sync with 0.9.6e.

crypto/dist/openssl/CHANGES

@@ -2,17 +2,40 @@
  OpenSSL CHANGES
  _______________
 
- Changes in security patch
+ Changes between 0.9.6d and 0.9.6e  [30 Jul 2002]
 
-Changes marked "(CHATS)" were sponsored by the Defense Advanced
-Research Projects Agency (DARPA) and Air Force Research Laboratory,
-Air Force Materiel Command, USAF, under agreement number
-F30602-01-2-0537.
+  *) Fix cipher selection routines: ciphers without encryption had no flags
+     for the cipher strength set and where therefore not handled correctly
+     by the selection routines (PR #130).
+     [Lutz Jaenicke]
+
+  *) Fix EVP_dsa_sha macro.
+     [Nils Larsch]
+
+  *) New option
+          SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
+     for disabling the SSL 3.0/TLS 1.0 CBC vulnerability countermeasure
+     that was added in OpenSSL 0.9.6d.
+
+     As the countermeasure turned out to be incompatible with some
+     broken SSL implementations, the new option is part of SSL_OP_ALL.
+     SSL_OP_ALL is usually employed when compatibility with weird SSL
+     implementations is desired (e.g. '-bugs' option to 's_client' and
+     's_server'), so the new option is automatically set in many
+     applications.
+     [Bodo Moeller]
+
+  *) Changes in security patch:
+
+     Changes marked "(CHATS)" were sponsored by the Defense Advanced
+     Research Projects Agency (DARPA) and Air Force Research Laboratory,
+     Air Force Materiel Command, USAF, under agreement number
+     F30602-01-2-0537.
 
   *) Add various sanity checks to asn1_get_length() to reject
      the ASN1 length bytes if they exceed sizeof(long), will appear
      negative or the content length exceeds the length of the
-     supplied buffer. (CAN-2002-0659)
+     supplied buffer.
      [Steve Henson, Adi Stav <stav@mercury.co.il>, James Yonan <jim@ntlp.com>]
 
   *) Assertions for various potential buffer overflows, not known to

crypto/dist/openssl/FAQ

@@ -38,6 +38,8 @@ OpenSSL  -  Frequently Asked Questions
 * Why does the OpenSSL compilation fail on Alpha Tru64 Unix?
 * Why does the OpenSSL compilation fail with "ar: command not found"?
 * Why does the OpenSSL compilation fail on Win32 with VC++?
+* What is special about OpenSSL on Redhat?
+* Why does the OpenSSL test suite fail on MacOS X?
 
 [PROG] Questions about programming with OpenSSL
 
@@ -59,7 +61,7 @@ OpenSSL  -  Frequently Asked Questions
 * Which is the current version of OpenSSL?
 
 The current version is available from <URL: http://www.openssl.org>.
-OpenSSL 0.9.6d was released on 9 May, 2002.
+OpenSSL 0.9.6e was released on 30 May, 2002.
 
 In addition to the current stable release, you can also access daily
 snapshots of the OpenSSL development version at <URL:
@@ -215,8 +217,11 @@ For Solaris 2.6, Tim Nibbe <tnibbe@sprint.net> and others have suggested
 installing the SUNski package from Sun patch 105710-01 (Sparc) which
 adds a /dev/random device and make sure it gets used, usually through
 $RANDFILE.  There are probably similar patches for the other Solaris
-versions.  However, be warned that /dev/random is usually a blocking
-device, which may have some effects on OpenSSL.
+versions.  An official statement from Sun with respect to /dev/random
+support can be found at
+  http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsrdb/27606&zone_32=SUNWski
+However, be warned that /dev/random is usually a blocking device, which
+may have some effects on OpenSSL.
 
 
 * Why do I get an "unable to write 'random state'" error message?
@@ -451,6 +456,52 @@ under 'Program Files').  This needs to be done prior to running NMAKE,
 and the changes are only valid for the current DOS session.
 
 
+* What is special about OpenSSL on Redhat?
+
+Red Hat Linux (release 7.0 and later) include a preinstalled limited
+version of OpenSSL. For patent reasons, support for IDEA, RC5 and MDC2
+is disabled in this version. The same may apply to other Linux distributions.
+Users may therefore wish to install more or all of the features left out.
+
+To do this you MUST ensure that you do not overwrite the openssl that is in
+/usr/bin on your Red Hat machine. Several packages depend on this file,
+including sendmail and ssh. /usr/local/bin is a good alternative choice. The
+libraries that come with Red Hat 7.0 onwards have different names and so are
+not affected. (eg For Red Hat 7.2 they are /lib/libssl.so.0.9.6b and
+/lib/libcrypto.so.0.9.6b with symlinks /lib/libssl.so.2 and
+/lib/libcrypto.so.2 respectively).
+
+Please note that we have been advised by Red Hat attempting to recompile the
+openssl rpm with all the cryptography enabled will not work. All other
+packages depend on the original Red Hat supplied openssl package. It is also
+worth noting that due to the way Red Hat supplies its packages, updates to
+openssl on each distribution never change the package version, only the
+build number. For example, on Red Hat 7.1, the latest openssl package has
+version number 0.9.6 and build number 9 even though it contains all the
+relevant updates in packages up to and including 0.9.6b.
+
+A possible way around this is to persuade Red Hat to produce a non-US
+version of Red Hat Linux.
+
+FYI: Patent numbers and expiry dates of US patents:
+MDC-2: 4,908,861 13/03/2007
+IDEA:  5,214,703 25/05/2010
+RC5:   5,724,428 03/03/2015
+
+
+* Why does the OpenSSL test suite fail on MacOS X?
+
+If the failure happens when running 'make test' and the RC4 test fails,
+it's very probable that you have OpenSSL 0.9.6b delivered with the
+operating system (you can find out by running '/usr/bin/openssl version')
+and that you were trying to build OpenSSL 0.9.6d.  The problem is that
+the loader ('ld') in MacOS X has a misfeature that's quite difficult to
+go around and has linked the programs "openssl" and the test programs
+with /usr/lib/libcrypto.dylib and /usr/lib/libssl.dylib instead of the
+libraries you just built.
+Look in the file PROBLEMS for a more detailed explanation and for possible
+solutions.
+
 [PROG] ========================================================================
 
 * Is OpenSSL thread-safe?

crypto/dist/openssl/crypto/des/des.h

@@ -188,7 +188,7 @@ int des_enc_write(int fd,const void *buf,int len,des_key_schedule sched,
 		  des_cblock *iv);
 char *des_fcrypt(const char *buf,const char *salt, char *ret);
 char *des_crypt(const char *buf,const char *salt);
-#if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) && !defined(__NetBSD__)
+#if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) && !defined(_UWIN) && !defined(__NetBSD__)
 char *crypt(const char *buf,const char *salt);
 #endif
 void des_ofb_encrypt(const unsigned char *in,unsigned char *out,int numbits,

crypto/dist/openssl/crypto/ebcdic.c

@@ -211,7 +211,7 @@ ascii2ebcdic(void *dest, const void *srce, size_t count)
 }
 
 #else /*CHARSET_EBCDIC*/
-#if defined(PEDANTIC) || defined(VMS) || defined(__VMS)
+#if defined(PEDANTIC) || defined(VMS) || defined(__VMS) || defined(_DARWIN)
 static void *dummy=&dummy;
 #endif
 #endif

crypto/dist/openssl/crypto/evp/c_alld.c

@@ -64,6 +64,10 @@
 
 void OpenSSL_add_all_digests(void)
 	{
+	static int done=0;
+
+	if (done) return;
+	done=1;
 #ifndef NO_MD2
 	EVP_add_digest(EVP_md2());
 #endif

crypto/dist/openssl/crypto/evp/evp.h

@@ -188,7 +188,7 @@ typedef struct evp_pkey_md_st
 			EVP_rsa_octet_string(),EVP_mdc2())
 #define EVP_dsa_sha() \
 		EVP_PKEY_MD_add(NID_dsaWithSHA,\
-			EVP_dsa(),EVP_mdc2())
+			EVP_dsa(),EVP_sha())
 #define EVP_dsa_sha1() \
 		EVP_PKEY_MD_add(NID_dsaWithSHA1,\
 			EVP_dsa(),EVP_sha1())

crypto/dist/openssl/crypto/objects/obj_dat.c

@@ -228,7 +228,7 @@ int OBJ_add_object(ASN1_OBJECT *obj)
 	if (added == NULL)
 		if (!init_added()) return(0);
 	if ((o=OBJ_dup(obj)) == NULL) goto err;
-	ao[ADDED_NID]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ));
+	if (!(ao[ADDED_NID]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)))) goto err;
 	if ((o->length != 0) && (obj->data != NULL))
 		ao[ADDED_DATA]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ));
 	if (o->sn != NULL)

crypto/dist/openssl/doc/apps/smime.pod

@@ -21,7 +21,6 @@ B<openssl> B<smime>
 [B<-certfile file>]
 [B<-signer file>]
 [B<-recip  file>]
-[B<-in file>]
 [B<-inform SMIME|PEM|DER>]
 [B<-passin arg>]
 [B<-inkey file>]

crypto/dist/openssl/doc/crypto/BN_rand.pod

@@ -14,7 +14,7 @@ BN_rand, BN_pseudo_rand - generate pseudo-random number
 
  int BN_rand_range(BIGNUM *rnd, BIGNUM *range);
 
- int BN_pseudo_rand_range(BIGNUM *rnd, int bits, int top, int bottom);
+ int BN_pseudo_rand_range(BIGNUM *rnd, BIGNUM *range);
 
 =head1 DESCRIPTION
 

crypto/dist/openssl/doc/crypto/EVP_DigestInit.pod

@@ -192,7 +192,7 @@ in code that must be recompiled if the size of B<EVP_MD_CTX> increases.
 
 L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
 L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
-L<sha(3)|sha(3)>, L<digest(1)|digest(1)>
+L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
 
 =head1 HISTORY
 

crypto/dist/openssl/doc/crypto/EVP_SignInit.pod

@@ -75,7 +75,7 @@ L<EVP_VerifyInit(3)|EVP_VerifyInit(3)>,
 L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
 L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
 L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
-L<sha(3)|sha(3)>, L<digest(1)|digest(1)>
+L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
 
 =head1 HISTORY
 

crypto/dist/openssl/doc/crypto/EVP_VerifyInit.pod

@@ -62,7 +62,7 @@ L<EVP_SignInit(3)|EVP_SignInit(3)>,
 L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
 L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
 L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
-L<sha(3)|sha(3)>, L<digest(1)|digest(1)>
+L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
 
 =head1 HISTORY
 

crypto/dist/openssl/doc/crypto/err.pod

@@ -172,7 +172,7 @@ ERR_get_string_table(void) respectively.
 =head1 SEE ALSO
 
 L<CRYPTO_set_id_callback(3)|CRYPTO_set_id_callback(3)>,
-L<CRYPTO_set_locking_callback(3)|<CRYPTO_set_locking_callback(3)>,
+L<CRYPTO_set_locking_callback(3)|CRYPTO_set_locking_callback(3)>,
 L<ERR_get_error(3)|ERR_get_error(3)>,
 L<ERR_GET_LIB(3)|ERR_GET_LIB(3)>,
 L<ERR_clear_error(3)|ERR_clear_error(3)>,

crypto/dist/openssl/doc/crypto/rsa.pod

@@ -110,7 +110,7 @@ L<RSA_blinding_on(3)|RSA_blinding_on(3)>,
 L<RSA_set_method(3)|RSA_set_method(3)>, L<RSA_print(3)|RSA_print(3)>,
 L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>,
 L<RSA_private_encrypt(3)|RSA_private_encrypt(3)>,
-L<RSA_sign_ASN_OCTET_STRING(3)|RSA_sign_ASN_OCTET_STRING(3)>,
+L<RSA_sign_ASN1_OCTET_STRING(3)|RSA_sign_ASN1_OCTET_STRING(3)>,
 L<RSA_padding_add_PKCS1_type_1(3)|RSA_padding_add_PKCS1_type_1(3)> 
 
 =cut

crypto/dist/openssl/doc/ssl/SSL_get_error.pod

@@ -13,7 +13,7 @@ SSL_get_error - obtain result code for TLS/SSL I/O operation
 =head1 DESCRIPTION
 
 SSL_get_error() returns a result code (suitable for the C "switch"
-statement) for a preceding call to SSL_connect(), SSL_accept(),
+statement) for a preceding call to SSL_connect(), SSL_accept(), SSL_do_handshake(),
 SSL_read(), SSL_peek(), or SSL_write() on B<ssl>.  The value returned by
 that TLS/SSL I/O function must be passed to SSL_get_error() in parameter
 B<ret>.

crypto/dist/openssl/doc/ssl/ssl.pod

@@ -682,6 +682,7 @@ L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>,
 L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>,
 L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>,
 L<SSL_alert_type_string(3)|SSL_alert_type_string(3)>,
+L<SSL_do_handshake(3)|SSL_do_handshake(3)>,
 L<SSL_get_SSL_CTX(3)|SSL_get_SSL_CTX(3)>,
 L<SSL_get_ciphers(3)|SSL_get_ciphers(3)>,
 L<SSL_get_client_CA_list(3)|SSL_get_client_CA_list(3)>,

crypto/dist/openssl/e_os.h

@@ -114,11 +114,11 @@ extern "C" {
 #  define MS_STATIC
 #endif
 
-#if defined(_WIN32) && !defined(WIN32) && !defined(__CYGWIN32__)
+#if defined(_WIN32) && !defined(WIN32) && !defined(__CYGWIN32__) && !defined(_UWIN)
 #  define WIN32
 #endif
 
-#if (defined(WIN32) || defined(WIN16)) && !defined(__CYGWIN32__)
+#if (defined(WIN32) || defined(WIN16)) && !defined(__CYGWIN32__) && !defined(_UWIN)
 #  ifndef WINDOWS
 #    define WINDOWS
 #  endif
@@ -142,7 +142,8 @@ extern "C" {
 #define clear_sys_error()	errno=0
 #endif
 
-#if defined(WINDOWS) && !defined(__CYGWIN32__)
+#if defined(WINDOWS) && !defined(__CYGWIN32__)  && !defined(_UWIN)
+
 #define get_last_socket_error()	WSAGetLastError()
 #define clear_socket_error()	WSASetLastError(0)
 #define readsocket(s,b,n)	recv((s),(b),(n),0)
@@ -180,7 +181,7 @@ extern "C" {
 #endif
 
 
-#if (defined(WINDOWS) || defined(MSDOS)) && !defined(__CYGWIN32__)
+#if (defined(WINDOWS) || defined(MSDOS)) && !defined(__CYGWIN32__) && !defined(_UWIN)
 
 #  ifndef S_IFDIR
 #    define S_IFDIR	_S_IFDIR

crypto/dist/openssl/shlib/Makefile.hpux10-cc

@@ -1,6 +1,6 @@
 # Makefile.hpux-cc
 
-major=0.9.6d
+major=0.9.6e
 
 slib=libssl
 sh_slib=$(slib).sl.$(major)

crypto/dist/openssl/shlib/hpux10-cc.sh

@@ -60,9 +60,9 @@ mkdir /usr/local
 mkdir /usr/local/ssl
 mkdir /usr/local/ssl/lib
 chmod 444 lib*_pic.a
-chmod 555 lib*.sl.0.9.6d
-cp -p lib*_pic.a lib*.sl.0.9.6d /usr/local/ssl/lib
-(cd /usr/local/ssl/lib ; ln -sf libcrypto.sl.0.9.6d libcrypto.sl ; ln -sf libssl.sl.0.9.6d libssl.sl)
+chmod 555 lib*.sl.0.9.6e
+cp -p lib*_pic.a lib*.sl.0.9.6e /usr/local/ssl/lib
+(cd /usr/local/ssl/lib ; ln -sf libcrypto.sl.0.9.6e libcrypto.sl ; ln -sf libssl.sl.0.9.6e libssl.sl)
 
 # Reconfigure without pic to compile the executables. Unfortunately, while
 # performing this task we have to recompile the library components, even

crypto/dist/openssl/ssl/s2_lib.c

@@ -77,7 +77,8 @@ OPENSSL_GLOBAL SSL_CIPHER ssl2_ciphers[]={
 	SSL2_TXT_NULL_WITH_MD5,
 	SSL2_CK_NULL_WITH_MD5,
 	SSL_kRSA|SSL_aRSA|SSL_eNULL|SSL_MD5|SSL_SSLV2,
-	SSL_EXPORT|SSL_EXP40,
+	SSL_EXPORT|SSL_EXP40|SSL_STRONG_NONE,
+	0,
 	0,
 	0,
 	SSL_ALL_CIPHERS,
@@ -199,6 +200,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl2_ciphers[]={
 	SSL2_TXT_NULL,
 	SSL2_CK_NULL,
 	0,
+	SSL_STRONG_NONE,
 	0,
 	0,
 	0,

crypto/dist/openssl/ssl/s3_lib.c

@@ -129,7 +129,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 	SSL3_TXT_RSA_NULL_MD5,
 	SSL3_CK_RSA_NULL_MD5,
 	SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_MD5|SSL_SSLV3,
-	SSL_NOT_EXP,
+	SSL_NOT_EXP|SSL_STRONG_NONE,
 	0,
 	0,
 	0,
@@ -142,7 +142,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 	SSL3_TXT_RSA_NULL_SHA,
 	SSL3_CK_RSA_NULL_SHA,
 	SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_SHA1|SSL_SSLV3,
-	SSL_NOT_EXP,
+	SSL_NOT_EXP|SSL_STRONG_NONE,
 	0,
 	0,
 	0,
@@ -492,7 +492,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 	SSL3_TXT_FZA_DMS_NULL_SHA,
 	SSL3_CK_FZA_DMS_NULL_SHA,
 	SSL_kFZA|SSL_aFZA |SSL_eNULL |SSL_SHA1|SSL_SSLV3,
-	SSL_NOT_EXP,
+	SSL_NOT_EXP|SSL_STRONG_NONE,
 	0,
 	0,
 	0,
@@ -506,7 +506,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 	SSL3_TXT_FZA_DMS_FZA_SHA,
 	SSL3_CK_FZA_DMS_FZA_SHA,
 	SSL_kFZA|SSL_aFZA |SSL_eFZA |SSL_SHA1|SSL_SSLV3,
-	SSL_NOT_EXP,
+	SSL_NOT_EXP|SSL_STRONG_NONE,
 	0,
 	0,
 	0,

crypto/dist/openssl/ssl/ssl.h

@@ -340,6 +340,7 @@ typedef struct ssl_session_st
 	struct ssl_session_st *prev,*next;
 	} SSL_SESSION;
 
+
 #define SSL_OP_MICROSOFT_SESS_ID_BUG			0x00000001L
 #define SSL_OP_NETSCAPE_CHALLENGE_BUG			0x00000002L
 #define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG		0x00000008L
@@ -351,11 +352,25 @@ typedef struct ssl_session_st
 #define SSL_OP_TLS_BLOCK_PADDING_BUG			0x00000200L
 #define SSL_OP_TLS_ROLLBACK_BUG				0x00000400L
 
+/* Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added
+ * in OpenSSL 0.9.6d.  Usually (depending on the application protocol)
+ * the workaround is not needed.  Unfortunately some broken SSL/TLS
+ * implementations cannot handle it at all, which is why we include
+ * it in SSL_OP_ALL. */
+#define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS              0x00000800L /* added in 0.9.6e */
+
+/* SSL_OP_ALL: various bug workarounds that should be rather harmless */
+#define SSL_OP_ALL					0x000FFFFFL
+
 /* If set, always create a new key when using tmp_dh parameters */
 #define SSL_OP_SINGLE_DH_USE				0x00100000L
 /* Set to also use the tmp_rsa key when doing RSA operations. */
 #define SSL_OP_EPHEMERAL_RSA				0x00200000L
 
+#define SSL_OP_NO_SSLv2					0x01000000L
+#define SSL_OP_NO_SSLv3					0x02000000L
+#define SSL_OP_NO_TLSv1					0x04000000L
+
 /* The next flag deliberately changes the ciphertest, this is a check
  * for the PKCS#1 attack */
 #define SSL_OP_PKCS1_CHECK_1				0x08000000L
@@ -364,11 +379,7 @@ typedef struct ssl_session_st
 /* SSL_OP_NON_EXPORT_FIRST looks utterly broken .. */
 #define SSL_OP_NON_EXPORT_FIRST 			0x40000000L
 #define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG		0x80000000L
-#define SSL_OP_ALL					0x000FFFFFL
 
-#define SSL_OP_NO_SSLv2					0x01000000L
-#define SSL_OP_NO_SSLv3					0x02000000L
-#define SSL_OP_NO_TLSv1					0x04000000L
 
 /* Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success
  * when just a single record has been written): */
@@ -382,6 +393,7 @@ typedef struct ssl_session_st
  * is blocking: */
 #define SSL_MODE_AUTO_RETRY 0x00000004L
 
+
 /* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value,
  * they cannot be used to clear bits. */
 

crypto/dist/openssl/ssl/ssl_locl.h

@@ -283,16 +283,17 @@
 #define SSL_NOT_EXP		0x00000001L
 #define SSL_EXPORT		0x00000002L
 
-#define SSL_STRONG_MASK		0x0000007cL
-#define SSL_EXP40		0x00000004L
+#define SSL_STRONG_MASK		0x000000fcL
+#define SSL_STRONG_NONE		0x00000004L
+#define SSL_EXP40		0x00000008L
 #define SSL_MICRO		(SSL_EXP40)
-#define SSL_EXP56		0x00000008L
+#define SSL_EXP56		0x00000010L
 #define SSL_MINI		(SSL_EXP56)
-#define SSL_LOW			0x00000010L
-#define SSL_MEDIUM		0x00000020L
-#define SSL_HIGH		0x00000040L
+#define SSL_LOW			0x00000020L
+#define SSL_MEDIUM		0x00000040L
+#define SSL_HIGH		0x00000080L
 
-/* we have used 0000007f - 25 bits left to go */
+/* we have used 000000ff - 24 bits left to go */
 
 /*
  * Macros to check the export status and cipher strength for export ciphers.

crypto/dist/openssl/util/pod2man.pl

@@ -416,8 +416,8 @@ if ($name ne 'something') {
 			warn "$0: Improper man page - malformed NAME header in paragraph $. of $ARGV[0]\n"
 		    }
 		    else {
-			$n[0] =~ s/\n/ /;
-			$n[1] =~ s/\n/ /;
+			$n[0] =~ s/\n/ /g;
+			$n[1] =~ s/\n/ /g;
 			%namedesc = @n;
 		    }
 		}