Sync with native openssl-1.0.1i-3.fc21

Fixes various flaws (RHBZ#1096234 and RHBZ#1127705) CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3511 CVE-2014-3510 CVE-2014-3508 CVE-2014-3509 CVE-2014-0221 CVE-2014-0198 CVE-2014-0224 CVE-2014-0195 CVE-2010-5298 CVE-2014-3470
2014-08-21 16:14:47 +02:00 · 2014-08-21 16:14:47 +02:00 · 9edef96106
commit 9edef96106
parent 1f7c603ecc
28 changed files with 14373 additions and 2584 deletions
--- a/.gitignore
+++ b/.gitignore
@ -3,3 +3,4 @@ openssl-1.0.0a-usa.tar.bz2
 /openssl-1.0.1c-usa.tar.xz
 /openssl-1.0.1e-usa.tar.xz
 /openssl-1.0.1e-hobbled.tar.xz
 /openssl-1.0.1i-hobbled.tar.xz
--- a/mingw-openssl.spec
+++ b/mingw-openssl.spec
@ -23,8 +23,8 @@
 %global thread_test_threads %{?threads:%{threads}}%{!?threads:1}
 Name:           mingw-openssl
-Version:        1.0.1e
+Version:        1.0.1i
-Release:        7%{?dist}
+Release:        1%{?dist}
 Summary:        MinGW port of the OpenSSL toolkit
 License:        OpenSSL
@ -48,7 +48,7 @@ Source12:       ec_curve.c
 Source13:       ectest.c
 # Build changes
-Patch1:         openssl-1.0.1-beta2-rpmbuild.patch
+Patch1:         openssl-1.0.1e-rpmbuild.patch
 Patch2:         openssl-1.0.1e-defaults.patch
 Patch4:         openssl-1.0.0-beta5-enginesdir.patch
 Patch5:         openssl-0.9.8a-no-rpath.patch
@ -56,7 +56,8 @@ Patch6:         openssl-0.9.8b-test-use-localhost.patch
 Patch7:         openssl-1.0.0-timezone.patch
 Patch8:         openssl-1.0.1c-perlfind.patch
 Patch9:         openssl-1.0.1c-aliasing.patch
-Patch10:        openssl-1.0.1e-ppc64le-target.patch
+# This patch must be applied first
 Patch10:        openssl-1.0.1i-ppc-asm-update.patch
 # Bug fixes
 Patch23:        openssl-1.0.1c-default-paths.patch
 Patch24:        openssl-1.0.1e-issuer-hash.patch
@ -64,13 +65,11 @@ Patch24:        openssl-1.0.1e-issuer-hash.patch
 Patch33:        openssl-1.0.0-beta4-ca-dir.patch
 Patch34:        openssl-0.9.6-x509.patch
 Patch35:        openssl-0.9.8j-version-add-engines.patch
-Patch36:        openssl-1.0.0e-doc-noeof.patch
+Patch39:        openssl-1.0.1h-ipv6-apps.patch
-Patch38:        openssl-1.0.1-beta2-ssl-op-all.patch
+Patch40:        openssl-1.0.1g-fips.patch
 Patch39:        openssl-1.0.1c-ipv6-apps.patch
 Patch40:        openssl-1.0.1e-fips.patch
 Patch45:        openssl-1.0.1e-env-zlib.patch
 Patch47:        openssl-1.0.0-beta5-readme-warning.patch
-Patch49:        openssl-1.0.1a-algo-doc.patch
+Patch49:        openssl-1.0.1i-algo-doc.patch
 Patch50:        openssl-1.0.1-beta2-dtls1-abi.patch
 Patch51:        openssl-1.0.1e-version.patch
 Patch56:        openssl-1.0.0c-rsa-x931.patch
@ -82,28 +81,21 @@ Patch66:        openssl-1.0.1-pkgconfig-krb5.patch
 Patch68:        openssl-1.0.1e-secure-getenv.patch
 Patch69:        openssl-1.0.1c-dh-1024.patch
 Patch70:        openssl-1.0.1e-fips-ec.patch
-Patch71:        openssl-1.0.1e-manfix.patch
+Patch71:        openssl-1.0.1i-manfix.patch
 Patch72:        openssl-1.0.1e-fips-ctor.patch
 Patch73:        openssl-1.0.1e-ecc-suiteb.patch
 Patch74:        openssl-1.0.1e-no-md5-verify.patch
 Patch75:        openssl-1.0.1e-compat-symbols.patch
-Patch76:        openssl-1.0.1e-new-fips-reqs.patch
+Patch76:        openssl-1.0.1i-new-fips-reqs.patch
 Patch77:        openssl-1.0.1e-weak-ciphers.patch
-Patch78:        openssl-1.0.1e-3des-strength.patch
+Patch90:        openssl-1.0.1e-enc-fail.patch
-Patch79:        openssl-1.0.1e-req-keylen.patch
+Patch92:        openssl-1.0.1h-system-cipherlist.patch
 Patch93:        openssl-1.0.1h-disable-sslv2v3.patch
 # Backported fixes including security fixes
 Patch81:        openssl-1.0.1-beta2-padlock64.patch
-Patch82:        openssl-1.0.1e-backports.patch
+Patch84:        openssl-1.0.1i-trusted-first.patch
 Patch83:        openssl-1.0.1e-bad-mac.patch
 Patch84:        openssl-1.0.1e-trusted-first.patch
 Patch85:        openssl-1.0.1e-arm-use-elf-auxv-caps.patch
 Patch86:        openssl-1.0.1e-cve-2013-6449.patch
 Patch87:        openssl-1.0.1e-cve-2013-6450.patch
 Patch88:        openssl-1.0.1e-cve-2013-4353.patch
 Patch89:        openssl-1.0.1e-ephemeral-key-size.patch
 Patch90:        openssl-1.0.1e-enc-fail.patch
 # upstream patch for CVE-2014-0160
 Patch100:       openssl.git-96db902.patch
 # MinGW-specific patches.
 # Rename *eay32.dll to lib*.dll
@ -217,6 +209,7 @@ Static version of the MinGW port of the OpenSSL toolkit.
 cp %{SOURCE12} %{SOURCE13} crypto/ec/
 %patch10 -p1 -b .ppc-asm
 %patch1 -p1 -b .rpmbuild
 %patch2 -p1 -b .defaults
 %patch4 -p1 -b .enginesdir %{?_rawbuild}
@ -225,7 +218,6 @@ cp %{SOURCE12} %{SOURCE13} crypto/ec/
 %patch7 -p1 -b .timezone
 %patch8 -p1 -b .perlfind %{?_rawbuild}
 %patch9 -p1 -b .aliasing
 %patch10 -p1 -b .ppc64le
 %patch23 -p1 -b .default-paths
 %patch24 -p1 -b .issuer-hash
@ -233,8 +225,6 @@ cp %{SOURCE12} %{SOURCE13} crypto/ec/
 %patch33 -p1 -b .ca-dir
 %patch34 -p1 -b .x509
 %patch35 -p1 -b .version-add-engines
 %patch36 -p1 -b .doc-noeof
 %patch38 -p1 -b .op-all
 #patch39 -p1 -b .ipv6-apps
 %patch40 -p1 -b .fips
 %patch45 -p1 -b .env-zlib
@ -251,27 +241,21 @@ cp %{SOURCE12} %{SOURCE13} crypto/ec/
 #patch68 -p1 -b .secure-getenv
 %patch69 -p1 -b .dh1024
 #patch70 -p1 -b .fips-ec
 %patch71 -p1 -b .manfix
 #patch72 -p1 -b .fips-ctor
 %patch73 -p1 -b .suiteb
 #patch74 -p1 -b .no-md5-verify
 %patch75 -p1 -b .compat
 #patch76 -p1 -b .fips-reqs
 %patch77 -p1 -b .weak-ciphers
-%patch78 -p1 -b .3des-strength
+%patch90 -p1 -b .enc-fail
-%patch79 -p1 -b .keylen
+%patch92 -p1 -b .system
 %patch93 -p1 -b .v2v3
 %patch81 -p1 -b .padlock64
 %patch82 -p1 -b .backports
 %patch71 -p1 -b .manfix
 %patch83 -p1 -b .bad-mac
 %patch84 -p1 -b .trusted-first
 %patch85 -p1 -b .armcap
-%patch86 -p1 -b .hash-crash
+#patch89 -p1 -b .ephemeral
 %patch87 -p1 -b .dtls1-mitm
 %patch88 -p1 -b .handshake-crash
 #%patch89 -p1 -b .ephemeral
 %patch90 -p1 -b .enc-fail
 %patch100 -p1 -b .CVE-2014-0160
 # MinGW specific patches
 %patch101 -p1 -b .mingw-libversion
@ -516,6 +500,14 @@ mkdir -m700 $RPM_BUILD_ROOT%{mingw64_sysconfdir}/pki/CA/private
 %changelog
 * Thu Aug 21 2014 Marc-André Lureau <marcandre.lureau@redhat.com> - 1.0.1i-1
 - Synced with native openssl-1.0.1i-3.fc21
 - Fixes various flaws (RHBZ#1096234 and RHBZ#1127705)
  CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3511
  CVE-2014-3510 CVE-2014-3508 CVE-2014-3509 CVE-2014-0221
  CVE-2014-0198 CVE-2014-0224 CVE-2014-0195 CVE-2010-5298
  CVE-2014-3470
 * Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.1e-7
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--- a/openssl-1.0.0c-fips-md5-allow.patch
+++ b/openssl-1.0.0c-fips-md5-allow.patch
@ -1,20 +0,0 @@
 diff -up openssl-1.0.0c/crypto/md5/md5_dgst.c.md5-allow openssl-1.0.0c/crypto/md5/md5_dgst.c
 --- openssl-1.0.0c/crypto/md5/md5_dgst.c.md5-allow	2011-02-03 19:53:28.000000000 +0100
 +++ openssl-1.0.0c/crypto/md5/md5_dgst.c	2011-02-03 20:33:14.000000000 +0100
@@ -75,7 +75,15 @@ const char MD5_version[]="MD5" OPENSSL_V
 #define INIT_DATA_C (unsigned long)0x98badcfeL
 #define INIT_DATA_D (unsigned long)0x10325476L
 -FIPS_NON_FIPS_MD_Init(MD5)
 +int MD5_Init(MD5_CTX *c)
 +#ifdef OPENSSL_FIPS
 +	{
 +	if (FIPS_mode() && getenv("OPENSSL_FIPS_NON_APPROVED_MD5_ALLOW") == NULL)
 +		FIPS_BAD_ALGORITHM(alg)
 +	return private_MD5_Init(c);
 +	}
 +int private_MD5_Init(MD5_CTX *c)
 +#endif
 	{
 	memset (c,0,sizeof(*c));
 	c->A=INIT_DATA_A;
--- a/openssl-1.0.0e-doc-noeof.patch
+++ b/openssl-1.0.0e-doc-noeof.patch
@ -1,23 +0,0 @@
 diff -up openssl-1.0.0e/doc/apps/s_client.pod.doc-noeof openssl-1.0.0e/doc/apps/s_client.pod
 --- openssl-1.0.0e/doc/apps/s_client.pod.doc-noeof	2009-06-26 13:28:51.000000000 +0200
 +++ openssl-1.0.0e/doc/apps/s_client.pod	2011-11-03 08:30:35.000000000 +0100
@@ -27,6 +27,7 @@ B<openssl> B<s_client>
 [B<-nbio>]
 [B<-crlf>]
 [B<-ign_eof>]
 +[B<-no_ign_eof>]
 [B<-quiet>]
 [B<-ssl2>]
 [B<-ssl3>]
@@ -161,6 +162,11 @@ by some servers.
 inhibit shutting down the connection when end of file is reached in the
 input.
 +=item B<-no_ign_eof>
 +
 +shut down the connection when end of file is reached in the
 +input. Can be used to override the implicit B<-ign_eof> after B<-quiet>.
 +
 =item B<-quiet>
 inhibit printing of session and certificate information.  This implicitly
--- a/openssl-1.0.1-beta2-ssl-op-all.patch
+++ b/openssl-1.0.1-beta2-ssl-op-all.patch
@ -1,21 +0,0 @@
 diff -up openssl-1.0.1-beta2/ssl/ssl.h.op-all openssl-1.0.1-beta2/ssl/ssl.h
 --- openssl-1.0.1-beta2/ssl/ssl.h.op-all	2012-02-02 12:49:00.828035916 +0100
 +++ openssl-1.0.1-beta2/ssl/ssl.h	2012-02-02 12:52:27.297818182 +0100
@@ -540,7 +540,7 @@ struct ssl_session_st
 #define SSL_OP_NETSCAPE_CHALLENGE_BUG			0x00000002L
 /* Allow initial connection to servers that don't support RI */
 #define SSL_OP_LEGACY_SERVER_CONNECT			0x00000004L
 -#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG		0x00000008L
 +#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG		0x00000008L /* no effect since 1.0.0c due to CVE-2010-4180 */
 #define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG		0x00000010L
 #define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER		0x00000020L
 #define SSL_OP_MSIE_SSLV2_RSA_PADDING			0x00000040L /* no effect since 0.9.7h and 0.9.8b */
@@ -558,7 +558,7 @@ struct ssl_session_st
 /* SSL_OP_ALL: various bug workarounds that should be rather harmless.
  *             This used to be 0x000FFFFFL before 0.9.7. */
 -#define SSL_OP_ALL					0x80000BFFL
 +#define SSL_OP_ALL					0x80000BF7L /* we still have to include SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS */
 /* DTLS options */
 #define SSL_OP_NO_QUERY_MTU                 0x00001000L
--- a/openssl-1.0.1e-3des-strength.patch
+++ b/openssl-1.0.1e-3des-strength.patch
@ -1,171 +0,0 @@
 Although the real strength is rather 112 bits we use 128 here as
 we do not want to sort it behind more obscure ciphers.
 AES-128 is preferred anyway.
 diff -up openssl-1.0.1e/ssl/s2_lib.c.3des-strength openssl-1.0.1e/ssl/s2_lib.c
 --- openssl-1.0.1e/ssl/s2_lib.c.3des-strength	2013-02-11 16:26:04.000000000 +0100
 +++ openssl-1.0.1e/ssl/s2_lib.c	2014-01-22 16:32:45.791700322 +0100
@@ -250,7 +250,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_cip
 	SSL_SSLV2,
 	SSL_NOT_EXP|SSL_HIGH,
 	0,
 -	168,
 +	128,
 	168,
 	},
 diff -up openssl-1.0.1e/ssl/s3_lib.c.3des-strength openssl-1.0.1e/ssl/s3_lib.c
 --- openssl-1.0.1e/ssl/s3_lib.c.3des-strength	2014-01-17 11:41:11.000000000 +0100
 +++ openssl-1.0.1e/ssl/s3_lib.c	2014-01-22 16:31:14.713666777 +0100
@@ -328,7 +328,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
 	SSL_SSLV3,
 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 -	168,
 +	128,
 	168,
 	},
@@ -377,7 +377,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
 	SSL_SSLV3,
 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 -	168,
 +	128,
 	168,
 	},
@@ -425,7 +425,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
 	SSL_SSLV3,
 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 -	168,
 +	128,
 	168,
 	},
@@ -474,7 +474,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
 	SSL_SSLV3,
 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 -	168,
 +	128,
 	168,
 	},
@@ -522,7 +522,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
 	SSL_SSLV3,
 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 -	168,
 +	128,
 	168,
 	},
@@ -602,7 +602,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
 	SSL_SSLV3,
 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 -	168,
 +	128,
 	168,
 	},
@@ -687,7 +687,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
 	SSL_SSLV3,
 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 -	168,
 +	128,
 	168,
 	},
@@ -751,7 +751,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
 	SSL_SSLV3,
 	SSL_NOT_EXP|SSL_HIGH,
 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 -	168,
 +	128,
 	168,
 	},
@@ -1685,7 +1685,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
 	SSL_TLSV1,
 	SSL_NOT_EXP|SSL_HIGH,
 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 -	168,
 +	128,
 	168,
 	},
@@ -2062,7 +2062,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
 	SSL_TLSV1,
 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 -	168,
 +	128,
 	168,
 	},
@@ -2142,7 +2142,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
 	SSL_TLSV1,
 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 -	168,
 +	128,
 	168,
 	},
@@ -2222,7 +2222,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
 	SSL_TLSV1,
 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 -	168,
 +	128,
 	168,
 	},
@@ -2302,7 +2302,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
 	SSL_TLSV1,
 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 -	168,
 +	128,
 	168,
 	},
@@ -2382,7 +2382,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
 	SSL_TLSV1,
 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 -	168,
 +	128,
 	168,
 	},
@@ -2432,7 +2432,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
 	SSL_TLSV1,
 	SSL_NOT_EXP|SSL_HIGH,
 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 -	168,
 +	128,
 	168,
 	},
@@ -2448,7 +2448,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
 	SSL_TLSV1,
 	SSL_NOT_EXP|SSL_HIGH,
 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 -	168,
 +	128,
 	168,
 	},
@@ -2464,7 +2464,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
 	SSL_TLSV1,
 	SSL_NOT_EXP|SSL_HIGH,
 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 -	168,
 +	128,
 	168,
 	},
--- a/openssl-1.0.1e-backports.patch
+++ b/openssl-1.0.1e-backports.patch
@ -1,345 +0,0 @@
 diff -up openssl-1.0.1e/crypto/pem/pem_info.c.backports openssl-1.0.1e/crypto/pem/pem_info.c
 --- openssl-1.0.1e/crypto/pem/pem_info.c.backports	2013-02-11 16:26:04.000000000 +0100
 +++ openssl-1.0.1e/crypto/pem/pem_info.c	2013-08-16 15:31:35.726003892 +0200
@@ -167,6 +167,7 @@ start:
 #ifndef OPENSSL_NO_RSA
 			if (strcmp(name,PEM_STRING_RSA) == 0)
 			{
 +			d2i=(D2I_OF(void))d2i_RSAPrivateKey;
 			if (xi->x_pkey != NULL) 
 				{
 				if (!sk_X509_INFO_push(ret,xi)) goto err;
 diff -up openssl-1.0.1e/crypto/rsa/rsa_pmeth.c.backports openssl-1.0.1e/crypto/rsa/rsa_pmeth.c
 --- openssl-1.0.1e/crypto/rsa/rsa_pmeth.c.backports	2013-08-16 15:31:35.697003256 +0200
 +++ openssl-1.0.1e/crypto/rsa/rsa_pmeth.c	2013-08-16 15:33:37.770673918 +0200
@@ -582,6 +582,8 @@ static int pkey_rsa_ctrl_str(EVP_PKEY_CT
 			pm = RSA_NO_PADDING;
 		else if (!strcmp(value, "oeap"))
 			pm = RSA_PKCS1_OAEP_PADDING;
 +		else if (!strcmp(value, "oaep"))
 +			pm = RSA_PKCS1_OAEP_PADDING;
 		else if (!strcmp(value, "x931"))
 			pm = RSA_X931_PADDING;
 		else if (!strcmp(value, "pss"))
 diff -up openssl-1.0.1e/crypto/x509/x509_vfy.c.backports openssl-1.0.1e/crypto/x509/x509_vfy.c
 --- openssl-1.0.1e/crypto/x509/x509_vfy.c.backports	2013-08-16 15:31:35.721003782 +0200
 +++ openssl-1.0.1e/crypto/x509/x509_vfy.c	2013-08-16 15:31:35.726003892 +0200
@@ -696,6 +696,7 @@ static int check_cert(X509_STORE_CTX *ct
 	X509_CRL *crl = NULL, *dcrl = NULL;
 	X509 *x;
 	int ok, cnum;
 +	unsigned int last_reasons;
 	cnum = ctx->error_depth;
 	x = sk_X509_value(ctx->chain, cnum);
 	ctx->current_cert = x;
@@ -704,6 +705,7 @@ static int check_cert(X509_STORE_CTX *ct
 	ctx->current_reasons = 0;
 	while (ctx->current_reasons != CRLDP_ALL_REASONS)
 		{
 +		last_reasons = ctx->current_reasons;
 		/* Try to retrieve relevant CRL */
 		if (ctx->get_crl)
 			ok = ctx->get_crl(ctx, &crl, x);
@@ -747,6 +749,15 @@ static int check_cert(X509_STORE_CTX *ct
 		X509_CRL_free(dcrl);
 		crl = NULL;
 		dcrl = NULL;
 +		/* If reasons not updated we wont get anywhere by
 +		 * another iteration, so exit loop.
 +		 */
 +		if (last_reasons == ctx->current_reasons)
 +			{
 +			ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL;
 +			ok = ctx->verify_cb(0, ctx);
 +			goto err;
 +			}
 		}
 	err:
 	X509_CRL_free(crl);
 diff -up openssl-1.0.1e/crypto/x509/x_all.c.backports openssl-1.0.1e/crypto/x509/x_all.c
 --- openssl-1.0.1e/crypto/x509/x_all.c.backports	2013-02-11 16:26:04.000000000 +0100
 +++ openssl-1.0.1e/crypto/x509/x_all.c	2013-08-16 15:33:25.247399940 +0200
@@ -97,6 +97,7 @@ int X509_sign(X509 *x, EVP_PKEY *pkey, c
 int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx)
 	{
 +	x->cert_info->enc.modified = 1;
 	return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CINF),
 		x->cert_info->signature,
 		x->sig_alg, x->signature, x->cert_info, ctx);
@@ -123,6 +124,7 @@ int X509_CRL_sign(X509_CRL *x, EVP_PKEY
 int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx)
 	{
 +	x->crl->enc.modified = 1;
 	return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CRL_INFO),
 		x->crl->sig_alg, x->sig_alg, x->signature, x->crl, ctx);
 	}
 diff -up openssl-1.0.1e/doc/crypto/X509_STORE_CTX_get_error.pod.backports openssl-1.0.1e/doc/crypto/X509_STORE_CTX_get_error.pod
 --- openssl-1.0.1e/doc/crypto/X509_STORE_CTX_get_error.pod.backports	2013-02-11 16:26:04.000000000 +0100
 +++ openssl-1.0.1e/doc/crypto/X509_STORE_CTX_get_error.pod	2013-08-16 15:31:35.727003914 +0200
@@ -278,6 +278,8 @@ happen if extended CRL checking is enabl
 an application specific error. This will never be returned unless explicitly
 set by an application.
 +=back
 +
 =head1 NOTES
 The above functions should be used instead of directly referencing the fields
 diff -up openssl-1.0.1e/doc/ssl/SSL_accept.pod.backports openssl-1.0.1e/doc/ssl/SSL_accept.pod
 --- openssl-1.0.1e/doc/ssl/SSL_accept.pod.backports	2013-02-11 16:02:48.000000000 +0100
 +++ openssl-1.0.1e/doc/ssl/SSL_accept.pod	2013-08-16 15:31:35.727003914 +0200
@@ -44,17 +44,17 @@ The following return values can occur:
 =over 4
 -=item 1
 -
 -The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
 -established.
 -
 =item 0
 The TLS/SSL handshake was not successful but was shut down controlled and
 by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
 return value B<ret> to find out the reason.
 +=item 1
 +
 +The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
 +established.
 +
 =item E<lt>0
 The TLS/SSL handshake was not successful because a fatal error occurred either
 diff -up openssl-1.0.1e/doc/ssl/SSL_connect.pod.backports openssl-1.0.1e/doc/ssl/SSL_connect.pod
 --- openssl-1.0.1e/doc/ssl/SSL_connect.pod.backports	2013-02-11 16:02:48.000000000 +0100
 +++ openssl-1.0.1e/doc/ssl/SSL_connect.pod	2013-08-16 15:31:35.727003914 +0200
@@ -41,17 +41,17 @@ The following return values can occur:
 =over 4
 -=item 1
 -
 -The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
 -established.
 -
 =item 0
 The TLS/SSL handshake was not successful but was shut down controlled and
 by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
 return value B<ret> to find out the reason.
 +=item 1
 +
 +The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
 +established.
 +
 =item E<lt>0
 The TLS/SSL handshake was not successful, because a fatal error occurred either
 diff -up openssl-1.0.1e/doc/ssl/SSL_CTX_set_client_CA_list.pod.backports openssl-1.0.1e/doc/ssl/SSL_CTX_set_client_CA_list.pod
 --- openssl-1.0.1e/doc/ssl/SSL_CTX_set_client_CA_list.pod.backports	2013-02-11 16:02:48.000000000 +0100
 +++ openssl-1.0.1e/doc/ssl/SSL_CTX_set_client_CA_list.pod	2013-08-16 15:31:35.727003914 +0200
@@ -66,16 +66,16 @@ values:
 =over 4
 -=item 1
 -
 -The operation succeeded.
 -
 =item 0
 A failure while manipulating the STACK_OF(X509_NAME) object occurred or
 the X509_NAME could not be extracted from B<cacert>. Check the error stack
 to find out the reason.
 +=item 1
 +
 +The operation succeeded.
 +
 =back
 =head1 EXAMPLES
 diff -up openssl-1.0.1e/doc/ssl/SSL_CTX_use_psk_identity_hint.pod.backports openssl-1.0.1e/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
 --- openssl-1.0.1e/doc/ssl/SSL_CTX_use_psk_identity_hint.pod.backports	2013-02-11 16:26:04.000000000 +0100
 +++ openssl-1.0.1e/doc/ssl/SSL_CTX_use_psk_identity_hint.pod	2013-08-16 15:31:35.727003914 +0200
@@ -81,6 +81,8 @@ SSL_CTX_use_psk_identity_hint() and SSL_
 Return values from the server callback are interpreted as follows:
 +=over 4
 +
 =item > 0
 PSK identity was found and the server callback has provided the PSK
@@ -99,4 +101,6 @@ completely.
 PSK identity was not found. An "unknown_psk_identity" alert message
 will be sent and the connection setup fails.
 +=back
 +
 =cut
 diff -up openssl-1.0.1e/doc/ssl/SSL_do_handshake.pod.backports openssl-1.0.1e/doc/ssl/SSL_do_handshake.pod
 --- openssl-1.0.1e/doc/ssl/SSL_do_handshake.pod.backports	2013-02-11 16:02:48.000000000 +0100
 +++ openssl-1.0.1e/doc/ssl/SSL_do_handshake.pod	2013-08-16 15:31:35.727003914 +0200
@@ -45,17 +45,17 @@ The following return values can occur:
 =over 4
 -=item 1
 -
 -The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
 -established.
 -
 =item 0
 The TLS/SSL handshake was not successful but was shut down controlled and
 by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
 return value B<ret> to find out the reason.
 +=item 1
 +
 +The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
 +established.
 +
 =item E<lt>0
 The TLS/SSL handshake was not successful because a fatal error occurred either
 diff -up openssl-1.0.1e/doc/ssl/SSL_shutdown.pod.backports openssl-1.0.1e/doc/ssl/SSL_shutdown.pod
 --- openssl-1.0.1e/doc/ssl/SSL_shutdown.pod.backports	2013-02-11 16:02:48.000000000 +0100
 +++ openssl-1.0.1e/doc/ssl/SSL_shutdown.pod	2013-08-16 15:31:35.728003935 +0200
@@ -92,11 +92,6 @@ The following return values can occur:
 =over 4
 -=item 1
 -
 -The shutdown was successfully completed. The "close notify" alert was sent
 -and the peer's "close notify" alert was received.
 -
 =item 0
 The shutdown is not yet finished. Call SSL_shutdown() for a second time,
@@ -104,6 +99,11 @@ if a bidirectional shutdown shall be per
 The output of L<SSL_get_error(3)|SSL_get_error(3)> may be misleading, as an
 erroneous SSL_ERROR_SYSCALL may be flagged even though no error occurred.
 +=item 1
 +
 +The shutdown was successfully completed. The "close notify" alert was sent
 +and the peer's "close notify" alert was received.
 +
 =item -1
 The shutdown was not successful because a fatal error occurred either
 diff -up openssl-1.0.1e/ssl/d1_lib.c.backports openssl-1.0.1e/ssl/d1_lib.c
 --- openssl-1.0.1e/ssl/d1_lib.c.backports	2013-02-11 16:26:04.000000000 +0100
 +++ openssl-1.0.1e/ssl/d1_lib.c	2013-08-16 15:33:33.306576363 +0200
@@ -196,6 +196,7 @@ void dtls1_free(SSL *s)
 	pqueue_free(s->d1->buffered_app_data.q);
 	OPENSSL_free(s->d1);
 +	s->d1 = NULL;
 	}
 void dtls1_clear(SSL *s)
 diff -up openssl-1.0.1e/ssl/d1_pkt.c.backports openssl-1.0.1e/ssl/d1_pkt.c
 --- openssl-1.0.1e/ssl/d1_pkt.c.backports	2013-02-11 16:26:04.000000000 +0100
 +++ openssl-1.0.1e/ssl/d1_pkt.c	2013-08-16 15:31:35.728003935 +0200
@@ -847,6 +847,12 @@ start:
 			}
 		}
 +	if (s->d1->listen && rr->type != SSL3_RT_HANDSHAKE)
 +		{
 +		rr->length = 0;
 +		goto start;
 +		}
 +
 	/* we now have a packet which can be read and processed */
 	if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
@@ -1051,6 +1057,7 @@ start:
 			!(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) &&
 			!s->s3->renegotiate)
 			{
 +			s->d1->handshake_read_seq++;
 			s->new_session = 1;
 			ssl3_renegotiate(s);
 			if (ssl3_renegotiate_check(s))
 diff -up openssl-1.0.1e/ssl/d1_srvr.c.backports openssl-1.0.1e/ssl/d1_srvr.c
 --- openssl-1.0.1e/ssl/d1_srvr.c.backports	2013-02-11 16:26:04.000000000 +0100
 +++ openssl-1.0.1e/ssl/d1_srvr.c	2013-08-16 15:31:35.728003935 +0200
@@ -276,10 +276,11 @@ int dtls1_accept(SSL *s)
 		case SSL3_ST_SW_HELLO_REQ_B:
 			s->shutdown=0;
 +			dtls1_clear_record_buffer(s);
 			dtls1_start_timer(s);
 			ret=dtls1_send_hello_request(s);
 			if (ret <= 0) goto end;
 -			s->s3->tmp.next_state=SSL3_ST_SW_HELLO_REQ_C;
 +			s->s3->tmp.next_state=SSL3_ST_SR_CLNT_HELLO_A;
 			s->state=SSL3_ST_SW_FLUSH;
 			s->init_num=0;
 diff -up openssl-1.0.1e/ssl/s3_cbc.c.backports openssl-1.0.1e/ssl/s3_cbc.c
 --- openssl-1.0.1e/ssl/s3_cbc.c.backports	2013-02-11 16:26:04.000000000 +0100
 +++ openssl-1.0.1e/ssl/s3_cbc.c	2013-08-16 15:31:35.729003956 +0200
@@ -148,7 +148,7 @@ int tls1_cbc_remove_padding(const SSL* s
 	unsigned padding_length, good, to_check, i;
 	const unsigned overhead = 1 /* padding length byte */ + mac_size;
 	/* Check if version requires explicit IV */
 -	if (s->version >= TLS1_1_VERSION || s->version == DTLS1_VERSION)
 +	if (s->version >= TLS1_1_VERSION || s->version == DTLS1_BAD_VER)
 		{
 		/* These lengths are all public so we can test them in
 		 * non-constant time.
 diff -up openssl-1.0.1e/ssl/ssl_lib.c.backports openssl-1.0.1e/ssl/ssl_lib.c
 --- openssl-1.0.1e/ssl/ssl_lib.c.backports	2013-02-11 16:26:04.000000000 +0100
 +++ openssl-1.0.1e/ssl/ssl_lib.c	2013-08-16 15:31:35.729003956 +0200
@@ -1797,7 +1797,9 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m
 	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data);
 	ret->extra_certs=NULL;
 -	ret->comp_methods=SSL_COMP_get_compression_methods();
 +	/* No compression for DTLS */
 +	if (meth->version != DTLS1_VERSION)
 +		ret->comp_methods=SSL_COMP_get_compression_methods();
 	ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;
@@ -2792,9 +2794,7 @@ void ssl_clear_cipher_ctx(SSL *s)
 /* Fix this function so that it takes an optional type parameter */
 X509 *SSL_get_certificate(const SSL *s)
 	{
 -	if (s->server)
 -		return(ssl_get_server_send_cert(s));
 -	else if (s->cert != NULL)
 +	if (s->cert != NULL)
 		return(s->cert->key->x509);
 	else
 		return(NULL);
 diff --git a/crypto/x86cpuid.pl b/crypto/x86cpuid.pl
 index 3b6c469..e8a7518 100644
 --- a/crypto/x86cpuid.pl
 +++ b/crypto/x86cpuid.pl
@@ -69,6 +69,7 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
 	&inc	("esi");		# number of cores
 	&mov	("eax",1);
 +	&xor	("ecx","ecx");
 	&cpuid	();
 	&bt	("edx",28);
 	&jnc	(&label("generic"));
@@ -102,6 +103,7 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
 &set_label("nocacheinfo");
 	&mov	("eax",1);
 +	&xor	("ecx","ecx");
 	&cpuid	();
 	&and	("edx",0xbfefffff);	# force reserved bits #20, #30 to 0
 	&cmp	("ebp",0);
--- a/openssl-1.0.1e-bad-mac.patch
+++ b/openssl-1.0.1e-bad-mac.patch
@ -1,33 +0,0 @@
 From 9ab3ce124616cb12bd39c6aa1e1bde0f46969b29 Mon Sep 17 00:00:00 2001
 From: Andy Polyakov <appro@openssl.org>
 Date: Mon, 18 Mar 2013 19:29:41 +0100
 Subject: [PATCH] e_aes_cbc_hmac_sha1.c: fix rare bad record mac on AES-NI
 plaforms.
 PR: 3002
 (cherry picked from commit 5c60046553716fcf160718f59160493194f212dc)
 ---
 crypto/evp/e_aes_cbc_hmac_sha1.c |    5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)
 diff --git a/crypto/evp/e_aes_cbc_hmac_sha1.c b/crypto/evp/e_aes_cbc_hmac_sha1.c
 index 483e04b..fb2c884 100644
 --- a/crypto/evp/e_aes_cbc_hmac_sha1.c
 +++ b/crypto/evp/e_aes_cbc_hmac_sha1.c
@@ -328,10 +328,11 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 				if (res!=SHA_CBLOCK) continue;
 -				mask = 0-((inp_len+8-j)>>(sizeof(j)*8-1));
 +				/* j is not incremented yet */
 +				mask = 0-((inp_len+7-j)>>(sizeof(j)*8-1));
 				data->u[SHA_LBLOCK-1] |= bitlen&mask;
 				sha1_block_data_order(&key->md,data,1);
 -				mask &= 0-((j-inp_len-73)>>(sizeof(j)*8-1));
 +				mask &= 0-((j-inp_len-72)>>(sizeof(j)*8-1));
 				pmac->u[0] |= key->md.h0 & mask;
 				pmac->u[1] |= key->md.h1 & mask;
 				pmac->u[2] |= key->md.h2 & mask;
 -- 
 1.7.9.5
--- a/openssl-1.0.1e-cve-2013-4353.patch
+++ b/openssl-1.0.1e-cve-2013-4353.patch
@ -1,21 +0,0 @@
 Fix for TLS record tampering bug. A carefully crafted invalid 
 handshake could crash OpenSSL with a NULL pointer exception.
 Thanks to Anton Johansson for reporting this issues.
 (CVE-2013-4353)
 diff --git a/ssl/s3_both.c b/ssl/s3_both.c
 index 1e5dcab..53b9390 100644
 --- a/ssl/s3_both.c
 +++ b/ssl/s3_both.c
@@ -210,7 +210,11 @@ static void ssl3_take_mac(SSL *s)
 	{
 	const char *sender;
 	int slen;
 -
 +	/* If no new cipher setup return immediately: other functions will
 +	 * set the appropriate error.
 +	 */
 +	if (s->s3->tmp.new_cipher == NULL)
 +		return;
 	if (s->state & SSL_ST_CONNECT)
 		{
 		sender=s->method->ssl3_enc->server_finished_label;
--- a/openssl-1.0.1e-cve-2013-6449.patch
+++ b/openssl-1.0.1e-cve-2013-6449.patch
@ -1,111 +0,0 @@
 Use version in SSL_METHOD not SSL structure.
 When deciding whether to use TLS 1.2 PRF and record hash algorithms
 use the version number in the corresponding SSL_METHOD structure
 instead of the SSL structure. The SSL structure version is sometimes
 inaccurate. Note: OpenSSL 1.0.2 and later effectively do this already.
 (CVE-2013-6449)
 Also preventively check EVP errors for handshake digests.
 diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
 index bf832bb..c4ef273 100644
 --- a/ssl/s3_lib.c
 +++ b/ssl/s3_lib.c
@@ -4286,7 +4286,7 @@ need to go to SSL_ST_ACCEPT.
 long ssl_get_algorithm2(SSL *s)
 	{
 	long alg2 = s->s3->tmp.new_cipher->algorithm2;
 -	if (TLS1_get_version(s) >= TLS1_2_VERSION &&
 +	if (s->method->version == TLS1_2_VERSION &&
 	    alg2 == (SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF))
 		return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
 	return alg2;
 diff --git a/ssl/s3_both.c b/ssl/s3_both.c
 index ead01c8..1e5dcab 100644
 --- a/ssl/s3_both.c
 +++ b/ssl/s3_both.c
@@ -161,6 +161,8 @@ int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
 		i=s->method->ssl3_enc->final_finish_mac(s,
 			sender,slen,s->s3->tmp.finish_md);
 +		if (i == 0)
 +			return 0;
 		s->s3->tmp.finish_md_len = i;
 		memcpy(p, s->s3->tmp.finish_md, i);
 		p+=i;
 diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
 index 804291e..c4bc4e7 100644
 --- a/ssl/s3_pkt.c
 +++ b/ssl/s3_pkt.c
@@ -335,7 +335,7 @@ fprintf(stderr, "Record type=%d, Length=%d\n", rr->type, rr->length);
 			if (version != s->version)
 				{
 				SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
 -                                if ((s->version & 0xFF00) == (version & 0xFF00))
 +                                if ((s->version & 0xFF00) == (version & 0xFF00) && !s->enc_write_ctx && !s->write_hash)
                                 	/* Send back error using their minor version number :-) */
 					s->version = (unsigned short)version;
 				al=SSL_AD_PROTOCOL_VERSION;
@@ -1459,8 +1459,14 @@ int ssl3_do_change_cipher_spec(SSL *s)
 		slen=s->method->ssl3_enc->client_finished_label_len;
 		}
 -	s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s,
 +	i = s->method->ssl3_enc->final_finish_mac(s,
 		sender,slen,s->s3->tmp.peer_finish_md);
 +	if (i == 0)
 +		{
 +		SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC, ERR_R_INTERNAL_ERROR);
 +		return 0;
 +		}
 +	s->s3->tmp.peer_finish_md_len = i;
 	return(1);
 	}
 diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
 index e5a8b3f..52efed3 100644
 --- a/ssl/s3_srvr.c
 +++ b/ssl/s3_srvr.c
@@ -958,7 +958,8 @@ int ssl3_get_client_hello(SSL *s)
 	    (s->version != DTLS1_VERSION && s->client_version < s->version))
 		{
 		SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_WRONG_VERSION_NUMBER);
 -		if ((s->client_version>>8) == SSL3_VERSION_MAJOR)
 +		if ((s->client_version>>8) == SSL3_VERSION_MAJOR && 
 +			!s->enc_write_ctx && !s->write_hash)
 			{
 			/* similar to ssl3_get_record, send alert using remote version number */
 			s->version = s->client_version;
 diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
 index 809ad2e..72015f5 100644
 --- a/ssl/t1_enc.c
 +++ b/ssl/t1_enc.c
@@ -915,18 +915,19 @@ int tls1_final_finish_mac(SSL *s,
 		if (mask & ssl_get_algorithm2(s))
 			{
 			int hashsize = EVP_MD_size(md);
 -			if (hashsize < 0 || hashsize > (int)(sizeof buf - (size_t)(q-buf)))
 +			EVP_MD_CTX *hdgst = s->s3->handshake_dgst[idx];
 +			if (!hdgst || hashsize < 0 || hashsize > (int)(sizeof buf - (size_t)(q-buf)))
 				{
 				/* internal error: 'buf' is too small for this cipersuite! */
 				err = 1;
 				}
 			else
 				{
 -				EVP_MD_CTX_copy_ex(&ctx,s->s3->handshake_dgst[idx]);
 -				EVP_DigestFinal_ex(&ctx,q,&i);
 -				if (i != (unsigned int)hashsize) /* can't really happen */
 +				if (!EVP_MD_CTX_copy_ex(&ctx, hdgst) ||
 +					!EVP_DigestFinal_ex(&ctx,q,&i) ||
 +					(i != (unsigned int)hashsize))
 					err = 1;
 -				q+=i;
 +				q+=hashsize;
 				}
 			}
 		}
 -- 
 1.8.3.1
--- a/openssl-1.0.1e-cve-2013-6450.patch
+++ b/openssl-1.0.1e-cve-2013-6450.patch
@ -1,85 +0,0 @@
 Fix DTLS retransmission from previous session.
 For DTLS we might need to retransmit messages from the previous session
 so keep a copy of write context in DTLS retransmission buffers instead
 of replacing it after sending CCS. CVE-2013-6450.
 diff --git a/ssl/d1_both.c b/ssl/d1_both.c
 index 65ec001..7a5596a 100644
 --- a/ssl/d1_both.c
 +++ b/ssl/d1_both.c
@@ -214,6 +214,12 @@ dtls1_hm_fragment_new(unsigned long frag_len, int reassembly)
 static void
 dtls1_hm_fragment_free(hm_fragment *frag)
 	{
 +
 +	if (frag->msg_header.is_ccs)
 +		{
 +		EVP_CIPHER_CTX_free(frag->msg_header.saved_retransmit_state.enc_write_ctx);
 +		EVP_MD_CTX_destroy(frag->msg_header.saved_retransmit_state.write_hash);
 +		}
 	if (frag->fragment) OPENSSL_free(frag->fragment);
 	if (frag->reassembly) OPENSSL_free(frag->reassembly);
 	OPENSSL_free(frag);
 diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
 index 96ce9a7..e485907 100644
 --- a/ssl/ssl_locl.h
 +++ b/ssl/ssl_locl.h
@@ -621,6 +621,8 @@ extern SSL3_ENC_METHOD TLSv1_enc_data;
 extern SSL3_ENC_METHOD SSLv3_enc_data;
 extern SSL3_ENC_METHOD DTLSv1_enc_data;
 +#define SSL_IS_DTLS(s) (s->method->version == DTLS1_VERSION)
 +
 #define IMPLEMENT_tls_meth_func(version, func_name, s_accept, s_connect, \
 				s_get_meth) \
 const SSL_METHOD *func_name(void)  \
 diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
 index 72015f5..56db834 100644
 --- a/ssl/t1_enc.c
 +++ b/ssl/t1_enc.c
@@ -414,15 +414,20 @@ int tls1_change_cipher_state(SSL *s, int which)
 			s->mac_flags |= SSL_MAC_FLAG_WRITE_MAC_STREAM;
 			else
 			s->mac_flags &= ~SSL_MAC_FLAG_WRITE_MAC_STREAM;
 -		if (s->enc_write_ctx != NULL)
 +		if (s->enc_write_ctx != NULL && !SSL_IS_DTLS(s))
 			reuse_dd = 1;
 -		else if ((s->enc_write_ctx=OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
 +		else if ((s->enc_write_ctx=EVP_CIPHER_CTX_new()) == NULL)
 			goto err;
 -		else
 -			/* make sure it's intialized in case we exit later with an error */
 -			EVP_CIPHER_CTX_init(s->enc_write_ctx);
 		dd= s->enc_write_ctx;
 -		mac_ctx = ssl_replace_hash(&s->write_hash,NULL);
 +		if (SSL_IS_DTLS(s))
 +			{
 +			mac_ctx = EVP_MD_CTX_create();
 +			if (!mac_ctx)
 +				goto err;
 +			s->write_hash = mac_ctx;
 +			}
 +		else
 +			mac_ctx = ssl_replace_hash(&s->write_hash,NULL);
 #ifndef OPENSSL_NO_COMP
 		if (s->compress != NULL)
 			{
 diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
 index 6fc469f..d14e8e4 100644
 --- a/crypto/evp/digest.c
 +++ b/crypto/evp/digest.c
@@ -366,8 +366,11 @@ int EVP_Digest(const void *data, size_t count,
 void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
 	{
 -	EVP_MD_CTX_cleanup(ctx);
 -	OPENSSL_free(ctx);
 +	if (ctx)
 +		{
 +		EVP_MD_CTX_cleanup(ctx);
 +		OPENSSL_free(ctx);
 +		}
 	}
 /* This call frees resources associated with the context */
--- a/openssl-1.0.1e-fips-ec.patch
+++ b/openssl-1.0.1e-fips-ec.patch
@ -241,7 +241,7 @@ diff -up openssl-1.0.1e/crypto/ec/ec_key.c.fips-ec openssl-1.0.1e/crypto/ec/ec_k
 +
 +	EVP_PKEY_set1_EC_KEY(pk, key);
 +
-+	if (fips_pkey_signature_test(pk, tbs, 0, NULL, 0, NULL, 0, NULL))
+	if (fips_pkey_signature_test(pk, tbs, -1, NULL, 0, NULL, 0, NULL))
 +		ret = 1;
 +
 +	err:
--- a/openssl-1.0.1e-manfix.patch
+++ b/openssl-1.0.1e-manfix.patch
@ -1,555 +0,0 @@
 diff -up openssl-1.0.1e/doc/apps/cms.pod.manfix openssl-1.0.1e/doc/apps/cms.pod
 --- openssl-1.0.1e/doc/apps/cms.pod.manfix	2013-02-11 16:26:04.000000000 +0100
 +++ openssl-1.0.1e/doc/apps/cms.pod	2013-09-12 11:17:42.147092310 +0200
@@ -450,28 +450,28 @@ remains DER.
 =over 4
 -=item 0
 +=item C<0>
 the operation was completely successfully.
 -=item 1 
 +=item C<1>
 an error occurred parsing the command options.
 -=item 2
 +=item C<2>
 one of the input files could not be read.
 -=item 3
 +=item C<3>
 an error occurred creating the CMS file or when reading the MIME
 message.
 -=item 4
 +=item C<4>
 an error occurred decrypting or verifying the message.
 -=item 5
 +=item C<5>
 the message was verified correctly but an error occurred writing out
 the signers certificates.
 diff -up openssl-1.0.1e/doc/apps/ec.pod.manfix openssl-1.0.1e/doc/apps/ec.pod
 --- openssl-1.0.1e/doc/apps/ec.pod.manfix	2013-02-11 16:26:04.000000000 +0100
 +++ openssl-1.0.1e/doc/apps/ec.pod	2013-09-12 11:17:42.147092310 +0200
@@ -93,10 +93,6 @@ prints out the public, private key compo
 this option prevents output of the encoded version of the key.
 -=item B<-modulus>
 -
 -this option prints out the value of the public key component of the key.
 -
 =item B<-pubin>
 by default a private key is read from the input file: with this option a
 diff -up openssl-1.0.1e/doc/apps/openssl.pod.manfix openssl-1.0.1e/doc/apps/openssl.pod
 --- openssl-1.0.1e/doc/apps/openssl.pod.manfix	2013-02-11 16:26:04.000000000 +0100
 +++ openssl-1.0.1e/doc/apps/openssl.pod	2013-09-12 11:17:42.148092331 +0200
@@ -163,7 +163,7 @@ Create or examine a netscape certificate
 Online Certificate Status Protocol utility.
 -=item L<B<passwd>|passwd(1)>
 +=item L<B<passwd>|sslpasswd(1)>
 Generation of hashed passwords.
@@ -187,7 +187,7 @@ Public key algorithm parameter managemen
 Public key algorithm cryptographic operation utility.
 -=item L<B<rand>|rand(1)>
 +=item L<B<rand>|sslrand(1)>
 Generate pseudo-random bytes.
@@ -401,9 +401,9 @@ L<crl(1)|crl(1)>, L<crl2pkcs7(1)|crl2pkc
 L<dhparam(1)|dhparam(1)>, L<dsa(1)|dsa(1)>, L<dsaparam(1)|dsaparam(1)>,
 L<enc(1)|enc(1)>, L<gendsa(1)|gendsa(1)>, L<genpkey(1)|genpkey(1)>,
 L<genrsa(1)|genrsa(1)>, L<nseq(1)|nseq(1)>, L<openssl(1)|openssl(1)>,
 -L<passwd(1)|passwd(1)>,
 +L<sslpasswd(1)|sslpasswd(1)>,
 L<pkcs12(1)|pkcs12(1)>, L<pkcs7(1)|pkcs7(1)>, L<pkcs8(1)|pkcs8(1)>,
 -L<rand(1)|rand(1)>, L<req(1)|req(1)>, L<rsa(1)|rsa(1)>,
 +L<sslrand(1)|sslrand(1)>, L<req(1)|req(1)>, L<rsa(1)|rsa(1)>,
 L<rsautl(1)|rsautl(1)>, L<s_client(1)|s_client(1)>,
 L<s_server(1)|s_server(1)>, L<s_time(1)|s_time(1)>,
 L<smime(1)|smime(1)>, L<spkac(1)|spkac(1)>,
 diff -up openssl-1.0.1e/doc/apps/s_client.pod.manfix openssl-1.0.1e/doc/apps/s_client.pod
 --- openssl-1.0.1e/doc/apps/s_client.pod.manfix	2013-09-12 11:17:41.517078502 +0200
 +++ openssl-1.0.1e/doc/apps/s_client.pod	2013-09-12 11:17:42.149092353 +0200
@@ -32,9 +32,14 @@ B<openssl> B<s_client>
 [B<-ssl2>]
 [B<-ssl3>]
 [B<-tls1>]
 +[B<-tls1_1>]
 +[B<-tls1_2>]
 +[B<-dtls1>]
 [B<-no_ssl2>]
 [B<-no_ssl3>]
 [B<-no_tls1>]
 +[B<-no_tls1_1>]
 +[B<-no_tls1_2>]
 [B<-bugs>]
 [B<-cipher cipherlist>]
 [B<-starttls protocol>]
@@ -44,6 +49,7 @@ B<openssl> B<s_client>
 [B<-sess_out filename>]
 [B<-sess_in filename>]
 [B<-rand file(s)>]
 +[B<-nextprotoneg protocols>]
 =head1 DESCRIPTION
@@ -182,7 +188,7 @@ Use the PSK key B<key> when using a PSK
 given as a hexadecimal number without leading 0x, for example -psk
 1a2b3c4d.
 -=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>
 +=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-dtls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
 these options disable the use of certain SSL or TLS protocols. By default
 the initial handshake uses a method which should be compatible with all
@@ -243,6 +249,17 @@ Multiple files can be specified separate
 The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
 all others.
 +=item B<-nextprotoneg protocols>
 +
 +enable Next Protocol Negotiation TLS extension and provide a list of
 +comma-separated protocol names that the client should advertise
 +support for. The list should contain most wanted protocols first.
 +Protocol names are printable ASCII strings, for example "http/1.1" or
 +"spdy/3".
 +Empty list of protocols is treated specially and will cause the client to
 +advertise support for the TLS extension but disconnect just after
 +reciving ServerHello with a list of server supported protocols.
 +
 =back
 =head1 CONNECTED COMMANDS
 diff -up openssl-1.0.1e/doc/apps/smime.pod.manfix openssl-1.0.1e/doc/apps/smime.pod
 --- openssl-1.0.1e/doc/apps/smime.pod.manfix	2013-02-11 16:26:04.000000000 +0100
 +++ openssl-1.0.1e/doc/apps/smime.pod	2013-09-12 11:17:42.150092375 +0200
@@ -308,28 +308,28 @@ remains DER.
 =over 4
 -=item 0
 +=item C<0>
 the operation was completely successfully.
 -=item 1 
 +=item C<1>
 an error occurred parsing the command options.
 -=item 2
 +=item C<2>
 one of the input files could not be read.
 -=item 3
 +=item C<3>
 an error occurred creating the PKCS#7 file or when reading the MIME
 message.
 -=item 4
 +=item C<4>
 an error occurred decrypting or verifying the message.
 -=item 5
 +=item C<5>
 the message was verified correctly but an error occurred writing out
 the signers certificates.
 diff -up openssl-1.0.1e/doc/apps/s_server.pod.manfix openssl-1.0.1e/doc/apps/s_server.pod
 --- openssl-1.0.1e/doc/apps/s_server.pod.manfix	2013-02-11 16:26:04.000000000 +0100
 +++ openssl-1.0.1e/doc/apps/s_server.pod	2013-09-12 11:17:42.150092375 +0200
@@ -40,10 +40,16 @@ B<openssl> B<s_server>
 [B<-ssl2>]
 [B<-ssl3>]
 [B<-tls1>]
 +[B<-tls1_1>]
 +[B<-tls1_2>]
 +[B<-dtls1>]
 [B<-no_ssl2>]
 [B<-no_ssl3>]
 [B<-no_tls1>]
 +[B<-no_tls1_1>]
 +[B<-no_tls1_2>]
 [B<-no_dhe>]
 +[B<-no_ecdhe>]
 [B<-bugs>]
 [B<-hack>]
 [B<-www>]
@@ -54,6 +60,7 @@ B<openssl> B<s_server>
 [B<-no_ticket>]
 [B<-id_prefix arg>]
 [B<-rand file(s)>]
 +[B<-nextprotoneg protocols>]
 =head1 DESCRIPTION
@@ -131,6 +138,10 @@ a static set of parameters hard coded in
 if this option is set then no DH parameters will be loaded effectively
 disabling the ephemeral DH cipher suites.
 +=item B<-no_ecdhe>
 +
 +if this option is set then ephemeral ECDH cipher suites will be disabled.
 +
 =item B<-no_tmp_rsa>
 certain export cipher suites sometimes use a temporary RSA key, this option
@@ -201,7 +212,7 @@ Use the PSK key B<key> when using a PSK
 given as a hexadecimal number without leading 0x, for example -psk
 1a2b3c4d.
 -=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>
 +=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-dtls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
 these options disable the use of certain SSL or TLS protocols. By default
 the initial handshake uses a method which should be compatible with all
@@ -276,6 +287,14 @@ Multiple files can be specified separate
 The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
 all others.
 +=item B<-nextprotoneg protocols>
 +
 +enable Next Protocol Negotiation TLS extension and provide a
 +comma-separated list of supported protocol names.
 +The list should contain most wanted protocols first.
 +Protocol names are printable ASCII strings, for example "http/1.1" or
 +"spdy/3".
 +
 =back
 =head1 CONNECTED COMMANDS
 diff -up openssl-1.0.1e/doc/apps/verify.pod.manfix openssl-1.0.1e/doc/apps/verify.pod
 --- openssl-1.0.1e/doc/apps/verify.pod.manfix	2013-02-11 16:26:04.000000000 +0100
 +++ openssl-1.0.1e/doc/apps/verify.pod	2013-09-12 11:25:13.994994992 +0200
@@ -25,6 +25,7 @@ B<openssl> B<verify>
 [B<-untrusted file>]
 [B<-help>]
 [B<-issuer_checks>]
 +[B<-attime timestamp>]
 [B<-verbose>]
 [B<->]
 [certificates]
@@ -80,6 +81,12 @@ rejected. The presence of rejection mess
 anything is wrong; during the normal verification process, several
 rejections may take place.
 +=item B<-attime timestamp>
 +
 +Perform validation checks using the time specified by B<timestamp> and not
 +the current system time. B<timestamp> is the number of seconds since
 +01.01.1970 (UNIX time).
 +
 =item B<-policy arg>
 Enable policy processing and add B<arg> to the user-initial-policy-set (see
 diff -up openssl-1.0.1e/doc/ssl/SSL_accept.pod.manfix openssl-1.0.1e/doc/ssl/SSL_accept.pod
 --- openssl-1.0.1e/doc/ssl/SSL_accept.pod.manfix	2013-09-12 11:17:42.129091915 +0200
 +++ openssl-1.0.1e/doc/ssl/SSL_accept.pod	2013-09-12 11:17:42.156092507 +0200
@@ -44,13 +44,13 @@ The following return values can occur:
 =over 4
 -=item 0
 +=item C<0>
 The TLS/SSL handshake was not successful but was shut down controlled and
 by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
 return value B<ret> to find out the reason.
 -=item 1
 +=item C<1>
 The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
 established.
 diff -up openssl-1.0.1e/doc/ssl/SSL_clear.pod.manfix openssl-1.0.1e/doc/ssl/SSL_clear.pod
 --- openssl-1.0.1e/doc/ssl/SSL_clear.pod.manfix	2013-02-11 16:02:48.000000000 +0100
 +++ openssl-1.0.1e/doc/ssl/SSL_clear.pod	2013-09-12 11:17:42.158092551 +0200
@@ -56,12 +56,12 @@ The following return values can occur:
 =over 4
 -=item 0
 +=item C<0>
 The SSL_clear() operation could not be performed. Check the error stack to
 find out the reason.
 -=item 1
 +=item C<1>
 The SSL_clear() operation was successful.
 diff -up openssl-1.0.1e/doc/ssl/SSL_COMP_add_compression_method.pod.manfix openssl-1.0.1e/doc/ssl/SSL_COMP_add_compression_method.pod
 --- openssl-1.0.1e/doc/ssl/SSL_COMP_add_compression_method.pod.manfix	2013-09-12 11:17:42.049090162 +0200
 +++ openssl-1.0.1e/doc/ssl/SSL_COMP_add_compression_method.pod	2013-09-12 11:17:42.159092573 +0200
@@ -60,11 +60,11 @@ SSL_COMP_add_compression_method() may re
 =over 4
 -=item 0
 +=item C<0>
 The operation succeeded.
 -=item 1
 +=item C<1>
 The operation failed. Check the error queue to find out the reason.
 diff -up openssl-1.0.1e/doc/ssl/SSL_connect.pod.manfix openssl-1.0.1e/doc/ssl/SSL_connect.pod
 --- openssl-1.0.1e/doc/ssl/SSL_connect.pod.manfix	2013-09-12 11:17:42.130091937 +0200
 +++ openssl-1.0.1e/doc/ssl/SSL_connect.pod	2013-09-12 11:17:42.161092616 +0200
@@ -41,13 +41,13 @@ The following return values can occur:
 =over 4
 -=item 0
 +=item C<0>
 The TLS/SSL handshake was not successful but was shut down controlled and
 by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
 return value B<ret> to find out the reason.
 -=item 1
 +=item C<1>
 The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
 established.
 diff -up openssl-1.0.1e/doc/ssl/SSL_CTX_add_session.pod.manfix openssl-1.0.1e/doc/ssl/SSL_CTX_add_session.pod
 --- openssl-1.0.1e/doc/ssl/SSL_CTX_add_session.pod.manfix	2013-02-11 16:02:48.000000000 +0100
 +++ openssl-1.0.1e/doc/ssl/SSL_CTX_add_session.pod	2013-09-12 11:17:42.162092638 +0200
@@ -52,13 +52,13 @@ The following values are returned by all
 =over 4
 -=item 0
 +=item C<0>
  The operation failed. In case of the add operation, it was tried to add
  the same (identical) session twice. In case of the remove operation, the
  session was not found in the cache.
 -=item 1
 +=item C<1>
  The operation succeeded.
 diff -up openssl-1.0.1e/doc/ssl/SSL_CTX_load_verify_locations.pod.manfix openssl-1.0.1e/doc/ssl/SSL_CTX_load_verify_locations.pod
 --- openssl-1.0.1e/doc/ssl/SSL_CTX_load_verify_locations.pod.manfix	2013-02-11 16:02:48.000000000 +0100
 +++ openssl-1.0.1e/doc/ssl/SSL_CTX_load_verify_locations.pod	2013-09-12 11:17:42.163092660 +0200
@@ -100,13 +100,13 @@ The following return values can occur:
 =over 4
 -=item 0
 +=item C<0>
 The operation failed because B<CAfile> and B<CApath> are NULL or the
 processing at one of the locations specified failed. Check the error
 stack to find out the reason.
 -=item 1
 +=item C<1>
 The operation succeeded.
 diff -up openssl-1.0.1e/doc/ssl/SSL_CTX_set_client_CA_list.pod.manfix openssl-1.0.1e/doc/ssl/SSL_CTX_set_client_CA_list.pod
 --- openssl-1.0.1e/doc/ssl/SSL_CTX_set_client_CA_list.pod.manfix	2013-09-12 11:17:42.132091981 +0200
 +++ openssl-1.0.1e/doc/ssl/SSL_CTX_set_client_CA_list.pod	2013-09-12 11:17:42.164092682 +0200
@@ -66,13 +66,13 @@ values:
 =over 4
 -=item 0
 +=item C<0>
 A failure while manipulating the STACK_OF(X509_NAME) object occurred or
 the X509_NAME could not be extracted from B<cacert>. Check the error stack
 to find out the reason.
 -=item 1
 +=item C<1>
 The operation succeeded.
 diff -up openssl-1.0.1e/doc/ssl/SSL_CTX_set_session_id_context.pod.manfix openssl-1.0.1e/doc/ssl/SSL_CTX_set_session_id_context.pod
 --- openssl-1.0.1e/doc/ssl/SSL_CTX_set_session_id_context.pod.manfix	2013-02-11 16:02:48.000000000 +0100
 +++ openssl-1.0.1e/doc/ssl/SSL_CTX_set_session_id_context.pod	2013-09-12 11:17:42.166092726 +0200
@@ -64,13 +64,13 @@ return the following values:
 =over 4
 -=item 0
 +=item C<0>
 The length B<sid_ctx_len> of the session id context B<sid_ctx> exceeded
 the maximum allowed length of B<SSL_MAX_SSL_SESSION_ID_LENGTH>. The error
 is logged to the error stack.
 -=item 1
 +=item C<1>
 The operation succeeded.
 diff -up openssl-1.0.1e/doc/ssl/SSL_CTX_set_ssl_version.pod.manfix openssl-1.0.1e/doc/ssl/SSL_CTX_set_ssl_version.pod
 --- openssl-1.0.1e/doc/ssl/SSL_CTX_set_ssl_version.pod.manfix	2013-02-11 16:26:04.000000000 +0100
 +++ openssl-1.0.1e/doc/ssl/SSL_CTX_set_ssl_version.pod	2013-09-12 11:17:42.167092748 +0200
@@ -42,11 +42,11 @@ and SSL_set_ssl_method():
 =over 4
 -=item 0
 +=item C<0>
 The new choice failed, check the error stack to find out the reason.
 -=item 1
 +=item C<1>
 The operation succeeded.
 diff -up openssl-1.0.1e/doc/ssl/SSL_CTX_use_psk_identity_hint.pod.manfix openssl-1.0.1e/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
 --- openssl-1.0.1e/doc/ssl/SSL_CTX_use_psk_identity_hint.pod.manfix	2013-09-12 11:17:42.133092003 +0200
 +++ openssl-1.0.1e/doc/ssl/SSL_CTX_use_psk_identity_hint.pod	2013-09-12 11:17:42.168092770 +0200
@@ -96,7 +96,7 @@ data to B<psk> and return the length of
 connection will fail with decryption_error before it will be finished
 completely.
 -=item 0
 +=item C<0>
 PSK identity was not found. An "unknown_psk_identity" alert message
 will be sent and the connection setup fails.
 diff -up openssl-1.0.1e/doc/ssl/SSL_do_handshake.pod.manfix openssl-1.0.1e/doc/ssl/SSL_do_handshake.pod
 --- openssl-1.0.1e/doc/ssl/SSL_do_handshake.pod.manfix	2013-09-12 11:17:42.135092047 +0200
 +++ openssl-1.0.1e/doc/ssl/SSL_do_handshake.pod	2013-09-12 11:17:42.170092814 +0200
@@ -45,13 +45,13 @@ The following return values can occur:
 =over 4
 -=item 0
 +=item C<0>
 The TLS/SSL handshake was not successful but was shut down controlled and
 by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
 return value B<ret> to find out the reason.
 -=item 1
 +=item C<1>
 The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
 established.
 diff -up openssl-1.0.1e/doc/ssl/SSL_read.pod.manfix openssl-1.0.1e/doc/ssl/SSL_read.pod
 --- openssl-1.0.1e/doc/ssl/SSL_read.pod.manfix	2013-02-11 16:02:48.000000000 +0100
 +++ openssl-1.0.1e/doc/ssl/SSL_read.pod	2013-09-12 11:17:42.171092836 +0200
@@ -86,7 +86,7 @@ The following return values can occur:
 The read operation was successful; the return value is the number of
 bytes actually read from the TLS/SSL connection.
 -=item 0
 +=item C<0>
 The read operation was not successful. The reason may either be a clean
 shutdown due to a "close notify" alert sent by the peer (in which case
 diff -up openssl-1.0.1e/doc/ssl/SSL_session_reused.pod.manfix openssl-1.0.1e/doc/ssl/SSL_session_reused.pod
 --- openssl-1.0.1e/doc/ssl/SSL_session_reused.pod.manfix	2013-02-11 16:02:48.000000000 +0100
 +++ openssl-1.0.1e/doc/ssl/SSL_session_reused.pod	2013-09-12 11:17:42.172092857 +0200
@@ -27,11 +27,11 @@ The following return values can occur:
 =over 4
 -=item 0
 +=item C<0>
 A new session was negotiated.
 -=item 1
 +=item C<1>
 A session was reused.
 diff -up openssl-1.0.1e/doc/ssl/SSL_set_fd.pod.manfix openssl-1.0.1e/doc/ssl/SSL_set_fd.pod
 --- openssl-1.0.1e/doc/ssl/SSL_set_fd.pod.manfix	2013-02-11 16:02:48.000000000 +0100
 +++ openssl-1.0.1e/doc/ssl/SSL_set_fd.pod	2013-09-12 11:17:42.174092901 +0200
@@ -35,11 +35,11 @@ The following return values can occur:
 =over 4
 -=item 0
 +=item C<0>
 The operation failed. Check the error stack to find out why.
 -=item 1
 +=item C<1>
 The operation succeeded.
 diff -up openssl-1.0.1e/doc/ssl/SSL_set_session.pod.manfix openssl-1.0.1e/doc/ssl/SSL_set_session.pod
 --- openssl-1.0.1e/doc/ssl/SSL_set_session.pod.manfix	2013-02-11 16:02:48.000000000 +0100
 +++ openssl-1.0.1e/doc/ssl/SSL_set_session.pod	2013-09-12 11:17:42.175092923 +0200
@@ -37,11 +37,11 @@ The following return values can occur:
 =over 4
 -=item 0
 +=item C<0>
 The operation failed; check the error stack to find out the reason.
 -=item 1
 +=item C<1>
 The operation succeeded.
 diff -up openssl-1.0.1e/doc/ssl/SSL_shutdown.pod.manfix openssl-1.0.1e/doc/ssl/SSL_shutdown.pod
 --- openssl-1.0.1e/doc/ssl/SSL_shutdown.pod.manfix	2013-09-12 11:17:42.137092090 +0200
 +++ openssl-1.0.1e/doc/ssl/SSL_shutdown.pod	2013-09-12 11:17:42.177092967 +0200
@@ -92,14 +92,14 @@ The following return values can occur:
 =over 4
 -=item 0
 +=item C<0>
 The shutdown is not yet finished. Call SSL_shutdown() for a second time,
 if a bidirectional shutdown shall be performed.
 The output of L<SSL_get_error(3)|SSL_get_error(3)> may be misleading, as an
 erroneous SSL_ERROR_SYSCALL may be flagged even though no error occurred.
 -=item 1
 +=item C<1>
 The shutdown was successfully completed. The "close notify" alert was sent
 and the peer's "close notify" alert was received.
 diff -up openssl-1.0.1e/doc/ssl/SSL_write.pod.manfix openssl-1.0.1e/doc/ssl/SSL_write.pod
 --- openssl-1.0.1e/doc/ssl/SSL_write.pod.manfix	2013-02-11 16:02:48.000000000 +0100
 +++ openssl-1.0.1e/doc/ssl/SSL_write.pod	2013-09-12 11:17:42.177092967 +0200
@@ -79,7 +79,7 @@ The following return values can occur:
 The write operation was successful, the return value is the number of
 bytes actually written to the TLS/SSL connection.
 -=item 0
 +=item C<0>
 The write operation was not successful. Probably the underlying connection
 was closed. Call SSL_get_error() with the return value B<ret> to find out,
--- a/openssl-1.0.1e-ppc-asm-update.patch
+++ b/openssl-1.0.1e-ppc-asm-update.patch
--- a/openssl-1.0.1e-ppc64le-target.patch
+++ b/openssl-1.0.1e-ppc64le-target.patch
@ -1,10 +0,0 @@
 --- openssl-1.0.1e.orig/Configure	2013-08-20 13:42:58.996358664 +1000
 +++ openssl-1.0.1e/Configure	2013-08-20 13:43:54.246608197 +1000
@@ -357,6 +357,7 @@
 ####
 "linux-generic64","gcc:-DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-Wl,-z,relro -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
 "linux-ppc64",	"gcc:-m64 -DB_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-Wl,-z,relro -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64:dlfcn:linux-shared:-fPIC:-m64 \$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER):::64",
 +"linux-ppc64le",	"gcc:-m64 -DL_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-Wl,-z,relro -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC:-m64 \$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER):::64",
 "linux-ia64",	"gcc:-DL_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-Wl,-z,relro -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
 "linux-ia64-ecc","ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "linux-ia64-icc","icc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
--- a/openssl-1.0.1e-req-keylen.patch
+++ b/openssl-1.0.1e-req-keylen.patch
@ -1,38 +0,0 @@
 diff -up openssl-1.0.1e/apps/req.c.keylen openssl-1.0.1e/apps/req.c
 --- openssl-1.0.1e/apps/req.c.keylen	2014-02-12 14:58:29.000000000 +0100
 +++ openssl-1.0.1e/apps/req.c	2014-02-14 13:52:48.692325000 +0100
@@ -644,6 +644,12 @@ bad:
 		if (inrand)
 			app_RAND_load_files(inrand);
 +		if (newkey <= 0)
 +			{
 +			if (!NCONF_get_number(req_conf,SECTION,BITS, &newkey))
 +				newkey=DEFAULT_KEY_LENGTH;
 +			}
 +
 		if (keyalg)
 			{
 			genctx = set_keygen_ctx(bio_err, keyalg, &pkey_type, &newkey,
@@ -651,12 +657,6 @@ bad:
 			if (!genctx)
 				goto end;
 			}
 -	
 -		if (newkey <= 0)
 -			{
 -			if (!NCONF_get_number(req_conf,SECTION,BITS, &newkey))
 -				newkey=DEFAULT_KEY_LENGTH;
 -			}
 		if (newkey < MIN_KEY_LENGTH && (pkey_type == EVP_PKEY_RSA || pkey_type == EVP_PKEY_DSA))
 			{
@@ -1649,6 +1649,8 @@ static EVP_PKEY_CTX *set_keygen_ctx(BIO
 				keylen = atol(p + 1);
 				*pkeylen = keylen;
 				}
 +			else
 +				keylen = *pkeylen;
 			}
 		else if (p)
 			paramfile = p + 1;
--- a/openssl-1.0.1-beta2-rpmbuild.patch
+++ b/openssl-1.0.1-beta2-rpmbuild.patch
@ -1,7 +1,7 @@
-diff -up openssl-1.0.1-beta2/Configure.rpmbuild openssl-1.0.1-beta2/Configure
+diff -up openssl-1.0.1e/Configure.rpmbuild openssl-1.0.1e/Configure
--- openssl-1.0.1-beta2/Configure.rpmbuild	2012-01-05 01:07:34.000000000 +0100
+--- openssl-1.0.1e/Configure.rpmbuild	2014-08-13 19:19:53.211005598 +0200
-+++ openssl-1.0.1-beta2/Configure	2012-02-02 12:43:56.547409325 +0100
+++ openssl-1.0.1e/Configure	2014-08-13 19:29:21.704099285 +0200
-@@ -343,23 +343,23 @@ my %table=(
+@@ -345,24 +345,24 @@ my %table=(
 ####
 # *-generic* is endian-neutral target, but ./config is free to
 # throw in -D[BL]_ENDIAN, whichever appropriate...
@ -21,9 +21,11 @@ diff -up openssl-1.0.1-beta2/Configure.rpmbuild openssl-1.0.1-beta2/Configure
 ####
 -"linux-generic64","gcc:-DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 -"linux-ppc64",	"gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
 -"linux-ppc64le","gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:$ppc64_asm:linux64le:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::",
 -"linux-ia64",	"gcc:-DL_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 +"linux-generic64","gcc:-DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-Wl,-z,relro -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
 +"linux-ppc64",	"gcc:-m64 -DB_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-Wl,-z,relro -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64:dlfcn:linux-shared:-fPIC:-m64 \$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER):::64",
 +"linux-ppc64le","gcc:-m64 -DL_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-Wl,-z,relro -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64le:dlfcn:linux-shared:-fPIC:-m64 \$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER):::64",
 +"linux-ia64",	"gcc:-DL_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-Wl,-z,relro -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
 "linux-ia64-ecc","ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "linux-ia64-icc","icc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@ -34,7 +36,7 @@ diff -up openssl-1.0.1-beta2/Configure.rpmbuild openssl-1.0.1-beta2/Configure
 #### So called "highgprs" target for z/Architecture CPUs
 # "Highgprs" is kernel feature first implemented in Linux 2.6.32, see
 # /proc/cpuinfo. The idea is to preserve most significant bits of
-@@ -373,16 +373,17 @@ my %table=(
+@@ -376,16 +376,17 @@ my %table=(
 # ldconfig and run-time linker to autodiscover. Unfortunately it
 # doesn't work just yet, because of couple of bugs in glibc
 # sysdeps/s390/dl-procinfo.c affecting ldconfig and ld.so.1...
@ -56,7 +58,7 @@ diff -up openssl-1.0.1-beta2/Configure.rpmbuild openssl-1.0.1-beta2/Configure
 #### Alpha Linux with GNU C and Compaq C setups
 # Special notes:
 # - linux-alpha+bwx-gcc is ment to be used from ./config only. If you
-@@ -396,8 +397,8 @@ my %table=(
+@@ -399,8 +400,8 @@ my %table=(
 #
 #					<appro@fy.chalmers.se>
 #
@ -67,7 +69,7 @@ diff -up openssl-1.0.1-beta2/Configure.rpmbuild openssl-1.0.1-beta2/Configure
 "linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
 "linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
-@@ -1678,7 +1679,7 @@ while (<IN>)
+@@ -1675,7 +1676,7 @@ while (<IN>)
 	elsif ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*\.[^\.]*$/)
 		{
 		my $sotmp = $1;
@ -76,9 +78,9 @@ diff -up openssl-1.0.1-beta2/Configure.rpmbuild openssl-1.0.1-beta2/Configure
 		}
 	elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.[^\.]*\.dylib$/)
 		{
-diff -up openssl-1.0.1-beta2/Makefile.org.rpmbuild openssl-1.0.1-beta2/Makefile.org
+diff -up openssl-1.0.1e/Makefile.org.rpmbuild openssl-1.0.1e/Makefile.org
--- openssl-1.0.1-beta2/Makefile.org.rpmbuild	2011-12-27 16:17:50.000000000 +0100
+--- openssl-1.0.1e/Makefile.org.rpmbuild	2013-02-11 16:26:04.000000000 +0100
-+++ openssl-1.0.1-beta2/Makefile.org	2012-02-02 12:30:23.652495435 +0100
+++ openssl-1.0.1e/Makefile.org	2014-08-13 19:19:53.218005759 +0200
@@ -10,6 +10,7 @@ SHLIB_VERSION_HISTORY=
 SHLIB_MAJOR=
 SHLIB_MINOR=
--- a/openssl-1.0.1g-fips.patch
+++ b/openssl-1.0.1g-fips.patch
--- a/openssl-1.0.1h-disable-sslv2v3.patch
+++ b/openssl-1.0.1h-disable-sslv2v3.patch
@ -0,0 +1,13 @@
 diff -up openssl-1.0.1h/ssl/ssl_lib.c.v2v3 openssl-1.0.1h/ssl/ssl_lib.c
 --- openssl-1.0.1h/ssl/ssl_lib.c.v2v3	2014-06-11 16:02:52.000000000 +0200
 +++ openssl-1.0.1h/ssl/ssl_lib.c	2014-06-30 14:18:04.290248080 +0200
@@ -1875,6 +1875,9 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m
 	 */
 	ret->options |= SSL_OP_LEGACY_SERVER_CONNECT;
 +	/* Disable SSLv2 by default (affects the SSLv23_method() only) */
 +	ret->options |= SSL_OP_NO_SSLv2;
 +
 	return(ret);
 err:
 	SSLerr(SSL_F_SSL_CTX_NEW,ERR_R_MALLOC_FAILURE);
--- a/openssl-1.0.1h-ipv6-apps.patch
+++ b/openssl-1.0.1h-ipv6-apps.patch
@ -1,6 +1,6 @@
-diff -up openssl-1.0.1c/apps/s_apps.h.ipv6-apps openssl-1.0.1c/apps/s_apps.h
+diff -up openssl-1.0.1h/apps/s_apps.h.ipv6-apps openssl-1.0.1h/apps/s_apps.h
--- openssl-1.0.1c/apps/s_apps.h.ipv6-apps	2012-07-11 22:46:02.409221206 +0200
+--- openssl-1.0.1h/apps/s_apps.h.ipv6-apps	2014-06-05 14:33:38.515668750 +0200
-+++ openssl-1.0.1c/apps/s_apps.h	2012-07-11 22:46:02.451222165 +0200
+++ openssl-1.0.1h/apps/s_apps.h	2014-06-05 14:33:38.540669335 +0200
@@ -148,7 +148,7 @@ typedef fd_mask fd_set;
 #define PORT_STR        "4433"
 #define PROTOCOL        "tcp"
@ -23,10 +23,10 @@ diff -up openssl-1.0.1c/apps/s_apps.h.ipv6-apps openssl-1.0.1c/apps/s_apps.h
 long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
 				   int argi, long argl, long ret);
-diff -up openssl-1.0.1c/apps/s_client.c.ipv6-apps openssl-1.0.1c/apps/s_client.c
+diff -up openssl-1.0.1h/apps/s_client.c.ipv6-apps openssl-1.0.1h/apps/s_client.c
--- openssl-1.0.1c/apps/s_client.c.ipv6-apps	2012-07-11 22:46:02.433221754 +0200
+--- openssl-1.0.1h/apps/s_client.c.ipv6-apps	2014-06-05 14:33:38.533669171 +0200
-+++ openssl-1.0.1c/apps/s_client.c	2012-07-11 22:46:02.452222187 +0200
+++ openssl-1.0.1h/apps/s_client.c	2014-06-05 14:33:38.540669335 +0200
-@@ -563,7 +563,7 @@ int MAIN(int argc, char **argv)
+@@ -567,7 +567,7 @@ int MAIN(int argc, char **argv)
 	int cbuf_len,cbuf_off;
 	int sbuf_len,sbuf_off;
 	fd_set readfds,writefds;
@ -35,7 +35,7 @@ diff -up openssl-1.0.1c/apps/s_client.c.ipv6-apps openssl-1.0.1c/apps/s_client.c
 	int full_log=1;
 	char *host=SSL_HOST_NAME;
 	char *cert_file=NULL,*key_file=NULL;
-@@ -664,13 +664,12 @@ int MAIN(int argc, char **argv)
+@@ -668,13 +668,12 @@ int MAIN(int argc, char **argv)
 		else if	(strcmp(*argv,"-port") == 0)
 			{
 			if (--argc < 1) goto bad;
@ -51,7 +51,7 @@ diff -up openssl-1.0.1c/apps/s_client.c.ipv6-apps openssl-1.0.1c/apps/s_client.c
 				goto bad;
 			}
 		else if	(strcmp(*argv,"-verify") == 0)
-@@ -1253,7 +1252,7 @@ bad:
+@@ -1267,7 +1266,7 @@ bad:
 re_start:
@ -60,10 +60,10 @@ diff -up openssl-1.0.1c/apps/s_client.c.ipv6-apps openssl-1.0.1c/apps/s_client.c
 		{
 		BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error());
 		SHUTDOWN(s);
-diff -up openssl-1.0.1c/apps/s_server.c.ipv6-apps openssl-1.0.1c/apps/s_server.c
+diff -up openssl-1.0.1h/apps/s_server.c.ipv6-apps openssl-1.0.1h/apps/s_server.c
--- openssl-1.0.1c/apps/s_server.c.ipv6-apps	2012-07-11 22:46:02.434221777 +0200
+--- openssl-1.0.1h/apps/s_server.c.ipv6-apps	2014-06-05 14:33:38.533669171 +0200
-+++ openssl-1.0.1c/apps/s_server.c	2012-07-11 22:46:02.453222210 +0200
+++ openssl-1.0.1h/apps/s_server.c	2014-06-05 14:33:38.541669358 +0200
-@@ -929,7 +929,7 @@ int MAIN(int argc, char *argv[])
+@@ -933,7 +933,7 @@ int MAIN(int argc, char *argv[])
 	{
 	X509_VERIFY_PARAM *vpm = NULL;
 	int badarg = 0;
@ -72,7 +72,7 @@ diff -up openssl-1.0.1c/apps/s_server.c.ipv6-apps openssl-1.0.1c/apps/s_server.c
 	char *CApath=NULL,*CAfile=NULL;
 	unsigned char *context = NULL;
 	char *dhfile = NULL;
-@@ -1000,8 +1000,7 @@ int MAIN(int argc, char *argv[])
+@@ -1004,8 +1004,7 @@ int MAIN(int argc, char *argv[])
 			 (strcmp(*argv,"-accept") == 0))
 			{
 			if (--argc < 1) goto bad;
@ -82,7 +82,7 @@ diff -up openssl-1.0.1c/apps/s_server.c.ipv6-apps openssl-1.0.1c/apps/s_server.c
 			}
 		else if	(strcmp(*argv,"-verify") == 0)
 			{
-@@ -1878,9 +1877,9 @@ bad:
+@@ -1892,9 +1891,9 @@ bad:
 	BIO_printf(bio_s_out,"ACCEPT\n");
 	(void)BIO_flush(bio_s_out);
 	if (www)
@ -94,9 +94,9 @@ diff -up openssl-1.0.1c/apps/s_server.c.ipv6-apps openssl-1.0.1c/apps/s_server.c
 	print_stats(bio_s_out,ctx);
 	ret=0;
 end:
-diff -up openssl-1.0.1c/apps/s_socket.c.ipv6-apps openssl-1.0.1c/apps/s_socket.c
+diff -up openssl-1.0.1h/apps/s_socket.c.ipv6-apps openssl-1.0.1h/apps/s_socket.c
--- openssl-1.0.1c/apps/s_socket.c.ipv6-apps	2011-12-02 15:39:40.000000000 +0100
+--- openssl-1.0.1h/apps/s_socket.c.ipv6-apps	2014-06-05 11:44:33.000000000 +0200
-+++ openssl-1.0.1c/apps/s_socket.c	2012-07-11 22:49:05.411400450 +0200
+++ openssl-1.0.1h/apps/s_socket.c	2014-06-05 14:39:53.226442195 +0200
@@ -102,9 +102,7 @@ static struct hostent *GetHostByName(cha
 static void ssl_sock_cleanup(void);
 #endif
@ -108,7 +108,7 @@ diff -up openssl-1.0.1c/apps/s_socket.c.ipv6-apps openssl-1.0.1c/apps/s_socket.c
 static int do_accept(int acc_sock, int *sock, char **host);
 static int host_ip(char *str, unsigned char ip[4]);
-@@ -234,57 +232,70 @@ static int ssl_sock_init(void)
+@@ -234,57 +232,71 @@ static int ssl_sock_init(void)
 	return(1);
 	}
@ -178,7 +178,7 @@ diff -up openssl-1.0.1c/apps/s_socket.c.ipv6-apps openssl-1.0.1c/apps/s_socket.c
 		{
 -		i=0;
 -		i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
-		if (i < 0) { perror("keepalive"); return(0); }
+-		if (i < 0) { closesocket(s); perror("keepalive"); return(0); }
 +			int i=0;
 +			i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,
 +				(char *)&i,sizeof(i));
@ -207,6 +207,7 @@ diff -up openssl-1.0.1c/apps/s_socket.c.ipv6-apps openssl-1.0.1c/apps/s_socket.c
 +		res = res->ai_next;
 +		}
 +	freeaddrinfo(res0);
 +	closesocket(s);
 +
 +	perror(failed_call);
 +	return(0);
@ -216,7 +217,7 @@ diff -up openssl-1.0.1c/apps/s_socket.c.ipv6-apps openssl-1.0.1c/apps/s_socket.c
 	{
 	int sock;
 	char *name = NULL;
-@@ -322,33 +333,50 @@ int do_server(int port, int type, int *r
+@@ -322,33 +334,50 @@ int do_server(int port, int type, int *r
 		}
 	}
@ -288,7 +289,7 @@ diff -up openssl-1.0.1c/apps/s_socket.c.ipv6-apps openssl-1.0.1c/apps/s_socket.c
 #if defined SOL_SOCKET && defined SO_REUSEADDR
 		{
 		int j = 1;
-@@ -356,35 +384,49 @@ static int init_server_long(int *sock, i
+@@ -356,35 +385,49 @@ static int init_server_long(int *sock, i
 			   (void *) &j, sizeof j);
 		}
 #endif
@ -355,7 +356,16 @@ diff -up openssl-1.0.1c/apps/s_socket.c.ipv6-apps openssl-1.0.1c/apps/s_socket.c
 	int len;
 /*	struct linger ling; */
-@@ -431,135 +473,58 @@ redoit:
+@@ -424,145 +467,66 @@ redoit:
 	ling.l_onoff=1;
 	ling.l_linger=0;
 	i=setsockopt(ret,SOL_SOCKET,SO_LINGER,(char *)&ling,sizeof(ling));
 -	if (i < 0) { perror("linger"); return(0); }
 +	if (i < 0) { closesocket(ret); perror("linger"); return(0); }
 	i=0;
 	i=setsockopt(ret,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
 -	if (i < 0) { perror("keepalive"); return(0); }
 +	if (i < 0) { closesocket(ret); perror("keepalive"); return(0); }
 */
 	if (host == NULL) goto end;
@ -384,6 +394,7 @@ diff -up openssl-1.0.1c/apps/s_socket.c.ipv6-apps openssl-1.0.1c/apps/s_socket.c
 +		if ((*host=(char *)OPENSSL_malloc(strlen(buffer)+1)) == NULL)
 			{
 			perror("OPENSSL_malloc");
 			closesocket(ret);
 			return(0);
 			}
 -		BUF_strlcpy(*host,h1->h_name,strlen(h1->h_name)+1);
@ -392,11 +403,13 @@ diff -up openssl-1.0.1c/apps/s_socket.c.ipv6-apps openssl-1.0.1c/apps/s_socket.c
 -		if (h2 == NULL)
 -			{
 -			BIO_printf(bio_err,"gethostbyname failure\n");
 -			closesocket(ret);
 -			return(0);
 -			}
 -		if (h2->h_addrtype != AF_INET)
 -			{
 -			BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
 -			closesocket(ret);
 -			return(0);
 -			}
 +		strcpy(*host, buffer);
--- a/openssl-1.0.1h-system-cipherlist.patch
+++ b/openssl-1.0.1h-system-cipherlist.patch
@ -0,0 +1,289 @@
 diff -up openssl-1.0.1h/Configure.system openssl-1.0.1h/Configure
 --- openssl-1.0.1h/Configure.system	2014-06-05 14:47:37.509312875 +0200
 +++ openssl-1.0.1h/Configure	2014-06-11 14:05:28.560359069 +0200
@@ -10,7 +10,7 @@ use strict;
 # see INSTALL for instructions.
 -my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimental-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-krb5] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] os/compiler[:flags]\n";
 +my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimental-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-krb5] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--system-ciphers-file=SYSTEMCIPHERFILE] [--with-xxx[=vvv]] [--test-sanity] os/compiler[:flags]\n";
 # Options:
 #
@@ -35,6 +35,9 @@ my $usage="Usage: Configure [no-<cipher>
 # --with-krb5-flavor  Declare what flavor of Kerberos 5 is used.  Currently
 #		supported values are "MIT" and "Heimdal".  A value is required.
 #
 +# --system-ciphers-file  A file to read cipher string from when the PROFILE=SYSTEM
 +#		cipher is specified (default).
 +#
 # --test-sanity Make a number of sanity checks on the data in this file.
 #               This is a debugging tool for OpenSSL developers.
 #
@@ -663,6 +666,7 @@ my $prefix="";
 my $libdir="";
 my $openssldir="";
 my $enginesdir="";
 +my $system_ciphers_file="";
 my $exe_ext="";
 my $install_prefix= "$ENV{'INSTALL_PREFIX'}";
 my $cross_compile_prefix="";
@@ -895,6 +899,10 @@ PROCESS_ARGS:
 				{
 				$enginesdir=$1;
 				}
 +			elsif (/^--system-ciphers-file=(.*)$/)
 +				{
 +				$system_ciphers_file=$1;
 +				}
 			elsif (/^--install.prefix=(.*)$/)
 				{
 				$install_prefix=$1;
@@ -1053,6 +1061,7 @@ print "Configuring for $target\n";
 &usage if (!defined($table{$target}));
 +chop $system_ciphers_file if $system_ciphers_file =~ /\/$/;
 foreach (sort (keys %disabled))
 	{
@@ -1607,6 +1616,7 @@ while (<IN>)
 	s/^INSTALLTOP=.*$/INSTALLTOP=$prefix/;
 	s/^MULTILIB=.*$/MULTILIB=$multilib/;
 	s/^OPENSSLDIR=.*$/OPENSSLDIR=$openssldir/;
 +	s/^SYSTEM_CIPHERS_FILE=.*$/SYSTEM_CIPHERS_FILE=$system_ciphers_file/;
 	s/^LIBDIR=.*$/LIBDIR=$libdir/;
 	s/^INSTALL_PREFIX=.*$/INSTALL_PREFIX=$install_prefix/;
 	s/^PLATFORM=.*$/PLATFORM=$target/;
@@ -1812,6 +1822,14 @@ while (<IN>)
 		$foo =~ s/\\/\\\\/g;
 		print OUT "#define ENGINESDIR \"$foo\"\n";
 		}
 +	elsif	(/^#((define)|(undef))\s+SYSTEM_CIPHERS_FILE/)
 +		{
 +		my $foo = "$system_ciphers_file";
 +		if ($foo ne '') {
 +			$foo =~ s/\\/\\\\/g;
 +			print OUT "#define SYSTEM_CIPHERS_FILE \"$foo\"\n";
 +		}
 +		}
 	elsif	(/^#((define)|(undef))\s+OPENSSL_EXPORT_VAR_AS_FUNCTION/)
 		{ printf OUT "#undef OPENSSL_EXPORT_VAR_AS_FUNCTION\n"
 			if $export_var_as_fn;
 diff -up openssl-1.0.1h/crypto/opensslconf.h.in.system openssl-1.0.1h/crypto/opensslconf.h.in
 --- openssl-1.0.1h/crypto/opensslconf.h.in.system	2014-06-05 14:47:37.437311188 +0200
 +++ openssl-1.0.1h/crypto/opensslconf.h.in	2014-06-11 13:31:44.497722345 +0200
@@ -25,6 +25,8 @@
 #endif
 #endif
 +#undef SYSTEM_CIPHERS_FILE
 +
 #undef OPENSSL_UNISTD
 #define OPENSSL_UNISTD <unistd.h>
 diff -up openssl-1.0.1h/ssl/ssl_ciph.c.system openssl-1.0.1h/ssl/ssl_ciph.c
 --- openssl-1.0.1h/ssl/ssl_ciph.c.system	2014-06-05 14:47:37.441311282 +0200
 +++ openssl-1.0.1h/ssl/ssl_ciph.c	2014-06-11 13:55:28.194381937 +0200
@@ -1352,6 +1352,54 @@ static int ssl_cipher_process_rulestr(co
 	return(retval);
 	}
 +#ifdef SYSTEM_CIPHERS_FILE
 +static char* load_system_str(const char* suffix)
 +	{
 +	FILE* fp;
 +	char buf[1024];
 +	char *new_rules;
 +	unsigned len, slen;
 +
 +	fp = fopen(SYSTEM_CIPHERS_FILE, "r");
 +	if (fp == NULL || fgets(buf, sizeof(buf), fp) == NULL)
 +		{
 +		/* cannot open or file is empty */
 +		snprintf(buf, sizeof(buf), "%s", SSL_DEFAULT_CIPHER_LIST);
 +		}
 +
 +	if (fp)
 +		fclose(fp);
 +
 +	slen = strlen(suffix);
 +	len = strlen(buf);
 +
 +	if (buf[len-1] == '\n')
 +		{
 +		len--;
 +		buf[len] = 0;
 +		}
 +	if (buf[len-1] == '\r')
 +		{
 +		len--;
 +		buf[len] = 0;
 +		}
 +
 +	new_rules = OPENSSL_malloc(len + slen + 1);
 +	if (new_rules == 0)
 +		return NULL;
 +
 +	memcpy(new_rules, buf, len);
 +	if (slen > 0)
 +		{
 +		memcpy(&new_rules[len], suffix, slen);
 +		len += slen;
 +		}
 +	new_rules[len] = 0;
 +
 +	return new_rules;
 +	}
 +#endif
 +
 STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
 		STACK_OF(SSL_CIPHER) **cipher_list,
 		STACK_OF(SSL_CIPHER) **cipher_list_by_id,
@@ -1359,16 +1407,29 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
 	{
 	int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases;
 	unsigned long disabled_mkey, disabled_auth, disabled_enc, disabled_mac, disabled_ssl;
 -	STACK_OF(SSL_CIPHER) *cipherstack, *tmp_cipher_list;
 +	STACK_OF(SSL_CIPHER) *cipherstack = NULL, *tmp_cipher_list;
 	const char *rule_p;
 	CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr;
 	const SSL_CIPHER **ca_list = NULL;
 +#ifdef SYSTEM_CIPHERS_FILE
 +	char *new_rules = NULL;
 +
 +	if (rule_str != NULL && strncmp(rule_str, "PROFILE=SYSTEM", 14) == 0)
 +		{
 +		char *p = rule_str + 14;
 +
 +		new_rules = load_system_str(p);
 +		rule_str = new_rules;
 +		}
 +#endif
 	/*
 	 * Return with error if nothing to do.
 	 */
 	if (rule_str == NULL || cipher_list == NULL || cipher_list_by_id == NULL)
 -		return NULL;
 +		{
 +		goto end;
 +		}
 	/*
 	 * To reduce the work to do we only want to process the compiled
@@ -1389,7 +1450,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
 	if (co_list == NULL)
 		{
 		SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
 -		return(NULL);	/* Failure */
 +		goto end;
 		}
 	ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers,
@@ -1431,8 +1492,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
 	 * in force within each class */
 	if (!ssl_cipher_strength_sort(&head, &tail))
 		{
 -		OPENSSL_free(co_list);
 -		return NULL;
 +		goto end;
 		}
 	/* Now disable everything (maintaining the ordering!) */
@@ -1452,9 +1512,8 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
 	ca_list = OPENSSL_malloc(sizeof(SSL_CIPHER *) * num_of_alias_max);
 	if (ca_list == NULL)
 		{
 -		OPENSSL_free(co_list);
 		SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
 -		return(NULL);	/* Failure */
 +		goto end;
 		}
 	ssl_cipher_collect_aliases(ca_list, num_of_group_aliases,
 	                           disabled_mkey, disabled_auth, disabled_enc,
@@ -1482,8 +1541,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
 	if (!ok)
 		{	/* Rule processing failure */
 -		OPENSSL_free(co_list);
 -		return(NULL);
 +		goto end;
 		}
 	/*
@@ -1492,8 +1550,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
 	 */
 	if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL)
 		{
 -		OPENSSL_free(co_list);
 -		return(NULL);
 +		goto end;
 		}
 	/*
@@ -1514,13 +1571,13 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
 #endif
 			}
 		}
 -	OPENSSL_free(co_list);	/* Not needed any longer */
 	tmp_cipher_list = sk_SSL_CIPHER_dup(cipherstack);
 	if (tmp_cipher_list == NULL)
 		{
 		sk_SSL_CIPHER_free(cipherstack);
 -		return NULL;
 +		cipherstack = NULL;
 +		goto end;
 		}
 	if (*cipher_list != NULL)
 		sk_SSL_CIPHER_free(*cipher_list);
@@ -1531,6 +1588,12 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
 	(void)sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id,ssl_cipher_ptr_id_cmp);
 	sk_SSL_CIPHER_sort(*cipher_list_by_id);
 +
 +end:
 +	OPENSSL_free(co_list);
 +#ifdef SYSTEM_CIPHERS_FILE
 +	OPENSSL_free(new_rules);
 +#endif
 	return(cipherstack);
 	}
 diff -up openssl-1.0.1h/ssl/ssl.h.system openssl-1.0.1h/ssl/ssl.h
 --- openssl-1.0.1h/ssl/ssl.h.system	2014-06-05 14:47:37.000000000 +0200
 +++ openssl-1.0.1h/ssl/ssl.h	2014-06-11 14:08:35.243461447 +0200
@@ -338,6 +338,11 @@ extern "C" {
  * (The latter are not actually enabled by ALL, but "ALL:RSA" would enable
  * some of them.)
  */
 +#ifdef SYSTEM_CIPHERS_FILE
 +#define SSL_SYSTEM_DEFAULT_CIPHER_LIST "PROFILE=SYSTEM"
 +#else
 +#define SSL_SYSTEM_DEFAULT_CIPHER_LIST SSL_DEFAULT_CIPHER_LIST
 +#endif
 /* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
 #define SSL_SENT_SHUTDOWN	1
 diff -up openssl-1.0.1h/ssl/ssl_lib.c.system openssl-1.0.1h/ssl/ssl_lib.c
 --- openssl-1.0.1h/ssl/ssl_lib.c.system	2014-06-05 11:44:33.000000000 +0200
 +++ openssl-1.0.1h/ssl/ssl_lib.c	2014-06-11 13:59:40.696578139 +0200
@@ -263,7 +263,7 @@ int SSL_CTX_set_ssl_version(SSL_CTX *ctx
 	sk=ssl_create_cipher_list(ctx->method,&(ctx->cipher_list),
 		&(ctx->cipher_list_by_id),
 -		meth->version == SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST);
 +		meth->version == SSL2_VERSION ? "SSLv2" : SSL_SYSTEM_DEFAULT_CIPHER_LIST);
 	if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0))
 		{
 		SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
@@ -1767,7 +1767,7 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m
 	ssl_create_cipher_list(ret->method,
 		&ret->cipher_list,&ret->cipher_list_by_id,
 -		meth->version == SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST);
 +		meth->version == SSL2_VERSION ? "SSLv2" : SSL_SYSTEM_DEFAULT_CIPHER_LIST);
 	if (ret->cipher_list == NULL
 	    || sk_SSL_CIPHER_num(ret->cipher_list) <= 0)
 		{
--- a/openssl-1.0.1i-algo-doc.patch
+++ b/openssl-1.0.1i-algo-doc.patch
@ -1,6 +1,6 @@
-diff -up openssl-1.0.1a/doc/crypto/EVP_DigestInit.pod.algo-doc openssl-1.0.1a/doc/crypto/EVP_DigestInit.pod
+diff -up openssl-1.0.1i/doc/crypto/EVP_DigestInit.pod.algo-doc openssl-1.0.1i/doc/crypto/EVP_DigestInit.pod
--- openssl-1.0.1a/doc/crypto/EVP_DigestInit.pod.algo-doc	2012-04-11 00:28:22.000000000 +0200
+--- openssl-1.0.1i/doc/crypto/EVP_DigestInit.pod.algo-doc	2014-08-06 23:10:56.000000000 +0200
-+++ openssl-1.0.1a/doc/crypto/EVP_DigestInit.pod	2012-04-20 09:14:01.865167011 +0200
+++ openssl-1.0.1i/doc/crypto/EVP_DigestInit.pod	2014-08-07 11:18:01.290773970 +0200
@@ -75,7 +75,7 @@ EVP_MD_CTX_create() allocates, initializ
 EVP_DigestInit_ex() sets up digest context B<ctx> to use a digest
@ -10,9 +10,9 @@ diff -up openssl-1.0.1a/doc/crypto/EVP_DigestInit.pod.algo-doc openssl-1.0.1a/do
 If B<impl> is NULL then the default implementation of digest B<type> is used.
 EVP_DigestUpdate() hashes B<cnt> bytes of data at B<d> into the
-@@ -165,7 +165,8 @@ EVP_MD_size(), EVP_MD_block_size(), EVP_
+@@ -164,7 +164,8 @@ corresponding OBJECT IDENTIFIER or NID_u
- EVP_MD_CTX_block_size()	and EVP_MD_block_size() return the digest or block
+ EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size() and
- size in bytes.
+ EVP_MD_CTX_block_size() return the digest or block size in bytes.
 -EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_dss(),
 +EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(),
@ -20,9 +20,9 @@ diff -up openssl-1.0.1a/doc/crypto/EVP_DigestInit.pod.algo-doc openssl-1.0.1a/do
 EVP_dss1(), EVP_mdc2() and EVP_ripemd160() return pointers to the
 corresponding EVP_MD structures.
-diff -up openssl-1.0.1a/doc/crypto/EVP_EncryptInit.pod.algo-doc openssl-1.0.1a/doc/crypto/EVP_EncryptInit.pod
+diff -up openssl-1.0.1i/doc/crypto/EVP_EncryptInit.pod.algo-doc openssl-1.0.1i/doc/crypto/EVP_EncryptInit.pod
--- openssl-1.0.1a/doc/crypto/EVP_EncryptInit.pod.algo-doc	2005-04-15 18:01:35.000000000 +0200
+--- openssl-1.0.1i/doc/crypto/EVP_EncryptInit.pod.algo-doc	2014-08-06 23:10:56.000000000 +0200
-+++ openssl-1.0.1a/doc/crypto/EVP_EncryptInit.pod	2012-04-20 09:10:59.114736465 +0200
+++ openssl-1.0.1i/doc/crypto/EVP_EncryptInit.pod	2014-08-07 10:55:25.100638252 +0200
@@ -91,6 +91,32 @@ EVP_CIPHER_CTX_set_padding - EVP cipher
  int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
  int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
--- a/openssl-1.0.1i-manfix.patch
+++ b/openssl-1.0.1i-manfix.patch
@ -0,0 +1,86 @@
 diff -up openssl-1.0.1i/doc/apps/ec.pod.manfix openssl-1.0.1i/doc/apps/ec.pod
 --- openssl-1.0.1i/doc/apps/ec.pod.manfix	2014-07-22 21:41:23.000000000 +0200
 +++ openssl-1.0.1i/doc/apps/ec.pod	2014-08-07 11:21:57.258887741 +0200
@@ -93,10 +93,6 @@ prints out the public, private key compo
 this option prevents output of the encoded version of the key.
 -=item B<-modulus>
 -
 -this option prints out the value of the public key component of the key.
 -
 =item B<-pubin>
 by default a private key is read from the input file: with this option a
 diff -up openssl-1.0.1i/doc/apps/openssl.pod.manfix openssl-1.0.1i/doc/apps/openssl.pod
 --- openssl-1.0.1i/doc/apps/openssl.pod.manfix	2014-07-22 21:43:11.000000000 +0200
 +++ openssl-1.0.1i/doc/apps/openssl.pod	2014-08-07 11:21:57.259887746 +0200
@@ -163,7 +163,7 @@ Create or examine a netscape certificate
 Online Certificate Status Protocol utility.
 -=item L<B<passwd>|passwd(1)>
 +=item L<B<passwd>|sslpasswd(1)>
 Generation of hashed passwords.
@@ -187,7 +187,7 @@ Public key algorithm parameter managemen
 Public key algorithm cryptographic operation utility.
 -=item L<B<rand>|rand(1)>
 +=item L<B<rand>|sslrand(1)>
 Generate pseudo-random bytes.
@@ -401,9 +401,9 @@ L<crl(1)|crl(1)>, L<crl2pkcs7(1)|crl2pkc
 L<dhparam(1)|dhparam(1)>, L<dsa(1)|dsa(1)>, L<dsaparam(1)|dsaparam(1)>,
 L<enc(1)|enc(1)>, L<gendsa(1)|gendsa(1)>, L<genpkey(1)|genpkey(1)>,
 L<genrsa(1)|genrsa(1)>, L<nseq(1)|nseq(1)>, L<openssl(1)|openssl(1)>,
 -L<passwd(1)|passwd(1)>,
 +L<sslpasswd(1)|sslpasswd(1)>,
 L<pkcs12(1)|pkcs12(1)>, L<pkcs7(1)|pkcs7(1)>, L<pkcs8(1)|pkcs8(1)>,
 -L<rand(1)|rand(1)>, L<req(1)|req(1)>, L<rsa(1)|rsa(1)>,
 +L<sslrand(1)|sslrand(1)>, L<req(1)|req(1)>, L<rsa(1)|rsa(1)>,
 L<rsautl(1)|rsautl(1)>, L<s_client(1)|s_client(1)>,
 L<s_server(1)|s_server(1)>, L<s_time(1)|s_time(1)>,
 L<smime(1)|smime(1)>, L<spkac(1)|spkac(1)>,
 diff -up openssl-1.0.1i/doc/apps/s_client.pod.manfix openssl-1.0.1i/doc/apps/s_client.pod
 --- openssl-1.0.1i/doc/apps/s_client.pod.manfix	2014-08-06 23:10:56.000000000 +0200
 +++ openssl-1.0.1i/doc/apps/s_client.pod	2014-08-07 11:24:28.736604443 +0200
@@ -34,9 +34,14 @@ B<openssl> B<s_client>
 [B<-ssl2>]
 [B<-ssl3>]
 [B<-tls1>]
 +[B<-tls1_1>]
 +[B<-tls1_2>]
 +[B<-dtls1>]
 [B<-no_ssl2>]
 [B<-no_ssl3>]
 [B<-no_tls1>]
 +[B<-no_tls1_1>]
 +[B<-no_tls1_2>]
 [B<-bugs>]
 [B<-cipher cipherlist>]
 [B<-serverpref>]
@@ -196,7 +201,7 @@ Use the PSK key B<key> when using a PSK
 given as a hexadecimal number without leading 0x, for example -psk
 1a2b3c4d.
 -=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>
 +=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-dtls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
 these options disable the use of certain SSL or TLS protocols. By default
 the initial handshake uses a method which should be compatible with all
 diff -up openssl-1.0.1i/doc/apps/s_server.pod.manfix openssl-1.0.1i/doc/apps/s_server.pod
 --- openssl-1.0.1i/doc/apps/s_server.pod.manfix	2014-08-06 23:10:56.000000000 +0200
 +++ openssl-1.0.1i/doc/apps/s_server.pod	2014-08-07 11:21:57.259887746 +0200
@@ -216,7 +216,7 @@ Use the PSK key B<key> when using a PSK
 given as a hexadecimal number without leading 0x, for example -psk
 1a2b3c4d.
 -=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>
 +=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-dtls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
 these options disable the use of certain SSL or TLS protocols. By default
 the initial handshake uses a method which should be compatible with all
--- a/openssl-1.0.1i-new-fips-reqs.patch
+++ b/openssl-1.0.1i-new-fips-reqs.patch
@ -1,6 +1,6 @@
-diff -up openssl-1.0.1e/crypto/bn/bn_rand.c.fips-reqs openssl-1.0.1e/crypto/bn/bn_rand.c
+diff -up openssl-1.0.1i/crypto/bn/bn_rand.c.fips-reqs openssl-1.0.1i/crypto/bn/bn_rand.c
--- openssl-1.0.1e/crypto/bn/bn_rand.c.fips-reqs	2013-02-11 16:02:47.000000000 +0100
+--- openssl-1.0.1i/crypto/bn/bn_rand.c.fips-reqs	2014-07-22 21:43:11.000000000 +0200
-+++ openssl-1.0.1e/crypto/bn/bn_rand.c	2014-02-13 16:50:34.280893285 +0100
+++ openssl-1.0.1i/crypto/bn/bn_rand.c	2014-08-13 19:58:06.818832577 +0200
@@ -138,9 +138,12 @@ static int bnrand(int pseudorand, BIGNUM
 		goto err;
 		}
@ -17,9 +17,9 @@ diff -up openssl-1.0.1e/crypto/bn/bn_rand.c.fips-reqs openssl-1.0.1e/crypto/bn/b
 	if (pseudorand)
 		{
-diff -up openssl-1.0.1e/crypto/dh/dh_gen.c.fips-reqs openssl-1.0.1e/crypto/dh/dh_gen.c
+diff -up openssl-1.0.1i/crypto/dh/dh_gen.c.fips-reqs openssl-1.0.1i/crypto/dh/dh_gen.c
--- openssl-1.0.1e/crypto/dh/dh_gen.c.fips-reqs	2013-12-18 12:17:09.748636614 +0100
+--- openssl-1.0.1i/crypto/dh/dh_gen.c.fips-reqs	2014-08-13 19:58:06.765831356 +0200
-+++ openssl-1.0.1e/crypto/dh/dh_gen.c	2013-12-18 12:17:09.798637687 +0100
+++ openssl-1.0.1i/crypto/dh/dh_gen.c	2014-08-13 19:58:06.818832577 +0200
@@ -125,7 +125,7 @@ static int dh_builtin_genparams(DH *ret,
 		return 0;
 		}
@ -29,9 +29,9 @@ diff -up openssl-1.0.1e/crypto/dh/dh_gen.c.fips-reqs openssl-1.0.1e/crypto/dh/dh
 		{
 		DHerr(DH_F_DH_BUILTIN_GENPARAMS, DH_R_KEY_SIZE_TOO_SMALL);
 		goto err;
-diff -up openssl-1.0.1e/crypto/dh/dh.h.fips-reqs openssl-1.0.1e/crypto/dh/dh.h
+diff -up openssl-1.0.1i/crypto/dh/dh.h.fips-reqs openssl-1.0.1i/crypto/dh/dh.h
--- openssl-1.0.1e/crypto/dh/dh.h.fips-reqs	2013-12-18 12:17:09.748636614 +0100
+--- openssl-1.0.1i/crypto/dh/dh.h.fips-reqs	2014-08-13 19:58:06.765831356 +0200
-+++ openssl-1.0.1e/crypto/dh/dh.h	2013-12-18 12:17:09.798637687 +0100
+++ openssl-1.0.1i/crypto/dh/dh.h	2014-08-13 19:58:06.818832577 +0200
@@ -78,6 +78,7 @@
 #endif
@ -40,9 +40,9 @@ diff -up openssl-1.0.1e/crypto/dh/dh.h.fips-reqs openssl-1.0.1e/crypto/dh/dh.h
 #define DH_FLAG_CACHE_MONT_P     0x01
 #define DH_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DH
-diff -up openssl-1.0.1e/crypto/dh/dh_check.c.fips-reqs openssl-1.0.1e/crypto/dh/dh_check.c
+diff -up openssl-1.0.1i/crypto/dh/dh_check.c.fips-reqs openssl-1.0.1i/crypto/dh/dh_check.c
--- openssl-1.0.1e/crypto/dh/dh_check.c.fips-reqs	2013-02-11 16:26:04.000000000 +0100
+--- openssl-1.0.1i/crypto/dh/dh_check.c.fips-reqs	2014-08-06 23:10:56.000000000 +0200
-+++ openssl-1.0.1e/crypto/dh/dh_check.c	2013-12-18 12:17:09.799637708 +0100
+++ openssl-1.0.1i/crypto/dh/dh_check.c	2014-08-13 19:58:06.818832577 +0200
@@ -134,7 +134,33 @@ int DH_check_pub_key(const DH *dh, const
 	BN_sub_word(q,1);
 	if (BN_cmp(pub_key,q)>=0)
@ -77,25 +77,26 @@ diff -up openssl-1.0.1e/crypto/dh/dh_check.c.fips-reqs openssl-1.0.1e/crypto/dh/
 	ok = 1;
 err:
 	if (q != NULL) BN_free(q);
-diff -up openssl-1.0.1e/crypto/dsa/dsa_gen.c.fips-reqs openssl-1.0.1e/crypto/dsa/dsa_gen.c
+diff -up openssl-1.0.1i/crypto/dsa/dsa_gen.c.fips-reqs openssl-1.0.1i/crypto/dsa/dsa_gen.c
--- openssl-1.0.1e/crypto/dsa/dsa_gen.c.fips-reqs	2013-12-18 12:17:09.749636636 +0100
+--- openssl-1.0.1i/crypto/dsa/dsa_gen.c.fips-reqs	2014-08-13 19:58:06.766831380 +0200
-+++ openssl-1.0.1e/crypto/dsa/dsa_gen.c	2013-12-18 12:17:09.799637708 +0100
+++ openssl-1.0.1i/crypto/dsa/dsa_gen.c	2014-08-13 19:58:06.818832577 +0200
-@@ -159,7 +159,6 @@ int dsa_builtin_paramgen(DSA *ret, size_
+@@ -159,7 +159,7 @@ int dsa_builtin_paramgen(DSA *ret, size_
 	    }
 	if (FIPS_module_mode() &&
 -	    (bits != 1024 || qbits != 160) &&
 +	    (getenv("OPENSSL_ENFORCE_MODULUS_BITS") || bits != 1024 || qbits != 160) &&
 	    (bits != 2048 || qbits != 224) &&
 	    (bits != 2048 || qbits != 256) &&
 	    (bits != 3072 || qbits != 256))
-diff -up openssl-1.0.1e/crypto/dsa/dsa.h.fips-reqs openssl-1.0.1e/crypto/dsa/dsa.h
+diff -up openssl-1.0.1i/crypto/dsa/dsa.h.fips-reqs openssl-1.0.1i/crypto/dsa/dsa.h
--- openssl-1.0.1e/crypto/dsa/dsa.h.fips-reqs	2013-12-18 12:17:09.749636636 +0100
+--- openssl-1.0.1i/crypto/dsa/dsa.h.fips-reqs	2014-08-13 19:58:06.766831380 +0200
-+++ openssl-1.0.1e/crypto/dsa/dsa.h	2013-12-18 12:17:09.799637708 +0100
+++ openssl-1.0.1i/crypto/dsa/dsa.h	2014-08-13 19:58:06.818832577 +0200
@@ -89,6 +89,7 @@
 #endif
 #define OPENSSL_DSA_FIPS_MIN_MODULUS_BITS 1024
-+#define OPENSSL_DSA_FIPS_MIN_MODULUS_BITS_GEN 2048
+#define OPENSSL_DSA_FIPS_MIN_MODULUS_BITS_GEN (getenv("OPENSSL_ENFORCE_MODULUS_BITS")?2048:1024)
 #define DSA_FLAG_CACHE_MONT_P	0x01
 #define DSA_FLAG_NO_EXP_CONSTTIME       0x02 /* new with 0.9.7h; the built-in DSA
@ -112,9 +113,9 @@ diff -up openssl-1.0.1e/crypto/dsa/dsa.h.fips-reqs openssl-1.0.1e/crypto/dsa/dsa
 #define DSA_is_prime(n, callback, cb_arg) \
 	BN_is_prime(n, DSS_prime_checks, callback, NULL, cb_arg)
-diff -up openssl-1.0.1e/crypto/dsa/dsa_key.c.fips-reqs openssl-1.0.1e/crypto/dsa/dsa_key.c
+diff -up openssl-1.0.1i/crypto/dsa/dsa_key.c.fips-reqs openssl-1.0.1i/crypto/dsa/dsa_key.c
--- openssl-1.0.1e/crypto/dsa/dsa_key.c.fips-reqs	2013-12-18 12:17:09.797637665 +0100
+--- openssl-1.0.1i/crypto/dsa/dsa_key.c.fips-reqs	2014-08-13 19:58:06.816832531 +0200
-+++ openssl-1.0.1e/crypto/dsa/dsa_key.c	2013-12-18 12:17:09.799637708 +0100
+++ openssl-1.0.1i/crypto/dsa/dsa_key.c	2014-08-13 19:58:06.818832577 +0200
@@ -127,7 +127,7 @@ static int dsa_builtin_keygen(DSA *dsa)
 #ifdef OPENSSL_FIPS
@ -124,9 +125,9 @@ diff -up openssl-1.0.1e/crypto/dsa/dsa_key.c.fips-reqs openssl-1.0.1e/crypto/dsa
 		{
 		DSAerr(DSA_F_DSA_BUILTIN_KEYGEN, DSA_R_KEY_SIZE_TOO_SMALL);
 		goto err;
-diff -up openssl-1.0.1e/crypto/fips/fips_dh_selftest.c.fips-reqs openssl-1.0.1e/crypto/fips/fips_dh_selftest.c
+diff -up openssl-1.0.1i/crypto/fips/fips_dh_selftest.c.fips-reqs openssl-1.0.1i/crypto/fips/fips_dh_selftest.c
--- openssl-1.0.1e/crypto/fips/fips_dh_selftest.c.fips-reqs	2013-12-18 17:06:36.575114314 +0100
+--- openssl-1.0.1i/crypto/fips/fips_dh_selftest.c.fips-reqs	2014-08-13 19:58:06.819832600 +0200
-+++ openssl-1.0.1e/crypto/fips/fips_dh_selftest.c	2013-12-18 17:26:14.409036334 +0100
+++ openssl-1.0.1i/crypto/fips/fips_dh_selftest.c	2014-08-13 19:58:06.819832600 +0200
@@ -0,0 +1,162 @@
 +/* ====================================================================
 + * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
@ -290,92 +291,9 @@ diff -up openssl-1.0.1e/crypto/fips/fips_dh_selftest.c.fips-reqs openssl-1.0.1e/
 +	return ret;
 +	}
 +#endif
-diff -up openssl-1.0.1e/crypto/fips/fips_drbg_rand.c.fips-reqs openssl-1.0.1e/crypto/fips/fips_drbg_rand.c
+diff -up openssl-1.0.1i/crypto/fips/fips.h.fips-reqs openssl-1.0.1i/crypto/fips/fips.h
--- openssl-1.0.1e/crypto/fips/fips_drbg_rand.c.fips-reqs	2013-12-18 12:17:09.757636808 +0100
+--- openssl-1.0.1i/crypto/fips/fips.h.fips-reqs	2014-08-13 19:58:06.812832439 +0200
-+++ openssl-1.0.1e/crypto/fips/fips_drbg_rand.c	2013-12-18 18:53:33.263711297 +0100
+++ openssl-1.0.1i/crypto/fips/fips.h	2014-08-13 19:58:06.819832600 +0200
@@ -77,7 +77,8 @@ static int fips_drbg_bytes(unsigned char
 	int rv = 0;
 	unsigned char *adin = NULL;
 	size_t adinlen = 0;
 -	CRYPTO_w_lock(CRYPTO_LOCK_RAND);
 +	int locked;
 +	locked = private_RAND_lock(1);
 	do 
 		{
 		size_t rcnt;
@@ -109,7 +110,8 @@ static int fips_drbg_bytes(unsigned char
 	while (count);
 	rv = 1;
 	err:
 -	CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
 +	if (locked)
 +		private_RAND_lock(0);
 	return rv;
 	}
@@ -124,35 +126,51 @@ static int fips_drbg_status(void)
 	{
 	DRBG_CTX *dctx = &ossl_dctx;
 	int rv;
 -	CRYPTO_r_lock(CRYPTO_LOCK_RAND);
 +	int locked;
 +	locked = private_RAND_lock(1);
 	rv = dctx->status == DRBG_STATUS_READY ? 1 : 0;
 -	CRYPTO_r_unlock(CRYPTO_LOCK_RAND);
 +	if (locked)
 +		private_RAND_lock(0);
 	return rv;
 	}
 static void fips_drbg_cleanup(void)
 	{
 	DRBG_CTX *dctx = &ossl_dctx;
 -	CRYPTO_w_lock(CRYPTO_LOCK_RAND);
 +	int locked;
 +	locked = private_RAND_lock(1);
 	FIPS_drbg_uninstantiate(dctx);
 -	CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
 +	if (locked)
 +		private_RAND_lock(0);
 	}
 static int fips_drbg_seed(const void *seed, int seedlen)
 	{
 	DRBG_CTX *dctx = &ossl_dctx;
 +	int locked;
 +	int ret = 1;
 +
 +	locked = private_RAND_lock(1);
 	if (dctx->rand_seed_cb)
 -		return dctx->rand_seed_cb(dctx, seed, seedlen);
 -	return 1;
 +		ret = dctx->rand_seed_cb(dctx, seed, seedlen);
 +	if (locked)
 +		private_RAND_lock(0);
 +	return ret;
 	}
 static int fips_drbg_add(const void *seed, int seedlen,
 					double add_entropy)
 	{
 	DRBG_CTX *dctx = &ossl_dctx;
 +	int locked;
 +	int ret = 1;
 +
 +	locked = private_RAND_lock(1);
 	if (dctx->rand_add_cb)
 -		return dctx->rand_add_cb(dctx, seed, seedlen, add_entropy);
 -	return 1;
 +		ret = dctx->rand_add_cb(dctx, seed, seedlen, add_entropy);
 +	if (locked)
 +		private_RAND_lock(0);
 +	return ret;
 	}
 static const RAND_METHOD rand_drbg_meth =
 diff -up openssl-1.0.1e/crypto/fips/fips.h.fips-reqs openssl-1.0.1e/crypto/fips/fips.h
 --- openssl-1.0.1e/crypto/fips/fips.h.fips-reqs	2013-12-18 12:17:09.000000000 +0100
 +++ openssl-1.0.1e/crypto/fips/fips.h	2013-12-18 17:13:00.928586689 +0100
@@ -96,6 +96,7 @@ void FIPS_corrupt_dsa_keygen(void);
 int FIPS_selftest_dsa(void);
 int FIPS_selftest_ecdsa(void);
@ -384,9 +302,9 @@ diff -up openssl-1.0.1e/crypto/fips/fips.h.fips-reqs openssl-1.0.1e/crypto/fips/
 void FIPS_corrupt_rng(void);
 void FIPS_rng_stick(void);
 void FIPS_x931_stick(int onoff);
-diff -up openssl-1.0.1e/crypto/fips/fips_post.c.fips-reqs openssl-1.0.1e/crypto/fips/fips_post.c
+diff -up openssl-1.0.1i/crypto/fips/fips_post.c.fips-reqs openssl-1.0.1i/crypto/fips/fips_post.c
--- openssl-1.0.1e/crypto/fips/fips_post.c.fips-reqs	2013-12-18 12:17:09.000000000 +0100
+--- openssl-1.0.1i/crypto/fips/fips_post.c.fips-reqs	2014-08-13 19:58:06.809832370 +0200
-+++ openssl-1.0.1e/crypto/fips/fips_post.c	2013-12-18 17:12:26.721832716 +0100
+++ openssl-1.0.1i/crypto/fips/fips_post.c	2014-08-13 19:58:06.819832600 +0200
@@ -99,6 +99,8 @@ int FIPS_selftest(void)
 		rv = 0;
 	if (!FIPS_selftest_dsa())
@ -396,9 +314,9 @@ diff -up openssl-1.0.1e/crypto/fips/fips_post.c.fips-reqs openssl-1.0.1e/crypto/
 	if (!FIPS_selftest_ecdh())
 		rv = 0;
 	return rv;
-diff -up openssl-1.0.1e/crypto/fips/fips_rsa_selftest.c.fips-reqs openssl-1.0.1e/crypto/fips/fips_rsa_selftest.c
+diff -up openssl-1.0.1i/crypto/fips/fips_rsa_selftest.c.fips-reqs openssl-1.0.1i/crypto/fips/fips_rsa_selftest.c
--- openssl-1.0.1e/crypto/fips/fips_rsa_selftest.c.fips-reqs	2014-03-14 14:47:18.809259727 +0100
+--- openssl-1.0.1i/crypto/fips/fips_rsa_selftest.c.fips-reqs	2014-08-13 19:58:06.779831679 +0200
-+++ openssl-1.0.1e/crypto/fips/fips_rsa_selftest.c	2014-03-14 15:37:26.295687852 +0100
+++ openssl-1.0.1i/crypto/fips/fips_rsa_selftest.c	2014-08-13 19:59:16.491437297 +0200
@@ -60,69 +60,113 @@
 #ifdef OPENSSL_FIPS
@ -557,7 +475,7 @@ diff -up openssl-1.0.1e/crypto/fips/fips_rsa_selftest.c.fips-reqs openssl-1.0.1e
     key->e = BN_bin2bn(e, sizeof(e)-1, key->e);
     key->d = BN_bin2bn(d, sizeof(d)-1, key->d);
     key->p = BN_bin2bn(p, sizeof(p)-1, key->p);
-@@ -145,201 +189,391 @@ void FIPS_corrupt_rsa()
+@@ -145,201 +189,291 @@ void FIPS_corrupt_rsa()
 static const unsigned char kat_tbs[] = "OpenSSL FIPS 140-2 Public Key RSA KAT";
 static const unsigned char kat_RSA_PSS_SHA1[] = {
@ -920,7 +838,7 @@ diff -up openssl-1.0.1e/crypto/fips/fips_rsa_selftest.c.fips-reqs openssl-1.0.1e
 + 0x43, 0xA8, 0x34, 0x0A
 };
- static const unsigned char kat_RSA_X931_SHA1[] = {
+-static const unsigned char kat_RSA_X931_SHA1[] = {
 -  0x86, 0xB4, 0x18, 0xBA, 0xD1, 0x80, 0xB6, 0x7C, 0x42, 0x45, 0x4D, 0xDF,
 -  0xE9, 0x2D, 0xE1, 0x83, 0x5F, 0xB5, 0x2F, 0xC9, 0xCD, 0xC4, 0xB2, 0x75,
 -  0x80, 0xA4, 0xF1, 0x4A, 0xE7, 0x83, 0x12, 0x1E, 0x1E, 0x14, 0xB8, 0xAC,
@ -932,31 +850,14 @@ diff -up openssl-1.0.1e/crypto/fips/fips_rsa_selftest.c.fips-reqs openssl-1.0.1e
 -  0x48, 0xAF, 0x82, 0xFE, 0x32, 0x41, 0x9B, 0xB2, 0xDB, 0xEA, 0xED, 0x76,
 -  0x8E, 0x6E, 0xCA, 0x7E, 0x4E, 0x14, 0xBA, 0x30, 0x84, 0x1C, 0xB3, 0x67,
 -  0xA3, 0x29, 0x80, 0x70, 0x54, 0x68, 0x7D, 0x49
-+ 0xB1, 0x0E, 0x4F, 0xC6, 0xE0, 0x95, 0x85, 0x7B, 0xBE, 0xDE, 0xC4, 0xE6,
+-};
-+ 0x1F, 0x12, 0x2E, 0x9B, 0x3E, 0x11, 0xA3, 0xF0, 0xF0, 0xA8, 0x23, 0x1A,
+static int fips_rsa_encrypt_test(RSA *rsa, const unsigned char *plaintext, int ptlen)
-+ 0x96, 0x6E, 0x99, 0xB5, 0x5F, 0x82, 0xC5, 0x87, 0x75, 0xE9, 0xD4, 0xBF,
+	{
-+ 0x9F, 0xE0, 0xA4, 0xED, 0xC7, 0x01, 0x2A, 0x3F, 0x6F, 0x43, 0x1D, 0x4F,
+	unsigned char *ctbuf = NULL, *ptbuf = NULL;
-+ 0xE8, 0x05, 0x34, 0x32, 0x20, 0x36, 0x94, 0xA0, 0x6D, 0xCC, 0xF6, 0x41,
+	int ret = 0;
-+ 0x49, 0x56, 0x96, 0xEC, 0x9C, 0x7C, 0xD1, 0x0E, 0x9E, 0xD8, 0x1B, 0x48,
+	int len;
 + 0xD9, 0xDF, 0x99, 0x9F, 0x92, 0x17, 0x96, 0xA4, 0xF1, 0x87, 0x64, 0x61,
 + 0x3C, 0xAF, 0x00, 0x24, 0xB3, 0x64, 0x88, 0x8E, 0x41, 0xBF, 0x29, 0x1F,
 + 0xA3, 0x28, 0xAD, 0x21, 0x1E, 0xA3, 0x96, 0x40, 0x0A, 0x0B, 0x82, 0xCD,
 + 0x97, 0x58, 0x33, 0xB6, 0x52, 0xAC, 0xC5, 0x3B, 0x14, 0xE7, 0x1E, 0x5D,
 + 0x09, 0xC9, 0x76, 0xB5, 0x89, 0xC6, 0x9B, 0x4C, 0xC2, 0xC2, 0x31, 0x0E,
 + 0xBA, 0x1E, 0xB5, 0x11, 0xD0, 0xFD, 0xC1, 0xDA, 0x64, 0x17, 0xA8, 0xCB,
 + 0xF0, 0x94, 0xF4, 0xDD, 0x84, 0xB7, 0xEF, 0x9C, 0x13, 0x4F, 0xDD, 0x06,
 + 0x0C, 0xE4, 0xC7, 0xFD, 0x69, 0x10, 0x20, 0xD3, 0x93, 0x5E, 0xF8, 0xBA,
 + 0x21, 0xFB, 0x62, 0xC4, 0x63, 0x76, 0x43, 0xAA, 0x7E, 0x3C, 0x56, 0x5E,
 + 0xB4, 0x47, 0x3A, 0x05, 0x0D, 0xBB, 0x13, 0xC4, 0x93, 0xFB, 0x29, 0xA8,
 + 0x3E, 0x76, 0x41, 0x54, 0x9E, 0x7B, 0xE2, 0xE0, 0x07, 0x1D, 0xA7, 0x9C,
 + 0x85, 0x11, 0xB5, 0xA5, 0x88, 0x58, 0x02, 0xD8, 0xC0, 0x4B, 0x81, 0xBF,
 + 0x2B, 0x38, 0xE2, 0x2F, 0x42, 0xCA, 0x63, 0x8A, 0x0A, 0x78, 0xBA, 0x50,
 + 0xE5, 0x84, 0x35, 0xD3, 0x6A, 0x1E, 0x96, 0x0B, 0x91, 0xB1, 0x0E, 0x85,
 + 0xA8, 0x5C, 0x6E, 0x46, 0x5C, 0x61, 0x8C, 0x4F, 0x5B, 0x61, 0xB6, 0x3C,
 + 0xB7, 0x2C, 0xA5, 0x1A
 };
- static const unsigned char kat_RSA_X931_SHA256[] = {
+-static const unsigned char kat_RSA_X931_SHA256[] = {
 -  0x7E, 0xA2, 0x77, 0xFE, 0xB8, 0x54, 0x8A, 0xC7, 0x7F, 0x64, 0x54, 0x89,
 -  0xE5, 0x52, 0x15, 0x8E, 0x52, 0x96, 0x4E, 0xA6, 0x58, 0x92, 0x1C, 0xDD,
 -  0xEA, 0xA2, 0x2D, 0x5C, 0xD1, 0x62, 0x00, 0x49, 0x05, 0x95, 0x73, 0xCF,
@ -968,31 +869,12 @@ diff -up openssl-1.0.1e/crypto/fips/fips_rsa_selftest.c.fips-reqs openssl-1.0.1e
 -  0x33, 0x1D, 0x82, 0x8C, 0x03, 0xEA, 0x69, 0x88, 0x35, 0xA1, 0x42, 0xBD,
 -  0x21, 0xED, 0x8D, 0xBC, 0xBC, 0xDB, 0x30, 0xFF, 0x86, 0xF0, 0x5B, 0xDC,
 -  0xE3, 0xE2, 0xE8, 0x0A, 0x0A, 0x29, 0x94, 0x80
-+ 0xC6, 0x6C, 0x01, 0x7F, 0xB6, 0x8C, 0xD4, 0x61, 0x83, 0xC5, 0xBC, 0x75,
+-};
-+ 0x39, 0x22, 0xDD, 0x17, 0x5B, 0x95, 0x4B, 0x4C, 0x46, 0x39, 0x37, 0xA7,
+	ctbuf = OPENSSL_malloc(RSA_size(rsa));
-+ 0x54, 0x6C, 0x49, 0x5A, 0x67, 0x90, 0x47, 0xF6, 0x59, 0xAE, 0xFC, 0xDD,
+	if (!ctbuf)
-+ 0xDF, 0xDB, 0xC7, 0x91, 0xB9, 0xB6, 0xCE, 0xD8, 0xFA, 0x30, 0x01, 0x9F,
+		goto err;
 + 0xCA, 0xE5, 0x4A, 0x51, 0xB7, 0xBE, 0xBD, 0x4E, 0x56, 0x25, 0x0B, 0x49,
 + 0xE0, 0x46, 0xBB, 0x81, 0x0E, 0x14, 0x47, 0xFF, 0xCB, 0xBB, 0xA1, 0x6D,
 + 0x44, 0x9B, 0xF7, 0xEE, 0x81, 0xEB, 0xF6, 0x62, 0xEA, 0x0D, 0x76, 0x76,
 + 0x4E, 0x25, 0xD7, 0x9A, 0x2B, 0xB1, 0x92, 0xED, 0x5C, 0x7F, 0x9D, 0x99,
 + 0x07, 0x9E, 0xBF, 0x62, 0x83, 0x12, 0x61, 0x99, 0x3E, 0xF5, 0x6A, 0x4C,
 + 0x58, 0xB0, 0x2A, 0x15, 0x1C, 0xA0, 0xD2, 0x91, 0x87, 0x9C, 0x7D, 0x4F,
 + 0xEF, 0x3B, 0x0F, 0x60, 0xD7, 0x1E, 0xEF, 0x7C, 0xBE, 0x68, 0x95, 0xE6,
 + 0xBA, 0xFA, 0xF6, 0xD1, 0x67, 0x3D, 0x9D, 0x39, 0xAE, 0xC2, 0x85, 0xD2,
 + 0xDE, 0xA5, 0x85, 0x1E, 0x4D, 0x2B, 0x2C, 0x06, 0x44, 0x98, 0x17, 0x46,
 + 0x89, 0x41, 0x13, 0xFC, 0x99, 0xD6, 0x6C, 0xCF, 0x26, 0xA2, 0x77, 0x8A,
 + 0x3F, 0x10, 0xF8, 0xC5, 0xC9, 0x4A, 0xB6, 0x93, 0xF5, 0x38, 0x89, 0xBD,
 + 0xFF, 0xAE, 0x42, 0x06, 0x2D, 0xCD, 0x1B, 0x3D, 0x5A, 0xCD, 0xF2, 0x8A,
 + 0x65, 0xA4, 0xB7, 0xB6, 0xF6, 0x5B, 0xE8, 0xA4, 0x68, 0xB4, 0x27, 0xDA,
 + 0xF1, 0x59, 0x37, 0x24, 0x18, 0xB5, 0x5B, 0x15, 0x62, 0x64, 0x6F, 0x78,
 + 0xBB, 0x17, 0x94, 0x42, 0xAD, 0xB3, 0x0D, 0x18, 0xB0, 0x1B, 0x28, 0x29,
 + 0x3B, 0x15, 0xBF, 0xD1, 0xC8, 0x28, 0x4F, 0xDF, 0x7F, 0x34, 0x49, 0x2A,
 + 0x44, 0xD5, 0x4C, 0x59, 0x90, 0x83, 0x8D, 0xFC, 0x58, 0x7E, 0xEC, 0x4B,
 + 0x54, 0xF0, 0xB5, 0xBD
 };
- static const unsigned char kat_RSA_X931_SHA384[] = {
+-static const unsigned char kat_RSA_X931_SHA384[] = {
 -  0x5C, 0x7D, 0x96, 0x35, 0xEC, 0x7E, 0x11, 0x38, 0xBB, 0x7B, 0xEC, 0x7B,
 -  0xF2, 0x82, 0x8E, 0x99, 0xBD, 0xEF, 0xD8, 0xAE, 0xD7, 0x39, 0x37, 0xCB,
 -  0xE6, 0x4F, 0x5E, 0x0A, 0x13, 0xE4, 0x2E, 0x40, 0xB9, 0xBE, 0x2E, 0xE3,
@ -1004,31 +886,15 @@ diff -up openssl-1.0.1e/crypto/fips/fips_rsa_selftest.c.fips-reqs openssl-1.0.1e
 -  0x0E, 0x09, 0xEE, 0x2E, 0xE2, 0x37, 0xB9, 0xDE, 0xC5, 0x12, 0x44, 0x35,
 -  0xEF, 0x01, 0xE6, 0x5E, 0x39, 0x31, 0x2D, 0x71, 0xA5, 0xDC, 0xC6, 0x6D,
 -  0xE2, 0xCD, 0x85, 0xDB, 0x73, 0x82, 0x65, 0x28
-+ 0x88, 0x85, 0xE1, 0xC1, 0xE2, 0xE5, 0x0B, 0x6C, 0x03, 0x27, 0xAC, 0xC8,
+-};
-+ 0x3A, 0x72, 0xB4, 0x9A, 0xF3, 0xAE, 0x9C, 0x88, 0x8C, 0xBE, 0x28, 0x0D,
+	len = RSA_public_encrypt(ptlen, plaintext, ctbuf, rsa, RSA_PKCS1_PADDING);
-+ 0x89, 0x5F, 0x06, 0x0F, 0x5F, 0x08, 0xE3, 0x9C, 0xF9, 0x28, 0x4F, 0xBB,
+	if (len <= 0)
-+ 0x24, 0xDD, 0x21, 0x4C, 0x44, 0x96, 0x50, 0xB5, 0xD4, 0x8E, 0x13, 0x60,
+		goto err;
-+ 0x7C, 0xCB, 0xD9, 0x5E, 0x7C, 0xB6, 0xAD, 0xA5, 0x6A, 0x41, 0x04, 0xA7,
+	/* Check ciphertext doesn't match plaintext */
-+ 0x8E, 0xF0, 0x39, 0x08, 0x7E, 0x18, 0x91, 0xF9, 0x46, 0x97, 0xEF, 0xF2,
+	if (len >= ptlen && !memcmp(plaintext, ctbuf, ptlen))
-+ 0x14, 0xB2, 0x01, 0xFD, 0xB2, 0x2B, 0x3A, 0xF8, 0x4A, 0x59, 0xD1, 0x36,
+		goto err;
 + 0x1A, 0x7D, 0x2D, 0xB9, 0xC6, 0x7F, 0xDE, 0x62, 0xB6, 0x56, 0xBA, 0xFA,
 + 0x5A, 0xA1, 0x5B, 0x8C, 0x5F, 0x98, 0xEC, 0xF8, 0x93, 0x13, 0x11, 0x42,
 + 0xEE, 0xC4, 0x6C, 0x4A, 0x87, 0x4E, 0x98, 0x22, 0xB6, 0xBB, 0xB0, 0x3A,
 + 0x70, 0xA9, 0xCC, 0xBC, 0x31, 0x27, 0xE7, 0xBC, 0xCA, 0xEC, 0x52, 0x81,
 + 0x76, 0x9A, 0x3F, 0x18, 0xC1, 0x1C, 0x4A, 0xC7, 0x56, 0xE3, 0xF0, 0x6F,
 + 0x36, 0xBB, 0x9B, 0xF9, 0x43, 0x90, 0xBE, 0x79, 0x59, 0x63, 0x1C, 0xFE,
 + 0xB6, 0x46, 0x8B, 0xBA, 0xBD, 0xAA, 0x28, 0x71, 0x9B, 0xD6, 0xDD, 0x05,
 + 0x00, 0x3B, 0xBC, 0x2D, 0x48, 0xE7, 0x6E, 0x6E, 0x42, 0x95, 0x27, 0xAE,
 + 0x93, 0x92, 0x6D, 0x59, 0x47, 0x10, 0x59, 0xAC, 0xDD, 0x95, 0x29, 0xC3,
 + 0x1B, 0x86, 0x67, 0x12, 0x98, 0x48, 0x10, 0xA6, 0x90, 0xA3, 0x59, 0x9D,
 + 0x10, 0x4E, 0xEA, 0xD8, 0xCB, 0xE3, 0x81, 0xBA, 0xA1, 0x52, 0x55, 0x78,
 + 0xFF, 0x95, 0x40, 0xE0, 0xAE, 0x93, 0x38, 0x5D, 0x21, 0x13, 0x8A, 0xFC,
 + 0x72, 0xC7, 0xFB, 0x70, 0x1C, 0xEE, 0x5D, 0xB0, 0xE5, 0xFA, 0x44, 0x86,
 + 0x67, 0x97, 0x66, 0x64, 0xA4, 0x1E, 0xF8, 0x3A, 0x16, 0xF8, 0xC9, 0xE0,
 + 0x09, 0xF3, 0x61, 0x4F
 };
- static const unsigned char kat_RSA_X931_SHA512[] = {
+-static const unsigned char kat_RSA_X931_SHA512[] = {
 -  0xA6, 0x65, 0xA2, 0x77, 0x4F, 0xB3, 0x86, 0xCB, 0x64, 0x3A, 0xC1, 0x63,
 -  0xFC, 0xA1, 0xAA, 0xCB, 0x9B, 0x79, 0xDD, 0x4B, 0xE1, 0xD9, 0xDA, 0xAC,
 -  0xE7, 0x47, 0x09, 0xB2, 0x11, 0x4B, 0x8A, 0xAA, 0x05, 0x9E, 0x77, 0xD7,
@ -1040,47 +906,7 @@ diff -up openssl-1.0.1e/crypto/fips/fips_rsa_selftest.c.fips-reqs openssl-1.0.1e
 -  0x9F, 0x09, 0xCA, 0x84, 0x15, 0x85, 0xE0, 0xED, 0x04, 0x2D, 0xFB, 0x7C,
 -  0x36, 0x35, 0x21, 0x31, 0xC3, 0xFD, 0x92, 0x42, 0x11, 0x30, 0x71, 0x1B,
 -  0x60, 0x83, 0x18, 0x88, 0xA3, 0xF5, 0x59, 0xC3
-+ 0xC9, 0x2B, 0x6D, 0x50, 0xBB, 0xD8, 0x0B, 0x35, 0xE8, 0x78, 0xF5, 0xFC,
+-};
 + 0xBB, 0x6A, 0xB4, 0x32, 0x63, 0x9C, 0x75, 0x19, 0x1D, 0xFB, 0x68, 0xC0,
 + 0xFC, 0x34, 0xCE, 0x09, 0xFD, 0xF4, 0x33, 0x42, 0x70, 0x24, 0x57, 0xBC,
 + 0xB3, 0xBD, 0x24, 0x33, 0x9E, 0x4B, 0x00, 0xCE, 0x15, 0xB3, 0x27, 0xC6,
 + 0x39, 0x7C, 0xC1, 0x28, 0x75, 0xFE, 0x7B, 0x76, 0x4F, 0xFB, 0x60, 0xA0,
 + 0x30, 0xBF, 0x74, 0x2C, 0x9D, 0xE4, 0xC8, 0x03, 0xA8, 0xDE, 0xB9, 0x2A,
 + 0xD9, 0x23, 0x24, 0xDC, 0xEE, 0xF0, 0xC1, 0x8B, 0x4D, 0x12, 0x4A, 0x41,
 + 0x33, 0x3B, 0x23, 0xFE, 0xDD, 0xE9, 0xE8, 0x55, 0x2B, 0x3E, 0xA4, 0x1B,
 + 0x95, 0x21, 0x2A, 0xEF, 0x84, 0x2E, 0x13, 0x3D, 0x97, 0x7C, 0x08, 0x86,
 + 0xB1, 0x60, 0xA4, 0xB9, 0xC4, 0x5A, 0x5B, 0x2D, 0x3F, 0xD7, 0x0D, 0xB2,
 + 0x41, 0x72, 0x7A, 0x7F, 0xA3, 0x12, 0xB0, 0xAD, 0x80, 0x2E, 0xD6, 0xD3,
 + 0x8A, 0x71, 0x72, 0x67, 0x94, 0x6F, 0x51, 0x05, 0x39, 0xFD, 0xBE, 0x91,
 + 0xDE, 0x1D, 0x65, 0xE4, 0xA7, 0xA6, 0x0F, 0xA5, 0x08, 0x1F, 0xFC, 0x53,
 + 0x48, 0x7B, 0xB8, 0xCE, 0x79, 0xDA, 0xDC, 0x18, 0xD1, 0xD3, 0x8A, 0x73,
 + 0xCE, 0x5A, 0x62, 0x1E, 0x33, 0xD0, 0x21, 0x9C, 0xF9, 0xDE, 0x9E, 0x7E,
 + 0x4D, 0x0E, 0x24, 0x30, 0x94, 0xB8, 0xDC, 0x8B, 0x57, 0x7E, 0x3B, 0xC6,
 + 0xD7, 0x0F, 0xFC, 0xA6, 0x1F, 0xEB, 0xAF, 0x19, 0xD0, 0xFF, 0x3D, 0x63,
 + 0x03, 0x1D, 0xAB, 0x11, 0x0C, 0xAD, 0x45, 0x46, 0x67, 0x76, 0xC8, 0x26,
 + 0xD4, 0xD4, 0x70, 0x1F, 0xDF, 0xEB, 0xE5, 0x7D, 0x75, 0xD8, 0x3B, 0x52,
 + 0x6C, 0xE7, 0x23, 0xCB, 0xB9, 0x1B, 0xA4, 0x2E, 0x5B, 0xEC, 0xB4, 0xB6,
 + 0xB6, 0x2D, 0x0B, 0x60, 0xE3, 0x7B, 0x05, 0xE8, 0x1E, 0xAD, 0xC7, 0xE7,
 + 0xBE, 0xF4, 0x71, 0xAE
 };
 +static int fips_rsa_encrypt_test(RSA *rsa, const unsigned char *plaintext, int ptlen)
 +	{
 +	unsigned char *ctbuf = NULL, *ptbuf = NULL;
 +	int ret = 0;
 +	int len;
 +
 +	ctbuf = OPENSSL_malloc(RSA_size(rsa));
 +	if (!ctbuf)
 +		goto err;
 +
 +	len = RSA_public_encrypt(ptlen, plaintext, ctbuf, rsa, RSA_PKCS1_PADDING);
 +	if (len <= 0)
 +		goto err;
 +	/* Check ciphertext doesn't match plaintext */
 +	if (len >= ptlen && !memcmp(plaintext, ctbuf, ptlen))
 +		goto err;
 +
 +	ptbuf = OPENSSL_malloc(RSA_size(rsa));
 +	if (!ptbuf)
 +		goto err;
@ -1092,7 +918,7 @@ diff -up openssl-1.0.1e/crypto/fips/fips_rsa_selftest.c.fips-reqs openssl-1.0.1e
 +		goto err;
 +
 +	ret = 1;
-+
+ 
 +	err:
 +	if (ctbuf)
 +		OPENSSL_free(ctbuf);
@ -1103,7 +929,7 @@ diff -up openssl-1.0.1e/crypto/fips/fips_rsa_selftest.c.fips-reqs openssl-1.0.1e
 int FIPS_selftest_rsa()
 	{
-@@ -353,7 +587,7 @@ int FIPS_selftest_rsa()
+@@ -353,7 +487,7 @@ int FIPS_selftest_rsa()
 	if ((pk=EVP_PKEY_new()) == NULL)
 		goto err;
@ -1112,13 +938,35 @@ diff -up openssl-1.0.1e/crypto/fips/fips_rsa_selftest.c.fips-reqs openssl-1.0.1e
 	if (!fips_pkey_signature_test(pk, kat_tbs, sizeof(kat_tbs) - 1,
 				kat_RSA_SHA1, sizeof(kat_RSA_SHA1),
-@@ -430,13 +664,15 @@ int FIPS_selftest_rsa()
+@@ -407,36 +541,15 @@ int FIPS_selftest_rsa()
- 			"RSA SHA512 X931"))
+ 				"RSA SHA512 PSS"))
 		goto err;
 -
 -	if (!fips_pkey_signature_test(pk, kat_tbs, sizeof(kat_tbs) - 1,
 -			kat_RSA_X931_SHA1, sizeof(kat_RSA_X931_SHA1),
 -			EVP_sha1(), EVP_MD_CTX_FLAG_PAD_X931,
 -			"RSA SHA1 X931"))
 -		goto err;
 -	/* NB: SHA224 not supported in X9.31 */
 -	if (!fips_pkey_signature_test(pk, kat_tbs, sizeof(kat_tbs) - 1,
 -			kat_RSA_X931_SHA256, sizeof(kat_RSA_X931_SHA256),
 -			EVP_sha256(), EVP_MD_CTX_FLAG_PAD_X931,
 -			"RSA SHA256 X931"))
 -		goto err;
 -	if (!fips_pkey_signature_test(pk, kat_tbs, sizeof(kat_tbs) - 1,
 -			kat_RSA_X931_SHA384, sizeof(kat_RSA_X931_SHA384),
 -			EVP_sha384(), EVP_MD_CTX_FLAG_PAD_X931,
 -			"RSA SHA384 X931"))
 -		goto err;
 -	if (!fips_pkey_signature_test(pk, kat_tbs, sizeof(kat_tbs) - 1,
 -			kat_RSA_X931_SHA512, sizeof(kat_RSA_X931_SHA512),
 -			EVP_sha512(), EVP_MD_CTX_FLAG_PAD_X931,
 -			"RSA SHA512 X931"))
 +	if (!fips_rsa_encrypt_test(key, kat_tbs, sizeof(kat_tbs) - 1))
-+		goto err;
+ 		goto err;
 -
 	ret = 1;
 	err:
@ -1129,9 +977,9 @@ diff -up openssl-1.0.1e/crypto/fips/fips_rsa_selftest.c.fips-reqs openssl-1.0.1e
 		RSA_free(key);
 	return ret;
 	}
-diff -up openssl-1.0.1e/crypto/fips/Makefile.fips-reqs openssl-1.0.1e/crypto/fips/Makefile
+diff -up openssl-1.0.1i/crypto/fips/Makefile.fips-reqs openssl-1.0.1i/crypto/fips/Makefile
--- openssl-1.0.1e/crypto/fips/Makefile.fips-reqs	2013-12-18 12:17:20.000000000 +0100
+--- openssl-1.0.1i/crypto/fips/Makefile.fips-reqs	2014-08-13 19:58:06.809832370 +0200
-+++ openssl-1.0.1e/crypto/fips/Makefile	2013-12-18 17:14:20.348337362 +0100
+++ openssl-1.0.1i/crypto/fips/Makefile	2014-08-13 19:58:06.820832624 +0200
@@ -24,13 +24,15 @@ LIBSRC=fips_aes_selftest.c fips_des_self
     fips_rsa_selftest.c fips_sha_selftest.c fips.c fips_dsa_selftest.c  fips_rand.c \
     fips_rsa_x931g.c fips_post.c fips_drbg_ctr.c fips_drbg_hash.c fips_drbg_hmac.c \
@ -1150,10 +998,10 @@ diff -up openssl-1.0.1e/crypto/fips/Makefile.fips-reqs openssl-1.0.1e/crypto/fip
 LIBCRYPTO=-L.. -lcrypto
-diff -up openssl-1.0.1e/crypto/modes/gcm128.c.fips-reqs openssl-1.0.1e/crypto/modes/gcm128.c
+diff -up openssl-1.0.1i/crypto/modes/gcm128.c.fips-reqs openssl-1.0.1i/crypto/modes/gcm128.c
--- openssl-1.0.1e/crypto/modes/gcm128.c.fips-reqs	2013-02-11 16:26:04.000000000 +0100
+--- openssl-1.0.1i/crypto/modes/gcm128.c.fips-reqs	2014-08-13 19:58:06.740830781 +0200
-+++ openssl-1.0.1e/crypto/modes/gcm128.c	2013-12-18 12:17:09.800637730 +0100
+++ openssl-1.0.1i/crypto/modes/gcm128.c	2014-08-13 19:58:06.820832624 +0200
-@@ -898,6 +898,10 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT
+@@ -931,6 +931,10 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT
 # endif
 #endif
@ -1164,7 +1012,7 @@ diff -up openssl-1.0.1e/crypto/modes/gcm128.c.fips-reqs openssl-1.0.1e/crypto/mo
 #if 0
 	n = (unsigned int)mlen%16; /* alternative to ctx->mres */
 #endif
-@@ -1200,6 +1204,10 @@ int CRYPTO_gcm128_encrypt_ctr32(GCM128_C
+@@ -1294,6 +1298,10 @@ int CRYPTO_gcm128_encrypt_ctr32(GCM128_C
 # endif
 #endif
@ -1175,10 +1023,10 @@ diff -up openssl-1.0.1e/crypto/modes/gcm128.c.fips-reqs openssl-1.0.1e/crypto/mo
 	mlen += len;
 	if (mlen>((U64(1)<<36)-32) || (sizeof(len)==8 && mlen<len))
 		return -1;
-diff -up openssl-1.0.1e/crypto/modes/modes_lcl.h.fips-reqs openssl-1.0.1e/crypto/modes/modes_lcl.h
+diff -up openssl-1.0.1i/crypto/modes/modes_lcl.h.fips-reqs openssl-1.0.1i/crypto/modes/modes_lcl.h
--- openssl-1.0.1e/crypto/modes/modes_lcl.h.fips-reqs	2013-12-18 12:17:09.388628895 +0100
+--- openssl-1.0.1i/crypto/modes/modes_lcl.h.fips-reqs	2014-08-13 19:58:06.410823180 +0200
-+++ openssl-1.0.1e/crypto/modes/modes_lcl.h	2013-12-18 12:17:09.800637730 +0100
+++ openssl-1.0.1i/crypto/modes/modes_lcl.h	2014-08-13 19:58:06.820832624 +0200
-@@ -115,6 +115,7 @@ struct gcm128_context {
+@@ -112,6 +112,7 @@ struct gcm128_context {
 	unsigned int mres, ares;
 	block128_f block;
 	void *key;
@ -1186,196 +1034,9 @@ diff -up openssl-1.0.1e/crypto/modes/modes_lcl.h.fips-reqs openssl-1.0.1e/crypto
 };
 struct xts128_context {
-diff -up openssl-1.0.1e/crypto/rand/md_rand.c.fips-reqs openssl-1.0.1e/crypto/rand/md_rand.c
+diff -up openssl-1.0.1i/crypto/rand/rand_lcl.h.fips-reqs openssl-1.0.1i/crypto/rand/rand_lcl.h
--- openssl-1.0.1e/crypto/rand/md_rand.c.fips-reqs	2013-12-18 12:17:09.763636936 +0100
+--- openssl-1.0.1i/crypto/rand/rand_lcl.h.fips-reqs	2014-08-13 19:58:06.525825829 +0200
-+++ openssl-1.0.1e/crypto/rand/md_rand.c	2013-12-18 12:17:09.800637730 +0100
+++ openssl-1.0.1i/crypto/rand/rand_lcl.h	2014-08-13 19:58:06.820832624 +0200
@@ -143,12 +143,6 @@ static long md_count[2]={0,0};
 static double entropy=0;
 static int initialized=0;
 -static unsigned int crypto_lock_rand = 0; /* may be set only when a thread
 -                                           * holds CRYPTO_LOCK_RAND
 -                                           * (to prevent double locking) */
 -/* access to lockin_thread is synchronized by CRYPTO_LOCK_RAND2 */
 -static CRYPTO_THREADID locking_threadid; /* valid iff crypto_lock_rand is set */
 -
 #ifdef PREDICT
 int rand_predictable=0;
@@ -196,7 +190,7 @@ static void ssleay_rand_add(const void *
 	long md_c[2];
 	unsigned char local_md[MD_DIGEST_LENGTH];
 	EVP_MD_CTX m;
 -	int do_not_lock;
 +	int locked;
 	/*
 	 * (Based on the rand(3) manpage)
@@ -213,19 +207,8 @@ static void ssleay_rand_add(const void *
          * hash function.
 	 */
 -	/* check if we already have the lock */
 -	if (crypto_lock_rand)
 -		{
 -		CRYPTO_THREADID cur;
 -		CRYPTO_THREADID_current(&cur);
 -		CRYPTO_r_lock(CRYPTO_LOCK_RAND2);
 -		do_not_lock = !CRYPTO_THREADID_cmp(&locking_threadid, &cur);
 -		CRYPTO_r_unlock(CRYPTO_LOCK_RAND2);
 -		}
 -	else
 -		do_not_lock = 0;
 +	locked = private_RAND_lock(1);
 -	if (!do_not_lock) CRYPTO_w_lock(CRYPTO_LOCK_RAND);
 	st_idx=state_index;
 	/* use our own copies of the counters so that even
@@ -257,7 +240,8 @@ static void ssleay_rand_add(const void *
 	md_count[1] += (num / MD_DIGEST_LENGTH) + (num % MD_DIGEST_LENGTH > 0);
 -	if (!do_not_lock) CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
 +	if (locked)
 +		private_RAND_lock(0);
 	EVP_MD_CTX_init(&m);
 	for (i=0; i<num; i+=MD_DIGEST_LENGTH)
@@ -308,7 +292,7 @@ static void ssleay_rand_add(const void *
 		}
 	EVP_MD_CTX_cleanup(&m);
 -	if (!do_not_lock) CRYPTO_w_lock(CRYPTO_LOCK_RAND);
 +	locked = private_RAND_lock(1);
 	/* Don't just copy back local_md into md -- this could mean that
 	 * other thread's seeding remains without effect (except for
 	 * the incremented counter).  By XORing it we keep at least as
@@ -319,7 +303,8 @@ static void ssleay_rand_add(const void *
 		}
 	if (entropy < ENTROPY_NEEDED) /* stop counting when we have enough */
 	    entropy += add;
 -	if (!do_not_lock) CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
 +	if (locked)
 +		private_RAND_lock(0);
 #if !defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32)
 	assert(md_c[1] == md_count[1]);
@@ -344,6 +329,7 @@ static int ssleay_rand_bytes(unsigned ch
 	pid_t curr_pid = getpid();
 #endif
 	int do_stir_pool = 0;
 +	int locked;
 #ifdef PREDICT
 	if (rand_predictable)
@@ -381,13 +367,7 @@ static int ssleay_rand_bytes(unsigned ch
 	 * global 'md'.
 	 */
 -	CRYPTO_w_lock(CRYPTO_LOCK_RAND);
 -
 -	/* prevent ssleay_rand_bytes() from trying to obtain the lock again */
 -	CRYPTO_w_lock(CRYPTO_LOCK_RAND2);
 -	CRYPTO_THREADID_current(&locking_threadid);
 -	CRYPTO_w_unlock(CRYPTO_LOCK_RAND2);
 -	crypto_lock_rand = 1;
 +	locked = private_RAND_lock(1);
 	/* always poll for external entropy in FIPS mode, drbg provides the 
 	 * expansion
@@ -461,9 +441,8 @@ static int ssleay_rand_bytes(unsigned ch
 	md_count[0] += 1;
 -	/* before unlocking, we must clear 'crypto_lock_rand' */
 -	crypto_lock_rand = 0;
 -	CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
 +	if (locked)
 +		private_RAND_lock(0);
 	while (num > 0)
 		{
@@ -515,10 +494,11 @@ static int ssleay_rand_bytes(unsigned ch
 	MD_Init(&m);
 	MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
 	MD_Update(&m,local_md,MD_DIGEST_LENGTH);
 -	CRYPTO_w_lock(CRYPTO_LOCK_RAND);
 +	locked = private_RAND_lock(1);
 	MD_Update(&m,md,MD_DIGEST_LENGTH);
 	MD_Final(&m,md);
 -	CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
 +	if (locked)
 +		private_RAND_lock(0);
 	EVP_MD_CTX_cleanup(&m);
 	if (ok)
@@ -548,32 +528,10 @@ static int ssleay_rand_pseudo_bytes(unsi
 static int ssleay_rand_status(void)
 	{
 -	CRYPTO_THREADID cur;
 	int ret;
 -	int do_not_lock;
 +	int locked;
 -	CRYPTO_THREADID_current(&cur);
 -	/* check if we already have the lock
 -	 * (could happen if a RAND_poll() implementation calls RAND_status()) */
 -	if (crypto_lock_rand)
 -		{
 -		CRYPTO_r_lock(CRYPTO_LOCK_RAND2);
 -		do_not_lock = !CRYPTO_THREADID_cmp(&locking_threadid, &cur);
 -		CRYPTO_r_unlock(CRYPTO_LOCK_RAND2);
 -		}
 -	else
 -		do_not_lock = 0;
 -	
 -	if (!do_not_lock)
 -		{
 -		CRYPTO_w_lock(CRYPTO_LOCK_RAND);
 -		
 -		/* prevent ssleay_rand_bytes() from trying to obtain the lock again */
 -		CRYPTO_w_lock(CRYPTO_LOCK_RAND2);
 -		CRYPTO_THREADID_cpy(&locking_threadid, &cur);
 -		CRYPTO_w_unlock(CRYPTO_LOCK_RAND2);
 -		crypto_lock_rand = 1;
 -		}
 +	locked = private_RAND_lock(1);
 	if (!initialized)
 		{
@@ -583,13 +541,8 @@ static int ssleay_rand_status(void)
 	ret = entropy >= ENTROPY_NEEDED;
 -	if (!do_not_lock)
 -		{
 -		/* before unlocking, we must clear 'crypto_lock_rand' */
 -		crypto_lock_rand = 0;
 -		
 -		CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
 -		}
 +	if (locked)
 +		private_RAND_lock(0);
 	return ret;
 	}
 diff -up openssl-1.0.1e/crypto/rand/rand.h.fips-reqs openssl-1.0.1e/crypto/rand/rand.h
 --- openssl-1.0.1e/crypto/rand/rand.h.fips-reqs	2013-12-18 12:17:09.764636958 +0100
 +++ openssl-1.0.1e/crypto/rand/rand.h	2013-12-18 12:17:09.800637730 +0100
@@ -124,6 +124,8 @@ void RAND_set_fips_drbg_type(int type, i
 int RAND_init_fips(void);
 #endif
 +int private_RAND_lock(int lock);
 +
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
 diff -up openssl-1.0.1e/crypto/rand/rand_lcl.h.fips-reqs openssl-1.0.1e/crypto/rand/rand_lcl.h
 --- openssl-1.0.1e/crypto/rand/rand_lcl.h.fips-reqs	2013-12-18 12:17:09.507631447 +0100
 +++ openssl-1.0.1e/crypto/rand/rand_lcl.h	2013-12-18 12:17:09.800637730 +0100
@@ -112,7 +112,7 @@
 #ifndef HEADER_RAND_LCL_H
 #define HEADER_RAND_LCL_H
@ -1385,57 +1046,19 @@ diff -up openssl-1.0.1e/crypto/rand/rand_lcl.h.fips-reqs openssl-1.0.1e/crypto/r
 #if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND)
-diff -up openssl-1.0.1e/crypto/rand/rand_lib.c.fips-reqs openssl-1.0.1e/crypto/rand/rand_lib.c
+diff -up openssl-1.0.1i/crypto/rand/rand_lib.c.fips-reqs openssl-1.0.1i/crypto/rand/rand_lib.c
--- openssl-1.0.1e/crypto/rand/rand_lib.c.fips-reqs	2013-02-11 16:26:04.000000000 +0100
+--- openssl-1.0.1i/crypto/rand/rand_lib.c.fips-reqs	2014-08-06 23:10:56.000000000 +0200
-+++ openssl-1.0.1e/crypto/rand/rand_lib.c	2013-12-18 18:16:45.625850730 +0100
+++ openssl-1.0.1i/crypto/rand/rand_lib.c	2014-08-13 19:58:06.820832624 +0200
-@@ -181,6 +181,41 @@ int RAND_status(void)
+@@ -240,12 +240,24 @@ static int drbg_rand_add(DRBG_CTX *ctx,
 	return 0;
 	}
 +int private_RAND_lock(int lock)
 +	{
 +	static int crypto_lock_rand;
 +	static CRYPTO_THREADID locking_threadid;
 +	int do_lock;
 +
 +	if (!lock)
 +		{
 +		crypto_lock_rand = 0;
 +		CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
 +		return 0;
 +		}
 +
 +	/* check if we already have the lock */
 +	if (crypto_lock_rand)
 +		{
 +		CRYPTO_THREADID cur;
 +		CRYPTO_THREADID_current(&cur);
 +		CRYPTO_r_lock(CRYPTO_LOCK_RAND2);
 +		do_lock = !!CRYPTO_THREADID_cmp(&locking_threadid, &cur);
 +		CRYPTO_r_unlock(CRYPTO_LOCK_RAND2);
 +		}
 +        else
 +		do_lock = 1;
 +	if (do_lock)
 +		{
 +		CRYPTO_w_lock(CRYPTO_LOCK_RAND);
 +		crypto_lock_rand = 1;
 +		CRYPTO_w_lock(CRYPTO_LOCK_RAND2);
 +		CRYPTO_THREADID_current(&locking_threadid);
 +		CRYPTO_w_unlock(CRYPTO_LOCK_RAND2);
 +		}
 +	return do_lock;
 +	}
 +
 #ifdef OPENSSL_FIPS
 /* FIPS DRBG initialisation code. This sets up the DRBG for use by the
@@ -239,12 +274,16 @@ static int drbg_rand_add(DRBG_CTX *ctx,
 				double entropy)
 	{
 	RAND_SSLeay()->add(in, inlen, entropy);
 +	if (FIPS_rand_status())
 +		{
 +		CRYPTO_w_lock(CRYPTO_LOCK_RAND);
 +		FIPS_drbg_reseed(ctx, NULL, 0);
 +		CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
 +		}
 	return 1;
 	}
@ -1443,13 +1066,17 @@ diff -up openssl-1.0.1e/crypto/rand/rand_lib.c.fips-reqs openssl-1.0.1e/crypto/r
 	{
 	RAND_SSLeay()->seed(in, inlen);
 +	if (FIPS_rand_status())
 +		{
 +		CRYPTO_w_lock(CRYPTO_LOCK_RAND);
 +		FIPS_drbg_reseed(ctx, NULL, 0);
 +		CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
 +		}
 	return 1;
 	}
-diff -up openssl-1.0.1e/crypto/rsa/rsa_gen.c.fips-reqs openssl-1.0.1e/crypto/rsa/rsa_gen.c
+diff -up openssl-1.0.1i/crypto/rsa/rsa_gen.c.fips-reqs openssl-1.0.1i/crypto/rsa/rsa_gen.c
--- openssl-1.0.1e/crypto/rsa/rsa_gen.c.fips-reqs	2013-12-18 12:17:09.764636958 +0100
+--- openssl-1.0.1i/crypto/rsa/rsa_gen.c.fips-reqs	2014-08-13 19:58:06.782831748 +0200
-+++ openssl-1.0.1e/crypto/rsa/rsa_gen.c	2013-12-19 17:40:58.483154314 +0100
+++ openssl-1.0.1i/crypto/rsa/rsa_gen.c	2014-08-13 19:58:06.821832646 +0200
@@ -1,5 +1,6 @@
 /* crypto/rsa/rsa_gen.c */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
@ -1480,7 +1107,7 @@ diff -up openssl-1.0.1e/crypto/rsa/rsa_gen.c.fips-reqs openssl-1.0.1e/crypto/rsa
 +	    	return 0;
 +	    	}
 +
-+	if (bits != 2048 && bits != 3072)
+	if ((pbits & 0xFF) || (getenv("OPENSSL_ENFORCE_MODULUS_BITS") && bits != 2048 && bits != 3072))
 +		{
 +		FIPSerr(FIPS_F_RSA_BUILTIN_KEYGEN, FIPS_R_INVALID_KEY_LENGTH);
 +		return 0;
@ -1680,7 +1307,7 @@ diff -up openssl-1.0.1e/crypto/rsa/rsa_gen.c.fips-reqs openssl-1.0.1e/crypto/rsa
 static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
 	{
 	BIGNUM *r0=NULL,*r1=NULL,*r2=NULL,*r3=NULL,*tmp;
-@@ -176,17 +393,7 @@ static int rsa_builtin_keygen(RSA *rsa,
+@@ -176,17 +393,12 @@ static int rsa_builtin_keygen(RSA *rsa,
 #ifdef OPENSSL_FIPS
 	if (FIPS_module_mode())
 		{
@ -1690,16 +1317,16 @@ diff -up openssl-1.0.1e/crypto/rsa/rsa_gen.c.fips-reqs openssl-1.0.1e/crypto/rsa
 -	    	return 0;
 -	    	}
 -
-		if (bits < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS)
+ 		if (bits < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS)
-		    {
+ 		    {
-		    FIPSerr(FIPS_F_RSA_BUILTIN_KEYGEN,FIPS_R_KEY_TOO_SHORT);
+ 		    FIPSerr(FIPS_F_RSA_BUILTIN_KEYGEN,FIPS_R_KEY_TOO_SHORT);
-		    return 0;
+ 		    return 0;
-		    }
+ 		    }
 +		return FIPS_rsa_builtin_keygen(rsa, bits, e_value, cb);
 		}
 #endif
-@@ -301,17 +508,6 @@ static int rsa_builtin_keygen(RSA *rsa,
+@@ -301,17 +513,6 @@ static int rsa_builtin_keygen(RSA *rsa,
 		p = rsa->p;
 	if (!BN_mod_inverse(rsa->iqmp,rsa->q,p,ctx)) goto err;
@ -1717,9 +1344,9 @@ diff -up openssl-1.0.1e/crypto/rsa/rsa_gen.c.fips-reqs openssl-1.0.1e/crypto/rsa
 	ok=1;
 err:
 	if (ok == -1)
-diff -up openssl-1.0.1e/ssl/t1_enc.c.fips-reqs openssl-1.0.1e/ssl/t1_enc.c
+diff -up openssl-1.0.1i/ssl/t1_enc.c.fips-reqs openssl-1.0.1i/ssl/t1_enc.c
--- openssl-1.0.1e/ssl/t1_enc.c.fips-reqs	2013-02-11 16:26:04.000000000 +0100
+--- openssl-1.0.1i/ssl/t1_enc.c.fips-reqs	2014-08-06 23:10:56.000000000 +0200
-+++ openssl-1.0.1e/ssl/t1_enc.c	2013-12-18 12:17:09.801637751 +0100
+++ openssl-1.0.1i/ssl/t1_enc.c	2014-08-13 19:58:06.821832646 +0200
@@ -291,6 +291,27 @@ static int tls1_PRF(long digest_mask,
 err:
 	return ret;
--- a/openssl-1.0.1i-ppc-asm-update.patch
+++ b/openssl-1.0.1i-ppc-asm-update.patch
--- a/openssl-1.0.1i-trusted-first.patch
+++ b/openssl-1.0.1i-trusted-first.patch
@ -1,7 +1,7 @@
-diff -up openssl-1.0.1e/apps/apps.c.trusted-first openssl-1.0.1e/apps/apps.c
+diff -up openssl-1.0.1i/apps/apps.c.trusted-first openssl-1.0.1i/apps/apps.c
--- openssl-1.0.1e/apps/apps.c.trusted-first	2013-02-11 16:26:04.000000000 +0100
+--- openssl-1.0.1i/apps/apps.c.trusted-first	2014-08-06 23:10:56.000000000 +0200
-+++ openssl-1.0.1e/apps/apps.c	2013-08-16 15:42:39.920534769 +0200
+++ openssl-1.0.1i/apps/apps.c	2014-08-07 13:54:27.751103405 +0200
-@@ -2361,6 +2361,8 @@ int args_verify(char ***pargs, int *parg
+@@ -2365,6 +2365,8 @@ int args_verify(char ***pargs, int *parg
 		flags |= X509_V_FLAG_NOTIFY_POLICY;
 	else if (!strcmp(arg, "-check_ss_sig"))
 		flags |= X509_V_FLAG_CHECK_SS_SIGNATURE;
@ -10,9 +10,9 @@ diff -up openssl-1.0.1e/apps/apps.c.trusted-first openssl-1.0.1e/apps/apps.c
 	else
 		return 0;
-diff -up openssl-1.0.1e/apps/cms.c.trusted-first openssl-1.0.1e/apps/cms.c
+diff -up openssl-1.0.1i/apps/cms.c.trusted-first openssl-1.0.1i/apps/cms.c
--- openssl-1.0.1e/apps/cms.c.trusted-first	2013-02-11 16:26:04.000000000 +0100
+--- openssl-1.0.1i/apps/cms.c.trusted-first	2014-08-06 23:10:56.000000000 +0200
-+++ openssl-1.0.1e/apps/cms.c	2013-08-16 15:43:56.671213879 +0200
+++ openssl-1.0.1i/apps/cms.c	2014-08-07 13:54:27.751103405 +0200
@@ -642,6 +642,7 @@ int MAIN(int argc, char **argv)
 		BIO_printf (bio_err, "-text          include or delete text MIME headers\n");
 		BIO_printf (bio_err, "-CApath dir    trusted certificates directory\n");
@ -21,10 +21,10 @@ diff -up openssl-1.0.1e/apps/cms.c.trusted-first openssl-1.0.1e/apps/cms.c
 		BIO_printf (bio_err, "-crl_check     check revocation status of signer's certificate using CRLs\n");
 		BIO_printf (bio_err, "-crl_check_all check revocation status of signer's certificate chain using CRLs\n");
 #ifndef OPENSSL_NO_ENGINE
-diff -up openssl-1.0.1e/apps/ocsp.c.trusted-first openssl-1.0.1e/apps/ocsp.c
+diff -up openssl-1.0.1i/apps/ocsp.c.trusted-first openssl-1.0.1i/apps/ocsp.c
--- openssl-1.0.1e/apps/ocsp.c.trusted-first	2013-02-11 16:26:04.000000000 +0100
+--- openssl-1.0.1i/apps/ocsp.c.trusted-first	2014-08-06 23:10:56.000000000 +0200
-+++ openssl-1.0.1e/apps/ocsp.c	2013-08-16 15:49:47.477572414 +0200
+++ openssl-1.0.1i/apps/ocsp.c	2014-08-07 13:54:27.752103409 +0200
-@@ -595,6 +595,7 @@ int MAIN(int argc, char **argv)
+@@ -605,6 +605,7 @@ int MAIN(int argc, char **argv)
 		BIO_printf (bio_err, "-path              path to use in OCSP request\n");
 		BIO_printf (bio_err, "-CApath dir        trusted certificates directory\n");
 		BIO_printf (bio_err, "-CAfile file       trusted certificates file\n");
@ -32,20 +32,20 @@ diff -up openssl-1.0.1e/apps/ocsp.c.trusted-first openssl-1.0.1e/apps/ocsp.c
 		BIO_printf (bio_err, "-VAfile file       validator certificates file\n");
 		BIO_printf (bio_err, "-validity_period n maximum validity discrepancy in seconds\n");
 		BIO_printf (bio_err, "-status_age n      maximum status age in seconds\n");
-diff -up openssl-1.0.1e/apps/s_client.c.trusted-first openssl-1.0.1e/apps/s_client.c
+diff -up openssl-1.0.1i/apps/s_client.c.trusted-first openssl-1.0.1i/apps/s_client.c
--- openssl-1.0.1e/apps/s_client.c.trusted-first	2013-08-16 15:42:39.000000000 +0200
+--- openssl-1.0.1i/apps/s_client.c.trusted-first	2014-08-07 13:54:27.752103409 +0200
-+++ openssl-1.0.1e/apps/s_client.c	2013-08-16 15:49:00.727542994 +0200
+++ openssl-1.0.1i/apps/s_client.c	2014-08-07 15:06:28.443918055 +0200
-@@ -298,6 +298,7 @@ static void sc_usage(void)
+@@ -299,6 +299,7 @@ static void sc_usage(void)
 	BIO_printf(bio_err," -pass arg     - private key file pass phrase source\n");
 	BIO_printf(bio_err," -CApath arg   - PEM format directory of CA's\n");
 	BIO_printf(bio_err," -CAfile arg   - PEM format file of CA's\n");
 +	BIO_printf(bio_err," -trusted_first - Use trusted CA's first when building the trust chain\n");
 	BIO_printf(bio_err," -reconnect    - Drop and re-make the connection with the same Session-ID\n");
 	BIO_printf(bio_err," -pause        - sleep(1) after each read(2) and write(2) system call\n");
- 	BIO_printf(bio_err," -showcerts    - show all certificates in the chain\n");
+ 	BIO_printf(bio_err," -prexit       - print session information even on connection failure\n");
-diff -up openssl-1.0.1e/apps/smime.c.trusted-first openssl-1.0.1e/apps/smime.c
+diff -up openssl-1.0.1i/apps/smime.c.trusted-first openssl-1.0.1i/apps/smime.c
--- openssl-1.0.1e/apps/smime.c.trusted-first	2013-02-11 16:26:04.000000000 +0100
+--- openssl-1.0.1i/apps/smime.c.trusted-first	2014-08-06 23:10:56.000000000 +0200
-+++ openssl-1.0.1e/apps/smime.c	2013-08-16 15:46:44.024875150 +0200
+++ openssl-1.0.1i/apps/smime.c	2014-08-07 13:54:27.753103414 +0200
@@ -479,6 +479,7 @@ int MAIN(int argc, char **argv)
 		BIO_printf (bio_err, "-text          include or delete text MIME headers\n");
 		BIO_printf (bio_err, "-CApath dir    trusted certificates directory\n");
@ -54,10 +54,10 @@ diff -up openssl-1.0.1e/apps/smime.c.trusted-first openssl-1.0.1e/apps/smime.c
 		BIO_printf (bio_err, "-crl_check     check revocation status of signer's certificate using CRLs\n");
 		BIO_printf (bio_err, "-crl_check_all check revocation status of signer's certificate chain using CRLs\n");
 #ifndef OPENSSL_NO_ENGINE
-diff -up openssl-1.0.1e/apps/s_server.c.trusted-first openssl-1.0.1e/apps/s_server.c
+diff -up openssl-1.0.1i/apps/s_server.c.trusted-first openssl-1.0.1i/apps/s_server.c
--- openssl-1.0.1e/apps/s_server.c.trusted-first	2013-08-16 15:42:39.000000000 +0200
+--- openssl-1.0.1i/apps/s_server.c.trusted-first	2014-08-07 13:54:27.718103241 +0200
-+++ openssl-1.0.1e/apps/s_server.c	2013-08-16 15:48:19.469634430 +0200
+++ openssl-1.0.1i/apps/s_server.c	2014-08-07 13:54:27.753103414 +0200
-@@ -501,6 +501,7 @@ static void sv_usage(void)
+@@ -502,6 +502,7 @@ static void sv_usage(void)
 	BIO_printf(bio_err," -state        - Print the SSL states\n");
 	BIO_printf(bio_err," -CApath arg   - PEM format directory of CA's\n");
 	BIO_printf(bio_err," -CAfile arg   - PEM format file of CA's\n");
@ -65,9 +65,9 @@ diff -up openssl-1.0.1e/apps/s_server.c.trusted-first openssl-1.0.1e/apps/s_serv
 	BIO_printf(bio_err," -nocert       - Don't use any certificates (Anon-DH)\n");
 	BIO_printf(bio_err," -cipher arg   - play with 'openssl ciphers' to see what goes here\n");
 	BIO_printf(bio_err," -serverpref   - Use server's cipher preferences\n");
-diff -up openssl-1.0.1e/apps/s_time.c.trusted-first openssl-1.0.1e/apps/s_time.c
+diff -up openssl-1.0.1i/apps/s_time.c.trusted-first openssl-1.0.1i/apps/s_time.c
--- openssl-1.0.1e/apps/s_time.c.trusted-first	2013-08-16 15:42:39.000000000 +0200
+--- openssl-1.0.1i/apps/s_time.c.trusted-first	2014-08-07 13:54:27.432101823 +0200
-+++ openssl-1.0.1e/apps/s_time.c	2013-08-16 15:47:35.862674188 +0200
+++ openssl-1.0.1i/apps/s_time.c	2014-08-07 13:54:27.753103414 +0200
@@ -179,6 +179,7 @@ static void s_time_usage(void)
                 file if not specified by this option\n\
 -CApath arg   - PEM format directory of CA's\n\
@ -76,9 +76,9 @@ diff -up openssl-1.0.1e/apps/s_time.c.trusted-first openssl-1.0.1e/apps/s_time.c
 -cipher       - preferred cipher to use, play with 'openssl ciphers'\n\n";
 	printf( "usage: s_time <args>\n\n" );
-diff -up openssl-1.0.1e/apps/ts.c.trusted-first openssl-1.0.1e/apps/ts.c
+diff -up openssl-1.0.1i/apps/ts.c.trusted-first openssl-1.0.1i/apps/ts.c
--- openssl-1.0.1e/apps/ts.c.trusted-first	2013-08-16 15:42:39.000000000 +0200
+--- openssl-1.0.1i/apps/ts.c.trusted-first	2014-08-07 13:54:27.707103186 +0200
-+++ openssl-1.0.1e/apps/ts.c	2013-08-16 15:45:27.766206812 +0200
+++ openssl-1.0.1i/apps/ts.c	2014-08-07 13:54:27.753103414 +0200
@@ -383,7 +383,7 @@ int MAIN(int argc, char **argv)
 		   "ts -verify [-data file_to_hash] [-digest digest_bytes] "
 		   "[-queryfile request.tsq] "
@ -88,9 +88,9 @@ diff -up openssl-1.0.1e/apps/ts.c.trusted-first openssl-1.0.1e/apps/ts.c
 		   "-untrusted cert_file.pem\n");
  cleanup:
 	/* Clean up. */
-diff -up openssl-1.0.1e/apps/verify.c.trusted-first openssl-1.0.1e/apps/verify.c
+diff -up openssl-1.0.1i/apps/verify.c.trusted-first openssl-1.0.1i/apps/verify.c
--- openssl-1.0.1e/apps/verify.c.trusted-first	2013-02-11 16:26:04.000000000 +0100
+--- openssl-1.0.1i/apps/verify.c.trusted-first	2014-08-06 23:10:56.000000000 +0200
-+++ openssl-1.0.1e/apps/verify.c	2013-08-16 15:46:09.720124654 +0200
+++ openssl-1.0.1i/apps/verify.c	2014-08-07 13:54:27.754103419 +0200
@@ -237,7 +237,7 @@ int MAIN(int argc, char **argv)
 end:
@ -100,9 +100,9 @@ diff -up openssl-1.0.1e/apps/verify.c.trusted-first openssl-1.0.1e/apps/verify.c
 		BIO_printf(bio_err," [-attime timestamp]");
 #ifndef OPENSSL_NO_ENGINE
 		BIO_printf(bio_err," [-engine e]");
-diff -up openssl-1.0.1e/crypto/x509/x509_vfy.c.trusted-first openssl-1.0.1e/crypto/x509/x509_vfy.c
+diff -up openssl-1.0.1i/crypto/x509/x509_vfy.c.trusted-first openssl-1.0.1i/crypto/x509/x509_vfy.c
--- openssl-1.0.1e/crypto/x509/x509_vfy.c.trusted-first	2013-08-16 15:42:39.864533545 +0200
+--- openssl-1.0.1i/crypto/x509/x509_vfy.c.trusted-first	2014-08-07 13:54:27.716103231 +0200
-+++ openssl-1.0.1e/crypto/x509/x509_vfy.c	2013-08-16 15:42:39.921534791 +0200
+++ openssl-1.0.1i/crypto/x509/x509_vfy.c	2014-08-07 13:54:27.754103419 +0200
@@ -207,6 +207,21 @@ int X509_verify_cert(X509_STORE_CTX *ctx
 		/* If we are self signed, we break */
@ -125,9 +125,9 @@ diff -up openssl-1.0.1e/crypto/x509/x509_vfy.c.trusted-first openssl-1.0.1e/cryp
 		/* If we were passed a cert chain, use it first */
 		if (ctx->untrusted != NULL)
-diff -up openssl-1.0.1e/crypto/x509/x509_vfy.h.trusted-first openssl-1.0.1e/crypto/x509/x509_vfy.h
+diff -up openssl-1.0.1i/crypto/x509/x509_vfy.h.trusted-first openssl-1.0.1i/crypto/x509/x509_vfy.h
--- openssl-1.0.1e/crypto/x509/x509_vfy.h.trusted-first	2013-08-16 15:42:39.356522432 +0200
+--- openssl-1.0.1i/crypto/x509/x509_vfy.h.trusted-first	2014-08-07 13:54:27.360101466 +0200
-+++ openssl-1.0.1e/crypto/x509/x509_vfy.h	2013-08-16 15:42:39.922534813 +0200
+++ openssl-1.0.1i/crypto/x509/x509_vfy.h	2014-08-07 13:54:27.754103419 +0200
@@ -389,6 +389,8 @@ void X509_STORE_CTX_set_depth(X509_STORE
 #define X509_V_FLAG_USE_DELTAS			0x2000
 /* Check selfsigned CA signature */
@ -137,9 +137,9 @@ diff -up openssl-1.0.1e/crypto/x509/x509_vfy.h.trusted-first openssl-1.0.1e/cryp
 #define X509_VP_FLAG_DEFAULT			0x1
-diff -up openssl-1.0.1e/doc/apps/cms.pod.trusted-first openssl-1.0.1e/doc/apps/cms.pod
+diff -up openssl-1.0.1i/doc/apps/cms.pod.trusted-first openssl-1.0.1i/doc/apps/cms.pod
--- openssl-1.0.1e/doc/apps/cms.pod.trusted-first	2013-08-16 15:42:39.000000000 +0200
+--- openssl-1.0.1i/doc/apps/cms.pod.trusted-first	2014-08-06 23:10:56.000000000 +0200
-+++ openssl-1.0.1e/doc/apps/cms.pod	2013-08-16 15:50:48.723921117 +0200
+++ openssl-1.0.1i/doc/apps/cms.pod	2014-08-07 13:54:27.754103419 +0200
@@ -35,6 +35,7 @@ B<openssl> B<cms>
 [B<-print>]
 [B<-CAfile file>]
@ -148,7 +148,7 @@ diff -up openssl-1.0.1e/doc/apps/cms.pod.trusted-first openssl-1.0.1e/doc/apps/c
 [B<-md digest>]
 [B<-[cipher]>]
 [B<-nointern>]
-@@ -238,6 +239,12 @@ B<-verify>. This directory must be a sta
+@@ -243,6 +244,12 @@ B<-verify>. This directory must be a sta
 is a hash of each subject name (using B<x509 -hash>) should be linked
 to each certificate.
@ -161,9 +161,9 @@ diff -up openssl-1.0.1e/doc/apps/cms.pod.trusted-first openssl-1.0.1e/doc/apps/c
 =item B<-md digest>
 digest algorithm to use when signing or resigning. If not present then the
-diff -up openssl-1.0.1e/doc/apps/ocsp.pod.trusted-first openssl-1.0.1e/doc/apps/ocsp.pod
+diff -up openssl-1.0.1i/doc/apps/ocsp.pod.trusted-first openssl-1.0.1i/doc/apps/ocsp.pod
--- openssl-1.0.1e/doc/apps/ocsp.pod.trusted-first	2013-08-16 15:42:39.000000000 +0200
+--- openssl-1.0.1i/doc/apps/ocsp.pod.trusted-first	2014-08-07 13:54:27.708103191 +0200
-+++ openssl-1.0.1e/doc/apps/ocsp.pod	2013-08-16 15:52:20.106933403 +0200
+++ openssl-1.0.1i/doc/apps/ocsp.pod	2014-08-07 13:54:27.755103424 +0200
@@ -29,6 +29,7 @@ B<openssl> B<ocsp>
 [B<-path>]
 [B<-CApath dir>]
@ -186,10 +186,10 @@ diff -up openssl-1.0.1e/doc/apps/ocsp.pod.trusted-first openssl-1.0.1e/doc/apps/
 =item B<-verify_other file>
 file containing additional certificates to search when attempting to locate
-diff -up openssl-1.0.1e/doc/apps/s_client.pod.trusted-first openssl-1.0.1e/doc/apps/s_client.pod
+diff -up openssl-1.0.1i/doc/apps/s_client.pod.trusted-first openssl-1.0.1i/doc/apps/s_client.pod
--- openssl-1.0.1e/doc/apps/s_client.pod.trusted-first	2013-08-16 15:42:39.000000000 +0200
+--- openssl-1.0.1i/doc/apps/s_client.pod.trusted-first	2014-08-07 13:54:27.726103281 +0200
-+++ openssl-1.0.1e/doc/apps/s_client.pod	2013-08-16 15:53:17.364194159 +0200
+++ openssl-1.0.1i/doc/apps/s_client.pod	2014-08-07 13:54:27.755103424 +0200
-@@ -17,6 +17,7 @@ B<openssl> B<s_client>
+@@ -19,6 +19,7 @@ B<openssl> B<s_client>
 [B<-pass arg>]
 [B<-CApath directory>]
 [B<-CAfile filename>]
@ -197,7 +197,7 @@ diff -up openssl-1.0.1e/doc/apps/s_client.pod.trusted-first openssl-1.0.1e/doc/a
 [B<-reconnect>]
 [B<-pause>]
 [B<-showcerts>]
-@@ -107,7 +108,7 @@ also used when building the client certi
+@@ -121,7 +122,7 @@ also used when building the client certi
 A file containing trusted certificates to use during server authentication
 and to use when attempting to build the client certificate chain.
@ -206,9 +206,9 @@ diff -up openssl-1.0.1e/doc/apps/s_client.pod.trusted-first openssl-1.0.1e/doc/a
 Set various certificate chain valiadition option. See the
 L<B<verify>|verify(1)> manual page for details.
-diff -up openssl-1.0.1e/doc/apps/smime.pod.trusted-first openssl-1.0.1e/doc/apps/smime.pod
+diff -up openssl-1.0.1i/doc/apps/smime.pod.trusted-first openssl-1.0.1i/doc/apps/smime.pod
--- openssl-1.0.1e/doc/apps/smime.pod.trusted-first	2013-08-16 15:42:39.000000000 +0200
+--- openssl-1.0.1i/doc/apps/smime.pod.trusted-first	2014-07-22 21:43:11.000000000 +0200
-+++ openssl-1.0.1e/doc/apps/smime.pod	2013-08-16 15:56:12.497050767 +0200
+++ openssl-1.0.1i/doc/apps/smime.pod	2014-08-07 13:54:27.755103424 +0200
@@ -15,6 +15,9 @@ B<openssl> B<smime>
 [B<-pk7out>]
 [B<-[cipher]>]
@ -232,9 +232,9 @@ diff -up openssl-1.0.1e/doc/apps/smime.pod.trusted-first openssl-1.0.1e/doc/apps
 =item B<-md digest>
 digest algorithm to use when signing or resigning. If not present then the
-diff -up openssl-1.0.1e/doc/apps/s_server.pod.trusted-first openssl-1.0.1e/doc/apps/s_server.pod
+diff -up openssl-1.0.1i/doc/apps/s_server.pod.trusted-first openssl-1.0.1i/doc/apps/s_server.pod
--- openssl-1.0.1e/doc/apps/s_server.pod.trusted-first	2013-08-16 15:42:39.000000000 +0200
+--- openssl-1.0.1i/doc/apps/s_server.pod.trusted-first	2014-08-07 13:54:27.726103281 +0200
-+++ openssl-1.0.1e/doc/apps/s_server.pod	2013-08-16 15:54:33.609873214 +0200
+++ openssl-1.0.1i/doc/apps/s_server.pod	2014-08-07 15:07:12.315099577 +0200
@@ -33,6 +33,7 @@ B<openssl> B<s_server>
 [B<-state>]
 [B<-CApath directory>]
@ -242,8 +242,8 @@ diff -up openssl-1.0.1e/doc/apps/s_server.pod.trusted-first openssl-1.0.1e/doc/a
 +[B<-trusted_first>]
 [B<-nocert>]
 [B<-cipher cipherlist>]
- [B<-quiet>]
+ [B<-serverpref>]
-@@ -168,6 +169,12 @@ and to use when attempting to build the
+@@ -178,6 +179,12 @@ and to use when attempting to build the
 is also used in the list of acceptable client CAs passed to the client when
 a certificate is requested.
@ -256,9 +256,9 @@ diff -up openssl-1.0.1e/doc/apps/s_server.pod.trusted-first openssl-1.0.1e/doc/a
 =item B<-state>
 prints out the SSL session states.
-diff -up openssl-1.0.1e/doc/apps/s_time.pod.trusted-first openssl-1.0.1e/doc/apps/s_time.pod
+diff -up openssl-1.0.1i/doc/apps/s_time.pod.trusted-first openssl-1.0.1i/doc/apps/s_time.pod
--- openssl-1.0.1e/doc/apps/s_time.pod.trusted-first	2013-02-11 16:02:48.000000000 +0100
+--- openssl-1.0.1i/doc/apps/s_time.pod.trusted-first	2014-07-22 21:41:23.000000000 +0200
-+++ openssl-1.0.1e/doc/apps/s_time.pod	2013-08-16 15:55:12.651732938 +0200
+++ openssl-1.0.1i/doc/apps/s_time.pod	2014-08-07 13:54:27.755103424 +0200
@@ -14,6 +14,7 @@ B<openssl> B<s_time>
 [B<-key filename>]
 [B<-CApath directory>]
@ -280,9 +280,9 @@ diff -up openssl-1.0.1e/doc/apps/s_time.pod.trusted-first openssl-1.0.1e/doc/app
 =item B<-new>
 performs the timing test using a new session ID for each connection.
-diff -up openssl-1.0.1e/doc/apps/ts.pod.trusted-first openssl-1.0.1e/doc/apps/ts.pod
+diff -up openssl-1.0.1i/doc/apps/ts.pod.trusted-first openssl-1.0.1i/doc/apps/ts.pod
--- openssl-1.0.1e/doc/apps/ts.pod.trusted-first	2013-02-11 16:26:04.000000000 +0100
+--- openssl-1.0.1i/doc/apps/ts.pod.trusted-first	2014-07-22 21:41:23.000000000 +0200
-+++ openssl-1.0.1e/doc/apps/ts.pod	2013-08-16 15:57:17.399479957 +0200
+++ openssl-1.0.1i/doc/apps/ts.pod	2014-08-07 13:54:27.756103429 +0200
@@ -46,6 +46,7 @@ B<-verify>
 [B<-token_in>]
 [B<-CApath> trusted_cert_path]
@ -304,9 +304,9 @@ diff -up openssl-1.0.1e/doc/apps/ts.pod.trusted-first openssl-1.0.1e/doc/apps/ts
 =item B<-untrusted> cert_file.pem
 Set of additional untrusted certificates in PEM format which may be
-diff -up openssl-1.0.1e/doc/apps/verify.pod.trusted-first openssl-1.0.1e/doc/apps/verify.pod
+diff -up openssl-1.0.1i/doc/apps/verify.pod.trusted-first openssl-1.0.1i/doc/apps/verify.pod
--- openssl-1.0.1e/doc/apps/verify.pod.trusted-first	2013-02-11 16:26:04.000000000 +0100
+--- openssl-1.0.1i/doc/apps/verify.pod.trusted-first	2014-08-06 23:10:56.000000000 +0200
-+++ openssl-1.0.1e/doc/apps/verify.pod	2013-08-16 15:58:00.267423925 +0200
+++ openssl-1.0.1i/doc/apps/verify.pod	2014-08-07 13:54:27.756103429 +0200
@@ -9,6 +9,7 @@ verify - Utility to verify certificates.
 B<openssl> B<verify>
 [B<-CApath directory>]
--- a/openssl.git-96db902.patch
+++ b/openssl.git-96db902.patch
@ -1,108 +0,0 @@
 From: Dr. Stephen Henson <steve@openssl.org>
 Date: Sat, 5 Apr 2014 23:51:06 +0000 (+0100)
 Subject: Add heartbeat extension bounds check.
 X-Git-Tag: OpenSSL_1_0_1g~3
 X-Git-Url: http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=96db902
 Add heartbeat extension bounds check.
 A missing bounds check in the handling of the TLS heartbeat extension
 can be used to reveal up to 64k of memory to a connected client or
 server.
 Thanks for Neel Mehta of Google Security for discovering this bug and to
 Adam Langley <agl@chromium.org> and Bodo Moeller <bmoeller@acm.org> for
 preparing the fix (CVE-2014-0160)
 ---
 diff --git a/ssl/d1_both.c b/ssl/d1_both.c
 index 7a5596a..2e8cf68 100644
 --- a/ssl/d1_both.c
 +++ b/ssl/d1_both.c
@@ -1459,26 +1459,36 @@ dtls1_process_heartbeat(SSL *s)
 	unsigned int payload;
 	unsigned int padding = 16; /* Use minimum padding */
 -	/* Read type and payload length first */
 -	hbtype = *p++;
 -	n2s(p, payload);
 -	pl = p;
 -
 	if (s->msg_callback)
 		s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT,
 			&s->s3->rrec.data[0], s->s3->rrec.length,
 			s, s->msg_callback_arg);
 +	/* Read type and payload length first */
 +	if (1 + 2 + 16 > s->s3->rrec.length)
 +		return 0; /* silently discard */
 +	hbtype = *p++;
 +	n2s(p, payload);
 +	if (1 + 2 + payload + 16 > s->s3->rrec.length)
 +		return 0; /* silently discard per RFC 6520 sec. 4 */
 +	pl = p;
 +
 	if (hbtype == TLS1_HB_REQUEST)
 		{
 		unsigned char *buffer, *bp;
 +		unsigned int write_length = 1 /* heartbeat type */ +
 +					    2 /* heartbeat length */ +
 +					    payload + padding;
 		int r;
 +		if (write_length > SSL3_RT_MAX_PLAIN_LENGTH)
 +			return 0;
 +
 		/* Allocate memory for the response, size is 1 byte
 		 * message type, plus 2 bytes payload length, plus
 		 * payload, plus padding
 		 */
 -		buffer = OPENSSL_malloc(1 + 2 + payload + padding);
 +		buffer = OPENSSL_malloc(write_length);
 		bp = buffer;
 		/* Enter response type, length and copy payload */
@@ -1489,11 +1499,11 @@ dtls1_process_heartbeat(SSL *s)
 		/* Random padding */
 		RAND_pseudo_bytes(bp, padding);
 -		r = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, 3 + payload + padding);
 +		r = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, write_length);
 		if (r >= 0 && s->msg_callback)
 			s->msg_callback(1, s->version, TLS1_RT_HEARTBEAT,
 -				buffer, 3 + payload + padding,
 +				buffer, write_length,
 				s, s->msg_callback_arg);
 		OPENSSL_free(buffer);
 diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
 index b82fada..bddffd9 100644
 --- a/ssl/t1_lib.c
 +++ b/ssl/t1_lib.c
@@ -2588,16 +2588,20 @@ tls1_process_heartbeat(SSL *s)
 	unsigned int payload;
 	unsigned int padding = 16; /* Use minimum padding */
 -	/* Read type and payload length first */
 -	hbtype = *p++;
 -	n2s(p, payload);
 -	pl = p;
 -
 	if (s->msg_callback)
 		s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT,
 			&s->s3->rrec.data[0], s->s3->rrec.length,
 			s, s->msg_callback_arg);
 +	/* Read type and payload length first */
 +	if (1 + 2 + 16 > s->s3->rrec.length)
 +		return 0; /* silently discard */
 +	hbtype = *p++;
 +	n2s(p, payload);
 +	if (1 + 2 + payload + 16 > s->s3->rrec.length)
 +		return 0; /* silently discard per RFC 6520 sec. 4 */
 +	pl = p;
 +
 	if (hbtype == TLS1_HB_REQUEST)
 		{
 		unsigned char *buffer, *bp;
--- a/2
+++ b/2
@ -1 +1 @@
-6115ae0bb61b481a9195baef72514c2e  openssl-1.0.1e-hobbled.tar.xz
+c152e5284765c3325301a62b01a48fc0  openssl-1.0.1i-hobbled.tar.xz
`@ -1 +1 @@`
	`6115ae0bb61b481a9195baef72514c2e openssl-1.0.1e-hobbled.tar.xz`	`c152e5284765c3325301a62b01a48fc0 openssl-1.0.1i-hobbled.tar.xz`