sz7mz37r0+E/QkRkc5bVIDC4LDnWmjpAde6QUx0d218ShNx6sJo4kt5c
-Dd7tEVx8nuX8AIZYgwsOb382anLyFRkkmEdK3gRvwQ6SWR36Ez5L7/mHWODpLAX5
-mVBKSG4/ccFbc633/g0xHw0Nwajir/klckdakuYPlwF0yAxJSKDLhmNctDhRmxjC
-YP+fISkl5oTvFRzJH6HEyNu8M3ybRvmpPIjM5J5JpnB2IYbohYBR+T6/97C1DKrd
-mzL5PjlrWm0c1/d7LlDoP65fOShDMmj2zCiBAHHOM0Alokx+v5LmMd8NJumZIwGJ
-Rt5OpeMOhowz6j1AjYxYgV7PmJL6Ovpfb775od/aLaUbbwHz2uWIvfF7AoICAQCw
-c7NaO7oJVLJClhYw6OCvjT6oqtgNVWaennnDiJgzY9lv5HEgV0MAG0eYuB3hvj+w
-Y1P9DJxP1D+R+cshYrAFg8yU/3kaYVNI0Bl3ygX0eW1b/0HZTdocs+8kM/9PZQDR
-WrKQoU5lHvqRt99dXlD4NWGI2YQtzdZ8iet9QLqnjwRZabgE96mF01qKisMnFcsh
-KjT7ieheU4J15TZj/mdZRNK126d7e3q/rNj73e5EJ9tkYLcolSr4gpknUMJULSEi
-JH1/Qx7C/mTAMRsN5SkOthnGq0djCNWfPv/3JV0H67Uf5krFlnwLebrgfTYoPPdo
-yO7iBUNJzv6Qh22malLp4P8gzACkD7DGlSTnoB5cLwcjmDGg+i9WrUBbOiVTeQfZ
-kOj1o+Tz35ndpq/DDUVlqliB9krcxva+QHeJPH53EGI+YVg1nD+s/vUDZ3mQMGX9
-DQou2L8uU6RnWNv/BihGcL8QvS4Ty6QyPOUPpD3zc70JQAEcQk9BxQNaELgJX0IN
-22cYn22tYvElew9G41OpDqzBRcfbdJmKXQ2HcroShutYJQRGUpAXHk24fy6JVkIU
-ojF5U6cwextMja1ZIIZgh9eugIRUeIE7319nQNDzuXWjRCcoBLA25P7wnpHWDRpz
-D9ovXCIvdja74lL5psqobV6L5+fbLPkSgXoImKR0LQKCAgAIC9Jk8kxumCyIVGCP
-PeM5Uby9M3GMuKrfYsn0Y5e97+kSJF1dpojTodBgR2KQar6eVrvXt+8uZCcIjfx8
-dUrYmHNEUJfHl4T1ESgkX1vkcpVFeQFruZDjk7EP3+1sgvpSroGTZkVBRFsTXbQZ
-FuCv0Pgt1TKG+zGmklxhj3TsiRy8MEjWAxBUp++ftZJnZNI4feDGnfEx7tLwVhAg
-6DWSiWDO6hgQpvOLwX5lu+0x9itc1MQsnDO/OqIDnBAJDN5k7cVVkfKlqbVjxgpz
-eqUJs3yAd81f44kDQTCB4ahYocgeIGsrOqd/WoGL1EEPPo/O9wQP7VtlIRt8UwuG
-bS18+a4sBUfAa56xYu/pnPo7YcubsgZfcSIujzFQqMpVTClJRnOnEuJ4J1+PXzRz
-XAO9fs4VJ+CMEmgAyonUz4Xadxulnknlw//sO9VKgM69oFHCDHL/XamAAbqAdwvf
-7R/+uy+Ol7romC0wMhb6SsIZazrvvH2mNtduAKZ638nAP1x/WbQp+6iVG7yJok7w
-82Q7tO7baOePTXh12Rrt4mNPor0HLYxhra4GFgfqkumJ2Mz0esuZAozxJXFOq8ly
-beo9CVtXP5zbT6qNpeNismX6PLICaev8t+1iOZSE56WSLtefuuj/cOVrTMNDz1Rr
-pUkEVV2zjUSjlcScM538A9iL2QKCAgBLbBk0r6T0ihRsK9UucMxhnYEz/Vq+UEu9
-70Vi1AciqEJv9nh4d3Q3HnH7EHANZxG4Jqzm1DYYVUQa9GfkTFeq88xFv/GW2hUM
-YY8RSfRDrIeXNEOETCe37x2AHw25dRXlZtw+wARPau91y9+Y/FCl18NqCHfcUEin
-ERjsf/eI2bPlODAlR2tZvZ7M60VBdqpN8cmV3zvI3e88z43xLfQlDyr1+v7a5Evy
-lEJnXlSTI2o+vKxtl103vjMSwA1gh63K90gBVsJWXQDZueOzi8mB9UqNRfcMmOEe
-4YHttTXPxeu0x+4cCRfam9zKShsVFgI28vRQ/ijl6qmbQ5gV8wqf18GV1j1L4z0P
-lP6iVynDA4MMrug/w9DqPsHsfK0pwekeETfSj4y0xVXyjWZBfHG2ZBrS6mDTf+RG
-LC4sJgR0hjdILLnUqIX7PzuhieBHRrjBcopwvcryVWRHnI7kslAS0+yHjiWc5oW3
-x5mtlum4HzelNYuD9cAE/95P6CeSMfp9CyIE/KSX4VvsRm6gQVkoQRKMxnQIFQ3w
-O5gl1l88vhjoo2HxYScgCp70BsDwiUNTqIR3NM+ZBHYFweVf3Gwz5LzHZT2rEZtD
-6VXRP75Q/2wOLnqCO4bK4BUs6sqxcQZmOldruPkPynrY0oPfHHExjxZDvQu4/r80
-Ls3n0L8yvQKCAgEAnYWS6EikwaQNpJEfiUnOlglgFz4EE1eVkrDbBY4J3oPU+doz
-DrqmsvgpSZIAfd2MUbkN4pOMsMTjbeIYWDnZDa1RoctKs3FhwFPHwAjQpznab4mn
-Bp81FMHM40qyb0NaNuFRwghdXvoQvBBX1p8oEnFzDRvTiuS/vTPTA8KDY8IeRp8R
-oGzKHpfziNwq/URpqj7pwi9odNjGZvR2IwYw9jCLPIqaEbMoSOdI0mg4MoYyqP4q
-nm7d4wqSDwrYxiXZ6f3nYpkhEY1lb0Wbksp1ig8sKSF4nDZRGK1RSfE+6gjBp94H
-X/Wog6Zb6NC9ZpusTiDLvuIUXcyUJvmHiWjSNqiTv8jurlwEsgSwhziEQfqLrtdV
-QI3PRMolBkD1iCk+HFE53r05LMf1bp3r4MS+naaQrLbIrl1kgDNGwVdgS+SCM7Bg
-TwEgE67iOb2iIoUpon/NyP4LesMzvdpsu2JFlfz13PmmQ34mFI7tWvOb3NA5DP3c
-46C6SaWI0TD9B11nJbHGTYN3Si9n0EBgoDJEXUKeh3km9O47dgvkSug4WzhYsvrE
-rMlMLtKfp2w8HlMZpsUlToNCx6CI+tJrohzcs3BAVAbjFAXRKWGijB1rxwyDdHPv
-I+/wJTNaRNPQ1M0SwtEL/zJd21y3KSPn4eL+GP3efhlDSjtlDvZqkdAUsU8=
------END RSA PRIVATE KEY-----
-
diff --git a/deps/openssl/openssl/apps/rsautl.c b/deps/openssl/openssl/apps/rsautl.c
deleted file mode 100644
index b01f004eb3f..00000000000
--- a/deps/openssl/openssl/apps/rsautl.c
+++ /dev/null
@@ -1,351 +0,0 @@
-/* rsautl.c */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include 
-#ifndef OPENSSL_NO_RSA
-
-#include "apps.h"
-#include 
-#include 
-#include 
-#include 
-
-#define RSA_SIGN 	1
-#define RSA_VERIFY 	2
-#define RSA_ENCRYPT 	3
-#define RSA_DECRYPT 	4
-
-#define KEY_PRIVKEY	1
-#define KEY_PUBKEY	2
-#define KEY_CERT	3
-
-static void usage(void);
-
-#undef PROG
-
-#define PROG rsautl_main
-
-int MAIN(int argc, char **);
-
-int MAIN(int argc, char **argv)
-{
-	ENGINE *e = NULL;
-	BIO *in = NULL, *out = NULL;
-	char *infile = NULL, *outfile = NULL;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine = NULL;
-#endif
-	char *keyfile = NULL;
-	char rsa_mode = RSA_VERIFY, key_type = KEY_PRIVKEY;
-	int keyform = FORMAT_PEM;
-	char need_priv = 0, badarg = 0, rev = 0;
-	char hexdump = 0, asn1parse = 0;
-	X509 *x;
-	EVP_PKEY *pkey = NULL;
-	RSA *rsa = NULL;
-	unsigned char *rsa_in = NULL, *rsa_out = NULL, pad;
-	char *passargin = NULL, *passin = NULL;
-	int rsa_inlen, rsa_outlen = 0;
-	int keysize;
-
-	int ret = 1;
-
-	argc--;
-	argv++;
-
-	if(!bio_err) bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-	ERR_load_crypto_strings();
-	OpenSSL_add_all_algorithms();
-	pad = RSA_PKCS1_PADDING;
-	
-	while(argc >= 1)
-	{
-		if (!strcmp(*argv,"-in")) {
-			if (--argc < 1)
-				badarg = 1;
-			else
-				infile= *(++argv);
-		} else if (!strcmp(*argv,"-out")) {
-			if (--argc < 1)
-				badarg = 1;
-			else
-				outfile= *(++argv);
-		} else if(!strcmp(*argv, "-inkey")) {
-			if (--argc < 1)
-				badarg = 1;
-			else
-				keyfile = *(++argv);
-		} else if (!strcmp(*argv,"-passin")) {
-			if (--argc < 1)
-				badarg = 1;
-			else
-				passargin= *(++argv);
-		} else if (strcmp(*argv,"-keyform") == 0) {
-			if (--argc < 1)
-				badarg = 1;
-			else
-				keyform=str2fmt(*(++argv));
-#ifndef OPENSSL_NO_ENGINE
-		} else if(!strcmp(*argv, "-engine")) {
-			if (--argc < 1)
-				badarg = 1;
-			else
-				engine = *(++argv);
-#endif
-		} else if(!strcmp(*argv, "-pubin")) {
-			key_type = KEY_PUBKEY;
-		} else if(!strcmp(*argv, "-certin")) {
-			key_type = KEY_CERT;
-		} 
-		else if(!strcmp(*argv, "-asn1parse")) asn1parse = 1;
-		else if(!strcmp(*argv, "-hexdump")) hexdump = 1;
-		else if(!strcmp(*argv, "-raw")) pad = RSA_NO_PADDING;
-		else if(!strcmp(*argv, "-oaep")) pad = RSA_PKCS1_OAEP_PADDING;
-		else if(!strcmp(*argv, "-ssl")) pad = RSA_SSLV23_PADDING;
-		else if(!strcmp(*argv, "-pkcs")) pad = RSA_PKCS1_PADDING;
-		else if(!strcmp(*argv, "-x931")) pad = RSA_X931_PADDING;
-		else if(!strcmp(*argv, "-sign")) {
-			rsa_mode = RSA_SIGN;
-			need_priv = 1;
-		} else if(!strcmp(*argv, "-verify")) rsa_mode = RSA_VERIFY;
-		else if(!strcmp(*argv, "-rev")) rev = 1;
-		else if(!strcmp(*argv, "-encrypt")) rsa_mode = RSA_ENCRYPT;
-		else if(!strcmp(*argv, "-decrypt")) {
-			rsa_mode = RSA_DECRYPT;
-			need_priv = 1;
-		} else badarg = 1;
-		if(badarg) {
-			usage();
-			goto end;
-		}
-		argc--;
-		argv++;
-	}
-
-	if(need_priv && (key_type != KEY_PRIVKEY)) {
-		BIO_printf(bio_err, "A private key is needed for this operation\n");
-		goto end;
-	}
-
-#ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
-#endif
-	if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
-		BIO_printf(bio_err, "Error getting password\n");
-		goto end;
-	}
-
-/* FIXME: seed PRNG only if needed */
-	app_RAND_load_file(NULL, bio_err, 0);
-	
-	switch(key_type) {
-		case KEY_PRIVKEY:
-		pkey = load_key(bio_err, keyfile, keyform, 0,
-			passin, e, "Private Key");
-		break;
-
-		case KEY_PUBKEY:
-		pkey = load_pubkey(bio_err, keyfile, keyform, 0,
-			NULL, e, "Public Key");
-		break;
-
-		case KEY_CERT:
-		x = load_cert(bio_err, keyfile, keyform,
-			NULL, e, "Certificate");
-		if(x) {
-			pkey = X509_get_pubkey(x);
-			X509_free(x);
-		}
-		break;
-	}
-
-	if(!pkey) {
-		return 1;
-	}
-
-	rsa = EVP_PKEY_get1_RSA(pkey);
-	EVP_PKEY_free(pkey);
-
-	if(!rsa) {
-		BIO_printf(bio_err, "Error getting RSA key\n");
-		ERR_print_errors(bio_err);
-		goto end;
-	}
-
-
-	if(infile) {
-		if(!(in = BIO_new_file(infile, "rb"))) {
-			BIO_printf(bio_err, "Error Reading Input File\n");
-			ERR_print_errors(bio_err);	
-			goto end;
-		}
-	} else in = BIO_new_fp(stdin, BIO_NOCLOSE);
-
-	if(outfile) {
-		if(!(out = BIO_new_file(outfile, "wb"))) {
-			BIO_printf(bio_err, "Error Reading Output File\n");
-			ERR_print_errors(bio_err);	
-			goto end;
-		}
-	} else {
-		out = BIO_new_fp(stdout, BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		    BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		    out = BIO_push(tmpbio, out);
-		}
-#endif
-	}
-
-	keysize = RSA_size(rsa);
-
-	rsa_in = OPENSSL_malloc(keysize * 2);
-	rsa_out = OPENSSL_malloc(keysize);
-
-	/* Read the input data */
-	rsa_inlen = BIO_read(in, rsa_in, keysize * 2);
-	if(rsa_inlen <= 0) {
-		BIO_printf(bio_err, "Error reading input Data\n");
-		exit(1);
-	}
-	if(rev) {
-		int i;
-		unsigned char ctmp;
-		for(i = 0; i < rsa_inlen/2; i++) {
-			ctmp = rsa_in[i];
-			rsa_in[i] = rsa_in[rsa_inlen - 1 - i];
-			rsa_in[rsa_inlen - 1 - i] = ctmp;
-		}
-	}
-	switch(rsa_mode) {
-
-		case RSA_VERIFY:
-			rsa_outlen  = RSA_public_decrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
-		break;
-
-		case RSA_SIGN:
-			rsa_outlen  = RSA_private_encrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
-		break;
-
-		case RSA_ENCRYPT:
-			rsa_outlen  = RSA_public_encrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
-		break;
-
-		case RSA_DECRYPT:
-			rsa_outlen  = RSA_private_decrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
-		break;
-
-	}
-
-	if(rsa_outlen <= 0) {
-		BIO_printf(bio_err, "RSA operation error\n");
-		ERR_print_errors(bio_err);
-		goto end;
-	}
-	ret = 0;
-	if(asn1parse) {
-		if(!ASN1_parse_dump(out, rsa_out, rsa_outlen, 1, -1)) {
-			ERR_print_errors(bio_err);
-		}
-	} else if(hexdump) BIO_dump(out, (char *)rsa_out, rsa_outlen);
-	else BIO_write(out, rsa_out, rsa_outlen);
-	end:
-	RSA_free(rsa);
-	BIO_free(in);
-	BIO_free_all(out);
-	if(rsa_in) OPENSSL_free(rsa_in);
-	if(rsa_out) OPENSSL_free(rsa_out);
-	if(passin) OPENSSL_free(passin);
-	return ret;
-}
-
-static void usage()
-{
-	BIO_printf(bio_err, "Usage: rsautl [options]\n");
-	BIO_printf(bio_err, "-in file        input file\n");
-	BIO_printf(bio_err, "-out file       output file\n");
-	BIO_printf(bio_err, "-inkey file     input key\n");
-	BIO_printf(bio_err, "-keyform arg    private key format - default PEM\n");
-	BIO_printf(bio_err, "-pubin          input is an RSA public\n");
-	BIO_printf(bio_err, "-certin         input is a certificate carrying an RSA public key\n");
-	BIO_printf(bio_err, "-ssl            use SSL v2 padding\n");
-	BIO_printf(bio_err, "-raw            use no padding\n");
-	BIO_printf(bio_err, "-pkcs           use PKCS#1 v1.5 padding (default)\n");
-	BIO_printf(bio_err, "-oaep           use PKCS#1 OAEP\n");
-	BIO_printf(bio_err, "-sign           sign with private key\n");
-	BIO_printf(bio_err, "-verify         verify with public key\n");
-	BIO_printf(bio_err, "-encrypt        encrypt with public key\n");
-	BIO_printf(bio_err, "-decrypt        decrypt with private key\n");
-	BIO_printf(bio_err, "-hexdump        hex dump output\n");
-#ifndef OPENSSL_NO_ENGINE
-	BIO_printf(bio_err, "-engine e       use engine e, possibly a hardware device.\n");
-	BIO_printf (bio_err, "-passin arg    pass phrase source\n");
-#endif
-
-}
-
-#else /* !OPENSSL_NO_RSA */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/deps/openssl/openssl/apps/s1024key.pem b/deps/openssl/openssl/apps/s1024key.pem
deleted file mode 100644
index 19e04035724..00000000000
--- a/deps/openssl/openssl/apps/s1024key.pem
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXgIBAAKBgQCzEfU8E+ZGTGtHXV5XhvM2Lg32fXUIjydXb34BGVPX6oN7+aNV
-S9eWayvW/+9/vUb0aCqilJrpFesgItV2T8VhhjOE++XUz46uNpcMU7wHMEAXUufP
-pztpFm8ZEk2tFKvadkSSoN8lb11juvZVkSkPlB65pFhSe4QKSp6J4HrkYwIDAQAB
-AoGBAKy8jvb0Lzby8q11yNLf7+78wCVdYi7ugMHcYA1JVFK8+zb1WfSm44FLQo/0
-dSChAjgz36TTexeLODPYxleJndjVcOMVzsLJjSM8dLpXsTS4FCeMbhw2s2u+xqKY
-bbPWfk+HOTyJjfnkcC5Nbg44eOmruq0gSmBeUXVM5UntlTnxAkEA7TGCA3h7kx5E
-Bl4zl2pc3gPAGt+dyfk5Po9mGJUUXhF5p2zueGmYWW74TmOWB1kzt4QRdYMzFePq
-zfDNXEa1CwJBAMFErdY0xp0UJ13WwBbUTk8rujqQdHtjw0klhpbuKkjxu2hN0wwM
-6p0D9qxF7JHaghqVRI0fAW/EE0OzdHMR9QkCQQDNR26dMFXKsoPu+vItljj/UEGf
-QG7gERiQ4yxaFBPHgdpGo0kT31eh9x9hQGDkxTe0GNG/YSgCRvm8+C3TMcKXAkBD
-dhGn36wkUFCddMSAM4NSJ1VN8/Z0y5HzCmI8dM3VwGtGMUQlxKxwOl30LEQzdS5M
-0SWojNYXiT2gOBfBwtbhAkEAhafl5QEOIgUz+XazS/IlZ8goNKdDVfYgK3mHHjvv
-nY5G+AuGebdNkXJr4KSWxDcN+C2i47zuj4QXA16MAOandA==
------END RSA PRIVATE KEY-----
diff --git a/deps/openssl/openssl/apps/s1024req.pem b/deps/openssl/openssl/apps/s1024req.pem
deleted file mode 100644
index bb75e7eeb7e..00000000000
--- a/deps/openssl/openssl/apps/s1024req.pem
+++ /dev/null
@@ -1,11 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIBojCCAQsCAQAwZDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQx
-GjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMSQwIgYDVQQDExtTZXJ2ZXIgdGVz
-dCBjZXJ0ICgxMDI0IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALMR
-9TwT5kZMa0ddXleG8zYuDfZ9dQiPJ1dvfgEZU9fqg3v5o1VL15ZrK9b/73+9RvRo
-KqKUmukV6yAi1XZPxWGGM4T75dTPjq42lwxTvAcwQBdS58+nO2kWbxkSTa0Uq9p2
-RJKg3yVvXWO69lWRKQ+UHrmkWFJ7hApKnongeuRjAgMBAAEwDQYJKoZIhvcNAQEE
-BQADgYEAStHlk4pBbwiNeQ2/PKTPPXzITYC8Gn0XMbrU94e/6JIKiO7aArq9Espq
-nrBSvC14dHcNl6NNvnkEKdQ7hAkcACfBbnOXA/oQvMBd4GD78cH3k0jVDoVUEjil
-frLfWlckW6WzpTktt0ZPDdAjJCmKVh0ABHimi7Bo9FC3wIGIe5M=
------END CERTIFICATE REQUEST-----
diff --git a/deps/openssl/openssl/apps/s512-key.pem b/deps/openssl/openssl/apps/s512-key.pem
deleted file mode 100644
index 0e3ff2d373a..00000000000
--- a/deps/openssl/openssl/apps/s512-key.pem
+++ /dev/null
@@ -1,9 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIBPAIBAAJBAJ+zw4Qnlf8SMVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVD
-TGiXav6ooKXfX3j/7tdkuD8Ey2//Kv7+ue0CAwEAAQJAN6W31vDEP2DjdqhzCDDu
-OA4NACqoiFqyblo7yc2tM4h4xMbC3Yx5UKMN9ZkCtX0gzrz6DyF47bdKcWBzNWCj
-gQIhANEoojVt7hq+SQ6MCN6FTAysGgQf56Q3TYoJMoWvdiXVAiEAw3e3rc+VJpOz
-rHuDo6bgpjUAAXM+v3fcpsfZSNO6V7kCIQCtbVjanpUwvZkMI9by02oUk9taki3b
-PzPfAfNPYAbCJQIhAJXNQDWyqwn/lGmR11cqY2y9nZ1+5w3yHGatLrcDnQHxAiEA
-vnlEGo8K85u+KwIOimM48ZG8oTk7iFdkqLJR1utT3aU=
------END RSA PRIVATE KEY-----
diff --git a/deps/openssl/openssl/apps/s512-req.pem b/deps/openssl/openssl/apps/s512-req.pem
deleted file mode 100644
index ea314be5550..00000000000
--- a/deps/openssl/openssl/apps/s512-req.pem
+++ /dev/null
@@ -1,8 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIBGzCBxgIBADBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEa
-MBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGlNlcnZlciB0ZXN0
-IGNlcnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJ+zw4Qnlf8S
-MVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVDTGiXav6ooKXfX3j/7tdkuD8E
-y2//Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAANBAAB+uQi+qwn6qRSHB8EUTvsm
-5TNTHzYDeN39nyIbZNX2s0se3Srn2Bxft5YCwD3moFZ9QoyDHxE0h6qLX5yjD+8=
------END CERTIFICATE REQUEST-----
diff --git a/deps/openssl/openssl/apps/s_apps.h b/deps/openssl/openssl/apps/s_apps.h
deleted file mode 100644
index 820e5c58155..00000000000
--- a/deps/openssl/openssl/apps/s_apps.h
+++ /dev/null
@@ -1,176 +0,0 @@
-/* apps/s_apps.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#if !defined(OPENSSL_SYS_NETWARE)  /* conflicts with winsock2 stuff on netware */
-#include 
-#endif
-#include 
-
-#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS)
-#include 
-#endif
-
-#if defined(OPENSSL_SYS_MSDOS) && !defined(_WIN32)
-#define _kbhit kbhit
-#endif
-
-#if defined(OPENSSL_SYS_VMS) && !defined(FD_SET)
-/* VAX C does not defined fd_set and friends, but it's actually quite simple */
-/* These definitions are borrowed from SOCKETSHR.	/Richard Levitte */
-#define MAX_NOFILE	32
-#define	NBBY		 8		/* number of bits in a byte	*/
-
-#ifndef	FD_SETSIZE
-#define	FD_SETSIZE	MAX_NOFILE
-#endif	/* FD_SETSIZE */
-
-/* How many things we'll allow select to use. 0 if unlimited */
-#define MAXSELFD	MAX_NOFILE
-typedef int	fd_mask;	/* int here! VMS prototypes int, not long */
-#define NFDBITS	(sizeof(fd_mask) * NBBY)	/* bits per mask (power of 2!)*/
-#define NFDSHIFT 5				/* Shift based on above */
-
-typedef fd_mask fd_set;
-#define	FD_SET(n, p)	(*(p) |= (1 << ((n) % NFDBITS)))
-#define	FD_CLR(n, p)	(*(p) &= ~(1 << ((n) % NFDBITS)))
-#define	FD_ISSET(n, p)	(*(p) & (1 << ((n) % NFDBITS)))
-#define FD_ZERO(p)	memset((char *)(p), 0, sizeof(*(p)))
-#endif
-
-#define PORT            4433
-#define PORT_STR        "4433"
-#define PROTOCOL        "tcp"
-
-int do_server(int port, int type, int *ret, int (*cb) (char *hostname, int s, unsigned char *context), unsigned char *context);
-#ifdef HEADER_X509_H
-int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
-#endif
-#ifdef HEADER_SSL_H
-int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file);
-int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key);
-#endif
-int init_client(int *sock, char *server, int port, int type);
-int should_retry(int i);
-int extract_port(char *str, short *port_ptr);
-int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p);
-
-long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
-				   int argi, long argl, long ret);
-
-#ifdef HEADER_SSL_H
-void MS_CALLBACK apps_ssl_info_callback(const SSL *s, int where, int ret);
-void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg);
-void MS_CALLBACK tlsext_cb(SSL *s, int client_server, int type,
-					unsigned char *data, int len,
-					void *arg);
-#endif
-
-int MS_CALLBACK generate_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len);
-int MS_CALLBACK verify_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned int cookie_len);
diff --git a/deps/openssl/openssl/apps/s_cb.c b/deps/openssl/openssl/apps/s_cb.c
deleted file mode 100644
index c4f55122477..00000000000
--- a/deps/openssl/openssl/apps/s_cb.c
+++ /dev/null
@@ -1,862 +0,0 @@
-/* apps/s_cb.c - callback functions used by s_client, s_server, and s_time */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include 
-#include 
-#define USE_SOCKETS
-#define NON_MAIN
-#include "apps.h"
-#undef NON_MAIN
-#undef USE_SOCKETS
-#include 
-#include 
-#include 
-#include 
-#include "s_apps.h"
-
-#define	COOKIE_SECRET_LENGTH	16
-
-int verify_depth=0;
-int verify_error=X509_V_OK;
-int verify_return_error=0;
-unsigned char cookie_secret[COOKIE_SECRET_LENGTH];
-int cookie_initialized=0;
-
-int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
-	{
-	X509 *err_cert;
-	int err,depth;
-
-	err_cert=X509_STORE_CTX_get_current_cert(ctx);
-	err=	X509_STORE_CTX_get_error(ctx);
-	depth=	X509_STORE_CTX_get_error_depth(ctx);
-
-	BIO_printf(bio_err,"depth=%d ",depth);
-	if (err_cert)
-		{
-		X509_NAME_print_ex(bio_err, X509_get_subject_name(err_cert),
-					0, XN_FLAG_ONELINE);
-		BIO_puts(bio_err, "\n");
-		}
-	else
-		BIO_puts(bio_err, "\n");
-	if (!ok)
-		{
-		BIO_printf(bio_err,"verify error:num=%d:%s\n",err,
-			X509_verify_cert_error_string(err));
-		if (verify_depth >= depth)
-			{
-			if (!verify_return_error)
-				ok=1;
-			verify_error=X509_V_OK;
-			}
-		else
-			{
-			ok=0;
-			verify_error=X509_V_ERR_CERT_CHAIN_TOO_LONG;
-			}
-		}
-	switch (err)
-		{
-	case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
-		BIO_puts(bio_err,"issuer= ");
-		X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert),
-					0, XN_FLAG_ONELINE);
-		BIO_puts(bio_err, "\n");
-		break;
-	case X509_V_ERR_CERT_NOT_YET_VALID:
-	case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
-		BIO_printf(bio_err,"notBefore=");
-		ASN1_TIME_print(bio_err,X509_get_notBefore(err_cert));
-		BIO_printf(bio_err,"\n");
-		break;
-	case X509_V_ERR_CERT_HAS_EXPIRED:
-	case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
-		BIO_printf(bio_err,"notAfter=");
-		ASN1_TIME_print(bio_err,X509_get_notAfter(err_cert));
-		BIO_printf(bio_err,"\n");
-		break;
-	case X509_V_ERR_NO_EXPLICIT_POLICY:
-		policies_print(bio_err, ctx);
-		break;
-		}
-	if (err == X509_V_OK && ok == 2)
-		policies_print(bio_err, ctx);
-
-	BIO_printf(bio_err,"verify return:%d\n",ok);
-	return(ok);
-	}
-
-int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file)
-	{
-	if (cert_file != NULL)
-		{
-		/*
-		SSL *ssl;
-		X509 *x509;
-		*/
-
-		if (SSL_CTX_use_certificate_file(ctx,cert_file,
-			SSL_FILETYPE_PEM) <= 0)
-			{
-			BIO_printf(bio_err,"unable to get certificate from '%s'\n",cert_file);
-			ERR_print_errors(bio_err);
-			return(0);
-			}
-		if (key_file == NULL) key_file=cert_file;
-		if (SSL_CTX_use_PrivateKey_file(ctx,key_file,
-			SSL_FILETYPE_PEM) <= 0)
-			{
-			BIO_printf(bio_err,"unable to get private key from '%s'\n",key_file);
-			ERR_print_errors(bio_err);
-			return(0);
-			}
-
-		/*
-		In theory this is no longer needed 
-		ssl=SSL_new(ctx);
-		x509=SSL_get_certificate(ssl);
-
-		if (x509 != NULL) {
-			EVP_PKEY *pktmp;
-			pktmp = X509_get_pubkey(x509);
-			EVP_PKEY_copy_parameters(pktmp,
-						SSL_get_privatekey(ssl));
-			EVP_PKEY_free(pktmp);
-		}
-		SSL_free(ssl);
-		*/
-
-		/* If we are using DSA, we can copy the parameters from
-		 * the private key */
-		
-		
-		/* Now we know that a key and cert have been set against
-		 * the SSL context */
-		if (!SSL_CTX_check_private_key(ctx))
-			{
-			BIO_printf(bio_err,"Private key does not match the certificate public key\n");
-			return(0);
-			}
-		}
-	return(1);
-	}
-
-int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key)
-	{
-	if (cert ==  NULL)
-		return 1;
-	if (SSL_CTX_use_certificate(ctx,cert) <= 0)
-		{
-		BIO_printf(bio_err,"error setting certificate\n");
-		ERR_print_errors(bio_err);
-		return 0;
-		}
-	if (SSL_CTX_use_PrivateKey(ctx,key) <= 0)
-		{
-		BIO_printf(bio_err,"error setting private key\n");
-		ERR_print_errors(bio_err);
-		return 0;
-		}
-
-		
-		/* Now we know that a key and cert have been set against
-		 * the SSL context */
-	if (!SSL_CTX_check_private_key(ctx))
-		{
-		BIO_printf(bio_err,"Private key does not match the certificate public key\n");
-		return 0;
-		}
-	return 1;
-	}
-
-long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
-				   int argi, long argl, long ret)
-	{
-	BIO *out;
-
-	out=(BIO *)BIO_get_callback_arg(bio);
-	if (out == NULL) return(ret);
-
-	if (cmd == (BIO_CB_READ|BIO_CB_RETURN))
-		{
-		BIO_printf(out,"read from %p [%p] (%lu bytes => %ld (0x%lX))\n",
- 			(void *)bio,argp,(unsigned long)argi,ret,ret);
-		BIO_dump(out,argp,(int)ret);
-		return(ret);
-		}
-	else if (cmd == (BIO_CB_WRITE|BIO_CB_RETURN))
-		{
-		BIO_printf(out,"write to %p [%p] (%lu bytes => %ld (0x%lX))\n",
-			(void *)bio,argp,(unsigned long)argi,ret,ret);
-		BIO_dump(out,argp,(int)ret);
-		}
-	return(ret);
-	}
-
-void MS_CALLBACK apps_ssl_info_callback(const SSL *s, int where, int ret)
-	{
-	const char *str;
-	int w;
-
-	w=where& ~SSL_ST_MASK;
-
-	if (w & SSL_ST_CONNECT) str="SSL_connect";
-	else if (w & SSL_ST_ACCEPT) str="SSL_accept";
-	else str="undefined";
-
-	if (where & SSL_CB_LOOP)
-		{
-		BIO_printf(bio_err,"%s:%s\n",str,SSL_state_string_long(s));
-		}
-	else if (where & SSL_CB_ALERT)
-		{
-		str=(where & SSL_CB_READ)?"read":"write";
-		BIO_printf(bio_err,"SSL3 alert %s:%s:%s\n",
-			str,
-			SSL_alert_type_string_long(ret),
-			SSL_alert_desc_string_long(ret));
-		}
-	else if (where & SSL_CB_EXIT)
-		{
-		if (ret == 0)
-			BIO_printf(bio_err,"%s:failed in %s\n",
-				str,SSL_state_string_long(s));
-		else if (ret < 0)
-			{
-			BIO_printf(bio_err,"%s:error in %s\n",
-				str,SSL_state_string_long(s));
-			}
-		}
-	}
-
-
-void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg)
-	{
-	BIO *bio = arg;
-	const char *str_write_p, *str_version, *str_content_type = "", *str_details1 = "", *str_details2= "";
-	
-	str_write_p = write_p ? ">>>" : "<<<";
-
-	switch (version)
-		{
-	case SSL2_VERSION:
-		str_version = "SSL 2.0";
-		break;
-	case SSL3_VERSION:
-		str_version = "SSL 3.0 ";
-		break;
-	case TLS1_VERSION:
-		str_version = "TLS 1.0 ";
-		break;
-	case DTLS1_VERSION:
-		str_version = "DTLS 1.0 ";
-		break;
-	case DTLS1_BAD_VER:
-		str_version = "DTLS 1.0 (bad) ";
-		break;
-	default:
-		str_version = "???";
-		}
-
-	if (version == SSL2_VERSION)
-		{
-		str_details1 = "???";
-
-		if (len > 0)
-			{
-			switch (((const unsigned char*)buf)[0])
-				{
-				case 0:
-					str_details1 = ", ERROR:";
-					str_details2 = " ???";
-					if (len >= 3)
-						{
-						unsigned err = (((const unsigned char*)buf)[1]<<8) + ((const unsigned char*)buf)[2];
-						
-						switch (err)
-							{
-						case 0x0001:
-							str_details2 = " NO-CIPHER-ERROR";
-							break;
-						case 0x0002:
-							str_details2 = " NO-CERTIFICATE-ERROR";
-							break;
-						case 0x0004:
-							str_details2 = " BAD-CERTIFICATE-ERROR";
-							break;
-						case 0x0006:
-							str_details2 = " UNSUPPORTED-CERTIFICATE-TYPE-ERROR";
-							break;
-							}
-						}
-
-					break;
-				case 1:
-					str_details1 = ", CLIENT-HELLO";
-					break;
-				case 2:
-					str_details1 = ", CLIENT-MASTER-KEY";
-					break;
-				case 3:
-					str_details1 = ", CLIENT-FINISHED";
-					break;
-				case 4:
-					str_details1 = ", SERVER-HELLO";
-					break;
-				case 5:
-					str_details1 = ", SERVER-VERIFY";
-					break;
-				case 6:
-					str_details1 = ", SERVER-FINISHED";
-					break;
-				case 7:
-					str_details1 = ", REQUEST-CERTIFICATE";
-					break;
-				case 8:
-					str_details1 = ", CLIENT-CERTIFICATE";
-					break;
-				}
-			}
-		}
-
-	if (version == SSL3_VERSION ||
-	    version == TLS1_VERSION ||
-	    version == DTLS1_VERSION ||
-	    version == DTLS1_BAD_VER)
-		{
-		switch (content_type)
-			{
-		case 20:
-			str_content_type = "ChangeCipherSpec";
-			break;
-		case 21:
-			str_content_type = "Alert";
-			break;
-		case 22:
-			str_content_type = "Handshake";
-			break;
-			}
-
-		if (content_type == 21) /* Alert */
-			{
-			str_details1 = ", ???";
-			
-			if (len == 2)
-				{
-				switch (((const unsigned char*)buf)[0])
-					{
-				case 1:
-					str_details1 = ", warning";
-					break;
-				case 2:
-					str_details1 = ", fatal";
-					break;
-					}
-
-				str_details2 = " ???";
-				switch (((const unsigned char*)buf)[1])
-					{
-				case 0:
-					str_details2 = " close_notify";
-					break;
-				case 10:
-					str_details2 = " unexpected_message";
-					break;
-				case 20:
-					str_details2 = " bad_record_mac";
-					break;
-				case 21:
-					str_details2 = " decryption_failed";
-					break;
-				case 22:
-					str_details2 = " record_overflow";
-					break;
-				case 30:
-					str_details2 = " decompression_failure";
-					break;
-				case 40:
-					str_details2 = " handshake_failure";
-					break;
-				case 42:
-					str_details2 = " bad_certificate";
-					break;
-				case 43:
-					str_details2 = " unsupported_certificate";
-					break;
-				case 44:
-					str_details2 = " certificate_revoked";
-					break;
-				case 45:
-					str_details2 = " certificate_expired";
-					break;
-				case 46:
-					str_details2 = " certificate_unknown";
-					break;
-				case 47:
-					str_details2 = " illegal_parameter";
-					break;
-				case 48:
-					str_details2 = " unknown_ca";
-					break;
-				case 49:
-					str_details2 = " access_denied";
-					break;
-				case 50:
-					str_details2 = " decode_error";
-					break;
-				case 51:
-					str_details2 = " decrypt_error";
-					break;
-				case 60:
-					str_details2 = " export_restriction";
-					break;
-				case 70:
-					str_details2 = " protocol_version";
-					break;
-				case 71:
-					str_details2 = " insufficient_security";
-					break;
-				case 80:
-					str_details2 = " internal_error";
-					break;
-				case 90:
-					str_details2 = " user_canceled";
-					break;
-				case 100:
-					str_details2 = " no_renegotiation";
-					break;
-				case 110:
-					str_details2 = " unsupported_extension";
-					break;
-				case 111:
-					str_details2 = " certificate_unobtainable";
-					break;
-				case 112:
-					str_details2 = " unrecognized_name";
-					break;
-				case 113:
-					str_details2 = " bad_certificate_status_response";
-					break;
-				case 114:
-					str_details2 = " bad_certificate_hash_value";
-					break;
-					}
-				}
-			}
-		
-		if (content_type == 22) /* Handshake */
-			{
-			str_details1 = "???";
-
-			if (len > 0)
-				{
-				switch (((const unsigned char*)buf)[0])
-					{
-				case 0:
-					str_details1 = ", HelloRequest";
-					break;
-				case 1:
-					str_details1 = ", ClientHello";
-					break;
-				case 2:
-					str_details1 = ", ServerHello";
-					break;
-				case 3:
-					str_details1 = ", HelloVerifyRequest";
-					break;
-				case 11:
-					str_details1 = ", Certificate";
-					break;
-				case 12:
-					str_details1 = ", ServerKeyExchange";
-					break;
-				case 13:
-					str_details1 = ", CertificateRequest";
-					break;
-				case 14:
-					str_details1 = ", ServerHelloDone";
-					break;
-				case 15:
-					str_details1 = ", CertificateVerify";
-					break;
-				case 16:
-					str_details1 = ", ClientKeyExchange";
-					break;
-				case 20:
-					str_details1 = ", Finished";
-					break;
-					}
-				}
-			}
-		}
-
-	BIO_printf(bio, "%s %s%s [length %04lx]%s%s\n", str_write_p, str_version, str_content_type, (unsigned long)len, str_details1, str_details2);
-
-	if (len > 0)
-		{
-		size_t num, i;
-		
-		BIO_printf(bio, "   ");
-		num = len;
-#if 0
-		if (num > 16)
-			num = 16;
-#endif
-		for (i = 0; i < num; i++)
-			{
-			if (i % 16 == 0 && i > 0)
-				BIO_printf(bio, "\n   ");
-			BIO_printf(bio, " %02x", ((const unsigned char*)buf)[i]);
-			}
-		if (i < len)
-			BIO_printf(bio, " ...");
-		BIO_printf(bio, "\n");
-		}
-	(void)BIO_flush(bio);
-	}
-
-void MS_CALLBACK tlsext_cb(SSL *s, int client_server, int type,
-					unsigned char *data, int len,
-					void *arg)
-	{
-	BIO *bio = arg;
-	char *extname;
-
-	switch(type)
-		{
-		case TLSEXT_TYPE_server_name:
-		extname = "server name";
-		break;
-
-		case TLSEXT_TYPE_max_fragment_length:
-		extname = "max fragment length";
-		break;
-
-		case TLSEXT_TYPE_client_certificate_url:
-		extname = "client certificate URL";
-		break;
-
-		case TLSEXT_TYPE_trusted_ca_keys:
-		extname = "trusted CA keys";
-		break;
-
-		case TLSEXT_TYPE_truncated_hmac:
-		extname = "truncated HMAC";
-		break;
-
-		case TLSEXT_TYPE_status_request:
-		extname = "status request";
-		break;
-
-		case TLSEXT_TYPE_elliptic_curves:
-		extname = "elliptic curves";
-		break;
-
-		case TLSEXT_TYPE_ec_point_formats:
-		extname = "EC point formats";
-		break;
-
-		case TLSEXT_TYPE_session_ticket:
-		extname = "server ticket";
-		break;
-
-		case TLSEXT_TYPE_renegotiate:
-		extname = "renegotiate";
-		break;
-
-#ifdef TLSEXT_TYPE_opaque_prf_input
-		case TLSEXT_TYPE_opaque_prf_input:
-		extname = "opaque PRF input";
-		break;
-#endif
-
-		default:
-		extname = "unknown";
-		break;
-
-		}
-	
-	BIO_printf(bio, "TLS %s extension \"%s\" (id=%d), len=%d\n",
-			client_server ? "server": "client",
-			extname, type, len);
-	BIO_dump(bio, (char *)data, len);
-	(void)BIO_flush(bio);
-	}
-
-int MS_CALLBACK generate_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len)
-	{
-	unsigned char *buffer, result[EVP_MAX_MD_SIZE];
-	unsigned int length, resultlength;
-	union {
-		struct sockaddr sa;
-		struct sockaddr_in s4;
-#if OPENSSL_USE_IPV6
-		struct sockaddr_in6 s6;
-#endif
-	} peer;
-
-	/* Initialize a random secret */
-	if (!cookie_initialized)
-		{
-		if (!RAND_bytes(cookie_secret, COOKIE_SECRET_LENGTH))
-			{
-			BIO_printf(bio_err,"error setting random cookie secret\n");
-			return 0;
-			}
-		cookie_initialized = 1;
-		}
-
-	/* Read peer information */
-	(void)BIO_dgram_get_peer(SSL_get_rbio(ssl), &peer);
-
-	/* Create buffer with peer's address and port */
-	length = 0;
-	switch (peer.sa.sa_family)
-		{
-	case AF_INET:
-		length += sizeof(struct in_addr);
-		length += sizeof(peer.s4.sin_port);
-		break;
-#if OPENSSL_USE_IPV6
-	case AF_INET6:
-		length += sizeof(struct in6_addr);
-		length += sizeof(peer.s6.sin6_port);
-		break;
-#endif
-	default:
-		OPENSSL_assert(0);
-		break;
-		}
-	buffer = OPENSSL_malloc(length);
-
-	if (buffer == NULL)
-		{
-		BIO_printf(bio_err,"out of memory\n");
-		return 0;
-		}
-
-	switch (peer.sa.sa_family)
-		{
-	case AF_INET:
-		memcpy(buffer,
-		       &peer.s4.sin_port,
-		       sizeof(peer.s4.sin_port));
-		memcpy(buffer + sizeof(peer.s4.sin_port),
-		       &peer.s4.sin_addr,
-		       sizeof(struct in_addr));
-		break;
-#if OPENSSL_USE_IPV6
-	case AF_INET6:
-		memcpy(buffer,
-		       &peer.s6.sin6_port,
-		       sizeof(peer.s6.sin6_port));
-		memcpy(buffer + sizeof(peer.s6.sin6_port),
-		       &peer.s6.sin6_addr,
-		       sizeof(struct in6_addr));
-		break;
-#endif
-	default:
-		OPENSSL_assert(0);
-		break;
-		}
-
-	/* Calculate HMAC of buffer using the secret */
-	HMAC(EVP_sha1(), cookie_secret, COOKIE_SECRET_LENGTH,
-	     buffer, length, result, &resultlength);
-	OPENSSL_free(buffer);
-
-	memcpy(cookie, result, resultlength);
-	*cookie_len = resultlength;
-
-	return 1;
-	}
-
-int MS_CALLBACK verify_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned int cookie_len)
-	{
-	unsigned char *buffer, result[EVP_MAX_MD_SIZE];
-	unsigned int length, resultlength;
-	union {
-		struct sockaddr sa;
-		struct sockaddr_in s4;
-#if OPENSSL_USE_IPV6
-		struct sockaddr_in6 s6;
-#endif
-	} peer;
-
-	/* If secret isn't initialized yet, the cookie can't be valid */
-	if (!cookie_initialized)
-		return 0;
-
-	/* Read peer information */
-	(void)BIO_dgram_get_peer(SSL_get_rbio(ssl), &peer);
-
-	/* Create buffer with peer's address and port */
-	length = 0;
-	switch (peer.sa.sa_family)
-		{
-	case AF_INET:
-		length += sizeof(struct in_addr);
-		length += sizeof(peer.s4.sin_port);
-		break;
-#if OPENSSL_USE_IPV6
-	case AF_INET6:
-		length += sizeof(struct in6_addr);
-		length += sizeof(peer.s6.sin6_port);
-		break;
-#endif
-	default:
-		OPENSSL_assert(0);
-		break;
-		}
-	buffer = OPENSSL_malloc(length);
-	
-	if (buffer == NULL)
-		{
-		BIO_printf(bio_err,"out of memory\n");
-		return 0;
-		}
-
-	switch (peer.sa.sa_family)
-		{
-	case AF_INET:
-		memcpy(buffer,
-		       &peer.s4.sin_port,
-		       sizeof(peer.s4.sin_port));
-		memcpy(buffer + sizeof(peer.s4.sin_port),
-		       &peer.s4.sin_addr,
-		       sizeof(struct in_addr));
-		break;
-#if OPENSSL_USE_IPV6
-	case AF_INET6:
-		memcpy(buffer,
-		       &peer.s6.sin6_port,
-		       sizeof(peer.s6.sin6_port));
-		memcpy(buffer + sizeof(peer.s6.sin6_port),
-		       &peer.s6.sin6_addr,
-		       sizeof(struct in6_addr));
-		break;
-#endif
-	default:
-		OPENSSL_assert(0);
-		break;
-		}
-
-	/* Calculate HMAC of buffer using the secret */
-	HMAC(EVP_sha1(), cookie_secret, COOKIE_SECRET_LENGTH,
-	     buffer, length, result, &resultlength);
-	OPENSSL_free(buffer);
-
-	if (cookie_len == resultlength && memcmp(result, cookie, resultlength) == 0)
-		return 1;
-
-	return 0;
-	}
diff --git a/deps/openssl/openssl/apps/s_client.c b/deps/openssl/openssl/apps/s_client.c
deleted file mode 100644
index b951513d1cb..00000000000
--- a/deps/openssl/openssl/apps/s_client.c
+++ /dev/null
@@ -1,1873 +0,0 @@
-/* apps/s_client.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#ifdef OPENSSL_NO_STDIO
-#define APPS_WIN16
-#endif
-
-/* With IPv6, it looks like Digital has mixed up the proper order of
-   recursive header file inclusion, resulting in the compiler complaining
-   that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which
-   is needed to have fileno() declared correctly...  So let's define u_int */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT)
-#define __U_INT
-typedef unsigned int u_int;
-#endif
-
-#define USE_SOCKETS
-#include "apps.h"
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include "s_apps.h"
-#include "timeouts.h"
-
-#if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000)
-/* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
-#undef FIONBIO
-#endif
-
-#if defined(OPENSSL_SYS_BEOS_R5)
-#include 
-#endif
-
-#undef PROG
-#define PROG	s_client_main
-
-/*#define SSL_HOST_NAME	"www.netscape.com" */
-/*#define SSL_HOST_NAME	"193.118.187.102" */
-#define SSL_HOST_NAME	"localhost"
-
-/*#define TEST_CERT "client.pem" */ /* no default cert. */
-
-#undef BUFSIZZ
-#define BUFSIZZ 1024*8
-
-extern int verify_depth;
-extern int verify_error;
-extern int verify_return_error;
-
-#ifdef FIONBIO
-static int c_nbio=0;
-#endif
-static int c_Pause=0;
-static int c_debug=0;
-#ifndef OPENSSL_NO_TLSEXT
-static int c_tlsextdebug=0;
-static int c_status_req=0;
-#endif
-static int c_msg=0;
-static int c_showcerts=0;
-
-static void sc_usage(void);
-static void print_stuff(BIO *berr,SSL *con,int full);
-#ifndef OPENSSL_NO_TLSEXT
-static int ocsp_resp_cb(SSL *s, void *arg);
-#endif
-static BIO *bio_c_out=NULL;
-static int c_quiet=0;
-static int c_ign_eof=0;
-
-#ifndef OPENSSL_NO_PSK
-/* Default PSK identity and key */
-static char *psk_identity="Client_identity";
-/*char *psk_key=NULL;  by default PSK is not used */
-
-static unsigned int psk_client_cb(SSL *ssl, const char *hint, char *identity,
-	unsigned int max_identity_len, unsigned char *psk,
-	unsigned int max_psk_len)
-	{
-	unsigned int psk_len = 0;
-	int ret;
-        BIGNUM *bn=NULL;
-
-	if (c_debug)
-		BIO_printf(bio_c_out, "psk_client_cb\n");
-	if (!hint)
-                {
-                /* no ServerKeyExchange message*/
-		if (c_debug)
-			BIO_printf(bio_c_out,"NULL received PSK identity hint, continuing anyway\n");
-                }
-        else if (c_debug)
-		BIO_printf(bio_c_out, "Received PSK identity hint '%s'\n", hint);
-
-	/* lookup PSK identity and PSK key based on the given identity hint here */
-	ret = BIO_snprintf(identity, max_identity_len, "%s", psk_identity);
-	if (ret < 0 || (unsigned int)ret > max_identity_len)
-		goto out_err;
-	if (c_debug)
-		BIO_printf(bio_c_out, "created identity '%s' len=%d\n", identity, ret);
-        ret=BN_hex2bn(&bn, psk_key);
-        if (!ret)
-                {
-                BIO_printf(bio_err,"Could not convert PSK key '%s' to BIGNUM\n", psk_key);
-                if (bn)
-                        BN_free(bn);
-                return 0;
-                }
-
-        if ((unsigned int)BN_num_bytes(bn) > max_psk_len)
-                {
-                BIO_printf(bio_err,"psk buffer of callback is too small (%d) for key (%d)\n",
-                        max_psk_len, BN_num_bytes(bn));
-                BN_free(bn);
-                return 0;
-                }
-
-        psk_len=BN_bn2bin(bn, psk);
-        BN_free(bn);
-        if (psk_len == 0)
-                goto out_err;
-
-	if (c_debug)
-		BIO_printf(bio_c_out, "created PSK len=%d\n", psk_len);
-
-        return psk_len;
- out_err:
-	if (c_debug)
-		BIO_printf(bio_err, "Error in PSK client callback\n");
-        return 0;
-	}
-#endif
-
-static void sc_usage(void)
-	{
-	BIO_printf(bio_err,"usage: s_client args\n");
-	BIO_printf(bio_err,"\n");
-	BIO_printf(bio_err," -host host     - use -connect instead\n");
-	BIO_printf(bio_err," -port port     - use -connect instead\n");
-	BIO_printf(bio_err," -connect host:port - who to connect to (default is %s:%s)\n",SSL_HOST_NAME,PORT_STR);
-
-	BIO_printf(bio_err," -verify arg   - turn on peer certificate verification\n");
-	BIO_printf(bio_err," -cert arg     - certificate file to use, PEM format assumed\n");
-	BIO_printf(bio_err," -certform arg - certificate format (PEM or DER) PEM default\n");
-	BIO_printf(bio_err," -key arg      - Private key file to use, in cert file if\n");
-	BIO_printf(bio_err,"                 not specified but cert file is.\n");
-	BIO_printf(bio_err," -keyform arg  - key format (PEM or DER) PEM default\n");
-	BIO_printf(bio_err," -pass arg     - private key file pass phrase source\n");
-	BIO_printf(bio_err," -CApath arg   - PEM format directory of CA's\n");
-	BIO_printf(bio_err," -CAfile arg   - PEM format file of CA's\n");
-	BIO_printf(bio_err," -reconnect    - Drop and re-make the connection with the same Session-ID\n");
-	BIO_printf(bio_err," -pause        - sleep(1) after each read(2) and write(2) system call\n");
-	BIO_printf(bio_err," -showcerts    - show all certificates in the chain\n");
-	BIO_printf(bio_err," -debug        - extra output\n");
-#ifdef WATT32
-	BIO_printf(bio_err," -wdebug       - WATT-32 tcp debugging\n");
-#endif
-	BIO_printf(bio_err," -msg          - Show protocol messages\n");
-	BIO_printf(bio_err," -nbio_test    - more ssl protocol testing\n");
-	BIO_printf(bio_err," -state        - print the 'ssl' states\n");
-#ifdef FIONBIO
-	BIO_printf(bio_err," -nbio         - Run with non-blocking IO\n");
-#endif
-	BIO_printf(bio_err," -crlf         - convert LF from terminal into CRLF\n");
-	BIO_printf(bio_err," -quiet        - no s_client output\n");
-	BIO_printf(bio_err," -ign_eof      - ignore input eof (default when -quiet)\n");
-	BIO_printf(bio_err," -no_ign_eof   - don't ignore input eof\n");
-#ifndef OPENSSL_NO_PSK
-	BIO_printf(bio_err," -psk_identity arg - PSK identity\n");
-	BIO_printf(bio_err," -psk arg      - PSK in hex (without 0x)\n");
-# ifndef OPENSSL_NO_JPAKE
-	BIO_printf(bio_err," -jpake arg    - JPAKE secret to use\n");
-# endif
-#endif
-	BIO_printf(bio_err," -ssl2         - just use SSLv2\n");
-	BIO_printf(bio_err," -ssl3         - just use SSLv3\n");
-	BIO_printf(bio_err," -tls1         - just use TLSv1\n");
-	BIO_printf(bio_err," -dtls1        - just use DTLSv1\n");    
-	BIO_printf(bio_err," -mtu          - set the link layer MTU\n");
-	BIO_printf(bio_err," -no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n");
-	BIO_printf(bio_err," -bugs         - Switch on all SSL implementation bug workarounds\n");
-	BIO_printf(bio_err," -serverpref   - Use server's cipher preferences (only SSLv2)\n");
-	BIO_printf(bio_err," -cipher       - preferred cipher to use, use the 'openssl ciphers'\n");
-	BIO_printf(bio_err,"                 command to see what is available\n");
-	BIO_printf(bio_err," -starttls prot - use the STARTTLS command before starting TLS\n");
-	BIO_printf(bio_err,"                 for those protocols that support it, where\n");
-	BIO_printf(bio_err,"                 'prot' defines which one to assume.  Currently,\n");
-	BIO_printf(bio_err,"                 only \"smtp\", \"pop3\", \"imap\", \"ftp\" and \"xmpp\"\n");
-	BIO_printf(bio_err,"                 are supported.\n");
-#ifndef OPENSSL_NO_ENGINE
-	BIO_printf(bio_err," -engine id    - Initialise and use the specified engine\n");
-#endif
-	BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
-	BIO_printf(bio_err," -sess_out arg - file to write SSL session to\n");
-	BIO_printf(bio_err," -sess_in arg  - file to read SSL session from\n");
-#ifndef OPENSSL_NO_TLSEXT
-	BIO_printf(bio_err," -servername host  - Set TLS extension servername in ClientHello\n");
-	BIO_printf(bio_err," -tlsextdebug      - hex dump of all TLS extensions received\n");
-	BIO_printf(bio_err," -status           - request certificate status from server\n");
-	BIO_printf(bio_err," -no_ticket        - disable use of RFC4507bis session tickets\n");
-# ifndef OPENSSL_NO_NEXTPROTONEG
-	BIO_printf(bio_err," -nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)\n");
-# endif
-	BIO_printf(bio_err," -cutthrough       - enable 1-RTT full-handshake for strong ciphers\n");
-#endif
-	BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n");
-	}
-
-#ifndef OPENSSL_NO_TLSEXT
-
-/* This is a context that we pass to callbacks */
-typedef struct tlsextctx_st {
-   BIO * biodebug;
-   int ack;
-} tlsextctx;
-
-
-static int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg)
-	{
-	tlsextctx * p = (tlsextctx *) arg;
-	const char * hn= SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);
-	if (SSL_get_servername_type(s) != -1) 
- 	        p->ack = !SSL_session_reused(s) && hn != NULL;
-	else 
-		BIO_printf(bio_err,"Can't use SSL_get_servername\n");
-	
-	return SSL_TLSEXT_ERR_OK;
-	}
-
-# ifndef OPENSSL_NO_NEXTPROTONEG
-/* This the context that we pass to next_proto_cb */
-typedef struct tlsextnextprotoctx_st {
-	unsigned char *data;
-	unsigned short len;
-	int status;
-} tlsextnextprotoctx;
-
-static tlsextnextprotoctx next_proto;
-
-static int next_proto_cb(SSL *s, unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg)
-	{
-	tlsextnextprotoctx *ctx = arg;
-
-	if (!c_quiet)
-		{
-		/* We can assume that |in| is syntactically valid. */
-		unsigned i;
-		BIO_printf(bio_c_out, "Protocols advertised by server: ");
-		for (i = 0; i < inlen; )
-			{
-			if (i)
-				BIO_write(bio_c_out, ", ", 2);
-			BIO_write(bio_c_out, &in[i + 1], in[i]);
-			i += in[i] + 1;
-			}
-		BIO_write(bio_c_out, "\n", 1);
-		}
-
-	ctx->status = SSL_select_next_proto(out, outlen, in, inlen, ctx->data, ctx->len);
-	return SSL_TLSEXT_ERR_OK;
-	}
-# endif  /* ndef OPENSSL_NO_NEXTPROTONEG */
-#endif
-
-enum
-{
-	PROTO_OFF	= 0,
-	PROTO_SMTP,
-	PROTO_POP3,
-	PROTO_IMAP,
-	PROTO_FTP,
-	PROTO_XMPP
-};
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	unsigned int off=0, clr=0;
-	SSL *con=NULL;
-	int s,k,width,state=0;
-	char *cbuf=NULL,*sbuf=NULL,*mbuf=NULL;
-	int cbuf_len,cbuf_off;
-	int sbuf_len,sbuf_off;
-	fd_set readfds,writefds;
-	short port=PORT;
-	int full_log=1;
-	char *host=SSL_HOST_NAME;
-	char *cert_file=NULL,*key_file=NULL;
-	int cert_format = FORMAT_PEM, key_format = FORMAT_PEM;
-	char *passarg = NULL, *pass = NULL;
-	X509 *cert = NULL;
-	EVP_PKEY *key = NULL;
-	char *CApath=NULL,*CAfile=NULL,*cipher=NULL;
-	int reconnect=0,badop=0,verify=SSL_VERIFY_NONE,bugs=0;
-	int cutthrough=0;
-	int crlf=0;
-	int write_tty,read_tty,write_ssl,read_ssl,tty_on,ssl_pending;
-	SSL_CTX *ctx=NULL;
-	int ret=1,in_init=1,i,nbio_test=0;
-	int starttls_proto = PROTO_OFF;
-	int prexit = 0;
-	X509_VERIFY_PARAM *vpm = NULL;
-	int badarg = 0;
-	const SSL_METHOD *meth=NULL;
-	int socket_type=SOCK_STREAM;
-	BIO *sbio;
-	char *inrand=NULL;
-	int mbuf_len=0;
-	struct timeval timeout, *timeoutp;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine_id=NULL;
-	char *ssl_client_engine_id=NULL;
-	ENGINE *ssl_client_engine=NULL;
-#endif
-	ENGINE *e=NULL;
-#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5)
-	struct timeval tv;
-#if defined(OPENSSL_SYS_BEOS_R5)
-	int stdin_set = 0;
-#endif
-#endif
-#ifndef OPENSSL_NO_TLSEXT
-	char *servername = NULL; 
-        tlsextctx tlsextcbp = 
-        {NULL,0};
-# ifndef OPENSSL_NO_NEXTPROTONEG
-	const char *next_proto_neg_in = NULL;
-# endif
-#endif
-	char *sess_in = NULL;
-	char *sess_out = NULL;
-	struct sockaddr peer;
-	int peerlen = sizeof(peer);
-	int enable_timeouts = 0 ;
-	long socket_mtu = 0;
-#ifndef OPENSSL_NO_JPAKE
-	char *jpake_secret = NULL;
-#endif
-
-#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
-	meth=SSLv23_client_method();
-#elif !defined(OPENSSL_NO_SSL3)
-	meth=SSLv3_client_method();
-#elif !defined(OPENSSL_NO_SSL2)
-	meth=SSLv2_client_method();
-#endif
-
-	apps_startup();
-	c_Pause=0;
-	c_quiet=0;
-	c_ign_eof=0;
-	c_debug=0;
-	c_msg=0;
-	c_showcerts=0;
-
-	if (bio_err == NULL)
-		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	if (	((cbuf=OPENSSL_malloc(BUFSIZZ)) == NULL) ||
-		((sbuf=OPENSSL_malloc(BUFSIZZ)) == NULL) ||
-		((mbuf=OPENSSL_malloc(BUFSIZZ)) == NULL))
-		{
-		BIO_printf(bio_err,"out of memory\n");
-		goto end;
-		}
-
-	verify_depth=0;
-	verify_error=X509_V_OK;
-#ifdef FIONBIO
-	c_nbio=0;
-#endif
-
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if	(strcmp(*argv,"-host") == 0)
-			{
-			if (--argc < 1) goto bad;
-			host= *(++argv);
-			}
-		else if	(strcmp(*argv,"-port") == 0)
-			{
-			if (--argc < 1) goto bad;
-			port=atoi(*(++argv));
-			if (port == 0) goto bad;
-			}
-		else if (strcmp(*argv,"-connect") == 0)
-			{
-			if (--argc < 1) goto bad;
-			if (!extract_host_port(*(++argv),&host,NULL,&port))
-				goto bad;
-			}
-		else if	(strcmp(*argv,"-verify") == 0)
-			{
-			verify=SSL_VERIFY_PEER;
-			if (--argc < 1) goto bad;
-			verify_depth=atoi(*(++argv));
-			BIO_printf(bio_err,"verify depth is %d\n",verify_depth);
-			}
-		else if	(strcmp(*argv,"-cert") == 0)
-			{
-			if (--argc < 1) goto bad;
-			cert_file= *(++argv);
-			}
-		else if	(strcmp(*argv,"-sess_out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			sess_out = *(++argv);
-			}
-		else if	(strcmp(*argv,"-sess_in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			sess_in = *(++argv);
-			}
-		else if	(strcmp(*argv,"-certform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			cert_format = str2fmt(*(++argv));
-			}
-		else if (args_verify(&argv, &argc, &badarg, bio_err, &vpm))
-			{
-			if (badarg)
-				goto bad;
-			continue;
-			}
-		else if (strcmp(*argv,"-verify_return_error") == 0)
-			verify_return_error = 1;
-		else if	(strcmp(*argv,"-prexit") == 0)
-			prexit=1;
-		else if	(strcmp(*argv,"-crlf") == 0)
-			crlf=1;
-		else if	(strcmp(*argv,"-quiet") == 0)
-			{
-			c_quiet=1;
-			c_ign_eof=1;
-			}
-		else if	(strcmp(*argv,"-ign_eof") == 0)
-			c_ign_eof=1;
-		else if	(strcmp(*argv,"-no_ign_eof") == 0)
-			c_ign_eof=0;
-		else if	(strcmp(*argv,"-pause") == 0)
-			c_Pause=1;
-		else if	(strcmp(*argv,"-debug") == 0)
-			c_debug=1;
-#ifndef OPENSSL_NO_TLSEXT
-		else if	(strcmp(*argv,"-tlsextdebug") == 0)
-			c_tlsextdebug=1;
-		else if	(strcmp(*argv,"-status") == 0)
-			c_status_req=1;
-#endif
-#ifdef WATT32
-		else if (strcmp(*argv,"-wdebug") == 0)
-			dbug_init();
-#endif
-		else if	(strcmp(*argv,"-msg") == 0)
-			c_msg=1;
-		else if	(strcmp(*argv,"-showcerts") == 0)
-			c_showcerts=1;
-		else if	(strcmp(*argv,"-nbio_test") == 0)
-			nbio_test=1;
-		else if	(strcmp(*argv,"-state") == 0)
-			state=1;
-#ifndef OPENSSL_NO_PSK
-                else if (strcmp(*argv,"-psk_identity") == 0)
-			{
-			if (--argc < 1) goto bad;
-			psk_identity=*(++argv);
-			}
-                else if (strcmp(*argv,"-psk") == 0)
-			{
-                        size_t j;
-
-			if (--argc < 1) goto bad;
-			psk_key=*(++argv);
-			for (j = 0; j < strlen(psk_key); j++)
-                                {
-                                if (isxdigit((int)psk_key[j]))
-                                        continue;
-                                BIO_printf(bio_err,"Not a hex number '%s'\n",*argv);
-                                goto bad;
-                                }
-			}
-#endif
-#ifndef OPENSSL_NO_SSL2
-		else if	(strcmp(*argv,"-ssl2") == 0)
-			meth=SSLv2_client_method();
-#endif
-#ifndef OPENSSL_NO_SSL3
-		else if	(strcmp(*argv,"-ssl3") == 0)
-			meth=SSLv3_client_method();
-#endif
-#ifndef OPENSSL_NO_TLS1
-		else if	(strcmp(*argv,"-tls1") == 0)
-			meth=TLSv1_client_method();
-#endif
-#ifndef OPENSSL_NO_DTLS1
-		else if	(strcmp(*argv,"-dtls1") == 0)
-			{
-			meth=DTLSv1_client_method();
-			socket_type=SOCK_DGRAM;
-			}
-		else if (strcmp(*argv,"-timeout") == 0)
-			enable_timeouts=1;
-		else if (strcmp(*argv,"-mtu") == 0)
-			{
-			if (--argc < 1) goto bad;
-			socket_mtu = atol(*(++argv));
-			}
-#endif
-		else if (strcmp(*argv,"-bugs") == 0)
-			bugs=1;
-		else if	(strcmp(*argv,"-keyform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			key_format = str2fmt(*(++argv));
-			}
-		else if	(strcmp(*argv,"-pass") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passarg = *(++argv);
-			}
-		else if	(strcmp(*argv,"-key") == 0)
-			{
-			if (--argc < 1) goto bad;
-			key_file= *(++argv);
-			}
-		else if	(strcmp(*argv,"-reconnect") == 0)
-			{
-			reconnect=5;
-			}
-		else if	(strcmp(*argv,"-CApath") == 0)
-			{
-			if (--argc < 1) goto bad;
-			CApath= *(++argv);
-			}
-		else if	(strcmp(*argv,"-CAfile") == 0)
-			{
-			if (--argc < 1) goto bad;
-			CAfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-no_tls1") == 0)
-			off|=SSL_OP_NO_TLSv1;
-		else if (strcmp(*argv,"-no_ssl3") == 0)
-			off|=SSL_OP_NO_SSLv3;
-		else if (strcmp(*argv,"-no_ssl2") == 0)
-			off|=SSL_OP_NO_SSLv2;
-		else if	(strcmp(*argv,"-no_comp") == 0)
-			{ off|=SSL_OP_NO_COMPRESSION; }
-#ifndef OPENSSL_NO_TLSEXT
-		else if	(strcmp(*argv,"-no_ticket") == 0)
-			{ off|=SSL_OP_NO_TICKET; }
-# ifndef OPENSSL_NO_NEXTPROTONEG
-		else if (strcmp(*argv,"-nextprotoneg") == 0)
-			{
-			if (--argc < 1) goto bad;
-			next_proto_neg_in = *(++argv);
-			}
-# endif
-#endif
-		else if (strcmp(*argv,"-cutthrough") == 0)
-			cutthrough=1;
-		else if (strcmp(*argv,"-serverpref") == 0)
-			off|=SSL_OP_CIPHER_SERVER_PREFERENCE;
-		else if (strcmp(*argv,"-legacy_renegotiation") == 0)
-			off|=SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
-		else if	(strcmp(*argv,"-legacy_server_connect") == 0)
-			{ off|=SSL_OP_LEGACY_SERVER_CONNECT; }
-		else if	(strcmp(*argv,"-no_legacy_server_connect") == 0)
-			{ clr|=SSL_OP_LEGACY_SERVER_CONNECT; }
-		else if	(strcmp(*argv,"-cipher") == 0)
-			{
-			if (--argc < 1) goto bad;
-			cipher= *(++argv);
-			}
-#ifdef FIONBIO
-		else if (strcmp(*argv,"-nbio") == 0)
-			{ c_nbio=1; }
-#endif
-		else if	(strcmp(*argv,"-starttls") == 0)
-			{
-			if (--argc < 1) goto bad;
-			++argv;
-			if (strcmp(*argv,"smtp") == 0)
-				starttls_proto = PROTO_SMTP;
-			else if (strcmp(*argv,"pop3") == 0)
-				starttls_proto = PROTO_POP3;
-			else if (strcmp(*argv,"imap") == 0)
-				starttls_proto = PROTO_IMAP;
-			else if (strcmp(*argv,"ftp") == 0)
-				starttls_proto = PROTO_FTP;
-			else if (strcmp(*argv, "xmpp") == 0)
-				starttls_proto = PROTO_XMPP;
-			else
-				goto bad;
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if	(strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine_id = *(++argv);
-			}
-		else if	(strcmp(*argv,"-ssl_client_engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			ssl_client_engine_id = *(++argv);
-			}
-#endif
-		else if (strcmp(*argv,"-rand") == 0)
-			{
-			if (--argc < 1) goto bad;
-			inrand= *(++argv);
-			}
-#ifndef OPENSSL_NO_TLSEXT
-		else if (strcmp(*argv,"-servername") == 0)
-			{
-			if (--argc < 1) goto bad;
-			servername= *(++argv);
-			/* meth=TLSv1_client_method(); */
-			}
-#endif
-#ifndef OPENSSL_NO_JPAKE
-		else if (strcmp(*argv,"-jpake") == 0)
-			{
-			if (--argc < 1) goto bad;
-			jpake_secret = *++argv;
-			}
-#endif
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badop=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-	if (badop)
-		{
-bad:
-		sc_usage();
-		goto end;
-		}
-
-#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
-	if (jpake_secret)
-		{
-		if (psk_key)
-			{
-			BIO_printf(bio_err,
-				   "Can't use JPAKE and PSK together\n");
-			goto end;
-			}
-		psk_identity = "JPAKE";
-		}
-
-	if (cipher)
-		{
-		BIO_printf(bio_err, "JPAKE sets cipher to PSK\n");
-		goto end;
-		}
-	cipher = "PSK";
-#endif
-
-	OpenSSL_add_ssl_algorithms();
-	SSL_load_error_strings();
-
-#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
-	next_proto.status = -1;
-	if (next_proto_neg_in)
-		{
-		next_proto.data = next_protos_parse(&next_proto.len, next_proto_neg_in);
-		if (next_proto.data == NULL)
-			{
-			BIO_printf(bio_err, "Error parsing -nextprotoneg argument\n");
-			goto end;
-			}
-		}
-	else
-		next_proto.data = NULL;
-#endif
-
-#ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine_id, 1);
-	if (ssl_client_engine_id)
-		{
-		ssl_client_engine = ENGINE_by_id(ssl_client_engine_id);
-		if (!ssl_client_engine)
-			{
-			BIO_printf(bio_err,
-					"Error getting client auth engine\n");
-			goto end;
-			}
-		}
-
-#endif
-	if (!app_passwd(bio_err, passarg, NULL, &pass, NULL))
-		{
-		BIO_printf(bio_err, "Error getting password\n");
-		goto end;
-		}
-
-	if (key_file == NULL)
-		key_file = cert_file;
-
-
-	if (key_file)
-
-		{
-
-		key = load_key(bio_err, key_file, key_format, 0, pass, e,
-			       "client certificate private key file");
-		if (!key)
-			{
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-
-		}
-
-	if (cert_file)
-
-		{
-		cert = load_cert(bio_err,cert_file,cert_format,
-				NULL, e, "client certificate file");
-
-		if (!cert)
-			{
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		}
-
-	if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
-		&& !RAND_status())
-		{
-		BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
-		}
-	if (inrand != NULL)
-		BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
-			app_RAND_load_files(inrand));
-
-	if (bio_c_out == NULL)
-		{
-		if (c_quiet && !c_debug && !c_msg)
-			{
-			bio_c_out=BIO_new(BIO_s_null());
-			}
-		else
-			{
-			if (bio_c_out == NULL)
-				bio_c_out=BIO_new_fp(stdout,BIO_NOCLOSE);
-			}
-		}
-
-	ctx=SSL_CTX_new(meth);
-	if (ctx == NULL)
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (vpm)
-		SSL_CTX_set1_param(ctx, vpm);
-
-#ifndef OPENSSL_NO_ENGINE
-	if (ssl_client_engine)
-		{
-		if (!SSL_CTX_set_client_cert_engine(ctx, ssl_client_engine))
-			{
-			BIO_puts(bio_err, "Error setting client auth engine\n");
-			ERR_print_errors(bio_err);
-			ENGINE_free(ssl_client_engine);
-			goto end;
-			}
-		ENGINE_free(ssl_client_engine);
-		}
-#endif
-
-#ifndef OPENSSL_NO_PSK
-#ifdef OPENSSL_NO_JPAKE
-	if (psk_key != NULL)
-#else
-	if (psk_key != NULL || jpake_secret)
-#endif
-		{
-		if (c_debug)
-			BIO_printf(bio_c_out, "PSK key given or JPAKE in use, setting client callback\n");
-		SSL_CTX_set_psk_client_callback(ctx, psk_client_cb);
-		}
-#endif
-	if (bugs)
-		SSL_CTX_set_options(ctx,SSL_OP_ALL|off);
-	else
-		SSL_CTX_set_options(ctx,off);
-
-	if (clr)
-		SSL_CTX_clear_options(ctx, clr);
-	/* DTLS: partial reads end up discarding unread UDP bytes :-( 
-	 * Setting read ahead solves this problem.
-	 */
-	if (socket_type == SOCK_DGRAM) SSL_CTX_set_read_ahead(ctx, 1);
-
-	/* Enable handshake cutthrough for client connections using
-	 * strong ciphers. */
-	if (cutthrough)
-		{
-		int ssl_mode = SSL_CTX_get_mode(ctx);
-		ssl_mode |= SSL_MODE_HANDSHAKE_CUTTHROUGH;
-		SSL_CTX_set_mode(ctx, ssl_mode);
-		}
-
-#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
-	if (next_proto.data)
-		SSL_CTX_set_next_proto_select_cb(ctx, next_proto_cb, &next_proto);
-#endif
-
-	if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback);
-	if (cipher != NULL)
-		if(!SSL_CTX_set_cipher_list(ctx,cipher)) {
-		BIO_printf(bio_err,"error setting cipher list\n");
-		ERR_print_errors(bio_err);
-		goto end;
-	}
-#if 0
-	else
-		SSL_CTX_set_cipher_list(ctx,getenv("SSL_CIPHER"));
-#endif
-
-	SSL_CTX_set_verify(ctx,verify,verify_callback);
-	if (!set_cert_key_stuff(ctx,cert,key))
-		goto end;
-
-	if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
-		(!SSL_CTX_set_default_verify_paths(ctx)))
-		{
-		/* BIO_printf(bio_err,"error setting default verify locations\n"); */
-		ERR_print_errors(bio_err);
-		/* goto end; */
-		}
-
-#ifndef OPENSSL_NO_TLSEXT
-	if (servername != NULL)
-		{
-		tlsextcbp.biodebug = bio_err;
-		SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb);
-		SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp);
-		}
-#endif
-
-	con=SSL_new(ctx);
-	if (sess_in)
-		{
-		SSL_SESSION *sess;
-		BIO *stmp = BIO_new_file(sess_in, "r");
-		if (!stmp)
-			{
-			BIO_printf(bio_err, "Can't open session file %s\n",
-						sess_in);
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		sess = PEM_read_bio_SSL_SESSION(stmp, NULL, 0, NULL);
-		BIO_free(stmp);
-		if (!sess)
-			{
-			BIO_printf(bio_err, "Can't open session file %s\n",
-						sess_in);
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		SSL_set_session(con, sess);
-		SSL_SESSION_free(sess);
-		}
-#ifndef OPENSSL_NO_TLSEXT
-	if (servername != NULL)
-		{
-		if (!SSL_set_tlsext_host_name(con,servername))
-			{
-			BIO_printf(bio_err,"Unable to set TLS servername extension.\n");
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		}
-#endif
-#ifndef OPENSSL_NO_KRB5
-	if (con  &&  (con->kssl_ctx = kssl_ctx_new()) != NULL)
-                {
-                kssl_ctx_setstring(con->kssl_ctx, KSSL_SERVER, host);
-		}
-#endif	/* OPENSSL_NO_KRB5  */
-/*	SSL_set_cipher_list(con,"RC4-MD5"); */
-#if 0
-#ifdef TLSEXT_TYPE_opaque_prf_input
-	SSL_set_tlsext_opaque_prf_input(con, "Test client", 11);
-#endif
-#endif
-
-re_start:
-
-	if (init_client(&s,host,port,socket_type) == 0)
-		{
-		BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error());
-		SHUTDOWN(s);
-		goto end;
-		}
-	BIO_printf(bio_c_out,"CONNECTED(%08X)\n",s);
-
-#ifdef FIONBIO
-	if (c_nbio)
-		{
-		unsigned long l=1;
-		BIO_printf(bio_c_out,"turning on non blocking io\n");
-		if (BIO_socket_ioctl(s,FIONBIO,&l) < 0)
-			{
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		}
-#endif                                              
-	if (c_Pause & 0x01) con->debug=1;
-
-	if ( SSL_version(con) == DTLS1_VERSION)
-		{
-
-		sbio=BIO_new_dgram(s,BIO_NOCLOSE);
-		if (getsockname(s, &peer, (void *)&peerlen) < 0)
-			{
-			BIO_printf(bio_err, "getsockname:errno=%d\n",
-				get_last_socket_error());
-			SHUTDOWN(s);
-			goto end;
-			}
-
-		(void)BIO_ctrl_set_connected(sbio, 1, &peer);
-
-		if (enable_timeouts)
-			{
-			timeout.tv_sec = 0;
-			timeout.tv_usec = DGRAM_RCV_TIMEOUT;
-			BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, &timeout);
-			
-			timeout.tv_sec = 0;
-			timeout.tv_usec = DGRAM_SND_TIMEOUT;
-			BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout);
-			}
-
-		if (socket_mtu > 28)
-			{
-			SSL_set_options(con, SSL_OP_NO_QUERY_MTU);
-			SSL_set_mtu(con, socket_mtu - 28);
-			}
-		else
-			/* want to do MTU discovery */
-			BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL);
-		}
-	else
-		sbio=BIO_new_socket(s,BIO_NOCLOSE);
-
-	if (nbio_test)
-		{
-		BIO *test;
-
-		test=BIO_new(BIO_f_nbio_test());
-		sbio=BIO_push(test,sbio);
-		}
-
-	if (c_debug)
-		{
-		con->debug=1;
-		BIO_set_callback(sbio,bio_dump_callback);
-		BIO_set_callback_arg(sbio,(char *)bio_c_out);
-		}
-	if (c_msg)
-		{
-		SSL_set_msg_callback(con, msg_cb);
-		SSL_set_msg_callback_arg(con, bio_c_out);
-		}
-#ifndef OPENSSL_NO_TLSEXT
-	if (c_tlsextdebug)
-		{
-		SSL_set_tlsext_debug_callback(con, tlsext_cb);
-		SSL_set_tlsext_debug_arg(con, bio_c_out);
-		}
-	if (c_status_req)
-		{
-		SSL_set_tlsext_status_type(con, TLSEXT_STATUSTYPE_ocsp);
-		SSL_CTX_set_tlsext_status_cb(ctx, ocsp_resp_cb);
-		SSL_CTX_set_tlsext_status_arg(ctx, bio_c_out);
-#if 0
-{
-STACK_OF(OCSP_RESPID) *ids = sk_OCSP_RESPID_new_null();
-OCSP_RESPID *id = OCSP_RESPID_new();
-id->value.byKey = ASN1_OCTET_STRING_new();
-id->type = V_OCSP_RESPID_KEY;
-ASN1_STRING_set(id->value.byKey, "Hello World", -1);
-sk_OCSP_RESPID_push(ids, id);
-SSL_set_tlsext_status_ids(con, ids);
-}
-#endif
-		}
-#endif
-#ifndef OPENSSL_NO_JPAKE
-	if (jpake_secret)
-		jpake_client_auth(bio_c_out, sbio, jpake_secret);
-#endif
-
-	SSL_set_bio(con,sbio,sbio);
-	SSL_set_connect_state(con);
-
-	/* ok, lets connect */
-	width=SSL_get_fd(con)+1;
-
-	read_tty=1;
-	write_tty=0;
-	tty_on=0;
-	read_ssl=1;
-	write_ssl=1;
-	
-	cbuf_len=0;
-	cbuf_off=0;
-	sbuf_len=0;
-	sbuf_off=0;
-
-	/* This is an ugly hack that does a lot of assumptions */
-	/* We do have to handle multi-line responses which may come
- 	   in a single packet or not. We therefore have to use
-	   BIO_gets() which does need a buffering BIO. So during
-	   the initial chitchat we do push a buffering BIO into the
-	   chain that is removed again later on to not disturb the
-	   rest of the s_client operation. */
-	if (starttls_proto == PROTO_SMTP)
-		{
-		int foundit=0;
-		BIO *fbio = BIO_new(BIO_f_buffer());
-		BIO_push(fbio, sbio);
-		/* wait for multi-line response to end from SMTP */
-		do
-			{
-			mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
-			}
-		while (mbuf_len>3 && mbuf[3]=='-');
-		/* STARTTLS command requires EHLO... */
-		BIO_printf(fbio,"EHLO openssl.client.net\r\n");
-		(void)BIO_flush(fbio);
-		/* wait for multi-line response to end EHLO SMTP response */
-		do
-			{
-			mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
-			if (strstr(mbuf,"STARTTLS"))
-				foundit=1;
-			}
-		while (mbuf_len>3 && mbuf[3]=='-');
-		(void)BIO_flush(fbio);
-		BIO_pop(fbio);
-		BIO_free(fbio);
-		if (!foundit)
-			BIO_printf(bio_err,
-				   "didn't found starttls in server response,"
-				   " try anyway...\n");
-		BIO_printf(sbio,"STARTTLS\r\n");
-		BIO_read(sbio,sbuf,BUFSIZZ);
-		}
-	else if (starttls_proto == PROTO_POP3)
-		{
-		BIO_read(sbio,mbuf,BUFSIZZ);
-		BIO_printf(sbio,"STLS\r\n");
-		BIO_read(sbio,sbuf,BUFSIZZ);
-		}
-	else if (starttls_proto == PROTO_IMAP)
-		{
-		int foundit=0;
-		BIO *fbio = BIO_new(BIO_f_buffer());
-		BIO_push(fbio, sbio);
-		BIO_gets(fbio,mbuf,BUFSIZZ);
-		/* STARTTLS command requires CAPABILITY... */
-		BIO_printf(fbio,". CAPABILITY\r\n");
-		(void)BIO_flush(fbio);
-		/* wait for multi-line CAPABILITY response */
-		do
-			{
-			mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
-			if (strstr(mbuf,"STARTTLS"))
-				foundit=1;
-			}
-		while (mbuf_len>3 && mbuf[0]!='.');
-		(void)BIO_flush(fbio);
-		BIO_pop(fbio);
-		BIO_free(fbio);
-		if (!foundit)
-			BIO_printf(bio_err,
-				   "didn't found STARTTLS in server response,"
-				   " try anyway...\n");
-		BIO_printf(sbio,". STARTTLS\r\n");
-		BIO_read(sbio,sbuf,BUFSIZZ);
-		}
-	else if (starttls_proto == PROTO_FTP)
-		{
-		BIO *fbio = BIO_new(BIO_f_buffer());
-		BIO_push(fbio, sbio);
-		/* wait for multi-line response to end from FTP */
-		do
-			{
-			mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
-			}
-		while (mbuf_len>3 && mbuf[3]=='-');
-		(void)BIO_flush(fbio);
-		BIO_pop(fbio);
-		BIO_free(fbio);
-		BIO_printf(sbio,"AUTH TLS\r\n");
-		BIO_read(sbio,sbuf,BUFSIZZ);
-		}
-	if (starttls_proto == PROTO_XMPP)
-		{
-		int seen = 0;
-		BIO_printf(sbio,"", host);
-		seen = BIO_read(sbio,mbuf,BUFSIZZ);
-		mbuf[seen] = 0;
-		while (!strstr(mbuf, ""))
-				goto shut;
-			seen = BIO_read(sbio,mbuf,BUFSIZZ);
-			mbuf[seen] = 0;
-			}
-		BIO_printf(sbio, "");
-		seen = BIO_read(sbio,sbuf,BUFSIZZ);
-		sbuf[seen] = 0;
-		if (!strstr(sbuf, " 0) full_log--;
-
-				if (starttls_proto)
-					{
-					BIO_printf(bio_err,"%s",mbuf);
-					/* We don't need to know any more */
-					starttls_proto = PROTO_OFF;
-					}
-
-				if (reconnect)
-					{
-					reconnect--;
-					BIO_printf(bio_c_out,"drop connection and then reconnect\n");
-					SSL_shutdown(con);
-					SSL_set_connect_state(con);
-					SHUTDOWN(SSL_get_fd(con));
-					goto re_start;
-					}
-				}
-			}
-
-		ssl_pending = read_ssl && SSL_pending(con);
-
-		if (!ssl_pending)
-			{
-#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE) && !defined (OPENSSL_SYS_BEOS_R5)
-			if (tty_on)
-				{
-				if (read_tty)  openssl_fdset(fileno(stdin),&readfds);
-				if (write_tty) openssl_fdset(fileno(stdout),&writefds);
-				}
-			if (read_ssl)
-				openssl_fdset(SSL_get_fd(con),&readfds);
-			if (write_ssl)
-				openssl_fdset(SSL_get_fd(con),&writefds);
-#else
-			if(!tty_on || !write_tty) {
-				if (read_ssl)
-					openssl_fdset(SSL_get_fd(con),&readfds);
-				if (write_ssl)
-					openssl_fdset(SSL_get_fd(con),&writefds);
-			}
-#endif
-/*			printf("mode tty(%d %d%d) ssl(%d%d)\n",
-				tty_on,read_tty,write_tty,read_ssl,write_ssl);*/
-
-			/* Note: under VMS with SOCKETSHR the second parameter
-			 * is currently of type (int *) whereas under other
-			 * systems it is (void *) if you don't have a cast it
-			 * will choke the compiler: if you do have a cast then
-			 * you can either go for (int *) or (void *).
-			 */
-#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS)
-                        /* Under Windows/DOS we make the assumption that we can
-			 * always write to the tty: therefore if we need to
-			 * write to the tty we just fall through. Otherwise
-			 * we timeout the select every second and see if there
-			 * are any keypresses. Note: this is a hack, in a proper
-			 * Windows application we wouldn't do this.
-			 */
-			i=0;
-			if(!write_tty) {
-				if(read_tty) {
-					tv.tv_sec = 1;
-					tv.tv_usec = 0;
-					i=select(width,(void *)&readfds,(void *)&writefds,
-						 NULL,&tv);
-#if defined(OPENSSL_SYS_WINCE) || defined(OPENSSL_SYS_MSDOS)
-					if(!i && (!_kbhit() || !read_tty) ) continue;
-#else
-					if(!i && (!((_kbhit()) || (WAIT_OBJECT_0 == WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0))) || !read_tty) ) continue;
-#endif
-				} else 	i=select(width,(void *)&readfds,(void *)&writefds,
-					 NULL,timeoutp);
-			}
-#elif defined(OPENSSL_SYS_NETWARE)
-			if(!write_tty) {
-				if(read_tty) {
-					tv.tv_sec = 1;
-					tv.tv_usec = 0;
-					i=select(width,(void *)&readfds,(void *)&writefds,
-						NULL,&tv);
-				} else 	i=select(width,(void *)&readfds,(void *)&writefds,
-					NULL,timeoutp);
-			}
-#elif defined(OPENSSL_SYS_BEOS_R5)
-			/* Under BeOS-R5 the situation is similar to DOS */
-			i=0;
-			stdin_set = 0;
-			(void)fcntl(fileno(stdin), F_SETFL, O_NONBLOCK);
-			if(!write_tty) {
-				if(read_tty) {
-					tv.tv_sec = 1;
-					tv.tv_usec = 0;
-					i=select(width,(void *)&readfds,(void *)&writefds,
-						 NULL,&tv);
-					if (read(fileno(stdin), sbuf, 0) >= 0)
-						stdin_set = 1;
-					if (!i && (stdin_set != 1 || !read_tty))
-						continue;
-				} else 	i=select(width,(void *)&readfds,(void *)&writefds,
-					 NULL,timeoutp);
-			}
-			(void)fcntl(fileno(stdin), F_SETFL, 0);
-#else
-			i=select(width,(void *)&readfds,(void *)&writefds,
-				 NULL,timeoutp);
-#endif
-			if ( i < 0)
-				{
-				BIO_printf(bio_err,"bad select %d\n",
-				get_last_socket_error());
-				goto shut;
-				/* goto end; */
-				}
-			}
-
-		if ((SSL_version(con) == DTLS1_VERSION) && DTLSv1_handle_timeout(con) > 0)
-			{
-			BIO_printf(bio_err,"TIMEOUT occured\n");
-			}
-
-		if (!ssl_pending && FD_ISSET(SSL_get_fd(con),&writefds))
-			{
-			k=SSL_write(con,&(cbuf[cbuf_off]),
-				(unsigned int)cbuf_len);
-			switch (SSL_get_error(con,k))
-				{
-			case SSL_ERROR_NONE:
-				cbuf_off+=k;
-				cbuf_len-=k;
-				if (k <= 0) goto end;
-				/* we have done a  write(con,NULL,0); */
-				if (cbuf_len <= 0)
-					{
-					read_tty=1;
-					write_ssl=0;
-					}
-				else /* if (cbuf_len > 0) */
-					{
-					read_tty=0;
-					write_ssl=1;
-					}
-				break;
-			case SSL_ERROR_WANT_WRITE:
-				BIO_printf(bio_c_out,"write W BLOCK\n");
-				write_ssl=1;
-				read_tty=0;
-				break;
-			case SSL_ERROR_WANT_READ:
-				BIO_printf(bio_c_out,"write R BLOCK\n");
-				write_tty=0;
-				read_ssl=1;
-				write_ssl=0;
-				break;
-			case SSL_ERROR_WANT_X509_LOOKUP:
-				BIO_printf(bio_c_out,"write X BLOCK\n");
-				break;
-			case SSL_ERROR_ZERO_RETURN:
-				if (cbuf_len != 0)
-					{
-					BIO_printf(bio_c_out,"shutdown\n");
-					ret = 0;
-					goto shut;
-					}
-				else
-					{
-					read_tty=1;
-					write_ssl=0;
-					break;
-					}
-				
-			case SSL_ERROR_SYSCALL:
-				if ((k != 0) || (cbuf_len != 0))
-					{
-					BIO_printf(bio_err,"write:errno=%d\n",
-						get_last_socket_error());
-					goto shut;
-					}
-				else
-					{
-					read_tty=1;
-					write_ssl=0;
-					}
-				break;
-			case SSL_ERROR_SSL:
-				ERR_print_errors(bio_err);
-				goto shut;
-				}
-			}
-#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5)
-		/* Assume Windows/DOS/BeOS can always write */
-		else if (!ssl_pending && write_tty)
-#else
-		else if (!ssl_pending && FD_ISSET(fileno(stdout),&writefds))
-#endif
-			{
-#ifdef CHARSET_EBCDIC
-			ascii2ebcdic(&(sbuf[sbuf_off]),&(sbuf[sbuf_off]),sbuf_len);
-#endif
-			i=raw_write_stdout(&(sbuf[sbuf_off]),sbuf_len);
-
-			if (i <= 0)
-				{
-				BIO_printf(bio_c_out,"DONE\n");
-				ret = 0;
-				goto shut;
-				/* goto end; */
-				}
-
-			sbuf_len-=i;;
-			sbuf_off+=i;
-			if (sbuf_len <= 0)
-				{
-				read_ssl=1;
-				write_tty=0;
-				}
-			}
-		else if (ssl_pending || FD_ISSET(SSL_get_fd(con),&readfds))
-			{
-#ifdef RENEG
-{ static int iiii; if (++iiii == 52) { SSL_renegotiate(con); iiii=0; } }
-#endif
-#if 1
-			k=SSL_read(con,sbuf,1024 /* BUFSIZZ */ );
-#else
-/* Demo for pending and peek :-) */
-			k=SSL_read(con,sbuf,16);
-{ char zbuf[10240]; 
-printf("read=%d pending=%d peek=%d\n",k,SSL_pending(con),SSL_peek(con,zbuf,10240));
-}
-#endif
-
-			switch (SSL_get_error(con,k))
-				{
-			case SSL_ERROR_NONE:
-				if (k <= 0)
-					goto end;
-				sbuf_off=0;
-				sbuf_len=k;
-
-				read_ssl=0;
-				write_tty=1;
-				break;
-			case SSL_ERROR_WANT_WRITE:
-				BIO_printf(bio_c_out,"read W BLOCK\n");
-				write_ssl=1;
-				read_tty=0;
-				break;
-			case SSL_ERROR_WANT_READ:
-				BIO_printf(bio_c_out,"read R BLOCK\n");
-				write_tty=0;
-				read_ssl=1;
-				if ((read_tty == 0) && (write_ssl == 0))
-					write_ssl=1;
-				break;
-			case SSL_ERROR_WANT_X509_LOOKUP:
-				BIO_printf(bio_c_out,"read X BLOCK\n");
-				break;
-			case SSL_ERROR_SYSCALL:
-				ret=get_last_socket_error();
-				BIO_printf(bio_err,"read:errno=%d\n",ret);
-				goto shut;
-			case SSL_ERROR_ZERO_RETURN:
-				BIO_printf(bio_c_out,"closed\n");
-				ret=0;
-				goto shut;
-			case SSL_ERROR_SSL:
-				ERR_print_errors(bio_err);
-				goto shut;
-				/* break; */
-				}
-			}
-
-#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS)
-#if defined(OPENSSL_SYS_WINCE) || defined(OPENSSL_SYS_MSDOS)
-		else if (_kbhit())
-#else
-		else if ((_kbhit()) || (WAIT_OBJECT_0 == WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0)))
-#endif
-#elif defined (OPENSSL_SYS_NETWARE)
-		else if (_kbhit())
-#elif defined(OPENSSL_SYS_BEOS_R5)
-		else if (stdin_set)
-#else
-		else if (FD_ISSET(fileno(stdin),&readfds))
-#endif
-			{
-			if (crlf)
-				{
-				int j, lf_num;
-
-				i=raw_read_stdin(cbuf,BUFSIZZ/2);
-				lf_num = 0;
-				/* both loops are skipped when i <= 0 */
-				for (j = 0; j < i; j++)
-					if (cbuf[j] == '\n')
-						lf_num++;
-				for (j = i-1; j >= 0; j--)
-					{
-					cbuf[j+lf_num] = cbuf[j];
-					if (cbuf[j] == '\n')
-						{
-						lf_num--;
-						i++;
-						cbuf[j+lf_num] = '\r';
-						}
-					}
-				assert(lf_num == 0);
-				}
-			else
-				i=raw_read_stdin(cbuf,BUFSIZZ);
-
-			if ((!c_ign_eof) && ((i <= 0) || (cbuf[0] == 'Q')))
-				{
-				BIO_printf(bio_err,"DONE\n");
-				ret=0;
-				goto shut;
-				}
-
-			if ((!c_ign_eof) && (cbuf[0] == 'R'))
-				{
-				BIO_printf(bio_err,"RENEGOTIATING\n");
-				SSL_renegotiate(con);
-				cbuf_len=0;
-				}
-			else
-				{
-				cbuf_len=i;
-				cbuf_off=0;
-#ifdef CHARSET_EBCDIC
-				ebcdic2ascii(cbuf, cbuf, i);
-#endif
-				}
-
-			write_ssl=1;
-			read_tty=0;
-			}
-		}
-
-	ret=0;
-shut:
-	if (in_init)
-		print_stuff(bio_c_out,con,full_log);
-	SSL_shutdown(con);
-	SHUTDOWN(SSL_get_fd(con));
-end:
-	if (con != NULL)
-		{
-		if (prexit != 0)
-			print_stuff(bio_c_out,con,1);
-		SSL_free(con);
-		}
-	if (ctx != NULL) SSL_CTX_free(ctx);
-	if (cert)
-		X509_free(cert);
-	if (key)
-		EVP_PKEY_free(key);
-	if (pass)
-		OPENSSL_free(pass);
-	if (cbuf != NULL) { OPENSSL_cleanse(cbuf,BUFSIZZ); OPENSSL_free(cbuf); }
-	if (sbuf != NULL) { OPENSSL_cleanse(sbuf,BUFSIZZ); OPENSSL_free(sbuf); }
-	if (mbuf != NULL) { OPENSSL_cleanse(mbuf,BUFSIZZ); OPENSSL_free(mbuf); }
-	if (bio_c_out != NULL)
-		{
-		BIO_free(bio_c_out);
-		bio_c_out=NULL;
-		}
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-
-
-static void print_stuff(BIO *bio, SSL *s, int full)
-	{
-	X509 *peer=NULL;
-	char *p;
-	static const char *space="                ";
-	char buf[BUFSIZ];
-	STACK_OF(X509) *sk;
-	STACK_OF(X509_NAME) *sk2;
-	const SSL_CIPHER *c;
-	X509_NAME *xn;
-	int j,i;
-#ifndef OPENSSL_NO_COMP
-	const COMP_METHOD *comp, *expansion;
-#endif
-
-	if (full)
-		{
-		int got_a_chain = 0;
-
-		sk=SSL_get_peer_cert_chain(s);
-		if (sk != NULL)
-			{
-			got_a_chain = 1; /* we don't have it for SSL2 (yet) */
-
-			BIO_printf(bio,"---\nCertificate chain\n");
-			for (i=0; i 0))
-			{
-			BIO_printf(bio,"---\nAcceptable client certificate CA names\n");
-			for (i=0; ihit)?"---\nReused, ":"---\nNew, "));
-	c=SSL_get_current_cipher(s);
-	BIO_printf(bio,"%s, Cipher is %s\n",
-		SSL_CIPHER_get_version(c),
-		SSL_CIPHER_get_name(c));
-	if (peer != NULL) {
-		EVP_PKEY *pktmp;
-		pktmp = X509_get_pubkey(peer);
-		BIO_printf(bio,"Server public key is %d bit\n",
-							 EVP_PKEY_bits(pktmp));
-		EVP_PKEY_free(pktmp);
-	}
-	BIO_printf(bio, "Secure Renegotiation IS%s supported\n",
-			SSL_get_secure_renegotiation_support(s) ? "" : " NOT");
-#ifndef OPENSSL_NO_COMP
-	comp=SSL_get_current_compression(s);
-	expansion=SSL_get_current_expansion(s);
-	BIO_printf(bio,"Compression: %s\n",
-		comp ? SSL_COMP_get_name(comp) : "NONE");
-	BIO_printf(bio,"Expansion: %s\n",
-		expansion ? SSL_COMP_get_name(expansion) : "NONE");
-#endif
-
-#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
-	if (next_proto.status != -1) {
-		const unsigned char *proto;
-		unsigned int proto_len;
-		SSL_get0_next_proto_negotiated(s, &proto, &proto_len);
-		BIO_printf(bio, "Next protocol: (%d) ", next_proto.status);
-		BIO_write(bio, proto, proto_len);
-		BIO_write(bio, "\n", 1);
-	}
-#endif
-
-	SSL_SESSION_print(bio,SSL_get_session(s));
-	BIO_printf(bio,"---\n");
-	if (peer != NULL)
-		X509_free(peer);
-	/* flush, or debugging output gets mixed with http response */
-	(void)BIO_flush(bio);
-	}
-
-#ifndef OPENSSL_NO_TLSEXT
-
-static int ocsp_resp_cb(SSL *s, void *arg)
-	{
-	const unsigned char *p;
-	int len;
-	OCSP_RESPONSE *rsp;
-	len = SSL_get_tlsext_status_ocsp_resp(s, &p);
-	BIO_puts(arg, "OCSP response: ");
-	if (!p)
-		{
-		BIO_puts(arg, "no response sent\n");
-		return 1;
-		}
-	rsp = d2i_OCSP_RESPONSE(NULL, &p, len);
-	if (!rsp)
-		{
-		BIO_puts(arg, "response parse error\n");
-		BIO_dump_indent(arg, (char *)p, len, 4);
-		return 0;
-		}
-	BIO_puts(arg, "\n======================================\n");
-	OCSP_RESPONSE_print(arg, rsp, 0);
-	BIO_puts(arg, "======================================\n");
-	OCSP_RESPONSE_free(rsp);
-	return 1;
-	}
-
-#endif
diff --git a/deps/openssl/openssl/apps/s_server.c b/deps/openssl/openssl/apps/s_server.c
deleted file mode 100644
index a8e057ceb89..00000000000
--- a/deps/openssl/openssl/apps/s_server.c
+++ /dev/null
@@ -1,2752 +0,0 @@
-/* apps/s_server.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECC cipher suite support in OpenSSL originally developed by 
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-/* Until the key-gen callbacks are modified to use newer prototypes, we allow
- * deprecated functions for openssl-internal code */
-#ifdef OPENSSL_NO_DEPRECATED
-#undef OPENSSL_NO_DEPRECATED
-#endif
-
-#include 
-#include 
-#include 
-#include 
-#include 
-
-#include 
-#ifdef OPENSSL_NO_STDIO
-#define APPS_WIN16
-#endif
-
-#if !defined(OPENSSL_SYS_NETWARE)  /* conflicts with winsock2 stuff on netware */
-#include 
-#endif
-
-/* With IPv6, it looks like Digital has mixed up the proper order of
-   recursive header file inclusion, resulting in the compiler complaining
-   that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which
-   is needed to have fileno() declared correctly...  So let's define u_int */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT)
-#define __U_INT
-typedef unsigned int u_int;
-#endif
-
-#include 
-#include 
-#define USE_SOCKETS
-#include "apps.h"
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#ifndef OPENSSL_NO_DH
-#include 
-#endif
-#ifndef OPENSSL_NO_RSA
-#include 
-#endif
-#include "s_apps.h"
-#include "timeouts.h"
-
-#if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000)
-/* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
-#undef FIONBIO
-#endif
-
-#if defined(OPENSSL_SYS_BEOS_R5)
-#include 
-#endif
-
-#ifndef OPENSSL_NO_RSA
-static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength);
-#endif
-static int sv_body(char *hostname, int s, unsigned char *context);
-static int www_body(char *hostname, int s, unsigned char *context);
-static void close_accept_socket(void );
-static void sv_usage(void);
-static int init_ssl_connection(SSL *s);
-static void print_stats(BIO *bp,SSL_CTX *ctx);
-static int generate_session_id(const SSL *ssl, unsigned char *id,
-				unsigned int *id_len);
-#ifndef OPENSSL_NO_DH
-static DH *load_dh_param(const char *dhfile);
-static DH *get_dh512(void);
-#endif
-
-#ifdef MONOLITH
-static void s_server_init(void);
-#endif
-
-#ifndef OPENSSL_NO_DH
-static unsigned char dh512_p[]={
-	0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,0xD0,0xE4,0xAF,0x75,
-	0x6F,0x4C,0xCA,0x92,0xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F,
-	0xED,0x94,0xEF,0x9C,0x8A,0x44,0x03,0xED,0x57,0x46,0x50,0xD3,
-	0x69,0x99,0xDB,0x29,0xD7,0x76,0x27,0x6B,0xA2,0xD3,0xD4,0x12,
-	0xE2,0x18,0xF4,0xDD,0x1E,0x08,0x4C,0xF6,0xD8,0x00,0x3E,0x7C,
-	0x47,0x74,0xE8,0x33,
-	};
-static unsigned char dh512_g[]={
-	0x02,
-	};
-
-static DH *get_dh512(void)
-	{
-	DH *dh=NULL;
-
-	if ((dh=DH_new()) == NULL) return(NULL);
-	dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
-	dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL);
-	if ((dh->p == NULL) || (dh->g == NULL))
-		return(NULL);
-	return(dh);
-	}
-#endif
-
-
-/* static int load_CA(SSL_CTX *ctx, char *file);*/
-
-#undef BUFSIZZ
-#define BUFSIZZ	16*1024
-static int bufsize=BUFSIZZ;
-static int accept_socket= -1;
-
-#define TEST_CERT	"server.pem"
-#ifndef OPENSSL_NO_TLSEXT
-#define TEST_CERT2	"server2.pem"
-#endif
-#undef PROG
-#define PROG		s_server_main
-
-extern int verify_depth, verify_return_error;
-
-static char *cipher=NULL;
-static int s_server_verify=SSL_VERIFY_NONE;
-static int s_server_session_id_context = 1; /* anything will do */
-static const char *s_cert_file=TEST_CERT,*s_key_file=NULL;
-#ifndef OPENSSL_NO_TLSEXT
-static const char *s_cert_file2=TEST_CERT2,*s_key_file2=NULL;
-#endif
-static char *s_dcert_file=NULL,*s_dkey_file=NULL;
-#ifdef FIONBIO
-static int s_nbio=0;
-#endif
-static int s_nbio_test=0;
-int s_crlf=0;
-static SSL_CTX *ctx=NULL;
-#ifndef OPENSSL_NO_TLSEXT
-static SSL_CTX *ctx2=NULL;
-#endif
-static int www=0;
-
-static BIO *bio_s_out=NULL;
-static int s_debug=0;
-#ifndef OPENSSL_NO_TLSEXT
-static int s_tlsextdebug=0;
-static int s_tlsextstatus=0;
-static int cert_status_cb(SSL *s, void *arg);
-#endif
-static int s_msg=0;
-static int s_quiet=0;
-
-static int hack=0;
-#ifndef OPENSSL_NO_ENGINE
-static char *engine_id=NULL;
-#endif
-static const char *session_id_prefix=NULL;
-
-static int enable_timeouts = 0;
-static long socket_mtu;
-#ifndef OPENSSL_NO_DTLS1
-static int cert_chain = 0;
-#endif
-
-#ifndef OPENSSL_NO_PSK
-static char *psk_identity="Client_identity";
-char *psk_key=NULL; /* by default PSK is not used */
-
-static unsigned int psk_server_cb(SSL *ssl, const char *identity,
-	unsigned char *psk, unsigned int max_psk_len)
-	{
-	unsigned int psk_len = 0;
-	int ret;
-	BIGNUM *bn = NULL;
-
-	if (s_debug)
-		BIO_printf(bio_s_out,"psk_server_cb\n");
-	if (!identity)
-		{
-		BIO_printf(bio_err,"Error: client did not send PSK identity\n");
-		goto out_err;
-		}
-	if (s_debug)
-		BIO_printf(bio_s_out,"identity_len=%d identity=%s\n",
-			identity ? (int)strlen(identity) : 0, identity);
-
-	/* here we could lookup the given identity e.g. from a database */
-  	if (strcmp(identity, psk_identity) != 0)
-		{
-                BIO_printf(bio_s_out, "PSK error: client identity not found"
-			   " (got '%s' expected '%s')\n", identity,
-			   psk_identity);
-		goto out_err;
-                }
-	if (s_debug)
-		BIO_printf(bio_s_out, "PSK client identity found\n");
-
-	/* convert the PSK key to binary */
-	ret = BN_hex2bn(&bn, psk_key);
-	if (!ret)
-		{
-		BIO_printf(bio_err,"Could not convert PSK key '%s' to BIGNUM\n", psk_key);
-		if (bn)
-			BN_free(bn);
-		return 0;
-		}
-	if (BN_num_bytes(bn) > (int)max_psk_len)
-		{
-		BIO_printf(bio_err,"psk buffer of callback is too small (%d) for key (%d)\n",
-			max_psk_len, BN_num_bytes(bn));
-		BN_free(bn);
-		return 0;
-		}
-
-	ret = BN_bn2bin(bn, psk);
-	BN_free(bn);
-
-	if (ret < 0)
-		goto out_err;
-	psk_len = (unsigned int)ret;
-
-	if (s_debug)
-		BIO_printf(bio_s_out, "fetched PSK len=%d\n", psk_len);
-        return psk_len;
- out_err:
-	if (s_debug)
-		BIO_printf(bio_err, "Error in PSK server callback\n");
-	return 0;
-        }
-#endif
-
-#ifdef MONOLITH
-static void s_server_init(void)
-	{
-	accept_socket=-1;
-	cipher=NULL;
-	s_server_verify=SSL_VERIFY_NONE;
-	s_dcert_file=NULL;
-	s_dkey_file=NULL;
-	s_cert_file=TEST_CERT;
-	s_key_file=NULL;
-#ifndef OPENSSL_NO_TLSEXT
-	s_cert_file2=TEST_CERT2;
-	s_key_file2=NULL;
-	ctx2=NULL;
-#endif
-#ifdef FIONBIO
-	s_nbio=0;
-#endif
-	s_nbio_test=0;
-	ctx=NULL;
-	www=0;
-
-	bio_s_out=NULL;
-	s_debug=0;
-	s_msg=0;
-	s_quiet=0;
-	hack=0;
-#ifndef OPENSSL_NO_ENGINE
-	engine_id=NULL;
-#endif
-	}
-#endif
-
-static void sv_usage(void)
-	{
-	BIO_printf(bio_err,"usage: s_server [args ...]\n");
-	BIO_printf(bio_err,"\n");
-	BIO_printf(bio_err," -accept arg   - port to accept on (default is %d)\n",PORT);
-	BIO_printf(bio_err," -context arg  - set session ID context\n");
-	BIO_printf(bio_err," -verify arg   - turn on peer certificate verification\n");
-	BIO_printf(bio_err," -Verify arg   - turn on peer certificate verification, must have a cert.\n");
-	BIO_printf(bio_err," -cert arg     - certificate file to use\n");
-	BIO_printf(bio_err,"                 (default is %s)\n",TEST_CERT);
-	BIO_printf(bio_err," -crl_check    - check the peer certificate has not been revoked by its CA.\n" \
-	                   "                 The CRL(s) are appended to the certificate file\n");
-	BIO_printf(bio_err," -crl_check_all - check the peer certificate has not been revoked by its CA\n" \
-	                   "                 or any other CRL in the CA chain. CRL(s) are appened to the\n" \
-	                   "                 the certificate file.\n");
-	BIO_printf(bio_err," -certform arg - certificate format (PEM or DER) PEM default\n");
-	BIO_printf(bio_err," -key arg      - Private Key file to use, in cert file if\n");
-	BIO_printf(bio_err,"                 not specified (default is %s)\n",TEST_CERT);
-	BIO_printf(bio_err," -keyform arg  - key format (PEM, DER or ENGINE) PEM default\n");
-	BIO_printf(bio_err," -pass arg     - private key file pass phrase source\n");
-	BIO_printf(bio_err," -dcert arg    - second certificate file to use (usually for DSA)\n");
-	BIO_printf(bio_err," -dcertform x  - second certificate format (PEM or DER) PEM default\n");
-	BIO_printf(bio_err," -dkey arg     - second private key file to use (usually for DSA)\n");
-	BIO_printf(bio_err," -dkeyform arg - second key format (PEM, DER or ENGINE) PEM default\n");
-	BIO_printf(bio_err," -dpass arg    - second private key file pass phrase source\n");
-	BIO_printf(bio_err," -dhparam arg  - DH parameter file to use, in cert file if not specified\n");
-	BIO_printf(bio_err,"                 or a default set of parameters is used\n");
-#ifndef OPENSSL_NO_ECDH
-	BIO_printf(bio_err," -named_curve arg  - Elliptic curve name to use for ephemeral ECDH keys.\n" \
-	                   "                 Use \"openssl ecparam -list_curves\" for all names\n" \
-	                   "                 (default is nistp256).\n");
-#endif
-#ifdef FIONBIO
-	BIO_printf(bio_err," -nbio         - Run with non-blocking IO\n");
-#endif
-	BIO_printf(bio_err," -nbio_test    - test with the non-blocking test bio\n");
-	BIO_printf(bio_err," -crlf         - convert LF from terminal into CRLF\n");
-	BIO_printf(bio_err," -debug        - Print more output\n");
-	BIO_printf(bio_err," -msg          - Show protocol messages\n");
-	BIO_printf(bio_err," -state        - Print the SSL states\n");
-	BIO_printf(bio_err," -CApath arg   - PEM format directory of CA's\n");
-	BIO_printf(bio_err," -CAfile arg   - PEM format file of CA's\n");
-	BIO_printf(bio_err," -nocert       - Don't use any certificates (Anon-DH)\n");
-	BIO_printf(bio_err," -cipher arg   - play with 'openssl ciphers' to see what goes here\n");
-	BIO_printf(bio_err," -serverpref   - Use server's cipher preferences\n");
-	BIO_printf(bio_err," -quiet        - No server output\n");
-	BIO_printf(bio_err," -no_tmp_rsa   - Do not generate a tmp RSA key\n");
-#ifndef OPENSSL_NO_PSK
-	BIO_printf(bio_err," -psk_hint arg - PSK identity hint to use\n");
-	BIO_printf(bio_err," -psk arg      - PSK in hex (without 0x)\n");
-# ifndef OPENSSL_NO_JPAKE
-	BIO_printf(bio_err," -jpake arg    - JPAKE secret to use\n");
-# endif
-#endif
-	BIO_printf(bio_err," -ssl2         - Just talk SSLv2\n");
-	BIO_printf(bio_err," -ssl3         - Just talk SSLv3\n");
-	BIO_printf(bio_err," -tls1         - Just talk TLSv1\n");
-	BIO_printf(bio_err," -dtls1        - Just talk DTLSv1\n");
-	BIO_printf(bio_err," -timeout      - Enable timeouts\n");
-	BIO_printf(bio_err," -mtu          - Set link layer MTU\n");
-	BIO_printf(bio_err," -chain        - Read a certificate chain\n");
-	BIO_printf(bio_err," -no_ssl2      - Just disable SSLv2\n");
-	BIO_printf(bio_err," -no_ssl3      - Just disable SSLv3\n");
-	BIO_printf(bio_err," -no_tls1      - Just disable TLSv1\n");
-#ifndef OPENSSL_NO_DH
-	BIO_printf(bio_err," -no_dhe       - Disable ephemeral DH\n");
-#endif
-#ifndef OPENSSL_NO_ECDH
-	BIO_printf(bio_err," -no_ecdhe     - Disable ephemeral ECDH\n");
-#endif
-	BIO_printf(bio_err," -bugs         - Turn on SSL bug compatibility\n");
-	BIO_printf(bio_err," -www          - Respond to a 'GET /' with a status page\n");
-	BIO_printf(bio_err," -WWW          - Respond to a 'GET / HTTP/1.0' with file ./\n");
-	BIO_printf(bio_err," -HTTP         - Respond to a 'GET / HTTP/1.0' with file ./\n");
-        BIO_printf(bio_err,"                 with the assumption it contains a complete HTTP response.\n");
-#ifndef OPENSSL_NO_ENGINE
-	BIO_printf(bio_err," -engine id    - Initialise and use the specified engine\n");
-#endif
-	BIO_printf(bio_err," -id_prefix arg - Generate SSL/TLS session IDs prefixed by 'arg'\n");
-	BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
-#ifndef OPENSSL_NO_TLSEXT
-	BIO_printf(bio_err," -servername host - servername for HostName TLS extension\n");
-	BIO_printf(bio_err," -servername_fatal - on mismatch send fatal alert (default warning alert)\n");
-	BIO_printf(bio_err," -cert2 arg    - certificate file to use for servername\n");
-	BIO_printf(bio_err,"                 (default is %s)\n",TEST_CERT2);
-	BIO_printf(bio_err," -key2 arg     - Private Key file to use for servername, in cert file if\n");
-	BIO_printf(bio_err,"                 not specified (default is %s)\n",TEST_CERT2);
-	BIO_printf(bio_err," -tlsextdebug  - hex dump of all TLS extensions received\n");
-	BIO_printf(bio_err," -no_ticket    - disable use of RFC4507bis session tickets\n");
-	BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n");
-# ifndef OPENSSL_NO_NEXTPROTONEG
-	BIO_printf(bio_err," -nextprotoneg arg - set the advertised protocols for the NPN extension (comma-separated list)\n");
-# endif
-#endif
-	}
-
-static int local_argc=0;
-static char **local_argv;
-
-#ifdef CHARSET_EBCDIC
-static int ebcdic_new(BIO *bi);
-static int ebcdic_free(BIO *a);
-static int ebcdic_read(BIO *b, char *out, int outl);
-static int ebcdic_write(BIO *b, const char *in, int inl);
-static long ebcdic_ctrl(BIO *b, int cmd, long num, void *ptr);
-static int ebcdic_gets(BIO *bp, char *buf, int size);
-static int ebcdic_puts(BIO *bp, const char *str);
-
-#define BIO_TYPE_EBCDIC_FILTER	(18|0x0200)
-static BIO_METHOD methods_ebcdic=
-	{
-	BIO_TYPE_EBCDIC_FILTER,
-	"EBCDIC/ASCII filter",
-	ebcdic_write,
-	ebcdic_read,
-	ebcdic_puts,
-	ebcdic_gets,
-	ebcdic_ctrl,
-	ebcdic_new,
-	ebcdic_free,
-	};
-
-typedef struct
-{
-	size_t	alloced;
-	char	buff[1];
-} EBCDIC_OUTBUFF;
-
-BIO_METHOD *BIO_f_ebcdic_filter()
-{
-	return(&methods_ebcdic);
-}
-
-static int ebcdic_new(BIO *bi)
-{
-	EBCDIC_OUTBUFF *wbuf;
-
-	wbuf = (EBCDIC_OUTBUFF *)OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + 1024);
-	wbuf->alloced = 1024;
-	wbuf->buff[0] = '\0';
-
-	bi->ptr=(char *)wbuf;
-	bi->init=1;
-	bi->flags=0;
-	return(1);
-}
-
-static int ebcdic_free(BIO *a)
-{
-	if (a == NULL) return(0);
-	if (a->ptr != NULL)
-		OPENSSL_free(a->ptr);
-	a->ptr=NULL;
-	a->init=0;
-	a->flags=0;
-	return(1);
-}
-	
-static int ebcdic_read(BIO *b, char *out, int outl)
-{
-	int ret=0;
-
-	if (out == NULL || outl == 0) return(0);
-	if (b->next_bio == NULL) return(0);
-
-	ret=BIO_read(b->next_bio,out,outl);
-	if (ret > 0)
-		ascii2ebcdic(out,out,ret);
-	return(ret);
-}
-
-static int ebcdic_write(BIO *b, const char *in, int inl)
-{
-	EBCDIC_OUTBUFF *wbuf;
-	int ret=0;
-	int num;
-	unsigned char n;
-
-	if ((in == NULL) || (inl <= 0)) return(0);
-	if (b->next_bio == NULL) return(0);
-
-	wbuf=(EBCDIC_OUTBUFF *)b->ptr;
-
-	if (inl > (num = wbuf->alloced))
-	{
-		num = num + num;  /* double the size */
-		if (num < inl)
-			num = inl;
-		OPENSSL_free(wbuf);
-		wbuf=(EBCDIC_OUTBUFF *)OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + num);
-
-		wbuf->alloced = num;
-		wbuf->buff[0] = '\0';
-
-		b->ptr=(char *)wbuf;
-	}
-
-	ebcdic2ascii(wbuf->buff, in, inl);
-
-	ret=BIO_write(b->next_bio, wbuf->buff, inl);
-
-	return(ret);
-}
-
-static long ebcdic_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-	long ret;
-
-	if (b->next_bio == NULL) return(0);
-	switch (cmd)
-	{
-	case BIO_CTRL_DUP:
-		ret=0L;
-		break;
-	default:
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-	}
-	return(ret);
-}
-
-static int ebcdic_gets(BIO *bp, char *buf, int size)
-{
-	int i, ret=0;
-	if (bp->next_bio == NULL) return(0);
-/*	return(BIO_gets(bp->next_bio,buf,size));*/
-	for (i=0; inext_bio == NULL) return(0);
-	return ebcdic_write(bp, str, strlen(str));
-}
-#endif
-
-#ifndef OPENSSL_NO_TLSEXT
-
-/* This is a context that we pass to callbacks */
-typedef struct tlsextctx_st {
-   char * servername;
-   BIO * biodebug;
-   int extension_error;
-} tlsextctx;
-
-
-static int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg)
-	{
-	tlsextctx * p = (tlsextctx *) arg;
-	const char * servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);
-        if (servername && p->biodebug) 
-		BIO_printf(p->biodebug,"Hostname in TLS extension: \"%s\"\n",servername);
-        
-	if (!p->servername)
-		return SSL_TLSEXT_ERR_NOACK;
-	
-	if (servername)
-		{
-    		if (strcmp(servername,p->servername)) 
-			return p->extension_error;
-		if (ctx2)
-			{
-			BIO_printf(p->biodebug,"Switching server context.\n");
-			SSL_set_SSL_CTX(s,ctx2);
-			}     
-		}
-	return SSL_TLSEXT_ERR_OK;
-}
-
-/* Structure passed to cert status callback */
-
-typedef struct tlsextstatusctx_st {
-   /* Default responder to use */
-   char *host, *path, *port;
-   int use_ssl;
-   int timeout;
-   BIO *err;
-   int verbose;
-} tlsextstatusctx;
-
-static tlsextstatusctx tlscstatp = {NULL, NULL, NULL, 0, -1, NULL, 0};
-
-/* Certificate Status callback. This is called when a client includes a
- * certificate status request extension.
- *
- * This is a simplified version. It examines certificates each time and
- * makes one OCSP responder query for each request.
- *
- * A full version would store details such as the OCSP certificate IDs and
- * minimise the number of OCSP responses by caching them until they were
- * considered "expired".
- */
-
-static int cert_status_cb(SSL *s, void *arg)
-	{
-	tlsextstatusctx *srctx = arg;
-	BIO *err = srctx->err;
-	char *host, *port, *path;
-	int use_ssl;
-	unsigned char *rspder = NULL;
-	int rspderlen;
-	STACK_OF(OPENSSL_STRING) *aia = NULL;
-	X509 *x = NULL;
-	X509_STORE_CTX inctx;
-	X509_OBJECT obj;
-	OCSP_REQUEST *req = NULL;
-	OCSP_RESPONSE *resp = NULL;
-	OCSP_CERTID *id = NULL;
-	STACK_OF(X509_EXTENSION) *exts;
-	int ret = SSL_TLSEXT_ERR_NOACK;
-	int i;
-#if 0
-STACK_OF(OCSP_RESPID) *ids;
-SSL_get_tlsext_status_ids(s, &ids);
-BIO_printf(err, "cert_status: received %d ids\n", sk_OCSP_RESPID_num(ids));
-#endif
-	if (srctx->verbose)
-		BIO_puts(err, "cert_status: callback called\n");
-	/* Build up OCSP query from server certificate */
-	x = SSL_get_certificate(s);
-	aia = X509_get1_ocsp(x);
-	if (aia)
-		{
-		if (!OCSP_parse_url(sk_OPENSSL_STRING_value(aia, 0),
-			&host, &port, &path, &use_ssl))
-			{
-			BIO_puts(err, "cert_status: can't parse AIA URL\n");
-			goto err;
-			}
-		if (srctx->verbose)
-			BIO_printf(err, "cert_status: AIA URL: %s\n",
-					sk_OPENSSL_STRING_value(aia, 0));
-		}
-	else
-		{
-		if (!srctx->host)
-			{
-			BIO_puts(srctx->err, "cert_status: no AIA and no default responder URL\n");
-			goto done;
-			}
-		host = srctx->host;
-		path = srctx->path;
-		port = srctx->port;
-		use_ssl = srctx->use_ssl;
-		}
-		
-	if (!X509_STORE_CTX_init(&inctx,
-				SSL_CTX_get_cert_store(SSL_get_SSL_CTX(s)),
-				NULL, NULL))
-		goto err;
-	if (X509_STORE_get_by_subject(&inctx,X509_LU_X509,
-				X509_get_issuer_name(x),&obj) <= 0)
-		{
-		BIO_puts(err, "cert_status: Can't retrieve issuer certificate.\n");
-		X509_STORE_CTX_cleanup(&inctx);
-		goto done;
-		}
-	req = OCSP_REQUEST_new();
-	if (!req)
-		goto err;
-	id = OCSP_cert_to_id(NULL, x, obj.data.x509);
-	X509_free(obj.data.x509);
-	X509_STORE_CTX_cleanup(&inctx);
-	if (!id)
-		goto err;
-	if (!OCSP_request_add0_id(req, id))
-		goto err;
-	id = NULL;
-	/* Add any extensions to the request */
-	SSL_get_tlsext_status_exts(s, &exts);
-	for (i = 0; i < sk_X509_EXTENSION_num(exts); i++)
-		{
-		X509_EXTENSION *ext = sk_X509_EXTENSION_value(exts, i);
-		if (!OCSP_REQUEST_add_ext(req, ext, -1))
-			goto err;
-		}
-	resp = process_responder(err, req, host, path, port, use_ssl, NULL,
-					srctx->timeout);
-	if (!resp)
-		{
-		BIO_puts(err, "cert_status: error querying responder\n");
-		goto done;
-		}
-	rspderlen = i2d_OCSP_RESPONSE(resp, &rspder);
-	if (rspderlen <= 0)
-		goto err;
-	SSL_set_tlsext_status_ocsp_resp(s, rspder, rspderlen);
-	if (srctx->verbose)
-		{
-		BIO_puts(err, "cert_status: ocsp response sent:\n");
-		OCSP_RESPONSE_print(err, resp, 2);
-		}
-	ret = SSL_TLSEXT_ERR_OK;
-	done:
-	if (ret != SSL_TLSEXT_ERR_OK)
-		ERR_print_errors(err);
-	if (aia)
-		{
-		OPENSSL_free(host);
-		OPENSSL_free(path);
-		OPENSSL_free(port);
-		X509_email_free(aia);
-		}
-	if (id)
-		OCSP_CERTID_free(id);
-	if (req)
-		OCSP_REQUEST_free(req);
-	if (resp)
-		OCSP_RESPONSE_free(resp);
-	return ret;
-	err:
-	ret = SSL_TLSEXT_ERR_ALERT_FATAL;
-	goto done;
-	}
-
-# ifndef OPENSSL_NO_NEXTPROTONEG
-/* This is the context that we pass to next_proto_cb */
-typedef struct tlsextnextprotoctx_st {
-	unsigned char *data;
-	unsigned int len;
-} tlsextnextprotoctx;
-
-static int next_proto_cb(SSL *s, const unsigned char **data, unsigned int *len, void *arg)
-	{
-	tlsextnextprotoctx *next_proto = arg;
-
-	*data = next_proto->data;
-	*len = next_proto->len;
-
-	return SSL_TLSEXT_ERR_OK;
-	}
-# endif  /* ndef OPENSSL_NO_NPN */
-#endif
-
-int MAIN(int, char **);
-
-#ifndef OPENSSL_NO_JPAKE
-static char *jpake_secret = NULL;
-#endif
-
-int MAIN(int argc, char *argv[])
-	{
-	X509_VERIFY_PARAM *vpm = NULL;
-	int badarg = 0;
-	short port=PORT;
-	char *CApath=NULL,*CAfile=NULL;
-	unsigned char *context = NULL;
-	char *dhfile = NULL;
-#ifndef OPENSSL_NO_ECDH
-	char *named_curve = NULL;
-#endif
-	int badop=0,bugs=0;
-	int ret=1;
-	int off=0;
-	int no_tmp_rsa=0,no_dhe=0,no_ecdhe=0,nocert=0;
-	int state=0;
-	const SSL_METHOD *meth=NULL;
-	int socket_type=SOCK_STREAM;
-	ENGINE *e=NULL;
-	char *inrand=NULL;
-	int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM;
-	char *passarg = NULL, *pass = NULL;
-	char *dpassarg = NULL, *dpass = NULL;
-	int s_dcert_format = FORMAT_PEM, s_dkey_format = FORMAT_PEM;
-	X509 *s_cert = NULL, *s_dcert = NULL;
-	EVP_PKEY *s_key = NULL, *s_dkey = NULL;
-	int no_cache = 0;
-#ifndef OPENSSL_NO_TLSEXT
-	EVP_PKEY *s_key2 = NULL;
-	X509 *s_cert2 = NULL;
-#endif
-#ifndef OPENSSL_NO_TLSEXT
-        tlsextctx tlsextcbp = {NULL, NULL, SSL_TLSEXT_ERR_ALERT_WARNING};
-# ifndef OPENSSL_NO_NEXTPROTONEG
-	const char *next_proto_neg_in = NULL;
-	tlsextnextprotoctx next_proto;
-# endif
-#endif
-#ifndef OPENSSL_NO_PSK
-	/* by default do not send a PSK identity hint */
-	static char *psk_identity_hint=NULL;
-#endif
-#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
-	meth=SSLv23_server_method();
-#elif !defined(OPENSSL_NO_SSL3)
-	meth=SSLv3_server_method();
-#elif !defined(OPENSSL_NO_SSL2)
-	meth=SSLv2_server_method();
-#endif
-
-	local_argc=argc;
-	local_argv=argv;
-
-	apps_startup();
-#ifdef MONOLITH
-	s_server_init();
-#endif
-
-	if (bio_err == NULL)
-		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	verify_depth=0;
-#ifdef FIONBIO
-	s_nbio=0;
-#endif
-	s_nbio_test=0;
-
-	argc--;
-	argv++;
-
-	while (argc >= 1)
-		{
-		if	((strcmp(*argv,"-port") == 0) ||
-			 (strcmp(*argv,"-accept") == 0))
-			{
-			if (--argc < 1) goto bad;
-			if (!extract_port(*(++argv),&port))
-				goto bad;
-			}
-		else if	(strcmp(*argv,"-verify") == 0)
-			{
-			s_server_verify=SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE;
-			if (--argc < 1) goto bad;
-			verify_depth=atoi(*(++argv));
-			BIO_printf(bio_err,"verify depth is %d\n",verify_depth);
-			}
-		else if	(strcmp(*argv,"-Verify") == 0)
-			{
-			s_server_verify=SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT|
-				SSL_VERIFY_CLIENT_ONCE;
-			if (--argc < 1) goto bad;
-			verify_depth=atoi(*(++argv));
-			BIO_printf(bio_err,"verify depth is %d, must return a certificate\n",verify_depth);
-			}
-		else if	(strcmp(*argv,"-context") == 0)
-			{
-			if (--argc < 1) goto bad;
-			context= (unsigned char *)*(++argv);
-			}
-		else if	(strcmp(*argv,"-cert") == 0)
-			{
-			if (--argc < 1) goto bad;
-			s_cert_file= *(++argv);
-			}
-		else if	(strcmp(*argv,"-certform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			s_cert_format = str2fmt(*(++argv));
-			}
-		else if	(strcmp(*argv,"-key") == 0)
-			{
-			if (--argc < 1) goto bad;
-			s_key_file= *(++argv);
-			}
-		else if	(strcmp(*argv,"-keyform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			s_key_format = str2fmt(*(++argv));
-			}
-		else if	(strcmp(*argv,"-pass") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passarg = *(++argv);
-			}
-		else if	(strcmp(*argv,"-dhparam") == 0)
-			{
-			if (--argc < 1) goto bad;
-			dhfile = *(++argv);
-			}
-#ifndef OPENSSL_NO_ECDH		
-		else if	(strcmp(*argv,"-named_curve") == 0)
-			{
-			if (--argc < 1) goto bad;
-			named_curve = *(++argv);
-			}
-#endif
-		else if	(strcmp(*argv,"-dcertform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			s_dcert_format = str2fmt(*(++argv));
-			}
-		else if	(strcmp(*argv,"-dcert") == 0)
-			{
-			if (--argc < 1) goto bad;
-			s_dcert_file= *(++argv);
-			}
-		else if	(strcmp(*argv,"-dkeyform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			s_dkey_format = str2fmt(*(++argv));
-			}
-		else if	(strcmp(*argv,"-dpass") == 0)
-			{
-			if (--argc < 1) goto bad;
-			dpassarg = *(++argv);
-			}
-		else if	(strcmp(*argv,"-dkey") == 0)
-			{
-			if (--argc < 1) goto bad;
-			s_dkey_file= *(++argv);
-			}
-		else if (strcmp(*argv,"-nocert") == 0)
-			{
-			nocert=1;
-			}
-		else if	(strcmp(*argv,"-CApath") == 0)
-			{
-			if (--argc < 1) goto bad;
-			CApath= *(++argv);
-			}
-		else if (strcmp(*argv,"-no_cache") == 0)
-			no_cache = 1;
-		else if (args_verify(&argv, &argc, &badarg, bio_err, &vpm))
-			{
-			if (badarg)
-				goto bad;
-			continue;
-			}
-		else if (strcmp(*argv,"-verify_return_error") == 0)
-			verify_return_error = 1;
-		else if	(strcmp(*argv,"-serverpref") == 0)
-			{ off|=SSL_OP_CIPHER_SERVER_PREFERENCE; }
-		else if (strcmp(*argv,"-legacy_renegotiation") == 0)
-			off|=SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
-		else if	(strcmp(*argv,"-cipher") == 0)
-			{
-			if (--argc < 1) goto bad;
-			cipher= *(++argv);
-			}
-		else if	(strcmp(*argv,"-CAfile") == 0)
-			{
-			if (--argc < 1) goto bad;
-			CAfile= *(++argv);
-			}
-#ifdef FIONBIO	
-		else if	(strcmp(*argv,"-nbio") == 0)
-			{ s_nbio=1; }
-#endif
-		else if	(strcmp(*argv,"-nbio_test") == 0)
-			{
-#ifdef FIONBIO	
-			s_nbio=1;
-#endif
-			s_nbio_test=1;
-			}
-		else if	(strcmp(*argv,"-debug") == 0)
-			{ s_debug=1; }
-#ifndef OPENSSL_NO_TLSEXT
-		else if	(strcmp(*argv,"-tlsextdebug") == 0)
-			s_tlsextdebug=1;
-		else if	(strcmp(*argv,"-status") == 0)
-			s_tlsextstatus=1;
-		else if	(strcmp(*argv,"-status_verbose") == 0)
-			{
-			s_tlsextstatus=1;
-			tlscstatp.verbose = 1;
-			}
-		else if (!strcmp(*argv, "-status_timeout"))
-			{
-			s_tlsextstatus=1;
-                        if (--argc < 1) goto bad;
-			tlscstatp.timeout = atoi(*(++argv));
-			}
-		else if (!strcmp(*argv, "-status_url"))
-			{
-			s_tlsextstatus=1;
-                        if (--argc < 1) goto bad;
-			if (!OCSP_parse_url(*(++argv),
-					&tlscstatp.host,
-					&tlscstatp.port,
-					&tlscstatp.path,
-					&tlscstatp.use_ssl))
-				{
-				BIO_printf(bio_err, "Error parsing URL\n");
-				goto bad;
-				}
-			}
-#endif
-		else if	(strcmp(*argv,"-msg") == 0)
-			{ s_msg=1; }
-		else if	(strcmp(*argv,"-hack") == 0)
-			{ hack=1; }
-		else if	(strcmp(*argv,"-state") == 0)
-			{ state=1; }
-		else if	(strcmp(*argv,"-crlf") == 0)
-			{ s_crlf=1; }
-		else if	(strcmp(*argv,"-quiet") == 0)
-			{ s_quiet=1; }
-		else if	(strcmp(*argv,"-bugs") == 0)
-			{ bugs=1; }
-		else if	(strcmp(*argv,"-no_tmp_rsa") == 0)
-			{ no_tmp_rsa=1; }
-		else if	(strcmp(*argv,"-no_dhe") == 0)
-			{ no_dhe=1; }
-		else if	(strcmp(*argv,"-no_ecdhe") == 0)
-			{ no_ecdhe=1; }
-#ifndef OPENSSL_NO_PSK
-                else if (strcmp(*argv,"-psk_hint") == 0)
-			{
-                        if (--argc < 1) goto bad;
-                        psk_identity_hint= *(++argv);
-                        }
-                else if (strcmp(*argv,"-psk") == 0)
-			{
-			size_t i;
-
-			if (--argc < 1) goto bad;
-			psk_key=*(++argv);
-			for (i=0; i= 32)
-			BIO_printf(bio_err,
-"warning: id_prefix is too long, only one new session will be possible\n");
-		else if(strlen(session_id_prefix) >= 16)
-			BIO_printf(bio_err,
-"warning: id_prefix is too long if you use SSLv2\n");
-		if(!SSL_CTX_set_generate_session_id(ctx, generate_session_id))
-			{
-			BIO_printf(bio_err,"error setting 'id_prefix'\n");
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		BIO_printf(bio_err,"id_prefix '%s' set.\n", session_id_prefix);
-		}
-	SSL_CTX_set_quiet_shutdown(ctx,1);
-	if (bugs) SSL_CTX_set_options(ctx,SSL_OP_ALL);
-	if (hack) SSL_CTX_set_options(ctx,SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG);
-	SSL_CTX_set_options(ctx,off);
-	/* DTLS: partial reads end up discarding unread UDP bytes :-( 
-	 * Setting read ahead solves this problem.
-	 */
-	if (socket_type == SOCK_DGRAM) SSL_CTX_set_read_ahead(ctx, 1);
-
-	if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback);
-	if (no_cache)
-		SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF);
-	else
-		SSL_CTX_sess_set_cache_size(ctx,128);
-
-#if 0
-	if (cipher == NULL) cipher=getenv("SSL_CIPHER");
-#endif
-
-#if 0
-	if (s_cert_file == NULL)
-		{
-		BIO_printf(bio_err,"You must specify a certificate file for the server to use\n");
-		goto end;
-		}
-#endif
-
-	if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
-		(!SSL_CTX_set_default_verify_paths(ctx)))
-		{
-		/* BIO_printf(bio_err,"X509_load_verify_locations\n"); */
-		ERR_print_errors(bio_err);
-		/* goto end; */
-		}
-	if (vpm)
-		SSL_CTX_set1_param(ctx, vpm);
-
-#ifndef OPENSSL_NO_TLSEXT
-	if (s_cert2)
-		{
-		ctx2=SSL_CTX_new(meth);
-		if (ctx2 == NULL)
-			{
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		}
-	
-	if (ctx2)
-		{
-		BIO_printf(bio_s_out,"Setting secondary ctx parameters\n");
-
-		if (session_id_prefix)
-			{
-			if(strlen(session_id_prefix) >= 32)
-				BIO_printf(bio_err,
-					"warning: id_prefix is too long, only one new session will be possible\n");
-			else if(strlen(session_id_prefix) >= 16)
-				BIO_printf(bio_err,
-					"warning: id_prefix is too long if you use SSLv2\n");
-			if(!SSL_CTX_set_generate_session_id(ctx2, generate_session_id))
-				{
-				BIO_printf(bio_err,"error setting 'id_prefix'\n");
-				ERR_print_errors(bio_err);
-				goto end;
-				}
-			BIO_printf(bio_err,"id_prefix '%s' set.\n", session_id_prefix);
-			}
-		SSL_CTX_set_quiet_shutdown(ctx2,1);
-		if (bugs) SSL_CTX_set_options(ctx2,SSL_OP_ALL);
-		if (hack) SSL_CTX_set_options(ctx2,SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG);
-		SSL_CTX_set_options(ctx2,off);
-		/* DTLS: partial reads end up discarding unread UDP bytes :-( 
-		 * Setting read ahead solves this problem.
-		 */
-		if (socket_type == SOCK_DGRAM) SSL_CTX_set_read_ahead(ctx2, 1);
-
-		if (state) SSL_CTX_set_info_callback(ctx2,apps_ssl_info_callback);
-
-		if (no_cache)
-			SSL_CTX_set_session_cache_mode(ctx2,SSL_SESS_CACHE_OFF);
-		else
-			SSL_CTX_sess_set_cache_size(ctx2,128);
-
-		if ((!SSL_CTX_load_verify_locations(ctx2,CAfile,CApath)) ||
-			(!SSL_CTX_set_default_verify_paths(ctx2)))
-			{
-			ERR_print_errors(bio_err);
-			}
-		if (vpm)
-			SSL_CTX_set1_param(ctx2, vpm);
-		}
-
-# ifndef OPENSSL_NO_NEXTPROTONEG
-	if (next_proto.data)
-		SSL_CTX_set_next_protos_advertised_cb(ctx, next_proto_cb, &next_proto);
-# endif
-#endif 
-
-#ifndef OPENSSL_NO_DH
-	if (!no_dhe)
-		{
-		DH *dh=NULL;
-
-		if (dhfile)
-			dh = load_dh_param(dhfile);
-		else if (s_cert_file)
-			dh = load_dh_param(s_cert_file);
-
-		if (dh != NULL)
-			{
-			BIO_printf(bio_s_out,"Setting temp DH parameters\n");
-			}
-		else
-			{
-			BIO_printf(bio_s_out,"Using default temp DH parameters\n");
-			dh=get_dh512();
-			}
-		(void)BIO_flush(bio_s_out);
-
-		SSL_CTX_set_tmp_dh(ctx,dh);
-#ifndef OPENSSL_NO_TLSEXT
-		if (ctx2)
-			{
-			if (!dhfile)
-				{ 
-				DH *dh2=load_dh_param(s_cert_file2);
-				if (dh2 != NULL)
-					{
-					BIO_printf(bio_s_out,"Setting temp DH parameters\n");
-					(void)BIO_flush(bio_s_out);
-
-					DH_free(dh);
-					dh = dh2;
-					}
-				}
-			SSL_CTX_set_tmp_dh(ctx2,dh);
-			}
-#endif
-		DH_free(dh);
-		}
-#endif
-
-#ifndef OPENSSL_NO_ECDH
-	if (!no_ecdhe)
-		{
-		EC_KEY *ecdh=NULL;
-
-		if (named_curve)
-			{
-			int nid = OBJ_sn2nid(named_curve);
-
-			if (nid == 0)
-				{
-				BIO_printf(bio_err, "unknown curve name (%s)\n", 
-					named_curve);
-				goto end;
-				}
-			ecdh = EC_KEY_new_by_curve_name(nid);
-			if (ecdh == NULL)
-				{
-				BIO_printf(bio_err, "unable to create curve (%s)\n", 
-					named_curve);
-				goto end;
-				}
-			}
-
-		if (ecdh != NULL)
-			{
-			BIO_printf(bio_s_out,"Setting temp ECDH parameters\n");
-			}
-		else
-			{
-			BIO_printf(bio_s_out,"Using default temp ECDH parameters\n");
-			ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
-			if (ecdh == NULL) 
-				{
-				BIO_printf(bio_err, "unable to create curve (nistp256)\n");
-				goto end;
-				}
-			}
-		(void)BIO_flush(bio_s_out);
-
-		SSL_CTX_set_tmp_ecdh(ctx,ecdh);
-#ifndef OPENSSL_NO_TLSEXT
-		if (ctx2) 
-			SSL_CTX_set_tmp_ecdh(ctx2,ecdh);
-#endif
-		EC_KEY_free(ecdh);
-		}
-#endif
-	
-	if (!set_cert_key_stuff(ctx,s_cert,s_key))
-		goto end;
-#ifndef OPENSSL_NO_TLSEXT
-	if (ctx2 && !set_cert_key_stuff(ctx2,s_cert2,s_key2))
-		goto end; 
-#endif
-	if (s_dcert != NULL)
-		{
-		if (!set_cert_key_stuff(ctx,s_dcert,s_dkey))
-			goto end;
-		}
-
-#ifndef OPENSSL_NO_RSA
-#if 1
-	if (!no_tmp_rsa)
-		{
-		SSL_CTX_set_tmp_rsa_callback(ctx,tmp_rsa_cb);
-#ifndef OPENSSL_NO_TLSEXT
-		if (ctx2) 
-			SSL_CTX_set_tmp_rsa_callback(ctx2,tmp_rsa_cb);
-#endif		
-		}
-#else
-	if (!no_tmp_rsa && SSL_CTX_need_tmp_RSA(ctx))
-		{
-		RSA *rsa;
-
-		BIO_printf(bio_s_out,"Generating temp (512 bit) RSA key...");
-		BIO_flush(bio_s_out);
-
-		rsa=RSA_generate_key(512,RSA_F4,NULL);
-
-		if (!SSL_CTX_set_tmp_rsa(ctx,rsa))
-			{
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-#ifndef OPENSSL_NO_TLSEXT
-			if (ctx2)
-				{
-				if (!SSL_CTX_set_tmp_rsa(ctx2,rsa))
-					{
-					ERR_print_errors(bio_err);
-					goto end;
-					}
-				}
-# ifndef OPENSSL_NO_NEXTPROTONEG
-		if (next_proto_neg_in)
-			{
-			unsigned short len;
-			next_proto.data = next_protos_parse(&len,
-				next_proto_neg_in);
-			if (next_proto.data == NULL)
-				goto end;
-			next_proto.len = len;
-			}
-		else
-			{
-			next_proto.data = NULL;
-			}
-# endif
-#endif
-		RSA_free(rsa);
-		BIO_printf(bio_s_out,"\n");
-		}
-#endif
-#endif
-
-#ifndef OPENSSL_NO_PSK
-#ifdef OPENSSL_NO_JPAKE
-	if (psk_key != NULL)
-#else
-	if (psk_key != NULL || jpake_secret)
-#endif
-		{
-		if (s_debug)
-			BIO_printf(bio_s_out, "PSK key given or JPAKE in use, setting server callback\n");
-		SSL_CTX_set_psk_server_callback(ctx, psk_server_cb);
-		}
-
-	if (!SSL_CTX_use_psk_identity_hint(ctx, psk_identity_hint))
-		{
-		BIO_printf(bio_err,"error setting PSK identity hint to context\n");
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-#endif
-
-	if (cipher != NULL)
-		{
-		if(!SSL_CTX_set_cipher_list(ctx,cipher))
-			{
-			BIO_printf(bio_err,"error setting cipher list\n");
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-#ifndef OPENSSL_NO_TLSEXT
-		if (ctx2 && !SSL_CTX_set_cipher_list(ctx2,cipher))
-			{
-			BIO_printf(bio_err,"error setting cipher list\n");
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-#endif
-		}
-	SSL_CTX_set_verify(ctx,s_server_verify,verify_callback);
-	SSL_CTX_set_session_id_context(ctx,(void*)&s_server_session_id_context,
-		sizeof s_server_session_id_context);
-
-	/* Set DTLS cookie generation and verification callbacks */
-	SSL_CTX_set_cookie_generate_cb(ctx, generate_cookie_callback);
-	SSL_CTX_set_cookie_verify_cb(ctx, verify_cookie_callback);
-
-#ifndef OPENSSL_NO_TLSEXT
-	if (ctx2)
-		{
-		SSL_CTX_set_verify(ctx2,s_server_verify,verify_callback);
-		SSL_CTX_set_session_id_context(ctx2,(void*)&s_server_session_id_context,
-			sizeof s_server_session_id_context);
-
-		tlsextcbp.biodebug = bio_s_out;
-		SSL_CTX_set_tlsext_servername_callback(ctx2, ssl_servername_cb);
-		SSL_CTX_set_tlsext_servername_arg(ctx2, &tlsextcbp);
-		SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb);
-		SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp);
-		}
-#endif
-
-	if (CAfile != NULL)
-		{
-		SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(CAfile));
-#ifndef OPENSSL_NO_TLSEXT
-		if (ctx2) 
-			SSL_CTX_set_client_CA_list(ctx2,SSL_load_client_CA_file(CAfile));
-#endif
-		}
-
-	BIO_printf(bio_s_out,"ACCEPT\n");
-	(void)BIO_flush(bio_s_out);
-	if (www)
-		do_server(port,socket_type,&accept_socket,www_body, context);
-	else
-		do_server(port,socket_type,&accept_socket,sv_body, context);
-	print_stats(bio_s_out,ctx);
-	ret=0;
-end:
-	if (ctx != NULL) SSL_CTX_free(ctx);
-	if (s_cert)
-		X509_free(s_cert);
-	if (s_dcert)
-		X509_free(s_dcert);
-	if (s_key)
-		EVP_PKEY_free(s_key);
-	if (s_dkey)
-		EVP_PKEY_free(s_dkey);
-	if (pass)
-		OPENSSL_free(pass);
-	if (dpass)
-		OPENSSL_free(dpass);
-#ifndef OPENSSL_NO_TLSEXT
-	if (ctx2 != NULL) SSL_CTX_free(ctx2);
-	if (s_cert2)
-		X509_free(s_cert2);
-	if (s_key2)
-		EVP_PKEY_free(s_key2);
-#endif
-	if (bio_s_out != NULL)
-		{
-        BIO_free(bio_s_out);
-		bio_s_out=NULL;
-		}
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-
-static void print_stats(BIO *bio, SSL_CTX *ssl_ctx)
-	{
-	BIO_printf(bio,"%4ld items in the session cache\n",
-		SSL_CTX_sess_number(ssl_ctx));
-	BIO_printf(bio,"%4ld client connects (SSL_connect())\n",
-		SSL_CTX_sess_connect(ssl_ctx));
-	BIO_printf(bio,"%4ld client renegotiates (SSL_connect())\n",
-		SSL_CTX_sess_connect_renegotiate(ssl_ctx));
-	BIO_printf(bio,"%4ld client connects that finished\n",
-		SSL_CTX_sess_connect_good(ssl_ctx));
-	BIO_printf(bio,"%4ld server accepts (SSL_accept())\n",
-		SSL_CTX_sess_accept(ssl_ctx));
-	BIO_printf(bio,"%4ld server renegotiates (SSL_accept())\n",
-		SSL_CTX_sess_accept_renegotiate(ssl_ctx));
-	BIO_printf(bio,"%4ld server accepts that finished\n",
-		SSL_CTX_sess_accept_good(ssl_ctx));
-	BIO_printf(bio,"%4ld session cache hits\n",SSL_CTX_sess_hits(ssl_ctx));
-	BIO_printf(bio,"%4ld session cache misses\n",SSL_CTX_sess_misses(ssl_ctx));
-	BIO_printf(bio,"%4ld session cache timeouts\n",SSL_CTX_sess_timeouts(ssl_ctx));
-	BIO_printf(bio,"%4ld callback cache hits\n",SSL_CTX_sess_cb_hits(ssl_ctx));
-	BIO_printf(bio,"%4ld cache full overflows (%ld allowed)\n",
-		SSL_CTX_sess_cache_full(ssl_ctx),
-		SSL_CTX_sess_get_cache_size(ssl_ctx));
-	}
-
-static int sv_body(char *hostname, int s, unsigned char *context)
-	{
-	char *buf=NULL;
-	fd_set readfds;
-	int ret=1,width;
-	int k,i;
-	unsigned long l;
-	SSL *con=NULL;
-	BIO *sbio;
-	struct timeval timeout;
-#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5)
-	struct timeval tv;
-#else
-	struct timeval *timeoutp;
-#endif
-
-	if ((buf=OPENSSL_malloc(bufsize)) == NULL)
-		{
-		BIO_printf(bio_err,"out of memory\n");
-		goto err;
-		}
-#ifdef FIONBIO	
-	if (s_nbio)
-		{
-		unsigned long sl=1;
-
-		if (!s_quiet)
-			BIO_printf(bio_err,"turning on non blocking io\n");
-		if (BIO_socket_ioctl(s,FIONBIO,&sl) < 0)
-			ERR_print_errors(bio_err);
-		}
-#endif
-
-	if (con == NULL) {
-		con=SSL_new(ctx);
-#ifndef OPENSSL_NO_TLSEXT
-	if (s_tlsextdebug)
-		{
-		SSL_set_tlsext_debug_callback(con, tlsext_cb);
-		SSL_set_tlsext_debug_arg(con, bio_s_out);
-		}
-	if (s_tlsextstatus)
-		{
-		SSL_CTX_set_tlsext_status_cb(ctx, cert_status_cb);
-		tlscstatp.err = bio_err;
-		SSL_CTX_set_tlsext_status_arg(ctx, &tlscstatp);
-		}
-#endif
-#ifndef OPENSSL_NO_KRB5
-		if ((con->kssl_ctx = kssl_ctx_new()) != NULL)
-                        {
-                        kssl_ctx_setstring(con->kssl_ctx, KSSL_SERVICE,
-								KRB5SVC);
-                        kssl_ctx_setstring(con->kssl_ctx, KSSL_KEYTAB,
-								KRB5KEYTAB);
-                        }
-#endif	/* OPENSSL_NO_KRB5 */
-		if(context)
-		      SSL_set_session_id_context(con, context,
-						 strlen((char *)context));
-	}
-	SSL_clear(con);
-#if 0
-#ifdef TLSEXT_TYPE_opaque_prf_input
-	SSL_set_tlsext_opaque_prf_input(con, "Test server", 11);
-#endif
-#endif
-
-	if (SSL_version(con) == DTLS1_VERSION)
-		{
-
-		sbio=BIO_new_dgram(s,BIO_NOCLOSE);
-
-		if (enable_timeouts)
-			{
-			timeout.tv_sec = 0;
-			timeout.tv_usec = DGRAM_RCV_TIMEOUT;
-			BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, &timeout);
-			
-			timeout.tv_sec = 0;
-			timeout.tv_usec = DGRAM_SND_TIMEOUT;
-			BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout);
-			}
-
-		if (socket_mtu > 28)
-			{
-			SSL_set_options(con, SSL_OP_NO_QUERY_MTU);
-			SSL_set_mtu(con, socket_mtu - 28);
-			}
-		else
-			/* want to do MTU discovery */
-			BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL);
-
-        /* turn on cookie exchange */
-        SSL_set_options(con, SSL_OP_COOKIE_EXCHANGE);
-		}
-	else
-		sbio=BIO_new_socket(s,BIO_NOCLOSE);
-
-	if (s_nbio_test)
-		{
-		BIO *test;
-
-		test=BIO_new(BIO_f_nbio_test());
-		sbio=BIO_push(test,sbio);
-		}
-#ifndef OPENSSL_NO_JPAKE
-	if(jpake_secret)
-		jpake_server_auth(bio_s_out, sbio, jpake_secret);
-#endif
-
-	SSL_set_bio(con,sbio,sbio);
-	SSL_set_accept_state(con);
-	/* SSL_set_fd(con,s); */
-
-	if (s_debug)
-		{
-		con->debug=1;
-		BIO_set_callback(SSL_get_rbio(con),bio_dump_callback);
-		BIO_set_callback_arg(SSL_get_rbio(con),(char *)bio_s_out);
-		}
-	if (s_msg)
-		{
-		SSL_set_msg_callback(con, msg_cb);
-		SSL_set_msg_callback_arg(con, bio_s_out);
-		}
-#ifndef OPENSSL_NO_TLSEXT
-	if (s_tlsextdebug)
-		{
-		SSL_set_tlsext_debug_callback(con, tlsext_cb);
-		SSL_set_tlsext_debug_arg(con, bio_s_out);
-		}
-#endif
-
-	width=s+1;
-	for (;;)
-		{
-		int read_from_terminal;
-		int read_from_sslcon;
-
-		read_from_terminal = 0;
-		read_from_sslcon = SSL_pending(con);
-
-		if (!read_from_sslcon)
-			{
-			FD_ZERO(&readfds);
-#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE) && !defined(OPENSSL_SYS_BEOS_R5)
-			openssl_fdset(fileno(stdin),&readfds);
-#endif
-			openssl_fdset(s,&readfds);
-			/* Note: under VMS with SOCKETSHR the second parameter is
-			 * currently of type (int *) whereas under other systems
-			 * it is (void *) if you don't have a cast it will choke
-			 * the compiler: if you do have a cast then you can either
-			 * go for (int *) or (void *).
-			 */
-#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE)
-                        /* Under DOS (non-djgpp) and Windows we can't select on stdin: only
-			 * on sockets. As a workaround we timeout the select every
-			 * second and check for any keypress. In a proper Windows
-			 * application we wouldn't do this because it is inefficient.
-			 */
-			tv.tv_sec = 1;
-			tv.tv_usec = 0;
-			i=select(width,(void *)&readfds,NULL,NULL,&tv);
-			if((i < 0) || (!i && !_kbhit() ) )continue;
-			if(_kbhit())
-				read_from_terminal = 1;
-#elif defined(OPENSSL_SYS_BEOS_R5)
-			/* Under BeOS-R5 the situation is similar to DOS */
-			tv.tv_sec = 1;
-			tv.tv_usec = 0;
-			(void)fcntl(fileno(stdin), F_SETFL, O_NONBLOCK);
-			i=select(width,(void *)&readfds,NULL,NULL,&tv);
-			if ((i < 0) || (!i && read(fileno(stdin), buf, 0) < 0))
-				continue;
-			if (read(fileno(stdin), buf, 0) >= 0)
-				read_from_terminal = 1;
-			(void)fcntl(fileno(stdin), F_SETFL, 0);
-#else
-			if ((SSL_version(con) == DTLS1_VERSION) &&
-				DTLSv1_get_timeout(con, &timeout))
-				timeoutp = &timeout;
-			else
-				timeoutp = NULL;
-
-			i=select(width,(void *)&readfds,NULL,NULL,timeoutp);
-
-			if ((SSL_version(con) == DTLS1_VERSION) && DTLSv1_handle_timeout(con) > 0)
-				{
-				BIO_printf(bio_err,"TIMEOUT occured\n");
-				}
-
-			if (i <= 0) continue;
-			if (FD_ISSET(fileno(stdin),&readfds))
-				read_from_terminal = 1;
-#endif
-			if (FD_ISSET(s,&readfds))
-				read_from_sslcon = 1;
-			}
-		if (read_from_terminal)
-			{
-			if (s_crlf)
-				{
-				int j, lf_num;
-
-				i=raw_read_stdin(buf, bufsize/2);
-				lf_num = 0;
-				/* both loops are skipped when i <= 0 */
-				for (j = 0; j < i; j++)
-					if (buf[j] == '\n')
-						lf_num++;
-				for (j = i-1; j >= 0; j--)
-					{
-					buf[j+lf_num] = buf[j];
-					if (buf[j] == '\n')
-						{
-						lf_num--;
-						i++;
-						buf[j+lf_num] = '\r';
-						}
-					}
-				assert(lf_num == 0);
-				}
-			else
-				i=raw_read_stdin(buf,bufsize);
-			if (!s_quiet)
-				{
-				if ((i <= 0) || (buf[0] == 'Q'))
-					{
-					BIO_printf(bio_s_out,"DONE\n");
-					SHUTDOWN(s);
-					close_accept_socket();
-					ret= -11;
-					goto err;
-					}
-				if ((i <= 0) || (buf[0] == 'q'))
-					{
-					BIO_printf(bio_s_out,"DONE\n");
-					if (SSL_version(con) != DTLS1_VERSION)
-                        SHUTDOWN(s);
-	/*				close_accept_socket();
-					ret= -11;*/
-					goto err;
-					}
-
-				if ((buf[0] == 'r') && 
-					((buf[1] == '\n') || (buf[1] == '\r')))
-					{
-					SSL_renegotiate(con);
-					i=SSL_do_handshake(con);
-					printf("SSL_do_handshake -> %d\n",i);
-					i=0; /*13; */
-					continue;
-					/* strcpy(buf,"server side RE-NEGOTIATE\n"); */
-					}
-				if ((buf[0] == 'R') &&
-					((buf[1] == '\n') || (buf[1] == '\r')))
-					{
-					SSL_set_verify(con,
-						SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE,NULL);
-					SSL_renegotiate(con);
-					i=SSL_do_handshake(con);
-					printf("SSL_do_handshake -> %d\n",i);
-					i=0; /* 13; */
-					continue;
-					/* strcpy(buf,"server side RE-NEGOTIATE asking for client cert\n"); */
-					}
-				if (buf[0] == 'P')
-					{
-					static const char *str="Lets print some clear text\n";
-					BIO_write(SSL_get_wbio(con),str,strlen(str));
-					}
-				if (buf[0] == 'S')
-					{
-					print_stats(bio_s_out,SSL_get_SSL_CTX(con));
-					}
-				}
-#ifdef CHARSET_EBCDIC
-			ebcdic2ascii(buf,buf,i);
-#endif
-			l=k=0;
-			for (;;)
-				{
-				/* should do a select for the write */
-#ifdef RENEG
-{ static count=0; if (++count == 100) { count=0; SSL_renegotiate(con); } }
-#endif
-				k=SSL_write(con,&(buf[l]),(unsigned int)i);
-				switch (SSL_get_error(con,k))
-					{
-				case SSL_ERROR_NONE:
-					break;
-				case SSL_ERROR_WANT_WRITE:
-				case SSL_ERROR_WANT_READ:
-				case SSL_ERROR_WANT_X509_LOOKUP:
-					BIO_printf(bio_s_out,"Write BLOCK\n");
-					break;
-				case SSL_ERROR_SYSCALL:
-				case SSL_ERROR_SSL:
-					BIO_printf(bio_s_out,"ERROR\n");
-					ERR_print_errors(bio_err);
-					ret=1;
-					goto err;
-					/* break; */
-				case SSL_ERROR_ZERO_RETURN:
-					BIO_printf(bio_s_out,"DONE\n");
-					ret=1;
-					goto err;
-					}
-				l+=k;
-				i-=k;
-				if (i <= 0) break;
-				}
-			}
-		if (read_from_sslcon)
-			{
-			if (!SSL_is_init_finished(con))
-				{
-				i=init_ssl_connection(con);
-				
-				if (i < 0)
-					{
-					ret=0;
-					goto err;
-					}
-				else if (i == 0)
-					{
-					ret=1;
-					goto err;
-					}
-				}
-			else
-				{
-again:	
-				i=SSL_read(con,(char *)buf,bufsize);
-				switch (SSL_get_error(con,i))
-					{
-				case SSL_ERROR_NONE:
-#ifdef CHARSET_EBCDIC
-					ascii2ebcdic(buf,buf,i);
-#endif
-					raw_write_stdout(buf,
-						(unsigned int)i);
-					if (SSL_pending(con)) goto again;
-					break;
-				case SSL_ERROR_WANT_WRITE:
-				case SSL_ERROR_WANT_READ:
-				case SSL_ERROR_WANT_X509_LOOKUP:
-					BIO_printf(bio_s_out,"Read BLOCK\n");
-					break;
-				case SSL_ERROR_SYSCALL:
-				case SSL_ERROR_SSL:
-					BIO_printf(bio_s_out,"ERROR\n");
-					ERR_print_errors(bio_err);
-					ret=1;
-					goto err;
-				case SSL_ERROR_ZERO_RETURN:
-					BIO_printf(bio_s_out,"DONE\n");
-					ret=1;
-					goto err;
-					}
-				}
-			}
-		}
-err:
-	if (con != NULL)
-		{
-		BIO_printf(bio_s_out,"shutting down SSL\n");
-#if 1
-		SSL_set_shutdown(con,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
-#else
-		SSL_shutdown(con);
-#endif
-		SSL_free(con);
-		}
-	BIO_printf(bio_s_out,"CONNECTION CLOSED\n");
-	if (buf != NULL)
-		{
-		OPENSSL_cleanse(buf,bufsize);
-		OPENSSL_free(buf);
-		}
-	if (ret >= 0)
-		BIO_printf(bio_s_out,"ACCEPT\n");
-	return(ret);
-	}
-
-static void close_accept_socket(void)
-	{
-	BIO_printf(bio_err,"shutdown accept socket\n");
-	if (accept_socket >= 0)
-		{
-		SHUTDOWN2(accept_socket);
-		}
-	}
-
-static int init_ssl_connection(SSL *con)
-	{
-	int i;
-	const char *str;
-	X509 *peer;
-	long verify_error;
-	MS_STATIC char buf[BUFSIZ];
-#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
-	const unsigned char *next_proto_neg;
-	unsigned next_proto_neg_len;
-#endif
-
-	if ((i=SSL_accept(con)) <= 0)
-		{
-		if (BIO_sock_should_retry(i))
-			{
-			BIO_printf(bio_s_out,"DELAY\n");
-			return(1);
-			}
-
-		BIO_printf(bio_err,"ERROR\n");
-		verify_error=SSL_get_verify_result(con);
-		if (verify_error != X509_V_OK)
-			{
-			BIO_printf(bio_err,"verify error:%s\n",
-				X509_verify_cert_error_string(verify_error));
-			}
-		else
-			ERR_print_errors(bio_err);
-		return(0);
-		}
-
-	PEM_write_bio_SSL_SESSION(bio_s_out,SSL_get_session(con));
-
-	peer=SSL_get_peer_certificate(con);
-	if (peer != NULL)
-		{
-		BIO_printf(bio_s_out,"Client certificate\n");
-		PEM_write_bio_X509(bio_s_out,peer);
-		X509_NAME_oneline(X509_get_subject_name(peer),buf,sizeof buf);
-		BIO_printf(bio_s_out,"subject=%s\n",buf);
-		X509_NAME_oneline(X509_get_issuer_name(peer),buf,sizeof buf);
-		BIO_printf(bio_s_out,"issuer=%s\n",buf);
-		X509_free(peer);
-		}
-
-	if (SSL_get_shared_ciphers(con,buf,sizeof buf) != NULL)
-		BIO_printf(bio_s_out,"Shared ciphers:%s\n",buf);
-	str=SSL_CIPHER_get_name(SSL_get_current_cipher(con));
-	BIO_printf(bio_s_out,"CIPHER is %s\n",(str != NULL)?str:"(NONE)");
-#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
-	SSL_get0_next_proto_negotiated(con, &next_proto_neg, &next_proto_neg_len);
-	if (next_proto_neg)
-		{
-		BIO_printf(bio_s_out,"NEXTPROTO is ");
-		BIO_write(bio_s_out, next_proto_neg, next_proto_neg_len);
-		BIO_printf(bio_s_out, "\n");
-		}
-#endif
-	if (con->hit) BIO_printf(bio_s_out,"Reused session-id\n");
-	if (SSL_ctrl(con,SSL_CTRL_GET_FLAGS,0,NULL) &
-		TLS1_FLAGS_TLS_PADDING_BUG)
-		BIO_printf(bio_s_out,"Peer has incorrect TLSv1 block padding\n");
-#ifndef OPENSSL_NO_KRB5
-	if (con->kssl_ctx->client_princ != NULL)
-		{
-		BIO_printf(bio_s_out,"Kerberos peer principal is %s\n",
-			con->kssl_ctx->client_princ);
-		}
-#endif /* OPENSSL_NO_KRB5 */
-	BIO_printf(bio_s_out, "Secure Renegotiation IS%s supported\n",
-		      SSL_get_secure_renegotiation_support(con) ? "" : " NOT");
-	return(1);
-	}
-
-#ifndef OPENSSL_NO_DH
-static DH *load_dh_param(const char *dhfile)
-	{
-	DH *ret=NULL;
-	BIO *bio;
-
-	if ((bio=BIO_new_file(dhfile,"r")) == NULL)
-		goto err;
-	ret=PEM_read_bio_DHparams(bio,NULL,NULL,NULL);
-err:
-	if (bio != NULL) BIO_free(bio);
-	return(ret);
-	}
-#endif
-
-#if 0
-static int load_CA(SSL_CTX *ctx, char *file)
-	{
-	FILE *in;
-	X509 *x=NULL;
-
-	if ((in=fopen(file,"r")) == NULL)
-		return(0);
-
-	for (;;)
-		{
-		if (PEM_read_X509(in,&x,NULL) == NULL)
-			break;
-		SSL_CTX_add_client_CA(ctx,x);
-		}
-	if (x != NULL) X509_free(x);
-	fclose(in);
-	return(1);
-	}
-#endif
-
-static int www_body(char *hostname, int s, unsigned char *context)
-	{
-	char *buf=NULL;
-	int ret=1;
-	int i,j,k,dot;
-	SSL *con;
-	const SSL_CIPHER *c;
-	BIO *io,*ssl_bio,*sbio;
-
-	buf=OPENSSL_malloc(bufsize);
-	if (buf == NULL) return(0);
-	io=BIO_new(BIO_f_buffer());
-	ssl_bio=BIO_new(BIO_f_ssl());
-	if ((io == NULL) || (ssl_bio == NULL)) goto err;
-
-#ifdef FIONBIO	
-	if (s_nbio)
-		{
-		unsigned long sl=1;
-
-		if (!s_quiet)
-			BIO_printf(bio_err,"turning on non blocking io\n");
-		if (BIO_socket_ioctl(s,FIONBIO,&sl) < 0)
-			ERR_print_errors(bio_err);
-		}
-#endif
-
-	/* lets make the output buffer a reasonable size */
-	if (!BIO_set_write_buffer_size(io,bufsize)) goto err;
-
-	if ((con=SSL_new(ctx)) == NULL) goto err;
-#ifndef OPENSSL_NO_TLSEXT
-		if (s_tlsextdebug)
-			{
-			SSL_set_tlsext_debug_callback(con, tlsext_cb);
-			SSL_set_tlsext_debug_arg(con, bio_s_out);
-			}
-#endif
-#ifndef OPENSSL_NO_KRB5
-	if ((con->kssl_ctx = kssl_ctx_new()) != NULL)
-		{
-		kssl_ctx_setstring(con->kssl_ctx, KSSL_SERVICE, KRB5SVC);
-		kssl_ctx_setstring(con->kssl_ctx, KSSL_KEYTAB, KRB5KEYTAB);
-		}
-#endif	/* OPENSSL_NO_KRB5 */
-	if(context) SSL_set_session_id_context(con, context,
-					       strlen((char *)context));
-
-	sbio=BIO_new_socket(s,BIO_NOCLOSE);
-	if (s_nbio_test)
-		{
-		BIO *test;
-
-		test=BIO_new(BIO_f_nbio_test());
-		sbio=BIO_push(test,sbio);
-		}
-	SSL_set_bio(con,sbio,sbio);
-	SSL_set_accept_state(con);
-
-	/* SSL_set_fd(con,s); */
-	BIO_set_ssl(ssl_bio,con,BIO_CLOSE);
-	BIO_push(io,ssl_bio);
-#ifdef CHARSET_EBCDIC
-	io = BIO_push(BIO_new(BIO_f_ebcdic_filter()),io);
-#endif
-
-	if (s_debug)
-		{
-		con->debug=1;
-		BIO_set_callback(SSL_get_rbio(con),bio_dump_callback);
-		BIO_set_callback_arg(SSL_get_rbio(con),(char *)bio_s_out);
-		}
-	if (s_msg)
-		{
-		SSL_set_msg_callback(con, msg_cb);
-		SSL_set_msg_callback_arg(con, bio_s_out);
-		}
-
-	for (;;)
-		{
-		if (hack)
-			{
-			i=SSL_accept(con);
-
-			switch (SSL_get_error(con,i))
-				{
-			case SSL_ERROR_NONE:
-				break;
-			case SSL_ERROR_WANT_WRITE:
-			case SSL_ERROR_WANT_READ:
-			case SSL_ERROR_WANT_X509_LOOKUP:
-				continue;
-			case SSL_ERROR_SYSCALL:
-			case SSL_ERROR_SSL:
-			case SSL_ERROR_ZERO_RETURN:
-				ret=1;
-				goto err;
-				/* break; */
-				}
-
-			SSL_renegotiate(con);
-			SSL_write(con,NULL,0);
-			}
-
-		i=BIO_gets(io,buf,bufsize-1);
-		if (i < 0) /* error */
-			{
-			if (!BIO_should_retry(io))
-				{
-				if (!s_quiet)
-					ERR_print_errors(bio_err);
-				goto err;
-				}
-			else
-				{
-				BIO_printf(bio_s_out,"read R BLOCK\n");
-#if defined(OPENSSL_SYS_NETWARE)
-            delay(1000);
-#elif !defined(OPENSSL_SYS_MSDOS) && !defined(__DJGPP__)
-				sleep(1);
-#endif
-				continue;
-				}
-			}
-		else if (i == 0) /* end of input */
-			{
-			ret=1;
-			goto end;
-			}
-
-		/* else we have data */
-		if (	((www == 1) && (strncmp("GET ",buf,4) == 0)) ||
-			((www == 2) && (strncmp("GET /stats ",buf,10) == 0)))
-			{
-			char *p;
-			X509 *peer;
-			STACK_OF(SSL_CIPHER) *sk;
-			static const char *space="                          ";
-
-			BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n");
-			BIO_puts(io,"\n");
-			BIO_puts(io,"
    \n");
-/*			BIO_puts(io,SSLeay_version(SSLEAY_VERSION));*/
-			BIO_puts(io,"\n");
-			for (i=0; ihit)
-				?"---\nReused, "
-				:"---\nNew, "));
-			c=SSL_get_current_cipher(con);
-			BIO_printf(io,"%s, Cipher is %s\n",
-				SSL_CIPHER_get_version(c),
-				SSL_CIPHER_get_name(c));
-			SSL_SESSION_print(io,SSL_get_session(con));
-			BIO_printf(io,"---\n");
-			print_stats(io,SSL_get_SSL_CTX(con));
-			BIO_printf(io,"---\n");
-			peer=SSL_get_peer_certificate(con);
-			if (peer != NULL)
-				{
-				BIO_printf(io,"Client certificate\n");
-				X509_print(io,peer);
-				PEM_write_bio_X509(io,peer);
-				}
-			else
-				BIO_puts(io,"no client certificate available\n");
-			BIO_puts(io,"\r\n\r\n");
-			break;
-			}
-		else if ((www == 2 || www == 3)
-                         && (strncmp("GET /",buf,5) == 0))
-			{
-			BIO *file;
-			char *p,*e;
-			static const char *text="HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n";
-
-			/* skip the '/' */
-			p= &(buf[5]);
-
-			dot = 1;
-			for (e=p; *e != '\0'; e++)
-				{
-				if (e[0] == ' ')
-					break;
-
-				switch (dot)
-					{
-				case 1:
-					dot = (e[0] == '.') ? 2 : 0;
-					break;
-				case 2:
-					dot = (e[0] == '.') ? 3 : 0;
-					break;
-				case 3:
-					dot = (e[0] == '/') ? -1 : 0;
-					break;
-					}
-				if (dot == 0)
-					dot = (e[0] == '/') ? 1 : 0;
-				}
-			dot = (dot == 3) || (dot == -1); /* filename contains ".." component */
-
-			if (*e == '\0')
-				{
-				BIO_puts(io,text);
-				BIO_printf(io,"'%s' is an invalid file name\r\n",p);
-				break;
-				}
-			*e='\0';
-
-			if (dot)
-				{
-				BIO_puts(io,text);
-				BIO_printf(io,"'%s' contains '..' reference\r\n",p);
-				break;
-				}
-
-			if (*p == '/')
-				{
-				BIO_puts(io,text);
-				BIO_printf(io,"'%s' is an invalid path\r\n",p);
-				break;
-				}
-
-#if 0
-			/* append if a directory lookup */
-			if (e[-1] == '/')
-				strcat(p,"index.html");
-#endif
-
-			/* if a directory, do the index thang */
-			if (app_isdir(p)>0)
-				{
-#if 0 /* must check buffer size */
-				strcat(p,"/index.html");
-#else
-				BIO_puts(io,text);
-				BIO_printf(io,"'%s' is a directory\r\n",p);
-				break;
-#endif
-				}
-
-			if ((file=BIO_new_file(p,"r")) == NULL)
-				{
-				BIO_puts(io,text);
-				BIO_printf(io,"Error opening '%s'\r\n",p);
-				ERR_print_errors(io);
-				break;
-				}
-
-			if (!s_quiet)
-				BIO_printf(bio_err,"FILE:%s\n",p);
-
-                        if (www == 2)
-                                {
-                                i=strlen(p);
-                                if (	((i > 5) && (strcmp(&(p[i-5]),".html") == 0)) ||
-                                        ((i > 4) && (strcmp(&(p[i-4]),".php") == 0)) ||
-                                        ((i > 4) && (strcmp(&(p[i-4]),".htm") == 0)))
-                                        BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n");
-                                else
-                                        BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n");
-                                }
-			/* send the file */
-			for (;;)
-				{
-				i=BIO_read(file,buf,bufsize);
-				if (i <= 0) break;
-
-#ifdef RENEG
-				total_bytes+=i;
-				fprintf(stderr,"%d\n",i);
-				if (total_bytes > 3*1024)
-					{
-					total_bytes=0;
-					fprintf(stderr,"RENEGOTIATE\n");
-					SSL_renegotiate(con);
-					}
-#endif
-
-				for (j=0; j= 0)
-		BIO_printf(bio_s_out,"ACCEPT\n");
-
-	if (buf != NULL) OPENSSL_free(buf);
-	if (io != NULL) BIO_free_all(io);
-/*	if (ssl_bio != NULL) BIO_free(ssl_bio);*/
-	return(ret);
-	}
-
-#ifndef OPENSSL_NO_RSA
-static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength)
-	{
-	BIGNUM *bn = NULL;
-	static RSA *rsa_tmp=NULL;
-
-	if (!rsa_tmp && ((bn = BN_new()) == NULL))
-		BIO_printf(bio_err,"Allocation error in generating RSA key\n");
-	if (!rsa_tmp && bn)
-		{
-		if (!s_quiet)
-			{
-			BIO_printf(bio_err,"Generating temp (%d bit) RSA key...",keylength);
-			(void)BIO_flush(bio_err);
-			}
-		if(!BN_set_word(bn, RSA_F4) || ((rsa_tmp = RSA_new()) == NULL) ||
-				!RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL))
-			{
-			if(rsa_tmp) RSA_free(rsa_tmp);
-			rsa_tmp = NULL;
-			}
-		if (!s_quiet)
-			{
-			BIO_printf(bio_err,"\n");
-			(void)BIO_flush(bio_err);
-			}
-		BN_free(bn);
-		}
-	return(rsa_tmp);
-	}
-#endif
-
-#define MAX_SESSION_ID_ATTEMPTS 10
-static int generate_session_id(const SSL *ssl, unsigned char *id,
-				unsigned int *id_len)
-	{
-	unsigned int count = 0;
-	do	{
-		RAND_pseudo_bytes(id, *id_len);
-		/* Prefix the session_id with the required prefix. NB: If our
-		 * prefix is too long, clip it - but there will be worse effects
-		 * anyway, eg. the server could only possibly create 1 session
-		 * ID (ie. the prefix!) so all future session negotiations will
-		 * fail due to conflicts. */
-		memcpy(id, session_id_prefix,
-			(strlen(session_id_prefix) < *id_len) ?
-			strlen(session_id_prefix) : *id_len);
-		}
-	while(SSL_has_matching_session_id(ssl, id, *id_len) &&
-		(++count < MAX_SESSION_ID_ATTEMPTS));
-	if(count >= MAX_SESSION_ID_ATTEMPTS)
-		return 0;
-	return 1;
-	}
diff --git a/deps/openssl/openssl/apps/s_socket.c b/deps/openssl/openssl/apps/s_socket.c
deleted file mode 100644
index c08544a13cb..00000000000
--- a/deps/openssl/openssl/apps/s_socket.c
+++ /dev/null
@@ -1,620 +0,0 @@
-/* apps/s_socket.c -  socket-related functions used by s_client and s_server */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include 
-#include 
-#include 
-#include 
-#include 
-
-#ifdef FLAT_INC
-#include "e_os2.h"
-#else
-#include "../e_os2.h"
-#endif
-
-/* With IPv6, it looks like Digital has mixed up the proper order of
-   recursive header file inclusion, resulting in the compiler complaining
-   that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which
-   is needed to have fileno() declared correctly...  So let's define u_int */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT)
-#define __U_INT
-typedef unsigned int u_int;
-#endif
-
-#define USE_SOCKETS
-#define NON_MAIN
-#include "apps.h"
-#undef USE_SOCKETS
-#undef NON_MAIN
-#include "s_apps.h"
-#include 
-
-#ifdef FLAT_INC
-#include "e_os.h"
-#else
-#include "../e_os.h"
-#endif
-
-#ifndef OPENSSL_NO_SOCK
-
-#if defined(OPENSSL_SYS_NETWARE) && defined(NETWARE_BSDSOCK)
-#include "netdb.h"
-#endif
-
-static struct hostent *GetHostByName(char *name);
-#if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK))
-static void ssl_sock_cleanup(void);
-#endif
-static int ssl_sock_init(void);
-static int init_client_ip(int *sock,unsigned char ip[4], int port, int type);
-static int init_server(int *sock, int port, int type);
-static int init_server_long(int *sock, int port,char *ip, int type);
-static int do_accept(int acc_sock, int *sock, char **host);
-static int host_ip(char *str, unsigned char ip[4]);
-
-#ifdef OPENSSL_SYS_WIN16
-#define SOCKET_PROTOCOL	0 /* more microsoft stupidity */
-#else
-#define SOCKET_PROTOCOL	IPPROTO_TCP
-#endif
-
-#if defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)
-static int wsa_init_done=0;
-#endif
-
-#ifdef OPENSSL_SYS_WINDOWS
-static struct WSAData wsa_state;
-static int wsa_init_done=0;
-
-#ifdef OPENSSL_SYS_WIN16
-static HWND topWnd=0;
-static FARPROC lpTopWndProc=NULL;
-static FARPROC lpTopHookProc=NULL;
-extern HINSTANCE _hInstance;  /* nice global CRT provides */
-
-static LONG FAR PASCAL topHookProc(HWND hwnd, UINT message, WPARAM wParam,
-	     LPARAM lParam)
-	{
-	if (hwnd == topWnd)
-		{
-		switch(message)
-			{
-		case WM_DESTROY:
-		case WM_CLOSE:
-			SetWindowLong(topWnd,GWL_WNDPROC,(LONG)lpTopWndProc);
-			ssl_sock_cleanup();
-			break;
-			}
-		}
-	return CallWindowProc(lpTopWndProc,hwnd,message,wParam,lParam);
-	}
-
-static BOOL CALLBACK enumproc(HWND hwnd,LPARAM lParam)
-	{
-	topWnd=hwnd;
-	return(FALSE);
-	}
-
-#endif /* OPENSSL_SYS_WIN32 */
-#endif /* OPENSSL_SYS_WINDOWS */
-
-#ifdef OPENSSL_SYS_WINDOWS
-static void ssl_sock_cleanup(void)
-	{
-	if (wsa_init_done)
-		{
-		wsa_init_done=0;
-#ifndef OPENSSL_SYS_WINCE
-		WSACancelBlockingCall();
-#endif
-		WSACleanup();
-		}
-	}
-#elif defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)
-static void sock_cleanup(void)
-    {
-    if (wsa_init_done)
-        {
-        wsa_init_done=0;
-		WSACleanup();
-		}
-	}
-#endif
-
-static int ssl_sock_init(void)
-	{
-#ifdef WATT32
-	extern int _watt_do_exit;
-	_watt_do_exit = 0;
-	if (sock_init())
-		return (0);
-#elif defined(OPENSSL_SYS_WINDOWS)
-	if (!wsa_init_done)
-		{
-		int err;
-	  
-#ifdef SIGINT
-		signal(SIGINT,(void (*)(int))ssl_sock_cleanup);
-#endif
-		wsa_init_done=1;
-		memset(&wsa_state,0,sizeof(wsa_state));
-		if (WSAStartup(0x0101,&wsa_state)!=0)
-			{
-			err=WSAGetLastError();
-			BIO_printf(bio_err,"unable to start WINSOCK, error code=%d\n",err);
-			return(0);
-			}
-
-#ifdef OPENSSL_SYS_WIN16
-		EnumTaskWindows(GetCurrentTask(),enumproc,0L);
-		lpTopWndProc=(FARPROC)GetWindowLong(topWnd,GWL_WNDPROC);
-		lpTopHookProc=MakeProcInstance((FARPROC)topHookProc,_hInstance);
-
-		SetWindowLong(topWnd,GWL_WNDPROC,(LONG)lpTopHookProc);
-#endif /* OPENSSL_SYS_WIN16 */
-		}
-#elif defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)
-   WORD wVerReq;
-   WSADATA wsaData;
-   int err;
-
-   if (!wsa_init_done)
-      {
-   
-# ifdef SIGINT
-      signal(SIGINT,(void (*)(int))sock_cleanup);
-# endif
-
-      wsa_init_done=1;
-      wVerReq = MAKEWORD( 2, 0 );
-      err = WSAStartup(wVerReq,&wsaData);
-      if (err != 0)
-         {
-         BIO_printf(bio_err,"unable to start WINSOCK2, error code=%d\n",err);
-         return(0);
-         }
-      }
-#endif /* OPENSSL_SYS_WINDOWS */
-	return(1);
-	}
-
-int init_client(int *sock, char *host, int port, int type)
-	{
-	unsigned char ip[4];
-
-	if (!host_ip(host,&(ip[0])))
-		{
-		return(0);
-		}
-	return(init_client_ip(sock,ip,port,type));
-	}
-
-static int init_client_ip(int *sock, unsigned char ip[4], int port, int type)
-	{
-	unsigned long addr;
-	struct sockaddr_in them;
-	int s,i;
-
-	if (!ssl_sock_init()) return(0);
-
-	memset((char *)&them,0,sizeof(them));
-	them.sin_family=AF_INET;
-	them.sin_port=htons((unsigned short)port);
-	addr=(unsigned long)
-		((unsigned long)ip[0]<<24L)|
-		((unsigned long)ip[1]<<16L)|
-		((unsigned long)ip[2]<< 8L)|
-		((unsigned long)ip[3]);
-	them.sin_addr.s_addr=htonl(addr);
-
-	if (type == SOCK_STREAM)
-		s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
-	else /* ( type == SOCK_DGRAM) */
-		s=socket(AF_INET,SOCK_DGRAM,IPPROTO_UDP);
-			
-	if (s == INVALID_SOCKET) { perror("socket"); return(0); }
-
-#if defined(SO_KEEPALIVE) && !defined(OPENSSL_SYS_MPE)
-	if (type == SOCK_STREAM)
-		{
-		i=0;
-		i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
-		if (i < 0) { perror("keepalive"); return(0); }
-		}
-#endif
-
-	if (connect(s,(struct sockaddr *)&them,sizeof(them)) == -1)
-		{ closesocket(s); perror("connect"); return(0); }
-	*sock=s;
-	return(1);
-	}
-
-int do_server(int port, int type, int *ret, int (*cb)(char *hostname, int s, unsigned char *context), unsigned char *context)
-	{
-	int sock;
-	char *name = NULL;
-	int accept_socket = 0;
-	int i;
-
-	if (!init_server(&accept_socket,port,type)) return(0);
-
-	if (ret != NULL)
-		{
-		*ret=accept_socket;
-		/* return(1);*/
-		}
-  	for (;;)
-  		{
-		if (type==SOCK_STREAM)
-			{
-			if (do_accept(accept_socket,&sock,&name) == 0)
-				{
-				SHUTDOWN(accept_socket);
-				return(0);
-				}
-			}
-		else
-			sock = accept_socket;
-		i=(*cb)(name,sock, context);
-		if (name != NULL) OPENSSL_free(name);
-		if (type==SOCK_STREAM)
-			SHUTDOWN2(sock);
-		if (i < 0)
-			{
-			SHUTDOWN2(accept_socket);
-			return(i);
-			}
-		}
-	}
-
-static int init_server_long(int *sock, int port, char *ip, int type)
-	{
-	int ret=0;
-	struct sockaddr_in server;
-	int s= -1;
-
-	if (!ssl_sock_init()) return(0);
-
-	memset((char *)&server,0,sizeof(server));
-	server.sin_family=AF_INET;
-	server.sin_port=htons((unsigned short)port);
-	if (ip == NULL)
-		server.sin_addr.s_addr=INADDR_ANY;
-	else
-/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */
-#ifndef BIT_FIELD_LIMITS
-		memcpy(&server.sin_addr.s_addr,ip,4);
-#else
-		memcpy(&server.sin_addr,ip,4);
-#endif
-	
-		if (type == SOCK_STREAM)
-			s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
-		else /* type == SOCK_DGRAM */
-			s=socket(AF_INET, SOCK_DGRAM,IPPROTO_UDP);
-
-	if (s == INVALID_SOCKET) goto err;
-#if defined SOL_SOCKET && defined SO_REUSEADDR
-		{
-		int j = 1;
-		setsockopt(s, SOL_SOCKET, SO_REUSEADDR,
-			   (void *) &j, sizeof j);
-		}
-#endif
-	if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1)
-		{
-#ifndef OPENSSL_SYS_WINDOWS
-		perror("bind");
-#endif
-		goto err;
-		}
-	/* Make it 128 for linux */
-	if (type==SOCK_STREAM && listen(s,128) == -1) goto err;
-	*sock=s;
-	ret=1;
-err:
-	if ((ret == 0) && (s != -1))
-		{
-		SHUTDOWN(s);
-		}
-	return(ret);
-	}
-
-static int init_server(int *sock, int port, int type)
-	{
-	return(init_server_long(sock, port, NULL, type));
-	}
-
-static int do_accept(int acc_sock, int *sock, char **host)
-	{
-	int ret;
-	struct hostent *h1,*h2;
-	static struct sockaddr_in from;
-	int len;
-/*	struct linger ling; */
-
-	if (!ssl_sock_init()) return(0);
-
-#ifndef OPENSSL_SYS_WINDOWS
-redoit:
-#endif
-
-	memset((char *)&from,0,sizeof(from));
-	len=sizeof(from);
-	/* Note: under VMS with SOCKETSHR the fourth parameter is currently
-	 * of type (int *) whereas under other systems it is (void *) if
-	 * you don't have a cast it will choke the compiler: if you do
-	 * have a cast then you can either go for (int *) or (void *).
-	 */
-	ret=accept(acc_sock,(struct sockaddr *)&from,(void *)&len);
-	if (ret == INVALID_SOCKET)
-		{
-#if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK))
-		int i;
-		i=WSAGetLastError();
-		BIO_printf(bio_err,"accept error %d\n",i);
-#else
-		if (errno == EINTR)
-			{
-			/*check_timeout(); */
-			goto redoit;
-			}
-		fprintf(stderr,"errno=%d ",errno);
-		perror("accept");
-#endif
-		return(0);
-		}
-
-/*
-	ling.l_onoff=1;
-	ling.l_linger=0;
-	i=setsockopt(ret,SOL_SOCKET,SO_LINGER,(char *)&ling,sizeof(ling));
-	if (i < 0) { perror("linger"); return(0); }
-	i=0;
-	i=setsockopt(ret,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
-	if (i < 0) { perror("keepalive"); return(0); }
-*/
-
-	if (host == NULL) goto end;
-#ifndef BIT_FIELD_LIMITS
-	/* I should use WSAAsyncGetHostByName() under windows */
-	h1=gethostbyaddr((char *)&from.sin_addr.s_addr,
-		sizeof(from.sin_addr.s_addr),AF_INET);
-#else
-	h1=gethostbyaddr((char *)&from.sin_addr,
-		sizeof(struct in_addr),AF_INET);
-#endif
-	if (h1 == NULL)
-		{
-		BIO_printf(bio_err,"bad gethostbyaddr\n");
-		*host=NULL;
-		/* return(0); */
-		}
-	else
-		{
-		if ((*host=(char *)OPENSSL_malloc(strlen(h1->h_name)+1)) == NULL)
-			{
-			perror("OPENSSL_malloc");
-			return(0);
-			}
-		BUF_strlcpy(*host,h1->h_name,strlen(h1->h_name)+1);
-
-		h2=GetHostByName(*host);
-		if (h2 == NULL)
-			{
-			BIO_printf(bio_err,"gethostbyname failure\n");
-			return(0);
-			}
-		if (h2->h_addrtype != AF_INET)
-			{
-			BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
-			return(0);
-			}
-		}
-end:
-	*sock=ret;
-	return(1);
-	}
-
-int extract_host_port(char *str, char **host_ptr, unsigned char *ip,
-	     short *port_ptr)
-	{
-	char *h,*p;
-
-	h=str;
-	p=strchr(str,':');
-	if (p == NULL)
-		{
-		BIO_printf(bio_err,"no port defined\n");
-		return(0);
-		}
-	*(p++)='\0';
-
-	if ((ip != NULL) && !host_ip(str,ip))
-		goto err;
-	if (host_ptr != NULL) *host_ptr=h;
-
-	if (!extract_port(p,port_ptr))
-		goto err;
-	return(1);
-err:
-	return(0);
-	}
-
-static int host_ip(char *str, unsigned char ip[4])
-	{
-	unsigned int in[4]; 
-	int i;
-
-	if (sscanf(str,"%u.%u.%u.%u",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4)
-		{
-		for (i=0; i<4; i++)
-			if (in[i] > 255)
-				{
-				BIO_printf(bio_err,"invalid IP address\n");
-				goto err;
-				}
-		ip[0]=in[0];
-		ip[1]=in[1];
-		ip[2]=in[2];
-		ip[3]=in[3];
-		}
-	else
-		{ /* do a gethostbyname */
-		struct hostent *he;
-
-		if (!ssl_sock_init()) return(0);
-
-		he=GetHostByName(str);
-		if (he == NULL)
-			{
-			BIO_printf(bio_err,"gethostbyname failure\n");
-			goto err;
-			}
-		/* cast to short because of win16 winsock definition */
-		if ((short)he->h_addrtype != AF_INET)
-			{
-			BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
-			return(0);
-			}
-		ip[0]=he->h_addr_list[0][0];
-		ip[1]=he->h_addr_list[0][1];
-		ip[2]=he->h_addr_list[0][2];
-		ip[3]=he->h_addr_list[0][3];
-		}
-	return(1);
-err:
-	return(0);
-	}
-
-int extract_port(char *str, short *port_ptr)
-	{
-	int i;
-	struct servent *s;
-
-	i=atoi(str);
-	if (i != 0)
-		*port_ptr=(unsigned short)i;
-	else
-		{
-		s=getservbyname(str,"tcp");
-		if (s == NULL)
-			{
-			BIO_printf(bio_err,"getservbyname failure for %s\n",str);
-			return(0);
-			}
-		*port_ptr=ntohs((unsigned short)s->s_port);
-		}
-	return(1);
-	}
-
-#define GHBN_NUM	4
-static struct ghbn_cache_st
-	{
-	char name[128];
-	struct hostent ent;
-	unsigned long order;
-	} ghbn_cache[GHBN_NUM];
-
-static unsigned long ghbn_hits=0L;
-static unsigned long ghbn_miss=0L;
-
-static struct hostent *GetHostByName(char *name)
-	{
-	struct hostent *ret;
-	int i,lowi=0;
-	unsigned long low= (unsigned long)-1;
-
-	for (i=0; i ghbn_cache[i].order)
-			{
-			low=ghbn_cache[i].order;
-			lowi=i;
-			}
-		if (ghbn_cache[i].order > 0)
-			{
-			if (strncmp(name,ghbn_cache[i].name,128) == 0)
-				break;
-			}
-		}
-	if (i == GHBN_NUM) /* no hit*/
-		{
-		ghbn_miss++;
-		ret=gethostbyname(name);
-		if (ret == NULL) return(NULL);
-		/* else add to cache */
-		if(strlen(name) < sizeof ghbn_cache[0].name)
-			{
-			strcpy(ghbn_cache[lowi].name,name);
-			memcpy((char *)&(ghbn_cache[lowi].ent),ret,sizeof(struct hostent));
-			ghbn_cache[lowi].order=ghbn_miss+ghbn_hits;
-			}
-		return(ret);
-		}
-	else
-		{
-		ghbn_hits++;
-		ret= &(ghbn_cache[i].ent);
-		ghbn_cache[i].order=ghbn_miss+ghbn_hits;
-		return(ret);
-		}
-	}
-
-#endif
diff --git a/deps/openssl/openssl/apps/s_time.c b/deps/openssl/openssl/apps/s_time.c
deleted file mode 100644
index b823c33c58a..00000000000
--- a/deps/openssl/openssl/apps/s_time.c
+++ /dev/null
@@ -1,632 +0,0 @@
-/* apps/s_time.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#define NO_SHUTDOWN
-
-/*-----------------------------------------
-   s_time - SSL client connection timer program
-   Written and donated by Larry Streepy 
-  -----------------------------------------*/
-
-#include 
-#include 
-#include 
-
-#define USE_SOCKETS
-#include "apps.h"
-#ifdef OPENSSL_NO_STDIO
-#define APPS_WIN16
-#endif
-#include 
-#include 
-#include 
-#include "s_apps.h"
-#include 
-#ifdef WIN32_STUFF
-#include "winmain.h"
-#include "wintext.h"
-#endif
-#if !defined(OPENSSL_SYS_MSDOS)
-#include OPENSSL_UNISTD
-#endif
-
-#undef PROG
-#define PROG s_time_main
-
-#undef ioctl
-#define ioctl ioctlsocket
-
-#define SSL_CONNECT_NAME	"localhost:4433"
-
-/*#define TEST_CERT "client.pem" */ /* no default cert. */
-
-#undef BUFSIZZ
-#define BUFSIZZ 1024*10
-
-#define MYBUFSIZ 1024*8
-
-#undef min
-#undef max
-#define min(a,b) (((a) < (b)) ? (a) : (b))
-#define max(a,b) (((a) > (b)) ? (a) : (b))
-
-#undef SECONDS
-#define SECONDS	30
-extern int verify_depth;
-extern int verify_error;
-
-static void s_time_usage(void);
-static int parseArgs( int argc, char **argv );
-static SSL *doConnection( SSL *scon );
-static void s_time_init(void);
-
-/***********************************************************************
- * Static data declarations
- */
-
-/* static char *port=PORT_STR;*/
-static char *host=SSL_CONNECT_NAME;
-static char *t_cert_file=NULL;
-static char *t_key_file=NULL;
-static char *CApath=NULL;
-static char *CAfile=NULL;
-static char *tm_cipher=NULL;
-static int tm_verify = SSL_VERIFY_NONE;
-static int maxTime = SECONDS;
-static SSL_CTX *tm_ctx=NULL;
-static const SSL_METHOD *s_time_meth=NULL;
-static char *s_www_path=NULL;
-static long bytes_read=0; 
-static int st_bugs=0;
-static int perform=0;
-#ifdef FIONBIO
-static int t_nbio=0;
-#endif
-#ifdef OPENSSL_SYS_WIN32
-static int exitNow = 0;		/* Set when it's time to exit main */
-#endif
-
-static void s_time_init(void)
-	{
-	host=SSL_CONNECT_NAME;
-	t_cert_file=NULL;
-	t_key_file=NULL;
-	CApath=NULL;
-	CAfile=NULL;
-	tm_cipher=NULL;
-	tm_verify = SSL_VERIFY_NONE;
-	maxTime = SECONDS;
-	tm_ctx=NULL;
-	s_time_meth=NULL;
-	s_www_path=NULL;
-	bytes_read=0; 
-	st_bugs=0;
-	perform=0;
-
-#ifdef FIONBIO
-	t_nbio=0;
-#endif
-#ifdef OPENSSL_SYS_WIN32
-	exitNow = 0;		/* Set when it's time to exit main */
-#endif
-	}
-
-/***********************************************************************
- * usage - display usage message
- */
-static void s_time_usage(void)
-{
-	static char umsg[] = "\
--time arg     - max number of seconds to collect data, default %d\n\
--verify arg   - turn on peer certificate verification, arg == depth\n\
--cert arg     - certificate file to use, PEM format assumed\n\
--key arg      - RSA file to use, PEM format assumed, key is in cert file\n\
-                file if not specified by this option\n\
--CApath arg   - PEM format directory of CA's\n\
--CAfile arg   - PEM format file of CA's\n\
--cipher       - preferred cipher to use, play with 'openssl ciphers'\n\n";
-
-	printf( "usage: s_time \n\n" );
-
-	printf("-connect host:port - host:port to connect to (default is %s)\n",SSL_CONNECT_NAME);
-#ifdef FIONBIO
-	printf("-nbio         - Run with non-blocking IO\n");
-	printf("-ssl2         - Just use SSLv2\n");
-	printf("-ssl3         - Just use SSLv3\n");
-	printf("-bugs         - Turn on SSL bug compatibility\n");
-	printf("-new          - Just time new connections\n");
-	printf("-reuse        - Just time connection reuse\n");
-	printf("-www page     - Retrieve 'page' from the site\n");
-#endif
-	printf( umsg,SECONDS );
-}
-
-/***********************************************************************
- * parseArgs - Parse command line arguments and initialize data
- *
- * Returns 0 if ok, -1 on bad args
- */
-static int parseArgs(int argc, char **argv)
-{
-    int badop = 0;
-
-    verify_depth=0;
-    verify_error=X509_V_OK;
-
-    argc--;
-    argv++;
-
-    while (argc >= 1) {
-	if (strcmp(*argv,"-connect") == 0)
-		{
-		if (--argc < 1) goto bad;
-		host= *(++argv);
-		}
-#if 0
-	else if( strcmp(*argv,"-host") == 0)
-		{
-		if (--argc < 1) goto bad;
-		host= *(++argv);
-		}
-	else if( strcmp(*argv,"-port") == 0)
-		{
-		if (--argc < 1) goto bad;
-		port= *(++argv);
-		}
-#endif
-	else if (strcmp(*argv,"-reuse") == 0)
-		perform=2;
-	else if (strcmp(*argv,"-new") == 0)
-		perform=1;
-	else if( strcmp(*argv,"-verify") == 0) {
-
-	    tm_verify=SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE;
-	    if (--argc < 1) goto bad;
-	    verify_depth=atoi(*(++argv));
-	    BIO_printf(bio_err,"verify depth is %d\n",verify_depth);
-
-	} else if( strcmp(*argv,"-cert") == 0) {
-
-	    if (--argc < 1) goto bad;
-	    t_cert_file= *(++argv);
-
-	} else if( strcmp(*argv,"-key") == 0) {
-
-	    if (--argc < 1) goto bad;
-	    t_key_file= *(++argv);
-
-	} else if( strcmp(*argv,"-CApath") == 0) {
-
-	    if (--argc < 1) goto bad;
-	    CApath= *(++argv);
-
-	} else if( strcmp(*argv,"-CAfile") == 0) {
-
-	    if (--argc < 1) goto bad;
-	    CAfile= *(++argv);
-
-	} else if( strcmp(*argv,"-cipher") == 0) {
-
-	    if (--argc < 1) goto bad;
-	    tm_cipher= *(++argv);
-	}
-#ifdef FIONBIO
-	else if(strcmp(*argv,"-nbio") == 0) {
-	    t_nbio=1;
-	}
-#endif
-	else if(strcmp(*argv,"-www") == 0)
-		{
-		if (--argc < 1) goto bad;
-		s_www_path= *(++argv);
-		if(strlen(s_www_path) > MYBUFSIZ-100)
-			{
-			BIO_printf(bio_err,"-www option too long\n");
-			badop=1;
-			}
-		}
-	else if(strcmp(*argv,"-bugs") == 0)
-	    st_bugs=1;
-#ifndef OPENSSL_NO_SSL2
-	else if(strcmp(*argv,"-ssl2") == 0)
-	    s_time_meth=SSLv2_client_method();
-#endif
-#ifndef OPENSSL_NO_SSL3
-	else if(strcmp(*argv,"-ssl3") == 0)
-	    s_time_meth=SSLv3_client_method();
-#endif
-	else if( strcmp(*argv,"-time") == 0) {
-
-	    if (--argc < 1) goto bad;
-	    maxTime= atoi(*(++argv));
-	}
-	else {
-	    BIO_printf(bio_err,"unknown option %s\n",*argv);
-	    badop=1;
-	    break;
-	}
-
-	argc--;
-	argv++;
-    }
-
-    if (perform == 0) perform=3;
-
-    if(badop) {
-bad:
-		s_time_usage();
-		return -1;
-    }
-
-	return 0;			/* Valid args */
-}
-
-/***********************************************************************
- * TIME - time functions
- */
-#define START	0
-#define STOP	1
-
-static double tm_Time_F(int s)
-	{
-	return app_tminterval(s,1);
-	}
-
-/***********************************************************************
- * MAIN - main processing area for client
- *			real name depends on MONOLITH
- */
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	double totalTime = 0.0;
-	int nConn = 0;
-	SSL *scon=NULL;
-	long finishtime=0;
-	int ret=1,i;
-	MS_STATIC char buf[1024*8];
-	int ver;
-
-	apps_startup();
-	s_time_init();
-
-	if (bio_err == NULL)
-		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
-
-#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
-	s_time_meth=SSLv23_client_method();
-#elif !defined(OPENSSL_NO_SSL3)
-	s_time_meth=SSLv3_client_method();
-#elif !defined(OPENSSL_NO_SSL2)
-	s_time_meth=SSLv2_client_method();
-#endif
-
-	/* parse the command line arguments */
-	if( parseArgs( argc, argv ) < 0 )
-		goto end;
-
-	OpenSSL_add_ssl_algorithms();
-	if ((tm_ctx=SSL_CTX_new(s_time_meth)) == NULL) return(1);
-
-	SSL_CTX_set_quiet_shutdown(tm_ctx,1);
-
-	if (st_bugs) SSL_CTX_set_options(tm_ctx,SSL_OP_ALL);
-	SSL_CTX_set_cipher_list(tm_ctx,tm_cipher);
-	if(!set_cert_stuff(tm_ctx,t_cert_file,t_key_file)) 
-		goto end;
-
-	SSL_load_error_strings();
-
-	if ((!SSL_CTX_load_verify_locations(tm_ctx,CAfile,CApath)) ||
-		(!SSL_CTX_set_default_verify_paths(tm_ctx)))
-		{
-		/* BIO_printf(bio_err,"error setting default verify locations\n"); */
-		ERR_print_errors(bio_err);
-		/* goto end; */
-		}
-
-	if (tm_cipher == NULL)
-		tm_cipher = getenv("SSL_CIPHER");
-
-	if (tm_cipher == NULL ) {
-		fprintf( stderr, "No CIPHER specified\n" );
-	}
-
-	if (!(perform & 1)) goto next;
-	printf( "Collecting connection statistics for %d seconds\n", maxTime );
-
-	/* Loop and time how long it takes to make connections */
-
-	bytes_read=0;
-	finishtime=(long)time(NULL)+maxTime;
-	tm_Time_F(START);
-	for (;;)
-		{
-		if (finishtime < (long)time(NULL)) break;
-#ifdef WIN32_STUFF
-
-		if( flushWinMsgs(0) == -1 )
-			goto end;
-
-		if( waitingToDie || exitNow )		/* we're dead */
-			goto end;
-#endif
-
-		if( (scon = doConnection( NULL )) == NULL )
-			goto end;
-
-		if (s_www_path != NULL)
-			{
-			BIO_snprintf(buf,sizeof buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
-			SSL_write(scon,buf,strlen(buf));
-			while ((i=SSL_read(scon,buf,sizeof(buf))) > 0)
-				bytes_read+=i;
-			}
-
-#ifdef NO_SHUTDOWN
-		SSL_set_shutdown(scon,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
-#else
-		SSL_shutdown(scon);
-#endif
-		SHUTDOWN2(SSL_get_fd(scon));
-
-		nConn += 1;
-		if (SSL_session_reused(scon))
-			ver='r';
-		else
-			{
-			ver=SSL_version(scon);
-			if (ver == TLS1_VERSION)
-				ver='t';
-			else if (ver == SSL3_VERSION)
-				ver='3';
-			else if (ver == SSL2_VERSION)
-				ver='2';
-			else
-				ver='*';
-			}
-		fputc(ver,stdout);
-		fflush(stdout);
-
-		SSL_free( scon );
-		scon=NULL;
-		}
-	totalTime += tm_Time_F(STOP); /* Add the time for this iteration */
-
-	i=(int)((long)time(NULL)-finishtime+maxTime);
-	printf( "\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n", nConn, totalTime, ((double)nConn/totalTime),bytes_read);
-	printf( "%d connections in %ld real seconds, %ld bytes read per connection\n",nConn,(long)time(NULL)-finishtime+maxTime,bytes_read/nConn);
-
-	/* Now loop and time connections using the same session id over and over */
-
-next:
-	if (!(perform & 2)) goto end;
-	printf( "\n\nNow timing with session id reuse.\n" );
-
-	/* Get an SSL object so we can reuse the session id */
-	if( (scon = doConnection( NULL )) == NULL )
-		{
-		fprintf( stderr, "Unable to get connection\n" );
-		goto end;
-		}
-
-	if (s_www_path != NULL)
-		{
-		BIO_snprintf(buf,sizeof buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
-		SSL_write(scon,buf,strlen(buf));
-		while (SSL_read(scon,buf,sizeof(buf)) > 0)
-			;
-		}
-#ifdef NO_SHUTDOWN
-	SSL_set_shutdown(scon,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
-#else
-	SSL_shutdown(scon);
-#endif
-	SHUTDOWN2(SSL_get_fd(scon));
-
-	nConn = 0;
-	totalTime = 0.0;
-
-	finishtime=(long)time(NULL)+maxTime;
-
-	printf( "starting\n" );
-	bytes_read=0;
-	tm_Time_F(START);
-		
-	for (;;)
-		{
-		if (finishtime < (long)time(NULL)) break;
-
-#ifdef WIN32_STUFF
-		if( flushWinMsgs(0) == -1 )
-			goto end;
-
-		if( waitingToDie || exitNow )	/* we're dead */
-			goto end;
-#endif
-
-	 	if( (doConnection( scon )) == NULL )
-			goto end;
-
-		if (s_www_path)
-			{
-			BIO_snprintf(buf,sizeof buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
-			SSL_write(scon,buf,strlen(buf));
-			while ((i=SSL_read(scon,buf,sizeof(buf))) > 0)
-				bytes_read+=i;
-			}
-
-#ifdef NO_SHUTDOWN
-		SSL_set_shutdown(scon,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
-#else
-		SSL_shutdown(scon);
-#endif
-		SHUTDOWN2(SSL_get_fd(scon));
-	
-		nConn += 1;
-		if (SSL_session_reused(scon))
-			ver='r';
-		else
-			{
-			ver=SSL_version(scon);
-			if (ver == TLS1_VERSION)
-				ver='t';
-			else if (ver == SSL3_VERSION)
-				ver='3';
-			else if (ver == SSL2_VERSION)
-				ver='2';
-			else
-				ver='*';
-			}
-		fputc(ver,stdout);
-		fflush(stdout);
-		}
-	totalTime += tm_Time_F(STOP); /* Add the time for this iteration*/
-
-
-	printf( "\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n", nConn, totalTime, ((double)nConn/totalTime),bytes_read);
-	printf( "%d connections in %ld real seconds, %ld bytes read per connection\n",nConn,(long)time(NULL)-finishtime+maxTime,bytes_read/nConn);
-
-	ret=0;
-end:
-	if (scon != NULL) SSL_free(scon);
-
-	if (tm_ctx != NULL)
-		{
-		SSL_CTX_free(tm_ctx);
-		tm_ctx=NULL;
-		}
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-
-/***********************************************************************
- * doConnection - make a connection
- * Args:
- *		scon	= earlier ssl connection for session id, or NULL
- * Returns:
- *		SSL *	= the connection pointer.
- */
-static SSL *doConnection(SSL *scon)
-	{
-	BIO *conn;
-	SSL *serverCon;
-	int width, i;
-	fd_set readfds;
-
-	if ((conn=BIO_new(BIO_s_connect())) == NULL)
-		return(NULL);
-
-/*	BIO_set_conn_port(conn,port);*/
-	BIO_set_conn_hostname(conn,host);
-
-	if (scon == NULL)
-		serverCon=SSL_new(tm_ctx);
-	else
-		{
-		serverCon=scon;
-		SSL_set_connect_state(serverCon);
-		}
-
-	SSL_set_bio(serverCon,conn,conn);
-
-#if 0
-	if( scon != NULL )
-		SSL_set_session(serverCon,SSL_get_session(scon));
-#endif
-
-	/* ok, lets connect */
-	for(;;) {
-		i=SSL_connect(serverCon);
-		if (BIO_sock_should_retry(i))
-			{
-			BIO_printf(bio_err,"DELAY\n");
-
-			i=SSL_get_fd(serverCon);
-			width=i+1;
-			FD_ZERO(&readfds);
-			openssl_fdset(i,&readfds);
-			/* Note: under VMS with SOCKETSHR the 2nd parameter
-			 * is currently of type (int *) whereas under other
-			 * systems it is (void *) if you don't have a cast it
-			 * will choke the compiler: if you do have a cast then
-			 * you can either go for (int *) or (void *).
-			 */
-			select(width,(void *)&readfds,NULL,NULL,NULL);
-			continue;
-			}
-		break;
-		}
-	if(i <= 0)
-		{
-		BIO_printf(bio_err,"ERROR\n");
-		if (verify_error != X509_V_OK)
-			BIO_printf(bio_err,"verify error:%s\n",
-				X509_verify_cert_error_string(verify_error));
-		else
-			ERR_print_errors(bio_err);
-		if (scon == NULL)
-			SSL_free(serverCon);
-		return NULL;
-		}
-
-	return serverCon;
-	}
-
-
diff --git a/deps/openssl/openssl/apps/server.pem b/deps/openssl/openssl/apps/server.pem
deleted file mode 100644
index 56248e57a3f..00000000000
--- a/deps/openssl/openssl/apps/server.pem
+++ /dev/null
@@ -1,369 +0,0 @@
-issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
-subject= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (512 bit)
------BEGIN CERTIFICATE-----
-MIIB6TCCAVICAQYwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
-BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD
-VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNMDAxMDE2MjIzMTAzWhcNMDMwMTE0
-MjIzMTAzWjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
-A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGlNlcnZlciB0ZXN0IGNl
-cnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJ+zw4Qnlf8SMVIP
-Fe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVDTGiXav6ooKXfX3j/7tdkuD8Ey2//
-Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQCT0grFQeZaqYb5EYfk20XixZV4
-GmyAbXMftG1Eo7qGiMhYzRwGNWxEYojf5PZkYZXvSqZ/ZXHXa4g59jK/rJNnaVGM
-k+xIX8mxQvlV0n5O9PIha5BX5teZnkHKgL8aKKLKW1BK7YTngsfSzzaeame5iKfz
-itAE+OjGF+PFKbwX8Q==
------END CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-MIIBPAIBAAJBAJ+zw4Qnlf8SMVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVD
-TGiXav6ooKXfX3j/7tdkuD8Ey2//Kv7+ue0CAwEAAQJAN6W31vDEP2DjdqhzCDDu
-OA4NACqoiFqyblo7yc2tM4h4xMbC3Yx5UKMN9ZkCtX0gzrz6DyF47bdKcWBzNWCj
-gQIhANEoojVt7hq+SQ6MCN6FTAysGgQf56Q3TYoJMoWvdiXVAiEAw3e3rc+VJpOz
-rHuDo6bgpjUAAXM+v3fcpsfZSNO6V7kCIQCtbVjanpUwvZkMI9by02oUk9taki3b
-PzPfAfNPYAbCJQIhAJXNQDWyqwn/lGmR11cqY2y9nZ1+5w3yHGatLrcDnQHxAiEA
-vnlEGo8K85u+KwIOimM48ZG8oTk7iFdkqLJR1utT3aU=
------END RSA PRIVATE KEY-----
-subject=/C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA
-issuer= /C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA
-notBefore=950413210656Z
-notAfter =970412210656Z
------BEGIN X509 CERTIFICATE-----
-
-MIICCDCCAXECAQAwDQYJKoZIhvcNAQEEBQAwTjELMAkGA1UEBhMCVVMxHzAdBgNV
-BAoUFkFUJlQgQmVsbCBMYWJvcmF0b3JpZXMxHjAcBgNVBAsUFVByb3RvdHlwZSBS
-ZXNlYXJjaCBDQTAeFw05NTA0MTMyMTA2NTZaFw05NzA0MTIyMTA2NTZaME4xCzAJ
-BgNVBAYTAlVTMR8wHQYDVQQKFBZBVCZUIEJlbGwgTGFib3JhdG9yaWVzMR4wHAYD
-VQQLFBVQcm90b3R5cGUgUmVzZWFyY2ggQ0EwgZwwDQYJKoZIhvcNAQEBBQADgYoA
-MIGGAoGAebOmgtSCl+wCYZc86UGYeTLY8cjmW2P0FN8ToT/u2pECCoFdrlycX0OR
-3wt0ZhpFXLVNeDnHwEE9veNUih7pCL2ZBFqoIoQkB1lZmXRiVtjGonz8BLm/qrFM
-YHb0lme/Ol+s118mwKVxnn6bSAeI/OXKhLaVdYZWk+aEaxEDkVkCAQ8wDQYJKoZI
-hvcNAQEEBQADgYEAAZMG14lZmZ8bahkaHaTV9dQf4p2FZiQTFwHP9ZyGsXPC+LT5
-dG5iTaRmyjNIJdPWohZDl97kAci79aBndvuEvRKOjLHs3WRGBIwERnAcnY9Mz8u/
-zIHK23PjYVxGGaZd669OJwD0CYyqH22HH9nFUGaoJdsv39ChW0NRdLE9+y8=
------END X509 CERTIFICATE-----
-issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
-subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
------BEGIN CERTIFICATE-----
-MIICJjCCAY8CAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV
-BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD
-VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTc0M1oXDTAxMDYw
-OTEzNTc0M1owWzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
-BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYDVQQDExJUZXN0IENBICgxMDI0
-IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKO7o8t116VP6cgybTsZ
-DCZhr95nYlZuya3aCi1IKoztqwWnjbmDFIriOqGFPrZQ+moMETC9D59iRW/dFXSv
-1F65ka/XY2hLh9exCCo7XuUcDs53Qp3bI3AmMqHjgzE8oO3ajyJAzJkTTOUecQU2
-mw/gI4tMM0LqWMQS7luTy4+xAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAM7achv3v
-hLQJcv/65eGEpBXM40ZDVoFQFFJWaY5p883HTqLB1x4FdzsXHH0QKBTcKpWwqyu4
-YDm3fb8oDugw72bCzfyZK/zVZPR/hVlqI/fvU109Qoc+7oPvIXWky71HfcK6ZBCA
-q30KIqGM/uoM60INq97qjDmCJapagcNBGQs=
------END CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQCju6PLddelT+nIMm07GQwmYa/eZ2JWbsmt2gotSCqM7asFp425
-gxSK4jqhhT62UPpqDBEwvQ+fYkVv3RV0r9ReuZGv12NoS4fXsQgqO17lHA7Od0Kd
-2yNwJjKh44MxPKDt2o8iQMyZE0zlHnEFNpsP4COLTDNC6ljEEu5bk8uPsQIDAQAB
-AoGAVZmpFZsDZfr0l2S9tLLwpjRWNOlKATQkno6q2WesT0eGLQufTciY+c8ypfU6
-hyio8r5iUl/VhhdjhAtKx1mRpiotftHo/eYf8rtsrnprOnWG0bWjLjtIoMbcxGn2
-J3bN6LJmbJMjDs0eJ3KnTu646F3nDUw2oGAwmpzKXA1KAP0CQQDRvQhxk2D3Pehs
-HvG665u2pB5ipYQngEFlZO7RHJZzJOZEWSLuuMqaF/7pTfA5jiBvWqCgJeCRRInL
-21ru4dlPAkEAx9jj7BgKn5TYnMoBSSe0afjsV9oApVpN1Nacb1YDtCwy+scp3++s
-nFxlv98wxIlSdpwMUn+AUWfjiWR7Tu/G/wJBAJ/KjwZIrFVxewP0x2ILYsTRYLzz
-MS4PDsO7FB+I0i7DbBOifXS2oNSpd3I0CNMwrxFnUHzynpbOStVfN3ZL5w0CQQCa
-pwFahxBRhkJKsxhjoFJBX9yl75JoY4Wvm5Tbo9ih6UJaRx3kqfkN14L2BKYcsZgb
-KY9vmDOYy6iNfjDeWTfJAkBkfPUb8oTJ/nSP5zN6sqGxSY4krc4xLxpRmxoJ8HL2
-XfhqXkTzbU13RX9JJ/NZ8vQN9Vm2NhxRGJocQkmcdVtJ
------END RSA PRIVATE KEY-----
------BEGIN X509 CERTIFICATE-----
-MIICYDCCAiACAgEoMAkGBSsOAwINBQAwfDELMAkGA1UEBhMCVVMxNjA0BgNVBAoT
-LU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEZ
-MBcGA1UECxMQVGVzdCBFbnZpcm9ubWVudDEaMBgGA1UECxMRRFNTLU5BU0EtUGls
-b3QtQ0EwHhcNOTYwMjI2MTYzMjQ1WhcNOTcwMjI1MTYzMjQ1WjB8MQswCQYDVQQG
-EwJVUzE2MDQGA1UEChMtTmF0aW9uYWwgQWVyb25hdXRpY3MgYW5kIFNwYWNlIEFk
-bWluaXN0cmF0aW9uMRkwFwYDVQQLExBUZXN0IEVudmlyb25tZW50MRowGAYDVQQL
-ExFEU1MtTkFTQS1QaWxvdC1DQTCB8jAJBgUrDgMCDAUAA4HkADCB4AJBAMA/ssKb
-hPNUG7ZlASfVwEJU21O5OyF/iyBzgHI1O8eOhJGUYO8cc8wDMjR508Mr9cp6Uhl/
-ZB7FV5GkLNEnRHYCQQDUEaSg45P2qrDwixTRhFhmWz5Nvc4lRFQ/42XPcchiJBLb
-bn3QK74T2IxY1yY+kCNq8XrIqf5fJJzIH0J/xUP3AhUAsg2wsQHfDGYk/BOSulX3
-fVd0geUCQQCzCFUQAh+ZkEmp5804cs6ZWBhrUAfnra8lJItYo9xPcXgdIfLfibcX
-R71UsyO77MRD7B0+Ag2tq794IleCVcEEMAkGBSsOAwINBQADLwAwLAIUUayDfreR
-Yh2WeU86/pHNdkUC1IgCFEfxe1f0oMpxJyrJ5XIxTi7vGdoK
------END X509 CERTIFICATE-----
------BEGIN X509 CERTIFICATE-----
-
-MIICGTCCAdgCAwCqTDAJBgUrDgMCDQUAMHwxCzAJBgNVBAYTAlVTMTYwNAYDVQQK
-Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x
-GTAXBgNVBAsTEFRlc3QgRW52aXJvbm1lbnQxGjAYBgNVBAsTEURTUy1OQVNBLVBp
-bG90LUNBMB4XDTk2MDUxNDE3MDE0MVoXDTk3MDUxNDE3MDE0MVowMzELMAkGA1UE
-BhMCQVUxDzANBgNVBAoTBk1pbmNvbTETMBEGA1UEAxMKRXJpYyBZb3VuZzCB8jAJ
-BgUrDgMCDAUAA4HkADCB4AJBAKbfHz6vE6pXXMTpswtGUec2tvnfLJUsoxE9qs4+
-ObZX7LmLvragNPUeiTJx7UOWZ5DfBj6bXLc8eYne0lP1g3ACQQDUEaSg45P2qrDw
-ixTRhFhmWz5Nvc4lRFQ/42XPcchiJBLbbn3QK74T2IxY1yY+kCNq8XrIqf5fJJzI
-H0J/xUP3AhUAsg2wsQHfDGYk/BOSulX3fVd0geUCQQCzCFUQAh+ZkEmp5804cs6Z
-WBhrUAfnra8lJItYo9xPcXgdIfLfibcXR71UsyO77MRD7B0+Ag2tq794IleCVcEE
-MAkGBSsOAwINBQADMAAwLQIUWsuuJRE3VT4ueWkWMAJMJaZjj1ECFQCYY0zX4bzM
-LC7obsrHD8XAHG+ZRG==
------END X509 CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICTTCCAbagAwIBAgIBADANBgkqhkiG9w0BAQQFADBMMQswCQYDVQQGEwJHQjEM
-MAoGA1UEChMDVUNMMRgwFgYDVQQLEw9JQ0UtVEVMIFByb2plY3QxFTATBgNVBAMT
-DFRydXN0RmFjdG9yeTAeFw05NzA0MjIxNDM5MTRaFw05ODA0MjIxNDM5MTRaMEwx
-CzAJBgNVBAYTAkdCMQwwCgYDVQQKEwNVQ0wxGDAWBgNVBAsTD0lDRS1URUwgUHJv
-amVjdDEVMBMGA1UEAxMMVHJ1c3RGYWN0b3J5MIGcMAoGBFUIAQECAgQAA4GNADCB
-iQKBgQCEieR8NcXkUW1f0G6aC6u0i8q/98JqS6RxK5YmHIGKCkuTWAUjzLfUa4dt
-U9igGCjTuxaDqlzEim+t/02pmiBZT9HaX++35MjQPUWmsChcYU5WyzGErXi+rQaw
-zlwS73zM8qiPj/97lXYycWhgL0VaiDSPxRXEUdWoaGruom4mNQIDAQABo0IwQDAd
-BgNVHQ4EFgQUHal1LZr7oVg5z6lYzrhTgZRCmcUwDgYDVR0PAQH/BAQDAgH2MA8G
-A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAfaggfl6FZoioecjv0dq8
-/DXo/u11iMZvXn08gjX/zl2b4wtPbShOSY5FhkSm8GeySasz+/Nwb/uzfnIhokWi
-lfPZHtlCWtXbIy/TN51eJyq04ceDCQDWvLC2enVg9KB+GJ34b5c5VaPRzq8MBxsA
-S7ELuYGtmYgYm9NZOIr7yU0=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIB6jCCAZQCAgEtMA0GCSqGSIb3DQEBBAUAMIGAMQswCQYDVQQGEwJVUzE2MDQG
-A1UEChMtTmF0aW9uYWwgQWVyb25hdXRpY3MgYW5kIFNwYWNlIEFkbWluaXN0cmF0
-aW9uMRkwFwYDVQQLExBUZXN0IEVudmlyb25tZW50MR4wHAYDVQQLExVNRDUtUlNB
-LU5BU0EtUGlsb3QtQ0EwHhcNOTYwNDMwMjIwNTAwWhcNOTcwNDMwMjIwNTAwWjCB
-gDELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu
-ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEZMBcGA1UECxMQVGVzdCBFbnZpcm9ubWVu
-dDEeMBwGA1UECxMVTUQ1LVJTQS1OQVNBLVBpbG90LUNBMFkwCgYEVQgBAQICAgAD
-SwAwSAJBALmmX5+GqAvcrWK13rfDrNX9UfeA7f+ijyBgeFQjYUoDpFqapw4nzQBL
-bAXug8pKkRwa2Zh8YODhXsRWu2F/UckCAwEAATANBgkqhkiG9w0BAQQFAANBAH9a
-OBA+QCsjxXgnSqHx04gcU8S49DVUb1f2XVoLnHlIb8RnX0k5O6mpHT5eti9bLkiW
-GJNMJ4L0AJ/ac+SmHZc=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICajCCAdMCBDGA0QUwDQYJKoZIhvcNAQEEBQAwfTELMAkGA1UEBhMCQ2ExDzAN
-BgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmlsaXR5IEFjY2VwdGVkMR8w
-HQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRwwGgYDVQQDExNFbnRydXN0
-IERlbW8gV2ViIENBMB4XDTk2MDQyNjEzMzUwMVoXDTA2MDQyNjEzMzUwMVowfTEL
-MAkGA1UEBhMCQ2ExDzANBgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmls
-aXR5IEFjY2VwdGVkMR8wHQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRww
-GgYDVQQDExNFbnRydXN0IERlbW8gV2ViIENBMIGdMA0GCSqGSIb3DQEBAQUAA4GL
-ADCBhwKBgQCaroS7O1DA0hm4IefNYU1cx/nqOmzEnk291d1XqznDeF4wEgakbkCc
-zTKxK791yNpXG5RmngqH7cygDRTHZJ6mfCRn0wGC+AI00F2vYTGqPGRQL1N3lZT0
-YDKFC0SQeMMjFIZ1aeQigroFQnHo0VB3zWIMpNkka8PY9lxHZAmWwQIBAzANBgkq
-hkiG9w0BAQQFAAOBgQBAx0UMVA1s54lMQyXjMX5kj99FJN5itb8bK1Rk+cegPQPF
-cWO9SEWyEjjBjIkjjzAwBkaEszFsNGxemxtXvwjIm1xEUMTVlPEWTs2qnDvAUA9W
-YqhWbhH0toGT36236QAsqCZ76rbTRVSSX2BHyJwJMG2tCRv7kRJ//NIgxj3H4w==
------END CERTIFICATE-----
-
-issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
-subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
------BEGIN CERTIFICATE-----
-MIICJzCCAZACAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV
-BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD
-VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTczN1oXDTAxMDYw
-OTEzNTczN1owXDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
-BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYDVQQDExNUZXN0IFBDQSAoMTAy
-NCBiaXQpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCdoWk/3+WcMlfjIrkg
-40ketmnQaEogQe1LLcuOJV6rKfUSAsPgwgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp
-22Jp85PmemiDzyUIStwk72qhp1imbANZvlmlCFKiQrjUyuDfu4TABmn+kkt3vR1Y
-BEOGt+IFye1UBVSATVdRJ2UVhwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABNA1u/S
-Cg/LJZWb7GliiKJsvuhxlE4E5JxQF2zMub/CSNbF97//tYSyj96sxeFQxZXbcjm9
-xt6mr/xNLA4szNQMJ4P+L7b5e/jC5DSqlwS+CUYJgaFs/SP+qJoCSu1bR3IM9XWO
-cRBpDmcBbYLkSyB92WURvsZ1LtjEcn+cdQVI
------END CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQCdoWk/3+WcMlfjIrkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPg
-wgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp22Jp85PmemiDzyUIStwk72qhp1imbANZ
-vlmlCFKiQrjUyuDfu4TABmn+kkt3vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQAB
-AoGAba4fTtuap5l7/8ZsbE7Z1O32KJY4ZcOZukLOLUUhXxXduT+FTgGWujc0/rgc
-z9qYCLlNZHOouMYTgtSfYvuMuLZ11VIt0GYH+nRioLShE59Yy+zCRyC+gPigS1kz
-xvo14AsOIPYV14Tk/SsHyq6E0eTk7VzaIE197giiINUERPECQQDSKmtPTh/lRKw7
-HSZSM0I1mFWn/1zqrAbontRQY5w98QWIOe5qmzYyFbPXYT3d9BzlsMyhgiRNoBbD
-yvohSHXJAkEAwAHx6ezAZeWWzD5yXD36nyjpkVCw7Tk7TSmOceLJMWt1QcrCfqlS
-xA5jjpQ6Z8suU5DdtWAryM2sAir1WisYzwJAd6Zcx56jvAQ3xcPXsE6scBTVFzrj
-7FqZ6E+cclPzfLQ+QQsyOBE7bpI6e/FJppY26XGZXo3YGzV8IGXrt40oOQJALETG
-h86EFXo3qGOFbmsDy4pdP5nBERCu8X1xUCSfintiD4c2DInxgS5oGclnJeMcjTvL
-QjQoJCX3UJCi/OUO1QJBAKgcDHWjMvt+l1pjJBsSEZ0HX9AAIIVx0RQmbFGS+F2Q
-hhu5l77WnnZOQ9vvhV5u7NPCUF9nhU3jh60qWWO8mkc=
------END RSA PRIVATE KEY-----
-subject=/C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
-issuer= /C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
-notBefore=941104185834Z
-notAfter =991103185834Z
------BEGIN X509 CERTIFICATE-----
-
-MIICIzCCAZACBQJBAAAWMA0GCSqGSIb3DQEBAgUAMFwxCzAJBgNVBAYTAlVTMSAw
-HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVy
-Y2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDQxODU4MzRaFw05
-OTExMDMxODU4MzRaMFwxCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0YSBT
-ZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVyY2lhbCBDZXJ0aWZpY2F0aW9u
-IEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCk+4Fie84QJ93o
-975sbsZwmdu41QUDaSiCnHJ/lj+O7Kwpkj+KFPhCdr69XQO5kNTQvAayUTNfxMK/
-touPmbZiImDd298ggrTKoi8tUO2UMt7gVY3UaOLgTNLNBRYulWZcYVI4HlGogqHE
-7yXpCuaLK44xZtn42f29O2nZ6wIDAQABMA0GCSqGSIb3DQEBAgUAA34AdrW2EP4j
-9/dZYkuwX5zBaLxJu7NJbyFHXSudVMQAKD+YufKKg5tgf+tQx6sFEC097TgCwaVI
-0v5loMC86qYjFmZsGySp8+x5NRhPJsjjr1BKx6cxa9B8GJ1Qv6km+iYrRpwUqbtb
-MJhCKLVLU7tDCZJAuqiqWqTGtotXTcU=
------END X509 CERTIFICATE-----
-subject=/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
-issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
-notBefore=941109235417Z
-notAfter =991231235417Z
------BEGIN X509 CERTIFICATE-----
-
-MIICKTCCAZYCBQJBAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMSAw
-HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJl
-IFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDkyMzU0MTda
-Fw05OTEyMzEyMzU0MTdaMF8xCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0
-YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJlIFNlcnZlciBDZXJ0aWZp
-Y2F0aW9uIEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCSznrB
-roM+WqqJg1esJQF2DK2ujiw3zus1eGRUA+WEQFHJv48I4oqCCNIWhjdV6bEhAq12
-aIGaBaJLyUslZiJWbIgHj/eBWW2EB2VwE3F2Ppt3TONQiVaYSLkdpykaEy5KEVmc
-HhXVSVQsczppgrGXOZxtcGdI5d0t1sgeewIDAQABMA0GCSqGSIb3DQEBAgUAA34A
-iNHReSHO4ovo+MF9NFM/YYPZtgs4F7boviGNjwC4i1N+RGceIr2XJ+CchcxK9oU7
-suK+ktPlDemvXA4MRpX/oRxePug2WHpzpgr4IhFrwwk4fia7c+8AvQKk8xQNMD9h
-cHsg/jKjn7P0Z1LctO6EjJY2IN6BCINxIYoPnqk=
------END X509 CERTIFICATE-----
-subject=/C=ZA/SP=Western Cape/L=Cape Town/O=Thawte Consulting cc
-	/OU=Certification Services Division/CN=Thawte Server CA
-	/Email=server-certs@thawte.com
-issuer= /C=ZA/SP=Western Cape/L=Cape Town/O=Thawte Consulting cc
-	/OU=Certification Services Division/CN=Thawte Server CA
-	/Email=server-certs@thawte.com
------BEGIN CERTIFICATE-----
-MIIC+TCCAmICAQAwDQYJKoZIhvcNAQEEBQAwgcQxCzAJBgNVBAYTAlpBMRUwEwYD
-VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU
-VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
-dmljZXMgRGl2aXNpb24xGTAXBgNVBAMTEFRoYXd0ZSBTZXJ2ZXIgQ0ExJjAkBgkq
-hkiG9w0BCQEWF3NlcnZlci1jZXJ0c0B0aGF3dGUuY29tMB4XDTk2MDcyNzE4MDc1
-N1oXDTk4MDcyNzE4MDc1N1owgcQxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0
-ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMUVGhhd3RlIENv
-bnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2
-aXNpb24xGTAXBgNVBAMTEFRoYXd0ZSBTZXJ2ZXIgQ0ExJjAkBgkqhkiG9w0BCQEW
-F3NlcnZlci1jZXJ0c0B0aGF3dGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB
-iQKBgQDTpFBuyP9Wa+bPXbbqDGh1R6KqwtqEJfyo9EdR2oW1IHSUhh4PdcnpCGH1
-Bm0wbhUZAulSwGLbTZme4moMRDjN/r7jZAlwxf6xaym2L0nIO9QnBCUQly/nkG3A
-KEKZ10xD3sP1IW1Un13DWOHA5NlbsLjctHvfNjrCtWYiEtaHDQIDAQABMA0GCSqG
-SIb3DQEBBAUAA4GBAIsvn7ifX3RUIrvYXtpI4DOfARkTogwm6o7OwVdl93yFhDcX
-7h5t0XZ11MUAMziKdde3rmTvzUYIUCYoY5b032IwGMTvdiclK+STN6NP2m5nvFAM
-qJT5gC5O+j/jBuZRQ4i0AMYQr5F4lT8oBJnhgafw6PL8aDY2vMHGSPl9+7uf
------END CERTIFICATE-----
-
------BEGIN CERTIFICATE-----
-MIIDDTCCAnYCAQAwDQYJKoZIhvcNAQEEBQAwgc4xCzAJBgNVBAYTAlpBMRUwEwYD
-VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU
-VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
-dmljZXMgRGl2aXNpb24xITAfBgNVBAMTGFRoYXd0ZSBQcmVtaXVtIFNlcnZlciBD
-QTEoMCYGCSqGSIb3DQEJARYZcHJlbWl1bS1zZXJ2ZXJAdGhhd3RlLmNvbTAeFw05
-NjA3MjcxODA3MTRaFw05ODA3MjcxODA3MTRaMIHOMQswCQYDVQQGEwJaQTEVMBMG
-A1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xHTAbBgNVBAoT
-FFRoYXd0ZSBDb25zdWx0aW5nIGNjMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNl
-cnZpY2VzIERpdmlzaW9uMSEwHwYDVQQDExhUaGF3dGUgUHJlbWl1bSBTZXJ2ZXIg
-Q0ExKDAmBgkqhkiG9w0BCQEWGXByZW1pdW0tc2VydmVyQHRoYXd0ZS5jb20wgZ8w
-DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANI2NmqL18JbntqBQWKPOO5JBFXW0O8c
-G5UWR+8YSDU6UvQragaPOy/qVuOvho2eF/eetGV1Ak3vywmiIVHYm9Bn0LoNkgYU
-c9STy5cqAJxcTgy8+hVS/PJEbtoRSm4Iny8t4/mqOoZztkZTWMiJBb2DEbhzP6oH
-jfRCTedAnRw3AgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAutFIgTRZVYerIZfL9lvR
-w9Eifvvo5KTZ3h+Bj+VzNnyw4Qc/IyXkPOu6SIiH9LQ3sCmWBdxpe+qr4l77rLj2
-GYuMtESFfn1XVALzkYgC7JcPuTOjMfIiMByt+uFf8AV8x0IW/Qkuv+hEQcyM9vxK
-3VZdLbCVIhNoEsysrxCpxcI=
------END CERTIFICATE-----
-Tims test GCI CA
-
------BEGIN CERTIFICATE-----
-MIIB8DCCAZoCAQAwDQYJKoZIhvcNAQEEBQAwgYIxCzAJBgNVBAYTAkFVMRMwEQYD
-VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
-cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2RldmVsb3BtZW50MRkwFwYDVQQDExBD
-cnlwdFNvZnQgRGV2IENBMB4XDTk3MDMyMjEzMzQwNFoXDTk4MDMyMjEzMzQwNFow
-gYIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhC
-cmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2Rl
-dmVsb3BtZW50MRkwFwYDVQQDExBDcnlwdFNvZnQgRGV2IENBMFwwDQYJKoZIhvcN
-AQEBBQADSwAwSAJBAOAOAqogG5QwAmLhzyO4CoRnx/wVy4NZP4dxJy83O1EnL0rw
-OdsamJKvPOLHgSXo3gDu9uVyvCf/QJmZAmC5ml8CAwEAATANBgkqhkiG9w0BAQQF
-AANBADRRS/GVdd7rAqRW6SdmgLJduOU2yq3avBu99kRqbp9A/dLu6r6jU+eP4oOA
-TfdbFZtAAD2Hx9jUtY3tfdrJOb8= 
------END CERTIFICATE-----
-
------BEGIN CERTIFICATE-----
-MIICVjCCAgACAQAwDQYJKoZIhvcNAQEEBQAwgbUxCzAJBgNVBAYTAkFVMRMwEQYD
-VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
-cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsTI1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9O
-IEFVVEhPUklUSUVTMTQwMgYDVQQDEytaRVJPIFZBTFVFIENBIC0gREVNT05TVFJB
-VElPTiBQVVJQT1NFUyBPTkxZMB4XDTk3MDQwMzEzMjI1NFoXDTk4MDQwMzEzMjI1
-NFowgbUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH
-EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsT
-I1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9OIEFVVEhPUklUSUVTMTQwMgYDVQQDEyta
-RVJPIFZBTFVFIENBIC0gREVNT05TVFJBVElPTiBQVVJQT1NFUyBPTkxZMFwwDQYJ
-KoZIhvcNAQEBBQADSwAwSAJBAOZ7T7yqP/tyspcko3yPY1y0Cm2EmwNvzW4QgVXR
-Fjs3HmJ4xtSpXdo6mwcGezL3Abt/aQXaxv9PU8xt+Jr0OFUCAwEAATANBgkqhkiG
-9w0BAQQFAANBAOQpYmGgyCqCy1OljgJhCqQOu627oVlHzK1L+t9vBaMfn40AVUR4
-WzQVWO31KTgi5vTK1U+3h46fgUWqQ0h+6rU=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIAwgKADAgECAgEAMA0GCSqGSIb3DQEBBAUAMGIxETAPBgNVBAcTCEludGVybmV0
-MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh
-c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjAeFw05NjA0MDgxMDIwMjda
-Fw05NzA0MDgxMDIwMjdaMGIxETAPBgNVBAcTCEludGVybmV0MRcwFQYDVQQKEw5W
-ZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xhc3MgMSBDQSAtIElu
-ZGl2aWR1YWwgU3Vic2NyaWJlcjCAMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2
-FKbPTdAFDdjKI9BvqrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7j
-W80GqLd5HUQq7XPysVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cari
-QPJUObwW7s987LrbP2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABAAAAADANBgkqhkiG
-9w0BAQQFAAOBgQA+1nJryNt8VBRjRr07ArDAV/3jAH7GjDc9jsrxZS68ost9v06C
-TvTNKGL+LISNmFLXl+JXhgGB0JZ9fvyYzNgHQ46HBUng1H6voalfJgS2KdEo50wW
-8EFZYMDkT1k4uynwJqkVN2QJK/2q4/A/VCov5h6SlM8Affg2W+1TLqvqkwAA
------END CERTIFICATE-----
-
- subject=/L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
- issuer= /L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
-
------BEGIN CERTIFICATE-----
-MIIEkzCCA/ygAwIBAgIRANDTUpSRL3nTFeMrMayFSPAwDQYJKoZIhvcNAQECBQAw
-YjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQw
-MgYDVQQLEytWZXJpU2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3Jp
-YmVyMB4XDTk2MDYwNDAwMDAwMFoXDTk4MDYwNDIzNTk1OVowYjERMA8GA1UEBxMI
-SW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJp
-U2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMIGfMA0GCSqG
-SIb3DQEBAQUAA4GNADCBiQKBgQC6A+2czKGRcYMfm8gdnk+0de99TDDzsqo0v5nb
-RsbUmMcdRQ7nsMbRWe0SAb/9QoLTZ/cJ0iOBqdrkz7UpqqKarVoTSdlSMVM92tWp
-3bJncZHQD1t4xd6lQVdI1/T6R+5J0T1ukOdsI9Jmf+F28S6g3R3L1SFwiHKeZKZv
-z+793wIDAQABo4ICRzCCAkMwggIpBgNVHQMBAf8EggIdMIICGTCCAhUwggIRBgtg
-hkgBhvhFAQcBATCCAgAWggGrVGhpcyBjZXJ0aWZpY2F0ZSBpbmNvcnBvcmF0ZXMg
-YnkgcmVmZXJlbmNlLCBhbmQgaXRzIHVzZSBpcyBzdHJpY3RseSBzdWJqZWN0IHRv
-LCB0aGUgVmVyaVNpZ24gQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1lbnQg
-KENQUyksIGF2YWlsYWJsZSBhdDogaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL0NQ
-Uy0xLjA7IGJ5IEUtbWFpbCBhdCBDUFMtcmVxdWVzdHNAdmVyaXNpZ24uY29tOyBv
-ciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMuLCAyNTkzIENvYXN0IEF2ZS4sIE1v
-dW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBUZWwuICsxICg0MTUpIDk2MS04ODMw
-IENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2lnbiwgSW5jLiAgQWxsIFJpZ2h0cyBS
-ZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVTIERJU0NMQUlNRUQgYW5kIExJQUJJ
-TElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcBAQGhDgYMYIZIAYb4RQEHAQECMC8w
-LRYraHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEuMDAU
-BglghkgBhvhCAQEBAf8EBAMCAgQwDQYJKoZIhvcNAQECBQADgYEApRJRkNBqLLgs
-53IR/d18ODdLOWMTZ+QOOxBrq460iBEdUwgF8vmPRX1ku7UiDeNzaLlurE6eFqHq
-2zPyK5j60zfTLVJMWKcQWwTJLjHtXrW8pxhNtFc6Fdvy5ZkHnC/9NIl7/t4U6WqB
-p4y+p7SdMIkEwIZfds0VbnQyX5MRUJY=
------END CERTIFICATE-----
-
- subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
- issuer= /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
------BEGIN CERTIFICATE-----
-MIICMTCCAZoCBQKhAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
-FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMg
-UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
-Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
-biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
-Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyVxZ
-nvIbigEUtBDfBEDb41evakVAj4QMC9Ez2dkRz+4CWB8l9yqoRAWq7AMfeH+ek7ma
-AKojfdashaJjRcdyJ8z0TMZ1cdI5709C8HXfCpDGjiBvmA/4rCNfcCk2pMmG57Ga
-IMtTpYXnPb59mv4kRTPcdhXtD6JxZExlLoFoRacCAwEAATANBgkqhkiG9w0BAQIF
-AAOBgQB1Zmw+0c2B27X4LzZRtvdCvM1Cr9wO+hVs+GeTVzrrtpLotgHKjLeOQ7RJ
-Zfk+7r11Ri7J/CVdqMcvi5uPaM+0nJcYwE3vH9mvgrPmZLiEXIqaB1JDYft0nls6
-NvxMsvwaPxUupVs8G5DsiCnkWRb5zget7Ond2tIxik/W2O8XjQ==
------END CERTIFICATE-----
- subject=/C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority
- issuer= /C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority
------BEGIN CERTIFICATE-----
-MIICMTCCAZoCBQKmAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
-FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMg
-UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
-Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
-biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
-Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0LJ1
-9njQrlpQ9OlQqZ+M1++RlHDo0iSQdomF1t+s5gEXMoDwnZNHvJplnR+Xrr/phnVj
-IIm9gFidBAydqMEk6QvlMXi9/C0MN2qeeIDpRnX57aP7E3vIwUzSo+/1PLBij0pd
-O92VZ48TucE81qcmm+zDO3rZTbxtm+gVAePwR6kCAwEAATANBgkqhkiG9w0BAQIF
-AAOBgQBT3dPwnCR+QKri/AAa19oM/DJhuBUNlvP6Vxt/M3yv6ZiaYch6s7f/sdyZ
-g9ysEvxwyR84Qu1E9oAuW2szaayc01znX1oYx7EteQSWQZGZQbE8DbqEOcY7l/Am
-yY7uvcxClf8exwI/VAx49byqYHwCaejcrOICdmHEPgPq0ook0Q==
------END CERTIFICATE-----
diff --git a/deps/openssl/openssl/apps/server.srl b/deps/openssl/openssl/apps/server.srl
deleted file mode 100644
index 8a0f05e166a..00000000000
--- a/deps/openssl/openssl/apps/server.srl
+++ /dev/null
@@ -1 +0,0 @@
-01
diff --git a/deps/openssl/openssl/apps/server2.pem b/deps/openssl/openssl/apps/server2.pem
deleted file mode 100644
index 8bb664194ed..00000000000
--- a/deps/openssl/openssl/apps/server2.pem
+++ /dev/null
@@ -1,376 +0,0 @@
-issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
-subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (1024 bit)
------BEGIN CERTIFICATE-----
-MIICLjCCAZcCAQEwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
-BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD
-VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTcwNjA5MTM1NzU0WhcNOTgwNjA5
-MTM1NzU0WjBkMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
-A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxJDAiBgNVBAMTG1NlcnZlciB0ZXN0IGNl
-cnQgKDEwMjQgYml0KTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsxH1PBPm
-RkxrR11eV4bzNi4N9n11CI8nV29+ARlT1+qDe/mjVUvXlmsr1v/vf71G9GgqopSa
-6RXrICLVdk/FYYYzhPvl1M+OrjaXDFO8BzBAF1Lnz6c7aRZvGRJNrRSr2nZEkqDf
-JW9dY7r2VZEpD5QeuaRYUnuECkqeieB65GMCAwEAATANBgkqhkiG9w0BAQQFAAOB
-gQCWsOta6C0wiVzXz8wPmJKyTrurMlgUss2iSuW9366iwofZddsNg7FXniMzkIf6
-dp7jnmWZwKZ9cXsNUS2o4OL07qOk2HOywC0YsNZQsOBu1CBTYYkIefDiKFL1zQHh
-8lwwNd4NP+OE3NzUNkCfh4DnFfg9WHkXUlD5UpxNRJ4gJA==
------END CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-MIICXgIBAAKBgQCzEfU8E+ZGTGtHXV5XhvM2Lg32fXUIjydXb34BGVPX6oN7+aNV
-S9eWayvW/+9/vUb0aCqilJrpFesgItV2T8VhhjOE++XUz46uNpcMU7wHMEAXUufP
-pztpFm8ZEk2tFKvadkSSoN8lb11juvZVkSkPlB65pFhSe4QKSp6J4HrkYwIDAQAB
-AoGBAKy8jvb0Lzby8q11yNLf7+78wCVdYi7ugMHcYA1JVFK8+zb1WfSm44FLQo/0
-dSChAjgz36TTexeLODPYxleJndjVcOMVzsLJjSM8dLpXsTS4FCeMbhw2s2u+xqKY
-bbPWfk+HOTyJjfnkcC5Nbg44eOmruq0gSmBeUXVM5UntlTnxAkEA7TGCA3h7kx5E
-Bl4zl2pc3gPAGt+dyfk5Po9mGJUUXhF5p2zueGmYWW74TmOWB1kzt4QRdYMzFePq
-zfDNXEa1CwJBAMFErdY0xp0UJ13WwBbUTk8rujqQdHtjw0klhpbuKkjxu2hN0wwM
-6p0D9qxF7JHaghqVRI0fAW/EE0OzdHMR9QkCQQDNR26dMFXKsoPu+vItljj/UEGf
-QG7gERiQ4yxaFBPHgdpGo0kT31eh9x9hQGDkxTe0GNG/YSgCRvm8+C3TMcKXAkBD
-dhGn36wkUFCddMSAM4NSJ1VN8/Z0y5HzCmI8dM3VwGtGMUQlxKxwOl30LEQzdS5M
-0SWojNYXiT2gOBfBwtbhAkEAhafl5QEOIgUz+XazS/IlZ8goNKdDVfYgK3mHHjvv
-nY5G+AuGebdNkXJr4KSWxDcN+C2i47zuj4QXA16MAOandA==
------END RSA PRIVATE KEY-----
-subject=/C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA
-issuer= /C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA
-notBefore=950413210656Z
-notAfter =970412210656Z
------BEGIN X509 CERTIFICATE-----
-
-MIICCDCCAXECAQAwDQYJKoZIhvcNAQEEBQAwTjELMAkGA1UEBhMCVVMxHzAdBgNV
-BAoUFkFUJlQgQmVsbCBMYWJvcmF0b3JpZXMxHjAcBgNVBAsUFVByb3RvdHlwZSBS
-ZXNlYXJjaCBDQTAeFw05NTA0MTMyMTA2NTZaFw05NzA0MTIyMTA2NTZaME4xCzAJ
-BgNVBAYTAlVTMR8wHQYDVQQKFBZBVCZUIEJlbGwgTGFib3JhdG9yaWVzMR4wHAYD
-VQQLFBVQcm90b3R5cGUgUmVzZWFyY2ggQ0EwgZwwDQYJKoZIhvcNAQEBBQADgYoA
-MIGGAoGAebOmgtSCl+wCYZc86UGYeTLY8cjmW2P0FN8ToT/u2pECCoFdrlycX0OR
-3wt0ZhpFXLVNeDnHwEE9veNUih7pCL2ZBFqoIoQkB1lZmXRiVtjGonz8BLm/qrFM
-YHb0lme/Ol+s118mwKVxnn6bSAeI/OXKhLaVdYZWk+aEaxEDkVkCAQ8wDQYJKoZI
-hvcNAQEEBQADgYEAAZMG14lZmZ8bahkaHaTV9dQf4p2FZiQTFwHP9ZyGsXPC+LT5
-dG5iTaRmyjNIJdPWohZDl97kAci79aBndvuEvRKOjLHs3WRGBIwERnAcnY9Mz8u/
-zIHK23PjYVxGGaZd669OJwD0CYyqH22HH9nFUGaoJdsv39ChW0NRdLE9+y8=
------END X509 CERTIFICATE-----
-issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
-subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
------BEGIN CERTIFICATE-----
-MIICJjCCAY8CAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV
-BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD
-VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTc0M1oXDTAxMDYw
-OTEzNTc0M1owWzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
-BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYDVQQDExJUZXN0IENBICgxMDI0
-IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKO7o8t116VP6cgybTsZ
-DCZhr95nYlZuya3aCi1IKoztqwWnjbmDFIriOqGFPrZQ+moMETC9D59iRW/dFXSv
-1F65ka/XY2hLh9exCCo7XuUcDs53Qp3bI3AmMqHjgzE8oO3ajyJAzJkTTOUecQU2
-mw/gI4tMM0LqWMQS7luTy4+xAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAM7achv3v
-hLQJcv/65eGEpBXM40ZDVoFQFFJWaY5p883HTqLB1x4FdzsXHH0QKBTcKpWwqyu4
-YDm3fb8oDugw72bCzfyZK/zVZPR/hVlqI/fvU109Qoc+7oPvIXWky71HfcK6ZBCA
-q30KIqGM/uoM60INq97qjDmCJapagcNBGQs=
------END CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQCju6PLddelT+nIMm07GQwmYa/eZ2JWbsmt2gotSCqM7asFp425
-gxSK4jqhhT62UPpqDBEwvQ+fYkVv3RV0r9ReuZGv12NoS4fXsQgqO17lHA7Od0Kd
-2yNwJjKh44MxPKDt2o8iQMyZE0zlHnEFNpsP4COLTDNC6ljEEu5bk8uPsQIDAQAB
-AoGAVZmpFZsDZfr0l2S9tLLwpjRWNOlKATQkno6q2WesT0eGLQufTciY+c8ypfU6
-hyio8r5iUl/VhhdjhAtKx1mRpiotftHo/eYf8rtsrnprOnWG0bWjLjtIoMbcxGn2
-J3bN6LJmbJMjDs0eJ3KnTu646F3nDUw2oGAwmpzKXA1KAP0CQQDRvQhxk2D3Pehs
-HvG665u2pB5ipYQngEFlZO7RHJZzJOZEWSLuuMqaF/7pTfA5jiBvWqCgJeCRRInL
-21ru4dlPAkEAx9jj7BgKn5TYnMoBSSe0afjsV9oApVpN1Nacb1YDtCwy+scp3++s
-nFxlv98wxIlSdpwMUn+AUWfjiWR7Tu/G/wJBAJ/KjwZIrFVxewP0x2ILYsTRYLzz
-MS4PDsO7FB+I0i7DbBOifXS2oNSpd3I0CNMwrxFnUHzynpbOStVfN3ZL5w0CQQCa
-pwFahxBRhkJKsxhjoFJBX9yl75JoY4Wvm5Tbo9ih6UJaRx3kqfkN14L2BKYcsZgb
-KY9vmDOYy6iNfjDeWTfJAkBkfPUb8oTJ/nSP5zN6sqGxSY4krc4xLxpRmxoJ8HL2
-XfhqXkTzbU13RX9JJ/NZ8vQN9Vm2NhxRGJocQkmcdVtJ
------END RSA PRIVATE KEY-----
------BEGIN X509 CERTIFICATE-----
-MIICYDCCAiACAgEoMAkGBSsOAwINBQAwfDELMAkGA1UEBhMCVVMxNjA0BgNVBAoT
-LU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEZ
-MBcGA1UECxMQVGVzdCBFbnZpcm9ubWVudDEaMBgGA1UECxMRRFNTLU5BU0EtUGls
-b3QtQ0EwHhcNOTYwMjI2MTYzMjQ1WhcNOTcwMjI1MTYzMjQ1WjB8MQswCQYDVQQG
-EwJVUzE2MDQGA1UEChMtTmF0aW9uYWwgQWVyb25hdXRpY3MgYW5kIFNwYWNlIEFk
-bWluaXN0cmF0aW9uMRkwFwYDVQQLExBUZXN0IEVudmlyb25tZW50MRowGAYDVQQL
-ExFEU1MtTkFTQS1QaWxvdC1DQTCB8jAJBgUrDgMCDAUAA4HkADCB4AJBAMA/ssKb
-hPNUG7ZlASfVwEJU21O5OyF/iyBzgHI1O8eOhJGUYO8cc8wDMjR508Mr9cp6Uhl/
-ZB7FV5GkLNEnRHYCQQDUEaSg45P2qrDwixTRhFhmWz5Nvc4lRFQ/42XPcchiJBLb
-bn3QK74T2IxY1yY+kCNq8XrIqf5fJJzIH0J/xUP3AhUAsg2wsQHfDGYk/BOSulX3
-fVd0geUCQQCzCFUQAh+ZkEmp5804cs6ZWBhrUAfnra8lJItYo9xPcXgdIfLfibcX
-R71UsyO77MRD7B0+Ag2tq794IleCVcEEMAkGBSsOAwINBQADLwAwLAIUUayDfreR
-Yh2WeU86/pHNdkUC1IgCFEfxe1f0oMpxJyrJ5XIxTi7vGdoK
------END X509 CERTIFICATE-----
------BEGIN X509 CERTIFICATE-----
-
-MIICGTCCAdgCAwCqTDAJBgUrDgMCDQUAMHwxCzAJBgNVBAYTAlVTMTYwNAYDVQQK
-Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x
-GTAXBgNVBAsTEFRlc3QgRW52aXJvbm1lbnQxGjAYBgNVBAsTEURTUy1OQVNBLVBp
-bG90LUNBMB4XDTk2MDUxNDE3MDE0MVoXDTk3MDUxNDE3MDE0MVowMzELMAkGA1UE
-BhMCQVUxDzANBgNVBAoTBk1pbmNvbTETMBEGA1UEAxMKRXJpYyBZb3VuZzCB8jAJ
-BgUrDgMCDAUAA4HkADCB4AJBAKbfHz6vE6pXXMTpswtGUec2tvnfLJUsoxE9qs4+
-ObZX7LmLvragNPUeiTJx7UOWZ5DfBj6bXLc8eYne0lP1g3ACQQDUEaSg45P2qrDw
-ixTRhFhmWz5Nvc4lRFQ/42XPcchiJBLbbn3QK74T2IxY1yY+kCNq8XrIqf5fJJzI
-H0J/xUP3AhUAsg2wsQHfDGYk/BOSulX3fVd0geUCQQCzCFUQAh+ZkEmp5804cs6Z
-WBhrUAfnra8lJItYo9xPcXgdIfLfibcXR71UsyO77MRD7B0+Ag2tq794IleCVcEE
-MAkGBSsOAwINBQADMAAwLQIUWsuuJRE3VT4ueWkWMAJMJaZjj1ECFQCYY0zX4bzM
-LC7obsrHD8XAHG+ZRG==
------END X509 CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICTTCCAbagAwIBAgIBADANBgkqhkiG9w0BAQQFADBMMQswCQYDVQQGEwJHQjEM
-MAoGA1UEChMDVUNMMRgwFgYDVQQLEw9JQ0UtVEVMIFByb2plY3QxFTATBgNVBAMT
-DFRydXN0RmFjdG9yeTAeFw05NzA0MjIxNDM5MTRaFw05ODA0MjIxNDM5MTRaMEwx
-CzAJBgNVBAYTAkdCMQwwCgYDVQQKEwNVQ0wxGDAWBgNVBAsTD0lDRS1URUwgUHJv
-amVjdDEVMBMGA1UEAxMMVHJ1c3RGYWN0b3J5MIGcMAoGBFUIAQECAgQAA4GNADCB
-iQKBgQCEieR8NcXkUW1f0G6aC6u0i8q/98JqS6RxK5YmHIGKCkuTWAUjzLfUa4dt
-U9igGCjTuxaDqlzEim+t/02pmiBZT9HaX++35MjQPUWmsChcYU5WyzGErXi+rQaw
-zlwS73zM8qiPj/97lXYycWhgL0VaiDSPxRXEUdWoaGruom4mNQIDAQABo0IwQDAd
-BgNVHQ4EFgQUHal1LZr7oVg5z6lYzrhTgZRCmcUwDgYDVR0PAQH/BAQDAgH2MA8G
-A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAfaggfl6FZoioecjv0dq8
-/DXo/u11iMZvXn08gjX/zl2b4wtPbShOSY5FhkSm8GeySasz+/Nwb/uzfnIhokWi
-lfPZHtlCWtXbIy/TN51eJyq04ceDCQDWvLC2enVg9KB+GJ34b5c5VaPRzq8MBxsA
-S7ELuYGtmYgYm9NZOIr7yU0=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIB6jCCAZQCAgEtMA0GCSqGSIb3DQEBBAUAMIGAMQswCQYDVQQGEwJVUzE2MDQG
-A1UEChMtTmF0aW9uYWwgQWVyb25hdXRpY3MgYW5kIFNwYWNlIEFkbWluaXN0cmF0
-aW9uMRkwFwYDVQQLExBUZXN0IEVudmlyb25tZW50MR4wHAYDVQQLExVNRDUtUlNB
-LU5BU0EtUGlsb3QtQ0EwHhcNOTYwNDMwMjIwNTAwWhcNOTcwNDMwMjIwNTAwWjCB
-gDELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu
-ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEZMBcGA1UECxMQVGVzdCBFbnZpcm9ubWVu
-dDEeMBwGA1UECxMVTUQ1LVJTQS1OQVNBLVBpbG90LUNBMFkwCgYEVQgBAQICAgAD
-SwAwSAJBALmmX5+GqAvcrWK13rfDrNX9UfeA7f+ijyBgeFQjYUoDpFqapw4nzQBL
-bAXug8pKkRwa2Zh8YODhXsRWu2F/UckCAwEAATANBgkqhkiG9w0BAQQFAANBAH9a
-OBA+QCsjxXgnSqHx04gcU8S49DVUb1f2XVoLnHlIb8RnX0k5O6mpHT5eti9bLkiW
-GJNMJ4L0AJ/ac+SmHZc=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICajCCAdMCBDGA0QUwDQYJKoZIhvcNAQEEBQAwfTELMAkGA1UEBhMCQ2ExDzAN
-BgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmlsaXR5IEFjY2VwdGVkMR8w
-HQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRwwGgYDVQQDExNFbnRydXN0
-IERlbW8gV2ViIENBMB4XDTk2MDQyNjEzMzUwMVoXDTA2MDQyNjEzMzUwMVowfTEL
-MAkGA1UEBhMCQ2ExDzANBgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmls
-aXR5IEFjY2VwdGVkMR8wHQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRww
-GgYDVQQDExNFbnRydXN0IERlbW8gV2ViIENBMIGdMA0GCSqGSIb3DQEBAQUAA4GL
-ADCBhwKBgQCaroS7O1DA0hm4IefNYU1cx/nqOmzEnk291d1XqznDeF4wEgakbkCc
-zTKxK791yNpXG5RmngqH7cygDRTHZJ6mfCRn0wGC+AI00F2vYTGqPGRQL1N3lZT0
-YDKFC0SQeMMjFIZ1aeQigroFQnHo0VB3zWIMpNkka8PY9lxHZAmWwQIBAzANBgkq
-hkiG9w0BAQQFAAOBgQBAx0UMVA1s54lMQyXjMX5kj99FJN5itb8bK1Rk+cegPQPF
-cWO9SEWyEjjBjIkjjzAwBkaEszFsNGxemxtXvwjIm1xEUMTVlPEWTs2qnDvAUA9W
-YqhWbhH0toGT36236QAsqCZ76rbTRVSSX2BHyJwJMG2tCRv7kRJ//NIgxj3H4w==
------END CERTIFICATE-----
-
-issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
-subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
------BEGIN CERTIFICATE-----
-MIICJzCCAZACAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV
-BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD
-VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTczN1oXDTAxMDYw
-OTEzNTczN1owXDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
-BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYDVQQDExNUZXN0IFBDQSAoMTAy
-NCBiaXQpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCdoWk/3+WcMlfjIrkg
-40ketmnQaEogQe1LLcuOJV6rKfUSAsPgwgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp
-22Jp85PmemiDzyUIStwk72qhp1imbANZvlmlCFKiQrjUyuDfu4TABmn+kkt3vR1Y
-BEOGt+IFye1UBVSATVdRJ2UVhwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABNA1u/S
-Cg/LJZWb7GliiKJsvuhxlE4E5JxQF2zMub/CSNbF97//tYSyj96sxeFQxZXbcjm9
-xt6mr/xNLA4szNQMJ4P+L7b5e/jC5DSqlwS+CUYJgaFs/SP+qJoCSu1bR3IM9XWO
-cRBpDmcBbYLkSyB92WURvsZ1LtjEcn+cdQVI
------END CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQCdoWk/3+WcMlfjIrkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPg
-wgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp22Jp85PmemiDzyUIStwk72qhp1imbANZ
-vlmlCFKiQrjUyuDfu4TABmn+kkt3vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQAB
-AoGAba4fTtuap5l7/8ZsbE7Z1O32KJY4ZcOZukLOLUUhXxXduT+FTgGWujc0/rgc
-z9qYCLlNZHOouMYTgtSfYvuMuLZ11VIt0GYH+nRioLShE59Yy+zCRyC+gPigS1kz
-xvo14AsOIPYV14Tk/SsHyq6E0eTk7VzaIE197giiINUERPECQQDSKmtPTh/lRKw7
-HSZSM0I1mFWn/1zqrAbontRQY5w98QWIOe5qmzYyFbPXYT3d9BzlsMyhgiRNoBbD
-yvohSHXJAkEAwAHx6ezAZeWWzD5yXD36nyjpkVCw7Tk7TSmOceLJMWt1QcrCfqlS
-xA5jjpQ6Z8suU5DdtWAryM2sAir1WisYzwJAd6Zcx56jvAQ3xcPXsE6scBTVFzrj
-7FqZ6E+cclPzfLQ+QQsyOBE7bpI6e/FJppY26XGZXo3YGzV8IGXrt40oOQJALETG
-h86EFXo3qGOFbmsDy4pdP5nBERCu8X1xUCSfintiD4c2DInxgS5oGclnJeMcjTvL
-QjQoJCX3UJCi/OUO1QJBAKgcDHWjMvt+l1pjJBsSEZ0HX9AAIIVx0RQmbFGS+F2Q
-hhu5l77WnnZOQ9vvhV5u7NPCUF9nhU3jh60qWWO8mkc=
------END RSA PRIVATE KEY-----
-subject=/C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
-issuer= /C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
-notBefore=941104185834Z
-notAfter =991103185834Z
------BEGIN X509 CERTIFICATE-----
-
-MIICIzCCAZACBQJBAAAWMA0GCSqGSIb3DQEBAgUAMFwxCzAJBgNVBAYTAlVTMSAw
-HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVy
-Y2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDQxODU4MzRaFw05
-OTExMDMxODU4MzRaMFwxCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0YSBT
-ZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVyY2lhbCBDZXJ0aWZpY2F0aW9u
-IEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCk+4Fie84QJ93o
-975sbsZwmdu41QUDaSiCnHJ/lj+O7Kwpkj+KFPhCdr69XQO5kNTQvAayUTNfxMK/
-touPmbZiImDd298ggrTKoi8tUO2UMt7gVY3UaOLgTNLNBRYulWZcYVI4HlGogqHE
-7yXpCuaLK44xZtn42f29O2nZ6wIDAQABMA0GCSqGSIb3DQEBAgUAA34AdrW2EP4j
-9/dZYkuwX5zBaLxJu7NJbyFHXSudVMQAKD+YufKKg5tgf+tQx6sFEC097TgCwaVI
-0v5loMC86qYjFmZsGySp8+x5NRhPJsjjr1BKx6cxa9B8GJ1Qv6km+iYrRpwUqbtb
-MJhCKLVLU7tDCZJAuqiqWqTGtotXTcU=
------END X509 CERTIFICATE-----
-subject=/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
-issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
-notBefore=941109235417Z
-notAfter =991231235417Z
------BEGIN X509 CERTIFICATE-----
-
-MIICKTCCAZYCBQJBAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMSAw
-HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJl
-IFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDkyMzU0MTda
-Fw05OTEyMzEyMzU0MTdaMF8xCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0
-YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJlIFNlcnZlciBDZXJ0aWZp
-Y2F0aW9uIEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCSznrB
-roM+WqqJg1esJQF2DK2ujiw3zus1eGRUA+WEQFHJv48I4oqCCNIWhjdV6bEhAq12
-aIGaBaJLyUslZiJWbIgHj/eBWW2EB2VwE3F2Ppt3TONQiVaYSLkdpykaEy5KEVmc
-HhXVSVQsczppgrGXOZxtcGdI5d0t1sgeewIDAQABMA0GCSqGSIb3DQEBAgUAA34A
-iNHReSHO4ovo+MF9NFM/YYPZtgs4F7boviGNjwC4i1N+RGceIr2XJ+CchcxK9oU7
-suK+ktPlDemvXA4MRpX/oRxePug2WHpzpgr4IhFrwwk4fia7c+8AvQKk8xQNMD9h
-cHsg/jKjn7P0Z1LctO6EjJY2IN6BCINxIYoPnqk=
------END X509 CERTIFICATE-----
-subject=/C=ZA/SP=Western Cape/L=Cape Town/O=Thawte Consulting cc
-	/OU=Certification Services Division/CN=Thawte Server CA
-	/Email=server-certs@thawte.com
-issuer= /C=ZA/SP=Western Cape/L=Cape Town/O=Thawte Consulting cc
-	/OU=Certification Services Division/CN=Thawte Server CA
-	/Email=server-certs@thawte.com
------BEGIN CERTIFICATE-----
-MIIC+TCCAmICAQAwDQYJKoZIhvcNAQEEBQAwgcQxCzAJBgNVBAYTAlpBMRUwEwYD
-VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU
-VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
-dmljZXMgRGl2aXNpb24xGTAXBgNVBAMTEFRoYXd0ZSBTZXJ2ZXIgQ0ExJjAkBgkq
-hkiG9w0BCQEWF3NlcnZlci1jZXJ0c0B0aGF3dGUuY29tMB4XDTk2MDcyNzE4MDc1
-N1oXDTk4MDcyNzE4MDc1N1owgcQxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0
-ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMUVGhhd3RlIENv
-bnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2
-aXNpb24xGTAXBgNVBAMTEFRoYXd0ZSBTZXJ2ZXIgQ0ExJjAkBgkqhkiG9w0BCQEW
-F3NlcnZlci1jZXJ0c0B0aGF3dGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB
-iQKBgQDTpFBuyP9Wa+bPXbbqDGh1R6KqwtqEJfyo9EdR2oW1IHSUhh4PdcnpCGH1
-Bm0wbhUZAulSwGLbTZme4moMRDjN/r7jZAlwxf6xaym2L0nIO9QnBCUQly/nkG3A
-KEKZ10xD3sP1IW1Un13DWOHA5NlbsLjctHvfNjrCtWYiEtaHDQIDAQABMA0GCSqG
-SIb3DQEBBAUAA4GBAIsvn7ifX3RUIrvYXtpI4DOfARkTogwm6o7OwVdl93yFhDcX
-7h5t0XZ11MUAMziKdde3rmTvzUYIUCYoY5b032IwGMTvdiclK+STN6NP2m5nvFAM
-qJT5gC5O+j/jBuZRQ4i0AMYQr5F4lT8oBJnhgafw6PL8aDY2vMHGSPl9+7uf
------END CERTIFICATE-----
-
------BEGIN CERTIFICATE-----
-MIIDDTCCAnYCAQAwDQYJKoZIhvcNAQEEBQAwgc4xCzAJBgNVBAYTAlpBMRUwEwYD
-VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU
-VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
-dmljZXMgRGl2aXNpb24xITAfBgNVBAMTGFRoYXd0ZSBQcmVtaXVtIFNlcnZlciBD
-QTEoMCYGCSqGSIb3DQEJARYZcHJlbWl1bS1zZXJ2ZXJAdGhhd3RlLmNvbTAeFw05
-NjA3MjcxODA3MTRaFw05ODA3MjcxODA3MTRaMIHOMQswCQYDVQQGEwJaQTEVMBMG
-A1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xHTAbBgNVBAoT
-FFRoYXd0ZSBDb25zdWx0aW5nIGNjMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNl
-cnZpY2VzIERpdmlzaW9uMSEwHwYDVQQDExhUaGF3dGUgUHJlbWl1bSBTZXJ2ZXIg
-Q0ExKDAmBgkqhkiG9w0BCQEWGXByZW1pdW0tc2VydmVyQHRoYXd0ZS5jb20wgZ8w
-DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANI2NmqL18JbntqBQWKPOO5JBFXW0O8c
-G5UWR+8YSDU6UvQragaPOy/qVuOvho2eF/eetGV1Ak3vywmiIVHYm9Bn0LoNkgYU
-c9STy5cqAJxcTgy8+hVS/PJEbtoRSm4Iny8t4/mqOoZztkZTWMiJBb2DEbhzP6oH
-jfRCTedAnRw3AgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAutFIgTRZVYerIZfL9lvR
-w9Eifvvo5KTZ3h+Bj+VzNnyw4Qc/IyXkPOu6SIiH9LQ3sCmWBdxpe+qr4l77rLj2
-GYuMtESFfn1XVALzkYgC7JcPuTOjMfIiMByt+uFf8AV8x0IW/Qkuv+hEQcyM9vxK
-3VZdLbCVIhNoEsysrxCpxcI=
------END CERTIFICATE-----
-Tims test GCI CA
-
------BEGIN CERTIFICATE-----
-MIIB8DCCAZoCAQAwDQYJKoZIhvcNAQEEBQAwgYIxCzAJBgNVBAYTAkFVMRMwEQYD
-VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
-cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2RldmVsb3BtZW50MRkwFwYDVQQDExBD
-cnlwdFNvZnQgRGV2IENBMB4XDTk3MDMyMjEzMzQwNFoXDTk4MDMyMjEzMzQwNFow
-gYIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhC
-cmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2Rl
-dmVsb3BtZW50MRkwFwYDVQQDExBDcnlwdFNvZnQgRGV2IENBMFwwDQYJKoZIhvcN
-AQEBBQADSwAwSAJBAOAOAqogG5QwAmLhzyO4CoRnx/wVy4NZP4dxJy83O1EnL0rw
-OdsamJKvPOLHgSXo3gDu9uVyvCf/QJmZAmC5ml8CAwEAATANBgkqhkiG9w0BAQQF
-AANBADRRS/GVdd7rAqRW6SdmgLJduOU2yq3avBu99kRqbp9A/dLu6r6jU+eP4oOA
-TfdbFZtAAD2Hx9jUtY3tfdrJOb8= 
------END CERTIFICATE-----
-
------BEGIN CERTIFICATE-----
-MIICVjCCAgACAQAwDQYJKoZIhvcNAQEEBQAwgbUxCzAJBgNVBAYTAkFVMRMwEQYD
-VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
-cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsTI1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9O
-IEFVVEhPUklUSUVTMTQwMgYDVQQDEytaRVJPIFZBTFVFIENBIC0gREVNT05TVFJB
-VElPTiBQVVJQT1NFUyBPTkxZMB4XDTk3MDQwMzEzMjI1NFoXDTk4MDQwMzEzMjI1
-NFowgbUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH
-EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsT
-I1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9OIEFVVEhPUklUSUVTMTQwMgYDVQQDEyta
-RVJPIFZBTFVFIENBIC0gREVNT05TVFJBVElPTiBQVVJQT1NFUyBPTkxZMFwwDQYJ
-KoZIhvcNAQEBBQADSwAwSAJBAOZ7T7yqP/tyspcko3yPY1y0Cm2EmwNvzW4QgVXR
-Fjs3HmJ4xtSpXdo6mwcGezL3Abt/aQXaxv9PU8xt+Jr0OFUCAwEAATANBgkqhkiG
-9w0BAQQFAANBAOQpYmGgyCqCy1OljgJhCqQOu627oVlHzK1L+t9vBaMfn40AVUR4
-WzQVWO31KTgi5vTK1U+3h46fgUWqQ0h+6rU=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIAwgKADAgECAgEAMA0GCSqGSIb3DQEBBAUAMGIxETAPBgNVBAcTCEludGVybmV0
-MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh
-c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjAeFw05NjA0MDgxMDIwMjda
-Fw05NzA0MDgxMDIwMjdaMGIxETAPBgNVBAcTCEludGVybmV0MRcwFQYDVQQKEw5W
-ZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xhc3MgMSBDQSAtIElu
-ZGl2aWR1YWwgU3Vic2NyaWJlcjCAMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2
-FKbPTdAFDdjKI9BvqrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7j
-W80GqLd5HUQq7XPysVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cari
-QPJUObwW7s987LrbP2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABAAAAADANBgkqhkiG
-9w0BAQQFAAOBgQA+1nJryNt8VBRjRr07ArDAV/3jAH7GjDc9jsrxZS68ost9v06C
-TvTNKGL+LISNmFLXl+JXhgGB0JZ9fvyYzNgHQ46HBUng1H6voalfJgS2KdEo50wW
-8EFZYMDkT1k4uynwJqkVN2QJK/2q4/A/VCov5h6SlM8Affg2W+1TLqvqkwAA
------END CERTIFICATE-----
-
- subject=/L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
- issuer= /L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
-
------BEGIN CERTIFICATE-----
-MIIEkzCCA/ygAwIBAgIRANDTUpSRL3nTFeMrMayFSPAwDQYJKoZIhvcNAQECBQAw
-YjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQw
-MgYDVQQLEytWZXJpU2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3Jp
-YmVyMB4XDTk2MDYwNDAwMDAwMFoXDTk4MDYwNDIzNTk1OVowYjERMA8GA1UEBxMI
-SW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJp
-U2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMIGfMA0GCSqG
-SIb3DQEBAQUAA4GNADCBiQKBgQC6A+2czKGRcYMfm8gdnk+0de99TDDzsqo0v5nb
-RsbUmMcdRQ7nsMbRWe0SAb/9QoLTZ/cJ0iOBqdrkz7UpqqKarVoTSdlSMVM92tWp
-3bJncZHQD1t4xd6lQVdI1/T6R+5J0T1ukOdsI9Jmf+F28S6g3R3L1SFwiHKeZKZv
-z+793wIDAQABo4ICRzCCAkMwggIpBgNVHQMBAf8EggIdMIICGTCCAhUwggIRBgtg
-hkgBhvhFAQcBATCCAgAWggGrVGhpcyBjZXJ0aWZpY2F0ZSBpbmNvcnBvcmF0ZXMg
-YnkgcmVmZXJlbmNlLCBhbmQgaXRzIHVzZSBpcyBzdHJpY3RseSBzdWJqZWN0IHRv
-LCB0aGUgVmVyaVNpZ24gQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1lbnQg
-KENQUyksIGF2YWlsYWJsZSBhdDogaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL0NQ
-Uy0xLjA7IGJ5IEUtbWFpbCBhdCBDUFMtcmVxdWVzdHNAdmVyaXNpZ24uY29tOyBv
-ciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMuLCAyNTkzIENvYXN0IEF2ZS4sIE1v
-dW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBUZWwuICsxICg0MTUpIDk2MS04ODMw
-IENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2lnbiwgSW5jLiAgQWxsIFJpZ2h0cyBS
-ZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVTIERJU0NMQUlNRUQgYW5kIExJQUJJ
-TElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcBAQGhDgYMYIZIAYb4RQEHAQECMC8w
-LRYraHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEuMDAU
-BglghkgBhvhCAQEBAf8EBAMCAgQwDQYJKoZIhvcNAQECBQADgYEApRJRkNBqLLgs
-53IR/d18ODdLOWMTZ+QOOxBrq460iBEdUwgF8vmPRX1ku7UiDeNzaLlurE6eFqHq
-2zPyK5j60zfTLVJMWKcQWwTJLjHtXrW8pxhNtFc6Fdvy5ZkHnC/9NIl7/t4U6WqB
-p4y+p7SdMIkEwIZfds0VbnQyX5MRUJY=
------END CERTIFICATE-----
-
- subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
- issuer= /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
------BEGIN CERTIFICATE-----
-MIICMTCCAZoCBQKhAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
-FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMg
-UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
-Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
-biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
-Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyVxZ
-nvIbigEUtBDfBEDb41evakVAj4QMC9Ez2dkRz+4CWB8l9yqoRAWq7AMfeH+ek7ma
-AKojfdashaJjRcdyJ8z0TMZ1cdI5709C8HXfCpDGjiBvmA/4rCNfcCk2pMmG57Ga
-IMtTpYXnPb59mv4kRTPcdhXtD6JxZExlLoFoRacCAwEAATANBgkqhkiG9w0BAQIF
-AAOBgQB1Zmw+0c2B27X4LzZRtvdCvM1Cr9wO+hVs+GeTVzrrtpLotgHKjLeOQ7RJ
-Zfk+7r11Ri7J/CVdqMcvi5uPaM+0nJcYwE3vH9mvgrPmZLiEXIqaB1JDYft0nls6
-NvxMsvwaPxUupVs8G5DsiCnkWRb5zget7Ond2tIxik/W2O8XjQ==
------END CERTIFICATE-----
- subject=/C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority
- issuer= /C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority
------BEGIN CERTIFICATE-----
-MIICMTCCAZoCBQKmAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
-FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMg
-UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
-Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
-biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
-Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0LJ1
-9njQrlpQ9OlQqZ+M1++RlHDo0iSQdomF1t+s5gEXMoDwnZNHvJplnR+Xrr/phnVj
-IIm9gFidBAydqMEk6QvlMXi9/C0MN2qeeIDpRnX57aP7E3vIwUzSo+/1PLBij0pd
-O92VZ48TucE81qcmm+zDO3rZTbxtm+gVAePwR6kCAwEAATANBgkqhkiG9w0BAQIF
-AAOBgQBT3dPwnCR+QKri/AAa19oM/DJhuBUNlvP6Vxt/M3yv6ZiaYch6s7f/sdyZ
-g9ysEvxwyR84Qu1E9oAuW2szaayc01znX1oYx7EteQSWQZGZQbE8DbqEOcY7l/Am
-yY7uvcxClf8exwI/VAx49byqYHwCaejcrOICdmHEPgPq0ook0Q==
------END CERTIFICATE-----
diff --git a/deps/openssl/openssl/apps/sess_id.c b/deps/openssl/openssl/apps/sess_id.c
deleted file mode 100644
index b99179f2767..00000000000
--- a/deps/openssl/openssl/apps/sess_id.c
+++ /dev/null
@@ -1,320 +0,0 @@
-/* apps/sess_id.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include 
-#include 
-#include 
-#include "apps.h"
-#include 
-#include 
-#include 
-#include 
-#include 
-
-#undef PROG
-#define PROG	sess_id_main
-
-static const char *sess_id_usage[]={
-"usage: sess_id args\n",
-"\n",
-" -inform arg     - input format - default PEM (DER or PEM)\n",
-" -outform arg    - output format - default PEM\n",
-" -in arg         - input file - default stdin\n",
-" -out arg        - output file - default stdout\n",
-" -text           - print ssl session id details\n",
-" -cert           - output certificate \n",
-" -noout          - no CRL output\n",
-" -context arg    - set the session ID context\n",
-NULL
-};
-
-static SSL_SESSION *load_sess_id(char *file, int format);
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	SSL_SESSION *x=NULL;
-	int ret=1,i,num,badops=0;
-	BIO *out=NULL;
-	int informat,outformat;
-	char *infile=NULL,*outfile=NULL,*context=NULL;
-	int cert=0,noout=0,text=0;
-	const char **pp;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
-
-	argc--;
-	argv++;
-	num=0;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-text") == 0)
-			text= ++num;
-		else if (strcmp(*argv,"-cert") == 0)
-			cert= ++num;
-		else if (strcmp(*argv,"-noout") == 0)
-			noout= ++num;
-		else if (strcmp(*argv,"-context") == 0)
-		    {
-		    if(--argc < 1) goto bad;
-		    context=*++argv;
-		    }
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		for (pp=sess_id_usage; (*pp != NULL); pp++)
-			BIO_printf(bio_err,"%s",*pp);
-		goto end;
-		}
-
-	ERR_load_crypto_strings();
-	x=load_sess_id(infile,informat);
-	if (x == NULL) { goto end; }
-
-	if(context)
-	    {
-	    x->sid_ctx_length=strlen(context);
-	    if(x->sid_ctx_length > SSL_MAX_SID_CTX_LENGTH)
-		{
-		BIO_printf(bio_err,"Context too long\n");
-		goto end;
-		}
-	    memcpy(x->sid_ctx,context,x->sid_ctx_length);
-	    }
-
-#ifdef undef
-	/* just testing for memory leaks :-) */
-	{
-	SSL_SESSION *s;
-	char buf[1024*10],*p;
-	int i;
-
-	s=SSL_SESSION_new();
-
-	p= &buf;
-	i=i2d_SSL_SESSION(x,&p);
-	p= &buf;
-	d2i_SSL_SESSION(&s,&p,(long)i);
-	p= &buf;
-	d2i_SSL_SESSION(&s,&p,(long)i);
-	p= &buf;
-	d2i_SSL_SESSION(&s,&p,(long)i);
-	SSL_SESSION_free(s);
-	}
-#endif
-
-	if (!noout || text)
-		{
-		out=BIO_new(BIO_s_file());
-		if (out == NULL)
-			{
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-
-		if (outfile == NULL)
-			{
-			BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-			{
-			BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-			out = BIO_push(tmpbio, out);
-			}
-#endif
-			}
-		else
-			{
-			if (BIO_write_filename(out,outfile) <= 0)
-				{
-				perror(outfile);
-				goto end;
-				}
-			}
-		}
-
-	if (text)
-		{
-		SSL_SESSION_print(out,x);
-
-		if (cert)
-			{
-			if (x->peer == NULL)
-				BIO_puts(out,"No certificate present\n");
-			else
-				X509_print(out,x->peer);
-			}
-		}
-
-	if (!noout && !cert)
-		{
-		if 	(outformat == FORMAT_ASN1)
-			i=i2d_SSL_SESSION_bio(out,x);
-		else if (outformat == FORMAT_PEM)
-			i=PEM_write_bio_SSL_SESSION(out,x);
-		else	{
-			BIO_printf(bio_err,"bad output format specified for outfile\n");
-			goto end;
-			}
-		if (!i) {
-			BIO_printf(bio_err,"unable to write SSL_SESSION\n");
-			goto end;
-			}
-		}
-	else if (!noout && (x->peer != NULL)) /* just print the certificate */
-		{
-		if 	(outformat == FORMAT_ASN1)
-			i=(int)i2d_X509_bio(out,x->peer);
-		else if (outformat == FORMAT_PEM)
-			i=PEM_write_bio_X509(out,x->peer);
-		else	{
-			BIO_printf(bio_err,"bad output format specified for outfile\n");
-			goto end;
-			}
-		if (!i) {
-			BIO_printf(bio_err,"unable to write X509\n");
-			goto end;
-			}
-		}
-	ret=0;
-end:
-	if (out != NULL) BIO_free_all(out);
-	if (x != NULL) SSL_SESSION_free(x);
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
-
-static SSL_SESSION *load_sess_id(char *infile, int format)
-	{
-	SSL_SESSION *x=NULL;
-	BIO *in=NULL;
-
-	in=BIO_new(BIO_s_file());
-	if (in == NULL)
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (infile == NULL)
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(in,infile) <= 0)
-			{
-			perror(infile);
-			goto end;
-			}
-		}
-	if 	(format == FORMAT_ASN1)
-		x=d2i_SSL_SESSION_bio(in,NULL);
-	else if (format == FORMAT_PEM)
-		x=PEM_read_bio_SSL_SESSION(in,NULL,NULL,NULL);
-	else	{
-		BIO_printf(bio_err,"bad input format specified for input crl\n");
-		goto end;
-		}
-	if (x == NULL)
-		{
-		BIO_printf(bio_err,"unable to load SSL_SESSION\n");
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-	
-end:
-	if (in != NULL) BIO_free(in);
-	return(x);
-	}
-
diff --git a/deps/openssl/openssl/apps/set/set-g-ca.pem b/deps/openssl/openssl/apps/set/set-g-ca.pem
deleted file mode 100644
index 78499f05706..00000000000
--- a/deps/openssl/openssl/apps/set/set-g-ca.pem
+++ /dev/null
@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDeDCCAuGgAwIBAgIgYCYUeg8NJ9kO1q3z6vGCkAmPRfu5+Nur0FyGF79MADMw
-DQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCVVMxFDASBgNVBAoTC0JDQTEwMTcx
-MTA0MSAwHgYDVQQDExdCcmFuZCBOYW1lOlByb2R1Y3QgVHlwZTAeFw05NjEwMjIw
-MDAwMDBaFw05NjExMjEyMzU5NTlaMEUxCzAJBgNVBAYTAlVTMRQwEgYDVQQKEwtQ
-Q0ExMDIxMTgyODEgMB4GA1UEAxMXQnJhbmQgTmFtZTpQcm9kdWN0IFR5cGUwgZ8w
-DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJyi5V7l1HohY6hN/2N9x6mvWeMy8rD1
-6lfXjgmiuGmhpaszWYaalesMcS2OGuG8Lq3PkaSzpVzqASKfIOjxLMsdpYyYJRub
-vRPDWi3xd8wlp9xUwWHKqn+ki8mPo0yN4eONwZZ4rcZr6K+tWd+5EJZSjuENJoQ/
-SRRmGRzdcS7XAgMBAAGjggFXMIIBUzBUBgNVHSMETTBLoSekJTAjMQswCQYDVQQG
-EwJVUzEUMBIGA1UEChMLUkNBMTAxMTE4MjmCIGApUs14Ad7t9VTGq2PpV8DylPQ7
-aATM2mor7lc1fWvZMA4GA1UdDwEB/wQEAwIBBjAuBgNVHRABAf8EJDAigA8xOTk2
-MTAyMjAxMjIwMFqBDzE5OTYxMTIxMjM1OTU5WjAbBgNVHSABAf8EETAPMA0GC2CG
-SAGG+EUBBwEBMBIGA1UdEwEB/wQIMAYBAf8CAQAwDwYEho1vAwEB/wQEAwICBDB5
-BgSGjW8HAQH/BG4wbDAkAgEAMAkGBSsOAwIaBQAEFDJmNzRiMWFmNGZjYzA2MGY3
-Njc2Ew90ZXJzZSBzdGF0ZW1lbnSAF2h0dHA6Ly93d3cudmVyaXNpZ24uY29tgRpn
-ZXRzZXQtY2VudGVyQHZlcmlzaWduLmNvbTANBgkqhkiG9w0BAQUFAAOBgQBn19R2
-AgGvpJDmfXrHTDdCoYyMkaP2MPzw0hFRwh+wqnw0/pqUXa7MrLXMqtD3rUyOWaNR
-9fYpJZd0Bh/1OeIc2+U+VNfUovLLuZ8nNemdxyq2KMYnHtnh7UdO7atZ+PFLVu8x
-a+J2Mtj8MGy12CJNTJcjLSrJ/1f3AuVrwELjlQ==
------END CERTIFICATE-----
diff --git a/deps/openssl/openssl/apps/set/set-m-ca.pem b/deps/openssl/openssl/apps/set/set-m-ca.pem
deleted file mode 100644
index 0e74caff67b..00000000000
--- a/deps/openssl/openssl/apps/set/set-m-ca.pem
+++ /dev/null
@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDeDCCAuGgAwIBAgIgEGvcf5aUnufALdVMa/dmPdflq1CoORGeK5DUwbqhVYcw
-DQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCVVMxFDASBgNVBAoTC0JDQTEwMTcx
-MTA0MSAwHgYDVQQDExdCcmFuZCBOYW1lOlByb2R1Y3QgVHlwZTAeFw05NjEwMjIw
-MDAwMDBaFw05NjExMjEyMzU5NTlaMEUxCzAJBgNVBAYTAlVTMRQwEgYDVQQKEwtN
-Q0ExMDIxMTgyNzEgMB4GA1UEAxMXQnJhbmQgTmFtZTpQcm9kdWN0IFR5cGUwgZ8w
-DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALuWwr63YrT1GIZpYKfIeiVFHESG/FZO
-7RAJKml/p12ZyZ7D5YPP4BBXVsa1H8e8arR1LKC4rdCArrtKKlBeBiMo9+NB+u35
-FnLnTmfzM4iZ2Syw35DXY8+Xn/LM7RJ1RG+vMNcTqpoUg7QPye7flq2Pt7vVROPn
-SZxPyVxmILe3AgMBAAGjggFXMIIBUzBUBgNVHSMETTBLoSekJTAjMQswCQYDVQQG
-EwJVUzEUMBIGA1UEChMLUkNBMTAxMTE4MjmCIGApUs14Ad7t9VTGq2PpV8DylPQ7
-aATM2mor7lc1fWvZMA4GA1UdDwEB/wQEAwIBBjAuBgNVHRABAf8EJDAigA8xOTk2
-MTAyMjAxMjEwMFqBDzE5OTYxMTIxMjM1OTU5WjAbBgNVHSABAf8EETAPMA0GC2CG
-SAGG+EUBBwEBMBIGA1UdEwEB/wQIMAYBAf8CAQAwDwYEho1vAwEB/wQEAwIDCDB5
-BgSGjW8HAQH/BG4wbDAkAgEAMAkGBSsOAwIaBQAEFDJmNzRiMWFmNGZjYzA2MGY3
-Njc2Ew90ZXJzZSBzdGF0ZW1lbnSAF2h0dHA6Ly93d3cudmVyaXNpZ24uY29tgRpn
-ZXRzZXQtY2VudGVyQHZlcmlzaWduLmNvbTANBgkqhkiG9w0BAQUFAAOBgQApaj0W
-GgyR47URZEZ7z83yivvnVErqtodub/nR1fMgJ4bDC0ofjA0SzXBP1/3eDq9VkPuS
-EKUw9BpM2XrSUKhJ6F1CbBjWpM0M7GC1nTSxMxmV+XL+Ab/Gn2SwozUApWtht29/
-x9VLB8qsi6wN2aOsVdQMl5iVCjGQYfEkyuoIgA==
------END CERTIFICATE-----
diff --git a/deps/openssl/openssl/apps/set/set_b_ca.pem b/deps/openssl/openssl/apps/set/set_b_ca.pem
deleted file mode 100644
index eba7d5cf54b..00000000000
--- a/deps/openssl/openssl/apps/set/set_b_ca.pem
+++ /dev/null
@@ -1,23 +0,0 @@
------BEGIN CERTIFICATE-----
-MIID1zCCAr+gAwIBAgIgYClSzXgB3u31VMarY+lXwPKU9DtoBMzaaivuVzV9a9kw
-DQYJKoZIhvcNAQEFBQAwIzELMAkGA1UEBhMCVVMxFDASBgNVBAoTC1JDQTEwMTEx
-ODI5MB4XDTk2MTAxNzAwMDAwMFoXDTk2MTExNjIzNTk1OVowRTELMAkGA1UEBhMC
-VVMxFDASBgNVBAoTC0JDQTEwMTcxMTA0MSAwHgYDVQQDExdCcmFuZCBOYW1lOlBy
-b2R1Y3QgVHlwZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApPewvR0BwV02
-9E12ic48pMY/aMB6SkMEWPDx2hURr0DKYGJ6qMvzZn2pSfaVH1BqDtK6oK4Ye5Mj
-ItywwQIdXXO9Ut8+TLnvtzq9ByCJ0YThjZJBc7ZcpJxSV7QAoBON/lzxZuAVq3+L
-3uc39MgRwmBpRllZEpWrkojxs6166X0CAwEAAaOCAVcwggFTMFQGA1UdIwRNMEuh
-J6QlMCMxCzAJBgNVBAYTAlVTMRQwEgYDVQQKEwtSQ0ExMDExMTgyOYIgVqenwCYv
-mmxUIvi9gUMCa+uJGJ60mZecw9HrISXnLaYwDgYDVR0PAQH/BAQDAgEGMC4GA1Ud
-EAEB/wQkMCKADzE5OTYxMDE3MTc1NzAwWoEPMTk5NjExMTYyMzU5NTlaMBsGA1Ud
-IAEB/wQRMA8wDQYLYIZIAYb4RQEHAQEwEgYDVR0TAQH/BAgwBgEB/wIBATAPBgSG
-jW8DAQH/BAQDAgABMHkGBIaNbwcBAf8EbjBsMCQCAQAwCQYFKw4DAhoFAAQUMmY3
-NGIxYWY0ZmNjMDYwZjc2NzYTD3RlcnNlIHN0YXRlbWVudIAXaHR0cDovL3d3dy52
-ZXJpc2lnbi5jb22BGmdldHNldC1jZW50ZXJAdmVyaXNpZ24uY29tMA0GCSqGSIb3
-DQEBBQUAA4IBAQAWoMS8Aj2sO0LDxRoMcnWTKY8nd8Jw2vl2Mgsm+0qCvcndICM5
-43N0y9uHlP8WeCZULbFz95gTL8mfP/QTu4EctMUkQgRHJnx80f0XSF3HE/X6zBbI
-9rit/bF6yP1mhkdss/vGanReDpki7q8pLx+VIIcxWst/366HP3dW1Fb7ECW/WmVV
-VMN93f/xqk9I4sXchVZcVKQT3W4tzv+qQvugrEi1dSEkbAy1CITEAEGiaFhGUyCe
-WPox3guRXaEHoINNeajGrISe6d//alsz5EEroBoLnM2ryqWfLAtRsf4rjNzTgklw
-lbiz0fw7bNkXKp5ZVr0wlnOjQnoSM6dTI0AV
------END CERTIFICATE-----
diff --git a/deps/openssl/openssl/apps/set/set_c_ca.pem b/deps/openssl/openssl/apps/set/set_c_ca.pem
deleted file mode 100644
index 48b2cbdc7cd..00000000000
--- a/deps/openssl/openssl/apps/set/set_c_ca.pem
+++ /dev/null
@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDeDCCAuGgAwIBAgIgOnl8J6lAYNDdTWtIojWCGnloNf4ufHjOZ4Fkxwg5xOsw
-DQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCVVMxFDASBgNVBAoTC0JDQTEwMTcx
-MTA0MSAwHgYDVQQDExdCcmFuZCBOYW1lOlByb2R1Y3QgVHlwZTAeFw05NjEwMjIw
-MDAwMDBaFw05NjExMjEyMzU5NTlaMEUxCzAJBgNVBAYTAlVTMRQwEgYDVQQKEwtD
-Q0ExMDIxMTYxNjEgMB4GA1UEAxMXQnJhbmQgTmFtZTpQcm9kdWN0IFR5cGUwgZ8w
-DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANA3a9+U8oXU3Dv1wJf8g0A7HjCRZAXc
-Y8E4OLOdye5aUssxifCE05qTPVqHMXo6cnCYcfroMdURhjQlswyTGtjQybgUnXjp
-pchw+V4D1DkN0ThErrMCh9ZFSykC0lUhQTRLESvbIb4Gal/HMAFAF5sj0GoOFi2H
-RRj7gpzBIU3xAgMBAAGjggFXMIIBUzBUBgNVHSMETTBLoSekJTAjMQswCQYDVQQG
-EwJVUzEUMBIGA1UEChMLUkNBMTAxMTE4MjmCIGApUs14Ad7t9VTGq2PpV8DylPQ7
-aATM2mor7lc1fWvZMA4GA1UdDwEB/wQEAwIBBjAuBgNVHRABAf8EJDAigA8xOTk2
-MTAyMjAxMTAwMFqBDzE5OTYxMTIxMjM1OTU5WjAbBgNVHSABAf8EETAPMA0GC2CG
-SAGG+EUBBwEBMBIGA1UdEwEB/wQIMAYBAf8CAQAwDwYEho1vAwEB/wQEAwIEEDB5
-BgSGjW8HAQH/BG4wbDAkAgEAMAkGBSsOAwIaBQAEFDJmNzRiMWFmNGZjYzA2MGY3
-Njc2Ew90ZXJzZSBzdGF0ZW1lbnSAF2h0dHA6Ly93d3cudmVyaXNpZ24uY29tgRpn
-ZXRzZXQtY2VudGVyQHZlcmlzaWduLmNvbTANBgkqhkiG9w0BAQUFAAOBgQBteLaZ
-u/TASC64UWPfhxYAUdys9DQ1pG/J1qPWNTkjOmpXFvW+7l/3nkxyRPgUoFNwx1e7
-XVVPr6zhy8LaaXppwfIZvVryzAUdbtijiUf/MO0hvV3w7e9NlCVProdU5H9EvCXr
-+IV8rH8fdEkirIVyw0JGHkuWhkmtS1HEwai9vg==
------END CERTIFICATE-----
diff --git a/deps/openssl/openssl/apps/set/set_d_ct.pem b/deps/openssl/openssl/apps/set/set_d_ct.pem
deleted file mode 100644
index 9f8c7d8b086..00000000000
--- a/deps/openssl/openssl/apps/set/set_d_ct.pem
+++ /dev/null
@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDdjCCAt+gAwIBAgIgRU5t24v72xVDpZ4iHpyoOAQaQmfio1yhTZAOkBfT2uUw
-DQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCVVMxFDASBgNVBAoTC0NDQTEwMjEx
-NjE2MSAwHgYDVQQDExdCcmFuZCBOYW1lOlByb2R1Y3QgVHlwZTAeFw05NjEwMjQw
-MDAwMDBaFw05NjExMjMyMzU5NTlaMG4xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdC
-cmFuZElEMSYwJAYDVQQLEx1Jc3N1aW5nIEZpbmFuY2lhbCBJbnN0aXR1dGlvbjEl
-MCMGA1UEAxMcR2lYb0t0VjViN1V0MHZKa2hkSG5RYmNzc2JrPTBcMA0GCSqGSIb3
-DQEBAQUAA0sAMEgCQQDIUxgpNB1aoSW585WErtN8WInCRWCqDj3RGT2mJye0F4SM
-/iT5ywdWMasmw18vpEpDlMypfZnRkUAdfyHcRABVAgMBAAGjggFwMIIBbDB2BgNV
-HSMEbzBtoUmkRzBFMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLQkNBMTAxNzExMDQx
-IDAeBgNVBAMTF0JyYW5kIE5hbWU6UHJvZHVjdCBUeXBlgiA6eXwnqUBg0N1Na0ii
-NYIaeWg1/i58eM5ngWTHCDnE6zAOBgNVHQ8BAf8EBAMCB4AwLgYDVR0QAQH/BCQw
-IoAPMTk5NjEwMjQwMTA0MDBagQ8xOTk2MTEyMzIzNTk1OVowGAYDVR0gBBEwDzAN
-BgtghkgBhvhFAQcBATAMBgNVHRMBAf8EAjAAMA8GBIaNbwMBAf8EBAMCB4AweQYE
-ho1vBwEB/wRuMGwwJAIBADAJBgUrDgMCGgUABBQzOTgyMzk4NzIzNzg5MTM0OTc4
-MhMPdGVyc2Ugc3RhdGVtZW50gBdodHRwOi8vd3d3LnZlcmlzaWduLmNvbYEaZ2V0
-c2V0LWNlbnRlckB2ZXJpc2lnbi5jb20wDQYJKoZIhvcNAQEFBQADgYEAVHCjhxeD
-mIFSkm3DpQAq7pGfcAFPWvSM9I9bK8qeFT1M5YQ+5fbPqaWlNcQlGKIe3cHd4+0P
-ndL5lb6UBhhA0kTzEYA38+HtBxPe/lokCv0bYfyWY9asUmvfbUrTYta0yjN7ixnV
-UqvxxHQHOAwhf6bcc7xNHapOxloWzGUU0RQ=
------END CERTIFICATE-----
diff --git a/deps/openssl/openssl/apps/set/set_root.pem b/deps/openssl/openssl/apps/set/set_root.pem
deleted file mode 100644
index 8dd104f058d..00000000000
--- a/deps/openssl/openssl/apps/set/set_root.pem
+++ /dev/null
@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDZzCCAk+gAwIBAgIgVqenwCYvmmxUIvi9gUMCa+uJGJ60mZecw9HrISXnLaYw
-DQYJKoZIhvcNAQEFBQAwIzELMAkGA1UEBhMCVVMxFDASBgNVBAoTC1JDQTEwMTEx
-ODI5MB4XDTk2MTAxMjAwMDAwMFoXDTk2MTExMTIzNTk1OVowIzELMAkGA1UEBhMC
-VVMxFDASBgNVBAoTC1JDQTEwMTExODI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAukca0PVUGFIYX7EyrShi+dVi9GTNzG0V2Wtdw6DqFzKfedba/KpE
-zqnRDV/wRZlBn3oXPS6kNCFiBPRV9mEFXI7y2W+q8/vPurjRDIXMsqQ+dAhKwf4q
-rofJBTiET4NUN0YTtpx6aYuoVubjiOgKdbqnUArxAWWP2Dkco17ipEYyUtd4sTAe
-/xKR02AHpbYGYPSHjMDS/nzUJ7uX4d51phs0rt7If48ExJSnDV/KoHMfm42mdmH2
-g23005qdHKY3UXeh10tZmb3QtGTSvF6OqpRZ+e9/ALklu7ZcIjqbb944ci4QWemb
-ZNWiDFrWWUoO1k942BI/iZ8Fh8pETYSDBQIDAQABo4GGMIGDMA4GA1UdDwEB/wQE
-AwIBBjAuBgNVHRABAf8EJDAigA8xOTk2MTAxMjAxMzQwMFqBDzE5OTYxMTExMjM1
-OTU5WjAbBgNVHSABAf8EETAPMA0GC2CGSAGG+EUBBwEBMBIGA1UdEwEB/wQIMAYB
-Af8CAQIwEAYEho1vAwEB/wQFAwMHAIAwDQYJKoZIhvcNAQEFBQADggEBAK4tntea
-y+ws7PdULwfqAS5osaoNvw73uBn5lROTpx91uhQbJyf0oZ3XG9GUuHZBpqG9qmr9
-vIL40RsvRpNMYgaNHKTxF716yx6rZmruAYZsrE3SpV63tQJCckKLPSge2E5uDhSQ
-O8UjusG+IRT9fKMXUHLv4OmZPOQVOSl1qTCN2XoJFqEPtC3Y9P4YR4xHL0P2jb1l
-DLdIbruuh+6omH+0XUZd5fKnQZTTi6gjl0iunj3wGnkcqGZtwr3j87ONiB/8tDwY
-vz8ceII4YYdX12PrNzn+fu3R5rChvPW4/ah/SaYQ2VQ0AupaIF4xrNJ/gLYYw0YO
-bxCrVJLd8tu9WgA=
------END CERTIFICATE-----
diff --git a/deps/openssl/openssl/apps/smime.c b/deps/openssl/openssl/apps/smime.c
deleted file mode 100644
index c583f8a0e16..00000000000
--- a/deps/openssl/openssl/apps/smime.c
+++ /dev/null
@@ -1,857 +0,0 @@
-/* smime.c */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 1999-2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* S/MIME utility function */
-
-#include 
-#include 
-#include "apps.h"
-#include 
-#include 
-#include 
-#include 
-#include 
-
-#undef PROG
-#define PROG smime_main
-static int save_certs(char *signerfile, STACK_OF(X509) *signers);
-static int smime_cb(int ok, X509_STORE_CTX *ctx);
-
-#define SMIME_OP	0x10
-#define SMIME_IP	0x20
-#define SMIME_SIGNERS	0x40
-#define SMIME_ENCRYPT	(1 | SMIME_OP)
-#define SMIME_DECRYPT	(2 | SMIME_IP)
-#define SMIME_SIGN	(3 | SMIME_OP | SMIME_SIGNERS)
-#define SMIME_VERIFY	(4 | SMIME_IP)
-#define SMIME_PK7OUT	(5 | SMIME_IP | SMIME_OP)
-#define SMIME_RESIGN	(6 | SMIME_IP | SMIME_OP | SMIME_SIGNERS)
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	ENGINE *e = NULL;
-	int operation = 0;
-	int ret = 0;
-	char **args;
-	const char *inmode = "r", *outmode = "w";
-	char *infile = NULL, *outfile = NULL;
-	char *signerfile = NULL, *recipfile = NULL;
-	STACK_OF(OPENSSL_STRING) *sksigners = NULL, *skkeys = NULL;
-	char *certfile = NULL, *keyfile = NULL, *contfile=NULL;
-	const EVP_CIPHER *cipher = NULL;
-	PKCS7 *p7 = NULL;
-	X509_STORE *store = NULL;
-	X509 *cert = NULL, *recip = NULL, *signer = NULL;
-	EVP_PKEY *key = NULL;
-	STACK_OF(X509) *encerts = NULL, *other = NULL;
-	BIO *in = NULL, *out = NULL, *indata = NULL;
-	int badarg = 0;
-	int flags = PKCS7_DETACHED;
-	char *to = NULL, *from = NULL, *subject = NULL;
-	char *CAfile = NULL, *CApath = NULL;
-	char *passargin = NULL, *passin = NULL;
-	char *inrand = NULL;
-	int need_rand = 0;
-	int indef = 0;
-	const EVP_MD *sign_md = NULL;
-	int informat = FORMAT_SMIME, outformat = FORMAT_SMIME;
-        int keyform = FORMAT_PEM;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-
-	X509_VERIFY_PARAM *vpm = NULL;
-
-	args = argv + 1;
-	ret = 1;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		{
-		if ((bio_err = BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err, stderr, BIO_NOCLOSE|BIO_FP_TEXT);
-		}
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	while (!badarg && *args && *args[0] == '-')
-		{
-		if (!strcmp (*args, "-encrypt"))
-			operation = SMIME_ENCRYPT;
-		else if (!strcmp (*args, "-decrypt"))
-			operation = SMIME_DECRYPT;
-		else if (!strcmp (*args, "-sign"))
-			operation = SMIME_SIGN;
-		else if (!strcmp (*args, "-resign"))
-			operation = SMIME_RESIGN;
-		else if (!strcmp (*args, "-verify"))
-			operation = SMIME_VERIFY;
-		else if (!strcmp (*args, "-pk7out"))
-			operation = SMIME_PK7OUT;
-#ifndef OPENSSL_NO_DES
-		else if (!strcmp (*args, "-des3")) 
-				cipher = EVP_des_ede3_cbc();
-		else if (!strcmp (*args, "-des")) 
-				cipher = EVP_des_cbc();
-#endif
-#ifndef OPENSSL_NO_SEED
-		else if (!strcmp (*args, "-seed")) 
-				cipher = EVP_seed_cbc();
-#endif
-#ifndef OPENSSL_NO_RC2
-		else if (!strcmp (*args, "-rc2-40")) 
-				cipher = EVP_rc2_40_cbc();
-		else if (!strcmp (*args, "-rc2-128")) 
-				cipher = EVP_rc2_cbc();
-		else if (!strcmp (*args, "-rc2-64")) 
-				cipher = EVP_rc2_64_cbc();
-#endif
-#ifndef OPENSSL_NO_AES
-		else if (!strcmp(*args,"-aes128"))
-				cipher = EVP_aes_128_cbc();
-		else if (!strcmp(*args,"-aes192"))
-				cipher = EVP_aes_192_cbc();
-		else if (!strcmp(*args,"-aes256"))
-				cipher = EVP_aes_256_cbc();
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-		else if (!strcmp(*args,"-camellia128"))
-				cipher = EVP_camellia_128_cbc();
-		else if (!strcmp(*args,"-camellia192"))
-				cipher = EVP_camellia_192_cbc();
-		else if (!strcmp(*args,"-camellia256"))
-				cipher = EVP_camellia_256_cbc();
-#endif
-		else if (!strcmp (*args, "-text")) 
-				flags |= PKCS7_TEXT;
-		else if (!strcmp (*args, "-nointern")) 
-				flags |= PKCS7_NOINTERN;
-		else if (!strcmp (*args, "-noverify")) 
-				flags |= PKCS7_NOVERIFY;
-		else if (!strcmp (*args, "-nochain")) 
-				flags |= PKCS7_NOCHAIN;
-		else if (!strcmp (*args, "-nocerts")) 
-				flags |= PKCS7_NOCERTS;
-		else if (!strcmp (*args, "-noattr")) 
-				flags |= PKCS7_NOATTR;
-		else if (!strcmp (*args, "-nodetach")) 
-				flags &= ~PKCS7_DETACHED;
-		else if (!strcmp (*args, "-nosmimecap"))
-				flags |= PKCS7_NOSMIMECAP;
-		else if (!strcmp (*args, "-binary"))
-				flags |= PKCS7_BINARY;
-		else if (!strcmp (*args, "-nosigs"))
-				flags |= PKCS7_NOSIGS;
-		else if (!strcmp (*args, "-stream"))
-				indef = 1;
-		else if (!strcmp (*args, "-indef"))
-				indef = 1;
-		else if (!strcmp (*args, "-noindef"))
-				indef = 0;
-		else if (!strcmp (*args, "-nooldmime"))
-				flags |= PKCS7_NOOLDMIMETYPE;
-		else if (!strcmp (*args, "-crlfeol"))
-				flags |= PKCS7_CRLFEOL;
-		else if (!strcmp(*args,"-rand"))
-			{
-			if (!args[1])
-				goto argerr;
-			args++;
-			inrand = *args;
-			need_rand = 1;
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (!strcmp(*args,"-engine"))
-			{
-			if (!args[1])
-				goto argerr;
-			engine = *++args;
-			}
-#endif
-		else if (!strcmp(*args,"-passin"))
-			{
-			if (!args[1])
-				goto argerr;
-			passargin = *++args;
-			}
-		else if (!strcmp (*args, "-to"))
-			{
-			if (!args[1])
-				goto argerr;
-			to = *++args;
-			}
-		else if (!strcmp (*args, "-from"))
-			{
-			if (!args[1])
-				goto argerr;
-			from = *++args;
-			}
-		else if (!strcmp (*args, "-subject"))
-			{
-			if (!args[1])
-				goto argerr;
-			subject = *++args;
-			}
-		else if (!strcmp (*args, "-signer"))
-			{
-			if (!args[1])
-				goto argerr;
-			/* If previous -signer argument add signer to list */
-
-			if (signerfile)
-				{
-				if (!sksigners)
-					sksigners = sk_OPENSSL_STRING_new_null();
-				sk_OPENSSL_STRING_push(sksigners, signerfile);
-				if (!keyfile)
-					keyfile = signerfile;
-				if (!skkeys)
-					skkeys = sk_OPENSSL_STRING_new_null();
-				sk_OPENSSL_STRING_push(skkeys, keyfile);
-				keyfile = NULL;
-				}
-			signerfile = *++args;
-			}
-		else if (!strcmp (*args, "-recip"))
-			{
-			if (!args[1])
-				goto argerr;
-			recipfile = *++args;
-			}
-		else if (!strcmp (*args, "-md"))
-			{
-			if (!args[1])
-				goto argerr;
-			sign_md = EVP_get_digestbyname(*++args);
-			if (sign_md == NULL)
-				{
-				BIO_printf(bio_err, "Unknown digest %s\n",
-							*args);
-				goto argerr;
-				}
-			}
-		else if (!strcmp (*args, "-inkey"))
-			{
-			if (!args[1])	
-				goto argerr;
-			/* If previous -inkey arument add signer to list */
-			if (keyfile)
-				{
-				if (!signerfile)
-					{
-					BIO_puts(bio_err, "Illegal -inkey without -signer\n");
-					goto argerr;
-					}
-				if (!sksigners)
-					sksigners = sk_OPENSSL_STRING_new_null();
-				sk_OPENSSL_STRING_push(sksigners, signerfile);
-				signerfile = NULL;
-				if (!skkeys)
-					skkeys = sk_OPENSSL_STRING_new_null();
-				sk_OPENSSL_STRING_push(skkeys, keyfile);
-				}
-			keyfile = *++args;
-			}
-		else if (!strcmp (*args, "-keyform"))
-			{
-			if (!args[1])
-				goto argerr;
-			keyform = str2fmt(*++args);
-			}
-		else if (!strcmp (*args, "-certfile"))
-			{
-			if (!args[1])
-				goto argerr;
-			certfile = *++args;
-			}
-		else if (!strcmp (*args, "-CAfile"))
-			{
-			if (!args[1])
-				goto argerr;
-			CAfile = *++args;
-			}
-		else if (!strcmp (*args, "-CApath"))
-			{
-			if (!args[1])
-				goto argerr;
-			CApath = *++args;
-			}
-		else if (!strcmp (*args, "-in"))
-			{
-			if (!args[1])
-				goto argerr;
-			infile = *++args;
-			}
-		else if (!strcmp (*args, "-inform"))
-			{
-			if (!args[1])
-				goto argerr;
-			informat = str2fmt(*++args);
-			}
-		else if (!strcmp (*args, "-outform"))
-			{
-			if (!args[1])
-				goto argerr;
-			outformat = str2fmt(*++args);
-			}
-		else if (!strcmp (*args, "-out"))
-			{
-			if (!args[1])
-				goto argerr;
-			outfile = *++args;
-			}
-		else if (!strcmp (*args, "-content"))
-			{
-			if (!args[1])
-				goto argerr;
-			contfile = *++args;
-			}
-		else if (args_verify(&args, NULL, &badarg, bio_err, &vpm))
-			continue;
-		else if ((cipher = EVP_get_cipherbyname(*args + 1)) == NULL)
-			badarg = 1;
-		args++;
-		}
-
-	if (!(operation & SMIME_SIGNERS) && (skkeys || sksigners))
-		{
-		BIO_puts(bio_err, "Multiple signers or keys not allowed\n");
-		goto argerr;
-		}
-
-	if (operation & SMIME_SIGNERS)
-		{
-		/* Check to see if any final signer needs to be appended */
-		if (keyfile && !signerfile)
-			{
-			BIO_puts(bio_err, "Illegal -inkey without -signer\n");
-			goto argerr;
-			}
-		if (signerfile)
-			{
-			if (!sksigners)
-				sksigners = sk_OPENSSL_STRING_new_null();
-			sk_OPENSSL_STRING_push(sksigners, signerfile);
-			if (!skkeys)
-				skkeys = sk_OPENSSL_STRING_new_null();
-			if (!keyfile)
-				keyfile = signerfile;
-			sk_OPENSSL_STRING_push(skkeys, keyfile);
-			}
-		if (!sksigners)
-			{
-			BIO_printf(bio_err, "No signer certificate specified\n");
-			badarg = 1;
-			}
-		signerfile = NULL;
-		keyfile = NULL;
-		need_rand = 1;
-		}
-	else if (operation == SMIME_DECRYPT)
-		{
-		if (!recipfile && !keyfile)
-			{
-			BIO_printf(bio_err, "No recipient certificate or key specified\n");
-			badarg = 1;
-			}
-		}
-	else if (operation == SMIME_ENCRYPT)
-		{
-		if (!*args)
-			{
-			BIO_printf(bio_err, "No recipient(s) certificate(s) specified\n");
-			badarg = 1;
-			}
-		need_rand = 1;
-		}
-	else if (!operation)
-		badarg = 1;
-
-	if (badarg)
-		{
-		argerr:
-		BIO_printf (bio_err, "Usage smime [options] cert.pem ...\n");
-		BIO_printf (bio_err, "where options are\n");
-		BIO_printf (bio_err, "-encrypt       encrypt message\n");
-		BIO_printf (bio_err, "-decrypt       decrypt encrypted message\n");
-		BIO_printf (bio_err, "-sign          sign message\n");
-		BIO_printf (bio_err, "-verify        verify signed message\n");
-		BIO_printf (bio_err, "-pk7out        output PKCS#7 structure\n");
-#ifndef OPENSSL_NO_DES
-		BIO_printf (bio_err, "-des3          encrypt with triple DES\n");
-		BIO_printf (bio_err, "-des           encrypt with DES\n");
-#endif
-#ifndef OPENSSL_NO_SEED
-		BIO_printf (bio_err, "-seed          encrypt with SEED\n");
-#endif
-#ifndef OPENSSL_NO_RC2
-		BIO_printf (bio_err, "-rc2-40        encrypt with RC2-40 (default)\n");
-		BIO_printf (bio_err, "-rc2-64        encrypt with RC2-64\n");
-		BIO_printf (bio_err, "-rc2-128       encrypt with RC2-128\n");
-#endif
-#ifndef OPENSSL_NO_AES
-		BIO_printf (bio_err, "-aes128, -aes192, -aes256\n");
-		BIO_printf (bio_err, "               encrypt PEM output with cbc aes\n");
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-		BIO_printf (bio_err, "-camellia128, -camellia192, -camellia256\n");
-		BIO_printf (bio_err, "               encrypt PEM output with cbc camellia\n");
-#endif
-		BIO_printf (bio_err, "-nointern      don't search certificates in message for signer\n");
-		BIO_printf (bio_err, "-nosigs        don't verify message signature\n");
-		BIO_printf (bio_err, "-noverify      don't verify signers certificate\n");
-		BIO_printf (bio_err, "-nocerts       don't include signers certificate when signing\n");
-		BIO_printf (bio_err, "-nodetach      use opaque signing\n");
-		BIO_printf (bio_err, "-noattr        don't include any signed attributes\n");
-		BIO_printf (bio_err, "-binary        don't translate message to text\n");
-		BIO_printf (bio_err, "-certfile file other certificates file\n");
-		BIO_printf (bio_err, "-signer file   signer certificate file\n");
-		BIO_printf (bio_err, "-recip  file   recipient certificate file for decryption\n");
-		BIO_printf (bio_err, "-in file       input file\n");
-		BIO_printf (bio_err, "-inform arg    input format SMIME (default), PEM or DER\n");
-		BIO_printf (bio_err, "-inkey file    input private key (if not signer or recipient)\n");
-		BIO_printf (bio_err, "-keyform arg   input private key format (PEM or ENGINE)\n");
-		BIO_printf (bio_err, "-out file      output file\n");
-		BIO_printf (bio_err, "-outform arg   output format SMIME (default), PEM or DER\n");
-		BIO_printf (bio_err, "-content file  supply or override content for detached signature\n");
-		BIO_printf (bio_err, "-to addr       to address\n");
-		BIO_printf (bio_err, "-from ad       from address\n");
-		BIO_printf (bio_err, "-subject s     subject\n");
-		BIO_printf (bio_err, "-text          include or delete text MIME headers\n");
-		BIO_printf (bio_err, "-CApath dir    trusted certificates directory\n");
-		BIO_printf (bio_err, "-CAfile file   trusted certificates file\n");
-		BIO_printf (bio_err, "-crl_check     check revocation status of signer's certificate using CRLs\n");
-		BIO_printf (bio_err, "-crl_check_all check revocation status of signer's certificate chain using CRLs\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf (bio_err, "-engine e      use engine e, possibly a hardware device.\n");
-#endif
-		BIO_printf (bio_err, "-passin arg    input file pass phrase source\n");
-		BIO_printf(bio_err,  "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
-		BIO_printf(bio_err,  "               load the file (or the files in the directory) into\n");
-		BIO_printf(bio_err,  "               the random number generator\n");
-		BIO_printf (bio_err, "cert.pem       recipient certificate(s) for encryption\n");
-		goto end;
-		}
-
-#ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
-#endif
-
-	if (!app_passwd(bio_err, passargin, NULL, &passin, NULL))
-		{
-		BIO_printf(bio_err, "Error getting password\n");
-		goto end;
-		}
-
-	if (need_rand)
-		{
-		app_RAND_load_file(NULL, bio_err, (inrand != NULL));
-		if (inrand != NULL)
-			BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
-				app_RAND_load_files(inrand));
-		}
-
-	ret = 2;
-
-	if (!(operation & SMIME_SIGNERS))
-		flags &= ~PKCS7_DETACHED;
-
-	if (operation & SMIME_OP)
-		{
-		if (outformat == FORMAT_ASN1)
-			outmode = "wb";
-		}
-	else
-		{
-		if (flags & PKCS7_BINARY)
-			outmode = "wb";
-		}
-
-	if (operation & SMIME_IP)
-		{
-		if (informat == FORMAT_ASN1)
-			inmode = "rb";
-		}
-	else
-		{
-		if (flags & PKCS7_BINARY)
-			inmode = "rb";
-		}
-
-	if (operation == SMIME_ENCRYPT)
-		{
-		if (!cipher)
-			{
-#ifndef OPENSSL_NO_RC2			
-			cipher = EVP_rc2_40_cbc();
-#else
-			BIO_printf(bio_err, "No cipher selected\n");
-			goto end;
-#endif
-			}
-		encerts = sk_X509_new_null();
-		while (*args)
-			{
-			if (!(cert = load_cert(bio_err,*args,FORMAT_PEM,
-				NULL, e, "recipient certificate file")))
-				{
-#if 0				/* An appropriate message is already printed */
-				BIO_printf(bio_err, "Can't read recipient certificate file %s\n", *args);
-#endif
-				goto end;
-				}
-			sk_X509_push(encerts, cert);
-			cert = NULL;
-			args++;
-			}
-		}
-
-	if (certfile)
-		{
-		if (!(other = load_certs(bio_err,certfile,FORMAT_PEM, NULL,
-			e, "certificate file")))
-			{
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		}
-
-	if (recipfile && (operation == SMIME_DECRYPT))
-		{
-		if (!(recip = load_cert(bio_err,recipfile,FORMAT_PEM,NULL,
-			e, "recipient certificate file")))
-			{
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		}
-
-	if (operation == SMIME_DECRYPT)
-		{
-		if (!keyfile)
-			keyfile = recipfile;
-		}
-	else if (operation == SMIME_SIGN)
-		{
-		if (!keyfile)
-			keyfile = signerfile;
-		}
-	else keyfile = NULL;
-
-	if (keyfile)
-		{
-		key = load_key(bio_err, keyfile, keyform, 0, passin, e,
-			       "signing key file");
-		if (!key)
-			goto end;
-		}
-
-	if (infile)
-		{
-		if (!(in = BIO_new_file(infile, inmode)))
-			{
-			BIO_printf (bio_err,
-				 "Can't open input file %s\n", infile);
-			goto end;
-			}
-		}
-	else
-		in = BIO_new_fp(stdin, BIO_NOCLOSE);
-
-	if (operation & SMIME_IP)
-		{
-		if (informat == FORMAT_SMIME) 
-			p7 = SMIME_read_PKCS7(in, &indata);
-		else if (informat == FORMAT_PEM) 
-			p7 = PEM_read_bio_PKCS7(in, NULL, NULL, NULL);
-		else if (informat == FORMAT_ASN1) 
-			p7 = d2i_PKCS7_bio(in, NULL);
-		else
-			{
-			BIO_printf(bio_err, "Bad input format for PKCS#7 file\n");
-			goto end;
-			}
-
-		if (!p7)
-			{
-			BIO_printf(bio_err, "Error reading S/MIME message\n");
-			goto end;
-			}
-		if (contfile)
-			{
-			BIO_free(indata);
-			if (!(indata = BIO_new_file(contfile, "rb")))
-				{
-				BIO_printf(bio_err, "Can't read content file %s\n", contfile);
-				goto end;
-				}
-			}
-		}
-
-	if (outfile)
-		{
-		if (!(out = BIO_new_file(outfile, outmode)))
-			{
-			BIO_printf (bio_err,
-				 "Can't open output file %s\n", outfile);
-			goto end;
-			}
-		}
-	else
-		{
-		out = BIO_new_fp(stdout, BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		    BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		    out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
-
-	if (operation == SMIME_VERIFY)
-		{
-		if (!(store = setup_verify(bio_err, CAfile, CApath)))
-			goto end;
-		X509_STORE_set_verify_cb(store, smime_cb);
-		if (vpm)
-			X509_STORE_set1_param(store, vpm);
-		}
-
-
-	ret = 3;
-
-	if (operation == SMIME_ENCRYPT)
-		{
-		if (indef)
-			flags |= PKCS7_STREAM;
-		p7 = PKCS7_encrypt(encerts, in, cipher, flags);
-		}
-	else if (operation & SMIME_SIGNERS)
-		{
-		int i;
-		/* If detached data content we only enable streaming if
-		 * S/MIME output format.
-		 */
-		if (operation == SMIME_SIGN)
-			{
-			if (flags & PKCS7_DETACHED)
-				{
-				if (outformat == FORMAT_SMIME)
-					flags |= PKCS7_STREAM;
-				}
-			else if (indef)
-				flags |= PKCS7_STREAM;
-			flags |= PKCS7_PARTIAL;
-			p7 = PKCS7_sign(NULL, NULL, other, in, flags);
-			if (!p7)
-				goto end;
-			}
-		else
-			flags |= PKCS7_REUSE_DIGEST;
-		for (i = 0; i < sk_OPENSSL_STRING_num(sksigners); i++)
-			{
-			signerfile = sk_OPENSSL_STRING_value(sksigners, i);
-			keyfile = sk_OPENSSL_STRING_value(skkeys, i);
-			signer = load_cert(bio_err, signerfile,FORMAT_PEM, NULL,
-					e, "signer certificate");
-			if (!signer)
-				goto end;
-			key = load_key(bio_err, keyfile, keyform, 0, passin, e,
-			       "signing key file");
-			if (!key)
-				goto end;
-			if (!PKCS7_sign_add_signer(p7, signer, key,
-						sign_md, flags))
-				goto end;
-			X509_free(signer);
-			signer = NULL;
-			EVP_PKEY_free(key);
-			key = NULL;
-			}
-		/* If not streaming or resigning finalize structure */
-		if ((operation == SMIME_SIGN) && !(flags & PKCS7_STREAM))
-			{
-			if (!PKCS7_final(p7, in, flags))
-				goto end;
-			}
-		}
-
-	if (!p7)
-		{
-		BIO_printf(bio_err, "Error creating PKCS#7 structure\n");
-		goto end;
-		}
-
-	ret = 4;
-	if (operation == SMIME_DECRYPT)
-		{
-		if (!PKCS7_decrypt(p7, key, recip, out, flags))
-			{
-			BIO_printf(bio_err, "Error decrypting PKCS#7 structure\n");
-			goto end;
-			}
-		}
-	else if (operation == SMIME_VERIFY)
-		{
-		STACK_OF(X509) *signers;
-		if (PKCS7_verify(p7, other, store, indata, out, flags))
-			BIO_printf(bio_err, "Verification successful\n");
-		else
-			{
-			BIO_printf(bio_err, "Verification failure\n");
-			goto end;
-			}
-		signers = PKCS7_get0_signers(p7, other, flags);
-		if (!save_certs(signerfile, signers))
-			{
-			BIO_printf(bio_err, "Error writing signers to %s\n",
-								signerfile);
-			ret = 5;
-			goto end;
-			}
-		sk_X509_free(signers);
-		}
-	else if (operation == SMIME_PK7OUT)
-		PEM_write_bio_PKCS7(out, p7);
-	else
-		{
-		if (to)
-			BIO_printf(out, "To: %s\n", to);
-		if (from)
-			BIO_printf(out, "From: %s\n", from);
-		if (subject)
-			BIO_printf(out, "Subject: %s\n", subject);
-		if (outformat == FORMAT_SMIME) 
-			{
-			if (operation == SMIME_RESIGN)
-				SMIME_write_PKCS7(out, p7, indata, flags);
-			else
-				SMIME_write_PKCS7(out, p7, in, flags);
-			}
-		else if (outformat == FORMAT_PEM) 
-			PEM_write_bio_PKCS7_stream(out, p7, in, flags);
-		else if (outformat == FORMAT_ASN1) 
-			i2d_PKCS7_bio_stream(out,p7, in, flags);
-		else
-			{
-			BIO_printf(bio_err, "Bad output format for PKCS#7 file\n");
-			goto end;
-			}
-		}
-	ret = 0;
-end:
-	if (need_rand)
-		app_RAND_write_file(NULL, bio_err);
-	if (ret) ERR_print_errors(bio_err);
-	sk_X509_pop_free(encerts, X509_free);
-	sk_X509_pop_free(other, X509_free);
-	if (vpm)
-		X509_VERIFY_PARAM_free(vpm);
-	if (sksigners)
-		sk_OPENSSL_STRING_free(sksigners);
-	if (skkeys)
-		sk_OPENSSL_STRING_free(skkeys);
-	X509_STORE_free(store);
-	X509_free(cert);
-	X509_free(recip);
-	X509_free(signer);
-	EVP_PKEY_free(key);
-	PKCS7_free(p7);
-	BIO_free(in);
-	BIO_free(indata);
-	BIO_free_all(out);
-	if (passin) OPENSSL_free(passin);
-	return (ret);
-}
-
-static int save_certs(char *signerfile, STACK_OF(X509) *signers)
-	{
-	int i;
-	BIO *tmp;
-	if (!signerfile)
-		return 1;
-	tmp = BIO_new_file(signerfile, "w");
-	if (!tmp) return 0;
-	for(i = 0; i < sk_X509_num(signers); i++)
-		PEM_write_bio_X509(tmp, sk_X509_value(signers, i));
-	BIO_free(tmp);
-	return 1;
-	}
-	
-
-/* Minimal callback just to output policy info (if any) */
-
-static int smime_cb(int ok, X509_STORE_CTX *ctx)
-	{
-	int error;
-
-	error = X509_STORE_CTX_get_error(ctx);
-
-	if ((error != X509_V_ERR_NO_EXPLICIT_POLICY)
-		&& ((error != X509_V_OK) || (ok != 2)))
-		return ok;
-
-	policies_print(NULL, ctx);
-
-	return ok;
-
-	}
diff --git a/deps/openssl/openssl/apps/speed.c b/deps/openssl/openssl/apps/speed.c
deleted file mode 100644
index b3c5442493a..00000000000
--- a/deps/openssl/openssl/apps/speed.c
+++ /dev/null
@@ -1,2787 +0,0 @@
-/* apps/speed.c -*- mode:C; c-file-style: "eay" -*- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by 
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the OpenSSL open source
- * license provided above.
- *
- * The ECDH and ECDSA speed test software is originally written by 
- * Sumit Gupta of Sun Microsystems Laboratories.
- *
- */
-
-/* most of this code has been pilfered from my libdes speed.c program */
-
-#ifndef OPENSSL_NO_SPEED
-
-#undef SECONDS
-#define SECONDS		3	
-#define RSA_SECONDS	10
-#define DSA_SECONDS	10
-#define ECDSA_SECONDS   10
-#define ECDH_SECONDS    10
-
-/* 11-Sep-92 Andrew Daviel   Support for Silicon Graphics IRIX added */
-/* 06-Apr-92 Luke Brennan    Support for VMS and add extra signal calls */
-
-#undef PROG
-#define PROG speed_main
-
-#include 
-#include 
-
-#include 
-#include 
-#include "apps.h"
-#ifdef OPENSSL_NO_STDIO
-#define APPS_WIN16
-#endif
-#include 
-#include 
-#include 
-#include 
-#include 
-#if !defined(OPENSSL_SYS_MSDOS)
-#include OPENSSL_UNISTD
-#endif
-
-#ifndef OPENSSL_SYS_NETWARE
-#include 
-#endif
-
-#ifdef _WIN32
-#include 
-#endif
-
-#include 
-#ifndef OPENSSL_NO_DES
-#include 
-#endif
-#ifndef OPENSSL_NO_AES
-#include 
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-#include 
-#endif
-#ifndef OPENSSL_NO_MD2
-#include 
-#endif
-#ifndef OPENSSL_NO_MDC2
-#include 
-#endif
-#ifndef OPENSSL_NO_MD4
-#include 
-#endif
-#ifndef OPENSSL_NO_MD5
-#include 
-#endif
-#ifndef OPENSSL_NO_HMAC
-#include 
-#endif
-#include 
-#ifndef OPENSSL_NO_SHA
-#include 
-#endif
-#ifndef OPENSSL_NO_RIPEMD
-#include 
-#endif
-#ifndef OPENSSL_NO_WHIRLPOOL
-#include 
-#endif
-#ifndef OPENSSL_NO_RC4
-#include 
-#endif
-#ifndef OPENSSL_NO_RC5
-#include 
-#endif
-#ifndef OPENSSL_NO_RC2
-#include 
-#endif
-#ifndef OPENSSL_NO_IDEA
-#include 
-#endif
-#ifndef OPENSSL_NO_SEED
-#include 
-#endif
-#ifndef OPENSSL_NO_BF
-#include 
-#endif
-#ifndef OPENSSL_NO_CAST
-#include 
-#endif
-#ifndef OPENSSL_NO_RSA
-#include 
-#include "./testrsa.h"
-#endif
-#include 
-#ifndef OPENSSL_NO_DSA
-#include 
-#include "./testdsa.h"
-#endif
-#ifndef OPENSSL_NO_ECDSA
-#include 
-#endif
-#ifndef OPENSSL_NO_ECDH
-#include 
-#endif
-
-#ifndef HAVE_FORK
-# if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_NETWARE)
-#  define HAVE_FORK 0
-# else
-#  define HAVE_FORK 1
-# endif
-#endif
-
-#if HAVE_FORK
-#undef NO_FORK
-#else
-#define NO_FORK
-#endif
-
-#undef BUFSIZE
-#define BUFSIZE	((long)1024*8+1)
-int run=0;
-
-static int mr=0;
-static int usertime=1;
-
-static double Time_F(int s);
-static void print_message(const char *s,long num,int length);
-static void pkey_print_message(const char *str, const char *str2,
-	long num, int bits, int sec);
-static void print_result(int alg,int run_no,int count,double time_used);
-#ifndef NO_FORK
-static int do_multi(int multi);
-#endif
-
-#define ALGOR_NUM	29
-#define SIZE_NUM	5
-#define RSA_NUM		4
-#define DSA_NUM		3
-
-#define EC_NUM       16
-#define MAX_ECDH_SIZE 256
-
-static const char *names[ALGOR_NUM]={
-  "md2","mdc2","md4","md5","hmac(md5)","sha1","rmd160","rc4",
-  "des cbc","des ede3","idea cbc","seed cbc",
-  "rc2 cbc","rc5-32/12 cbc","blowfish cbc","cast cbc",
-  "aes-128 cbc","aes-192 cbc","aes-256 cbc",
-  "camellia-128 cbc","camellia-192 cbc","camellia-256 cbc",
-  "evp","sha256","sha512","whirlpool",
-  "aes-128 ige","aes-192 ige","aes-256 ige"};
-static double results[ALGOR_NUM][SIZE_NUM];
-static int lengths[SIZE_NUM]={16,64,256,1024,8*1024};
-#ifndef OPENSSL_NO_RSA
-static double rsa_results[RSA_NUM][2];
-#endif
-#ifndef OPENSSL_NO_DSA
-static double dsa_results[DSA_NUM][2];
-#endif
-#ifndef OPENSSL_NO_ECDSA
-static double ecdsa_results[EC_NUM][2];
-#endif
-#ifndef OPENSSL_NO_ECDH
-static double ecdh_results[EC_NUM][1];
-#endif
-
-#if defined(OPENSSL_NO_DSA) && !(defined(OPENSSL_NO_ECDSA) && defined(OPENSSL_NO_ECDH))
-static const char rnd_seed[] = "string to make the random number generator think it has entropy";
-static int rnd_fake = 0;
-#endif
-
-#ifdef SIGALRM
-#if defined(__STDC__) || defined(sgi) || defined(_AIX)
-#define SIGRETTYPE void
-#else
-#define SIGRETTYPE int
-#endif 
-
-static SIGRETTYPE sig_done(int sig);
-static SIGRETTYPE sig_done(int sig)
-	{
-	signal(SIGALRM,sig_done);
-	run=0;
-#ifdef LINT
-	sig=sig;
-#endif
-	}
-#endif
-
-#define START	0
-#define STOP	1
-
-#if defined(_WIN32)
-
-#define SIGALRM
-static unsigned int lapse,schlock;
-static void alarm(unsigned int secs) { lapse = secs*1000; }
-
-static DWORD WINAPI sleepy(VOID *arg)
-	{
-	schlock = 1;
-	Sleep(lapse);
-	run = 0;
-	return 0;
-	}
-
-static double Time_F(int s)
-	{
-	if (s == START)
-		{
-		HANDLE	thr;
-		schlock = 0;
-		thr = CreateThread(NULL,4096,sleepy,NULL,0,NULL);
-		if (thr==NULL)
-			{
-			DWORD ret=GetLastError();
-			BIO_printf(bio_err,"unable to CreateThread (%d)",ret);
-			ExitProcess(ret);
-			}
-		CloseHandle(thr);		/* detach the thread	*/
-		while (!schlock) Sleep(0);	/* scheduler spinlock	*/
-		}
-
-	return app_tminterval(s,usertime);
-	}
-#else
-
-static double Time_F(int s)
-	{
-	return app_tminterval(s,usertime);
-	}
-#endif
-
-
-#ifndef OPENSSL_NO_ECDH
-static const int KDF1_SHA1_len = 20;
-static void *KDF1_SHA1(const void *in, size_t inlen, void *out, size_t *outlen)
-	{
-#ifndef OPENSSL_NO_SHA
-	if (*outlen < SHA_DIGEST_LENGTH)
-		return NULL;
-	else
-		*outlen = SHA_DIGEST_LENGTH;
-	return SHA1(in, inlen, out);
-#else
-	return NULL;
-#endif	/* OPENSSL_NO_SHA */
-	}
-#endif	/* OPENSSL_NO_ECDH */
-
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	unsigned char *buf=NULL,*buf2=NULL;
-	int mret=1;
-	long count=0,save_count=0;
-	int i,j,k;
-#if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA)
-	long rsa_count;
-#endif
-#ifndef OPENSSL_NO_RSA
-	unsigned rsa_num;
-#endif
-	unsigned char md[EVP_MAX_MD_SIZE];
-#ifndef OPENSSL_NO_MD2
-	unsigned char md2[MD2_DIGEST_LENGTH];
-#endif
-#ifndef OPENSSL_NO_MDC2
-	unsigned char mdc2[MDC2_DIGEST_LENGTH];
-#endif
-#ifndef OPENSSL_NO_MD4
-	unsigned char md4[MD4_DIGEST_LENGTH];
-#endif
-#ifndef OPENSSL_NO_MD5
-	unsigned char md5[MD5_DIGEST_LENGTH];
-	unsigned char hmac[MD5_DIGEST_LENGTH];
-#endif
-#ifndef OPENSSL_NO_SHA
-	unsigned char sha[SHA_DIGEST_LENGTH];
-#ifndef OPENSSL_NO_SHA256
-	unsigned char sha256[SHA256_DIGEST_LENGTH];
-#endif
-#ifndef OPENSSL_NO_SHA512
-	unsigned char sha512[SHA512_DIGEST_LENGTH];
-#endif
-#endif
-#ifndef OPENSSL_NO_WHIRLPOOL
-	unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH];
-#endif
-#ifndef OPENSSL_NO_RIPEMD
-	unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
-#endif
-#ifndef OPENSSL_NO_RC4
-	RC4_KEY rc4_ks;
-#endif
-#ifndef OPENSSL_NO_RC5
-	RC5_32_KEY rc5_ks;
-#endif
-#ifndef OPENSSL_NO_RC2
-	RC2_KEY rc2_ks;
-#endif
-#ifndef OPENSSL_NO_IDEA
-	IDEA_KEY_SCHEDULE idea_ks;
-#endif
-#ifndef OPENSSL_NO_SEED
-	SEED_KEY_SCHEDULE seed_ks;
-#endif
-#ifndef OPENSSL_NO_BF
-	BF_KEY bf_ks;
-#endif
-#ifndef OPENSSL_NO_CAST
-	CAST_KEY cast_ks;
-#endif
-	static const unsigned char key16[16]=
-		{0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
-		 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
-#ifndef OPENSSL_NO_AES
-	static const unsigned char key24[24]=
-		{0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
-		 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,
-		 0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
-	static const unsigned char key32[32]=
-		{0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
-		 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,
-		 0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34,
-		 0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34,0x56};
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-	static const unsigned char ckey24[24]=
-		{0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
-		 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,
-		 0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
-	static const unsigned char ckey32[32]=
-		{0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
-		 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,
-		 0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34,
-		 0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34,0x56};
-#endif
-#ifndef OPENSSL_NO_AES
-#define MAX_BLOCK_SIZE 128
-#else
-#define MAX_BLOCK_SIZE 64
-#endif
-	unsigned char DES_iv[8];
-	unsigned char iv[2*MAX_BLOCK_SIZE/8];
-#ifndef OPENSSL_NO_DES
-	static DES_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
-	static DES_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
-	static DES_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
-	DES_key_schedule sch;
-	DES_key_schedule sch2;
-	DES_key_schedule sch3;
-#endif
-#ifndef OPENSSL_NO_AES
-	AES_KEY aes_ks1, aes_ks2, aes_ks3;
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-	CAMELLIA_KEY camellia_ks1, camellia_ks2, camellia_ks3;
-#endif
-#define	D_MD2		0
-#define	D_MDC2		1
-#define	D_MD4		2
-#define	D_MD5		3
-#define	D_HMAC		4
-#define	D_SHA1		5
-#define D_RMD160	6
-#define	D_RC4		7
-#define	D_CBC_DES	8
-#define	D_EDE3_DES	9
-#define	D_CBC_IDEA	10
-#define	D_CBC_SEED	11
-#define	D_CBC_RC2	12
-#define	D_CBC_RC5	13
-#define	D_CBC_BF	14
-#define	D_CBC_CAST	15
-#define D_CBC_128_AES	16
-#define D_CBC_192_AES	17
-#define D_CBC_256_AES	18
-#define D_CBC_128_CML   19 
-#define D_CBC_192_CML   20
-#define D_CBC_256_CML   21 
-#define D_EVP		22
-#define D_SHA256	23	
-#define D_SHA512	24
-#define D_WHIRLPOOL	25
-#define D_IGE_128_AES   26
-#define D_IGE_192_AES   27
-#define D_IGE_256_AES   28
-	double d=0.0;
-	long c[ALGOR_NUM][SIZE_NUM];
-#define	R_DSA_512	0
-#define	R_DSA_1024	1
-#define	R_DSA_2048	2
-#define	R_RSA_512	0
-#define	R_RSA_1024	1
-#define	R_RSA_2048	2
-#define	R_RSA_4096	3
-
-#define R_EC_P160    0
-#define R_EC_P192    1	
-#define R_EC_P224    2
-#define R_EC_P256    3
-#define R_EC_P384    4
-#define R_EC_P521    5
-#define R_EC_K163    6
-#define R_EC_K233    7
-#define R_EC_K283    8
-#define R_EC_K409    9
-#define R_EC_K571    10
-#define R_EC_B163    11
-#define R_EC_B233    12
-#define R_EC_B283    13
-#define R_EC_B409    14
-#define R_EC_B571    15
-
-#ifndef OPENSSL_NO_RSA
-	RSA *rsa_key[RSA_NUM];
-	long rsa_c[RSA_NUM][2];
-	static unsigned int rsa_bits[RSA_NUM]={512,1024,2048,4096};
-	static unsigned char *rsa_data[RSA_NUM]=
-		{test512,test1024,test2048,test4096};
-	static int rsa_data_length[RSA_NUM]={
-		sizeof(test512),sizeof(test1024),
-		sizeof(test2048),sizeof(test4096)};
-#endif
-#ifndef OPENSSL_NO_DSA
-	DSA *dsa_key[DSA_NUM];
-	long dsa_c[DSA_NUM][2];
-	static unsigned int dsa_bits[DSA_NUM]={512,1024,2048};
-#endif
-#ifndef OPENSSL_NO_EC
-	/* We only test over the following curves as they are representative, 
-	 * To add tests over more curves, simply add the curve NID
-	 * and curve name to the following arrays and increase the 
-	 * EC_NUM value accordingly. 
-	 */
-	static unsigned int test_curves[EC_NUM] = 
-	{	
-	/* Prime Curves */
-	NID_secp160r1,
-	NID_X9_62_prime192v1,
-	NID_secp224r1,
-	NID_X9_62_prime256v1,
-	NID_secp384r1,
-	NID_secp521r1,
-	/* Binary Curves */
-	NID_sect163k1,
-	NID_sect233k1,
-	NID_sect283k1,
-	NID_sect409k1,
-	NID_sect571k1,
-	NID_sect163r2,
-	NID_sect233r1,
-	NID_sect283r1,
-	NID_sect409r1,
-	NID_sect571r1
-	}; 
-	static const char * test_curves_names[EC_NUM] = 
-	{
-	/* Prime Curves */
-	"secp160r1",
-	"nistp192",
-	"nistp224",
-	"nistp256",
-	"nistp384",
-	"nistp521",
-	/* Binary Curves */
-	"nistk163",
-	"nistk233",
-	"nistk283",
-	"nistk409",
-	"nistk571",
-	"nistb163",
-	"nistb233",
-	"nistb283",
-	"nistb409",
-	"nistb571"
-	};
-	static int test_curves_bits[EC_NUM] =
-        {
-        160, 192, 224, 256, 384, 521,
-        163, 233, 283, 409, 571,
-        163, 233, 283, 409, 571
-        };
-
-#endif
-
-#ifndef OPENSSL_NO_ECDSA
-	unsigned char ecdsasig[256];
-	unsigned int ecdsasiglen;
-	EC_KEY *ecdsa[EC_NUM];
-	long ecdsa_c[EC_NUM][2];
-#endif
-
-#ifndef OPENSSL_NO_ECDH
-	EC_KEY *ecdh_a[EC_NUM], *ecdh_b[EC_NUM];
-	unsigned char secret_a[MAX_ECDH_SIZE], secret_b[MAX_ECDH_SIZE];
-	int secret_size_a, secret_size_b;
-	int ecdh_checks = 0;
-	int secret_idx = 0;
-	long ecdh_c[EC_NUM][2];
-#endif
-
-	int rsa_doit[RSA_NUM];
-	int dsa_doit[DSA_NUM];
-#ifndef OPENSSL_NO_ECDSA
-	int ecdsa_doit[EC_NUM];
-#endif
-#ifndef OPENSSL_NO_ECDH
-        int ecdh_doit[EC_NUM];
-#endif
-	int doit[ALGOR_NUM];
-	int pr_header=0;
-	const EVP_CIPHER *evp_cipher=NULL;
-	const EVP_MD *evp_md=NULL;
-	int decrypt=0;
-#ifndef NO_FORK
-	int multi=0;
-#endif
-
-#ifndef TIMES
-	usertime=-1;
-#endif
-
-	apps_startup();
-	memset(results, 0, sizeof(results));
-#ifndef OPENSSL_NO_DSA
-	memset(dsa_key,0,sizeof(dsa_key));
-#endif
-#ifndef OPENSSL_NO_ECDSA
-	for (i=0; i 0) && (strcmp(*argv,"-elapsed") == 0))
-			{
-			usertime = 0;
-			j--;	/* Otherwise, -elapsed gets confused with
-				   an algorithm. */
-			}
-		else if	((argc > 0) && (strcmp(*argv,"-evp") == 0))
-			{
-			argc--;
-			argv++;
-			if(argc == 0)
-				{
-				BIO_printf(bio_err,"no EVP given\n");
-				goto end;
-				}
-			evp_cipher=EVP_get_cipherbyname(*argv);
-			if(!evp_cipher)
-				{
-				evp_md=EVP_get_digestbyname(*argv);
-				}
-			if(!evp_cipher && !evp_md)
-				{
-				BIO_printf(bio_err,"%s is an unknown cipher or digest\n",*argv);
-				goto end;
-				}
-			doit[D_EVP]=1;
-			}
-		else if (argc > 0 && !strcmp(*argv,"-decrypt"))
-			{
-			decrypt=1;
-			j--;	/* Otherwise, -elapsed gets confused with
-				   an algorithm. */
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if	((argc > 0) && (strcmp(*argv,"-engine") == 0))
-			{
-			argc--;
-			argv++;
-			if(argc == 0)
-				{
-				BIO_printf(bio_err,"no engine given\n");
-				goto end;
-				}
-                        setup_engine(bio_err, *argv, 0);
-			/* j will be increased again further down.  We just
-			   don't want speed to confuse an engine with an
-			   algorithm, especially when none is given (which
-			   means all of them should be run) */
-			j--;
-			}
-#endif
-#ifndef NO_FORK
-		else if	((argc > 0) && (strcmp(*argv,"-multi") == 0))
-			{
-			argc--;
-			argv++;
-			if(argc == 0)
-				{
-				BIO_printf(bio_err,"no multi count given\n");
-				goto end;
-				}
-			multi=atoi(argv[0]);
-			if(multi <= 0)
-			    {
-				BIO_printf(bio_err,"bad multi count\n");
-				goto end;
-				}				
-			j--;	/* Otherwise, -mr gets confused with
-				   an algorithm. */
-			}
-#endif
-		else if (argc > 0 && !strcmp(*argv,"-mr"))
-			{
-			mr=1;
-			j--;	/* Otherwise, -mr gets confused with
-				   an algorithm. */
-			}
-		else
-#ifndef OPENSSL_NO_MD2
-		if	(strcmp(*argv,"md2") == 0) doit[D_MD2]=1;
-		else
-#endif
-#ifndef OPENSSL_NO_MDC2
-			if (strcmp(*argv,"mdc2") == 0) doit[D_MDC2]=1;
-		else
-#endif
-#ifndef OPENSSL_NO_MD4
-			if (strcmp(*argv,"md4") == 0) doit[D_MD4]=1;
-		else
-#endif
-#ifndef OPENSSL_NO_MD5
-			if (strcmp(*argv,"md5") == 0) doit[D_MD5]=1;
-		else
-#endif
-#ifndef OPENSSL_NO_MD5
-			if (strcmp(*argv,"hmac") == 0) doit[D_HMAC]=1;
-		else
-#endif
-#ifndef OPENSSL_NO_SHA
-			if (strcmp(*argv,"sha1") == 0) doit[D_SHA1]=1;
-		else
-			if (strcmp(*argv,"sha") == 0)	doit[D_SHA1]=1,
-							doit[D_SHA256]=1,
-							doit[D_SHA512]=1;
-		else
-#ifndef OPENSSL_NO_SHA256
-			if (strcmp(*argv,"sha256") == 0) doit[D_SHA256]=1;
-		else
-#endif
-#ifndef OPENSSL_NO_SHA512
-			if (strcmp(*argv,"sha512") == 0) doit[D_SHA512]=1;
-		else
-#endif
-#endif
-#ifndef OPENSSL_NO_WHIRLPOOL
-			if (strcmp(*argv,"whirlpool") == 0) doit[D_WHIRLPOOL]=1;
-		else
-#endif
-#ifndef OPENSSL_NO_RIPEMD
-			if (strcmp(*argv,"ripemd") == 0) doit[D_RMD160]=1;
-		else
-			if (strcmp(*argv,"rmd160") == 0) doit[D_RMD160]=1;
-		else
-			if (strcmp(*argv,"ripemd160") == 0) doit[D_RMD160]=1;
-		else
-#endif
-#ifndef OPENSSL_NO_RC4
-			if (strcmp(*argv,"rc4") == 0) doit[D_RC4]=1;
-		else 
-#endif
-#ifndef OPENSSL_NO_DES
-			if (strcmp(*argv,"des-cbc") == 0) doit[D_CBC_DES]=1;
-		else	if (strcmp(*argv,"des-ede3") == 0) doit[D_EDE3_DES]=1;
-		else
-#endif
-#ifndef OPENSSL_NO_AES
-			if (strcmp(*argv,"aes-128-cbc") == 0) doit[D_CBC_128_AES]=1;
-		else	if (strcmp(*argv,"aes-192-cbc") == 0) doit[D_CBC_192_AES]=1;
-		else	if (strcmp(*argv,"aes-256-cbc") == 0) doit[D_CBC_256_AES]=1;
-		else    if (strcmp(*argv,"aes-128-ige") == 0) doit[D_IGE_128_AES]=1;
-		else	if (strcmp(*argv,"aes-192-ige") == 0) doit[D_IGE_192_AES]=1;
-		else	if (strcmp(*argv,"aes-256-ige") == 0) doit[D_IGE_256_AES]=1;
-                else
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-			if (strcmp(*argv,"camellia-128-cbc") == 0) doit[D_CBC_128_CML]=1;
-		else    if (strcmp(*argv,"camellia-192-cbc") == 0) doit[D_CBC_192_CML]=1;
-		else    if (strcmp(*argv,"camellia-256-cbc") == 0) doit[D_CBC_256_CML]=1;
-		else
-#endif
-#ifndef OPENSSL_NO_RSA
-#if 0 /* was: #ifdef RSAref */
-			if (strcmp(*argv,"rsaref") == 0) 
-			{
-			RSA_set_default_openssl_method(RSA_PKCS1_RSAref());
-			j--;
-			}
-		else
-#endif
-#ifndef RSA_NULL
-			if (strcmp(*argv,"openssl") == 0) 
-			{
-			RSA_set_default_method(RSA_PKCS1_SSLeay());
-			j--;
-			}
-		else
-#endif
-#endif /* !OPENSSL_NO_RSA */
-		     if (strcmp(*argv,"dsa512") == 0) dsa_doit[R_DSA_512]=2;
-		else if (strcmp(*argv,"dsa1024") == 0) dsa_doit[R_DSA_1024]=2;
-		else if (strcmp(*argv,"dsa2048") == 0) dsa_doit[R_DSA_2048]=2;
-		else if (strcmp(*argv,"rsa512") == 0) rsa_doit[R_RSA_512]=2;
-		else if (strcmp(*argv,"rsa1024") == 0) rsa_doit[R_RSA_1024]=2;
-		else if (strcmp(*argv,"rsa2048") == 0) rsa_doit[R_RSA_2048]=2;
-		else if (strcmp(*argv,"rsa4096") == 0) rsa_doit[R_RSA_4096]=2;
-		else
-#ifndef OPENSSL_NO_RC2
-		     if (strcmp(*argv,"rc2-cbc") == 0) doit[D_CBC_RC2]=1;
-		else if (strcmp(*argv,"rc2") == 0) doit[D_CBC_RC2]=1;
-		else
-#endif
-#ifndef OPENSSL_NO_RC5
-		     if (strcmp(*argv,"rc5-cbc") == 0) doit[D_CBC_RC5]=1;
-		else if (strcmp(*argv,"rc5") == 0) doit[D_CBC_RC5]=1;
-		else
-#endif
-#ifndef OPENSSL_NO_IDEA
-		     if (strcmp(*argv,"idea-cbc") == 0) doit[D_CBC_IDEA]=1;
-		else if (strcmp(*argv,"idea") == 0) doit[D_CBC_IDEA]=1;
-		else
-#endif
-#ifndef OPENSSL_NO_SEED
-		     if (strcmp(*argv,"seed-cbc") == 0) doit[D_CBC_SEED]=1;
-		else if (strcmp(*argv,"seed") == 0) doit[D_CBC_SEED]=1;
-		else
-#endif
-#ifndef OPENSSL_NO_BF
-		     if (strcmp(*argv,"bf-cbc") == 0) doit[D_CBC_BF]=1;
-		else if (strcmp(*argv,"blowfish") == 0) doit[D_CBC_BF]=1;
-		else if (strcmp(*argv,"bf") == 0) doit[D_CBC_BF]=1;
-		else
-#endif
-#ifndef OPENSSL_NO_CAST
-		     if (strcmp(*argv,"cast-cbc") == 0) doit[D_CBC_CAST]=1;
-		else if (strcmp(*argv,"cast") == 0) doit[D_CBC_CAST]=1;
-		else if (strcmp(*argv,"cast5") == 0) doit[D_CBC_CAST]=1;
-		else
-#endif
-#ifndef OPENSSL_NO_DES
-			if (strcmp(*argv,"des") == 0)
-			{
-			doit[D_CBC_DES]=1;
-			doit[D_EDE3_DES]=1;
-			}
-		else
-#endif
-#ifndef OPENSSL_NO_AES
-			if (strcmp(*argv,"aes") == 0)
-			{
-			doit[D_CBC_128_AES]=1;
-			doit[D_CBC_192_AES]=1;
-			doit[D_CBC_256_AES]=1;
-			}
-		else
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-			if (strcmp(*argv,"camellia") == 0)
-			{
-			doit[D_CBC_128_CML]=1;
-			doit[D_CBC_192_CML]=1;
-			doit[D_CBC_256_CML]=1;
-			}
-		else
-#endif
-#ifndef OPENSSL_NO_RSA
-			if (strcmp(*argv,"rsa") == 0)
-			{
-			rsa_doit[R_RSA_512]=1;
-			rsa_doit[R_RSA_1024]=1;
-			rsa_doit[R_RSA_2048]=1;
-			rsa_doit[R_RSA_4096]=1;
-			}
-		else
-#endif
-#ifndef OPENSSL_NO_DSA
-			if (strcmp(*argv,"dsa") == 0)
-			{
-			dsa_doit[R_DSA_512]=1;
-			dsa_doit[R_DSA_1024]=1;
-			dsa_doit[R_DSA_2048]=1;
-			}
-		else
-#endif
-#ifndef OPENSSL_NO_ECDSA
-		     if (strcmp(*argv,"ecdsap160") == 0) ecdsa_doit[R_EC_P160]=2;
-		else if (strcmp(*argv,"ecdsap192") == 0) ecdsa_doit[R_EC_P192]=2;
-		else if (strcmp(*argv,"ecdsap224") == 0) ecdsa_doit[R_EC_P224]=2;
-		else if (strcmp(*argv,"ecdsap256") == 0) ecdsa_doit[R_EC_P256]=2;
-		else if (strcmp(*argv,"ecdsap384") == 0) ecdsa_doit[R_EC_P384]=2;
-		else if (strcmp(*argv,"ecdsap521") == 0) ecdsa_doit[R_EC_P521]=2;
-		else if (strcmp(*argv,"ecdsak163") == 0) ecdsa_doit[R_EC_K163]=2;
-		else if (strcmp(*argv,"ecdsak233") == 0) ecdsa_doit[R_EC_K233]=2;
-		else if (strcmp(*argv,"ecdsak283") == 0) ecdsa_doit[R_EC_K283]=2;
-		else if (strcmp(*argv,"ecdsak409") == 0) ecdsa_doit[R_EC_K409]=2;
-		else if (strcmp(*argv,"ecdsak571") == 0) ecdsa_doit[R_EC_K571]=2;
-		else if (strcmp(*argv,"ecdsab163") == 0) ecdsa_doit[R_EC_B163]=2;
-		else if (strcmp(*argv,"ecdsab233") == 0) ecdsa_doit[R_EC_B233]=2;
-		else if (strcmp(*argv,"ecdsab283") == 0) ecdsa_doit[R_EC_B283]=2;
-		else if (strcmp(*argv,"ecdsab409") == 0) ecdsa_doit[R_EC_B409]=2;
-		else if (strcmp(*argv,"ecdsab571") == 0) ecdsa_doit[R_EC_B571]=2;
-		else if (strcmp(*argv,"ecdsa") == 0)
-			{
-			for (i=0; i < EC_NUM; i++)
-				ecdsa_doit[i]=1;
-			}
-		else
-#endif
-#ifndef OPENSSL_NO_ECDH
-		     if (strcmp(*argv,"ecdhp160") == 0) ecdh_doit[R_EC_P160]=2;
-		else if (strcmp(*argv,"ecdhp192") == 0) ecdh_doit[R_EC_P192]=2;
-		else if (strcmp(*argv,"ecdhp224") == 0) ecdh_doit[R_EC_P224]=2;
-		else if (strcmp(*argv,"ecdhp256") == 0) ecdh_doit[R_EC_P256]=2;
-		else if (strcmp(*argv,"ecdhp384") == 0) ecdh_doit[R_EC_P384]=2;
-		else if (strcmp(*argv,"ecdhp521") == 0) ecdh_doit[R_EC_P521]=2;
-		else if (strcmp(*argv,"ecdhk163") == 0) ecdh_doit[R_EC_K163]=2;
-		else if (strcmp(*argv,"ecdhk233") == 0) ecdh_doit[R_EC_K233]=2;
-		else if (strcmp(*argv,"ecdhk283") == 0) ecdh_doit[R_EC_K283]=2;
-		else if (strcmp(*argv,"ecdhk409") == 0) ecdh_doit[R_EC_K409]=2;
-		else if (strcmp(*argv,"ecdhk571") == 0) ecdh_doit[R_EC_K571]=2;
-		else if (strcmp(*argv,"ecdhb163") == 0) ecdh_doit[R_EC_B163]=2;
-		else if (strcmp(*argv,"ecdhb233") == 0) ecdh_doit[R_EC_B233]=2;
-		else if (strcmp(*argv,"ecdhb283") == 0) ecdh_doit[R_EC_B283]=2;
-		else if (strcmp(*argv,"ecdhb409") == 0) ecdh_doit[R_EC_B409]=2;
-		else if (strcmp(*argv,"ecdhb571") == 0) ecdh_doit[R_EC_B571]=2;
-		else if (strcmp(*argv,"ecdh") == 0)
-			{
-			for (i=0; i < EC_NUM; i++)
-				ecdh_doit[i]=1;
-			}
-		else
-#endif
-			{
-			BIO_printf(bio_err,"Error: bad option or value\n");
-			BIO_printf(bio_err,"\n");
-			BIO_printf(bio_err,"Available values:\n");
-#ifndef OPENSSL_NO_MD2
-			BIO_printf(bio_err,"md2      ");
-#endif
-#ifndef OPENSSL_NO_MDC2
-			BIO_printf(bio_err,"mdc2     ");
-#endif
-#ifndef OPENSSL_NO_MD4
-			BIO_printf(bio_err,"md4      ");
-#endif
-#ifndef OPENSSL_NO_MD5
-			BIO_printf(bio_err,"md5      ");
-#ifndef OPENSSL_NO_HMAC
-			BIO_printf(bio_err,"hmac     ");
-#endif
-#endif
-#ifndef OPENSSL_NO_SHA1
-			BIO_printf(bio_err,"sha1     ");
-#endif
-#ifndef OPENSSL_NO_SHA256
-			BIO_printf(bio_err,"sha256   ");
-#endif
-#ifndef OPENSSL_NO_SHA512
-			BIO_printf(bio_err,"sha512   ");
-#endif
-#ifndef OPENSSL_NO_WHIRLPOOL
-			BIO_printf(bio_err,"whirlpool");
-#endif
-#ifndef OPENSSL_NO_RIPEMD160
-			BIO_printf(bio_err,"rmd160");
-#endif
-#if !defined(OPENSSL_NO_MD2) || !defined(OPENSSL_NO_MDC2) || \
-    !defined(OPENSSL_NO_MD4) || !defined(OPENSSL_NO_MD5) || \
-    !defined(OPENSSL_NO_SHA1) || !defined(OPENSSL_NO_RIPEMD160) || \
-    !defined(OPENSSL_NO_WHIRLPOOL)
-			BIO_printf(bio_err,"\n");
-#endif
-
-#ifndef OPENSSL_NO_IDEA
-			BIO_printf(bio_err,"idea-cbc ");
-#endif
-#ifndef OPENSSL_NO_SEED
-			BIO_printf(bio_err,"seed-cbc ");
-#endif
-#ifndef OPENSSL_NO_RC2
-			BIO_printf(bio_err,"rc2-cbc  ");
-#endif
-#ifndef OPENSSL_NO_RC5
-			BIO_printf(bio_err,"rc5-cbc  ");
-#endif
-#ifndef OPENSSL_NO_BF
-			BIO_printf(bio_err,"bf-cbc");
-#endif
-#if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_SEED) || !defined(OPENSSL_NO_RC2) || \
-    !defined(OPENSSL_NO_BF) || !defined(OPENSSL_NO_RC5)
-			BIO_printf(bio_err,"\n");
-#endif
-#ifndef OPENSSL_NO_DES
-			BIO_printf(bio_err,"des-cbc  des-ede3 ");
-#endif
-#ifndef OPENSSL_NO_AES
-			BIO_printf(bio_err,"aes-128-cbc aes-192-cbc aes-256-cbc ");
-			BIO_printf(bio_err,"aes-128-ige aes-192-ige aes-256-ige ");
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-			BIO_printf(bio_err,"\n");
-			BIO_printf(bio_err,"camellia-128-cbc camellia-192-cbc camellia-256-cbc ");
-#endif
-#ifndef OPENSSL_NO_RC4
-			BIO_printf(bio_err,"rc4");
-#endif
-			BIO_printf(bio_err,"\n");
-
-#ifndef OPENSSL_NO_RSA
-			BIO_printf(bio_err,"rsa512   rsa1024  rsa2048  rsa4096\n");
-#endif
-
-#ifndef OPENSSL_NO_DSA
-			BIO_printf(bio_err,"dsa512   dsa1024  dsa2048\n");
-#endif
-#ifndef OPENSSL_NO_ECDSA
-			BIO_printf(bio_err,"ecdsap160 ecdsap192 ecdsap224 ecdsap256 ecdsap384 ecdsap521\n");
-			BIO_printf(bio_err,"ecdsak163 ecdsak233 ecdsak283 ecdsak409 ecdsak571\n");
-			BIO_printf(bio_err,"ecdsab163 ecdsab233 ecdsab283 ecdsab409 ecdsab571\n");
-			BIO_printf(bio_err,"ecdsa\n");
-#endif
-#ifndef OPENSSL_NO_ECDH
-			BIO_printf(bio_err,"ecdhp160  ecdhp192  ecdhp224  ecdhp256  ecdhp384  ecdhp521\n");
-			BIO_printf(bio_err,"ecdhk163  ecdhk233  ecdhk283  ecdhk409  ecdhk571\n");
-			BIO_printf(bio_err,"ecdhb163  ecdhb233  ecdhb283  ecdhb409  ecdhb571\n");
-			BIO_printf(bio_err,"ecdh\n");
-#endif
-
-#ifndef OPENSSL_NO_IDEA
-			BIO_printf(bio_err,"idea     ");
-#endif
-#ifndef OPENSSL_NO_SEED
-			BIO_printf(bio_err,"seed     ");
-#endif
-#ifndef OPENSSL_NO_RC2
-			BIO_printf(bio_err,"rc2      ");
-#endif
-#ifndef OPENSSL_NO_DES
-			BIO_printf(bio_err,"des      ");
-#endif
-#ifndef OPENSSL_NO_AES
-			BIO_printf(bio_err,"aes      ");
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-			BIO_printf(bio_err,"camellia ");
-#endif
-#ifndef OPENSSL_NO_RSA
-			BIO_printf(bio_err,"rsa      ");
-#endif
-#ifndef OPENSSL_NO_BF
-			BIO_printf(bio_err,"blowfish");
-#endif
-#if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_SEED) || \
-    !defined(OPENSSL_NO_RC2) || !defined(OPENSSL_NO_DES) || \
-    !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_BF) || \
-    !defined(OPENSSL_NO_AES) || !defined(OPENSSL_NO_CAMELLIA)
-			BIO_printf(bio_err,"\n");
-#endif
-
-			BIO_printf(bio_err,"\n");
-			BIO_printf(bio_err,"Available options:\n");
-#if defined(TIMES) || defined(USE_TOD)
-			BIO_printf(bio_err,"-elapsed        measure time in real time instead of CPU user time.\n");
-#endif
-#ifndef OPENSSL_NO_ENGINE
-			BIO_printf(bio_err,"-engine e       use engine e, possibly a hardware device.\n");
-#endif
-			BIO_printf(bio_err,"-evp e          use EVP e.\n");
-			BIO_printf(bio_err,"-decrypt        time decryption instead of encryption (only EVP).\n");
-			BIO_printf(bio_err,"-mr             produce machine readable output.\n");
-#ifndef NO_FORK
-			BIO_printf(bio_err,"-multi n        run n benchmarks in parallel.\n");
-#endif
-			goto end;
-			}
-		argc--;
-		argv++;
-		j++;
-		}
-
-#ifndef NO_FORK
-	if(multi && do_multi(multi))
-		goto show_res;
-#endif
-
-	if (j == 0)
-		{
-		for (i=0; in));
-			BN_print(bio_err,rsa_key[i]->e);
-			BIO_printf(bio_err,"\n");
-			}
-#endif
-		}
-#endif
-
-#ifndef OPENSSL_NO_DSA
-	dsa_key[0]=get_dsa512();
-	dsa_key[1]=get_dsa1024();
-	dsa_key[2]=get_dsa2048();
-#endif
-
-#ifndef OPENSSL_NO_DES
-	DES_set_key_unchecked(&key,&sch);
-	DES_set_key_unchecked(&key2,&sch2);
-	DES_set_key_unchecked(&key3,&sch3);
-#endif
-#ifndef OPENSSL_NO_AES
-	AES_set_encrypt_key(key16,128,&aes_ks1);
-	AES_set_encrypt_key(key24,192,&aes_ks2);
-	AES_set_encrypt_key(key32,256,&aes_ks3);
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-	Camellia_set_key(key16,128,&camellia_ks1);
-	Camellia_set_key(ckey24,192,&camellia_ks2);
-	Camellia_set_key(ckey32,256,&camellia_ks3);
-#endif
-#ifndef OPENSSL_NO_IDEA
-	idea_set_encrypt_key(key16,&idea_ks);
-#endif
-#ifndef OPENSSL_NO_SEED
-	SEED_set_key(key16,&seed_ks);
-#endif
-#ifndef OPENSSL_NO_RC4
-	RC4_set_key(&rc4_ks,16,key16);
-#endif
-#ifndef OPENSSL_NO_RC2
-	RC2_set_key(&rc2_ks,16,key16,128);
-#endif
-#ifndef OPENSSL_NO_RC5
-	RC5_32_set_key(&rc5_ks,16,key16,12);
-#endif
-#ifndef OPENSSL_NO_BF
-	BF_set_key(&bf_ks,16,key16);
-#endif
-#ifndef OPENSSL_NO_CAST
-	CAST_set_key(&cast_ks,16,key16);
-#endif
-#ifndef OPENSSL_NO_RSA
-	memset(rsa_c,0,sizeof(rsa_c));
-#endif
-#ifndef SIGALRM
-#ifndef OPENSSL_NO_DES
-	BIO_printf(bio_err,"First we calculate the approximate speed ...\n");
-	count=10;
-	do	{
-		long it;
-		count*=2;
-		Time_F(START);
-		for (it=count; it; it--)
-			DES_ecb_encrypt((DES_cblock *)buf,
-				(DES_cblock *)buf,
-				&sch,DES_ENCRYPT);
-		d=Time_F(STOP);
-		} while (d <3);
-	save_count=count;
-	c[D_MD2][0]=count/10;
-	c[D_MDC2][0]=count/10;
-	c[D_MD4][0]=count;
-	c[D_MD5][0]=count;
-	c[D_HMAC][0]=count;
-	c[D_SHA1][0]=count;
-	c[D_RMD160][0]=count;
-	c[D_RC4][0]=count*5;
-	c[D_CBC_DES][0]=count;
-	c[D_EDE3_DES][0]=count/3;
-	c[D_CBC_IDEA][0]=count;
-	c[D_CBC_SEED][0]=count;
-	c[D_CBC_RC2][0]=count;
-	c[D_CBC_RC5][0]=count;
-	c[D_CBC_BF][0]=count;
-	c[D_CBC_CAST][0]=count;
-	c[D_CBC_128_AES][0]=count;
-	c[D_CBC_192_AES][0]=count;
-	c[D_CBC_256_AES][0]=count;
-	c[D_CBC_128_CML][0]=count;
-	c[D_CBC_192_CML][0]=count;
-	c[D_CBC_256_CML][0]=count;
-	c[D_SHA256][0]=count;
-	c[D_SHA512][0]=count;
-	c[D_WHIRLPOOL][0]=count;
-	c[D_IGE_128_AES][0]=count;
-	c[D_IGE_192_AES][0]=count;
-	c[D_IGE_256_AES][0]=count;
-
-	for (i=1; inid);
-				/* -O3 -fschedule-insns messes up an
-				 * optimization here!  names[D_EVP]
-				 * somehow becomes NULL */
-				print_message(names[D_EVP],save_count,
-					lengths[j]);
-
-				EVP_CIPHER_CTX_init(&ctx);
-				if(decrypt)
-					EVP_DecryptInit_ex(&ctx,evp_cipher,NULL,key16,iv);
-				else
-					EVP_EncryptInit_ex(&ctx,evp_cipher,NULL,key16,iv);
-				EVP_CIPHER_CTX_set_padding(&ctx, 0);
-
-				Time_F(START);
-				if(decrypt)
-					for (count=0,run=1; COND(save_count*4*lengths[0]/lengths[j]); count++)
-						EVP_DecryptUpdate(&ctx,buf,&outl,buf,lengths[j]);
-				else
-					for (count=0,run=1; COND(save_count*4*lengths[0]/lengths[j]); count++)
-						EVP_EncryptUpdate(&ctx,buf,&outl,buf,lengths[j]);
-				if(decrypt)
-					EVP_DecryptFinal_ex(&ctx,buf,&outl);
-				else
-					EVP_EncryptFinal_ex(&ctx,buf,&outl);
-				d=Time_F(STOP);
-				EVP_CIPHER_CTX_cleanup(&ctx);
-				}
-			if (evp_md)
-				{
-				names[D_EVP]=OBJ_nid2ln(evp_md->type);
-				print_message(names[D_EVP],save_count,
-					lengths[j]);
-
-				Time_F(START);
-				for (count=0,run=1; COND(save_count*4*lengths[0]/lengths[j]); count++)
-					EVP_Digest(buf,lengths[j],&(md[0]),NULL,evp_md,NULL);
-
-				d=Time_F(STOP);
-				}
-			print_result(D_EVP,j,count,d);
-			}
-		}
-
-	RAND_pseudo_bytes(buf,36);
-#ifndef OPENSSL_NO_RSA
-	for (j=0; j 10000 && !mr)
-				fprintf(stdout," %11.2fk",results[k][j]/1e3);
-			else
-				fprintf(stdout,mr ? ":%.2f" : " %11.2f ",results[k][j]);
-			}
-		fprintf(stdout,"\n");
-		}
-#ifndef OPENSSL_NO_RSA
-	j=1;
-	for (k=0; k
-#include 
-#include 
-#include 
-#include "apps.h"
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-
-#undef PROG
-#define PROG	spkac_main
-
-/* -in arg	- input file - default stdin
- * -out arg	- output file - default stdout
- */
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	ENGINE *e = NULL;
-	int i,badops=0, ret = 1;
-	BIO *in = NULL,*out = NULL;
-	int verify=0,noout=0,pubkey=0;
-	char *infile = NULL,*outfile = NULL,*prog;
-	char *passargin = NULL, *passin = NULL;
-	const char *spkac = "SPKAC", *spksect = "default";
-	char *spkstr = NULL;
-	char *challenge = NULL, *keyfile = NULL;
-	CONF *conf = NULL;
-	NETSCAPE_SPKI *spki = NULL;
-	EVP_PKEY *pkey = NULL;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-
-	apps_startup();
-
-	if (!bio_err) bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	prog=argv[0];
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-passin") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passargin= *(++argv);
-			}
-		else if (strcmp(*argv,"-key") == 0)
-			{
-			if (--argc < 1) goto bad;
-			keyfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-challenge") == 0)
-			{
-			if (--argc < 1) goto bad;
-			challenge= *(++argv);
-			}
-		else if (strcmp(*argv,"-spkac") == 0)
-			{
-			if (--argc < 1) goto bad;
-			spkac= *(++argv);
-			}
-		else if (strcmp(*argv,"-spksect") == 0)
-			{
-			if (--argc < 1) goto bad;
-			spksect= *(++argv);
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
-			}
-#endif
-		else if (strcmp(*argv,"-noout") == 0)
-			noout=1;
-		else if (strcmp(*argv,"-pubkey") == 0)
-			pubkey=1;
-		else if (strcmp(*argv,"-verify") == 0)
-			verify=1;
-		else badops = 1;
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options]\n",prog);
-		BIO_printf(bio_err,"where options are\n");
-		BIO_printf(bio_err," -in arg        input file\n");
-		BIO_printf(bio_err," -out arg       output file\n");
-		BIO_printf(bio_err," -key arg       create SPKAC using private key\n");
-		BIO_printf(bio_err," -passin arg    input file pass phrase source\n");
-		BIO_printf(bio_err," -challenge arg challenge string\n");
-		BIO_printf(bio_err," -spkac arg     alternative SPKAC name\n");
-		BIO_printf(bio_err," -noout         don't print SPKAC\n");
-		BIO_printf(bio_err," -pubkey        output public key\n");
-		BIO_printf(bio_err," -verify        verify SPKAC signature\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," -engine e      use engine e, possibly a hardware device.\n");
-#endif
-		goto end;
-		}
-
-	ERR_load_crypto_strings();
-	if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
-		BIO_printf(bio_err, "Error getting password\n");
-		goto end;
-	}
-
-#ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
-#endif
-
-	if(keyfile) {
-		pkey = load_key(bio_err,
-				strcmp(keyfile, "-") ? keyfile : NULL,
-				FORMAT_PEM, 1, passin, e, "private key");
-		if(!pkey) {
-			goto end;
-		}
-		spki = NETSCAPE_SPKI_new();
-		if(challenge) ASN1_STRING_set(spki->spkac->challenge,
-						 challenge, (int)strlen(challenge));
-		NETSCAPE_SPKI_set_pubkey(spki, pkey);
-		NETSCAPE_SPKI_sign(spki, pkey, EVP_md5());
-		spkstr = NETSCAPE_SPKI_b64_encode(spki);
-
-		if (outfile) out = BIO_new_file(outfile, "w");
-		else {
-			out = BIO_new_fp(stdout, BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-			{
-			    BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-			    out = BIO_push(tmpbio, out);
-			}
-#endif
-		}
-
-		if(!out) {
-			BIO_printf(bio_err, "Error opening output file\n");
-			ERR_print_errors(bio_err);
-			goto end;
-		}
-		BIO_printf(out, "SPKAC=%s\n", spkstr);
-		OPENSSL_free(spkstr);
-		ret = 0;
-		goto end;
-	}
-
-	
-
-	if (infile) in = BIO_new_file(infile, "r");
-	else in = BIO_new_fp(stdin, BIO_NOCLOSE);
-
-	if(!in) {
-		BIO_printf(bio_err, "Error opening input file\n");
-		ERR_print_errors(bio_err);
-		goto end;
-	}
-
-	conf = NCONF_new(NULL);
-	i = NCONF_load_bio(conf, in, NULL);
-
-	if(!i) {
-		BIO_printf(bio_err, "Error parsing config file\n");
-		ERR_print_errors(bio_err);
-		goto end;
-	}
-
-	spkstr = NCONF_get_string(conf, spksect, spkac);
-		
-	if(!spkstr) {
-		BIO_printf(bio_err, "Can't find SPKAC called \"%s\"\n", spkac);
-		ERR_print_errors(bio_err);
-		goto end;
-	}
-
-	spki = NETSCAPE_SPKI_b64_decode(spkstr, -1);
-	
-	if(!spki) {
-		BIO_printf(bio_err, "Error loading SPKAC\n");
-		ERR_print_errors(bio_err);
-		goto end;
-	}
-
-	if (outfile) out = BIO_new_file(outfile, "w");
-	else {
-		out = BIO_new_fp(stdout, BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-		{
-		    BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		    out = BIO_push(tmpbio, out);
-		}
-#endif
-	}
-
-	if(!out) {
-		BIO_printf(bio_err, "Error opening output file\n");
-		ERR_print_errors(bio_err);
-		goto end;
-	}
-
-	if(!noout) NETSCAPE_SPKI_print(out, spki);
-	pkey = NETSCAPE_SPKI_get_pubkey(spki);
-	if(verify) {
-		i = NETSCAPE_SPKI_verify(spki, pkey);
-		if (i > 0) BIO_printf(bio_err, "Signature OK\n");
-		else {
-			BIO_printf(bio_err, "Signature Failure\n");
-			ERR_print_errors(bio_err);
-			goto end;
-		}
-	}
-	if(pubkey) PEM_write_bio_PUBKEY(out, pkey);
-
-	ret = 0;
-
-end:
-	NCONF_free(conf);
-	NETSCAPE_SPKI_free(spki);
-	BIO_free(in);
-	BIO_free_all(out);
-	EVP_PKEY_free(pkey);
-	if(passin) OPENSSL_free(passin);
-	apps_shutdown();
-	OPENSSL_EXIT(ret);
-	}
diff --git a/deps/openssl/openssl/apps/testCA.pem b/deps/openssl/openssl/apps/testCA.pem
deleted file mode 100644
index dcb710aa9d1..00000000000
--- a/deps/openssl/openssl/apps/testCA.pem
+++ /dev/null
@@ -1,8 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIBBzCBsgIBADBNMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEX
-MBUGA1UEChMOTWluY29tIFB0eSBMdGQxEDAOBgNVBAMTB1RFU1QgQ0EwXDANBgkq
-hkiG9w0BAQEFAANLADBIAkEAzW9brgA8efT2ODB+NrsflJZj3KKqKsm4OrXTRqfL
-VETj1ws/zCXl42XJAxdWQMCP0liKfc9Ut4xi1qCVI7N07wIDAQABoAAwDQYJKoZI
-hvcNAQEEBQADQQBjZZ42Det9Uw0AFwJy4ufUEy5Cv74pxBp5SZnljgHY+Az0Hs2S
-uNkIegr2ITX5azKi9nOkg9ZmsmGG13FIjiC/
------END CERTIFICATE REQUEST-----
diff --git a/deps/openssl/openssl/apps/testdsa.h b/deps/openssl/openssl/apps/testdsa.h
deleted file mode 100644
index 9e84e31c939..00000000000
--- a/deps/openssl/openssl/apps/testdsa.h
+++ /dev/null
@@ -1,217 +0,0 @@
-/* NOCW */
-/* used by apps/speed.c */
-DSA *get_dsa512(void );
-DSA *get_dsa1024(void );
-DSA *get_dsa2048(void );
-static unsigned char dsa512_priv[] = {
-	0x65,0xe5,0xc7,0x38,0x60,0x24,0xb5,0x89,0xd4,0x9c,0xeb,0x4c,
-	0x9c,0x1d,0x7a,0x22,0xbd,0xd1,0xc2,0xd2,
-	};
-static unsigned char dsa512_pub[] = {
-	0x00,0x95,0xa7,0x0d,0xec,0x93,0x68,0xba,0x5f,0xf7,0x5f,0x07,
-	0xf2,0x3b,0xad,0x6b,0x01,0xdc,0xbe,0xec,0xde,0x04,0x7a,0x3a,
-	0x27,0xb3,0xec,0x49,0xfd,0x08,0x43,0x3d,0x7e,0xa8,0x2c,0x5e,
-	0x7b,0xbb,0xfc,0xf4,0x6e,0xeb,0x6c,0xb0,0x6e,0xf8,0x02,0x12,
-	0x8c,0x38,0x5d,0x83,0x56,0x7d,0xee,0x53,0x05,0x3e,0x24,0x84,
-	0xbe,0xba,0x0a,0x6b,0xc8,
-	};
-static unsigned char dsa512_p[]={
-	0x9D,0x1B,0x69,0x8E,0x26,0xDB,0xF2,0x2B,0x11,0x70,0x19,0x86,
-	0xF6,0x19,0xC8,0xF8,0x19,0xF2,0x18,0x53,0x94,0x46,0x06,0xD0,
-	0x62,0x50,0x33,0x4B,0x02,0x3C,0x52,0x30,0x03,0x8B,0x3B,0xF9,
-	0x5F,0xD1,0x24,0x06,0x4F,0x7B,0x4C,0xBA,0xAA,0x40,0x9B,0xFD,
-	0x96,0xE4,0x37,0x33,0xBB,0x2D,0x5A,0xD7,0x5A,0x11,0x40,0x66,
-	0xA2,0x76,0x7D,0x31,
-	};
-static unsigned char dsa512_q[]={
-	0xFB,0x53,0xEF,0x50,0xB4,0x40,0x92,0x31,0x56,0x86,0x53,0x7A,
-	0xE8,0x8B,0x22,0x9A,0x49,0xFB,0x71,0x8F,
-	};
-static unsigned char dsa512_g[]={
-	0x83,0x3E,0x88,0xE5,0xC5,0x89,0x73,0xCE,0x3B,0x6C,0x01,0x49,
-	0xBF,0xB3,0xC7,0x9F,0x0A,0xEA,0x44,0x91,0xE5,0x30,0xAA,0xD9,
-	0xBE,0x5B,0x5F,0xB7,0x10,0xD7,0x89,0xB7,0x8E,0x74,0xFB,0xCF,
-	0x29,0x1E,0xEB,0xA8,0x2C,0x54,0x51,0xB8,0x10,0xDE,0xA0,0xCE,
-	0x2F,0xCC,0x24,0x6B,0x90,0x77,0xDE,0xA2,0x68,0xA6,0x52,0x12,
-	0xA2,0x03,0x9D,0x20,
-	};
-
-DSA *get_dsa512()
-	{
-	DSA *dsa;
-
-	if ((dsa=DSA_new()) == NULL) return(NULL);
-	dsa->priv_key=BN_bin2bn(dsa512_priv,sizeof(dsa512_priv),NULL);
-	dsa->pub_key=BN_bin2bn(dsa512_pub,sizeof(dsa512_pub),NULL);
-	dsa->p=BN_bin2bn(dsa512_p,sizeof(dsa512_p),NULL);
-	dsa->q=BN_bin2bn(dsa512_q,sizeof(dsa512_q),NULL);
-	dsa->g=BN_bin2bn(dsa512_g,sizeof(dsa512_g),NULL);
-	if ((dsa->priv_key == NULL) || (dsa->pub_key == NULL) || (dsa->p == NULL) ||
-				(dsa->q == NULL) || (dsa->g == NULL))
-		return(NULL);
-	return(dsa);
-	}
-
-static unsigned char dsa1024_priv[]={
-	0x7d,0x21,0xda,0xbb,0x62,0x15,0x47,0x36,0x07,0x67,0x12,0xe8,
-	0x8c,0xaa,0x1c,0xcd,0x38,0x12,0x61,0x18,
-	};
-static unsigned char dsa1024_pub[]={
-	0x3c,0x4e,0x9c,0x2a,0x7f,0x16,0xc1,0x25,0xeb,0xac,0x78,0x63,
-	0x90,0x14,0x8c,0x8b,0xf4,0x68,0x43,0x3c,0x2d,0xee,0x65,0x50,
-	0x7d,0x9c,0x8f,0x8c,0x8a,0x51,0xd6,0x11,0x2b,0x99,0xaf,0x1e,
-	0x90,0x97,0xb5,0xd3,0xa6,0x20,0x25,0xd6,0xfe,0x43,0x02,0xd5,
-	0x91,0x7d,0xa7,0x8c,0xdb,0xc9,0x85,0xa3,0x36,0x48,0xf7,0x68,
-	0xaa,0x60,0xb1,0xf7,0x05,0x68,0x3a,0xa3,0x3f,0xd3,0x19,0x82,
-	0xd8,0x82,0x7a,0x77,0xfb,0xef,0xf4,0x15,0x0a,0xeb,0x06,0x04,
-	0x7f,0x53,0x07,0x0c,0xbc,0xcb,0x2d,0x83,0xdb,0x3e,0xd1,0x28,
-	0xa5,0xa1,0x31,0xe0,0x67,0xfa,0x50,0xde,0x9b,0x07,0x83,0x7e,
-	0x2c,0x0b,0xc3,0x13,0x50,0x61,0xe5,0xad,0xbd,0x36,0xb8,0x97,
-	0x4e,0x40,0x7d,0xe8,0x83,0x0d,0xbc,0x4b
-	};
-static unsigned char dsa1024_p[]={
-	0xA7,0x3F,0x6E,0x85,0xBF,0x41,0x6A,0x29,0x7D,0xF0,0x9F,0x47,
-	0x19,0x30,0x90,0x9A,0x09,0x1D,0xDA,0x6A,0x33,0x1E,0xC5,0x3D,
-	0x86,0x96,0xB3,0x15,0xE0,0x53,0x2E,0x8F,0xE0,0x59,0x82,0x73,
-	0x90,0x3E,0x75,0x31,0x99,0x47,0x7A,0x52,0xFB,0x85,0xE4,0xD9,
-	0xA6,0x7B,0x38,0x9B,0x68,0x8A,0x84,0x9B,0x87,0xC6,0x1E,0xB5,
-	0x7E,0x86,0x4B,0x53,0x5B,0x59,0xCF,0x71,0x65,0x19,0x88,0x6E,
-	0xCE,0x66,0xAE,0x6B,0x88,0x36,0xFB,0xEC,0x28,0xDC,0xC2,0xD7,
-	0xA5,0xBB,0xE5,0x2C,0x39,0x26,0x4B,0xDA,0x9A,0x70,0x18,0x95,
-	0x37,0x95,0x10,0x56,0x23,0xF6,0x15,0xED,0xBA,0x04,0x5E,0xDE,
-	0x39,0x4F,0xFD,0xB7,0x43,0x1F,0xB5,0xA4,0x65,0x6F,0xCD,0x80,
-	0x11,0xE4,0x70,0x95,0x5B,0x50,0xCD,0x49,
-	};
-static unsigned char dsa1024_q[]={
-	0xF7,0x07,0x31,0xED,0xFA,0x6C,0x06,0x03,0xD5,0x85,0x8A,0x1C,
-	0xAC,0x9C,0x65,0xE7,0x50,0x66,0x65,0x6F,
-	};
-static unsigned char dsa1024_g[]={
-	0x4D,0xDF,0x4C,0x03,0xA6,0x91,0x8A,0xF5,0x19,0x6F,0x50,0x46,
-	0x25,0x99,0xE5,0x68,0x6F,0x30,0xE3,0x69,0xE1,0xE5,0xB3,0x5D,
-	0x98,0xBB,0x28,0x86,0x48,0xFC,0xDE,0x99,0x04,0x3F,0x5F,0x88,
-	0x0C,0x9C,0x73,0x24,0x0D,0x20,0x5D,0xB9,0x2A,0x9A,0x3F,0x18,
-	0x96,0x27,0xE4,0x62,0x87,0xC1,0x7B,0x74,0x62,0x53,0xFC,0x61,
-	0x27,0xA8,0x7A,0x91,0x09,0x9D,0xB6,0xF1,0x4D,0x9C,0x54,0x0F,
-	0x58,0x06,0xEE,0x49,0x74,0x07,0xCE,0x55,0x7E,0x23,0xCE,0x16,
-	0xF6,0xCA,0xDC,0x5A,0x61,0x01,0x7E,0xC9,0x71,0xB5,0x4D,0xF6,
-	0xDC,0x34,0x29,0x87,0x68,0xF6,0x5E,0x20,0x93,0xB3,0xDB,0xF5,
-	0xE4,0x09,0x6C,0x41,0x17,0x95,0x92,0xEB,0x01,0xB5,0x73,0xA5,
-	0x6A,0x7E,0xD8,0x32,0xED,0x0E,0x02,0xB8,
-	};
-
-DSA *get_dsa1024()
-	{
-	DSA *dsa;
-
-	if ((dsa=DSA_new()) == NULL) return(NULL);
-	dsa->priv_key=BN_bin2bn(dsa1024_priv,sizeof(dsa1024_priv),NULL);
-	dsa->pub_key=BN_bin2bn(dsa1024_pub,sizeof(dsa1024_pub),NULL);
-	dsa->p=BN_bin2bn(dsa1024_p,sizeof(dsa1024_p),NULL);
-	dsa->q=BN_bin2bn(dsa1024_q,sizeof(dsa1024_q),NULL);
-	dsa->g=BN_bin2bn(dsa1024_g,sizeof(dsa1024_g),NULL);
-	if ((dsa->priv_key == NULL) || (dsa->pub_key == NULL) || (dsa->p == NULL) ||
-				(dsa->q == NULL) || (dsa->g == NULL))
-		return(NULL);
-	return(dsa);
-	}
-
-static unsigned char dsa2048_priv[]={
-	0x32,0x67,0x92,0xf6,0xc4,0xe2,0xe2,0xe8,0xa0,0x8b,0x6b,0x45,
-	0x0c,0x8a,0x76,0xb0,0xee,0xcf,0x91,0xa7,
-	};
-static unsigned char dsa2048_pub[]={
-	0x17,0x8f,0xa8,0x11,0x84,0x92,0xec,0x83,0x47,0xc7,0x6a,0xb0,
-	0x92,0xaf,0x5a,0x20,0x37,0xa3,0x64,0x79,0xd2,0xd0,0x3d,0xcd,
-	0xe0,0x61,0x88,0x88,0x21,0xcc,0x74,0x5d,0xce,0x4c,0x51,0x47,
-	0xf0,0xc5,0x5c,0x4c,0x82,0x7a,0xaf,0x72,0xad,0xb9,0xe0,0x53,
-	0xf2,0x78,0xb7,0xf0,0xb5,0x48,0x7f,0x8a,0x3a,0x18,0xd1,0x9f,
-	0x8b,0x7d,0xa5,0x47,0xb7,0x95,0xab,0x98,0xf8,0x7b,0x74,0x50,
-	0x56,0x8e,0x57,0xf0,0xee,0xf5,0xb7,0xba,0xab,0x85,0x86,0xf9,
-	0x2b,0xef,0x41,0x56,0xa0,0xa4,0x9f,0xb7,0x38,0x00,0x46,0x0a,
-	0xa6,0xf1,0xfc,0x1f,0xd8,0x4e,0x85,0x44,0x92,0x43,0x21,0x5d,
-	0x6e,0xcc,0xc2,0xcb,0x26,0x31,0x0d,0x21,0xc4,0xbd,0x8d,0x24,
-	0xbc,0xd9,0x18,0x19,0xd7,0xdc,0xf1,0xe7,0x93,0x50,0x48,0x03,
-	0x2c,0xae,0x2e,0xe7,0x49,0x88,0x5f,0x93,0x57,0x27,0x99,0x36,
-	0xb4,0x20,0xab,0xfc,0xa7,0x2b,0xf2,0xd9,0x98,0xd7,0xd4,0x34,
-	0x9d,0x96,0x50,0x58,0x9a,0xea,0x54,0xf3,0xee,0xf5,0x63,0x14,
-	0xee,0x85,0x83,0x74,0x76,0xe1,0x52,0x95,0xc3,0xf7,0xeb,0x04,
-	0x04,0x7b,0xa7,0x28,0x1b,0xcc,0xea,0x4a,0x4e,0x84,0xda,0xd8,
-	0x9c,0x79,0xd8,0x9b,0x66,0x89,0x2f,0xcf,0xac,0xd7,0x79,0xf9,
-	0xa9,0xd8,0x45,0x13,0x78,0xb9,0x00,0x14,0xc9,0x7e,0x22,0x51,
-	0x86,0x67,0xb0,0x9f,0x26,0x11,0x23,0xc8,0x38,0xd7,0x70,0x1d,
-	0x15,0x8e,0x4d,0x4f,0x95,0x97,0x40,0xa1,0xc2,0x7e,0x01,0x18,
-	0x72,0xf4,0x10,0xe6,0x8d,0x52,0x16,0x7f,0xf2,0xc9,0xf8,0x33,
-	0x8b,0x33,0xb7,0xce,
-	};
-static unsigned char dsa2048_p[]={
-	0xA0,0x25,0xFA,0xAD,0xF4,0x8E,0xB9,0xE5,0x99,0xF3,0x5D,0x6F,
-	0x4F,0x83,0x34,0xE2,0x7E,0xCF,0x6F,0xBF,0x30,0xAF,0x6F,0x81,
-	0xEB,0xF8,0xC4,0x13,0xD9,0xA0,0x5D,0x8B,0x5C,0x8E,0xDC,0xC2,
-	0x1D,0x0B,0x41,0x32,0xB0,0x1F,0xFE,0xEF,0x0C,0xC2,0xA2,0x7E,
-	0x68,0x5C,0x28,0x21,0xE9,0xF5,0xB1,0x58,0x12,0x63,0x4C,0x19,
-	0x4E,0xFF,0x02,0x4B,0x92,0xED,0xD2,0x07,0x11,0x4D,0x8C,0x58,
-	0x16,0x5C,0x55,0x8E,0xAD,0xA3,0x67,0x7D,0xB9,0x86,0x6E,0x0B,
-	0xE6,0x54,0x6F,0x40,0xAE,0x0E,0x67,0x4C,0xF9,0x12,0x5B,0x3C,
-	0x08,0x7A,0xF7,0xFC,0x67,0x86,0x69,0xE7,0x0A,0x94,0x40,0xBF,
-	0x8B,0x76,0xFE,0x26,0xD1,0xF2,0xA1,0x1A,0x84,0xA1,0x43,0x56,
-	0x28,0xBC,0x9A,0x5F,0xD7,0x3B,0x69,0x89,0x8A,0x36,0x2C,0x51,
-	0xDF,0x12,0x77,0x2F,0x57,0x7B,0xA0,0xAA,0xDD,0x7F,0xA1,0x62,
-	0x3B,0x40,0x7B,0x68,0x1A,0x8F,0x0D,0x38,0xBB,0x21,0x5D,0x18,
-	0xFC,0x0F,0x46,0xF7,0xA3,0xB0,0x1D,0x23,0xC3,0xD2,0xC7,0x72,
-	0x51,0x18,0xDF,0x46,0x95,0x79,0xD9,0xBD,0xB5,0x19,0x02,0x2C,
-	0x87,0xDC,0xE7,0x57,0x82,0x7E,0xF1,0x8B,0x06,0x3D,0x00,0xA5,
-	0x7B,0x6B,0x26,0x27,0x91,0x0F,0x6A,0x77,0xE4,0xD5,0x04,0xE4,
-	0x12,0x2C,0x42,0xFF,0xD2,0x88,0xBB,0xD3,0x92,0xA0,0xF9,0xC8,
-	0x51,0x64,0x14,0x5C,0xD8,0xF9,0x6C,0x47,0x82,0xB4,0x1C,0x7F,
-	0x09,0xB8,0xF0,0x25,0x83,0x1D,0x3F,0x3F,0x05,0xB3,0x21,0x0A,
-	0x5D,0xA7,0xD8,0x54,0xC3,0x65,0x7D,0xC3,0xB0,0x1D,0xBF,0xAE,
-	0xF8,0x68,0xCF,0x9B,
-	};
-static unsigned char dsa2048_q[]={
-	0x97,0xE7,0x33,0x4D,0xD3,0x94,0x3E,0x0B,0xDB,0x62,0x74,0xC6,
-	0xA1,0x08,0xDD,0x19,0xA3,0x75,0x17,0x1B,
-	};
-static unsigned char dsa2048_g[]={
-	0x2C,0x78,0x16,0x59,0x34,0x63,0xF4,0xF3,0x92,0xFC,0xB5,0xA5,
-	0x4F,0x13,0xDE,0x2F,0x1C,0xA4,0x3C,0xAE,0xAD,0x38,0x3F,0x7E,
-	0x90,0xBF,0x96,0xA6,0xAE,0x25,0x90,0x72,0xF5,0x8E,0x80,0x0C,
-	0x39,0x1C,0xD9,0xEC,0xBA,0x90,0x5B,0x3A,0xE8,0x58,0x6C,0x9E,
-	0x30,0x42,0x37,0x02,0x31,0x82,0xBC,0x6A,0xDF,0x6A,0x09,0x29,
-	0xE3,0xC0,0x46,0xD1,0xCB,0x85,0xEC,0x0C,0x30,0x5E,0xEA,0xC8,
-	0x39,0x8E,0x22,0x9F,0x22,0x10,0xD2,0x34,0x61,0x68,0x37,0x3D,
-	0x2E,0x4A,0x5B,0x9A,0xF5,0xC1,0x48,0xC6,0xF6,0xDC,0x63,0x1A,
-	0xD3,0x96,0x64,0xBA,0x34,0xC9,0xD1,0xA0,0xD1,0xAE,0x6C,0x2F,
-	0x48,0x17,0x93,0x14,0x43,0xED,0xF0,0x21,0x30,0x19,0xC3,0x1B,
-	0x5F,0xDE,0xA3,0xF0,0x70,0x78,0x18,0xE1,0xA8,0xE4,0xEE,0x2E,
-	0x00,0xA5,0xE4,0xB3,0x17,0xC8,0x0C,0x7D,0x6E,0x42,0xDC,0xB7,
-	0x46,0x00,0x36,0x4D,0xD4,0x46,0xAA,0x3D,0x3C,0x46,0x89,0x40,
-	0xBF,0x1D,0x84,0x77,0x0A,0x75,0xF3,0x87,0x1D,0x08,0x4C,0xA6,
-	0xD1,0xA9,0x1C,0x1E,0x12,0x1E,0xE1,0xC7,0x30,0x28,0x76,0xA5,
-	0x7F,0x6C,0x85,0x96,0x2B,0x6F,0xDB,0x80,0x66,0x26,0xAE,0xF5,
-	0x93,0xC7,0x8E,0xAE,0x9A,0xED,0xE4,0xCA,0x04,0xEA,0x3B,0x72,
-	0xEF,0xDC,0x87,0xED,0x0D,0xA5,0x4C,0x4A,0xDD,0x71,0x22,0x64,
-	0x59,0x69,0x4E,0x8E,0xBF,0x43,0xDC,0xAB,0x8E,0x66,0xBB,0x01,
-	0xB6,0xF4,0xE7,0xFD,0xD2,0xAD,0x9F,0x36,0xC1,0xA0,0x29,0x99,
-	0xD1,0x96,0x70,0x59,0x06,0x78,0x35,0xBD,0x65,0x55,0x52,0x9E,
-	0xF8,0xB2,0xE5,0x38,
-	};
- 
-DSA *get_dsa2048()
-	{
-	DSA *dsa;
- 
-	if ((dsa=DSA_new()) == NULL) return(NULL);
-	dsa->priv_key=BN_bin2bn(dsa2048_priv,sizeof(dsa2048_priv),NULL);
-	dsa->pub_key=BN_bin2bn(dsa2048_pub,sizeof(dsa2048_pub),NULL);
-	dsa->p=BN_bin2bn(dsa2048_p,sizeof(dsa2048_p),NULL);
-	dsa->q=BN_bin2bn(dsa2048_q,sizeof(dsa2048_q),NULL);
-	dsa->g=BN_bin2bn(dsa2048_g,sizeof(dsa2048_g),NULL);
-	if ((dsa->priv_key == NULL) || (dsa->pub_key == NULL) || (dsa->p == NULL) ||
-				(dsa->q == NULL) || (dsa->g == NULL))
-		return(NULL);
-	return(dsa);
-	}
-
-static const char rnd_seed[] = "string to make the random number generator think it has entropy";
-static int rnd_fake = 0;
diff --git a/deps/openssl/openssl/apps/testrsa.h b/deps/openssl/openssl/apps/testrsa.h
deleted file mode 100644
index 3007d792b0d..00000000000
--- a/deps/openssl/openssl/apps/testrsa.h
+++ /dev/null
@@ -1,518 +0,0 @@
-/* apps/testrsa.h */
-/* used by apps/speed.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-static unsigned char test512[]={
-	0x30,0x82,0x01,0x3a,0x02,0x01,0x00,0x02,0x41,0x00,
-	0xd6,0x33,0xb9,0xc8,0xfb,0x4f,0x3c,0x7d,0xc0,0x01,
-	0x86,0xd0,0xe7,0xa0,0x55,0xf2,0x95,0x93,0xcc,0x4f,
-	0xb7,0x5b,0x67,0x5b,0x94,0x68,0xc9,0x34,0x15,0xde,
-	0xa5,0x2e,0x1c,0x33,0xc2,0x6e,0xfc,0x34,0x5e,0x71,
-	0x13,0xb7,0xd6,0xee,0xd8,0xa5,0x65,0x05,0x72,0x87,
-	0xa8,0xb0,0x77,0xfe,0x57,0xf5,0xfc,0x5f,0x55,0x83,
-	0x87,0xdd,0x57,0x49,0x02,0x03,0x01,0x00,0x01,0x02,
-	0x41,0x00,0xa7,0xf7,0x91,0xc5,0x0f,0x84,0x57,0xdc,
-	0x07,0xf7,0x6a,0x7f,0x60,0x52,0xb3,0x72,0xf1,0x66,
-	0x1f,0x7d,0x97,0x3b,0x9e,0xb6,0x0a,0x8f,0x8c,0xcf,
-	0x42,0x23,0x00,0x04,0xd4,0x28,0x0e,0x1c,0x90,0xc4,
-	0x11,0x25,0x25,0xa5,0x93,0xa5,0x2f,0x70,0x02,0xdf,
-	0x81,0x9c,0x49,0x03,0xa0,0xf8,0x6d,0x54,0x2e,0x26,
-	0xde,0xaa,0x85,0x59,0xa8,0x31,0x02,0x21,0x00,0xeb,
-	0x47,0xd7,0x3b,0xf6,0xc3,0xdd,0x5a,0x46,0xc5,0xb9,
-	0x2b,0x9a,0xa0,0x09,0x8f,0xa6,0xfb,0xf3,0x78,0x7a,
-	0x33,0x70,0x9d,0x0f,0x42,0x6b,0x13,0x68,0x24,0xd3,
-	0x15,0x02,0x21,0x00,0xe9,0x10,0xb0,0xb3,0x0d,0xe2,
-	0x82,0x68,0x77,0x8a,0x6e,0x7c,0xda,0xbc,0x3e,0x53,
-	0x83,0xfb,0xd6,0x22,0xe7,0xb5,0xae,0x6e,0x80,0xda,
-	0x00,0x55,0x97,0xc1,0xd0,0x65,0x02,0x20,0x4c,0xf8,
-	0x73,0xb1,0x6a,0x49,0x29,0x61,0x1f,0x46,0x10,0x0d,
-	0xf3,0xc7,0xe7,0x58,0xd7,0x88,0x15,0x5e,0x94,0x9b,
-	0xbf,0x7b,0xa2,0x42,0x58,0x45,0x41,0x0c,0xcb,0x01,
-	0x02,0x20,0x12,0x11,0xba,0x31,0x57,0x9d,0x3d,0x11,
-	0x0e,0x5b,0x8c,0x2f,0x5f,0xe2,0x02,0x4f,0x05,0x47,
-	0x8c,0x15,0x8e,0xb3,0x56,0x3f,0xb8,0xfb,0xad,0xd4,
-	0xf4,0xfc,0x10,0xc5,0x02,0x20,0x18,0xa1,0x29,0x99,
-	0x5b,0xd9,0xc8,0xd4,0xfc,0x49,0x7a,0x2a,0x21,0x2c,
-	0x49,0xe4,0x4f,0xeb,0xef,0x51,0xf1,0xab,0x6d,0xfb,
-	0x4b,0x14,0xe9,0x4b,0x52,0xb5,0x82,0x2c,
-	};
-
-static unsigned char test1024[]={
-	0x30,0x82,0x02,0x5c,0x02,0x01,0x00,0x02,0x81,0x81,
-	0x00,0xdc,0x98,0x43,0xe8,0x3d,0x43,0x5b,0xe4,0x05,
-	0xcd,0xd0,0xa9,0x3e,0xcb,0x83,0x75,0xf6,0xb5,0xa5,
-	0x9f,0x6b,0xe9,0x34,0x41,0x29,0x18,0xfa,0x6a,0x55,
-	0x4d,0x70,0xfc,0xec,0xae,0x87,0x38,0x0a,0x20,0xa9,
-	0xc0,0x45,0x77,0x6e,0x57,0x60,0x57,0xf4,0xed,0x96,
-	0x22,0xcb,0x8f,0xe1,0x33,0x3a,0x17,0x1f,0xed,0x37,
-	0xa5,0x6f,0xeb,0xa6,0xbc,0x12,0x80,0x1d,0x53,0xbd,
-	0x70,0xeb,0x21,0x76,0x3e,0xc9,0x2f,0x1a,0x45,0x24,
-	0x82,0xff,0xcd,0x59,0x32,0x06,0x2e,0x12,0x3b,0x23,
-	0x78,0xed,0x12,0x3d,0xe0,0x8d,0xf9,0x67,0x4f,0x37,
-	0x4e,0x47,0x02,0x4c,0x2d,0xc0,0x4f,0x1f,0xb3,0x94,
-	0xe1,0x41,0x2e,0x2d,0x90,0x10,0xfc,0x82,0x91,0x8b,
-	0x0f,0x22,0xd4,0xf2,0xfc,0x2c,0xab,0x53,0x55,0x02,
-	0x03,0x01,0x00,0x01,0x02,0x81,0x80,0x2b,0xcc,0x3f,
-	0x8f,0x58,0xba,0x8b,0x00,0x16,0xf6,0xea,0x3a,0xf0,
-	0x30,0xd0,0x05,0x17,0xda,0xb0,0xeb,0x9a,0x2d,0x4f,
-	0x26,0xb0,0xd6,0x38,0xc1,0xeb,0xf5,0xd8,0x3d,0x1f,
-	0x70,0xf7,0x7f,0xf4,0xe2,0xcf,0x51,0x51,0x79,0x88,
-	0xfa,0xe8,0x32,0x0e,0x7b,0x2d,0x97,0xf2,0xfa,0xba,
-	0x27,0xc5,0x9c,0xd9,0xc5,0xeb,0x8a,0x79,0x52,0x3c,
-	0x64,0x34,0x7d,0xc2,0xcf,0x28,0xc7,0x4e,0xd5,0x43,
-	0x0b,0xd1,0xa6,0xca,0x6d,0x03,0x2d,0x72,0x23,0xbc,
-	0x6d,0x05,0xfa,0x16,0x09,0x2f,0x2e,0x5c,0xb6,0xee,
-	0x74,0xdd,0xd2,0x48,0x8e,0x36,0x0c,0x06,0x3d,0x4d,
-	0xe5,0x10,0x82,0xeb,0x6a,0xf3,0x4b,0x9f,0xd6,0xed,
-	0x11,0xb1,0x6e,0xec,0xf4,0xfe,0x8e,0x75,0x94,0x20,
-	0x2f,0xcb,0xac,0x46,0xf1,0x02,0x41,0x00,0xf9,0x8c,
-	0xa3,0x85,0xb1,0xdd,0x29,0xaf,0x65,0xc1,0x33,0xf3,
-	0x95,0xc5,0x52,0x68,0x0b,0xd4,0xf1,0xe5,0x0e,0x02,
-	0x9f,0x4f,0xfa,0x77,0xdc,0x46,0x9e,0xc7,0xa6,0xe4,
-	0x16,0x29,0xda,0xb0,0x07,0xcf,0x5b,0xa9,0x12,0x8a,
-	0xdd,0x63,0x0a,0xde,0x2e,0x8c,0x66,0x8b,0x8c,0xdc,
-	0x19,0xa3,0x7e,0xf4,0x3b,0xd0,0x1a,0x8c,0xa4,0xc2,
-	0xe1,0xd3,0x02,0x41,0x00,0xe2,0x4c,0x05,0xf2,0x04,
-	0x86,0x4e,0x61,0x43,0xdb,0xb0,0xb9,0x96,0x86,0x52,
-	0x2c,0xca,0x8d,0x7b,0xab,0x0b,0x13,0x0d,0x7e,0x38,
-	0x5b,0xe2,0x2e,0x7b,0x0e,0xe7,0x19,0x99,0x38,0xe7,
-	0xf2,0x21,0xbd,0x85,0x85,0xe3,0xfd,0x28,0x77,0x20,
-	0x31,0x71,0x2c,0xd0,0xff,0xfb,0x2e,0xaf,0x85,0xb4,
-	0x86,0xca,0xf3,0xbb,0xca,0xaa,0x0f,0x95,0x37,0x02,
-	0x40,0x0e,0x41,0x9a,0x95,0xe8,0xb3,0x59,0xce,0x4b,
-	0x61,0xde,0x35,0xec,0x38,0x79,0x9c,0xb8,0x10,0x52,
-	0x41,0x63,0xab,0x82,0xae,0x6f,0x00,0xa9,0xf4,0xde,
-	0xdd,0x49,0x0b,0x7e,0xb8,0xa5,0x65,0xa9,0x0c,0x8f,
-	0x8f,0xf9,0x1f,0x35,0xc6,0x92,0xb8,0x5e,0xb0,0x66,
-	0xab,0x52,0x40,0xc0,0xb6,0x36,0x6a,0x7d,0x80,0x46,
-	0x04,0x02,0xe5,0x9f,0x41,0x02,0x41,0x00,0xc0,0xad,
-	0xcc,0x4e,0x21,0xee,0x1d,0x24,0x91,0xfb,0xa7,0x80,
-	0x8d,0x9a,0xb6,0xb3,0x2e,0x8f,0xc2,0xe1,0x82,0xdf,
-	0x69,0x18,0xb4,0x71,0xff,0xa6,0x65,0xde,0xed,0x84,
-	0x8d,0x42,0xb7,0xb3,0x21,0x69,0x56,0x1c,0x07,0x60,
-	0x51,0x29,0x04,0xff,0x34,0x06,0xdd,0xb9,0x67,0x2c,
-	0x7c,0x04,0x93,0x0e,0x46,0x15,0xbb,0x2a,0xb7,0x1b,
-	0xe7,0x87,0x02,0x40,0x78,0xda,0x5d,0x07,0x51,0x0c,
-	0x16,0x7a,0x9f,0x29,0x20,0x84,0x0d,0x42,0xfa,0xd7,
-	0x00,0xd8,0x77,0x7e,0xb0,0xb0,0x6b,0xd6,0x5b,0x53,
-	0xb8,0x9b,0x7a,0xcd,0xc7,0x2b,0xb8,0x6a,0x63,0xa9,
-	0xfb,0x6f,0xa4,0x72,0xbf,0x4c,0x5d,0x00,0x14,0xba,
-	0xfa,0x59,0x88,0xed,0xe4,0xe0,0x8c,0xa2,0xec,0x14,
-	0x7e,0x2d,0xe2,0xf0,0x46,0x49,0x95,0x45,
-	};
-
-static unsigned char test2048[]={
-	0x30,0x82,0x04,0xa3,0x02,0x01,0x00,0x02,0x82,0x01,
-	0x01,0x00,0xc0,0xc0,0xce,0x3e,0x3c,0x53,0x67,0x3f,
-	0x4f,0xc5,0x2f,0xa4,0xc2,0x5a,0x2f,0x58,0xfd,0x27,
-	0x52,0x6a,0xe8,0xcf,0x4a,0x73,0x47,0x8d,0x25,0x0f,
-	0x5f,0x03,0x26,0x78,0xef,0xf0,0x22,0x12,0xd3,0xde,
-	0x47,0xb2,0x1c,0x0b,0x38,0x63,0x1a,0x6c,0x85,0x7a,
-	0x80,0xc6,0x8f,0xa0,0x41,0xaf,0x62,0xc4,0x67,0x32,
-	0x88,0xf8,0xa6,0x9c,0xf5,0x23,0x1d,0xe4,0xac,0x3f,
-	0x29,0xf9,0xec,0xe1,0x8b,0x26,0x03,0x2c,0xb2,0xab,
-	0xf3,0x7d,0xb5,0xca,0x49,0xc0,0x8f,0x1c,0xdf,0x33,
-	0x3a,0x60,0xda,0x3c,0xb0,0x16,0xf8,0xa9,0x12,0x8f,
-	0x64,0xac,0x23,0x0c,0x69,0x64,0x97,0x5d,0x99,0xd4,
-	0x09,0x83,0x9b,0x61,0xd3,0xac,0xf0,0xde,0xdd,0x5e,
-	0x9f,0x44,0x94,0xdb,0x3a,0x4d,0x97,0xe8,0x52,0x29,
-	0xf7,0xdb,0x94,0x07,0x45,0x90,0x78,0x1e,0x31,0x0b,
-	0x80,0xf7,0x57,0xad,0x1c,0x79,0xc5,0xcb,0x32,0xb0,
-	0xce,0xcd,0x74,0xb3,0xe2,0x94,0xc5,0x78,0x2f,0x34,
-	0x1a,0x45,0xf7,0x8c,0x52,0xa5,0xbc,0x8d,0xec,0xd1,
-	0x2f,0x31,0x3b,0xf0,0x49,0x59,0x5e,0x88,0x9d,0x15,
-	0x92,0x35,0x32,0xc1,0xe7,0x61,0xec,0x50,0x48,0x7c,
-	0xba,0x05,0xf9,0xf8,0xf8,0xa7,0x8c,0x83,0xe8,0x66,
-	0x5b,0xeb,0xfe,0xd8,0x4f,0xdd,0x6d,0x36,0xc0,0xb2,
-	0x90,0x0f,0xb8,0x52,0xf9,0x04,0x9b,0x40,0x2c,0x27,
-	0xd6,0x36,0x8e,0xc2,0x1b,0x44,0xf3,0x92,0xd5,0x15,
-	0x9e,0x9a,0xbc,0xf3,0x7d,0x03,0xd7,0x02,0x14,0x20,
-	0xe9,0x10,0x92,0xfd,0xf9,0xfc,0x8f,0xe5,0x18,0xe1,
-	0x95,0xcc,0x9e,0x60,0xa6,0xfa,0x38,0x4d,0x02,0x03,
-	0x01,0x00,0x01,0x02,0x82,0x01,0x00,0x00,0xc3,0xc3,
-	0x0d,0xb4,0x27,0x90,0x8d,0x4b,0xbf,0xb8,0x84,0xaa,
-	0xd0,0xb8,0xc7,0x5d,0x99,0xbe,0x55,0xf6,0x3e,0x7c,
-	0x49,0x20,0xcb,0x8a,0x8e,0x19,0x0e,0x66,0x24,0xac,
-	0xaf,0x03,0x33,0x97,0xeb,0x95,0xd5,0x3b,0x0f,0x40,
-	0x56,0x04,0x50,0xd1,0xe6,0xbe,0x84,0x0b,0x25,0xd3,
-	0x9c,0xe2,0x83,0x6c,0xf5,0x62,0x5d,0xba,0x2b,0x7d,
-	0x3d,0x7a,0x6c,0xe1,0xd2,0x0e,0x54,0x93,0x80,0x01,
-	0x91,0x51,0x09,0xe8,0x5b,0x8e,0x47,0xbd,0x64,0xe4,
-	0x0e,0x03,0x83,0x55,0xcf,0x5a,0x37,0xf0,0x25,0xb5,
-	0x7d,0x21,0xd7,0x69,0xdf,0x6f,0xc2,0xcf,0x10,0xc9,
-	0x8a,0x40,0x9f,0x7a,0x70,0xc0,0xe8,0xe8,0xc0,0xe6,
-	0x9a,0x15,0x0a,0x8d,0x4e,0x46,0xcb,0x7a,0xdb,0xb3,
-	0xcb,0x83,0x02,0xc4,0xf0,0xab,0xeb,0x02,0x01,0x0e,
-	0x23,0xfc,0x1d,0xc4,0xbd,0xd4,0xaa,0x5d,0x31,0x46,
-	0x99,0xce,0x9e,0xf8,0x04,0x75,0x10,0x67,0xc4,0x53,
-	0x47,0x44,0xfa,0xc2,0x25,0x73,0x7e,0xd0,0x8e,0x59,
-	0xd1,0xb2,0x5a,0xf4,0xc7,0x18,0x92,0x2f,0x39,0xab,
-	0xcd,0xa3,0xb5,0xc2,0xb9,0xc7,0xb9,0x1b,0x9f,0x48,
-	0xfa,0x13,0xc6,0x98,0x4d,0xca,0x84,0x9c,0x06,0xca,
-	0xe7,0x89,0x01,0x04,0xc4,0x6c,0xfd,0x29,0x59,0x35,
-	0xe7,0xf3,0xdd,0xce,0x64,0x59,0xbf,0x21,0x13,0xa9,
-	0x9f,0x0e,0xc5,0xff,0xbd,0x33,0x00,0xec,0xac,0x6b,
-	0x11,0xef,0x51,0x5e,0xad,0x07,0x15,0xde,0xb8,0x5f,
-	0xc6,0xb9,0xa3,0x22,0x65,0x46,0x83,0x14,0xdf,0xd0,
-	0xf1,0x44,0x8a,0xe1,0x9c,0x23,0x33,0xb4,0x97,0x33,
-	0xe6,0x6b,0x81,0x02,0x81,0x81,0x00,0xec,0x12,0xa7,
-	0x59,0x74,0x6a,0xde,0x3e,0xad,0xd8,0x36,0x80,0x50,
-	0xa2,0xd5,0x21,0x81,0x07,0xf1,0xd0,0x91,0xf2,0x6c,
-	0x12,0x2f,0x9d,0x1a,0x26,0xf8,0x30,0x65,0xdf,0xe8,
-	0xc0,0x9b,0x6a,0x30,0x98,0x82,0x87,0xec,0xa2,0x56,
-	0x87,0x62,0x6f,0xe7,0x9f,0xf6,0x56,0xe6,0x71,0x8f,
-	0x49,0x86,0x93,0x5a,0x4d,0x34,0x58,0xfe,0xd9,0x04,
-	0x13,0xaf,0x79,0xb7,0xad,0x11,0xd1,0x30,0x9a,0x14,
-	0x06,0xa0,0xfa,0xb7,0x55,0xdc,0x6c,0x5a,0x4c,0x2c,
-	0x59,0x56,0xf6,0xe8,0x9d,0xaf,0x0a,0x78,0x99,0x06,
-	0x06,0x9e,0xe7,0x9c,0x51,0x55,0x43,0xfc,0x3b,0x6c,
-	0x0b,0xbf,0x2d,0x41,0xa7,0xaf,0xb7,0xe0,0xe8,0x28,
-	0x18,0xb4,0x13,0xd1,0xe6,0x97,0xd0,0x9f,0x6a,0x80,
-	0xca,0xdd,0x1a,0x7e,0x15,0x02,0x81,0x81,0x00,0xd1,
-	0x06,0x0c,0x1f,0xe3,0xd0,0xab,0xd6,0xca,0x7c,0xbc,
-	0x7d,0x13,0x35,0xce,0x27,0xcd,0xd8,0x49,0x51,0x63,
-	0x64,0x0f,0xca,0x06,0x12,0xfc,0x07,0x3e,0xaf,0x61,
-	0x6d,0xe2,0x53,0x39,0x27,0xae,0xc3,0x11,0x9e,0x94,
-	0x01,0x4f,0xe3,0xf3,0x67,0xf9,0x77,0xf9,0xe7,0x95,
-	0x3a,0x6f,0xe2,0x20,0x73,0x3e,0xa4,0x7a,0x28,0xd4,
-	0x61,0x97,0xf6,0x17,0xa0,0x23,0x10,0x2b,0xce,0x84,
-	0x57,0x7e,0x25,0x1f,0xf4,0xa8,0x54,0xd2,0x65,0x94,
-	0xcc,0x95,0x0a,0xab,0x30,0xc1,0x59,0x1f,0x61,0x8e,
-	0xb9,0x6b,0xd7,0x4e,0xb9,0x83,0x43,0x79,0x85,0x11,
-	0xbc,0x0f,0xae,0x25,0x20,0x05,0xbc,0xd2,0x48,0xa1,
-	0x68,0x09,0x84,0xf6,0x12,0x9a,0x66,0xb9,0x2b,0xbb,
-	0x76,0x03,0x17,0x46,0x4e,0x97,0x59,0x02,0x81,0x80,
-	0x09,0x4c,0xfa,0xd6,0xe5,0x65,0x48,0x78,0x43,0xb5,
-	0x1f,0x00,0x93,0x2c,0xb7,0x24,0xe8,0xc6,0x7d,0x5a,
-	0x70,0x45,0x92,0xc8,0x6c,0xa3,0xcd,0xe1,0xf7,0x29,
-	0x40,0xfa,0x3f,0x5b,0x47,0x44,0x39,0xc1,0xe8,0x72,
-	0x9e,0x7a,0x0e,0xda,0xaa,0xa0,0x2a,0x09,0xfd,0x54,
-	0x93,0x23,0xaa,0x37,0x85,0x5b,0xcc,0xd4,0xf9,0xd8,
-	0xff,0xc1,0x61,0x0d,0xbd,0x7e,0x18,0x24,0x73,0x6d,
-	0x40,0x72,0xf1,0x93,0x09,0x48,0x97,0x6c,0x84,0x90,
-	0xa8,0x46,0x14,0x01,0x39,0x11,0xe5,0x3c,0x41,0x27,
-	0x32,0x75,0x24,0xed,0xa1,0xd9,0x12,0x29,0x8a,0x28,
-	0x71,0x89,0x8d,0xca,0x30,0xb0,0x01,0xc4,0x2f,0x82,
-	0x19,0x14,0x4c,0x70,0x1c,0xb8,0x23,0x2e,0xe8,0x90,
-	0x49,0x97,0x92,0x97,0x6b,0x7a,0x9d,0xb9,0x02,0x81,
-	0x80,0x0f,0x0e,0xa1,0x76,0xf6,0xa1,0x44,0x8f,0xaf,
-	0x7c,0x76,0xd3,0x87,0xbb,0xbb,0x83,0x10,0x88,0x01,
-	0x18,0x14,0xd1,0xd3,0x75,0x59,0x24,0xaa,0xf5,0x16,
-	0xa5,0xe9,0x9d,0xd1,0xcc,0xee,0xf4,0x15,0xd9,0xc5,
-	0x7e,0x27,0xe9,0x44,0x49,0x06,0x72,0xb9,0xfc,0xd3,
-	0x8a,0xc4,0x2c,0x36,0x7d,0x12,0x9b,0x5a,0xaa,0xdc,
-	0x85,0xee,0x6e,0xad,0x54,0xb3,0xf4,0xfc,0x31,0xa1,
-	0x06,0x3a,0x70,0x57,0x0c,0xf3,0x95,0x5b,0x3e,0xe8,
-	0xfd,0x1a,0x4f,0xf6,0x78,0x93,0x46,0x6a,0xd7,0x31,
-	0xb4,0x84,0x64,0x85,0x09,0x38,0x89,0x92,0x94,0x1c,
-	0xbf,0xe2,0x3c,0x2a,0xe0,0xff,0x99,0xa3,0xf0,0x2b,
-	0x31,0xc2,0x36,0xcd,0x60,0xbf,0x9d,0x2d,0x74,0x32,
-	0xe8,0x9c,0x93,0x6e,0xbb,0x91,0x7b,0xfd,0xd9,0x02,
-	0x81,0x81,0x00,0xa2,0x71,0x25,0x38,0xeb,0x2a,0xe9,
-	0x37,0xcd,0xfe,0x44,0xce,0x90,0x3f,0x52,0x87,0x84,
-	0x52,0x1b,0xae,0x8d,0x22,0x94,0xce,0x38,0xe6,0x04,
-	0x88,0x76,0x85,0x9a,0xd3,0x14,0x09,0xe5,0x69,0x9a,
-	0xff,0x58,0x92,0x02,0x6a,0x7d,0x7c,0x1e,0x2c,0xfd,
-	0xa8,0xca,0x32,0x14,0x4f,0x0d,0x84,0x0d,0x37,0x43,
-	0xbf,0xe4,0x5d,0x12,0xc8,0x24,0x91,0x27,0x8d,0x46,
-	0xd9,0x54,0x53,0xe7,0x62,0x71,0xa8,0x2b,0x71,0x41,
-	0x8d,0x75,0xf8,0x3a,0xa0,0x61,0x29,0x46,0xa6,0xe5,
-	0x82,0xfa,0x3a,0xd9,0x08,0xfa,0xfc,0x63,0xfd,0x6b,
-	0x30,0xbc,0xf4,0x4e,0x9e,0x8c,0x25,0x0c,0xb6,0x55,
-	0xe7,0x3c,0xd4,0x4e,0x0b,0xfd,0x8b,0xc3,0x0e,0x1d,
-	0x9c,0x44,0x57,0x8f,0x1f,0x86,0xf7,0xd5,0x1b,0xe4,
-	0x95,
-	};
-
-static unsigned char test4096[]={
-	0x30,0x82,0x09,0x29,0x02,0x01,0x00,0x02,0x82,0x02,
-	0x01,0x00,0xc0,0x71,0xac,0x1a,0x13,0x88,0x82,0x43,
-	0x3b,0x51,0x57,0x71,0x8d,0xb6,0x2b,0x82,0x65,0x21,
-	0x53,0x5f,0x28,0x29,0x4f,0x8d,0x7c,0x8a,0xb9,0x44,
-	0xb3,0x28,0x41,0x4f,0xd3,0xfa,0x6a,0xf8,0xb9,0x28,
-	0x50,0x39,0x67,0x53,0x2c,0x3c,0xd7,0xcb,0x96,0x41,
-	0x40,0x32,0xbb,0xeb,0x70,0xae,0x1f,0xb0,0x65,0xf7,
-	0x3a,0xd9,0x22,0xfd,0x10,0xae,0xbd,0x02,0xe2,0xdd,
-	0xf3,0xc2,0x79,0x3c,0xc6,0xfc,0x75,0xbb,0xaf,0x4e,
-	0x3a,0x36,0xc2,0x4f,0xea,0x25,0xdf,0x13,0x16,0x4b,
-	0x20,0xfe,0x4b,0x69,0x16,0xc4,0x7f,0x1a,0x43,0xa6,
-	0x17,0x1b,0xb9,0x0a,0xf3,0x09,0x86,0x28,0x89,0xcf,
-	0x2c,0xd0,0xd4,0x81,0xaf,0xc6,0x6d,0xe6,0x21,0x8d,
-	0xee,0xef,0xea,0xdc,0xb7,0xc6,0x3b,0x63,0x9f,0x0e,
-	0xad,0x89,0x78,0x23,0x18,0xbf,0x70,0x7e,0x84,0xe0,
-	0x37,0xec,0xdb,0x8e,0x9c,0x3e,0x6a,0x19,0xcc,0x99,
-	0x72,0xe6,0xb5,0x7d,0x6d,0xfa,0xe5,0xd3,0xe4,0x90,
-	0xb5,0xb2,0xb2,0x12,0x70,0x4e,0xca,0xf8,0x10,0xf8,
-	0xa3,0x14,0xc2,0x48,0x19,0xeb,0x60,0x99,0xbb,0x2a,
-	0x1f,0xb1,0x7a,0xb1,0x3d,0x24,0xfb,0xa0,0x29,0xda,
-	0xbd,0x1b,0xd7,0xa4,0xbf,0xef,0x60,0x2d,0x22,0xca,
-	0x65,0x98,0xf1,0xc4,0xe1,0xc9,0x02,0x6b,0x16,0x28,
-	0x2f,0xa1,0xaa,0x79,0x00,0xda,0xdc,0x7c,0x43,0xf7,
-	0x42,0x3c,0xa0,0xef,0x68,0xf7,0xdf,0xb9,0x69,0xfb,
-	0x8e,0x01,0xed,0x01,0x42,0xb5,0x4e,0x57,0xa6,0x26,
-	0xb8,0xd0,0x7b,0x56,0x6d,0x03,0xc6,0x40,0x8c,0x8c,
-	0x2a,0x55,0xd7,0x9c,0x35,0x00,0x94,0x93,0xec,0x03,
-	0xeb,0x22,0xef,0x77,0xbb,0x79,0x13,0x3f,0x15,0xa1,
-	0x8f,0xca,0xdf,0xfd,0xd3,0xb8,0xe1,0xd4,0xcc,0x09,
-	0x3f,0x3c,0x2c,0xdb,0xd1,0x49,0x7f,0x38,0x07,0x83,
-	0x6d,0xeb,0x08,0x66,0xe9,0x06,0x44,0x12,0xac,0x95,
-	0x22,0x90,0x23,0x67,0xd4,0x08,0xcc,0xf4,0xb7,0xdc,
-	0xcc,0x87,0xd4,0xac,0x69,0x35,0x4c,0xb5,0x39,0x36,
-	0xcd,0xa4,0xd2,0x95,0xca,0x0d,0xc5,0xda,0xc2,0xc5,
-	0x22,0x32,0x28,0x08,0xe3,0xd2,0x8b,0x38,0x30,0xdc,
-	0x8c,0x75,0x4f,0x6a,0xec,0x7a,0xac,0x16,0x3e,0xa8,
-	0xd4,0x6a,0x45,0xe1,0xa8,0x4f,0x2e,0x80,0x34,0xaa,
-	0x54,0x1b,0x02,0x95,0x7d,0x8a,0x6d,0xcc,0x79,0xca,
-	0xf2,0xa4,0x2e,0x8d,0xfb,0xfe,0x15,0x51,0x10,0x0e,
-	0x4d,0x88,0xb1,0xc7,0xf4,0x79,0xdb,0xf0,0xb4,0x56,
-	0x44,0x37,0xca,0x5a,0xc1,0x8c,0x48,0xac,0xae,0x48,
-	0x80,0x83,0x01,0x3f,0xde,0xd9,0xd3,0x2c,0x51,0x46,
-	0xb1,0x41,0xb6,0xc6,0x91,0x72,0xf9,0x83,0x55,0x1b,
-	0x8c,0xba,0xf3,0x73,0xe5,0x2c,0x74,0x50,0x3a,0xbe,
-	0xc5,0x2f,0xa7,0xb2,0x6d,0x8c,0x9e,0x13,0x77,0xa3,
-	0x13,0xcd,0x6d,0x8c,0x45,0xe1,0xfc,0x0b,0xb7,0x69,
-	0xe9,0x27,0xbc,0x65,0xc3,0xfa,0x9b,0xd0,0xef,0xfe,
-	0xe8,0x1f,0xb3,0x5e,0x34,0xf4,0x8c,0xea,0xfc,0xd3,
-	0x81,0xbf,0x3d,0x30,0xb2,0xb4,0x01,0xe8,0x43,0x0f,
-	0xba,0x02,0x23,0x42,0x76,0x82,0x31,0x73,0x91,0xed,
-	0x07,0x46,0x61,0x0d,0x39,0x83,0x40,0xce,0x7a,0xd4,
-	0xdb,0x80,0x2c,0x1f,0x0d,0xd1,0x34,0xd4,0x92,0xe3,
-	0xd4,0xf1,0xc2,0x01,0x02,0x03,0x01,0x00,0x01,0x02,
-	0x82,0x02,0x01,0x00,0x97,0x6c,0xda,0x6e,0xea,0x4f,
-	0xcf,0xaf,0xf7,0x4c,0xd9,0xf1,0x90,0x00,0x77,0xdb,
-	0xf2,0x97,0x76,0x72,0xb9,0xb7,0x47,0xd1,0x9c,0xdd,
-	0xcb,0x4a,0x33,0x6e,0xc9,0x75,0x76,0xe6,0xe4,0xa5,
-	0x31,0x8c,0x77,0x13,0xb4,0x29,0xcd,0xf5,0x52,0x17,
-	0xef,0xf3,0x08,0x00,0xe3,0xbd,0x2e,0xbc,0xd4,0x52,
-	0x88,0xe9,0x30,0x75,0x0b,0x02,0xf5,0xcd,0x89,0x0c,
-	0x6c,0x57,0x19,0x27,0x3d,0x1e,0x85,0xb4,0xc1,0x2f,
-	0x1d,0x92,0x00,0x5c,0x76,0x29,0x4b,0xa4,0xe1,0x12,
-	0xb3,0xc8,0x09,0xfe,0x0e,0x78,0x72,0x61,0xcb,0x61,
-	0x6f,0x39,0x91,0x95,0x4e,0xd5,0x3e,0xc7,0x8f,0xb8,
-	0xf6,0x36,0xfe,0x9c,0x93,0x9a,0x38,0x25,0x7a,0xf4,
-	0x4a,0x12,0xd4,0xa0,0x13,0xbd,0xf9,0x1d,0x12,0x3e,
-	0x21,0x39,0xfb,0x72,0xe0,0x05,0x3d,0xc3,0xe5,0x50,
-	0xa8,0x5d,0x85,0xa3,0xea,0x5f,0x1c,0xb2,0x3f,0xea,
-	0x6d,0x03,0x91,0x55,0xd8,0x19,0x0a,0x21,0x12,0x16,
-	0xd9,0x12,0xc4,0xe6,0x07,0x18,0x5b,0x26,0xa4,0xae,
-	0xed,0x2b,0xb7,0xa6,0xed,0xf8,0xad,0xec,0x77,0xe6,
-	0x7f,0x4f,0x76,0x00,0xc0,0xfa,0x15,0x92,0xb4,0x2c,
-	0x22,0xc2,0xeb,0x6a,0xad,0x14,0x05,0xb2,0xe5,0x8a,
-	0x9e,0x85,0x83,0xcc,0x04,0xf1,0x56,0x78,0x44,0x5e,
-	0xde,0xe0,0x60,0x1a,0x65,0x79,0x31,0x23,0x05,0xbb,
-	0x01,0xff,0xdd,0x2e,0xb7,0xb3,0xaa,0x74,0xe0,0xa5,
-	0x94,0xaf,0x4b,0xde,0x58,0x0f,0x55,0xde,0x33,0xf6,
-	0xe3,0xd6,0x34,0x36,0x57,0xd6,0x79,0x91,0x2e,0xbe,
-	0x3b,0xd9,0x4e,0xb6,0x9d,0x21,0x5c,0xd3,0x48,0x14,
-	0x7f,0x4a,0xc4,0x60,0xa9,0x29,0xf8,0x53,0x7f,0x88,
-	0x11,0x2d,0xb5,0xc5,0x2d,0x6f,0xee,0x85,0x0b,0xf7,
-	0x8d,0x9a,0xbe,0xb0,0x42,0xf2,0x2e,0x71,0xaf,0x19,
-	0x31,0x6d,0xec,0xcd,0x6f,0x2b,0x23,0xdf,0xb4,0x40,
-	0xaf,0x2c,0x0a,0xc3,0x1b,0x7d,0x7d,0x03,0x1d,0x4b,
-	0xf3,0xb5,0xe0,0x85,0xd8,0xdf,0x91,0x6b,0x0a,0x69,
-	0xf7,0xf2,0x69,0x66,0x5b,0xf1,0xcf,0x46,0x7d,0xe9,
-	0x70,0xfa,0x6d,0x7e,0x75,0x4e,0xa9,0x77,0xe6,0x8c,
-	0x02,0xf7,0x14,0x4d,0xa5,0x41,0x8f,0x3f,0xc1,0x62,
-	0x1e,0x71,0x5e,0x38,0xb4,0xd6,0xe6,0xe1,0x4b,0xc2,
-	0x2c,0x30,0x83,0x81,0x6f,0x49,0x2e,0x96,0xe6,0xc9,
-	0x9a,0xf7,0x5d,0x09,0xa0,0x55,0x02,0xa5,0x3a,0x25,
-	0x23,0xd0,0x92,0xc3,0xa3,0xe3,0x0e,0x12,0x2f,0x4d,
-	0xef,0xf3,0x55,0x5a,0xbe,0xe6,0x19,0x86,0x31,0xab,
-	0x75,0x9a,0xd3,0xf0,0x2c,0xc5,0x41,0x92,0xd9,0x1f,
-	0x5f,0x11,0x8c,0x75,0x1c,0x63,0xd0,0x02,0x80,0x2c,
-	0x68,0xcb,0x93,0xfb,0x51,0x73,0x49,0xb4,0x60,0xda,
-	0xe2,0x26,0xaf,0xa9,0x46,0x12,0xb8,0xec,0x50,0xdd,
-	0x12,0x06,0x5f,0xce,0x59,0xe6,0xf6,0x1c,0xe0,0x54,
-	0x10,0xad,0xf6,0xcd,0x98,0xcc,0x0f,0xfb,0xcb,0x41,
-	0x14,0x9d,0xed,0xe4,0xb4,0x74,0x5f,0x09,0x60,0xc7,
-	0x12,0xf6,0x7b,0x3c,0x8f,0xa7,0x20,0xbc,0xe4,0xb1,
-	0xef,0xeb,0xa4,0x93,0xc5,0x06,0xca,0x9a,0x27,0x9d,
-	0x87,0xf3,0xde,0xca,0xe5,0xe7,0xf6,0x1c,0x01,0x65,
-	0x5b,0xfb,0x19,0x79,0x6e,0x08,0x26,0xc5,0xc8,0x28,
-	0x0e,0xb6,0x3b,0x07,0x08,0xc1,0x02,0x82,0x01,0x01,
-	0x00,0xe8,0x1c,0x73,0xa6,0xb8,0xe0,0x0e,0x6d,0x8d,
-	0x1b,0xb9,0x53,0xed,0x58,0x94,0xe6,0x1d,0x60,0x14,
-	0x5c,0x76,0x43,0xc4,0x58,0x19,0xc4,0x24,0xe8,0xbc,
-	0x1b,0x3b,0x0b,0x13,0x24,0x45,0x54,0x0e,0xcc,0x37,
-	0xf0,0xe0,0x63,0x7d,0xc3,0xf7,0xfb,0x81,0x74,0x81,
-	0xc4,0x0f,0x1a,0x21,0x48,0xaf,0xce,0xc1,0xc4,0x94,
-	0x18,0x06,0x44,0x8d,0xd3,0xd2,0x22,0x2d,0x2d,0x3e,
-	0x5a,0x31,0xdc,0x95,0x8e,0xf4,0x41,0xfc,0x58,0xc9,
-	0x40,0x92,0x17,0x5f,0xe3,0xda,0xac,0x9e,0x3f,0x1c,
-	0x2a,0x6b,0x58,0x5f,0x48,0x78,0x20,0xb1,0xaf,0x24,
-	0x9b,0x3c,0x20,0x8b,0x93,0x25,0x9e,0xe6,0x6b,0xbc,
-	0x13,0x42,0x14,0x6c,0x36,0x31,0xff,0x7a,0xd1,0xc1,
-	0x1a,0x26,0x14,0x7f,0xa9,0x76,0xa7,0x0c,0xf8,0xcc,
-	0xed,0x07,0x6a,0xd2,0xdf,0x62,0xee,0x0a,0x7c,0x84,
-	0xcb,0x49,0x90,0xb2,0x03,0x0d,0xa2,0x82,0x06,0x77,
-	0xf1,0xcd,0x67,0xf2,0x47,0x21,0x02,0x3f,0x43,0x21,
-	0xf0,0x46,0x30,0x62,0x51,0x72,0xb1,0xe7,0x48,0xc6,
-	0x67,0x12,0xcd,0x9e,0xd6,0x15,0xe5,0x21,0xed,0xfa,
-	0x8f,0x30,0xa6,0x41,0xfe,0xb6,0xfa,0x8f,0x34,0x14,
-	0x19,0xe8,0x11,0xf7,0xa5,0x77,0x3e,0xb7,0xf9,0x39,
-	0x07,0x8c,0x67,0x2a,0xab,0x7b,0x08,0xf8,0xb0,0x06,
-	0xa8,0xea,0x2f,0x8f,0xfa,0xcc,0xcc,0x40,0xce,0xf3,
-	0x70,0x4f,0x3f,0x7f,0xe2,0x0c,0xea,0x76,0x4a,0x35,
-	0x4e,0x47,0xad,0x2b,0xa7,0x97,0x5d,0x74,0x43,0x97,
-	0x90,0xd2,0xfb,0xd9,0xf9,0x96,0x01,0x33,0x05,0xed,
-	0x7b,0x03,0x05,0xad,0xf8,0x49,0x03,0x02,0x82,0x01,
-	0x01,0x00,0xd4,0x40,0x17,0x66,0x10,0x92,0x95,0xc8,
-	0xec,0x62,0xa9,0x7a,0xcb,0x93,0x8e,0xe6,0x53,0xd4,
-	0x80,0x48,0x27,0x4b,0x41,0xce,0x61,0xdf,0xbf,0x94,
-	0xa4,0x3d,0x71,0x03,0x0b,0xed,0x25,0x71,0x98,0xa4,
-	0xd6,0xd5,0x4a,0x57,0xf5,0x6c,0x1b,0xda,0x21,0x7d,
-	0x35,0x45,0xb3,0xf3,0x6a,0xd9,0xd3,0x43,0xe8,0x5c,
-	0x54,0x1c,0x83,0x1b,0xb4,0x5f,0xf2,0x97,0x24,0x2e,
-	0xdc,0x40,0xde,0x92,0x23,0x59,0x8e,0xbc,0xd2,0xa1,
-	0xf2,0xe0,0x4c,0xdd,0x0b,0xd1,0xe7,0xae,0x65,0xbc,
-	0xb5,0xf5,0x5b,0x98,0xe9,0xd7,0xc2,0xb7,0x0e,0x55,
-	0x71,0x0e,0x3c,0x0a,0x24,0x6b,0xa6,0xe6,0x14,0x61,
-	0x11,0xfd,0x33,0x42,0x99,0x2b,0x84,0x77,0x74,0x92,
-	0x91,0xf5,0x79,0x79,0xcf,0xad,0x8e,0x04,0xef,0x80,
-	0x1e,0x57,0xf4,0x14,0xf5,0x35,0x09,0x74,0xb2,0x13,
-	0x71,0x58,0x6b,0xea,0x32,0x5d,0xf3,0xd3,0x76,0x48,
-	0x39,0x10,0x23,0x84,0x9d,0xbe,0x92,0x77,0x4a,0xed,
-	0x70,0x3e,0x1a,0xa2,0x6c,0xb3,0x81,0x00,0xc3,0xc9,
-	0xe4,0x52,0xc8,0x24,0x88,0x0c,0x41,0xad,0x87,0x5a,
-	0xea,0xa3,0x7a,0x85,0x1c,0x5e,0x31,0x7f,0xc3,0x35,
-	0xc6,0xfa,0x10,0xc8,0x75,0x10,0xc4,0x96,0x99,0xe7,
-	0xfe,0x01,0xb4,0x74,0xdb,0xb4,0x11,0xc3,0xc8,0x8c,
-	0xf6,0xf7,0x3b,0x66,0x50,0xfc,0xdb,0xeb,0xca,0x47,
-	0x85,0x89,0xe1,0x65,0xd9,0x62,0x34,0x3c,0x70,0xd8,
-	0x2e,0xb4,0x2f,0x65,0x3c,0x4a,0xa6,0x2a,0xe7,0xc7,
-	0xd8,0x41,0x8f,0x8a,0x43,0xbf,0x42,0xf2,0x4d,0xbc,
-	0xfc,0x9e,0x27,0x95,0xfb,0x75,0xff,0xab,0x02,0x82,
-	0x01,0x00,0x41,0x2f,0x44,0x57,0x6d,0x12,0x17,0x5b,
-	0x32,0xc6,0xb7,0x6c,0x57,0x7a,0x8a,0x0e,0x79,0xef,
-	0x72,0xa8,0x68,0xda,0x2d,0x38,0xe4,0xbb,0x8d,0xf6,
-	0x02,0x65,0xcf,0x56,0x13,0xe1,0x1a,0xcb,0x39,0x80,
-	0xa6,0xb1,0x32,0x03,0x1e,0xdd,0xbb,0x35,0xd9,0xac,
-	0x43,0x89,0x31,0x08,0x90,0x92,0x5e,0x35,0x3d,0x7b,
-	0x9c,0x6f,0x86,0xcb,0x17,0xdd,0x85,0xe4,0xed,0x35,
-	0x08,0x8e,0xc1,0xf4,0x05,0xd8,0x68,0xc6,0x63,0x3c,
-	0xf7,0xff,0xf7,0x47,0x33,0x39,0xc5,0x3e,0xb7,0x0e,
-	0x58,0x35,0x9d,0x81,0xea,0xf8,0x6a,0x2c,0x1c,0x5a,
-	0x68,0x78,0x64,0x11,0x6b,0xc1,0x3e,0x4e,0x7a,0xbd,
-	0x84,0xcb,0x0f,0xc2,0xb6,0x85,0x1d,0xd3,0x76,0xc5,
-	0x93,0x6a,0x69,0x89,0x56,0x34,0xdc,0x4a,0x9b,0xbc,
-	0xff,0xa8,0x0d,0x6e,0x35,0x9c,0x60,0xa7,0x23,0x30,
-	0xc7,0x06,0x64,0x39,0x8b,0x94,0x89,0xee,0xba,0x7f,
-	0x60,0x8d,0xfa,0xb6,0x97,0x76,0xdc,0x51,0x4a,0x3c,
-	0xeb,0x3a,0x14,0x2c,0x20,0x60,0x69,0x4a,0x86,0xfe,
-	0x8c,0x21,0x84,0x49,0x54,0xb3,0x20,0xe1,0x01,0x7f,
-	0x58,0xdf,0x7f,0xb5,0x21,0x51,0x8c,0x47,0x9f,0x91,
-	0xeb,0x97,0x3e,0xf2,0x54,0xcf,0x16,0x46,0xf9,0xd9,
-	0xb6,0xe7,0x64,0xc9,0xd0,0x54,0xea,0x2f,0xa1,0xcf,
-	0xa5,0x7f,0x28,0x8d,0x84,0xec,0xd5,0x39,0x03,0x76,
-	0x5b,0x2d,0x8e,0x43,0xf2,0x01,0x24,0xc9,0x6f,0xc0,
-	0xf5,0x69,0x6f,0x7d,0xb5,0x85,0xd2,0x5f,0x7f,0x78,
-	0x40,0x07,0x7f,0x09,0x15,0xb5,0x1f,0x28,0x65,0x10,
-	0xe4,0x19,0xa8,0xc6,0x9e,0x8d,0xdc,0xcb,0x02,0x82,
-	0x01,0x00,0x13,0x01,0xee,0x56,0x80,0x93,0x70,0x00,
-	0x7f,0x52,0xd2,0x94,0xa1,0x98,0x84,0x4a,0x92,0x25,
-	0x4c,0x9b,0xa9,0x91,0x2e,0xc2,0x79,0xb7,0x5c,0xe3,
-	0xc5,0xd5,0x8e,0xc2,0x54,0x16,0x17,0xad,0x55,0x9b,
-	0x25,0x76,0x12,0x63,0x50,0x22,0x2f,0x58,0x58,0x79,
-	0x6b,0x04,0xe3,0xf9,0x9f,0x8f,0x04,0x41,0x67,0x94,
-	0xa5,0x1f,0xac,0x8a,0x15,0x9c,0x26,0x10,0x6c,0xf8,
-	0x19,0x57,0x61,0xd7,0x3a,0x7d,0x31,0xb0,0x2d,0x38,
-	0xbd,0x94,0x62,0xad,0xc4,0xfa,0x36,0x42,0x42,0xf0,
-	0x24,0x67,0x65,0x9d,0x8b,0x0b,0x7c,0x6f,0x82,0x44,
-	0x1a,0x8c,0xc8,0xc9,0xab,0xbb,0x4c,0x45,0xfc,0x7b,
-	0x38,0xee,0x30,0xe1,0xfc,0xef,0x8d,0xbc,0x58,0xdf,
-	0x2b,0x5d,0x0d,0x54,0xe0,0x49,0x4d,0x97,0x99,0x8f,
-	0x22,0xa8,0x83,0xbe,0x40,0xbb,0x50,0x2e,0x78,0x28,
-	0x0f,0x95,0x78,0x8c,0x8f,0x98,0x24,0x56,0xc2,0x97,
-	0xf3,0x2c,0x43,0xd2,0x03,0x82,0x66,0x81,0x72,0x5f,
-	0x53,0x16,0xec,0xb1,0xb1,0x04,0x5e,0x40,0x20,0x48,
-	0x7b,0x3f,0x02,0x97,0x6a,0xeb,0x96,0x12,0x21,0x35,
-	0xfe,0x1f,0x47,0xc0,0x95,0xea,0xc5,0x8a,0x08,0x84,
-	0x4f,0x5e,0x63,0x94,0x60,0x0f,0x71,0x5b,0x7f,0x4a,
-	0xec,0x4f,0x60,0xc6,0xba,0x4a,0x24,0xf1,0x20,0x8b,
-	0xa7,0x2e,0x3a,0xce,0x8d,0xe0,0x27,0x1d,0xb5,0x8e,
-	0xb4,0x21,0xc5,0xe2,0xa6,0x16,0x0a,0x51,0x83,0x55,
-	0x88,0xd1,0x30,0x11,0x63,0xd5,0xd7,0x8d,0xae,0x16,
-	0x12,0x82,0xc4,0x85,0x00,0x4e,0x27,0x83,0xa5,0x7c,
-	0x90,0x2e,0xe5,0xa2,0xa3,0xd3,0x4c,0x63,0x02,0x82,
-	0x01,0x01,0x00,0x86,0x08,0x98,0x98,0xa5,0x00,0x05,
-	0x39,0x77,0xd9,0x66,0xb3,0xcf,0xca,0xa0,0x71,0xb3,
-	0x50,0xce,0x3d,0xb1,0x93,0x95,0x35,0xc4,0xd4,0x2e,
-	0x90,0xdf,0x0f,0xfc,0x60,0xc1,0x94,0x68,0x61,0x43,
-	0xca,0x9a,0x23,0x4a,0x1e,0x45,0x72,0x99,0xb5,0x1e,
-	0x61,0x8d,0x77,0x0f,0xa0,0xbb,0xd7,0x77,0xb4,0x2a,
-	0x15,0x11,0x88,0x2d,0xb3,0x56,0x61,0x5e,0x6a,0xed,
-	0xa4,0x46,0x4a,0x3f,0x50,0x11,0xd6,0xba,0xb6,0xd7,
-	0x95,0x65,0x53,0xc3,0xa1,0x8f,0xe0,0xa3,0xf5,0x1c,
-	0xfd,0xaf,0x6e,0x43,0xd7,0x17,0xa7,0xd3,0x81,0x1b,
-	0xa4,0xdf,0xe0,0x97,0x8a,0x46,0x03,0xd3,0x46,0x0e,
-	0x83,0x48,0x4e,0xd2,0x02,0xcb,0xc0,0xad,0x79,0x95,
-	0x8c,0x96,0xba,0x40,0x34,0x11,0x71,0x5e,0xe9,0x11,
-	0xf9,0xc5,0x4a,0x5e,0x91,0x9d,0xf5,0x92,0x4f,0xeb,
-	0xc6,0x70,0x02,0x2d,0x3d,0x04,0xaa,0xe9,0x3a,0x8e,
-	0xd5,0xa8,0xad,0xf7,0xce,0x0d,0x16,0xb2,0xec,0x0a,
-	0x9c,0xf5,0x94,0x39,0xb9,0x8a,0xfc,0x1e,0xf9,0xcc,
-	0xf2,0x5f,0x21,0x31,0x74,0x72,0x6b,0x64,0xae,0x35,
-	0x61,0x8d,0x0d,0xcb,0xe7,0xda,0x39,0xca,0xf3,0x21,
-	0x66,0x0b,0x95,0xd7,0x0a,0x7c,0xca,0xa1,0xa9,0x5a,
-	0xe8,0xac,0xe0,0x71,0x54,0xaf,0x28,0xcf,0xd5,0x70,
-	0x89,0xe0,0xf3,0x9e,0x43,0x6c,0x8d,0x7b,0x99,0x01,
-	0x68,0x4d,0xa1,0x45,0x46,0x0c,0x43,0xbc,0xcc,0x2c,
-	0xdd,0xc5,0x46,0xc8,0x4e,0x0e,0xbe,0xed,0xb9,0x26,
-	0xab,0x2e,0xdb,0xeb,0x8f,0xff,0xdb,0xb0,0xc6,0x55,
-	0xaf,0xf8,0x2a,0x91,0x9d,0x50,0x44,0x21,0x17,
-	};
diff --git a/deps/openssl/openssl/apps/timeouts.h b/deps/openssl/openssl/apps/timeouts.h
deleted file mode 100644
index 89b5dc76f67..00000000000
--- a/deps/openssl/openssl/apps/timeouts.h
+++ /dev/null
@@ -1,67 +0,0 @@
-/* apps/timeouts.h */
-/* 
- * DTLS implementation written by Nagendra Modadugu
- * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.  
- */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef INCLUDED_TIMEOUTS_H
-#define INCLUDED_TIMEOUTS_H
-
-/* numbers in us */
-#define DGRAM_RCV_TIMEOUT         250000
-#define DGRAM_SND_TIMEOUT         250000
-
-#endif /* ! INCLUDED_TIMEOUTS_H */
diff --git a/deps/openssl/openssl/apps/ts.c b/deps/openssl/openssl/apps/ts.c
deleted file mode 100644
index 5fa9f7fda07..00000000000
--- a/deps/openssl/openssl/apps/ts.c
+++ /dev/null
@@ -1,1147 +0,0 @@
-/* apps/ts.c */
-/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
- * project 2002.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include 
-#include 
-#include 
-#include "apps.h"
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-
-#undef PROG
-#define PROG	ts_main
-
-/* Length of the nonce of the request in bits (must be a multiple of 8). */
-#define	NONCE_LENGTH		64
-
-/* Macro definitions for the configuration file. */
-#define	ENV_OID_FILE		"oid_file"
-
-/* Local function declarations. */
-
-static ASN1_OBJECT *txt2obj(const char *oid);
-static CONF *load_config_file(const char *configfile);
-
-/* Query related functions. */
-static int query_command(const char *data, char *digest,
-			 const EVP_MD *md, const char *policy, int no_nonce, 
-			 int cert, const char *in, const char *out, int text);
-static BIO *BIO_open_with_default(const char *file, const char *mode, 
-				  FILE *default_fp);
-static TS_REQ *create_query(BIO *data_bio, char *digest, const EVP_MD *md,
-			    const char *policy, int no_nonce, int cert);
-static int create_digest(BIO *input, char *digest,
-			 const EVP_MD *md, unsigned char **md_value);
-static ASN1_INTEGER *create_nonce(int bits);
-
-/* Reply related functions. */
-static int reply_command(CONF *conf, char *section, char *engine, 
-			 char *queryfile, char *passin, char *inkey, 
-			 char *signer, char *chain, const char *policy, 
-			 char *in, int token_in, char *out, int token_out,
-			 int text);
-static TS_RESP *read_PKCS7(BIO *in_bio);
-static TS_RESP *create_response(CONF *conf, const char *section, char *engine,
-				char *queryfile, char *passin, char *inkey,
-				char *signer, char *chain, const char *policy);
-static ASN1_INTEGER * MS_CALLBACK serial_cb(TS_RESP_CTX *ctx, void *data);
-static ASN1_INTEGER *next_serial(const char *serialfile);
-static int save_ts_serial(const char *serialfile, ASN1_INTEGER *serial);
-
-/* Verify related functions. */
-static int verify_command(char *data, char *digest, char *queryfile,
-			  char *in, int token_in,
-			  char *ca_path, char *ca_file, char *untrusted);
-static TS_VERIFY_CTX *create_verify_ctx(char *data, char *digest, 
-					char *queryfile, 
-					char *ca_path, char *ca_file,
-					char *untrusted);
-static X509_STORE *create_cert_store(char *ca_path, char *ca_file);
-static int MS_CALLBACK verify_cb(int ok, X509_STORE_CTX *ctx);
-
-/* Main function definition. */
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	int ret = 1;
-	char *configfile = NULL;
-	char *section = NULL;
-	CONF *conf = NULL;
-	enum mode {
-	CMD_NONE, CMD_QUERY, CMD_REPLY, CMD_VERIFY 
-	} mode = CMD_NONE;
-	char *data = NULL;
-	char *digest = NULL;
-	const EVP_MD *md = NULL;
-	char *rnd = NULL;
-	char *policy = NULL;
-	int no_nonce = 0;
-	int cert = 0;
-	char *in = NULL;
-	char *out = NULL;
-	int text = 0;
-	char *queryfile = NULL;
-	char *passin = NULL;	/* Password source. */
-	char *password =NULL;	/* Password itself. */
-	char *inkey = NULL;
-	char *signer = NULL;
-	char *chain = NULL;
-	char *ca_path = NULL;
-	char *ca_file = NULL;
-	char *untrusted = NULL;
-	char *engine = NULL;
-	/* Input is ContentInfo instead of TimeStampResp. */
-	int token_in = 0;	
-	/* Output is ContentInfo instead of TimeStampResp. */
-	int token_out = 0;
-	int free_bio_err = 0;
-
-	ERR_load_crypto_strings();
-	apps_startup();
-
-	if (bio_err == NULL && (bio_err = BIO_new(BIO_s_file())) != NULL)
-		{
-		free_bio_err = 1;
-		BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
-		}
-
-	if (!load_config(bio_err, NULL))
-		goto cleanup;
-
-	for (argc--, argv++; argc > 0; argc--, argv++)
-		{
-		if (strcmp(*argv, "-config") == 0)
-			{
-			if (argc-- < 1) goto usage;
-			configfile = *++argv;
-			}
-		else if (strcmp(*argv, "-section") == 0)
-			{
-			if (argc-- < 1) goto usage;
-			section = *++argv;
-			}
-		else if (strcmp(*argv, "-query") == 0)
-			{
-			if (mode != CMD_NONE) goto usage;
-			mode = CMD_QUERY;
-			}
-		else if (strcmp(*argv, "-data") == 0)
-			{
-			if (argc-- < 1) goto usage;
-			data = *++argv;
-			}
-		else if (strcmp(*argv, "-digest") == 0)
-			{
-			if (argc-- < 1) goto usage;
-			digest = *++argv;
-			}
-		else if (strcmp(*argv, "-rand") == 0)
-			{
-			if (argc-- < 1) goto usage;
-			rnd = *++argv;
-			}
-		else if (strcmp(*argv, "-policy") == 0)
-			{
-			if (argc-- < 1) goto usage;
-			policy = *++argv;
-			}
-		else if (strcmp(*argv, "-no_nonce") == 0)
-			{
-			no_nonce = 1;
-			}
-		else if (strcmp(*argv, "-cert") == 0)
-			{
-			cert = 1;
-			}
-		else if (strcmp(*argv, "-in") == 0)
-			{
-			if (argc-- < 1) goto usage;
-			in = *++argv;
-			}
-		else if (strcmp(*argv, "-token_in") == 0)
-			{
-			token_in = 1;
-			}
-		else if (strcmp(*argv, "-out") == 0)
-			{
-			if (argc-- < 1) goto usage;
-			out = *++argv;
-			}
-		else if (strcmp(*argv, "-token_out") == 0)
-			{
-			token_out = 1;
-			}
-		else if (strcmp(*argv, "-text") == 0)
-			{
-			text = 1;
-			}
-		else if (strcmp(*argv, "-reply") == 0)
-			{
-			if (mode != CMD_NONE) goto usage;
-			mode = CMD_REPLY;
-			}
-		else if (strcmp(*argv, "-queryfile") == 0)
-			{
-			if (argc-- < 1) goto usage;
-			queryfile = *++argv;
-			}
-		else if (strcmp(*argv, "-passin") == 0)
-			{
-			if (argc-- < 1) goto usage;
-			passin = *++argv;
-			}
-		else if (strcmp(*argv, "-inkey") == 0)
-			{
-			if (argc-- < 1) goto usage;
-			inkey = *++argv;
-			}
-		else if (strcmp(*argv, "-signer") == 0)
-			{
-			if (argc-- < 1) goto usage;
-			signer = *++argv;
-			}
-		else if (strcmp(*argv, "-chain") == 0)
-			{
-			if (argc-- < 1) goto usage;
-			chain = *++argv;
-			}
-		else if (strcmp(*argv, "-verify") == 0)
-			{
-			if (mode != CMD_NONE) goto usage;
-			mode = CMD_VERIFY;
-			}
-		else if (strcmp(*argv, "-CApath") == 0)
-			{
-			if (argc-- < 1) goto usage;
-			ca_path = *++argv;
-			}
-		else if (strcmp(*argv, "-CAfile") == 0)
-			{
-			if (argc-- < 1) goto usage;
-			ca_file = *++argv;
-			}
-		else if (strcmp(*argv, "-untrusted") == 0)
-			{
-			if (argc-- < 1) goto usage;
-			untrusted = *++argv;
-			}
-		else if (strcmp(*argv, "-engine") == 0)
-			{
-			if (argc-- < 1) goto usage;
-			engine = *++argv;
-			}
-		else if ((md = EVP_get_digestbyname(*argv + 1)) != NULL)
-			{
-			/* empty. */
-			}
-		else
-			goto usage;
-		}
-	
-	/* Seed the random number generator if it is going to be used. */
-	if (mode == CMD_QUERY && !no_nonce)
-		{
-		if (!app_RAND_load_file(NULL, bio_err, 1) && rnd == NULL)
-			BIO_printf(bio_err, "warning, not much extra random "
-				   "data, consider using the -rand option\n");
-		if (rnd != NULL)
-			BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
-				   app_RAND_load_files(rnd));
-		}
-
-	/* Get the password if required. */
-	if(mode == CMD_REPLY && passin &&
-	   !app_passwd(bio_err, passin, NULL, &password, NULL))
-		{
-		BIO_printf(bio_err,"Error getting password.\n");
-		goto cleanup;
-		}
-
-	/* Check consistency of parameters and execute 
-	   the appropriate function. */
-	switch (mode)
-		{
-	case CMD_NONE:
-		goto usage;
-	case CMD_QUERY:
-		/* Data file and message imprint cannot be specified
-		   at the same time. */
-		ret = data != NULL && digest != NULL;
-		if (ret) goto usage;
-		/* Load the config file for possible policy OIDs. */
-		conf = load_config_file(configfile);
-		ret = !query_command(data, digest, md, policy, no_nonce, cert,
-				     in, out, text);
-		break;
-	case CMD_REPLY:
-		conf = load_config_file(configfile);
-		if (in == NULL)
-			{
-			ret = !(queryfile != NULL && conf != NULL && !token_in);
-			if (ret) goto usage;
-			}
-		else
-			{
-			/* 'in' and 'queryfile' are exclusive. */
-			ret = !(queryfile == NULL);
-			if (ret) goto usage;
-			}
-
-		ret = !reply_command(conf, section, engine, queryfile, 
-				     password, inkey, signer, chain, policy, 
-				     in, token_in, out, token_out, text);
-		break;
-	case CMD_VERIFY:
-		ret = !(((queryfile && !data && !digest)
-			 || (!queryfile && data && !digest)
-			 || (!queryfile && !data && digest))
-			&& in != NULL);
-		if (ret) goto usage;
-
-		ret = !verify_command(data, digest, queryfile, in, token_in,
-				      ca_path, ca_file, untrusted);
-		}
-
-	goto cleanup;
-
- usage:
-	BIO_printf(bio_err, "usage:\n"
-		   "ts -query [-rand file%cfile%c...] [-config configfile] "
-		   "[-data file_to_hash] [-digest digest_bytes]"
-		   "[-md2|-md4|-md5|-sha|-sha1|-mdc2|-ripemd160] "
-		   "[-policy object_id] [-no_nonce] [-cert] "
-		   "[-in request.tsq] [-out request.tsq] [-text]\n",
-		   LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
-	BIO_printf(bio_err, "or\n"
-		   "ts -reply [-config configfile] [-section tsa_section] "
-		   "[-queryfile request.tsq] [-passin password] "
-		   "[-signer tsa_cert.pem] [-inkey private_key.pem] "
-		   "[-chain certs_file.pem] [-policy object_id] "
-		   "[-in response.tsr] [-token_in] "
-		   "[-out response.tsr] [-token_out] [-text] [-engine id]\n");
-	BIO_printf(bio_err, "or\n"
-		   "ts -verify [-data file_to_hash] [-digest digest_bytes] "
-		   "[-queryfile request.tsq] "
-		   "-in response.tsr [-token_in] "
-		   "-CApath ca_path -CAfile ca_file.pem "
-		   "-untrusted cert_file.pem\n");
- cleanup:
-	/* Clean up. */
-	app_RAND_write_file(NULL, bio_err);
-	NCONF_free(conf);
-	OPENSSL_free(password);
-	OBJ_cleanup();
-	if (free_bio_err)
-		{
-		BIO_free_all(bio_err);
-		bio_err = NULL;
-		}
-
-	OPENSSL_EXIT(ret);
-	}
-
-/*
- * Configuration file-related function definitions.
- */
-
-static ASN1_OBJECT *txt2obj(const char *oid)
-	{
-	ASN1_OBJECT *oid_obj = NULL;
-
-	if (!(oid_obj = OBJ_txt2obj(oid, 0)))
-		BIO_printf(bio_err, "cannot convert %s to OID\n", oid);
-
-	return oid_obj;
-	}
-
-static CONF *load_config_file(const char *configfile)
-	{
-	CONF *conf = NULL;
-	long errorline = -1;
-
-	if (!configfile) configfile = getenv("OPENSSL_CONF");
-	if (!configfile) configfile = getenv("SSLEAY_CONF");
-
-	if (configfile &&
-	    (!(conf = NCONF_new(NULL)) ||
-	     NCONF_load(conf, configfile, &errorline) <= 0))
-		{
-		if (errorline <= 0)
-			BIO_printf(bio_err, "error loading the config file "
-				   "'%s'\n", configfile);
-		else
-			BIO_printf(bio_err, "error on line %ld of config file "
-				   "'%s'\n", errorline, configfile);
-		}
-
-	if (conf != NULL)
-		{
-		const char *p;
-
-		BIO_printf(bio_err,"Using configuration from %s\n", configfile);
-		p = NCONF_get_string(conf, NULL, ENV_OID_FILE);
-		if (p != NULL)
-			{
-			BIO *oid_bio = BIO_new_file(p, "r");
-			if (!oid_bio) 
-				ERR_print_errors(bio_err);
-			else
-				{
-				OBJ_create_objects(oid_bio);
-				BIO_free_all(oid_bio);
-				}
-			}
-		else
-			ERR_clear_error();
-		if(!add_oid_section(bio_err, conf)) 
-			ERR_print_errors(bio_err);
-		}
-	return conf;
-	}
-
-/*
- * Query-related method definitions.
- */
-
-static int query_command(const char *data, char *digest, const EVP_MD *md,
-			 const char *policy, int no_nonce, 
-			 int cert, const char *in, const char *out, int text)
-	{
-	int ret = 0;
-	TS_REQ *query = NULL;
-	BIO *in_bio = NULL;
-	BIO *data_bio = NULL;
-	BIO *out_bio = NULL;
-
-	/* Build query object either from file or from scratch. */
-	if (in != NULL)
-		{
-		if ((in_bio = BIO_new_file(in, "rb")) == NULL) goto end;
-		query = d2i_TS_REQ_bio(in_bio, NULL);
-		}
-	else
-		{
-		/* Open the file if no explicit digest bytes were specified. */
-		if (!digest 
-		    && !(data_bio = BIO_open_with_default(data, "rb", stdin)))
-			goto end;
-		/* Creating the query object. */
-		query = create_query(data_bio, digest, md,
-				     policy, no_nonce, cert);
-		/* Saving the random number generator state. */
-		}
-	if (query == NULL) goto end;
-
-	/* Write query either in ASN.1 or in text format. */
-	if ((out_bio = BIO_open_with_default(out, "wb", stdout)) == NULL)
-		goto end;
-	if (text)
-		{
-		/* Text output. */
-		if (!TS_REQ_print_bio(out_bio, query))
-			goto end;
-		}
-	else
-		{
-		/* ASN.1 output. */
-		if (!i2d_TS_REQ_bio(out_bio, query))
-			goto end;
-		}
-
-	ret = 1;
-
- end:
-	ERR_print_errors(bio_err);
-
-	/* Clean up. */
-	BIO_free_all(in_bio);
-	BIO_free_all(data_bio);
-	BIO_free_all(out_bio);
-	TS_REQ_free(query);
-
-	return ret;
-	}
-
-static BIO *BIO_open_with_default(const char *file, const char *mode, 
-				  FILE *default_fp)
-	{
-	return file == NULL ? 
-		BIO_new_fp(default_fp, BIO_NOCLOSE) 
-		: BIO_new_file(file, mode);
-	}
-
-static TS_REQ *create_query(BIO *data_bio, char *digest, const EVP_MD *md,
-			    const char *policy, int no_nonce, int cert)
-	{
-	int ret = 0;
-	TS_REQ *ts_req = NULL;
-	int len;
-	TS_MSG_IMPRINT *msg_imprint = NULL;
-	X509_ALGOR *algo = NULL;
-	unsigned char *data = NULL;
-	ASN1_OBJECT *policy_obj = NULL;
-	ASN1_INTEGER *nonce_asn1 = NULL;
-
-	/* Setting default message digest. */
-	if (!md && !(md = EVP_get_digestbyname("sha1"))) goto err;
-
-	/* Creating request object. */
-	if (!(ts_req = TS_REQ_new())) goto err;
-
-	/* Setting version. */
-	if (!TS_REQ_set_version(ts_req, 1)) goto err;
-
-	/* Creating and adding MSG_IMPRINT object. */
-	if (!(msg_imprint = TS_MSG_IMPRINT_new())) goto err;
-
-	/* Adding algorithm. */
-	if (!(algo = X509_ALGOR_new())) goto err;
-	if (!(algo->algorithm = OBJ_nid2obj(EVP_MD_type(md)))) goto err;
-	if (!(algo->parameter = ASN1_TYPE_new())) goto err;
-	algo->parameter->type = V_ASN1_NULL;
-	if (!TS_MSG_IMPRINT_set_algo(msg_imprint, algo)) goto err;
-
-	/* Adding message digest. */
-	if ((len = create_digest(data_bio, digest, md, &data)) == 0)
-		goto err;
-	if (!TS_MSG_IMPRINT_set_msg(msg_imprint, data, len)) goto err;
-
-	if (!TS_REQ_set_msg_imprint(ts_req, msg_imprint)) goto err;
-	
-	/* Setting policy if requested. */
-	if (policy && !(policy_obj = txt2obj(policy))) goto err;
-	if (policy_obj && !TS_REQ_set_policy_id(ts_req, policy_obj)) goto err;
-
-	/* Setting nonce if requested. */
-	if (!no_nonce && !(nonce_asn1 = create_nonce(NONCE_LENGTH))) goto err;
-	if (nonce_asn1 && !TS_REQ_set_nonce(ts_req, nonce_asn1)) goto err;
-
-	/* Setting certificate request flag if requested. */
-	if (!TS_REQ_set_cert_req(ts_req, cert)) goto err;
-
-	ret = 1;
- err:
-	if (!ret)
-		{
-		TS_REQ_free(ts_req);
-		ts_req = NULL;
-		BIO_printf(bio_err, "could not create query\n");
-		}
-	TS_MSG_IMPRINT_free(msg_imprint);
-	X509_ALGOR_free(algo);
-	OPENSSL_free(data);
-	ASN1_OBJECT_free(policy_obj);
-	ASN1_INTEGER_free(nonce_asn1);
-	return ts_req;
-	}
-
-static int create_digest(BIO *input, char *digest, const EVP_MD *md,
-			 unsigned char **md_value)
-	{
-	int md_value_len;
-
-	md_value_len = EVP_MD_size(md);
-	if (md_value_len < 0)
-	    goto err;
-	if (input)
-		{
-		/* Digest must be computed from an input file. */
-		EVP_MD_CTX md_ctx;
-		unsigned char buffer[4096];
-		int length;
-
-		*md_value = OPENSSL_malloc(md_value_len);
-		if (*md_value == 0) goto err;
-
-		EVP_DigestInit(&md_ctx, md);
-		while ((length = BIO_read(input, buffer, sizeof(buffer))) > 0)
-			{
-			EVP_DigestUpdate(&md_ctx, buffer, length);
-			}
-		EVP_DigestFinal(&md_ctx, *md_value, NULL);
-		}
-	else
-		{
-		/* Digest bytes are specified with digest. */
-		long digest_len;
-		*md_value = string_to_hex(digest, &digest_len);
-		if (!*md_value || md_value_len != digest_len)
-			{
-			OPENSSL_free(*md_value);
-			*md_value = NULL;
-			BIO_printf(bio_err, "bad digest, %d bytes "
-				   "must be specified\n", md_value_len);
-			goto err;
-			}
-		}
-
-	return md_value_len;
- err:
-	return 0;
-	}
-
-static ASN1_INTEGER *create_nonce(int bits)
-	{
-	unsigned char buf[20];
-	ASN1_INTEGER *nonce = NULL;
-	int len = (bits - 1) / 8 + 1;
-	int i;
-
-	/* Generating random byte sequence. */
-	if (len > (int)sizeof(buf)) goto err;
-	if (RAND_bytes(buf, len) <= 0) goto err;
-
-	/* Find the first non-zero byte and creating ASN1_INTEGER object. */
-	for (i = 0; i < len && !buf[i]; ++i);
-	if (!(nonce = ASN1_INTEGER_new())) goto err;
-	OPENSSL_free(nonce->data);
-	/* Allocate at least one byte. */
-	nonce->length = len - i;
-	if (!(nonce->data = OPENSSL_malloc(nonce->length + 1))) goto err;
-	memcpy(nonce->data, buf + i, nonce->length);
-
-	return nonce;
- err:
-	BIO_printf(bio_err, "could not create nonce\n");
-	ASN1_INTEGER_free(nonce);
-	return NULL;
-	}
-/*
- * Reply-related method definitions.
- */
-
-static int reply_command(CONF *conf, char *section, char *engine, 
-			 char *queryfile, char *passin, char *inkey,
-			 char *signer, char *chain, const char *policy, 
-			 char *in, int token_in,
-			 char *out, int token_out, int text)
-	{
-	int ret = 0;
-	TS_RESP *response = NULL;
-	BIO *in_bio = NULL;
-	BIO *query_bio = NULL;
-	BIO *inkey_bio = NULL;
-	BIO *signer_bio = NULL;
-	BIO *out_bio = NULL;
-
-	/* Build response object either from response or query. */
-	if (in != NULL)
-		{
-		if ((in_bio = BIO_new_file(in, "rb")) == NULL) goto end;
-		if (token_in)
-			{
-			/* We have a ContentInfo (PKCS7) object, add
-			   'granted' status info around it. */
-			response = read_PKCS7(in_bio);
-			}
-		else
-			{
-			/* We have a ready-made TS_RESP object. */
-			response = d2i_TS_RESP_bio(in_bio, NULL);
-			}
-		}
-	else
-		{
-		response = create_response(conf, section, engine, queryfile,
-					   passin, inkey, signer, chain,
-					   policy);
-		if (response)
-			BIO_printf(bio_err, "Response has been generated.\n");
-		else
-			BIO_printf(bio_err, "Response is not generated.\n");
-		}
-	if (response == NULL) goto end;
-
-	/* Write response either in ASN.1 or text format. */
-	if ((out_bio = BIO_open_with_default(out, "wb", stdout)) == NULL)
-		goto end;
-	if (text)
-		{
-		/* Text output. */
-		if (token_out)
-			{
-			TS_TST_INFO *tst_info = TS_RESP_get_tst_info(response);
-			if (!TS_TST_INFO_print_bio(out_bio, tst_info)) goto end;
-			}
-		else
-			{
-			if (!TS_RESP_print_bio(out_bio, response)) goto end;
-			}
-		}
-	else
-		{
-		/* ASN.1 DER output. */
-		if (token_out)
-			{
-			PKCS7 *token = TS_RESP_get_token(response);
-			if (!i2d_PKCS7_bio(out_bio, token)) goto end;
-			}
-		else
-			{
-			if (!i2d_TS_RESP_bio(out_bio, response)) goto end;
-			}
-		}
-
-	ret = 1;
-
- end:
-	ERR_print_errors(bio_err);
-
-	/* Clean up. */
-	BIO_free_all(in_bio);
-	BIO_free_all(query_bio);
-	BIO_free_all(inkey_bio);
-	BIO_free_all(signer_bio);
-	BIO_free_all(out_bio);
-	TS_RESP_free(response);
-
-	return ret;
-	}
-
-/* Reads a PKCS7 token and adds default 'granted' status info to it. */
-static TS_RESP *read_PKCS7(BIO *in_bio)
-	{
-	int ret = 0;
-	PKCS7 *token = NULL;
-	TS_TST_INFO *tst_info = NULL;
-	TS_RESP *resp = NULL;
-	TS_STATUS_INFO *si = NULL;
-
-	/* Read PKCS7 object and extract the signed time stamp info. */
-	if (!(token = d2i_PKCS7_bio(in_bio, NULL))) goto end;
-	if (!(tst_info = PKCS7_to_TS_TST_INFO(token))) goto end;
-
-	/* Creating response object. */
-	if (!(resp = TS_RESP_new())) goto end;
-
-	/* Create granted status info. */
-	if (!(si = TS_STATUS_INFO_new())) goto end;
-	if (!(ASN1_INTEGER_set(si->status, TS_STATUS_GRANTED))) goto end;
-	if (!TS_RESP_set_status_info(resp, si)) goto end;
-
-	/* Setting encapsulated token. */
-	TS_RESP_set_tst_info(resp, token, tst_info);
-	token = NULL;		/* Ownership is lost. */
-	tst_info = NULL;	/* Ownership is lost. */
-
-	ret = 1;
- end:
-	PKCS7_free(token);
-	TS_TST_INFO_free(tst_info);
-	if (!ret)
-		{
-		TS_RESP_free(resp);
-		resp = NULL;
-		}
-	TS_STATUS_INFO_free(si);
-	return resp;
-	}
-
-static TS_RESP *create_response(CONF *conf, const char *section, char *engine, 
-				char *queryfile, char *passin, char *inkey,
-				char *signer, char *chain, const char *policy)
-	{
-	int ret = 0;
-	TS_RESP *response = NULL;
-	BIO *query_bio = NULL;
-	TS_RESP_CTX *resp_ctx = NULL;
-
-	if (!(query_bio = BIO_new_file(queryfile, "rb")))
-		goto end;
-
-	/* Getting TSA configuration section. */
-	if (!(section = TS_CONF_get_tsa_section(conf, section)))
-		goto end;
-
-	/* Setting up response generation context. */
-	if (!(resp_ctx = TS_RESP_CTX_new())) goto end;
-
-	/* Setting serial number provider callback. */
-	if (!TS_CONF_set_serial(conf, section, serial_cb, resp_ctx)) goto end;
-#ifndef OPENSSL_NO_ENGINE
-	/* Setting default OpenSSL engine. */
-	if (!TS_CONF_set_crypto_device(conf, section, engine)) goto end;
-#endif
-
-	/* Setting TSA signer certificate. */
-	if (!TS_CONF_set_signer_cert(conf, section, signer, resp_ctx)) goto end;
-
-	/* Setting TSA signer certificate chain. */
-	if (!TS_CONF_set_certs(conf, section, chain, resp_ctx)) goto end;
-
-	/* Setting TSA signer private key. */
-	if (!TS_CONF_set_signer_key(conf, section, inkey, passin, resp_ctx))
-		goto end;
-
-	/* Setting default policy OID. */
-	if (!TS_CONF_set_def_policy(conf, section, policy, resp_ctx)) goto end;
-
-	/* Setting acceptable policy OIDs. */
-	if (!TS_CONF_set_policies(conf, section, resp_ctx)) goto end;
-
-	/* Setting the acceptable one-way hash algorithms. */
-	if (!TS_CONF_set_digests(conf, section, resp_ctx)) goto end;
-
-	/* Setting guaranteed time stamp accuracy. */
-	if (!TS_CONF_set_accuracy(conf, section, resp_ctx)) goto end;
-
-	/* Setting the precision of the time. */
-	if (!TS_CONF_set_clock_precision_digits(conf, section, resp_ctx))
-		goto end;
-
-	/* Setting the ordering flaf if requested. */
-	if (!TS_CONF_set_ordering(conf, section, resp_ctx)) goto end;
-
-	/* Setting the TSA name required flag if requested. */
-	if (!TS_CONF_set_tsa_name(conf, section, resp_ctx)) goto end;
-
-	/* Setting the ESS cert id chain flag if requested. */
-	if (!TS_CONF_set_ess_cert_id_chain(conf, section, resp_ctx)) goto end;
-
-	/* Creating the response. */
-	if (!(response = TS_RESP_create_response(resp_ctx, query_bio)))
-		goto end;
-
-	ret = 1;
- end:
-	if (!ret) 
-		{
-		TS_RESP_free(response);
-		response = NULL;
-		}
-	TS_RESP_CTX_free(resp_ctx);
-	BIO_free_all(query_bio);
-
-	return response;
-	}
-
-static ASN1_INTEGER * MS_CALLBACK serial_cb(TS_RESP_CTX *ctx, void *data)
-	{
-	const char *serial_file = (const char *) data;
-	ASN1_INTEGER *serial = next_serial(serial_file);
-
-	if (!serial)
-		{
-		TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
-					    "Error during serial number "
-					    "generation.");
-		TS_RESP_CTX_add_failure_info(ctx,
-					     TS_INFO_ADD_INFO_NOT_AVAILABLE);
-		}
-	else
-		save_ts_serial(serial_file, serial);
-
-	return serial;
-	}
-
-static ASN1_INTEGER *next_serial(const char *serialfile)
-	{
-	int ret = 0;
-	BIO *in = NULL;
-	ASN1_INTEGER *serial = NULL;
-	BIGNUM *bn = NULL;
-
-	if (!(serial = ASN1_INTEGER_new())) goto err;
-
-	if (!(in = BIO_new_file(serialfile, "r"))) 
-		{
-		ERR_clear_error();
-		BIO_printf(bio_err, "Warning: could not open file %s for "
-			   "reading, using serial number: 1\n", serialfile);
-		if (!ASN1_INTEGER_set(serial, 1)) goto err;
-		}
-	else
-		{
-		char buf[1024];
-		if (!a2i_ASN1_INTEGER(in, serial, buf, sizeof(buf)))
-			{
-			BIO_printf(bio_err, "unable to load number from %s\n",
-				   serialfile);
-			goto err;
-			}
-		if (!(bn = ASN1_INTEGER_to_BN(serial, NULL))) goto err;
-		ASN1_INTEGER_free(serial);
-		serial = NULL;
-		if (!BN_add_word(bn, 1)) goto err;
-		if (!(serial = BN_to_ASN1_INTEGER(bn, NULL))) goto err;
-		}
-	ret = 1;
- err:
-	if (!ret)
-		{
-		ASN1_INTEGER_free(serial);
-		serial = NULL;
-		}
-	BIO_free_all(in);
-	BN_free(bn);
-	return serial;
-	}
-
-static int save_ts_serial(const char *serialfile, ASN1_INTEGER *serial)
-	{
-	int ret = 0;
-	BIO *out = NULL;
-
-	if (!(out = BIO_new_file(serialfile, "w"))) goto err;
-	if (i2a_ASN1_INTEGER(out, serial) <= 0) goto err;
-	if (BIO_puts(out, "\n") <= 0) goto err;
-	ret = 1;
- err:
-	if (!ret)
-		BIO_printf(bio_err, "could not save serial number to %s\n",
-			   serialfile);
-	BIO_free_all(out);
-	return ret;
-	}
-
-/*
- * Verify-related method definitions.
- */
-
-static int verify_command(char *data, char *digest, char *queryfile,
-			  char *in, int token_in,
-			  char *ca_path, char *ca_file, char *untrusted)
-	{
-	BIO *in_bio = NULL;
-	PKCS7 *token = NULL;
-	TS_RESP *response = NULL;
-	TS_VERIFY_CTX *verify_ctx = NULL;
-	int ret = 0;
-
-	/* Decode the token (PKCS7) or response (TS_RESP) files. */
-	if (!(in_bio = BIO_new_file(in, "rb"))) goto end;
-	if (token_in)
-		{
-		if (!(token = d2i_PKCS7_bio(in_bio, NULL))) goto end;
-		}
-	else
-		{
-		if (!(response = d2i_TS_RESP_bio(in_bio, NULL))) goto end;
-		}
-
-	if (!(verify_ctx = create_verify_ctx(data, digest, queryfile, 
-					     ca_path, ca_file, untrusted)))
-		goto end;
-
-	/* Checking the token or response against the request. */
-	ret = token_in ?
-		TS_RESP_verify_token(verify_ctx, token) :
-		TS_RESP_verify_response(verify_ctx, response);
-
- end:
-	printf("Verification: ");
-	if (ret)
-		printf("OK\n");
-	else
-		{
-		printf("FAILED\n");
-		/* Print errors, if there are any. */
-		ERR_print_errors(bio_err);
-		}
-	
-	/* Clean up. */
-	BIO_free_all(in_bio);
-	PKCS7_free(token);
-	TS_RESP_free(response);
-	TS_VERIFY_CTX_free(verify_ctx);
-	return ret;
-	}
-
-static TS_VERIFY_CTX *create_verify_ctx(char *data, char *digest, 
-					char *queryfile, 
-					char *ca_path, char *ca_file,
-					char *untrusted)
-	{
-	TS_VERIFY_CTX *ctx = NULL;
-	BIO *input = NULL;
-	TS_REQ *request = NULL;
-	int ret = 0;
-
-	if (data != NULL || digest != NULL)
-		{
-		if (!(ctx = TS_VERIFY_CTX_new())) goto err;
-		ctx->flags = TS_VFY_VERSION | TS_VFY_SIGNER;
-		if (data != NULL)
-			{
-			ctx->flags |= TS_VFY_DATA;
-			if (!(ctx->data = BIO_new_file(data, "rb"))) goto err;
-			}
-		else if (digest != NULL)
-			{
-			long imprint_len;
-			ctx->flags |= TS_VFY_IMPRINT;
-			if (!(ctx->imprint = string_to_hex(digest,
-							   &imprint_len)))
-				{
-				BIO_printf(bio_err, "invalid digest string\n");
-				goto err;
-				}
-			ctx->imprint_len = imprint_len;
-			}
-		
-		}
-	else if (queryfile != NULL)
-		{
-		/* The request has just to be read, decoded and converted to
-		   a verify context object. */
-		if (!(input = BIO_new_file(queryfile, "rb"))) goto err;
-		if (!(request = d2i_TS_REQ_bio(input, NULL))) goto err;
-		if (!(ctx = TS_REQ_to_TS_VERIFY_CTX(request, NULL))) goto err;
-		}
-	else
-		return NULL;
-
-	/* Add the signature verification flag and arguments. */
-	ctx->flags |= TS_VFY_SIGNATURE;
-
-	/* Initialising the X509_STORE object. */
-	if (!(ctx->store = create_cert_store(ca_path, ca_file))) goto err;
-
-	/* Loading untrusted certificates. */
-	if (untrusted && !(ctx->certs = TS_CONF_load_certs(untrusted))) 
-		goto err;
-
-	ret = 1;
- err:
-	if (!ret)
-		{
-		TS_VERIFY_CTX_free(ctx);
-		ctx = NULL;
-		}
-	BIO_free_all(input);
-	TS_REQ_free(request);
-	return ctx;
-	}
-
-static X509_STORE *create_cert_store(char *ca_path, char *ca_file)
-	{
-	X509_STORE *cert_ctx = NULL;
-	X509_LOOKUP *lookup = NULL;
-	int i;
-
-	/* Creating the X509_STORE object. */
-	cert_ctx = X509_STORE_new();
-
-	/* Setting the callback for certificate chain verification. */
-	X509_STORE_set_verify_cb(cert_ctx, verify_cb);
-
-	/* Adding a trusted certificate directory source. */
-	if (ca_path)
-		{
-		lookup = X509_STORE_add_lookup(cert_ctx,
-					       X509_LOOKUP_hash_dir());
-		if (lookup == NULL)
-			{
-			BIO_printf(bio_err, "memory allocation failure\n");
-			goto err;
-			}
-		i = X509_LOOKUP_add_dir(lookup, ca_path, X509_FILETYPE_PEM);
-		if (!i)
-			{
-			BIO_printf(bio_err, "Error loading directory %s\n",
-				   ca_path);
-			goto err;
-			}
-		}
-
-	/* Adding a trusted certificate file source. */
-	if (ca_file)
-		{
-		lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_file());
-		if (lookup == NULL)
-			{
-			BIO_printf(bio_err, "memory allocation failure\n");
-			goto err;
-			}
-		i = X509_LOOKUP_load_file(lookup, ca_file, X509_FILETYPE_PEM);
-		if (!i)
-			{
-			BIO_printf(bio_err, "Error loading file %s\n", ca_file);
-			goto err;
-			}
-		}
-
-	return cert_ctx;
- err:
-	X509_STORE_free(cert_ctx);
-	return NULL;
-	}
-
-static int MS_CALLBACK verify_cb(int ok, X509_STORE_CTX *ctx)
-	{
-	/*
-	char buf[256];
-
-	if (!ok)
-		{
-		X509_NAME_oneline(X509_get_subject_name(ctx->current_cert),
-				  buf, sizeof(buf));
-		printf("%s\n", buf);
-		printf("error %d at %d depth lookup: %s\n",
-		       ctx->error, ctx->error_depth,
-			X509_verify_cert_error_string(ctx->error));
-		}
-	*/
-
-	return ok;
-	}
diff --git a/deps/openssl/openssl/apps/tsget b/deps/openssl/openssl/apps/tsget
deleted file mode 100644
index 0d54e9fc9a7..00000000000
--- a/deps/openssl/openssl/apps/tsget
+++ /dev/null
@@ -1,196 +0,0 @@
-#!/usr/bin/perl -w
-# Written by Zoltan Glozik .
-# Copyright (c) 2002 The OpenTSA Project.  All rights reserved.
-$::version = '$Id: tsget,v 1.1.2.2 2009/09/07 17:57:02 steve Exp $';
-
-use strict;
-use IO::Handle;
-use Getopt::Std;
-use File::Basename;
-use WWW::Curl::Easy;
-
-use vars qw(%options);
-
-# Callback for reading the body.
-sub read_body {
-    my ($maxlength, $state) = @_;
-    my $return_data = "";
-    my $data_len = length ${$state->{data}};
-    if ($state->{bytes} < $data_len) {
-	$data_len = $data_len - $state->{bytes};
-	$data_len = $maxlength if $data_len > $maxlength;
-	$return_data = substr ${$state->{data}}, $state->{bytes}, $data_len;
-	$state->{bytes} += $data_len;
-    }
-    return $return_data;
-}
-
-# Callback for writing the body into a variable.
-sub write_body {
-    my ($data, $pointer) = @_;
-    ${$pointer} .= $data;
-    return length($data);
-}
-
-# Initialise a new Curl object.
-sub create_curl {
-    my $url = shift;
-
-    # Create Curl object.
-    my $curl = WWW::Curl::Easy::new();
-
-    # Error-handling related options.
-    $curl->setopt(CURLOPT_VERBOSE, 1) if $options{d};
-    $curl->setopt(CURLOPT_FAILONERROR, 1);
-    $curl->setopt(CURLOPT_USERAGENT, "OpenTSA tsget.pl/" . (split / /, $::version)[2]);
-
-    # Options for POST method.
-    $curl->setopt(CURLOPT_UPLOAD, 1);
-    $curl->setopt(CURLOPT_CUSTOMREQUEST, "POST");
-    $curl->setopt(CURLOPT_HTTPHEADER,
-		["Content-Type: application/timestamp-query",
-		"Accept: application/timestamp-reply,application/timestamp-response"]);
-    $curl->setopt(CURLOPT_READFUNCTION, \&read_body);
-    $curl->setopt(CURLOPT_HEADERFUNCTION, sub { return length($_[0]); });
-
-    # Options for getting the result.
-    $curl->setopt(CURLOPT_WRITEFUNCTION, \&write_body);
-
-    # SSL related options.
-    $curl->setopt(CURLOPT_SSLKEYTYPE, "PEM");
-    $curl->setopt(CURLOPT_SSL_VERIFYPEER, 1);	# Verify server's certificate.
-    $curl->setopt(CURLOPT_SSL_VERIFYHOST, 2);	# Check server's CN.
-    $curl->setopt(CURLOPT_SSLKEY, $options{k}) if defined($options{k});
-    $curl->setopt(CURLOPT_SSLKEYPASSWD, $options{p}) if defined($options{p});
-    $curl->setopt(CURLOPT_SSLCERT, $options{c}) if defined($options{c});
-    $curl->setopt(CURLOPT_CAINFO, $options{C}) if defined($options{C});
-    $curl->setopt(CURLOPT_CAPATH, $options{P}) if defined($options{P});
-    $curl->setopt(CURLOPT_RANDOM_FILE, $options{r}) if defined($options{r});
-    $curl->setopt(CURLOPT_EGDSOCKET, $options{g}) if defined($options{g});
-
-    # Setting destination.
-    $curl->setopt(CURLOPT_URL, $url);
-
-    return $curl;
-}
-
-# Send a request and returns the body back.
-sub get_timestamp {
-    my $curl = shift;
-    my $body = shift;
-    my $ts_body;
-    local $::error_buf;
-
-    # Error-handling related options.
-    $curl->setopt(CURLOPT_ERRORBUFFER, "::error_buf");
-
-    # Options for POST method.
-    $curl->setopt(CURLOPT_INFILE, {data => $body, bytes => 0});
-    $curl->setopt(CURLOPT_INFILESIZE, length(${$body}));
-
-    # Options for getting the result.
-    $curl->setopt(CURLOPT_FILE, \$ts_body);
-
-    # Send the request...
-    my $error_code = $curl->perform();
-    my $error_string;
-    if ($error_code != 0) {
-        my $http_code = $curl->getinfo(CURLINFO_HTTP_CODE);
-	$error_string = "could not get timestamp";
-	$error_string .= ", http code: $http_code" unless $http_code == 0;
-	$error_string .= ", curl code: $error_code";
-	$error_string .= " ($::error_buf)" if defined($::error_buf);
-    } else {
-        my $ct = $curl->getinfo(CURLINFO_CONTENT_TYPE);
-	if (lc($ct) ne "application/timestamp-reply"
-	    && lc($ct) ne "application/timestamp-response") {
-	    $error_string = "unexpected content type returned: $ct";
-        }
-    }
-    return ($ts_body, $error_string);
-
-}
-
-# Print usage information and exists.
-sub usage {
-
-    print STDERR "usage: $0 -h  [-e ] [-o ] ";
-    print STDERR "[-v] [-d] [-k ] [-p ] ";
-    print STDERR "[-c ] [-C ] [-P ] ";
-    print STDERR "[-r ] [-g ] []...\n";
-    exit 1;
-}
-
-# ----------------------------------------------------------------------
-#   Main program
-# ----------------------------------------------------------------------
-
-# Getting command-line options (default comes from TSGET environment variable).
-my $getopt_arg =  "h:e:o:vdk:p:c:C:P:r:g:";
-if (exists $ENV{TSGET}) {
-    my @old_argv = @ARGV;
-    @ARGV = split /\s+/, $ENV{TSGET};
-    getopts($getopt_arg, \%options) or usage;
-    @ARGV = @old_argv;
-}
-getopts($getopt_arg, \%options) or usage;
-
-# Checking argument consistency.
-if (!exists($options{h}) || (@ARGV == 0 && !exists($options{o}))
-    || (@ARGV > 1 && exists($options{o}))) {
-    print STDERR "Inconsistent command line options.\n";
-    usage;
-}
-# Setting defaults.
-@ARGV = ("-") unless @ARGV != 0;
-$options{e} = ".tsr" unless defined($options{e});
-
-# Processing requests.
-my $curl = create_curl $options{h};
-undef $/;   # For reading whole files.
-REQUEST: foreach (@ARGV) {
-    my $input = $_;
-    my ($base, $path) = fileparse($input, '\.[^.]*');
-    my $output_base = $base . $options{e};
-    my $output = defined($options{o}) ? $options{o} : $path . $output_base;
-
-    STDERR->printflush("$input: ") if $options{v};
-    # Read request.
-    my $body;
-    if ($input eq "-") {
-	# Read the request from STDIN;
-	$body = ;
-    } else {
-	# Read the request from file.
-        open INPUT, "<" . $input
-	    or warn("$input: could not open input file: $!\n"), next REQUEST;
-        $body = ;
-        close INPUT
-	    or warn("$input: could not close input file: $!\n"), next REQUEST;
-    }
-
-    # Send request.
-    STDERR->printflush("sending request") if $options{v};
-
-    my ($ts_body, $error) = get_timestamp $curl, \$body;
-    if (defined($error)) {
-	die "$input: fatal error: $error\n";
-    }
-    STDERR->printflush(", reply received") if $options{v};
-
-    # Write response.
-    if ($output eq "-") {
-	# Write to STDOUT.
-        print $ts_body;
-    } else {
-	# Write to file.
-        open OUTPUT, ">", $output
-	    or warn("$output: could not open output file: $!\n"), next REQUEST;
-        print OUTPUT $ts_body;
-        close OUTPUT
-	    or warn("$output: could not close output file: $!\n"), next REQUEST;
-    }
-    STDERR->printflush(", $output written.\n") if $options{v};
-}
-$curl->cleanup();
-WWW::Curl::Easy::global_cleanup();
diff --git a/deps/openssl/openssl/apps/verify.c b/deps/openssl/openssl/apps/verify.c
deleted file mode 100644
index 9163997e93c..00000000000
--- a/deps/openssl/openssl/apps/verify.c
+++ /dev/null
@@ -1,350 +0,0 @@
-/* apps/verify.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include 
-#include 
-#include 
-#include "apps.h"
-#include 
-#include 
-#include 
-#include 
-#include 
-
-#undef PROG
-#define PROG	verify_main
-
-static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx);
-static int check(X509_STORE *ctx, char *file,
-		STACK_OF(X509) *uchain, STACK_OF(X509) *tchain,
-		STACK_OF(X509_CRL) *crls, ENGINE *e);
-static int v_verbose=0, vflags = 0;
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	ENGINE *e = NULL;
-	int i,ret=1, badarg = 0;
-	char *CApath=NULL,*CAfile=NULL;
-	char *untfile = NULL, *trustfile = NULL, *crlfile = NULL;
-	STACK_OF(X509) *untrusted = NULL, *trusted = NULL;
-	STACK_OF(X509_CRL) *crls = NULL;
-	X509_STORE *cert_ctx=NULL;
-	X509_LOOKUP *lookup=NULL;
-	X509_VERIFY_PARAM *vpm = NULL;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-
-	cert_ctx=X509_STORE_new();
-	if (cert_ctx == NULL) goto end;
-	X509_STORE_set_verify_cb(cert_ctx,cb);
-
-	ERR_load_crypto_strings();
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-
-	argc--;
-	argv++;
-	for (;;)
-		{
-		if (argc >= 1)
-			{
-			if (strcmp(*argv,"-CApath") == 0)
-				{
-				if (argc-- < 1) goto end;
-				CApath= *(++argv);
-				}
-			else if (strcmp(*argv,"-CAfile") == 0)
-				{
-				if (argc-- < 1) goto end;
-				CAfile= *(++argv);
-				}
-			else if (args_verify(&argv, &argc, &badarg, bio_err,
-									&vpm))
-				{
-				if (badarg)
-					goto end;
-				continue;
-				}
-			else if (strcmp(*argv,"-untrusted") == 0)
-				{
-				if (argc-- < 1) goto end;
-				untfile= *(++argv);
-				}
-			else if (strcmp(*argv,"-trusted") == 0)
-				{
-				if (argc-- < 1) goto end;
-				trustfile= *(++argv);
-				}
-			else if (strcmp(*argv,"-CRLfile") == 0)
-				{
-				if (argc-- < 1) goto end;
-				crlfile= *(++argv);
-				}
-#ifndef OPENSSL_NO_ENGINE
-			else if (strcmp(*argv,"-engine") == 0)
-				{
-				if (--argc < 1) goto end;
-				engine= *(++argv);
-				}
-#endif
-			else if (strcmp(*argv,"-help") == 0)
-				goto end;
-			else if (strcmp(*argv,"-verbose") == 0)
-				v_verbose=1;
-			else if (argv[0][0] == '-')
-				goto end;
-			else
-				break;
-			argc--;
-			argv++;
-			}
-		else
-			break;
-		}
-
-#ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
-#endif
-
-	if (vpm)
-		X509_STORE_set1_param(cert_ctx, vpm);
-
-	lookup=X509_STORE_add_lookup(cert_ctx,X509_LOOKUP_file());
-	if (lookup == NULL) abort();
-	if (CAfile) {
-		i=X509_LOOKUP_load_file(lookup,CAfile,X509_FILETYPE_PEM);
-		if(!i) {
-			BIO_printf(bio_err, "Error loading file %s\n", CAfile);
-			ERR_print_errors(bio_err);
-			goto end;
-		}
-	} else X509_LOOKUP_load_file(lookup,NULL,X509_FILETYPE_DEFAULT);
-		
-	lookup=X509_STORE_add_lookup(cert_ctx,X509_LOOKUP_hash_dir());
-	if (lookup == NULL) abort();
-	if (CApath) {
-		i=X509_LOOKUP_add_dir(lookup,CApath,X509_FILETYPE_PEM);
-		if(!i) {
-			BIO_printf(bio_err, "Error loading directory %s\n", CApath);
-			ERR_print_errors(bio_err);
-			goto end;
-		}
-	} else X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT);
-
-	ERR_clear_error();
-
-	if(untfile)
-		{
-		untrusted = load_certs(bio_err, untfile, FORMAT_PEM,
-					NULL, e, "untrusted certificates");
-		if(!untrusted)
-			goto end;
-		}
-
-	if(trustfile)
-		{
-		trusted = load_certs(bio_err, trustfile, FORMAT_PEM,
-					NULL, e, "trusted certificates");
-		if(!trusted)
-			goto end;
-		}
-
-	if(crlfile)
-		{
-		crls = load_crls(bio_err, crlfile, FORMAT_PEM,
-					NULL, e, "other CRLs");
-		if(!crls)
-			goto end;
-		}
-
-	if (argc < 1) check(cert_ctx, NULL, untrusted, trusted, crls, e);
-	else
-		for (i=0; i 0)
-		{
-		fprintf(stdout,"OK\n");
-		ret=1;
-		}
-	else
-		ERR_print_errors(bio_err);
-	if (x != NULL) X509_free(x);
-
-	return(ret);
-	}
-
-static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx)
-	{
-	int cert_error = X509_STORE_CTX_get_error(ctx);
-	X509 *current_cert = X509_STORE_CTX_get_current_cert(ctx);
-
-	if (!ok)
-		{
-		if (current_cert)
-			{
-			X509_NAME_print_ex_fp(stdout,
-				X509_get_subject_name(current_cert),
-				0, XN_FLAG_ONELINE);
-			printf("\n");
-			}
-		printf("%serror %d at %d depth lookup:%s\n",
-			X509_STORE_CTX_get0_parent_ctx(ctx) ? "[CRL path]" : "",
-			cert_error,
-			X509_STORE_CTX_get_error_depth(ctx),
-			X509_verify_cert_error_string(cert_error));
-		switch(cert_error)
-			{
-			case X509_V_ERR_NO_EXPLICIT_POLICY:
-				policies_print(NULL, ctx);
-			case X509_V_ERR_CERT_HAS_EXPIRED:
-
-			/* since we are just checking the certificates, it is
-			 * ok if they are self signed. But we should still warn
-			 * the user.
-			 */
-
-			case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
-			/* Continue after extension errors too */
-			case X509_V_ERR_INVALID_CA:
-			case X509_V_ERR_INVALID_NON_CA:
-			case X509_V_ERR_PATH_LENGTH_EXCEEDED:
-			case X509_V_ERR_INVALID_PURPOSE:
-			case X509_V_ERR_CRL_HAS_EXPIRED:
-			case X509_V_ERR_CRL_NOT_YET_VALID:
-			case X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION:
-			ok = 1;
-
-			}
-
-		return ok;
-
-		}
-	if (cert_error == X509_V_OK && ok == 2)
-		policies_print(NULL, ctx);
-	if (!v_verbose)
-		ERR_clear_error();
-	return(ok);
-	}
diff --git a/deps/openssl/openssl/apps/version.c b/deps/openssl/openssl/apps/version.c
deleted file mode 100644
index e9555cbde29..00000000000
--- a/deps/openssl/openssl/apps/version.c
+++ /dev/null
@@ -1,217 +0,0 @@
-/* apps/version.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include 
-#include 
-#include 
-#include "apps.h"
-#include 
-#include 
-#include 
-#ifndef OPENSSL_NO_MD2
-# include 
-#endif
-#ifndef OPENSSL_NO_RC4
-# include 
-#endif
-#ifndef OPENSSL_NO_DES
-# include 
-#endif
-#ifndef OPENSSL_NO_IDEA
-# include 
-#endif
-#ifndef OPENSSL_NO_BF
-# include 
-#endif
-
-#undef PROG
-#define PROG	version_main
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	int i,ret=0;
-	int cflags=0,version=0,date=0,options=0,platform=0,dir=0;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (argc == 1) version=1;
-	for (i=1; i= 70301000)
-# define USE_DECC_INIT 1
-#endif
-
-#ifdef USE_DECC_INIT
-
-/*
- * 2010-04-26 SMS.
- *
- *----------------------------------------------------------------------
- *
- *       decc_init()
- *
- *    On non-VAX systems, uses LIB$INITIALIZE to set a collection of C
- *    RTL features without using the DECC$* logical name method.
- *
- *----------------------------------------------------------------------
- */
-
-#include 
-#include 
-#include 
-
-
-/* Global storage. */
-
-/* Flag to sense if decc_init() was called. */
-
-int decc_init_done = -1;
-
-
-/* Structure to hold a DECC$* feature name and its desired value. */
-
-typedef struct
-{
-    char *name;
-    int value;
-} decc_feat_t;
-
-
-/* Array of DECC$* feature names and their desired values.
- * Note: DECC$ARGV_PARSE_STYLE is the urgent one.
- */
-
-decc_feat_t decc_feat_array[] =
-{
- /* Preserve command-line case with SET PROCESS/PARSE_STYLE=EXTENDED */
- { "DECC$ARGV_PARSE_STYLE", 1 },
-
- /* Preserve case for file names on ODS5 disks. */
- { "DECC$EFS_CASE_PRESERVE", 1 },
-
- /* Enable multiple dots (and most characters) in ODS5 file names,
-  * while preserving VMS-ness of ";version".
-  */
- { "DECC$EFS_CHARSET", 1 },
-
- /* List terminator. */
- { (char *)NULL, 0 }
-};
-
-
-/* LIB$INITIALIZE initialization function. */
-
-static void decc_init( void)
-{
-    char *openssl_debug_decc_init;
-    int verbose = 0;
-    int feat_index;
-    int feat_value;
-    int feat_value_max;
-    int feat_value_min;
-    int i;
-    int sts;
-
-    /* Get debug option. */
-    openssl_debug_decc_init = getenv( "OPENSSL_DEBUG_DECC_INIT");
-    if (openssl_debug_decc_init != NULL)
-    {
-        verbose = strtol( openssl_debug_decc_init, NULL, 10);
-        if (verbose <= 0)
-        {
-            verbose = 1;
-        }
-    }
-
-    /* Set the global flag to indicate that LIB$INITIALIZE worked. */
-    decc_init_done = 1;
-
-    /* Loop through all items in the decc_feat_array[]. */
-
-    for (i = 0; decc_feat_array[ i].name != NULL; i++)
-    {
-        /* Get the feature index. */
-        feat_index = decc$feature_get_index( decc_feat_array[ i].name);
-        if (feat_index >= 0)
-        {
-            /* Valid item.  Collect its properties. */
-            feat_value = decc$feature_get_value( feat_index, 1);
-            feat_value_min = decc$feature_get_value( feat_index, 2);
-            feat_value_max = decc$feature_get_value( feat_index, 3);
-
-            /* Check the validity of our desired value. */
-            if ((decc_feat_array[ i].value >= feat_value_min) &&
-             (decc_feat_array[ i].value <= feat_value_max))
-            {
-                /* Valid value.  Set it if necessary. */
-                if (feat_value != decc_feat_array[ i].value)
-                {
-                    sts = decc$feature_set_value( feat_index,
-                     1,
-                     decc_feat_array[ i].value);
-
-                     if (verbose > 1)
-                     {
-                         fprintf( stderr, " %s = %d, sts = %d.\n",
-                          decc_feat_array[ i].name,
-                          decc_feat_array[ i].value,
-                          sts);
-                     }
-                }
-            }
-            else
-            {
-                /* Invalid DECC feature value. */
-                fprintf( stderr,
-                 " INVALID DECC$FEATURE VALUE, %d: %d <= %s <= %d.\n",
-                 feat_value,
-                 feat_value_min, decc_feat_array[ i].name, feat_value_max);
-            }
-        }
-        else
-        {
-            /* Invalid DECC feature name. */
-            fprintf( stderr,
-             " UNKNOWN DECC$FEATURE: %s.\n", decc_feat_array[ i].name);
-        }
-    }
-
-    if (verbose > 0)
-    {
-        fprintf( stderr, " DECC_INIT complete.\n");
-    }
-}
-
-/* Get "decc_init()" into a valid, loaded LIB$INITIALIZE PSECT. */
-
-#pragma nostandard
-
-/* Establish the LIB$INITIALIZE PSECTs, with proper alignment and
- * other attributes.  Note that "nopic" is significant only on VAX.
- */
-#pragma extern_model save
-
-#if __INITIAL_POINTER_SIZE == 64
-# define PSECT_ALIGN 3
-#else
-# define PSECT_ALIGN 2
-#endif
-
-#pragma extern_model strict_refdef "LIB$INITIALIZ" PSECT_ALIGN, nopic, nowrt
-const int spare[ 8] = { 0 };
-
-#pragma extern_model strict_refdef "LIB$INITIALIZE" PSECT_ALIGN, nopic, nowrt
-void (*const x_decc_init)() = decc_init;
-
-#pragma extern_model restore
-
-/* Fake reference to ensure loading the LIB$INITIALIZE PSECT. */
-
-#pragma extern_model save
-
-int LIB$INITIALIZE( void);
-
-#pragma extern_model strict_refdef
-int dmy_lib$initialize = (int) LIB$INITIALIZE;
-
-#pragma extern_model restore
-
-#pragma standard
-
-#else /* def USE_DECC_INIT */
-
-/* Dummy code to avoid a %CC-W-EMPTYFILE complaint. */
-int decc_init_dummy( void);
-
-#endif /* def USE_DECC_INIT */
diff --git a/deps/openssl/openssl/apps/winrand.c b/deps/openssl/openssl/apps/winrand.c
deleted file mode 100644
index 59bede3d70a..00000000000
--- a/deps/openssl/openssl/apps/winrand.c
+++ /dev/null
@@ -1,148 +0,0 @@
-/* apps/winrand.c */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* Usage: winrand [filename]
- *
- * Collects entropy from mouse movements and other events and writes
- * random data to filename or .rnd
- */
-
-#include 
-#include 
-#include 
-
-LRESULT CALLBACK WndProc(HWND, UINT, WPARAM, LPARAM);
-const char *filename;
-
-int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance,
-        PSTR cmdline, int iCmdShow)
-	{
-	static char appname[] = "OpenSSL";
-	HWND hwnd;
-	MSG msg;
-	WNDCLASSEX wndclass;
-        char buffer[200];
-
-        if (cmdline[0] == '\0')
-                filename = RAND_file_name(buffer, sizeof buffer);
-        else
-                filename = cmdline;
-
-        RAND_load_file(filename, -1);
-
-	wndclass.cbSize = sizeof(wndclass);
-	wndclass.style = CS_HREDRAW | CS_VREDRAW;
-	wndclass.lpfnWndProc = WndProc;
-	wndclass.cbClsExtra = 0;
-	wndclass.cbWndExtra = 0;
-	wndclass.hInstance = hInstance;
-	wndclass.hIcon = LoadIcon(NULL, IDI_APPLICATION);
-	wndclass.hCursor = LoadCursor(NULL, IDC_ARROW);
-	wndclass.hbrBackground = (HBRUSH) GetStockObject(WHITE_BRUSH);
-	wndclass.lpszMenuName = NULL;
-        wndclass.lpszClassName = appname;
-	wndclass.hIconSm = LoadIcon(NULL, IDI_APPLICATION);
-	RegisterClassEx(&wndclass);
-
-        hwnd = CreateWindow(appname, OPENSSL_VERSION_TEXT,
-		WS_OVERLAPPEDWINDOW, CW_USEDEFAULT, CW_USEDEFAULT,
-		CW_USEDEFAULT, CW_USEDEFAULT, NULL, NULL, hInstance, NULL);
-
-	ShowWindow(hwnd, iCmdShow);
-	UpdateWindow(hwnd);
-
-
-	while (GetMessage(&msg, NULL, 0, 0))
-		{
-		TranslateMessage(&msg);
-		DispatchMessage(&msg);
-		}
-
-	return msg.wParam;
-	}
-
-LRESULT CALLBACK WndProc(HWND hwnd, UINT iMsg, WPARAM wParam, LPARAM lParam)
-	{
-        HDC hdc;
-	PAINTSTRUCT ps;
-        RECT rect;
-        static int seeded = 0;
-
-	switch (iMsg)
-		{
-	case WM_PAINT:
-		hdc = BeginPaint(hwnd, &ps);
-		GetClientRect(hwnd, &rect);
-                DrawText(hdc, "Seeding the PRNG. Please move the mouse!", -1,
-			&rect, DT_SINGLELINE | DT_CENTER | DT_VCENTER);
-		EndPaint(hwnd, &ps);
-		return 0;
-		
-        case WM_DESTROY:
-                PostQuitMessage(0);
-                return 0;
-                }
-
-        if (RAND_event(iMsg, wParam, lParam) == 1 && seeded == 0)
-                {
-                seeded = 1;
-                if (RAND_write_file(filename) <= 0)
-                        MessageBox(hwnd, "Couldn't write random file!",
-				"OpenSSL", MB_OK | MB_ICONERROR);
-                PostQuitMessage(0);
-                }
-
-	return DefWindowProc(hwnd, iMsg, wParam, lParam);
-	}
diff --git a/deps/openssl/openssl/apps/x509.c b/deps/openssl/openssl/apps/x509.c
deleted file mode 100644
index 9f5eaeb6beb..00000000000
--- a/deps/openssl/openssl/apps/x509.c
+++ /dev/null
@@ -1,1292 +0,0 @@
-/* apps/x509.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include 
-#include 
-#include 
-#include 
-#ifdef OPENSSL_NO_STDIO
-#define APPS_WIN16
-#endif
-#include "apps.h"
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#ifndef OPENSSL_NO_RSA
-#include 
-#endif
-#ifndef OPENSSL_NO_DSA
-#include 
-#endif
-
-#undef PROG
-#define PROG x509_main
-
-#undef POSTFIX
-#define	POSTFIX	".srl"
-#define DEF_DAYS	30
-
-static const char *x509_usage[]={
-"usage: x509 args\n",
-" -inform arg     - input format - default PEM (one of DER, NET or PEM)\n",
-" -outform arg    - output format - default PEM (one of DER, NET or PEM)\n",
-" -keyform arg    - private key format - default PEM\n",
-" -CAform arg     - CA format - default PEM\n",
-" -CAkeyform arg  - CA key format - default PEM\n",
-" -in arg         - input file - default stdin\n",
-" -out arg        - output file - default stdout\n",
-" -passin arg     - private key password source\n",
-" -serial         - print serial number value\n",
-" -subject_hash   - print subject hash value\n",
-#ifndef OPENSSL_NO_MD5
-" -subject_hash_old   - print old-style (MD5) subject hash value\n",
-#endif
-" -issuer_hash    - print issuer hash value\n",
-#ifndef OPENSSL_NO_MD5
-" -issuer_hash_old    - print old-style (MD5) issuer hash value\n",
-#endif
-" -hash           - synonym for -subject_hash\n",
-" -subject        - print subject DN\n",
-" -issuer         - print issuer DN\n",
-" -email          - print email address(es)\n",
-" -startdate      - notBefore field\n",
-" -enddate        - notAfter field\n",
-" -purpose        - print out certificate purposes\n",
-" -dates          - both Before and After dates\n",
-" -modulus        - print the RSA key modulus\n",
-" -pubkey         - output the public key\n",
-" -fingerprint    - print the certificate fingerprint\n",
-" -alias          - output certificate alias\n",
-" -noout          - no certificate output\n",
-" -ocspid         - print OCSP hash values for the subject name and public key\n",
-" -ocsp_uri       - print OCSP Responder URL(s)\n",
-" -trustout       - output a \"trusted\" certificate\n",
-" -clrtrust       - clear all trusted purposes\n",
-" -clrreject      - clear all rejected purposes\n",
-" -addtrust arg   - trust certificate for a given purpose\n",
-" -addreject arg  - reject certificate for a given purpose\n",
-" -setalias arg   - set certificate alias\n",
-" -days arg       - How long till expiry of a signed certificate - def 30 days\n",
-" -checkend arg   - check whether the cert expires in the next arg seconds\n",
-"                   exit 1 if so, 0 if not\n",
-" -signkey arg    - self sign cert with arg\n",
-" -x509toreq      - output a certification request object\n",
-" -req            - input is a certificate request, sign and output.\n",
-" -CA arg         - set the CA certificate, must be PEM format.\n",
-" -CAkey arg      - set the CA key, must be PEM format\n",
-"                   missing, it is assumed to be in the CA file.\n",
-" -CAcreateserial - create serial number file if it does not exist\n",
-" -CAserial arg   - serial file\n",
-" -set_serial     - serial number to use\n",
-" -text           - print the certificate in text form\n",
-" -C              - print out C code forms\n",
-" -md2/-md5/-sha1/-mdc2 - digest to use\n",
-" -extfile        - configuration file with X509V3 extensions to add\n",
-" -extensions     - section from config file with X509V3 extensions to add\n",
-" -clrext         - delete extensions before signing and input certificate\n",
-" -nameopt arg    - various certificate name options\n",
-#ifndef OPENSSL_NO_ENGINE
-" -engine e       - use engine e, possibly a hardware device.\n",
-#endif
-" -certopt arg    - various certificate text options\n",
-NULL
-};
-
-static int MS_CALLBACK callb(int ok, X509_STORE_CTX *ctx);
-static int sign (X509 *x, EVP_PKEY *pkey,int days,int clrext, const EVP_MD *digest,
-						CONF *conf, char *section);
-static int x509_certify (X509_STORE *ctx,char *CAfile,const EVP_MD *digest,
-			 X509 *x,X509 *xca,EVP_PKEY *pkey,char *serial,
-			 int create,int days, int clrext, CONF *conf, char *section,
-						ASN1_INTEGER *sno);
-static int purpose_print(BIO *bio, X509 *cert, X509_PURPOSE *pt);
-static int reqfile=0;
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	ENGINE *e = NULL;
-	int ret=1;
-	X509_REQ *req=NULL;
-	X509 *x=NULL,*xca=NULL;
-	ASN1_OBJECT *objtmp;
-	EVP_PKEY *Upkey=NULL,*CApkey=NULL;
-	ASN1_INTEGER *sno = NULL;
-	int i,num,badops=0;
-	BIO *out=NULL;
-	BIO *STDout=NULL;
-	STACK_OF(ASN1_OBJECT) *trust = NULL, *reject = NULL;
-	int informat,outformat,keyformat,CAformat,CAkeyformat;
-	char *infile=NULL,*outfile=NULL,*keyfile=NULL,*CAfile=NULL;
-	char *CAkeyfile=NULL,*CAserial=NULL;
-	char *alias=NULL;
-	int text=0,serial=0,subject=0,issuer=0,startdate=0,enddate=0;
-	int next_serial=0;
-	int subject_hash=0,issuer_hash=0,ocspid=0;
-#ifndef OPENSSL_NO_MD5
-	int subject_hash_old=0,issuer_hash_old=0;
-#endif
-	int noout=0,sign_flag=0,CA_flag=0,CA_createserial=0,email=0;
-	int ocsp_uri=0;
-	int trustout=0,clrtrust=0,clrreject=0,aliasout=0,clrext=0;
-	int C=0;
-	int x509req=0,days=DEF_DAYS,modulus=0,pubkey=0;
-	int pprint = 0;
-	const char **pp;
-	X509_STORE *ctx=NULL;
-	X509_REQ *rq=NULL;
-	int fingerprint=0;
-	char buf[256];
-	const EVP_MD *md_alg,*digest=NULL;
-	CONF *extconf = NULL;
-	char *extsect = NULL, *extfile = NULL, *passin = NULL, *passargin = NULL;
-	int need_rand = 0;
-	int checkend=0,checkoffset=0;
-	unsigned long nmflag = 0, certflag = 0;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-
-	reqfile=0;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
-
-	if (!load_config(bio_err, NULL))
-		goto end;
-	STDout=BIO_new_fp(stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-	{
-	BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-	STDout = BIO_push(tmpbio, STDout);
-	}
-#endif
-
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
-	keyformat=FORMAT_PEM;
-	CAformat=FORMAT_PEM;
-	CAkeyformat=FORMAT_PEM;
-
-	ctx=X509_STORE_new();
-	if (ctx == NULL) goto end;
-	X509_STORE_set_verify_cb(ctx,callb);
-
-	argc--;
-	argv++;
-	num=0;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-keyform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			keyformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-req") == 0)
-			{
-			reqfile=1;
-			need_rand = 1;
-			}
-		else if (strcmp(*argv,"-CAform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			CAformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-CAkeyform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			CAkeyformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-days") == 0)
-			{
-			if (--argc < 1) goto bad;
-			days=atoi(*(++argv));
-			if (days == 0)
-				{
-				BIO_printf(STDout,"bad number of days\n");
-				goto bad;
-				}
-			}
-		else if (strcmp(*argv,"-passin") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passargin= *(++argv);
-			}
-		else if (strcmp(*argv,"-extfile") == 0)
-			{
-			if (--argc < 1) goto bad;
-			extfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-extensions") == 0)
-			{
-			if (--argc < 1) goto bad;
-			extsect= *(++argv);
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-signkey") == 0)
-			{
-			if (--argc < 1) goto bad;
-			keyfile= *(++argv);
-			sign_flag= ++num;
-			need_rand = 1;
-			}
-		else if (strcmp(*argv,"-CA") == 0)
-			{
-			if (--argc < 1) goto bad;
-			CAfile= *(++argv);
-			CA_flag= ++num;
-			need_rand = 1;
-			}
-		else if (strcmp(*argv,"-CAkey") == 0)
-			{
-			if (--argc < 1) goto bad;
-			CAkeyfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-CAserial") == 0)
-			{
-			if (--argc < 1) goto bad;
-			CAserial= *(++argv);
-			}
-		else if (strcmp(*argv,"-set_serial") == 0)
-			{
-			if (--argc < 1) goto bad;
-			if (!(sno = s2i_ASN1_INTEGER(NULL, *(++argv))))
-				goto bad;
-			}
-		else if (strcmp(*argv,"-addtrust") == 0)
-			{
-			if (--argc < 1) goto bad;
-			if (!(objtmp = OBJ_txt2obj(*(++argv), 0)))
-				{
-				BIO_printf(bio_err,
-					"Invalid trust object value %s\n", *argv);
-				goto bad;
-				}
-			if (!trust) trust = sk_ASN1_OBJECT_new_null();
-			sk_ASN1_OBJECT_push(trust, objtmp);
-			trustout = 1;
-			}
-		else if (strcmp(*argv,"-addreject") == 0)
-			{
-			if (--argc < 1) goto bad;
-			if (!(objtmp = OBJ_txt2obj(*(++argv), 0)))
-				{
-				BIO_printf(bio_err,
-					"Invalid reject object value %s\n", *argv);
-				goto bad;
-				}
-			if (!reject) reject = sk_ASN1_OBJECT_new_null();
-			sk_ASN1_OBJECT_push(reject, objtmp);
-			trustout = 1;
-			}
-		else if (strcmp(*argv,"-setalias") == 0)
-			{
-			if (--argc < 1) goto bad;
-			alias= *(++argv);
-			trustout = 1;
-			}
-		else if (strcmp(*argv,"-certopt") == 0)
-			{
-			if (--argc < 1) goto bad;
-			if (!set_cert_ex(&certflag, *(++argv))) goto bad;
-			}
-		else if (strcmp(*argv,"-nameopt") == 0)
-			{
-			if (--argc < 1) goto bad;
-			if (!set_name_ex(&nmflag, *(++argv))) goto bad;
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
-			}
-#endif
-		else if (strcmp(*argv,"-C") == 0)
-			C= ++num;
-		else if (strcmp(*argv,"-email") == 0)
-			email= ++num;
-		else if (strcmp(*argv,"-ocsp_uri") == 0)
-			ocsp_uri= ++num;
-		else if (strcmp(*argv,"-serial") == 0)
-			serial= ++num;
-		else if (strcmp(*argv,"-next_serial") == 0)
-			next_serial= ++num;
-		else if (strcmp(*argv,"-modulus") == 0)
-			modulus= ++num;
-		else if (strcmp(*argv,"-pubkey") == 0)
-			pubkey= ++num;
-		else if (strcmp(*argv,"-x509toreq") == 0)
-			x509req= ++num;
-		else if (strcmp(*argv,"-text") == 0)
-			text= ++num;
-		else if (strcmp(*argv,"-hash") == 0
-			|| strcmp(*argv,"-subject_hash") == 0)
-			subject_hash= ++num;
-#ifndef OPENSSL_NO_MD5
-		else if (strcmp(*argv,"-subject_hash_old") == 0)
-			subject_hash_old= ++num;
-#endif
-		else if (strcmp(*argv,"-issuer_hash") == 0)
-			issuer_hash= ++num;
-#ifndef OPENSSL_NO_MD5
-		else if (strcmp(*argv,"-issuer_hash_old") == 0)
-			issuer_hash_old= ++num;
-#endif
-		else if (strcmp(*argv,"-subject") == 0)
-			subject= ++num;
-		else if (strcmp(*argv,"-issuer") == 0)
-			issuer= ++num;
-		else if (strcmp(*argv,"-fingerprint") == 0)
-			fingerprint= ++num;
-		else if (strcmp(*argv,"-dates") == 0)
-			{
-			startdate= ++num;
-			enddate= ++num;
-			}
-		else if (strcmp(*argv,"-purpose") == 0)
-			pprint= ++num;
-		else if (strcmp(*argv,"-startdate") == 0)
-			startdate= ++num;
-		else if (strcmp(*argv,"-enddate") == 0)
-			enddate= ++num;
-		else if (strcmp(*argv,"-checkend") == 0)
-			{
-			if (--argc < 1) goto bad;
-			checkoffset=atoi(*(++argv));
-			checkend=1;
-			}
-		else if (strcmp(*argv,"-noout") == 0)
-			noout= ++num;
-		else if (strcmp(*argv,"-trustout") == 0)
-			trustout= 1;
-		else if (strcmp(*argv,"-clrtrust") == 0)
-			clrtrust= ++num;
-		else if (strcmp(*argv,"-clrreject") == 0)
-			clrreject= ++num;
-		else if (strcmp(*argv,"-alias") == 0)
-			aliasout= ++num;
-		else if (strcmp(*argv,"-CAcreateserial") == 0)
-			CA_createserial= ++num;
-		else if (strcmp(*argv,"-clrext") == 0)
-			clrext = 1;
-#if 1 /* stay backwards-compatible with 0.9.5; this should go away soon */
-		else if (strcmp(*argv,"-crlext") == 0)
-			{
-			BIO_printf(bio_err,"use -clrext instead of -crlext\n");
-			clrext = 1;
-			}
-#endif
-		else if (strcmp(*argv,"-ocspid") == 0)
-			ocspid= ++num;
-		else if ((md_alg=EVP_get_digestbyname(*argv + 1)))
-			{
-			/* ok */
-			digest=md_alg;
-			}
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		for (pp=x509_usage; (*pp != NULL); pp++)
-			BIO_printf(bio_err,"%s",*pp);
-		goto end;
-		}
-
-#ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
-#endif
-
-	if (need_rand)
-		app_RAND_load_file(NULL, bio_err, 0);
-
-	ERR_load_crypto_strings();
-
-	if (!app_passwd(bio_err, passargin, NULL, &passin, NULL))
-		{
-		BIO_printf(bio_err, "Error getting password\n");
-		goto end;
-		}
-
-	if (!X509_STORE_set_default_paths(ctx))
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if ((CAkeyfile == NULL) && (CA_flag) && (CAformat == FORMAT_PEM))
-		{ CAkeyfile=CAfile; }
-	else if ((CA_flag) && (CAkeyfile == NULL))
-		{
-		BIO_printf(bio_err,"need to specify a CAkey if using the CA command\n");
-		goto end;
-		}
-
-	if (extfile)
-		{
-		long errorline = -1;
-		X509V3_CTX ctx2;
-		extconf = NCONF_new(NULL);
-		if (!NCONF_load(extconf, extfile,&errorline))
-			{
-			if (errorline <= 0)
-				BIO_printf(bio_err,
-					"error loading the config file '%s'\n",
-								extfile);
-                	else
-                        	BIO_printf(bio_err,
-				       "error on line %ld of config file '%s'\n"
-							,errorline,extfile);
-			goto end;
-			}
-		if (!extsect)
-			{
-			extsect = NCONF_get_string(extconf, "default", "extensions");
-			if (!extsect)
-				{
-				ERR_clear_error();
-				extsect = "default";
-				}
-			}
-		X509V3_set_ctx_test(&ctx2);
-		X509V3_set_nconf(&ctx2, extconf);
-		if (!X509V3_EXT_add_nconf(extconf, &ctx2, extsect, NULL))
-			{
-			BIO_printf(bio_err,
-				"Error Loading extension section %s\n",
-								 extsect);
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		}
-
-
-	if (reqfile)
-		{
-		EVP_PKEY *pkey;
-		BIO *in;
-
-		if (!sign_flag && !CA_flag)
-			{
-			BIO_printf(bio_err,"We need a private key to sign with\n");
-			goto end;
-			}
-		in=BIO_new(BIO_s_file());
-		if (in == NULL)
-			{
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-
-		if (infile == NULL)
-			BIO_set_fp(in,stdin,BIO_NOCLOSE|BIO_FP_TEXT);
-		else
-			{
-			if (BIO_read_filename(in,infile) <= 0)
-				{
-				perror(infile);
-				BIO_free(in);
-				goto end;
-				}
-			}
-		req=PEM_read_bio_X509_REQ(in,NULL,NULL,NULL);
-		BIO_free(in);
-
-		if (req == NULL)
-			{
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-
-		if (	(req->req_info == NULL) ||
-			(req->req_info->pubkey == NULL) ||
-			(req->req_info->pubkey->public_key == NULL) ||
-			(req->req_info->pubkey->public_key->data == NULL))
-			{
-			BIO_printf(bio_err,"The certificate request appears to corrupted\n");
-			BIO_printf(bio_err,"It does not contain a public key\n");
-			goto end;
-			}
-		if ((pkey=X509_REQ_get_pubkey(req)) == NULL)
-	                {
-	                BIO_printf(bio_err,"error unpacking public key\n");
-	                goto end;
-	                }
-		i=X509_REQ_verify(req,pkey);
-		EVP_PKEY_free(pkey);
-		if (i < 0)
-			{
-			BIO_printf(bio_err,"Signature verification error\n");
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-	        if (i == 0)
-			{
-			BIO_printf(bio_err,"Signature did not match the certificate request\n");
-			goto end;
-			}
-		else
-			BIO_printf(bio_err,"Signature ok\n");
-
-		print_name(bio_err, "subject=", X509_REQ_get_subject_name(req), nmflag);
-
-		if ((x=X509_new()) == NULL) goto end;
-
-		if (sno == NULL)
-			{
-			sno = ASN1_INTEGER_new();
-			if (!sno || !rand_serial(NULL, sno))
-				goto end;
-			if (!X509_set_serialNumber(x, sno)) 
-				goto end;
-			ASN1_INTEGER_free(sno);
-			sno = NULL;
-			}
-		else if (!X509_set_serialNumber(x, sno)) 
-			goto end;
-
-		if (!X509_set_issuer_name(x,req->req_info->subject)) goto end;
-		if (!X509_set_subject_name(x,req->req_info->subject)) goto end;
-
-		X509_gmtime_adj(X509_get_notBefore(x),0);
-	        X509_time_adj_ex(X509_get_notAfter(x),days, 0, NULL);
-
-		pkey = X509_REQ_get_pubkey(req);
-		X509_set_pubkey(x,pkey);
-		EVP_PKEY_free(pkey);
-		}
-	else
-		x=load_cert(bio_err,infile,informat,NULL,e,"Certificate");
-
-	if (x == NULL) goto end;
-	if (CA_flag)
-		{
-		xca=load_cert(bio_err,CAfile,CAformat,NULL,e,"CA Certificate");
-		if (xca == NULL) goto end;
-		}
-
-	if (!noout || text || next_serial)
-		{
-		OBJ_create("2.99999.3",
-			"SET.ex3","SET x509v3 extension 3");
-
-		out=BIO_new(BIO_s_file());
-		if (out == NULL)
-			{
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		if (outfile == NULL)
-			{
-			BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
-			{
-			BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-			out = BIO_push(tmpbio, out);
-			}
-#endif
-			}
-		else
-			{
-			if (BIO_write_filename(out,outfile) <= 0)
-				{
-				perror(outfile);
-				goto end;
-				}
-			}
-		}
-
-	if (alias) X509_alias_set1(x, (unsigned char *)alias, -1);
-
-	if (clrtrust) X509_trust_clear(x);
-	if (clrreject) X509_reject_clear(x);
-
-	if (trust)
-		{
-		for (i = 0; i < sk_ASN1_OBJECT_num(trust); i++)
-			{
-			objtmp = sk_ASN1_OBJECT_value(trust, i);
-			X509_add1_trust_object(x, objtmp);
-			}
-		}
-
-	if (reject)
-		{
-		for (i = 0; i < sk_ASN1_OBJECT_num(reject); i++)
-			{
-			objtmp = sk_ASN1_OBJECT_value(reject, i);
-			X509_add1_reject_object(x, objtmp);
-			}
-		}
-
-	if (num)
-		{
-		for (i=1; i<=num; i++)
-			{
-			if (issuer == i)
-				{
-				print_name(STDout, "issuer= ",
-					X509_get_issuer_name(x), nmflag);
-				}
-			else if (subject == i) 
-				{
-				print_name(STDout, "subject= ",
-					X509_get_subject_name(x), nmflag);
-				}
-			else if (serial == i)
-				{
-				BIO_printf(STDout,"serial=");
-				i2a_ASN1_INTEGER(STDout,
-					X509_get_serialNumber(x));
-				BIO_printf(STDout,"\n");
-				}
-			else if (next_serial == i)
-				{
-				BIGNUM *bnser;
-				ASN1_INTEGER *ser;
-				ser = X509_get_serialNumber(x);
-				bnser = ASN1_INTEGER_to_BN(ser, NULL);
-				if (!bnser)
-					goto end;
-				if (!BN_add_word(bnser, 1))
-					goto end;
-				ser = BN_to_ASN1_INTEGER(bnser, NULL);
-				if (!ser)
-					goto end;
-				BN_free(bnser);
-				i2a_ASN1_INTEGER(out, ser);
-				ASN1_INTEGER_free(ser);
-				BIO_puts(out, "\n");
-				}
-			else if ((email == i) || (ocsp_uri == i))
-				{
-				int j;
-				STACK_OF(OPENSSL_STRING) *emlst;
-				if (email == i)
-					emlst = X509_get1_email(x);
-				else
-					emlst = X509_get1_ocsp(x);
-				for (j = 0; j < sk_OPENSSL_STRING_num(emlst); j++)
-					BIO_printf(STDout, "%s\n",
-						   sk_OPENSSL_STRING_value(emlst, j));
-				X509_email_free(emlst);
-				}
-			else if (aliasout == i)
-				{
-				unsigned char *alstr;
-				alstr = X509_alias_get0(x, NULL);
-				if (alstr) BIO_printf(STDout,"%s\n", alstr);
-				else BIO_puts(STDout,"\n");
-				}
-			else if (subject_hash == i)
-				{
-				BIO_printf(STDout,"%08lx\n",X509_subject_name_hash(x));
-				}
-#ifndef OPENSSL_NO_MD5
-			else if (subject_hash_old == i)
-				{
-				BIO_printf(STDout,"%08lx\n",X509_subject_name_hash_old(x));
-				}
-#endif
-			else if (issuer_hash == i)
-				{
-				BIO_printf(STDout,"%08lx\n",X509_issuer_name_hash(x));
-				}
-#ifndef OPENSSL_NO_MD5
-			else if (issuer_hash_old == i)
-				{
-				BIO_printf(STDout,"%08lx\n",X509_issuer_name_hash_old(x));
-				}
-#endif
-			else if (pprint == i)
-				{
-				X509_PURPOSE *ptmp;
-				int j;
-				BIO_printf(STDout, "Certificate purposes:\n");
-				for (j = 0; j < X509_PURPOSE_get_count(); j++)
-					{
-					ptmp = X509_PURPOSE_get0(j);
-					purpose_print(STDout, x, ptmp);
-					}
-				}
-			else
-				if (modulus == i)
-				{
-				EVP_PKEY *pkey;
-
-				pkey=X509_get_pubkey(x);
-				if (pkey == NULL)
-					{
-					BIO_printf(bio_err,"Modulus=unavailable\n");
-					ERR_print_errors(bio_err);
-					goto end;
-					}
-				BIO_printf(STDout,"Modulus=");
-#ifndef OPENSSL_NO_RSA
-				if (pkey->type == EVP_PKEY_RSA)
-					BN_print(STDout,pkey->pkey.rsa->n);
-				else
-#endif
-#ifndef OPENSSL_NO_DSA
-				if (pkey->type == EVP_PKEY_DSA)
-					BN_print(STDout,pkey->pkey.dsa->pub_key);
-				else
-#endif
-					BIO_printf(STDout,"Wrong Algorithm type");
-				BIO_printf(STDout,"\n");
-				EVP_PKEY_free(pkey);
-				}
-			else
-				if (pubkey == i)
-				{
-				EVP_PKEY *pkey;
-
-				pkey=X509_get_pubkey(x);
-				if (pkey == NULL)
-					{
-					BIO_printf(bio_err,"Error getting public key\n");
-					ERR_print_errors(bio_err);
-					goto end;
-					}
-				PEM_write_bio_PUBKEY(STDout, pkey);
-				EVP_PKEY_free(pkey);
-				}
-			else
-				if (C == i)
-				{
-				unsigned char *d;
-				char *m;
-				int y,z;
-
-				X509_NAME_oneline(X509_get_subject_name(x),
-					buf,sizeof buf);
-				BIO_printf(STDout,"/* subject:%s */\n",buf);
-				m=X509_NAME_oneline(
-					X509_get_issuer_name(x),buf,
-					sizeof buf);
-				BIO_printf(STDout,"/* issuer :%s */\n",buf);
-
-				z=i2d_X509(x,NULL);
-				m=OPENSSL_malloc(z);
-
-				d=(unsigned char *)m;
-				z=i2d_X509_NAME(X509_get_subject_name(x),&d);
-				BIO_printf(STDout,"unsigned char XXX_subject_name[%d]={\n",z);
-				d=(unsigned char *)m;
-				for (y=0; y 0) X509_delete_ext(x, 0);
-		}
-
-	if (conf)
-		{
-		X509V3_CTX ctx2;
-		X509_set_version(x,2); /* version 3 certificate */
-                X509V3_set_ctx(&ctx2, xca, x, NULL, NULL, 0);
-                X509V3_set_nconf(&ctx2, conf);
-                if (!X509V3_EXT_add_nconf(conf, &ctx2, section, x)) goto end;
-		}
-
-	if (!X509_sign(x,pkey,digest)) goto end;
-	ret=1;
-end:
-	X509_STORE_CTX_cleanup(&xsc);
-	if (!ret)
-		ERR_print_errors(bio_err);
-	if (!sno) ASN1_INTEGER_free(bs);
-	return ret;
-	}
-
-static int MS_CALLBACK callb(int ok, X509_STORE_CTX *ctx)
-	{
-	int err;
-	X509 *err_cert;
-
-	/* it is ok to use a self signed certificate
-	 * This case will catch both the initial ok == 0 and the
-	 * final ok == 1 calls to this function */
-	err=X509_STORE_CTX_get_error(ctx);
-	if (err == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT)
-		return 1;
-
-	/* BAD we should have gotten an error.  Normally if everything
-	 * worked X509_STORE_CTX_get_error(ctx) will still be set to
-	 * DEPTH_ZERO_SELF_.... */
-	if (ok)
-		{
-		BIO_printf(bio_err,"error with certificate to be certified - should be self signed\n");
-		return 0;
-		}
-	else
-		{
-		err_cert=X509_STORE_CTX_get_current_cert(ctx);
-		print_name(bio_err, NULL, X509_get_subject_name(err_cert),0);
-		BIO_printf(bio_err,"error with certificate - error %d at depth %d\n%s\n",
-			err,X509_STORE_CTX_get_error_depth(ctx),
-			X509_verify_cert_error_string(err));
-		return 1;
-		}
-	}
-
-/* self sign */
-static int sign(X509 *x, EVP_PKEY *pkey, int days, int clrext, const EVP_MD *digest, 
-						CONF *conf, char *section)
-	{
-
-	EVP_PKEY *pktmp;
-
-	pktmp = X509_get_pubkey(x);
-	EVP_PKEY_copy_parameters(pktmp,pkey);
-	EVP_PKEY_save_parameters(pktmp,1);
-	EVP_PKEY_free(pktmp);
-
-	if (!X509_set_issuer_name(x,X509_get_subject_name(x))) goto err;
-	if (X509_gmtime_adj(X509_get_notBefore(x),0) == NULL) goto err;
-
-	/* Lets just make it 12:00am GMT, Jan 1 1970 */
-	/* memcpy(x->cert_info->validity->notBefore,"700101120000Z",13); */
-	/* 28 days to be certified */
-
-	if (X509_gmtime_adj(X509_get_notAfter(x),(long)60*60*24*days) == NULL)
-		goto err;
-
-	if (!X509_set_pubkey(x,pkey)) goto err;
-	if (clrext)
-		{
-		while (X509_get_ext_count(x) > 0) X509_delete_ext(x, 0);
-		}
-	if (conf)
-		{
-		X509V3_CTX ctx;
-		X509_set_version(x,2); /* version 3 certificate */
-                X509V3_set_ctx(&ctx, x, x, NULL, NULL, 0);
-                X509V3_set_nconf(&ctx, conf);
-                if (!X509V3_EXT_add_nconf(conf, &ctx, section, x)) goto err;
-		}
-	if (!X509_sign(x,pkey,digest)) goto err;
-	return 1;
-err:
-	ERR_print_errors(bio_err);
-	return 0;
-	}
-
-static int purpose_print(BIO *bio, X509 *cert, X509_PURPOSE *pt)
-{
-	int id, i, idret;
-	char *pname;
-	id = X509_PURPOSE_get_id(pt);
-	pname = X509_PURPOSE_get0_name(pt);
-	for (i = 0; i < 2; i++)
-		{
-		idret = X509_check_purpose(cert, id, i);
-		BIO_printf(bio, "%s%s : ", pname, i ? " CA" : ""); 
-		if (idret == 1) BIO_printf(bio, "Yes\n");
-		else if (idret == 0) BIO_printf(bio, "No\n");
-		else BIO_printf(bio, "Yes (WARNING code=%d)\n", idret);
-		}
-	return 1;
-}
diff --git a/deps/openssl/openssl/test/CAss.cnf b/deps/openssl/openssl/test/CAss.cnf
deleted file mode 100644
index 20f8f05e3df..00000000000
--- a/deps/openssl/openssl/test/CAss.cnf
+++ /dev/null
@@ -1,76 +0,0 @@
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-
-RANDFILE		= ./.rnd
-
-####################################################################
-[ req ]
-default_bits		= 512
-default_keyfile 	= keySS.pem
-distinguished_name	= req_distinguished_name
-encrypt_rsa_key		= no
-default_md		= sha1
-
-[ req_distinguished_name ]
-countryName			= Country Name (2 letter code)
-countryName_default		= AU
-countryName_value		= AU
-
-organizationName		= Organization Name (eg, company)
-organizationName_value		= Dodgy Brothers
-
-commonName			= Common Name (eg, YOUR name)
-commonName_value		= Dodgy CA
-
-####################################################################
-[ ca ]
-default_ca	= CA_default		# The default ca section
-
-####################################################################
-[ CA_default ]
-
-dir		= ./demoCA		# Where everything is kept
-certs		= $dir/certs		# Where the issued certs are kept
-crl_dir		= $dir/crl		# Where the issued crl are kept
-database	= $dir/index.txt	# database index file.
-#unique_subject	= no			# Set to 'no' to allow creation of
-					# several ctificates with same subject.
-new_certs_dir	= $dir/newcerts		# default place for new certs.
-
-certificate	= $dir/cacert.pem 	# The CA certificate
-serial		= $dir/serial 		# The current serial number
-crl		= $dir/crl.pem 		# The current CRL
-private_key	= $dir/private/cakey.pem# The private key
-RANDFILE	= $dir/private/.rand	# private random number file
-
-x509_extensions	= v3_ca			# The extentions to add to the cert
-
-name_opt 	= ca_default		# Subject Name options
-cert_opt 	= ca_default		# Certificate field options
-
-default_days	= 365			# how long to certify for
-default_crl_days= 30			# how long before next CRL
-default_md	= md5			# which md to use.
-preserve	= no			# keep passed DN ordering
-
-policy		= policy_anything
-
-[ policy_anything ]
-countryName		= optional
-stateOrProvinceName	= optional
-localityName		= optional
-organizationName	= optional
-organizationalUnitName	= optional
-commonName		= supplied
-emailAddress		= optional
-
-
-
-[ v3_ca ]
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid:always,issuer:always
-basicConstraints = CA:true,pathlen:1
-keyUsage = cRLSign, keyCertSign
-issuerAltName=issuer:copy
diff --git a/deps/openssl/openssl/test/CAssdh.cnf b/deps/openssl/openssl/test/CAssdh.cnf
deleted file mode 100644
index 4e0a908679f..00000000000
--- a/deps/openssl/openssl/test/CAssdh.cnf
+++ /dev/null
@@ -1,24 +0,0 @@
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-# hacked by iang to do DH certs - CA
-
-RANDFILE              = ./.rnd
-
-####################################################################
-[ req ]
-distinguished_name    = req_distinguished_name
-encrypt_rsa_key               = no
-
-[ req_distinguished_name ]
-countryName                   = Country Name (2 letter code)
-countryName_default           = CU
-countryName_value             = CU
-
-organizationName              = Organization Name (eg, company)
-organizationName_value                = La Junta de la Revolucion
-
-commonName                    = Common Name (eg, YOUR name)
-commonName_value              = Junta
-
diff --git a/deps/openssl/openssl/test/CAssdsa.cnf b/deps/openssl/openssl/test/CAssdsa.cnf
deleted file mode 100644
index a6b4d1810c9..00000000000
--- a/deps/openssl/openssl/test/CAssdsa.cnf
+++ /dev/null
@@ -1,23 +0,0 @@
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-# hacked by iang to do DSA certs - CA
-
-RANDFILE              = ./.rnd
-
-####################################################################
-[ req ]
-distinguished_name    = req_distinguished_name
-encrypt_rsa_key               = no
-
-[ req_distinguished_name ]
-countryName                   = Country Name (2 letter code)
-countryName_default           = ES
-countryName_value             = ES
-
-organizationName              = Organization Name (eg, company)
-organizationName_value                = Hermanos Locos
-
-commonName                    = Common Name (eg, YOUR name)
-commonName_value              = Hermanos Locos CA
diff --git a/deps/openssl/openssl/test/CAssrsa.cnf b/deps/openssl/openssl/test/CAssrsa.cnf
deleted file mode 100644
index eb24a6dfc0e..00000000000
--- a/deps/openssl/openssl/test/CAssrsa.cnf
+++ /dev/null
@@ -1,24 +0,0 @@
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-# create RSA certs - CA
-
-RANDFILE              = ./.rnd
-
-####################################################################
-[ req ]
-distinguished_name    = req_distinguished_name
-encrypt_key           = no
-
-[ req_distinguished_name ]
-countryName                   = Country Name (2 letter code)
-countryName_default           = ES
-countryName_value             = ES
-
-organizationName              = Organization Name (eg, company)
-organizationName_value                = Hermanos Locos
-
-commonName                    = Common Name (eg, YOUR name)
-commonName_value              = Hermanos Locos CA
-
diff --git a/deps/openssl/openssl/test/CAtsa.cnf b/deps/openssl/openssl/test/CAtsa.cnf
deleted file mode 100644
index f5a275bfc23..00000000000
--- a/deps/openssl/openssl/test/CAtsa.cnf
+++ /dev/null
@@ -1,163 +0,0 @@
-
-#
-# This config is used by the Time Stamp Authority tests.
-#
-
-RANDFILE		= ./.rnd
-
-# Extra OBJECT IDENTIFIER info:
-oid_section		= new_oids
-
-TSDNSECT		= ts_cert_dn
-INDEX			= 1
-
-[ new_oids ]
-
-# Policies used by the TSA tests.
-tsa_policy1 = 1.2.3.4.1
-tsa_policy2 = 1.2.3.4.5.6
-tsa_policy3 = 1.2.3.4.5.7
-
-#----------------------------------------------------------------------
-[ ca ]
-default_ca	= CA_default		# The default ca section
-
-[ CA_default ]
-
-dir		= ./demoCA
-certs		= $dir/certs		# Where the issued certs are kept
-database	= $dir/index.txt	# database index file.
-new_certs_dir	= $dir/newcerts		# default place for new certs.
-
-certificate	= $dir/cacert.pem 	# The CA certificate
-serial		= $dir/serial 		# The current serial number
-private_key	= $dir/private/cakey.pem# The private key
-RANDFILE	= $dir/private/.rand	# private random number file
-
-default_days	= 365			# how long to certify for
-default_md	= sha1			# which md to use.
-preserve	= no			# keep passed DN ordering
-
-policy		= policy_match
-
-# For the CA policy
-[ policy_match ]
-countryName		= supplied
-stateOrProvinceName	= supplied
-organizationName	= supplied
-organizationalUnitName	= optional
-commonName		= supplied
-emailAddress		= optional
-
-#----------------------------------------------------------------------
-[ req ]
-default_bits		= 1024
-default_md		= sha1
-distinguished_name	= $ENV::TSDNSECT
-encrypt_rsa_key		= no
-prompt 			= no
-# attributes		= req_attributes
-x509_extensions	= v3_ca	# The extentions to add to the self signed cert
-
-string_mask = nombstr
-
-[ ts_ca_dn ]
-countryName			= HU
-stateOrProvinceName		= Budapest
-localityName			= Budapest
-organizationName		= Gov-CA Ltd.
-commonName			= ca1
-
-[ ts_cert_dn ]
-countryName			= HU
-stateOrProvinceName		= Budapest
-localityName			= Buda
-organizationName		= Hun-TSA Ltd.
-commonName			= tsa$ENV::INDEX
-
-[ tsa_cert ]
-
-# TSA server cert is not a CA cert.
-basicConstraints=CA:FALSE
-
-# The following key usage flags are needed for TSA server certificates.
-keyUsage = nonRepudiation, digitalSignature
-extendedKeyUsage = critical,timeStamping
-
-# PKIX recommendations harmless if included in all certificates.
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-
-[ non_tsa_cert ]
-
-# This is not a CA cert and not a TSA cert, either (timeStamping usage missing)
-basicConstraints=CA:FALSE
-
-# The following key usage flags are needed for TSA server certificates.
-keyUsage = nonRepudiation, digitalSignature
-# timeStamping is not supported by this certificate
-# extendedKeyUsage = critical,timeStamping
-
-# PKIX recommendations harmless if included in all certificates.
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-
-[ v3_req ]
-
-# Extensions to add to a certificate request
-basicConstraints = CA:FALSE
-keyUsage = nonRepudiation, digitalSignature
-
-[ v3_ca ]
-
-# Extensions for a typical CA
-
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid:always,issuer:always
-basicConstraints = critical,CA:true
-keyUsage = cRLSign, keyCertSign
-
-#----------------------------------------------------------------------
-[ tsa ]
-
-default_tsa = tsa_config1	# the default TSA section
-
-[ tsa_config1 ]
-
-# These are used by the TSA reply generation only.
-dir		= .			# TSA root directory
-serial		= $dir/tsa_serial	# The current serial number (mandatory)
-signer_cert	= $dir/tsa_cert1.pem 	# The TSA signing certificate
-					# (optional)
-certs		= $dir/tsaca.pem	# Certificate chain to include in reply
-					# (optional)
-signer_key	= $dir/tsa_key1.pem	# The TSA private key (optional)
-
-default_policy	= tsa_policy1		# Policy if request did not specify it
-					# (optional)
-other_policies	= tsa_policy2, tsa_policy3	# acceptable policies (optional)
-digests		= md5, sha1		# Acceptable message digests (mandatory)
-accuracy	= secs:1, millisecs:500, microsecs:100	# (optional)
-ordering		= yes	# Is ordering defined for timestamps?
-				# (optional, default: no)
-tsa_name		= yes	# Must the TSA name be included in the reply?
-				# (optional, default: no)
-ess_cert_id_chain	= yes	# Must the ESS cert id chain be included?
-				# (optional, default: no)
-
-[ tsa_config2 ]
-
-# This configuration uses a certificate which doesn't have timeStamping usage.
-# These are used by the TSA reply generation only.
-dir		= .			# TSA root directory
-serial		= $dir/tsa_serial	# The current serial number (mandatory)
-signer_cert	= $dir/tsa_cert2.pem 	# The TSA signing certificate
-					# (optional)
-certs		= $dir/demoCA/cacert.pem# Certificate chain to include in reply
-					# (optional)
-signer_key	= $dir/tsa_key2.pem	# The TSA private key (optional)
-
-default_policy	= tsa_policy1		# Policy if request did not specify it
-					# (optional)
-other_policies	= tsa_policy2, tsa_policy3	# acceptable policies (optional)
-digests		= md5, sha1		# Acceptable message digests (mandatory)
diff --git a/deps/openssl/openssl/test/Makefile b/deps/openssl/openssl/test/Makefile
deleted file mode 100644
index 3912f82427e..00000000000
--- a/deps/openssl/openssl/test/Makefile
+++ /dev/null
@@ -1,698 +0,0 @@
-#
-# test/Makefile
-#
-
-DIR=		test
-TOP=		..
-CC=		cc
-INCLUDES=	-I$(TOP) -I../include $(KRB5_INCLUDES)
-CFLAG=		-g
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-PERL=		perl
-# KRB5 stuff
-KRB5_INCLUDES=
-LIBKRB5=
-
-PEX_LIBS=
-EX_LIBS= #-lnsl -lsocket
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile maketests.com \
-	tests.com testenc.com tx509.com trsa.com tcrl.com tsid.com treq.com \
-	tpkcs7.com tpkcs7d.com tverify.com testgen.com testss.com testssl.com \
-	testca.com VMSca-response.1 VMSca-response.2
-
-DLIBCRYPTO= ../libcrypto.a
-DLIBSSL= ../libssl.a
-LIBCRYPTO= -L.. -lcrypto
-LIBSSL= -L.. -lssl
-
-BNTEST=		bntest
-ECTEST=		ectest
-ECDSATEST=	ecdsatest
-ECDHTEST=	ecdhtest
-EXPTEST=	exptest
-IDEATEST=	ideatest
-SHATEST=	shatest
-SHA1TEST=	sha1test
-SHA256TEST=	sha256t
-SHA512TEST=	sha512t
-MDC2TEST=	mdc2test
-RMDTEST=	rmdtest
-MD2TEST=	md2test
-MD4TEST=	md4test
-MD5TEST=	md5test
-HMACTEST=	hmactest
-WPTEST=		wp_test
-RC2TEST=	rc2test
-RC4TEST=	rc4test
-RC5TEST=	rc5test
-BFTEST=		bftest
-CASTTEST=	casttest
-DESTEST=	destest
-RANDTEST=	randtest
-DHTEST=		dhtest
-DSATEST=	dsatest
-METHTEST=	methtest
-SSLTEST=	ssltest
-RSATEST=	rsa_test
-ENGINETEST=	enginetest
-EVPTEST=	evp_test
-IGETEST=	igetest
-JPAKETEST=	jpaketest
-ASN1TEST=	asn1test
-
-TESTS=		alltests
-
-EXE=	$(BNTEST)$(EXE_EXT) $(ECTEST)$(EXE_EXT)  $(ECDSATEST)$(EXE_EXT) $(ECDHTEST)$(EXE_EXT) $(IDEATEST)$(EXE_EXT) \
-	$(MD2TEST)$(EXE_EXT)  $(MD4TEST)$(EXE_EXT) $(MD5TEST)$(EXE_EXT) $(HMACTEST)$(EXE_EXT) $(WPTEST)$(EXE_EXT) \
-	$(RC2TEST)$(EXE_EXT) $(RC4TEST)$(EXE_EXT) $(RC5TEST)$(EXE_EXT) \
-	$(DESTEST)$(EXE_EXT) $(SHATEST)$(EXE_EXT) $(SHA1TEST)$(EXE_EXT) $(SHA256TEST)$(EXE_EXT) $(SHA512TEST)$(EXE_EXT) \
-	$(MDC2TEST)$(EXE_EXT) $(RMDTEST)$(EXE_EXT) \
-	$(RANDTEST)$(EXE_EXT) $(DHTEST)$(EXE_EXT) $(ENGINETEST)$(EXE_EXT) \
-	$(BFTEST)$(EXE_EXT) $(CASTTEST)$(EXE_EXT) $(SSLTEST)$(EXE_EXT) $(EXPTEST)$(EXE_EXT) $(DSATEST)$(EXE_EXT) $(RSATEST)$(EXE_EXT) \
-	$(EVPTEST)$(EXE_EXT) $(IGETEST)$(EXE_EXT) $(JPAKETEST)$(EXE_EXT) \
-	$(ASN1TEST)$(EXE_EXT)
-
-# $(METHTEST)$(EXE_EXT)
-
-OBJ=	$(BNTEST).o $(ECTEST).o  $(ECDSATEST).o $(ECDHTEST).o $(IDEATEST).o \
-	$(MD2TEST).o $(MD4TEST).o $(MD5TEST).o \
-	$(HMACTEST).o $(WPTEST).o \
-	$(RC2TEST).o $(RC4TEST).o $(RC5TEST).o \
-	$(DESTEST).o $(SHATEST).o $(SHA1TEST).o $(SHA256TEST).o $(SHA512TEST).o \
-	$(MDC2TEST).o $(RMDTEST).o \
-	$(RANDTEST).o $(DHTEST).o $(ENGINETEST).o $(CASTTEST).o \
-	$(BFTEST).o  $(SSLTEST).o  $(DSATEST).o  $(EXPTEST).o $(RSATEST).o \
-	$(EVPTEST).o $(IGETEST).o $(JPAKETEST).o $(ASN1TEST).o
-SRC=	$(BNTEST).c $(ECTEST).c  $(ECDSATEST).c $(ECDHTEST).c $(IDEATEST).c \
-	$(MD2TEST).c  $(MD4TEST).c $(MD5TEST).c \
-	$(HMACTEST).c $(WPTEST).c \
-	$(RC2TEST).c $(RC4TEST).c $(RC5TEST).c \
-	$(DESTEST).c $(SHATEST).c $(SHA1TEST).c $(MDC2TEST).c $(RMDTEST).c \
-	$(RANDTEST).c $(DHTEST).c $(ENGINETEST).c $(CASTTEST).c \
-	$(BFTEST).c  $(SSLTEST).c $(DSATEST).c   $(EXPTEST).c $(RSATEST).c \
-	$(EVPTEST).c $(IGETEST).c $(JPAKETEST).c $(ASN1TEST).c
-
-EXHEADER= 
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ..; $(MAKE) DIRS=$(DIR) TESTS=$(TESTS) all)
-
-all:	exe
-
-exe:	$(EXE) dummytest$(EXE_EXT)
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
-
-links:
-
-generate: $(SRC)
-$(SRC):
-	@sh $(TOP)/util/point.sh dummytest.c $@
-
-errors:
-
-install:
-
-tags:
-	ctags $(SRC)
-
-tests:	exe apps $(TESTS)
-
-apps:
-	@(cd ..; $(MAKE) DIRS=apps all)
-
-alltests: \
-	test_des test_idea test_sha test_md4 test_md5 test_hmac \
-	test_md2 test_mdc2 test_wp \
-	test_rmd test_rc2 test_rc4 test_rc5 test_bf test_cast test_aes \
-	test_rand test_bn test_ec test_ecdsa test_ecdh \
-	test_enc test_x509 test_rsa test_crl test_sid \
-	test_gen test_req test_pkcs7 test_verify test_dh test_dsa \
-	test_ss test_ca test_engine test_evp test_ssl test_tsa test_ige \
-	test_jpake test_cms
-
-test_evp:
-	../util/shlib_wrap.sh ./$(EVPTEST) evptests.txt
-
-test_des:
-	../util/shlib_wrap.sh ./$(DESTEST)
-
-test_idea:
-	../util/shlib_wrap.sh ./$(IDEATEST)
-
-test_sha:
-	../util/shlib_wrap.sh ./$(SHATEST)
-	../util/shlib_wrap.sh ./$(SHA1TEST)
-	../util/shlib_wrap.sh ./$(SHA256TEST)
-	../util/shlib_wrap.sh ./$(SHA512TEST)
-
-test_mdc2:
-	../util/shlib_wrap.sh ./$(MDC2TEST)
-
-test_md5:
-	../util/shlib_wrap.sh ./$(MD5TEST)
-
-test_md4:
-	../util/shlib_wrap.sh ./$(MD4TEST)
-
-test_hmac:
-	../util/shlib_wrap.sh ./$(HMACTEST)
-
-test_wp:
-	../util/shlib_wrap.sh ./$(WPTEST)
-
-test_md2:
-	../util/shlib_wrap.sh ./$(MD2TEST)
-
-test_rmd:
-	../util/shlib_wrap.sh ./$(RMDTEST)
-
-test_bf:
-	../util/shlib_wrap.sh ./$(BFTEST)
-
-test_cast:
-	../util/shlib_wrap.sh ./$(CASTTEST)
-
-test_rc2:
-	../util/shlib_wrap.sh ./$(RC2TEST)
-
-test_rc4:
-	../util/shlib_wrap.sh ./$(RC4TEST)
-
-test_rc5:
-	../util/shlib_wrap.sh ./$(RC5TEST)
-
-test_rand:
-	../util/shlib_wrap.sh ./$(RANDTEST)
-
-test_enc:
-	@sh ./testenc
-
-test_x509:
-	echo test normal x509v1 certificate
-	sh ./tx509 2>/dev/null
-	echo test first x509v3 certificate
-	sh ./tx509 v3-cert1.pem 2>/dev/null
-	echo test second x509v3 certificate
-	sh ./tx509 v3-cert2.pem 2>/dev/null
-
-test_rsa: $(RSATEST)$(EXE_EXT)
-	@sh ./trsa 2>/dev/null
-	../util/shlib_wrap.sh ./$(RSATEST)
-
-test_crl:
-	@sh ./tcrl 2>/dev/null
-
-test_sid:
-	@sh ./tsid 2>/dev/null
-
-test_req:
-	@sh ./treq 2>/dev/null
-	@sh ./treq testreq2.pem 2>/dev/null
-
-test_pkcs7:
-	@sh ./tpkcs7 2>/dev/null
-	@sh ./tpkcs7d 2>/dev/null
-
-test_bn:
-	@echo starting big number library test, could take a while...
-	@../util/shlib_wrap.sh ./$(BNTEST) >tmp.bntest
-	@echo quit >>tmp.bntest
-	@echo "running bc"
-	@) {if (/^test (.*)/) {print STDERR "\nverify $$1";} elsif (!/^0$$/) {die "\nFailed! bc: $$_";} else {print STDERR "."; $$i++;}} print STDERR "\n$$i tests passed\n"'
-	@echo 'test a^b%c implementations'
-	../util/shlib_wrap.sh ./$(EXPTEST)
-
-test_ec:
-	@echo 'test elliptic curves'
-	../util/shlib_wrap.sh ./$(ECTEST)
-
-test_ecdsa:
-	@echo 'test ecdsa'
-	../util/shlib_wrap.sh ./$(ECDSATEST)
-
-test_ecdh:
-	@echo 'test ecdh'
-	../util/shlib_wrap.sh ./$(ECDHTEST)
-
-test_verify:
-	@echo "The following command should have some OK's and some failures"
-	@echo "There are definitly a few expired certificates"
-	../util/shlib_wrap.sh ../apps/openssl verify -CApath ../certs ../certs/*.pem
-
-test_dh:
-	@echo "Generate a set of DH parameters"
-	../util/shlib_wrap.sh ./$(DHTEST)
-
-test_dsa:
-	@echo "Generate a set of DSA parameters"
-	../util/shlib_wrap.sh ./$(DSATEST)
-	../util/shlib_wrap.sh ./$(DSATEST) -app2_1
-
-test_gen:
-	@echo "Generate and verify a certificate request"
-	@sh ./testgen
-
-test_ss keyU.ss certU.ss certCA.ss certP1.ss keyP1.ss certP2.ss keyP2.ss \
-		intP1.ss intP2.ss: testss
-	@echo "Generate and certify a test certificate"
-	@sh ./testss
-	@cat certCA.ss certU.ss > intP1.ss
-	@cat certCA.ss certU.ss certP1.ss > intP2.ss
-
-test_engine: 
-	@echo "Manipulate the ENGINE structures"
-	../util/shlib_wrap.sh ./$(ENGINETEST)
-
-test_ssl: keyU.ss certU.ss certCA.ss certP1.ss keyP1.ss certP2.ss keyP2.ss \
-		intP1.ss intP2.ss
-	@echo "test SSL protocol"
-	../util/shlib_wrap.sh ./$(SSLTEST) -test_cipherlist
-	@sh ./testssl keyU.ss certU.ss certCA.ss
-	@sh ./testsslproxy keyP1.ss certP1.ss intP1.ss
-	@sh ./testsslproxy keyP2.ss certP2.ss intP2.ss
-
-test_ca:
-	@if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then \
-	  echo "skipping CA.sh test -- requires RSA"; \
-	else \
-	  echo "Generate and certify a test certificate via the 'ca' program"; \
-	  sh ./testca; \
-	fi
-
-test_aes: #$(AESTEST)
-#	@echo "test Rijndael"
-#	../util/shlib_wrap.sh ./$(AESTEST)
-
-test_tsa:
-	@if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then \
-	  echo "skipping testtsa test -- requires RSA"; \
-	else \
-	  sh ./testtsa; \
-	fi
-
-test_ige: $(IGETEST)$(EXE_EXT)
-	@echo "Test IGE mode"
-	../util/shlib_wrap.sh ./$(IGETEST)
-
-test_jpake: $(JPAKETEST)$(EXE_EXT)
-	@echo "Test JPAKE"
-	../util/shlib_wrap.sh ./$(JPAKETEST)
-
-test_cms:
-	@echo "CMS consistency test"
-	$(PERL) cms-test.pl
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	@if [ -z "$(THIS)" ]; then \
-	    $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; \
-	else \
-	    $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC); \
-	fi
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-	rm -f $(SRC) $(SHA256TEST).c $(SHA512TEST).c evptests.txt newkey.pem testkey.pem \
-			testreq.pem
-
-clean:
-	rm -f .rnd tmp.bntest tmp.bctest *.o *.obj *.dll lib tags core .pure .nfs* *.old *.bak fluff $(EXE) *.ss *.srl log dummytest
-
-$(DLIBSSL):
-	(cd ..; $(MAKE) DIRS=ssl all)
-
-$(DLIBCRYPTO):
-	(cd ..; $(MAKE) DIRS=crypto all)
-
-BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
-		shlib_target="$(SHLIB_TARGET)"; \
-	fi; \
-	LIBRARIES="$(LIBSSL) $(LIBCRYPTO) $(LIBKRB5)"; \
-	$(MAKE) -f $(TOP)/Makefile.shared -e \
-		APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \
-		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
-		link_app.$${shlib_target}
-
-$(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO)
-	@target=$(RSATEST); $(BUILD_CMD)
-
-$(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO)
-	@target=$(BNTEST); $(BUILD_CMD)
-
-$(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO)
-	@target=$(ECTEST); $(BUILD_CMD)
-
-$(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO)
-	@target=$(EXPTEST); $(BUILD_CMD)
-
-$(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO)
-	@target=$(IDEATEST); $(BUILD_CMD)
-
-$(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO)
-	@target=$(MD2TEST); $(BUILD_CMD)
-
-$(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO)
-	@target=$(SHATEST); $(BUILD_CMD)
-
-$(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO)
-	@target=$(SHA1TEST); $(BUILD_CMD)
-
-$(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO)
-	@target=$(SHA256TEST); $(BUILD_CMD)
-
-$(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO)
-	@target=$(SHA512TEST); $(BUILD_CMD)
-
-$(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO)
-	@target=$(RMDTEST); $(BUILD_CMD)
-
-$(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO)
-	@target=$(MDC2TEST); $(BUILD_CMD)
-
-$(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO)
-	@target=$(MD4TEST); $(BUILD_CMD)
-
-$(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO)
-	@target=$(MD5TEST); $(BUILD_CMD)
-
-$(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO)
-	@target=$(HMACTEST); $(BUILD_CMD)
-
-$(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO)
-	@target=$(WPTEST); $(BUILD_CMD)
-
-$(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO)
-	@target=$(RC2TEST); $(BUILD_CMD)
-
-$(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO)
-	@target=$(BFTEST); $(BUILD_CMD)
-
-$(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO)
-	@target=$(CASTTEST); $(BUILD_CMD)
-
-$(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO)
-	@target=$(RC4TEST); $(BUILD_CMD)
-
-$(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO)
-	@target=$(RC5TEST); $(BUILD_CMD)
-
-$(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO)
-	@target=$(DESTEST); $(BUILD_CMD)
-
-$(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO)
-	@target=$(RANDTEST); $(BUILD_CMD)
-
-$(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO)
-	@target=$(DHTEST); $(BUILD_CMD)
-
-$(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO)
-	@target=$(DSATEST); $(BUILD_CMD)
-
-$(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO)
-	@target=$(METHTEST); $(BUILD_CMD)
-
-$(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO)
-	@target=$(SSLTEST); $(BUILD_CMD)
-
-$(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO)
-	@target=$(ENGINETEST); $(BUILD_CMD)
-
-$(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO)
-	@target=$(EVPTEST); $(BUILD_CMD)
-
-$(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO)
-	@target=$(ECDSATEST); $(BUILD_CMD)
-
-$(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO)
-	@target=$(ECDHTEST); $(BUILD_CMD)
-
-$(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO)
-	@target=$(IGETEST); $(BUILD_CMD)
-
-$(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO)
-	@target=$(JPAKETEST); $(BUILD_CMD)
-
-$(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO)
-	@target=$(ASN1TEST); $(BUILD_CMD)
-
-#$(AESTEST).o: $(AESTEST).c
-#	$(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c
-
-#$(AESTEST)$(EXE_EXT): $(AESTEST).o $(DLIBCRYPTO)
-#	if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
-#	  $(CC) -o $(AESTEST)$(EXE_EXT) $(CFLAGS) $(AESTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
-#	else \
-#	  $(CC) -o $(AESTEST)$(EXE_EXT) $(CFLAGS) $(AESTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
-#	fi
-
-dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO)
-	@target=dummytest; $(BUILD_CMD)
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-asn1test.o: ../include/openssl/asn1.h ../include/openssl/asn1_mac.h
-asn1test.o: ../include/openssl/bio.h ../include/openssl/buffer.h
-asn1test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-asn1test.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-asn1test.o: ../include/openssl/ecdsa.h ../include/openssl/evp.h
-asn1test.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-asn1test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-asn1test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-asn1test.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-asn1test.o: ../include/openssl/sha.h ../include/openssl/stack.h
-asn1test.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-asn1test.o: ../include/openssl/x509_vfy.h asn1test.c
-bftest.o: ../e_os.h ../include/openssl/blowfish.h ../include/openssl/e_os2.h
-bftest.o: ../include/openssl/opensslconf.h bftest.c
-bntest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-bntest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-bntest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-bntest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-bntest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-bntest.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-bntest.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-bntest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-bntest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-bntest.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
-bntest.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-bntest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-bntest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-bntest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h bntest.c
-casttest.o: ../e_os.h ../include/openssl/cast.h ../include/openssl/e_os2.h
-casttest.o: ../include/openssl/opensslconf.h casttest.c
-destest.o: ../include/openssl/des.h ../include/openssl/des_old.h
-destest.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
-destest.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
-destest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-destest.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h destest.c
-dhtest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h
-dhtest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-dhtest.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-dhtest.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
-dhtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-dhtest.o: ../include/openssl/rand.h ../include/openssl/safestack.h
-dhtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h dhtest.c
-dsatest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h
-dsatest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-dsatest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-dsatest.o: ../include/openssl/err.h ../include/openssl/lhash.h
-dsatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-dsatest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
-dsatest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-dsatest.o: ../include/openssl/symhacks.h dsatest.c
-ecdhtest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ecdhtest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
-ecdhtest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-ecdhtest.o: ../include/openssl/ecdh.h ../include/openssl/err.h
-ecdhtest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-ecdhtest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ecdhtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-ecdhtest.o: ../include/openssl/rand.h ../include/openssl/safestack.h
-ecdhtest.o: ../include/openssl/sha.h ../include/openssl/stack.h
-ecdhtest.o: ../include/openssl/symhacks.h ecdhtest.c
-ecdsatest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-ecdsatest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ecdsatest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-ecdsatest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-ecdsatest.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-ecdsatest.o: ../include/openssl/err.h ../include/openssl/evp.h
-ecdsatest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-ecdsatest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ecdsatest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-ecdsatest.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-ecdsatest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ecdsatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ecdsatest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-ecdsatest.o: ecdsatest.c
-ectest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ectest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ectest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-ectest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-ectest.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-ectest.o: ../include/openssl/err.h ../include/openssl/evp.h
-ectest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-ectest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ectest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-ectest.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-ectest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ectest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ectest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ectest.c
-enginetest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-enginetest.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
-enginetest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-enginetest.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-enginetest.o: ../include/openssl/engine.h ../include/openssl/err.h
-enginetest.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-enginetest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-enginetest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-enginetest.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
-enginetest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-enginetest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-enginetest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-enginetest.o: enginetest.c
-evp_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-evp_test.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-evp_test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-evp_test.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-evp_test.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-evp_test.o: ../include/openssl/err.h ../include/openssl/evp.h
-evp_test.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-evp_test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-evp_test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-evp_test.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-evp_test.o: ../include/openssl/sha.h ../include/openssl/stack.h
-evp_test.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-evp_test.o: ../include/openssl/x509_vfy.h evp_test.c
-exptest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h
-exptest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-exptest.o: ../include/openssl/err.h ../include/openssl/lhash.h
-exptest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-exptest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
-exptest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-exptest.o: ../include/openssl/symhacks.h exptest.c
-hmactest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-hmactest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-hmactest.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-hmactest.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
-hmactest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-hmactest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-hmactest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-hmactest.o: ../include/openssl/symhacks.h hmactest.c
-ideatest.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/idea.h
-ideatest.o: ../include/openssl/opensslconf.h ideatest.c
-igetest.o: ../include/openssl/aes.h ../include/openssl/e_os2.h
-igetest.o: ../include/openssl/opensslconf.h ../include/openssl/ossl_typ.h
-igetest.o: ../include/openssl/rand.h igetest.c
-jpaketest.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
-jpaketest.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
-jpaketest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-jpaketest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-jpaketest.o: ../include/openssl/symhacks.h jpaketest.c
-md2test.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
-md2test.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
-md2test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-md2test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-md2test.o: ../include/openssl/symhacks.h md2test.c
-md4test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-md4test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-md4test.o: ../include/openssl/evp.h ../include/openssl/md4.h
-md4test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-md4test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-md4test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
-md4test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h md4test.c
-md5test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-md5test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-md5test.o: ../include/openssl/evp.h ../include/openssl/md5.h
-md5test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-md5test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-md5test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
-md5test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h md5test.c
-mdc2test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-mdc2test.o: ../include/openssl/crypto.h ../include/openssl/des.h
-mdc2test.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h
-mdc2test.o: ../include/openssl/evp.h ../include/openssl/mdc2.h
-mdc2test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-mdc2test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-mdc2test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
-mdc2test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-mdc2test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h mdc2test.c
-randtest.o: ../e_os.h ../include/openssl/e_os2.h
-randtest.o: ../include/openssl/opensslconf.h ../include/openssl/ossl_typ.h
-randtest.o: ../include/openssl/rand.h randtest.c
-rc2test.o: ../e_os.h ../include/openssl/e_os2.h
-rc2test.o: ../include/openssl/opensslconf.h ../include/openssl/rc2.h rc2test.c
-rc4test.o: ../e_os.h ../include/openssl/e_os2.h
-rc4test.o: ../include/openssl/opensslconf.h ../include/openssl/rc4.h
-rc4test.o: ../include/openssl/sha.h rc4test.c
-rc5test.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
-rc5test.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
-rc5test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-rc5test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-rc5test.o: ../include/openssl/symhacks.h rc5test.c
-rmdtest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-rmdtest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-rmdtest.o: ../include/openssl/evp.h ../include/openssl/obj_mac.h
-rmdtest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-rmdtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-rmdtest.o: ../include/openssl/ripemd.h ../include/openssl/safestack.h
-rmdtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h rmdtest.c
-rsa_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-rsa_test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
-rsa_test.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-rsa_test.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
-rsa_test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-rsa_test.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-rsa_test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-rsa_test.o: ../include/openssl/symhacks.h rsa_test.c
-sha1test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-sha1test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-sha1test.o: ../include/openssl/evp.h ../include/openssl/obj_mac.h
-sha1test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-sha1test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-sha1test.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-sha1test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h sha1test.c
-shatest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-shatest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-shatest.o: ../include/openssl/evp.h ../include/openssl/obj_mac.h
-shatest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-shatest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-shatest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-shatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h shatest.c
-ssltest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ssltest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ssltest.o: ../include/openssl/comp.h ../include/openssl/conf.h
-ssltest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-ssltest.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-ssltest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-ssltest.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-ssltest.o: ../include/openssl/engine.h ../include/openssl/err.h
-ssltest.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-ssltest.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-ssltest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-ssltest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ssltest.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-ssltest.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ssltest.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
-ssltest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-ssltest.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-ssltest.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-ssltest.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-ssltest.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-ssltest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-ssltest.o: ../include/openssl/x509v3.h ssltest.c
-wp_test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-wp_test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-wp_test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
-wp_test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-wp_test.o: ../include/openssl/whrlpool.h wp_test.c
diff --git a/deps/openssl/openssl/test/P1ss.cnf b/deps/openssl/openssl/test/P1ss.cnf
deleted file mode 100644
index 876a0d35f81..00000000000
--- a/deps/openssl/openssl/test/P1ss.cnf
+++ /dev/null
@@ -1,37 +0,0 @@
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-
-RANDFILE		= ./.rnd
-
-####################################################################
-[ req ]
-default_bits		= 512
-default_keyfile 	= keySS.pem
-distinguished_name	= req_distinguished_name
-encrypt_rsa_key		= no
-default_md		= md2
-
-[ req_distinguished_name ]
-countryName			= Country Name (2 letter code)
-countryName_default		= AU
-countryName_value		= AU
-
-organizationName                = Organization Name (eg, company)
-organizationName_value          = Dodgy Brothers
-
-0.commonName			= Common Name (eg, YOUR name)
-0.commonName_value		= Brother 1
-
-1.commonName			= Common Name (eg, YOUR name)
-1.commonName_value		= Brother 2
-
-2.commonName			= Common Name (eg, YOUR name)
-2.commonName_value		= Proxy 1
-
-[ v3_proxy ]
-basicConstraints=CA:FALSE
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:1,policy:text:AB
diff --git a/deps/openssl/openssl/test/P2ss.cnf b/deps/openssl/openssl/test/P2ss.cnf
deleted file mode 100644
index 373a87e7c2e..00000000000
--- a/deps/openssl/openssl/test/P2ss.cnf
+++ /dev/null
@@ -1,45 +0,0 @@
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-
-RANDFILE		= ./.rnd
-
-####################################################################
-[ req ]
-default_bits		= 512
-default_keyfile 	= keySS.pem
-distinguished_name	= req_distinguished_name
-encrypt_rsa_key		= no
-default_md		= md2
-
-[ req_distinguished_name ]
-countryName			= Country Name (2 letter code)
-countryName_default		= AU
-countryName_value		= AU
-
-organizationName                = Organization Name (eg, company)
-organizationName_value          = Dodgy Brothers
-
-0.commonName			= Common Name (eg, YOUR name)
-0.commonName_value		= Brother 1
-
-1.commonName			= Common Name (eg, YOUR name)
-1.commonName_value		= Brother 2
-
-2.commonName			= Common Name (eg, YOUR name)
-2.commonName_value		= Proxy 1
-
-3.commonName			= Common Name (eg, YOUR name)
-3.commonName_value		= Proxy 2
-
-[ v3_proxy ]
-basicConstraints=CA:FALSE
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-proxyCertInfo=critical,@proxy_ext
-
-[ proxy_ext ]
-language=id-ppl-anyLanguage
-pathlen=0
-policy=text:BC
diff --git a/deps/openssl/openssl/test/Sssdsa.cnf b/deps/openssl/openssl/test/Sssdsa.cnf
deleted file mode 100644
index 8e170a28ef5..00000000000
--- a/deps/openssl/openssl/test/Sssdsa.cnf
+++ /dev/null
@@ -1,27 +0,0 @@
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-# hacked by iang to do DSA certs - Server
-
-RANDFILE              = ./.rnd
-
-####################################################################
-[ req ]
-distinguished_name    = req_distinguished_name
-encrypt_rsa_key               = no
-
-[ req_distinguished_name ]
-countryName                   = Country Name (2 letter code)
-countryName_default           = ES
-countryName_value             = ES
-
-organizationName                = Organization Name (eg, company)
-organizationName_value          = Tortilleras S.A.
-
-0.commonName                  = Common Name (eg, YOUR name)
-0.commonName_value            = Torti
-
-1.commonName                  = Common Name (eg, YOUR name)
-1.commonName_value            = Gordita
-
diff --git a/deps/openssl/openssl/test/Sssrsa.cnf b/deps/openssl/openssl/test/Sssrsa.cnf
deleted file mode 100644
index 8c79a03fca8..00000000000
--- a/deps/openssl/openssl/test/Sssrsa.cnf
+++ /dev/null
@@ -1,26 +0,0 @@
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-# create RSA certs - Server
-
-RANDFILE              = ./.rnd
-
-####################################################################
-[ req ]
-distinguished_name    = req_distinguished_name
-encrypt_key           = no
-
-[ req_distinguished_name ]
-countryName                   = Country Name (2 letter code)
-countryName_default           = ES
-countryName_value             = ES
-
-organizationName                = Organization Name (eg, company)
-organizationName_value          = Tortilleras S.A.
-
-0.commonName                  = Common Name (eg, YOUR name)
-0.commonName_value            = Torti
-
-1.commonName                  = Common Name (eg, YOUR name)
-1.commonName_value            = Gordita
diff --git a/deps/openssl/openssl/test/Uss.cnf b/deps/openssl/openssl/test/Uss.cnf
deleted file mode 100644
index 0c0ebb5f672..00000000000
--- a/deps/openssl/openssl/test/Uss.cnf
+++ /dev/null
@@ -1,36 +0,0 @@
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-
-RANDFILE		= ./.rnd
-
-####################################################################
-[ req ]
-default_bits		= 512
-default_keyfile 	= keySS.pem
-distinguished_name	= req_distinguished_name
-encrypt_rsa_key		= no
-default_md		= md2
-
-[ req_distinguished_name ]
-countryName			= Country Name (2 letter code)
-countryName_default		= AU
-countryName_value		= AU
-
-organizationName                = Organization Name (eg, company)
-organizationName_value          = Dodgy Brothers
-
-0.commonName			= Common Name (eg, YOUR name)
-0.commonName_value		= Brother 1
-
-1.commonName			= Common Name (eg, YOUR name)
-1.commonName_value		= Brother 2
-
-[ v3_ee ]
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-basicConstraints = CA:false
-keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-issuerAltName=issuer:copy
-
diff --git a/deps/openssl/openssl/test/VMSca-response.1 b/deps/openssl/openssl/test/VMSca-response.1
deleted file mode 100644
index 8b137891791..00000000000
--- a/deps/openssl/openssl/test/VMSca-response.1
+++ /dev/null
@@ -1 +0,0 @@
-
diff --git a/deps/openssl/openssl/test/VMSca-response.2 b/deps/openssl/openssl/test/VMSca-response.2
deleted file mode 100644
index 9b48ee4cf97..00000000000
--- a/deps/openssl/openssl/test/VMSca-response.2
+++ /dev/null
@@ -1,2 +0,0 @@
-y
-y
diff --git a/deps/openssl/openssl/test/asn1test.c b/deps/openssl/openssl/test/asn1test.c
deleted file mode 100644
index 9f53d803444..00000000000
--- a/deps/openssl/openssl/test/asn1test.c
+++ /dev/null
@@ -1,22 +0,0 @@
-#include 
-#include 
-
-typedef struct X
-    {
-    STACK_OF(X509_EXTENSION) *ext;
-    } X;
-
-/* This isn't meant to run particularly, it's just to test type checking */
-int main(int argc, char **argv)
-    {
-    X *x = NULL;
-    unsigned char **pp = NULL;
-
-    M_ASN1_I2D_vars(x);
-    M_ASN1_I2D_len_SEQUENCE_opt_type(X509_EXTENSION, x->ext,
-				     i2d_X509_EXTENSION);
-    M_ASN1_I2D_seq_total();
-    M_ASN1_I2D_put_SEQUENCE_opt_type(X509_EXTENSION, x->ext,
-				     i2d_X509_EXTENSION);
-    M_ASN1_I2D_finish();
-    }
diff --git a/deps/openssl/openssl/test/bctest b/deps/openssl/openssl/test/bctest
deleted file mode 100755
index bdb3218f7ac..00000000000
--- a/deps/openssl/openssl/test/bctest
+++ /dev/null
@@ -1,111 +0,0 @@
-#!/bin/sh
-
-# This script is used by test/Makefile.ssl to check whether a sane 'bc'
-# is installed.
-# ('make test_bn' should not try to run 'bc' if it does not exist or if
-# it is a broken 'bc' version that is known to cause trouble.)
-#
-# If 'bc' works, we also test if it knows the 'print' command.
-#
-# In any case, output an appropriate command line for running (or not
-# running) bc.
-
-
-IFS=:
-try_without_dir=true
-# First we try "bc", then "$dir/bc" for each item in $PATH.
-for dir in dummy:$PATH; do
-    if [ "$try_without_dir" = true ]; then
-      # first iteration
-      bc=bc
-      try_without_dir=false
-    else
-      # second and later iterations
-      bc="$dir/bc"
-      if [ ! -f "$bc" ]; then  # '-x' is not available on Ultrix
-        bc=''
-      fi
-    fi
-
-    if [ ! "$bc" = '' ]; then
-        failure=none
-
-
-        # Test for SunOS 5.[78] bc bug
-        "$bc" >tmp.bctest <<\EOF
-obase=16
-ibase=16
-a=AD88C418F31B3FC712D0425001D522B3AE9134FF3A98C13C1FCC1682211195406C1A6C66C6A\
-CEEC1A0EC16950233F77F1C2F2363D56DD71A36C57E0B2511FC4BA8F22D261FE2E9356D99AF57\
-10F3817C0E05BF79C423C3F66FDF321BE8D3F18F625D91B670931C1EF25F28E489BDA1C5422D1\
-C3F6F7A1AD21585746ECC4F10A14A778AF56F08898E965E9909E965E0CB6F85B514150C644759\
-3BE731877B16EA07B552088FF2EA728AC5E0FF3A23EB939304519AB8B60F2C33D6BA0945B66F0\
-4FC3CADF855448B24A9D7640BCF473E
-b=DCE91E7D120B983EA9A104B5A96D634DD644C37657B1C7860B45E6838999B3DCE5A555583C6\
-9209E41F413422954175A06E67FFEF6746DD652F0F48AEFECC3D8CAC13523BDAAD3F5AF4212BD\
-8B3CD64126E1A82E190228020C05B91C8B141F1110086FC2A4C6ED631EBA129D04BB9A19FC53D\
-3ED0E2017D60A68775B75481449
-(a/b)*b + (a%b) - a
-EOF
-        if [ 0 != "`cat tmp.bctest`" ]; then
-            failure=SunOStest
-        fi
-
-
-        if [ "$failure" = none ]; then
-            # Test for SCO bc bug.
-            "$bc" >tmp.bctest <<\EOF
-obase=16
-ibase=16
--FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4AEC6F15AC177F176F2274D2\
-9DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7F5ADFACEE54573F5D256A06\
-11B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99FB9812A0E4A5773D8B254117\
-1239157EC6E3D8D50199 * -FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4\
-AEC6F15AC177F176F2274D29DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7\
-F5ADFACEE54573F5D256A0611B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99F\
-B9812A0E4A5773D8B2541171239157EC6E3D8D50199 - FFBACC221682DA464B6D7F123482522\
-02EDAEDCA38C3B69E9B7BBCD6165A9CD8716C4903417F23C09A85B851961F92C217258CEEB866\
-85EFCC5DD131853A02C07A873B8E2AF2E40C6D5ED598CD0E8F35AD49F3C3A17FDB7653E4E2DC4\
-A8D23CC34686EE4AD01F7407A7CD74429AC6D36DBF0CB6A3E302D0E5BDFCD048A3B90C1BE5AA8\
-E16C3D5884F9136B43FF7BB443764153D4AEC176C681B078F4CC53D6EB6AB76285537DDEE7C18\
-8C72441B52EDBDDBC77E02D34E513F2AABF92F44109CAFE8242BD0ECBAC5604A94B02EA44D43C\
-04E9476E6FBC48043916BFA1485C6093603600273C9C33F13114D78064AE42F3DC466C7DA543D\
-89C8D71
-AD534AFBED2FA39EE9F40E20FCF9E2C861024DB98DDCBA1CD118C49CA55EEBC20D6BA51B2271C\
-928B693D6A73F67FEB1B4571448588B46194617D25D910C6A9A130CC963155CF34079CB218A44\
-8A1F57E276D92A33386DDCA3D241DB78C8974ABD71DD05B0FA555709C9910D745185E6FE108E3\
-37F1907D0C56F8BFBF52B9704 % -E557905B56B13441574CAFCE2BD257A750B1A8B2C88D0E36\
-E18EF7C38DAC80D3948E17ED63AFF3B3467866E3B89D09A81B3D16B52F6A3C7134D3C6F5123E9\
-F617E3145BBFBE9AFD0D6E437EA4FF6F04BC67C4F1458B4F0F47B64 - 1C2BBBB19B74E86FD32\
-9E8DB6A8C3B1B9986D57ED5419C2E855F7D5469E35E76334BB42F4C43E3F3A31B9697C171DAC4\
-D97935A7E1A14AD209D6CF811F55C6DB83AA9E6DFECFCD6669DED7171EE22A40C6181615CAF3F\
-5296964
-EOF
-            if [ "0
-0" != "`cat tmp.bctest`" ]; then
-                failure=SCOtest
-            fi
-        fi
-
-
-        if [ "$failure" = none ]; then
-            # bc works; now check if it knows the 'print' command.
-            if [ "OK" = "`echo 'print \"OK\"' | $bc 2>/dev/null`" ]
-            then
-                echo "$bc"
-            else
-                echo "sed 's/print.*//' | $bc"
-            fi
-            exit 0
-        fi
-
-        echo "$bc does not work properly ('$failure' failed).  Looking for another bc ..." >&2
-    fi
-done
-
-echo "No working bc found.  Consider installing GNU bc." >&2
-if [ "$1" = ignore ]; then
-  echo "cat >/dev/null"
-  exit 0
-fi
-exit 1
diff --git a/deps/openssl/openssl/test/bctest.com b/deps/openssl/openssl/test/bctest.com
deleted file mode 100644
index d7e5ec139e0..00000000000
--- a/deps/openssl/openssl/test/bctest.com
+++ /dev/null
@@ -1,152 +0,0 @@
-$!
-$! Check operation of "bc".
-$!
-$! 2010-04-05 SMS.  New.  Based (loosely) on "bctest".
-$!
-$!
-$ tmp_file_name = "tmp.bctest"
-$ failure = ""
-$!
-$! Basic command test.
-$!
-$ on warning then goto bc_fail
-$ bc
-$ on error then exit
-$!
-$! Test for SunOS 5.[78] bc bug.
-$!
-$ if (failure .eqs. "")
-$ then
-$!
-$     define /user_mode sys$output 'tmp_file_name'
-$     bc
-obase=16
-ibase=16
-a=AD88C418F31B3FC712D0425001D522B3AE9134FF3A98C13C1FCC1682211195406C1A6C66C6A\
-CEEC1A0EC16950233F77F1C2F2363D56DD71A36C57E0B2511FC4BA8F22D261FE2E9356D99AF57\
-10F3817C0E05BF79C423C3F66FDF321BE8D3F18F625D91B670931C1EF25F28E489BDA1C5422D1\
-C3F6F7A1AD21585746ECC4F10A14A778AF56F08898E965E9909E965E0CB6F85B514150C644759\
-3BE731877B16EA07B552088FF2EA728AC5E0FF3A23EB939304519AB8B60F2C33D6BA0945B66F0\
-4FC3CADF855448B24A9D7640BCF473E
-b=DCE91E7D120B983EA9A104B5A96D634DD644C37657B1C7860B45E6838999B3DCE5A555583C6\
-9209E41F413422954175A06E67FFEF6746DD652F0F48AEFECC3D8CAC13523BDAAD3F5AF4212BD\
-8B3CD64126E1A82E190228020C05B91C8B141F1110086FC2A4C6ED631EBA129D04BB9A19FC53D\
-3ED0E2017D60A68775B75481449
-(a/b)*b + (a%b) - a
-$     status = $status
-$     output_expected = "0"
-$     gosub check_output
-$     if (output .ne. 1)
-$     then
-$         failure = "SunOStest"
-$     else
-$         delete 'f$parse( tmp_file_name)'
-$     endif
-$ endif
-$!
-$! Test for SCO bc bug.
-$!
-$ if (failure .eqs. "")
-$ then
-$!
-$     define /user_mode sys$output 'tmp_file_name'
-$     bc
-obase=16
-ibase=16
--FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4AEC6F15AC177F176F2274D2\
-9DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7F5ADFACEE54573F5D256A06\
-11B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99FB9812A0E4A5773D8B254117\
-1239157EC6E3D8D50199 * -FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4\
-AEC6F15AC177F176F2274D29DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7\
-F5ADFACEE54573F5D256A0611B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99F\
-B9812A0E4A5773D8B2541171239157EC6E3D8D50199 - FFBACC221682DA464B6D7F123482522\
-02EDAEDCA38C3B69E9B7BBCD6165A9CD8716C4903417F23C09A85B851961F92C217258CEEB866\
-85EFCC5DD131853A02C07A873B8E2AF2E40C6D5ED598CD0E8F35AD49F3C3A17FDB7653E4E2DC4\
-A8D23CC34686EE4AD01F7407A7CD74429AC6D36DBF0CB6A3E302D0E5BDFCD048A3B90C1BE5AA8\
-E16C3D5884F9136B43FF7BB443764153D4AEC176C681B078F4CC53D6EB6AB76285537DDEE7C18\
-8C72441B52EDBDDBC77E02D34E513F2AABF92F44109CAFE8242BD0ECBAC5604A94B02EA44D43C\
-04E9476E6FBC48043916BFA1485C6093603600273C9C33F13114D78064AE42F3DC466C7DA543D\
-89C8D71
-AD534AFBED2FA39EE9F40E20FCF9E2C861024DB98DDCBA1CD118C49CA55EEBC20D6BA51B2271C\
-928B693D6A73F67FEB1B4571448588B46194617D25D910C6A9A130CC963155CF34079CB218A44\
-8A1F57E276D92A33386DDCA3D241DB78C8974ABD71DD05B0FA555709C9910D745185E6FE108E3\
-37F1907D0C56F8BFBF52B9704 % -E557905B56B13441574CAFCE2BD257A750B1A8B2C88D0E36\
-E18EF7C38DAC80D3948E17ED63AFF3B3467866E3B89D09A81B3D16B52F6A3C7134D3C6F5123E9\
-F617E3145BBFBE9AFD0D6E437EA4FF6F04BC67C4F1458B4F0F47B64 - 1C2BBBB19B74E86FD32\
-9E8DB6A8C3B1B9986D57ED5419C2E855F7D5469E35E76334BB42F4C43E3F3A31B9697C171DAC4\
-D97935A7E1A14AD209D6CF811F55C6DB83AA9E6DFECFCD6669DED7171EE22A40C6181615CAF3F\
-5296964
-$     status = $status
-$     output_expected = "0\0"
-$     gosub check_output
-$     if (output .ne. 1)
-$     then
-$         failure = "SCOtest"
-$     else
-$         delete 'f$parse( tmp_file_name)'
-$     endif
-$ endif
-$!
-$! Test for working 'print' command.
-$!
-$ if (failure .eqs. "")
-$ then
-$!
-$     define /user_mode sys$output 'tmp_file_name'
-$     bc
-print "OK"
-$     status = $status
-$     output_expected = "OK"
-$     gosub check_output
-$     if (output .ne. 1)
-$     then
-$         failure = "printtest"
-$     else
-$         delete 'f$parse( tmp_file_name)'
-$     endif
-$ endif
-$!
-$ if (failure .nes. "")
-$ then
-$     write sys$output -
-       "No working bc found.  Consider installing GNU bc."
-$     exit %X00030000 ! %DCL-W-NORMAL
-$ endif
-$!
-$ exit
-$!
-$!
-$! Complete "bc" command failure.
-$!
-$ bc_fail:
-$ write sys$output -
-   "No ""bc"" program/symbol found.  Consider installing GNU bc."
-$ exit %X00030000 ! %DCL-W-NORMAL
-$!
-$!
-$! Output check subroutine.
-$!
-$ check_output:
-$     eof = 0
-$     line_nr = 0
-$     open /read tmp_file 'tmp_file_name'
-$     c_o_loop:
-$         read /error = error_read tmp_file line
-$         goto ok_read
-$         error_read:
-$         eof = 1
-$         ok_read:
-$         line_expected = f$element( line_nr, "\", output_expected)
-$         line_nr = line_nr+ 1
-$     if ((line_expected .nes. "\") .and. (.not. eof) .and. -
-       (line_expected .eqs. line)) then goto c_o_loop
-$!
-$     if ((line_expected .eqs. "\") .and. eof)
-$     then
-$         output = 1
-$     else
-$         output = 0
-$     endif
-$     close tmp_file
-$ return
-$!
diff --git a/deps/openssl/openssl/test/bftest.c b/deps/openssl/openssl/test/bftest.c
deleted file mode 120000
index 78b1749a4d1..00000000000
--- a/deps/openssl/openssl/test/bftest.c
+++ /dev/null
@@ -1 +0,0 @@
-../crypto/bf/bftest.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/bntest.c b/deps/openssl/openssl/test/bntest.c
deleted file mode 120000
index 03f54a238ef..00000000000
--- a/deps/openssl/openssl/test/bntest.c
+++ /dev/null
@@ -1 +0,0 @@
-../crypto/bn/bntest.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/bntest.com b/deps/openssl/openssl/test/bntest.com
deleted file mode 100644
index 6545d2e5a58..00000000000
--- a/deps/openssl/openssl/test/bntest.com
+++ /dev/null
@@ -1,76 +0,0 @@
-$!
-$! Analyze bntest output file.
-$!
-$! Exit status = 1 (success) if all tests passed,
-$!               0 (warning) if any test failed.
-$!
-$! 2011-02-20 SMS.  Added code to skip "#" comments in the input file.
-$!
-$! 2010-04-05 SMS.  New.  Based (loosely) on perl code in bntest-vms.sh.
-$!
-$!                  Expect data like:
-$!                        test test_name1
-$!                        0
-$!                        [...]
-$!                        test test_name2
-$!                        0
-$!                        [...]
-$!                        [...]
-$!
-$!                  Some tests have no following "0" lines.
-$!
-$ result_file_name = f$edit( p1, "TRIM")
-$ if (result_file_name .eqs. "")
-$ then
-$     result_file_name = "bntest-vms.out"
-$ endif
-$!
-$ fail = 0
-$ passed = 0
-$ tests = 0
-$!
-$ on control_c then goto tidy
-$ on error then goto tidy
-$!
-$ open /read result_file 'result_file_name'
-$!
-$ read_loop:
-$     read /end = read_loop_end /error = tidy result_file line
-$     t1 = f$element( 0, " ", line)
-$!
-$!    Skip "#" comment lines.
-$     if (f$extract( 0, 1, f$edit( line, "TRIM")) .eqs. "#") then -
-       goto read_loop
-$!
-$     if (t1 .eqs. "test")
-$     then
-$         passed = passed+ 1
-$         tests = tests+ 1
-$         fail = 1
-$         t2 = f$extract( 5, 1000, line)
-$         write sys$output "verify ''t2'"
-$     else
-$         if (t1 .nes. "0")
-$         then
-$             write sys$output "Failed! bc: ''line'"
-$             passed = passed- fail
-$             fail = 0
-$         endif
-$     endif
-$ goto read_loop
-$ read_loop_end:
-$ write sys$output "''passed'/''tests' tests passed"
-$!
-$ tidy:
-$ if f$trnlnm( "result_file", "LNM$PROCESS_TABLE", , "SUPERVISOR", , "CONFINE")
-$ then
-$     close result_file
-$ endif
-$!
-$ if ((tests .gt. 0) .and. (tests .eq. passed))
-$ then
-$    exit 1
-$ else
-$    exit 0
-$ endif
-$!
diff --git a/deps/openssl/openssl/test/casttest.c b/deps/openssl/openssl/test/casttest.c
deleted file mode 120000
index ac7ede8d795..00000000000
--- a/deps/openssl/openssl/test/casttest.c
+++ /dev/null
@@ -1 +0,0 @@
-../crypto/cast/casttest.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/clean_test.com b/deps/openssl/openssl/test/clean_test.com
deleted file mode 100644
index 7df633fbef1..00000000000
--- a/deps/openssl/openssl/test/clean_test.com
+++ /dev/null
@@ -1,35 +0,0 @@
-$!
-$! Delete various test results files.
-$!
-$ def_orig = f$environment( "default")
-$ proc = f$environment( "procedure")
-$ proc_dev_dir = f$parse( "A.;", proc) - "A.;"
-$!
-$ on control_c then goto tidy
-$ on error then goto tidy
-$!
-$ set default 'proc_dev_dir'
-$!
-$ files := *.cms;*, *.srl;*, *.ss;*, -
-   cms.err;*, cms.out;*, newreq.pem;*, -
-   p.txt-zlib-cipher;*, -
-   smtst.txt;*, testkey.pem;*, testreq.pem;*, -
-   test_*.err;*, test_*.out;*, -
-   .rnd;*
-$!
-$ delim = ","
-$ i = 0
-$ loop:
-$    file = f$edit( f$element( i, delim, files), "trim")
-$    if (file .eqs. delim) then goto loop_end
-$    if (f$search( file) .nes. "") then -
-      delete 'p1' 'file'
-$    i = i+ 1
-$ goto loop
-$ loop_end:
-$!
-$ tidy:
-$ 
-$ if (f$type( def_orig) .nes. "") then -
-   set default 'def_orig'
-$!
diff --git a/deps/openssl/openssl/test/cms-examples.pl b/deps/openssl/openssl/test/cms-examples.pl
deleted file mode 100644
index 2e95b48ba45..00000000000
--- a/deps/openssl/openssl/test/cms-examples.pl
+++ /dev/null
@@ -1,409 +0,0 @@
-# test/cms-examples.pl
-# Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
-# project.
-#
-# ====================================================================
-# Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# 1. Redistributions of source code must retain the above copyright
-#    notice, this list of conditions and the following disclaimer.
-#
-# 2. Redistributions in binary form must reproduce the above copyright
-#    notice, this list of conditions and the following disclaimer in
-#    the documentation and/or other materials provided with the
-#    distribution.
-#
-# 3. All advertising materials mentioning features or use of this
-#    software must display the following acknowledgment:
-#    "This product includes software developed by the OpenSSL Project
-#    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
-#
-# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
-#    endorse or promote products derived from this software without
-#    prior written permission. For written permission, please contact
-#    licensing@OpenSSL.org.
-#
-# 5. Products derived from this software may not be called "OpenSSL"
-#    nor may "OpenSSL" appear in their names without prior written
-#    permission of the OpenSSL Project.
-#
-# 6. Redistributions of any form whatsoever must retain the following
-#    acknowledgment:
-#    "This product includes software developed by the OpenSSL Project
-#    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
-#
-# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
-# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-# PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
-# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-# OF THE POSSIBILITY OF SUCH DAMAGE.
-# ====================================================================
-
-# Perl script to run tests against S/MIME examples in RFC4134
-# Assumes RFC is in current directory and called "rfc4134.txt"
-
-use MIME::Base64;
-
-my $badttest = 0;
-my $verbose  = 1;
-
-my $cmscmd;
-my $exdir  = "./";
-my $exfile = "./rfc4134.txt";
-
-if (-f "../apps/openssl")
-	{
-	$cmscmd = "../util/shlib_wrap.sh ../apps/openssl cms";
-	}
-elsif (-f "..\\out32dll\\openssl.exe")
-	{
-	$cmscmd = "..\\out32dll\\openssl.exe cms";
-	}
-elsif (-f "..\\out32\\openssl.exe")
-	{
-	$cmscmd = "..\\out32\\openssl.exe cms";
-	}
-
-my @test_list = (
-    [ "3.1.bin"  => "dataout" ],
-    [ "3.2.bin"  => "encode, dataout" ],
-    [ "4.1.bin"  => "encode, verifyder, cont, dss" ],
-    [ "4.2.bin"  => "encode, verifyder, cont, rsa" ],
-    [ "4.3.bin"  => "encode, verifyder, cont_extern, dss" ],
-    [ "4.4.bin"  => "encode, verifyder, cont, dss" ],
-    [ "4.5.bin"  => "verifyder, cont, rsa" ],
-    [ "4.6.bin"  => "encode, verifyder, cont, dss" ],
-    [ "4.7.bin"  => "encode, verifyder, cont, dss" ],
-    [ "4.8.eml"  => "verifymime, dss" ],
-    [ "4.9.eml"  => "verifymime, dss" ],
-    [ "4.10.bin" => "encode, verifyder, cont, dss" ],
-    [ "4.11.bin" => "encode, certsout" ],
-    [ "5.1.bin"  => "encode, envelopeder, cont" ],
-    [ "5.2.bin"  => "encode, envelopeder, cont" ],
-    [ "5.3.eml"  => "envelopemime, cont" ],
-    [ "6.0.bin"  => "encode, digest, cont" ],
-    [ "7.1.bin"  => "encode, encrypted, cont" ],
-    [ "7.2.bin"  => "encode, encrypted, cont" ]
-);
-
-# Extract examples from RFC4134 text.
-# Base64 decode all examples, certificates and
-# private keys are converted to PEM format.
-
-my ( $filename, $data );
-
-my @cleanup = ( "cms.out", "cms.err", "tmp.der", "tmp.txt" );
-
-$data = "";
-
-open( IN, $exfile ) || die "Can't Open RFC examples file $exfile";
-
-while () {
-    next unless (/^\|/);
-    s/^\|//;
-    next if (/^\*/);
-    if (/^>(.*)$/) {
-        $filename = $1;
-        next;
-    }
-    if (/^$filename";
-            binmode OUT;
-            print OUT $data;
-            close OUT;
-            push @cleanup, $filename;
-        }
-        elsif ( $filename =~ /\.cer$/ ) {
-            write_pem( $filename, "CERTIFICATE", $data );
-        }
-        elsif ( $filename =~ /\.pri$/ ) {
-            write_pem( $filename, "PRIVATE KEY", $data );
-        }
-        $data     = "";
-        $filename = "";
-    }
-    else {
-        $data .= $_;
-    }
-
-}
-
-my $secretkey =
-  "73:7c:79:1f:25:ea:d0:e0:46:29:25:43:52:f7:dc:62:91:e5:cb:26:91:7a:da:32";
-
-foreach (@test_list) {
-    my ( $file, $tlist ) = @$_;
-    print "Example file $file:\n";
-    if ( $tlist =~ /encode/ ) {
-        run_reencode_test( $exdir, $file );
-    }
-    if ( $tlist =~ /certsout/ ) {
-        run_certsout_test( $exdir, $file );
-    }
-    if ( $tlist =~ /dataout/ ) {
-        run_dataout_test( $exdir, $file );
-    }
-    if ( $tlist =~ /verify/ ) {
-        run_verify_test( $exdir, $tlist, $file );
-    }
-    if ( $tlist =~ /digest/ ) {
-        run_digest_test( $exdir, $tlist, $file );
-    }
-    if ( $tlist =~ /encrypted/ ) {
-        run_encrypted_test( $exdir, $tlist, $file, $secretkey );
-    }
-    if ( $tlist =~ /envelope/ ) {
-        run_envelope_test( $exdir, $tlist, $file );
-    }
-
-}
-
-foreach (@cleanup) {
-    unlink $_;
-}
-
-if ($badtest) {
-    print "\n$badtest TESTS FAILED!!\n";
-}
-else {
-    print "\n***All tests successful***\n";
-}
-
-sub write_pem {
-    my ( $filename, $str, $data ) = @_;
-
-    $filename =~ s/\.[^.]*$/.pem/;
-
-    push @cleanup, $filename;
-
-    open OUT, ">$filename";
-
-    print OUT "-----BEGIN $str-----\n";
-    print OUT $data;
-    print OUT "-----END $str-----\n";
-
-    close OUT;
-}
-
-sub run_reencode_test {
-    my ( $cmsdir, $tfile ) = @_;
-    unlink "tmp.der";
-
-    system( "$cmscmd -cmsout -inform DER -outform DER"
-          . " -in $cmsdir/$tfile -out tmp.der" );
-
-    if ($?) {
-        print "\tReencode command FAILED!!\n";
-        $badtest++;
-    }
-    elsif ( !cmp_files( "$cmsdir/$tfile", "tmp.der" ) ) {
-        print "\tReencode FAILED!!\n";
-        $badtest++;
-    }
-    else {
-        print "\tReencode passed\n" if $verbose;
-    }
-}
-
-sub run_certsout_test {
-    my ( $cmsdir, $tfile ) = @_;
-    unlink "tmp.der";
-    unlink "tmp.pem";
-
-    system( "$cmscmd -cmsout -inform DER -certsout tmp.pem"
-          . " -in $cmsdir/$tfile -out tmp.der" );
-
-    if ($?) {
-        print "\tCertificate output command FAILED!!\n";
-        $badtest++;
-    }
-    else {
-        print "\tCertificate output passed\n" if $verbose;
-    }
-}
-
-sub run_dataout_test {
-    my ( $cmsdir, $tfile ) = @_;
-    unlink "tmp.txt";
-
-    system(
-        "$cmscmd -data_out -inform DER" . " -in $cmsdir/$tfile -out tmp.txt" );
-
-    if ($?) {
-        print "\tDataout command FAILED!!\n";
-        $badtest++;
-    }
-    elsif ( !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) ) {
-        print "\tDataout compare FAILED!!\n";
-        $badtest++;
-    }
-    else {
-        print "\tDataout passed\n" if $verbose;
-    }
-}
-
-sub run_verify_test {
-    my ( $cmsdir, $tlist, $tfile ) = @_;
-    unlink "tmp.txt";
-
-    $form   = "DER"                     if $tlist =~ /verifyder/;
-    $form   = "SMIME"                   if $tlist =~ /verifymime/;
-    $cafile = "$cmsdir/CarlDSSSelf.pem" if $tlist =~ /dss/;
-    $cafile = "$cmsdir/CarlRSASelf.pem" if $tlist =~ /rsa/;
-
-    $cmd =
-        "$cmscmd -verify -inform $form"
-      . " -CAfile $cafile"
-      . " -in $cmsdir/$tfile -out tmp.txt";
-
-    $cmd .= " -content $cmsdir/ExContent.bin" if $tlist =~ /cont_extern/;
-
-    system("$cmd 2>cms.err 1>cms.out");
-
-    if ($?) {
-        print "\tVerify command FAILED!!\n";
-        $badtest++;
-    }
-    elsif ( $tlist =~ /cont/
-        && !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) )
-    {
-        print "\tVerify content compare FAILED!!\n";
-        $badtest++;
-    }
-    else {
-        print "\tVerify passed\n" if $verbose;
-    }
-}
-
-sub run_envelope_test {
-    my ( $cmsdir, $tlist, $tfile ) = @_;
-    unlink "tmp.txt";
-
-    $form = "DER"   if $tlist =~ /envelopeder/;
-    $form = "SMIME" if $tlist =~ /envelopemime/;
-
-    $cmd =
-        "$cmscmd -decrypt -inform $form"
-      . " -recip $cmsdir/BobRSASignByCarl.pem"
-      . " -inkey $cmsdir/BobPrivRSAEncrypt.pem"
-      . " -in $cmsdir/$tfile -out tmp.txt";
-
-    system("$cmd 2>cms.err 1>cms.out");
-
-    if ($?) {
-        print "\tDecrypt command FAILED!!\n";
-        $badtest++;
-    }
-    elsif ( $tlist =~ /cont/
-        && !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) )
-    {
-        print "\tDecrypt content compare FAILED!!\n";
-        $badtest++;
-    }
-    else {
-        print "\tDecrypt passed\n" if $verbose;
-    }
-}
-
-sub run_digest_test {
-    my ( $cmsdir, $tlist, $tfile ) = @_;
-    unlink "tmp.txt";
-
-    my $cmd =
-      "$cmscmd -digest_verify -inform DER" . " -in $cmsdir/$tfile -out tmp.txt";
-
-    system("$cmd 2>cms.err 1>cms.out");
-
-    if ($?) {
-        print "\tDigest verify command FAILED!!\n";
-        $badtest++;
-    }
-    elsif ( $tlist =~ /cont/
-        && !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) )
-    {
-        print "\tDigest verify content compare FAILED!!\n";
-        $badtest++;
-    }
-    else {
-        print "\tDigest verify passed\n" if $verbose;
-    }
-}
-
-sub run_encrypted_test {
-    my ( $cmsdir, $tlist, $tfile, $key ) = @_;
-    unlink "tmp.txt";
-
-    system( "$cmscmd -EncryptedData_decrypt -inform DER"
-          . " -secretkey $key"
-          . " -in $cmsdir/$tfile -out tmp.txt" );
-
-    if ($?) {
-        print "\tEncrypted Data command FAILED!!\n";
-        $badtest++;
-    }
-    elsif ( $tlist =~ /cont/
-        && !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) )
-    {
-        print "\tEncrypted Data content compare FAILED!!\n";
-        $badtest++;
-    }
-    else {
-        print "\tEncryptedData verify passed\n" if $verbose;
-    }
-}
-
-sub cmp_files {
-    my ( $f1, $f2 ) = @_;
-    my ( $fp1, $fp2 );
-
-    my ( $rd1, $rd2 );
-
-    if ( !open( $fp1, "<$f1" ) ) {
-        print STDERR "Can't Open file $f1\n";
-        return 0;
-    }
-
-    if ( !open( $fp2, "<$f2" ) ) {
-        print STDERR "Can't Open file $f2\n";
-        return 0;
-    }
-
-    binmode $fp1;
-    binmode $fp2;
-
-    my $ret = 0;
-
-    for ( ; ; ) {
-        $n1 = sysread $fp1, $rd1, 4096;
-        $n2 = sysread $fp2, $rd2, 4096;
-        last if ( $n1 != $n2 );
-        last if ( $rd1 ne $rd2 );
-
-        if ( $n1 == 0 ) {
-            $ret = 1;
-            last;
-        }
-
-    }
-
-    close $fp1;
-    close $fp2;
-
-    return $ret;
-
-}
-
diff --git a/deps/openssl/openssl/test/cms-test.pl b/deps/openssl/openssl/test/cms-test.pl
deleted file mode 100644
index c938bcf00df..00000000000
--- a/deps/openssl/openssl/test/cms-test.pl
+++ /dev/null
@@ -1,457 +0,0 @@
-# test/cms-test.pl
-# Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
-# project.
-#
-# ====================================================================
-# Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# 1. Redistributions of source code must retain the above copyright
-#    notice, this list of conditions and the following disclaimer.
-#
-# 2. Redistributions in binary form must reproduce the above copyright
-#    notice, this list of conditions and the following disclaimer in
-#    the documentation and/or other materials provided with the
-#    distribution.
-#
-# 3. All advertising materials mentioning features or use of this
-#    software must display the following acknowledgment:
-#    "This product includes software developed by the OpenSSL Project
-#    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
-#
-# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
-#    endorse or promote products derived from this software without
-#    prior written permission. For written permission, please contact
-#    licensing@OpenSSL.org.
-#
-# 5. Products derived from this software may not be called "OpenSSL"
-#    nor may "OpenSSL" appear in their names without prior written
-#    permission of the OpenSSL Project.
-#
-# 6. Redistributions of any form whatsoever must retain the following
-#    acknowledgment:
-#    "This product includes software developed by the OpenSSL Project
-#    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
-#
-# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
-# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-# PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
-# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-# OF THE POSSIBILITY OF SUCH DAMAGE.
-# ====================================================================
-
-# CMS, PKCS7 consistency test script. Run extensive tests on
-# OpenSSL PKCS#7 and CMS implementations.
-
-my $ossl_path;
-my $redir = " 2> cms.err > cms.out";
-# Make VMS work
-if ( $^O eq "VMS" && -f "OSSLX:openssl.exe" ) {
-    $ossl_path = "pipe mcr OSSLX:openssl";
-}
-# Make MSYS work
-elsif ( $^O eq "MSWin32" && -f "../apps/openssl.exe" ) {
-    $ossl_path = "cmd /c ..\\apps\\openssl";
-}
-elsif ( -f "../apps/openssl$ENV{EXE_EXT}" ) {
-    $ossl_path = "../util/shlib_wrap.sh ../apps/openssl";
-}
-elsif ( -f "..\\out32dll\\openssl.exe" ) {
-    $ossl_path = "..\\out32dll\\openssl.exe";
-}
-elsif ( -f "..\\out32\\openssl.exe" ) {
-    $ossl_path = "..\\out32\\openssl.exe";
-}
-else {
-    die "Can't find OpenSSL executable";
-}
-
-my $pk7cmd   = "$ossl_path smime ";
-my $cmscmd   = "$ossl_path cms ";
-my $smdir    = "smime-certs";
-my $halt_err = 1;
-
-my $badcmd = 0;
-my $ossl8 = `$ossl_path version -v` =~ /0\.9\.8/;
-
-my @smime_pkcs7_tests = (
-
-    [
-        "signed content DER format, RSA key",
-        "-sign -in smcont.txt -outform \"DER\" -nodetach"
-          . " -certfile $smdir/smroot.pem"
-          . " -signer $smdir/smrsa1.pem -out test.cms",
-        "-verify -in test.cms -inform \"DER\" "
-          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
-    ],
-
-    [
-        "signed detached content DER format, RSA key",
-        "-sign -in smcont.txt -outform \"DER\""
-          . " -signer $smdir/smrsa1.pem -out test.cms",
-        "-verify -in test.cms -inform \"DER\" "
-          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt -content smcont.txt"
-    ],
-
-    [
-        "signed content test streaming BER format, RSA",
-        "-sign -in smcont.txt -outform \"DER\" -nodetach"
-          . " -stream -signer $smdir/smrsa1.pem -out test.cms",
-        "-verify -in test.cms -inform \"DER\" "
-          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
-    ],
-
-    [
-        "signed content DER format, DSA key",
-        "-sign -in smcont.txt -outform \"DER\" -nodetach"
-          . " -signer $smdir/smdsa1.pem -out test.cms",
-        "-verify -in test.cms -inform \"DER\" "
-          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
-    ],
-
-    [
-        "signed detached content DER format, DSA key",
-        "-sign -in smcont.txt -outform \"DER\""
-          . " -signer $smdir/smdsa1.pem -out test.cms",
-        "-verify -in test.cms -inform \"DER\" "
-          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt -content smcont.txt"
-    ],
-
-    [
-        "signed detached content DER format, add RSA signer",
-        "-resign -inform \"DER\" -in test.cms -outform \"DER\""
-          . " -signer $smdir/smrsa1.pem -out test2.cms",
-        "-verify -in test2.cms -inform \"DER\" "
-          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt -content smcont.txt"
-    ],
-
-    [
-        "signed content test streaming BER format, DSA key",
-        "-sign -in smcont.txt -outform \"DER\" -nodetach"
-          . " -stream -signer $smdir/smdsa1.pem -out test.cms",
-        "-verify -in test.cms -inform \"DER\" "
-          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
-    ],
-
-    [
-        "signed content test streaming BER format, 2 DSA and 2 RSA keys",
-        "-sign -in smcont.txt -outform \"DER\" -nodetach"
-          . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
-          . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
-          . " -stream -out test.cms",
-        "-verify -in test.cms -inform \"DER\" "
-          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
-    ],
-
-    [
-"signed content test streaming BER format, 2 DSA and 2 RSA keys, no attributes",
-        "-sign -in smcont.txt -outform \"DER\" -noattr -nodetach"
-          . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
-          . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
-          . " -stream -out test.cms",
-        "-verify -in test.cms -inform \"DER\" "
-          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
-    ],
-
-    [
-        "signed content test streaming S/MIME format, 2 DSA and 2 RSA keys",
-        "-sign -in smcont.txt -nodetach"
-          . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
-          . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
-          . " -stream -out test.cms",
-        "-verify -in test.cms " . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
-    ],
-
-    [
-"signed content test streaming multipart S/MIME format, 2 DSA and 2 RSA keys",
-        "-sign -in smcont.txt"
-          . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
-          . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
-          . " -stream -out test.cms",
-        "-verify -in test.cms " . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
-    ],
-
-    [
-        "enveloped content test streaming S/MIME format, 3 recipients",
-        "-encrypt -in smcont.txt"
-          . " -stream -out test.cms"
-          . " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ",
-        "-decrypt -recip $smdir/smrsa1.pem -in test.cms -out smtst.txt"
-    ],
-
-    [
-"enveloped content test streaming S/MIME format, 3 recipients, 3rd used",
-        "-encrypt -in smcont.txt"
-          . " -stream -out test.cms"
-          . " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ",
-        "-decrypt -recip $smdir/smrsa3.pem -in test.cms -out smtst.txt"
-    ],
-
-    [
-"enveloped content test streaming S/MIME format, 3 recipients, key only used",
-        "-encrypt -in smcont.txt"
-          . " -stream -out test.cms"
-          . " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ",
-        "-decrypt -inkey $smdir/smrsa3.pem -in test.cms -out smtst.txt"
-    ],
-
-    [
-"enveloped content test streaming S/MIME format, AES-256 cipher, 3 recipients",
-        "-encrypt -in smcont.txt"
-          . " -aes256 -stream -out test.cms"
-          . " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ",
-        "-decrypt -recip $smdir/smrsa1.pem -in test.cms -out smtst.txt"
-    ],
-
-);
-
-my @smime_cms_tests = (
-
-    [
-        "signed content test streaming BER format, 2 DSA and 2 RSA keys, keyid",
-        "-sign -in smcont.txt -outform \"DER\" -nodetach -keyid"
-          . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
-          . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
-          . " -stream -out test.cms",
-        "-verify -in test.cms -inform \"DER\" "
-          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
-    ],
-
-    [
-        "signed content test streaming PEM format, 2 DSA and 2 RSA keys",
-        "-sign -in smcont.txt -outform PEM -nodetach"
-          . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
-          . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
-          . " -stream -out test.cms",
-        "-verify -in test.cms -inform PEM "
-          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
-    ],
-
-    [
-        "signed content MIME format, RSA key, signed receipt request",
-        "-sign -in smcont.txt -signer $smdir/smrsa1.pem -nodetach"
-          . " -receipt_request_to test\@openssl.org -receipt_request_all"
-          . " -out test.cms",
-        "-verify -in test.cms "
-          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
-    ],
-
-    [
-        "signed receipt MIME format, RSA key",
-        "-sign_receipt -in test.cms"
-          . " -signer $smdir/smrsa2.pem"
-          . " -out test2.cms",
-        "-verify_receipt test2.cms -in test.cms"
-          . " \"-CAfile\" $smdir/smroot.pem"
-    ],
-
-    [
-        "enveloped content test streaming S/MIME format, 3 recipients, keyid",
-        "-encrypt -in smcont.txt"
-          . " -stream -out test.cms -keyid"
-          . " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ",
-        "-decrypt -recip $smdir/smrsa1.pem -in test.cms -out smtst.txt"
-    ],
-
-    [
-        "enveloped content test streaming PEM format, KEK",
-        "-encrypt -in smcont.txt -outform PEM -aes128"
-          . " -stream -out test.cms "
-          . " -secretkey 000102030405060708090A0B0C0D0E0F "
-          . " -secretkeyid C0FEE0",
-        "-decrypt -in test.cms -out smtst.txt -inform PEM"
-          . " -secretkey 000102030405060708090A0B0C0D0E0F "
-          . " -secretkeyid C0FEE0"
-    ],
-
-    [
-        "enveloped content test streaming PEM format, KEK, key only",
-        "-encrypt -in smcont.txt -outform PEM -aes128"
-          . " -stream -out test.cms "
-          . " -secretkey 000102030405060708090A0B0C0D0E0F "
-          . " -secretkeyid C0FEE0",
-        "-decrypt -in test.cms -out smtst.txt -inform PEM"
-          . " -secretkey 000102030405060708090A0B0C0D0E0F "
-    ],
-
-    [
-        "data content test streaming PEM format",
-        "-data_create -in smcont.txt -outform PEM -nodetach"
-          . " -stream -out test.cms",
-        "-data_out -in test.cms -inform PEM -out smtst.txt"
-    ],
-
-    [
-        "encrypted content test streaming PEM format, 128 bit RC2 key",
-        "\"-EncryptedData_encrypt\" -in smcont.txt -outform PEM"
-          . " -rc2 -secretkey 000102030405060708090A0B0C0D0E0F"
-          . " -stream -out test.cms",
-        "\"-EncryptedData_decrypt\" -in test.cms -inform PEM "
-          . " -secretkey 000102030405060708090A0B0C0D0E0F -out smtst.txt"
-    ],
-
-    [
-        "encrypted content test streaming PEM format, 40 bit RC2 key",
-        "\"-EncryptedData_encrypt\" -in smcont.txt -outform PEM"
-          . " -rc2 -secretkey 0001020304"
-          . " -stream -out test.cms",
-        "\"-EncryptedData_decrypt\" -in test.cms -inform PEM "
-          . " -secretkey 0001020304 -out smtst.txt"
-    ],
-
-    [
-        "encrypted content test streaming PEM format, triple DES key",
-        "\"-EncryptedData_encrypt\" -in smcont.txt -outform PEM"
-          . " -des3 -secretkey 000102030405060708090A0B0C0D0E0F1011121314151617"
-          . " -stream -out test.cms",
-        "\"-EncryptedData_decrypt\" -in test.cms -inform PEM "
-          . " -secretkey 000102030405060708090A0B0C0D0E0F1011121314151617"
-          . " -out smtst.txt"
-    ],
-
-    [
-        "encrypted content test streaming PEM format, 128 bit AES key",
-        "\"-EncryptedData_encrypt\" -in smcont.txt -outform PEM"
-          . " -aes128 -secretkey 000102030405060708090A0B0C0D0E0F"
-          . " -stream -out test.cms",
-        "\"-EncryptedData_decrypt\" -in test.cms -inform PEM "
-          . " -secretkey 000102030405060708090A0B0C0D0E0F -out smtst.txt"
-    ],
-
-);
-
-my @smime_cms_comp_tests = (
-
-    [
-        "compressed content test streaming PEM format",
-        "-compress -in smcont.txt -outform PEM -nodetach"
-          . " -stream -out test.cms",
-        "-uncompress -in test.cms -inform PEM -out smtst.txt"
-    ]
-
-);
-
-print "CMS => PKCS#7 compatibility tests\n";
-
-run_smime_tests( \$badcmd, \@smime_pkcs7_tests, $cmscmd, $pk7cmd );
-
-print "CMS <= PKCS#7 compatibility tests\n";
-
-run_smime_tests( \$badcmd, \@smime_pkcs7_tests, $pk7cmd, $cmscmd );
-
-print "CMS <=> CMS consistency tests\n";
-
-run_smime_tests( \$badcmd, \@smime_pkcs7_tests, $cmscmd, $cmscmd );
-run_smime_tests( \$badcmd, \@smime_cms_tests,   $cmscmd, $cmscmd );
-
-if ( `$ossl_path version -f` =~ /ZLIB/ ) {
-    run_smime_tests( \$badcmd, \@smime_cms_comp_tests, $cmscmd, $cmscmd );
-}
-else {
-    print "Zlib not supported: compression tests skipped\n";
-}
-
-print "Running modified tests for OpenSSL 0.9.8 cms backport\n" if($ossl8);
-
-if ($badcmd) {
-    print "$badcmd TESTS FAILED!!\n";
-}
-else {
-    print "ALL TESTS SUCCESSFUL.\n";
-}
-
-unlink "test.cms";
-unlink "test2.cms";
-unlink "smtst.txt";
-unlink "cms.out";
-unlink "cms.err";
-
-sub run_smime_tests {
-    my ( $rv, $aref, $scmd, $vcmd ) = @_;
-
-    foreach $smtst (@$aref) {
-        my ( $tnam, $rscmd, $rvcmd ) = @$smtst;
-	if ($ossl8)
-		{
-		# Skip smime resign: 0.9.8 smime doesn't support -resign	
-		next if ($scmd =~ /smime/ && $rscmd =~ /-resign/);
-		# Disable streaming: option not supported in 0.9.8
-		$tnam =~ s/streaming//;	
-		$rscmd =~ s/-stream//;	
-		$rvcmd =~ s/-stream//;
-		}
-        system("$scmd$rscmd$redir");
-        if ($?) {
-            print "$tnam: generation error\n";
-            $$rv++;
-            exit 1 if $halt_err;
-            next;
-        }
-        system("$vcmd$rvcmd$redir");
-        if ($?) {
-            print "$tnam: verify error\n";
-            $$rv++;
-            exit 1 if $halt_err;
-            next;
-        }
-	if (!cmp_files("smtst.txt", "smcont.txt")) {
-            print "$tnam: content verify error\n";
-            $$rv++;
-            exit 1 if $halt_err;
-            next;
-	}
-        print "$tnam: OK\n";
-    }
-}
-
-sub cmp_files {
-    my ( $f1, $f2 ) = @_;
-    my ( $fp1, $fp2 );
-
-    my ( $rd1, $rd2 );
-
-    if ( !open( $fp1, "<$f1" ) ) {
-        print STDERR "Can't Open file $f1\n";
-        return 0;
-    }
-
-    if ( !open( $fp2, "<$f2" ) ) {
-        print STDERR "Can't Open file $f2\n";
-        return 0;
-    }
-
-    binmode $fp1;
-    binmode $fp2;
-
-    my $ret = 0;
-
-    for ( ; ; ) {
-        $n1 = sysread $fp1, $rd1, 4096;
-        $n2 = sysread $fp2, $rd2, 4096;
-        last if ( $n1 != $n2 );
-        last if ( $rd1 ne $rd2 );
-
-        if ( $n1 == 0 ) {
-            $ret = 1;
-            last;
-        }
-
-    }
-
-    close $fp1;
-    close $fp2;
-
-    return $ret;
-
-}
-
diff --git a/deps/openssl/openssl/test/destest.c b/deps/openssl/openssl/test/destest.c
deleted file mode 120000
index 5988c7303a3..00000000000
--- a/deps/openssl/openssl/test/destest.c
+++ /dev/null
@@ -1 +0,0 @@
-../crypto/des/destest.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/dhtest.c b/deps/openssl/openssl/test/dhtest.c
deleted file mode 120000
index 9a67f916288..00000000000
--- a/deps/openssl/openssl/test/dhtest.c
+++ /dev/null
@@ -1 +0,0 @@
-../crypto/dh/dhtest.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/dsatest.c b/deps/openssl/openssl/test/dsatest.c
deleted file mode 120000
index 16a1b5a349f..00000000000
--- a/deps/openssl/openssl/test/dsatest.c
+++ /dev/null
@@ -1 +0,0 @@
-../crypto/dsa/dsatest.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/dummytest.c b/deps/openssl/openssl/test/dummytest.c
deleted file mode 100644
index 5b4467e042b..00000000000
--- a/deps/openssl/openssl/test/dummytest.c
+++ /dev/null
@@ -1,48 +0,0 @@
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-
-int main(int argc, char *argv[])
-	{
-	char *p, *q = 0, *program;
-
-	p = strrchr(argv[0], '/');
-	if (!p) p = strrchr(argv[0], '\\');
-#ifdef OPENSSL_SYS_VMS
-	if (!p) p = strrchr(argv[0], ']');
-	if (p) q = strrchr(p, '>');
-	if (q) p = q;
-	if (!p) p = strrchr(argv[0], ':');
-	q = 0;
-#endif
-	if (p) p++;
-	if (!p) p = argv[0];
-	if (p) q = strchr(p, '.');
-	if (p && !q) q = p + strlen(p);
-
-	if (!p)
-		program = BUF_strdup("(unknown)");
-	else
-		{
-		program = OPENSSL_malloc((q - p) + 1);
-		strncpy(program, p, q - p);
-		program[q - p] = '\0';
-		}
-
-	for(p = program; *p; p++)
-		if (islower((unsigned char)(*p)))
-			*p = toupper((unsigned char)(*p));
-
-	q = strstr(program, "TEST");
-	if (q > p && q[-1] == '_') q--;
-	*q = '\0';
-
-	printf("No %s support\n", program);
-
-	OPENSSL_free(program);
-	return(0);
-	}
diff --git a/deps/openssl/openssl/test/ecdhtest.c b/deps/openssl/openssl/test/ecdhtest.c
deleted file mode 120000
index 206d98686d7..00000000000
--- a/deps/openssl/openssl/test/ecdhtest.c
+++ /dev/null
@@ -1 +0,0 @@
-../crypto/ecdh/ecdhtest.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/ecdsatest.c b/deps/openssl/openssl/test/ecdsatest.c
deleted file mode 120000
index 441082ba243..00000000000
--- a/deps/openssl/openssl/test/ecdsatest.c
+++ /dev/null
@@ -1 +0,0 @@
-../crypto/ecdsa/ecdsatest.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/ectest.c b/deps/openssl/openssl/test/ectest.c
deleted file mode 120000
index df1831f812c..00000000000
--- a/deps/openssl/openssl/test/ectest.c
+++ /dev/null
@@ -1 +0,0 @@
-../crypto/ec/ectest.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/enginetest.c b/deps/openssl/openssl/test/enginetest.c
deleted file mode 120000
index 5c74a6f4189..00000000000
--- a/deps/openssl/openssl/test/enginetest.c
+++ /dev/null
@@ -1 +0,0 @@
-../crypto/engine/enginetest.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/evp_test.c b/deps/openssl/openssl/test/evp_test.c
deleted file mode 120000
index 074162812a3..00000000000
--- a/deps/openssl/openssl/test/evp_test.c
+++ /dev/null
@@ -1 +0,0 @@
-../crypto/evp/evp_test.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/evptests.txt b/deps/openssl/openssl/test/evptests.txt
deleted file mode 100644
index beb12144b6a..00000000000
--- a/deps/openssl/openssl/test/evptests.txt
+++ /dev/null
@@ -1,321 +0,0 @@
-#cipher:key:iv:plaintext:ciphertext:0/1(decrypt/encrypt)
-#digest:::input:output
-
-# SHA(1) tests (from shatest.c)
-SHA1:::616263:a9993e364706816aba3e25717850c26c9cd0d89d
-
-# MD5 tests (from md5test.c)
-MD5::::d41d8cd98f00b204e9800998ecf8427e
-MD5:::61:0cc175b9c0f1b6a831c399e269772661
-MD5:::616263:900150983cd24fb0d6963f7d28e17f72
-MD5:::6d65737361676520646967657374:f96b697d7cb7938d525a2f31aaf161d0
-MD5:::6162636465666768696a6b6c6d6e6f707172737475767778797a:c3fcd3d76192e4007dfb496cca67e13b
-MD5:::4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839:d174ab98d277d9f5a5611c2c9f419d9f
-MD5:::3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930:57edf4a22be3c955ac49da2e2107b67a
-
-# AES 128 ECB tests (from FIPS-197 test vectors, encrypt)
-
-AES-128-ECB:000102030405060708090A0B0C0D0E0F::00112233445566778899AABBCCDDEEFF:69C4E0D86A7B0430D8CDB78070B4C55A:1
-
-# AES 192 ECB tests (from FIPS-197 test vectors, encrypt)
-
-AES-192-ECB:000102030405060708090A0B0C0D0E0F1011121314151617::00112233445566778899AABBCCDDEEFF:DDA97CA4864CDFE06EAF70A0EC0D7191:1
-
-# AES 256 ECB tests (from FIPS-197 test vectors, encrypt)
-
-AES-256-ECB:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F::00112233445566778899AABBCCDDEEFF:8EA2B7CA516745BFEAFC49904B496089:1
-
-# AES 128 ECB tests (from NIST test vectors, encrypt)
-
-#AES-128-ECB:00000000000000000000000000000000::00000000000000000000000000000000:C34C052CC0DA8D73451AFE5F03BE297F:1
-
-# AES 128 ECB tests (from NIST test vectors, decrypt)
-
-#AES-128-ECB:00000000000000000000000000000000::44416AC2D1F53C583303917E6BE9EBE0:00000000000000000000000000000000:0
-
-# AES 192 ECB tests (from NIST test vectors, decrypt)
-
-#AES-192-ECB:000000000000000000000000000000000000000000000000::48E31E9E256718F29229319C19F15BA4:00000000000000000000000000000000:0
-
-# AES 256 ECB tests (from NIST test vectors, decrypt)
-
-#AES-256-ECB:0000000000000000000000000000000000000000000000000000000000000000::058CCFFDBBCB382D1F6F56585D8A4ADE:00000000000000000000000000000000:0
-
-# AES 128 CBC tests (from NIST test vectors, encrypt)
-
-#AES-128-CBC:00000000000000000000000000000000:00000000000000000000000000000000:00000000000000000000000000000000:8A05FC5E095AF4848A08D328D3688E3D:1
-
-# AES 192 CBC tests (from NIST test vectors, encrypt)
-
-#AES-192-CBC:000000000000000000000000000000000000000000000000:00000000000000000000000000000000:00000000000000000000000000000000:7BD966D53AD8C1BB85D2ADFAE87BB104:1
-
-# AES 256 CBC tests (from NIST test vectors, encrypt)
-
-#AES-256-CBC:0000000000000000000000000000000000000000000000000000000000000000:00000000000000000000000000000000:00000000000000000000000000000000:FE3C53653E2F45B56FCD88B2CC898FF0:1
-
-# AES 128 CBC tests (from NIST test vectors, decrypt)
-
-#AES-128-CBC:00000000000000000000000000000000:00000000000000000000000000000000:FACA37E0B0C85373DF706E73F7C9AF86:00000000000000000000000000000000:0
-
-# AES tests from NIST document SP800-38A
-# For all ECB encrypts and decrypts, the transformed sequence is
-#   AES-bits-ECB:key::plaintext:ciphertext:encdec
-# ECB-AES128.Encrypt and ECB-AES128.Decrypt
-AES-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::6BC1BEE22E409F96E93D7E117393172A:3AD77BB40D7A3660A89ECAF32466EF97
-AES-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::AE2D8A571E03AC9C9EB76FAC45AF8E51:F5D3D58503B9699DE785895A96FDBAAF
-AES-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::30C81C46A35CE411E5FBC1191A0A52EF:43B1CD7F598ECE23881B00E3ED030688
-AES-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::F69F2445DF4F9B17AD2B417BE66C3710:7B0C785E27E8AD3F8223207104725DD4
-# ECB-AES192.Encrypt and ECB-AES192.Decrypt 
-AES-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::6BC1BEE22E409F96E93D7E117393172A:BD334F1D6E45F25FF712A214571FA5CC
-AES-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::AE2D8A571E03AC9C9EB76FAC45AF8E51:974104846D0AD3AD7734ECB3ECEE4EEF
-AES-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::30C81C46A35CE411E5FBC1191A0A52EF:EF7AFD2270E2E60ADCE0BA2FACE6444E
-AES-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::F69F2445DF4F9B17AD2B417BE66C3710:9A4B41BA738D6C72FB16691603C18E0E
-# ECB-AES256.Encrypt and ECB-AES256.Decrypt 
-AES-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::6BC1BEE22E409F96E93D7E117393172A:F3EED1BDB5D2A03C064B5A7E3DB181F8
-AES-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::AE2D8A571E03AC9C9EB76FAC45AF8E51:591CCB10D410ED26DC5BA74A31362870
-AES-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::30C81C46A35CE411E5FBC1191A0A52EF:B6ED21B99CA6F4F9F153E7B1BEAFED1D
-AES-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::F69F2445DF4F9B17AD2B417BE66C3710:23304B7A39F9F3FF067D8D8F9E24ECC7
-# For all CBC encrypts and decrypts, the transformed sequence is
-#   AES-bits-CBC:key:IV/ciphertext':plaintext:ciphertext:encdec
-# CBC-AES128.Encrypt and CBC-AES128.Decrypt 
-AES-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:7649ABAC8119B246CEE98E9B12E9197D
-AES-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:7649ABAC8119B246CEE98E9B12E9197D:AE2D8A571E03AC9C9EB76FAC45AF8E51:5086CB9B507219EE95DB113A917678B2
-AES-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:5086CB9B507219EE95DB113A917678B2:30C81C46A35CE411E5FBC1191A0A52EF:73BED6B8E3C1743B7116E69E22229516
-AES-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:73BED6B8E3C1743B7116E69E22229516:F69F2445DF4F9B17AD2B417BE66C3710:3FF1CAA1681FAC09120ECA307586E1A7
-# CBC-AES192.Encrypt and CBC-AES192.Decrypt 
-AES-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:4F021DB243BC633D7178183A9FA071E8
-AES-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:4F021DB243BC633D7178183A9FA071E8:AE2D8A571E03AC9C9EB76FAC45AF8E51:B4D9ADA9AD7DEDF4E5E738763F69145A
-AES-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:B4D9ADA9AD7DEDF4E5E738763F69145A:30C81C46A35CE411E5FBC1191A0A52EF:571B242012FB7AE07FA9BAAC3DF102E0
-AES-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:571B242012FB7AE07FA9BAAC3DF102E0:F69F2445DF4F9B17AD2B417BE66C3710:08B0E27988598881D920A9E64F5615CD
-# CBC-AES256.Encrypt and CBC-AES256.Decrypt 
-AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:F58C4C04D6E5F1BA779EABFB5F7BFBD6
-AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:F58C4C04D6E5F1BA779EABFB5F7BFBD6:AE2D8A571E03AC9C9EB76FAC45AF8E51:9CFC4E967EDB808D679F777BC6702C7D
-AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:9CFC4E967EDB808D679F777BC6702C7D:30C81C46A35CE411E5FBC1191A0A52EF:39F23369A9D9BACFA530E26304231461
-AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:39F23369A9D9BACFA530E26304231461:F69F2445DF4F9B17AD2B417BE66C3710:B2EB05E2C39BE9FCDA6C19078C6A9D1B
-# We don't support CFB{1,8}-AESxxx.{En,De}crypt
-# For all CFB128 encrypts and decrypts, the transformed sequence is
-#   AES-bits-CFB:key:IV/ciphertext':plaintext:ciphertext:encdec
-# CFB128-AES128.Encrypt 
-AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:3B3FD92EB72DAD20333449F8E83CFB4A:1
-AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:3B3FD92EB72DAD20333449F8E83CFB4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:C8A64537A0B3A93FCDE3CDAD9F1CE58B:1
-AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:C8A64537A0B3A93FCDE3CDAD9F1CE58B:30C81C46A35CE411E5FBC1191A0A52EF:26751F67A3CBB140B1808CF187A4F4DF:1
-AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:26751F67A3CBB140B1808CF187A4F4DF:F69F2445DF4F9B17AD2B417BE66C3710:C04B05357C5D1C0EEAC4C66F9FF7F2E6:1
-# CFB128-AES128.Decrypt 
-AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:3B3FD92EB72DAD20333449F8E83CFB4A:0
-AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:3B3FD92EB72DAD20333449F8E83CFB4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:C8A64537A0B3A93FCDE3CDAD9F1CE58B:0
-AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:C8A64537A0B3A93FCDE3CDAD9F1CE58B:30C81C46A35CE411E5FBC1191A0A52EF:26751F67A3CBB140B1808CF187A4F4DF:0
-AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:26751F67A3CBB140B1808CF187A4F4DF:F69F2445DF4F9B17AD2B417BE66C3710:C04B05357C5D1C0EEAC4C66F9FF7F2E6:0
-# CFB128-AES192.Encrypt
-AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CDC80D6FDDF18CAB34C25909C99A4174:1
-AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:CDC80D6FDDF18CAB34C25909C99A4174:AE2D8A571E03AC9C9EB76FAC45AF8E51:67CE7F7F81173621961A2B70171D3D7A:1
-AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:67CE7F7F81173621961A2B70171D3D7A:30C81C46A35CE411E5FBC1191A0A52EF:2E1E8A1DD59B88B1C8E60FED1EFAC4C9:1
-AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:2E1E8A1DD59B88B1C8E60FED1EFAC4C9:F69F2445DF4F9B17AD2B417BE66C3710:C05F9F9CA9834FA042AE8FBA584B09FF:1
-# CFB128-AES192.Decrypt
-AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CDC80D6FDDF18CAB34C25909C99A4174:0
-AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:CDC80D6FDDF18CAB34C25909C99A4174:AE2D8A571E03AC9C9EB76FAC45AF8E51:67CE7F7F81173621961A2B70171D3D7A:0
-AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:67CE7F7F81173621961A2B70171D3D7A:30C81C46A35CE411E5FBC1191A0A52EF:2E1E8A1DD59B88B1C8E60FED1EFAC4C9:0
-AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:2E1E8A1DD59B88B1C8E60FED1EFAC4C9:F69F2445DF4F9B17AD2B417BE66C3710:C05F9F9CA9834FA042AE8FBA584B09FF:0
-# CFB128-AES256.Encrypt 
-AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:DC7E84BFDA79164B7ECD8486985D3860:1
-AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:DC7E84BFDA79164B7ECD8486985D3860:AE2D8A571E03AC9C9EB76FAC45AF8E51:39FFED143B28B1C832113C6331E5407B:1
-AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:39FFED143B28B1C832113C6331E5407B:30C81C46A35CE411E5FBC1191A0A52EF:DF10132415E54B92A13ED0A8267AE2F9:1
-AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:DF10132415E54B92A13ED0A8267AE2F9:F69F2445DF4F9B17AD2B417BE66C3710:75A385741AB9CEF82031623D55B1E471:1
-# CFB128-AES256.Decrypt 
-AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:DC7E84BFDA79164B7ECD8486985D3860:0
-AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:DC7E84BFDA79164B7ECD8486985D3860:AE2D8A571E03AC9C9EB76FAC45AF8E51:39FFED143B28B1C832113C6331E5407B:0
-AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:39FFED143B28B1C832113C6331E5407B:30C81C46A35CE411E5FBC1191A0A52EF:DF10132415E54B92A13ED0A8267AE2F9:0
-AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:DF10132415E54B92A13ED0A8267AE2F9:F69F2445DF4F9B17AD2B417BE66C3710:75A385741AB9CEF82031623D55B1E471:0
-# For all OFB encrypts and decrypts, the transformed sequence is
-#   AES-bits-CFB:key:IV/output':plaintext:ciphertext:encdec
-# OFB-AES128.Encrypt 
-AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:3B3FD92EB72DAD20333449F8E83CFB4A:1 
-AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:7789508D16918F03F53C52DAC54ED825:1 
-AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:9740051E9C5FECF64344F7A82260EDCC:1 
-AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:304C6528F659C77866A510D9C1D6AE5E:1 
-# OFB-AES128.Decrypt 
-AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:3B3FD92EB72DAD20333449F8E83CFB4A:0
-AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:7789508D16918F03F53C52DAC54ED825:0
-AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:9740051E9C5FECF64344F7A82260EDCC:0
-AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:304C6528F659C77866A510D9C1D6AE5E:0
-# OFB-AES192.Encrypt 
-AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CDC80D6FDDF18CAB34C25909C99A4174:1 
-AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:FCC28B8D4C63837C09E81700C1100401:1 
-AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:8D9A9AEAC0F6596F559C6D4DAF59A5F2:1 
-AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:6D9F200857CA6C3E9CAC524BD9ACC92A:1 
-# OFB-AES192.Decrypt 
-AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CDC80D6FDDF18CAB34C25909C99A4174:0 
-AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:FCC28B8D4C63837C09E81700C1100401:0 
-AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:8D9A9AEAC0F6596F559C6D4DAF59A5F2:0 
-AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:6D9F200857CA6C3E9CAC524BD9ACC92A:0 
-# OFB-AES256.Encrypt 
-AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:DC7E84BFDA79164B7ECD8486985D3860:1
-AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:4FEBDC6740D20B3AC88F6AD82A4FB08D:1
-AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:71AB47A086E86EEDF39D1C5BBA97C408:1
-AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0126141D67F37BE8538F5A8BE740E484:1
-# OFB-AES256.Decrypt 
-AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:DC7E84BFDA79164B7ECD8486985D3860:0
-AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:4FEBDC6740D20B3AC88F6AD82A4FB08D:0
-AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:71AB47A086E86EEDF39D1C5BBA97C408:0
-AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0126141D67F37BE8538F5A8BE740E484:0
-
-# DES ECB tests (from destest)
-
-DES-ECB:0000000000000000::0000000000000000:8CA64DE9C1B123A7
-DES-ECB:FFFFFFFFFFFFFFFF::FFFFFFFFFFFFFFFF:7359B2163E4EDC58
-DES-ECB:3000000000000000::1000000000000001:958E6E627A05557B
-DES-ECB:1111111111111111::1111111111111111:F40379AB9E0EC533
-DES-ECB:0123456789ABCDEF::1111111111111111:17668DFC7292532D
-DES-ECB:1111111111111111::0123456789ABCDEF:8A5AE1F81AB8F2DD
-DES-ECB:FEDCBA9876543210::0123456789ABCDEF:ED39D950FA74BCC4
-
-# DESX-CBC tests (from destest)
-DESX-CBC:0123456789abcdeff1e0d3c2b5a49786fedcba9876543210:fedcba9876543210:37363534333231204E6F77206973207468652074696D6520666F722000000000:846B2914851E9A2954732F8AA0A611C115CDC2D7951B1053A63C5E03B21AA3C4
-
-# DES EDE3 CBC tests (from destest)
-DES-EDE3-CBC:0123456789abcdeff1e0d3c2b5a49786fedcba9876543210:fedcba9876543210:37363534333231204E6F77206973207468652074696D6520666F722000000000:3FE301C962AC01D02213763C1CBD4CDC799657C064ECF5D41C673812CFDE9675
-
-# RC4 tests (from rc4test)
-RC4:0123456789abcdef0123456789abcdef::0123456789abcdef:75b7878099e0c596
-RC4:0123456789abcdef0123456789abcdef::0000000000000000:7494c2e7104b0879
-RC4:00000000000000000000000000000000::0000000000000000:de188941a3375d3a
-RC4:ef012345ef012345ef012345ef012345::0000000000000000000000000000000000000000:d6a141a7ec3c38dfbd615a1162e1c7ba36b67858
-RC4:0123456789abcdef0123456789abcdef::123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345678:66a0949f8af7d6891f7f832ba833c00c892ebe30143ce28740011ecf
-RC4:ef012345ef012345ef012345ef012345::00000000000000000000:d6a141a7ec3c38dfbd61
-
-
-# Camellia tests from RFC3713
-# For all ECB encrypts and decrypts, the transformed sequence is
-#   CAMELLIA-bits-ECB:key::plaintext:ciphertext:encdec
-CAMELLIA-128-ECB:0123456789abcdeffedcba9876543210::0123456789abcdeffedcba9876543210:67673138549669730857065648eabe43
-CAMELLIA-192-ECB:0123456789abcdeffedcba98765432100011223344556677::0123456789abcdeffedcba9876543210:b4993401b3e996f84ee5cee7d79b09b9
-CAMELLIA-256-ECB:0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff::0123456789abcdeffedcba9876543210:9acc237dff16d76c20ef7c919e3a7509
-
-# ECB-CAMELLIA128.Encrypt
-CAMELLIA-128-ECB:000102030405060708090A0B0C0D0E0F::00112233445566778899AABBCCDDEEFF:77CF412067AF8270613529149919546F:1
-CAMELLIA-192-ECB:000102030405060708090A0B0C0D0E0F1011121314151617::00112233445566778899AABBCCDDEEFF:B22F3C36B72D31329EEE8ADDC2906C68:1
-CAMELLIA-256-ECB:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F::00112233445566778899AABBCCDDEEFF:2EDF1F3418D53B88841FC8985FB1ECF2:1
-
-# ECB-CAMELLIA128.Encrypt and ECB-CAMELLIA128.Decrypt 
-CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::6BC1BEE22E409F96E93D7E117393172A:432FC5DCD628115B7C388D770B270C96
-CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::AE2D8A571E03AC9C9EB76FAC45AF8E51:0BE1F14023782A22E8384C5ABB7FAB2B
-CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::30C81C46A35CE411E5FBC1191A0A52EF:A0A1ABCD1893AB6FE0FE5B65DF5F8636
-CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::F69F2445DF4F9B17AD2B417BE66C3710:E61925E0D5DFAA9BB29F815B3076E51A
-
-# ECB-CAMELLIA192.Encrypt and ECB-CAMELLIA192.Decrypt 
-CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::6BC1BEE22E409F96E93D7E117393172A:CCCC6C4E138B45848514D48D0D3439D3
-CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::AE2D8A571E03AC9C9EB76FAC45AF8E51:5713C62C14B2EC0F8393B6AFD6F5785A
-CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::30C81C46A35CE411E5FBC1191A0A52EF:B40ED2B60EB54D09D030CF511FEEF366
-CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::F69F2445DF4F9B17AD2B417BE66C3710:909DBD95799096748CB27357E73E1D26
-
-# ECB-CAMELLIA256.Encrypt and ECB-CAMELLIA256.Decrypt 
-CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::6BC1BEE22E409F96E93D7E117393172A:BEFD219B112FA00098919CD101C9CCFA
-CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::AE2D8A571E03AC9C9EB76FAC45AF8E51:C91D3A8F1AEA08A9386CF4B66C0169EA
-CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::30C81C46A35CE411E5FBC1191A0A52EF:A623D711DC5F25A51BB8A80D56397D28
-CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::F69F2445DF4F9B17AD2B417BE66C3710:7960109FB6DC42947FCFE59EA3C5EB6B
-
-# For all CBC encrypts and decrypts, the transformed sequence is
-#   CAMELLIA-bits-CBC:key:IV/ciphertext':plaintext:ciphertext:encdec
-# CBC-CAMELLIA128.Encrypt and CBC-CAMELLIA128.Decrypt 
-CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:1607CF494B36BBF00DAEB0B503C831AB
-CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:1607CF494B36BBF00DAEB0B503C831AB:AE2D8A571E03AC9C9EB76FAC45AF8E51:A2F2CF671629EF7840C5A5DFB5074887
-CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:A2F2CF671629EF7840C5A5DFB5074887:30C81C46A35CE411E5FBC1191A0A52EF:0F06165008CF8B8B5A63586362543E54
-CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:36A84CDAFD5F9A85ADA0F0A993D6D577:F69F2445DF4F9B17AD2B417BE66C3710:74C64268CDB8B8FAF5B34E8AF3732980
-
-# CBC-CAMELLIA192.Encrypt and CBC-CAMELLIA192.Decrypt 
-CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:2A4830AB5AC4A1A2405955FD2195CF93
-CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:2A4830AB5AC4A1A2405955FD2195CF93:AE2D8A571E03AC9C9EB76FAC45AF8E51:5D5A869BD14CE54264F892A6DD2EC3D5
-CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:5D5A869BD14CE54264F892A6DD2EC3D5:30C81C46A35CE411E5FBC1191A0A52EF:37D359C3349836D884E310ADDF68C449
-CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:37D359C3349836D884E310ADDF68C449:F69F2445DF4F9B17AD2B417BE66C3710:01FAAA930B4AB9916E9668E1428C6B08
-
-# CBC-CAMELLIA256.Encrypt and CBC-CAMELLIA256.Decrypt 
-CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:E6CFA35FC02B134A4D2C0B6737AC3EDA
-CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E6CFA35FC02B134A4D2C0B6737AC3EDA:AE2D8A571E03AC9C9EB76FAC45AF8E51:36CBEB73BD504B4070B1B7DE2B21EB50
-CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:36CBEB73BD504B4070B1B7DE2B21EB50:30C81C46A35CE411E5FBC1191A0A52EF:E31A6055297D96CA3330CDF1B1860A83
-CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E31A6055297D96CA3330CDF1B1860A83:F69F2445DF4F9B17AD2B417BE66C3710:5D563F6D1CCCF236051C0C5C1C58F28F
-
-# We don't support CFB{1,8}-CAMELLIAxxx.{En,De}crypt
-# For all CFB128 encrypts and decrypts, the transformed sequence is
-#   CAMELLIA-bits-CFB:key:IV/ciphertext':plaintext:ciphertext:encdec
-# CFB128-CAMELLIA128.Encrypt 
-CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:1
-CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:14F7646187817EB586599146B82BD719:AE2D8A571E03AC9C9EB76FAC45AF8E51:A53D28BB82DF741103EA4F921A44880B:1
-CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:A53D28BB82DF741103EA4F921A44880B:30C81C46A35CE411E5FBC1191A0A52EF:9C2157A664626D1DEF9EA420FDE69B96:1
-CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:9C2157A664626D1DEF9EA420FDE69B96:F69F2445DF4F9B17AD2B417BE66C3710:742A25F0542340C7BAEF24CA8482BB09:1
-
-# CFB128-CAMELLIA128.Decrypt 
-CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:0
-CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:14F7646187817EB586599146B82BD719:AE2D8A571E03AC9C9EB76FAC45AF8E51:A53D28BB82DF741103EA4F921A44880B:0
-CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:A53D28BB82DF741103EA4F921A44880B:30C81C46A35CE411E5FBC1191A0A52EF:9C2157A664626D1DEF9EA420FDE69B96:0
-CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:9C2157A664626D1DEF9EA420FDE69B96:F69F2445DF4F9B17AD2B417BE66C3710:742A25F0542340C7BAEF24CA8482BB09:0
-
-# CFB128-CAMELLIA192.Encrypt
-CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:1
-CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:C832BB9780677DAA82D9B6860DCD565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:86F8491627906D780C7A6D46EA331F98:1
-CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:86F8491627906D780C7A6D46EA331F98:30C81C46A35CE411E5FBC1191A0A52EF:69511CCE594CF710CB98BB63D7221F01:1
-CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:69511CCE594CF710CB98BB63D7221F01:F69F2445DF4F9B17AD2B417BE66C3710:D5B5378A3ABED55803F25565D8907B84:1
-
-# CFB128-CAMELLIA192.Decrypt
-CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:0
-CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:C832BB9780677DAA82D9B6860DCD565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:86F8491627906D780C7A6D46EA331F98:0
-CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:86F8491627906D780C7A6D46EA331F98:30C81C46A35CE411E5FBC1191A0A52EF:69511CCE594CF710CB98BB63D7221F01:0
-CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:69511CCE594CF710CB98BB63D7221F01:F69F2445DF4F9B17AD2B417BE66C3710:D5B5378A3ABED55803F25565D8907B84:0
-
-# CFB128-CAMELLIA256.Encrypt 
-CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:1
-CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:CF6107BB0CEA7D7FB1BD31F5E7B06C93:AE2D8A571E03AC9C9EB76FAC45AF8E51:89BEDB4CCDD864EA11BA4CBE849B5E2B:1
-CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:89BEDB4CCDD864EA11BA4CBE849B5E2B:30C81C46A35CE411E5FBC1191A0A52EF:555FC3F34BDD2D54C62D9E3BF338C1C4:1
-CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:555FC3F34BDD2D54C62D9E3BF338C1C4:F69F2445DF4F9B17AD2B417BE66C3710:5953ADCE14DB8C7F39F1BD39F359BFFA:1
-
-# CFB128-CAMELLIA256.Decrypt 
-CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:0
-CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:CF6107BB0CEA7D7FB1BD31F5E7B06C93:AE2D8A571E03AC9C9EB76FAC45AF8E51:89BEDB4CCDD864EA11BA4CBE849B5E2B:0
-CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:89BEDB4CCDD864EA11BA4CBE849B5E2B:30C81C46A35CE411E5FBC1191A0A52EF:555FC3F34BDD2D54C62D9E3BF338C1C4:0
-CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:555FC3F34BDD2D54C62D9E3BF338C1C4:F69F2445DF4F9B17AD2B417BE66C3710:5953ADCE14DB8C7F39F1BD39F359BFFA:0
-
-# For all OFB encrypts and decrypts, the transformed sequence is
-#   CAMELLIA-bits-OFB:key:IV/output':plaintext:ciphertext:encdec
-# OFB-CAMELLIA128.Encrypt 
-CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:1
-CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:25623DB569CA51E01482649977E28D84:1
-CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:C776634A60729DC657D12B9FCA801E98:1
-CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:D776379BE0E50825E681DA1A4C980E8E:1
-
-# OFB-CAMELLIA128.Decrypt 
-CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:0
-CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:25623DB569CA51E01482649977E28D84:0
-CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:C776634A60729DC657D12B9FCA801E98:0
-CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:D776379BE0E50825E681DA1A4C980E8E:0
-
-# OFB-CAMELLIA192.Encrypt 
-CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:1
-CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:8ECEB7D0350D72C7F78562AEBDF99339:1
-CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:BDD62DBBB9700846C53B507F544696F0:1
-CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:E28014E046B802F385C4C2E13EAD4A72:1
-
-# OFB-CAMELLIA192.Decrypt 
-CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:0
-CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:8ECEB7D0350D72C7F78562AEBDF99339:0
-CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:BDD62DBBB9700846C53B507F544696F0:0
-CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:E28014E046B802F385C4C2E13EAD4A72:0
-
-# OFB-CAMELLIA256.Encrypt 
-CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:1
-CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:127AD97E8E3994E4820027D7BA109368:1
-CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:6BFF6265A6A6B7A535BC65A80B17214E:1
-CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0A4A0404E26AA78A27CB271E8BF3CF20:1
-
-# OFB-CAMELLIA256.Decrypt 
-CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:0
-CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:127AD97E8E3994E4820027D7BA109368:0
-CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:6BFF6265A6A6B7A535BC65A80B17214E:0
-CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0A4A0404E26AA78A27CB271E8BF3CF20:0
-
-# SEED test vectors from RFC4269
-SEED-ECB:00000000000000000000000000000000::000102030405060708090A0B0C0D0E0F:5EBAC6E0054E166819AFF1CC6D346CDB:0
-SEED-ECB:000102030405060708090A0B0C0D0E0F::00000000000000000000000000000000:C11F22F20140505084483597E4370F43:0
-SEED-ECB:4706480851E61BE85D74BFB3FD956185::83A2F8A288641FB9A4E9A5CC2F131C7D:EE54D13EBCAE706D226BC3142CD40D4A:0
-SEED-ECB:28DBC3BC49FFD87DCFA509B11D422BE7::B41E6BE2EBA84A148E2EED84593C5EC7:9B9B7BFCD1813CB95D0B3618F40F5122:0
-SEED-ECB:00000000000000000000000000000000::000102030405060708090A0B0C0D0E0F:5EBAC6E0054E166819AFF1CC6D346CDB:1
-SEED-ECB:000102030405060708090A0B0C0D0E0F::00000000000000000000000000000000:C11F22F20140505084483597E4370F43:1
-SEED-ECB:4706480851E61BE85D74BFB3FD956185::83A2F8A288641FB9A4E9A5CC2F131C7D:EE54D13EBCAE706D226BC3142CD40D4A:1
-SEED-ECB:28DBC3BC49FFD87DCFA509B11D422BE7::B41E6BE2EBA84A148E2EED84593C5EC7:9B9B7BFCD1813CB95D0B3618F40F5122:1
diff --git a/deps/openssl/openssl/test/exptest.c b/deps/openssl/openssl/test/exptest.c
deleted file mode 120000
index 50ccf71cbb7..00000000000
--- a/deps/openssl/openssl/test/exptest.c
+++ /dev/null
@@ -1 +0,0 @@
-../crypto/bn/exptest.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/fips_aesavs.c b/deps/openssl/openssl/test/fips_aesavs.c
deleted file mode 120000
index 7d9da0e8856..00000000000
--- a/deps/openssl/openssl/test/fips_aesavs.c
+++ /dev/null
@@ -1 +0,0 @@
-../fips/aes/fips_aesavs.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/fips_desmovs.c b/deps/openssl/openssl/test/fips_desmovs.c
deleted file mode 120000
index dd74966b06b..00000000000
--- a/deps/openssl/openssl/test/fips_desmovs.c
+++ /dev/null
@@ -1 +0,0 @@
-../fips/des/fips_desmovs.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/fips_dsatest.c b/deps/openssl/openssl/test/fips_dsatest.c
deleted file mode 120000
index e43b79b16dc..00000000000
--- a/deps/openssl/openssl/test/fips_dsatest.c
+++ /dev/null
@@ -1 +0,0 @@
-../fips/dsa/fips_dsatest.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/fips_dssvs.c b/deps/openssl/openssl/test/fips_dssvs.c
deleted file mode 120000
index 93e05e687fd..00000000000
--- a/deps/openssl/openssl/test/fips_dssvs.c
+++ /dev/null
@@ -1 +0,0 @@
-../fips/dsa/fips_dssvs.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/fips_hmactest.c b/deps/openssl/openssl/test/fips_hmactest.c
deleted file mode 120000
index b674d16df59..00000000000
--- a/deps/openssl/openssl/test/fips_hmactest.c
+++ /dev/null
@@ -1 +0,0 @@
-../fips/hmac/fips_hmactest.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/fips_randtest.c b/deps/openssl/openssl/test/fips_randtest.c
deleted file mode 120000
index 8b8f4863bf0..00000000000
--- a/deps/openssl/openssl/test/fips_randtest.c
+++ /dev/null
@@ -1 +0,0 @@
-../fips/rand/fips_randtest.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/fips_rngvs.c b/deps/openssl/openssl/test/fips_rngvs.c
deleted file mode 120000
index 0d6c9be190a..00000000000
--- a/deps/openssl/openssl/test/fips_rngvs.c
+++ /dev/null
@@ -1 +0,0 @@
-../fips/rand/fips_rngvs.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/fips_rsagtest.c b/deps/openssl/openssl/test/fips_rsagtest.c
deleted file mode 120000
index 3ed6b5186ba..00000000000
--- a/deps/openssl/openssl/test/fips_rsagtest.c
+++ /dev/null
@@ -1 +0,0 @@
-../fips/rsa/fips_rsagtest.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/fips_rsastest.c b/deps/openssl/openssl/test/fips_rsastest.c
deleted file mode 120000
index 2a5f8b0280d..00000000000
--- a/deps/openssl/openssl/test/fips_rsastest.c
+++ /dev/null
@@ -1 +0,0 @@
-../fips/rsa/fips_rsastest.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/fips_rsavtest.c b/deps/openssl/openssl/test/fips_rsavtest.c
deleted file mode 120000
index f45aa58a8b7..00000000000
--- a/deps/openssl/openssl/test/fips_rsavtest.c
+++ /dev/null
@@ -1 +0,0 @@
-../fips/rsa/fips_rsavtest.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/fips_shatest.c b/deps/openssl/openssl/test/fips_shatest.c
deleted file mode 120000
index 67c47caba4b..00000000000
--- a/deps/openssl/openssl/test/fips_shatest.c
+++ /dev/null
@@ -1 +0,0 @@
-../fips/sha/fips_shatest.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/fips_test_suite.c b/deps/openssl/openssl/test/fips_test_suite.c
deleted file mode 120000
index b538efa4281..00000000000
--- a/deps/openssl/openssl/test/fips_test_suite.c
+++ /dev/null
@@ -1 +0,0 @@
-../fips/fips_test_suite.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/hmactest.c b/deps/openssl/openssl/test/hmactest.c
deleted file mode 120000
index 353ee2c7f98..00000000000
--- a/deps/openssl/openssl/test/hmactest.c
+++ /dev/null
@@ -1 +0,0 @@
-../crypto/hmac/hmactest.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/ideatest.c b/deps/openssl/openssl/test/ideatest.c
deleted file mode 120000
index a9bfb3d4804..00000000000
--- a/deps/openssl/openssl/test/ideatest.c
+++ /dev/null
@@ -1 +0,0 @@
-../crypto/idea/ideatest.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/igetest.c b/deps/openssl/openssl/test/igetest.c
deleted file mode 100644
index 1ba900244de..00000000000
--- a/deps/openssl/openssl/test/igetest.c
+++ /dev/null
@@ -1,503 +0,0 @@
-/* test/igetest.c -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include 
-#include 
-#include 
-#include 
-#include 
-
-#define TEST_SIZE	128
-#define BIG_TEST_SIZE 10240
-
-static void hexdump(FILE *f,const char *title,const unsigned char *s,int l)
-    {
-    int n=0;
-
-    fprintf(f,"%s",title);
-    for( ; n < l ; ++n)
-		{
-		if((n%16) == 0)
-			fprintf(f,"\n%04x",n);
-		fprintf(f," %02x",s[n]);
-		}
-    fprintf(f,"\n");
-    }
-
-#define MAX_VECTOR_SIZE	64
-
-struct ige_test
-	{
-	const unsigned char key[16];
-	const unsigned char iv[32];
-	const unsigned char in[MAX_VECTOR_SIZE];
-	const unsigned char out[MAX_VECTOR_SIZE];
-	const size_t length;
-	const int encrypt;
-	};
-
-static struct ige_test const ige_test_vectors[] = {
-{ { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
-    0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, /* key */
-  { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
-    0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
-    0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
-    0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f }, /* iv */
-  { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, /* in */
-  { 0x1a, 0x85, 0x19, 0xa6, 0x55, 0x7b, 0xe6, 0x52,
-    0xe9, 0xda, 0x8e, 0x43, 0xda, 0x4e, 0xf4, 0x45,
-    0x3c, 0xf4, 0x56, 0xb4, 0xca, 0x48, 0x8a, 0xa3,
-    0x83, 0xc7, 0x9c, 0x98, 0xb3, 0x47, 0x97, 0xcb }, /* out */
-  32, AES_ENCRYPT }, /* test vector 0 */
-
-{ { 0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20,
-    0x61, 0x6e, 0x20, 0x69, 0x6d, 0x70, 0x6c, 0x65 }, /* key */
-  { 0x6d, 0x65, 0x6e, 0x74, 0x61, 0x74, 0x69, 0x6f,
-    0x6e, 0x20, 0x6f, 0x66, 0x20, 0x49, 0x47, 0x45,
-    0x20, 0x6d, 0x6f, 0x64, 0x65, 0x20, 0x66, 0x6f,
-    0x72, 0x20, 0x4f, 0x70, 0x65, 0x6e, 0x53, 0x53 }, /* iv */
-  { 0x4c, 0x2e, 0x20, 0x4c, 0x65, 0x74, 0x27, 0x73,
-    0x20, 0x68, 0x6f, 0x70, 0x65, 0x20, 0x42, 0x65,
-    0x6e, 0x20, 0x67, 0x6f, 0x74, 0x20, 0x69, 0x74,
-    0x20, 0x72, 0x69, 0x67, 0x68, 0x74, 0x21, 0x0a }, /* in */
-  { 0x99, 0x70, 0x64, 0x87, 0xa1, 0xcd, 0xe6, 0x13,
-    0xbc, 0x6d, 0xe0, 0xb6, 0xf2, 0x4b, 0x1c, 0x7a,
-    0xa4, 0x48, 0xc8, 0xb9, 0xc3, 0x40, 0x3e, 0x34,
-    0x67, 0xa8, 0xca, 0xd8, 0x93, 0x40, 0xf5, 0x3b }, /* out */
-  32, AES_DECRYPT }, /* test vector 1 */
-};
-
-struct bi_ige_test
-	{
-	const unsigned char key1[32];
-	const unsigned char key2[32];
-	const unsigned char iv[64];
-	const unsigned char in[MAX_VECTOR_SIZE];
-	const unsigned char out[MAX_VECTOR_SIZE];
-	const size_t keysize;
-	const size_t length;
-	const int encrypt;
-	};
-
-static struct bi_ige_test const bi_ige_test_vectors[] = {
-{ { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
-    0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, /* key1 */
-  { 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
-    0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f }, /* key2 */
-  { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
-    0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
-    0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
-    0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
-    0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
-    0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
-    0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
-    0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f }, /* iv */
-  { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, /* in */
-  { 0x14, 0x40, 0x6f, 0xae, 0xa2, 0x79, 0xf2, 0x56,
-	0x1f, 0x86, 0xeb, 0x3b, 0x7d, 0xff, 0x53, 0xdc,
-	0x4e, 0x27, 0x0c, 0x03, 0xde, 0x7c, 0xe5, 0x16,
-	0x6a, 0x9c, 0x20, 0x33, 0x9d, 0x33, 0xfe, 0x12 }, /* out */
-  16, 32, AES_ENCRYPT }, /* test vector 0 */
-{ { 0x58, 0x0a, 0x06, 0xe9, 0x97, 0x07, 0x59, 0x5c,
-	0x9e, 0x19, 0xd2, 0xa7, 0xbb, 0x40, 0x2b, 0x7a,
-	0xc7, 0xd8, 0x11, 0x9e, 0x4c, 0x51, 0x35, 0x75,
-	0x64, 0x28, 0x0f, 0x23, 0xad, 0x74, 0xac, 0x37 }, /* key1 */
-  { 0xd1, 0x80, 0xa0, 0x31, 0x47, 0xa3, 0x11, 0x13,
-	0x86, 0x26, 0x9e, 0x6d, 0xff, 0xaf, 0x72, 0x74,
-	0x5b, 0xa2, 0x35, 0x81, 0xd2, 0xa6, 0x3d, 0x21,
-	0x67, 0x7b, 0x58, 0xa8, 0x18, 0xf9, 0x72, 0xe4 }, /* key2 */
-  { 0x80, 0x3d, 0xbd, 0x4c, 0xe6, 0x7b, 0x06, 0xa9,
-	0x53, 0x35, 0xd5, 0x7e, 0x71, 0xc1, 0x70, 0x70,
-	0x74, 0x9a, 0x00, 0x28, 0x0c, 0xbf, 0x6c, 0x42,
-	0x9b, 0xa4, 0xdd, 0x65, 0x11, 0x77, 0x7c, 0x67,
-	0xfe, 0x76, 0x0a, 0xf0, 0xd5, 0xc6, 0x6e, 0x6a,
-	0xe7, 0x5e, 0x4c, 0xf2, 0x7e, 0x9e, 0xf9, 0x20,
-	0x0e, 0x54, 0x6f, 0x2d, 0x8a, 0x8d, 0x7e, 0xbd,
-	0x48, 0x79, 0x37, 0x99, 0xff, 0x27, 0x93, 0xa3 }, /* iv */
-  { 0xf1, 0x54, 0x3d, 0xca, 0xfe, 0xb5, 0xef, 0x1c,
-	0x4f, 0xa6, 0x43, 0xf6, 0xe6, 0x48, 0x57, 0xf0,
-	0xee, 0x15, 0x7f, 0xe3, 0xe7, 0x2f, 0xd0, 0x2f,
-	0x11, 0x95, 0x7a, 0x17, 0x00, 0xab, 0xa7, 0x0b,
-	0xbe, 0x44, 0x09, 0x9c, 0xcd, 0xac, 0xa8, 0x52,
-	0xa1, 0x8e, 0x7b, 0x75, 0xbc, 0xa4, 0x92, 0x5a,
-	0xab, 0x46, 0xd3, 0x3a, 0xa0, 0xd5, 0x35, 0x1c,
-	0x55, 0xa4, 0xb3, 0xa8, 0x40, 0x81, 0xa5, 0x0b}, /* in */
-  { 0x42, 0xe5, 0x28, 0x30, 0x31, 0xc2, 0xa0, 0x23,
-	0x68, 0x49, 0x4e, 0xb3, 0x24, 0x59, 0x92, 0x79,
-	0xc1, 0xa5, 0xcc, 0xe6, 0x76, 0x53, 0xb1, 0xcf,
-	0x20, 0x86, 0x23, 0xe8, 0x72, 0x55, 0x99, 0x92,
-	0x0d, 0x16, 0x1c, 0x5a, 0x2f, 0xce, 0xcb, 0x51,
-	0xe2, 0x67, 0xfa, 0x10, 0xec, 0xcd, 0x3d, 0x67,
-	0xa5, 0xe6, 0xf7, 0x31, 0x26, 0xb0, 0x0d, 0x76,
-	0x5e, 0x28, 0xdc, 0x7f, 0x01, 0xc5, 0xa5, 0x4c}, /* out */
-  32, 64, AES_ENCRYPT }, /* test vector 1 */
-
-};
-
-static int run_test_vectors(void)
-	{
-	unsigned int n;
-	int errs = 0;
-
-	for(n=0 ; n < sizeof(ige_test_vectors)/sizeof(ige_test_vectors[0]) ; ++n)
-		{
-		const struct ige_test * const v = &ige_test_vectors[n];
-		AES_KEY key;
-		unsigned char buf[MAX_VECTOR_SIZE];
-		unsigned char iv[AES_BLOCK_SIZE*2];
-
-		assert(v->length <= MAX_VECTOR_SIZE);
-
-		if(v->encrypt == AES_ENCRYPT)
-			AES_set_encrypt_key(v->key, 8*sizeof v->key, &key);
-		else
-			AES_set_decrypt_key(v->key, 8*sizeof v->key, &key);
-		memcpy(iv, v->iv, sizeof iv);
-		AES_ige_encrypt(v->in, buf, v->length, &key, iv, v->encrypt);
-
-		if(memcmp(v->out, buf, v->length))
-			{
-			printf("IGE test vector %d failed\n", n);
-			hexdump(stdout, "key", v->key, sizeof v->key);
-			hexdump(stdout, "iv", v->iv, sizeof v->iv);
-			hexdump(stdout, "in", v->in, v->length);
-			hexdump(stdout, "expected", v->out, v->length);
-			hexdump(stdout, "got", buf, v->length);
-
-			++errs;
-			}
-
-                /* try with in == out */
-		memcpy(iv, v->iv, sizeof iv);
-                memcpy(buf, v->in, v->length);
-		AES_ige_encrypt(buf, buf, v->length, &key, iv, v->encrypt);
-
-		if(memcmp(v->out, buf, v->length))
-			{
-			printf("IGE test vector %d failed (with in == out)\n", n);
-			hexdump(stdout, "key", v->key, sizeof v->key);
-			hexdump(stdout, "iv", v->iv, sizeof v->iv);
-			hexdump(stdout, "in", v->in, v->length);
-			hexdump(stdout, "expected", v->out, v->length);
-			hexdump(stdout, "got", buf, v->length);
-
-			++errs;
-			}
-		}
-
-	for(n=0 ; n < sizeof(bi_ige_test_vectors)/sizeof(bi_ige_test_vectors[0])
-			; ++n)
-		{
-		const struct bi_ige_test * const v = &bi_ige_test_vectors[n];
-		AES_KEY key1;
-		AES_KEY key2;
-		unsigned char buf[MAX_VECTOR_SIZE];
-
-		assert(v->length <= MAX_VECTOR_SIZE);
-
-		if(v->encrypt == AES_ENCRYPT)
-			{
-			AES_set_encrypt_key(v->key1, 8*v->keysize, &key1);
-			AES_set_encrypt_key(v->key2, 8*v->keysize, &key2);
-			}
-		else
-			{
-			AES_set_decrypt_key(v->key1, 8*v->keysize, &key1);
-			AES_set_decrypt_key(v->key2, 8*v->keysize, &key2);
-			}
-
-		AES_bi_ige_encrypt(v->in, buf, v->length, &key1, &key2, v->iv,
-						   v->encrypt);
-
-		if(memcmp(v->out, buf, v->length))
-			{
-			printf("Bidirectional IGE test vector %d failed\n", n);
-			hexdump(stdout, "key 1", v->key1, sizeof v->key1);
-			hexdump(stdout, "key 2", v->key2, sizeof v->key2);
-			hexdump(stdout, "iv", v->iv, sizeof v->iv);
-			hexdump(stdout, "in", v->in, v->length);
-			hexdump(stdout, "expected", v->out, v->length);
-			hexdump(stdout, "got", buf, v->length);
-
-			++errs;
-			}
-		}
-
-	return errs;
-	}
-
-int main(int argc, char **argv)
-	{
-	unsigned char rkey[16];
-	unsigned char rkey2[16];
-	AES_KEY key;
-	AES_KEY key2;
-	unsigned char plaintext[BIG_TEST_SIZE];
-	unsigned char ciphertext[BIG_TEST_SIZE];
-	unsigned char checktext[BIG_TEST_SIZE];
-	unsigned char iv[AES_BLOCK_SIZE*4];
-	unsigned char saved_iv[AES_BLOCK_SIZE*4];
-	int err = 0;
-	unsigned int n;
-	unsigned matches;
-
-	assert(BIG_TEST_SIZE >= TEST_SIZE);
-
-	RAND_pseudo_bytes(rkey, sizeof rkey);
-	RAND_pseudo_bytes(plaintext, sizeof plaintext);
-	RAND_pseudo_bytes(iv, sizeof iv);
-	memcpy(saved_iv, iv, sizeof saved_iv);
-
-	/* Forward IGE only... */
-
-	/* Straight encrypt/decrypt */
-	AES_set_encrypt_key(rkey, 8*sizeof rkey, &key);
-	AES_ige_encrypt(plaintext, ciphertext, TEST_SIZE, &key, iv,
-					AES_ENCRYPT);
-
-	AES_set_decrypt_key(rkey, 8*sizeof rkey, &key);
-	memcpy(iv, saved_iv, sizeof iv);
-	AES_ige_encrypt(ciphertext, checktext, TEST_SIZE, &key, iv,
-					AES_DECRYPT);
-
-	if(memcmp(checktext, plaintext, TEST_SIZE))
-		{
-		printf("Encrypt+decrypt doesn't match\n");
-		hexdump(stdout, "Plaintext", plaintext, TEST_SIZE);
-		hexdump(stdout, "Checktext", checktext, TEST_SIZE);
-		++err;
-		}
-
-	/* Now check encrypt chaining works */
-	AES_set_encrypt_key(rkey, 8*sizeof rkey, &key);
-	memcpy(iv, saved_iv, sizeof iv);
-	AES_ige_encrypt(plaintext, ciphertext, TEST_SIZE/2, &key, iv,
-					AES_ENCRYPT);
-	AES_ige_encrypt(plaintext+TEST_SIZE/2,
-					ciphertext+TEST_SIZE/2, TEST_SIZE/2,
-					&key, iv, AES_ENCRYPT);
-
-	AES_set_decrypt_key(rkey, 8*sizeof rkey, &key);
-	memcpy(iv, saved_iv, sizeof iv);
-	AES_ige_encrypt(ciphertext, checktext, TEST_SIZE, &key, iv,
-					AES_DECRYPT);
-
-	if(memcmp(checktext, plaintext, TEST_SIZE))
-		{
-		printf("Chained encrypt+decrypt doesn't match\n");
-		hexdump(stdout, "Plaintext", plaintext, TEST_SIZE);
-		hexdump(stdout, "Checktext", checktext, TEST_SIZE);
-		++err;
-		}
-
-	/* And check decrypt chaining */
-	AES_set_encrypt_key(rkey, 8*sizeof rkey, &key);
-	memcpy(iv, saved_iv, sizeof iv);
-	AES_ige_encrypt(plaintext, ciphertext, TEST_SIZE/2, &key, iv,
-					AES_ENCRYPT);
-	AES_ige_encrypt(plaintext+TEST_SIZE/2,
-					ciphertext+TEST_SIZE/2, TEST_SIZE/2,
-					&key, iv, AES_ENCRYPT);
-
-	AES_set_decrypt_key(rkey, 8*sizeof rkey, &key);
-	memcpy(iv, saved_iv, sizeof iv);
-	AES_ige_encrypt(ciphertext, checktext, TEST_SIZE/2, &key, iv,
-					AES_DECRYPT);
-	AES_ige_encrypt(ciphertext+TEST_SIZE/2,
-					checktext+TEST_SIZE/2, TEST_SIZE/2, &key, iv,
-					AES_DECRYPT);
-
-	if(memcmp(checktext, plaintext, TEST_SIZE))
-		{
-		printf("Chained encrypt+chained decrypt doesn't match\n");
-		hexdump(stdout, "Plaintext", plaintext, TEST_SIZE);
-		hexdump(stdout, "Checktext", checktext, TEST_SIZE);
-		++err;
-		}
-
-	/* make sure garble extends forwards only */
-	AES_set_encrypt_key(rkey, 8*sizeof rkey, &key);
-	memcpy(iv, saved_iv, sizeof iv);
-	AES_ige_encrypt(plaintext, ciphertext, sizeof plaintext, &key, iv,
-					AES_ENCRYPT);
-
-	/* corrupt halfway through */
-	++ciphertext[sizeof ciphertext/2];
-	AES_set_decrypt_key(rkey, 8*sizeof rkey, &key);
-	memcpy(iv, saved_iv, sizeof iv);
-	AES_ige_encrypt(ciphertext, checktext, sizeof checktext, &key, iv,
-					AES_DECRYPT);
-
-	matches=0;
-	for(n=0 ; n < sizeof checktext ; ++n)
-		if(checktext[n] == plaintext[n])
-			++matches;
-
-	if(matches > sizeof checktext/2+sizeof checktext/100)
-		{
-		printf("More than 51%% matches after garbling\n");
-		++err;
-		}
-
-	if(matches < sizeof checktext/2)
-		{
-		printf("Garble extends backwards!\n");
-		++err;
-		}
-
-	/* Bi-directional IGE */
-
-	/* Note that we don't have to recover the IV, because chaining isn't */
-	/* possible with biIGE, so the IV is not updated. */
-
-	RAND_pseudo_bytes(rkey2, sizeof rkey2);
-
-	/* Straight encrypt/decrypt */
-	AES_set_encrypt_key(rkey, 8*sizeof rkey, &key);
-	AES_set_encrypt_key(rkey2, 8*sizeof rkey2, &key2);
-	AES_bi_ige_encrypt(plaintext, ciphertext, TEST_SIZE, &key, &key2, iv,
-					   AES_ENCRYPT);
-
-	AES_set_decrypt_key(rkey, 8*sizeof rkey, &key);
-	AES_set_decrypt_key(rkey2, 8*sizeof rkey2, &key2);
-	AES_bi_ige_encrypt(ciphertext, checktext, TEST_SIZE, &key, &key2, iv,
-					   AES_DECRYPT);
-
-	if(memcmp(checktext, plaintext, TEST_SIZE))
-		{
-		printf("Encrypt+decrypt doesn't match\n");
-		hexdump(stdout, "Plaintext", plaintext, TEST_SIZE);
-		hexdump(stdout, "Checktext", checktext, TEST_SIZE);
-		++err;
-		}
-
-	/* make sure garble extends both ways */
-	AES_set_encrypt_key(rkey, 8*sizeof rkey, &key);
-	AES_set_encrypt_key(rkey2, 8*sizeof rkey2, &key2);
-	AES_ige_encrypt(plaintext, ciphertext, sizeof plaintext, &key, iv,
-					AES_ENCRYPT);
-
-	/* corrupt halfway through */
-	++ciphertext[sizeof ciphertext/2];
-	AES_set_decrypt_key(rkey, 8*sizeof rkey, &key);
-	AES_set_decrypt_key(rkey2, 8*sizeof rkey2, &key2);
-	AES_ige_encrypt(ciphertext, checktext, sizeof checktext, &key, iv,
-					AES_DECRYPT);
-
-	matches=0;
-	for(n=0 ; n < sizeof checktext ; ++n)
-		if(checktext[n] == plaintext[n])
-			++matches;
-
-	if(matches > sizeof checktext/100)
-		{
-		printf("More than 1%% matches after bidirectional garbling\n");
-		++err;
-		}
-
-	/* make sure garble extends both ways (2) */
-	AES_set_encrypt_key(rkey, 8*sizeof rkey, &key);
-	AES_set_encrypt_key(rkey2, 8*sizeof rkey2, &key2);
-	AES_ige_encrypt(plaintext, ciphertext, sizeof plaintext, &key, iv,
-					AES_ENCRYPT);
-
-	/* corrupt right at the end */
-	++ciphertext[sizeof ciphertext-1];
-	AES_set_decrypt_key(rkey, 8*sizeof rkey, &key);
-	AES_set_decrypt_key(rkey2, 8*sizeof rkey2, &key2);
-	AES_ige_encrypt(ciphertext, checktext, sizeof checktext, &key, iv,
-					AES_DECRYPT);
-
-	matches=0;
-	for(n=0 ; n < sizeof checktext ; ++n)
-		if(checktext[n] == plaintext[n])
-			++matches;
-
-	if(matches > sizeof checktext/100)
-		{
-		printf("More than 1%% matches after bidirectional garbling (2)\n");
-		++err;
-		}
-
-	/* make sure garble extends both ways (3) */
-	AES_set_encrypt_key(rkey, 8*sizeof rkey, &key);
-	AES_set_encrypt_key(rkey2, 8*sizeof rkey2, &key2);
-	AES_ige_encrypt(plaintext, ciphertext, sizeof plaintext, &key, iv,
-					AES_ENCRYPT);
-
-	/* corrupt right at the start */
-	++ciphertext[0];
-	AES_set_decrypt_key(rkey, 8*sizeof rkey, &key);
-	AES_set_decrypt_key(rkey2, 8*sizeof rkey2, &key2);
-	AES_ige_encrypt(ciphertext, checktext, sizeof checktext, &key, iv,
-					AES_DECRYPT);
-
-	matches=0;
-	for(n=0 ; n < sizeof checktext ; ++n)
-		if(checktext[n] == plaintext[n])
-			++matches;
-
-	if(matches > sizeof checktext/100)
-		{
-		printf("More than 1%% matches after bidirectional garbling (3)\n");
-		++err;
-		}
-
-	err += run_test_vectors();
-
-	return err;
-	}
diff --git a/deps/openssl/openssl/test/jpaketest.c b/deps/openssl/openssl/test/jpaketest.c
deleted file mode 120000
index 49f44f8b69e..00000000000
--- a/deps/openssl/openssl/test/jpaketest.c
+++ /dev/null
@@ -1 +0,0 @@
-dummytest.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/maketests.com b/deps/openssl/openssl/test/maketests.com
deleted file mode 100644
index 386e5cf3c16..00000000000
--- a/deps/openssl/openssl/test/maketests.com
+++ /dev/null
@@ -1,1085 +0,0 @@
-$!
-$!  MAKETESTS.COM
-$!  Written By:  Robert Byer
-$!               Vice-President
-$!               A-Com Computing, Inc.
-$!               byer@mail.all-net.net
-$!
-$!  Changes by Richard Levitte 
-$!
-$!  This command files compiles and creates all the various different
-$!  "test" programs for the different types of encryption for OpenSSL.
-$!  It was written so it would try to determine what "C" compiler to
-$!  use or you can specify which "C" compiler to use.
-$!
-$!  The test "executables" will be placed in a directory called
-$!  [.xxx.EXE.TEST] where "xxx" denotes ALPHA, IA64, or VAX, depending
-$!  on your machine architecture.
-$!
-$!  Specify DEBUG or NODEBUG P1 to compile with or without debugger
-$!  information.
-$!
-$!  Specify which compiler at P2 to try to compile under.
-$!
-$!	   VAXC	 For VAX C.
-$!	   DECC	 For DEC C.
-$!	   GNUC	 For GNU C.
-$!
-$!  If you don't specify a compiler, it will try to determine which
-$!  "C" compiler to use.
-$!
-$!  P3, if defined, sets a TCP/IP library to use, through one of the following
-$!  keywords:
-$!
-$!	UCX		for UCX
-$!	SOCKETSHR	for SOCKETSHR+NETLIB
-$!
-$!  P4, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up)
-$!
-$!
-$!  P5, if defined, specifies the C pointer size.  Ignored on VAX.
-$!      ("64=ARGV" gives more efficient code with HP C V7.3 or newer.)
-$!      Supported values are:
-$!
-$!      ""       Compile with default (/NOPOINTER_SIZE)
-$!      32       Compile with /POINTER_SIZE=32 (SHORT)
-$!      64       Compile with /POINTER_SIZE=64[=ARGV] (LONG[=ARGV])
-$!               (Automatically select ARGV if compiler supports it.)
-$!      64=      Compile with /POINTER_SIZE=64 (LONG).
-$!      64=ARGV  Compile with /POINTER_SIZE=64=ARGV (LONG=ARGV).
-$!
-$!  P6, if defined, specifies a directory where ZLIB files (zlib.h,
-$!  libz.olb) may be found.  Optionally, a non-default object library
-$!  name may be included ("dev:[dir]libz_64.olb", for example).
-$!
-$!
-$! Announce/identify.
-$!
-$ proc = f$environment( "procedure")
-$ write sys$output "@@@ "+ -
-   f$parse( proc, , , "name")+ f$parse( proc, , , "type")
-$!
-$! Define A TCP/IP Library That We Will Need To Link To.
-$! (That is, If We Need To Link To One.)
-$!
-$ TCPIP_LIB = ""
-$ ZLIB_LIB = ""
-$!
-$! Check Which Architecture We Are Using.
-$!
-$ if (f$getsyi( "cpu") .lt. 128)
-$ then
-$    ARCH = "VAX"
-$ else
-$    ARCH = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
-$    if (ARCH .eqs. "") then ARCH = "UNK"
-$ endif
-$!
-$ ARCHD = ARCH
-$ LIB32 = "32"
-$ OPT_FILE = ""
-$ POINTER_SIZE = ""
-$!
-$! Check To Make Sure We Have Valid Command Line Parameters.
-$!
-$ GOSUB CHECK_OPTIONS
-$!
-$! Define The OBJ and EXE Directories.
-$!
-$ OBJ_DIR := SYS$DISK:[-.'ARCHD'.OBJ.TEST]
-$ EXE_DIR := SYS$DISK:[-.'ARCHD'.EXE.TEST]
-$!
-$! Specify the destination directory in any /MAP option.
-$!
-$ if (LINKMAP .eqs. "MAP")
-$ then
-$   LINKMAP = LINKMAP+ "=''EXE_DIR'"
-$ endif
-$!
-$! Add the location prefix to the linker options file name.
-$!
-$ if (OPT_FILE .nes. "")
-$ then
-$   OPT_FILE = EXE_DIR+ OPT_FILE
-$ endif
-$!
-$! Initialise logical names and such
-$!
-$ GOSUB INITIALISE
-$!
-$! Tell The User What Kind of Machine We Run On.
-$!
-$ WRITE SYS$OUTPUT "Host system architecture: ''ARCHD'"
-$!
-$! Define The CRYPTO-LIB We Are To Use.
-$!
-$ CRYPTO_LIB := SYS$DISK:[-.'ARCHD'.EXE.CRYPTO]SSL_LIBCRYPTO'LIB32'.OLB
-$!
-$! Define The SSL We Are To Use.
-$!
-$ SSL_LIB := SYS$DISK:[-.'ARCHD'.EXE.SSL]SSL_LIBSSL'LIB32'.OLB
-$!
-$! Create the OBJ and EXE Directories, if needed.
-$!
-$ IF (F$PARSE(OBJ_DIR).EQS."") THEN -
-   CREATE /DIRECTORY 'OBJ_DIR'
-$ IF (F$PARSE(EXE_DIR).EQS."") THEN -
-   CREATE /DIRECTORY 'EXE_DIR'
-$!
-$! Check To See If We Have The Proper Libraries.
-$!
-$ GOSUB LIB_CHECK
-$!
-$! Check To See If We Have A Linker Option File.
-$!
-$ GOSUB CHECK_OPT_FILE
-$!
-$! Define The TEST Files.
-$! NOTE: Some might think this list ugly.  However, it's made this way to
-$! reflect the EXE variable in Makefile as closely as possible,
-$! thereby making it fairly easy to verify that the lists are the same.
-$!
-$ TEST_FILES = "BNTEST,ECTEST,ECDSATEST,ECDHTEST,IDEATEST,"+ -
-	       "MD2TEST,MD4TEST,MD5TEST,HMACTEST,WP_TEST,"+ -
-	       "RC2TEST,RC4TEST,RC5TEST,"+ -
-	       "DESTEST,SHATEST,SHA1TEST,SHA256T,SHA512T,"+ -
-	       "MDC2TEST,RMDTEST,"+ -
-	       "RANDTEST,DHTEST,ENGINETEST,"+ -
-	       "BFTEST,CASTTEST,SSLTEST,EXPTEST,DSATEST,RSA_TEST,"+ -
-	       "EVP_TEST,IGETEST,JPAKETEST,ASN1TEST"
-$! Should we add MTTEST,PQ_TEST,LH_TEST,DIVTEST,TABTEST as well?
-$!
-$! Additional directory information.
-$ T_D_BNTEST     := [-.crypto.bn]
-$ T_D_ECTEST     := [-.crypto.ec]
-$ T_D_ECDSATEST  := [-.crypto.ecdsa]
-$ T_D_ECDHTEST   := [-.crypto.ecdh]
-$ T_D_IDEATEST   := [-.crypto.idea]
-$ T_D_MD2TEST    := [-.crypto.md2]
-$ T_D_MD4TEST    := [-.crypto.md4]
-$ T_D_MD5TEST    := [-.crypto.md5]
-$ T_D_HMACTEST   := [-.crypto.hmac]
-$ T_D_WP_TEST    := [-.crypto.whrlpool]
-$ T_D_RC2TEST    := [-.crypto.rc2]
-$ T_D_RC4TEST    := [-.crypto.rc4]
-$ T_D_RC5TEST    := [-.crypto.rc5]
-$ T_D_DESTEST    := [-.crypto.des]
-$ T_D_SHATEST    := [-.crypto.sha]
-$ T_D_SHA1TEST   := [-.crypto.sha]
-$ T_D_SHA256T    := [-.crypto.sha]
-$ T_D_SHA512T    := [-.crypto.sha]
-$ T_D_MDC2TEST   := [-.crypto.mdc2]
-$ T_D_RMDTEST    := [-.crypto.ripemd]
-$ T_D_RANDTEST   := [-.crypto.rand]
-$ T_D_DHTEST     := [-.crypto.dh]
-$ T_D_ENGINETEST := [-.crypto.engine]
-$ T_D_BFTEST     := [-.crypto.bf]
-$ T_D_CASTTEST   := [-.crypto.cast]
-$ T_D_SSLTEST    := [-.ssl]
-$ T_D_EXPTEST    := [-.crypto.bn]
-$ T_D_DSATEST    := [-.crypto.dsa]
-$ T_D_RSA_TEST   := [-.crypto.rsa]
-$ T_D_EVP_TEST   := [-.crypto.evp]
-$ T_D_IGETEST    := [-.test]
-$ T_D_JPAKETEST  := [-.crypto.jpake]
-$ T_D_ASN1TEST   := [-.test]
-$!
-$ TCPIP_PROGRAMS = ",,"
-$ IF COMPILER .EQS. "VAXC" THEN -
-     TCPIP_PROGRAMS = ",SSLTEST,"
-$!
-$! Define A File Counter And Set It To "0".
-$!
-$ FILE_COUNTER = 0
-$!
-$! Top Of The File Loop.
-$!
-$ NEXT_FILE:
-$!
-$! O.K, Extract The File Name From The File List.
-$!
-$ FILE_NAME = F$ELEMENT(FILE_COUNTER,",",TEST_FILES)
-$!
-$! Check To See If We Are At The End Of The File List.
-$!
-$ IF (FILE_NAME.EQS.",") THEN GOTO FILE_DONE
-$!
-$! Increment The Counter.
-$!
-$ FILE_COUNTER = FILE_COUNTER + 1
-$!
-$! Create The Source File Name.
-$!
-$ SOURCE_FILE = "SYS$DISK:" + T_D_'FILE_NAME' + FILE_NAME + ".C"
-$!
-$! Create The Object File Name.
-$!
-$ OBJECT_FILE = OBJ_DIR + FILE_NAME + ".OBJ"
-$!
-$! Create The Executable File Name.
-$!
-$ EXE_FILE = EXE_DIR + FILE_NAME + ".EXE"
-$ ON WARNING THEN GOTO NEXT_FILE
-$!
-$! Check To See If The File We Want To Compile Actually Exists.
-$!
-$ IF (F$SEARCH(SOURCE_FILE).EQS."")
-$ THEN
-$!
-$!  Tell The User That The File Dosen't Exist.
-$!
-$   WRITE SYS$OUTPUT ""
-$   WRITE SYS$OUTPUT "The File ",SOURCE_FILE," Dosen't Exist."
-$   WRITE SYS$OUTPUT ""
-$!
-$!  Exit The Build.
-$!
-$   GOTO EXIT
-$ ENDIF
-$!
-$! Tell The User What We Are Building.
-$!
-$ WRITE SYS$OUTPUT "Building The ",FILE_NAME," Test Program."
-$!
-$! Compile The File.
-$!
-$ ON ERROR THEN GOTO NEXT_FILE
-$ CC /OBJECT='OBJECT_FILE' 'SOURCE_FILE'
-$ ON WARNING THEN GOTO NEXT_FILE
-$!
-$! Check If What We Are About To Compile Works Without A TCP/IP Library.
-$!
-$ IF ((TCPIP_LIB.EQS."").AND.((TCPIP_PROGRAMS-FILE_NAME).NES.TCPIP_PROGRAMS))
-$ THEN
-$!
-$!  Inform The User That A TCP/IP Library Is Needed To Compile This Program.
-$!
-$   WRITE SYS$OUTPUT -
-	  FILE_NAME," Needs A TCP/IP Library.  Can't Link.  Skipping..."
-$   GOTO NEXT_FILE
-$!
-$! End The TCP/IP Library Check.
-$!
-$ ENDIF
-$!
-$! Link The Program, Check To See If We Need To Link With RSAREF Or Not.
-$! Check To See If We Are To Link With A Specific TCP/IP Library.
-$!
-$!  Don't Link With The RSAREF Routines And TCP/IP Library.
-$!
-$ LINK /'DEBUGGER' /'LINKMAP' /'TRACEBACK' /EXECTABLE = 'EXE_FILE' -
-   'OBJECT_FILE', -
-   'SSL_LIB' /LIBRARY, -
-   'CRYPTO_LIB' /LIBRARY -
-   'TCPIP_LIB' -
-   'ZLIB_LIB' -
-   ,'OPT_FILE' /OPTIONS
-$!
-$! Go Back And Do It Again.
-$!
-$ GOTO NEXT_FILE
-$!
-$! All Done With This Library Part.
-$!
-$ FILE_DONE:
-$!
-$! All Done, Time To Exit.
-$!
-$ EXIT:
-$ GOSUB CLEANUP
-$ EXIT
-$!
-$! Check For The Link Option FIle.
-$!
-$ CHECK_OPT_FILE:
-$!
-$! Check To See If We Need To Make A VAX C Option File.
-$!
-$ IF (COMPILER.EQS."VAXC")
-$ THEN
-$!
-$!  Check To See If We Already Have A VAX C Linker Option File.
-$!
-$   IF (F$SEARCH(OPT_FILE).EQS."")
-$   THEN
-$!
-$!    We Need A VAX C Linker Option File.
-$!
-$     CREATE 'OPT_FILE'
-$DECK
-!
-! Default System Options File To Link Against 
-! The Sharable VAX C Runtime Library.
-!
-SYS$SHARE:VAXCRTL.EXE /SHAREABLE
-$EOD
-$!
-$!  End The Option File Check.
-$!
-$   ENDIF
-$!
-$! End The VAXC Check.
-$!
-$ ENDIF
-$!
-$! Check To See If We Need A GNU C Option File.
-$!
-$ IF (COMPILER.EQS."GNUC")
-$ THEN
-$!
-$!  Check To See If We Already Have A GNU C Linker Option File.
-$!
-$   IF (F$SEARCH(OPT_FILE).EQS."")
-$   THEN
-$!
-$!    We Need A GNU C Linker Option File.
-$!
-$     CREATE 'OPT_FILE'
-$DECK
-!
-! Default System Options File To Link Against 
-! The Sharable C Runtime Library.
-!
-GNU_CC:[000000]GCCLIB.OLB /LIBRARY
-SYS$SHARE:VAXCRTL.EXE /SHAREABLE
-$EOD
-$!
-$!  End The Option File Check.
-$!
-$   ENDIF
-$!
-$! End The GNU C Check.
-$!
-$ ENDIF
-$!
-$! Check To See If We Need A DEC C Option File.
-$!
-$ IF (COMPILER.EQS."DECC")
-$ THEN
-$!
-$!  Check To See If We Already Have A DEC C Linker Option File.
-$!
-$   IF (F$SEARCH(OPT_FILE).EQS."")
-$   THEN
-$!
-$!    Figure Out If We Need A non-VAX Or A VAX Linker Option File.
-$!
-$     IF (ARCH.EQS."VAX")
-$     THEN
-$!
-$!      We Need A DEC C Linker Option File For VAX.
-$!
-$       CREATE 'OPT_FILE'
-$DECK
-!
-! Default System Options File To Link Against 
-! The Sharable DEC C Runtime Library.
-!
-SYS$SHARE:DECC$SHR.EXE /SHAREABLE
-$EOD
-$!
-$!    Else...
-$!
-$     ELSE
-$!
-$!      Create The non-VAX Linker Option File.
-$!
-$       CREATE 'OPT_FILE'
-$DECK
-!
-! Default System Options File For non-VAX To Link Against 
-! The Sharable C Runtime Library.
-!
-SYS$SHARE:CMA$OPEN_LIB_SHR.EXE /SHAREABLE
-SYS$SHARE:CMA$OPEN_RTL.EXE /SHAREABLE
-$EOD
-$!
-$!    End The DEC C Option File Check.
-$!
-$     ENDIF
-$!
-$!  End The Option File Search.
-$!
-$   ENDIF
-$!
-$! End The DEC C Check.
-$!
-$ ENDIF
-$!
-$!  Tell The User What Linker Option File We Are Using.
-$!
-$ WRITE SYS$OUTPUT "Using Linker Option File ",OPT_FILE,"."	
-$!
-$! Time To RETURN.
-$!
-$ RETURN
-$!
-$! Check To See If We Have The Appropiate Libraries.
-$!
-$ LIB_CHECK:
-$!
-$! Look For The Library LIBCRYPTO.OLB.
-$!
-$ IF (F$SEARCH(CRYPTO_LIB).EQS."")
-$ THEN
-$!
-$!  Tell The User We Can't Find The LIBCRYPTO.OLB Library.
-$!
-$   WRITE SYS$OUTPUT ""
-$   WRITE SYS$OUTPUT "Can't Find The Library ",CRYPTO_LIB,"."
-$   WRITE SYS$OUTPUT "We Can't Link Without It."
-$   WRITE SYS$OUTPUT ""
-$!
-$!  Since We Can't Link Without It, Exit.
-$!
-$   EXIT
-$!
-$! End The Crypto Library Check.
-$!
-$ ENDIF
-$!
-$! Look For The Library LIBSSL.OLB.
-$!
-$ IF (F$SEARCH(SSL_LIB).EQS."")
-$ THEN
-$!
-$!  Tell The User We Can't Find The LIBSSL.OLB Library.
-$!
-$   WRITE SYS$OUTPUT ""
-$   WRITE SYS$OUTPUT "Can't Find The Library ",SSL_LIB,"."
-$   WRITE SYS$OUTPUT "Some Of The Test Programs Need To Link To It."
-$   WRITE SYS$OUTPUT ""
-$!
-$!  Since We Can't Link Without It, Exit.
-$!
-$   EXIT
-$!
-$! End The SSL Library Check.
-$!
-$ ENDIF
-$!
-$! Time To Return.
-$!
-$ RETURN
-$!
-$! Check The User's Options.
-$!
-$ CHECK_OPTIONS:
-$!
-$! Set basic C compiler /INCLUDE directories.
-$!
-$ CC_INCLUDES = "SYS$DISK:[-],SYS$DISK:[-.CRYPTO]"
-$!
-$! Check To See If P1 Is Blank.
-$!
-$ IF (P1.EQS."NODEBUG")
-$ THEN
-$!
-$!  P1 Is NODEBUG, So Compile Without Debugger Information.
-$!
-$   DEBUGGER  = "NODEBUG"
-$   LINKMAP = "NOMAP"
-$   TRACEBACK = "NOTRACEBACK" 
-$   GCC_OPTIMIZE = "OPTIMIZE"
-$   CC_OPTIMIZE = "OPTIMIZE"
-$   WRITE SYS$OUTPUT "No Debugger Information Will Be Produced During Compile."
-$   WRITE SYS$OUTPUT "Compiling With Compiler Optimization."
-$!
-$! Else...
-$!
-$ ELSE
-$!
-$!  Check To See If We Are To Compile With Debugger Information.
-$!
-$   IF (P1.EQS."DEBUG")
-$   THEN
-$!
-$!    Compile With Debugger Information.
-$!
-$     DEBUGGER  = "DEBUG"
-$     LINKMAP = "MAP"
-$     TRACEBACK = "TRACEBACK"
-$     GCC_OPTIMIZE = "NOOPTIMIZE"
-$     CC_OPTIMIZE = "NOOPTIMIZE"
-$     WRITE SYS$OUTPUT "Debugger Information Will Be Produced During Compile."
-$     WRITE SYS$OUTPUT "Compiling Without Compiler Optimization."
-$!
-$!  Else...
-$!
-$   ELSE
-$!
-$!    Tell The User Entered An Invalid Option.
-$!
-$     WRITE SYS$OUTPUT ""
-$     WRITE SYS$OUTPUT "The Option ",P1," Is Invalid.  The Valid Options Are:"
-$     WRITE SYS$OUTPUT ""
-$     WRITE SYS$OUTPUT "    DEBUG    :  Compile With The Debugger Information."
-$     WRITE SYS$OUTPUT "    NODEBUG  :  Compile Without The Debugger Information."
-$     WRITE SYS$OUTPUT ""
-$!
-$!    Time To EXIT.
-$!
-$     EXIT
-$!
-$!  End The Valid Argument Check.
-$!
-$   ENDIF
-$!
-$! End The P1 Check.
-$!
-$ ENDIF
-$!
-$! Check P5 (POINTER_SIZE).
-$!
-$ IF (P5 .NES. "") .AND. (ARCH .NES. "VAX")
-$ THEN
-$!
-$   IF (P5 .EQS. "32")
-$   THEN
-$     POINTER_SIZE = " /POINTER_SIZE=32"
-$   ELSE
-$     POINTER_SIZE = F$EDIT( P5, "COLLAPSE, UPCASE")
-$     IF ((POINTER_SIZE .EQS. "64") .OR. -
-       (POINTER_SIZE .EQS. "64=") .OR. -
-       (POINTER_SIZE .EQS. "64=ARGV"))
-$     THEN
-$       ARCHD = ARCH+ "_64"
-$       LIB32 = ""
-$       IF (F$EXTRACT( 2, 1, POINTER_SIZE) .EQS. "=")
-$       THEN
-$!        Explicit user choice: "64" or "64=ARGV".
-$         IF (POINTER_SIZE .EQS. "64=") THEN POINTER_SIZE = "64"
-$       ELSE
-$         SET NOON
-$         DEFINE /USER_MODE SYS$OUTPUT NL:
-$         DEFINE /USER_MODE SYS$ERROR NL:
-$         CC /NOLIST /NOOBJECT /POINTER_SIZE=64=ARGV NL:
-$         IF ($STATUS .AND. %X0FFF0000) .EQ. %X00030000
-$         THEN
-$           ! If we got here, it means DCL complained like this:
-$           ! %DCL-W-NOVALU, value not allowed - remove value specification
-$           !  \64=\
-$           !
-$           ! If the compiler was run, logicals defined in /USER would
-$           ! have been deassigned automatically.  However, when DCL
-$           ! complains, they aren't, so we do it here (it might be
-$           ! unnecessary, but just in case there will be another error
-$           ! message further on that we don't want to miss)
-$           DEASSIGN /USER_MODE SYS$ERROR
-$           DEASSIGN /USER_MODE SYS$OUTPUT
-$         ELSE
-$           POINTER_SIZE = POINTER_SIZE + "=ARGV"
-$         ENDIF
-$         SET ON
-$       ENDIF
-$       POINTER_SIZE = " /POINTER_SIZE=''POINTER_SIZE'"
-$     ELSE
-$!
-$!      Tell The User Entered An Invalid Option.
-$!
-$       WRITE SYS$OUTPUT ""
-$       WRITE SYS$OUTPUT "The Option ", P5, -
-         " Is Invalid.  The Valid Options Are:"
-$       WRITE SYS$OUTPUT ""
-$       WRITE SYS$OUTPUT -
-         "    """"  :  Compile with default (short) pointers."
-$       WRITE SYS$OUTPUT -
-         "    32  :  Compile with 32-bit (short) pointers."
-$       WRITE SYS$OUTPUT -
-         "    64       :  Compile with 64-bit (long) pointers (auto ARGV)."
-$       WRITE SYS$OUTPUT -
-         "    64=      :  Compile with 64-bit (long) pointers (no ARGV)."
-$       WRITE SYS$OUTPUT -
-         "    64=ARGV  :  Compile with 64-bit (long) pointers (ARGV)."
-$       WRITE SYS$OUTPUT ""
-$! 
-$!      Time To EXIT.
-$!
-$       EXIT
-$!
-$     ENDIF
-$!
-$   ENDIF
-$!
-$! End The P5 (POINTER_SIZE) Check.
-$!
-$ ENDIF
-$!
-$! Check To See If P2 Is Blank.
-$!
-$ IF (P2.EQS."")
-$ THEN
-$!
-$!  O.K., The User Didn't Specify A Compiler, Let's Try To
-$!  Find Out Which One To Use.
-$!
-$!  Check To See If We Have GNU C.
-$!
-$   IF (F$TRNLNM("GNU_CC").NES."")
-$   THEN
-$!
-$!    Looks Like GNUC, Set To Use GNUC.
-$!
-$     P2 = "GNUC"
-$!
-$!  End The GNU C Compiler Check.
-$!
-$   ELSE
-$!
-$!  Check To See If We Have VAXC Or DECC.
-$!
-$     IF (ARCH.NES."VAX").OR.(F$TRNLNM("DECC$CC_DEFAULT").NES."")
-$     THEN 
-$!
-$!      Looks Like DECC, Set To Use DECC.
-$!
-$       P2 = "DECC"
-$!
-$!      Else...
-$!
-$     ELSE
-$!
-$!      Looks Like VAXC, Set To Use VAXC.
-$!
-$       P2 = "VAXC"
-$!
-$!    End The VAXC Compiler Check.
-$!
-$     ENDIF
-$!
-$!  End The DECC & VAXC Compiler Check.
-$!
-$   ENDIF
-$!
-$!  End The Compiler Check.
-$!
-$ ENDIF
-$!
-$! Check To See If We Have A Option For P3.
-$!
-$ IF (P3.EQS."")
-$ THEN
-$!
-$!  Find out what socket library we have available
-$!
-$   IF F$PARSE("SOCKETSHR:") .NES. ""
-$   THEN
-$!
-$!    We have SOCKETSHR, and it is my opinion that it's the best to use.
-$!
-$     P3 = "SOCKETSHR"
-$!
-$!    Tell the user
-$!
-$     WRITE SYS$OUTPUT "Using SOCKETSHR for TCP/IP"
-$!
-$!    Else, let's look for something else
-$!
-$   ELSE
-$!
-$!    Like UCX (the reason to do this before Multinet is that the UCX
-$!    emulation is easier to use...)
-$!
-$     IF F$TRNLNM("UCX$IPC_SHR") .NES. "" -
-	 .OR. F$PARSE("SYS$SHARE:UCX$IPC_SHR.EXE") .NES. "" -
-	 .OR. F$PARSE("SYS$LIBRARY:UCX$IPC.OLB") .NES. ""
-$     THEN
-$!
-$!	Last resort: a UCX or UCX-compatible library
-$!
-$	P3 = "UCX"
-$!
-$!      Tell the user
-$!
-$       WRITE SYS$OUTPUT "Using UCX or an emulation thereof for TCP/IP"
-$!
-$!	That was all...
-$!
-$     ENDIF
-$   ENDIF
-$ ENDIF
-$!
-$! Set Up Initial CC Definitions, Possibly With User Ones
-$!
-$ CCDEFS = "TCPIP_TYPE_''P3'"
-$ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS
-$ CCEXTRAFLAGS = ""
-$ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
-$ CCDISABLEWARNINGS = "" !!! "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR"
-$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
-	CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS
-$!
-$! Check To See If We Have A ZLIB Option.
-$!
-$ ZLIB = P6
-$ IF (ZLIB .NES. "")
-$ THEN
-$!
-$!  Check for expected ZLIB files.
-$!
-$   err = 0
-$   file1 = f$parse( "zlib.h", ZLIB, , , "SYNTAX_ONLY")
-$   if (f$search( file1) .eqs. "")
-$   then
-$     WRITE SYS$OUTPUT ""
-$     WRITE SYS$OUTPUT "The Option ", ZLIB, " Is Invalid."
-$     WRITE SYS$OUTPUT "    Can't find header: ''file1'"
-$     err = 1
-$   endif
-$   file1 = f$parse( "A.;", ZLIB)- "A.;"
-$!
-$   file2 = f$parse( ZLIB, "libz.olb", , , "SYNTAX_ONLY")
-$   if (f$search( file2) .eqs. "")
-$   then
-$     if (err .eq. 0)
-$     then
-$       WRITE SYS$OUTPUT ""
-$       WRITE SYS$OUTPUT "The Option ", ZLIB, " Is Invalid."
-$     endif
-$     WRITE SYS$OUTPUT "    Can't find library: ''file2'"
-$     WRITE SYS$OUTPUT ""
-$     err = err+ 2
-$   endif
-$   if (err .eq. 1)
-$   then
-$     WRITE SYS$OUTPUT ""
-$   endif
-$!
-$   if (err .ne. 0)
-$   then
-$     GOTO EXIT
-$   endif
-$!
-$   CCDEFS = """ZLIB=1"", "+ CCDEFS
-$   CC_INCLUDES = CC_INCLUDES+ ", "+ file1
-$   ZLIB_LIB = ", ''file2' /library"
-$!
-$!  Print info
-$!
-$   WRITE SYS$OUTPUT "ZLIB library spec: ", file2
-$!
-$! End The P8 Check.
-$!
-$ ENDIF
-$!
-$!  Check To See If The User Entered A Valid Parameter.
-$!
-$ IF (P2.EQS."VAXC").OR.(P2.EQS."DECC").OR.(P2.EQS."GNUC")
-$ THEN
-$!
-$!  Check To See If The User Wanted DECC.
-$!
-$   IF (P2.EQS."DECC")
-$   THEN
-$!
-$!    Looks Like DECC, Set To Use DECC.
-$!
-$     COMPILER = "DECC"
-$!
-$!    Tell The User We Are Using DECC.
-$!
-$     WRITE SYS$OUTPUT "Using DECC 'C' Compiler."
-$!
-$!    Use DECC...
-$!
-$     CC = "CC"
-$     IF ARCH.EQS."VAX" .AND. F$TRNLNM("DECC$CC_DEFAULT").NES."/DECC" -
-	 THEN CC = "CC /DECC"
-$     CC = CC + " /''CC_OPTIMIZE' /''DEBUGGER' /STANDARD=RELAXED"+ -
-       "''POINTER_SIZE' /NOLIST /PREFIX=ALL" + -
-       " /INCLUDE=(''CC_INCLUDES') " + CCEXTRAFLAGS
-$!
-$!    Define The Linker Options File Name.
-$!
-$     OPT_FILE = "VAX_DECC_OPTIONS.OPT"
-$!
-$!  End DECC Check.
-$!
-$   ENDIF
-$!
-$!  Check To See If We Are To Use VAXC.
-$!
-$   IF (P2.EQS."VAXC")
-$   THEN
-$!
-$!    Looks Like VAXC, Set To Use VAXC.
-$!
-$     COMPILER = "VAXC"
-$!
-$!    Tell The User We Are Using VAX C.
-$!
-$     WRITE SYS$OUTPUT "Using VAXC 'C' Compiler."
-$!
-$!    Compile Using VAXC.
-$!
-$     CC = "CC"
-$     IF ARCH.NES."VAX"
-$     THEN
-$	WRITE SYS$OUTPUT "There is no VAX C on ''ARCH'!"
-$	EXIT
-$     ENDIF
-$     IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC /VAXC"
-$     CC = CC + "/''CC_OPTIMIZE' /''DEBUGGER' /NOLIST" + -
-	   "/INCLUDE=(''CC_INCLUDES')" + CCEXTRAFLAGS
-$     CCDEFS = CCDEFS + ",""VAXC"""
-$!
-$!    Define  As SYS$COMMON:[SYSLIB]
-$!
-$     DEFINE /NOLOG SYS SYS$COMMON:[SYSLIB]
-$!
-$!    Define The Linker Options File Name.
-$!
-$     OPT_FILE = "VAX_VAXC_OPTIONS.OPT"
-$!
-$!  End VAXC Check
-$!
-$   ENDIF
-$!
-$!  Check To See If We Are To Use GNU C.
-$!
-$   IF (P2.EQS."GNUC")
-$   THEN
-$!
-$!    Looks Like GNUC, Set To Use GNUC.
-$!
-$     COMPILER = "GNUC"
-$!
-$!    Tell The User We Are Using GNUC.
-$!
-$     WRITE SYS$OUTPUT "Using GNU 'C' Compiler."
-$!
-$!    Use GNU C...
-$!
-$     CC = "GCC /NOCASE_HACK /''GCC_OPTIMIZE' /''DEBUGGER' /NOLIST" + -
-	   "/INCLUDE=(''CC_INCLUDES')" + CCEXTRAFLAGS
-$!
-$!    Define The Linker Options File Name.
-$!
-$     OPT_FILE = "VAX_GNUC_OPTIONS.OPT"
-$!
-$!  End The GNU C Check.
-$!
-$   ENDIF
-$!
-$!  Set up default defines
-$!
-$   CCDEFS = """FLAT_INC=1""," + CCDEFS
-$!
-$!  Finish up the definition of CC.
-$!
-$   IF COMPILER .EQS. "DECC"
-$   THEN
-$     IF CCDISABLEWARNINGS .EQS. ""
-$     THEN
-$       CC4DISABLEWARNINGS = "DOLLARID"
-$     ELSE
-$       CC4DISABLEWARNINGS = CCDISABLEWARNINGS + ",DOLLARID"
-$       CCDISABLEWARNINGS = " /WARNING=(DISABLE=(" + CCDISABLEWARNINGS + "))"
-$     ENDIF
-$     CC4DISABLEWARNINGS = " /WARNING=(DISABLE=(" + CC4DISABLEWARNINGS + "))"
-$   ELSE
-$     CCDISABLEWARNINGS = ""
-$     CC4DISABLEWARNINGS = ""
-$   ENDIF
-$   CC = CC + " /DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS
-$!
-$!  Show user the result
-$!
-$   WRITE /SYMBOL SYS$OUTPUT "Main Compiling Command: ", CC
-$!
-$!  Else The User Entered An Invalid Argument.
-$!
-$ ELSE
-$!
-$!  Tell The User We Don't Know What They Want.
-$!
-$   WRITE SYS$OUTPUT ""
-$   WRITE SYS$OUTPUT "The Option ",P2," Is Invalid.  The Valid Options Are:"
-$   WRITE SYS$OUTPUT ""
-$   WRITE SYS$OUTPUT "    VAXC  :  To Compile With VAX C."
-$   WRITE SYS$OUTPUT "    DECC  :  To Compile With DEC C."
-$   WRITE SYS$OUTPUT "    GNUC  :  To Compile With GNU C."
-$   WRITE SYS$OUTPUT ""
-$!
-$!  Time To EXIT.
-$!
-$   EXIT
-$ ENDIF
-$!
-$! Time to check the contents, and to make sure we get the correct library.
-$!
-$ IF P3.EQS."SOCKETSHR" .OR. P3.EQS."MULTINET" .OR. P3.EQS."UCX" -
-     .OR. P3.EQS."TCPIP" .OR. P3.EQS."NONE"
-$ THEN
-$!
-$!  Check to see if SOCKETSHR was chosen
-$!
-$   IF P3.EQS."SOCKETSHR"
-$   THEN
-$!
-$!    Set the library to use SOCKETSHR
-$!
-$     TCPIP_LIB = ",SYS$DISK:[-.VMS]SOCKETSHR_SHR.OPT /OPTIONS"
-$!
-$!    Done with SOCKETSHR
-$!
-$   ENDIF
-$!
-$!  Check to see if MULTINET was chosen
-$!
-$   IF P3.EQS."MULTINET"
-$   THEN
-$!
-$!    Set the library to use UCX emulation.
-$!
-$     P3 = "UCX"
-$!
-$!    Done with MULTINET
-$!
-$   ENDIF
-$!
-$!  Check to see if UCX was chosen
-$!
-$   IF P3.EQS."UCX"
-$   THEN
-$!
-$!    Set the library to use UCX.
-$!
-$     TCPIP_LIB = ",SYS$DISK:[-.VMS]UCX_SHR_DECC.OPT /OPTIONS"
-$     IF F$TRNLNM("UCX$IPC_SHR") .NES. ""
-$     THEN
-$       TCPIP_LIB = ",SYS$DISK:[-.VMS]UCX_SHR_DECC_LOG.OPT /OPTIONS"
-$     ELSE
-$       IF COMPILER .NES. "DECC" .AND. ARCH .EQS. "VAX" THEN -
-	  TCPIP_LIB = ",SYS$DISK:[-.VMS]UCX_SHR_VAXC.OPT /OPTIONS"
-$     ENDIF
-$!
-$!    Done with UCX
-$!
-$   ENDIF
-$!
-$!  Check to see if TCPIP was chosen
-$!
-$   IF P3.EQS."TCPIP"
-$   THEN
-$!
-$!    Set the library to use TCPIP (post UCX).
-$!
-$     TCPIP_LIB = ",SYS$DISK:[-.VMS]TCPIP_SHR_DECC.OPT /OPTIONS"
-$!
-$!    Done with TCPIP
-$!
-$   ENDIF
-$!
-$!  Check to see if NONE was chosen
-$!
-$   IF P3.EQS."NONE"
-$   THEN
-$!
-$!    Do not use a TCPIP library.
-$!
-$     TCPIP_LIB = ""
-$!
-$!    Done with NONE
-$!
-$   ENDIF
-$!
-$!  Print info
-$!
-$   WRITE SYS$OUTPUT "TCP/IP library spec: ", TCPIP_LIB- ","
-$!
-$!  Else The User Entered An Invalid Argument.
-$!
-$ ELSE
-$!
-$!  Tell The User We Don't Know What They Want.
-$!
-$   WRITE SYS$OUTPUT ""
-$   WRITE SYS$OUTPUT "The Option ",P3," Is Invalid.  The Valid Options Are:"
-$   WRITE SYS$OUTPUT ""
-$   WRITE SYS$OUTPUT "    SOCKETSHR  :  To link with SOCKETSHR TCP/IP library."
-$   WRITE SYS$OUTPUT "    UCX        :  To link with UCX TCP/IP library."
-$   WRITE SYS$OUTPUT "    TCPIP      :  To link with TCPIP (post UCX) TCP/IP library."
-$   WRITE SYS$OUTPUT ""
-$!
-$!  Time To EXIT.
-$!
-$   EXIT
-$!
-$!  Done with TCP/IP libraries
-$!
-$ ENDIF
-$!
-$! Special Threads For OpenVMS v7.1 Or Later
-$!
-$! Written By:  Richard Levitte
-$!              richard@levitte.org
-$!
-$!
-$! Check To See If We Have A Option For P4.
-$!
-$ IF (P4.EQS."")
-$ THEN
-$!
-$!  Get The Version Of VMS We Are Using.
-$!
-$   ISSEVEN :=
-$   TMP = F$ELEMENT(0,"-",F$EXTRACT(1,4,F$GETSYI("VERSION")))
-$   TMP = F$INTEGER(F$ELEMENT(0,".",TMP)+F$ELEMENT(1,".",TMP))
-$!
-$!  Check To See If The VMS Version Is v7.1 Or Later.
-$!
-$   IF (TMP.GE.71)
-$   THEN
-$!
-$!    We Have OpenVMS v7.1 Or Later, So Use The Special Threads.
-$!
-$     ISSEVEN := ,PTHREAD_USE_D4
-$!
-$!  End The VMS Version Check.
-$!
-$   ENDIF
-$!
-$! End The P4 Check.
-$!
-$ ENDIF
-$!
-$!  Time To RETURN...
-$!
-$ RETURN
-$!
-$ INITIALISE:
-$!
-$! Save old value of the logical name OPENSSL
-$!
-$ __SAVE_OPENSSL = F$TRNLNM("OPENSSL","LNM$PROCESS_TABLE")
-$!
-$! Save directory information
-$!
-$ __HERE = F$PARSE(F$PARSE("A.;",F$ENVIRONMENT("PROCEDURE"))-"A.;","[]A.;") - "A.;"
-$ __HERE = F$EDIT(__HERE,"UPCASE")
-$ __TOP = __HERE - "TEST]"
-$ __INCLUDE = __TOP + "INCLUDE.OPENSSL]"
-$!
-$! Set up the logical name OPENSSL to point at the include directory
-$!
-$ DEFINE OPENSSL /NOLOG '__INCLUDE'
-$!
-$! Done
-$!
-$ RETURN
-$!
-$ CLEANUP:
-$!
-$! Restore the logical name OPENSSL if it had a value
-$!
-$ IF __SAVE_OPENSSL .EQS. ""
-$ THEN
-$   DEASSIGN OPENSSL
-$ ELSE
-$   DEFINE /NOLOG OPENSSL '__SAVE_OPENSSL'
-$ ENDIF
-$!
-$! Done
-$!
-$ RETURN
diff --git a/deps/openssl/openssl/test/md2test.c b/deps/openssl/openssl/test/md2test.c
deleted file mode 120000
index b0c6e6f8091..00000000000
--- a/deps/openssl/openssl/test/md2test.c
+++ /dev/null
@@ -1 +0,0 @@
-../crypto/md2/md2test.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/md4test.c b/deps/openssl/openssl/test/md4test.c
deleted file mode 120000
index 1509be911da..00000000000
--- a/deps/openssl/openssl/test/md4test.c
+++ /dev/null
@@ -1 +0,0 @@
-../crypto/md4/md4test.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/md5test.c b/deps/openssl/openssl/test/md5test.c
deleted file mode 120000
index 20f4aaf0a4e..00000000000
--- a/deps/openssl/openssl/test/md5test.c
+++ /dev/null
@@ -1 +0,0 @@
-../crypto/md5/md5test.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/mdc2test.c b/deps/openssl/openssl/test/mdc2test.c
deleted file mode 120000
index 49f44f8b69e..00000000000
--- a/deps/openssl/openssl/test/mdc2test.c
+++ /dev/null
@@ -1 +0,0 @@
-dummytest.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/methtest.c b/deps/openssl/openssl/test/methtest.c
deleted file mode 100644
index 005c2f48220..00000000000
--- a/deps/openssl/openssl/test/methtest.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/* test/methtest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include 
-#include 
-#include 
-#include 
-#include "meth.h"
-#include 
-
-int main(argc,argv)
-int argc;
-char *argv[];
-	{
-	METHOD_CTX *top,*tmp1,*tmp2;
-
-	top=METH_new(x509_lookup()); /* get a top level context */
-	if (top == NULL) goto err;
-
-	tmp1=METH_new(x509_by_file());
-	if (top == NULL) goto err;
-	METH_arg(tmp1,METH_TYPE_FILE,"cafile1");
-	METH_arg(tmp1,METH_TYPE_FILE,"cafile2");
-	METH_push(top,METH_X509_CA_BY_SUBJECT,tmp1);
-
-	tmp2=METH_new(x509_by_dir());
-	METH_arg(tmp2,METH_TYPE_DIR,"/home/eay/.CAcerts");
-	METH_arg(tmp2,METH_TYPE_DIR,"/home/eay/SSLeay/certs");
-	METH_arg(tmp2,METH_TYPE_DIR,"/usr/local/ssl/certs");
-	METH_push(top,METH_X509_CA_BY_SUBJECT,tmp2);
-
-/*	tmp=METH_new(x509_by_issuer_dir);
-	METH_arg(tmp,METH_TYPE_DIR,"/home/eay/.mycerts");
-	METH_push(top,METH_X509_BY_ISSUER,tmp);
-
-	tmp=METH_new(x509_by_issuer_primary);
-	METH_arg(tmp,METH_TYPE_FILE,"/home/eay/.mycerts/primary.pem");
-	METH_push(top,METH_X509_BY_ISSUER,tmp);
-*/
-
-	METH_init(top);
-	METH_control(tmp1,METH_CONTROL_DUMP,stdout);
-	METH_control(tmp2,METH_CONTROL_DUMP,stdout);
-	EXIT(0);
-err:
-	ERR_load_crypto_strings();
-	ERR_print_errors_fp(stderr);
-	EXIT(1);
-	return(0);
-	}
diff --git a/deps/openssl/openssl/test/pkcs7-1.pem b/deps/openssl/openssl/test/pkcs7-1.pem
deleted file mode 100644
index c47b27af889..00000000000
--- a/deps/openssl/openssl/test/pkcs7-1.pem
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN PKCS7-----
-MIICUAYJKoZIhvcNAQcCoIICQTCCAj0CAQExDjAMBggqhkiG9w0CAgUAMCgGCSqG
-SIb3DQEHAaAbBBlFdmVyeW9uZSBnZXRzIEZyaWRheSBvZmYuoIIBXjCCAVowggEE
-AgQUAAApMA0GCSqGSIb3DQEBAgUAMCwxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRF
-eGFtcGxlIE9yZ2FuaXphdGlvbjAeFw05MjA5MDkyMjE4MDZaFw05NDA5MDkyMjE4
-MDVaMEIxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRFeGFtcGxlIE9yZ2FuaXphdGlv
-bjEUMBIGA1UEAxMLVGVzdCBVc2VyIDEwWzANBgkqhkiG9w0BAQEFAANKADBHAkAK
-ZnkdxpiBaN56t3QZu3+wwAHGJxAnAHUUKULhmo2MUdBTs+N4Kh3l3Fr06+mUaBcB
-FKHf5nzcmpr1XWVWILurAgMBAAEwDQYJKoZIhvcNAQECBQADQQBFGqHhqncgSl/N
-9XYGnQL3MsJvNnsNV4puZPOakR9Hld8JlDQFEaDR30ogsmp3TMrvdfxpLlTCoZN8
-BxEmnZsWMYGbMIGYAgEBMDQwLDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFEV4YW1w
-bGUgT3JnYW5pemF0aW9uAgQUAAApMAwGCCqGSIb3DQICBQAwDQYJKoZIhvcNAQEB
-BQAEQAX6aoEvx9+L9PJUJQngPoRuEbnGIL4gCe+0QO+8xmkhaZSsBPNBtX0FIC1C
-j7Kie1x339mxW/w9VZNTUDQQweHh
------END PKCS7-----
diff --git a/deps/openssl/openssl/test/pkcs7.pem b/deps/openssl/openssl/test/pkcs7.pem
deleted file mode 100644
index d55c60b94e1..00000000000
--- a/deps/openssl/openssl/test/pkcs7.pem
+++ /dev/null
@@ -1,54 +0,0 @@
-     MIAGCSqGSIb3DQEHAqCAMIACAQExADCABgkqhkiG9w0BBwEAAKCAMIIE+DCCBGGg
-     AwIBAgIQaGSF/JpbS1C223+yrc+N1DANBgkqhkiG9w0BAQQFADBiMREwDwYDVQQH
-     EwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNVBAsTK1Zl
-     cmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXIwHhcNOTYw
-     ODEyMDAwMDAwWhcNOTYwODE3MjM1OTU5WjCCASAxETAPBgNVBAcTCEludGVybmV0
-     MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh
-     c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjE3MDUGA1UECxMuRGlnaXRh
-     bCBJRCBDbGFzcyAxIC0gU01JTUUgVmVyaVNpZ24sIEluYy4gVEVTVDFGMEQGA1UE
-     CxM9d3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5L0NQUyBJbmNvcnAuIGJ5IFJl
-     Zi4sTElBQi5MVEQoYyk5NjEZMBcGA1UEAxMQQWxleGFuZHJlIERlYWNvbjEgMB4G
-     CSqGSIb3DQEJARYRYWxleEB2ZXJpc2lnbi5jb20wWzANBgkqhkiG9w0BAQEFAANK
-     ADBHAkAOy7xxCAIkOfuIA2LyRpxgKlDORl8htdXYhF5iBGUx1GYaK6KF+bK/CCI0
-     l4j2OfWGFBUrwGoWqxTNcWgTfMzRAgMBAAGjggIyMIICLjAJBgNVHRMEAjAAMIIC
-     HwYDVR0DBIICFjCCAhIwggIOMIICCgYLYIZIAYb4RQEHAQEwggH5FoIBp1RoaXMg
-     Y2VydGlmaWNhdGUgaW5jb3Jwb3JhdGVzIGJ5IHJlZmVyZW5jZSwgYW5kIGl0cyB1
-     c2UgaXMgc3RyaWN0bHkgc3ViamVjdCB0bywgdGhlIFZlcmlTaWduIENlcnRpZmlj
-     YXRpb24gUHJhY3RpY2UgU3RhdGVtZW50IChDUFMpLCBhdmFpbGFibGUgYXQ6IGh0
-     dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9DUFM7IGJ5IEUtbWFpbCBhdCBDUFMtcmVx
-     dWVzdHNAdmVyaXNpZ24uY29tOyBvciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMu
-     LCAyNTkzIENvYXN0IEF2ZS4sIE1vdW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBU
-     ZWwuICsxICg0MTUpIDk2MS04ODMwIENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2ln
-     biwgSW5jLiAgQWxsIFJpZ2h0cyBSZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVT
-     IERJU0NMQUlNRUQgYW5kIExJQUJJTElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcB
-     AQGhDgYMYIZIAYb4RQEHAQECMCwwKhYoaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t
-     L3JlcG9zaXRvcnkvQ1BTIDANBgkqhkiG9w0BAQQFAAOBgQAimWMGQwwwxk+b3KAL
-     HlSWXtU7LWHe29CEG8XeVNTvrqs6SBqT7OoENOkGxpfdpVgZ3Qw2SKjxDvbvpfSF
-     slsqcxWSgB/hWuaVuZCkvTw/dYGGOxkTJGxvDCfl1PZjX4dKbatslsi9Z9HpGWT7
-     ttItRwKqcBKgmCJvKi1pGWED0zCCAnkwggHioAMCAQICEDURpVKQb+fQKaRAGdQR
-     /D4wDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlT
-     aWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcmltYXJ5IENlcnRp
-     ZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2MDYyNzAwMDAwMFoXDTk3MDYyNzIzNTk1
-     OVowYjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMu
-     MTQwMgYDVQQLEytWZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJz
-     Y3JpYmVyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2FKbPTdAFDdjKI9Bv
-     qrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7jW80GqLd5HUQq7XPy
-     sVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cariQPJUObwW7s987Lrb
-     P2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABozMwMTAPBgNVHRMECDAGAQH/AgEBMAsG
-     A1UdDwQEAwIBBjARBglghkgBhvhCAQEEBAMCAgQwDQYJKoZIhvcNAQECBQADgYEA
-     KeXHoBmnbxRCgk0jM9e9mDppdxpsipIna/J8DOHEUuD4nONAr4+xOg73SBl026n7
-     Bk55A2wvAMGo7+kKTZ+rHaFDDcmq4O+rzFri2RIOeGAncj1IcGptAQhvXoIhFMG4
-     Jlzg1KlHZHqy7D3jex78zcSU7kKOu8f5tAX1jC3+sToAAKGAMIIBJzCBkTANBgkq
-     hkiG9w0BAQIFADBiMREwDwYDVQQHEwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNp
-     Z24sIEluYy4xNDAyBgNVBAsTK1ZlcmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlk
-     dWFsIFN1YnNjcmliZXIXDTk2MDcwMTE3MzA0MFoXDTk3MDcwMTAwMDAwMFowDQYJ
-     KoZIhvcNAQECBQADgYEAGLuQ6PX8A7AiqBEtWzYtl6lZNSDI0bR5YUo+D2Jzkw30
-     dxQnJSbKXEc6XYuzAW5HvrzATXu5c19WWPT4cRDwmjH71i9QcDysWwf/wE0qGTiW
-     I3tQT0I5VGh7jIJD07nlBw3R4Xl8dH9kr85JsWinqDH5YKpIo9o8knY5n7+qjOow
-     ggEkMIGOMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5W
-     ZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMSBQdWJsaWMgUHJpbWFyeSBD
-     ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eRcNOTYwNzE2MjMxMTI5WhcNOTYwODE1MDAw
-     MDAwWjANBgkqhkiG9w0BAQIFAAOBgQAXsLE4vnsY6sY67QrmWec7iaU2ehzxanEK
-     /9wKHZNuhlNzk+qGZZw2evxfUe2OaRbYpl8zuZvhK9BHD3ad14OSe9/zx5hOPgP/
-     DQXt6R4R8Q/1JheBrolrgbavjvI2wKS8/Psp2prBrkF4T48+AKRmS8Zzh1guxgvP
-     b+xSu/jH0gAAMYAAAAAAAAAAAA==
diff --git a/deps/openssl/openssl/test/pkits-test.pl b/deps/openssl/openssl/test/pkits-test.pl
deleted file mode 100644
index 69dffa16f90..00000000000
--- a/deps/openssl/openssl/test/pkits-test.pl
+++ /dev/null
@@ -1,940 +0,0 @@
-# test/pkits-test.pl
-# Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
-# project.
-#
-# ====================================================================
-# Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# 1. Redistributions of source code must retain the above copyright
-#    notice, this list of conditions and the following disclaimer.
-#
-# 2. Redistributions in binary form must reproduce the above copyright
-#    notice, this list of conditions and the following disclaimer in
-#    the documentation and/or other materials provided with the
-#    distribution.
-#
-# 3. All advertising materials mentioning features or use of this
-#    software must display the following acknowledgment:
-#    "This product includes software developed by the OpenSSL Project
-#    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
-#
-# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
-#    endorse or promote products derived from this software without
-#    prior written permission. For written permission, please contact
-#    licensing@OpenSSL.org.
-#
-# 5. Products derived from this software may not be called "OpenSSL"
-#    nor may "OpenSSL" appear in their names without prior written
-#    permission of the OpenSSL Project.
-#
-# 6. Redistributions of any form whatsoever must retain the following
-#    acknowledgment:
-#    "This product includes software developed by the OpenSSL Project
-#    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
-#
-# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
-# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-# PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
-# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-# OF THE POSSIBILITY OF SUCH DAMAGE.
-# ====================================================================
-
-# Perl utility to run PKITS tests for RFC3280 compliance. 
-
-my $ossl_path;
-
-if ( -f "../apps/openssl" ) {
-    $ossl_path = "../util/shlib_wrap.sh ../apps/openssl";
-}
-elsif ( -f "..\\out32dll\\openssl.exe" ) {
-    $ossl_path = "..\\out32dll\\openssl.exe";
-}
-elsif ( -f "..\\out32\\openssl.exe" ) {
-    $ossl_path = "..\\out32\\openssl.exe";
-}
-else {
-    die "Can't find OpenSSL executable";
-}
-
-my $pkitsdir = "pkits/smime";
-my $pkitsta = "pkits/certs/TrustAnchorRootCertificate.crt";
-
-die "Can't find PKITS test data" if !-d $pkitsdir;
-
-my $nist1 = "2.16.840.1.101.3.2.1.48.1";
-my $nist2 = "2.16.840.1.101.3.2.1.48.2";
-my $nist3 = "2.16.840.1.101.3.2.1.48.3";
-my $nist4 = "2.16.840.1.101.3.2.1.48.4";
-my $nist5 = "2.16.840.1.101.3.2.1.48.5";
-my $nist6 = "2.16.840.1.101.3.2.1.48.6";
-
-my $apolicy = "X509v3 Any Policy";
-
-# This table contains the chapter headings of the accompanying PKITS
-# document. They provide useful informational output and their names
-# can be converted into the filename to test.
-
-my @testlists = (
-    [ "4.1", "Signature Verification" ],
-    [ "4.1.1", "Valid Signatures Test1",                        0 ],
-    [ "4.1.2", "Invalid CA Signature Test2",                    7 ],
-    [ "4.1.3", "Invalid EE Signature Test3",                    7 ],
-    [ "4.1.4", "Valid DSA Signatures Test4",                    0 ],
-    [ "4.1.5", "Valid DSA Parameter Inheritance Test5",         0 ],
-    [ "4.1.6", "Invalid DSA Signature Test6",                   7 ],
-    [ "4.2",   "Validity Periods" ],
-    [ "4.2.1", "Invalid CA notBefore Date Test1",               9 ],
-    [ "4.2.2", "Invalid EE notBefore Date Test2",               9 ],
-    [ "4.2.3", "Valid pre2000 UTC notBefore Date Test3",        0 ],
-    [ "4.2.4", "Valid GeneralizedTime notBefore Date Test4",    0 ],
-    [ "4.2.5", "Invalid CA notAfter Date Test5",                10 ],
-    [ "4.2.6", "Invalid EE notAfter Date Test6",                10 ],
-    [ "4.2.7", "Invalid pre2000 UTC EE notAfter Date Test7",    10 ],
-    [ "4.2.8", "Valid GeneralizedTime notAfter Date Test8",     0 ],
-    [ "4.3",   "Verifying Name Chaining" ],
-    [ "4.3.1", "Invalid Name Chaining EE Test1",                20 ],
-    [ "4.3.2", "Invalid Name Chaining Order Test2",             20 ],
-    [ "4.3.3", "Valid Name Chaining Whitespace Test3",          0 ],
-    [ "4.3.4", "Valid Name Chaining Whitespace Test4",          0 ],
-    [ "4.3.5", "Valid Name Chaining Capitalization Test5",      0 ],
-    [ "4.3.6", "Valid Name Chaining UIDs Test6",                0 ],
-    [ "4.3.7", "Valid RFC3280 Mandatory Attribute Types Test7", 0 ],
-    [ "4.3.8", "Valid RFC3280 Optional Attribute Types Test8",  0 ],
-    [ "4.3.9", "Valid UTF8String Encoded Names Test9",          0 ],
-    [ "4.3.10", "Valid Rollover from PrintableString to UTF8String Test10", 0 ],
-    [ "4.3.11", "Valid UTF8String Case Insensitive Match Test11",           0 ],
-    [ "4.4",    "Basic Certificate Revocation Tests" ],
-    [ "4.4.1",  "Missing CRL Test1",                                        3 ],
-    [ "4.4.2", "Invalid Revoked CA Test2",          23 ],
-    [ "4.4.3", "Invalid Revoked EE Test3",          23 ],
-    [ "4.4.4", "Invalid Bad CRL Signature Test4",   8 ],
-    [ "4.4.5", "Invalid Bad CRL Issuer Name Test5", 3 ],
-    [ "4.4.6", "Invalid Wrong CRL Test6",           3 ],
-    [ "4.4.7", "Valid Two CRLs Test7",              0 ],
-
-    # The test document suggests these should return certificate revoked...
-    # Subsquent discussion has concluded they should not due to unhandle
-    # critical CRL extensions.
-    [ "4.4.8", "Invalid Unknown CRL Entry Extension Test8", 36 ],
-    [ "4.4.9", "Invalid Unknown CRL Extension Test9",       36 ],
-
-    [ "4.4.10", "Invalid Unknown CRL Extension Test10",             36 ],
-    [ "4.4.11", "Invalid Old CRL nextUpdate Test11",                12 ],
-    [ "4.4.12", "Invalid pre2000 CRL nextUpdate Test12",            12 ],
-    [ "4.4.13", "Valid GeneralizedTime CRL nextUpdate Test13",      0 ],
-    [ "4.4.14", "Valid Negative Serial Number Test14",              0 ],
-    [ "4.4.15", "Invalid Negative Serial Number Test15",            23 ],
-    [ "4.4.16", "Valid Long Serial Number Test16",                  0 ],
-    [ "4.4.17", "Valid Long Serial Number Test17",                  0 ],
-    [ "4.4.18", "Invalid Long Serial Number Test18",                23 ],
-    [ "4.4.19", "Valid Separate Certificate and CRL Keys Test19",   0 ],
-    [ "4.4.20", "Invalid Separate Certificate and CRL Keys Test20", 23 ],
-
-    # CRL path is revoked so get a CRL path validation error
-    [ "4.4.21", "Invalid Separate Certificate and CRL Keys Test21",      54 ],
-    [ "4.5",    "Verifying Paths with Self-Issued Certificates" ],
-    [ "4.5.1",  "Valid Basic Self-Issued Old With New Test1",            0 ],
-    [ "4.5.2",  "Invalid Basic Self-Issued Old With New Test2",          23 ],
-    [ "4.5.3",  "Valid Basic Self-Issued New With Old Test3",            0 ],
-    [ "4.5.4",  "Valid Basic Self-Issued New With Old Test4",            0 ],
-    [ "4.5.5",  "Invalid Basic Self-Issued New With Old Test5",          23 ],
-    [ "4.5.6",  "Valid Basic Self-Issued CRL Signing Key Test6",         0 ],
-    [ "4.5.7",  "Invalid Basic Self-Issued CRL Signing Key Test7",       23 ],
-    [ "4.5.8",  "Invalid Basic Self-Issued CRL Signing Key Test8",       20 ],
-    [ "4.6",    "Verifying Basic Constraints" ],
-    [ "4.6.1",  "Invalid Missing basicConstraints Test1",                24 ],
-    [ "4.6.2",  "Invalid cA False Test2",                                24 ],
-    [ "4.6.3",  "Invalid cA False Test3",                                24 ],
-    [ "4.6.4",  "Valid basicConstraints Not Critical Test4",             0 ],
-    [ "4.6.5",  "Invalid pathLenConstraint Test5",                       25 ],
-    [ "4.6.6",  "Invalid pathLenConstraint Test6",                       25 ],
-    [ "4.6.7",  "Valid pathLenConstraint Test7",                         0 ],
-    [ "4.6.8",  "Valid pathLenConstraint Test8",                         0 ],
-    [ "4.6.9",  "Invalid pathLenConstraint Test9",                       25 ],
-    [ "4.6.10", "Invalid pathLenConstraint Test10",                      25 ],
-    [ "4.6.11", "Invalid pathLenConstraint Test11",                      25 ],
-    [ "4.6.12", "Invalid pathLenConstraint Test12",                      25 ],
-    [ "4.6.13", "Valid pathLenConstraint Test13",                        0 ],
-    [ "4.6.14", "Valid pathLenConstraint Test14",                        0 ],
-    [ "4.6.15", "Valid Self-Issued pathLenConstraint Test15",            0 ],
-    [ "4.6.16", "Invalid Self-Issued pathLenConstraint Test16",          25 ],
-    [ "4.6.17", "Valid Self-Issued pathLenConstraint Test17",            0 ],
-    [ "4.7",    "Key Usage" ],
-    [ "4.7.1",  "Invalid keyUsage Critical keyCertSign False Test1",     20 ],
-    [ "4.7.2",  "Invalid keyUsage Not Critical keyCertSign False Test2", 20 ],
-    [ "4.7.3",  "Valid keyUsage Not Critical Test3",                     0 ],
-    [ "4.7.4",  "Invalid keyUsage Critical cRLSign False Test4",         35 ],
-    [ "4.7.5",  "Invalid keyUsage Not Critical cRLSign False Test5",     35 ],
-
-    # Certificate policy tests need special handling. They can have several
-    # sub tests and we need to check the outputs are correct.
-
-    [ "4.8", "Certificate Policies" ],
-    [
-        "4.8.1.1",
-        "All Certificates Same Policy Test1",
-        "-policy anyPolicy -explicit_policy",
-        "True", $nist1, $nist1, 0
-    ],
-    [
-        "4.8.1.2",
-        "All Certificates Same Policy Test1",
-        "-policy $nist1 -explicit_policy",
-        "True", $nist1, $nist1, 0
-    ],
-    [
-        "4.8.1.3",
-        "All Certificates Same Policy Test1",
-        "-policy $nist2 -explicit_policy",
-        "True", $nist1, "", 43
-    ],
-    [
-        "4.8.1.4",
-        "All Certificates Same Policy Test1",
-        "-policy $nist1 -policy $nist2 -explicit_policy",
-        "True", $nist1, $nist1, 0
-    ],
-    [
-        "4.8.2.1",
-        "All Certificates No Policies Test2",
-        "-policy anyPolicy",
-        "False", "", "", 0
-    ],
-    [
-        "4.8.2.2",
-        "All Certificates No Policies Test2",
-        "-policy anyPolicy -explicit_policy",
-        "True", "", "", 43
-    ],
-    [
-        "4.8.3.1",
-        "Different Policies Test3",
-        "-policy anyPolicy",
-        "False", "", "", 0
-    ],
-    [
-        "4.8.3.2",
-        "Different Policies Test3",
-        "-policy anyPolicy -explicit_policy",
-        "True", "", "", 43
-    ],
-    [
-        "4.8.3.3",
-        "Different Policies Test3",
-        "-policy $nist1 -policy $nist2 -explicit_policy",
-        "True", "", "", 43
-    ],
-
-    [
-        "4.8.4",
-        "Different Policies Test4",
-        "-policy anyPolicy",
-        "True", "", "", 43
-    ],
-    [
-        "4.8.5",
-        "Different Policies Test5",
-        "-policy anyPolicy",
-        "True", "", "", 43
-    ],
-    [
-        "4.8.6.1",
-        "Overlapping Policies Test6",
-        "-policy anyPolicy",
-        "True", $nist1, $nist1, 0
-    ],
-    [
-        "4.8.6.2",
-        "Overlapping Policies Test6",
-        "-policy $nist1",
-        "True", $nist1, $nist1, 0
-    ],
-    [
-        "4.8.6.3",
-        "Overlapping Policies Test6",
-        "-policy $nist2",
-        "True", $nist1, "", 43
-    ],
-    [
-        "4.8.7",
-        "Different Policies Test7",
-        "-policy anyPolicy",
-        "True", "", "", 43
-    ],
-    [
-        "4.8.8",
-        "Different Policies Test8",
-        "-policy anyPolicy",
-        "True", "", "", 43
-    ],
-    [
-        "4.8.9",
-        "Different Policies Test9",
-        "-policy anyPolicy",
-        "True", "", "", 43
-    ],
-    [
-        "4.8.10.1",
-        "All Certificates Same Policies Test10",
-        "-policy $nist1",
-        "True", "$nist1:$nist2", "$nist1", 0
-    ],
-    [
-        "4.8.10.2",
-        "All Certificates Same Policies Test10",
-        "-policy $nist2",
-        "True", "$nist1:$nist2", "$nist2", 0
-    ],
-    [
-        "4.8.10.3",
-        "All Certificates Same Policies Test10",
-        "-policy anyPolicy",
-        "True", "$nist1:$nist2", "$nist1:$nist2", 0
-    ],
-    [
-        "4.8.11.1",
-        "All Certificates AnyPolicy Test11",
-        "-policy anyPolicy",
-        "True", "$apolicy", "$apolicy", 0
-    ],
-    [
-        "4.8.11.2",
-        "All Certificates AnyPolicy Test11",
-        "-policy $nist1",
-        "True", "$apolicy", "$nist1", 0
-    ],
-    [
-        "4.8.12",
-        "Different Policies Test12",
-        "-policy anyPolicy",
-        "True", "", "", 43
-    ],
-    [
-        "4.8.13.1",
-        "All Certificates Same Policies Test13",
-        "-policy $nist1",
-        "True", "$nist1:$nist2:$nist3", "$nist1", 0
-    ],
-    [
-        "4.8.13.2",
-        "All Certificates Same Policies Test13",
-        "-policy $nist2",
-        "True", "$nist1:$nist2:$nist3", "$nist2", 0
-    ],
-    [
-        "4.8.13.3",
-        "All Certificates Same Policies Test13",
-        "-policy $nist3",
-        "True", "$nist1:$nist2:$nist3", "$nist3", 0
-    ],
-    [
-        "4.8.14.1",       "AnyPolicy Test14",
-        "-policy $nist1", "True",
-        "$nist1",         "$nist1",
-        0
-    ],
-    [
-        "4.8.14.2",       "AnyPolicy Test14",
-        "-policy $nist2", "True",
-        "$nist1",         "",
-        43
-    ],
-    [
-        "4.8.15",
-        "User Notice Qualifier Test15",
-        "-policy anyPolicy",
-        "False", "$nist1", "$nist1", 0
-    ],
-    [
-        "4.8.16",
-        "User Notice Qualifier Test16",
-        "-policy anyPolicy",
-        "False", "$nist1", "$nist1", 0
-    ],
-    [
-        "4.8.17",
-        "User Notice Qualifier Test17",
-        "-policy anyPolicy",
-        "False", "$nist1", "$nist1", 0
-    ],
-    [
-        "4.8.18.1",
-        "User Notice Qualifier Test18",
-        "-policy $nist1",
-        "True", "$nist1:$nist2", "$nist1", 0
-    ],
-    [
-        "4.8.18.2",
-        "User Notice Qualifier Test18",
-        "-policy $nist2",
-        "True", "$nist1:$nist2", "$nist2", 0
-    ],
-    [
-        "4.8.19",
-        "User Notice Qualifier Test19",
-        "-policy anyPolicy",
-        "False", "$nist1", "$nist1", 0
-    ],
-    [
-        "4.8.20",
-        "CPS Pointer Qualifier Test20",
-        "-policy anyPolicy -explicit_policy",
-        "True", "$nist1", "$nist1", 0
-    ],
-    [ "4.9", "Require Explicit Policy" ],
-    [
-        "4.9.1",
-        "Valid RequireExplicitPolicy Test1",
-        "-policy anyPolicy",
-        "False", "", "", 0
-    ],
-    [
-        "4.9.2",
-        "Valid RequireExplicitPolicy Test2",
-        "-policy anyPolicy",
-        "False", "", "", 0
-    ],
-    [
-        "4.9.3",
-        "Invalid RequireExplicitPolicy Test3",
-        "-policy anyPolicy",
-        "True", "", "", 43
-    ],
-    [
-        "4.9.4",
-        "Valid RequireExplicitPolicy Test4",
-        "-policy anyPolicy",
-        "True", "$nist1", "$nist1", 0
-    ],
-    [
-        "4.9.5",
-        "Invalid RequireExplicitPolicy Test5",
-        "-policy anyPolicy",
-        "True", "", "", 43
-    ],
-    [
-        "4.9.6",
-        "Valid Self-Issued requireExplicitPolicy Test6",
-        "-policy anyPolicy",
-        "False", "", "", 0
-    ],
-    [
-        "4.9.7",
-        "Invalid Self-Issued requireExplicitPolicy Test7",
-        "-policy anyPolicy",
-        "True", "", "", 43
-    ],
-    [
-        "4.9.8",
-        "Invalid Self-Issued requireExplicitPolicy Test8",
-        "-policy anyPolicy",
-        "True", "", "", 43
-    ],
-    [ "4.10", "Policy Mappings" ],
-    [
-        "4.10.1.1",
-        "Valid Policy Mapping Test1",
-        "-policy $nist1",
-        "True", "$nist1", "$nist1", 0
-    ],
-    [
-        "4.10.1.2",
-        "Valid Policy Mapping Test1",
-        "-policy $nist2",
-        "True", "$nist1", "", 43
-    ],
-    [
-        "4.10.1.3",
-        "Valid Policy Mapping Test1",
-        "-policy anyPolicy -inhibit_map",
-        "True", "", "", 43
-    ],
-    [
-        "4.10.2.1",
-        "Invalid Policy Mapping Test2",
-        "-policy anyPolicy",
-        "True", "", "", 43
-    ],
-    [
-        "4.10.2.2",
-        "Invalid Policy Mapping Test2",
-        "-policy anyPolicy -inhibit_map",
-        "True", "", "", 43
-    ],
-    [
-        "4.10.3.1",
-        "Valid Policy Mapping Test3",
-        "-policy $nist1",
-        "True", "$nist2", "", 43
-    ],
-    [
-        "4.10.3.2",
-        "Valid Policy Mapping Test3",
-        "-policy $nist2",
-        "True", "$nist2", "$nist2", 0
-    ],
-    [
-        "4.10.4",
-        "Invalid Policy Mapping Test4",
-        "-policy anyPolicy",
-        "True", "", "", 43
-    ],
-    [
-        "4.10.5.1",
-        "Valid Policy Mapping Test5",
-        "-policy $nist1",
-        "True", "$nist1", "$nist1", 0
-    ],
-    [
-        "4.10.5.2",
-        "Valid Policy Mapping Test5",
-        "-policy $nist6",
-        "True", "$nist1", "", 43
-    ],
-    [
-        "4.10.6.1",
-        "Valid Policy Mapping Test6",
-        "-policy $nist1",
-        "True", "$nist1", "$nist1", 0
-    ],
-    [
-        "4.10.6.2",
-        "Valid Policy Mapping Test6",
-        "-policy $nist6",
-        "True", "$nist1", "", 43
-    ],
-    [ "4.10.7", "Invalid Mapping From anyPolicy Test7", 42 ],
-    [ "4.10.8", "Invalid Mapping To anyPolicy Test8",   42 ],
-    [
-        "4.10.9",
-        "Valid Policy Mapping Test9",
-        "-policy anyPolicy",
-        "True", "$nist1", "$nist1", 0
-    ],
-    [
-        "4.10.10",
-        "Invalid Policy Mapping Test10",
-        "-policy anyPolicy",
-        "True", "", "", 43
-    ],
-    [
-        "4.10.11",
-        "Valid Policy Mapping Test11",
-        "-policy anyPolicy",
-        "True", "$nist1", "$nist1", 0
-    ],
-
-    # TODO: check notice display
-    [
-        "4.10.12.1",
-        "Valid Policy Mapping Test12",
-        "-policy $nist1",
-        "True", "$nist1:$nist2", "$nist1", 0
-    ],
-
-    # TODO: check notice display
-    [
-        "4.10.12.2",
-        "Valid Policy Mapping Test12",
-        "-policy $nist2",
-        "True", "$nist1:$nist2", "$nist2", 0
-    ],
-    [
-        "4.10.13",
-        "Valid Policy Mapping Test13",
-        "-policy anyPolicy",
-        "True", "$nist1", "$nist1", 0
-    ],
-
-    # TODO: check notice display
-    [
-        "4.10.14",
-        "Valid Policy Mapping Test14",
-        "-policy anyPolicy",
-        "True", "$nist1", "$nist1", 0
-    ],
-    [ "4.11", "Inhibit Policy Mapping" ],
-    [
-        "4.11.1",
-        "Invalid inhibitPolicyMapping Test1",
-        "-policy anyPolicy",
-        "True", "", "", 43
-    ],
-    [
-        "4.11.2",
-        "Valid inhibitPolicyMapping Test2",
-        "-policy anyPolicy",
-        "True", "$nist1", "$nist1", 0
-    ],
-    [
-        "4.11.3",
-        "Invalid inhibitPolicyMapping Test3",
-        "-policy anyPolicy",
-        "True", "", "", 43
-    ],
-    [
-        "4.11.4",
-        "Valid inhibitPolicyMapping Test4",
-        "-policy anyPolicy",
-        "True", "$nist2", "$nist2", 0
-    ],
-    [
-        "4.11.5",
-        "Invalid inhibitPolicyMapping Test5",
-        "-policy anyPolicy",
-        "True", "", "", 43
-    ],
-    [
-        "4.11.6",
-        "Invalid inhibitPolicyMapping Test6",
-        "-policy anyPolicy",
-        "True", "", "", 43
-    ],
-    [
-        "4.11.7",
-        "Valid Self-Issued inhibitPolicyMapping Test7",
-        "-policy anyPolicy",
-        "True", "$nist1", "$nist1", 0
-    ],
-    [
-        "4.11.8",
-        "Invalid Self-Issued inhibitPolicyMapping Test8",
-        "-policy anyPolicy",
-        "True", "", "", 43
-    ],
-    [
-        "4.11.9",
-        "Invalid Self-Issued inhibitPolicyMapping Test9",
-        "-policy anyPolicy",
-        "True", "", "", 43
-    ],
-    [
-        "4.11.10",
-        "Invalid Self-Issued inhibitPolicyMapping Test10",
-        "-policy anyPolicy",
-        "True", "", "", 43
-    ],
-    [
-        "4.11.11",
-        "Invalid Self-Issued inhibitPolicyMapping Test11",
-        "-policy anyPolicy",
-        "True", "", "", 43
-    ],
-    [ "4.12", "Inhibit Any Policy" ],
-    [
-        "4.12.1",
-        "Invalid inhibitAnyPolicy Test1",
-        "-policy anyPolicy",
-        "True", "", "", 43
-    ],
-    [
-        "4.12.2",
-        "Valid inhibitAnyPolicy Test2",
-        "-policy anyPolicy",
-        "True", "$nist1", "$nist1", 0
-    ],
-    [
-        "4.12.3.1",
-        "inhibitAnyPolicy Test3",
-        "-policy anyPolicy",
-        "True", "$nist1", "$nist1", 0
-    ],
-    [
-        "4.12.3.2",
-        "inhibitAnyPolicy Test3",
-        "-policy anyPolicy -inhibit_any",
-        "True", "", "", 43
-    ],
-    [
-        "4.12.4",
-        "Invalid inhibitAnyPolicy Test4",
-        "-policy anyPolicy",
-        "True", "", "", 43
-    ],
-    [
-        "4.12.5",
-        "Invalid inhibitAnyPolicy Test5",
-        "-policy anyPolicy",
-        "True", "", "", 43
-    ],
-    [
-        "4.12.6",
-        "Invalid inhibitAnyPolicy Test6",
-        "-policy anyPolicy",
-        "True", "", "", 43
-    ],
-    [ "4.12.7",  "Valid Self-Issued inhibitAnyPolicy Test7",      0 ],
-    [ "4.12.8",  "Invalid Self-Issued inhibitAnyPolicy Test8",    43 ],
-    [ "4.12.9",  "Valid Self-Issued inhibitAnyPolicy Test9",      0 ],
-    [ "4.12.10", "Invalid Self-Issued inhibitAnyPolicy Test10",   43 ],
-    [ "4.13",    "Name Constraints" ],
-    [ "4.13.1",  "Valid DN nameConstraints Test1",                0 ],
-    [ "4.13.2",  "Invalid DN nameConstraints Test2",              47 ],
-    [ "4.13.3",  "Invalid DN nameConstraints Test3",              47 ],
-    [ "4.13.4",  "Valid DN nameConstraints Test4",                0 ],
-    [ "4.13.5",  "Valid DN nameConstraints Test5",                0 ],
-    [ "4.13.6",  "Valid DN nameConstraints Test6",                0 ],
-    [ "4.13.7",  "Invalid DN nameConstraints Test7",              48 ],
-    [ "4.13.8",  "Invalid DN nameConstraints Test8",              48 ],
-    [ "4.13.9",  "Invalid DN nameConstraints Test9",              48 ],
-    [ "4.13.10", "Invalid DN nameConstraints Test10",             48 ],
-    [ "4.13.11", "Valid DN nameConstraints Test11",               0 ],
-    [ "4.13.12", "Invalid DN nameConstraints Test12",             47 ],
-    [ "4.13.13", "Invalid DN nameConstraints Test13",             47 ],
-    [ "4.13.14", "Valid DN nameConstraints Test14",               0 ],
-    [ "4.13.15", "Invalid DN nameConstraints Test15",             48 ],
-    [ "4.13.16", "Invalid DN nameConstraints Test16",             48 ],
-    [ "4.13.17", "Invalid DN nameConstraints Test17",             48 ],
-    [ "4.13.18", "Valid DN nameConstraints Test18",               0 ],
-    [ "4.13.19", "Valid Self-Issued DN nameConstraints Test19",   0 ],
-    [ "4.13.20", "Invalid Self-Issued DN nameConstraints Test20", 47 ],
-    [ "4.13.21", "Valid RFC822 nameConstraints Test21",           0 ],
-    [ "4.13.22", "Invalid RFC822 nameConstraints Test22",         47 ],
-    [ "4.13.23", "Valid RFC822 nameConstraints Test23",           0 ],
-    [ "4.13.24", "Invalid RFC822 nameConstraints Test24",         47 ],
-    [ "4.13.25", "Valid RFC822 nameConstraints Test25",           0 ],
-    [ "4.13.26", "Invalid RFC822 nameConstraints Test26",         48 ],
-    [ "4.13.27", "Valid DN and RFC822 nameConstraints Test27",    0 ],
-    [ "4.13.28", "Invalid DN and RFC822 nameConstraints Test28",  47 ],
-    [ "4.13.29", "Invalid DN and RFC822 nameConstraints Test29",  47 ],
-    [ "4.13.30", "Valid DNS nameConstraints Test30",              0 ],
-    [ "4.13.31", "Invalid DNS nameConstraints Test31",            47 ],
-    [ "4.13.32", "Valid DNS nameConstraints Test32",              0 ],
-    [ "4.13.33", "Invalid DNS nameConstraints Test33",            48 ],
-    [ "4.13.34", "Valid URI nameConstraints Test34",              0 ],
-    [ "4.13.35", "Invalid URI nameConstraints Test35",            47 ],
-    [ "4.13.36", "Valid URI nameConstraints Test36",              0 ],
-    [ "4.13.37", "Invalid URI nameConstraints Test37",            48 ],
-    [ "4.13.38", "Invalid DNS nameConstraints Test38",            47 ],
-    [ "4.14",    "Distribution Points" ],
-    [ "4.14.1",  "Valid distributionPoint Test1",                 0 ],
-    [ "4.14.2",  "Invalid distributionPoint Test2",               23 ],
-    [ "4.14.3",  "Invalid distributionPoint Test3",               44 ],
-    [ "4.14.4",  "Valid distributionPoint Test4",                 0 ],
-    [ "4.14.5",  "Valid distributionPoint Test5",                 0 ],
-    [ "4.14.6",  "Invalid distributionPoint Test6",               23 ],
-    [ "4.14.7",  "Valid distributionPoint Test7",                 0 ],
-    [ "4.14.8",  "Invalid distributionPoint Test8",               44 ],
-    [ "4.14.9",  "Invalid distributionPoint Test9",               44 ],
-    [ "4.14.10", "Valid No issuingDistributionPoint Test10",      0 ],
-    [ "4.14.11", "Invalid onlyContainsUserCerts CRL Test11",      44 ],
-    [ "4.14.12", "Invalid onlyContainsCACerts CRL Test12",        44 ],
-    [ "4.14.13", "Valid onlyContainsCACerts CRL Test13",          0 ],
-    [ "4.14.14", "Invalid onlyContainsAttributeCerts Test14",     44 ],
-    [ "4.14.15", "Invalid onlySomeReasons Test15",                23 ],
-    [ "4.14.16", "Invalid onlySomeReasons Test16",                23 ],
-    [ "4.14.17", "Invalid onlySomeReasons Test17",                3 ],
-    [ "4.14.18", "Valid onlySomeReasons Test18",                  0 ],
-    [ "4.14.19", "Valid onlySomeReasons Test19",                  0 ],
-    [ "4.14.20", "Invalid onlySomeReasons Test20",                23 ],
-    [ "4.14.21", "Invalid onlySomeReasons Test21",                23 ],
-    [ "4.14.22", "Valid IDP with indirectCRL Test22",             0 ],
-    [ "4.14.23", "Invalid IDP with indirectCRL Test23",           23 ],
-    [ "4.14.24", "Valid IDP with indirectCRL Test24",             0 ],
-    [ "4.14.25", "Valid IDP with indirectCRL Test25",             0 ],
-    [ "4.14.26", "Invalid IDP with indirectCRL Test26",           44 ],
-    [ "4.14.27", "Invalid cRLIssuer Test27",                      3 ],
-    [ "4.14.28", "Valid cRLIssuer Test28",                        0 ],
-    [ "4.14.29", "Valid cRLIssuer Test29",                        0 ],
-
-    # Although this test is valid it has a circular dependency. As a result
-    # an attempt is made to reursively checks a CRL path and rejected due to
-    # a CRL path validation error. PKITS notes suggest this test does not
-    # need to be run due to this issue.
-    [ "4.14.30", "Valid cRLIssuer Test30",                                 54 ],
-    [ "4.14.31", "Invalid cRLIssuer Test31",                               23 ],
-    [ "4.14.32", "Invalid cRLIssuer Test32",                               23 ],
-    [ "4.14.33", "Valid cRLIssuer Test33",                                 0 ],
-    [ "4.14.34", "Invalid cRLIssuer Test34",                               23 ],
-    [ "4.14.35", "Invalid cRLIssuer Test35",                               44 ],
-    [ "4.15",    "Delta-CRLs" ],
-    [ "4.15.1",  "Invalid deltaCRLIndicator No Base Test1",                3 ],
-    [ "4.15.2",  "Valid delta-CRL Test2",                                  0 ],
-    [ "4.15.3",  "Invalid delta-CRL Test3",                                23 ],
-    [ "4.15.4",  "Invalid delta-CRL Test4",                                23 ],
-    [ "4.15.5",  "Valid delta-CRL Test5",                                  0 ],
-    [ "4.15.6",  "Invalid delta-CRL Test6",                                23 ],
-    [ "4.15.7",  "Valid delta-CRL Test7",                                  0 ],
-    [ "4.15.8",  "Valid delta-CRL Test8",                                  0 ],
-    [ "4.15.9",  "Invalid delta-CRL Test9",                                23 ],
-    [ "4.15.10", "Invalid delta-CRL Test10",                               12 ],
-    [ "4.16",    "Private Certificate Extensions" ],
-    [ "4.16.1",  "Valid Unknown Not Critical Certificate Extension Test1", 0 ],
-    [ "4.16.2",  "Invalid Unknown Critical Certificate Extension Test2",   34 ],
-);
-
-
-my $verbose = 1;
-
-my $numtest = 0;
-my $numfail = 0;
-
-my $ossl = "ossl/apps/openssl";
-
-my $ossl_cmd = "$ossl_path cms -verify -verify_retcode ";
-$ossl_cmd .= "-CAfile pkitsta.pem -crl_check_all -x509_strict ";
-$ossl_cmd .= "-policy_check -extended_crl -use_deltas -out /dev/null 2>&1 ";
-
-system "$ossl_path x509 -inform DER -in $pkitsta -out pkitsta.pem";
-
-die "Can't create trust anchor file" if $?;
-
-print "Running PKITS tests:\n" if $verbose;
-
-foreach (@testlists) {
-    my $argnum = @$_;
-    if ( $argnum == 2 ) {
-        my ( $tnum, $title ) = @$_;
-        print "$tnum $title\n" if $verbose;
-    }
-    elsif ( $argnum == 3 ) {
-        my ( $tnum, $title, $exp_ret ) = @$_;
-        my $filename = $title;
-        $exp_ret += 32 if $exp_ret;
-        $filename =~ tr/ -//d;
-        $filename = "Signed${filename}.eml";
-        if ( !-f "$pkitsdir/$filename" ) {
-            print "\"$filename\" not found\n";
-        }
-        else {
-            my $ret;
-            my $test_fail = 0;
-            my $errmsg    = "";
-            my $cmd       = $ossl_cmd;
-            $cmd .= "-in $pkitsdir/$filename -policy anyPolicy";
-            my $cmdout = `$cmd`;
-            $ret = $? >> 8;
-            if ( $? & 0xff ) {
-                $errmsg .= "Abnormal OpenSSL termination\n";
-                $test_fail = 1;
-            }
-            if ( $exp_ret != $ret ) {
-                $errmsg .= "Return code:$ret, ";
-                $errmsg .= "expected $exp_ret\n";
-                $test_fail = 1;
-            }
-            if ($test_fail) {
-                print "$tnum $title : Failed!\n";
-                print "Filename: $pkitsdir/$filename\n";
-                print $errmsg;
-                print "Command output:\n$cmdout\n";
-                $numfail++;
-            }
-            $numtest++;
-        }
-    }
-    elsif ( $argnum == 7 ) {
-        my ( $tnum, $title, $exargs, $exp_epol, $exp_aset, $exp_uset, $exp_ret )
-          = @$_;
-        my $filename = $title;
-        $exp_ret += 32 if $exp_ret;
-        $filename =~ tr/ -//d;
-        $filename = "Signed${filename}.eml";
-        if ( !-f "$pkitsdir/$filename" ) {
-            print "\"$filename\" not found\n";
-        }
-        else {
-            my $ret;
-            my $cmdout    = "";
-            my $errmsg    = "";
-            my $epol      = "";
-            my $aset      = "";
-            my $uset      = "";
-            my $pol       = -1;
-            my $test_fail = 0;
-            my $cmd       = $ossl_cmd;
-            $cmd .= "-in $pkitsdir/$filename $exargs -policy_print";
-            @oparr = `$cmd`;
-            $ret   = $? >> 8;
-
-            if ( $? & 0xff ) {
-                $errmsg .= "Abnormal OpenSSL termination\n";
-                $test_fail = 1;
-            }
-            foreach (@oparr) {
-                my $test_failed = 0;
-                $cmdout .= $_;
-                if (/^Require explicit Policy: (.*)$/) {
-                    $epol = $1;
-                }
-                if (/^Authority Policies/) {
-                    if (/empty/) {
-                        $aset = "";
-                    }
-                    else {
-                        $pol = 1;
-                    }
-                }
-                $test_fail = 1 if (/leak/i);
-                if (/^User Policies/) {
-                    if (/empty/) {
-                        $uset = "";
-                    }
-                    else {
-                        $pol = 2;
-                    }
-                }
-                if (/\s+Policy: (.*)$/) {
-                    if ( $pol == 1 ) {
-                        $aset .= ":" if $aset ne "";
-                        $aset .= $1;
-                    }
-                    elsif ( $pol == 2 ) {
-                        $uset .= ":" if $uset ne "";
-                        $uset .= $1;
-                    }
-                }
-            }
-
-            if ( $epol ne $exp_epol ) {
-                $errmsg .= "Explicit policy:$epol, ";
-                $errmsg .= "expected $exp_epol\n";
-                $test_fail = 1;
-            }
-            if ( $aset ne $exp_aset ) {
-                $errmsg .= "Authority policy set :$aset, ";
-                $errmsg .= "expected $exp_aset\n";
-                $test_fail = 1;
-            }
-            if ( $uset ne $exp_uset ) {
-                $errmsg .= "User policy set :$uset, ";
-                $errmsg .= "expected $exp_uset\n";
-                $test_fail = 1;
-            }
-
-            if ( $exp_ret != $ret ) {
-                print "Return code:$ret, expected $exp_ret\n";
-                $test_fail = 1;
-            }
-
-            if ($test_fail) {
-                print "$tnum $title : Failed!\n";
-                print "Filename: $pkitsdir/$filename\n";
-                print "Command output:\n$cmdout\n";
-                $numfail++;
-            }
-            $numtest++;
-        }
-    }
-}
-
-if ($numfail) {
-    print "$numfail tests failed out of $numtest\n";
-}
-else {
-    print "All Tests Successful.\n";
-}
-
-unlink "pkitsta.pem";
-
diff --git a/deps/openssl/openssl/test/r160test.c b/deps/openssl/openssl/test/r160test.c
deleted file mode 100644
index a172e393cab..00000000000
--- a/deps/openssl/openssl/test/r160test.c
+++ /dev/null
@@ -1,57 +0,0 @@
-/* test/r160test.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
diff --git a/deps/openssl/openssl/test/randtest.c b/deps/openssl/openssl/test/randtest.c
deleted file mode 120000
index a2b107a2b0e..00000000000
--- a/deps/openssl/openssl/test/randtest.c
+++ /dev/null
@@ -1 +0,0 @@
-../crypto/rand/randtest.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/rc2test.c b/deps/openssl/openssl/test/rc2test.c
deleted file mode 120000
index 5c53ad984a4..00000000000
--- a/deps/openssl/openssl/test/rc2test.c
+++ /dev/null
@@ -1 +0,0 @@
-../crypto/rc2/rc2test.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/rc4test.c b/deps/openssl/openssl/test/rc4test.c
deleted file mode 120000
index 061ac377344..00000000000
--- a/deps/openssl/openssl/test/rc4test.c
+++ /dev/null
@@ -1 +0,0 @@
-../crypto/rc4/rc4test.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/rc5test.c b/deps/openssl/openssl/test/rc5test.c
deleted file mode 120000
index 49f44f8b69e..00000000000
--- a/deps/openssl/openssl/test/rc5test.c
+++ /dev/null
@@ -1 +0,0 @@
-dummytest.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/rmdtest.c b/deps/openssl/openssl/test/rmdtest.c
deleted file mode 120000
index ce66460654d..00000000000
--- a/deps/openssl/openssl/test/rmdtest.c
+++ /dev/null
@@ -1 +0,0 @@
-../crypto/ripemd/rmdtest.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/rsa_test.c b/deps/openssl/openssl/test/rsa_test.c
deleted file mode 120000
index aaea20d98ba..00000000000
--- a/deps/openssl/openssl/test/rsa_test.c
+++ /dev/null
@@ -1 +0,0 @@
-../crypto/rsa/rsa_test.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/sha1test.c b/deps/openssl/openssl/test/sha1test.c
deleted file mode 120000
index 8d66e9ee4c2..00000000000
--- a/deps/openssl/openssl/test/sha1test.c
+++ /dev/null
@@ -1 +0,0 @@
-../crypto/sha/sha1test.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/sha256t.c b/deps/openssl/openssl/test/sha256t.c
deleted file mode 120000
index 952a5086766..00000000000
--- a/deps/openssl/openssl/test/sha256t.c
+++ /dev/null
@@ -1 +0,0 @@
-../crypto/sha/sha256t.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/sha512t.c b/deps/openssl/openssl/test/sha512t.c
deleted file mode 120000
index c80d152f1ba..00000000000
--- a/deps/openssl/openssl/test/sha512t.c
+++ /dev/null
@@ -1 +0,0 @@
-../crypto/sha/sha512t.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/shatest.c b/deps/openssl/openssl/test/shatest.c
deleted file mode 120000
index 43cfda78fbf..00000000000
--- a/deps/openssl/openssl/test/shatest.c
+++ /dev/null
@@ -1 +0,0 @@
-../crypto/sha/shatest.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/smcont.txt b/deps/openssl/openssl/test/smcont.txt
deleted file mode 100644
index e837c0b75b6..00000000000
--- a/deps/openssl/openssl/test/smcont.txt
+++ /dev/null
@@ -1 +0,0 @@
-Some test content for OpenSSL CMS
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/smime-certs/smdsa1.pem b/deps/openssl/openssl/test/smime-certs/smdsa1.pem
deleted file mode 100644
index d5677dbfbec..00000000000
--- a/deps/openssl/openssl/test/smime-certs/smdsa1.pem
+++ /dev/null
@@ -1,34 +0,0 @@
------BEGIN DSA PRIVATE KEY-----
-MIIBuwIBAAKBgQDFJfsIPOIawMO5biw+AoYUhNVxReBOLQosU3Qv4B8krac0BNr3
-OjSGLh1wZxHqhlAE0QmasTaKojuk20nNWeFnczSz6vDl0IVJEhS8VYor5kt9gLqt
-GcoAgsf4gRDIutJyQDaNn3IVY89uXUVIoexvQeLQDBCgQPC5O8rJdqBwtwIVAK2J
-jt+dqk07eQUE59koYUEKyNorAoGBAI4IEpusf8G14kCHmRtnHXM2tG5EWJDmW6Qt
-wjqvWp1GKUx5WFy1tVWR9nl5rL0Di+kNdENo+SkKj7h3uDulGOI6T0mQYbV2h1IK
-+FMOGnOqvZ8eNTE2n4PGTo5puZ63LBm+QYrQsrNiUY4vakLFQ2rEK/SLwdsDFK4Z
-SJCBQw5zAoGATQlPPF+OeU8nu3rsdXGDiZdJzOkuCce3KQfTABA9C+Dk4CVcvBdd
-YRLGpnykumkNTO1sTO+4/Gphsuje1ujK9td4UEhdYqylCe5QjEMrszDlJtelDQF9
-C0yhdjKGTP0kxofLhsGckcuQvcKEKffT2pDDKJIy4vWQO0UyJl1vjLcCFG2uiGGx
-9fMUZq1v0ePD4Wo0Xkxo
------END DSA PRIVATE KEY-----
------BEGIN CERTIFICATE-----
-MIIDpDCCAw2gAwIBAgIJAMtotfHYdEsWMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
-BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
-TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDlaFw0xNjA1MTAxMzUzMDlaMEUx
-CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
-ZXN0IFMvTUlNRSBFRSBEU0EgIzEwggG3MIIBLAYHKoZIzjgEATCCAR8CgYEAxSX7
-CDziGsDDuW4sPgKGFITVcUXgTi0KLFN0L+AfJK2nNATa9zo0hi4dcGcR6oZQBNEJ
-mrE2iqI7pNtJzVnhZ3M0s+rw5dCFSRIUvFWKK+ZLfYC6rRnKAILH+IEQyLrSckA2
-jZ9yFWPPbl1FSKHsb0Hi0AwQoEDwuTvKyXagcLcCFQCtiY7fnapNO3kFBOfZKGFB
-CsjaKwKBgQCOCBKbrH/BteJAh5kbZx1zNrRuRFiQ5lukLcI6r1qdRilMeVhctbVV
-kfZ5eay9A4vpDXRDaPkpCo+4d7g7pRjiOk9JkGG1dodSCvhTDhpzqr2fHjUxNp+D
-xk6OabmetywZvkGK0LKzYlGOL2pCxUNqxCv0i8HbAxSuGUiQgUMOcwOBhAACgYBN
-CU88X455Tye7eux1cYOJl0nM6S4Jx7cpB9MAED0L4OTgJVy8F11hEsamfKS6aQ1M
-7WxM77j8amGy6N7W6Mr213hQSF1irKUJ7lCMQyuzMOUm16UNAX0LTKF2MoZM/STG
-h8uGwZyRy5C9woQp99PakMMokjLi9ZA7RTImXW+Mt6OBgzCBgDAdBgNVHQ4EFgQU
-4Qfbhpi5yqXaXuCLXj427mR25MkwHwYDVR0jBBgwFoAUE89Lp7uJLrM4Vxd2xput
-aFvl7RcwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBsAwIAYDVR0RBBkwF4EV
-c21pbWVkc2ExQG9wZW5zc2wub3JnMA0GCSqGSIb3DQEBBQUAA4GBAFrdUzKK1pWO
-kd02S423KUBc4GWWyiGlVoEO7WxVhHLJ8sm67X7OtJOwe0UGt+Nc5qLtyJYSirw8
-phjiTdNpQCTJ8+Kc56tWkJ6H7NAI4vTJtPL5BM/EmeYrVSU9JI9xhqpyKw9IBD+n
-hRJ79W9FaiJRvaAOX+TkyTukJrxAWRyv
------END CERTIFICATE-----
diff --git a/deps/openssl/openssl/test/smime-certs/smdsa2.pem b/deps/openssl/openssl/test/smime-certs/smdsa2.pem
deleted file mode 100644
index ef86c115d7f..00000000000
--- a/deps/openssl/openssl/test/smime-certs/smdsa2.pem
+++ /dev/null
@@ -1,34 +0,0 @@
------BEGIN DSA PRIVATE KEY-----
-MIIBvAIBAAKBgQDFJfsIPOIawMO5biw+AoYUhNVxReBOLQosU3Qv4B8krac0BNr3
-OjSGLh1wZxHqhlAE0QmasTaKojuk20nNWeFnczSz6vDl0IVJEhS8VYor5kt9gLqt
-GcoAgsf4gRDIutJyQDaNn3IVY89uXUVIoexvQeLQDBCgQPC5O8rJdqBwtwIVAK2J
-jt+dqk07eQUE59koYUEKyNorAoGBAI4IEpusf8G14kCHmRtnHXM2tG5EWJDmW6Qt
-wjqvWp1GKUx5WFy1tVWR9nl5rL0Di+kNdENo+SkKj7h3uDulGOI6T0mQYbV2h1IK
-+FMOGnOqvZ8eNTE2n4PGTo5puZ63LBm+QYrQsrNiUY4vakLFQ2rEK/SLwdsDFK4Z
-SJCBQw5zAoGBAIPmO8BtJ+Yac58trrPwq9b/6VW3jQTWzTLWSH84/QQdqQa+Pz3v
-It/+hHM0daNF5uls8ICsPL1aLXmRx0pHvIyb0aAzYae4T4Jv/COPDMTdKbA1uitJ
-VbkGZrm+LIrs7I9lOkb4T0vI6kL/XdOCXY1469zsqCgJ/O2ibn6mq0nWAhR716o2
-Nf8SimTZYB0/CKje6M5ufA==
------END DSA PRIVATE KEY-----
------BEGIN CERTIFICATE-----
-MIIDpTCCAw6gAwIBAgIJAMtotfHYdEsXMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
-BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
-TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDlaFw0xNjA1MTAxMzUzMDlaMEUx
-CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
-ZXN0IFMvTUlNRSBFRSBEU0EgIzIwggG4MIIBLAYHKoZIzjgEATCCAR8CgYEAxSX7
-CDziGsDDuW4sPgKGFITVcUXgTi0KLFN0L+AfJK2nNATa9zo0hi4dcGcR6oZQBNEJ
-mrE2iqI7pNtJzVnhZ3M0s+rw5dCFSRIUvFWKK+ZLfYC6rRnKAILH+IEQyLrSckA2
-jZ9yFWPPbl1FSKHsb0Hi0AwQoEDwuTvKyXagcLcCFQCtiY7fnapNO3kFBOfZKGFB
-CsjaKwKBgQCOCBKbrH/BteJAh5kbZx1zNrRuRFiQ5lukLcI6r1qdRilMeVhctbVV
-kfZ5eay9A4vpDXRDaPkpCo+4d7g7pRjiOk9JkGG1dodSCvhTDhpzqr2fHjUxNp+D
-xk6OabmetywZvkGK0LKzYlGOL2pCxUNqxCv0i8HbAxSuGUiQgUMOcwOBhQACgYEA
-g+Y7wG0n5hpzny2us/Cr1v/pVbeNBNbNMtZIfzj9BB2pBr4/Pe8i3/6EczR1o0Xm
-6WzwgKw8vVoteZHHSke8jJvRoDNhp7hPgm/8I48MxN0psDW6K0lVuQZmub4siuzs
-j2U6RvhPS8jqQv9d04JdjXjr3OyoKAn87aJufqarSdajgYMwgYAwHQYDVR0OBBYE
-FHsAGNfVltSYUq4hC+YVYwsYtA+dMB8GA1UdIwQYMBaAFBPPS6e7iS6zOFcXdsab
-rWhb5e0XMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgbAMCAGA1UdEQQZMBeB
-FXNtaW1lZHNhMkBvcGVuc3NsLm9yZzANBgkqhkiG9w0BAQUFAAOBgQCx9BtCbaYF
-FXjLClkuKXbESaDZA1biPgY25i00FsUzARuhCpqD2v+0tu5c33ZzIhL6xlvBRU5l
-6Atw/xpZhae+hdBEtxPJoGekLLrHOau7Md3XwDjV4lFgcEJkWZoaSOOIK+4D5jF0
-jZWtHjnwEzuLYlo7ScHSsbcQfjH0M1TP5A==
------END CERTIFICATE-----
diff --git a/deps/openssl/openssl/test/smime-certs/smdsa3.pem b/deps/openssl/openssl/test/smime-certs/smdsa3.pem
deleted file mode 100644
index eeb848dabc5..00000000000
--- a/deps/openssl/openssl/test/smime-certs/smdsa3.pem
+++ /dev/null
@@ -1,34 +0,0 @@
------BEGIN DSA PRIVATE KEY-----
-MIIBvAIBAAKBgQDFJfsIPOIawMO5biw+AoYUhNVxReBOLQosU3Qv4B8krac0BNr3
-OjSGLh1wZxHqhlAE0QmasTaKojuk20nNWeFnczSz6vDl0IVJEhS8VYor5kt9gLqt
-GcoAgsf4gRDIutJyQDaNn3IVY89uXUVIoexvQeLQDBCgQPC5O8rJdqBwtwIVAK2J
-jt+dqk07eQUE59koYUEKyNorAoGBAI4IEpusf8G14kCHmRtnHXM2tG5EWJDmW6Qt
-wjqvWp1GKUx5WFy1tVWR9nl5rL0Di+kNdENo+SkKj7h3uDulGOI6T0mQYbV2h1IK
-+FMOGnOqvZ8eNTE2n4PGTo5puZ63LBm+QYrQsrNiUY4vakLFQ2rEK/SLwdsDFK4Z
-SJCBQw5zAoGAYzOpPmh8Je1IDauEXhgaLz14wqYUHHcrj2VWVJ6fRm8GhdQFJSI7
-GUk08pgKZSKic2lNqxuzW7/vFxKQ/nvzfytY16b+2i+BR4Q6yvMzCebE1hHVg0Ju
-TwfUMwoFEOhYP6ZwHSUiQl9IBMH9TNJCMwYMxfY+VOrURFsjGTRUgpwCFQCIGt5g
-Y+XZd0Sv69CatDIRYWvaIA==
------END DSA PRIVATE KEY-----
------BEGIN CERTIFICATE-----
-MIIDpDCCAw2gAwIBAgIJAMtotfHYdEsYMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
-BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
-TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDlaFw0xNjA1MTAxMzUzMDlaMEUx
-CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
-ZXN0IFMvTUlNRSBFRSBEU0EgIzMwggG3MIIBLAYHKoZIzjgEATCCAR8CgYEAxSX7
-CDziGsDDuW4sPgKGFITVcUXgTi0KLFN0L+AfJK2nNATa9zo0hi4dcGcR6oZQBNEJ
-mrE2iqI7pNtJzVnhZ3M0s+rw5dCFSRIUvFWKK+ZLfYC6rRnKAILH+IEQyLrSckA2
-jZ9yFWPPbl1FSKHsb0Hi0AwQoEDwuTvKyXagcLcCFQCtiY7fnapNO3kFBOfZKGFB
-CsjaKwKBgQCOCBKbrH/BteJAh5kbZx1zNrRuRFiQ5lukLcI6r1qdRilMeVhctbVV
-kfZ5eay9A4vpDXRDaPkpCo+4d7g7pRjiOk9JkGG1dodSCvhTDhpzqr2fHjUxNp+D
-xk6OabmetywZvkGK0LKzYlGOL2pCxUNqxCv0i8HbAxSuGUiQgUMOcwOBhAACgYBj
-M6k+aHwl7UgNq4ReGBovPXjCphQcdyuPZVZUnp9GbwaF1AUlIjsZSTTymAplIqJz
-aU2rG7Nbv+8XEpD+e/N/K1jXpv7aL4FHhDrK8zMJ5sTWEdWDQm5PB9QzCgUQ6Fg/
-pnAdJSJCX0gEwf1M0kIzBgzF9j5U6tREWyMZNFSCnKOBgzCBgDAdBgNVHQ4EFgQU
-VhpVXqQ/EzUMdxLvP7o9EhJ8h70wHwYDVR0jBBgwFoAUE89Lp7uJLrM4Vxd2xput
-aFvl7RcwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBsAwIAYDVR0RBBkwF4EV
-c21pbWVkc2EzQG9wZW5zc2wub3JnMA0GCSqGSIb3DQEBBQUAA4GBACM9e75EQa8m
-k/AZkH/tROqf3yeqijULl9x8FjFatqoY+29OM6oMGM425IqSkKd2ipz7OxO0SShu
-rE0O3edS7DvYBwvhWPviRaYBMyZ4iFJVup+fOzoYK/j/bASxS3BHQBwb2r4rhe25
-OlTyyFEk7DJyW18YFOG97S1P52oQ5f5x
------END CERTIFICATE-----
diff --git a/deps/openssl/openssl/test/smime-certs/smdsap.pem b/deps/openssl/openssl/test/smime-certs/smdsap.pem
deleted file mode 100644
index 249706c8c77..00000000000
--- a/deps/openssl/openssl/test/smime-certs/smdsap.pem
+++ /dev/null
@@ -1,9 +0,0 @@
------BEGIN DSA PARAMETERS-----
-MIIBHwKBgQDFJfsIPOIawMO5biw+AoYUhNVxReBOLQosU3Qv4B8krac0BNr3OjSG
-Lh1wZxHqhlAE0QmasTaKojuk20nNWeFnczSz6vDl0IVJEhS8VYor5kt9gLqtGcoA
-gsf4gRDIutJyQDaNn3IVY89uXUVIoexvQeLQDBCgQPC5O8rJdqBwtwIVAK2Jjt+d
-qk07eQUE59koYUEKyNorAoGBAI4IEpusf8G14kCHmRtnHXM2tG5EWJDmW6Qtwjqv
-Wp1GKUx5WFy1tVWR9nl5rL0Di+kNdENo+SkKj7h3uDulGOI6T0mQYbV2h1IK+FMO
-GnOqvZ8eNTE2n4PGTo5puZ63LBm+QYrQsrNiUY4vakLFQ2rEK/SLwdsDFK4ZSJCB
-Qw5z
------END DSA PARAMETERS-----
diff --git a/deps/openssl/openssl/test/smime-certs/smroot.pem b/deps/openssl/openssl/test/smime-certs/smroot.pem
deleted file mode 100644
index a59eb2684ca..00000000000
--- a/deps/openssl/openssl/test/smime-certs/smroot.pem
+++ /dev/null
@@ -1,30 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQDBV1Z/Q5gPF7lojc8pKUdyz5+Jf2B3vs4he6egekugWnoJduki
-9Lnae/JchB/soIX0co3nLc11NuFFlnAWJNMDJr08l5AHAJLYNHevF5l/f9oDQwvZ
-speKh1xpIAJNqCTzVeQ/ZLx6/GccIXV/xDuKIiovqJTPgR5WPkYKaw++lQIDAQAB
-AoGALXnUj5SflJU4+B2652ydMKUjWl0KnL/VjkyejgGV/j6py8Ybaixz9q8Gv7oY
-JDlRqMC1HfZJCFQDQrHy5VJ+CywA/H9WrqKo/Ch9U4tJAZtkig1Cmay/BAYixVu0
-xBeim10aKF6hxHH4Chg9We+OCuzWBWJhqveNjuDedL/i7JUCQQDlejovcwBUCbhJ
-U12qKOwlaboolWbl7yF3XdckTJZg7+1UqQHZH5jYZlLZyZxiaC92SNV0SyTLJZnS
-Jh5CO+VDAkEA16/pPcuVtMMz/R6SSPpRSIAa1stLs0mFSs3NpR4pdm0n42mu05pO
-1tJEt3a1g7zkreQBf53+Dwb+lA841EkjRwJBAIFmt0DifKDnCkBu/jZh9SfzwsH3
-3Zpzik+hXxxdA7+ODCrdUul449vDd5zQD5t+XKU61QNLDGhxv5e9XvrCg7kCQH/a
-3ldsVF0oDaxxL+QkxoREtCQ5tLEd1u7F2q6Tl56FDE0pe6Ih6bQ8RtG+g9EI60IN
-U7oTrOO5kLWx5E0q4ccCQAZVgoenn9MhRU1agKOCuM6LT2DxReTu4XztJzynej+8
-0J93n3ebanB1MlRpn1XJwhQ7gAC8ImaQKLJK5jdJzFc=
------END RSA PRIVATE KEY-----
------BEGIN CERTIFICATE-----
-MIICaTCCAdKgAwIBAgIJAP6VN47boiXRMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
-BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
-TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDdaFw0xNjA1MTExMzUzMDdaMEQx
-CzAJBgNVBAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRU
-ZXN0IFMvTUlNRSBSU0EgUm9vdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
-wVdWf0OYDxe5aI3PKSlHcs+fiX9gd77OIXunoHpLoFp6CXbpIvS52nvyXIQf7KCF
-9HKN5y3NdTbhRZZwFiTTAya9PJeQBwCS2DR3rxeZf3/aA0ML2bKXiodcaSACTagk
-81XkP2S8evxnHCF1f8Q7iiIqL6iUz4EeVj5GCmsPvpUCAwEAAaNjMGEwHQYDVR0O
-BBYEFBPPS6e7iS6zOFcXdsabrWhb5e0XMB8GA1UdIwQYMBaAFBPPS6e7iS6zOFcX
-dsabrWhb5e0XMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMA0GCSqG
-SIb3DQEBBQUAA4GBAIECprq5viDvnDbkyOaiSr9ubMUmWqvycfAJMdPZRKcOZczS
-l+L9R9lF3JSqbt3knOe9u6bGDBOTY2285PdCCuHRVMk2Af1f6El1fqAlRUwNqipp
-r68sWFuRqrcRNtk6QQvXfkOhrqQBuDa7te/OVQLa2lGN9Dr2mQsD8ijctatG
------END CERTIFICATE-----
diff --git a/deps/openssl/openssl/test/smime-certs/smrsa1.pem b/deps/openssl/openssl/test/smime-certs/smrsa1.pem
deleted file mode 100644
index 2cf3148e334..00000000000
--- a/deps/openssl/openssl/test/smime-certs/smrsa1.pem
+++ /dev/null
@@ -1,31 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXgIBAAKBgQC6A978j4pmPgUtUQqF+bjh6vdhwGOGZSD7xXgFTMjm88twfv+E
-ixkq2KXSDjD0ZXoQbdOaSbvGRQrIJpG2NGiKAFdYNrP025kCCdh5wF/aEI7KLEm7
-JlHwXpQsuj4wkMgmkFjL3Ty4Z55aNH+2pPQIa0k+ENJXm2gDuhqgBmduAwIDAQAB
-AoGBAJMuYu51aO2THyeHGwt81uOytcCbqGP7eoib62ZOJhxPRGYjpmuqX+R9/V5i
-KiwGavm63JYUx0WO9YP+uIZxm1BUATzkgkS74u5LP6ajhkZh6/Bck1oIYYkbVOXl
-JVrdENuH6U7nupznsyYgONByo+ykFPVUGmutgiaC7NMVo/MxAkEA6KLejWXdCIEn
-xr7hGph9NlvY9xuRIMexRV/WrddcFfCdjI1PciIupgrIkR65M9yr7atm1iU6/aRf
-KOr8rLZsSQJBAMyyXN71NsDNx4BP6rtJ/LJMP0BylznWkA7zWfGCbAYn9VhZVlSY
-Eu9Gyr7quD1ix7G3kInKVYOEEOpockBLz+sCQQCedyMmKjcQLfpMVYW8uhbAynvW
-h36qV5yXZxszO7nMcCTBsxhk5IfmLv5EbCs3+p9avCDGyoGOeUMg+kC33WORAkAg
-oUIarH4o5+SoeJTTfCzTA0KF9H5U0vYt2+73h7HOnWoHxl3zqDZEfEVvf50U8/0f
-QELDJETTbScBJtsnkq43AkEA38etvoZ2i4FJvvo7R/9gWBHVEcrGzcsCBYrNnIR1
-SZLRwHEGaiOK1wxMsWzqp7PJwL9z/M8A8DyOFBx3GPOniA==
------END RSA PRIVATE KEY-----
------BEGIN CERTIFICATE-----
-MIICizCCAfSgAwIBAgIJAMtotfHYdEsTMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
-BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
-TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDhaFw0xNjA1MTAxMzUzMDhaMEUx
-CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
-ZXN0IFMvTUlNRSBFRSBSU0EgIzEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
-ALoD3vyPimY+BS1RCoX5uOHq92HAY4ZlIPvFeAVMyObzy3B+/4SLGSrYpdIOMPRl
-ehBt05pJu8ZFCsgmkbY0aIoAV1g2s/TbmQIJ2HnAX9oQjsosSbsmUfBelCy6PjCQ
-yCaQWMvdPLhnnlo0f7ak9AhrST4Q0lebaAO6GqAGZ24DAgMBAAGjgYMwgYAwHQYD
-VR0OBBYEFE2vMvKz5jrC7Lbdg68XwZ95iL/QMB8GA1UdIwQYMBaAFBPPS6e7iS6z
-OFcXdsabrWhb5e0XMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXgMCAGA1Ud
-EQQZMBeBFXNtaW1lcnNhMUBvcGVuc3NsLm9yZzANBgkqhkiG9w0BAQUFAAOBgQAi
-O3GOkUl646oLnOimc36i9wxZ1tejsqs8vMjJ0Pym6Uq9FE2JoGzJ6OhB1GOsEVmj
-9cQ5UNQcRYL3cqOFtl6f4Dpu/lhzfbaqgmLjv29G1mS0uuTZrixhlyCXjwcbOkNC
-I/+wvHHENYIK5+T/79M9LaZ2Qk4F9MNE1VMljdz9Qw==
------END CERTIFICATE-----
diff --git a/deps/openssl/openssl/test/smime-certs/smrsa2.pem b/deps/openssl/openssl/test/smime-certs/smrsa2.pem
deleted file mode 100644
index d41f69c82f6..00000000000
--- a/deps/openssl/openssl/test/smime-certs/smrsa2.pem
+++ /dev/null
@@ -1,31 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICWwIBAAKBgQCwBfryW4Vu5U9wNIDKspJO/N9YF4CcTlrCUyzVlKgb+8urHlSe
-59i5verR9IOCCXkemjOzZ/3nALTGqYZlnEvHp0Rjk+KdKXnKBIB+SRPpeu3LcXMT
-WPgsThPa0UQxedNKG0g6aG+kLhsDlFBCoxd09jJtSpb9jmroJOq0ZYEHLwIDAQAB
-AoGAKa/w4677Je1W5+r3SYoLDnvi5TkDs4D3C6ipKJgBTEdQz+DqB4w/DpZE4551
-+rkFn1LDxcxuHGRVa+tAMhZW97fwq9YUbjVZEyOz79qrX+BMyl/NbHkf1lIKDo3q
-dWalzQvop7nbzeLC+VmmviwZfLQUbA61AQl3jm4dswT4XykCQQDloDadEv/28NTx
-bvvywvyGuvJkCkEIycm4JrIInvwsd76h/chZ3oymrqzc7hkEtK6kThqlS5y+WXl6
-QzPruTKTAkEAxD2ro/VUoN+scIVaLmn0RBmZ67+9Pdn6pNSfjlK3s0T0EM6/iUWS
-M06l6L9wFS3/ceu1tIifsh9BeqOGTa+udQJARIFnybTBaIqw/NZ/lA1YCVn8tpvY
-iyaoZ6gjtS65TQrsdKeh/i3HCHNUXxUpoZ3F/H7QtD+6o49ODou+EbVOwQJAVmex
-A2gp8wuJKaINqxIL81AybZLnCCzKJ3lXJ5tUNyLNM/lUbGStktm2Q1zHRQwTxV07
-jFn7trn8YrtNjzcjYQJAUKIJRt38A8Jw3HoPT+D0WS2IgxjVL0eYGsZX1lyeammG
-6rfnQ3u5uP7mEK2EH2o8mDUpAE0gclWBU9UkKxJsGA==
------END RSA PRIVATE KEY-----
------BEGIN CERTIFICATE-----
-MIICizCCAfSgAwIBAgIJAMtotfHYdEsUMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
-BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
-TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDhaFw0xNjA1MTAxMzUzMDhaMEUx
-CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
-ZXN0IFMvTUlNRSBFRSBSU0EgIzIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
-ALAF+vJbhW7lT3A0gMqykk7831gXgJxOWsJTLNWUqBv7y6seVJ7n2Lm96tH0g4IJ
-eR6aM7Nn/ecAtMaphmWcS8enRGOT4p0pecoEgH5JE+l67ctxcxNY+CxOE9rRRDF5
-00obSDpob6QuGwOUUEKjF3T2Mm1Klv2Oaugk6rRlgQcvAgMBAAGjgYMwgYAwHQYD
-VR0OBBYEFIL/u+mEvaw7RuKLRuElfVkxSQjYMB8GA1UdIwQYMBaAFBPPS6e7iS6z
-OFcXdsabrWhb5e0XMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXgMCAGA1Ud
-EQQZMBeBFXNtaW1lcnNhMkBvcGVuc3NsLm9yZzANBgkqhkiG9w0BAQUFAAOBgQC2
-rXR5bm/9RtOMQPleNpd3y6uUX3oy+0CafK5Yl3PMnItjjnKJ0l1/DbLbDj2twehe
-ewaB8CROcBCA3AMLSmGvPKgUCFMGtWam3328M4fBHzon5ka7qDXzM+imkAly/Yx2
-YNdR/aNOug+5sXygHmTSKqiCpQjOIClzXoPVVeEVHw==
------END CERTIFICATE-----
diff --git a/deps/openssl/openssl/test/smime-certs/smrsa3.pem b/deps/openssl/openssl/test/smime-certs/smrsa3.pem
deleted file mode 100644
index c8cbe55151e..00000000000
--- a/deps/openssl/openssl/test/smime-certs/smrsa3.pem
+++ /dev/null
@@ -1,31 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQC6syTZtZNe1hRScFc4PUVyVLsr7+C1HDIZnOHmwFoLayX6RHwy
-ep/TkdwiPHnemVLuwvpSjLMLZkXy/J764kSHJrNeVl3UvmCVCOm40hAtK1+F39pM
-h8phkbPPD7i+hwq4/Vs79o46nzwbVKmzgoZBJhZ+codujUSYM3LjJ4aq+wIDAQAB
-AoGAE1Zixrnr3bLGwBMqtYSDIOhtyos59whImCaLr17U9MHQWS+mvYO98if1aQZi
-iQ/QazJ+wvYXxWJ+dEB+JvYwqrGeuAU6He/rAb4OShG4FPVU2D19gzRnaButWMeT
-/1lgXV08hegGBL7RQNaN7b0viFYMcKnSghleMP0/q+Y/oaECQQDkXEwDYJW13X9p
-ijS20ykWdY5lLknjkHRhhOYux0rlhOqsyMZjoUmwI2m0qj9yrIysKhrk4MZaM/uC
-hy0xp3hdAkEA0Uv/UY0Kwsgc+W6YxeypECtg1qCE6FBib8n4iFy/6VcWqhvE5xrs
-OdhKv9/p6aLjLneGd1sU+F8eS9LGyKIbNwJBAJPgbNzXA7uUZriqZb5qeTXxBDfj
-RLfXSHYKAKEULxz3+JvRHB9SR4yHMiFrCdExiZrHXUkPgYLSHLGG5a4824UCQD6T
-9XvhquUARkGCAuWy0/3Eqoihp/t6BWSdQ9Upviu7YUhtUxsyXo0REZB7F4pGrJx5
-GlhXgFaewgUzuUHFzlMCQCzJMMWslWpoLntnR6sMhBMhBFHSw+Y5CbxBmFrdtSkd
-VdtNO1VuDCTxjjW7W3Khj7LX4KZ1ye/5jfAgnnnXisc=
------END RSA PRIVATE KEY-----
------BEGIN CERTIFICATE-----
-MIICizCCAfSgAwIBAgIJAMtotfHYdEsVMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
-BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
-TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDlaFw0xNjA1MTAxMzUzMDlaMEUx
-CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
-ZXN0IFMvTUlNRSBFRSBSU0EgIzMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
-ALqzJNm1k17WFFJwVzg9RXJUuyvv4LUcMhmc4ebAWgtrJfpEfDJ6n9OR3CI8ed6Z
-Uu7C+lKMswtmRfL8nvriRIcms15WXdS+YJUI6bjSEC0rX4Xf2kyHymGRs88PuL6H
-Crj9Wzv2jjqfPBtUqbOChkEmFn5yh26NRJgzcuMnhqr7AgMBAAGjgYMwgYAwHQYD
-VR0OBBYEFDsSFjNtYZzd0tTHafNS7tneQQj6MB8GA1UdIwQYMBaAFBPPS6e7iS6z
-OFcXdsabrWhb5e0XMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXgMCAGA1Ud
-EQQZMBeBFXNtaW1lcnNhM0BvcGVuc3NsLm9yZzANBgkqhkiG9w0BAQUFAAOBgQBE
-tUDB+1Dqigu4p1xtdq7JRK6S+gfA7RWmhz0j2scb2zhpS12h37JLHsidGeKAzZYq
-jUjOrH/j3xcV5AnuJoqImJaN23nzzxtR4qGGX2mrq6EtObzdEGgCUaizsGM+0slJ
-PYxcy8KeY/63B1BpYhj2RjGkL6HrvuAaxVORa3acoA==
------END CERTIFICATE-----
diff --git a/deps/openssl/openssl/test/ssltest.c b/deps/openssl/openssl/test/ssltest.c
deleted file mode 120000
index 40191f0da24..00000000000
--- a/deps/openssl/openssl/test/ssltest.c
+++ /dev/null
@@ -1 +0,0 @@
-../ssl/ssltest.c
\ No newline at end of file
diff --git a/deps/openssl/openssl/test/tcrl b/deps/openssl/openssl/test/tcrl
deleted file mode 100644
index 055269eab8d..00000000000
--- a/deps/openssl/openssl/test/tcrl
+++ /dev/null
@@ -1,78 +0,0 @@
-#!/bin/sh
-
-cmd='../util/shlib_wrap.sh ../apps/openssl crl'
-
-if [ "$1"x != "x" ]; then
-	t=$1
-else
-	t=testcrl.pem
-fi
-
-echo testing crl conversions
-cp $t fff.p
-
-echo "p -> d"
-$cmd -in fff.p -inform p -outform d >f.d
-if [ $? != 0 ]; then exit 1; fi
-#echo "p -> t"
-#$cmd -in fff.p -inform p -outform t >f.t
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in fff.p -inform p -outform p >f.p
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> d"
-$cmd -in f.d -inform d -outform d >ff.d1
-if [ $? != 0 ]; then exit 1; fi
-#echo "t -> d"
-#$cmd -in f.t -inform t -outform d >ff.d2
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> d"
-$cmd -in f.p -inform p -outform d >ff.d3
-if [ $? != 0 ]; then exit 1; fi
-
-#echo "d -> t"
-#$cmd -in f.d -inform d -outform t >ff.t1
-#if [ $? != 0 ]; then exit 1; fi
-#echo "t -> t"
-#$cmd -in f.t -inform t -outform t >ff.t2
-#if [ $? != 0 ]; then exit 1; fi
-#echo "p -> t"
-#$cmd -in f.p -inform p -outform t >ff.t3
-#if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> p"
-$cmd -in f.d -inform d -outform p >ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#echo "t -> p"
-#$cmd -in f.t -inform t -outform p >ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in f.p -inform p -outform p >ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp fff.p f.p
-if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp fff.p ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-#cmp f.t ff.t1
-#if [ $? != 0 ]; then exit 1; fi
-#cmp f.t ff.t2
-#if [ $? != 0 ]; then exit 1; fi
-#cmp f.t ff.t3
-#if [ $? != 0 ]; then exit 1; fi
-
-cmp f.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp f.p ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp f.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-/bin/rm -f f.* ff.* fff.*
-exit 0
diff --git a/deps/openssl/openssl/test/tcrl.com b/deps/openssl/openssl/test/tcrl.com
deleted file mode 100644
index dd96a2b6dd7..00000000000
--- a/deps/openssl/openssl/test/tcrl.com
+++ /dev/null
@@ -1,88 +0,0 @@
-$! TCRL.COM  --  Tests crl keys
-$
-$	__arch = "VAX"
-$	if f$getsyi("cpu") .ge. 128 then -
-	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
-$	if __arch .eqs. "" then __arch = "UNK"
-$!
-$	if (p2 .eqs. "64") then __arch = __arch+ "_64"
-$!
-$	exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
-$
-$	cmd = "mcr ''exe_dir'openssl crl"
-$
-$	t = "testcrl.pem"
-$	if p1 .nes. "" then t = p1
-$
-$	write sys$output "testing CRL conversions"
-$	if f$search("fff.*") .nes "" then delete fff.*;*
-$	if f$search("ff.*") .nes "" then delete ff.*;*
-$	if f$search("f.*") .nes "" then delete f.*;*
-$	convert/fdl=sys$input: 't' fff.p
-RECORD
-	FORMAT STREAM_LF
-$
-$	write sys$output "p -> d"
-$	'cmd' -in fff.p -inform p -outform d -out f.d
-$	if $severity .ne. 1 then exit 3
-$!	write sys$output "p -> t"
-$!	'cmd' -in fff.p -inform p -outform t -out f.t
-$!	if $severity .ne. 1 then exit 3
-$	write sys$output "p -> p"
-$	'cmd' -in fff.p -inform p -outform p -out f.p
-$	if $severity .ne. 1 then exit 3
-$
-$	write sys$output "d -> d"
-$	'cmd' -in f.d -inform d -outform d -out ff.d1
-$	if $severity .ne. 1 then exit 3
-$!	write sys$output "t -> d"
-$!	'cmd' -in f.t -inform t -outform d -out ff.d2
-$!	if $severity .ne. 1 then exit 3
-$	write sys$output "p -> d"
-$	'cmd' -in f.p -inform p -outform d -out ff.d3
-$	if $severity .ne. 1 then exit 3
-$
-$!	write sys$output "d -> t"
-$!	'cmd' -in f.d -inform d -outform t -out ff.t1
-$!	if $severity .ne. 1 then exit 3
-$!	write sys$output "t -> t"
-$!	'cmd' -in f.t -inform t -outform t -out ff.t2
-$!	if $severity .ne. 1 then exit 3
-$!	write sys$output "p -> t"
-$!	'cmd' -in f.p -inform p -outform t -out ff.t3
-$!	if $severity .ne. 1 then exit 3
-$
-$	write sys$output "d -> p"
-$	'cmd' -in f.d -inform d -outform p -out ff.p1
-$	if $severity .ne. 1 then exit 3
-$!	write sys$output "t -> p"
-$!	'cmd' -in f.t -inform t -outform p -out ff.p2
-$!	if $severity .ne. 1 then exit 3
-$	write sys$output "p -> p"
-$	'cmd' -in f.p -inform p -outform p -out ff.p3
-$	if $severity .ne. 1 then exit 3
-$
-$	backup/compare fff.p f.p
-$	if $severity .ne. 1 then exit 3
-$	backup/compare fff.p ff.p1
-$	if $severity .ne. 1 then exit 3
-$!	backup/compare fff.p ff.p2
-$!	if $severity .ne. 1 then exit 3
-$	backup/compare fff.p ff.p3
-$	if $severity .ne. 1 then exit 3
-$
-$!	backup/compare f.t ff.t1
-$!	if $severity .ne. 1 then exit 3
-$!	backup/compare f.t ff.t2
-$!	if $severity .ne. 1 then exit 3
-$!	backup/compare f.t ff.t3
-$!	if $severity .ne. 1 then exit 3
-$
-$	backup/compare f.p ff.p1
-$	if $severity .ne. 1 then exit 3
-$!	backup/compare f.p ff.p2
-$!	if $severity .ne. 1 then exit 3
-$	backup/compare f.p ff.p3
-$	if $severity .ne. 1 then exit 3
-$
-$	delete f.*;*,ff.*;*,fff.*;*
diff --git a/deps/openssl/openssl/test/test.cnf b/deps/openssl/openssl/test/test.cnf
deleted file mode 100644
index faad3914a85..00000000000
--- a/deps/openssl/openssl/test/test.cnf
+++ /dev/null
@@ -1,88 +0,0 @@
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-
-RANDFILE		= ./.rnd
-
-####################################################################
-[ ca ]
-default_ca	= CA_default		# The default ca section
-
-####################################################################
-[ CA_default ]
-
-dir		= ./demoCA		# Where everything is kept
-certs		= $dir/certs		# Where the issued certs are kept
-crl_dir		= $dir/crl		# Where the issued crl are kept
-database	= $dir/index.txt	# database index file.
-new_certs_dir	= $dir/new_certs	# default place for new certs.
-
-certificate	= $dir/CAcert.pem 	# The CA certificate
-serial		= $dir/serial 		# The current serial number
-crl		= $dir/crl.pem 		# The current CRL
-private_key	= $dir/private/CAkey.pem# The private key
-RANDFILE	= $dir/private/.rand	# private random number file
-
-default_days	= 365			# how long to certify for
-default_crl_days= 30			# how long before next CRL
-default_md	= md5			# which md to use.
-
-# A few difference way of specifying how similar the request should look
-# For type CA, the listed attributes must be the same, and the optional
-# and supplied fields are just that :-)
-policy		= policy_match
-
-# For the CA policy
-[ policy_match ]
-countryName		= match
-stateOrProvinceName	= match
-organizationName	= match
-organizationalUnitName	= optional
-commonName		= supplied
-emailAddress		= optional
-
-# For the 'anything' policy
-# At this point in time, you must list all acceptable 'object'
-# types.
-[ policy_anything ]
-countryName		= optional
-stateOrProvinceName	= optional
-localityName		= optional
-organizationName	= optional
-organizationalUnitName	= optional
-commonName		= supplied
-emailAddress		= optional
-
-####################################################################
-[ req ]
-default_bits		= 512
-default_keyfile 	= testkey.pem
-distinguished_name	= req_distinguished_name
-encrypt_rsa_key		= no
-
-[ req_distinguished_name ]
-countryName			= Country Name (2 letter code)
-countryName_default		= AU
-countryName_value		= AU
-
-stateOrProvinceName		= State or Province Name (full name)
-stateOrProvinceName_default	= Queensland
-stateOrProvinceName_value	=
-
-localityName			= Locality Name (eg, city)
-localityName_value		= Brisbane
-
-organizationName		= Organization Name (eg, company)
-organizationName_default	= 
-organizationName_value		= CryptSoft Pty Ltd
-
-organizationalUnitName		= Organizational Unit Name (eg, section)
-organizationalUnitName_default	=
-organizationalUnitName_value	= .
-
-commonName			= Common Name (eg, YOUR name)
-commonName_value		= Eric Young
-
-emailAddress			= Email Address
-emailAddress_value		= eay@mincom.oz.au
diff --git a/deps/openssl/openssl/test/test_padlock b/deps/openssl/openssl/test/test_padlock
deleted file mode 100644
index 5c0f21043ce..00000000000
--- a/deps/openssl/openssl/test/test_padlock
+++ /dev/null
@@ -1,64 +0,0 @@
-#!/bin/sh
-
-PROG=$1
-
-if [ -x $PROG ]; then
-    if expr "x`$PROG version`" : "xOpenSSL" > /dev/null; then
-	:
-    else
-	echo "$PROG is not OpenSSL executable"
-	exit 1
-    fi
-else
-    echo "$PROG is not executable"
-    exit 1;
-fi
-
-if $PROG engine padlock | grep -v no-ACE; then
-
-    HASH=`cat $PROG | $PROG dgst -hex`
-
-    ACE_ALGS="	aes-128-ecb aes-192-ecb aes-256-ecb \
-		aes-128-cbc aes-192-cbc aes-256-cbc \
-		aes-128-cfb aes-192-cfb aes-256-cfb \
-		aes-128-ofb aes-192-ofb aes-256-ofb"
-
-    nerr=0
-
-    for alg in $ACE_ALGS; do
-	echo $alg
-	TEST=`(	cat $PROG | \
-		$PROG enc -e -k "$HASH" -$alg -bufsize 999 -engine padlock | \
-		$PROG enc -d -k "$HASH" -$alg | \
-		$PROG dgst -hex ) 2>/dev/null`
-	if [ "$TEST" != "$HASH" ]; then
-		echo "-$alg encrypt test failed"
-		nerr=`expr $nerr + 1`
-	fi
-	TEST=`(	cat $PROG | \
-		$PROG enc -e -k "$HASH" -$alg | \
-		$PROG enc -d -k "$HASH" -$alg -bufsize 999 -engine padlock | \
-		$PROG dgst -hex ) 2>/dev/null`
-	if [ "$TEST" != "$HASH" ]; then
-		echo "-$alg decrypt test failed"
-		nerr=`expr $nerr + 1`
-	fi
-	TEST=`(	cat $PROG | \
-		$PROG enc -e -k "$HASH" -$alg -engine padlock | \
-		$PROG enc -d -k "$HASH" -$alg -engine padlock | \
-		$PROG dgst -hex ) 2>/dev/null`
-	if [ "$TEST" != "$HASH" ]; then
-		echo "-$alg en/decrypt test failed"
-		nerr=`expr $nerr + 1`
-	fi
-    done
-
-    if [ $nerr -gt 0 ]; then
-	echo "PadLock ACE test failed."
-	exit 1;
-    fi
-else
-    echo "PadLock ACE is not available"
-fi
-
-exit 0
diff --git a/deps/openssl/openssl/test/testca b/deps/openssl/openssl/test/testca
deleted file mode 100644
index b109cfe271f..00000000000
--- a/deps/openssl/openssl/test/testca
+++ /dev/null
@@ -1,51 +0,0 @@
-#!/bin/sh
-
-SH="/bin/sh"
-if test "$OSTYPE" = msdosdjgpp; then
-    PATH="../apps\;$PATH"
-else
-    PATH="../apps:$PATH"
-fi
-export SH PATH
-
-SSLEAY_CONFIG="-config CAss.cnf"
-export SSLEAY_CONFIG
-
-OPENSSL="`pwd`/../util/opensslwrap.sh"
-export OPENSSL
-
-/bin/rm -fr demoCA
-$SH ../apps/CA.sh -newca <$test;
-
-echo cat
-$cmd enc < $test > $test.cipher
-$cmd enc < $test.cipher >$test.clear
-cmp $test $test.clear
-if [ $? != 0 ]
-then
-	exit 1
-else
-	/bin/rm $test.cipher $test.clear
-fi
-echo base64
-$cmd enc -a -e < $test > $test.cipher
-$cmd enc -a -d < $test.cipher >$test.clear
-cmp $test $test.clear
-if [ $? != 0 ]
-then
-	exit 1
-else
-	/bin/rm $test.cipher $test.clear
-fi
-
-for i in `$cmd list-cipher-commands`
-do
-	echo $i
-	$cmd $i -bufsize 113 -e -k test < $test > $test.$i.cipher
-	$cmd $i -bufsize 157 -d -k test < $test.$i.cipher >$test.$i.clear
-	cmp $test $test.$i.clear
-	if [ $? != 0 ]
-	then
-		exit 1
-	else
-		/bin/rm $test.$i.cipher $test.$i.clear
-	fi
-
-	echo $i base64
-	$cmd $i -bufsize 113 -a -e -k test < $test > $test.$i.cipher
-	$cmd $i -bufsize 157 -a -d -k test < $test.$i.cipher >$test.$i.clear
-	cmp $test $test.$i.clear
-	if [ $? != 0 ]
-	then
-		exit 1
-	else
-		/bin/rm $test.$i.cipher $test.$i.clear
-	fi
-done
-rm -f $test
diff --git a/deps/openssl/openssl/test/testenc.com b/deps/openssl/openssl/test/testenc.com
deleted file mode 100644
index 75acd6f07fa..00000000000
--- a/deps/openssl/openssl/test/testenc.com
+++ /dev/null
@@ -1,66 +0,0 @@
-$! TESTENC.COM  --  Test encoding and decoding
-$
-$	__arch = "VAX"
-$	if f$getsyi("cpu") .ge. 128 then -
-	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
-$	if __arch .eqs. "" then __arch = "UNK"
-$!
-$	if (p1 .eqs. 64) then __arch = __arch+ "_64"
-$
-$	exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
-$	testsrc = "makefile."
-$	test = "p.txt"
-$	cmd = "mcr ''exe_dir'openssl"
-$
-$	if f$search(test) .nes. "" then delete 'test';*
-$	convert/fdl=sys$input: 'testsrc' 'test'
-RECORD
-	FORMAT STREAM_LF
-$
-$	if f$search(test+"-cipher") .nes. "" then delete 'test'-cipher;*
-$	if f$search(test+"-clear") .nes. "" then delete 'test'-clear;*
-$
-$	write sys$output "cat"
-$	'cmd' enc -in 'test' -out 'test'-cipher
-$	'cmd' enc -in 'test'-cipher -out 'test'-clear
-$	backup/compare 'test' 'test'-clear
-$	if $severity .ne. 1 then exit 3
-$	delete 'test'-cipher;*,'test'-clear;*
-$
-$	write sys$output "base64"
-$	'cmd' enc -a -e -in 'test' -out 'test'-cipher
-$	'cmd' enc -a -d -in 'test'-cipher -out 'test'-clear
-$	backup/compare 'test' 'test'-clear
-$	if $severity .ne. 1 then exit 3
-$	delete 'test'-cipher;*,'test'-clear;*
-$
-$	define/user sys$output 'test'-cipher-commands
-$	'cmd' list-cipher-commands
-$	open/read f 'test'-cipher-commands
-$ loop_cipher_commands:
-$	read/end=loop_cipher_commands_end f i
-$	write sys$output i
-$
-$	if f$search(test+"-"+i+"-cipher") .nes. "" then -
-		delete 'test'-'i'-cipher;*
-$	if f$search(test+"-"+i+"-clear") .nes. "" then -
-		delete 'test'-'i'-clear;*
-$
-$	'cmd' 'i' -bufsize 113 -e -k test -in 'test' -out 'test'-'i'-cipher
-$	'cmd' 'i' -bufsize 157 -d -k test -in 'test'-'i'-cipher -out 'test'-'i'-clear
-$	backup/compare 'test' 'test'-'i'-clear
-$	if $severity .ne. 1 then exit 3
-$	delete 'test'-'i'-cipher;*,'test'-'i'-clear;*
-$
-$	write sys$output i," base64"
-$	'cmd' 'i' -bufsize 113 -a -e -k test -in 'test' -out 'test'-'i'-cipher
-$	'cmd' 'i' -bufsize 157 -a -d -k test -in 'test'-'i'-cipher -out 'test'-'i'-clear
-$	backup/compare 'test' 'test'-'i'-clear
-$	if $severity .ne. 1 then exit 3
-$	delete 'test'-'i'-cipher;*,'test'-'i'-clear;*
-$
-$	goto loop_cipher_commands
-$ loop_cipher_commands_end:
-$	close f
-$	delete 'test'-cipher-commands;*
-$	delete 'test';*
diff --git a/deps/openssl/openssl/test/testgen b/deps/openssl/openssl/test/testgen
deleted file mode 100644
index 524c0d134c8..00000000000
--- a/deps/openssl/openssl/test/testgen
+++ /dev/null
@@ -1,44 +0,0 @@
-#!/bin/sh
-
-T=testcert
-KEY=512
-CA=../certs/testca.pem
-
-/bin/rm -f $T.1 $T.2 $T.key
-
-if test "$OSTYPE" = msdosdjgpp; then
-    PATH=../apps\;$PATH;
-else
-    PATH=../apps:$PATH;
-fi
-export PATH
-
-echo "generating certificate request"
-
-echo "string to make the random number generator think it has entropy" >> ./.rnd
-
-if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
-  req_new='-newkey dsa:../apps/dsa512.pem'
-else
-  req_new='-new'
-  echo "There should be a 2 sequences of .'s and some +'s."
-  echo "There should not be more that at most 80 per line"
-fi
-
-echo "This could take some time."
-
-rm -f testkey.pem testreq.pem
-
-../util/shlib_wrap.sh ../apps/openssl req -config test.cnf $req_new -out testreq.pem
-if [ $? != 0 ]; then
-echo problems creating request
-exit 1
-fi
-
-../util/shlib_wrap.sh ../apps/openssl req -config test.cnf -verify -in testreq.pem -noout
-if [ $? != 0 ]; then
-echo signature on req is wrong
-exit 1
-fi
-
-exit 0
diff --git a/deps/openssl/openssl/test/testgen.com b/deps/openssl/openssl/test/testgen.com
deleted file mode 100644
index e076da2f306..00000000000
--- a/deps/openssl/openssl/test/testgen.com
+++ /dev/null
@@ -1,58 +0,0 @@
-$! TESTGEN.COM
-$
-$	__arch = "VAX"
-$	if f$getsyi("cpu") .ge. 128 then -
-	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
-$	if __arch .eqs. "" then __arch = "UNK"
-$	if (p1 .eqs. 64) then __arch = __arch+ "_64"
-$	exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
-$
-$	T = "testcert"
-$	KEY = 512
-$	CA = "[-.certs]testca.pem"
-$
-$	set noon
-$	if f$search(T+".1;*") .nes. "" then delete 'T'.1;*
-$	if f$search(T+".2;*") .nes. "" then delete 'T'.2;*
-$	if f$search(T+".key;*") .nes. "" then delete 'T'.key;*
-$	set on
-$
-$	write sys$output "generating certificate request"
-$
-$	append/new nl: .rnd
-$	open/append random_file .rnd
-$	write random_file -
-	 "string to make the random number generator think it has entropy"
-$	close random_file
-$
-$	set noon
-$	define/user sys$output nla0:
-$	mcr 'exe_dir'openssl no-rsa
-$	save_severity=$SEVERITY
-$	set on
-$	if save_severity
-$	then
-$	    req_new="-newkey dsa:[-.apps]dsa512.pem"
-$	else
-$	    req_new="-new"
-$	    write sys$output -
-	     "There should be a 2 sequences of .'s and some +'s."
-$	    write sys$output -
-	     "There should not be more that at most 80 per line"
-$	endif
-$
-$	write sys$output "This could take some time."
-$
-$	mcr 'exe_dir'openssl req -config test.cnf 'req_new' -out testreq.pem
-$	if $severity .ne. 1
-$	then
-$	    write sys$output "problems creating request"
-$	    exit 3
-$	endif
-$
-$	mcr 'exe_dir'openssl req -config test.cnf -verify -in testreq.pem -noout
-$	if $severity .ne. 1
-$	then
-$	    write sys$output "signature on req is wrong"
-$	    exit 3
-$	endif
diff --git a/deps/openssl/openssl/test/testp7.pem b/deps/openssl/openssl/test/testp7.pem
deleted file mode 100644
index e5b7866c315..00000000000
--- a/deps/openssl/openssl/test/testp7.pem
+++ /dev/null
@@ -1,46 +0,0 @@
------BEGIN PKCS7-----
-MIIIGAYJKoZIhvcNAQcCoIIICTCCCAUCAQExADALBgkqhkiG9w0BBwGgggY8MIIE
-cjCCBBygAwIBAgIQeS+OJfWJUZAx6cX0eAiMjzANBgkqhkiG9w0BAQQFADBiMREw
-DwYDVQQHEwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNV
-BAsTK1ZlcmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXIw
-HhcNOTYwNzE5MDAwMDAwWhcNOTcwMzMwMjM1OTU5WjCB1TERMA8GA1UEBxMISW50
-ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJpU2ln
-biBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMSgwJgYDVQQLEx9E
-aWdpdGFsIElEIENsYXNzIDEgLSBTTUlNRSBUZXN0MUcwRQYDVQQLEz53d3cudmVy
-aXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEuMCBJbmMuIGJ5IFJlZi4sTElBQi5M
-VEQoYyk5NjBbMA0GCSqGSIb3DQEBAQUAA0oAMEcCQA7LvHEIAiQ5+4gDYvJGnGAq
-UM5GXyG11diEXmIEZTHUZhorooX5sr8IIjSXiPY59YYUFSvAaharFM1xaBN8zNEC
-AwEAAaOCAjkwggI1MAkGA1UdEwQCMAAwggImBgNVHQMEggIdMIICGTCCAhUwggIR
-BgtghkgBhvhFAQcBATCCAgAWggGrVGhpcyBjZXJ0aWZpY2F0ZSBpbmNvcnBvcmF0
-ZXMgYnkgcmVmZXJlbmNlLCBhbmQgaXRzIHVzZSBpcyBzdHJpY3RseSBzdWJqZWN0
-IHRvLCB0aGUgVmVyaVNpZ24gQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1l
-bnQgKENQUyksIGF2YWlsYWJsZSBhdDogaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t
-L0NQUy0xLjA7IGJ5IEUtbWFpbCBhdCBDUFMtcmVxdWVzdHNAdmVyaXNpZ24uY29t
-OyBvciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMuLCAyNTkzIENvYXN0IEF2ZS4s
-IE1vdW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBUZWwuICsxICg0MTUpIDk2MS04
-ODMwIENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2lnbiwgSW5jLiAgQWxsIFJpZ2h0
-cyBSZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVTIERJU0NMQUlNRUQgYW5kIExJ
-QUJJTElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcBAQGhDgYMYIZIAYb4RQEHAQEC
-MC8wLRYraHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEu
-AzANBgkqhkiG9w0BAQQFAANBAMCYDuSb/eIlYSxY31nZZTaCZkCSfHjlacMofExr
-cF+A2yHoEuT+eCQkqM0pMNHXddUeoQ9RjV+VuMBNmm63DUYwggHCMIIBbKADAgEC
-AhB8CYTq1bkRFJBYOd67cp9JMA0GCSqGSIb3DQEBAgUAMD4xCzAJBgNVBAYTAlVT
-MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEWMBQGA1UECxMNVEVTVCBSb290IFBD
-QTAeFw05NjA3MTcwMDAwMDBaFw05NzA3MTcyMzU5NTlaMGIxETAPBgNVBAcTCElu
-dGVybmV0MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNp
-Z24gQ2xhc3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjBcMA0GCSqGSIb3
-DQEBAQUAA0sAMEgCQQDsVzrNgnDhbAJZrWeLd9g1vMZJA2W67D33TTbga6yMt+ES
-TWEywhS6RNP+fzLGg7utinjH4tL60cXa0G27GDsLAgMBAAGjIjAgMAsGA1UdDwQE
-AwIBBjARBglghkgBhvhCAQEEBAMCAgQwDQYJKoZIhvcNAQECBQADQQAUp6bRwkaD
-2d1MBs/mjUcgTI2fXVmW8tTm/Ud6OzUwpC3vYgybiOOA4f6mOC5dbyUHrLOsrihU
-47ZQ0Jo1DUfboYIBrTCBwTBtMA0GCSqGSIb3DQEBAgUAMD4xCzAJBgNVBAYTAlVT
-MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEWMBQGA1UECxMNVEVTVCBSb290IFBD
-QRcNOTYwNzE3MTc0NDA5WhcNOTgwNzE3MDAwMDAwWjANBgkqhkiG9w0BAQIFAANB
-AHitA0/xAukCjHzeh1AMT/l2oC68N+yFb+aJPHBBMxc6gG2MaKjBNwb5hcXUllMl
-ExONA3ju10f7owIq3s3wx10wgeYwgZEwDQYJKoZIhvcNAQECBQAwYjERMA8GA1UE
-BxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytW
-ZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyFw05NjA3
-MTcxNzU5MjlaFw05NzA3MTgwMDAwMDBaMA0GCSqGSIb3DQEBAgUAA0EAubVWYTsW
-sQmste9f+UgMw8BkjDlM25fwQLrCfmmnLxjewey10kSROypUaJLb+r4oRALc0fG9
-XfZsaiiIgotQHjEA
------END PKCS7-----
diff --git a/deps/openssl/openssl/test/testreq2.pem b/deps/openssl/openssl/test/testreq2.pem
deleted file mode 100644
index c3cdcffcbc6..00000000000
--- a/deps/openssl/openssl/test/testreq2.pem
+++ /dev/null
@@ -1,7 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIHaMIGFAgEAMA4xDDAKBgNVBAMTA2NuNDBcMA0GCSqGSIb3DQEBAQUAA0sAMEgC
-QQCQsnkyUGDY2R3mYoeTprFJKgWuJ3f1jUjlIuW5+wfAUoeMt35c4vcFZ2mIBpEG
-DtzkNQN1kr2O9ldm9zYnYhyhAgMBAAGgEjAQBgorBgEEAYI3AgEOMQIwADANBgkq
-hkiG9w0BAQQFAANBAAb2szZgVIxg3vK6kYLjGSBISyuzcXJ6IvuPW6M+yzi1Qgoi
-gQhazHTJp91T8ItZEzUJGZSZl2e5iXlnffWB+/U=
------END CERTIFICATE REQUEST-----
diff --git a/deps/openssl/openssl/test/testrsa.pem b/deps/openssl/openssl/test/testrsa.pem
deleted file mode 100644
index aad21067a8f..00000000000
--- a/deps/openssl/openssl/test/testrsa.pem
+++ /dev/null
@@ -1,9 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIBPAIBAAJBAKrbeqkuRk8VcRmWFmtP+LviMB3+6dizWW3DwaffznyHGAFwUJ/I
-Tv0XtbsCyl3QoyKGhrOAy3RvPK5M38iuXT0CAwEAAQJAZ3cnzaHXM/bxGaR5CR1R
-rD1qFBAVfoQFiOH9uPJgMaoAuoQEisPHVcZDKcOv4wEg6/TInAIXBnEigtqvRzuy
-oQIhAPcgZzUq3yVooAaoov8UbXPxqHlwo6GBMqnv20xzkf6ZAiEAsP4BnIaQTM8S
-mvcpHZwQJdmdHHkGKAs37Dfxi67HbkUCIQCeZGliHXFa071Fp06ZeWlR2ADonTZz
-rJBhdTe0v5pCeQIhAIZfkiGgGBX4cIuuckzEm43g9WMUjxP/0GlK39vIyihxAiEA
-mymehFRT0MvqW5xAKAx7Pgkt8HVKwVhc2LwGKHE0DZM=
------END RSA PRIVATE KEY-----
diff --git a/deps/openssl/openssl/test/tests.com b/deps/openssl/openssl/test/tests.com
deleted file mode 100644
index 373dd16eacb..00000000000
--- a/deps/openssl/openssl/test/tests.com
+++ /dev/null
@@ -1,366 +0,0 @@
-$! TESTS.COM  --  Performs the necessary tests
-$!
-$! P1	tests to be performed.  Empty means all.
-$! P2	Pointer size: "", "32", or "64".
-$!
-$! Announce/identify.
-$!
-$	proc = f$environment( "procedure")
-$	write sys$output "@@@ "+ -
-	 f$parse( proc, , , "name")+ f$parse( proc, , , "type")
-$!
-$	__proc = f$element(0,";",f$environment("procedure"))
-$	__here = f$parse(f$parse("A.;",__proc) - "A.;","[]A.;") - "A.;"
-$	__save_default = f$environment("default")
-$	__arch = "VAX"
-$	if f$getsyi("cpu") .ge. 128 then -
-	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
-$	if __arch .eqs. "" then __arch = "UNK"
-$!
-$	__archd = __arch
-$       pointer_size = ""
-$	if (p2 .eq. "64")
-$	then
-$	  pointer_size = "64"
-$	  __archd = __arch+ "_64"
-$	endif
-$!
-$	texe_dir := sys$disk:[-.'__archd'.exe.test]
-$	exe_dir := sys$disk:[-.'__archd'.exe.apps]
-$
-$	set default '__here'
-$
-$       ROOT = F$PARSE("sys$disk:[-]A.;0",,,,"SYNTAX_ONLY,NO_CONCEAL") - "A.;0"
-$       ROOT_DEV = F$PARSE(ROOT,,,"DEVICE","SYNTAX_ONLY")
-$       ROOT_DIR = F$PARSE(ROOT,,,"DIRECTORY","SYNTAX_ONLY") -
-                   - ".][000000" - "[000000." - "][" - "[" - "]"
-$       ROOT = ROOT_DEV + "[" + ROOT_DIR
-$       DEFINE/NOLOG SSLROOT 'ROOT'.APPS.] /TRANS=CONC
-$	openssl_conf := sslroot:[000000]openssl-vms.cnf
-$
-$	on control_y then goto exit
-$	on error then goto exit
-$
-$	if p1 .nes. ""
-$	then
-$	    tests = p1
-$	else
-$! NOTE: This list reflects the list of dependencies following the
-$! "alltests" target in Makefile.  This should make it easy to see
-$! if there's a difference that needs to be taken care of.
-$	    tests := -
-	test_des,test_idea,test_sha,test_md4,test_md5,test_hmac,-
-	test_md2,test_mdc2,test_wp,-
-	test_rmd,test_rc2,test_rc4,test_rc5,test_bf,test_cast,test_aes,-
-	test_rand,test_bn,test_ec,test_ecdsa,test_ecdh,-
-	test_enc,test_x509,test_rsa,test_crl,test_sid,-
-	test_gen,test_req,test_pkcs7,test_verify,test_dh,test_dsa,-
-	test_ss,test_ca,test_engine,test_evp,test_ssl,test_tsa,test_ige,-
-	test_jpake,test_cms
-$	endif
-$	tests = f$edit(tests,"COLLAPSE")
-$
-$	BNTEST :=	bntest
-$	ECTEST :=	ectest
-$	ECDSATEST :=	ecdsatest
-$	ECDHTEST :=	ecdhtest
-$	EXPTEST :=	exptest
-$	IDEATEST :=	ideatest
-$	SHATEST :=	shatest
-$	SHA1TEST :=	sha1test
-$	MDC2TEST :=	mdc2test
-$	RMDTEST :=	rmdtest
-$	MD2TEST :=	md2test
-$	MD4TEST :=	md4test
-$	MD5TEST :=	md5test
-$	HMACTEST :=	hmactest
-$	WPTEST :=	wp_test
-$	RC2TEST :=	rc2test
-$	RC4TEST :=	rc4test
-$	RC5TEST :=	rc5test
-$	BFTEST :=	bftest
-$	CASTTEST :=	casttest
-$	DESTEST :=	destest
-$	RANDTEST :=	randtest
-$	DHTEST :=	dhtest
-$	DSATEST :=	dsatest
-$	METHTEST :=	methtest
-$	SSLTEST :=	ssltest
-$	RSATEST :=	rsa_test
-$	ENGINETEST :=	enginetest
-$	EVPTEST :=	evp_test
-$	IGETEST :=	igetest
-$	JPAKETEST :=	jpaketest
-$	ASN1TEST :=	asn1test
-$!
-$	tests_i = 0
-$ loop_tests:
-$	tests_e = f$element(tests_i,",",tests)
-$	tests_i = tests_i + 1
-$	if tests_e .eqs. "," then goto exit
-$	write sys$output "---> ''tests_e'"
-$	gosub 'tests_e'
-$	goto loop_tests
-$
-$ test_evp:
-$	mcr 'texe_dir''evptest' 'ROOT'.CRYPTO.EVP]evptests.txt
-$	return
-$ test_des:
-$	mcr 'texe_dir''destest'
-$	return
-$ test_idea:
-$	mcr 'texe_dir''ideatest'
-$	return
-$ test_sha:
-$	mcr 'texe_dir''shatest'
-$	mcr 'texe_dir''sha1test'
-$	return
-$ test_mdc2:
-$	mcr 'texe_dir''mdc2test'
-$	return
-$ test_md5:
-$	mcr 'texe_dir''md5test'
-$	return
-$ test_md4:
-$	mcr 'texe_dir''md4test'
-$	return
-$ test_hmac:
-$	mcr 'texe_dir''hmactest'
-$	return
-$ test_wp:
-$	mcr 'texe_dir''wptest'
-$	return
-$ test_md2:
-$	mcr 'texe_dir''md2test'
-$	return
-$ test_rmd:
-$	mcr 'texe_dir''rmdtest'
-$	return
-$ test_bf:
-$	mcr 'texe_dir''bftest'
-$	return
-$ test_cast:
-$	mcr 'texe_dir''casttest'
-$	return
-$ test_rc2:
-$	mcr 'texe_dir''rc2test'
-$	return
-$ test_rc4:
-$	mcr 'texe_dir''rc4test'
-$	return
-$ test_rc5:
-$	mcr 'texe_dir''rc5test'
-$	return
-$ test_rand:
-$	mcr 'texe_dir''randtest'
-$	return
-$ test_enc:
-$	@testenc.com 'pointer_size'
-$	return
-$ test_x509:
-$	set noon
-$	define sys$error test_x509.err
-$	write sys$output "test normal x509v1 certificate"
-$	@tx509.com "" 'pointer_size'
-$	write sys$output "test first x509v3 certificate"
-$	@tx509.com v3-cert1.pem 'pointer_size'
-$	write sys$output "test second x509v3 certificate"
-$	@tx509.com v3-cert2.pem 'pointer_size'
-$	deassign sys$error
-$	set on
-$	return
-$ test_rsa:
-$	set noon
-$	define sys$error test_rsa.err
-$	@trsa.com "" 'pointer_size'
-$	deassign sys$error
-$	mcr 'texe_dir''rsatest'
-$	set on
-$	return
-$ test_crl:
-$	set noon
-$	define sys$error test_crl.err
-$	@tcrl.com "" 'pointer_size'
-$	deassign sys$error
-$	set on
-$	return
-$ test_sid:
-$	set noon
-$	define sys$error test_sid.err
-$	@tsid.com "" 'pointer_size'
-$	deassign sys$error
-$	set on
-$	return
-$ test_req:
-$	set noon
-$	define sys$error test_req.err
-$	@treq.com "" 'pointer_size'
-$	@treq.com testreq2.pem 'pointer_size'
-$	deassign sys$error
-$	set on
-$	return
-$ test_pkcs7:
-$	set noon
-$	define sys$error test_pkcs7.err
-$	@tpkcs7.com "" 'pointer_size'
-$	@tpkcs7d.com "" 'pointer_size'
-$	deassign sys$error
-$	set on
-$	return
-$ test_bn:
-$	write sys$output -
-	      "starting big number library test, could take a while..."
-$	set noon
-$	define sys$error test_bn.err
-$	define sys$output test_bn.out
-$	@ bctest.com
-$	status = $status
-$	deassign sys$error
-$	deassign sys$output
-$	set on
-$	if (status)
-$	then
-$	    create /fdl = sys$input bntest-vms.tmp
-FILE
-	ORGANIZATION	sequential
-RECORD
-	FORMAT		stream_lf
-$	    define /user_mode sys$output bntest-vms.tmp
-$	    mcr 'texe_dir''bntest'
-$	    define /user_mode sys$input bntest-vms.tmp
-$	    define /user_mode sys$output bntest-vms.out
-$	    bc
-$	    @ bntest.com bntest-vms.out
-$	    status = $status
-$	    if (status)
-$	    then
-$		delete bntest-vms.out;*
-$		delete bntest-vms.tmp;*
-$	    endif
-$	else
-$	    create /fdl = sys$input bntest-vms.sh
-FILE
-	ORGANIZATION	sequential
-RECORD
-	FORMAT		stream_lf
-$	    open /append bntest_file bntest-vms.sh
-$	    type /output = bntest_file sys$input:
-<< __FOO__ sh -c "`sh ./bctest`" | perl -e '$i=0; while () {if (/^test (.*)/) {print STDERR "\nverify $1";} elsif (!/^0$/) {die "\nFailed! bc: $_";} else {print STDERR "."; $i++;}} print STDERR "\n$i tests passed\n"'
-$	    define /user_mode sys$output bntest-vms.tmp
-$	    mcr 'texe_dir''bntest'
-$	    copy bntest-vms.tmp bntest_file
-$	    delete bntest-vms.tmp;*
-$	    type /output = bntest_file sys$input:
-__FOO__
-$	    close bntest_file
-$	    write sys$output "-- copy the [.test]bntest-vms.sh and [.test]bctest files to a Unix system and"
-$	    write sys$output "-- run bntest-vms.sh through sh or bash to verify that the bignum operations"
-$	    write sys$output "-- went well."
-$	    write sys$output ""
-$	endif
-$	write sys$output "test a^b%c implementations"
-$	mcr 'texe_dir''exptest'
-$	return
-$ test_ec:
-$	write sys$output "test elliptic curves"
-$	mcr 'texe_dir''ectest'
-$	return
-$ test_ecdsa:
-$	write sys$output "test ecdsa"
-$	mcr 'texe_dir''ecdsatest'
-$	return
-$ test_ecdh:
-$	write sys$output "test ecdh"
-$	mcr 'texe_dir''ecdhtest'
-$	return
-$ test_verify:
-$	write sys$output "The following command should have some OK's and some failures"
-$	write sys$output "There are definitly a few expired certificates"
-$	@tverify.com 'pointer_size'
-$	return
-$ test_dh:
-$	write sys$output "Generate a set of DH parameters"
-$	mcr 'texe_dir''dhtest'
-$	return
-$ test_dsa:
-$	write sys$output "Generate a set of DSA parameters"
-$	mcr 'texe_dir''dsatest'
-$	return
-$ test_gen:
-$	write sys$output "Generate and verify a certificate request"
-$	@testgen.com 'pointer_size'
-$	return
-$ maybe_test_ss:
-$	testss_RDT = f$cvtime(f$file_attributes("testss.com","RDT"))
-$	if f$cvtime(f$file_attributes("keyU.ss","RDT")) .les. testss_RDT then -
-		goto test_ss
-$	if f$cvtime(f$file_attributes("certU.ss","RDT")) .les. testss_RDT then -
-		goto test_ss
-$	if f$cvtime(f$file_attributes("certCA.ss","RDT")) .les. testss_RDT then -
-		goto test_ss
-$	return
-$ test_ss:
-$	write sys$output "Generate and certify a test certificate"
-$	@testss.com 'pointer_size'
-$	return
-$ test_engine: 
-$	write sys$output "Manipulate the ENGINE structures"
-$	mcr 'texe_dir''enginetest'
-$	return
-$ test_ssl:
-$	write sys$output "test SSL protocol"
-$	gosub maybe_test_ss
-$	@testssl.com keyU.ss certU.ss certCA.ss 'pointer_size'
-$	return
-$ test_ca:
-$	set noon
-$	define /user_mode sys$output test_ca.out
-$	mcr 'exe_dir'openssl no-rsa
-$	save_severity=$SEVERITY
-$	set on
-$	if save_severity
-$	then
-$	    write sys$output "skipping CA.com test -- requires RSA"
-$	else
-$	    write sys$output "Generate and certify a test certificate via the 'ca' program"
-$	    @testca.com 'pointer_size'
-$	endif
-$	return
-$ test_aes: 
-$!	write sys$output "test AES"
-$!	!mcr 'texe_dir''aestest'
-$	return
-$ test_tsa:
-$	set noon
-$	define /user_mode sys$output nla0:
-$	mcr 'exe_dir'openssl no-rsa
-$	save_severity=$SEVERITY
-$	set on
-$	if save_severity
-$	then
-$	    write sys$output "skipping testtsa.com test -- requires RSA"
-$	else
-$	    @testtsa.com "" "" "" 'pointer_size'
-$	endif
-$	return
-$ test_ige: 
-$	write sys$output "Test IGE mode"
-$	mcr 'texe_dir''igetest'
-$	return
-$ test_jpake: 
-$	write sys$output "Test JPAKE"
-$	mcr 'texe_dir''jpaketest'
-$	return
-$ test_cms:
-$	write sys$output "CMS consistency test"
-$	! Define the logical name used to find openssl.exe in the perl script.
-$	define /user_mode osslx 'exe_dir'
-$	perl CMS-TEST.PL
-$	return
-$
-$
-$ exit:
-$	mcr 'exe_dir'openssl version -a
-$	set default '__save_default'
-$	deassign sslroot
-$	exit
diff --git a/deps/openssl/openssl/test/testsid.pem b/deps/openssl/openssl/test/testsid.pem
deleted file mode 100644
index 7ffd008f666..00000000000
--- a/deps/openssl/openssl/test/testsid.pem
+++ /dev/null
@@ -1,12 +0,0 @@
------BEGIN SSL SESSION PARAMETERS-----
-MIIB1gIBAQIBAgQDAQCABBCi11xa5qkOP8xrr02K/NQCBBBkIYQZM0Bt95W0EHNV
-bA58oQYCBDIBr7WiBAICASyjggGGMIIBgjCCASwCAQMwDQYJKoZIhvcNAQEEBQAw
-ODELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3Jz
-YSB0ZXN0IENBMB4XDTk1MTAwOTIzMzEzNFoXDTk4MDcwNTIzMzEzNFowYDELMAkG
-A1UEBhMCQVUxDDAKBgNVBAgTA1FMRDEZMBcGA1UEChMQTWluY29tIFB0eS4gTHRk
-LjELMAkGA1UECxMCQ1MxGzAZBgNVBAMTElNTTGVheSBkZW1vIGNsaWVudDBcMA0G
-CSqGSIb3DQEBAQUAA0sAMEgCQQC4pcXEL1lgVA+B5Q3TcuW/O3LZHoA73IYm8oFD
-TezgCDhL2RTMn+seKWF36UtJKRIOBU9jZHCVVd0Me5ls6BEjAgMBAAEwDQYJKoZI
-hvcNAQEEBQADQQBoIpOcwUY1qlVF7j3ROSGvUsbvByOBFmYWkIBgsCqR+9qo1A7L
-CrWF5i8LWt/vLwAHaxWNx2YuBJMFyuK81fTvpA0EC3Rlc3Rjb250ZXh0
------END SSL SESSION PARAMETERS-----
diff --git a/deps/openssl/openssl/test/testss b/deps/openssl/openssl/test/testss
deleted file mode 100644
index 1a426857d31..00000000000
--- a/deps/openssl/openssl/test/testss
+++ /dev/null
@@ -1,163 +0,0 @@
-#!/bin/sh
-
-digest='-sha1'
-reqcmd="../util/shlib_wrap.sh ../apps/openssl req"
-x509cmd="../util/shlib_wrap.sh ../apps/openssl x509 $digest"
-verifycmd="../util/shlib_wrap.sh ../apps/openssl verify"
-dummycnf="../apps/openssl.cnf"
-
-CAkey="keyCA.ss"
-CAcert="certCA.ss"
-CAreq="reqCA.ss"
-CAconf="CAss.cnf"
-CAreq2="req2CA.ss"	# temp
-
-Uconf="Uss.cnf"
-Ukey="keyU.ss"
-Ureq="reqU.ss"
-Ucert="certU.ss"
-
-P1conf="P1ss.cnf"
-P1key="keyP1.ss"
-P1req="reqP1.ss"
-P1cert="certP1.ss"
-P1intermediate="tmp_intP1.ss"
-
-P2conf="P2ss.cnf"
-P2key="keyP2.ss"
-P2req="reqP2.ss"
-P2cert="certP2.ss"
-P2intermediate="tmp_intP2.ss"
-
-echo
-echo "make a certificate request using 'req'"
-
-echo "string to make the random number generator think it has entropy" >> ./.rnd
-
-if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
-  req_new='-newkey dsa:../apps/dsa512.pem'
-else
-  req_new='-new'
-fi
-
-$reqcmd -config $CAconf -out $CAreq -keyout $CAkey $req_new #>err.ss
-if [ $? != 0 ]; then
-	echo "error using 'req' to generate a certificate request"
-	exit 1
-fi
-echo
-echo "convert the certificate request into a self signed certificate using 'x509'"
-$x509cmd -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey -extfile $CAconf -extensions v3_ca >err.ss
-if [ $? != 0 ]; then
-	echo "error using 'x509' to self sign a certificate request"
-	exit 1
-fi
-
-echo
-echo "convert a certificate into a certificate request using 'x509'"
-$x509cmd -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2 >err.ss
-if [ $? != 0 ]; then
-	echo "error using 'x509' convert a certificate to a certificate request"
-	exit 1
-fi
-
-$reqcmd -config $dummycnf -verify -in $CAreq -noout
-if [ $? != 0 ]; then
-	echo first generated request is invalid
-	exit 1
-fi
-
-$reqcmd -config $dummycnf -verify -in $CAreq2 -noout
-if [ $? != 0 ]; then
-	echo second generated request is invalid
-	exit 1
-fi
-
-$verifycmd -CAfile $CAcert $CAcert
-if [ $? != 0 ]; then
-	echo first generated cert is invalid
-	exit 1
-fi
-
-echo
-echo "make a user certificate request using 'req'"
-$reqcmd -config $Uconf -out $Ureq -keyout $Ukey $req_new >err.ss
-if [ $? != 0 ]; then
-	echo "error using 'req' to generate a user certificate request"
-	exit 1
-fi
-
-echo
-echo "sign user certificate request with the just created CA via 'x509'"
-$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -extfile $Uconf -extensions v3_ee >err.ss
-if [ $? != 0 ]; then
-	echo "error using 'x509' to sign a user certificate request"
-	exit 1
-fi
-
-$verifycmd -CAfile $CAcert $Ucert
-echo
-echo "Certificate details"
-$x509cmd -subject -issuer -startdate -enddate -noout -in $Ucert
-
-echo
-echo "make a proxy certificate request using 'req'"
-$reqcmd -config $P1conf -out $P1req -keyout $P1key $req_new >err.ss
-if [ $? != 0 ]; then
-	echo "error using 'req' to generate a proxy certificate request"
-	exit 1
-fi
-
-echo
-echo "sign proxy certificate request with the just created user certificate via 'x509'"
-$x509cmd -CAcreateserial -in $P1req -days 30 -req -out $P1cert -CA $Ucert -CAkey $Ukey -extfile $P1conf -extensions v3_proxy >err.ss
-if [ $? != 0 ]; then
-	echo "error using 'x509' to sign a proxy certificate request"
-	exit 1
-fi
-
-cat $Ucert > $P1intermediate
-$verifycmd -CAfile $CAcert -untrusted $P1intermediate $P1cert
-echo
-echo "Certificate details"
-$x509cmd -subject -issuer -startdate -enddate -noout -in $P1cert
-
-echo
-echo "make another proxy certificate request using 'req'"
-$reqcmd -config $P2conf -out $P2req -keyout $P2key $req_new >err.ss
-if [ $? != 0 ]; then
-	echo "error using 'req' to generate another proxy certificate request"
-	exit 1
-fi
-
-echo
-echo "sign second proxy certificate request with the first proxy certificate via 'x509'"
-$x509cmd -CAcreateserial -in $P2req -days 30 -req -out $P2cert -CA $P1cert -CAkey $P1key -extfile $P2conf -extensions v3_proxy >err.ss
-if [ $? != 0 ]; then
-	echo "error using 'x509' to sign a second proxy certificate request"
-	exit 1
-fi
-
-cat $Ucert $P1cert > $P2intermediate
-$verifycmd -CAfile $CAcert -untrusted $P2intermediate $P2cert
-echo
-echo "Certificate details"
-$x509cmd -subject -issuer -startdate -enddate -noout -in $P2cert
-
-echo
-echo The generated CA certificate is $CAcert
-echo The generated CA private key is $CAkey
-
-echo The generated user certificate is $Ucert
-echo The generated user private key is $Ukey
-
-echo The first generated proxy certificate is $P1cert
-echo The first generated proxy private key is $P1key
-
-echo The second generated proxy certificate is $P2cert
-echo The second generated proxy private key is $P2key
-
-/bin/rm err.ss
-#/bin/rm $P1intermediate
-#/bin/rm $P2intermediate
-exit 0
diff --git a/deps/openssl/openssl/test/testss.com b/deps/openssl/openssl/test/testss.com
deleted file mode 100644
index 32a74d0fc21..00000000000
--- a/deps/openssl/openssl/test/testss.com
+++ /dev/null
@@ -1,123 +0,0 @@
-$! TESTSS.COM
-$
-$	__arch = "VAX"
-$	if f$getsyi("cpu") .ge. 128 then -
-	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
-$	if __arch .eqs. "" then __arch = "UNK"
-$!
-$	if (p1 .eqs. "64") then __arch = __arch+ "_64"
-$!
-$	exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
-$
-$	digest="-md5"
-$	reqcmd = "mcr ''exe_dir'openssl req"
-$	x509cmd = "mcr ''exe_dir'openssl x509 ''digest'"
-$	verifycmd = "mcr ''exe_dir'openssl verify"
-$	dummycnf = "sys$disk:[-.apps]openssl-vms.cnf"
-$
-$	CAkey="""keyCA.ss"""
-$	CAcert="""certCA.ss"""
-$	CAreq="""reqCA.ss"""
-$	CAconf="""CAss.cnf"""
-$	CAreq2="""req2CA.ss"""	! temp
-$
-$	Uconf="""Uss.cnf"""
-$	Ukey="""keyU.ss"""
-$	Ureq="""reqU.ss"""
-$	Ucert="""certU.ss"""
-$
-$	write sys$output ""
-$	write sys$output "make a certificate request using 'req'"
-$
-$	set noon
-$	define/user sys$output nla0:
-$	mcr 'exe_dir'openssl no-rsa
-$	save_severity=$SEVERITY
-$	set on
-$	if save_severity
-$	then
-$	    req_new="-newkey dsa:[-.apps]dsa512.pem"
-$	else
-$	    req_new="-new"
-$	endif
-$
-$	'reqcmd' -config 'CAconf' -out 'CAreq' -keyout 'CAkey' 'req_new' ! -out err.ss
-$	if $severity .ne. 1
-$	then
-$		write sys$output "error using 'req' to generate a certificate request"
-$		exit 3
-$	endif
-$	write sys$output ""
-$	write sys$output "convert the certificate request into a self signed certificate using 'x509'"
-$	define /user sys$output err.ss
-$	'x509cmd' "-CAcreateserial" -in 'CAreq' -days 30 -req -out 'CAcert' -signkey 'CAkey'
-$	if $severity .ne. 1
-$	then
-$		write sys$output "error using 'x509' to self sign a certificate request"
-$		exit 3
-$	endif
-$
-$	write sys$output ""
-$	write sys$output "convert a certificate into a certificate request using 'x509'"
-$	define /user sys$output err.ss
-$	'x509cmd' -in 'CAcert' -x509toreq -signkey 'CAkey' -out 'CAreq2'
-$	if $severity .ne. 1
-$	then
-$		write sys$output "error using 'x509' convert a certificate to a certificate request"
-$		exit 3
-$	endif
-$
-$	'reqcmd' -config 'dummycnf' -verify -in 'CAreq' -noout
-$	if $severity .ne. 1
-$	then
-$		write sys$output "first generated request is invalid"
-$		exit 3
-$	endif
-$
-$	'reqcmd' -config 'dummycnf' -verify -in 'CAreq2' -noout
-$	if $severity .ne. 1
-$	then
-$		write sys$output "second generated request is invalid"
-$		exit 3
-$	endif
-$
-$	'verifycmd' "-CAfile" 'CAcert' 'CAcert'
-$	if $severity .ne. 1
-$	then
-$		write sys$output "first generated cert is invalid"
-$		exit 3
-$	endif
-$
-$	write sys$output ""
-$	write sys$output "make another certificate request using 'req'"
-$	define /user sys$output err.ss
-$	'reqcmd' -config 'Uconf' -out 'Ureq' -keyout 'Ukey' 'req_new'
-$	if $severity .ne. 1
-$	then
-$		write sys$output "error using 'req' to generate a certificate request"
-$		exit 3
-$	endif
-$
-$	write sys$output ""
-$	write sys$output "sign certificate request with the just created CA via 'x509'"
-$	define /user sys$output err.ss
-$	'x509cmd' "-CAcreateserial" -in 'Ureq' -days 30 -req -out 'Ucert' "-CA" 'CAcert' "-CAkey" 'CAkey'
-$	if $severity .ne. 1
-$	then
-$		write sys$output "error using 'x509' to sign a certificate request"
-$		exit 3
-$	endif
-$
-$	'verifycmd' "-CAfile" 'CAcert' 'Ucert'
-$	write sys$output ""
-$	write sys$output "Certificate details"
-$	'x509cmd' -subject -issuer -startdate -enddate -noout -in 'Ucert'
-$
-$	write sys$output ""
-$	write sys$output "The generated CA certificate is ",CAcert
-$	write sys$output "The generated CA private key is ",CAkey
-$
-$	write sys$output "The generated user certificate is ",Ucert
-$	write sys$output "The generated user private key is ",Ukey
-$
-$	if f$search("err.ss;*") .nes. "" then delete err.ss;*
diff --git a/deps/openssl/openssl/test/testssl b/deps/openssl/openssl/test/testssl
deleted file mode 100644
index aa5be9e05f2..00000000000
--- a/deps/openssl/openssl/test/testssl
+++ /dev/null
@@ -1,163 +0,0 @@
-#!/bin/sh
-
-if [ "$1" = "" ]; then
-  key=../apps/server.pem
-else
-  key="$1"
-fi
-if [ "$2" = "" ]; then
-  cert=../apps/server.pem
-else
-  cert="$2"
-fi
-ssltest="../util/shlib_wrap.sh ./ssltest -key $key -cert $cert -c_key $key -c_cert $cert"
-
-if ../util/shlib_wrap.sh ../apps/openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then
-  dsa_cert=YES
-else
-  dsa_cert=NO
-fi
-
-if [ "$3" = "" ]; then
-  CA="-CApath ../certs"
-else
-  CA="-CAfile $3"
-fi
-
-if [ "$4" = "" ]; then
-  extra=""
-else
-  extra="$4"
-fi
-
-#############################################################################
-
-echo test sslv2
-$ssltest -ssl2 $extra || exit 1
-
-echo test sslv2 with server authentication
-$ssltest -ssl2 -server_auth $CA $extra || exit 1
-
-if [ $dsa_cert = NO ]; then
-  echo test sslv2 with client authentication
-  $ssltest -ssl2 -client_auth $CA $extra || exit 1
-
-  echo test sslv2 with both client and server authentication
-  $ssltest -ssl2 -server_auth -client_auth $CA $extra || exit 1
-fi
-
-echo test sslv3
-$ssltest -ssl3 $extra || exit 1
-
-echo test sslv3 with server authentication
-$ssltest -ssl3 -server_auth $CA $extra || exit 1
-
-echo test sslv3 with client authentication
-$ssltest -ssl3 -client_auth $CA $extra || exit 1
-
-echo test sslv3 with both client and server authentication
-$ssltest -ssl3 -server_auth -client_auth $CA $extra || exit 1
-
-echo test sslv2/sslv3
-$ssltest $extra || exit 1
-
-echo test sslv2/sslv3 with server authentication
-$ssltest -server_auth $CA $extra || exit 1
-
-echo test sslv2/sslv3 with client authentication
-$ssltest -client_auth $CA $extra || exit 1
-
-echo test sslv2/sslv3 with both client and server authentication
-$ssltest -server_auth -client_auth $CA $extra || exit 1
-
-echo test sslv2/sslv3 with both client and server authentication and small client buffers
-$ssltest -server_auth -client_auth -c_small_records $CA $extra || exit 1
-
-echo test sslv2/sslv3 with both client and server authentication and small server buffers
-$ssltest -server_auth -client_auth -s_small_records $CA $extra || exit 1
-
-echo test sslv2/sslv3 with both client and server authentication and small client and server buffers
-$ssltest -server_auth -client_auth -c_small_records -s_small_records $CA $extra || exit 1
-
-echo test sslv2/sslv3 with both client and server authentication and handshake cutthrough
-$ssltest -server_auth -client_auth -cutthrough $CA $extra || exit 1
-
-echo test sslv2 via BIO pair
-$ssltest -bio_pair -ssl2 $extra || exit 1
-
-echo test sslv2 with server authentication via BIO pair
-$ssltest -bio_pair -ssl2 -server_auth $CA $extra || exit 1
-
-if [ $dsa_cert = NO ]; then
-  echo test sslv2 with client authentication via BIO pair
-  $ssltest -bio_pair -ssl2 -client_auth $CA $extra || exit 1
-
-  echo test sslv2 with both client and server authentication via BIO pair
-  $ssltest -bio_pair -ssl2 -server_auth -client_auth $CA $extra || exit 1
-fi
-
-echo test sslv3 via BIO pair
-$ssltest -bio_pair -ssl3 $extra || exit 1
-
-echo test sslv3 with server authentication via BIO pair
-$ssltest -bio_pair -ssl3 -server_auth $CA $extra || exit 1
-
-echo test sslv3 with client authentication via BIO pair
-$ssltest -bio_pair -ssl3 -client_auth $CA $extra || exit 1
-
-echo test sslv3 with both client and server authentication via BIO pair
-$ssltest -bio_pair -ssl3 -server_auth -client_auth $CA $extra || exit 1
-
-echo test sslv2/sslv3 via BIO pair
-$ssltest $extra || exit 1
-
-if [ $dsa_cert = NO ]; then
-  echo 'test sslv2/sslv3 w/o (EC)DHE via BIO pair'
-  $ssltest -bio_pair -no_dhe -no_ecdhe $extra || exit 1
-fi
-
-echo test sslv2/sslv3 with 1024bit DHE via BIO pair
-$ssltest -bio_pair -dhe1024dsa -v $extra || exit 1
-
-echo test sslv2/sslv3 with server authentication
-$ssltest -bio_pair -server_auth $CA $extra || exit 1
-
-echo test sslv2/sslv3 with client authentication via BIO pair
-$ssltest -bio_pair -client_auth $CA $extra || exit 1
-
-echo test sslv2/sslv3 with both client and server authentication via BIO pair
-$ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1
-
-echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
-$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1
-
-#############################################################################
-
-if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
-  echo skipping anonymous DH tests
-else
-  echo test tls1 with 1024bit anonymous DH, multiple handshakes
-  $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1
-fi
-
-if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
-  echo skipping RSA tests
-else
-  echo 'test tls1 with 1024bit RSA, no (EC)DHE, multiple handshakes'
-  ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -no_ecdhe -num 10 -f -time $extra || exit 1
-
-  if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
-    echo skipping RSA+DHE tests
-  else
-    echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes
-    ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1
-  fi
-fi
-
-echo test tls1 with PSK
-$ssltest -tls1 -cipher PSK -psk abc123 $extra || exit 1
-
-echo test tls1 with PSK via BIO pair
-$ssltest -bio_pair -tls1 -cipher PSK -psk abc123 $extra || exit 1
-
-exit 0
diff --git a/deps/openssl/openssl/test/testssl.com b/deps/openssl/openssl/test/testssl.com
deleted file mode 100644
index f19edc4719f..00000000000
--- a/deps/openssl/openssl/test/testssl.com
+++ /dev/null
@@ -1,208 +0,0 @@
-$! TESTSSL.COM
-$
-$	__arch = "VAX"
-$	if f$getsyi("cpu") .ge. 128 then -
-	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
-$	if __arch .eqs. "" then __arch = "UNK"
-$!
-$	if (p4 .eqs. "64") then __arch = __arch+ "_64"
-$!
-$	texe_dir = "sys$disk:[-.''__arch'.exe.test]"
-$	exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
-$
-$	if p1 .eqs. ""
-$	then
-$	    key="[-.apps]server.pem"
-$	else
-$	    key=p1
-$	endif
-$	if p2 .eqs. ""
-$	then
-$	    cert="[-.apps]server.pem"
-$	else
-$	    cert=p2
-$	endif
-$	ssltest = "mcr ''texe_dir'ssltest -key ''key'"+ -
-	 " -cert ''cert' -c_key ''key' -c_cert ''cert'"
-$!
-$	set noon
-$	define/user sys$output testssl-x509-output.
-$	define/user sys$error nla0:
-$	mcr 'exe_dir'openssl x509 -in 'cert' -text -noout
-$	define/user sys$error nla0:
-$	search/output=nla0: testssl-x509-output. "DSA Public Key"/exact
-$	if $severity .eq. 1
-$	then
-$	    dsa_cert = "YES"
-$	else
-$	    dsa_cert = "NO"
-$	endif
-$	delete testssl-x509-output.;*
-$
-$	if p3 .eqs. ""
-$	then
-$	    copy/concatenate [-.certs]*.pem certs.tmp
-$	    CA = """-CAfile"" certs.tmp"
-$	else
-$	    CA = """-CAfile"" "+p3
-$	endif
-$
-$!###########################################################################
-$
-$	write sys$output "test sslv2"
-$	'ssltest' -ssl2
-$	if $severity .ne. 1 then goto exit3
-$
-$	write sys$output "test sslv2 with server authentication"
-$	'ssltest' -ssl2 -server_auth 'CA'
-$	if $severity .ne. 1 then goto exit3
-$
-$	if .not. dsa_cert
-$	then
-$	    write sys$output "test sslv2 with client authentication"
-$	    'ssltest' -ssl2 -client_auth 'CA'
-$	    if $severity .ne. 1 then goto exit3
-$
-$	    write sys$output "test sslv2 with both client and server authentication"
-$	    'ssltest' -ssl2 -server_auth -client_auth 'CA'
-$	    if $severity .ne. 1 then goto exit3
-$	endif
-$
-$	write sys$output "test sslv3"
-$	'ssltest' -ssl3
-$	if $severity .ne. 1 then goto exit3
-$
-$	write sys$output "test sslv3 with server authentication"
-$	'ssltest' -ssl3 -server_auth 'CA'
-$	if $severity .ne. 1 then goto exit3
-$
-$	write sys$output "test sslv3 with client authentication"
-$	'ssltest' -ssl3 -client_auth 'CA'
-$	if $severity .ne. 1 then goto exit3
-$
-$	write sys$output "test sslv3 with both client and server authentication"
-$	'ssltest' -ssl3 -server_auth -client_auth 'CA'
-$	if $severity .ne. 1 then goto exit3
-$
-$	write sys$output "test sslv2/sslv3"
-$	'ssltest'
-$	if $severity .ne. 1 then goto exit3
-$
-$	write sys$output "test sslv2/sslv3 with server authentication"
-$	'ssltest' -server_auth 'CA'
-$	if $severity .ne. 1 then goto exit3
-$
-$	write sys$output "test sslv2/sslv3 with client authentication"
-$	'ssltest' -client_auth 'CA'
-$	if $severity .ne. 1 then goto exit3
-$
-$	write sys$output "test sslv2/sslv3 with both client and server authentication"
-$	'ssltest' -server_auth -client_auth 'CA'
-$	if $severity .ne. 1 then goto exit3
-$
-$	write sys$output "test sslv2 via BIO pair"
-$	'ssltest' -bio_pair -ssl2 
-$	if $severity .ne. 1 then goto exit3
-$
-$	write sys$output "test sslv2 with server authentication via BIO pair"
-$	'ssltest' -bio_pair -ssl2 -server_auth 'CA' 
-$	if $severity .ne. 1 then goto exit3
-$
-$	if .not. dsa_cert
-$	then
-$	    write sys$output "test sslv2 with client authentication via BIO pair"
-$	    'ssltest' -bio_pair -ssl2 -client_auth 'CA' 
-$	    if $severity .ne. 1 then goto exit3
-$
-$	    write sys$output "test sslv2 with both client and server authentication via BIO pair"
-$	    'ssltest' -bio_pair -ssl2 -server_auth -client_auth 'CA' 
-$	    if $severity .ne. 1 then goto exit3
-$	endif
-$
-$	write sys$output "test sslv3 via BIO pair"
-$	'ssltest' -bio_pair -ssl3 
-$	if $severity .ne. 1 then goto exit3
-$
-$	write sys$output "test sslv3 with server authentication via BIO pair"
-$	'ssltest' -bio_pair -ssl3 -server_auth 'CA' 
-$	if $severity .ne. 1 then goto exit3
-$
-$	write sys$output "test sslv3 with client authentication via BIO pair"
-$	'ssltest' -bio_pair -ssl3 -client_auth 'CA' 
-$	if $severity .ne. 1 then goto exit3
- 
-$	write sys$output "test sslv3 with both client and server authentication via BIO pair"
-$	'ssltest' -bio_pair -ssl3 -server_auth -client_auth 'CA' 
-$	if $severity .ne. 1 then goto exit3
-$
-$	write sys$output "test sslv2/sslv3 via BIO pair"
-$	'ssltest' 
-$	if $severity .ne. 1 then goto exit3
-$
-$	if .not. dsa_cert
-$	then
-$	    write sys$output "test sslv2/sslv3 w/o DHE via BIO pair"
-$	    'ssltest' -bio_pair -no_dhe
-$	    if $severity .ne. 1 then goto exit3
-$	endif
-$
-$	write sys$output "test sslv2/sslv3 with 1024 bit DHE via BIO pair"
-$	'ssltest' -bio_pair -dhe1024dsa -v
-$	if $severity .ne. 1 then goto exit3
-$
-$	write sys$output "test sslv2/sslv3 with server authentication"
-$	'ssltest' -bio_pair -server_auth 'CA' 
-$	if $severity .ne. 1 then goto exit3
-$
-$	write sys$output "test sslv2/sslv3 with client authentication via BIO pair"
-$	'ssltest' -bio_pair -client_auth 'CA' 
-$	if $severity .ne. 1 then goto exit3
-$
-$	write sys$output "test sslv2/sslv3 with both client and server authentication via BIO pair"
-$	'ssltest' -bio_pair -server_auth -client_auth 'CA' 
-$	if $severity .ne. 1 then goto exit3
-$
-$!###########################################################################
-$
-$	define/user sys$output nla0:
-$	mcr 'exe_dir'openssl no-rsa
-$	no_rsa=$SEVERITY
-$	define/user sys$output nla0:
-$	mcr 'exe_dir'openssl no-dh
-$	no_dh=$SEVERITY
-$
-$	if no_dh
-$	then
-$	    write sys$output "skipping anonymous DH tests"
-$	else
-$	    write sys$output "test tls1 with 1024bit anonymous DH, multiple handshakes"
-$	    'ssltest' -v -bio_pair -tls1 -cipher "ADH" -dhe1024dsa -num 10 -f -time
-$	    if $severity .ne. 1 then goto exit3
-$	endif
-$
-$	if no_rsa
-$	then
-$	    write sys$output "skipping RSA tests"
-$	else
-$	    write sys$output "test tls1 with 1024bit RSA, no DHE, multiple handshakes"
-$	    mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -no_dhe -num 10 -f -time
-$	    if $severity .ne. 1 then goto exit3
-$
-$	    if no_dh
-$	    then
-$		write sys$output "skipping RSA+DHE tests"
-$	    else
-$		write sys$output "test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes"
-$		mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -dhe1024dsa -num 10 -f -time
-$		if $severity .ne. 1 then goto exit3
-$	    endif
-$	endif
-$
-$	RET = 1
-$	goto exit
-$ exit3:
-$	RET = 3
-$ exit:
-$	if p3 .eqs. "" then delete certs.tmp;*
-$	set on
-$	exit 'RET'
diff --git a/deps/openssl/openssl/test/testsslproxy b/deps/openssl/openssl/test/testsslproxy
deleted file mode 100644
index 58bbda8ab7d..00000000000
--- a/deps/openssl/openssl/test/testsslproxy
+++ /dev/null
@@ -1,10 +0,0 @@
-#! /bin/sh
-
-echo 'Testing a lot of proxy conditions.'
-echo 'Some of them may turn out being invalid, which is fine.'
-for auth in A B C BC; do
-    for cond in A B C 'A|B&!C'; do
-	sh ./testssl $1 $2 $3 "-proxy -proxy_auth $auth -proxy_cond $cond"
-	if [ $? = 3 ]; then exit 1; fi
-    done
-done
diff --git a/deps/openssl/openssl/test/testtsa b/deps/openssl/openssl/test/testtsa
deleted file mode 100644
index bb653b5f73d..00000000000
--- a/deps/openssl/openssl/test/testtsa
+++ /dev/null
@@ -1,238 +0,0 @@
-#!/bin/sh
-
-#
-# A few very basic tests for the 'ts' time stamping authority command.
-#
-
-SH="/bin/sh"
-if test "$OSTYPE" = msdosdjgpp; then
-    PATH="../apps\;$PATH"
-else
-    PATH="../apps:$PATH"
-fi
-export SH PATH
-
-OPENSSL_CONF="../CAtsa.cnf"
-export OPENSSL_CONF
-# Because that's what ../apps/CA.sh really looks at
-SSLEAY_CONFIG="-config $OPENSSL_CONF"
-export SSLEAY_CONFIG
-
-OPENSSL="`pwd`/../util/opensslwrap.sh"
-export OPENSSL
-
-error () {
-
-    echo "TSA test failed!" >&2
-    exit 1
-}
-
-setup_dir () {
-
-    rm -rf tsa 2>/dev/null
-    mkdir tsa
-    cd ./tsa
-}
-
-clean_up_dir () {
-
-    cd ..
-    rm -rf tsa
-}
-
-create_ca () {
-
-    echo "Creating a new CA for the TSA tests..."
-    TSDNSECT=ts_ca_dn
-    export TSDNSECT   
-    ../../util/shlib_wrap.sh ../../apps/openssl req -new -x509 -nodes \
-	-out tsaca.pem -keyout tsacakey.pem
-    test $? != 0 && error
-}
-
-create_tsa_cert () {
-
-    INDEX=$1
-    export INDEX
-    EXT=$2
-    TSDNSECT=ts_cert_dn
-    export TSDNSECT   
-
-    ../../util/shlib_wrap.sh ../../apps/openssl req -new \
-	-out tsa_req${INDEX}.pem -keyout tsa_key${INDEX}.pem
-    test $? != 0 && error
-echo Using extension $EXT
-    ../../util/shlib_wrap.sh ../../apps/openssl x509 -req \
-	-in tsa_req${INDEX}.pem -out tsa_cert${INDEX}.pem \
-	-CA tsaca.pem -CAkey tsacakey.pem -CAcreateserial \
-	-extfile $OPENSSL_CONF -extensions $EXT
-    test $? != 0 && error
-}
-
-print_request () {
-
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -query -in $1 -text
-}
-
-create_time_stamp_request1 () {
-
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../testtsa -policy tsa_policy1 -cert -out req1.tsq
-    test $? != 0 && error
-}
-
-create_time_stamp_request2 () {
-
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../testtsa -policy tsa_policy2 -no_nonce \
-	-out req2.tsq
-    test $? != 0 && error
-}
-
-create_time_stamp_request3 () {
-
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../CAtsa.cnf -no_nonce -out req3.tsq
-    test $? != 0 && error
-}
-
-print_response () {
-
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $1 -text
-    test $? != 0 && error
-}
-
-create_time_stamp_response () {
-
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -section $3 -queryfile $1 -out $2
-    test $? != 0 && error
-}
-
-time_stamp_response_token_test () {
-
-    RESPONSE2=$2.copy.tsr
-    TOKEN_DER=$2.token.der
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $TOKEN_DER -token_out
-    test $? != 0 && error
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $TOKEN_DER -token_in -out $RESPONSE2
-    test $? != 0 && error
-    cmp $RESPONSE2 $2
-    test $? != 0 && error
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -text -token_out
-    test $? != 0 && error
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $TOKEN_DER -token_in -text -token_out
-    test $? != 0 && error
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -queryfile $1 -text -token_out
-    test $? != 0 && error
-}
-
-verify_time_stamp_response () {
-
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2 -CAfile tsaca.pem \
-	-untrusted tsa_cert1.pem
-    test $? != 0 && error
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -data $3 -in $2 -CAfile tsaca.pem \
-	-untrusted tsa_cert1.pem
-    test $? != 0 && error
-}
-
-verify_time_stamp_token () {
-
-    # create the token from the response first
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $2.token -token_out
-    test $? != 0 && error
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2.token -token_in \
-	-CAfile tsaca.pem -untrusted tsa_cert1.pem
-    test $? != 0 && error
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -data $3 -in $2.token -token_in \
-	-CAfile tsaca.pem -untrusted tsa_cert1.pem
-    test $? != 0 && error
-}
-
-verify_time_stamp_response_fail () {
-
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2 -CAfile tsaca.pem \
-	-untrusted tsa_cert1.pem
-    # Checks if the verification failed, as it should have.
-    test $? = 0 && error
-    echo Ok
-}
-
-# main functions
-
-echo "Setting up TSA test directory..."
-setup_dir
-
-echo "Creating CA for TSA tests..."
-create_ca
-
-echo "Creating tsa_cert1.pem TSA server cert..."
-create_tsa_cert 1 tsa_cert
-
-echo "Creating tsa_cert2.pem non-TSA server cert..."
-create_tsa_cert 2 non_tsa_cert
-
-echo "Creating req1.req time stamp request for file testtsa..."
-create_time_stamp_request1
-
-echo "Printing req1.req..."
-print_request req1.tsq
-
-echo "Generating valid response for req1.req..."
-create_time_stamp_response req1.tsq resp1.tsr tsa_config1
-
-echo "Printing response..."
-print_response resp1.tsr
-
-echo "Verifying valid response..."
-verify_time_stamp_response req1.tsq resp1.tsr ../testtsa
-
-echo "Verifying valid token..."
-verify_time_stamp_token req1.tsq resp1.tsr ../testtsa
-
-# The tests below are commented out, because invalid signer certificates
-# can no longer be specified in the config file.
-
-# echo "Generating _invalid_ response for req1.req..."
-# create_time_stamp_response req1.tsq resp1_bad.tsr tsa_config2
-
-# echo "Printing response..."
-# print_response resp1_bad.tsr
-
-# echo "Verifying invalid response, it should fail..."
-# verify_time_stamp_response_fail req1.tsq resp1_bad.tsr
-
-echo "Creating req2.req time stamp request for file testtsa..."
-create_time_stamp_request2
-
-echo "Printing req2.req..."
-print_request req2.tsq
-
-echo "Generating valid response for req2.req..."
-create_time_stamp_response req2.tsq resp2.tsr tsa_config1
-
-echo "Checking '-token_in' and '-token_out' options with '-reply'..."
-time_stamp_response_token_test req2.tsq resp2.tsr
-
-echo "Printing response..."
-print_response resp2.tsr
-
-echo "Verifying valid response..."
-verify_time_stamp_response req2.tsq resp2.tsr ../testtsa
-
-echo "Verifying response against wrong request, it should fail..."
-verify_time_stamp_response_fail req1.tsq resp2.tsr
-
-echo "Verifying response against wrong request, it should fail..."
-verify_time_stamp_response_fail req2.tsq resp1.tsr
-
-echo "Creating req3.req time stamp request for file CAtsa.cnf..."
-create_time_stamp_request3
-
-echo "Printing req3.req..."
-print_request req3.tsq
-
-echo "Verifying response against wrong request, it should fail..."
-verify_time_stamp_response_fail req3.tsq resp1.tsr
-
-echo "Cleaning up..."
-clean_up_dir
-
-exit 0
diff --git a/deps/openssl/openssl/test/testtsa.com b/deps/openssl/openssl/test/testtsa.com
deleted file mode 100644
index 29fb1d0e63e..00000000000
--- a/deps/openssl/openssl/test/testtsa.com
+++ /dev/null
@@ -1,255 +0,0 @@
-$!
-$! A few very basic tests for the 'ts' time stamping authority command.
-$!
-$
-$	__arch = "VAX"
-$	if f$getsyi("cpu") .ge. 128 then -
-	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
-$	if __arch .eqs. "" then __arch = "UNK"
-$!
-$	if (p4 .eqs. "64") then __arch = __arch+ "_64"
-$!
-$	exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
-$
-$	openssl = "mcr ''f$parse(exe_dir+"openssl.exe")'"
-$	OPENSSL_CONF = "[-]CAtsa.cnf"
-$	! Because that's what ../apps/CA.sh really looks at
-$	SSLEAY_CONFIG = "-config " + OPENSSL_CONF
-$
-$ error:
-$	subroutine
-$		write sys$error "TSA test failed!"
-$		exit 3
-$	endsubroutine
-$
-$ setup_dir:
-$	subroutine
-$
-$		if f$search("tsa.dir") .nes ""
-$		then
-$			@[-.util]deltree [.tsa]*.*
-$ 			set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) tsa.dir;*
-$ 			delete tsa.dir;*
-$		endif
-$
-$		create/dir [.tsa]
-$		set default [.tsa]
-$	endsubroutine
-$
-$ clean_up_dir:
-$	subroutine
-$
-$		set default [-]
-$		@[-.util]deltree [.tsa]*.*
-$ 		set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) tsa.dir;*
-$ 		delete tsa.dir;*
-$	endsubroutine
-$
-$ create_ca:
-$	subroutine
-$
-$		write sys$output "Creating a new CA for the TSA tests..."
-$		TSDNSECT = "ts_ca_dn"
-$		openssl req -new -x509 -nodes -
-			-out tsaca.pem -keyout tsacakey.pem
-$		if $severity .ne. 1 then call error
-$	endsubroutine
-$
-$ create_tsa_cert:
-$	subroutine
-$
-$		INDEX=p1
-$		EXT=p2
-$		TSDNSECT = "ts_cert_dn"
-$
-$		openssl req -new -
-			-out tsa_req'INDEX'.pem -keyout tsa_key'INDEX'.pem
-$		if $severity .ne. 1 then call error
-$
-$		write sys$output "Using extension ''EXT'"
-$		openssl x509 -req -
-			-in tsa_req'INDEX'.pem -out tsa_cert'INDEX'.pem -
-			"-CA" tsaca.pem "-CAkey" tsacakey.pem "-CAcreateserial" -
-			-extfile 'OPENSSL_CONF' -extensions "''EXT'"
-$		if $severity .ne. 1 then call error
-$	endsubroutine
-$
-$ print_request:
-$	subroutine
-$
-$		openssl ts -query -in 'p1' -text
-$	endsubroutine
-$
-$ create_time_stamp_request1: subroutine
-$
-$		openssl ts -query -data [-]testtsa.com -policy tsa_policy1 -
-			-cert -out req1.tsq
-$		if $severity .ne. 1 then call error
-$	endsubroutine
-$
-$ create_time_stamp_request2: subroutine
-$
-$		openssl ts -query -data [-]testtsa.com -policy tsa_policy2 -
-			-no_nonce -out req2.tsq
-$		if $severity .ne. 1 then call error
-$	endsubroutine
-$
-$ create_time_stamp_request3: subroutine
-$
-$		openssl ts -query -data [-]CAtsa.cnf -no_nonce -out req3.tsq
-$		if $severity .ne. 1 then call error
-$	endsubroutine
-$
-$ print_response:
-$	subroutine
-$
-$		openssl ts -reply -in 'p1' -text
-$		if $severity .ne. 1 then call error
-$	endsubroutine
-$
-$ create_time_stamp_response:
-$	subroutine
-$
-$		openssl ts -reply -section 'p3' -queryfile 'p1' -out 'p2'
-$		if $severity .ne. 1 then call error
-$	endsubroutine
-$
-$ time_stamp_response_token_test:
-$	subroutine
-$
-$		RESPONSE2 = p2+ "-copy_tsr"
-$		TOKEN_DER = p2+ "-token_der"
-$		openssl ts -reply -in 'p2' -out 'TOKEN_DER' -token_out
-$		if $severity .ne. 1 then call error
-$		openssl ts -reply -in 'TOKEN_DER' -token_in -out 'RESPONSE2'
-$		if $severity .ne. 1 then call error
-$		backup/compare 'RESPONSE2' 'p2'
-$		if $severity .ne. 1 then call error
-$		openssl ts -reply -in 'p2' -text -token_out
-$		if $severity .ne. 1 then call error
-$		openssl ts -reply -in 'TOKEN_DER' -token_in -text -token_out
-$		if $severity .ne. 1 then call error
-$		openssl ts -reply -queryfile 'p1' -text -token_out
-$		if $severity .ne. 1 then call error
-$	endsubroutine
-$
-$ verify_time_stamp_response:
-$	subroutine
-$
-$		openssl ts -verify -queryfile 'p1' -in 'p2' -
-			"-CAfile" tsaca.pem -untrusted tsa_cert1.pem
-$		if $severity .ne. 1 then call error
-$		openssl ts -verify -data 'p3' -in 'p2' -
-			"-CAfile" tsaca.pem -untrusted tsa_cert1.pem
-$		if $severity .ne. 1 then call error
-$	endsubroutine
-$
-$ verify_time_stamp_token:
-$	subroutine
-$
-$		! create the token from the response first
-$		openssl ts -reply -in "''p2'" -out "''p2'-token" -token_out
-$		if $severity .ne. 1 then call error
-$		openssl ts -verify -queryfile "''p1'" -in "''p2'-token" -
-		 -token_in "-CAfile" tsaca.pem -untrusted tsa_cert1.pem
-$		if $severity .ne. 1 then call error
-$		openssl ts -verify -data "''p3'" -in "''p2'-token" -
-		 -token_in "-CAfile" tsaca.pem -untrusted tsa_cert1.pem
-$		if $severity .ne. 1 then call error
-$	endsubroutine
-$
-$ verify_time_stamp_response_fail:
-$	subroutine
-$
-$		openssl ts -verify -queryfile 'p1' -in 'p2' -
-			"-CAfile" tsaca.pem -untrusted tsa_cert1.pem
-$		! Checks if the verification failed, as it should have.
-$		if $severity .eq. 1 then call error
-$		write sys$output "Ok"
-$	endsubroutine
-$
-$	! Main body ----------------------------------------------------------
-$
-$	set noon
-$
-$	write sys$output "Setting up TSA test directory..."
-$	call setup_dir
-$
-$	write sys$output "Creating CA for TSA tests..."
-$	call create_ca
-$
-$	write sys$output "Creating tsa_cert1.pem TSA server cert..."
-$	call create_tsa_cert 1 "tsa_cert"
-$
-$	write sys$output "Creating tsa_cert2.pem non-TSA server cert..."
-$	call create_tsa_cert 2 "non_tsa_cert"
-$
-$	write sys$output "Creating req1.req time stamp request for file testtsa..."
-$	call create_time_stamp_request1
-$
-$	write sys$output "Printing req1.req..."
-$	call print_request "req1.tsq"
-$
-$	write sys$output "Generating valid response for req1.req..."
-$	call create_time_stamp_response "req1.tsq" "resp1.tsr" "tsa_config1"
-$
-$	write sys$output "Printing response..."
-$	call print_response "resp1.tsr"
-$
-$	write sys$output "Verifying valid response..."
-$	call verify_time_stamp_response "req1.tsq" "resp1.tsr" "[-]testtsa.com"
-$
-$	write sys$output "Verifying valid token..."
-$	call verify_time_stamp_token "req1.tsq" "resp1.tsr" "[-]testtsa.com"
-$
-$	! The tests below are commented out, because invalid signer certificates
-$	! can no longer be specified in the config file.
-$
-$	! write sys$output "Generating _invalid_ response for req1.req..."
-$	! call create_time_stamp_response "req1.tsq" "resp1_bad.tsr" "tsa_config2"
-$
-$	! write sys$output "Printing response..."
-$	! call print_response "resp1_bad.tsr"
-$
-$	! write sys$output "Verifying invalid response, it should fail..."
-$	! call verify_time_stamp_response_fail "req1.tsq" "resp1_bad.tsr"
-$
-$	write sys$output "Creating req2.req time stamp request for file testtsa..."
-$	call create_time_stamp_request2
-$
-$	write sys$output "Printing req2.req..."
-$	call print_request "req2.tsq"
-$
-$	write sys$output "Generating valid response for req2.req..."
-$	call create_time_stamp_response "req2.tsq" "resp2.tsr" "tsa_config1"
-$
-$	write sys$output "Checking '-token_in' and '-token_out' options with '-reply'..."
-$	call time_stamp_response_token_test "req2.tsq" "resp2.tsr"
-$
-$	write sys$output "Printing response..."
-$	call print_response "resp2.tsr"
-$
-$	write sys$output "Verifying valid response..."
-$	call verify_time_stamp_response "req2.tsq" "resp2.tsr" "[-]testtsa.com"
-$
-$	write sys$output "Verifying response against wrong request, it should fail..."
-$	call verify_time_stamp_response_fail "req1.tsq" "resp2.tsr"
-$
-$	write sys$output "Verifying response against wrong request, it should fail..."
-$	call verify_time_stamp_response_fail "req2.tsq" "resp1.tsr"
-$
-$	write sys$output "Creating req3.req time stamp request for file CAtsa.cnf..."
-$	call create_time_stamp_request3
-$
-$	write sys$output "Printing req3.req..."
-$	call print_request "req3.tsq"
-$
-$	write sys$output "Verifying response against wrong request, it should fail..."
-$	call verify_time_stamp_response_fail "req3.tsq" "resp1.tsr"
-$
-$	write sys$output "Cleaning up..."
-$	call clean_up_dir
-$
-$	set on
-$
-$	exit
diff --git a/deps/openssl/openssl/test/testx509.pem b/deps/openssl/openssl/test/testx509.pem
deleted file mode 100644
index 8a85d14964f..00000000000
--- a/deps/openssl/openssl/test/testx509.pem
+++ /dev/null
@@ -1,10 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIBWzCCAQYCARgwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV
-BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MDYxOTIz
-MzMxMloXDTk1MDcxNzIzMzMxMlowOjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM
-RDEdMBsGA1UEAxMUU1NMZWF5L3JzYSB0ZXN0IGNlcnQwXDANBgkqhkiG9w0BAQEF
-AANLADBIAkEAqtt6qS5GTxVxGZYWa0/4u+IwHf7p2LNZbcPBp9/OfIcYAXBQn8hO
-/Re1uwLKXdCjIoaGs4DLdG88rkzfyK5dPQIDAQABMAwGCCqGSIb3DQIFBQADQQAE
-Wc7EcF8po2/ZO6kNCwK/ICH6DobgLekA5lSLr5EvuioZniZp5lFzAw4+YzPQ7XKJ
-zl9HYIMxATFyqSiD9jsx
------END CERTIFICATE-----
diff --git a/deps/openssl/openssl/test/times b/deps/openssl/openssl/test/times
deleted file mode 100644
index 6b66eb342e6..00000000000
--- a/deps/openssl/openssl/test/times
+++ /dev/null
@@ -1,113 +0,0 @@
-
-More number for the questions about SSL overheads....
-
-The following numbers were generated on a Pentium pro 200, running Linux.
-They give an indication of the SSL protocol and encryption overheads.
-
-The program that generated them is an unreleased version of ssl/ssltest.c
-which is the SSLeay ssl protocol testing program.  It is a single process that
-talks both sides of the SSL protocol via a non-blocking memory buffer
-interface.
-
-How do I read this?  The protocol and cipher are reasonable obvious.
-The next number is the number of connections being made.  The next is the
-number of bytes exchanged between the client and server side of the protocol.
-This is the number of bytes that the client sends to the server, and then
-the server sends back.  Because this is all happening in one process,
-the data is being encrypted, decrypted, encrypted and then decrypted again.
-It is a round trip of that many bytes.  Because the one process performs
-both the client and server sides of the protocol and it sends this many bytes
-each direction, multiply this number by 4 to generate the number
-of bytes encrypted/decrypted/MACed.  The first time value is how many seconds
-elapsed doing a full SSL handshake, the second is the cost of one
-full handshake and the rest being session-id reuse.
-
-SSLv2 RC4-MD5      1000 x      1   12.83s   0.70s
-SSLv3 NULL-MD5     1000 x      1   14.35s   1.47s
-SSLv3 RC4-MD5      1000 x      1   14.46s   1.56s
-SSLv3 RC4-MD5      1000 x      1   51.93s   1.62s 1024bit RSA
-SSLv3 RC4-SHA      1000 x      1   14.61s   1.83s
-SSLv3 DES-CBC-SHA  1000 x      1   14.70s   1.89s
-SSLv3 DES-CBC3-SHA 1000 x      1   15.16s   2.16s
-
-SSLv2 RC4-MD5      1000 x   1024   13.72s   1.27s
-SSLv3 NULL-MD5     1000 x   1024   14.79s   1.92s
-SSLv3 RC4-MD5      1000 x   1024   52.58s   2.29s 1024bit RSA
-SSLv3 RC4-SHA      1000 x   1024   15.39s   2.67s
-SSLv3 DES-CBC-SHA  1000 x   1024   16.45s   3.55s
-SSLv3 DES-CBC3-SHA 1000 x   1024   18.21s   5.38s
-
-SSLv2 RC4-MD5      1000 x  10240   18.97s   6.52s
-SSLv3 NULL-MD5     1000 x  10240   17.79s   5.11s
-SSLv3 RC4-MD5      1000 x  10240   20.25s   7.90s
-SSLv3 RC4-MD5      1000 x  10240   58.26s   8.08s 1024bit RSA
-SSLv3 RC4-SHA      1000 x  10240   22.96s  11.44s
-SSLv3 DES-CBC-SHA  1000 x  10240   30.65s  18.41s
-SSLv3 DES-CBC3-SHA 1000 x  10240   47.04s  34.53s
-
-SSLv2 RC4-MD5      1000 x 102400   70.22s  57.74s
-SSLv3 NULL-MD5     1000 x 102400   43.73s  31.03s
-SSLv3 RC4-MD5      1000 x 102400   71.32s  58.83s
-SSLv3 RC4-MD5      1000 x 102400  109.66s  59.20s 1024bit RSA
-SSLv3 RC4-SHA      1000 x 102400   95.88s  82.21s
-SSLv3 DES-CBC-SHA  1000 x 102400  173.22s 160.55s
-SSLv3 DES-CBC3-SHA 1000 x 102400  336.61s 323.82s
-
-What does this all mean?  Well for a server, with no session-id reuse, with
-a transfer size of 10240 bytes, using RC4-MD5 and a 512bit server key,
-a Pentium pro 200 running Linux can handle the SSLv3 protocol overheads of
-about 49 connections a second.  Reality will be quite different :-).
-
-Remember the first number is 1000 full ssl handshakes, the second is
-1 full and 999 with session-id reuse.  The RSA overheads for each exchange
-would be one public and one private operation, but the protocol/MAC/cipher
-cost would be quite similar in both the client and server.
-
-eric (adding numbers to speculation)
-
---- Appendix ---
-- The time measured is user time but these number a very rough.
-- Remember this is the cost of both client and server sides of the protocol.
-- The TCP/kernel overhead of connection establishment is normally the
-  killer in SSL.  Often delays in the TCP protocol will make session-id
-  reuse look slower that new sessions, but this would not be the case on
-  a loaded server.
-- The TCP round trip latencies, while slowing individual connections,
-  would have minimal impact on throughput.
-- Instead of sending one 102400 byte buffer, one 8k buffer is sent until
-- the required number of bytes are processed.
-- The SSLv3 connections were actually SSLv2 compatible SSLv3 headers.
-- A 512bit server key was being used except where noted.
-- No server key verification was being performed on the client side of the
-  protocol.  This would slow things down very little.
-- The library being used is SSLeay 0.8.x.
-- The normal measuring system was commands of the form
-  time ./ssltest -num 1000 -bytes 102400 -cipher DES-CBC-SHA -reuse
-  This modified version of ssltest should be in the next public release of
-  SSLeay.
-
-The general cipher performance number for this platform are
-
-SSLeay 0.8.2a 04-Sep-1997
-built on Fri Sep  5 17:37:05 EST 1997
-options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2)
-C flags:gcc -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized 
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2               131.02k      368.41k      500.57k      549.21k      566.09k
-mdc2              535.60k      589.10k      595.88k      595.97k      594.54k
-md5              1801.53k     9674.77k    17484.03k    21849.43k    23592.96k
-sha              1261.63k     5533.25k     9285.63k    11187.88k    11913.90k
-sha1             1103.13k     4782.53k     7933.78k     9472.34k    10070.70k
-rc4             10722.53k    14443.93k    15215.79k    15299.24k    15219.59k
-des cbc          3286.57k     3827.73k     3913.39k     3931.82k     3926.70k
-des ede3         1443.50k     1549.08k     1561.17k     1566.38k     1564.67k
-idea cbc         2203.64k     2508.16k     2538.33k     2543.62k     2547.71k
-rc2 cbc          1430.94k     1511.59k     1524.82k     1527.13k     1523.33k
-blowfish cbc     4716.07k     5965.82k     6190.17k     6243.67k     6234.11k
-                  sign    verify
-rsa  512 bits   0.0100s   0.0011s
-rsa 1024 bits   0.0451s   0.0012s
-rsa 2048 bits   0.2605s   0.0086s
-rsa 4096 bits   1.6883s   0.0302s
-
diff --git a/deps/openssl/openssl/test/tpkcs7 b/deps/openssl/openssl/test/tpkcs7
deleted file mode 100644
index 3e435ffbf9f..00000000000
--- a/deps/openssl/openssl/test/tpkcs7
+++ /dev/null
@@ -1,48 +0,0 @@
-#!/bin/sh
-
-cmd='../util/shlib_wrap.sh ../apps/openssl pkcs7'
-
-if [ "$1"x != "x" ]; then
-	t=$1
-else
-	t=testp7.pem
-fi
-
-echo testing pkcs7 conversions
-cp $t fff.p
-
-echo "p -> d"
-$cmd -in fff.p -inform p -outform d >f.d
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in fff.p -inform p -outform p >f.p
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> d"
-$cmd -in f.d -inform d -outform d >ff.d1
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> d"
-$cmd -in f.p -inform p -outform d >ff.d3
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> p"
-$cmd -in f.d -inform d -outform p >ff.p1
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in f.p -inform p -outform p >ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp fff.p f.p
-if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp f.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-cmp f.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-/bin/rm -f f.* ff.* fff.*
-exit 0
diff --git a/deps/openssl/openssl/test/tpkcs7.com b/deps/openssl/openssl/test/tpkcs7.com
deleted file mode 100644
index 3fc4982bb00..00000000000
--- a/deps/openssl/openssl/test/tpkcs7.com
+++ /dev/null
@@ -1,59 +0,0 @@
-$! TPKCS7.COM  --  Tests pkcs7 keys
-$
-$	__arch = "VAX"
-$	if f$getsyi("cpu") .ge. 128 then -
-	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
-$	if __arch .eqs. "" then __arch = "UNK"
-$!
-$	if (p2 .eqs. "64") then __arch = __arch+ "_64"
-$!
-$	exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
-$
-$	cmd = "mcr ''exe_dir'openssl pkcs7"
-$
-$	t = "testp7.pem"
-$	if p1 .nes. "" then t = p1
-$
-$	write sys$output "testing PKCS7 conversions"
-$	if f$search("fff.*") .nes "" then delete fff.*;*
-$	if f$search("ff.*") .nes "" then delete ff.*;*
-$	if f$search("f.*") .nes "" then delete f.*;*
-$	convert/fdl=sys$input: 't' fff.p
-RECORD
-	FORMAT STREAM_LF
-$
-$	write sys$output "p -> d"
-$	'cmd' -in fff.p -inform p -outform d -out f.d
-$	if $severity .ne. 1 then exit 3
-$	write sys$output "p -> p"
-$	'cmd' -in fff.p -inform p -outform p -out f.p
-$	if $severity .ne. 1 then exit 3
-$
-$	write sys$output "d -> d"
-$	'cmd' -in f.d -inform d -outform d -out ff.d1
-$	if $severity .ne. 1 then exit 3
-$	write sys$output "p -> d"
-$	'cmd' -in f.p -inform p -outform d -out ff.d3
-$	if $severity .ne. 1 then exit 3
-$
-$
-$	write sys$output "d -> p"
-$	'cmd' -in f.d -inform d -outform p -out ff.p1
-$	if $severity .ne. 1 then exit 3
-$	write sys$output "p -> p"
-$	'cmd' -in f.p -inform p -outform p -out ff.p3
-$	if $severity .ne. 1 then exit 3
-$
-$	backup/compare fff.p f.p
-$	if $severity .ne. 1 then exit 3
-$	backup/compare fff.p ff.p1
-$	if $severity .ne. 1 then exit 3
-$	backup/compare fff.p ff.p3
-$	if $severity .ne. 1 then exit 3
-$
-$	backup/compare f.p ff.p1
-$	if $severity .ne. 1 then exit 3
-$	backup/compare f.p ff.p3
-$	if $severity .ne. 1 then exit 3
-$
-$	delete f.*;*,ff.*;*,fff.*;*
diff --git a/deps/openssl/openssl/test/tpkcs7d b/deps/openssl/openssl/test/tpkcs7d
deleted file mode 100644
index 64fc28e88f0..00000000000
--- a/deps/openssl/openssl/test/tpkcs7d
+++ /dev/null
@@ -1,41 +0,0 @@
-#!/bin/sh
-
-cmd='../util/shlib_wrap.sh ../apps/openssl pkcs7'
-
-if [ "$1"x != "x" ]; then
-	t=$1
-else
-	t=pkcs7-1.pem
-fi
-
-echo "testing pkcs7 conversions (2)"
-cp $t fff.p
-
-echo "p -> d"
-$cmd -in fff.p -inform p -outform d >f.d
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in fff.p -inform p -outform p >f.p
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> d"
-$cmd -in f.d -inform d -outform d >ff.d1
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> d"
-$cmd -in f.p -inform p -outform d >ff.d3
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> p"
-$cmd -in f.d -inform d -outform p >ff.p1
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in f.p -inform p -outform p >ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp f.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-cmp f.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-/bin/rm -f f.* ff.* fff.*
-exit 0
diff --git a/deps/openssl/openssl/test/tpkcs7d.com b/deps/openssl/openssl/test/tpkcs7d.com
deleted file mode 100644
index eea8c888ee6..00000000000
--- a/deps/openssl/openssl/test/tpkcs7d.com
+++ /dev/null
@@ -1,52 +0,0 @@
-$! TPKCS7.COM  --  Tests pkcs7 keys
-$
-$	__arch = "VAX"
-$	if f$getsyi("cpu") .ge. 128 then -
-	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
-$	if __arch .eqs. "" then __arch = "UNK"
-$!
-$	if (p2 .eqs. "64") then __arch = __arch+ "_64"
-$!
-$	exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
-$
-$	cmd = "mcr ''exe_dir'openssl pkcs7"
-$
-$	t = "pkcs7-1.pem"
-$	if p1 .nes. "" then t = p1
-$
-$	write sys$output "testing PKCS7 conversions (2)"
-$	if f$search("fff.*") .nes "" then delete fff.*;*
-$	if f$search("ff.*") .nes "" then delete ff.*;*
-$	if f$search("f.*") .nes "" then delete f.*;*
-$	convert/fdl=sys$input: 't' fff.p
-RECORD
-	FORMAT STREAM_LF
-$
-$	write sys$output "p -> d"
-$	'cmd' -in fff.p -inform p -outform d -out f.d
-$	if $severity .ne. 1 then exit 3
-$	write sys$output "p -> p"
-$	'cmd' -in fff.p -inform p -outform p -out f.p
-$	if $severity .ne. 1 then exit 3
-$
-$	write sys$output "d -> d"
-$	'cmd' -in f.d -inform d -outform d -out ff.d1
-$	if $severity .ne. 1 then exit 3
-$	write sys$output "p -> d"
-$	'cmd' -in f.p -inform p -outform d -out ff.d3
-$	if $severity .ne. 1 then exit 3
-$
-$
-$	write sys$output "d -> p"
-$	'cmd' -in f.d -inform d -outform p -out ff.p1
-$	if $severity .ne. 1 then exit 3
-$	write sys$output "p -> p"
-$	'cmd' -in f.p -inform p -outform p -out ff.p3
-$	if $severity .ne. 1 then exit 3
-$
-$	backup/compare f.p ff.p1
-$	if $severity .ne. 1 then exit 3
-$	backup/compare f.p ff.p3
-$	if $severity .ne. 1 then exit 3
-$
-$	delete f.*;*,ff.*;*,fff.*;*
diff --git a/deps/openssl/openssl/test/treq b/deps/openssl/openssl/test/treq
deleted file mode 100644
index 77f37dcf3a9..00000000000
--- a/deps/openssl/openssl/test/treq
+++ /dev/null
@@ -1,83 +0,0 @@
-#!/bin/sh
-
-cmd='../util/shlib_wrap.sh ../apps/openssl req -config ../apps/openssl.cnf'
-
-if [ "$1"x != "x" ]; then
-	t=$1
-else
-	t=testreq.pem
-fi
-
-if $cmd -in $t -inform p -noout -text 2>&1 | fgrep -i 'Unknown Public Key'; then
-  echo "skipping req conversion test for $t"
-  exit 0
-fi
-
-echo testing req conversions
-cp $t fff.p
-
-echo "p -> d"
-$cmd -in fff.p -inform p -outform d >f.d
-if [ $? != 0 ]; then exit 1; fi
-#echo "p -> t"
-#$cmd -in fff.p -inform p -outform t >f.t
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in fff.p -inform p -outform p >f.p
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> d"
-$cmd -verify -in f.d -inform d -outform d >ff.d1
-if [ $? != 0 ]; then exit 1; fi
-#echo "t -> d"
-#$cmd -in f.t -inform t -outform d >ff.d2
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> d"
-$cmd -verify -in f.p -inform p -outform d >ff.d3
-if [ $? != 0 ]; then exit 1; fi
-
-#echo "d -> t"
-#$cmd -in f.d -inform d -outform t >ff.t1
-#if [ $? != 0 ]; then exit 1; fi
-#echo "t -> t"
-#$cmd -in f.t -inform t -outform t >ff.t2
-#if [ $? != 0 ]; then exit 1; fi
-#echo "p -> t"
-#$cmd -in f.p -inform p -outform t >ff.t3
-#if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> p"
-$cmd -in f.d -inform d -outform p >ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#echo "t -> p"
-#$cmd -in f.t -inform t -outform p >ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in f.p -inform p -outform p >ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp fff.p f.p
-if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp fff.p ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-#cmp f.t ff.t1
-#if [ $? != 0 ]; then exit 1; fi
-#cmp f.t ff.t2
-#if [ $? != 0 ]; then exit 1; fi
-#cmp f.t ff.t3
-#if [ $? != 0 ]; then exit 1; fi
-
-cmp f.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp f.p ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp f.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-/bin/rm -f f.* ff.* fff.*
-exit 0
diff --git a/deps/openssl/openssl/test/treq.com b/deps/openssl/openssl/test/treq.com
deleted file mode 100644
index acf08b79efd..00000000000
--- a/deps/openssl/openssl/test/treq.com
+++ /dev/null
@@ -1,88 +0,0 @@
-$! TREQ.COM  --  Tests req keys
-$
-$	__arch = "VAX"
-$	if f$getsyi("cpu") .ge. 128 then -
-	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
-$	if __arch .eqs. "" then __arch = "UNK"
-$!
-$	if (p2 .eqs. "64") then __arch = __arch+ "_64"
-$!
-$	exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
-$
-$	cmd = "mcr ''exe_dir'openssl req -config [-.apps]openssl-vms.cnf"
-$
-$	t = "testreq.pem"
-$	if p1 .nes. "" then t = p1
-$
-$	write sys$output "testing req conversions"
-$	if f$search("fff.*") .nes "" then delete fff.*;*
-$	if f$search("ff.*") .nes "" then delete ff.*;*
-$	if f$search("f.*") .nes "" then delete f.*;*
-$	convert/fdl=sys$input: 't' fff.p
-RECORD
-	FORMAT STREAM_LF
-$
-$	write sys$output "p -> d"
-$	'cmd' -in fff.p -inform p -outform d -out f.d
-$	if $severity .ne. 1 then exit 3
-$!	write sys$output "p -> t"
-$!	'cmd' -in fff.p -inform p -outform t -out f.t
-$!	if $severity .ne. 1 then exit 3
-$	write sys$output "p -> p"
-$	'cmd' -in fff.p -inform p -outform p -out f.p
-$	if $severity .ne. 1 then exit 3
-$
-$	write sys$output "d -> d"
-$	'cmd' -verify -in f.d -inform d -outform d -out ff.d1
-$	if $severity .ne. 1 then exit 3
-$!	write sys$output "t -> d"
-$!	'cmd' -verify -in f.t -inform t -outform d -out ff.d2
-$!	if $severity .ne. 1 then exit 3
-$	write sys$output "p -> d"
-$	'cmd' -verify -in f.p -inform p -outform d -out ff.d3
-$	if $severity .ne. 1 then exit 3
-$
-$!	write sys$output "d -> t"
-$!	'cmd' -in f.d -inform d -outform t -out ff.t1
-$!	if $severity .ne. 1 then exit 3
-$!	write sys$output "t -> t"
-$!	'cmd' -in f.t -inform t -outform t -out ff.t2
-$!	if $severity .ne. 1 then exit 3
-$!	write sys$output "p -> t"
-$!	'cmd' -in f.p -inform p -outform t -out ff.t3
-$!	if $severity .ne. 1 then exit 3
-$
-$	write sys$output "d -> p"
-$	'cmd' -in f.d -inform d -outform p -out ff.p1
-$	if $severity .ne. 1 then exit 3
-$!	write sys$output "t -> p"
-$!	'cmd' -in f.t -inform t -outform p -out ff.p2
-$!	if $severity .ne. 1 then exit 3
-$	write sys$output "p -> p"
-$	'cmd' -in f.p -inform p -outform p -out ff.p3
-$	if $severity .ne. 1 then exit 3
-$
-$	backup/compare fff.p f.p
-$	if $severity .ne. 1 then exit 3
-$	backup/compare fff.p ff.p1
-$	if $severity .ne. 1 then exit 3
-$!	backup/compare fff.p ff.p2
-$!	if $severity .ne. 1 then exit 3
-$	backup/compare fff.p ff.p3
-$	if $severity .ne. 1 then exit 3
-$
-$!	backup/compare f.t ff.t1
-$!	if $severity .ne. 1 then exit 3
-$!	backup/compare f.t ff.t2
-$!	if $severity .ne. 1 then exit 3
-$!	backup/compare f.t ff.t3
-$!	if $severity .ne. 1 then exit 3
-$
-$	backup/compare f.p ff.p1
-$	if $severity .ne. 1 then exit 3
-$!	backup/compare f.p ff.p2
-$!	if $severity .ne. 1 then exit 3
-$	backup/compare f.p ff.p3
-$	if $severity .ne. 1 then exit 3
-$
-$	delete f.*;*,ff.*;*,fff.*;*
diff --git a/deps/openssl/openssl/test/trsa b/deps/openssl/openssl/test/trsa
deleted file mode 100644
index 249ac1ddcc6..00000000000
--- a/deps/openssl/openssl/test/trsa
+++ /dev/null
@@ -1,83 +0,0 @@
-#!/bin/sh
-
-if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
-  echo skipping rsa conversion test
-  exit 0
-fi
-
-cmd='../util/shlib_wrap.sh ../apps/openssl rsa'
-
-if [ "$1"x != "x" ]; then
-	t=$1
-else
-	t=testrsa.pem
-fi
-
-echo testing rsa conversions
-cp $t fff.p
-
-echo "p -> d"
-$cmd -in fff.p -inform p -outform d >f.d
-if [ $? != 0 ]; then exit 1; fi
-#echo "p -> t"
-#$cmd -in fff.p -inform p -outform t >f.t
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in fff.p -inform p -outform p >f.p
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> d"
-$cmd -in f.d -inform d -outform d >ff.d1
-if [ $? != 0 ]; then exit 1; fi
-#echo "t -> d"
-#$cmd -in f.t -inform t -outform d >ff.d2
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> d"
-$cmd -in f.p -inform p -outform d >ff.d3
-if [ $? != 0 ]; then exit 1; fi
-
-#echo "d -> t"
-#$cmd -in f.d -inform d -outform t >ff.t1
-#if [ $? != 0 ]; then exit 1; fi
-#echo "t -> t"
-#$cmd -in f.t -inform t -outform t >ff.t2
-#if [ $? != 0 ]; then exit 1; fi
-#echo "p -> t"
-#$cmd -in f.p -inform p -outform t >ff.t3
-#if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> p"
-$cmd -in f.d -inform d -outform p >ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#echo "t -> p"
-#$cmd -in f.t -inform t -outform p >ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in f.p -inform p -outform p >ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp fff.p f.p
-if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp fff.p ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-#cmp f.t ff.t1
-#if [ $? != 0 ]; then exit 1; fi
-#cmp f.t ff.t2
-#if [ $? != 0 ]; then exit 1; fi
-#cmp f.t ff.t3
-#if [ $? != 0 ]; then exit 1; fi
-
-cmp f.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp f.p ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp f.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-/bin/rm -f f.* ff.* fff.*
-exit 0
diff --git a/deps/openssl/openssl/test/trsa.com b/deps/openssl/openssl/test/trsa.com
deleted file mode 100644
index 54180843ee0..00000000000
--- a/deps/openssl/openssl/test/trsa.com
+++ /dev/null
@@ -1,99 +0,0 @@
-$! TRSA.COM  --  Tests rsa keys
-$
-$	__arch = "VAX"
-$	if f$getsyi("cpu") .ge. 128 then -
-	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
-$	if __arch .eqs. "" then __arch = "UNK"
-$!
-$	if (p2 .eqs. "64") then __arch = __arch+ "_64"
-$!
-$	exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
-$
-$	set noon
-$	define/user sys$output nla0:
-$	mcr 'exe_dir'openssl no-rsa
-$	save_severity=$SEVERITY
-$	set on
-$	if save_severity
-$	then
-$	    write sys$output "skipping RSA conversion test"
-$	    exit
-$	endif
-$
-$	cmd = "mcr ''exe_dir'openssl rsa"
-$
-$	t = "testrsa.pem"
-$	if p1 .nes. "" then t = p1
-$
-$	write sys$output "testing RSA conversions"
-$	if f$search("fff.*") .nes "" then delete fff.*;*
-$	if f$search("ff.*") .nes "" then delete ff.*;*
-$	if f$search("f.*") .nes "" then delete f.*;*
-$	convert/fdl=sys$input: 't' fff.p
-RECORD
-	FORMAT STREAM_LF
-$
-$	write sys$output "p -> d"
-$	'cmd' -in fff.p -inform p -outform d -out f.d
-$	if $severity .ne. 1 then exit 3
-$!	write sys$output "p -> t"
-$!	'cmd' -in fff.p -inform p -outform t -out f.t
-$!	if $severity .ne. 1 then exit 3
-$	write sys$output "p -> p"
-$	'cmd' -in fff.p -inform p -outform p -out f.p
-$	if $severity .ne. 1 then exit 3
-$
-$	write sys$output "d -> d"
-$	'cmd' -in f.d -inform d -outform d -out ff.d1
-$	if $severity .ne. 1 then exit 3
-$!	write sys$output "t -> d"
-$!	'cmd' -in f.t -inform t -outform d -out ff.d2
-$!	if $severity .ne. 1 then exit 3
-$	write sys$output "p -> d"
-$	'cmd' -in f.p -inform p -outform d -out ff.d3
-$	if $severity .ne. 1 then exit 3
-$
-$!	write sys$output "d -> t"
-$!	'cmd' -in f.d -inform d -outform t -out ff.t1
-$!	if $severity .ne. 1 then exit 3
-$!	write sys$output "t -> t"
-$!	'cmd' -in f.t -inform t -outform t -out ff.t2
-$!	if $severity .ne. 1 then exit 3
-$!	write sys$output "p -> t"
-$!	'cmd' -in f.p -inform p -outform t -out ff.t3
-$!	if $severity .ne. 1 then exit 3
-$
-$	write sys$output "d -> p"
-$	'cmd' -in f.d -inform d -outform p -out ff.p1
-$	if $severity .ne. 1 then exit 3
-$!	write sys$output "t -> p"
-$!	'cmd' -in f.t -inform t -outform p -out ff.p2
-$!	if $severity .ne. 1 then exit 3
-$	write sys$output "p -> p"
-$	'cmd' -in f.p -inform p -outform p -out ff.p3
-$	if $severity .ne. 1 then exit 3
-$
-$	backup/compare fff.p f.p
-$	if $severity .ne. 1 then exit 3
-$	backup/compare fff.p ff.p1
-$	if $severity .ne. 1 then exit 3
-$!	backup/compare fff.p ff.p2
-$!	if $severity .ne. 1 then exit 3
-$	backup/compare fff.p ff.p3
-$	if $severity .ne. 1 then exit 3
-$
-$!	backup/compare f.t ff.t1
-$!	if $severity .ne. 1 then exit 3
-$!	backup/compare f.t ff.t2
-$!	if $severity .ne. 1 then exit 3
-$!	backup/compare f.t ff.t3
-$!	if $severity .ne. 1 then exit 3
-$
-$	backup/compare f.p ff.p1
-$	if $severity .ne. 1 then exit 3
-$!	backup/compare f.p ff.p2
-$!	if $severity .ne. 1 then exit 3
-$	backup/compare f.p ff.p3
-$	if $severity .ne. 1 then exit 3
-$
-$	delete f.*;*,ff.*;*,fff.*;*
diff --git a/deps/openssl/openssl/test/tsid b/deps/openssl/openssl/test/tsid
deleted file mode 100644
index 6adbd531ce0..00000000000
--- a/deps/openssl/openssl/test/tsid
+++ /dev/null
@@ -1,78 +0,0 @@
-#!/bin/sh
-
-cmd='../util/shlib_wrap.sh ../apps/openssl sess_id'
-
-if [ "$1"x != "x" ]; then
-	t=$1
-else
-	t=testsid.pem
-fi
-
-echo testing session-id conversions
-cp $t fff.p
-
-echo "p -> d"
-$cmd -in fff.p -inform p -outform d >f.d
-if [ $? != 0 ]; then exit 1; fi
-#echo "p -> t"
-#$cmd -in fff.p -inform p -outform t >f.t
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in fff.p -inform p -outform p >f.p
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> d"
-$cmd -in f.d -inform d -outform d >ff.d1
-if [ $? != 0 ]; then exit 1; fi
-#echo "t -> d"
-#$cmd -in f.t -inform t -outform d >ff.d2
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> d"
-$cmd -in f.p -inform p -outform d >ff.d3
-if [ $? != 0 ]; then exit 1; fi
-
-#echo "d -> t"
-#$cmd -in f.d -inform d -outform t >ff.t1
-#if [ $? != 0 ]; then exit 1; fi
-#echo "t -> t"
-#$cmd -in f.t -inform t -outform t >ff.t2
-#if [ $? != 0 ]; then exit 1; fi
-#echo "p -> t"
-#$cmd -in f.p -inform p -outform t >ff.t3
-#if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> p"
-$cmd -in f.d -inform d -outform p >ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#echo "t -> p"
-#$cmd -in f.t -inform t -outform p >ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in f.p -inform p -outform p >ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp fff.p f.p
-if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp fff.p ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-#cmp f.t ff.t1
-#if [ $? != 0 ]; then exit 1; fi
-#cmp f.t ff.t2
-#if [ $? != 0 ]; then exit 1; fi
-#cmp f.t ff.t3
-#if [ $? != 0 ]; then exit 1; fi
-
-cmp f.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp f.p ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp f.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-/bin/rm -f f.* ff.* fff.*
-exit 0
diff --git a/deps/openssl/openssl/test/tsid.com b/deps/openssl/openssl/test/tsid.com
deleted file mode 100644
index b6c4e49473e..00000000000
--- a/deps/openssl/openssl/test/tsid.com
+++ /dev/null
@@ -1,88 +0,0 @@
-$! TSID.COM  --  Tests sid keys
-$
-$	__arch = "VAX"
-$	if f$getsyi("cpu") .ge. 128 then -
-	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
-$	if __arch .eqs. "" then __arch = "UNK"
-$!
-$	if (p2 .eqs. "64") then __arch = __arch+ "_64"
-$!
-$	exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
-$
-$	cmd = "mcr ''exe_dir'openssl sess_id"
-$
-$	t = "testsid.pem"
-$	if p1 .nes. "" then t = p1
-$
-$	write sys$output "testing session-id conversions"
-$	if f$search("fff.*") .nes "" then delete fff.*;*
-$	if f$search("ff.*") .nes "" then delete ff.*;*
-$	if f$search("f.*") .nes "" then delete f.*;*
-$	convert/fdl=sys$input: 't' fff.p
-RECORD
-	FORMAT STREAM_LF
-$
-$	write sys$output "p -> d"
-$	'cmd' -in fff.p -inform p -outform d -out f.d
-$	if $severity .ne. 1 then exit 3
-$!	write sys$output "p -> t"
-$!	'cmd' -in fff.p -inform p -outform t -out f.t
-$!	if $severity .ne. 1 then exit 3
-$	write sys$output "p -> p"
-$	'cmd' -in fff.p -inform p -outform p -out f.p
-$	if $severity .ne. 1 then exit 3
-$
-$	write sys$output "d -> d"
-$	'cmd' -in f.d -inform d -outform d -out ff.d1
-$	if $severity .ne. 1 then exit 3
-$!	write sys$output "t -> d"
-$!	'cmd' -in f.t -inform t -outform d -out ff.d2
-$!	if $severity .ne. 1 then exit 3
-$	write sys$output "p -> d"
-$	'cmd' -in f.p -inform p -outform d -out ff.d3
-$	if $severity .ne. 1 then exit 3
-$
-$!	write sys$output "d -> t"
-$!	'cmd' -in f.d -inform d -outform t -out ff.t1
-$!	if $severity .ne. 1 then exit 3
-$!	write sys$output "t -> t"
-$!	'cmd' -in f.t -inform t -outform t -out ff.t2
-$!	if $severity .ne. 1 then exit 3
-$!	write sys$output "p -> t"
-$!	'cmd' -in f.p -inform p -outform t -out ff.t3
-$!	if $severity .ne. 1 then exit 3
-$
-$	write sys$output "d -> p"
-$	'cmd' -in f.d -inform d -outform p -out ff.p1
-$	if $severity .ne. 1 then exit 3
-$!	write sys$output "t -> p"
-$!	'cmd' -in f.t -inform t -outform p -out ff.p2
-$!	if $severity .ne. 1 then exit 3
-$	write sys$output "p -> p"
-$	'cmd' -in f.p -inform p -outform p -out ff.p3
-$	if $severity .ne. 1 then exit 3
-$
-$	backup/compare fff.p f.p
-$	if $severity .ne. 1 then exit 3
-$	backup/compare fff.p ff.p1
-$	if $severity .ne. 1 then exit 3
-$!	backup/compare fff.p ff.p2
-$!	if $severity .ne. 1 then exit 3
-$	backup/compare fff.p ff.p3
-$	if $severity .ne. 1 then exit 3
-$
-$!	backup/compare f.t ff.t1
-$!	if $severity .ne. 1 then exit 3
-$!	backup/compare f.t ff.t2
-$!	if $severity .ne. 1 then exit 3
-$!	backup/compare f.t ff.t3
-$!	if $severity .ne. 1 then exit 3
-$
-$	backup/compare f.p ff.p1
-$	if $severity .ne. 1 then exit 3
-$!	backup/compare f.p ff.p2
-$!	if $severity .ne. 1 then exit 3
-$	backup/compare f.p ff.p3
-$	if $severity .ne. 1 then exit 3
-$
-$	delete f.*;*,ff.*;*,fff.*;*
diff --git a/deps/openssl/openssl/test/tverify.com b/deps/openssl/openssl/test/tverify.com
deleted file mode 100644
index d888344637e..00000000000
--- a/deps/openssl/openssl/test/tverify.com
+++ /dev/null
@@ -1,65 +0,0 @@
-$! TVERIFY.COM
-$
-$	__arch = "VAX"
-$	if f$getsyi("cpu") .ge. 128 then -
-	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
-$	if __arch .eqs. "" then __arch = "UNK"
-$!
-$	if (p1 .eqs. "64") then __arch = __arch+ "_64"
-$!
-$	line_max = 255 ! Could be longer on modern non-VAX.
-$	temp_file_name = "certs_"+ f$getjpi( "", "PID")+ ".tmp"
-$	exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
-$	cmd = "mcr ''exe_dir'openssl verify ""-CAfile"" ''temp_file_name'"
-$	cmd_len = f$length( cmd)
-$	pems = "[-.certs...]*.pem"
-$!
-$!	Concatenate all the certificate files.
-$!
-$	copy /concatenate 'pems' 'temp_file_name'
-$!
-$!	Loop through all the certificate files.
-$!
-$	args = ""
-$	old_f = ""
-$ loop_file: 
-$	    f = f$search( pems)
-$	    if ((f .nes. "") .and. (f .nes. old_f))
-$	    then
-$	      old_f = f
-$!
-$!	      If this file name would over-extend the command line, then
-$!	      run the command now.
-$!
-$	      if (cmd_len+ f$length( args)+ 1+ f$length( f) .gt. line_max)
-$	      then
-$	         if (args .eqs. "") then goto disaster
-$	         'cmd''args'
-$	         args = ""
-$	      endif
-$!	      Add the next file to the argument list.
-$	      args = args+ " "+ f
-$	   else
-$!            No more files in the list
-$	      goto loop_file_end
-$	   endif
-$	goto loop_file
-$	loop_file_end:
-$!
-$!	Run the command for any left-over arguments.
-$!
-$	if (args .nes. "")
-$	then
-$	   'cmd''args'
-$	endif
-$!
-$!	Delete the temporary file.
-$!
-$	if (f$search( "''temp_file_name';*") .nes. "") then -
-	 delete 'temp_file_name';*
-$!
-$	exit
-$!
-$	disaster:
-$	write sys$output "   Command line too long.  Doomed."
-$!
diff --git a/deps/openssl/openssl/test/tx509 b/deps/openssl/openssl/test/tx509
deleted file mode 100644
index 4a15b98d17d..00000000000
--- a/deps/openssl/openssl/test/tx509
+++ /dev/null
@@ -1,78 +0,0 @@
-#!/bin/sh
-
-cmd='../util/shlib_wrap.sh ../apps/openssl x509'
-
-if [ "$1"x != "x" ]; then
-	t=$1
-else
-	t=testx509.pem
-fi
-
-echo testing X509 conversions
-cp $t fff.p
-
-echo "p -> d"
-$cmd -in fff.p -inform p -outform d >f.d
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> n"
-$cmd -in fff.p -inform p -outform n >f.n
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in fff.p -inform p -outform p >f.p
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> d"
-$cmd -in f.d -inform d -outform d >ff.d1
-if [ $? != 0 ]; then exit 1; fi
-echo "n -> d"
-$cmd -in f.n -inform n -outform d >ff.d2
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> d"
-$cmd -in f.p -inform p -outform d >ff.d3
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> n"
-$cmd -in f.d -inform d -outform n >ff.n1
-if [ $? != 0 ]; then exit 1; fi
-echo "n -> n"
-$cmd -in f.n -inform n -outform n >ff.n2
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> n"
-$cmd -in f.p -inform p -outform n >ff.n3
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> p"
-$cmd -in f.d -inform d -outform p >ff.p1
-if [ $? != 0 ]; then exit 1; fi
-echo "n -> p"
-$cmd -in f.n -inform n -outform p >ff.p2
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in f.p -inform p -outform p >ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp fff.p f.p
-if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p2
-if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp f.n ff.n1
-if [ $? != 0 ]; then exit 1; fi
-cmp f.n ff.n2
-if [ $? != 0 ]; then exit 1; fi
-cmp f.n ff.n3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp f.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-cmp f.p ff.p2
-if [ $? != 0 ]; then exit 1; fi
-cmp f.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-/bin/rm -f f.* ff.* fff.*
-exit 0
diff --git a/deps/openssl/openssl/test/tx509.com b/deps/openssl/openssl/test/tx509.com
deleted file mode 100644
index 93ce988b418..00000000000
--- a/deps/openssl/openssl/test/tx509.com
+++ /dev/null
@@ -1,88 +0,0 @@
-$! TX509.COM  --  Tests x509 certificates
-$
-$	__arch = "VAX"
-$	if f$getsyi("cpu") .ge. 128 then -
-	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
-$	if __arch .eqs. "" then __arch = "UNK"
-$!
-$	if (p2 .eqs. "64") then __arch = __arch+ "_64"
-$!
-$	exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
-$
-$	cmd = "mcr ''exe_dir'openssl x509"
-$
-$	t = "testx509.pem"
-$	if p1 .nes. "" then t = p1
-$
-$	write sys$output "testing X509 conversions"
-$	if f$search("fff.*") .nes "" then delete fff.*;*
-$	if f$search("ff.*") .nes "" then delete ff.*;*
-$	if f$search("f.*") .nes "" then delete f.*;*
-$	convert/fdl=sys$input: 't' fff.p
-RECORD
-	FORMAT STREAM_LF
-$
-$	write sys$output "p -> d"
-$	'cmd' -in fff.p -inform p -outform d -out f.d
-$	if $severity .ne. 1 then exit 3
-$	write sys$output "p -> n"
-$	'cmd' -in fff.p -inform p -outform n -out f.n
-$	if $severity .ne. 1 then exit 3
-$	write sys$output "p -> p"
-$	'cmd' -in fff.p -inform p -outform p -out f.p
-$	if $severity .ne. 1 then exit 3
-$
-$	write sys$output "d -> d"
-$	'cmd' -in f.d -inform d -outform d -out ff.d1
-$	if $severity .ne. 1 then exit 3
-$	write sys$output "n -> d"
-$	'cmd' -in f.n -inform n -outform d -out ff.d2
-$	if $severity .ne. 1 then exit 3
-$	write sys$output "p -> d"
-$	'cmd' -in f.p -inform p -outform d -out ff.d3
-$	if $severity .ne. 1 then exit 3
-$
-$	write sys$output "d -> n"
-$	'cmd' -in f.d -inform d -outform n -out ff.n1
-$	if $severity .ne. 1 then exit 3
-$	write sys$output "n -> n"
-$	'cmd' -in f.n -inform n -outform n -out ff.n2
-$	if $severity .ne. 1 then exit 3
-$	write sys$output "p -> n"
-$	'cmd' -in f.p -inform p -outform n -out ff.n3
-$	if $severity .ne. 1 then exit 3
-$
-$	write sys$output "d -> p"
-$	'cmd' -in f.d -inform d -outform p -out ff.p1
-$	if $severity .ne. 1 then exit 3
-$	write sys$output "n -> p"
-$	'cmd' -in f.n -inform n -outform p -out ff.p2
-$	if $severity .ne. 1 then exit 3
-$	write sys$output "p -> p"
-$	'cmd' -in f.p -inform p -outform p -out ff.p3
-$	if $severity .ne. 1 then exit 3
-$
-$	backup/compare fff.p f.p
-$	if $severity .ne. 1 then exit 3
-$	backup/compare fff.p ff.p1
-$	if $severity .ne. 1 then exit 3
-$	backup/compare fff.p ff.p2
-$	if $severity .ne. 1 then exit 3
-$	backup/compare fff.p ff.p3
-$	if $severity .ne. 1 then exit 3
-$
-$	backup/compare f.n ff.n1
-$	if $severity .ne. 1 then exit 3
-$	backup/compare f.n ff.n2
-$	if $severity .ne. 1 then exit 3
-$	backup/compare f.n ff.n3
-$	if $severity .ne. 1 then exit 3
-$
-$	backup/compare f.p ff.p1
-$	if $severity .ne. 1 then exit 3
-$	backup/compare f.p ff.p2
-$	if $severity .ne. 1 then exit 3
-$	backup/compare f.p ff.p3
-$	if $severity .ne. 1 then exit 3
-$
-$	delete f.*;*,ff.*;*,fff.*;*
diff --git a/deps/openssl/openssl/test/v3-cert1.pem b/deps/openssl/openssl/test/v3-cert1.pem
deleted file mode 100644
index 0da253d5c34..00000000000
--- a/deps/openssl/openssl/test/v3-cert1.pem
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICjTCCAfigAwIBAgIEMaYgRzALBgkqhkiG9w0BAQQwRTELMAkGA1UEBhMCVVMx
-NjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlz
-dHJhdGlvbjAmFxE5NjA1MjgxMzQ5MDUrMDgwMBcROTgwNTI4MTM0OTA1KzA4MDAw
-ZzELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu
-ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEgMAkGA1UEBRMCMTYwEwYDVQQDEwxTdGV2
-ZSBTY2hvY2gwWDALBgkqhkiG9w0BAQEDSQAwRgJBALrAwyYdgxmzNP/ts0Uyf6Bp
-miJYktU/w4NG67ULaN4B5CnEz7k57s9o3YY3LecETgQ5iQHmkwlYDTL2fTgVfw0C
-AQOjgaswgagwZAYDVR0ZAQH/BFowWDBWMFQxCzAJBgNVBAYTAlVTMTYwNAYDVQQK
-Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x
-DTALBgNVBAMTBENSTDEwFwYDVR0BAQH/BA0wC4AJODMyOTcwODEwMBgGA1UdAgQR
-MA8ECTgzMjk3MDgyM4ACBSAwDQYDVR0KBAYwBAMCBkAwCwYJKoZIhvcNAQEEA4GB
-AH2y1VCEw/A4zaXzSYZJTTUi3uawbbFiS2yxHvgf28+8Js0OHXk1H1w2d6qOHH21
-X82tZXd/0JtG0g1T9usFFBDvYK8O0ebgz/P5ELJnBL2+atObEuJy1ZZ0pBDWINR3
-WkDNLCGiTkCKp0F5EWIrVDwh54NNevkCQRZita+z4IBO
------END CERTIFICATE-----
diff --git a/deps/openssl/openssl/test/v3-cert2.pem b/deps/openssl/openssl/test/v3-cert2.pem
deleted file mode 100644
index de0723ff8de..00000000000
--- a/deps/openssl/openssl/test/v3-cert2.pem
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICiTCCAfKgAwIBAgIEMeZfHzANBgkqhkiG9w0BAQQFADB9MQswCQYDVQQGEwJD
-YTEPMA0GA1UEBxMGTmVwZWFuMR4wHAYDVQQLExVObyBMaWFiaWxpdHkgQWNjZXB0
-ZWQxHzAdBgNVBAoTFkZvciBEZW1vIFB1cnBvc2VzIE9ubHkxHDAaBgNVBAMTE0Vu
-dHJ1c3QgRGVtbyBXZWIgQ0EwHhcNOTYwNzEyMTQyMDE1WhcNOTYxMDEyMTQyMDE1
-WjB0MSQwIgYJKoZIhvcNAQkBExVjb29rZUBpc3NsLmF0bC5ocC5jb20xCzAJBgNV
-BAYTAlVTMScwJQYDVQQLEx5IZXdsZXR0IFBhY2thcmQgQ29tcGFueSAoSVNTTCkx
-FjAUBgNVBAMTDVBhdWwgQS4gQ29va2UwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA
-6ceSq9a9AU6g+zBwaL/yVmW1/9EE8s5you1mgjHnj0wAILuoB3L6rm6jmFRy7QZT
-G43IhVZdDua4e+5/n1ZslwIDAQABo2MwYTARBglghkgBhvhCAQEEBAMCB4AwTAYJ
-YIZIAYb4QgENBD8WPVRoaXMgY2VydGlmaWNhdGUgaXMgb25seSBpbnRlbmRlZCBm
-b3IgZGVtb25zdHJhdGlvbiBwdXJwb3Nlcy4wDQYJKoZIhvcNAQEEBQADgYEAi8qc
-F3zfFqy1sV8NhjwLVwOKuSfhR/Z8mbIEUeSTlnH3QbYt3HWZQ+vXI8mvtZoBc2Fz
-lexKeIkAZXCesqGbs6z6nCt16P6tmdfbZF3I3AWzLquPcOXjPf4HgstkyvVBn0Ap
-jAFN418KF/Cx4qyHB4cjdvLrRjjQLnb2+ibo7QU=
------END CERTIFICATE-----
diff --git a/deps/openssl/openssl/test/wp_test.c b/deps/openssl/openssl/test/wp_test.c
deleted file mode 100644
index 7a4bb751dad..00000000000
--- a/deps/openssl/openssl/test/wp_test.c
+++ /dev/null
@@ -1 +0,0 @@
-link ../crypto/whrlpool/wp_test.c
\ No newline at end of file

From 34c750d7a96ad29c023d117f55239b94e90d23d5 Mon Sep 17 00:00:00 2001
From: Ben Noordhuis 
Date: Thu, 2 Aug 2012 13:37:02 +0200
Subject: [PATCH 25/35] net: fix .listen({fd:0})

---
 lib/net.js                         |  2 +-
 test/simple/test-net-listen-fd0.js | 36 ++++++++++++++++++++++++++++++
 2 files changed, 37 insertions(+), 1 deletion(-)
 create mode 100644 test/simple/test-net-listen-fd0.js

diff --git a/lib/net.js b/lib/net.js
index b6cbe4f5410..3244a091096 100644
--- a/lib/net.js
+++ b/lib/net.js
@@ -980,7 +980,7 @@ Server.prototype.listen = function() {
     if (h instanceof TCP) {
       self._handle = h;
       listen(self, null, -1, -1, backlog);
-    } else if (h.fd && typeof h.fd === 'number' && h.fd >= 0) {
+    } else if (typeof h.fd === 'number' && h.fd >= 0) {
       listen(self, null, null, null, backlog, h.fd);
     } else {
       throw new Error('Invalid listen argument: ' + h);
diff --git a/test/simple/test-net-listen-fd0.js b/test/simple/test-net-listen-fd0.js
new file mode 100644
index 00000000000..ba0d5984193
--- /dev/null
+++ b/test/simple/test-net-listen-fd0.js
@@ -0,0 +1,36 @@
+// Copyright Joyent, Inc. and other Node contributors.
+//
+// Permission is hereby granted, free of charge, to any person obtaining a
+// copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to permit
+// persons to whom the Software is furnished to do so, subject to the
+// following conditions:
+//
+// The above copyright notice and this permission notice shall be included
+// in all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
+// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
+// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
+// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
+// USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+var common = require('../common');
+var assert = require('assert');
+var net = require('net');
+
+var gotError = false;
+
+process.on('exit', function() {
+  assert.equal(gotError, true);
+});
+
+// this should fail with an async EINVAL error, not throw an exception
+net.createServer(assert.fail).listen({fd:0}).on('error', function(e) {
+  assert.equal(e.code, 'EINVAL');
+  gotError = true;
+});

From 50e00de92a7563f39ff50f9a53c7e2ed15e556c6 Mon Sep 17 00:00:00 2001
From: Ben Noordhuis 
Date: Thu, 2 Aug 2012 01:06:31 +0200
Subject: [PATCH 26/35] installer: fix cross-compile installs

The old installer was a JS script, which didn't work if node had been
cross-compiled for another architecture. Replace it with a python script.

Fixes #3807.
---
 Makefile           |   4 +-
 tools/install.py   | 214 +++++++++++++++++++++++++++++++++++++++++++++
 tools/installer.js | 158 ---------------------------------
 3 files changed, 216 insertions(+), 160 deletions(-)
 create mode 100755 tools/install.py
 delete mode 100644 tools/installer.js

diff --git a/Makefile b/Makefile
index 15546d06d5c..795b11a5208 100644
--- a/Makefile
+++ b/Makefile
@@ -39,10 +39,10 @@ out/Makefile: common.gypi deps/uv/uv.gyp deps/http_parser/http_parser.gyp deps/z
 	$(PYTHON) tools/gyp_node -f make
 
 install: all
-	out/Release/node tools/installer.js install $(DESTDIR)
+	$(PYTHON) tools/install.py $@ $(DESTDIR)
 
 uninstall:
-	out/Release/node tools/installer.js uninstall
+	$(PYTHON) tools/install.py $@ $(DESTDIR)
 
 clean:
 	-rm -rf out/Makefile node node_g out/$(BUILDTYPE)/node blog.html email.md
diff --git a/tools/install.py b/tools/install.py
new file mode 100755
index 00000000000..66e51d0ae3b
--- /dev/null
+++ b/tools/install.py
@@ -0,0 +1,214 @@
+#!/usr/bin/env python
+
+import errno
+import json
+import os
+import re
+import shutil
+import sys
+
+# set at init time
+dst_dir = None
+node_prefix = None # dst_dir without DESTDIR prefix
+target_defaults = None
+variables = None
+
+def abspath(*args):
+  path = os.path.join(*args)
+  return os.path.abspath(path)
+
+def load_config():
+  s = open('config.gypi').read()
+  s = re.sub(r'#.*?\n', '', s) # strip comments
+  s = re.sub(r'\'', '"', s) # convert quotes
+  return json.loads(s)
+
+def try_unlink(path):
+  try:
+    os.unlink(path)
+  except OSError, e:
+    if e.errno != errno.ENOENT: raise
+
+def try_symlink(source_path, link_path):
+  print 'symlinking %s -> %s' % (source_path, link_path)
+  try_unlink(link_path)
+  os.symlink(source_path, link_path)
+
+def try_mkdir_r(path):
+  try:
+    os.makedirs(path)
+  except OSError, e:
+    if e.errno != errno.EEXIST: raise
+
+def try_rmdir_r(path):
+  path = abspath(path)
+  while path.startswith(dst_dir):
+    try:
+      os.rmdir(path)
+    except OSError, e:
+      if e.errno == errno.ENOTEMPTY: return
+      if e.errno == errno.ENOENT: return
+      raise
+    path = abspath(path, '..')
+
+def mkpaths(path, dst):
+  if dst.endswith('/'):
+    target_path = abspath(dst_dir, dst, os.path.basename(path))
+  else:
+    target_path = abspath(dst_dir, dst)
+  return path, target_path
+
+def try_copy(path, dst):
+  source_path, target_path = mkpaths(path, dst)
+  print 'installing %s' % target_path
+  try_mkdir_r(os.path.dirname(target_path))
+  return shutil.copy2(source_path, target_path)
+
+def try_remove(path, dst):
+  source_path, target_path = mkpaths(path, dst)
+  print 'removing %s' % target_path
+  try_unlink(target_path)
+  try_rmdir_r(os.path.dirname(target_path))
+
+def install(paths, dst): map(lambda path: try_copy(path, dst), paths)
+def uninstall(paths, dst): map(lambda path: try_remove(path, dst), paths)
+
+def waf_files(action):
+  action(['tools/node-waf'], 'bin/node-waf')
+  action(['tools/wafadmin/ansiterm.py',
+          'tools/wafadmin/Build.py',
+          'tools/wafadmin/Configure.py',
+          'tools/wafadmin/Constants.py',
+          'tools/wafadmin/Environment.py',
+          'tools/wafadmin/__init__.py',
+          'tools/wafadmin/Logs.py',
+          'tools/wafadmin/Node.py',
+          'tools/wafadmin/Options.py',
+          'tools/wafadmin/pproc.py',
+          'tools/wafadmin/py3kfixes.py',
+          'tools/wafadmin/Runner.py',
+          'tools/wafadmin/Scripting.py',
+          'tools/wafadmin/TaskGen.py',
+          'tools/wafadmin/Task.py',
+          'tools/wafadmin/Tools/ar.py',
+          'tools/wafadmin/Tools/cc.py',
+          'tools/wafadmin/Tools/ccroot.py',
+          'tools/wafadmin/Tools/compiler_cc.py',
+          'tools/wafadmin/Tools/compiler_cxx.py',
+          'tools/wafadmin/Tools/compiler_d.py',
+          'tools/wafadmin/Tools/config_c.py',
+          'tools/wafadmin/Tools/cxx.py',
+          'tools/wafadmin/Tools/dmd.py',
+          'tools/wafadmin/Tools/d.py',
+          'tools/wafadmin/Tools/gas.py',
+          'tools/wafadmin/Tools/gcc.py',
+          'tools/wafadmin/Tools/gdc.py',
+          'tools/wafadmin/Tools/gnu_dirs.py',
+          'tools/wafadmin/Tools/gob2.py',
+          'tools/wafadmin/Tools/gxx.py',
+          'tools/wafadmin/Tools/icc.py',
+          'tools/wafadmin/Tools/icpc.py',
+          'tools/wafadmin/Tools/__init__.py',
+          'tools/wafadmin/Tools/intltool.py',
+          'tools/wafadmin/Tools/libtool.py',
+          'tools/wafadmin/Tools/misc.py',
+          'tools/wafadmin/Tools/nasm.py',
+          'tools/wafadmin/Tools/node_addon.py',
+          'tools/wafadmin/Tools/osx.py',
+          'tools/wafadmin/Tools/preproc.py',
+          'tools/wafadmin/Tools/python.py',
+          'tools/wafadmin/Tools/suncc.py',
+          'tools/wafadmin/Tools/suncxx.py',
+          'tools/wafadmin/Tools/unittestw.py',
+          'tools/wafadmin/Tools/winres.py',
+          'tools/wafadmin/Tools/xlc.py',
+          'tools/wafadmin/Tools/xlcxx.py',
+          'tools/wafadmin/Utils.py'],
+          'lib/node/')
+
+def update_shebang(path, shebang):
+  print 'updating shebang of %s' % path
+  s = open(path, 'r').read()
+  s = re.sub(r'#!.*\n', '#!' + shebang + '\n', s)
+  open(path, 'w').write(s)
+
+def npm_files(action):
+  target_path = 'lib/node_modules/npm/'
+
+  # don't install npm if the target path is a symlink, it probably means
+  # that a dev version of npm is installed there
+  if os.path.islink(abspath(dst_dir, target_path)): return
+
+  # npm has a *lot* of files and it'd be a pain to maintain a fixed list here
+  # so we walk its source directory instead...
+  for dirname, subdirs, basenames in os.walk('deps/npm', topdown=True):
+    subdirs[:] = filter('test'.__ne__, subdirs) # skip test suites
+    paths = [os.path.join(dirname, basename) for basename in basenames]
+    action(paths, target_path + dirname[9:] + '/')
+
+  # create/remove symlink
+  link_path = abspath(dst_dir, 'bin/npm')
+  if action == uninstall:
+    action([link_path], 'bin/npm')
+  elif action == install:
+    try_symlink('../lib/node_modules/npm/bin/npm-cli.js', link_path)
+    update_shebang(link_path, node_prefix + '/bin/node')
+  else:
+    assert(0) # unhandled action type
+
+def files(action):
+  action(['deps/uv/include/ares.h',
+          'deps/uv/include/ares_version.h',
+          'deps/uv/include/uv.h',
+          'deps/v8/include/v8-debug.h',
+          'deps/v8/include/v8-preparser.h',
+          'deps/v8/include/v8-profiler.h',
+          'deps/v8/include/v8-testing.h',
+          'deps/v8/include/v8.h',
+          'deps/v8/include/v8stdint.h',
+          'src/eio-emul.h',
+          'src/ev-emul.h',
+          'src/node.h',
+          'src/node_buffer.h',
+          'src/node_object_wrap.h',
+          'src/node_version.h'],
+          'include/node/')
+  action(['deps/uv/include/uv-private/eio.h',
+          'deps/uv/include/uv-private/ev.h',
+          'deps/uv/include/uv-private/ngx-queue.h',
+          'deps/uv/include/uv-private/tree.h',
+          'deps/uv/include/uv-private/uv-unix.h',
+          'deps/uv/include/uv-private/uv-win.h'],
+          'include/node/uv-private/')
+  action(['doc/node.1'], 'share/man/man1/')
+  action(['out/Release/node'], 'bin/node')
+
+  # install unconditionally, checking if the platform supports dtrace doesn't
+  # work when cross-compiling and besides, there's at least one linux flavor
+  # with dtrace support now (oracle's "unbreakable" linux)
+  action(['src/node.d'], 'lib/dtrace/')
+
+  if variables.get('node_install_waf'): waf_files(action)
+  if variables.get('node_install_npm'): npm_files(action)
+
+def run(args):
+  global dst_dir, node_prefix, target_defaults, variables
+
+  # chdir to the project's top-level directory
+  os.chdir(abspath(os.path.dirname(__file__), '..'))
+
+  conf = load_config()
+  variables = conf['variables']
+  target_defaults = conf['target_defaults']
+
+  # argv[2] is a custom install prefix for packagers (think DESTDIR)
+  dst_dir = node_prefix = variables.get('node_prefix', '/usr/local')
+  if len(args) > 2: dst_dir = abspath(args[2] + '/' + dst_dir)
+
+  cmd = args[1] if len(args) > 1 else 'install'
+  if cmd == 'install': return files(install)
+  if cmd == 'uninstall': return files(uninstall)
+  raise RuntimeError('Bad command: %s\n' % cmd)
+
+if __name__ == '__main__':
+  run(sys.argv[:])
diff --git a/tools/installer.js b/tools/installer.js
deleted file mode 100644
index 46b84d49d27..00000000000
--- a/tools/installer.js
+++ /dev/null
@@ -1,158 +0,0 @@
-var fs = require('fs'),
-    path = require('path'),
-    exec = require('child_process').exec,
-    cmd = process.argv[2],
-    dest_dir = process.argv[3] || '';
-
-if (cmd !== 'install' && cmd !== 'uninstall') {
-  console.error('Unknown command: ' + cmd);
-  process.exit(1);
-}
-
-// Use the built-in config reported by the current process
-var variables = process.config.variables,
-    node_prefix = variables.node_prefix || '/usr/local';
-
-// Execution queue
-var queue = [],
-    dirs = [];
-
-// Copy file from src to dst
-function copy(src, dst, callback) {
-  // If src is array - copy each file separately
-  if (Array.isArray(src)) {
-    src.forEach(function(src) {
-      copy(src, dst, callback);
-    });
-    return;
-  }
-
-  dst = path.join(dest_dir, node_prefix, dst);
-  var dir = dst.replace(/\/[^\/]*$/, '/');
-
-  // Create directory if hasn't done this yet
-  if (dirs.indexOf(dir) === -1) {
-    dirs.push(dir);
-    queue.push('mkdir -p ' + dir);
-  }
-
-  // Queue file/dir copy
-  queue.push('cp -rf ' + src + ' ' + dst);
-}
-
-// Remove files
-function remove(files) {
-  files.forEach(function(file) {
-    file = path.join(dest_dir, node_prefix, file);
-    queue.push('rm -rf ' + file);
-  });
-}
-
-// Add/update shebang (#!) line so that npm uses
-// the newly installed node, rather than the first in PATH.
-function shebang(line, npmDir) {
-  var script = JSON.stringify(path.join(npmDir, 'scripts/relocate.sh'));
-  var bin = JSON.stringify(path.join(npmDir, 'bin/npm-cli.js'));
-  queue.push('/bin/sh ' + script + ' ' + line);
-}
-
-// Run every command in queue, one-by-one
-function run() {
-  var cmd = queue.shift();
-  if (!cmd) return;
-
-  if (Array.isArray(cmd) && cmd[0] instanceof Function) {
-    var func = cmd[0];
-    var args = cmd.slice(1);
-    console.log.apply(null, [func.name].concat(args));
-    func.apply(null, args);
-    run();
-  } else {
-    console.log(cmd);
-    exec(cmd, function(err, stdout, stderr) {
-      if (stderr) console.error(stderr);
-      if (err) process.exit(1);
-
-      run();
-    });
-  }
-}
-
-if (cmd === 'install') {
-  // Copy includes
-  copy([
-    // Node
-    'src/node.h', 'src/node_buffer.h', 'src/node_object_wrap.h',
-    'src/node_version.h', 'src/ev-emul.h', 'src/eio-emul.h',
-    // v8
-    'deps/v8/include/v8-debug.h', 'deps/v8/include/v8-preparser.h',
-    'deps/v8/include/v8-profiler.h', 'deps/v8/include/v8-testing.h',
-    'deps/v8/include/v8.h', 'deps/v8/include/v8stdint.h',
-    // uv
-    'deps/uv/include/uv.h'
-  ], 'include/node/');
-
-  // man page
-  copy(['doc/node.1'], 'share/man/man1/');
-
-  // dtrace
-  if (!process.platform.match(/^linux/)) {
-    copy(['src/node.d'], 'lib/dtrace/');
-  }
-
-  // Private uv headers
-  copy([
-    'deps/uv/include/uv-private/eio.h', 'deps/uv/include/uv-private/ev.h',
-    'deps/uv/include/uv-private/ngx-queue.h',
-    'deps/uv/include/uv-private/tree.h',
-    'deps/uv/include/uv-private/uv-unix.h',
-    'deps/uv/include/uv-private/uv-win.h',
-  ], 'include/node/uv-private/');
-
-  copy([
-    'deps/uv/include/ares.h',
-    'deps/uv/include/ares_version.h'
-  ], 'include/node/');
-
-  // Copy binary file
-  copy('out/Release/node', 'bin/node');
-
-  // Install node-waf
-  if (variables.node_install_waf) {
-    copy('tools/wafadmin', 'lib/node/');
-    copy('tools/node-waf', 'bin/node-waf');
-  }
-
-  // Install npm (eventually)
-  if (variables.node_install_npm) {
-    // Frequently, in development, the installed npm is a symbolic
-    // link to the development folder, and so installing this is
-    // a bit annoying.  If it's a symlink, skip it.
-    var isSymlink = false;
-    var exists = true;
-    var npmDir = path.resolve(node_prefix, 'lib/node_modules/npm');
-    try {
-      var st = fs.lstatSync(npmDir);
-      isSymlink = st.isSymbolicLink();
-    } catch (e) {
-      exists = true;
-    }
-
-    if (!isSymlink) {
-      if (exists) queue.push('rm -rf ' + npmDir);
-      copy('deps/npm', 'lib/node_modules/npm');
-      queue.push('ln -sf ../lib/node_modules/npm/bin/npm-cli.js ' +
-                 path.join(dest_dir, node_prefix, 'bin/npm'));
-      shebang(path.join(node_prefix, 'bin/node'),
-              path.join(dest_dir, node_prefix, 'lib/node_modules/npm'));
-    }
-  }
-} else {
-  remove([
-     'bin/node', 'bin/npm', 'bin/node-waf',
-     'include/node/*', 'lib/node_modules', 'lib/node',
-     'lib/dtrace/node.d', 'share/man/man1/node.1'
-  ]);
-}
-
-run();

From f5c07b65a09afe2f9571efece91a4898d7b79404 Mon Sep 17 00:00:00 2001
From: isaacs 
Date: Wed, 1 Aug 2012 19:10:42 -0700
Subject: [PATCH 27/35] npm: Upgrade to 1.1.46

---
 deps/npm/Makefile                             | 18 +++--
 deps/npm/doc/cli/npm.md                       |  2 +-
 deps/npm/html/api/bin.html                    |  4 +-
 deps/npm/html/api/bugs.html                   |  4 +-
 deps/npm/html/api/commands.html               |  4 +-
 deps/npm/html/api/config.html                 |  4 +-
 deps/npm/html/api/deprecate.html              |  4 +-
 deps/npm/html/api/docs.html                   |  4 +-
 deps/npm/html/api/edit.html                   |  4 +-
 deps/npm/html/api/explore.html                |  4 +-
 deps/npm/html/api/help-search.html            |  4 +-
 deps/npm/html/api/init.html                   |  4 +-
 deps/npm/html/api/install.html                |  4 +-
 deps/npm/html/api/link.html                   |  4 +-
 deps/npm/html/api/load.html                   |  4 +-
 deps/npm/html/api/ls.html                     |  4 +-
 deps/npm/html/api/npm.html                    |  6 +-
 deps/npm/html/api/outdated.html               |  4 +-
 deps/npm/html/api/owner.html                  |  4 +-
 deps/npm/html/api/pack.html                   |  4 +-
 deps/npm/html/api/prefix.html                 |  4 +-
 deps/npm/html/api/prune.html                  |  4 +-
 deps/npm/html/api/publish.html                |  4 +-
 deps/npm/html/api/rebuild.html                |  4 +-
 deps/npm/html/api/restart.html                |  4 +-
 deps/npm/html/api/root.html                   |  4 +-
 deps/npm/html/api/run-script.html             |  4 +-
 deps/npm/html/api/search.html                 |  4 +-
 deps/npm/html/api/shrinkwrap.html             |  4 +-
 deps/npm/html/api/start.html                  |  4 +-
 deps/npm/html/api/stop.html                   |  4 +-
 deps/npm/html/api/submodule.html              |  4 +-
 deps/npm/html/api/tag.html                    |  4 +-
 deps/npm/html/api/test.html                   |  4 +-
 deps/npm/html/api/uninstall.html              |  4 +-
 deps/npm/html/api/unpublish.html              |  4 +-
 deps/npm/html/api/update.html                 |  4 +-
 deps/npm/html/api/version.html                |  4 +-
 deps/npm/html/api/view.html                   |  4 +-
 deps/npm/html/api/whoami.html                 |  4 +-
 deps/npm/html/doc/README.html                 |  4 +-
 deps/npm/html/doc/adduser.html                |  4 +-
 deps/npm/html/doc/bin.html                    |  4 +-
 deps/npm/html/doc/bugs.html                   |  4 +-
 deps/npm/html/doc/build.html                  |  4 +-
 deps/npm/html/doc/bundle.html                 |  4 +-
 deps/npm/html/doc/cache.html                  |  4 +-
 deps/npm/html/doc/changelog.html              |  4 +-
 deps/npm/html/doc/coding-style.html           |  4 +-
 deps/npm/html/doc/completion.html             |  4 +-
 deps/npm/html/doc/config.html                 |  4 +-
 deps/npm/html/doc/deprecate.html              |  4 +-
 deps/npm/html/doc/developers.html             |  4 +-
 deps/npm/html/doc/disputes.html               |  4 +-
 deps/npm/html/doc/docs.html                   |  4 +-
 deps/npm/html/doc/edit.html                   |  4 +-
 deps/npm/html/doc/explore.html                |  4 +-
 deps/npm/html/doc/faq.html                    |  4 +-
 deps/npm/html/doc/folders.html                |  4 +-
 deps/npm/html/doc/help-search.html            |  4 +-
 deps/npm/html/doc/help.html                   |  4 +-
 deps/npm/html/doc/index.html                  |  4 +-
 deps/npm/html/doc/init.html                   |  4 +-
 deps/npm/html/doc/install.html                |  4 +-
 deps/npm/html/doc/json.html                   |  4 +-
 deps/npm/html/doc/link.html                   |  4 +-
 deps/npm/html/doc/list.html                   |  6 +-
 deps/npm/html/doc/npm.html                    |  8 +-
 deps/npm/html/doc/outdated.html               |  4 +-
 deps/npm/html/doc/owner.html                  |  4 +-
 deps/npm/html/doc/pack.html                   |  4 +-
 deps/npm/html/doc/prefix.html                 |  4 +-
 deps/npm/html/doc/prune.html                  |  4 +-
 deps/npm/html/doc/publish.html                |  4 +-
 deps/npm/html/doc/rebuild.html                |  4 +-
 deps/npm/html/doc/registry.html               |  4 +-
 deps/npm/html/doc/removing-npm.html           |  4 +-
 deps/npm/html/doc/restart.html                |  4 +-
 deps/npm/html/doc/root.html                   |  4 +-
 deps/npm/html/doc/run-script.html             |  4 +-
 deps/npm/html/doc/scripts.html                |  4 +-
 deps/npm/html/doc/search.html                 |  4 +-
 deps/npm/html/doc/semver.html                 |  4 +-
 deps/npm/html/doc/shrinkwrap.html             |  4 +-
 deps/npm/html/doc/star.html                   |  4 +-
 deps/npm/html/doc/start.html                  |  4 +-
 deps/npm/html/doc/stop.html                   |  4 +-
 deps/npm/html/doc/submodule.html              |  4 +-
 deps/npm/html/doc/tag.html                    |  4 +-
 deps/npm/html/doc/test.html                   |  4 +-
 deps/npm/html/doc/uninstall.html              |  4 +-
 deps/npm/html/doc/unpublish.html              |  4 +-
 deps/npm/html/doc/update.html                 |  4 +-
 deps/npm/html/doc/version.html                |  4 +-
 deps/npm/html/doc/view.html                   |  4 +-
 deps/npm/html/doc/whoami.html                 |  4 +-
 deps/npm/html/dochead.html                    |  2 +-
 deps/npm/lib/config.js                        | 13 +---
 deps/npm/lib/npm.js                           | 17 ++--
 deps/npm/lib/utils/ini.js                     |  5 +-
 deps/npm/man/man1/README.1                    |  2 +-
 deps/npm/man/man1/adduser.1                   |  2 +-
 deps/npm/man/man1/bin.1                       |  2 +-
 deps/npm/man/man1/bugs.1                      |  2 +-
 deps/npm/man/man1/build.1                     |  2 +-
 deps/npm/man/man1/bundle.1                    |  2 +-
 deps/npm/man/man1/cache.1                     |  2 +-
 deps/npm/man/man1/changelog.1                 |  2 +-
 deps/npm/man/man1/coding-style.1              |  2 +-
 deps/npm/man/man1/completion.1                |  2 +-
 deps/npm/man/man1/config.1                    |  2 +-
 deps/npm/man/man1/deprecate.1                 |  2 +-
 deps/npm/man/man1/developers.1                |  2 +-
 deps/npm/man/man1/disputes.1                  |  2 +-
 deps/npm/man/man1/docs.1                      |  2 +-
 deps/npm/man/man1/edit.1                      |  2 +-
 deps/npm/man/man1/explore.1                   |  2 +-
 deps/npm/man/man1/faq.1                       |  2 +-
 deps/npm/man/man1/folders.1                   |  2 +-
 deps/npm/man/man1/help-search.1               |  2 +-
 deps/npm/man/man1/help.1                      |  2 +-
 deps/npm/man/man1/index.1                     |  2 +-
 deps/npm/man/man1/init.1                      |  2 +-
 deps/npm/man/man1/install.1                   |  2 +-
 deps/npm/man/man1/json.1                      |  2 +-
 deps/npm/man/man1/link.1                      |  2 +-
 deps/npm/man/man1/list.1                      |  4 +-
 deps/npm/man/man1/npm.1                       |  6 +-
 deps/npm/man/man1/outdated.1                  |  2 +-
 deps/npm/man/man1/owner.1                     |  2 +-
 deps/npm/man/man1/pack.1                      |  2 +-
 deps/npm/man/man1/prefix.1                    |  2 +-
 deps/npm/man/man1/prune.1                     |  2 +-
 deps/npm/man/man1/publish.1                   |  2 +-
 deps/npm/man/man1/rebuild.1                   |  2 +-
 deps/npm/man/man1/registry.1                  |  2 +-
 deps/npm/man/man1/removing-npm.1              |  2 +-
 deps/npm/man/man1/restart.1                   |  2 +-
 deps/npm/man/man1/root.1                      |  2 +-
 deps/npm/man/man1/run-script.1                |  2 +-
 deps/npm/man/man1/scripts.1                   |  2 +-
 deps/npm/man/man1/search.1                    |  2 +-
 deps/npm/man/man1/semver.1                    |  2 +-
 deps/npm/man/man1/shrinkwrap.1                |  2 +-
 deps/npm/man/man1/star.1                      |  2 +-
 deps/npm/man/man1/start.1                     |  2 +-
 deps/npm/man/man1/stop.1                      |  2 +-
 deps/npm/man/man1/submodule.1                 |  2 +-
 deps/npm/man/man1/tag.1                       |  2 +-
 deps/npm/man/man1/test.1                      |  2 +-
 deps/npm/man/man1/uninstall.1                 |  2 +-
 deps/npm/man/man1/unpublish.1                 |  2 +-
 deps/npm/man/man1/update.1                    |  2 +-
 deps/npm/man/man1/version.1                   |  2 +-
 deps/npm/man/man1/view.1                      |  2 +-
 deps/npm/man/man1/whoami.1                    |  2 +-
 deps/npm/man/man3/bin.3                       |  2 +-
 deps/npm/man/man3/bugs.3                      |  2 +-
 deps/npm/man/man3/commands.3                  |  2 +-
 deps/npm/man/man3/config.3                    |  2 +-
 deps/npm/man/man3/deprecate.3                 |  2 +-
 deps/npm/man/man3/docs.3                      |  2 +-
 deps/npm/man/man3/edit.3                      |  2 +-
 deps/npm/man/man3/explore.3                   |  2 +-
 deps/npm/man/man3/help-search.3               |  2 +-
 deps/npm/man/man3/init.3                      |  2 +-
 deps/npm/man/man3/install.3                   |  2 +-
 deps/npm/man/man3/link.3                      |  2 +-
 deps/npm/man/man3/load.3                      |  2 +-
 deps/npm/man/man3/ls.3                        |  2 +-
 deps/npm/man/man3/npm.3                       |  4 +-
 deps/npm/man/man3/outdated.3                  |  2 +-
 deps/npm/man/man3/owner.3                     |  2 +-
 deps/npm/man/man3/pack.3                      |  2 +-
 deps/npm/man/man3/prefix.3                    |  2 +-
 deps/npm/man/man3/prune.3                     |  2 +-
 deps/npm/man/man3/publish.3                   |  2 +-
 deps/npm/man/man3/rebuild.3                   |  2 +-
 deps/npm/man/man3/restart.3                   |  2 +-
 deps/npm/man/man3/root.3                      |  2 +-
 deps/npm/man/man3/run-script.3                |  2 +-
 deps/npm/man/man3/search.3                    |  2 +-
 deps/npm/man/man3/shrinkwrap.3                |  2 +-
 deps/npm/man/man3/start.3                     |  2 +-
 deps/npm/man/man3/stop.3                      |  2 +-
 deps/npm/man/man3/submodule.3                 |  2 +-
 deps/npm/man/man3/tag.3                       |  2 +-
 deps/npm/man/man3/test.3                      |  2 +-
 deps/npm/man/man3/uninstall.3                 |  2 +-
 deps/npm/man/man3/unpublish.3                 |  2 +-
 deps/npm/man/man3/update.3                    |  2 +-
 deps/npm/man/man3/version.3                   |  2 +-
 deps/npm/man/man3/view.3                      |  2 +-
 deps/npm/man/man3/whoami.3                    |  2 +-
 .../node_modules/glob/{LICENCE => LICENSE}    | 22 +++---
 deps/npm/node_modules/glob/glob.js            | 47 +++++------
 deps/npm/node_modules/glob/package.json       |  4 +-
 .../node_modules/glob/test/bash-comparison.js |  5 +-
 .../node_modules/glob/test/pause-resume.js    | 14 +++-
 .../node_modules/graceful-fs/graceful-fs.js   | 32 ++++----
 .../npm/node_modules/graceful-fs/package.json | 19 ++++-
 .../npm/node_modules/graceful-fs/test/open.js | 41 ++++++++++
 deps/npm/node_modules/lru-cache/AUTHORS       |  2 +
 deps/npm/node_modules/lru-cache/README.md     |  9 ++-
 .../node_modules/lru-cache/lib/lru-cache.js   | 15 +++-
 deps/npm/node_modules/lru-cache/package.json  | 28 +++----
 deps/npm/node_modules/lru-cache/test/basic.js | 39 ++++++++++
 deps/npm/node_modules/mkdirp/.gitignore.orig  |  2 +
 deps/npm/node_modules/mkdirp/.gitignore.rej   |  5 ++
 .../node_modules/mkdirp/examples/pow.js.orig  |  6 ++
 .../node_modules/mkdirp/examples/pow.js.rej   | 19 +++++
 .../npm/node_modules/node-gyp/bin/node-gyp.js |  7 +-
 .../node_modules/node-gyp/lib/configure.js    | 60 ++++++++++++---
 .../npm/node_modules/node-gyp/lib/node-gyp.js | 16 ++--
 deps/npm/node_modules/node-gyp/package.json   |  9 +--
 .../read-package-json/package.json            |  6 +-
 .../read-package-json/read-json.js            | 34 ++++----
 .../read-package-json/test/basic.js           |  1 +
 .../test/fixtures/not-json.css                | 37 +++++++++
 .../read-package-json/test/non-json.js        | 77 +++++++++++++++++++
 deps/npm/node_modules/read/README.md          |  1 +
 deps/npm/node_modules/read/lib/read.js        |  2 +-
 .../read/node_modules/mute-stream/README.md   | 10 ++-
 .../read/node_modules/mute-stream/mute.js     | 18 ++++-
 .../node_modules/mute-stream/package.json     | 11 ++-
 .../node_modules/mute-stream/test/basic.js    | 59 ++++++++++++++
 deps/npm/node_modules/read/package.json       | 10 +--
 deps/npm/package.json                         |  2 +-
 deps/npm/test/packages/npm-test-blerg3/README |  1 +
 .../packages/npm-test-blerg3/package.json     |  5 ++
 .../npm/test/packages/npm-test-blerg3/test.js |  5 ++
 231 files changed, 862 insertions(+), 455 deletions(-)
 rename deps/npm/node_modules/glob/{LICENCE => LICENSE} (50%)
 create mode 100644 deps/npm/node_modules/graceful-fs/test/open.js
 create mode 100644 deps/npm/node_modules/mkdirp/.gitignore.orig
 create mode 100644 deps/npm/node_modules/mkdirp/.gitignore.rej
 create mode 100644 deps/npm/node_modules/mkdirp/examples/pow.js.orig
 create mode 100644 deps/npm/node_modules/mkdirp/examples/pow.js.rej
 create mode 100644 deps/npm/node_modules/read-package-json/test/fixtures/not-json.css
 create mode 100644 deps/npm/node_modules/read-package-json/test/non-json.js
 create mode 100644 deps/npm/test/packages/npm-test-blerg3/README
 create mode 100644 deps/npm/test/packages/npm-test-blerg3/package.json
 create mode 100644 deps/npm/test/packages/npm-test-blerg3/test.js

diff --git a/deps/npm/Makefile b/deps/npm/Makefile
index 96e3f37c0a9..9c38f97675e 100644
--- a/deps/npm/Makefile
+++ b/deps/npm/Makefile
@@ -113,13 +113,21 @@ publish: link doc
 
 docpublish: doc-publish
 doc-publish: doc
-	rsync -vazu --stats --no-implied-dirs --delete html/doc/ npmjs.org:/var/www/npmjs.org/public/doc
-	rsync -vazu --stats --no-implied-dirs --delete html/api/ npmjs.org:/var/www/npmjs.org/public/api
-	rsync -vazu --stats --no-implied-dirs --delete html/webfonts/ npmjs.org:/var/www/npmjs.org/public/webfonts
-	scp html/style.css npmjs.org:/var/www/npmjs.org/public/
+	rsync -vazu --stats --no-implied-dirs --delete \
+		html/doc/ \
+		node@npmjs.org:/home/node/npm-www/doc
+	rsync -vazu --stats --no-implied-dirs --delete \
+		html/api/ \
+		node@npmjs.org:/home/node/npm-www/api
+	rsync -vazu --stats --no-implied-dirs --delete \
+		html/webfonts/ \
+		node@npmjs.org:/home/node/npm-www/static/webfonts
+	rsync -vazu --stats --no-implied-dirs --delete \
+		html/style.css \
+		node@npmjs.org:/home/node/npm-www/static/
 
 zip-publish: release
-	scp release/* npmjs.org:/var/www/npmjs.org/public/dist/
+	scp release/* izs.me:/var/www/izs.me/static/public/npm/
 
 release:
 	@bash scripts/release.sh
diff --git a/deps/npm/doc/cli/npm.md b/deps/npm/doc/cli/npm.md
index cd3360d7c56..a325fdf2e8c 100644
--- a/deps/npm/doc/cli/npm.md
+++ b/deps/npm/doc/cli/npm.md
@@ -64,7 +64,7 @@ following help topics:
   Especially, installing other peoples code from the registry is done via
   `npm install`
 * adduser:
-  Create an account or log in.  Creditials are stored in the
+  Create an account or log in.  Credentials are stored in the
   user config file.
 * publish:
   Use the `npm publish` command to upload your code to the registry.
diff --git a/deps/npm/html/api/bin.html b/deps/npm/html/api/bin.html
index 7a76479d661..95d225ad710 100644
--- a/deps/npm/html/api/bin.html
+++ b/deps/npm/html/api/bin.html
@@ -2,7 +2,7 @@
 
   bin
   
-  
+  
 
   
     
    
@@ -19,7 +19,7 @@
 
    This function should not be used programmatically.  Instead, just refer
 to the npm.bin member.
    
 
    
-
+