openssl is now in meta/, remove from here

git-svn-id: https://svn.o-hand.com/repos/poky/trunk@1554 311d38ba-8fff-0310-9ca6-ca027cbcb966

1 files changed, 0 insertions, 2808 deletions

diff --git a/meta-extras/packages/openssl/openssl-0.9.7g/debian.patch b/meta-extras/packages/openssl/openssl-0.9.7g/debian.patch
deleted file mode 100644
index 8cfdd2d653..0000000000
--- a/meta-extras/packages/openssl/openssl-0.9.7g/debian.patch
+++ /dev/null
@@ -1,2808 +0,0 @@
---- openssl097-0.9.7g.orig/apps/CA.pl
-+++ openssl097-0.9.7g/apps/CA.pl
-@@ -1,4 +1,4 @@
--#!/usr/bin/perl
-+#!/usr/local/bin/perl
- #
- # CA - wrapper around ca to make it easier to use ... basically ca requires
- #      some setup stuff to be done before you can use it and this makes
-@@ -63,6 +63,7 @@
- foreach (@ARGV) {
-        if ( /^(-\?|-h|-help)$/ ) {
-            print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
-+           print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n";
-            exit 0;
-        } elsif (/^-newcert$/) {
-            # create a certificate
-@@ -158,6 +159,7 @@
-        } else {
-            print STDERR "Unknown arg $_\n";
-            print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
-+           print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n";
-            exit 1;
-        }
- }
---- openssl097-0.9.7g.orig/apps/CA.pl.in
-+++ openssl097-0.9.7g/apps/CA.pl.in
-@@ -63,6 +63,7 @@
- foreach (@ARGV) {
-        if ( /^(-\?|-h|-help)$/ ) {
-            print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
-+           print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n";
-            exit 0;
-        } elsif (/^-newcert$/) {
-            # create a certificate
-@@ -158,6 +159,7 @@
-        } else {
-            print STDERR "Unknown arg $_\n";
-            print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
-+           print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n";
-            exit 1;
-        }
- }
---- openssl097-0.9.7g.orig/apps/progs.h
-+++ openssl097-0.9.7g/apps/progs.h
-@@ -35,11 +35,9 @@
- extern int spkac_main(int argc,char *argv[]);
- extern int smime_main(int argc,char *argv[]);
- extern int rand_main(int argc,char *argv[]);
--extern int prime_main(int argc,char *argv[]);
--#ifndef OPENSSL_NO_ENGINE
- extern int engine_main(int argc,char *argv[]);
--#endif
- extern int ocsp_main(int argc,char *argv[]);
-+extern int prime_main(int argc,char *argv[]);
- 
- #define FUNC_TYPE_GENERAL      1
- #define FUNC_TYPE_MD           2
-@@ -95,9 +93,7 @@
- #if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))
-        {FUNC_TYPE_GENERAL,"s_client",s_client_main},
- #endif
--#ifndef OPENSSL_NO_SPEED
-        {FUNC_TYPE_GENERAL,"speed",speed_main},
--#endif
- #if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))
-        {FUNC_TYPE_GENERAL,"s_time",s_time_main},
- #endif
-@@ -116,11 +112,9 @@
-        {FUNC_TYPE_GENERAL,"spkac",spkac_main},
-        {FUNC_TYPE_GENERAL,"smime",smime_main},
-        {FUNC_TYPE_GENERAL,"rand",rand_main},
--       {FUNC_TYPE_GENERAL,"prime",prime_main},
--#ifndef OPENSSL_NO_ENGINE
-        {FUNC_TYPE_GENERAL,"engine",engine_main},
--#endif
-        {FUNC_TYPE_GENERAL,"ocsp",ocsp_main},
-+       {FUNC_TYPE_GENERAL,"prime",prime_main},
- #ifndef OPENSSL_NO_MD2
-        {FUNC_TYPE_MD,"md2",dgst_main},
- #endif
---- openssl097-0.9.7g.orig/config
-+++ openssl097-0.9.7g/config
-@@ -163,8 +163,8 @@
-        echo "${MACHINE}-whatever-linux1"; exit 0
-        ;;
- 
--    GNU*)
--       echo "hurd-x86"; exit 0;
-+    GNU:*|GNU/*:*)
-+       echo "${MACHINE}-gnuish"; exit 0;
-        ;;
- 
-     LynxOS:*)
---- openssl097-0.9.7g.orig/Configure
-+++ openssl097-0.9.7g/Configure
-@@ -1,4 +1,4 @@
--:
-+#!/usr/local/bin/perl
- eval 'exec perl -S $0 ${1+"$@"}'
-     if $running_under_some_shell;
- ##
-@@ -390,6 +390,42 @@
- # assembler versions -- currently defunct:
- ##"OpenBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer:::(unknown):SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:${alpha_asm}",
- 
-+# Debian GNU/* (various architectures)
-+"debian-alpha","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-alpha-ev4","gcc:-DTERMIO -O3 -mcpu=ev4 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-alpha-ev5","gcc:-DTERMIO -O3 -mcpu=ev5 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-arm","gcc:-DL_ENDIAN -DTERMIO -O2 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+#"debian-amd64","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-amd64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR BF_PTR2 DES_INT DES_UNROLL:asm/x86_64-gcc.o:::::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+#"debian-freebsd-alpha","gcc:-DTERMIOS -O -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-kfreebsd-i386","gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-hppa","gcc:-DB_ENDIAN -DTERMIO -O2 -Wall::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-hurd-i386","gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-ia64","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:asm/ia64.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+#"debian-i386","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC",
-+"debian-i386","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-i386-i486","gcc:-DL_ENDIAN -DTERMIO -O3 -march=i486 -mcpu=i486 -Wa,--noexecstack -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-i386-i586","gcc:-DL_ENDIAN -DTERMIO -O3 -march=i586 -mcpu=i586 -Wa,--noexecstack -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-i386-i686/cmov","gcc:-DL_ENDIAN -DTERMIO -O3 -march=i686 -mcpu=i686 -Wa,--noexecstack -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-m68k","gcc:-DB_ENDIAN -DTERMIO -O2 -Wall::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-mips",   "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-mipsel",   "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-netbsd-i386",  "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-netbsd-m68k",  "gcc:-DB_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-netbsd-sparc", "gcc:-DB_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-openbsd-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-openbsd-i386",  "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-openbsd-mips","gcc:-O2 -DL_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR:::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-powerpc","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_UNROLL DES_RISC2 DES_PTR MD2_CHAR RC4_INDEX::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-ppc64","gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:asm/linux_ppc64.o:::::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-s390","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 
-+"debian-sh3",   "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-sh4",   "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-sh3eb",   "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-sh4eb",   "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-sparc","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-sparc-v8","gcc:-DB_ENDIAN -DTERMIO -O3 -mcpu=v8 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-sparc-v9","gcc:-DB_ENDIAN -DTERMIO -O3 -mcpu=v9 -Wa,-Av8plus -fomit-frame-pointer -Wall -DULTRASPARC -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
- # The intel boxes :-), It would be worth seeing if bsdi-gcc can use the
- # bn86-elf.o file file since it is hand tweaked assembler.
- "linux-elf",   "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-@@ -1316,7 +1352,8 @@
-        elsif ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*\.[^\.]*$/)
-                {
-                my $sotmp = $1;
--               s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_MAJOR) .s$sotmp/;
-+#              s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_MAJOR) .s$sotmp/;
-+               s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp/;
-                }
-        elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.[^\.]*\.dylib$/)
-                {
---- openssl097-0.9.7g.orig/crypto/asn1/charmap.pl
-+++ openssl097-0.9.7g/crypto/asn1/charmap.pl
-@@ -1,4 +1,4 @@
--#!/usr/local/bin/perl -w
-+#!/usr/local/bin/perl
- 
- use strict;
- 
---- openssl097-0.9.7g.orig/crypto/bn/asm/ppc.pl
-+++ openssl097-0.9.7g/crypto/bn/asm/ppc.pl
-@@ -1,4 +1,4 @@
--#!/usr/bin/env perl
-+#!/usr/local/bin/perl
- #
- # Implemented as a Perl wrapper as we want to support several different
- # architectures with single file. We pick up the target based on the
---- openssl097-0.9.7g.orig/crypto/md5/asm/md5-sparcv9.S
-+++ openssl097-0.9.7g/crypto/md5/asm/md5-sparcv9.S
-@@ -74,14 +74,14 @@
- #define Dval   R8
- 
- #if defined(MD5_BLOCK_DATA_ORDER)
--# if defined(OPENSSL_SYSNAME_ULTRASPARC)
-+/*# if defined(OPENSSL_SYSNAME_ULTRASPARC)*/
- #  define      LOAD                    lda
- #  define      X(i)                    [%i1+i*4]%asi
- #  define      md5_block               md5_block_asm_data_order_aligned
- #  define      ASI_PRIMARY_LITTLE      0x88
--# else
-+/*# else
- #  error "MD5_BLOCK_DATA_ORDER is supported only on UltraSPARC!"
--# endif
-+# endif*/
- #else
- # define       LOAD                    ld
- # define       X(i)                    [%i1+i*4]
---- openssl097-0.9.7g.orig/crypto/opensslconf.h
-+++ openssl097-0.9.7g/crypto/opensslconf.h
-@@ -4,17 +4,38 @@
- /* OpenSSL was configured with the following options: */
- #ifndef OPENSSL_DOING_MAKEDEPEND
- 
-+#ifndef OPENSSL_NO_IDEA
-+# define OPENSSL_NO_IDEA
-+#endif
-+#ifndef OPENSSL_NO_MDC2
-+# define OPENSSL_NO_MDC2
-+#endif
-+#ifndef OPENSSL_NO_RC5
-+# define OPENSSL_NO_RC5
-+#endif
- #ifndef OPENSSL_NO_KRB5
- # define OPENSSL_NO_KRB5
- #endif
- 
- #endif /* OPENSSL_DOING_MAKEDEPEND */
-+#ifndef OPENSSL_THREADS
-+# define OPENSSL_THREADS
-+#endif
- 
- /* The OPENSSL_NO_* macros are also defined as NO_* if the application
-    asks for it.  This is a transient feature that is provided for those
-    who haven't had the time to do the appropriate changes in their
-    applications.  */
- #ifdef OPENSSL_ALGORITHM_DEFINES
-+# if defined(OPENSSL_NO_IDEA) && !defined(NO_IDEA)
-+#  define NO_IDEA
-+# endif
-+# if defined(OPENSSL_NO_MDC2) && !defined(NO_MDC2)
-+#  define NO_MDC2
-+# endif
-+# if defined(OPENSSL_NO_RC5) && !defined(NO_RC5)
-+#  define NO_RC5
-+# endif
- # if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
- #  define NO_KRB5
- # endif
-@@ -27,7 +48,7 @@
- 
- #if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
- #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
--#define OPENSSLDIR "/usr/local/ssl"
-+#define OPENSSLDIR "/usr/lib/ssl"
- #endif
- #endif
- 
-@@ -79,7 +100,7 @@
- 
- #if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
- #define CONFIG_HEADER_BN_H
--#undef BN_LLONG
-+#define BN_LLONG
- 
- /* Should we define BN_DIV2W here? */
- 
-@@ -98,7 +119,7 @@
- #define CONFIG_HEADER_RC4_LOCL_H
- /* if this is defined data[i] is used instead of *data, this is a %20
-  * speedup on x86 */
--#undef RC4_INDEX
-+#define RC4_INDEX
- #endif
- 
- #if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
-@@ -112,14 +133,14 @@
- /* the following is tweaked from a config script, that is why it is a
-  * protected undef/define */
- #ifndef DES_PTR
--#undef DES_PTR
-+#define DES_PTR
- #endif
- 
- /* This helps C compiler generate the correct code for multiple functional
-  * units.  It reduces register dependancies at the expense of 2 more
-  * registers */
- #ifndef DES_RISC1
--#undef DES_RISC1
-+#define DES_RISC1
- #endif
- 
- #ifndef DES_RISC2
-@@ -133,7 +154,7 @@
- /* Unroll the inner loop, this sometimes helps, sometimes hinders.
-  * Very mucy CPU dependant */
- #ifndef DES_UNROLL
--#undef DES_UNROLL
-+#define DES_UNROLL
- #endif
- 
- /* These default values were supplied by
---- openssl097-0.9.7g.orig/crypto/pkcs7/pk7_mime.c
-+++ openssl097-0.9.7g/crypto/pkcs7/pk7_mime.c
-@@ -277,9 +277,9 @@
- 
-                if(strcmp(hdr->value, "application/x-pkcs7-signature") &&
-                        strcmp(hdr->value, "application/pkcs7-signature")) {
--                       sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-                        PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_SIG_INVALID_MIME_TYPE);
-                        ERR_add_error_data(2, "type: ", hdr->value);
-+                       sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-                        sk_BIO_pop_free(parts, BIO_vfree);
-                        return NULL;
-                }
---- openssl097-0.9.7g.orig/crypto/rc4/asm/rc4-amd64.pl
-+++ openssl097-0.9.7g/crypto/rc4/asm/rc4-amd64.pl
-@@ -1,4 +1,4 @@
--#!/usr/bin/env perl
-+#!/usr/local/bin/perl
- #
- # ====================================================================
- # Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
---- openssl097-0.9.7g.orig/crypto/rc4/rc4_enc.c
-+++ openssl097-0.9.7g/crypto/rc4/rc4_enc.c
-@@ -77,10 +77,6 @@
-         x=key->x;     
-         y=key->y;     
-         d=key->data; 
--#if defined(__ia64) || defined(__ia64__) || defined(_M_IA64)
--       /* see crypto/rc4/asm/rc4-ia64.S for further details... */
--       d=(RC4_INT *)(((size_t)(d+255))&~(sizeof(key->data)-1));
--#endif
- 
- #if defined(RC4_CHUNK)
-        /*
---- openssl097-0.9.7g.orig/crypto/rc4/rc4.h
-+++ openssl097-0.9.7g/crypto/rc4/rc4.h
-@@ -73,10 +73,6 @@
-        {
-        RC4_INT x,y;
-        RC4_INT data[256];
--#if defined(__ia64) || defined(__ia64__) || defined(_M_IA64)
--       /* see crypto/rc4/asm/rc4-ia64.S for further details... */
--       RC4_INT pad[512-256-2];
--#endif
-        } RC4_KEY;
- 
-  
---- openssl097-0.9.7g.orig/crypto/rc4/rc4_skey.c
-+++ openssl097-0.9.7g/crypto/rc4/rc4_skey.c
-@@ -94,10 +94,6 @@
-         unsigned int i;
-         
-         d= &(key->data[0]);
--#if defined(__ia64) || defined(__ia64__) || defined(_M_IA64)
--       /* see crypto/rc4/asm/rc4-ia64.S for further details... */
--       d=(RC4_INT *)(((size_t)(d+255))&~(sizeof(key->data)-1));
--#endif
- 
-        for (i=0; i<256; i++)
-                d[i]=i;
---- openssl097-0.9.7g.orig/crypto/sha/asm/sha1-ia64.pl
-+++ openssl097-0.9.7g/crypto/sha/asm/sha1-ia64.pl
-@@ -1,4 +1,4 @@
--#!/usr/bin/env perl
-+#!/usr/local/bin/perl
- #
- # ====================================================================
- # Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
---- openssl097-0.9.7g.orig/demos/tunala/configure.in
-+++ openssl097-0.9.7g/demos/tunala/configure.in
-@@ -1,4 +1,4 @@
--dnl Process this file with autoconf to produce a configure script.
-+#!/usr/local/bin/perl
- AC_INIT(tunala.c)
- AM_CONFIG_HEADER(config.h)
- AM_INIT_AUTOMAKE(tunala, 0.0.1-dev)
---- openssl097-0.9.7g.orig/doc/apps/CA.pl.pod
-+++ openssl097-0.9.7g/doc/apps/CA.pl.pod
-@@ -47,7 +47,7 @@
- creates a new certificate request. The private key and request are
- written to the file "newreq.pem".
- 
--=item B<-newreq-nowdes>
-+=item B<-newreq-nodes>
- 
- is like B<-newreq> except that the private key will not be encrypted.
- 
---- openssl097-0.9.7g.orig/doc/Makefile
-+++ openssl097-0.9.7g/doc/Makefile
-@@ -0,0 +1,40 @@
-+VERSION =
-+
-+#PODS = $(wildcard *.pod)
-+#MANS = $(addsuffix .man, $(basename $(PODS)))
-+
-+MANS = openssl.1 ssl.3 crypto.3
-+
-+P2M = pod2man --center='OpenSSL Documentation' --release="OpenSSL $(VERSION)"
-+
-+all: manpages
-+
-+.PHONY: manpages 
-+
-+manpages: openssl.1 crypto.3 ssl.3
-+
-+openssl.1:
-+       $(P2M) --section=1 openssl.pod > openssl.1
-+
-+crypto.3:
-+       $(P2M) --section=3 crypto.pod > crypto.3
-+
-+ssl.3:
-+       $(P2M) --section=3 ssl.pod > ssl.3
-+
-+.PHONY: install
-+install:
-+       mkdir -p $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man1
-+       mkdir -p $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man3
-+       install -m 644 -p openssl.1 $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man1
-+       install -m 644 -p crypto.3 $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man3
-+       install -m 644 -p ssl.3 $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man3
-+       rm -f $(MANS)
-+
-+.PHONY: clean
-+clean:
-+       rm -f $(MANS)
-+
-+.PHONY: realclean
-+realclean:
-+       -$(MAKE) clean
---- openssl097-0.9.7g.orig/Makefile
-+++ openssl097-0.9.7g/Makefile
-@@ -11,11 +11,11 @@
- SHLIB_VERSION_HISTORY=
- SHLIB_MAJOR=0
- SHLIB_MINOR=9.7
--SHLIB_EXT=
--PLATFORM=dist
--OPTIONS= no-krb5
--CONFIGURE_ARGS=dist
--SHLIB_TARGET=
-+SHLIB_EXT=.so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
-+PLATFORM=debian-i386
-+OPTIONS=--prefix=/usr --openssldir=/usr/lib/ssl no-idea no-mdc2 no-rc5 zlib-dynamic debug no-krb5
-+CONFIGURE_ARGS=--prefix=/usr --openssldir=/usr/lib/ssl no-idea no-mdc2 no-rc5 zlib-dynamic debug debian-i386
-+SHLIB_TARGET=linux-shared
- 
- # HERE indicates where this Makefile lives.  This can be used to indicate
- # where sub-Makefiles are expected to be.  Currently has very limited usage,
-@@ -26,10 +26,10 @@
- # for, say, /usr/ and yet have everything installed to /tmp/somedir/usr/.
- # Normally it is left empty.
- INSTALL_PREFIX=
--INSTALLTOP=/usr/local/ssl
-+INSTALLTOP=/usr
- 
- # Do not edit this manually. Use Configure --openssldir=DIR do change this!
--OPENSSLDIR=/usr/local/ssl
-+OPENSSLDIR=/usr/lib/ssl
- 
- # NO_IDEA - Define to build without the IDEA algorithm
- # NO_RC4  - Define to build without the RC4 algorithm
-@@ -59,12 +59,13 @@
- # equal 4.
- # PKCS1_CHECK - pkcs1 tests.
- 
--CC= cc
-+#TOP=$(shell pwd)
-+CC= gcc
- #CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
--CFLAG= -DOPENSSL_NO_KRB5 -O
--DEPFLAG= 
-+CFLAG= -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_NO_KRB5 -DOPENSSL_NO_IDEA -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DL_ENDIAN -DTERMIO -O3  -Wall -g
-+DEPFLAG= -DOPENSSL_NO_IDEA -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 
- PEX_LIBS= 
--EX_LIBS= 
-+EX_LIBS= -ldl
- EXE_EXT= 
- ARFLAGS= 
- AR=ar $(ARFLAGS) r
-@@ -72,7 +73,7 @@
- PERL= /usr/bin/perl
- TAR= tar
- TARFLAGS= --no-recursion
--MAKEDEPPROG=makedepend
-+MAKEDEPPROG= gcc
- 
- # We let the C compiler driver to take care of .s files. This is done in
- # order to be excused from maintaining a separate set of architecture
-@@ -177,13 +178,13 @@
- # we might set SHLIB_MARK to '$(SHARED_LIBS)'.
- SHLIB_MARK=
- 
--DIRS=   crypto fips ssl $(SHLIB_MARK) sigs apps test tools
-+DIRS=   crypto fips ssl $(SHLIB_MARK) sigs apps doc tools
- SHLIBDIRS= crypto ssl
- 
- # dirs in crypto to build
- SDIRS=  objects \
--       md2 md4 md5 sha mdc2 hmac ripemd \
--       des rc2 rc4 rc5 idea bf cast \
-+       md2 md4 md5 sha hmac ripemd \
-+       des rc2 rc4 bf cast \
-        bn ec rsa dsa dh dso engine aes \
-        buffer bio stack lhash rand err \
-        evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5
-@@ -196,10 +197,10 @@
- 
- MAKEFILE= Makefile
- 
--MANDIR=$(OPENSSLDIR)/man
-+MANDIR=/usr/share/man
- MAN1=1
- MAN3=3
--MANSUFFIX=
-+MANSUFFIX=ssl
- SHELL=/bin/sh
- 
- TOP=    .
-@@ -211,7 +212,7 @@
- SHARED_CRYPTO=libcrypto$(SHLIB_EXT)
- SHARED_SSL=libssl$(SHLIB_EXT)
- SHARED_LIBS=
--SHARED_LIBS_LINK_EXTS=
-+SHARED_LIBS_LINK_EXTS=.so
- SHARED_LDFLAGS=
- 
- GENERAL=        Makefile
-@@ -826,7 +827,7 @@
-        do \
-                if [ -f "$$i" ]; then \
-                (       echo installing $$i; \
--                       cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
-+                       cp -d $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
-                        if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \
-                                : ; \
-                        else \
---- openssl097-0.9.7g.orig/Makefile.org
-+++ openssl097-0.9.7g/Makefile.org
-@@ -57,6 +57,7 @@
- # equal 4.
- # PKCS1_CHECK - pkcs1 tests.
- 
-+#TOP=$(shell pwd)
- CC= gcc
- #CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
- CFLAG= -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
-@@ -175,7 +176,7 @@
- # we might set SHLIB_MARK to '$(SHARED_LIBS)'.
- SHLIB_MARK=
- 
--DIRS=   crypto fips ssl $(SHLIB_MARK) sigs apps test tools
-+DIRS=   crypto fips ssl $(SHLIB_MARK) sigs apps doc tools
- SHLIBDIRS= crypto ssl
- 
- # dirs in crypto to build
-@@ -194,10 +195,10 @@
- 
- MAKEFILE= Makefile
- 
--MANDIR=$(OPENSSLDIR)/man
-+MANDIR=/usr/share/man
- MAN1=1
- MAN3=3
--MANSUFFIX=
-+MANSUFFIX=ssl
- SHELL=/bin/sh
- 
- TOP=    .
-@@ -824,7 +825,7 @@
-        do \
-                if [ -f "$$i" ]; then \
-                (       echo installing $$i; \
--                       cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
-+                       cp -d $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
-                        if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \
-                                : ; \
-                        else \
---- openssl097-0.9.7g.orig/os2/backwardify.pl
-+++ openssl097-0.9.7g/os2/backwardify.pl
-@@ -1,4 +1,4 @@
--#!/usr/bin/perl -w
-+#!/usr/local/bin/perl
- use strict;
- 
- # Use as $0
---- openssl097-0.9.7g.orig/ssl/s23_srvr.c
-+++ openssl097-0.9.7g/ssl/s23_srvr.c
-@@ -528,9 +528,7 @@
-                        }
- 
-                s->state=SSL2_ST_GET_CLIENT_HELLO_A;
--               if ((s->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) ||
--                       use_sslv2_strong ||
--                       (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3))
-+               if (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3)
-                        s->s2->ssl2_rollback=0;
-                else
-                        /* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0
---- openssl097-0.9.7g.orig/ssl/ssl_algs.c
-+++ openssl097-0.9.7g/ssl/ssl_algs.c
-@@ -109,3 +109,8 @@
-        return(1);
-        }
- 
-+#undef SSLeay_add_ssl_algorithms
-+int SSLeay_add_ssl_algorithms(void)
-+    {
-+         return SSL_library_init();
-+    }
---- openssl097-0.9.7g.orig/tools/c_rehash
-+++ openssl097-0.9.7g/tools/c_rehash
-@@ -6,7 +6,7 @@
- 
- my $openssl;
- 
--my $dir = "/usr/local/ssl";
-+my $dir = "/usr/lib/ssl";
- 
- if(defined $ENV{OPENSSL}) {
-        $openssl = $ENV{OPENSSL};
---- openssl097-0.9.7g.orig/tools/c_rehash.in
-+++ openssl097-0.9.7g/tools/c_rehash.in
-@@ -1,4 +1,4 @@
--#!/usr/local/bin/perl
-+#!/usr/bin/perl
- 
- 
- # Perl c_rehash script, scan all files in a directory
---- openssl097-0.9.7g.orig/util/clean-depend.pl
-+++ openssl097-0.9.7g/util/clean-depend.pl
-@@ -1,4 +1,4 @@
--#!/usr/local/bin/perl -w
-+#!/usr/local/bin/perl
- # Clean the dependency list in a makefile of standard includes...
- # Written by Ben Laurie <ben@algroup.co.uk> 19 Jan 1999
- 
---- openssl097-0.9.7g.orig/util/extract-names.pl
-+++ openssl097-0.9.7g/util/extract-names.pl
-@@ -1,4 +1,4 @@
--#!/usr/bin/perl
-+#!/usr/local/bin/perl
- 
- $/ = "";                       # Eat a paragraph at once.
- while(<STDIN>) {
---- openssl097-0.9.7g.orig/util/mkdef.pl
-+++ openssl097-0.9.7g/util/mkdef.pl
-@@ -1,4 +1,4 @@
--#!/usr/local/bin/perl -w
-+#!/usr/local/bin/perl
- #
- # generate a .def file
- #
---- openssl097-0.9.7g.orig/util/mkerr.pl
-+++ openssl097-0.9.7g/util/mkerr.pl
-@@ -1,4 +1,4 @@
--#!/usr/local/bin/perl -w
-+#!/usr/local/bin/perl
- 
- my $config = "crypto/err/openssl.ec";
- my $debug = 0;
---- openssl097-0.9.7g.orig/util/mkstack.pl
-+++ openssl097-0.9.7g/util/mkstack.pl
-@@ -1,4 +1,4 @@
--#!/usr/local/bin/perl -w
-+#!/usr/local/bin/perl
- 
- # This is a utility that searches out "DECLARE_STACK_OF()"
- # declarations in .h and .c files, and updates/creates/replaces
---- openssl097-0.9.7g.orig/util/pod2man.pl
-+++ openssl097-0.9.7g/util/pod2man.pl
-@@ -1,4 +1,4 @@
--: #!/usr/bin/perl-5.005
-+#!/usr/local/bin/perl
-     eval 'exec /usr/bin/perl -S $0 ${1+"$@"}'
-        if $running_under_some_shell;
- 
---- openssl097-0.9.7g.orig/util/selftest.pl
-+++ openssl097-0.9.7g/util/selftest.pl
-@@ -1,4 +1,4 @@
--#!/usr/local/bin/perl -w
-+#!/usr/local/bin/perl
- #
- # Run the test suite and generate a report
- #
---- openssl097-0.9.7g.orig/VMS/VMSify-conf.pl
-+++ openssl097-0.9.7g/VMS/VMSify-conf.pl
-@@ -1,4 +1,4 @@
--#! /usr/bin/perl
-+#!/usr/local/bin/perl
- 
- use strict;
- use warnings;
---- openssl097-0.9.7g.orig/debian/po/sv.po
-+++ openssl097-0.9.7g/debian/po/sv.po
-@@ -0,0 +1,61 @@
-+# Translators, if you are not familiar with the PO format, gettext
-+# documentation is worth reading, especially sections dedicated to
-+# this format, e.g. by running:
-+# info -n '(gettext)PO Files'
-+# info -n '(gettext)Header Entry'
-+# Some information specific to po-debconf are available at
-+# /usr/share/doc/po-debconf/README-trans
-+# or http://www.debian.org/intl/l10n/po-debconf/README-trans
-+# Developers do not need to manually edit POT or PO files.
-+# , fuzzy
-+# 
-+# 
-+msgid ""
-+msgstr ""
-+"Project-Id-Version: openssl 0.9.7g-2\n"
-+"Report-Msgid-Bugs-To: \n"
-+"POT-Creation-Date: 2004-03-22 18:34+0100\n"
-+"PO-Revision-Date: 2005-09-28 19:22-0700\n"
-+"Last-Translator: Daniel Nylander <po@danielnylander.se>\n"
-+"Language-Team: Swedish <sv@li.org>\n"
-+"MIME-Version: 1.0\n"
-+"Content-Type: text/plain; charset=iso-8859-1\n"
-+"Content-Transfer-Encoding: 8bit"
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid "Which services should be restarted to make them use the new libraries?"
-+msgstr "Vilka tjänster ska startas om för att få dom att använda de nya biblioteken?"
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid ""
-+"Security holes were fixed with this release. Services may not use these "
-+"fixes until they are restarted. Note: restarting sshd should not affect any "
-+"existing connections."
-+msgstr ""
-+"Säkerhetshålen fixades i denna versionen. Tjänster kommer inte att använda denna version förrän de har startats om. Notera: startar du om sshd kommer inte fixen aktiveras för redan etablerade anslutningar."
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid ""
-+"Following is a list of detected services that need to be restarted. Please "
-+"correct the list, if you think it is incorrect. The services names must be "
-+"identical to the script names in /etc/init.d and must be separated by "
-+"spaces. If you clear the list, no services will be restarted."
-+msgstr ""
-+"Följande är en lista på upptäcka tjänster som behöver startas om. Vänligen undersök listan och du tror den är felaktig. Namnen på tjänsterna måste vara identiska som skriptnamnen i /etc/init.d och måste separeras med mellanslag. Om du rensar listan kommer inga tjänster att startas om."
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid ""
-+"If other services begin to fail mysteriously after this upgrade, it may be "
-+"necessary to restart them too.  We strongly recommend you to reboot your "
-+"machine to avoid the SSL related trouble."
-+msgstr ""
-+"Om andra tjänster börjar att få underliga problem efter denna uppgradering kanske de måste startas om också.  Vi rekommenderar att du startar om din maskin för att inte få SSL-relaterade problem."
-+
---- openssl097-0.9.7g.orig/debian/po/templates.pot
-+++ openssl097-0.9.7g/debian/po/templates.pot
-@@ -0,0 +1,59 @@
-+#
-+#    Translators, if you are not familiar with the PO format, gettext
-+#    documentation is worth reading, especially sections dedicated to
-+#    this format, e.g. by running:
-+#         info -n '(gettext)PO Files'
-+#         info -n '(gettext)Header Entry'
-+#
-+#    Some information specific to po-debconf are available at
-+#            /usr/share/doc/po-debconf/README-trans
-+#         or http://www.debian.org/intl/l10n/po-debconf/README-trans
-+#
-+#    Developers do not need to manually edit POT or PO files.
-+#
-+#, fuzzy
-+msgid ""
-+msgstr ""
-+"Project-Id-Version: PACKAGE VERSION\n"
-+"Report-Msgid-Bugs-To: \n"
-+"POT-Creation-Date: 2004-03-22 18:34+0100\n"
-+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
-+"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
-+"Language-Team: LANGUAGE <LL@li.org>\n"
-+"MIME-Version: 1.0\n"
-+"Content-Type: text/plain; charset=CHARSET\n"
-+"Content-Transfer-Encoding: 8bit\n"
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid "Which services should be restarted to make them use the new libraries?"
-+msgstr ""
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid ""
-+"Security holes were fixed with this release. Services may not use these "
-+"fixes until they are restarted. Note: restarting sshd should not affect any "
-+"existing connections."
-+msgstr ""
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid ""
-+"Following is a list of detected services that need to be restarted. Please "
-+"correct the list, if you think it is incorrect. The services names must be "
-+"identical to the script names in /etc/init.d and must be separated by "
-+"spaces. If you clear the list, no services will be restarted."
-+msgstr ""
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid ""
-+"If other services begin to fail mysteriously after this upgrade, it may be "
-+"necessary to restart them too.  We strongly recommend you to reboot your "
-+"machine to avoid the SSL related trouble."
-+msgstr ""
---- openssl097-0.9.7g.orig/debian/po/ca.po
-+++ openssl097-0.9.7g/debian/po/ca.po
-@@ -0,0 +1,59 @@
-+# openssl (debconf) translation to Catalan.
-+# Copyright (C) 2004 Free Software Foundation, Inc.
-+# Aleix Badia i Bosch <abadia@ica.es>, 2004
-+msgid ""
-+msgstr ""
-+"Project-Id-Version: openssl_0.9.7d-1_templates\n"
-+"Report-Msgid-Bugs-To: \n"
-+"POT-Creation-Date: 2004-03-22 18:34+0100\n"
-+"PO-Revision-Date: 2004-04-08 19:46GMT\n"
-+"Last-Translator: Aleix Badia i Bosch <abadia@ica.es>\n"
-+"Language-Team: Catalan <debian-l10n-catalan@lists.debian.org>\n"
-+"MIME-Version: 1.0\n"
-+"Content-Type: text/plain; charset=UTF-8\n"
-+"Content-Transfer-Encoding: 8bit\n"
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid "Which services should be restarted to make them use the new libraries?"
-+msgstr ""
-+"Quina serveis s'han de reiniciar perquè utilitzin les noves biblioteques?"
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid ""
-+"Security holes were fixed with this release. Services may not use these "
-+"fixes until they are restarted. Note: restarting sshd should not affect any "
-+"existing connections."
-+msgstr ""
-+"Aquesta versió resol els errors de seguretat. Els serveis no utilitzaran les "
-+"correccions fins que no s'hagin reiniciat. Nota: reiniciant l'sshd no "
-+"s'afectarà cap connexió existent."
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid ""
-+"Following is a list of detected services that need to be restarted. Please "
-+"correct the list, if you think it is incorrect. The services names must be "
-+"identical to the script names in /etc/init.d and must be separated by "
-+"spaces. If you clear the list, no services will be restarted."
-+msgstr ""
-+"És una llista de serveis que s'ha detectat que s'haurien de reiniciar, "
-+"corregiu-la si és incorrecta. El nom dels serveis hauria de ser idèntic als "
-+"noms de les seqüències del directori /etc/init.d i haurien d'estar separats "
-+"per espais. Si suprimiu la llista no es reiniciarà cap servei."
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid ""
-+"If other services begin to fail mysteriously after this upgrade, it may be "
-+"necessary to restart them too.  We strongly recommend you to reboot your "
-+"machine to avoid the SSL related trouble."
-+msgstr ""
-+"Si després de l'actualització d'altres serveis fallen de forma inexplicable, "
-+"probablement també sigui necessari reiniciar-los. Us recomanem que per "
-+"evitar els problemes relacionats amb l'SSL reinicieu l'ordinador."
---- openssl097-0.9.7g.orig/debian/po/da.po
-+++ openssl097-0.9.7g/debian/po/da.po
-@@ -0,0 +1,70 @@
-+# translation of openssl_0.9.7d-1_templates.po to Danish
-+#
-+#    Translators, if you are not familiar with the PO format, gettext
-+#    documentation is worth reading, especially sections dedicated to
-+#    this format, e.g. by running:
-+#         info -n '(gettext)PO Files'
-+#         info -n '(gettext)Header Entry'
-+#    Some information specific to po-debconf are available at
-+#            /usr/share/doc/po-debconf/README-trans
-+#         or http://www.debian.org/intl/l10n/po-debconf/README-trans#
-+#    Developers do not need to manually edit POT or PO files.
-+# Claus Hindsgaul <claus_h@image.dk>, 2004.
-+#
-+msgid ""
-+msgstr ""
-+"Project-Id-Version: openssl_0.9.7d-1_templates\n"
-+"Report-Msgid-Bugs-To: \n"
-+"POT-Creation-Date: 2004-03-22 18:34+0100\n"
-+"PO-Revision-Date: 2004-04-02 16:08+0200\n"
-+"Last-Translator: Claus Hindsgaul <claus_h@image.dk>\n"
-+"Language-Team: Danish <dansk@klid.dk>\n"
-+"MIME-Version: 1.0\n"
-+"Content-Type: text/plain; charset=ISO-8859-1\n"
-+"Content-Transfer-Encoding: 8bit\n"
-+"X-Generator: KBabel 1.3.1\n"
-+"Plural-Forms:  nplurals=2; plural=(n != 1);\n"
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid "Which services should be restarted to make them use the new libraries?"
-+msgstr "Hvilke services skal genstartes, så de benytter de nye biblioteker?"
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid ""
-+"Security holes were fixed with this release. Services may not use these "
-+"fixes until they are restarted. Note: restarting sshd should not affect any "
-+"existing connections."
-+msgstr ""
-+"Der lukket nogle sikkerhedshuller i denne version af openssl. Disse huller "
-+"bliver ikke lukket i dine services før de er blevet genstartet. Bemærk at "
-+"det ikke vil påvirke eksisterende forbindelser at genstarte ssh."
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid ""
-+"Following is a list of detected services that need to be restarted. Please "
-+"correct the list, if you think it is incorrect. The services names must be "
-+"identical to the script names in /etc/init.d and must be separated by "
-+"spaces. If you clear the list, no services will be restarted."
-+msgstr ""
-+"Herunder ser du en liste over fundne services, som bør genstartes. Ret "
-+"listen, hvis du mener at den ikke er korrekt. Servicenavnene skal være "
-+"identiske med skriptnavnene i /etc/init.d, og skal adskilles med mellemrum. "
-+"Hvis du sletter listen, vil ingen services blive genstartet."
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid ""
-+"If other services begin to fail mysteriously after this upgrade, it may be "
-+"necessary to restart them too.  We strongly recommend you to reboot your "
-+"machine to avoid the SSL related trouble."
-+msgstr ""
-+"Hvis andre services begynder at fejle på mystisk vis efter denne "
-+"opgradering, kan det være nødvendigt også at genstarte disse. Vi anbefaler "
-+"dig kraftigt at genstarte din maskine for at undgå SSL-relaterede problemer."
---- openssl097-0.9.7g.orig/debian/po/cs.po
-+++ openssl097-0.9.7g/debian/po/cs.po
-@@ -0,0 +1,68 @@
-+#
-+#    Translators, if you are not familiar with the PO format, gettext
-+#    documentation is worth reading, especially sections dedicated to
-+#    this format, e.g. by running:
-+#         info -n '(gettext)PO Files'
-+#         info -n '(gettext)Header Entry'
-+#
-+#    Some information specific to po-debconf are available at
-+#            /usr/share/doc/po-debconf/README-trans
-+#         or http://www.debian.org/intl/l10n/po-debconf/README-trans
-+#
-+#    Developers do not need to manually edit POT or PO files.
-+#
-+msgid ""
-+msgstr ""
-+"Project-Id-Version: openssl\n"
-+"Report-Msgid-Bugs-To: \n"
-+"POT-Creation-Date: 2004-03-22 18:34+0100\n"
-+"PO-Revision-Date: 2004-09-26 17:40+0200\n"
-+"Last-Translator: Miroslav Kure <kurem@debian.cz>\n"
-+"Language-Team: Czech <provoz@debian.cz>\n"
-+"MIME-Version: 1.0\n"
-+"Content-Type: text/plain; charset=ISO-8859-2\n"
-+"Content-Transfer-Encoding: 8bit\n"
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid "Which services should be restarted to make them use the new libraries?"
-+msgstr "Které slu¾by se mají restartovat, aby zaèaly vyu¾ívat nové knihovny?"
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid ""
-+"Security holes were fixed with this release. Services may not use these "
-+"fixes until they are restarted. Note: restarting sshd should not affect any "
-+"existing connections."
-+msgstr ""
-+"V této verzi balíku byly opraveny bezbeènostní chyby. Tyto opravy se v "
-+"programech projeví a¾ po jejich restartu. Poznámka: restart sshd by nemìl "
-+"ovlivnit stávající spojení."
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid ""
-+"Following is a list of detected services that need to be restarted. Please "
-+"correct the list, if you think it is incorrect. The services names must be "
-+"identical to the script names in /etc/init.d and must be separated by "
-+"spaces. If you clear the list, no services will be restarted."
-+msgstr ""
-+"Následuje seznam rozpoznaných slu¾eb, které je tøeba restartovat. Pokud se "
-+"vám zdá, ¾e je tento seznam chybný, mù¾ete jej opravit. Názvy slu¾eb musí "
-+"být shodné s názvy skriptù v adresáøi /etc/init.d a musí být oddìleny "
-+"mezerami. Pokud seznam vyma¾ete, nebude restartována ¾ádná slu¾ba."
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid ""
-+"If other services begin to fail mysteriously after this upgrade, it may be "
-+"necessary to restart them too.  We strongly recommend you to reboot your "
-+"machine to avoid the SSL related trouble."
-+msgstr ""
-+"Jestli¾e po této aktualizaci zaènou selhávat nìkteré slu¾by, mo¾ná bude "
-+"nutné je takté¾ restartovat. Abyste se vyhnuli problémùm spojených se SSL, "
-+"doporuèujeme restartovat celý poèítaè."
---- openssl097-0.9.7g.orig/debian/po/pt_BR.po
-+++ openssl097-0.9.7g/debian/po/pt_BR.po
-@@ -0,0 +1,69 @@
-+#
-+#    Translators, if you are not familiar with the PO format, gettext
-+#    documentation is worth reading, especially sections dedicated to
-+#    this format, e.g. by running:
-+#         info -n '(gettext)PO Files'
-+#         info -n '(gettext)Header Entry'
-+#
-+#    Some information specific to po-debconf are available at
-+#            /usr/share/doc/po-debconf/README-trans
-+#         or http://www.debian.org/intl/l10n/po-debconf/README-trans
-+#
-+#    Developers do not need to manually edit POT or PO files.
-+#
-+msgid ""
-+msgstr ""
-+"Project-Id-Version: openssl\n"
-+"Report-Msgid-Bugs-To: \n"
-+"POT-Creation-Date: 2004-03-22 18:34+0100\n"
-+"PO-Revision-Date: 2004-04-04 15:21-0300\n"
-+"Last-Translator: André Luís Lopes <andrelop@debian.org>\n"
-+"Language-Team: Debian-BR Project <debian-l10n-portuguese@lists.debian.org>\n"
-+"MIME-Version: 1.0\n"
-+"Content-Type: text/plain; charset=ISO-8859-1\n"
-+"Content-Transfer-Encoding: 8bit\n"
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid "Which services should be restarted to make them use the new libraries?"
-+msgstr "Quais serviços devem ser reiniciados para utilizar novas bibliotecas ?"
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid ""
-+"Security holes were fixed with this release. Services may not use these "
-+"fixes until they are restarted. Note: restarting sshd should not affect any "
-+"existing connections."
-+msgstr ""
-+"Falhas de segurança foram corrigidas nesta versão. Alguns serviços podem não "
-+"utilizar estas correções até que sejam reiniciados. Note : reiniciar o sshd "
-+"não afetará nenhuma conexão já estabelecida."
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid ""
-+"Following is a list of detected services that need to be restarted. Please "
-+"correct the list, if you think it is incorrect. The services names must be "
-+"identical to the script names in /etc/init.d and must be separated by "
-+"spaces. If you clear the list, no services will be restarted."
-+msgstr ""
-+"A seguir será exibida uma lista de serviços que foram detectados e que "
-+"precisam ser reiniciados. Por favor, corrija a lista caso você tenha certeza "
-+"que ela esteja incorreta. Os nomes dos serviços devem ser idênticos aos "
-+"nomes dos scripts sob o diretório /etc/init.d e devem estar separados por "
-+"espaços. Caso você esvazie a lista, nenhum serviço será reiniciado."
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid ""
-+"If other services begin to fail mysteriously after this upgrade, it may be "
-+"necessary to restart them too.  We strongly recommend you to reboot your "
-+"machine to avoid the SSL related trouble."
-+msgstr ""
-+"Caso outros serviços comecem a falhar misteriosamente após esta atualização, "
-+"pode ser necessário reiniciá-los também. Recomendados fortemente que você "
-+"reinicie sua máquina para evitar problemas relacionados a SSL."
---- openssl097-0.9.7g.orig/debian/po/es.po
-+++ openssl097-0.9.7g/debian/po/es.po
-@@ -0,0 +1,85 @@
-+# openssl translation to spanish
-+# Copyright (C) 2004 Software in the Public Interest
-+# This file is distributed under the same license as the openssl package.
-+#
-+# Changes:
-+# - Initial translation
-+#       Lucas Wall <kthulhu@kadath.com.ar>, 2004
-+#
-+#
-+#  Traductores, si no conoce el formato PO, merece la pena leer la 
-+#  documentación de gettext, especialmente las secciones dedicadas a este
-+#  formato, por ejemplo ejecutando:
-+#         info -n '(gettext)PO Files'
-+#         info -n '(gettext)Header Entry'
-+#
-+# Equipo de traducción al español, por favor lean antes de traducir
-+# los siguientes documentos:
-+# 
-+# - El proyecto de traducción de Debian al español
-+#   http://www.debian.org/intl/spanish/coordinacion
-+#   especialmente las notas de traducción en
-+#   http://www.debian.org/intl/spanish/notas
-+#
-+# - La guía de traducción de po's de debconf:
-+#   /usr/share/doc/po-debconf/README-trans
-+#   o http://www.debian.org/intl/l10n/po-debconf/README-trans
-+#
-+msgid ""
-+msgstr ""
-+"Project-Id-Version: openssl 0.9.7d-3\n"
-+"Report-Msgid-Bugs-To: \n"
-+"POT-Creation-Date: 2004-03-22 18:34+0100\n"
-+"PO-Revision-Date: 2004-06-12 15:23-0300\n"
-+"Last-Translator: Lucas Wall <kthulhu@kadath.com.ar>\n"
-+"Language-Team: Debian Spanish <debian-l10n-spanish@lists.debian.org>\n"
-+"MIME-Version: 1.0\n"
-+"Content-Type: text/plain; charset=ISO-8859-15\n"
-+"Content-Transfer-Encoding: 8bit\n"
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid "Which services should be restarted to make them use the new libraries?"
-+msgstr ""
-+"¿Qué servicios desea reiniciar para que utilicen las nuevas bibliotecas?"
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid ""
-+"Security holes were fixed with this release. Services may not use these "
-+"fixes until they are restarted. Note: restarting sshd should not affect any "
-+"existing connections."
-+msgstr ""
-+"En esta versión se han solucionado problemas de seguridad. Los servicios "
-+"afectados no gozarán de los arreglos hasta que no se hayan reiniciado. Nota: "
-+"reiniciar el servicio «sshd» no afectará ninguna de las conexiones "
-+"existentes."
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid ""
-+"Following is a list of detected services that need to be restarted. Please "
-+"correct the list, if you think it is incorrect. The services names must be "
-+"identical to the script names in /etc/init.d and must be separated by "
-+"spaces. If you clear the list, no services will be restarted."
-+msgstr ""
-+"Una lista de los servicios que deben ser reiniciados se presenta a "
-+"continuación. Si cree que no es correcta haga los ajustes necesarios. Los "
-+"nombres de los servicios deben ser iguales a los nombres de los ficheros en "
-+"«/etc/init.d» y debe estar separados por espacios. Ningún servicio será "
-+"reiniciado si deja la lista en blanco."
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid ""
-+"If other services begin to fail mysteriously after this upgrade, it may be "
-+"necessary to restart them too.  We strongly recommend you to reboot your "
-+"machine to avoid the SSL related trouble."
-+msgstr ""
-+"Si, tras esta actualización, otros servicios comienzan a fallar en forma "
-+"misteriosa puede ser necesario reiniciarlos también. Para evitar problemas "
-+"relacionados con «SSL» se le recomienda reiniciar su sistema."
---- openssl097-0.9.7g.orig/debian/po/fr.po
-+++ openssl097-0.9.7g/debian/po/fr.po
-@@ -0,0 +1,69 @@
-+#
-+#    Translators, if you are not familiar with the PO format, gettext
-+#    documentation is worth reading, especially sections dedicated to
-+#    this format, e.g. by running:
-+#         info -n '(gettext)PO Files'
-+#         info -n '(gettext)Header Entry'
-+#    Some information specific to po-debconf are available at
-+#            /usr/share/doc/po-debconf/README-trans
-+#         or http://www.debian.org/intl/l10n/po-debconf/README-trans#
-+#    Developers do not need to manually edit POT or PO files.
-+#
-+msgid ""
-+msgstr ""
-+"Project-Id-Version: openssl_0.9.7c-5\n"
-+"Report-Msgid-Bugs-To: \n"
-+"POT-Creation-Date: 2004-03-22 18:34+0100\n"
-+"PO-Revision-Date: 2003-10-22 21:37+0200\n"
-+"Last-Translator: Michel Grentzinger <mic.grentz@online.fr>\n"
-+"Language-Team: French <debian-l10n-french@lists.debian.org>\n"
-+"MIME-Version: 1.0\n"
-+"Content-Type: text/plain; charset=ISO-8859-15\n"
-+"Content-Transfer-Encoding: 8bit\n"
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid "Which services should be restarted to make them use the new libraries?"
-+msgstr "Services à redémarrer afin d'utiliser les nouvelles bibliothèques"
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid ""
-+"Security holes were fixed with this release. Services may not use these "
-+"fixes until they are restarted. Note: restarting sshd should not affect any "
-+"existing connections."
-+msgstr ""
-+"Des failles de sécurité on été corrigées dans cette version. Les services ne "
-+"devraient pas utiliser ces correctifs tant qu'ils n'auront pas été "
-+"redémarrés. Note : le redémarrage de sshd n'affectera aucune connexion "
-+"existante."
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid ""
-+"Following is a list of detected services that need to be restarted. Please "
-+"correct the list, if you think it is incorrect. The services names must be "
-+"identical to the script names in /etc/init.d and must be separated by "
-+"spaces. If you clear the list, no services will be restarted."
-+msgstr ""
-+"La liste suivante recense tous les services devant être redémarrés. Veuillez "
-+"corriger la liste si vous pensez qu'elle contient des erreurs. Les noms des "
-+"services doivent être identiques aux noms des scripts présents dans /etc/"
-+"init.d et doivent être séparés par des espaces. Si vous effacez la liste, "
-+"aucun service ne sera redémarré."
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid ""
-+"If other services begin to fail mysteriously after this upgrade, it may be "
-+"necessary to restart them too.  We strongly recommend you to reboot your "
-+"machine to avoid the SSL related trouble."
-+msgstr ""
-+"Si d'autres services ne fonctionnent plus correctement après cette mise à "
-+"jour, il est sans doute nécessaire de les redémarrer de la même façon. Il "
-+"est fortement recommandé de redémarrer votre machine pour éviter les "
-+"problèmes liés à SSL."
---- openssl097-0.9.7g.orig/debian/po/nl.po
-+++ openssl097-0.9.7g/debian/po/nl.po
-@@ -0,0 +1,71 @@
-+#    Translators, if you are not familiar with the PO format, gettext


-+#    documentation is worth reading, especially sections dedicated to


-+#    this format, e.g. by running:


-+#         info -n '(gettext)PO Files'


-+#         info -n '(gettext)Header Entry'


-+# 


-+#    Some information specific to po-debconf are available at


-+#            /usr/share/doc/po-debconf/README-trans


-+#         or http://www.debian.org/intl/l10n/po-debconf/README-trans


-+# 


-+#    Developers do not need to manually edit POT or PO files.


-+# 


-+msgid ""
-+msgstr ""
-+"Project-Id-Version: openssl 0.9.7d-5\n"
-+"Report-Msgid-Bugs-To: \n"
-+"POT-Creation-Date: 2004-03-22 18:34+0100\n"
-+"PO-Revision-Date: 2004-08-01 18:31+0100\n"
-+"Last-Translator: Luk Claes <luk.claes@ugent.be>\n"
-+"Language-Team: Debian l10n Dutch <debian-l10n-dutch@lists.debian.org>\n"
-+"MIME-Version: 1.0\n"
-+"Content-Type: text/plain; charset=iso-8859-1\n"
-+"Content-Transfer-Encoding: 8bit\n"
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid "Which services should be restarted to make them use the new libraries?"
-+msgstr ""
-+"Welke diensten moeten herstart worden om ze de nieuwe bibliotheken te laten "
-+"gebruiken?"
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid ""
-+"Security holes were fixed with this release. Services may not use these "
-+"fixes until they are restarted. Note: restarting sshd should not affect any "
-+"existing connections."
-+msgstr ""
-+"Er zijn veiligheidslekken gedicht in deze release. Diensten gebruiken deze "
-+"versie misschien niet totdat ze herstart zijn. Merk op: sshd herstarten zou "
-+"geen effect mogen hebben op bestaande verbindingen."
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid ""
-+"Following is a list of detected services that need to be restarted. Please "
-+"correct the list, if you think it is incorrect. The services names must be "
-+"identical to the script names in /etc/init.d and must be separated by "
-+"spaces. If you clear the list, no services will be restarted."
-+msgstr ""
-+"Hierna volgt een lijst van gedetecteerde diensten die herstart moeten "
-+"worden. Verbeter de lijst, als u denkt dat ze incorrect is. De namen moeten "
-+"overeenkomen met de script-namen in /etc/init.d en moeten gescheiden worden "
-+"door spaties. Als u de lijst ledigt, dan zullen er geen diensten worden "
-+"herstart."
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid ""
-+"If other services begin to fail mysteriously after this upgrade, it may be "
-+"necessary to restart them too.  We strongly recommend you to reboot your "
-+"machine to avoid the SSL related trouble."
-+msgstr ""
-+"Als er andere diensten mysterieus beginnen te falen na deze opwaardering, "
-+"kan het nodig zijn om ze ook te herstarten. Er wordt u ten zeerste "
-+"aanbevolen uw machine te herstarten om SSL-gerelateerde problemen te "
-+"vermijden."
---- openssl097-0.9.7g.orig/debian/po/ja.po
-+++ openssl097-0.9.7g/debian/po/ja.po
-@@ -0,0 +1,69 @@
-+#
-+#    Translators, if you are not familiar with the PO format, gettext
-+#    documentation is worth reading, especially sections dedicated to
-+#    this format, e.g. by running:
-+#         info -n '(gettext)PO Files'
-+#         info -n '(gettext)Header Entry'
-+#
-+#    Some information specific to po-debconf are available at
-+#            /usr/share/doc/po-debconf/README-trans
-+#         or http://www.debian.org/intl/l10n/po-debconf/README-trans
-+#
-+#    Developers do not need to manually edit POT or PO files.
-+#
-+#
-+msgid ""
-+msgstr ""
-+"Project-Id-Version: openssl 0.9.7d-1\n"
-+"Report-Msgid-Bugs-To: \n"
-+"POT-Creation-Date: 2004-03-22 18:34+0100\n"
-+"PO-Revision-Date: 2004-03-24 23:41+0900\n"
-+"Last-Translator: Hideki Yamane <henrich@samba.gr.jp>\n"
-+"Language-Team: Japanese <debian-japanese@lists.debian.org>\n"
-+"MIME-Version: 1.0\n"
-+"Content-Type: text/plain; charset=EUC-JP\n"
-+"Content-Transfer-Encoding: 8bit\n"
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid "Which services should be restarted to make them use the new libraries?"
-+msgstr "¤É¤Î¥µ¡¼¥Ó¥¹¤ò¿·¤·¤¤¥é¥¤¥Ö¥é¥ê¤ò»È¤¦¤¿¤á¤ËºÆµ¯Æ°¤·¤Þ¤¹¤«?"
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid ""
-+"Security holes were fixed with this release. Services may not use these "
-+"fixes until they are restarted. Note: restarting sshd should not affect any "
-+"existing connections."
-+msgstr ""
-+"º£²ó¤Î¥ê¥ê¡¼¥¹¤Ç¥»¥­¥å¥ê¥Æ¥£¥Û¡¼¥ë¤¬½¤Àµ¤µ¤ì¤Þ¤·¤¿¡£³Æ¥µ¡¼¥Ó¥¹¤ÏºÆµ¯Æ°¤ò¹Ô¤¦"
-+"¤Þ¤Ç¤³¤Î½¤Àµ¤µ¤ì¤¿¥é¥¤¥Ö¥é¥ê¤òÍøÍѤ·¤Þ¤»¤ó¡£Ãí°Õ: sshd ¤ÎºÆµ¯Æ°¤Ï¸½¾õ¤ÎÀܳ¤Ë"
-+"¤Ï²¿¤é±Æ¶Á¤·¤Þ¤»¤ó¡£"
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid ""
-+"Following is a list of detected services that need to be restarted. Please "
-+"correct the list, if you think it is incorrect. The services names must be "
-+"identical to the script names in /etc/init.d and must be separated by "
-+"spaces. If you clear the list, no services will be restarted."
-+msgstr ""
-+"°Ê²¼¤¬ºÆµ¯Æ°¤¬É¬ÍפÀ¤ÈȽÃǤµ¤ì¤¿¥µ¡¼¥Ó¥¹¤Î¥ê¥¹¥È¤Ç¤¹¡£´Ö°ã¤Ã¤Æ¤¤¤ë¤È»×¤Ã¤¿¤é"
-+"½¤Àµ¤·¤Æ¤¯¤À¤µ¤¤¡£¥µ¡¼¥Ó¥¹Ì¾¤Ï /etc/init.d ¤Ë¤¢¤ë¥¹¥¯¥ê¥×¥È¤Î̾Á°¤ò»Ø¤·¡¢¶õÇò"
-+"¤Ç¶èÀÚ¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£¥ê¥¹¥È¤¬¶õ¤Î¾ì¹ç¤Ï¡¢¥µ¡¼¥Ó¥¹¤ÎºÆµ¯Æ°¤ÏɬÍפ¢¤ê¤Þ¤»"
-+"¤ó¡£"
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid ""
-+"If other services begin to fail mysteriously after this upgrade, it may be "
-+"necessary to restart them too.  We strongly recommend you to reboot your "
-+"machine to avoid the SSL related trouble."
-+msgstr ""
-+"¾¤Î¥µ¡¼¥Ó¥¹¤¬¤³¤³¤Ç¤Î¥¢¥Ã¥×¥°¥ì¡¼¥É¤Î¸å¤Ë²¿¸Î¤«¥¨¥é¡¼¤òµ¯¤³¤·»Ï¤á¤¿¾ì¹ç¡¢¤½"
-+"¤ì¤é¤âºÆµ¯Æ°¤¹¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£SSL ´ØÏ¢¤Î¥È¥é¥Ö¥ë¤òÈò¤±¤ë¤¿¤á¤Ë¥Þ¥·¥ó¤òºÆµ¯"
-+"Æ°¤¹¤ë¤Î¤ò¶¯¤¯¤ª´«¤á¤·¤Þ¤¹¡£"
---- openssl097-0.9.7g.orig/debian/po/POTFILES.in
-+++ openssl097-0.9.7g/debian/po/POTFILES.in
-@@ -0,0 +1 @@
-+[type: gettext/rfc822deb] libssl0.9.7.templates
---- openssl097-0.9.7g.orig/debian/po/vi.po
-+++ openssl097-0.9.7g/debian/po/vi.po
-@@ -0,0 +1,61 @@
-+# Vietnamese translation for openssl.
-+# Copyright © 2005 Free Software Foundation, Inc.
-+# Clytie Siddall <clytie@riverland.net.au>, 2005.
-+# 
-+msgid ""
-+msgstr ""
-+"Project-Id-Version: openssl 0.9.7g-1\n"
-+"Report-Msgid-Bugs-To: \n"
-+"POT-Creation-Date: 2004-03-22 18:34+0100\n"
-+"PO-Revision-Date: 2005-07-03 12:49+0930\n"
-+"Last-Translator: Clytie Siddall <clytie@riverland.net.au>\n"
-+"Language-Team: Vietnamese <gnomevi-list@lists.sourceforge.net>\n"
-+"MIME-Version: 1.0\n"
-+"Content-Type: text/plain; charset=utf-8\n"
-+"Content-Transfer-Encoding: 8bit\n"
-+"Plural-Forms: nplurals=1; plural=0\n"
-+"X-Generator: LocFactoryEditor 1.2.2\n"
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid "Which services should be restarted to make them use the new libraries?"
-+msgstr "�ể dùng những thư viên mới, cần phải khởi chạy lại dịch vụ nào?"
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid ""
-+"Security holes were fixed with this release. Services may not use these "
-+"fixes until they are restarted. Note: restarting sshd should not affect any "
-+"existing connections."
-+msgstr ""
-+"Phiên bản phát hành này đã sửa một số lỗ hổng bảo mật rồi. Dịch vụ sẽ dùng "
-+"mã đã sửa chỉ sau khi khởi chạy lại thôi. Ghi chú: khởi chạy lại sshd nên "
-+"không làm ảnh hưởng đến sự kết nối hiện th�i nào."
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid ""
-+"Following is a list of detected services that need to be restarted. Please "
-+"correct the list, if you think it is incorrect. The services names must be "
-+"identical to the script names in /etc/init.d and must be separated by "
-+"spaces. If you clear the list, no services will be restarted."
-+msgstr ""
-+"Theo đây có một danh sách dịch vụ đã phát hiện mà cần phải khởi chạy lại. "
-+"Bạn hãy sửa danh sách nếu chưa đúng. Tên dịch vụ phải là cùng một tên với "
-+"tên tập lệnh trong «/etc/init.d», những tên định giới bằng dấu cách. Nếu bạn "
-+"xóa hết danh sách thì sẽ không khởi chạy lại dịch vụ nào."
-+
-+#. Type: string
-+#. Description
-+#: ../libssl0.9.7.templates:3
-+msgid ""
-+"If other services begin to fail mysteriously after this upgrade, it may be "
-+"necessary to restart them too.  We strongly recommend you to reboot your "
-+"machine to avoid the SSL related trouble."
-+msgstr ""
-+"Nếu dịch vụ khác mới bị lỗi một cách lạ sau việc nâng cấp này, có lẽ bạn "
-+"cũng cần phải khởi chạy lại chúng. Khuyến khích nặng bạn khởi động máy này "
-+"để tránh lỗi liên quan đến SSL."
---- openssl097-0.9.7g.orig/debian/libssl0.9.7-dev.docs
-+++ openssl097-0.9.7g/debian/libssl0.9.7-dev.docs
-@@ -0,0 +1 @@
-+demos
---- openssl097-0.9.7g.orig/debian/control
-+++ openssl097-0.9.7g/debian/control
-@@ -0,0 +1,27 @@
-+Source: openssl097
-+Build-Depends: debhelper (>= 4.2.0), binutils (>= 2.14.90.0.7), zlib1g-dev
-+Section: utils
-+Priority: optional
-+Maintainer: Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>
-+Uploaders: Christoph Martin <christoph.martin@uni-mainz.de>, Kurt Roeckx <kurt@roeckx.be>
-+Standards-Version: 3.6.1
-+
-+Package: libssl0.9.7
-+Section: oldlibs
-+Priority: important
-+Architecture: any
-+Depends: ${shlibs:Depends}, ${misc:Depends}
-+Conflicts: ssleay (<< 0.9.2b), libssl, openssl (<< 0.9.6-2), libssl096-dev (<< 0.9.6-2)
-+Description: SSL shared libraries
-+ libssl and libcrypto shared libraries needed by programs like
-+ apache-ssl, telnet-ssl and openssh.
-+ .
-+ It is part of the OpenSSL implementation of SSL.
-+
-+Package: libssl0.9.7-dbg
-+Section: libdevel
-+Priority: extra
-+Architecture: any
-+Depends: libssl0.9.7 (= ${Source-Version})
-+Description: Symbol tables for libssl and libcrypt
-+ This package is part of the OpenSSL implementation of SSL.
---- openssl097-0.9.7g.orig/debian/libssl0.9.7-dev.prerm
-+++ openssl097-0.9.7g/debian/libssl0.9.7-dev.prerm
-@@ -0,0 +1,3 @@
-+#!/bin/sh -e
-+
-+#DEBHELPER#
---- openssl097-0.9.7g.orig/debian/libssl0.9.7-dev.postinst
-+++ openssl097-0.9.7g/debian/libssl0.9.7-dev.postinst
-@@ -0,0 +1,3 @@
-+#!/bin/sh -e
-+
-+#DEBHELPER#
---- openssl097-0.9.7g.orig/debian/libssl0.9.7-dev.files
-+++ openssl097-0.9.7g/debian/libssl0.9.7-dev.files
-@@ -0,0 +1,9 @@
-+usr/lib/libssl.so
-+usr/lib/libcrypto.so
-+usr/lib/libssl.a
-+usr/lib/libcrypto.a
-+usr/lib/libssl_pic.a
-+usr/lib/libcrypto_pic.a
-+usr/lib/pkgconfig/openssl.pc
-+usr/include
-+usr/share/man/man3
---- openssl097-0.9.7g.orig/debian/libssl0.9.7.templates
-+++ openssl097-0.9.7g/debian/libssl0.9.7.templates
-@@ -0,0 +1,15 @@
-+Template: libssl0.9.7/restart-services
-+Type: string
-+_Description: Which services should be restarted to make them use the new libraries?
-+ Security holes were fixed with this release. Services may not use these
-+ fixes until they are restarted. Note: restarting sshd should not affect any
-+ existing connections.
-+ .
-+ Following is a list of detected services that need to be restarted. Please
-+ correct the list, if you think it is incorrect. The services names must be
-+ identical to the script names in /etc/init.d and must be separated by
-+ spaces. If you clear the list, no services will be restarted.
-+ .
-+ If other services begin to fail mysteriously after this upgrade, it may be
-+ necessary to restart them too.  We strongly recommend you to reboot your
-+ machine to avoid the SSL related trouble.
---- openssl097-0.9.7g.orig/debian/libssl0.9.7-dev.dirs
-+++ openssl097-0.9.7g/debian/libssl0.9.7-dev.dirs
-@@ -0,0 +1,3 @@
-+usr/lib
-+usr/share/doc/libssl0.9.7-dev
-+usr/share/man
---- openssl097-0.9.7g.orig/debian/README.optimization
-+++ openssl097-0.9.7g/debian/README.optimization
-@@ -0,0 +1,32 @@
-+openssl ships optimized libraries for some cpus. The loading of these
-+libraries depends on the ability of the dynamic linker to automaticly
-+search additional directories depending on the cpu. If you want to
-+find out which are these directories for your computer, run the
-+following command:
-+
-+LD_LIBRARY_PATH=/usr/lib strace true 2>&1 | fgrep "open(\"/usr/lib"
-+
-+On a Pentium III this gives:
-+
-+open("/usr/lib/i686/mmx/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
-+open("/usr/lib/i686/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
-+open("/usr/lib/mmx/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
-+open("/usr/lib/libc.so.6", O_RDONLY)    = -1 ENOENT (No such file or directory)
-+
-+Following is a list of cpus, library paths and possible optimizations:
-+
-+486            /usr/lib/i486   -march=i486 -mcpu=i486 +asm
-+Pentium        /usr/lib/i586   -march=i586 -mcpu=i586 +asm
-+Pentium MMX    /usr/lib/i586   -march=i586 -mcpu=i586 +asm
-+Pentium II     /usr/lib/i686   -march=i686 -mcpu=i686 +asm
-+Pentium III    /usr/lib/i686   -march=i686 -mcpu=i686 +asm
-+AMD-K6         /usr/lib/i586   -march=i586 -mcpu=i586 +asm
-+AMD-K7         /usr/lib/i686   -march=i686 -mcpu=i686 +asm
-+
-+Sparc v8       /usr/lib/v8     -mcpu=v8              +asm
-+Sparc v9       /usr/lib/v9     -mcpu=v9 -Wa,-Av8plus +asm
-+
-+Alpha EV4      /usr/lib/ev4    -mcpu=ev4
-+Alpha EV5      /usr/lib/ev5    -mcpu=ev5
-+
-++asm means that the handcrafted 586 assembler routines can be used. 
---- openssl097-0.9.7g.orig/debian/libssl0.9.7.dirs
-+++ openssl097-0.9.7g/debian/libssl0.9.7.dirs
-@@ -0,0 +1,2 @@
-+usr/lib
-+usr/share/doc/libssl0.9.7
---- openssl097-0.9.7g.orig/debian/libssl0.9.7.files
-+++ openssl097-0.9.7g/debian/libssl0.9.7.files
-@@ -0,0 +1,3 @@
-+usr/lib/*.so.*.*.*
-+usr/lib/*/*.so.*.*.*
-+usr/lib/i686/cmov/*.so.*.*.*
---- openssl097-0.9.7g.orig/debian/changelog
-+++ openssl097-0.9.7g/debian/changelog
-@@ -0,0 +1,689 @@
-+openssl097 (0.9.7g-5) unstable; urgency=medium
-+
-+  * Add the shlibs for libcrypto again, removed by accident.
-+  * Change priority of -dbg package to extra.
-+  * Remove the libssl0.9.7-dev package.
-+  * Add security patch for CAN-2005-2969, setting urgency to medium.
-+
-+ -- Kurt Roeckx <kurt@roeckx.be>  Wed, 12 Oct 2005 21:07:19 +0200
-+
-+openssl097 (0.9.7g-4) unstable; urgency=low
-+
-+  * Reintroduce openssl 0.9.7 source package to provide the old
-+    library version. This should make packages linked against
-+    the old version installable again. (Closes: #332892)
-+  * Drop the openssl and libcrypto0.9.7-udeb package.
-+  * Rename libssl-dev to libssl0.9.7-dev.
-+  * Add myself to the Uploaders field.
-+
-+ -- Kurt Roeckx <kurt@roeckx.be>  Mon, 10 Oct 2005 18:38:30 +0200
-+
-+openssl (0.9.7g-3) unstable; urgency=low
-+
-+  * change Configure line for debian-freebsd-i386 to debian-kfreebsd-i386
-+    (closes: #327692)
-+  * include -dbg version. That implies compiling with -g and without
-+    -fomit-frame-pointer (closes: #293823, #153811)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Fri, 23 Sep 2005 13:51:57 +0200
-+
-+openssl (0.9.7g-2) unstable; urgency=low
-+
-+  * really include nl translation
-+  * remove special ia64 code from rc4 code to make the abi compatible to
-+    older 0.9.7 versions (closes: #310489, #309274)
-+  * fix compile flag for debian-ppc64 (closes: #318750)
-+  * small fix in libssl0.9.7.postinst (closes: #239956)
-+  * fix pk7_mime.c to prevent garbled messages because of to early memory
-+    free (closes: #310184)
-+  * include vietnamese debconf translation (closes: #316689)
-+  * make optimized i386 libraries have non executable stack (closes:
-+    #321721)
-+  * remove leftover files from ssleay
-+  * move from dh_installmanpages to dh_installman
-+  * change Maintainer to pkg-openssl-devel@lists.alioth.debian.org
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Wed,  7 Sep 2005 15:32:54 +0200
-+
-+openssl (0.9.7g-1) unstable; urgency=low
-+
-+  * New upstream release
-+    * Added support for proxy certificates according to RFC 3820.
-+      Because they may be a security thread to unaware applications,
-+      they must be explicitely allowed in run-time.  See
-+      docs/HOWTO/proxy_certificates.txt for further information.
-+    * Prompt for pass phrases when appropriate for PKCS12 input format.
-+    * Back-port of selected performance improvements from development
-+      branch, as well as improved support for PowerPC platforms.
-+    * Add lots of checks for memory allocation failure, error codes to indicate
-+      failure and freeing up memory if a failure occurs.
-+    * Perform some character comparisons of different types in X509_NAME_cmp:
-+      this is needed for some certificates that reencode DNs into UTF8Strings
-+      (in violation of RFC3280) and can't or wont issue name rollover
-+      certificates.
-+  * corrected watchfile
-+  * added upstream source url (closes: #292904)
-+  * fix typo in CA.pl.1 (closes: #290271)
-+  * change debian-powerpc64 to debian-ppc64 and adapt the configure
-+    options to be the same like upstream (closes: #289841)
-+  * include -signcert option in CA.pl usage
-+  * compile with zlib-dynamic to use system zlib (closes: #289872)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Mon,  9 May 2005 23:32:03 +0200
-+
-+openssl (0.9.7e-3) unstable; urgency=high
-+
-+  * really fix der_chop. The fix from -1 was not really included (closes:
-+    #281212) 
-+  * still fixes security problem CAN-2004-0975 etc.
-+    - tempfile raise condition in der_chop
-+    - Avoid a race condition when CRLs are checked in a multi threaded 
-+      environment.
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Thu, 16 Dec 2004 18:41:29 +0100
-+
-+openssl (0.9.7e-2) unstable; urgency=high
-+
-+  * fix perl path in der_chop and c_rehash (closes: #281212)
-+  * still fixes security problem CAN-2004-0975 etc.
-+    - tempfile raise condition in der_chop
-+    - Avoid a race condition when CRLs are checked in a multi threaded 
-+      environment.
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Sun, 14 Nov 2004 20:16:21 +0100
-+
-+openssl (0.9.7e-1) unstable; urgency=high
-+
-+  * SECURITY UPDATE: fix insecure temporary file handling
-+  * apps/der_chop: 
-+    - replaced $$-style creation of temporary files with
-+      File::Temp::tempfile()
-+    - removed unused temporary file name in do_certificate()
-+  * References:
-+    CAN-2004-0975 (closes: #278260)
-+  * fix ASN1_STRING_to_UTF8 with UTF8 (closes: #260357)
-+  * New upstream release with security fixes
-+    - Avoid a race condition when CRLs are checked in a multi threaded 
-+      environment.
-+    - Various fixes to s3_pkt.c so alerts are sent properly.
-+    - Reduce the chances of duplicate issuer name and serial numbers (in
-+      violation of RFC3280) using the OpenSSL certificate creation
-+      utilities. 
-+  * depends openssl on perl-base instead of perl (closes: #280225)
-+  * support powerpc64 in Configure (closes: #275224)
-+  * include cs translation (closes: #273517)
-+  * include nl translation (closes: #272479)
-+  * Fix default dir of c_rehash (closes: #253126)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Fri, 12 Nov 2004 14:11:15 +0100
-+
-+openssl (0.9.7d-5) unstable; urgency=low
-+
-+  * Make S/MIME encrypt work again (backport from CVS) (closes: #241407,
-+    #241386)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Mon, 26 Jul 2004 17:22:42 +0200
-+
-+openssl (0.9.7d-4) unstable; urgency=low
-+
-+  * add Catalan translation (closes: #248749)
-+  * add Spanish translation (closes: #254561)
-+  * include NMU fixes: see below
-+  * decrease optimisation level for debian-arm to work around gcc bug
-+    (closes: #253848) (thanks to Steve Langasek and Thom May)
-+  * Add libcrypto0.9.7-udeb. (closes: #250010) (thanks to Bastian Blank)
-+  * Add watchfile
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Wed, 14 Jul 2004 14:31:02 +0200
-+
-+openssl (0.9.7d-3) unstable; urgency=low
-+
-+  * rename -pic.a libraries to _pic.a (closes: #250016)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Mon, 24 May 2004 17:02:29 +0200
-+
-+openssl (0.9.7d-2) unstable; urgency=low
-+
-+  * include PIC libs (libcrypto-pic.a and libssl-pic.a) to libssl-dev
-+    (closes: #246928, #243999)
-+  * add racoon to restart list (closes: #242652)
-+  * add Brazilian, Japanese and Danish translations (closes: #242087,
-+    #241830, #241705)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Tue, 11 May 2004 10:13:49 +0200
-+
-+openssl (0.9.7d-1) unstable; urgency=high
-+
-+  * new upstream
-+  * fixes security holes (http://www.openssl.org/news/secadv_20040317.txt)
-+    (closes: #238661)
-+  * includes support for debian-amd64 (closes: #235551, #232310)
-+  * fix typo in pem.pod (closes: #219873)
-+  * fix typo in libssl0.9.7.templates (closes: #224690)
-+  * openssl suggests ca-certificates (closes: #217180)
-+  * change debconf template to gettext format (closes: #219013)
-+  * include french debconf template (closes: #219014)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Thu, 18 Mar 2004 16:18:43 +0100
-+
-+openssl (0.9.7c-5) unstable; urgency=low
-+
-+  * include openssl.pc into libssl-dev (closes: #212545)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Thu, 16 Oct 2003 16:31:32 +0200
-+
-+openssl (0.9.7c-4) unstable; urgency=low
-+
-+  * change question to restart services to debconf (closes: #214840)
-+  * stop using dh_undocumented (closes: #214831)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Fri, 10 Oct 2003 15:40:48 +0200
-+
-+openssl (0.9.7c-3) unstable; urgency=low
-+
-+  * fix POSIX conformance for head in libssl0.9.7.postinst (closes:
-+    #214700) 
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Wed,  8 Oct 2003 14:02:38 +0200
-+
-+openssl (0.9.7c-2) unstable; urgency=low
-+
-+  * add filerc macro to libssl0.9.7.postinst (closes: #213906)
-+  * restart spamassassins spamd on upgrade (closes: #214106)
-+  * restart more services on upgrade
-+  * fix EVP_BytesToKey manpage (closes: #213715)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Tue,  7 Oct 2003 15:01:32 +0200
-+
-+openssl (0.9.7c-1) unstable; urgency=high
-+
-+  * upstream security fix (closes: #213451)
-+   - Fix various bugs revealed by running the NISCC test suite:
-+     Stop out of bounds reads in the ASN1 code when presented with
-+     invalid tags (CAN-2003-0543 and CAN-2003-0544).
-+     Free up ASN1_TYPE correctly if ANY type is invalid (CAN-2003-0545).
-+     If verify callback ignores invalid public key errors don't try to check
-+     certificate signature with the NULL public key.
-+   - In ssl3_accept() (ssl/s3_srvr.c) only accept a client certificate
-+     if the server requested one: as stated in TLS 1.0 and SSL 3.0
-+     specifications.
-+  * more minor upstream bugfixes
-+  * fix formatting in c_issuer (closes: #190026)
-+  * fix Debian-FreeBSD support (closes: #200381)
-+  * restart some services in postinst to make them use the new libraries
-+  * remove duplicated openssl.1, crypto.3 and ssl.3 (closes: #198594)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Wed,  1 Oct 2003 08:54:27 +0200
-+
-+openssl (0.9.7b-2) unstable; urgency=high
-+
-+  * fix permission of /etc/ssl/private to 700 again
-+  * change section of libssl-dev to libdevel
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Wed, 23 Apr 2003 11:13:24 +0200
-+
-+openssl (0.9.7b-1) unstable; urgency=high
-+
-+  * upstream security fix
-+   - Countermeasure against the Klima-Pokorny-Rosa extension of
-+     Bleichbacher's attack on PKCS #1 v1.5 padding: treat
-+     a protocol version number mismatch like a decryption error
-+     in ssl3_get_client_key_exchange (ssl/s3_srvr.c). (CAN-2003-0131)
-+    (closes: #189087)
-+   - Turn on RSA blinding by default in the default implementation
-+     to avoid a timing attack. Applications that don't want it can call
-+     RSA_blinding_off() or use the new flag RSA_FLAG_NO_BLINDING.
-+     They would be ill-advised to do so in most cases. (CAN-2003-0147)
-+   - Change RSA blinding code so that it works when the PRNG is not
-+     seeded (in this case, the secret RSA exponent is abused as
-+     an unpredictable seed -- if it is not unpredictable, there
-+     is no point in blinding anyway).  Make RSA blinding thread-safe
-+     by remembering the creator's thread ID in rsa->blinding and
-+     having all other threads use local one-time blinding factors
-+     (this requires more computation than sharing rsa->blinding, but
-+     avoids excessive locking; and if an RSA object is not shared
-+     between threads, blinding will still be very fast).
-+    for more details see the CHANGES file
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Wed, 16 Apr 2003 10:32:57 +0200
-+
-+openssl (0.9.7a-1) unstable; urgency=high
-+
-+  * upstream Security fix
-+    - In ssl3_get_record (ssl/s3_pkt.c), minimize information leaked
-+      via timing by performing a MAC computation even if incorrrect
-+      block cipher padding has been found.  This is a countermeasure
-+      against active attacks where the attacker has to distinguish
-+      between bad padding and a MAC verification error. (CAN-2003-0078)
-+    for more details see the CHANGES file
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Fri, 21 Feb 2003 22:39:40 +0100
-+
-+openssl (0.9.7-4) unstable; urgency=low
-+
-+  * use DH_COMPAT=3 to build
-+  * move i686 to i686/cmov to fix problems on Via C3. For that to work we
-+    have to depend on the newest libc6 on i386 (closes: #177891)
-+  * fix bug in ui_util.c (closes: #177615)
-+  * fix typo in md5.h (closes: #178112)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Fri, 24 Jan 2003 10:22:56 +0100
-+
-+openssl (0.9.7-3) unstable; urgency=low
-+
-+  * enable build of ultrasparc code on non ultrasparc machines (closes:
-+    #177024) 
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Fri, 17 Jan 2003 08:22:13 +0100
-+
-+openssl (0.9.7-2) unstable; urgency=low
-+
-+  * include changes between 0.9.6g-9 and -10 
-+    * fix problem in build-process on i386 with libc6 version number
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Mon, 13 Jan 2003 14:26:56 +0100
-+
-+openssl (0.9.7-1) unstable; urgency=low
-+
-+  * new upstream
-+    * includes engine support
-+    * a lot of bugfixes and enhancements, see the CHANGES file
-+    * include AES encryption
-+    * makes preview of certificate configurable (closes: #176059)
-+    * fix x509 manpage (closes: #168070)
-+    * fix declaration of ERR_load_PEM_string in pem.h (closes: #141360)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Sat, 11 Jan 2003 09:12:16 +0100
-+
-+openssl (0.9.6g-10) unstable; urgency=low
-+
-+  * fix problem in build-process on i386 with libc6 version number
-+    (closes: #167096)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Mon,  4 Nov 2002 12:27:21 +0100
-+
-+openssl (0.9.6g-9) unstable; urgency=low
-+
-+  * fix typo in i386 libc6 depend (sigh) (closes: #163848)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Tue,  8 Oct 2002 23:29:20 +0200
-+
-+openssl (0.9.6g-8) unstable; urgency=low
-+
-+  * fix libc6 depends. Only needed for i386 (closes: #163701)
-+  * remove SHLIB section for bsds from Configure (closes: #163585)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Tue,  8 Oct 2002 10:57:35 +0200
-+
-+openssl (0.9.6g-7) unstable; urgency=low
-+
-+  * enable i686 optimisation and depend on fixed glibc (closes: #163500)
-+  * remove transition package ssleay
-+  * include optimisation vor sparcv8 (closes: #139996)
-+  * improve optimisation vor sparcv9
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Sun,  6 Oct 2002 14:07:12 +0200
-+
-+openssl (0.9.6g-6) unstable; urgency=low
-+
-+  * temporarily disable i686 optimisation (See bug in glibc #161788)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Sat, 21 Sep 2002 18:56:49 +0200
-+
-+openssl (0.9.6g-5) unstable; urgency=low
-+
-+  * i486 can use i586 assembler
-+  * include set -xe in the for loops in the rules files to make it abort
-+    on error (closes: #161768)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Sat, 21 Sep 2002 16:23:11 +0200
-+
-+openssl (0.9.6g-4) unstable; urgency=low
-+
-+  * fix optimization for alpha and sparc
-+  * add optimization for i486
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Fri, 20 Sep 2002 22:36:19 +0200
-+
-+openssl (0.9.6g-3) unstable; urgency=low
-+
-+  * add optimized libraries for i586, i686, ev4, ev5 and v9 (closes: #139783)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Thu, 19 Sep 2002 18:33:04 +0200
-+
-+openssl (0.9.6g-2) unstable; urgency=low
-+
-+  * fix manpage names (closes: #156717, #156718, #156719, #156721)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Thu, 15 Aug 2002 11:26:37 +0200
-+
-+openssl (0.9.6g-1) unstable; urgency=low
-+
-+  * new upstream version
-+  * Use proper error handling instead of 'assertions' in buffer
-+    overflow checks added in 0.9.6e.  This prevents DoS (the
-+    assertions could call abort()). (closes: #155985, #156495)
-+  * Fix ASN1 checks. Check for overflow by comparing with LONG_MAX
-+    and get fix the header length calculation.
-+  * include support for new sh* architectures (closes: #155117)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Wed, 14 Aug 2002 13:59:22 +0200
-+
-+openssl (0.9.6e-1) unstable; urgency=high
-+
-+  * fixes remote exploits (see DSA-136-1)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Tue, 30 Jul 2002 18:32:28 +0200
-+
-+openssl (0.9.6d-1) unstable; urgency=low
-+
-+  * new upstream (minor) version
-+  * includes Configure lines for debian-*bsd-* (closes: #130413)
-+  * fix wrong prototype for BN_pseudo_rand_range in BN_rand(3ssl) (closes:
-+    #144586) 
-+  * fix typos in package description (closes: #141469)
-+  * fix typo in SSL_CTX_set_cert_store manpage (closes: #135297)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Mon,  3 Jun 2002 19:42:10 +0200
-+
-+openssl (0.9.6c-2) unstable; urgency=low
-+
-+  * moved from non-US to main
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Tue, 19 Mar 2002 14:48:39 +0100
-+
-+openssl (0.9.6c-1) unstable; urgency=low
-+
-+  * new upstream version with a lot of bugfixes
-+  * remove directory /usr/include/openssl from openssl package (closes:
-+    bug #121226)  
-+  * remove selfdepends from libssl0.9.6
-+  * link openssl binary shared again
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Sat,  5 Jan 2002 19:04:31 +0100
-+
-+openssl (0.9.6b-4) unstable; urgency=low
-+
-+  * build with -D_REENTRANT for threads support on all architectures
-+    (closes: #112329, #119239)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Sat, 24 Nov 2001 12:17:51 +0100
-+
-+openssl (0.9.6b-3) unstable; urgency=low
-+
-+  * disable idea, mdc2 and rc5 because they are not free (closes: #65368) 
-+  * ready to be moved from nonus to main
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Wed, 21 Nov 2001 17:51:41 +0100
-+
-+openssl (0.9.6b-2) unstable; urgency=high
-+
-+  * fix definition of crypt in des.h (closes: #107533)
-+  * fix descriptions (closes: #109503)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Mon, 17 Sep 2001 15:38:27 +0200
-+
-+openssl (0.9.6b-1) unstable; urgency=medium
-+
-+  * new upstream fixes some security issues (closes: #105835, #100146) 
-+  * added support for s390 (closes: #105681)
-+  * added support for sh (closes: #100003)
-+  * change priority of libssl096 to standard as ssh depends on it (closes:
-+    #105440) 
-+  * don't optimize for i486 to support i386. (closes: #104127, #82194)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Fri, 20 Jul 2001 15:52:42 +0200
-+
-+openssl (0.9.6a-3) unstable; urgency=medium
-+
-+  * add perl-base to builddeps
-+  * include static libraries in libssl-dev (closes: #93688)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Mon, 14 May 2001 20:16:06 +0200
-+
-+openssl (0.9.6a-2) unstable; urgency=medium
-+
-+  * change Architecture of ssleay from any to all (closes: #92913)
-+  * depend libssl-dev on the exact same version of libssl0.9.6 (closes:
-+    #88939) 
-+  * remove lib{crypto,ssl}.a from openssl (closes: #93666)
-+  * rebuild with newer gcc to fix atexit problem (closes: #94036)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Wed,  2 May 2001 12:28:39 +0200
-+
-+openssl (0.9.6a-1) unstable; urgency=medium
-+
-+  * new upstream, fixes some security bugs (closes: #90584)
-+  * fix typo in s_server manpage (closes: #89756)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Tue, 10 Apr 2001 12:13:11 +0200
-+
-+openssl (0.9.6-2) unstable; urgency=low
-+
-+  * policy: reorganisation of package names: libssl096 -> libssl0.9.6,
-+    libssl096-dev -> libssl-dev (closes: #83426)
-+  * libssl0.9.6 drops replaces libssl09 (Closes: #83425)
-+  * install upstream CHANGES files (Closes: #83430)
-+  * added support for hppa and ia64 (Closes: #88790)
-+  * move man3 manpages to libssl-dev (Closes: #87546)
-+  * fix formating problem in rand_add(1) (Closes: #87547)
-+  * remove manpage duplicates (Closes: #87545, #74986)
-+  * make package descriptions clearer (Closes: #83518, #83444)
-+  * increase default emailAddress_max from 40 to 60 (Closes: #67238)
-+  * removed RSAREF warning (Closes: #84122)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Thu,  8 Mar 2001 14:24:00 +0100
-+
-+openssl (0.9.6-1) unstable; urgency=low
-+
-+  * New upstream version (Thanks to Enrique Zanardi <ezanard@debian.org>)
-+    (closes: #72388)
-+  * Add support for debian-hurd (closes: #76032)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Mon, 13 Nov 2000 22:30:46 +0100
-+
-+openssl (0.9.5a-5) unstable; urgency=low
-+
-+  * move manpages in standard directories with section ssl (closes:
-+    #72152, #69809)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Thu,  5 Oct 2000 19:56:20 +0200
-+
-+openssl (0.9.5a-4) unstable; urgency=low
-+
-+  * include edg_rand_bytes patch from and for apache-ssl 
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Sat, 23 Sep 2000 16:48:06 +0200
-+
-+openssl (0.9.5a-3) unstable; urgency=low
-+
-+  * fix call to dh_makeshlibs to create correct shlibs file and make
-+    dependend programs link correctly (closes: Bug#61658)
-+  * include a note in README.debian concerning the location of the
-+    subcommand manpages (closes: Bug#69809)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Sat, 16 Sep 2000 19:10:50 +0200
-+
-+openssl (0.9.5a-2) unstable; urgency=low
-+
-+  * try to fix the sharedlib problem. change soname of library 
-+  (closes: Bug#4622, #66102, #66538, #66123) 
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Wed, 12 Jul 2000 03:26:30 +0200
-+
-+openssl (0.9.5a-1) unstable; urgency=low
-+
-+  * new upstream version (major changes see file NEWS) (closes: Bug#63976,
-+    #65239, #65358)
-+  * new library package libssl095a because of probably changed library
-+    interface (closes: Bug#46222)
-+  * added architecture mips and mipsel (closes: Bug#62437, #60366)
-+  * provide shlibs.local file in build to help build if libraries are not
-+    yet installed (closes: Bug#63984)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Sun, 11 Jun 2000 15:17:35 +0200
-+
-+openssl (0.9.4-5) frozen unstable; urgency=medium
-+
-+  * cleanup of move of doc directories to /usr/share/doc (closes:
-+    Bug#56430) 
-+  * lintian issues (closes: Bug#49358)
-+  * move demos from openssl to libssl09-dev (closes: Bug#59201)
-+  * move to debhelpers
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Sat, 11 Mar 2000 10:38:04 +0100
-+
-+openssl (0.9.4-4) unstable; urgency=medium
-+
-+  * Added 'debian-arm' in 'Configure'. (closes: Bug#54251, #54766)
-+  * Fixed Configure for 'debian-m68k' (closes: Bug#53636)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Sat, 15 Jan 2000 13:16:18 +0100
-+
-+openssl (0.9.4-3) unstable; urgency=low
-+
-+  * define symbol SSLeay_add_ssl_algorithms for backward compatibility
-+    (closes: Bug#46882)
-+  * remove manpages from /usr/doc/openssl (closes: Bug#46791)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Thu, 14 Oct 1999 16:51:08 +0200
-+
-+openssl (0.9.4-2) unstable; urgency=low
-+
-+  * include some more docu in pod format (Bug #43933)
-+  * removed -mv8 from sparc flags (Bug #44769)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Tue, 14 Sep 1999 22:04:06 +0200
-+
-+openssl (0.9.4-1) unstable; urgency=low
-+
-+  * new upstream version (Closes: #42926)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Sat, 28 Aug 1999 17:04:23 +0200
-+
-+openssl (0.9.3a-1) unstable; urgency=low
-+
-+  * new upstream version (Bug #38345, #38627)
-+  * sparc is big-endian (Bug #39973)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Wed,  7 Jul 1999 16:03:37 +0200
-+
-+openssl (0.9.2b-3) unstable; urgency=low
-+
-+  * correct move conffiles to /etc/ssl (Bug #38570)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Mon, 31 May 1999 21:08:07 +0200
-+
-+openssl (0.9.2b-2) unstable; urgency=low
-+
-+  * added convenience package ssleay to help upgrade to openssl (Bug
-+    #37185, #37623, #36326)
-+  * added some missing dependencies from libssl09 (Bug #36681, #35867,
-+    #36326) 
-+  * move lib*.so to libssl09-dev (Bug #36761)
-+  * corrected version numbers of library files
-+  * introduce link from /usr/lib/ssl to /etc/ssl (Bug #36710)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Sun, 23 May 1999 14:57:48 +0200
-+
-+openssl (0.9.2b-1) unstable; urgency=medium
-+
-+  * First openssl version
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Wed, 31 Mar 1999 15:54:26 +0200
-+
-+ssleay (0.9.0b-2) unstable; urgency=low
-+
-+  * Include message about the (not)usage of RSAREF (#24409)
-+  * Move configfiles from /usr/lib/ssl to /etc/ssl (#26406)
-+  * Change definitions for sparc (#26487)
-+  * Added missing dependency (#28591)
-+  * Make debian/libtool executable (#29708)
-+  * /etc/ssl/lib/ssleay.cnf is now a confile (#32624)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Sun, 21 Mar 1999 19:41:04 +0100
-+
-+ssleay (0.9.0b-1) unstable; urgency=low
-+
-+  * new upstream version (Bug #21227, #25971)
-+  * build shared libraries with -fPIC (Bug #20027)
-+  * support sparc architecture (Bug #28467)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Tue, 13 Oct 1998 10:20:13 +0200
-+
-+ssleay (0.8.1-7) frozen unstable; urgency=high
-+
-+  * security fix patch to 0.8.1b (bug #24022)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Mon,  6 Jul 1998 15:42:15 +0200
-+
-+ssleay (0.8.1-6) frozen unstable; urgency=low
-+
-+  * second try to fix bug #15235 (copyright was still missing)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Mon, 22 Jun 1998 08:56:27 +0200
-+
-+ssleay (0.8.1-5) frozen unstable; urgency=high
-+
-+  * changed /dev/random to /dev/urandom (Bug #23169, #17817)
-+  * copyright contains now the full licence (Bug #15235)
-+  * fixed bug #19410 (md5sums-lists-nonexisting-file)
-+  * added demos to /usr/doc (Bug #17372)
-+  * fixed type in package description (Bug #18969)
-+  * fixed bug in adding documentation (Bug #21463)
-+  * added patch for support of debian-powerpc (Bug #21579)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Thu, 18 Jun 1998 23:09:13 +0200
-+
-+ssleay (0.8.1-4) unstable; urgency=low
-+
-+  * purged dependency from libc5
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Tue, 11 Nov 1997 15:31:50 +0100
-+
-+ssleay (0.8.1-3) unstable; urgency=low
-+
-+  * changed packagename libssl to libssl08 to get better dependancies
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Fri,  7 Nov 1997 14:23:17 +0100
-+
-+ssleay (0.8.1-2) unstable; urgency=low
-+
-+  * linked shared libraries against libc6
-+  * use /dev/random for randomseed
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Wed,  5 Nov 1997 11:21:40 +0100
-+
-+ssleay (0.8.1-1) unstable; urgency=low
-+
-+  * new upstream version
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Thu, 16 Oct 1997 16:15:43 +0200
-+
-+ssleay (0.6.6-2) unstable; urgency=low
-+
-+  * cleanup in diffs
-+  * removed INSTALL from docs (bug #13205)
-+  * split libssl and libssl-dev (but #13735)
-+
-+ -- Christoph Martin <christoph.martin@uni-mainz.de>  Wed, 15 Oct 1997 17:38:38 +0200
-+
-+ssleay (0.6.6-1) unstable; urgency=low
-+
-+  * New upstream version
-+  * added shared libraries for libcrypto and libssl
-+
-+ -- Christoph Martin <martin@uni-mainz.de>  Thu, 26 Jun 1997 19:26:14 +0200
-+
-+ssleay (0.6.4-2) unstable; urgency=low
-+
-+  * changed doc filenames from .doc to .txt to be able to read them
-+    over with webbrowser
-+
-+ -- Christoph Martin <martin@uni-mainz.de>  Tue, 25 Feb 1997 14:02:53 +0100
-+
-+ssleay (0.6.4-1) unstable; urgency=low
-+
-+  * Initial Release.
-+
-+ -- Christoph Martin <martin@uni-mainz.de>  Fri, 22 Nov 1996 21:29:51 +0100
---- openssl097-0.9.7g.orig/debian/rules
-+++ openssl097-0.9.7g/debian/rules
-@@ -0,0 +1,173 @@
-+#!/usr/bin/make -f
-+# Sample debian.rules file - for GNU Hello (1.3).
-+# Copyright 1994,1995 by Ian Jackson.
-+# I hereby give you perpetual unlimited permission to copy,
-+# modify and relicense this file, provided that you do not remove
-+# my name from the file itself.  (I assert my moral right of
-+# paternity under the Copyright, Designs and Patents Act 1988.)
-+# This file may have to be extensively modified
-+#
-+# Modified to be a prototype for debmake by Christoph Lameter <clameter@debian.org>
-+SHELL=/bin/bash
-+export DH_COMPAT=3
-+
-+package=openssl
-+
-+# For generating the manpages
-+export VERSION=$(shell dpkg-parsechangelog | grep '^Version:' | sed -e 's/^.*://' -e 's/-.*//')
-+
-+# The binary architeture
-+DEB_HOST_ARCH = $(shell dpkg-architecture -qDEB_HOST_ARCH)
-+
-+CONFARGS  = --prefix=/usr --openssldir=/usr/lib/ssl no-idea no-mdc2 no-rc5 zlib-dynamic debug
-+OPT_alpha = ev4 ev5
-+OPT_i386  = i486 i586 i686/cmov
-+OPT_sparc = v8 v9
-+ARCHOPTS  = OPT_$(DEB_HOST_ARCH)
-+OPTS      = $($(ARCHOPTS))
-+WANTED_LIBC_VERSION = 2.3.1-10
-+
-+build:
-+       dh_testdir
-+       perl util/perlpath.pl /usr/bin
-+#      perl util/ssldir.pl /usr/lib/ssl
-+#      chmod +x debian/libtool
-+       ./Configure no-shared $(CONFARGS) debian-$(DEB_HOST_ARCH)
-+       make -f Makefile DIRS="crypto ssl" all
-+       mv libcrypto.a libcrypto.static
-+       mv libssl.a libssl.static
-+       make -f Makefile DIRS="crypto ssl" clean
-+       test -z "$(OPTS)" || for opt in $(OPTS); \
-+       do \
-+               set -xe; \
-+               ./Configure shared $(CONFARGS) debian-$(DEB_HOST_ARCH)-$$opt; \
-+               make -f Makefile DIRS="crypto ssl" all; \
-+               mkdir -p $$opt; \
-+               mv libcrypto.so* libssl.so* $$opt/; \
-+               make -f Makefile DIRS="crypto ssl" clean; \
-+       done
-+       ./Configure shared $(CONFARGS) debian-$(DEB_HOST_ARCH)
-+       #make -f Makefile depend
-+       ln -sf apps/openssl.pod crypto/crypto.pod ssl/ssl.pod doc/
-+#      make -f Makefile linux-shared
-+       make -f Makefile all
-+#      strip apps/openssl
-+#      make -f Makefile clean DIRS="crypto ssl"
-+#      ./Configure --prefix=/usr --openssldir=/usr/lib/ssl no-idea no-mdc2 no-rc5 debian-$(DEB_HOST_ARCH)
-+#      make -f Makefile all DIRS="crypto ssl"
-+       touch build
-+
-+clean:
-+       dh_testdir
-+       dh_testroot
-+       -rm -f build
-+       -perl util/perlpath.pl /usr/bin
-+       -./Configure $(CONFARGS) debian-$(DEB_HOST_ARCH)
-+       -make -f Makefile  clean clean-shared
-+       #-make -f Makefile  dclean
-+       -perl util/perlpath.pl /usr/local/bin/perl
-+#      perl util/ssldir.pl /usr/local/ssl
-+       -rm -f test/.rnd test/testkey.pem test/testreq.pem test/certCA.srl
-+       -rm -f util/mk1mf.bak Makefile.bak `find . -name Makefile.save` 
-+       -rm -f crypto/pem/ctx_size
-+       -rm -f `find . -name "*~"`
-+       -rm -f `find . -name "*.orig" -o -name "*.rej"`
-+       -rm -f certs/*.0 certs/*.1
-+#      -rm -rf debian/tmp debian/files* core `find debian/* -type d`
-+       -rm -rf core $(OPTS)
-+       -rm doc/*.pod
-+       -rm -f libcrypto.* libssl.*
-+       dh_clean
-+
-+binary-indep:  build
-+       dh_testdir
-+       dh_testroot
-+# There are no architecture-independent files to be uploaded
-+# generated by this package.  If there were any they would be
-+# made here.
-+
-+binary-arch:   build
-+       dh_testdir
-+       dh_testroot
-+       dh_clean
-+#      -rm -rf debian/tmp `find debian/* -type d`
-+#      install -d debian/tmp debian/libssl0.9.7 debian/libssl0.9.7-dev
-+#      cd debian/tmp && install -d `cat ../dirs`
-+#      cd debian/libssl09 && install -d `cat ../libssl09.dirs`
-+#      cd debian/libssl09-dev && install -d `cat ../libssl09-dev.dirs`
-+       dh_installdirs
-+#openssl install
-+       make -f Makefile  install INSTALL_PREFIX=`pwd`/debian/tmp
-+       rm debian/tmp/usr/share/man/man1/openssl.1
-+       rm debian/tmp/usr/share/man/man3/crypto.3
-+       rm debian/tmp/usr/share/man/man3/ssl.3
-+#      rm debian/tmp/usr/lib/libcrypto.a
-+#      rm debian/tmp/usr/lib/libssl.a
-+       mv debian/tmp/usr/lib/libcrypto.a debian/tmp/usr/lib/libcrypto_pic.a
-+       mv debian/tmp/usr/lib/libssl.a debian/tmp/usr/lib/libssl_pic.a
-+       cp -pf libcrypto.static debian/tmp/usr/lib/libcrypto.a
-+       cp -pf libssl.static debian/tmp/usr/lib/libssl.a
-+#      mv debian/tmp/usr/lib/ssl/bin debian/tmp/usr/bin/ssl
-+#      (cd debian/tmp/usr/lib/ssl; ln -s /usr/bin/ssl bin)
-+#      mv debian/tmp/usr/lib/ssl/include debian/tmp/usr/include/ssl
-+#      (cd debian/tmp/usr/lib/ssl; ln -s /usr/include/ssl include)
-+#      chmod -x debian/tmp/usr/lib/*.so.*
-+#      mv debian/tmp/usr/lib/*.a debian/libssl09-dev/usr/lib/
-+#      mv debian/tmp/usr/lib/*.so debian/libssl09-dev/usr/lib/
-+#      mv debian/tmp/usr/lib/*.so.*.*.* debian/libssl09/usr/lib/
-+#      mv debian/tmp/usr/lib/*.la debian/libssl09-dev/usr/lib/
-+#      mv debian/tmp/usr/include debian/libssl09-dev/usr/
-+       mkdir -p debian/tmp/etc/ssl
-+       mv debian/tmp/usr/lib/ssl/{certs,openssl.cnf,private} debian/tmp/etc/ssl/
-+       ln -s /etc/ssl/{certs,openssl.cnf,private} debian/tmp/usr/lib/ssl/
-+       cp -auv lib*.so* debian/tmp/usr/lib/
-+#      cp -auv lib*.a debian/tmp/usr/lib/
-+       for opt in $(OPTS); do set -xe; mkdir -p debian/tmp/usr/lib/$$opt; cp -auv $$opt/lib*.so* debian/tmp/usr/lib/$$opt/; done
-+       install debian/copyright debian/libssl0.9.7/usr/share/doc/libssl0.9.7/
-+       install debian/changelog debian/libssl0.9.7/usr/share/doc/libssl0.9.7/changelog.Debian
-+#      install debian/copyright debian/libssl0.9.7-dev/usr/share/doc/libssl0.9.7-dev/
-+#      install debian/changelog debian/libssl0.9.7-dev/usr/share/doc/libssl0.9.7-dev/changelog.Debian
-+#      debstd -u CHANGES* LICENSE README NEWS
-+       dh_installdocs CHANGES.SSLeay LICENSE README NEWS debian/README.optimization
-+       dh_installexamples
-+       dh_installchangelogs CHANGES
-+#      dh_installmenu
-+#      dh_installcron
-+       dh_installdebconf
-+#      dh_undocumented c_rehash.1
-+       dh_movefiles
-+#      rmdir debian/tmp/usr/lib/ssl/lib
-+#      rmdir debian/tmp/usr/include/openssl
-+#      rmdir debian/tmp/usr/include
-+#      for opt in $(OPTS); do set -xe; rm -fr debian/tmp/usr/lib/$$opt; done
-+       dh_compress
-+       dh_fixperms -X etc/ssl/private
-+       dh_strip --dbg-package=libssl0.9.7
-+       dh_perl -d
-+#      dh_suidregister
-+       dh_shlibdeps -l`pwd` -Xlibssl.so
-+       # Hack, to depend on version of libc6 which supports the i686 directory
-+       if [ "${DEB_HOST_ARCH}" == "i386" ]; \
-+       then \
-+         SHLIB=`cat debian/libssl0.9.7.substvars`; \
-+         LIBC_VERSION=`echo $$SHLIB | sed s'/.*libc6 (>= \(.*\))/\1/'`; \
-+         if dpkg --compare-versions ${WANTED_LIBC_VERSION} gt $$LIBC_VERSION; \
-+         then \
-+           echo $$SHLIB | sed s'/libc6 (>= \(.*\))/libc6 (>= ${WANTED_LIBC_VERSION})/' > debian/libssl0.9.7.substvars; \
-+         fi \
-+       fi
-+       dh_gencontrol
-+       dh_makeshlibs -m 0.9.7
-+       dh_installdeb
-+       dh_md5sums
-+       dh_builddeb
-+       echo -en "\a"
-+
-+# Below here is fairly generic really
-+
-+binary:                binary-indep binary-arch
-+
-+source diff:
-+       @echo >&2 'source and diff are obsolete - use dpkg-source -b'; false
-+
-+.PHONY: binary binary-arch binary-indep clean
---- openssl097-0.9.7g.orig/debian/libssl0.9.7.postinst
-+++ openssl097-0.9.7g/debian/libssl0.9.7.postinst
-@@ -0,0 +1,139 @@
-+#!/bin/sh -e
-+
-+. /usr/share/debconf/confmodule
-+
-+package_name()
-+{
-+    echo $(basename $0 .postinst)
-+}
-+
-+# element() is a helper function for file-rc:
-+element() {
-+    local element list IFS
-+
-+    element="$1"
-+
-+    [ "$2" = "in" ] && shift
-+    list="$2"
-+    [ "$list" = "-" ] && return 1
-+    [ "$list" = "*" ] && return 0
-+
-+    IFS=","
-+    set -- $list
-+    case $element in
-+       "$1"|"$2"|"$3"|"$4"|"$5"|"$6"|"$7"|"$8"|"$9")
-+           return 0
-+    esac
-+    return 1
-+}
-+
-+# filerc (runlevel, service) returns /etc/init.d/service, if service is
-+# running in $runlevel:
-+filerc() {
-+    local runlevel basename
-+    runlevel=$1
-+    basename=$2
-+    while read LINE
-+    do
-+       case $LINE in
-+           \#*|"") continue
-+       esac
-+
-+       set -- $LINE
-+       SORT_NO="$1"; STOP="$2"; START="$3"; CMD="$4"
-+       [ "$CMD" = "/etc/init.d/$basename" ] || continue
-+
-+       if element "$runlevel" in "$START" || element "S" in "$START"
-+       then
-+           echo "/etc/init.d/$basename"
-+           return 0
-+       fi
-+    done < /etc/runlevel.conf
-+    echo ""
-+}
-+
-+if [ "$1" = "configure" ]
-+then
-+    if [ ! -z "$2" ]; then
-+       if dpkg --compare-versions "$2" lt 0.9.7d-1; then
-+           echo -n "Checking for services that may need to be restarted..."
-+
-+           check="sendmail ssh"
-+           check="$check apache2-common ssh-nonfree exim4"
-+           check="$check apache-ssl libapache-mod-ssl openvpn spamassassin"
-+           check="$check courier-imap-ssl courier-mta-ssl courier-pop-ssl"
-+           check="$check postfix-tls cyrus21-imapd cyrus21-pop3d"
-+           check="$check postgresql racoon"
-+           # Only get the ones that are installed, and configured
-+           check=$(dpkg -s $check 2> /dev/null | sed '/^$/{N;/^\n$/D;}' | awk 'BEGIN{RS="\n\n";FS="\n"}{if ( $2 ~ /Status: .* installed$/ ) { print $1 } }' | cut -f 2 -d ' ')
-+           # apache2 ships its init script in apache2-common, but the
-+           # script is apache2
-+           check=$(echo $check | sed 's/apache2-common/apache2/g')
-+           # For mod-ssl apache has to be restarted
-+           check=$(echo $check | sed 's/libapache-mod-ssl/apache/g')
-+           rl=$(runlevel | awk '{print $2}')
-+           for service in $check; do
-+               if [ -f /usr/share/file-rc/rc -o -f /usr/lib/file-rc/rc ] && [ -f /etc/runlevel.conf ]; then
-+                   idl=$(filerc $rl $service)
-+               else
-+                   idl=$(ls /etc/rc${rl}.d/S??${service} 2> /dev/null | head -n 1)
-+               fi
-+               if [ -n "$idl" ] && [ -x $idl ]; then
-+                   services="$service $services"
-+               fi
-+           done
-+           echo "done."
-+           if [ -n "$services" ]; then
-+               db_version 2.0
-+
-+               db_reset libssl0.9.7/restart-services
-+               db_set libssl0.9.7/restart-services "$services"
-+               db_input critical libssl0.9.7/restart-services || true
-+               db_go || true
-+               db_get libssl0.9.7/restart-services
-+               # Arghhh, close all the stupid debconf pipes
-+               db_stop
-+               
-+               if [ "x$RET" != "x" ]
-+               then
-+                   services=$RET
-+                   answer=yes
-+               else
-+                   answer=no
-+               fi
-+               echo
-+               if [ "$answer" = yes ] && [ "$services" != "" ]; then
-+                   echo "Restarting services possibly affected by the upgrade:"
-+                   failed=""
-+                   for service in $services; do
-+                       idl=$(ls /etc/rc${rl}.d/S??${service} 2> /dev/null | head -n 1)
-+                       echo -n "  $service: stopping..."
-+                       $idl stop > /dev/null 2>&1 || true
-+                       sleep 1
-+                       echo -n "starting..."
-+                       if $idl start > /dev/null 2>&1; then
-+                           echo "done."
-+                       else
-+                           echo "FAILED! ($?)"
-+                           failed="$service $failed"
-+                       fi
-+                   done
-+                   echo
-+                   if [ -n "$failed" ]; then
-+                       # Ruh roh, George
-+                       echo "The following services failed to start: $failed"
-+                       echo
-+                       echo "You will need to start these manually by running \`/etc/init.d/<service> start'"
-+                       echo "If the service still fails to start, you may need to file a bug on"
-+                       echo "$(package_name) or the service involved."
-+                   else
-+                       echo "Services restarted successfully."
-+                   fi
-+                   echo
-+               fi
-+           fi
-+       fi # end upgrading and $2 lt 0.9.7c-1
-+    fi # Upgrading
-+fi
-+
-+#DEBHELPER#
---- openssl097-0.9.7g.orig/debian/watch
-+++ openssl097-0.9.7g/debian/watch
-@@ -0,0 +1,2 @@
-+version=2
-+ftp://ftp.openssl.org/source/openssl-(\d+\.\d+\.\d+[a-z]?)\.tar\.gz debian uupdate
---- openssl097-0.9.7g.orig/debian/libssl0.9.7.preinst
-+++ openssl097-0.9.7g/debian/libssl0.9.7.preinst
-@@ -0,0 +1,3 @@
-+#!/bin/sh -e
-+
-+#DEBHELPER#
---- openssl097-0.9.7g.orig/debian/libssl0.9.7.prerm
-+++ openssl097-0.9.7g/debian/libssl0.9.7.prerm
-@@ -0,0 +1,3 @@
-+#!/bin/sh -e
-+
-+#DEBHELPER#
---- openssl097-0.9.7g.orig/debian/copyright
-+++ openssl097-0.9.7g/debian/copyright
-@@ -0,0 +1,135 @@
-+This package was debianized by Christoph Martin martin@uni-mainz.de on
-+Fri, 22 Nov 1996 21:29:51 +0100.
-+
-+Copyright (c) 1998-2004 The OpenSSL Project
-+Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
-+
-+The upstream sources were obtained from http://www.openssl.org/
-+
-+
-+  LICENSE ISSUES
-+  ==============
-+
-+  The OpenSSL toolkit stays under a dual license, i.e. both the conditions of
-+  the OpenSSL License and the original SSLeay license apply to the toolkit.
-+  See below for the actual license texts. Actually both licenses are BSD-style
-+  Open Source licenses. In case of any license issues related to OpenSSL
-+  please contact openssl-core@openssl.org.
-+
-+  OpenSSL License
-+  ---------------
-+
-+/* ====================================================================
-+ * Copyright (c) 1998-2004 The OpenSSL Project.  All rights reserved.
-+ *
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions
-+ * are met:
-+ *
-+ * 1. Redistributions of source code must retain the above copyright
-+ *    notice, this list of conditions and the following disclaimer. 
-+ *
-+ * 2. Redistributions in binary form must reproduce the above copyright
-+ *    notice, this list of conditions and the following disclaimer in
-+ *    the documentation and/or other materials provided with the
-+ *    distribution.
-+ *
-+ * 3. All advertising materials mentioning features or use of this
-+ *    software must display the following acknowledgment:
-+ *    "This product includes software developed by the OpenSSL Project
-+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
-+ *
-+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
-+ *    endorse or promote products derived from this software without
-+ *    prior written permission. For written permission, please contact
-+ *    openssl-core@openssl.org.
-+ *
-+ * 5. Products derived from this software may not be called "OpenSSL"
-+ *    nor may "OpenSSL" appear in their names without prior written
-+ *    permission of the OpenSSL Project.
-+ *
-+ * 6. Redistributions of any form whatsoever must retain the following
-+ *    acknowledgment:
-+ *    "This product includes software developed by the OpenSSL Project
-+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
-+ *
-+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
-+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
-+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-+ * OF THE POSSIBILITY OF SUCH DAMAGE.
-+ * ====================================================================
-+ *
-+ * This product includes cryptographic software written by Eric Young
-+ * (eay@cryptsoft.com).  This product includes software written by Tim
-+ * Hudson (tjh@cryptsoft.com).
-+ *
-+ */
-+
-+ Original SSLeay License
-+ -----------------------
-+
-+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
-+ * All rights reserved.
-+ *
-+ * This package is an SSL implementation written
-+ * by Eric Young (eay@cryptsoft.com).
-+ * The implementation was written so as to conform with Netscapes SSL.
-+ * 
-+ * This library is free for commercial and non-commercial use as long as
-+ * the following conditions are aheared to.  The following conditions
-+ * apply to all code found in this distribution, be it the RC4, RSA,
-+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
-+ * included with this distribution is covered by the same copyright terms
-+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
-+ * 
-+ * Copyright remains Eric Young's, and as such any Copyright notices in
-+ * the code are not to be removed.
-+ * If this package is used in a product, Eric Young should be given attribution
-+ * as the author of the parts of the library used.
-+ * This can be in the form of a textual message at program startup or
-+ * in documentation (online or textual) provided with the package.
-+ * 
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions
-+ * are met:
-+ * 1. Redistributions of source code must retain the copyright
-+ *    notice, this list of conditions and the following disclaimer.
-+ * 2. Redistributions in binary form must reproduce the above copyright
-+ *    notice, this list of conditions and the following disclaimer in the
-+ *    documentation and/or other materials provided with the distribution.
-+ * 3. All advertising materials mentioning features or use of this software
-+ *    must display the following acknowledgement:
-+ *    "This product includes cryptographic software written by
-+ *     Eric Young (eay@cryptsoft.com)"
-+ *    The word 'cryptographic' can be left out if the rouines from the library
-+ *    being used are not cryptographic related :-).
-+ * 4. If you include any Windows specific code (or a derivative thereof) from 
-+ *    the apps directory (application code) you must include an acknowledgement:
-+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
-+ * 
-+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
-+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-+ * SUCH DAMAGE.
-+ * 
-+ * The licence and distribution terms for any publically available version or
-+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
-+ * copied and put under another distribution licence
-+ * [including the GNU Public Licence.]
-+ */
-+
---- openssl097-0.9.7g.orig/debian/shlibs.local
-+++ openssl097-0.9.7g/debian/shlibs.local
-@@ -0,0 +1,2 @@
-+libcrypto 0.9.7 libssl0.9.7
-+libssl 0.9.7 libssl0.9.7
---- openssl097-0.9.7g.orig/debian/README.debian
-+++ openssl097-0.9.7g/debian/README.debian
-@@ -0,0 +1,52 @@
-+openssl for DEBIAN
-+----------------------
-+
-+openssl replaces ssleay.
-+
-+The application links to openssl like req, ca, verify and s_client
-+have been removed.
-+
-+Instead of `<application>` please call now `openssl <application>`
-+
-+eg: 
-+instead of `req` please call `openssl req`
-+
-+NOTE: The libssl library version for debian-i386 is optimized for
-+486-processors and better. It will not run on 386-processors.
-+
-+----
-+Self-signed certs and webservers:
-+
-+If you get with a selfsigned certificate and a webserver:
-+ > "The certificate is not approved for the attempted operation."
-+
-+Bodo_Moeller@public.uni-hamburg.de (Bodo Moeller) writes:
-+>Probably you are using a CA certificate for your server; if you use
-+>"openssl req" to generate a new key and self-signed certificate with
-+>the default openssl.cnf, the certificate you get includes certain
-+>X.509v3 extensions that make it unfit for use as a server certificate.
-+>This was not so with earlier versions of the software because back
-+>then there was far less X.509v3 support.
-+>
-+>To look at the certificate some HTTPS server presents to its cliens,
-+>use "openssl s_client -port 443 -host your.server", store the output
-+>(at least the part from "-----BEGIN CERTIFICATE-----" up to "-----END
-+>CERTIFICATE-----", including these separators) in a file and use
-+>"openssl x509 -in the_file_you_just_stored -text" to look at it in
-+>readable form.  If it has in the "X509v3 extensions section" any of
-+>the following entries, it is not usable as a server certificate:
-+>
-+>            X509v3 Basic Constraints:
-+>                CA:TRUE
-+>
-+>            X509v3 Key Usage:
-+>                Certificate Sign, CRL Sign
-+>
-+>To quickly create a new server key and certificate that works with
-+>Netscape, you can just copy the original openssl.cnf file and comment
-+>out the "x509_extensions" entry in the "[ req ]" section.
-+>The, use "openssl req ..." as before to create a new certificate and
-+>key.
-+
-+
-+Christoph Martin <martin@uni-mainz.de>, Wed, 31 Mar 1999 16:00:51 +0200