VERSION 1.0.0

ZeroTier 1.0.0 brings a number of under the hood improvements and bug
fixes. These include but are not limited to:

 * A simpler, faster multicast algorithm that places full burden
   for multicast propagation on the sender. This results in better
   fairness without CPU-intensive signature/verify on every packet,
   lower latency for intra-data-center SDN operations, and avoids
   distributed burdens that are intrinsically unfriendly to mobile
   clients subject to wake frequency limits and battery life
   constraints. In the future this may be augmented to allow
   optimized delivery to multiple recipients at the same site via
   federation.

 * Significant code reorg to move toward mobile support (iOS, Android)
   and future SDK packaging.

 * A number of efficiency and stability improvements.

 * Bug fixes for Linux and ARM users.

 * Improved NAT traversal, including limited support for port
   numbering scheme guessing to traverse some symmetric NATs.

Upgrade from 0.9.x is not required but is strongly recommended. Older
clients using the old multicast algorithm are presently supported via
legacy hooks, and these may go away at some point in the future. We'll
monitor the status of the network and try to keep legacy support around
as long as people need it, but it'll probably be pulled once 95%+ of
clients are 1.0.0 or newer.

The next versions will bring further bug fixes, improved user experience,
more enterprise-grade features for intra-data-center use, and more!

.gitignore

@@ -1,8 +1,43 @@
-zerotier-*
-/Makefile
+/ext/llvm-g++-Xcode4.6.2
+/ext/llvm-g++-Xcode4.6.2.tar.bz2
+/zerotier-*
+/ZeroTierUI/*.user
 *.o
 .DS_Store
 .Apple*
 *.dSYM
-mac-tap/tuntap/src/tap/tap
-mac-tap/tuntap/tap.kext
+/netconf-service/node_modules
+/ipch
+/windows/ZeroTierOne.sdf
+/windows/ZeroTierOne.v11.suo
+/windows/x64
+/windows/Win32
+/windows/*/x64
+/windows/*/Win32
+/windows/ZeroTierOne/Release
+/windows/ZeroTierOneService/obj
+/windows/ZeroTierOneService/bin
+/windows/Build
+/ext/installfiles/windows/ZeroTier One-SetupFiles
+/ext/installfiles/windows/Prerequisites
+*.log
+*.opensdf
+*.user
+*.cache
+*.obj
+*.tlog
+*.pid
+/build-*
+/ZeroTierOneInstaller-*
+.qmake.stash
+*.autosave
+/ZeroTier One.dmg
+/root-topology/*.secret
+/testnet/local-testnet/n????
+/testnet/local-testnet/*/peers.persist
+/testnet/local-testnet/*/authtoken.secret
+/testnet/local-testnet/*/*.log
+/testnet/local-testnet/*/*.old
+/testnet/local-testnet/*/root-topology
+/testnet/local-testnet/*/local.conf
+/testnet/local-testnet/*/networks.d

AUTHORS.txt

@@ -1,26 +1,21 @@
-This file will track authors and contributors to ZeroTier's code base.
-People who contribute new code or bug fixes that are accepted into
-the master (trunk) branch will be credited here.
+ZeroTier One is designed and written by Adam Ierymenko, with a few bug
+fixes and other contributions from other users. Information about all
+contributors can be found on the GitHub home page at:
 
---
+https://github.com/zerotier/ZeroTierOne
 
-Adam Ierymenko [adam.ierymenko@zerotier.com]
- * Principal author and maintainer of ZeroTier One, author of all
-   code prior to ZeroTier's open source release.
- * Maintainer of master branch, release manager.
-
---
-
-ZeroTier One includes or links with the following third party software:
+ZeroTier One includes the following third party code:
 
  * LZ4 compression algorithm by Yann Collet (BSD license)
    http://code.google.com/p/lz4/
 
- * OpenSSL libcrypto (BSD-style OpenSSL license)
-   http://www.openssl.org/
-
- * TunTapOSX by Mattias Nissler (with tiny modifications) (BSD license)
+ * TunTapOSX by Mattias Nissler (forked for ZT1) (BSD license)
    http://tuntaposx.sourceforge.net
 
- * Salsa20 stream cipher by D. J. Bernstein (public domain)
-   http://cr.yp.to/snuffle.html
+ * tap-windows by the OpenVPN project (forked for ZT1) (GPL)
+   https://github.com/OpenVPN/tap-windows
+
+ * Salsa20 stream cipher, Curve25519 elliptic curve cipher, Ed25519
+   digital signature algorithm, and Poly1305 MAC algorithm, all by
+   Daniel J. Bernstein (public domain)
+   http://cr.yp.to/

BUILDING.txt

@@ -6,18 +6,32 @@ Developers note: there is currently no management of dependencies on *nix
 platforms, so you should make clean ; make if you change a header. Will
 do this eventually.
 
--- MacOS
-
-make -f Makefile.mac
-
-Edit Makefile.mac if you want to change between debug or release build.
-
 -- Linux
 
-make -f Makefile.linux
+Just type 'make'. You'll need gcc and g++ installed, but ZeroTier One requires
+no other third party libraries beyond the standard libc, libstdc++, and libm.
 
-Edit Makefile.linux if you want to change between debug or release build.
+-- MacOS
+
+make
+
+If you are building ext/tap-mac you will need a different version of the
+OSX gcc compiler chain than what currently ships (clang). We've got a copy
+available here:
+
+http://download.zerotier.com/dev/llvm-g++-Xcode4.6.2.tar.bz2
+
+Un-tar this into ext/ (it's excluded in .gitignore) and then 'make' in
+ext/tap-mac/tuntap/src/tap.
+
+Most users should not need to build tap-mac, since a binary is included
+in ext/bin.
+
+To build the UI you will need Qt version 5.0 or later. The Qt home must
+be symbolically linked into "Qt" in the parent directory of the ZeroTier
+One source tree. Then you can type "make mac-ui" and the UI should build.
+You can also load the UI in Qt Creator and build/test it that way.
 
 -- Windows
 
-TBD
+Here be dragons.

Makefile

@@ -0,0 +1,11 @@
+# Common makefile -- loads make rules for each platform
+
+OSTYPE=$(shell uname -s)
+
+ifeq ($(OSTYPE),Darwin)
+	include make-mac.mk
+endif
+
+ifeq ($(OSTYPE),Linux)
+	include make-linux.mk
+endif

Makefile.linux

@@ -1,54 +0,0 @@
-CC=gcc
-CXX=g++
-
-INCLUDES=-Iext/bin/libcrypto/include -Iext/jsoncpp/include
-ARCH=$(shell uname -m)
-DEFS=-DZT_ARCH="$(ARCH)" -DZT_OSNAME="linux" -DZT_TRACE
-
-# Uncomment for a release optimized build
-#CFLAGS=-Wall -O3 -fno-unroll-loops -fstack-protector -pthread $(INCLUDES) -DNDEBUG $(DEFS)
-#STRIP=strip --strip-all
-
-# Uncomment for a debug build
-CFLAGS=-Wall -g -pthread $(INCLUDES) -DZT_TRACE $(DEFS)
-STRIP=echo
-
-CXXFLAGS=$(CFLAGS) -fno-rtti
-
-# We statically link against libcrypto because RedHat-derived distributions do
-# not ship the elliptic curve algorithms. If we didn't we'd have to build
-# separate binaries for the RedHat and Debian universes to distribute via
-# auto-update. This way we get one Linux binary for all systems of a given
-# architecture.
-LIBS=ext/bin/libcrypto/linux-$(ARCH)/libcrypto.a -lm -ldl
-
-include objects.mk
-
-all:	one cli launcher
-
-one:	$(OBJS)
-	$(CXX) $(CXXFLAGS) -o zerotier-one main.cpp $(OBJS) $(LIBS)
-	$(STRIP) zerotier-one
-
-cli:	$(OBJS)
-	$(CXX) $(CXXFLAGS) -o zerotier-cli cli.cpp $(OBJS) $(LIBS)
-	$(STRIP) zerotier-cli
-
-selftest:	$(OBJS)
-	$(CXX) $(CXXFLAGS) -o zerotier-selftest selftest.cpp $(OBJS) $(LIBS)
-	$(STRIP) zerotier-selftest
-
-idtool:	$(OBJS)
-	$(CXX) $(CXXFLAGS) -o zerotier-idtool idtool.cpp $(OBJS) $(LIBS)
-	$(STRIP) zerotier-idtool
-
-launcher:
-	$(CC) -Os -o zerotier-launcher launcher.c
-	$(STRIP) zerotier-launcher
-
-launcher-fakebin:
-	$(CC) $(CFLAGS) -DZEROTIER_FAKE_VERSION_MAJOR=1 -DZEROTIER_FAKE_VERSION_MINOR=2 -DZEROTIER_FAKE_VERSION_REVISION=3 -o zerotier-launcher-fakebin-123 launcher-fakebin.c
-	$(CC) $(CFLAGS) -DZEROTIER_FAKE_VERSION_MAJOR=1 -DZEROTIER_FAKE_VERSION_MINOR=2 -DZEROTIER_FAKE_VERSION_REVISION=4 -o zerotier-launcher-fakebin-124 launcher-fakebin.c
-
-clean:
-	rm -f $(OBJS) zerotier-*

Makefile.mac

@@ -1,63 +0,0 @@
-CC=gcc
-CXX=g++
-
-INCLUDES=-Iext/bin/libcrypto/include -Iext/jsoncpp/include
-DEFS=-DZT_ARCH="x86_combined" -DZT_OSNAME="mac" -DZT_TRACE
-
-# Uncomment for a release optimized universal binary build
-CFLAGS=-arch i386 -arch x86_64 -Wall -O3 -ftree-vectorize -fstack-protector -pthread -mmacosx-version-min=10.6 -DNDEBUG $(INCLUDES) $(DEFS)
-STRIP=strip
-
-# Uncomment for a debug build
-#CFLAGS=-Wall -g -pthread -DZT_TRACE -DZT_LOG_STDOUT $(INCLUDES) $(DEFS)
-#STRIP=echo
-
-CXXFLAGS=$(CFLAGS) -fno-rtti
-LIBS=-lcrypto -lm
-
-include objects.mk
-
-all: one cli launcher mac-tap
-
-one:	$(OBJS)
-	$(CXX) $(CXXFLAGS) -o zerotier-one main.cpp $(OBJS) $(LIBS)
-	$(STRIP) zerotier-one
-
-cli:	$(OBJS)
-	$(CXX) $(CXXFLAGS) -o zerotier-cli cli.cpp $(OBJS) $(LIBS)
-	$(STRIP) zerotier-cli
-
-selftest: $(OBJS)
-	$(CXX) $(CXXFLAGS) -o zerotier-selftest selftest.cpp $(OBJS) $(LIBS)
-	$(STRIP) zerotier-selftest
-
-idtool: $(OBJS)
-	$(CXX) $(CXXFLAGS) -o zerotier-idtool idtool.cpp $(OBJS) $(LIBS)
-	$(STRIP) zerotier-idtool
-
-mac-tap: FORCE
-	cd mac-tap/tuntap ; make tap.kext
-
-install-mac-tap: FORCE
-	mkdir -p /Library/Application\ Support/ZeroTier/One
-	rm -rf /Library/Application\ Support/ZeroTier/One/tap.kext
-	cp -R mac-tap/tuntap/tap.kext /Library/Application\ Support/ZeroTier/One
-	chown -R root:wheel /Library/Application\ Support/ZeroTier/One/tap.kext
-
-launcher: FORCE
-	$(CC) -Os -arch i386 -arch x86_64 -o zerotier-launcher launcher.c
-	$(STRIP) zerotier-launcher
-
-launcher-fakebin:
-	$(CC) $(CFLAGS) -DZEROTIER_FAKE_VERSION_MAJOR=1 -DZEROTIER_FAKE_VERSION_MINOR=2 -DZEROTIER_FAKE_VERSION_REV
-	$(CC) $(CFLAGS) -DZEROTIER_FAKE_VERSION_MAJOR=1 -DZEROTIER_FAKE_VERSION_MINOR=2 -DZEROTIER_FAKE_VERSION_REV
-
-makekeypair: $(OBJS)
-	$(CXX) $(CXXFLAGS) -o zerotier-makekeypair makekeypair.cpp $(OBJS) $(LIBS)
-
-clean:
-	rm -rf *.dSYM
-	rm -f $(OBJS) zerotier-*
-	cd mac-tap/tuntap ; make clean
-
-FORCE:

README.md

@@ -1,95 +1,54 @@
-ZeroTier One
+ZeroTier One - Planetary Scale Software Defined Networking
 ======
 
-ZeroTier One creates flat virtual Ethernet networks of almost unlimited size. [Visit ZeroTier on the web](https://www.zerotier.com/) for more information.
+ZeroTier One is an ethernet virtualization engine. It creates virtual switched LANs of almost unlimited size that span physical network boundaries. To the operating system these behave just like ordinary Ethernet ports. Everything just works, even as your computer moves around or your physical Internet link changes.
 
-This code is presently in **ALPHA** testing. That means that the protocol spec may change in incompatible ways, and it certainly has bugs. Testers should "git pull," rebuild, and restart fairly often. If things mysteriously stop working, do that.
+It's intended to replace conventional hub-and-spoke VPNs, provide provider-neutral secure private backplane networks to multi-data-center and hybrid cloud deployments, allow remote access to embedded devices, and much more.
 
-See BUILDING.txt and RUNNING.txt for instructions. It currently builds on Mac and Linux. A Windows port is coming soon. Nice packages/installers and auto-update are also coming when alpha transitions to beta.
+ZeroTier uses a peer to peer network with managed anchor points ("supernodes"). These are operated by ZeroTier Networks, and are free to use. They provides instant "zero configuration" startup, NAT traversal assistance, relaying in cases where NAT traversal doesn't work, and a trusted root authority for looking up peer public keys (identities). The supernodes run the same open-source software as regular nodes, are geographically distributed across three continents, and have remained stable for over a year. [This blog post](http://adamierymenko.com/decentralization-i-want-to-believe/) discusses the design rationale in some detail. *(TL;DR: this design represents a compromise between speed and ease of use and decentralization.)*
 
-Note that this won't work if your firewall does not allow outbound UDP. It must allow UDP conversations on port 8993 at a minimum.
+ZeroTier One encrypts all traffic end-to-end with keys that only you control. Even when traffic is traversing our network we cannot decrypt it. It's not, however, a "strong privacy" tool since it would still be possible for us (or your ISP or anyone else in between) to observe "meta-data" about your traffic. If you need *that* level of anonymity, we recommend [Tor](https://www.torproject.org) or something similar. Onion routing is the only technology we're aware of that is capable of delivering that level of end-to-end privacy protection.
 
-At present there is only one virtual LAN and you are dumped there by default. It's called Earth, and is exactly what it sounds like. The ability to create and join additional networks is coming soon. Once you're on, visit [earth.zerotier.net](http://earth.zerotier.net/) to see your Earth LAN IP address and other information.
+At the moment the ZeroTier wire protocol is only documented in the source (start with the comments in Packet.hpp), but more formal documentation is planned for the near future. Encapsulation overhead is comparable to IPSec or OpenVPN.
 
-**Security warning:** You read that right. ZeroTier One places your computer on an absolutely open global Ethernet party line. Please ensure that you are up to date on your OS patches and we recommend turning off unnecessary services. Also be sure that anything else you are sharing is password protected provided you don't want to share it: printers, iPhoto and iTunes shares, etc.
+[Visit ZeroTier Networks on the web](https://www.zerotier.com/) for more information. Follow the [ZeroTier blog](https://www.zerotier.com/blog/), [Twitter feed](https://twitter.com/ZeroTier) and the main [GitHub project](https://github.com/zerotier/ZeroTierOne) to stay up to date. See the GitHub-hosted wiki (sidebar) for more technical info and help for various platforms. There's also a [support portal](https://www.zerotier.com/support/) for more general information.
 
-ZeroTier One is licensed under the GNU General Public License version 3. You are free to use, modify, or redistribute it under the terms of that license. If you would like to embed ZeroTier One in a closed source product or create a closed source derivative product, contact ZeroTier Networks LLC.
+### Getting Started
 
-Check out the [blog](http://blog.zerotier.com/) for announcements, in-depth articles, and related thoughts. There is also a [Google group](https://groups.google.com/forum/#!forum/zerotier-one-users) for questions and discussion.
+Auto-updating binary packages that install easily [can be found here](https://www.zerotier.com/download.html) for officially supported platforms. Packages for popular Linux distributions that neatly wrap the Linux installer/uninstaller are coming soon.
 
-----
-**FAQ**
+If you want to build from source, clone this repository and see BUILDING.txt and RUNNING.txt. If you build manually you'll have to update manually, and we recommend doing so often as development is progressing very rapidly. (Protocol is pretty stable but you might miss out on new features or experience performance degradation if you're too far behind.)
 
-**Q:** What can I do with this?  
-**A:** For starters, try opening iTunes if you have it installed. If others are also online and sharing their collections, you might see them. If you have any games that run over a LAN (except those that require IPX), try those. What else can you think of to do on a completely flat, open network? Games? Collaborative software development? Remote debugging? Transferring files using simple drive shares? Sharing your desktop printer to someone on another continent? Use your imagination.
+Once you are up and running, you have several options.
 
-**Q:** Why do I get an IP address in the 27.0.0.0 or 28.0.0.0 range? And why does a lookup claim these addresses belong to the U.S. Department of Defense?  
-**A:** Short answer: because IPv4 needs to die. Long answer: the Earth network assigns IPv4 IPs from these ranges. They do in fact belong to the DOD, but they are *not* routed to the open Internet. The DOD owns them but uses them internally for private networks. As a result, there is nothing *technically* wrong with "bogarting" these for our own private network. It's considered bad practice, but if you want a private address space in IPv4 that is unlikely to overlap other private address spaces (like 10/8 and 192.168/16), it's the only way. [Cellular carriers](http://www.androidcentral.com/sprint-internet-dept-defense-and-you)  and [cable companies](http://www.dslreports.com/forum/r25679029-Why-is-my-first-hop-to-a-DoD-assigned-IP-address-) frequently do the same thing.
+ZeroTier provides ZeroTier One for free, but to help finance development and operations we have a [user-friendly freemium control panel on the web](https://www.zerotier.com/admin.html). This control panel lets you quickly and easily create your own networks, and the operation of their controller node(s) is left to us. Public networks created on our site are free, and private networks are free for up to ten devices. After that there is a monthly charge.
 
-**Q:** Is IPv6 supported?  
-**A:** Yes. IPv6 link-local addresses (those in the fe80::/10 block) are auto-assigned and should work fine. No other IPv6 addresses are assigned *yet*, but there are plans to do interesting things in this area in the future.
+You *only* need an account on our site if you want to use the control panel found there. Joining networks requires no account. To get authorized on a private network, just send your device's 10-digit ID to the network's administrator and they can add you.
 
-**Q:** I don't want a giant Ethernet party line. Can I leave it and create private LANs instead?  
-**A:** Yes, soon. A GUI to configure such things is in development. But for now there's only Earth.
+Public networks, as the name implies, can be joined without getting authorization from anyone. All you need is their 16-digit network ID. A public network called [Earth](https://www.zerotier.com/earth.html) (8056c2e21c000001) exists for everyone, but be sure your device is adequately secured and up to date before joining.
 
-**Q:** Are you going to charge for this?  
-**A:** Public virtual LANs will remain free. We intend to charge for private networks in some way, but the exact model is TBD. Other cloud-supported paid features are also TBD.
+Alternatively, you can run your own network configuration controller. This lets you run any network for free. To do this, start with the netconf-service/ subfolder of this project. You'll need to do a bit of system administration work and manually populate a Redis database, but it's not terribly hard if you're into that kind of thing.
 
-**Q:** What's a supernode?  
-**A:** Supernodes are nodes run by ZeroTier Networks that orindary users use to find one another and communicate until/unless they can perform NAT traversal and connect directly. They run the exact same software as everyone else. The only thing that really makes a supernode special is that it's designated as such.
+More products and services will be forthcoming.
 
-**Q:** Can I run a supernode?  
-**A:** No, not at the moment, and there would be no benefit to doing so.
+### Basic Troubleshooting
 
-**Q:** Will my local firewall rules apply to ZeroTier One traffic?  
-**A:** ZeroTier creates a virtual Ethernet tap device (zt# on Mac and Linux) that emulates a wired Ethernet port. If your firewall applies to *all* network ports, it will filter traffic through this port as well. If it applies only to the primary interface, it may not. See your OS's firewall documentation, as different OSes and flavors thereof have slightly different configurations in this regard.
+For about 95% of users, it just works.
 
-**Q:** Can you see my traffic? What about other users? Can you sniff the LAN?  
-**A:** No. All unicast (direct computer to computer) traffic is encrypted end-to-end (even if it's being relayed), and the ZeroTier virtual LAN behaves like a LAN with a secure enterprise-grade switch that does not allow unicast conversations to be sniffed. Multicast and broadcast traffic will of course be seen by many recipients, but that's the idea.
+If you are running a local system firewall, we recommend adding a rule permitting UDP port 9993 inbound and outbound. The binary Windows installer takes care of this for Windows' built-in firewall, but other platforms and third party firewall software may need this for optimal performance.
 
-**Q:** What about privacy? Does this hide my location on the network?  
-**A:** ZeroTier is not a connection anonymizer. Other than encryption, it doesn't do anything special to hide your identity or network location. If you want strong privacy protection there are already very advanced tools like [Tor](https://www.torproject.org) for that, and this isn't trying to duplicate their functionality. At the same time, ZT does not do anything special to harm your privacy either. It's not spyware or snoop-ware.
+ZeroTier One peers will automatically locate each other and communicate directly over a local wired LAN *if UDP port 9993 inbound is open*. If that port is filtered, they won't be able to see each others' LAN announcement packets. If you're experiencing poor performance between devices on the same physical network, check their firewall settings. Without LAN auto-location peers must attempt "loopback" NAT traversal, which sometimes fails and in any case requires that every packet traverse your external router twice.
 
-**Q:** Is this designed to replace IP, BGP, IPv6, routers, etc.?  
-**A:** No. Its purpose is to act as a collaboration tool, a VPN alternative, a network mobility tool, a testbed for the development of software that takes advantage of fully open networking, a virtual LAN party for gamers, and so on, but it's not intended (or able) to replace the core of the Internet.
+Users behind certain types of firewalls and "symmetric" NAT devices may not able able to connect to external peers directly at all. ZeroTier has limited support for port prediction and will *attempt* to traverse symmetric NATs, but this doesn't always work. If P2P connectivity fails you'll be bouncing UDP packets off our relay servers resulting in slower performance. Some NAT router(s) have a configurable NAT mode, and setting this to "full cone" will eliminate this problem. If you do this you may also see a magical improvement for things like VoIP phones, Skype, BitTorrent, WebRTC, certain games, etc., since all of these use NAT traversal techniques similar to ours.
 
-**Q:** Can I bridge this to a physical port and plug in an Xbox, PlayStation, etc.?  
-**A:** Not currently, as foreign Ethernet frames are not forwarded. This may be possible in a future version.
+If you're interested, there's a [technical deep dive about NAT traversal on our blog](https://www.zerotier.com/blog/?p=226). A troubleshooting tool to help you diagnose NAT issues is planned for the future as are uPnP/IGD/NAT-PMP and IPv6 transport.
 
-----
-**Status**
+If a firewall between you and the Internet blocks ZeroTier's UDP traffic, you will fall back to last-resort TCP tunneling to supernodes over port 443 (https impersonation). This will work almost anywhere but is *slow*. If performance seems just terrible, this is the first thing to check.
 
-*What works:*
- * Network auto-configuration via JSON API with identity based authentication and encryption
- * End-to-end encryption with automatic key exchange
- * Ethernet multicast with implicit social propagation (though the algorithm will certainly be getting tweaked as we go)
-   * IPv4 ARP works (see MulticastGroup.hpp for details)
-   * IPv6 neighbor discovery protocol works, thus IPv6 link-local addressing on the ZeroTier device also works
-   * mDNS (though if the LAN gets big you will not see everyone, just people nearby on your implicit social graph)
-   * IP-level multicast ought to "just work," though it may take up to a minute or so for a new join to propagate
- * NAT traversal works pretty well, at least behind relatively sane unrestrictive firewalls/routers. You can see this by pinging another node and watching, after a few seconds, the latency drop dramatically since you're no longer relaying. If it doesn't your firewall might block such things. Additional NAT traversal strategies are coming.
- * Changes in your local network configuration are generally detected and will cause peers to be re-acquired.
+Some Windows users have reported a [problem with the TAP device driver](https://github.com/zerotier/ZeroTierOne/issues/107). From user reports this seems to occur on Windows systems that have not been updated through Windows Update. While we have a fix planned, we **really** recommend keeping your system up to date for security reasons. Frankly we're a bit torn on this one. If this is truly the cause, perhaps ZeroTier failing to work on unpatched Windows systems is a feature not a bug.
 
-*Known immediate issues:*
- * Multiple network support is in but there is no interface to configure it, hence it is useless. But in alpha it'll be nice to shove everyone onto "Earth" in order to stress test that little "almost unlimited size" boast.
- * There is no multiple-launch protection yet and multiple instances on the same system do not work well due to route conflicts. Take care that zerotier-one is not running before launching it again. The command "sudo killall zerotier-one" is helpful.
- * Sometimes ZeroTier One doesn't like to terminate when asked nicely. This is related to issues with the tap device closing down properly. If it hangs around after a TERM signal, send it a KILL (9) signal.
- * The locally bound UDP port isn't configurable yet. It's 8993 by default.
- * Known security issues:
-   * There is no rate limit for multicast. Please be nice during alpha testing and don't flood.
-   * There is no filtering. Whether or not to try to do port-level filtering is not yet decided, as technically the local OS firewall and OS service configuration should do this and ZeroTier is not about re-inventing wheels. But certain things *will*need to be filtered by ZT1 itself. These include certain ICMP and ICMPv6 messages: router advertisement, router solicitation, source redirect, etc. DHCP and BOOTP should probably also be filtered at a minimum.
-   * ARP and IPv6 NDP want extra security measures to prevent poisoning and spoofing. The best mechanism is being researched.
- * If a supernode goes down, this takes quite a while to be detected and things will go dead. Fast recovery from relay failure is in the works.
- * If by a one in 2^40 chance two people generate the same ZeroTier address, this is currently not handled. It's unlikely and also hard (as in cryptographically hard) to do intentionally. See comments in Identity.cpp for details.
+More help can be found in the [GitHub wiki](https://github.com/zerotier/ZeroTierOne/wiki) and the [customer support portal / knowledge base](https://www.zerotier.com/support/).
 
-*What doesn't work and might not work for a while, if ever:*
- * Only ARP, IPv4, and IPv6 frames are allowed. The ability to permit other ethertypes on user-created networks may be added later to allow things like old games that use IPX or private networks to remote administer weird hardware.
- * Bridging of the ZeroTier device to other networks will not work, and may never. This is TBD.
- * VLAN tagged frames will not work and probably never will, as higher level network provisioning handles that concept.
+The ZeroTier source code is open source and is licensed under the GNU GPL v3 (not LGPL). If you'd like to embed it in a closed-source commercial product or appliance, please e-mail [contact@zerotier.com](mailto:contact@zerotier.com) to discuss licensing.
 
-----
-
-<a href="http://flattr.com/thing/1611614/ZeroTier-Networks" target="_blank"><img src="http://api.flattr.com/button/flattr-badge-large.png" alt="Flattr this" title="Flattr this" border="0" /></a>  
-[![githalytics.com alpha](https://cruel-carlota.pagodabox.com/59b2cbb9c154bf84bddb4b714402e548 "githalytics.com")](http://githalytics.com/zerotier/ZeroTierOne)
-
-(c)2012-2013 [ZeroTier Networks LLC](https://www.zerotier.com/)
+*ZeroTier is keyboard crafted with coffee and sleep deprivation in Southern California.*

RUNNING.txt

@@ -1,47 +1,74 @@
-Running ZeroTier One from a source build:
+This guide is for those building and running from source. See BUILDING.txt
+first.
 
--- MacOS
+The wiki at GitHub contains several pages that are probably also of interest:
+  https://github.com/zerotier/ZeroTierOne/wiki
 
-By convention, ZeroTier One will keep its state here on mac:
+--- MacOS
+
+On Mac, the default ZeroTier home is:
 
 /Library/Application Support/ZeroTier/One
 
 ZeroTier ships with a kernel extension for its own tap device, which it
-stores in the above directory. To install this from source, type:
+stores in the above directory. To install this, type:
 
-sudo make -f Makefile.mac install-mac-tap
+sudo make install-mac-tap
 
 This will create the ZeroTier One home above if it does not exist and install
 the kext there. Note that the kext must be owned by root:wheel. The make
 rule for install-mac-tap takes care of that.
 
 Next, simply run the binary. It must be run as root to open the tap device.
+If run with no options, it will use the default home directory above.
 
-sudo ./zerotier-one '/Library/Application Support/ZeroTier/One' &
+sudo ./zerotier-one &
 
-Type "ifconfig" and look for the new interface, which should be called
-"zt0." The strange IPv4 address it has is your "zero4" address. Visit
-http://zerotier.net/ to check your connection.
-
-Kill it with something like:
-
-sudo killall zerotier-one
-
--- Linux
+--- LINUX
 
 On Linux, the default ZeroTier home is:
 
 /var/lib/zerotier-one
 
-We use the Linux native tap driver, so no special drivers are needed. Just
-type:
+Just type:
 
 sudo mkdir /var/lib/zerotier-one
-sudo ./zerotier-one /var/lib/zerotier-one &
+sudo ./zerotier-one &
 
-Type ifconfig and you should see an interface like "zt0." Then try
-http://zerotier.net or ping zerotier.net to check your connection.
+Your system must have the Linux tun/tap driver available (tun). All tested
+distributions so far ship with this driver as a module that will load
+automatically.
 
--- Windows
+UDP port 9993 must be open in your local firewall for this to work properly.
+How to do this varies by Linux distribution.
 
-TBD
+ - Opening port 9993 on Ubuntu
+
+Follow the Ubuntu documentation about UFW https://help.ubuntu.com/community/UFW
+
+Check if your UFW is active.
+
+sudo ufw status verbose
+
+If it is active, open UDP port 9993
+
+sudo ufw allow 9993/udp
+
+You should now be able to ping and browse earth.zerotier.net
+
+--- WINDOWS
+
+A windows port is in progress.
+
+--- ONCE IT'S RUNNING:
+
+To use the command line interface, see this guide:
+  https://github.com/zerotier/ZeroTierOne/wiki/Command-Line-Interface
+
+If you want to test by joining the Earth network, try:
+  sudo ./zerotier-cli join 8056c2e21c000001
+
+An interface called 'zt0' should appear and should get an IP address in
+the 28.0.0.0/7 range (28.* or 29.*) within a few seconds or so. Then try
+pinging earth.zerotier.net or navigating to http://earth.zerotier.net/ in
+a web browser.

ZeroTierUI/Info.plist

@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist SYSTEM "file://localhost/System/Library/DTDs/PropertyList.dtd">
+<plist version="0.9">
+<dict>
+	<key>NSPrincipalClass</key>
+	<string>NSApplication</string>
+	<key>CFBundleIconFile</key>
+	<string>zt1icon.icns</string>
+	<key>CFBundlePackageType</key>
+	<string>APPL</string>
+	<key>CFBundleGetInfoString</key>
+	<string>ZeroTier One (Mac GUI)</string>
+	<key>CFBundleSignature</key>
+	<string>????</string>
+	<key>CFBundleExecutable</key>
+	<string>ZeroTier One</string>
+	<key>CFBundleIdentifier</key>
+	<string>com.zerotier.ZeroTierOne</string>
+</dict>
+</plist>

ZeroTierUI/README.md

@@ -0,0 +1,6 @@
+Qt GUI
+======
+
+This is the Qt GUI distributed for Mac and Windows. It should build on Linux too if you've got Qt installed.
+
+It's a bit ugly and limited and will probably eventually be replaced.

ZeroTierUI/WindowsBuildOfficial.bat

@@ -0,0 +1,9 @@
+REM If you're an OSS user and want to run this batch file, edit to change the path to Qt.
+REM Start Visual Studio command prompt and run this from within the ZeroTierUI subfolder.
+
+CD ..
+MKDIR build-ZeroTierUI-win32-release
+CD build-ZeroTierUI-win32-release
+C:\Qt\5.2.1\Src\qtbase\bin\qmake.exe ..\ZeroTierUI\ZeroTierUI.pro
+nmake clean
+nmake

ZeroTierUI/ZeroTierUI.pro

@@ -0,0 +1,128 @@
+QT       += core gui widgets network
+TARGET = "ZeroTier One"
+TEMPLATE = app
+
+win32:RC_FILE = ZeroTierUI.rc
+win32:LIBS += winhttp.lib Iphlpapi.lib ws2_32.lib advapi32.lib Shell32.lib Rpcrt4.lib
+win32:QMAKE_LFLAGS += /MANIFESTUAC:\"level=\'requireAdministrator\' uiAccess=\'false\'\"
+
+mac:ICON = zt1icon.icns
+mac:QMAKE_MACOSX_DEPLOYMENT_TARGET = 10.6
+mac:QMAKE_INFO_PLIST = Info.plist
+mac:LIBS += -framework Cocoa
+
+SOURCES += main.cpp \
+    mainwindow.cpp \
+    aboutwindow.cpp \
+    networkwidget.cpp \
+    installdialog.cpp \
+    licensedialog.cpp \
+    onetimedialog.cpp \
+    ../control/IpcConnection.cpp \
+    ../control/IpcListener.cpp \
+    ../control/NodeControlClient.cpp \
+    ../control/NodeControlService.cpp \
+    ../node/C25519.cpp \
+    ../node/CertificateOfMembership.cpp \
+    ../node/Defaults.cpp \
+    ../node/Dictionary.cpp \
+    ../node/HttpClient.cpp \
+    ../node/Identity.cpp \
+    ../node/IncomingPacket.cpp \
+    ../node/InetAddress.cpp \
+    ../node/Logger.cpp \
+    ../node/Multicaster.cpp \
+    ../node/Network.cpp \
+    ../node/NetworkConfig.cpp \
+    ../node/Node.cpp \
+    ../node/NodeConfig.cpp \
+    ../node/OutboundMulticast.cpp \
+    ../node/Packet.cpp \
+    ../node/Peer.cpp \
+    ../node/Poly1305.cpp \
+    ../node/RoutingTable.cpp \
+    ../node/Salsa20.cpp \
+    ../node/Service.cpp \
+    ../node/SHA512.cpp \
+    ../node/SoftwareUpdater.cpp \
+    ../node/Switch.cpp \
+    ../node/Topology.cpp \
+    ../node/Utils.cpp \
+    ../ext/lz4/lz4.c
+
+HEADERS  += mainwindow.h \
+    aboutwindow.h \
+    networkwidget.h \
+    installdialog.h \
+    mac_doprivileged.h \
+    licensedialog.h \
+    main.h \
+    onetimedialog.h \
+    ../control/IpcConnection.hpp \
+    ../control/IpcListener.hpp \
+    ../control/NodeControlClient.hpp \
+    ../control/NodeControlService.hpp \
+    ../node/Address.hpp \
+    ../node/AntiRecursion.hpp \
+    ../node/Array.hpp \
+    ../node/AtomicCounter.hpp \
+    ../node/BandwidthAccount.hpp \
+    ../node/Buffer.hpp \
+    ../node/C25519.hpp \
+    ../node/CertificateOfMembership.hpp \
+    ../node/CMWC4096.hpp \
+    ../node/Constants.hpp \
+    ../node/Defaults.hpp \
+    ../node/Dictionary.hpp \
+    ../node/EthernetTap.hpp \
+    ../node/EthernetTapFactory.hpp \
+    ../node/HttpClient.hpp \
+    ../node/Identity.hpp \
+    ../node/IncomingPacket.hpp \
+    ../node/InetAddress.hpp \
+    ../node/Logger.hpp \
+    ../node/MAC.hpp \
+    ../node/Multicaster.hpp \
+    ../node/MulticastGroup.hpp \
+    ../node/Mutex.hpp \
+    ../node/Network.hpp \
+    ../node/NetworkConfig.hpp \
+    ../node/Node.hpp \
+    ../node/NodeConfig.hpp \
+    ../node/NonCopyable.hpp \
+    ../node/OutboundMulticast.hpp \
+    ../node/Packet.hpp \
+    ../node/Path.hpp \
+    ../node/Peer.hpp \
+    ../node/Poly1305.hpp \
+    ../node/RoutingTable.hpp \
+    ../node/RuntimeEnvironment.hpp \
+    ../node/Salsa20.hpp \
+    ../node/Service.hpp \
+    ../node/SHA512.hpp \
+    ../node/SharedPtr.hpp \
+    ../node/Socket.hpp \
+    ../node/SocketManager.hpp \
+    ../node/SoftwareUpdater.hpp \
+    ../node/Switch.hpp \
+    ../node/Thread.hpp \
+    ../node/Topology.hpp \
+    ../node/Utils.hpp \
+    ../ext/lz4/lz4.h
+
+FORMS    += mainwindow.ui \
+		aboutwindow.ui \
+		networkwidget.ui \
+		installdialog.ui \
+		licensedialog.ui \
+		quickstartdialog.ui \
+		onetimedialog.ui
+
+RESOURCES += \
+		resources.qrc
+
+mac:OBJECTIVE_SOURCES += \
+		mac_doprivileged.mm
+
+OTHER_FILES += \
+		stylesheet.css

ZeroTierUI/ZeroTierUI.rc

@@ -0,0 +1 @@
+IDI_ICON1 ICON DISCARDABLE "zt1icon.ico"

ZeroTierUI/aboutwindow.cpp

@@ -0,0 +1,60 @@
+/*
+ * ZeroTier One - Global Peer to Peer Ethernet
+ * Copyright (C) 2011-2014  ZeroTier Networks LLC
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * --
+ *
+ * ZeroTier may be used and distributed under the terms of the GPLv3, which
+ * are available at: http://www.gnu.org/licenses/gpl-3.0.html
+ *
+ * If you would like to embed ZeroTier into a commercial application or
+ * redistribute it in a modified binary form, please contact ZeroTier Networks
+ * LLC. Start here: http://www.zerotier.com/
+ */
+
+#include "aboutwindow.h"
+#include "ui_aboutwindow.h"
+
+#include <QMessageBox>
+#include <QFont>
+
+#include "../node/Constants.hpp"
+#include "../node/Node.hpp"
+
+AboutWindow::AboutWindow(QWidget *parent) :
+	QDialog(parent),
+	ui(new Ui::AboutWindow)
+{
+	ui->setupUi(this);
+	ui->aboutTextLabel->setText(QString("ZeroTier One\nVersion ")+ZeroTier::Node::versionString()+"\nDesktop Graphical User Interface\n\n(c)2011-2014 ZeroTier Networks LLC\n\nReleased under the terms of the GNU\nGeneral Public License v3.0, see: http://gplv3.fsf.org for terms.\n\nAuthor(s): Adam Ierymenko");
+
+#ifdef __WINDOWS__
+	/*
+	QWidgetList widgets = this->findChildren<QWidget*>();
+	foreach(QWidget *widget, widgets) {
+		QFont font(widget->font());
+		font.setPointSizeF(font.pointSizeF() * 0.75);
+		widget->setFont(font);
+	}
+	*/
+	this->raise();
+#endif
+}
+
+AboutWindow::~AboutWindow()
+{
+	delete ui;
+}

ZeroTierUI/aboutwindow.h

@@ -1,6 +1,6 @@
 /*
  * ZeroTier One - Global Peer to Peer Ethernet
- * Copyright (C) 2012-2013  ZeroTier Networks LLC
+ * Copyright (C) 2011-2014  ZeroTier Networks LLC
  *
  * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -25,23 +25,25 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#include <iostream>
-#include <string>
-#include "node/EllipticCurveKeyPair.hpp"
-#include "node/EllipticCurveKey.hpp"
-#include "node/Utils.hpp"
+#ifndef AboutWindow_H
+#define AboutWindow_H
 
-using namespace ZeroTier;
+#include <QDialog>
 
-int main(int argc,char **argv)
-{
-	std::cout << "[generating]" << std::endl;
-
-	EllipticCurveKeyPair kp;
-	kp.generate();
-
-	std::cout << "PUBLIC: " << kp.pub().toHex() << std::endl;
-	std::cout << "PRIVATE: " << kp.priv().toHex() << std::endl;
-
-	return 0;
+namespace Ui {
+class AboutWindow;
 }
+
+class AboutWindow : public QDialog
+{
+	Q_OBJECT
+
+public:
+	explicit AboutWindow(QWidget *parent = 0);
+	virtual ~AboutWindow();
+
+private:
+	Ui::AboutWindow *ui;
+};
+
+#endif // AboutWindow_H

ZeroTierUI/aboutwindow.ui

@@ -0,0 +1,254 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<ui version="4.0">
+ <class>AboutWindow</class>
+ <widget class="QDialog" name="AboutWindow">
+  <property name="geometry">
+   <rect>
+    <x>0</x>
+    <y>0</y>
+    <width>508</width>
+    <height>261</height>
+   </rect>
+  </property>
+  <property name="windowTitle">
+   <string>About ZeroTier One</string>
+  </property>
+  <property name="windowIcon">
+   <iconset resource="resources.qrc">
+    <normaloff>:/img/zt1icon.png</normaloff>:/img/zt1icon.png</iconset>
+  </property>
+  <property name="sizeGripEnabled">
+   <bool>true</bool>
+  </property>
+  <layout class="QVBoxLayout" name="verticalLayout">
+   <property name="leftMargin">
+    <number>6</number>
+   </property>
+   <property name="topMargin">
+    <number>6</number>
+   </property>
+   <property name="rightMargin">
+    <number>6</number>
+   </property>
+   <property name="bottomMargin">
+    <number>6</number>
+   </property>
+   <item>
+    <widget class="QFrame" name="frame">
+     <property name="frameShape">
+      <enum>QFrame::StyledPanel</enum>
+     </property>
+     <property name="frameShadow">
+      <enum>QFrame::Raised</enum>
+     </property>
+     <layout class="QHBoxLayout" name="horizontalLayout">
+      <property name="leftMargin">
+       <number>6</number>
+      </property>
+      <property name="topMargin">
+       <number>6</number>
+      </property>
+      <property name="rightMargin">
+       <number>6</number>
+      </property>
+      <property name="bottomMargin">
+       <number>6</number>
+      </property>
+      <item>
+       <widget class="QWidget" name="widget" native="true">
+        <layout class="QVBoxLayout" name="verticalLayout_3">
+         <property name="leftMargin">
+          <number>0</number>
+         </property>
+         <property name="topMargin">
+          <number>0</number>
+         </property>
+         <property name="rightMargin">
+          <number>0</number>
+         </property>
+         <property name="bottomMargin">
+          <number>0</number>
+         </property>
+         <item>
+          <widget class="QLabel" name="iconLabel">
+           <property name="sizePolicy">
+            <sizepolicy hsizetype="Minimum" vsizetype="Minimum">
+             <horstretch>0</horstretch>
+             <verstretch>0</verstretch>
+            </sizepolicy>
+           </property>
+           <property name="minimumSize">
+            <size>
+             <width>128</width>
+             <height>128</height>
+            </size>
+           </property>
+           <property name="maximumSize">
+            <size>
+             <width>128</width>
+             <height>128</height>
+            </size>
+           </property>
+           <property name="text">
+            <string/>
+           </property>
+           <property name="textFormat">
+            <enum>Qt::PlainText</enum>
+           </property>
+           <property name="pixmap">
+            <pixmap resource="resources.qrc">:/img/zt1icon.png</pixmap>
+           </property>
+           <property name="scaledContents">
+            <bool>true</bool>
+           </property>
+           <property name="textInteractionFlags">
+            <set>Qt::NoTextInteraction</set>
+           </property>
+          </widget>
+         </item>
+         <item>
+          <spacer name="verticalSpacer">
+           <property name="orientation">
+            <enum>Qt::Vertical</enum>
+           </property>
+           <property name="sizeHint" stdset="0">
+            <size>
+             <width>20</width>
+             <height>40</height>
+            </size>
+           </property>
+          </spacer>
+         </item>
+        </layout>
+       </widget>
+      </item>
+      <item>
+       <widget class="QFrame" name="frame_2">
+        <property name="sizePolicy">
+         <sizepolicy hsizetype="Expanding" vsizetype="Expanding">
+          <horstretch>0</horstretch>
+          <verstretch>0</verstretch>
+         </sizepolicy>
+        </property>
+        <property name="frameShape">
+         <enum>QFrame::StyledPanel</enum>
+        </property>
+        <property name="frameShadow">
+         <enum>QFrame::Sunken</enum>
+        </property>
+        <layout class="QVBoxLayout" name="verticalLayout_2">
+         <item>
+          <widget class="QLabel" name="aboutTextLabel">
+           <property name="sizePolicy">
+            <sizepolicy hsizetype="Expanding" vsizetype="Expanding">
+             <horstretch>0</horstretch>
+             <verstretch>0</verstretch>
+            </sizepolicy>
+           </property>
+           <property name="font">
+            <font>
+             <weight>50</weight>
+             <bold>false</bold>
+            </font>
+           </property>
+           <property name="textFormat">
+            <enum>Qt::PlainText</enum>
+           </property>
+           <property name="alignment">
+            <set>Qt::AlignHCenter|Qt::AlignTop</set>
+           </property>
+           <property name="textInteractionFlags">
+            <set>Qt::NoTextInteraction</set>
+           </property>
+          </widget>
+         </item>
+         <item>
+          <widget class="QWidget" name="widget_2" native="true">
+           <layout class="QHBoxLayout" name="horizontalLayout_2">
+            <property name="leftMargin">
+             <number>0</number>
+            </property>
+            <property name="topMargin">
+             <number>0</number>
+            </property>
+            <property name="rightMargin">
+             <number>0</number>
+            </property>
+            <property name="bottomMargin">
+             <number>0</number>
+            </property>
+            <item>
+             <spacer name="horizontalSpacer">
+              <property name="orientation">
+               <enum>Qt::Horizontal</enum>
+              </property>
+              <property name="sizeHint" stdset="0">
+               <size>
+                <width>40</width>
+                <height>20</height>
+               </size>
+              </property>
+             </spacer>
+            </item>
+           </layout>
+          </widget>
+         </item>
+        </layout>
+       </widget>
+      </item>
+     </layout>
+    </widget>
+   </item>
+   <item>
+    <widget class="QDialogButtonBox" name="buttonBox">
+     <property name="orientation">
+      <enum>Qt::Horizontal</enum>
+     </property>
+     <property name="standardButtons">
+      <set>QDialogButtonBox::Ok</set>
+     </property>
+     <property name="centerButtons">
+      <bool>true</bool>
+     </property>
+    </widget>
+   </item>
+  </layout>
+ </widget>
+ <resources>
+  <include location="resources.qrc"/>
+ </resources>
+ <connections>
+  <connection>
+   <sender>buttonBox</sender>
+   <signal>accepted()</signal>
+   <receiver>AboutWindow</receiver>
+   <slot>accept()</slot>
+   <hints>
+    <hint type="sourcelabel">
+     <x>248</x>
+     <y>254</y>
+    </hint>
+    <hint type="destinationlabel">
+     <x>157</x>
+     <y>274</y>
+    </hint>
+   </hints>
+  </connection>
+  <connection>
+   <sender>buttonBox</sender>
+   <signal>rejected()</signal>
+   <receiver>AboutWindow</receiver>
+   <slot>reject()</slot>
+   <hints>
+    <hint type="sourcelabel">
+     <x>316</x>
+     <y>260</y>
+    </hint>
+    <hint type="destinationlabel">
+     <x>286</x>
+     <y>274</y>
+    </hint>
+   </hints>
+  </connection>
+ </connections>
+</ui>

ZeroTierUI/installdialog.cpp

@@ -0,0 +1,219 @@
+/*
+ * ZeroTier One - Global Peer to Peer Ethernet
+ * Copyright (C) 2011-2014  ZeroTier Networks LLC
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * --
+ *
+ * ZeroTier may be used and distributed under the terms of the GPLv3, which
+ * are available at: http://www.gnu.org/licenses/gpl-3.0.html
+ *
+ * If you would like to embed ZeroTier into a commercial application or
+ * redistribute it in a modified binary form, please contact ZeroTier Networks
+ * LLC. Start here: http://www.zerotier.com/
+ */
+
+#include "installdialog.h"
+#include "mainwindow.h"
+#include "ui_installdialog.h"
+
+#include "../node/Constants.hpp"
+#include "../node/Defaults.hpp"
+#include "../node/SoftwareUpdater.hpp"
+
+#ifdef __UNIX_LIKE__
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <fcntl.h>
+#endif
+
+#ifdef __APPLE__
+#include "mac_doprivileged.h"
+#endif
+
+#include <QMainWindow>
+#include <QMessageBox>
+#include <QByteArray>
+#include <QSslSocket>
+#include <QFile>
+#include <QDir>
+#include <QProcess>
+
+InstallDialog::InstallDialog(QWidget *parent) :
+	QMainWindow(parent),
+	ui(new Ui::InstallDialog),
+	nam(new QNetworkAccessManager(this)),
+	phase(FETCHING_NFO)
+{
+	ui->setupUi(this);
+	QObject::connect(nam,SIGNAL(finished(QNetworkReply*)),this,SLOT(on_networkReply(QNetworkReply*)));
+
+	const char *nfoUrl = ZeroTier::ZT_DEFAULTS.updateLatestNfoURL.c_str();
+	if (!*nfoUrl) {
+		QMessageBox::critical(this,"Download Failed","Download failed: internal error: no update URL configured in build!",QMessageBox::Ok,QMessageBox::NoButton);
+		QApplication::exit(1);
+		return;
+	}
+
+	QNetworkReply *reply = nam->get(QNetworkRequest(QUrl(nfoUrl)));
+	QObject::connect(reply,SIGNAL(downloadProgress(qint64,qint64)),this,SLOT(on_downloadProgress(qint64,qint64)));
+}
+
+InstallDialog::~InstallDialog()
+{
+	delete ui;
+}
+
+void InstallDialog::on_networkReply(QNetworkReply *reply)
+{
+	reply->deleteLater();
+
+	if (reply->error() != QNetworkReply::NoError) {
+		QMessageBox::critical(this,"Download Failed",QString("Download failed: ") + reply->errorString() + "\n\nAre you connected to the Internet?",QMessageBox::Ok,QMessageBox::NoButton);
+		QApplication::exit(1);
+	} else {
+		if (reply->attribute(QNetworkRequest::HttpStatusCodeAttribute) == 200) {
+			QByteArray installerData(reply->readAll());
+
+			switch(phase) {
+				case FETCHING_NFO: {
+					unsigned int vMajor = 0,vMinor = 0,vRevision = 0;
+					installerData.append((char)0);
+					const char *err = ZeroTier::SoftwareUpdater::parseNfo(installerData.data(),vMajor,vMinor,vRevision,signedBy,signature,url);
+
+					if (err) {
+						QMessageBox::critical(this,"Download Failed","Download failed: there is a problem with the software update web site.\nTry agian later. (invalid .nfo file)",QMessageBox::Ok,QMessageBox::NoButton);
+						QApplication::exit(1);
+						return;
+					}
+
+					phase = FETCHING_INSTALLER;
+					reply = nam->get(QNetworkRequest(QUrl(url.c_str())));
+					QObject::connect(reply,SIGNAL(downloadProgress(qint64,qint64)),this,SLOT(on_downloadProgress(qint64,qint64)));
+				}	break;
+				case FETCHING_INSTALLER: {
+					if (!ZeroTier::SoftwareUpdater::validateUpdate(installerData.data(),installerData.length(),signedBy,signature)) {
+						QMessageBox::critical(this,"Download Failed","Download failed: there is a problem with the software update web site. Try agian later. (downloaded data failed signature check)",QMessageBox::Ok,QMessageBox::NoButton);
+						QApplication::exit(1);
+						return;
+					}
+
+#ifdef __APPLE__
+					{
+						std::string homePath(QDir::homePath().toStdString());
+						QString zt1Caches(QDir::homePath() + "/Library/Caches/ZeroTier/One");
+						QDir::root().mkpath(zt1Caches);
+						std::string instPath((zt1Caches + "/ZeroTierOneInstaller").toStdString());
+						std::string tmpPath((zt1Caches + "/inst.sh").toStdString());
+
+						int outfd = ::open(instPath.c_str(),O_CREAT|O_TRUNC|O_WRONLY,0755);
+						if (outfd <= 0) {
+							QMessageBox::critical(this,"Download Failed",QString("Installation failed: unable to write to ")+instPath.c_str(),QMessageBox::Ok,QMessageBox::NoButton);
+							QApplication::exit(1);
+							return;
+						}
+						if (::write(outfd,installerData.data(),installerData.length()) != installerData.length()) {
+							QMessageBox::critical(this,"Installation Failed",QString("Installation failed: unable to write to ")+instPath.c_str(),QMessageBox::Ok,QMessageBox::NoButton);
+							QApplication::exit(1);
+							return;
+						}
+						::close(outfd);
+						chmod(instPath.c_str(),0755);
+
+						FILE *scr = fopen(tmpPath.c_str(),"w");
+						if (!scr) {
+							QMessageBox::critical(this,"Installation Failed","Cannot write script to temporary Library/Caches/ZeroTier/One folder.",QMessageBox::Ok,QMessageBox::NoButton);
+							QApplication::exit(1);
+							return;
+						}
+
+						fprintf(scr,"#!/bin/bash\n");
+						fprintf(scr,"export PATH=\"/bin:/usr/bin:/sbin:/usr/sbin\"\n");
+						fprintf(scr,"'%s'\n",instPath.c_str());
+						fprintf(scr,"if [ -f '/Library/Application Support/ZeroTier/One/authtoken.secret' ]; then\n");
+						fprintf(scr,"  mkdir -p '%s/Library/Application Support/ZeroTier/One'\n",homePath.c_str());
+						fprintf(scr,"  chown %d '%s/Library/Application Support/ZeroTier'\n",(int)getuid(),homePath.c_str());
+						fprintf(scr,"  chgrp %d '%s/Library/Application Support/ZeroTier'\n",(int)getgid(),homePath.c_str());
+						fprintf(scr,"  chmod 0700 '%s/Library/Application Support/ZeroTier'\n",homePath.c_str());
+						fprintf(scr,"  chown %d '%s/Library/Application Support/ZeroTier/One'\n",(int)getuid(),homePath.c_str());
+						fprintf(scr,"  chgrp %d '%s/Library/Application Support/ZeroTier/One'\n",(int)getgid(),homePath.c_str());
+						fprintf(scr,"  chmod 0700 '%s/Library/Application Support/ZeroTier/One'\n",homePath.c_str());
+						fprintf(scr,"  cp -f '/Library/Application Support/ZeroTier/One/authtoken.secret' '%s/Library/Application Support/ZeroTier/One/authtoken.secret'\n",homePath.c_str());
+						fprintf(scr,"  chown %d '%s/Library/Application Support/ZeroTier/One/authtoken.secret'\n",(int)getuid(),homePath.c_str());
+						fprintf(scr,"  chgrp %d '%s/Library/Application Support/ZeroTier/One/authtoken.secret'\n",(int)getgid(),homePath.c_str());
+						fprintf(scr,"  chmod 0600 '%s/Library/Application Support/ZeroTier/One/authtoken.secret'\n",homePath.c_str());
+						fprintf(scr,"fi\n");
+						fprintf(scr,"exit 0\n");
+
+						fclose(scr);
+						chmod(tmpPath.c_str(),0755);
+
+						macExecutePrivilegedShellCommand((std::string("'")+tmpPath+"' >>/dev/null 2>&1").c_str());
+
+						unlink(tmpPath.c_str());
+						unlink(instPath.c_str());
+
+						// Restart the binary with whatever updates may have occurred
+						std::string appPath(QCoreApplication::applicationFilePath().toStdString());
+						execl(appPath.c_str(),appPath.c_str(),(const char *)0);
+
+						// We only make it here if execl() fails
+						QMessageBox::critical(this,"Re-Launch Failed","An error occurred re-launching ZeroTier One.app. Try launching it manually.",QMessageBox::Ok,QMessageBox::NoButton);
+						QApplication::exit(1);
+
+						return;
+					}
+#endif
+				}	break;
+			}
+
+			ui->progressBar->setMinimum(0);
+			ui->progressBar->setMaximum(100);
+			ui->progressBar->setValue(0);
+		} else {
+			QMessageBox::critical(this,"Download Failed",QString("Download failed: HTTP status code ") + reply->attribute(QNetworkRequest::HttpStatusCodeAttribute).toString(),QMessageBox::Ok,QMessageBox::NoButton);
+			QApplication::exit(1);
+		}
+	}
+}
+
+void InstallDialog::on_InstallDialog_rejected()
+{
+	QApplication::exit();
+}
+
+void InstallDialog::on_cancelButton_clicked()
+{
+	QApplication::exit();
+}
+
+void InstallDialog::on_downloadProgress(qint64 bytesReceived,qint64 bytesTotal)
+{
+	if (bytesTotal <= 0) {
+		ui->progressBar->setValue(0);
+		ui->progressBar->setMinimum(0);
+		ui->progressBar->setMaximum(0);
+	} else {
+		double pct = ((double)bytesReceived / (double)bytesTotal) * 100.0;
+		if (pct > 100.0)
+			pct = 100.0;
+		ui->progressBar->setMinimum(0);
+		ui->progressBar->setMaximum(100);
+		ui->progressBar->setValue((int)pct);
+	}
+}

ZeroTierUI/installdialog.h

@@ -0,0 +1,73 @@
+/*
+ * ZeroTier One - Global Peer to Peer Ethernet
+ * Copyright (C) 2011-2014  ZeroTier Networks LLC
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * --
+ *
+ * ZeroTier may be used and distributed under the terms of the GPLv3, which
+ * are available at: http://www.gnu.org/licenses/gpl-3.0.html
+ *
+ * If you would like to embed ZeroTier into a commercial application or
+ * redistribute it in a modified binary form, please contact ZeroTier Networks
+ * LLC. Start here: http://www.zerotier.com/
+ */
+
+#ifndef INSTALLDIALOG_H
+#define INSTALLDIALOG_H
+
+#include <QMainWindow>
+#include <QNetworkAccessManager>
+#include <QUrl>
+#include <QNetworkRequest>
+#include <QNetworkReply>
+
+#include <string>
+
+#include "../node/Address.hpp"
+
+// Right now InstallDialog is only used on Mac
+
+namespace Ui {
+class InstallDialog;
+}
+
+class InstallDialog : public QMainWindow
+{
+	Q_OBJECT
+
+public:
+	explicit InstallDialog(QWidget *parent = 0);
+	~InstallDialog();
+
+private slots:
+	void on_networkReply(QNetworkReply *reply);
+	void on_InstallDialog_rejected();
+	void on_cancelButton_clicked();
+	void on_downloadProgress(qint64 bytesReceived,qint64 bytesTotal);
+
+private:
+	Ui::InstallDialog *ui;
+	QNetworkAccessManager *nam;
+	enum {
+		FETCHING_NFO,
+		FETCHING_INSTALLER
+	} phase;
+
+	ZeroTier::Address signedBy;
+	std::string url,signature;
+};
+
+#endif // INSTALLDIALOG_H

ZeroTierUI/installdialog.ui

@@ -0,0 +1,124 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<ui version="4.0">
+ <class>InstallDialog</class>
+ <widget class="QMainWindow" name="InstallDialog">
+  <property name="geometry">
+   <rect>
+    <x>0</x>
+    <y>0</y>
+    <width>547</width>
+    <height>231</height>
+   </rect>
+  </property>
+  <property name="windowTitle">
+   <string>Install ZeroTier One Service</string>
+  </property>
+  <property name="windowIcon">
+   <iconset resource="resources.qrc">
+    <normaloff>:/img/zt1icon.png</normaloff>:/img/zt1icon.png</iconset>
+  </property>
+	<widget class="QWidget" name="centralWidget">
+  <layout class="QVBoxLayout" name="verticalLayout">
+   <property name="leftMargin">
+    <number>6</number>
+   </property>
+   <property name="topMargin">
+    <number>6</number>
+   </property>
+   <property name="rightMargin">
+    <number>6</number>
+   </property>
+   <property name="bottomMargin">
+    <number>6</number>
+   </property>
+   <item>
+    <widget class="QLabel" name="label">
+     <property name="sizePolicy">
+      <sizepolicy hsizetype="Preferred" vsizetype="Expanding">
+       <horstretch>0</horstretch>
+       <verstretch>0</verstretch>
+      </sizepolicy>
+     </property>
+     <property name="font">
+      <font>
+       <pointsize>14</pointsize>
+      </font>
+     </property>
+     <property name="text">
+      <string>Since this is your first time running ZeroTier One on this computer, the virtual Ethernet service must be downloaded and installed.
+
+Please wait while the service downloads, then you will be prompted to enter an administrator password to install it.</string>
+     </property>
+     <property name="textFormat">
+      <enum>Qt::PlainText</enum>
+     </property>
+     <property name="alignment">
+      <set>Qt::AlignCenter</set>
+     </property>
+     <property name="wordWrap">
+      <bool>true</bool>
+     </property>
+     <property name="margin">
+      <number>10</number>
+     </property>
+     <property name="textInteractionFlags">
+      <set>Qt::NoTextInteraction</set>
+     </property>
+    </widget>
+   </item>
+   <item>
+    <widget class="QProgressBar" name="progressBar">
+     <property name="maximum">
+      <number>0</number>
+     </property>
+     <property name="value">
+      <number>0</number>
+     </property>
+    </widget>
+   </item>
+   <item>
+    <widget class="QWidget" name="widget" native="true">
+     <layout class="QHBoxLayout" name="horizontalLayout">
+      <property name="leftMargin">
+       <number>0</number>
+      </property>
+      <property name="topMargin">
+       <number>0</number>
+      </property>
+      <property name="rightMargin">
+       <number>0</number>
+      </property>
+      <property name="bottomMargin">
+       <number>0</number>
+      </property>
+      <item>
+       <spacer name="horizontalSpacer">
+        <property name="orientation">
+         <enum>Qt::Horizontal</enum>
+        </property>
+        <property name="sizeHint" stdset="0">
+         <size>
+          <width>40</width>
+          <height>20</height>
+         </size>
+        </property>
+       </spacer>
+      </item>
+      <item>
+       <widget class="QPushButton" name="cancelButton">
+        <property name="text">
+         <string>Cancel and Exit</string>
+        </property>
+       </widget>
+      </item>
+     </layout>
+    </widget>
+   </item>
+  </layout>
+	</widget>
+ </widget>
+ <resources>
+  <include location="resources.qrc"/>
+ </resources>
+ <connections/>
+</ui>

ZeroTierUI/licensedialog.cpp

@@ -0,0 +1,43 @@
+#include <stdio.h>
+#include <stdlib.h>
+
+#include "main.h"
+#include "licensedialog.h"
+#include "ui_licensedialog.h"
+
+#include "../node/Constants.hpp"
+
+LicenseDialog::LicenseDialog(QWidget *parent) :
+	QDialog(parent),
+	ui(new Ui::LicenseDialog)
+{
+	ui->setupUi(this);
+
+#ifdef __WINDOWS__
+	QWidgetList widgets = this->findChildren<QWidget*>();
+	foreach(QWidget *widget, widgets) {
+		QFont font(widget->font());
+		font.setPointSizeF(font.pointSizeF() * 0.75);
+		widget->setFont(font);
+	}
+	this->raise();
+#endif
+}
+
+LicenseDialog::~LicenseDialog()
+{
+	delete ui;
+}
+
+void LicenseDialog::on_buttonBox_accepted()
+{
+	settings->setValue("acceptedLicenseV1",true);
+	settings->sync();
+
+	this->setResult(QDialog::Accepted);
+}
+
+void LicenseDialog::on_buttonBox_rejected()
+{
+	::exit(0);
+}

ZeroTierUI/licensedialog.h

@@ -0,0 +1,27 @@
+#ifndef LICENSEDIALOG_H
+#define LICENSEDIALOG_H
+
+#include <QDialog>
+
+namespace Ui {
+class LicenseDialog;
+}
+
+class LicenseDialog : public QDialog
+{
+	Q_OBJECT
+
+public:
+	explicit LicenseDialog(QWidget *parent = 0);
+	~LicenseDialog();
+
+private slots:
+	void on_buttonBox_accepted();
+
+	void on_buttonBox_rejected();
+
+private:
+	Ui::LicenseDialog *ui;
+};
+
+#endif // LICENSEDIALOG_H

ZeroTierUI/licensedialog.ui

@@ -0,0 +1,256 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<ui version="4.0">
+ <class>LicenseDialog</class>
+ <widget class="QDialog" name="LicenseDialog">
+  <property name="geometry">
+   <rect>
+    <x>0</x>
+    <y>0</y>
+    <width>534</width>
+    <height>333</height>
+   </rect>
+  </property>
+  <property name="windowTitle">
+   <string>ZeroTier One</string>
+  </property>
+  <property name="windowIcon">
+   <iconset resource="resources.qrc">
+    <normaloff>:/img/zt1icon.png</normaloff>:/img/zt1icon.png</iconset>
+  </property>
+  <layout class="QVBoxLayout" name="verticalLayout">
+   <property name="spacing">
+    <number>6</number>
+   </property>
+   <property name="leftMargin">
+    <number>6</number>
+   </property>
+   <property name="topMargin">
+    <number>6</number>
+   </property>
+   <property name="rightMargin">
+    <number>6</number>
+   </property>
+   <property name="bottomMargin">
+    <number>6</number>
+   </property>
+   <item>
+    <widget class="QLabel" name="label">
+     <property name="font">
+      <font>
+       <pointsize>14</pointsize>
+       <weight>75</weight>
+       <bold>true</bold>
+      </font>
+     </property>
+     <property name="text">
+      <string>Do you agree to the terms of the license agreement?</string>
+     </property>
+    </widget>
+   </item>
+   <item>
+    <widget class="QTextEdit" name="licenseDisplayTextEdit">
+     <property name="undoRedoEnabled">
+      <bool>false</bool>
+     </property>
+     <property name="readOnly">
+      <bool>true</bool>
+     </property>
+     <property name="html">
+      <string notr="true">&lt;!DOCTYPE HTML PUBLIC &quot;-//W3C//DTD HTML 4.0//EN&quot; &quot;http://www.w3.org/TR/REC-html40/strict.dtd&quot;&gt;
+&lt;html&gt;&lt;head&gt;&lt;meta name=&quot;qrichtext&quot; content=&quot;1&quot; /&gt;&lt;title&gt;GNU General Public License v3.0 - GNU Project - Free Software Foundation (FSF)&lt;/title&gt;&lt;style type=&quot;text/css&quot;&gt;
+p, li { white-space: pre-wrap; }
+&lt;/style&gt;&lt;/head&gt;&lt;body style=&quot; font-family:'.Lucida Grande UI'; font-size:13pt; font-weight:400; font-style:normal;&quot;&gt;
+&lt;p style=&quot; margin-top:14px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;span style=&quot; font-size:large; font-weight:600;&quot;&gt;GNU GENERAL PUBLIC LICENSE&lt;/span&gt;&lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;Version 3, 29 June 2007 &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;Copyright © 2007 Free Software Foundation, Inc. &amp;lt;&lt;a href=&quot;http://fsf.org/&quot;&gt;&lt;span style=&quot; text-decoration: underline; color:#0000ff;&quot;&gt;http://fsf.org/&lt;/span&gt;&lt;/a&gt;&amp;gt;&lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. &lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;a name=&quot;preamble&quot;&gt;&lt;/a&gt;&lt;span style=&quot; font-size:large; font-weight:600;&quot;&gt;P&lt;/span&gt;&lt;span style=&quot; font-size:large; font-weight:600;&quot;&gt;reamble&lt;/span&gt; &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;The GNU General Public License is a free, copyleft license for software and other kinds of works. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;Some devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;The precise terms and conditions for copying, distribution and modification follow. &lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;a name=&quot;terms&quot;&gt;&lt;/a&gt;&lt;span style=&quot; font-size:large; font-weight:600;&quot;&gt;T&lt;/span&gt;&lt;span style=&quot; font-size:large; font-weight:600;&quot;&gt;ERMS AND CONDITIONS&lt;/span&gt; &lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;a name=&quot;section0&quot;&gt;&lt;/a&gt;&lt;span style=&quot; font-size:medium; font-weight:600;&quot;&gt;0&lt;/span&gt;&lt;span style=&quot; font-size:medium; font-weight:600;&quot;&gt;. Definitions.&lt;/span&gt; &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;“This License” refers to version 3 of the GNU General Public License. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;“Copyright” also means copyright-like laws that apply to other kinds of works, such as semiconductor masks. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;“The Program” refers to any copyrightable work licensed under this License. Each licensee is addressed as “you”. “Licensees” and “recipients” may be individuals or organizations. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;To “modify” a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a “modified version” of the earlier work or a work “based on” the earlier work. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;A “covered work” means either the unmodified Program or a work based on the Program. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;To “propagate” a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;To “convey” a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;An interactive user interface displays “Appropriate Legal Notices” to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion. &lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;a name=&quot;section1&quot;&gt;&lt;/a&gt;&lt;span style=&quot; font-size:medium; font-weight:600;&quot;&gt;1&lt;/span&gt;&lt;span style=&quot; font-size:medium; font-weight:600;&quot;&gt;. Source Code.&lt;/span&gt; &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;The “source code” for a work means the preferred form of the work for making modifications to it. “Object code” means any non-source form of a work. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;A “Standard Interface” means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;The “System Libraries” of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A “Major Component”, in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;The “Corresponding Source” for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;The Corresponding Source for a work in source code form is that same work. &lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;a name=&quot;section2&quot;&gt;&lt;/a&gt;&lt;span style=&quot; font-size:medium; font-weight:600;&quot;&gt;2&lt;/span&gt;&lt;span style=&quot; font-size:medium; font-weight:600;&quot;&gt;. Basic Permissions.&lt;/span&gt; &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary. &lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;a name=&quot;section3&quot;&gt;&lt;/a&gt;&lt;span style=&quot; font-size:medium; font-weight:600;&quot;&gt;3&lt;/span&gt;&lt;span style=&quot; font-size:medium; font-weight:600;&quot;&gt;. Protecting Users' Legal Rights From Anti-Circumvention Law.&lt;/span&gt; &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures. &lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;a name=&quot;section4&quot;&gt;&lt;/a&gt;&lt;span style=&quot; font-size:medium; font-weight:600;&quot;&gt;4&lt;/span&gt;&lt;span style=&quot; font-size:medium; font-weight:600;&quot;&gt;. Conveying Verbatim Copies.&lt;/span&gt; &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee. &lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;a name=&quot;section5&quot;&gt;&lt;/a&gt;&lt;span style=&quot; font-size:medium; font-weight:600;&quot;&gt;5&lt;/span&gt;&lt;span style=&quot; font-size:medium; font-weight:600;&quot;&gt;. Conveying Modified Source Versions.&lt;/span&gt; &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions: &lt;/p&gt;
+&lt;ul style=&quot;margin-top: 0px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; -qt-list-indent: 1;&quot;&gt;&lt;li style=&quot; margin-top:12px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;a) The work must carry prominent notices stating that you modified it, and giving a relevant date. &lt;/li&gt;
+&lt;li style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to “keep intact all notices”. &lt;/li&gt;
+&lt;li style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it. &lt;/li&gt;
+&lt;li style=&quot; margin-top:0px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so. &lt;/li&gt;&lt;/ul&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an “aggregate” if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate. &lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;a name=&quot;section6&quot;&gt;&lt;/a&gt;&lt;span style=&quot; font-size:medium; font-weight:600;&quot;&gt;6&lt;/span&gt;&lt;span style=&quot; font-size:medium; font-weight:600;&quot;&gt;. Conveying Non-Source Forms.&lt;/span&gt; &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways: &lt;/p&gt;
+&lt;ul style=&quot;margin-top: 0px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; -qt-list-indent: 1;&quot;&gt;&lt;li style=&quot; margin-top:12px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange. &lt;/li&gt;
+&lt;li style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge. &lt;/li&gt;
+&lt;li style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b. &lt;/li&gt;
+&lt;li style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements. &lt;/li&gt;
+&lt;li style=&quot; margin-top:0px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d. &lt;/li&gt;&lt;/ul&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;A “User Product” is either (1) a “consumer product”, which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, “normally used” refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;“Installation Information” for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM). &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying. &lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;a name=&quot;section7&quot;&gt;&lt;/a&gt;&lt;span style=&quot; font-size:medium; font-weight:600;&quot;&gt;7&lt;/span&gt;&lt;span style=&quot; font-size:medium; font-weight:600;&quot;&gt;. Additional Terms.&lt;/span&gt; &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;“Additional permissions” are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms: &lt;/p&gt;
+&lt;ul style=&quot;margin-top: 0px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; -qt-list-indent: 1;&quot;&gt;&lt;li style=&quot; margin-top:12px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or &lt;/li&gt;
+&lt;li style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or &lt;/li&gt;
+&lt;li style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or &lt;/li&gt;
+&lt;li style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;d) Limiting the use for publicity purposes of names of licensors or authors of the material; or &lt;/li&gt;
+&lt;li style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or &lt;/li&gt;
+&lt;li style=&quot; margin-top:0px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors. &lt;/li&gt;&lt;/ul&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;All other non-permissive additional terms are considered “further restrictions” within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way. &lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;a name=&quot;section8&quot;&gt;&lt;/a&gt;&lt;span style=&quot; font-size:medium; font-weight:600;&quot;&gt;8&lt;/span&gt;&lt;span style=&quot; font-size:medium; font-weight:600;&quot;&gt;. Termination.&lt;/span&gt; &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11). &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10. &lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;a name=&quot;section9&quot;&gt;&lt;/a&gt;&lt;span style=&quot; font-size:medium; font-weight:600;&quot;&gt;9&lt;/span&gt;&lt;span style=&quot; font-size:medium; font-weight:600;&quot;&gt;. Acceptance Not Required for Having Copies.&lt;/span&gt; &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so. &lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;a name=&quot;section10&quot;&gt;&lt;/a&gt;&lt;span style=&quot; font-size:medium; font-weight:600;&quot;&gt;1&lt;/span&gt;&lt;span style=&quot; font-size:medium; font-weight:600;&quot;&gt;0. Automatic Licensing of Downstream Recipients.&lt;/span&gt; &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;An “entity transaction” is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it. &lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;a name=&quot;section11&quot;&gt;&lt;/a&gt;&lt;span style=&quot; font-size:medium; font-weight:600;&quot;&gt;1&lt;/span&gt;&lt;span style=&quot; font-size:medium; font-weight:600;&quot;&gt;1. Patents.&lt;/span&gt; &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;A “contributor” is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's “contributor version”. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;A contributor's “essential patent claims” are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, “control” includes the right to grant patent sublicenses in a manner consistent with the requirements of this License. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;In the following three paragraphs, a “patent license” is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To “grant” such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. “Knowingly relying” means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;A patent license is “discriminatory” if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law. &lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;a name=&quot;section12&quot;&gt;&lt;/a&gt;&lt;span style=&quot; font-size:medium; font-weight:600;&quot;&gt;1&lt;/span&gt;&lt;span style=&quot; font-size:medium; font-weight:600;&quot;&gt;2. No Surrender of Others' Freedom.&lt;/span&gt; &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program. &lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;a name=&quot;section13&quot;&gt;&lt;/a&gt;&lt;span style=&quot; font-size:medium; font-weight:600;&quot;&gt;1&lt;/span&gt;&lt;span style=&quot; font-size:medium; font-weight:600;&quot;&gt;3. Use with the GNU Affero General Public License.&lt;/span&gt; &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such. &lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;a name=&quot;section14&quot;&gt;&lt;/a&gt;&lt;span style=&quot; font-size:medium; font-weight:600;&quot;&gt;1&lt;/span&gt;&lt;span style=&quot; font-size:medium; font-weight:600;&quot;&gt;4. Revised Versions of this License.&lt;/span&gt; &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License “or any later version” applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version. &lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;a name=&quot;section15&quot;&gt;&lt;/a&gt;&lt;span style=&quot; font-size:medium; font-weight:600;&quot;&gt;1&lt;/span&gt;&lt;span style=&quot; font-size:medium; font-weight:600;&quot;&gt;5. Disclaimer of Warranty.&lt;/span&gt; &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. &lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;a name=&quot;section16&quot;&gt;&lt;/a&gt;&lt;span style=&quot; font-size:medium; font-weight:600;&quot;&gt;1&lt;/span&gt;&lt;span style=&quot; font-size:medium; font-weight:600;&quot;&gt;6. Limitation of Liability.&lt;/span&gt; &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. &lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;a name=&quot;section17&quot;&gt;&lt;/a&gt;&lt;span style=&quot; font-size:medium; font-weight:600;&quot;&gt;1&lt;/span&gt;&lt;span style=&quot; font-size:medium; font-weight:600;&quot;&gt;7. Interpretation of Sections 15 and 16.&lt;/span&gt; &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;END OF TERMS AND CONDITIONS &lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;a name=&quot;howto&quot;&gt;&lt;/a&gt;&lt;span style=&quot; font-size:large; font-weight:600;&quot;&gt;H&lt;/span&gt;&lt;span style=&quot; font-size:large; font-weight:600;&quot;&gt;ow to Apply These Terms to Your New Programs&lt;/span&gt; &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the “copyright” line and a pointer to where the full notice is found. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;span style=&quot; font-family:'Courier New,courier';&quot;&gt;    &amp;lt;one line to give the program's name and a brief idea of what it does.&amp;gt;&lt;/span&gt;&lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;span style=&quot; font-family:'Courier New,courier';&quot;&gt;    Copyright (C) &amp;lt;year&amp;gt;  &amp;lt;name of author&amp;gt;&lt;/span&gt;&lt;/p&gt;
+&lt;p style=&quot;-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; font-family:'Courier New,courier';&quot;&gt;&lt;br /&gt;&lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;span style=&quot; font-family:'Courier New,courier';&quot;&gt;    This program is free software: you can redistribute it and/or modify&lt;/span&gt;&lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;span style=&quot; font-family:'Courier New,courier';&quot;&gt;    it under the terms of the GNU General Public License as published by&lt;/span&gt;&lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;span style=&quot; font-family:'Courier New,courier';&quot;&gt;    the Free Software Foundation, either version 3 of the License, or&lt;/span&gt;&lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;span style=&quot; font-family:'Courier New,courier';&quot;&gt;    (at your option) any later version.&lt;/span&gt;&lt;/p&gt;
+&lt;p style=&quot;-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; font-family:'Courier New,courier';&quot;&gt;&lt;br /&gt;&lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;span style=&quot; font-family:'Courier New,courier';&quot;&gt;    This program is distributed in the hope that it will be useful,&lt;/span&gt;&lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;span style=&quot; font-family:'Courier New,courier';&quot;&gt;    but WITHOUT ANY WARRANTY; without even the implied warranty of&lt;/span&gt;&lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;span style=&quot; font-family:'Courier New,courier';&quot;&gt;    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the&lt;/span&gt;&lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;span style=&quot; font-family:'Courier New,courier';&quot;&gt;    GNU General Public License for more details.&lt;/span&gt;&lt;/p&gt;
+&lt;p style=&quot;-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; font-family:'Courier New,courier';&quot;&gt;&lt;br /&gt;&lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;span style=&quot; font-family:'Courier New,courier';&quot;&gt;    You should have received a copy of the GNU General Public License&lt;/span&gt;&lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;span style=&quot; font-family:'Courier New,courier';&quot;&gt;    along with this program.  If not, see &amp;lt;http://www.gnu.org/licenses/&amp;gt;. &lt;/span&gt;&lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;Also add information on how to contact you by electronic and paper mail. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode: &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;span style=&quot; font-family:'Courier New,courier';&quot;&gt;    &amp;lt;program&amp;gt;  Copyright (C) &amp;lt;year&amp;gt;  &amp;lt;name of author&amp;gt;&lt;/span&gt;&lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;span style=&quot; font-family:'Courier New,courier';&quot;&gt;    This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.&lt;/span&gt;&lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;span style=&quot; font-family:'Courier New,courier';&quot;&gt;    This is free software, and you are welcome to redistribute it&lt;/span&gt;&lt;/p&gt;
+&lt;p style=&quot; margin-top:0px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;&lt;span style=&quot; font-family:'Courier New,courier';&quot;&gt;    under certain conditions; type `show c' for details. &lt;/span&gt;&lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, your program's commands might be different; for a GUI interface, you would use an “about box”. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;You should also get your employer (if you work as a programmer) or school, if any, to sign a “copyright disclaimer” for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see &amp;lt;&lt;a href=&quot;http://www.gnu.org/licenses/&quot;&gt;&lt;span style=&quot; text-decoration: underline; color:#0000ff;&quot;&gt;http://www.gnu.org/licenses/&lt;/span&gt;&lt;/a&gt;&amp;gt;. &lt;/p&gt;
+&lt;p style=&quot; margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;The GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read &amp;lt;&lt;a href=&quot;http://www.gnu.org/philosophy/why-not-lgpl.html&quot;&gt;&lt;span style=&quot; text-decoration: underline; color:#0000ff;&quot;&gt;http://www.gnu.org/philosophy/why-not-lgpl.html&lt;/span&gt;&lt;/a&gt;&amp;gt;. &lt;/p&gt;&lt;/body&gt;&lt;/html&gt;</string>
+     </property>
+     <property name="textInteractionFlags">
+      <set>Qt::LinksAccessibleByMouse|Qt::TextSelectableByMouse</set>
+     </property>
+    </widget>
+   </item>
+   <item>
+    <widget class="QDialogButtonBox" name="buttonBox">
+     <property name="orientation">
+      <enum>Qt::Horizontal</enum>
+     </property>
+     <property name="standardButtons">
+      <set>QDialogButtonBox::No|QDialogButtonBox::Yes</set>
+     </property>
+    </widget>
+   </item>
+  </layout>
+ </widget>
+ <resources>
+  <include location="resources.qrc"/>
+ </resources>
+ <connections>
+  <connection>
+   <sender>buttonBox</sender>
+   <signal>accepted()</signal>
+   <receiver>LicenseDialog</receiver>
+   <slot>accept()</slot>
+   <hints>
+    <hint type="sourcelabel">
+     <x>248</x>
+     <y>254</y>
+    </hint>
+    <hint type="destinationlabel">
+     <x>157</x>
+     <y>274</y>
+    </hint>
+   </hints>
+  </connection>
+  <connection>
+   <sender>buttonBox</sender>
+   <signal>rejected()</signal>
+   <receiver>LicenseDialog</receiver>
+   <slot>reject()</slot>
+   <hints>
+    <hint type="sourcelabel">
+     <x>316</x>
+     <y>260</y>
+    </hint>
+    <hint type="destinationlabel">
+     <x>286</x>
+     <y>274</y>
+    </hint>
+   </hints>
+  </connection>
+ </connections>
+</ui>

ZeroTierUI/mac_doprivileged.h

@@ -0,0 +1,12 @@
+#ifndef mac_doprivileged_h
+#define mac_doprivileged_h
+
+#ifdef __APPLE__
+
+// commandAndArgs can contain only single-tic quotes and should redirect its
+// stdout and stderr somewhere...
+bool macExecutePrivilegedShellCommand(const char *commandAndArgs);
+
+#endif
+
+#endif

ZeroTierUI/mac_doprivileged.mm

@@ -0,0 +1,24 @@
+#include <string.h>
+#include <stdio.h>
+
+#include "mac_doprivileged.h"
+
+#undef slots
+#include <Cocoa/Cocoa.h>
+
+bool macExecutePrivilegedShellCommand(const char *commandAndArgs)
+{
+	char tmp[32768];
+
+	snprintf(tmp,sizeof(tmp),"do shell script \"%s\" with administrator privileges\n",commandAndArgs);
+	tmp[32767] = (char)0;
+
+	NSString *scriptApple = [[NSString alloc] initWithUTF8String:tmp];
+	NSAppleScript *as = [[NSAppleScript alloc] initWithSource:scriptApple];
+	NSDictionary *err = nil;
+	[as executeAndReturnError:&err];
+	[as release];
+	[scriptApple release];
+
+	return (err == nil);
+}

ZeroTierUI/main.cpp

@@ -0,0 +1,194 @@
+/*
+ * ZeroTier One - Global Peer to Peer Ethernet
+ * Copyright (C) 2011-2014  ZeroTier Networks LLC
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * --
+ *
+ * ZeroTier may be used and distributed under the terms of the GPLv3, which
+ * are available at: http://www.gnu.org/licenses/gpl-3.0.html
+ *
+ * If you would like to embed ZeroTier into a commercial application or
+ * redistribute it in a modified binary form, please contact ZeroTier Networks
+ * LLC. Start here: http://www.zerotier.com/
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "mainwindow.h"
+#include "installdialog.h"
+#include "licensedialog.h"
+
+#include <QApplication>
+#include <QDir>
+#include <QString>
+#include <QFont>
+#include <QMessageBox>
+
+#include "../node/Constants.hpp"
+#include "../node/Defaults.hpp"
+
+// Uncomment for testing to disable making sure Windows service is running
+#define DISABLE_WINDOWS_SERVICE_MANAGEMENT
+
+#ifdef __WINDOWS__
+#include <WinSock2.h>
+#include <windows.h>
+#include "../windows/ZeroTierOne/ZeroTierOneService.h"
+
+#ifndef DISABLE_WINDOWS_SERVICE_MANAGEMENT
+// Returns true if started or already running, false if failed or not installed
+static bool startWindowsService()
+{
+	SERVICE_STATUS ssSvcStatus;
+	SC_HANDLE schSCManager = NULL;
+	SC_HANDLE schService = NULL;
+
+	schSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_CONNECT);
+	if (schSCManager == NULL)
+		return false;
+
+	schService = OpenServiceA(schSCManager, ZT_SERVICE_NAME, SERVICE_QUERY_STATUS | SERVICE_START);
+	if (schService == NULL) {
+		CloseServiceHandle(schSCManager);
+		return false;
+	}
+
+	int tries = 0;
+	bool running = true;
+
+	for(;;) {
+		memset(&ssSvcStatus,0,sizeof(ssSvcStatus));
+		if ((++tries > 20)||(!QueryServiceStatus(schService,&ssSvcStatus))) {
+			running = false;
+			break;
+		}
+
+		if (ssSvcStatus.dwCurrentState == SERVICE_RUNNING) {
+			break;
+		} else if (ssSvcStatus.dwCurrentState == SERVICE_START_PENDING) {
+			Sleep(500);
+			continue;
+		}
+
+		StartService(schService,0,NULL);
+		Sleep(500);
+	}
+
+	CloseServiceHandle(schService);
+	CloseServiceHandle(schSCManager);
+	return running;
+}
+#endif // !DISABLE_WINDOWS_SERVICE_MANAGEMENT
+#endif // __WINDOWS__
+
+// Globally visible settings for the app
+QSettings *settings = (QSettings *)0;
+
+int main(int argc, char *argv[])
+{
+	QApplication a(argc, argv);
+
+#ifdef __WINDOWS__
+	// Start up Winsock2
+	{
+		WSADATA wsaData;
+		WSAStartup(MAKEWORD(2,2),&wsaData);
+	}
+#endif
+
+	{
+		QFile qss(":css/stylesheet.css");
+		qss.open(QFile::ReadOnly);
+		QString style(qss.readAll());
+		a.setStyleSheet(style);
+	}
+
+#ifdef __APPLE__
+	// If service isn't installed, download and install it
+	if (!QFile::exists("/Library/Application Support/ZeroTier/One/zerotier-one")) {
+		// InstallDialog is an alternative main window. It will re-launch the app
+		// when done.
+		InstallDialog id;
+		id.setStyleSheet(a.styleSheet());
+		id.show();
+		return a.exec();
+	}
+
+	{
+		// Put QSettings here because this is one of the writable directories allowed
+		// in Apple's app store sandbox specs. We might end up in app store someday.
+		QString zt1AppSupport(QDir::homePath() + "/Library/Application Support/ZeroTier/One");
+		QDir::root().mkpath(zt1AppSupport);
+		settings = new QSettings(zt1AppSupport + "/ui.ini",QSettings::IniFormat);
+	}
+#else // on non-Apple boxen put it in the standard place using the default format
+	settings = new QSettings("ZeroTier Networks","ZeroTier One");
+#endif
+
+	if (!settings->value("acceptedLicenseV1",false).toBool()) {
+		LicenseDialog ld;
+		ld.setStyleSheet(a.styleSheet());
+		ld.exec();
+	}
+
+#if defined(__WINDOWS__) && !defined(DISABLE_WINDOWS_SERVICE_MANAGEMENT)
+	{
+		bool winSvcInstalled = false;
+		while (!startWindowsService()) {
+			if (winSvcInstalled) {
+				// Service was installed and subsequently failed to start again, so
+				// something is wrong!
+				QMessageBox::critical((QWidget *)0,"Service Not Available","Unable to locate or start ZeroTier One service. There may be a problem with the installation. Try installing from the .msi file again or e-mail contact@zerotier.com if you cannot install. (Error: service failed to start)",QMessageBox::Ok);
+				return 1;
+			}
+
+#ifdef _WIN64
+			BOOL is64Bit = TRUE;
+#else
+			BOOL is64Bit = FALSE;
+			IsWow64Process(GetCurrentProcess(),&is64Bit);
+#endif
+			std::string exe(ZeroTier::ZT_DEFAULTS.defaultHomePath + "\\zerotier-one_");
+			exe.append((is64Bit == TRUE) ? "x64.exe" : "x86.exe");
+
+			if (QFile::exists(exe.c_str())) {
+				STARTUPINFOA si;
+				PROCESS_INFORMATION pi;
+				memset(&si,0,sizeof(si));
+				memset(&pi,0,sizeof(pi));
+				if (CreateProcessA(NULL,const_cast <LPSTR>((exe + " -I").c_str()),NULL,NULL,FALSE,CREATE_NO_WINDOW|CREATE_NEW_PROCESS_GROUP,NULL,NULL,&si,&pi)) {
+					WaitForSingleObject(pi.hProcess,INFINITE);
+					CloseHandle(pi.hProcess);
+					CloseHandle(pi.hThread);
+					winSvcInstalled = true;
+				}
+			}
+
+			if (!winSvcInstalled) {
+				// Service failed to install -- installation problem like missing .exe
+				QMessageBox::critical((QWidget *)0,"Service Not Available","Unable to locate or start ZeroTier One service. There may be a problem with the installation. Try installing from the .msi file again or e-mail contact@zerotier.com if you cannot install. (Error: service not installed)",QMessageBox::Ok);
+				return 1;
+			}
+		}
+	}
+#endif
+
+	MainWindow w;
+	w.show();
+	return a.exec();
+}

ZeroTierUI/main.h

@@ -0,0 +1,9 @@
+#ifndef MAIN_H
+#define MAIN_H
+
+#include <QSettings>
+#include <QMainWindow>
+
+extern QSettings *settings;
+
+#endif // MAIN_H

ZeroTierUI/mainwindow.cpp

@@ -0,0 +1,424 @@
+/*
+ * ZeroTier One - Global Peer to Peer Ethernet
+ * Copyright (C) 2011-2014  ZeroTier Networks LLC
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * --
+ *
+ * ZeroTier may be used and distributed under the terms of the GPLv3, which
+ * are available at: http://www.gnu.org/licenses/gpl-3.0.html
+ *
+ * If you would like to embed ZeroTier into a commercial application or
+ * redistribute it in a modified binary form, please contact ZeroTier Networks
+ * LLC. Start here: http://www.zerotier.com/
+ */
+
+#include <string>
+#include <map>
+#include <set>
+#include <vector>
+#include <stdexcept>
+#include <utility>
+
+#include <QClipboard>
+#include <QMutex>
+#include <QCoreApplication>
+#include <QDir>
+#include <QFile>
+#include <QMessageBox>
+#include <QDebug>
+#include <QProcess>
+#include <QStringList>
+#include <QVBoxLayout>
+#include <QScrollBar>
+#include <QEventLoop>
+#include <QFont>
+
+#include "main.h"
+#include "mainwindow.h"
+#include "aboutwindow.h"
+#include "networkwidget.h"
+#include "ui_mainwindow.h"
+#include "ui_quickstartdialog.h"
+
+#ifdef __APPLE__
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include "mac_doprivileged.h"
+#endif
+
+#include "../node/Utils.hpp"
+#include "../node/Identity.hpp"
+#include "../node/Defaults.hpp"
+
+// Globally visible
+ZeroTier::NodeControlClient *zeroTierClient = (ZeroTier::NodeControlClient *)0;
+
+// Main window instance for app
+QMainWindow *mainWindow = (MainWindow *)0;
+
+// Handles message from ZeroTier One service
+static void handleZTMessage(void *arg,const char *line)
+{
+	static std::vector<std::string> ztReplies;
+	static QMutex ztReplies_m;
+
+	ztReplies_m.lock();
+
+	if (line) {
+		//printf("%s\n",line);
+		if ((line[0] == '.')&&(line[1] == (char)0)) {
+			// The message is packed into an event and sent to the main window where
+			// the actual parsing code lives.
+			MainWindow::ZTMessageEvent *event = new MainWindow::ZTMessageEvent(ztReplies);
+			ztReplies.clear();
+			QCoreApplication::postEvent(mainWindow,event); // must post since this may be another thread
+		} else if (line[0]) {
+			ztReplies.push_back(std::string(line));
+		}
+	}
+
+	ztReplies_m.unlock();
+}
+
+MainWindow::MainWindow(QWidget *parent) :
+	QMainWindow(parent),
+	ui(new Ui::MainWindow),
+	pollServiceTimerId(-1)
+{
+	mainWindow = this;
+
+	ui->setupUi(this);
+	if (ui->networkListWidget->verticalScrollBar())
+		ui->networkListWidget->verticalScrollBar()->setSingleStep(8);
+
+#ifdef __APPLE__
+	QWidgetList widgets = this->findChildren<QWidget*>();
+	foreach(QWidget *widget, widgets)
+		widget->setAttribute(Qt::WA_MacShowFocusRect,false);
+#endif
+
+#ifdef __WINDOWS__
+	// Windows operates at a different DPI, so we have to rescale the default Qt
+	// font sizes so everything isn't huge. Yeah.
+	QWidgetList widgets = this->findChildren<QWidget*>();
+	foreach(QWidget *widget, widgets) {
+		if (typeid(*widget) != typeid(*ui->menuFile)) { // menus don't need the DPI shift apparently
+			QFont font(widget->font());
+			font.setPointSizeF(font.pointSizeF() * 0.75);
+			widget->setFont(font);
+		}
+	}
+	this->raise();
+#endif
+
+	ui->noNetworksLabel->setVisible(true);
+	ui->noNetworksLabel->setText("Connecting to Service...");
+	ui->bottomContainerWidget->setVisible(false);
+	ui->networkListWidget->setVisible(false);
+
+	this->firstTimerTick = true;
+	this->pollServiceTimerId = this->startTimer(200);
+	this->cyclesSinceResponseFromService = 0;
+}
+
+MainWindow::~MainWindow()
+{
+	delete ui;
+	delete zeroTierClient;
+	zeroTierClient = (ZeroTier::NodeControlClient *)0;
+	mainWindow = (MainWindow *)0;
+}
+
+void MainWindow::timerEvent(QTimerEvent *event) // event can be null since code also calls this directly
+{
+	if (this->isHidden())
+		return;
+	if (this->pollServiceTimerId < 0)
+		return;
+
+	// Show quick start dialog on first launch, then reset timer to normal rate
+	if (this->firstTimerTick) {
+		this->firstTimerTick = false;
+		this->killTimer(this->pollServiceTimerId);
+		if (!settings->value("shown_quickStart",false).toBool()) {
+			on_actionQuick_Start_triggered();
+			settings->setValue("shown_quickStart",true);
+			settings->sync();
+		}
+		this->pollServiceTimerId = this->startTimer(2000);
+	}
+
+	if (!zeroTierClient) {
+#ifdef __APPLE__
+		if ((!QFile::exists(ZeroTier::NodeControlClient::authTokenDefaultUserPath()))&&(QFile::exists("/Library/Application Support/ZeroTier/One/zerotier-one"))) {
+			// Authorize user by copying auth token into local home directory
+			QMessageBox::information(this,"Authorization Needed","Administrator privileges are required to allow the current user to control ZeroTier One on this computer. (You only have to do this once.)",QMessageBox::Ok,QMessageBox::NoButton);
+
+			std::string homePath(QDir::homePath().toStdString());
+			QString zt1Caches(QDir::homePath() + "/Library/Caches/ZeroTier/One");
+			QDir::root().mkpath(zt1Caches);
+			std::string tmpPath((zt1Caches + "/auth.sh").toStdString());
+
+			FILE *scr = fopen(tmpPath.c_str(),"w");
+			if (!scr) {
+				QMessageBox::critical(this,"Cannot Authorize","Unable to authorize this user to administrate ZeroTier One. (Cannot write to temporary Library/Caches/ZeroTier/One folder.)",QMessageBox::Ok,QMessageBox::NoButton);
+				QApplication::exit(1);
+				return;
+			}
+
+			fprintf(scr,"#!/bin/bash\n");
+			fprintf(scr,"export PATH=\"/bin:/usr/bin:/sbin:/usr/sbin\"\n");
+			fprintf(scr,"if [ -f '/Library/Application Support/ZeroTier/One/authtoken.secret' ]; then\n");
+			fprintf(scr,"  mkdir -p '%s/Library/Application Support/ZeroTier/One'\n",homePath.c_str());
+			fprintf(scr,"  chown %d '%s/Library/Application Support/ZeroTier'\n",(int)getuid(),homePath.c_str());
+			fprintf(scr,"  chgrp %d '%s/Library/Application Support/ZeroTier'\n",(int)getgid(),homePath.c_str());
+			fprintf(scr,"  chmod 0700 '%s/Library/Application Support/ZeroTier'\n",homePath.c_str());
+			fprintf(scr,"  chown %d '%s/Library/Application Support/ZeroTier/One'\n",(int)getuid(),homePath.c_str());
+			fprintf(scr,"  chgrp %d '%s/Library/Application Support/ZeroTier/One'\n",(int)getgid(),homePath.c_str());
+			fprintf(scr,"  chmod 0700 '%s/Library/Application Support/ZeroTier/One'\n",homePath.c_str());
+			fprintf(scr,"  cp -f '/Library/Application Support/ZeroTier/One/authtoken.secret' '%s/Library/Application Support/ZeroTier/One/authtoken.secret'\n",homePath.c_str());
+			fprintf(scr,"  chown %d '%s/Library/Application Support/ZeroTier/One/authtoken.secret'\n",(int)getuid(),homePath.c_str());
+			fprintf(scr,"  chgrp %d '%s/Library/Application Support/ZeroTier/One/authtoken.secret'\n",(int)getgid(),homePath.c_str());
+			fprintf(scr,"  chmod 0600 '%s/Library/Application Support/ZeroTier/One/authtoken.secret'\n",homePath.c_str());
+			fprintf(scr,"fi\n");
+			fprintf(scr,"exit 0\n");
+
+			fclose(scr);
+			chmod(tmpPath.c_str(),0755);
+
+			macExecutePrivilegedShellCommand((std::string("'")+tmpPath+"' >>/dev/null 2>&1").c_str());
+
+			unlink(tmpPath.c_str());
+		}
+#endif // __APPLE__
+
+		try {
+			std::string buf;
+			if (ZeroTier::Utils::readFile((ZeroTier::ZT_DEFAULTS.defaultHomePath + ZT_PATH_SEPARATOR_S + "identity.public").c_str(),buf)) {
+				ZeroTier::Identity id;
+				if (id.fromString(buf)) {
+					std::string authToken(ZeroTier::NodeControlClient::getAuthToken(ZeroTier::NodeControlClient::authTokenDefaultUserPath(),false));
+					if (!authToken.length())
+						authToken = ZeroTier::NodeControlClient::getAuthToken((ZeroTier::ZT_DEFAULTS.defaultHomePath + ZT_PATH_SEPARATOR_S + "authtoken.secret").c_str(),false);
+					zeroTierClient = new ZeroTier::NodeControlClient((std::string(ZT_IPC_ENDPOINT_BASE) + id.address().toString()).c_str(),authToken.c_str(),&handleZTMessage,this);
+					const char *err = zeroTierClient->error();
+					if (err) {
+						delete zeroTierClient;
+						zeroTierClient = (ZeroTier::NodeControlClient *)0;
+					}
+				}
+			}
+		} catch ( ... ) {
+			zeroTierClient = (ZeroTier::NodeControlClient *)0;
+		}
+	}
+
+	if (++this->cyclesSinceResponseFromService >= 3) {
+		if (this->cyclesSinceResponseFromService == 3) {
+			QMessageBox::warning(this,"Service Not Running","Can't connect to the ZeroTier One service. Is it running?",QMessageBox::Ok);
+		}
+		ui->noNetworksLabel->setVisible(true);
+		ui->noNetworksLabel->setText("Connecting to Service...");
+		ui->bottomContainerWidget->setVisible(false);
+		ui->networkListWidget->setVisible(false);
+	}
+
+	if (zeroTierClient) {
+		zeroTierClient->send("info");
+		zeroTierClient->send("listnetworks");
+		zeroTierClient->send("listpeers");
+	}
+}
+
+void MainWindow::customEvent(QEvent *event)
+{
+	ZTMessageEvent *m = (ZTMessageEvent *)event; // only one custom event type so far
+	if (m->ztMessage.size() == 0)
+		return;
+	std::vector<std::string> hdr(ZeroTier::NodeControlClient::splitLine(m->ztMessage[0]));
+	if (hdr.size() < 2)
+		return;
+	if (hdr[0] != "200")
+		return;
+
+	this->cyclesSinceResponseFromService = 0;
+
+	if (hdr[1] == "info") {
+		if (hdr.size() >= 3)
+			this->myAddress = hdr[2].c_str();
+		if (hdr.size() >= 4)
+			this->myStatus = hdr[3].c_str();
+		if (hdr.size() >= 5)
+			this->myVersion = hdr[4].c_str();
+	} else if (hdr[1] == "listnetworks") {
+		std::map< std::string,std::vector<std::string> > newNetworks;
+		for(unsigned long i=1;i<m->ztMessage.size();++i) {
+			std::vector<std::string> l(ZeroTier::NodeControlClient::splitLine(m->ztMessage[i]));
+			// 200 listnetworks <nwid> <name> <mac> <status> <config age> <type> <dev> <ips>
+			if ((l.size() == 10)&&(l[2].length() == 16))
+				newNetworks[l[2]] = l;
+		}
+
+		if (newNetworks != networks) {
+			networks = newNetworks;
+
+			for (bool removed=true;removed;) {
+				removed = false;
+				for(int r=0;r<ui->networkListWidget->count();++r) {
+					NetworkWidget *nw = (NetworkWidget *)ui->networkListWidget->itemWidget(ui->networkListWidget->item(r));
+					if (!networks.count(nw->networkId())) {
+						ui->networkListWidget->setVisible(false); // HACK to prevent an occasional crash here, discovered through hours of shotgun debugging... :P
+						delete ui->networkListWidget->takeItem(r);
+						removed = true;
+						break;
+					}
+				}
+			}
+			ui->networkListWidget->setVisible(true);
+			std::set<std::string> alreadyDisplayed;
+			for(int r=0;r<ui->networkListWidget->count();++r) {
+				NetworkWidget *nw = (NetworkWidget *)ui->networkListWidget->itemWidget(ui->networkListWidget->item(r));
+				if (networks.count(nw->networkId()) > 0) {
+					alreadyDisplayed.insert(nw->networkId());
+					std::vector<std::string> &l = networks[nw->networkId()];
+					nw->setNetworkName(l[3]);
+					nw->setMAC(l[4]);
+					nw->setStatus(l[5],l[6]);
+					nw->setNetworkType(l[7]);
+					nw->setNetworkDeviceName(l[8]);
+					nw->setIps(l[9]);
+				}
+			}
+			for(std::map< std::string,std::vector<std::string> >::iterator nwdata(networks.begin());nwdata!=networks.end();++nwdata) {
+				if (alreadyDisplayed.count(nwdata->first) == 0) {
+					std::vector<std::string> &l = nwdata->second;
+					NetworkWidget *nw = new NetworkWidget((QWidget *)0,nwdata->first);
+					nw->setNetworkName(l[3]);
+					nw->setMAC(l[4]);
+					nw->setStatus(l[5],l[6]);
+					nw->setNetworkType(l[7]);
+					nw->setNetworkDeviceName(l[8]);
+					nw->setIps(l[9]);
+					QListWidgetItem *item = new QListWidgetItem();
+					item->setSizeHint(nw->sizeHint());
+					ui->networkListWidget->addItem(item);
+					ui->networkListWidget->setItemWidget(item,nw);
+				}
+			}
+		}
+	} else if (hdr[1] == "listpeers") {
+		this->numPeers = 0;
+		for(unsigned long i=1;i<m->ztMessage.size();++i)
+			++this->numPeers;
+	} else
+		return;
+
+	if (!ui->networkListWidget->count()) {
+		ui->noNetworksLabel->setText("You Have Not Joined Any Networks");
+		ui->noNetworksLabel->setVisible(true);
+	} else ui->noNetworksLabel->setVisible(false);
+
+	if (!ui->bottomContainerWidget->isVisible())
+		ui->bottomContainerWidget->setVisible(true);
+	if (!ui->networkListWidget->isVisible())
+		ui->networkListWidget->setVisible(true);
+
+	if (this->myAddress.size())
+		ui->addressButton->setText(this->myAddress);
+	else ui->addressButton->setText("          ");
+
+	QString st(this->myStatus);
+	st += ", v";
+	st += this->myVersion;
+	st += ", ";
+	st += QString::number(this->numPeers);
+	st += " peers";
+	ui->statusLabel->setText(st);
+}
+
+void MainWindow::on_joinNetworkButton_clicked()
+{
+	QString toJoin(ui->networkIdLineEdit->text());
+	ui->networkIdLineEdit->setText(QString());
+
+	if (!zeroTierClient) // sanity check
+		return;
+
+	if (toJoin.size() != 16) {
+		QMessageBox::information(this,"Invalid Network ID","The network ID you entered was not valid. Enter a 16-digit hexadecimal network ID, like '8056c2e21c000001'.",QMessageBox::Ok,QMessageBox::NoButton);
+		return;
+	}
+
+	zeroTierClient->send((QString("join ") + toJoin).toStdString());
+}
+
+void MainWindow::on_actionAbout_triggered()
+{
+	AboutWindow *about = new AboutWindow(this);
+	about->show();
+}
+
+void MainWindow::on_networkIdLineEdit_textChanged(const QString &text)
+{
+	QString newText;
+	for(QString::const_iterator i(text.begin());i!=text.end();++i) {
+		switch(i->toLatin1()) {
+			case '0': newText.append('0'); break;
+			case '1': newText.append('1'); break;
+			case '2': newText.append('2'); break;
+			case '3': newText.append('3'); break;
+			case '4': newText.append('4'); break;
+			case '5': newText.append('5'); break;
+			case '6': newText.append('6'); break;
+			case '7': newText.append('7'); break;
+			case '8': newText.append('8'); break;
+			case '9': newText.append('9'); break;
+			case 'a': newText.append('a'); break;
+			case 'b': newText.append('b'); break;
+			case 'c': newText.append('c'); break;
+			case 'd': newText.append('d'); break;
+			case 'e': newText.append('e'); break;
+			case 'f': newText.append('f'); break;
+			case 'A': newText.append('a'); break;
+			case 'B': newText.append('b'); break;
+			case 'C': newText.append('c'); break;
+			case 'D': newText.append('d'); break;
+			case 'E': newText.append('e'); break;
+			case 'F': newText.append('f'); break;
+			default: break;
+		}
+	}
+	if (newText.size() > 16)
+		newText.truncate(16);
+	ui->networkIdLineEdit->setText(newText);
+}
+
+void MainWindow::on_addressButton_clicked()
+{
+	QApplication::clipboard()->setText(this->myAddress);
+}
+
+void MainWindow::on_actionQuick_Start_triggered()
+{
+	Ui::QuickstartDialog qd;
+	QDialog *qdd = new QDialog(this);
+	qd.setupUi(qdd);
+	qdd->setModal(false);
+	qdd->show();
+}

ZeroTierUI/mainwindow.h

@@ -0,0 +1,101 @@
+/*
+ * ZeroTier One - Global Peer to Peer Ethernet
+ * Copyright (C) 2011-2014  ZeroTier Networks LLC
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * --
+ *
+ * ZeroTier may be used and distributed under the terms of the GPLv3, which
+ * are available at: http://www.gnu.org/licenses/gpl-3.0.html
+ *
+ * If you would like to embed ZeroTier into a commercial application or
+ * redistribute it in a modified binary form, please contact ZeroTier Networks
+ * LLC. Start here: http://www.zerotier.com/
+ */
+
+#ifndef MAINWINDOW_H
+#define MAINWINDOW_H
+
+#include <QMainWindow>
+#include <QEvent>
+#include <QString>
+#include <QShowEvent>
+#include <QTimerEvent>
+#include <QSettings>
+
+#include <map>
+#include <vector>
+#include <string>
+
+#include "../node/Constants.hpp"
+#include "../node/Node.hpp"
+#include "../node/Utils.hpp"
+#include "../control/NodeControlClient.hpp"
+
+namespace Ui {
+class MainWindow;
+}
+
+// Globally visible instance of local client for communicating with ZT1
+// Can be null if not connected, or will point to current
+extern ZeroTier::NodeControlClient *zeroTierClient;
+
+// Globally visible pointer to main app window
+extern QMainWindow *mainWindow;
+
+class MainWindow : public QMainWindow
+{
+	Q_OBJECT
+
+public:
+	// Event used to pass messages from the Node::LocalClient thread to the
+	// main window to update network lists and stats.
+	class ZTMessageEvent : public QEvent
+	{
+	public:
+		ZTMessageEvent(const std::vector<std::string> &m) :
+			QEvent(QEvent::User),
+			ztMessage(m) {}
+		std::vector<std::string> ztMessage;
+	};
+
+	explicit MainWindow(QWidget *parent = 0);
+	virtual ~MainWindow();
+
+protected:
+	virtual void timerEvent(QTimerEvent *event);
+	virtual void customEvent(QEvent *event);
+
+private slots:
+	void on_joinNetworkButton_clicked();
+	void on_actionAbout_triggered();
+	void on_networkIdLineEdit_textChanged(const QString &text);
+	void on_addressButton_clicked();
+	void on_actionQuick_Start_triggered();
+
+private:
+	Ui::MainWindow *ui;
+
+	QString myAddress;
+	QString myStatus;
+	QString myVersion;
+	bool firstTimerTick;
+	int pollServiceTimerId;
+	unsigned int numPeers;
+	unsigned int cyclesSinceResponseFromService;
+	std::map< std::string,std::vector<std::string> > networks;
+};
+
+#endif // MAINWINDOW_H

ZeroTierUI/mainwindow.ui

@@ -0,0 +1,306 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<ui version="4.0">
+ <class>MainWindow</class>
+ <widget class="QMainWindow" name="MainWindow">
+  <property name="geometry">
+   <rect>
+    <x>0</x>
+    <y>0</y>
+    <width>850</width>
+    <height>400</height>
+   </rect>
+  </property>
+  <property name="windowTitle">
+   <string>ZeroTier One</string>
+  </property>
+  <property name="windowIcon">
+   <iconset resource="resources.qrc">
+    <normaloff>:/img/zt1icon.png</normaloff>:/img/zt1icon.png</iconset>
+  </property>
+  <widget class="QWidget" name="centralWidget">
+   <layout class="QVBoxLayout" name="verticalLayout">
+    <property name="spacing">
+     <number>0</number>
+    </property>
+    <property name="leftMargin">
+     <number>0</number>
+    </property>
+    <property name="topMargin">
+     <number>0</number>
+    </property>
+    <property name="rightMargin">
+     <number>0</number>
+    </property>
+    <property name="bottomMargin">
+     <number>0</number>
+    </property>
+    <item>
+     <widget class="QLabel" name="noNetworksLabel">
+      <property name="font">
+       <font>
+        <pointsize>16</pointsize>
+       </font>
+      </property>
+      <property name="frameShape">
+       <enum>QFrame::NoFrame</enum>
+      </property>
+      <property name="text">
+       <string>You Have Not Joined Any Networks</string>
+      </property>
+      <property name="textFormat">
+       <enum>Qt::PlainText</enum>
+      </property>
+      <property name="alignment">
+       <set>Qt::AlignCenter</set>
+      </property>
+      <property name="wordWrap">
+       <bool>true</bool>
+      </property>
+      <property name="margin">
+       <number>25</number>
+      </property>
+      <property name="textInteractionFlags">
+       <set>Qt::NoTextInteraction</set>
+      </property>
+     </widget>
+    </item>
+    <item>
+     <widget class="QListWidget" name="networkListWidget">
+      <property name="focusPolicy">
+       <enum>Qt::NoFocus</enum>
+      </property>
+      <property name="frameShape">
+       <enum>QFrame::NoFrame</enum>
+      </property>
+      <property name="horizontalScrollBarPolicy">
+       <enum>Qt::ScrollBarAlwaysOff</enum>
+      </property>
+      <property name="autoScroll">
+       <bool>false</bool>
+      </property>
+      <property name="editTriggers">
+       <set>QAbstractItemView::NoEditTriggers</set>
+      </property>
+      <property name="selectionMode">
+       <enum>QAbstractItemView::NoSelection</enum>
+      </property>
+      <property name="verticalScrollMode">
+       <enum>QAbstractItemView::ScrollPerPixel</enum>
+      </property>
+      <property name="spacing">
+       <number>0</number>
+      </property>
+      <property name="uniformItemSizes">
+       <bool>true</bool>
+      </property>
+     </widget>
+    </item>
+    <item>
+     <widget class="QWidget" name="bottomContainerWidget" native="true">
+      <layout class="QHBoxLayout" name="horizontalLayout">
+       <property name="spacing">
+        <number>0</number>
+       </property>
+       <property name="leftMargin">
+        <number>0</number>
+       </property>
+       <property name="topMargin">
+        <number>0</number>
+       </property>
+       <property name="rightMargin">
+        <number>0</number>
+       </property>
+       <property name="bottomMargin">
+        <number>0</number>
+       </property>
+       <item>
+        <widget class="QToolButton" name="addressButton">
+         <property name="sizePolicy">
+          <sizepolicy hsizetype="Minimum" vsizetype="Preferred">
+           <horstretch>0</horstretch>
+           <verstretch>0</verstretch>
+          </sizepolicy>
+         </property>
+         <property name="font">
+          <font>
+           <family>Courier</family>
+           <pointsize>12</pointsize>
+           <weight>75</weight>
+           <bold>true</bold>
+          </font>
+         </property>
+         <property name="statusTip">
+          <string>Your 10-digit ZeroTier address; click to copy to clipboard.</string>
+         </property>
+         <property name="text">
+          <string notr="true">----------</string>
+         </property>
+         <property name="toolButtonStyle">
+          <enum>Qt::ToolButtonTextOnly</enum>
+         </property>
+         <property name="class" stdset="0">
+          <string notr="true">clickToCopy</string>
+         </property>
+        </widget>
+       </item>
+       <item>
+        <widget class="QLabel" name="statusLabel">
+         <property name="sizePolicy">
+          <sizepolicy hsizetype="Expanding" vsizetype="Preferred">
+           <horstretch>0</horstretch>
+           <verstretch>0</verstretch>
+          </sizepolicy>
+         </property>
+         <property name="font">
+          <font>
+           <pointsize>10</pointsize>
+          </font>
+         </property>
+         <property name="statusTip">
+          <string>Your network connection status.</string>
+         </property>
+         <property name="text">
+          <string/>
+         </property>
+         <property name="textFormat">
+          <enum>Qt::PlainText</enum>
+         </property>
+        </widget>
+       </item>
+       <item>
+        <widget class="QLineEdit" name="networkIdLineEdit">
+         <property name="sizePolicy">
+          <sizepolicy hsizetype="Fixed" vsizetype="Fixed">
+           <horstretch>0</horstretch>
+           <verstretch>0</verstretch>
+          </sizepolicy>
+         </property>
+         <property name="font">
+          <font>
+           <family>Courier</family>
+           <pointsize>12</pointsize>
+          </font>
+         </property>
+         <property name="statusTip">
+          <string>Enter a hexadecimal network ID to join a network.</string>
+         </property>
+         <property name="maxLength">
+          <number>16</number>
+         </property>
+         <property name="frame">
+          <bool>true</bool>
+         </property>
+         <property name="placeholderText">
+          <string>(Network ID)</string>
+         </property>
+        </widget>
+       </item>
+       <item>
+        <widget class="QToolButton" name="joinNetworkButton">
+         <property name="sizePolicy">
+          <sizepolicy hsizetype="Minimum" vsizetype="Preferred">
+           <horstretch>0</horstretch>
+           <verstretch>0</verstretch>
+          </sizepolicy>
+         </property>
+         <property name="font">
+          <font>
+           <family>Courier</family>
+           <pointsize>16</pointsize>
+           <weight>75</weight>
+           <bold>true</bold>
+          </font>
+         </property>
+         <property name="statusTip">
+          <string>Join this network.</string>
+         </property>
+         <property name="text">
+          <string notr="true">+</string>
+         </property>
+        </widget>
+       </item>
+      </layout>
+     </widget>
+    </item>
+   </layout>
+  </widget>
+  <widget class="QMenuBar" name="menuBar">
+   <property name="geometry">
+    <rect>
+     <x>0</x>
+     <y>0</y>
+     <width>850</width>
+     <height>34</height>
+    </rect>
+   </property>
+   <property name="font">
+    <font>
+     <pointsize>12</pointsize>
+    </font>
+   </property>
+   <property name="layoutDirection">
+    <enum>Qt::LeftToRight</enum>
+   </property>
+   <widget class="QMenu" name="menuHelp">
+    <property name="title">
+     <string>Help</string>
+    </property>
+    <addaction name="actionAbout"/>
+    <addaction name="actionQuick_Start"/>
+   </widget>
+   <widget class="QMenu" name="menuFile">
+    <property name="title">
+     <string>File</string>
+    </property>
+    <addaction name="separator"/>
+    <addaction name="actionExit"/>
+   </widget>
+   <addaction name="menuFile"/>
+   <addaction name="menuHelp"/>
+  </widget>
+  <widget class="QStatusBar" name="statusBar">
+   <property name="font">
+    <font>
+     <pointsize>10</pointsize>
+    </font>
+   </property>
+  </widget>
+  <action name="actionAbout">
+   <property name="text">
+    <string>About</string>
+   </property>
+  </action>
+  <action name="actionExit">
+   <property name="text">
+    <string>Exit</string>
+   </property>
+  </action>
+  <action name="actionQuick_Start">
+   <property name="text">
+    <string>Quick Start</string>
+   </property>
+  </action>
+ </widget>
+ <layoutdefault spacing="6" margin="11"/>
+ <resources>
+  <include location="resources.qrc"/>
+ </resources>
+ <connections>
+  <connection>
+   <sender>actionExit</sender>
+   <signal>triggered()</signal>
+   <receiver>MainWindow</receiver>
+   <slot>close()</slot>
+   <hints>
+    <hint type="sourcelabel">
+     <x>-1</x>
+     <y>-1</y>
+    </hint>
+    <hint type="destinationlabel">
+     <x>333</x>
+     <y>149</y>
+    </hint>
+   </hints>
+  </connection>
+ </connections>
+</ui>

ZeroTierUI/networkwidget.cpp

@@ -0,0 +1,181 @@
+/*
+ * ZeroTier One - Global Peer to Peer Ethernet
+ * Copyright (C) 2011-2014  ZeroTier Networks LLC
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * --
+ *
+ * ZeroTier may be used and distributed under the terms of the GPLv3, which
+ * are available at: http://www.gnu.org/licenses/gpl-3.0.html
+ *
+ * If you would like to embed ZeroTier into a commercial application or
+ * redistribute it in a modified binary form, please contact ZeroTier Networks
+ * LLC. Start here: http://www.zerotier.com/
+ */
+
+#include "networkwidget.h"
+#include "mainwindow.h"
+#include "ui_networkwidget.h"
+#include "onetimedialog.h"
+#include "main.h"
+
+#include <QClipboard>
+#include <QString>
+#include <QStringList>
+#include <QCoreApplication>
+#include <QProcess>
+#include <QList>
+#include <QMessageBox>
+#include <QFont>
+
+#include "../node/Constants.hpp"
+
+NetworkWidget::NetworkWidget(QWidget *parent,const std::string &nwid) :
+	QWidget(parent),
+	ui(new Ui::NetworkWidget),
+	networkIdStr(nwid),
+	publicWarningShown(false)
+{
+	ui->setupUi(this);
+	ui->networkIdButton->setText(QString(nwid.c_str()));
+
+	QFontMetrics fm(ui->ipListWidget->font());
+	int lineHeight = ui->ipListWidget->spacing() + fm.height();
+	ui->ipListWidget->setMinimumHeight(lineHeight * 6);
+	ui->ipListWidget->setMaximumHeight(lineHeight * 6);
+
+#ifdef __APPLE__
+	QWidgetList widgets = this->findChildren<QWidget*>();
+	foreach(QWidget* widget, widgets)
+		widget->setAttribute(Qt::WA_MacShowFocusRect,false);
+#endif
+
+#ifdef __WINDOWS__
+	QWidgetList widgets = this->findChildren<QWidget*>();
+	foreach(QWidget *widget, widgets) {
+		QFont font(widget->font());
+		font.setPointSizeF(font.pointSizeF() * 0.75);
+		widget->setFont(font);
+	}
+#endif
+}
+
+NetworkWidget::~NetworkWidget()
+{
+	delete ui;
+}
+
+void NetworkWidget::setStatus(const std::string &status,const std::string &age)
+{
+	ui->statusLabel->setText(QString(status.c_str()));
+}
+
+void NetworkWidget::setNetworkName(const std::string &name)
+{
+	if (name == "?") {
+		ui->nameLabel->setText("... waiting ...");
+		ui->nameLabel->setEnabled(false);
+	} else {
+		ui->nameLabel->setText(QString(name.c_str()));
+		ui->nameLabel->setEnabled(true);
+	}
+}
+
+void NetworkWidget::setNetworkType(const std::string &type)
+{
+	ui->networkTypeLabel->setText(QString(type.c_str()));
+	if (type == "?")
+		ui->networkTypeLabel->setStatusTip("Waiting for configuration...");
+	else if (type == "public") {
+		if ((!publicWarningShown)&&(!settings->value("shown_publicWarning",false).toBool())) {
+			publicWarningShown = true;
+			OneTimeDialog *d = new OneTimeDialog(mainWindow,"shown_publicWarning","Security Notice","Security Notice:"ZT_EOL_S""ZT_EOL_S"You have joined a public network. Anyone can join these. We recommend making sure that your system's automatic software updates are enabled and turning off any shared network services that you do not want people to access.");
+			d->setModal(false);
+			d->show();
+		}
+		ui->networkTypeLabel->setStatusTip("This network can be joined by anyone in the world.");
+	} else if (type == "private")
+		ui->networkTypeLabel->setStatusTip("This network is private; only authorized peers can join.");
+	else ui->networkTypeLabel->setStatusTip("Unknown network type.");
+}
+
+void NetworkWidget::setNetworkDeviceName(const std::string &dev)
+{
+	ui->deviceLabel->setText(QString(dev.c_str()));
+}
+
+void NetworkWidget::setIps(const std::string &commaSeparatedList)
+{
+	QStringList ips(QString(commaSeparatedList.c_str()).split(QChar(','),QString::SkipEmptyParts));
+	if (commaSeparatedList == "-")
+		ips.clear();
+
+	QStringList tmp;
+	ips.sort();
+	for(QStringList::iterator i(ips.begin());i!=ips.end();++i) {
+		QString ipOnly(*i);
+		int slashIdx = ipOnly.indexOf('/');
+		if (slashIdx > 0)
+			ipOnly.truncate(slashIdx);
+		tmp.append(ipOnly);
+	}
+	ips = tmp;
+
+	for(QStringList::iterator i(ips.begin());i!=ips.end();++i) {
+		if (ui->ipListWidget->findItems(*i,Qt::MatchCaseSensitive).size() == 0)
+			ui->ipListWidget->addItem(*i);
+	}
+
+	for(int i=0;i<ui->ipListWidget->count();++i) {
+		QListWidgetItem *item = ui->ipListWidget->item(i);
+		if (!ips.contains(item->text()))
+			ui->ipListWidget->removeItemWidget(item);
+	}
+}
+
+void NetworkWidget::setMAC(const std::string &mac)
+{
+	ui->macLabel->setText(QString(mac.c_str()));
+}
+
+const std::string &NetworkWidget::networkId()
+{
+	return networkIdStr;
+}
+
+void NetworkWidget::on_leaveNetworkButton_clicked()
+{
+	if (QMessageBox::question(this,"Leave Network?",QString("Are you sure you want to leave network '") + networkIdStr.c_str() + "'?",QMessageBox::No,QMessageBox::Yes) == QMessageBox::Yes) {
+		this->setEnabled(false);
+		zeroTierClient->send((QString("leave ") + networkIdStr.c_str()).toStdString());
+	}
+}
+
+void NetworkWidget::on_networkIdButton_clicked()
+{
+	QApplication::clipboard()->setText(ui->networkIdButton->text());
+}
+
+void NetworkWidget::on_ipListWidget_itemActivated(QListWidgetItem *item)
+{
+	if (item)
+		QApplication::clipboard()->setText(item->text());
+}
+
+void NetworkWidget::on_ipListWidget_currentItemChanged(QListWidgetItem *current, QListWidgetItem *previous)
+{
+	if (current)
+		QApplication::clipboard()->setText(current->text());
+}

ZeroTierUI/networkwidget.h

@@ -0,0 +1,69 @@
+/*
+ * ZeroTier One - Global Peer to Peer Ethernet
+ * Copyright (C) 2011-2014  ZeroTier Networks LLC
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * --
+ *
+ * ZeroTier may be used and distributed under the terms of the GPLv3, which
+ * are available at: http://www.gnu.org/licenses/gpl-3.0.html
+ *
+ * If you would like to embed ZeroTier into a commercial application or
+ * redistribute it in a modified binary form, please contact ZeroTier Networks
+ * LLC. Start here: http://www.zerotier.com/
+ */
+
+#ifndef NETWORK_H
+#define NETWORK_H
+
+#include <string>
+
+#include <QWidget>
+#include <QListWidgetItem>
+
+namespace Ui {
+class NetworkWidget;
+}
+
+class NetworkWidget : public QWidget
+{
+	Q_OBJECT
+
+public:
+	explicit NetworkWidget(QWidget *parent = 0,const std::string &nwid = std::string());
+	virtual ~NetworkWidget();
+
+	void setStatus(const std::string &status,const std::string &age);
+	void setNetworkName(const std::string &name);
+	void setNetworkType(const std::string &type);
+	void setNetworkDeviceName(const std::string &dev);
+	void setIps(const std::string &commaSeparatedList);
+	void setMAC(const std::string &mac);
+
+	const std::string &networkId();
+
+private slots:
+	void on_leaveNetworkButton_clicked();
+	void on_networkIdButton_clicked();
+	void on_ipListWidget_itemActivated(QListWidgetItem *item);
+	void on_ipListWidget_currentItemChanged(QListWidgetItem *current, QListWidgetItem *previous);
+
+private:
+	Ui::NetworkWidget *ui;
+	std::string networkIdStr;
+	bool publicWarningShown;
+};
+
+#endif // NETWORK_H

ZeroTierUI/networkwidget.ui

@@ -0,0 +1,574 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<ui version="4.0">
+ <class>NetworkWidget</class>
+ <widget class="QWidget" name="NetworkWidget">
+  <property name="geometry">
+   <rect>
+    <x>0</x>
+    <y>0</y>
+    <width>689</width>
+    <height>253</height>
+   </rect>
+  </property>
+  <property name="sizePolicy">
+   <sizepolicy hsizetype="Expanding" vsizetype="Expanding">
+    <horstretch>0</horstretch>
+    <verstretch>0</verstretch>
+   </sizepolicy>
+  </property>
+  <property name="windowTitle">
+   <string>Network</string>
+  </property>
+  <property name="class" stdset="0">
+   <string notr="true">networkListItem</string>
+  </property>
+  <layout class="QHBoxLayout">
+   <property name="spacing">
+    <number>0</number>
+   </property>
+   <property name="leftMargin">
+    <number>2</number>
+   </property>
+   <property name="topMargin">
+    <number>0</number>
+   </property>
+   <property name="rightMargin">
+    <number>2</number>
+   </property>
+   <property name="bottomMargin">
+    <number>0</number>
+   </property>
+   <item>
+    <widget class="QWidget" name="leftWidget" native="true">
+     <property name="sizePolicy">
+      <sizepolicy hsizetype="Preferred" vsizetype="Preferred">
+       <horstretch>0</horstretch>
+       <verstretch>0</verstretch>
+      </sizepolicy>
+     </property>
+     <layout class="QVBoxLayout" name="verticalLayout_2">
+      <property name="spacing">
+       <number>2</number>
+      </property>
+      <property name="leftMargin">
+       <number>0</number>
+      </property>
+      <property name="topMargin">
+       <number>0</number>
+      </property>
+      <property name="rightMargin">
+       <number>0</number>
+      </property>
+      <property name="bottomMargin">
+       <number>0</number>
+      </property>
+      <item>
+       <widget class="QWidget" name="networkInfoWidget" native="true">
+        <property name="sizePolicy">
+         <sizepolicy hsizetype="Preferred" vsizetype="Preferred">
+          <horstretch>0</horstretch>
+          <verstretch>0</verstretch>
+         </sizepolicy>
+        </property>
+        <layout class="QHBoxLayout" name="horizontalLayout">
+         <property name="leftMargin">
+          <number>0</number>
+         </property>
+         <property name="topMargin">
+          <number>4</number>
+         </property>
+         <property name="rightMargin">
+          <number>0</number>
+         </property>
+         <property name="bottomMargin">
+          <number>0</number>
+         </property>
+         <item>
+          <widget class="QToolButton" name="networkIdButton">
+           <property name="font">
+            <font>
+             <family>Courier</family>
+             <pointsize>13</pointsize>
+             <weight>75</weight>
+             <bold>true</bold>
+            </font>
+           </property>
+           <property name="statusTip">
+            <string>Hexadecimal network ID; click to copy to clipboard.</string>
+           </property>
+           <property name="text">
+            <string notr="true">----------------</string>
+           </property>
+           <property name="toolButtonStyle">
+            <enum>Qt::ToolButtonTextOnly</enum>
+           </property>
+           <property name="class" stdset="0">
+            <string notr="true">clickToCopy</string>
+           </property>
+          </widget>
+         </item>
+         <item>
+          <widget class="QLabel" name="label_2">
+           <property name="font">
+            <font>
+             <pointsize>14</pointsize>
+            </font>
+           </property>
+           <property name="text">
+            <string>[</string>
+           </property>
+           <property name="textFormat">
+            <enum>Qt::PlainText</enum>
+           </property>
+           <property name="textInteractionFlags">
+            <set>Qt::NoTextInteraction</set>
+           </property>
+          </widget>
+         </item>
+         <item>
+          <widget class="QLabel" name="nameLabel">
+           <property name="font">
+            <font>
+             <pointsize>13</pointsize>
+             <weight>75</weight>
+             <bold>true</bold>
+            </font>
+           </property>
+           <property name="statusTip">
+            <string>This network's short name.</string>
+           </property>
+           <property name="text">
+            <string>networkname</string>
+           </property>
+           <property name="textFormat">
+            <enum>Qt::PlainText</enum>
+           </property>
+           <property name="alignment">
+            <set>Qt::AlignLeading|Qt::AlignLeft|Qt::AlignVCenter</set>
+           </property>
+           <property name="textInteractionFlags">
+            <set>Qt::NoTextInteraction</set>
+           </property>
+           <property name="class" stdset="0">
+            <string notr="true">networkName</string>
+           </property>
+          </widget>
+         </item>
+         <item>
+          <widget class="QLabel" name="label_3">
+           <property name="font">
+            <font>
+             <pointsize>14</pointsize>
+            </font>
+           </property>
+           <property name="text">
+            <string>]</string>
+           </property>
+           <property name="textFormat">
+            <enum>Qt::PlainText</enum>
+           </property>
+           <property name="textInteractionFlags">
+            <set>Qt::NoTextInteraction</set>
+           </property>
+          </widget>
+         </item>
+         <item>
+          <spacer name="horizontalSpacer_3">
+           <property name="orientation">
+            <enum>Qt::Horizontal</enum>
+           </property>
+           <property name="sizeHint" stdset="0">
+            <size>
+             <width>40</width>
+             <height>20</height>
+            </size>
+           </property>
+          </spacer>
+         </item>
+        </layout>
+       </widget>
+      </item>
+      <item>
+       <widget class="QWidget" name="networkStatsWidget" native="true">
+        <property name="sizePolicy">
+         <sizepolicy hsizetype="Preferred" vsizetype="Maximum">
+          <horstretch>0</horstretch>
+          <verstretch>0</verstretch>
+         </sizepolicy>
+        </property>
+        <layout class="QFormLayout" name="formLayout">
+         <property name="fieldGrowthPolicy">
+          <enum>QFormLayout::ExpandingFieldsGrow</enum>
+         </property>
+         <property name="rowWrapPolicy">
+          <enum>QFormLayout::DontWrapRows</enum>
+         </property>
+         <property name="labelAlignment">
+          <set>Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter</set>
+         </property>
+         <property name="formAlignment">
+          <set>Qt::AlignHCenter|Qt::AlignTop</set>
+         </property>
+         <property name="horizontalSpacing">
+          <number>4</number>
+         </property>
+         <property name="verticalSpacing">
+          <number>2</number>
+         </property>
+         <property name="leftMargin">
+          <number>4</number>
+         </property>
+         <property name="topMargin">
+          <number>4</number>
+         </property>
+         <property name="rightMargin">
+          <number>0</number>
+         </property>
+         <property name="bottomMargin">
+          <number>4</number>
+         </property>
+         <item row="2" column="0">
+          <widget class="QLabel" name="label_5">
+           <property name="font">
+            <font>
+             <pointsize>12</pointsize>
+            </font>
+           </property>
+           <property name="text">
+            <string>Type:</string>
+           </property>
+           <property name="textFormat">
+            <enum>Qt::PlainText</enum>
+           </property>
+          </widget>
+         </item>
+         <item row="2" column="1">
+          <widget class="QLabel" name="networkTypeLabel">
+           <property name="sizePolicy">
+            <sizepolicy hsizetype="Expanding" vsizetype="Preferred">
+             <horstretch>0</horstretch>
+             <verstretch>0</verstretch>
+            </sizepolicy>
+           </property>
+           <property name="font">
+            <font>
+             <pointsize>12</pointsize>
+             <weight>75</weight>
+             <bold>true</bold>
+            </font>
+           </property>
+           <property name="statusTip">
+            <string>What kind of network? Public or private?</string>
+           </property>
+           <property name="text">
+            <string>?</string>
+           </property>
+           <property name="textFormat">
+            <enum>Qt::PlainText</enum>
+           </property>
+          </widget>
+         </item>
+         <item row="3" column="0">
+          <widget class="QLabel" name="label">
+           <property name="font">
+            <font>
+             <pointsize>12</pointsize>
+            </font>
+           </property>
+           <property name="text">
+            <string>Status:</string>
+           </property>
+           <property name="textFormat">
+            <enum>Qt::PlainText</enum>
+           </property>
+          </widget>
+         </item>
+         <item row="3" column="1">
+          <widget class="QLabel" name="statusLabel">
+           <property name="sizePolicy">
+            <sizepolicy hsizetype="Expanding" vsizetype="Preferred">
+             <horstretch>0</horstretch>
+             <verstretch>0</verstretch>
+            </sizepolicy>
+           </property>
+           <property name="font">
+            <font>
+             <pointsize>12</pointsize>
+             <weight>75</weight>
+             <bold>true</bold>
+            </font>
+           </property>
+           <property name="statusTip">
+            <string>Status of this network.</string>
+           </property>
+           <property name="text">
+            <string>?</string>
+           </property>
+           <property name="textFormat">
+            <enum>Qt::PlainText</enum>
+           </property>
+          </widget>
+         </item>
+         <item row="5" column="0">
+          <widget class="QLabel" name="label_4">
+           <property name="font">
+            <font>
+             <pointsize>12</pointsize>
+            </font>
+           </property>
+           <property name="text">
+            <string>Device:</string>
+           </property>
+           <property name="textFormat">
+            <enum>Qt::PlainText</enum>
+           </property>
+          </widget>
+         </item>
+         <item row="5" column="1">
+          <widget class="QLabel" name="deviceLabel">
+           <property name="sizePolicy">
+            <sizepolicy hsizetype="Expanding" vsizetype="Preferred">
+             <horstretch>0</horstretch>
+             <verstretch>0</verstretch>
+            </sizepolicy>
+           </property>
+           <property name="font">
+            <font>
+             <pointsize>12</pointsize>
+             <weight>75</weight>
+             <bold>true</bold>
+            </font>
+           </property>
+           <property name="statusTip">
+            <string>The name of the network device on your system.</string>
+           </property>
+           <property name="text">
+            <string>?</string>
+           </property>
+           <property name="textFormat">
+            <enum>Qt::PlainText</enum>
+           </property>
+          </widget>
+         </item>
+         <item row="4" column="0">
+          <widget class="QLabel" name="label_7">
+           <property name="font">
+            <font>
+             <pointsize>12</pointsize>
+            </font>
+           </property>
+           <property name="text">
+            <string>MAC:</string>
+           </property>
+           <property name="textFormat">
+            <enum>Qt::PlainText</enum>
+           </property>
+          </widget>
+         </item>
+         <item row="4" column="1">
+          <widget class="QLabel" name="macLabel">
+           <property name="sizePolicy">
+            <sizepolicy hsizetype="Expanding" vsizetype="Preferred">
+             <horstretch>0</horstretch>
+             <verstretch>0</verstretch>
+            </sizepolicy>
+           </property>
+           <property name="font">
+            <font>
+             <pointsize>12</pointsize>
+             <weight>75</weight>
+             <bold>true</bold>
+            </font>
+           </property>
+           <property name="statusTip">
+            <string>Your system's Ethernet MAC address.</string>
+           </property>
+           <property name="text">
+            <string>?</string>
+           </property>
+           <property name="textFormat">
+            <enum>Qt::PlainText</enum>
+           </property>
+          </widget>
+         </item>
+        </layout>
+       </widget>
+      </item>
+      <item>
+       <spacer name="verticalSpacer">
+        <property name="orientation">
+         <enum>Qt::Vertical</enum>
+        </property>
+        <property name="sizeType">
+         <enum>QSizePolicy::Expanding</enum>
+        </property>
+        <property name="sizeHint" stdset="0">
+         <size>
+          <width>20</width>
+          <height>40</height>
+         </size>
+        </property>
+       </spacer>
+      </item>
+     </layout>
+    </widget>
+   </item>
+   <item>
+    <widget class="QWidget" name="rightWidget" native="true">
+     <property name="sizePolicy">
+      <sizepolicy hsizetype="Maximum" vsizetype="Preferred">
+       <horstretch>0</horstretch>
+       <verstretch>0</verstretch>
+      </sizepolicy>
+     </property>
+     <layout class="QVBoxLayout" name="verticalLayout">
+      <property name="spacing">
+       <number>0</number>
+      </property>
+      <property name="leftMargin">
+       <number>0</number>
+      </property>
+      <property name="topMargin">
+       <number>0</number>
+      </property>
+      <property name="rightMargin">
+       <number>0</number>
+      </property>
+      <property name="bottomMargin">
+       <number>0</number>
+      </property>
+      <item>
+       <widget class="QLabel" name="label_6">
+        <property name="sizePolicy">
+         <sizepolicy hsizetype="Preferred" vsizetype="Fixed">
+          <horstretch>0</horstretch>
+          <verstretch>0</verstretch>
+         </sizepolicy>
+        </property>
+        <property name="font">
+         <font>
+          <pointsize>12</pointsize>
+          <underline>false</underline>
+         </font>
+        </property>
+        <property name="styleSheet">
+         <string notr="true">padding: 0.1em 0 0.1em 0;</string>
+        </property>
+        <property name="text">
+         <string>IP Addresses</string>
+        </property>
+        <property name="textFormat">
+         <enum>Qt::PlainText</enum>
+        </property>
+       </widget>
+      </item>
+      <item>
+       <widget class="QListWidget" name="ipListWidget">
+        <property name="sizePolicy">
+         <sizepolicy hsizetype="Expanding" vsizetype="Expanding">
+          <horstretch>0</horstretch>
+          <verstretch>0</verstretch>
+         </sizepolicy>
+        </property>
+        <property name="minimumSize">
+         <size>
+          <width>0</width>
+          <height>0</height>
+         </size>
+        </property>
+        <property name="font">
+         <font>
+          <family>Courier</family>
+          <pointsize>12</pointsize>
+         </font>
+        </property>
+        <property name="statusTip">
+         <string>IP addresses assigned to this interface; click to copy to clipboard.</string>
+        </property>
+        <property name="frameShape">
+         <enum>QFrame::NoFrame</enum>
+        </property>
+        <property name="editTriggers">
+         <set>QAbstractItemView::NoEditTriggers</set>
+        </property>
+        <property name="showDropIndicator" stdset="0">
+         <bool>false</bool>
+        </property>
+        <property name="selectionMode">
+         <enum>QAbstractItemView::SingleSelection</enum>
+        </property>
+        <property name="horizontalScrollMode">
+         <enum>QAbstractItemView::ScrollPerPixel</enum>
+        </property>
+        <property name="sortingEnabled">
+         <bool>true</bool>
+        </property>
+        <property name="class" stdset="0">
+         <string notr="true">ipAddressList</string>
+        </property>
+       </widget>
+      </item>
+      <item>
+       <widget class="QWidget" name="leaveButtonContainerWidget" native="true">
+        <layout class="QHBoxLayout" name="horizontalLayout_2">
+         <property name="spacing">
+          <number>0</number>
+         </property>
+         <property name="leftMargin">
+          <number>0</number>
+         </property>
+         <property name="topMargin">
+          <number>0</number>
+         </property>
+         <property name="rightMargin">
+          <number>0</number>
+         </property>
+         <property name="bottomMargin">
+          <number>0</number>
+         </property>
+         <item>
+          <spacer name="horizontalSpacer">
+           <property name="orientation">
+            <enum>Qt::Horizontal</enum>
+           </property>
+           <property name="sizeHint" stdset="0">
+            <size>
+             <width>40</width>
+             <height>1</height>
+            </size>
+           </property>
+          </spacer>
+         </item>
+         <item>
+          <widget class="QToolButton" name="leaveNetworkButton">
+           <property name="sizePolicy">
+            <sizepolicy hsizetype="Fixed" vsizetype="Fixed">
+             <horstretch>0</horstretch>
+             <verstretch>0</verstretch>
+            </sizepolicy>
+           </property>
+           <property name="statusTip">
+            <string>Leave this network.</string>
+           </property>
+           <property name="text">
+            <string>Leave Network</string>
+           </property>
+           <property name="class" stdset="0">
+            <string notr="true">leaveNetworkButton</string>
+           </property>
+          </widget>
+         </item>
+        </layout>
+       </widget>
+      </item>
+     </layout>
+    </widget>
+   </item>
+  </layout>
+ </widget>
+ <tabstops>
+  <tabstop>ipListWidget</tabstop>
+ </tabstops>
+ <resources/>
+ <connections/>
+</ui>

ZeroTierUI/onetimedialog.cpp

@@ -0,0 +1,37 @@
+#include "onetimedialog.h"
+#include "ui_onetimedialog.h"
+#include "main.h"
+
+OneTimeDialog::OneTimeDialog(QWidget *parent,const char *propName,const QString &title,const QString &message) :
+	QDialog(parent),
+	ui(new Ui::OneTimeDialog)
+{
+	ui->setupUi(this);
+
+	ui->label->setText(message);
+	this->setWindowTitle(title);
+	_propName = propName;
+
+#ifdef __WINDOWS__
+	QWidgetList widgets = this->findChildren<QWidget*>();
+	foreach(QWidget *widget, widgets) {
+		QFont font(widget->font());
+		font.setPointSizeF(font.pointSizeF() * 0.75);
+		widget->setFont(font);
+	}
+#endif
+}
+
+OneTimeDialog::~OneTimeDialog()
+{
+	delete ui;
+}
+
+void OneTimeDialog::on_pushButton_clicked()
+{
+	if (_propName) {
+		settings->setValue(_propName,ui->checkBox->isChecked());
+		settings->sync();
+	}
+	this->close();
+}

ZeroTierUI/onetimedialog.h

@@ -0,0 +1,26 @@
+#ifndef ONETIMEDIALOG_H
+#define ONETIMEDIALOG_H
+
+#include <QDialog>
+
+namespace Ui {
+class OneTimeDialog;
+}
+
+class OneTimeDialog : public QDialog
+{
+	Q_OBJECT
+
+public:
+	explicit OneTimeDialog(QWidget *parent = 0,const char *propName = (const char *)0,const QString &title = QString(),const QString &message = QString());
+	~OneTimeDialog();
+
+private slots:
+	void on_pushButton_clicked();
+
+private:
+	Ui::OneTimeDialog *ui;
+	const char *_propName;
+};
+
+#endif // ONETIMEDIALOG_H

ZeroTierUI/onetimedialog.ui

@@ -0,0 +1,99 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<ui version="4.0">
+ <class>OneTimeDialog</class>
+ <widget class="QDialog" name="OneTimeDialog">
+  <property name="geometry">
+   <rect>
+    <x>0</x>
+    <y>0</y>
+    <width>496</width>
+    <height>197</height>
+   </rect>
+  </property>
+  <property name="windowTitle">
+   <string>Dialog</string>
+  </property>
+  <layout class="QVBoxLayout" name="verticalLayout">
+   <property name="leftMargin">
+    <number>0</number>
+   </property>
+   <property name="topMargin">
+    <number>0</number>
+   </property>
+   <property name="rightMargin">
+    <number>0</number>
+   </property>
+   <property name="bottomMargin">
+    <number>0</number>
+   </property>
+   <item>
+    <widget class="QLabel" name="label">
+     <property name="sizePolicy">
+      <sizepolicy hsizetype="Expanding" vsizetype="Expanding">
+       <horstretch>0</horstretch>
+       <verstretch>0</verstretch>
+      </sizepolicy>
+     </property>
+     <property name="text">
+      <string/>
+     </property>
+     <property name="alignment">
+      <set>Qt::AlignLeading|Qt::AlignLeft|Qt::AlignTop</set>
+     </property>
+     <property name="wordWrap">
+      <bool>true</bool>
+     </property>
+     <property name="margin">
+      <number>12</number>
+     </property>
+     <property name="textInteractionFlags">
+      <set>Qt::NoTextInteraction</set>
+     </property>
+    </widget>
+   </item>
+   <item>
+    <widget class="QWidget" name="widget" native="true">
+     <layout class="QHBoxLayout" name="horizontalLayout">
+      <property name="leftMargin">
+       <number>12</number>
+      </property>
+      <property name="topMargin">
+       <number>0</number>
+      </property>
+      <property name="rightMargin">
+       <number>12</number>
+      </property>
+      <property name="bottomMargin">
+       <number>5</number>
+      </property>
+      <item>
+       <widget class="QCheckBox" name="checkBox">
+        <property name="sizePolicy">
+         <sizepolicy hsizetype="Expanding" vsizetype="Fixed">
+          <horstretch>0</horstretch>
+          <verstretch>0</verstretch>
+         </sizepolicy>
+        </property>
+        <property name="text">
+         <string>Don't Show This Message Again</string>
+        </property>
+        <property name="checked">
+         <bool>true</bool>
+        </property>
+       </widget>
+      </item>
+      <item>
+       <widget class="QPushButton" name="pushButton">
+        <property name="text">
+         <string>OK</string>
+        </property>
+       </widget>
+      </item>
+     </layout>
+    </widget>
+   </item>
+  </layout>
+ </widget>
+ <resources/>
+ <connections/>
+</ui>

ZeroTierUI/quickstartdialog.ui

@@ -0,0 +1,170 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<ui version="4.0">
+ <class>QuickstartDialog</class>
+ <widget class="QDialog" name="QuickstartDialog">
+  <property name="geometry">
+   <rect>
+    <x>0</x>
+    <y>0</y>
+    <width>800</width>
+    <height>480</height>
+   </rect>
+  </property>
+  <property name="windowTitle">
+   <string>Quick Start</string>
+  </property>
+  <layout class="QVBoxLayout" name="verticalLayout">
+   <property name="spacing">
+    <number>0</number>
+   </property>
+   <property name="leftMargin">
+    <number>0</number>
+   </property>
+   <property name="topMargin">
+    <number>0</number>
+   </property>
+   <property name="rightMargin">
+    <number>0</number>
+   </property>
+   <property name="bottomMargin">
+    <number>0</number>
+   </property>
+   <item>
+    <widget class="QScrollArea" name="scrollArea">
+     <property name="frameShape">
+      <enum>QFrame::NoFrame</enum>
+     </property>
+     <property name="widgetResizable">
+      <bool>true</bool>
+     </property>
+     <property name="alignment">
+      <set>Qt::AlignCenter</set>
+     </property>
+     <widget class="QWidget" name="scrollAreaWidgetContents">
+      <property name="geometry">
+       <rect>
+        <x>0</x>
+        <y>0</y>
+        <width>785</width>
+        <height>800</height>
+       </rect>
+      </property>
+      <layout class="QHBoxLayout" name="horizontalLayout_2">
+       <property name="leftMargin">
+        <number>0</number>
+       </property>
+       <property name="topMargin">
+        <number>0</number>
+       </property>
+       <property name="rightMargin">
+        <number>0</number>
+       </property>
+       <property name="bottomMargin">
+        <number>0</number>
+       </property>
+       <item>
+        <widget class="QLabel" name="label">
+         <property name="styleSheet">
+          <string notr="true">background: #000000;</string>
+         </property>
+         <property name="text">
+          <string/>
+         </property>
+         <property name="textFormat">
+          <enum>Qt::PlainText</enum>
+         </property>
+         <property name="pixmap">
+          <pixmap resource="resources.qrc">:/img/ZT1GUI.png</pixmap>
+         </property>
+         <property name="scaledContents">
+          <bool>false</bool>
+         </property>
+         <property name="alignment">
+          <set>Qt::AlignCenter</set>
+         </property>
+        </widget>
+       </item>
+      </layout>
+     </widget>
+    </widget>
+   </item>
+   <item>
+    <widget class="QWidget" name="widget" native="true">
+     <layout class="QHBoxLayout" name="horizontalLayout">
+      <property name="leftMargin">
+       <number>6</number>
+      </property>
+      <property name="topMargin">
+       <number>6</number>
+      </property>
+      <property name="rightMargin">
+       <number>6</number>
+      </property>
+      <property name="bottomMargin">
+       <number>6</number>
+      </property>
+      <item>
+       <widget class="QLabel" name="label_2">
+        <property name="font">
+         <font>
+          <pointsize>10</pointsize>
+         </font>
+        </property>
+        <property name="text">
+         <string>Select Help -&gt; Quick Start to see this screen again.</string>
+        </property>
+        <property name="textFormat">
+         <enum>Qt::PlainText</enum>
+        </property>
+        <property name="textInteractionFlags">
+         <set>Qt::NoTextInteraction</set>
+        </property>
+       </widget>
+      </item>
+      <item>
+       <spacer name="horizontalSpacer">
+        <property name="orientation">
+         <enum>Qt::Horizontal</enum>
+        </property>
+        <property name="sizeHint" stdset="0">
+         <size>
+          <width>702</width>
+          <height>20</height>
+         </size>
+        </property>
+       </spacer>
+      </item>
+      <item>
+       <widget class="QPushButton" name="okButton">
+        <property name="text">
+         <string>OK</string>
+        </property>
+       </widget>
+      </item>
+     </layout>
+    </widget>
+   </item>
+  </layout>
+ </widget>
+ <resources>
+  <include location="resources.qrc"/>
+ </resources>
+ <connections>
+  <connection>
+   <sender>okButton</sender>
+   <signal>clicked()</signal>
+   <receiver>QuickstartDialog</receiver>
+   <slot>accept()</slot>
+   <hints>
+    <hint type="sourcelabel">
+     <x>753</x>
+     <y>457</y>
+    </hint>
+    <hint type="destinationlabel">
+     <x>399</x>
+     <y>239</y>
+    </hint>
+   </hints>
+  </connection>
+ </connections>
+</ui>

ZeroTierUI/resources.qrc

@@ -0,0 +1,9 @@
+<RCC>
+    <qresource prefix="/img">
+        <file>zt1icon.png</file>
+        <file>ZT1GUI.png</file>
+    </qresource>
+    <qresource prefix="/css">
+        <file>stylesheet.css</file>
+    </qresource>
+</RCC>

ZeroTierUI/stylesheet.css

@@ -0,0 +1,106 @@
+QToolButton {
+	margin: 0;
+	padding: 2px;
+	text-align: center;
+	background: palette(button);
+	color: palette(button-text);
+	border: 1px solid transparent;
+}
+QToolButton:focus {
+	border: 1px solid #000000;
+}
+QToolButton:hover {
+	background: palette(highlight);
+				color: palette(highlight-text);
+}
+QToolButton:pressed {
+	border: 1px solid #000000;
+}
+
+QToolButton.clickToCopy {
+	padding: 0;
+	margin: 0;
+	border: 0;
+	background: transparent;
+	color: palette(link);
+}
+QToolButton.clickToCopy:focus {
+	text-decoration: underline;
+}
+QToolButton.clickToCopy:hover {
+	text-decoration: underline;
+}
+QToolButton.clickToCopy:pressed {
+	background: transparent;
+}
+
+QToolButton.leaveNetworkButton {
+	margin: 0 4px 3px 0;
+}
+
+QMainWindow {
+	background: palette(dark);
+}
+
+QListWidget {
+	background: transparent;
+	padding: 0;
+	margin: 0;
+	border: 0;
+}
+QListWidget::item {
+	background: palette(base);
+	margin: 1px 0 1px 0;
+}
+
+QListWidget.ipAddressList {
+	background: palette(button);
+	margin: 0 4px 4px 0;
+}
+QListWidget.ipAddressList::item {
+	background: transparent;
+	color: palette(link);
+	border-bottom: 1px solid transparent;
+}
+QListWidget.ipAddressList::item:selected {
+	background: transparent;
+        border-top: 0;
+        border-left: 0;
+        border-right: 0;
+	border-bottom: 1px solid transparent;
+}
+QListWidget.ipAddressList::item:hover {
+	border-bottom: 1px solid palette(link);
+}
+
+QStatusBar {
+	background: palette(button);
+}
+
+QLabel.networkName {
+	padding: 0;
+	margin: 0;
+}
+
+#networkIdButton {
+	padding: 0.2em 0 0 0;
+}
+
+#joinNetworkButton {
+	margin: 1px;
+	padding: 0;
+}
+
+#noNetworksLabel {
+	background: transparent;
+	color: #ffffff;
+}
+
+#networkListWidget {
+	background: palette(dark);
+	margin: 0 0 2px 0;
+}
+
+#bottomContainerWidget {
+	background: palette(base);
+}

attic/Filter.cpp

@@ -1,6 +1,6 @@
 /*
  * ZeroTier One - Global Peer to Peer Ethernet
- * Copyright (C) 2012-2013  ZeroTier Networks LLC
+ * Copyright (C) 2011-2014  ZeroTier Networks LLC
  *
  * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -30,6 +30,8 @@
 #include <string.h>
 #include <stdint.h>
 
+#include <algorithm>
+
 #include "RuntimeEnvironment.hpp"
 #include "Logger.hpp"
 #include "Filter.hpp"
@@ -40,6 +42,61 @@ namespace ZeroTier {
 const char *const Filter::UNKNOWN_NAME = "(unknown)";
 const Range<unsigned int> Filter::ANY;
 
+static inline Range<unsigned int> __parseRange(char *r)
+	throw(std::invalid_argument)
+{
+	char *saveptr = (char *)0;
+	unsigned int a = 0;
+	unsigned int b = 0;
+	unsigned int fn = 0;
+	for(char *f=Utils::stok(r,"-",&saveptr);(f);f=Utils::stok((char *)0,"-",&saveptr)) {
+		if (*f) {
+			switch(fn++) {
+				case 0:
+					if (*f != '*')
+						a = b = (unsigned int)strtoul(f,(char **)0,10);
+					break;
+				case 1:
+					if (*f != '*')
+						b = (unsigned int)strtoul(f,(char **)0,10);
+					break;
+				default:
+					throw std::invalid_argument("rule range must be <int>, <int>-<int>, or *");
+			}
+		}
+	}
+	return Range<unsigned int>(a,b);
+}
+
+Filter::Rule::Rule(const char *s)
+	throw(std::invalid_argument)
+{
+	char *saveptr = (char *)0;
+	char tmp[256];
+	if (!Utils::scopy(tmp,sizeof(tmp),s))
+		throw std::invalid_argument("rule string too long");
+	unsigned int fn = 0;
+	for(char *f=Utils::stok(tmp,";",&saveptr);(f);f=Utils::stok((char *)0,";",&saveptr)) {
+		if (*f) {
+			switch(fn++) {
+				case 0:
+					_etherType = __parseRange(f);
+					break;
+				case 1:
+					_protocol = __parseRange(f);
+					break;
+				case 2:
+					_port = __parseRange(f);
+					break;
+				default:
+					throw std::invalid_argument("rule string has unknown extra fields");
+			}
+		}
+	}
+	if (fn != 3)
+		throw std::invalid_argument("rule string must contain 3 fields");
+}
+
 bool Filter::Rule::operator()(unsigned int etype,const void *data,unsigned int len) const
 	throw(std::invalid_argument)
 {
@@ -129,7 +186,7 @@ bool Filter::Rule::operator()(unsigned int etype,const void *data,unsigned int l
 								break;
 							default: {
 								char foo[128];
-								sprintf(foo,"unrecognized IPv6 header type %d",(int)nextHeader);
+								Utils::snprintf(foo,sizeof(foo),"unrecognized IPv6 header type %d",(int)nextHeader);
 								throw std::invalid_argument(foo);
 							}
 						}
@@ -158,39 +215,39 @@ std::string Filter::Rule::toString() const
 			s.push_back('*');
 			break;
 		case 1:
-			sprintf(buf,"%u",_etherType.start);
+			Utils::snprintf(buf,sizeof(buf),"%u",_etherType.start);
 			s.append(buf);
 			break;
 		default:
-			sprintf(buf,"%u-%u",_etherType.start,_etherType.end);
+			Utils::snprintf(buf,sizeof(buf),"%u-%u",_etherType.start,_etherType.end);
 			s.append(buf);
 			break;
 	}
-	s.push_back('/');
+	s.push_back(';');
 	switch(_protocol.magnitude()) {
 		case 0:
 			s.push_back('*');
 			break;
 		case 1:
-			sprintf(buf,"%u",_protocol.start);
+			Utils::snprintf(buf,sizeof(buf),"%u",_protocol.start);
 			s.append(buf);
 			break;
 		default:
-			sprintf(buf,"%u-%u",_protocol.start,_protocol.end);
+			Utils::snprintf(buf,sizeof(buf),"%u-%u",_protocol.start,_protocol.end);
 			s.append(buf);
 			break;
 	}
-	s.push_back('/');
+	s.push_back(';');
 	switch(_port.magnitude()) {
 		case 0:
 			s.push_back('*');
 			break;
 		case 1:
-			sprintf(buf,"%u",_port.start);
+			Utils::snprintf(buf,sizeof(buf),"%u",_port.start);
 			s.append(buf);
 			break;
 		default:
-			sprintf(buf,"%u-%u",_port.start,_port.end);
+			Utils::snprintf(buf,sizeof(buf),"%u-%u",_port.start,_port.end);
 			s.append(buf);
 			break;
 	}
@@ -198,37 +255,50 @@ std::string Filter::Rule::toString() const
 	return s;
 }
 
-void Filter::add(const Rule &r,const Action &a)
+Filter::Filter(const char *s)
+	throw(std::invalid_argument)
 {
-	Mutex::Lock _l(_chain_m);
-	for(std::vector<Entry>::iterator i(_chain.begin());i!=_chain.end();++i) {
-		if (i->rule == r) {
-			_chain.erase(i);
-			break;
+	char tmp[16384];
+	if (!Utils::scopy(tmp,sizeof(tmp),s))
+		throw std::invalid_argument("filter string too long");
+	char *saveptr = (char *)0;
+	unsigned int fn = 0;
+	for(char *f=Utils::stok(tmp,",",&saveptr);(f);f=Utils::stok((char *)0,",",&saveptr)) {
+		try {
+			_rules.push_back(Rule(f));
+			++fn;
+		} catch (std::invalid_argument &exc) {
+			char tmp[256];
+			Utils::snprintf(tmp,sizeof(tmp),"invalid rule at index %u: %s",fn,exc.what());
+			throw std::invalid_argument(tmp);
 		}
 	}
-	_chain.push_back(Entry(r,a));
+	std::sort(_rules.begin(),_rules.end());
 }
 
-std::string Filter::toString(const char *sep) const
+std::string Filter::toString() const
 {
-	if (!sep)
-		sep = ",";
-
 	std::string s;
 
-	bool first = true;
-	Mutex::Lock _l(_chain_m);
-	for(std::vector<Entry>::const_iterator i(_chain.begin());i!=_chain.end();++i) {
-		s.append(i->rule.toString());
-		if (first)
-			first = false;
-		else s.append(sep);
+	for(std::vector<Rule>::const_iterator r(_rules.begin());r!=_rules.end();++r) {
+		if (s.length() > 0)
+			s.push_back(',');
+		s.append(r->toString());
 	}
 
 	return s;
 }
 
+void Filter::add(const Rule &r)
+{
+	for(std::vector<Rule>::iterator rr(_rules.begin());rr!=_rules.end();++rr) {
+		if (r == *rr)
+			return;
+	}
+	_rules.push_back(r);
+	std::sort(_rules.begin(),_rules.end());
+}
+
 const char *Filter::etherTypeName(const unsigned int etherType)
 	throw()
 {
@@ -335,38 +405,4 @@ const char *Filter::icmp6TypeName(const unsigned int icmp6Type)
 	return UNKNOWN_NAME;
 }
 
-Filter::Action Filter::operator()(const RuntimeEnvironment *_r,unsigned int etherType,const void *frame,unsigned int len) const
-{
-	Mutex::Lock _l(_chain_m);
-
-	TRACE("starting match against %d rules",(int)_chain.size());
-
-	int ruleNo = 0;
-	for(std::vector<Entry>::const_iterator r(_chain.begin());r!=_chain.end();++r,++ruleNo) {
-		try {
-			if (r->rule(etherType,frame,len)) {
-				TRACE("match: %s",r->rule.toString().c_str());
-
-				switch(r->action) {
-					case ACTION_ALLOW:
-					case ACTION_DENY:
-						return r->action;
-					default:
-						break;
-				}
-			} else {
-				TRACE("no match: %s",r->rule.toString().c_str());
-			}
-		} catch (std::invalid_argument &exc) {
-			LOG("filter: unable to parse packet on rule %s (%d): %s",r->rule.toString().c_str(),ruleNo,exc.what());
-			return ACTION_UNPARSEABLE;
-		} catch ( ... ) {
-			LOG("filter: unable to parse packet on rule %s (%d): unknown exception",r->rule.toString().c_str(),ruleNo);
-			return ACTION_UNPARSEABLE;
-		}
-	}
-
-	return ACTION_ALLOW;
-}
-
 } // namespace ZeroTier

attic/Filter.hpp

@@ -1,6 +1,6 @@
 /*
  * ZeroTier One - Global Peer to Peer Ethernet
- * Copyright (C) 2012-2013  ZeroTier Networks LLC
+ * Copyright (C) 2011-2014  ZeroTier Networks LLC
  *
  * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -29,13 +29,14 @@
 #define _ZT_FILTER_HPP
 
 #include <stdio.h>
+#include <stdlib.h>
 #include <string.h>
+
 #include <string>
 #include <vector>
 #include <utility>
 #include <stdexcept>
 
-#include "Mutex.hpp"
 #include "Range.hpp"
 
 /* Ethernet frame types that might be relevant to us */
@@ -125,7 +126,11 @@ namespace ZeroTier {
 class RuntimeEnvironment;
 
 /**
- * A simple Ethernet frame level filter supporting basic IP port DENY
+ * A simple Ethernet frame level filter
+ *
+ * This doesn't specify actions, since it's used as a deny filter. The rule
+ * in ZT1 is "that which is not explicitly prohibited is allowed." (Except for
+ * ethertypes, which are handled by a whitelist.)
  */
 class Filter
 {
@@ -145,8 +150,6 @@ public:
 
 	/**
 	 * A filter rule
-	 *
-	 * This behaves as an immutable value object.
 	 */
 	class Rule
 	{
@@ -159,6 +162,15 @@ public:
 		{
 		}
 
+		/**
+		 * Construct a rule from a string-serialized value
+		 *
+		 * @param s String formatted rule, such as returned by toString()
+		 * @throws std::invalid_argument String formatted rule is not valid
+		 */
+		Rule(const char *s)
+			throw(std::invalid_argument);
+
 		/**
 		 * Construct a new rule
 		 *
@@ -191,6 +203,8 @@ public:
 			throw(std::invalid_argument);
 
 		/**
+		 * Serialize rule as string
+		 *
 		 * @return Human readable representation of rule
 		 */
 		std::string toString() const;
@@ -222,105 +236,36 @@ public:
 		Range<unsigned int> _port;
 	};
 
-	/**
-	 * Action if a rule matches
-	 */
-	enum Action
-	{
-		ACTION_DENY = 0,
-		ACTION_ALLOW = 1,
-		ACTION_UNPARSEABLE = 2
-	};
+	Filter() {}
 
 	/**
-	 * Entry in filter chain
+	 * @param s String-serialized filter representation
 	 */
-	struct Entry
+	Filter(const char *s)
+		throw(std::invalid_argument);
+
+	/**
+	 * @return Comma-delimited list of string-format rules
+	 */
+	std::string toString() const;
+
+	/**
+	 * Add a rule to this filter
+	 *
+	 * @param r Rule to add to filter
+	 */
+	void add(const Rule &r);
+
+	inline bool operator()(unsigned int etype,const void *data,unsigned int len) const
+		throw(std::invalid_argument)
 	{
-		Entry() {}
-		Entry(const Rule &r,const Action &a) :
-			rule(r),
-			action(a)
-		{
+		for(std::vector<Rule>::const_iterator r(_rules.begin());r!=_rules.end();++r) {
+			if ((*r)(etype,data,len))
+				return true;
 		}
-
-		Rule rule;
-		Action action;
-	};
-
-	Filter() :
-		_chain(),
-		_chain_m()
-	{
+		return false;
 	}
 
-	Filter(const Filter &f) :
-		_chain(),
-		_chain_m()
-	{
-		Mutex::Lock _l(f._chain_m);
-		_chain = f._chain;
-	}
-
-	inline Filter &operator=(const Filter &f)
-	{
-		Mutex::Lock _l1(_chain_m);
-		Mutex::Lock _l2(f._chain_m);
-		_chain = f._chain;
-		return *this;
-	}
-
-	/**
-	 * Remove all filter entries
-	 */
-	inline void clear()
-	{
-		Mutex::Lock _l(_chain_m);
-		_chain.clear();
-	}
-
-	/**
-	 * Append a rule/action pair to this chain
-	 *
-	 * If an identical rule already exists it is removed and a new entry is
-	 * added to the end with the new action. (Two identical rules with the
-	 * same action wouldn't make sense.)
-	 *
-	 * @param r Rule to add
-	 * @param a Action if rule matches
-	 */
-	void add(const Rule &r,const Action &a);
-
-	/**
-	 * @return Number of rules in filter chain
-	 */
-	inline unsigned int length() const
-		throw()
-	{
-		Mutex::Lock _l(_chain_m);
-		return _chain.size();
-	}
-
-	/**
-	 * @return Entry in filter chain or null entry if out of bounds
-	 */
-	inline Entry operator[](const unsigned int i) const
-		throw()
-	{
-		Mutex::Lock _l(_chain_m);
-		if (i < _chain.size())
-			return _chain[i];
-		return Entry();
-	}
-
-	/**
-	 * Get a string representation of this filter
-	 *
-	 * @param sep Separator between filter rules, or NULL for comma (default)
-	 * @return Human-readable string
-	 */
-	std::string toString(const char *sep = (const char *)0) const;
-
 	static const char *etherTypeName(const unsigned int etherType)
 		throw();
 	static const char *ipProtocolName(const unsigned int ipp)
@@ -330,20 +275,8 @@ public:
 	static const char *icmp6TypeName(const unsigned int icmp6Type)
 		throw();
 
-	/**
-	 * Match against an Ethernet frame
-	 *
-	 * @param _r Runtime environment
-	 * @param etherType Ethernet frame type
-	 * @param frame Ethernet frame data
-	 * @param len Length of frame in bytes
-	 * @return Action if matched or ACTION_ALLOW if not matched
-	 */
-	Action operator()(const RuntimeEnvironment *_r,unsigned int etherType,const void *frame,unsigned int len) const;
-
 private:
-	std::vector<Entry> _chain;
-	Mutex _chain_m;
+	std::vector<Rule> _rules;
 };
 
 } // namespace ZeroTier

attic/README.md

@@ -0,0 +1,4 @@
+Retired Code and Miscellaneous Junk
+======
+
+This directory is for old code that isn't used but we don't want to lose track of, and for anything else random like debug scripts.

attic/decrypt

@@ -0,0 +1,32 @@
+#!/bin/bash
+
+export PATH=/bin:/usr/bin
+
+if [ ! -e /usr/bin/openssl ]; then
+	echo $0: requires /usr/bin/openssl, please install openssl tools
+	exit 1
+fi
+
+if [ "$#" -lt 1 ]; then
+	echo $0: Usage: $0 '<input>' '[output]'
+	exit 1
+fi
+
+if [ ! -r "$1" ]; then
+	echo $0: $1 does not exist or is not readable.
+	exit 1
+fi
+
+outpath=`echo "$1" | sed 's/[.]aes$//'`
+if [ "$#" -ge 2 ]; then
+	outpath="$2"
+fi
+
+if [ -f "$outpath" ]; then
+	echo $0: $outpath already exists, delete or rename first.
+	exit 1
+fi
+
+openssl aes-256-cbc -d -salt -in "$1" -out "$outpath"
+
+echo $0: wrote "$outpath"

attic/encrypt

@@ -0,0 +1,32 @@
+#!/bin/bash
+
+export PATH=/bin:/usr/bin
+
+if [ ! -e /usr/bin/openssl ]; then
+	echo $0: requires /usr/bin/openssl, please install openssl tools
+	exit 1
+fi
+
+if [ "$#" -lt 1 ]; then
+	echo $0: Usage: $0 '<input>' '[output]'
+	exit 1
+fi
+
+if [ ! -r "$1" ]; then
+	echo $0: $1 does not exist or is not readable.
+	exit 1
+fi
+
+outpath="$1.aes"
+if [ "$#" -ge 2 ]; then
+	outpath="$2"
+fi
+
+if [ -f "$outpath" ]; then
+	echo $0: $outpath already exists, delete or rename first.
+	exit 1
+fi
+
+openssl aes-256-cbc -salt -in "$1" -out "$outpath"
+
+echo $0: wrote "$outpath"

buildinstaller.sh

@@ -0,0 +1,99 @@
+#!/bin/bash
+
+# This script builds the installer for *nix systems. Windows must do everything
+# completely differently, as usual.
+
+export PATH=/bin:/usr/bin:/sbin:/usr/sbin
+
+if [ ! -f zerotier-one ]; then
+	echo "Could not find 'zerotier-one' binary, please build before running this script."
+	exit 2
+fi
+
+machine=`uname -m`
+system=`uname -s`
+
+vmajor=`cat version.h | grep -F ZEROTIER_ONE_VERSION_MAJOR | cut -d ' ' -f 3`
+vminor=`cat version.h | grep -F ZEROTIER_ONE_VERSION_MINOR | cut -d ' ' -f 3`
+revision=`cat version.h | grep -F ZEROTIER_ONE_VERSION_REVISION | cut -d ' ' -f 3`
+
+if [ -z "$vmajor" -o -z "$vminor" -o -z "$revision" ]; then
+	echo "Unable to extract version info from version.h, aborting installer build."
+	exit 2
+fi
+
+rm -rf build-installer
+mkdir build-installer
+
+case "$system" in
+
+	Linux)
+		# Canonicalize $machine for some architectures... we use x86
+		# and x64 for Intel stuff. ARM and others should be fine if
+		# we ever ship officially for those.
+		case "$machine" in
+			i386|i486|i586|i686)
+				machine="x86"
+				;;
+			x86_64|amd64|x64)
+				machine="x64"
+				;;
+		esac
+
+		echo "Assembling Linux installer for $machine and version $vmajor.$vminor.$revision"
+
+		mkdir -p 'build-installer/var/lib/zerotier-one'
+		cp -fp 'ext/installfiles/linux/uninstall.sh' 'build-installer/var/lib/zerotier-one'
+		cp -fp 'zerotier-one' 'build-installer/var/lib/zerotier-one'
+		mkdir -p 'build-installer/tmp'
+		cp -fp 'ext/installfiles/linux/init.d/zerotier-one' 'build-installer/tmp/init.d_zerotier-one'
+		cp -fp 'ext/installfiles/linux/systemd/zerotier-one.service' 'build-installer/tmp/systemd_zerotier-one.service'
+
+		targ="ZeroTierOneInstaller-linux-${machine}-${vmajor}_${vminor}_${revision}"
+		# Use gzip in Linux since some minimal Linux systems do not have bunzip2
+		rm -f build-installer-tmp.tar.gz
+		cd build-installer
+		tar -cf - * | gzip -9 >../build-installer-tmp.tar.gz
+		cd ..
+		rm -f $targ
+		cat ext/installfiles/linux/install.tmpl.sh build-installer-tmp.tar.gz >$targ
+		chmod 0755 $targ
+		rm -f build-installer-tmp.tar.gz
+		ls -l $targ
+
+		;;
+
+	Darwin)
+		echo "Assembling mac installer for x86/x64 (combined) version $vmajor.$vminor.$revision"
+
+		mkdir -p 'build-installer/Applications'
+		cp -a 'build-ZeroTierUI-release/ZeroTier One.app' 'build-installer/Applications'
+		mkdir -p 'build-installer/Library/Application Support/ZeroTier/One'
+		cp -fp 'ext/installfiles/mac/uninstall.sh' 'build-installer/Library/Application Support/ZeroTier/One'
+		cp -fp 'ext/installfiles/mac/launch.sh' 'build-installer/Library/Application Support/ZeroTier/One'
+		cp -fp 'zerotier-one' 'build-installer/Library/Application Support/ZeroTier/One'
+		cp -fRp ext/bin/tap-mac/* 'build-installer/Library/Application Support/ZeroTier/One'
+		mkdir -p 'build-installer/Library/LaunchDaemons'
+		cp -fp 'ext/installfiles/mac/com.zerotier.one.plist' 'build-installer/Library/LaunchDaemons'
+
+		targ="ZeroTierOneInstaller-mac-combined-${vmajor}_${vminor}_${revision}"
+		rm -f build-installer-tmp.tar.bz2
+		cd build-installer
+		find . -type f -name .DS_Store -print0 | xargs -0 rm -f
+		tar -cf - * | bzip2 -9 >../build-installer-tmp.tar.bz2
+		cd ..
+		rm -f $targ
+		cat ext/installfiles/mac/install.tmpl.sh build-installer-tmp.tar.bz2 >$targ
+		chmod 0755 $targ
+		rm -f build-installer-tmp.tar.bz2
+		ls -l $targ
+
+		;;
+
+	*)
+		echo "Unsupported platform: $system"
+		exit 2
+
+esac
+
+exit 0

cli.cpp

@@ -1,143 +0,0 @@
-/*
- * ZeroTier One - Global Peer to Peer Ethernet
- * Copyright (C) 2012-2013  ZeroTier Networks LLC
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- *
- * --
- *
- * ZeroTier may be used and distributed under the terms of the GPLv3, which
- * are available at: http://www.gnu.org/licenses/gpl-3.0.html
- *
- * If you would like to embed ZeroTier into a commercial application or
- * redistribute it in a modified binary form, please contact ZeroTier Networks
- * LLC. Start here: http://www.zerotier.com/
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#ifndef __WINDOWS__
-#include <unistd.h>
-#endif
-
-#include "node/Node.hpp"
-#include "node/Constants.hpp"
-#include "node/Utils.hpp"
-#include "node/Thread.hpp"
-#include "node/Condition.hpp"
-
-using namespace ZeroTier;
-
-static void printHelp(FILE *out,const char *exename)
-{
-	fprintf(out,"Usage: %s [-switches] <command>"ZT_EOL_S,exename);
-	fprintf(out,ZT_EOL_S);
-	fprintf(out,"Switches:"ZT_EOL_S);
-	fprintf(out,"  -t<token>        - Specify token on command line"ZT_EOL_S);
-	fprintf(out,"  -T<file>         - Read token from file"ZT_EOL_S);
-	fprintf(out,ZT_EOL_S);
-	fprintf(out,"Use the 'help' command to get help from ZeroTier One itself."ZT_EOL_S);
-}
-
-static volatile unsigned int numResults = 0;
-static Condition doneCondition;
-
-static void resultHandler(void *arg,unsigned long id,const char *line)
-{
-	++numResults;
-	if (strlen(line))
-		fprintf(stdout,"%s"ZT_EOL_S,line);
-	else doneCondition.signal();
-}
-
-int main(int argc,char **argv)
-{
-	if (argc <= 1) {
-		printHelp(stdout,argv[0]);
-		return -1;
-	}
-
-	std::string authToken;
-	std::string command;
-	bool pastSwitches = false;
-	for(int i=1;i<argc;++i) {
-		if ((argv[i][0] == '-')&&(!pastSwitches)) {
-			if (strlen(argv[i]) <= 1) {
-				printHelp(stdout,argv[0]);
-				return -1;
-			}
-			switch(argv[i][1]) {
-				case 't':
-					authToken.assign(argv[i] + 2);
-					break;
-				case 'T':
-					if (!Utils::readFile(argv[i] + 2,authToken)) {
-						fprintf(stdout,"FATAL ERROR: unable to read token from '%s'"ZT_EOL_S,argv[i] + 2);
-						return -2;
-					}
-					break;
-				default:
-					return -1;
-			}
-		} else {
-			pastSwitches = true;
-			if (command.length())
-				command.push_back(' ');
-			command.append(argv[i]);
-		}
-	}
-
-	if (!authToken.length()) {
-		const char *home = getenv("HOME");
-		if (home) {
-			std::string dotZeroTierAuthToken(home);
-			dotZeroTierAuthToken.push_back(ZT_PATH_SEPARATOR);
-			dotZeroTierAuthToken.append(".zerotierOneAuthToken");
-			if (!Utils::readFile(dotZeroTierAuthToken.c_str(),authToken)) {
-#ifndef __WINDOWS__
-#ifdef __APPLE__
-				const char *systemAuthTokenPath = "/Library/Application Support/ZeroTier/One/authtoken.secret";
-#else
-				const char *systemAuthTokenPath = "/var/lib/zerotier-one/authtoken.secret";
-#endif
-				if (!Utils::readFile(systemAuthTokenPath,authToken)) {
-					fprintf(stdout,"FATAL ERROR: no token specified on command line and could not read '%s' or '%s'"ZT_EOL_S,dotZeroTierAuthToken.c_str(),systemAuthTokenPath);
-					return -2;
-				}
-#else // __WINDOWS__
-				fprintf(stdout,"FATAL ERROR: no token specified on command line and could not read '%s'"ZT_EOL_S,dotZeroTierAuthToken.c_str());
-				return -2;
-#endif // __WINDOWS__
-			}
-		}
-	}
-	if (!authToken.length()) {
-		fprintf(stdout,"FATAL ERROR: could not find auth token"ZT_EOL_S);
-		return -2;
-	}
-
-	Node::LocalClient client(authToken.c_str(),&resultHandler,(void *)0);
-	client.send(command.c_str());
-
-	doneCondition.wait(1000);
-
-	if (!numResults) {
-		fprintf(stdout,"ERROR: no results received. Is ZeroTier One running?"ZT_EOL_S);
-		return -1;
-	}
-
-	return 0;
-}

control/IpcConnection.cpp

@@ -0,0 +1,281 @@
+/*
+ * ZeroTier One - Global Peer to Peer Ethernet
+ * Copyright (C) 2011-2014  ZeroTier Networks LLC
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * --
+ *
+ * ZeroTier may be used and distributed under the terms of the GPLv3, which
+ * are available at: http://www.gnu.org/licenses/gpl-3.0.html
+ *
+ * If you would like to embed ZeroTier into a commercial application or
+ * redistribute it in a modified binary form, please contact ZeroTier Networks
+ * LLC. Start here: http://www.zerotier.com/
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include <stdarg.h>
+
+#include <stdexcept>
+
+#include "IpcConnection.hpp"
+
+#ifndef __WINDOWS__
+#include <unistd.h>
+#include <sys/ioctl.h>
+#include <sys/socket.h>
+#include <sys/un.h>
+#include <sys/socket.h>
+#include <sys/select.h>
+#endif
+
+namespace ZeroTier {
+
+IpcConnection::IpcConnection(const char *endpoint,unsigned int timeout,void (*commandHandler)(void *,IpcConnection *,IpcConnection::EventType,const char *),void *arg) :
+	_handler(commandHandler),
+	_arg(arg),
+	_timeout(timeout),
+#ifdef __WINDOWS__
+	_sock(INVALID_HANDLE_VALUE),
+	_incoming(false),
+#else
+	_sock(-1),
+#endif
+	_run(true),
+	_running(true)
+{
+#ifdef __WINDOWS__
+	_sock = CreateFileA(endpoint,GENERIC_READ|GENERIC_WRITE,FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE,NULL,OPEN_EXISTING,0,NULL);
+	if (_sock == INVALID_HANDLE_VALUE)
+		throw std::runtime_error("IPC endpoint unreachable");
+	DWORD pipeMode = PIPE_READMODE_BYTE;
+	SetNamedPipeHandleState(_sock,&pipeMode,NULL,NULL);
+#else
+	struct sockaddr_un unaddr;
+	unaddr.sun_family = AF_UNIX;
+	strncpy(unaddr.sun_path,endpoint,sizeof(unaddr.sun_path));
+	unaddr.sun_path[sizeof(unaddr.sun_path) - 1] = (char)0;
+
+	_sock = socket(AF_UNIX,SOCK_STREAM,0);
+	if (_sock <= 0)
+		throw std::runtime_error("unable to create socket of type AF_UNIX");
+
+	if (connect(_sock,(struct sockaddr *)&unaddr,sizeof(unaddr))) {
+		::close(_sock);
+		throw std::runtime_error("IPC endpoint unreachable");
+	}
+#endif
+
+	_thread = Thread::start(this);
+}
+
+#ifdef __WINDOWS__
+IpcConnection::IpcConnection(HANDLE s,unsigned int timeout,void (*commandHandler)(void *,IpcConnection *,IpcConnection::EventType,const char *),void *arg) :
+#else
+IpcConnection::IpcConnection(int s,unsigned int timeout,void (*commandHandler)(void *,IpcConnection *,IpcConnection::EventType,const char *),void *arg) :
+#endif
+	_handler(commandHandler),
+	_arg(arg),
+	_timeout(timeout),
+	_sock(s),
+#ifdef __WINDOWS__
+	_incoming(true),
+#endif
+	_run(true),
+	_running(true)
+{
+	_thread = Thread::start(this);
+}
+
+IpcConnection::~IpcConnection()
+{
+	_writeLock.lock();
+	_run = false;
+	_writeLock.unlock();
+
+#ifdef __WINDOWS__
+
+	while (_running) {
+		Thread::cancelIO(_thread); // cause Windows to break from blocking read and detect shutdown
+		Sleep(100);
+	}
+
+#else // !__WINDOWS__
+
+	int s = _sock;
+	_sock = 0;
+	if (s > 0) {
+		::shutdown(s,SHUT_RDWR);
+		::close(s);
+	}
+	Thread::join(_thread);
+
+#endif // __WINDOWS__ / !__WINDOWS__
+}
+
+void IpcConnection::printf(const char *format,...)
+{
+	va_list ap;
+	int n;
+	char tmp[65536];
+
+	va_start(ap,format);
+	n = (int)::vsnprintf(tmp,sizeof(tmp),format,ap);
+	va_end(ap);
+	if (n <= 0)
+		return;
+
+	Mutex::Lock _l(_writeLock);
+
+#ifdef __WINDOWS__
+	_writeBuf.append(tmp,n);
+	Thread::cancelIO(_thread); // cause Windows to break from blocking read and service write buffer
+#else
+	if (_sock > 0)
+		::write(_sock,tmp,n);
+#endif
+}
+
+void IpcConnection::threadMain()
+	throw()
+{
+	char tmp[16384];
+	char linebuf[16384];
+	unsigned int lineptr = 0;
+	char c;
+
+#ifdef __WINDOWS__
+
+	DWORD n,i;
+	std::string wbuf;
+
+#else // !__WINDOWS__
+
+	int s,n,i;
+	fd_set readfds,writefds,errorfds;
+	struct timeval tout;
+
+#ifdef SO_NOSIGPIPE
+	if (_sock > 0) {
+		i = 1;
+		::setsockopt(_sock,SOL_SOCKET,SO_NOSIGPIPE,(char *)&i,sizeof(i));
+	}
+#endif // SO_NOSIGPIPE
+
+#endif // __WINDOWS__ / !__WINDOWS__
+
+	while (_run) {
+
+#ifdef __WINDOWS__
+
+		/* Note that we do not use fucking timeouts in Windows, since it does seem
+		 * to properly detect named pipe endpoint close. But we do use a write buffer
+		 * because Windows won't let you divorce reading and writing threads without
+		 * all that OVERLAPPED cruft. */
+		{
+			Mutex::Lock _l(_writeLock);
+			if (!_run)
+				break;
+			if (_writeBuf.length() > 0) {
+				wbuf.append(_writeBuf);
+				_writeBuf.clear();
+			}
+		}
+		if (wbuf.length() > 0) {
+			n = 0;
+			if ((WriteFile(_sock,wbuf.data(),(DWORD)(wbuf.length()),&n,NULL))&&(n > 0)) {
+				if (n < (DWORD)wbuf.length())
+					wbuf.erase(0,n);
+				else wbuf.clear();
+			} else if (GetLastError() != ERROR_OPERATION_ABORTED)
+				break;
+			FlushFileBuffers(_sock);
+		}
+		if (!_run)
+			break;
+		n = 0;
+		if ((!ReadFile(_sock,tmp,sizeof(tmp),&n,NULL))||(n <= 0)) {
+			if (GetLastError() == ERROR_OPERATION_ABORTED)
+				n = 0;
+			else break;
+		}
+		if (!_run)
+			break;
+
+#else // !__WINDOWS__
+
+		/* So today I learned that there is no reliable way to detect a half-closed
+		 * Unix domain socket. So to make sure we don't leave orphaned sockets around
+		 * we just use fucking timeouts. If a socket fucking times out, we break from
+		 * the I/O loop and terminate the thread. But this IpcConnection code is ugly
+		 * so maybe the OS is simply offended by it and refuses to reveal its mysteries
+		 * to me. Oh well... this IPC code will probably get canned when we go to
+		 * local HTTP RESTful interfaces or soemthing like that. */
+		if ((s = _sock) <= 0)
+			break;
+		FD_ZERO(&readfds);
+		FD_ZERO(&writefds);
+		FD_ZERO(&errorfds);
+		FD_SET(s,&readfds);
+		FD_SET(s,&errorfds);
+		tout.tv_sec = _timeout; // use a fucking timeout
+		tout.tv_usec = 0;
+		if (select(s+1,&readfds,&writefds,&errorfds,&tout) <= 0) {
+			break; // socket has fucking timed out
+		} else {
+			if (FD_ISSET(s,&errorfds))
+				break; // socket has an exception... sometimes works
+			else {
+				n = (int)::read(s,tmp,sizeof(tmp));
+				if ((n <= 0)||(_sock <= 0))
+					break; // read returned error... sometimes works
+			}
+		}
+
+#endif // __WINDOWS__ / !__WINDOWS__
+
+		for(i=0;i<n;++i) {
+			c = (linebuf[lineptr] = tmp[i]);
+			if ((c == '\r')||(c == '\n')||(c == (char)0)||(lineptr == (sizeof(linebuf) - 1))) {
+				if (lineptr) {
+					linebuf[lineptr] = (char)0;
+					_handler(_arg,this,IPC_EVENT_COMMAND,linebuf);
+					lineptr = 0;
+				}
+			} else ++lineptr;
+		}
+	}
+
+	_writeLock.lock();
+	bool r = _run;
+	_writeLock.unlock();
+
+#ifdef __WINDOWS__
+
+	if (_incoming)
+		DisconnectNamedPipe(_sock);
+	CloseHandle(_sock);
+	_running = false;
+
+#endif // __WINDOWS__
+
+	if (r)
+		_handler(_arg,this,IPC_EVENT_CONNECTION_CLOSED,(const char *)0);
+}
+
+} // namespace ZeroTier

control/IpcConnection.hpp

@@ -0,0 +1,107 @@
+/*
+ * ZeroTier One - Global Peer to Peer Ethernet
+ * Copyright (C) 2011-2014  ZeroTier Networks LLC
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * --
+ *
+ * ZeroTier may be used and distributed under the terms of the GPLv3, which
+ * are available at: http://www.gnu.org/licenses/gpl-3.0.html
+ *
+ * If you would like to embed ZeroTier into a commercial application or
+ * redistribute it in a modified binary form, please contact ZeroTier Networks
+ * LLC. Start here: http://www.zerotier.com/
+ */
+
+#ifndef ZT_IPCCONNECTION_HPP
+#define ZT_IPCCONNECTION_HPP
+
+#include "../node/Constants.hpp"
+#include "../node/Thread.hpp"
+#include "../node/NonCopyable.hpp"
+#include "../node/Mutex.hpp"
+
+#ifdef __WINDOWS__
+#include <WinSock2.h>
+#include <Windows.h>
+#endif
+
+namespace ZeroTier {
+
+class IpcListener;
+
+/**
+ * Interprocess communication connection
+ */
+class IpcConnection : NonCopyable
+{
+	friend class IpcListener;
+
+public:
+	enum EventType
+	{
+		IPC_EVENT_COMMAND,
+		IPC_EVENT_NEW_CONNECTION,
+		IPC_EVENT_CONNECTION_CLOSED
+	};
+
+	/**
+	 * Connect to an IPC endpoint
+	 *
+	 * @param endpoint Endpoint path
+	 * @param timeout Inactivity timeout in seconds
+	 * @param commandHandler Command handler function
+	 * @param arg First argument to command handler
+	 * @throws std::runtime_error Unable to connect
+	 */
+	IpcConnection(const char *endpoint,unsigned int timeout,void (*commandHandler)(void *,IpcConnection *,IpcConnection::EventType,const char *),void *arg);
+	~IpcConnection();
+
+	/**
+	 * @param format Printf format string
+	 * @param ... Printf arguments
+	 */
+	void printf(const char *format,...);
+
+	void threadMain()
+		throw();
+
+private:
+	// Used by IpcListener to construct incoming connections
+#ifdef __WINDOWS__
+	IpcConnection(HANDLE s,unsigned int timeout,void (*commandHandler)(void *,IpcConnection *,IpcConnection::EventType,const char *),void *arg);
+#else
+	IpcConnection(int s,unsigned int timeout,void (*commandHandler)(void *,IpcConnection *,IpcConnection::EventType,const char *),void *arg);
+#endif
+
+	void (*_handler)(void *,IpcConnection *,IpcConnection::EventType,const char *);
+	void *_arg;
+	unsigned int _timeout;
+#ifdef __WINDOWS__
+	HANDLE _sock;
+	std::string _writeBuf;
+	bool _incoming;
+#else
+	volatile int _sock;
+#endif
+	Mutex _writeLock;
+	Thread _thread;
+	volatile bool _run;
+	volatile bool _running;
+};
+
+} // namespace ZeroTier
+
+#endif

control/IpcListener.cpp

@@ -0,0 +1,165 @@
+/*
+ * ZeroTier One - Global Peer to Peer Ethernet
+ * Copyright (C) 2011-2014	ZeroTier Networks LLC
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.	See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.	If not, see <http://www.gnu.org/licenses/>.
+ *
+ * --
+ *
+ * ZeroTier may be used and distributed under the terms of the GPLv3, which
+ * are available at: http://www.gnu.org/licenses/gpl-3.0.html
+ *
+ * If you would like to embed ZeroTier into a commercial application or
+ * redistribute it in a modified binary form, please contact ZeroTier Networks
+ * LLC. Start here: http://www.zerotier.com/
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+
+#include "IpcListener.hpp"
+
+#ifndef __WINDOWS__
+#include <sys/socket.h>
+#include <sys/un.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <unistd.h>
+#endif
+
+namespace ZeroTier {
+
+IpcListener::IpcListener(const char *ep,unsigned int timeout,void (*commandHandler)(void *,IpcConnection *,IpcConnection::EventType,const char *),void *arg) :
+	_endpoint(ep),
+	_handler(commandHandler),
+	_arg(arg),
+	_timeout(timeout),
+#ifdef __WINDOWS__
+	_run(true),
+	_running(true)
+#else
+	_sock(0)
+#endif
+{
+#ifndef __WINDOWS__
+	struct sockaddr_un unaddr;
+	unaddr.sun_family = AF_UNIX;
+	strncpy(unaddr.sun_path,_endpoint.c_str(),sizeof(unaddr.sun_path));
+	unaddr.sun_path[sizeof(unaddr.sun_path) - 1] = (char)0;
+
+	struct stat stattmp;
+	if (stat(_endpoint.c_str(),&stattmp)) {
+		int testSock = socket(AF_UNIX,SOCK_STREAM,0);
+		if (testSock <= 0)
+			throw std::runtime_error("unable to create socket of type AF_UNIX");
+		if (connect(testSock,(struct sockaddr *)&unaddr,sizeof(unaddr))) {
+			// error means nothing is listening, orphaned name
+			::close(testSock);
+		} else {
+			// success means endpoint is being actively listened to by a process
+			::close(testSock);
+			throw std::runtime_error("IPC endpoint address in use");
+		}
+	}
+	::unlink(_endpoint.c_str());
+
+	_sock = socket(AF_UNIX,SOCK_STREAM,0);
+	if (_sock <= 0)
+		throw std::runtime_error("unable to create socket of type AF_UNIX");
+	if (bind(_sock,(struct sockaddr *)&unaddr,sizeof(unaddr))) {
+		::close(_sock);
+		throw std::runtime_error("IPC endpoint could not be bound");
+	}
+	if (listen(_sock,8)) {
+		::close(_sock);
+		throw std::runtime_error("listen() failed for bound AF_UNIX socket");
+	}
+	::chmod(_endpoint.c_str(),0777);
+#endif
+
+	_thread = Thread::start(this);
+}
+
+IpcListener::~IpcListener()
+{
+#ifdef __WINDOWS__
+	_run = false;
+	while (_running) {
+		Thread::cancelIO(_thread);
+		HANDLE tmp = CreateFileA(_endpoint.c_str(),GENERIC_READ|GENERIC_WRITE,FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE,NULL,OPEN_EXISTING,0,NULL);
+		if (tmp != INVALID_HANDLE_VALUE)
+			CloseHandle(tmp);
+		Sleep(250);
+	}
+#else
+	int s = _sock;
+	_sock = 0;
+	if (s > 0) {
+		::shutdown(s,SHUT_RDWR);
+		::close(s);
+	}
+	Thread::join(_thread);
+	::unlink(_endpoint.c_str());
+#endif
+}
+
+void IpcListener::threadMain()
+	throw()
+{
+#ifdef __WINDOWS__
+	HANDLE s;
+	while (_run) {
+		s = CreateNamedPipeA(_endpoint.c_str(),PIPE_ACCESS_DUPLEX,PIPE_READMODE_BYTE|PIPE_TYPE_BYTE|PIPE_WAIT,PIPE_UNLIMITED_INSTANCES,1024,1024,0,NULL);
+		if (s != INVALID_HANDLE_VALUE) {
+			if ((ConnectNamedPipe(s,NULL))||(GetLastError() == ERROR_PIPE_CONNECTED)) {
+				if (!_run) {
+					DisconnectNamedPipe(s);
+					CloseHandle(s);
+					break;
+				}
+				try {
+					_handler(_arg,new IpcConnection(s,_timeout,_handler,_arg),IpcConnection::IPC_EVENT_NEW_CONNECTION,(const char *)0);
+				} catch ( ... ) {} // handlers should not throw
+			} else {
+				CloseHandle(s);
+			}
+		}
+	}
+	_running = false;
+#else
+	struct sockaddr_un unaddr;
+	socklen_t socklen;
+	int s;
+	while (_sock > 0) {
+		unaddr.sun_family = AF_UNIX;
+		strncpy(unaddr.sun_path,_endpoint.c_str(),sizeof(unaddr.sun_path));
+		unaddr.sun_path[sizeof(unaddr.sun_path) - 1] = (char)0;
+		socklen = sizeof(unaddr);
+		s = accept(_sock,(struct sockaddr *)&unaddr,&socklen);
+		if (s <= 0)
+			break;
+		if (!_sock) {
+			::close(s);
+			break;
+		}
+		try {
+			_handler(_arg,new IpcConnection(s,_timeout,_handler,_arg),IpcConnection::IPC_EVENT_NEW_CONNECTION,(const char *)0);
+		} catch ( ... ) {} // handlers should not throw
+	}
+#endif
+}
+
+} // namespace ZeroTier

control/IpcListener.hpp

@@ -0,0 +1,91 @@
+/*
+ * ZeroTier One - Global Peer to Peer Ethernet
+ * Copyright (C) 2011-2014	ZeroTier Networks LLC
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.	See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.	If not, see <http://www.gnu.org/licenses/>.
+ *
+ * --
+ *
+ * ZeroTier may be used and distributed under the terms of the GPLv3, which
+ * are available at: http://www.gnu.org/licenses/gpl-3.0.html
+ *
+ * If you would like to embed ZeroTier into a commercial application or
+ * redistribute it in a modified binary form, please contact ZeroTier Networks
+ * LLC. Start here: http://www.zerotier.com/
+ */
+
+#ifndef ZT_IPCLISTENER_HPP
+#define ZT_IPCLISTENER_HPP
+
+#include "../node/Constants.hpp"
+#include "../node/Thread.hpp"
+#include "../node/NonCopyable.hpp"
+#include "IpcConnection.hpp"
+
+#include <string>
+#include <stdexcept>
+
+namespace ZeroTier {
+
+/**
+ * IPC incoming connection listener (Unix domain sockets or named pipes on Windows)
+ */
+class IpcListener : NonCopyable
+{
+public:
+	/**
+	 * Listen for IPC connections
+	 *
+	 * The supplied handler is passed on to incoming instances of IpcConnection. When
+	 * a connection is first opened, it is called with IPC_EVENT_NEW_CONNECTION. The
+	 * receiver must take ownership of the connection object. When a connection is
+	 * closed, IPC_EVENT_CONNECTION_CLOSED is generated. At this point (or after) the
+	 * receiver must delete the object. IPC_EVENT_COMMAND is generated when lines of
+	 * text are read, and in this cases the last argument is not NULL. No closed event
+	 * is generated in the event of manual delete if the connection is still open.
+	 *
+	 * Yeah, this whole callback model sort of sucks. Might rethink and replace with
+	 * some kind of actor model or something if it gets too unweildy. But for now the
+	 * use cases are simple enough that it's not too bad.
+	 *
+	 * @param IPC endpoint name (OS-specific)
+	 * @param timeout Endpoint inactivity timeout in seconds
+	 * @param commandHandler Function to call for each command
+	 * @param arg First argument to pass to handler
+	 * @throws std::runtime_error Unable to bind to endpoint
+	 */
+	IpcListener(const char *ep,unsigned int timeout,void (*commandHandler)(void *,IpcConnection *,IpcConnection::EventType,const char *),void *arg);
+
+	~IpcListener();
+
+	void threadMain()
+		throw();
+
+private:
+	std::string _endpoint;
+	void (*_handler)(void *,IpcConnection *,IpcConnection::EventType,const char *);
+	void *_arg;
+	unsigned int _timeout;
+#ifdef __WINDOWS__
+	volatile bool _run;
+	volatile bool _running;
+#else
+	volatile int _sock;
+#endif
+	Thread _thread;
+};
+
+} // namespace ZeroTier
+
+#endif

control/NodeControlClient.cpp

@@ -0,0 +1,167 @@
+/*
+ * ZeroTier One - Global Peer to Peer Ethernet
+ * Copyright (C) 2011-2014  ZeroTier Networks LLC
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * --
+ *
+ * ZeroTier may be used and distributed under the terms of the GPLv3, which
+ * are available at: http://www.gnu.org/licenses/gpl-3.0.html
+ *
+ * If you would like to embed ZeroTier into a commercial application or
+ * redistribute it in a modified binary form, please contact ZeroTier Networks
+ * LLC. Start here: http://www.zerotier.com/
+ */
+
+#include "NodeControlClient.hpp"
+#include "../node/Constants.hpp"
+#include "../node/Utils.hpp"
+#include "../node/Defaults.hpp"
+#include "IpcConnection.hpp"
+#include "IpcListener.hpp"
+#include "NodeControlService.hpp"
+
+#ifdef __WINDOWS__
+#include <WinSock2.h>
+#include <Windows.h>
+#include <tchar.h>
+#include <wchar.h>
+#include <ShlObj.h>
+#endif // __WINDOWS__
+
+namespace ZeroTier {
+
+struct _NodeControlClientImpl
+{
+	void (*resultHandler)(void *,const char *);
+	void *arg;
+	bool ignoreNextBreak;
+	IpcConnection *ipcc;
+	std::string err;
+};
+
+static void _CBipcResultHandler(void *arg,IpcConnection *ipcc,IpcConnection::EventType event,const char *result)
+{
+	if ((event == IpcConnection::IPC_EVENT_COMMAND)&&(result)) {
+		if (!strcmp(result,"200 auth OK")) {
+			((_NodeControlClientImpl *)arg)->ignoreNextBreak = true;
+		} else if ((((_NodeControlClientImpl *)arg)->ignoreNextBreak)&&(!strcmp(result,"."))) {
+			((_NodeControlClientImpl *)arg)->ignoreNextBreak = false;
+		} else ((_NodeControlClientImpl *)arg)->resultHandler(((_NodeControlClientImpl *)arg)->arg,result);
+	}
+}
+
+NodeControlClient::NodeControlClient(const char *ep,const char *authToken,void (*resultHandler)(void *,const char *),void *arg)
+	throw() :
+	_impl((void *)new _NodeControlClientImpl)
+{
+	_NodeControlClientImpl *impl = (_NodeControlClientImpl *)_impl;
+	impl->resultHandler = resultHandler;
+	impl->arg = arg;
+	impl->ignoreNextBreak = false;
+	try {
+		impl->ipcc = new IpcConnection(ep,ZT_IPC_TIMEOUT,&_CBipcResultHandler,_impl);
+		impl->ipcc->printf("auth %s"ZT_EOL_S,authToken);
+	} catch ( ... ) {
+		impl->ipcc = (IpcConnection *)0;
+		impl->err = "failure connecting to running ZeroTier One service";
+	}
+}
+
+NodeControlClient::~NodeControlClient()
+{
+	if (_impl) {
+		delete ((_NodeControlClientImpl *)_impl)->ipcc;
+		delete (_NodeControlClientImpl *)_impl;
+	}
+}
+
+const char *NodeControlClient::error() const
+	throw()
+{
+	if (((_NodeControlClientImpl *)_impl)->err.length())
+		return ((_NodeControlClientImpl *)_impl)->err.c_str();
+	return (const char *)0;
+}
+
+void NodeControlClient::send(const char *command)
+	throw()
+{
+	try {
+		if (((_NodeControlClientImpl *)_impl)->ipcc)
+			((_NodeControlClientImpl *)_impl)->ipcc->printf("%s"ZT_EOL_S,command);
+	} catch ( ... ) {}
+}
+
+std::vector<std::string> NodeControlClient::splitLine(const char *line)
+{
+	return Utils::split(line," ","\\","\"");
+}
+
+const char *NodeControlClient::authTokenDefaultUserPath()
+{
+	static std::string dlp;
+	static Mutex dlp_m;
+
+	Mutex::Lock _l(dlp_m);
+
+#ifdef __WINDOWS__
+
+	if (!dlp.length()) {
+		char buf[16384];
+		if (SUCCEEDED(SHGetFolderPathA(NULL,CSIDL_APPDATA,NULL,0,buf)))
+			dlp = (std::string(buf) + "\\ZeroTier\\One\\authtoken.secret");
+	}
+
+#else // not __WINDOWS__
+
+	if (!dlp.length()) {
+		const char *home = getenv("HOME");
+		if (home) {
+#ifdef __APPLE__
+			dlp = (std::string(home) + "/Library/Application Support/ZeroTier/One/authtoken.secret");
+#else
+			dlp = (std::string(home) + "/.zeroTierOneAuthToken");
+#endif
+		}
+	}
+
+#endif // __WINDOWS__ or not __WINDOWS__
+
+	return dlp.c_str();
+}
+
+std::string NodeControlClient::getAuthToken(const char *path,bool generateIfNotFound)
+{
+	unsigned char randbuf[24];
+	std::string token;
+
+	if (Utils::readFile(path,token))
+		return Utils::trim(token);
+	else token = "";
+
+	if (generateIfNotFound) {
+		Utils::getSecureRandom(randbuf,sizeof(randbuf));
+		for(unsigned int i=0;i<sizeof(randbuf);++i)
+			token.push_back(("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789")[(unsigned int)randbuf[i] % 62]);
+		if (!Utils::writeFile(path,token))
+			return std::string();
+		Utils::lockDownFile(path,false);
+	}
+
+	return token;
+}
+
+} // namespace ZeroTier

control/NodeControlClient.hpp

@@ -0,0 +1,118 @@
+/*
+ * ZeroTier One - Global Peer to Peer Ethernet
+ * Copyright (C) 2011-2014  ZeroTier Networks LLC
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * --
+ *
+ * ZeroTier may be used and distributed under the terms of the GPLv3, which
+ * are available at: http://www.gnu.org/licenses/gpl-3.0.html
+ *
+ * If you would like to embed ZeroTier into a commercial application or
+ * redistribute it in a modified binary form, please contact ZeroTier Networks
+ * LLC. Start here: http://www.zerotier.com/
+ */
+
+#ifndef ZT_NODECONTROLCLIENT_HPP
+#define ZT_NODECONTROLCLIENT_HPP
+
+#include <string>
+#include <vector>
+
+#include "../node/Constants.hpp"
+
+#ifdef __WINDOWS__
+#define ZT_IPC_ENDPOINT_BASE "\\\\.\\pipe\\ZeroTierOne-"
+#else
+#define ZT_IPC_ENDPOINT_BASE "/tmp/.ZeroTierOne-"
+#endif
+
+namespace ZeroTier {
+
+/**
+ * Client for controlling a local ZeroTier One node
+ */
+class NodeControlClient
+{
+public:
+	/**
+	 * Create a new node config client
+	 *
+	 * Initialization may fail. Call error() to check.
+	 *
+	 * @param ep Endpoint to connect to (OS-dependent)
+	 * @param resultHandler Function to call when commands provide results
+	 * @param arg First argument to result handler
+	 */
+	NodeControlClient(const char *ep,const char *authToken,void (*resultHandler)(void *,const char *),void *arg)
+		throw();
+
+	~NodeControlClient();
+
+	/**
+	 * @return Initialization error or NULL if none
+	 */
+	const char *error() const
+		throw();
+
+	/**
+	 * Send a command to the local node
+	 *
+	 * Note that the returned conversation ID will never be 0. A return value
+	 * of 0 indicates a fatal error such as failure to bind to any local UDP
+	 * port.
+	 *
+	 * @param command
+	 * @return Conversation ID that will be provided to result handler when/if results are sent back
+	 */
+	void send(const char *command)
+		throw();
+	inline void send(const std::string &command)
+		throw() { return send(command.c_str()); }
+
+	/**
+	 * Split a line of results
+	 *
+	 * @param line Line to split
+	 * @return Vector of fields
+	 */
+	static std::vector<std::string> splitLine(const char *line);
+	static inline std::vector<std::string> splitLine(const std::string &line) { return splitLine(line.c_str()); }
+
+	/**
+	 * @return Default path for current user's authtoken.secret or ~/.zeroTierOneAuthToken (location is platform-dependent)
+	 */
+	static const char *authTokenDefaultUserPath();
+
+	/**
+	 * Load (or generate) the authentication token
+	 *
+	 * @param path Full path to authtoken.secret
+	 * @param generateIfNotFound If true, generate and save if not found or readable (requires appropriate privileges, returns empty on failure)
+	 * @return Authentication token or empty string on failure
+	 */
+	static std::string getAuthToken(const char *path,bool generateIfNotFound);
+
+private:
+	// NodeControlClient is not copyable
+	NodeControlClient(const NodeControlClient&);
+	const NodeControlClient& operator=(const NodeControlClient&);
+
+	void *_impl;
+};
+
+} // namespace ZeroTier
+
+#endif

control/NodeControlService.cpp

@@ -0,0 +1,250 @@
+/*
+ * ZeroTier One - Global Peer to Peer Ethernet
+ * Copyright (C) 2011-2014  ZeroTier Networks LLC
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * --
+ *
+ * ZeroTier may be used and distributed under the terms of the GPLv3, which
+ * are available at: http://www.gnu.org/licenses/gpl-3.0.html
+ *
+ * If you would like to embed ZeroTier into a commercial application or
+ * redistribute it in a modified binary form, please contact ZeroTier Networks
+ * LLC. Start here: http://www.zerotier.com/
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include "NodeControlService.hpp"
+#include "NodeControlClient.hpp"
+
+#include "../node/Constants.hpp"
+#include "../node/MAC.hpp"
+#include "../node/Node.hpp"
+#include "../node/Utils.hpp"
+
+namespace ZeroTier {
+
+NodeControlService::NodeControlService(Node *node,const char *authToken) :
+	_node(node),
+	_listener((IpcListener *)0),
+	_authToken(authToken),
+	_running(true),
+	_thread(Thread::start(this))
+{
+}
+
+NodeControlService::~NodeControlService()
+{
+	_running = false;
+	Thread::join(_thread);
+	{
+		Mutex::Lock _l(_connections_m);
+		for(std::map< IpcConnection *,bool >::iterator c(_connections.begin());c!=_connections.end();++c)
+			delete c->first;
+		_connections.clear();
+	}
+	delete _listener;
+}
+
+void NodeControlService::threadMain()
+	throw()
+{
+	char tmp[1024];
+	try {
+		while (_running) {
+			if (!_node->running()) {
+				if (_node->started())
+					break;
+			} else if ((_node->initialized())&&(_node->address())) {
+				Utils::snprintf(tmp,sizeof(tmp),"%s%.10llx",ZT_IPC_ENDPOINT_BASE,(unsigned long long)_node->address());
+				_listener = new IpcListener(tmp,ZT_IPC_TIMEOUT,&_CBcommandHandler,this);
+				break;
+			}
+			Thread::sleep(100); // wait for Node to start
+		}
+	} catch ( ... ) {
+		delete _listener;
+		_listener = (IpcListener *)0;
+	}
+}
+
+void NodeControlService::_CBcommandHandler(void *arg,IpcConnection *ipcc,IpcConnection::EventType event,const char *commandLine)
+{
+	switch(event) {
+		case IpcConnection::IPC_EVENT_COMMAND: {
+			if ((!((NodeControlService *)arg)->_running)||(!commandLine)||(!commandLine[0]))
+				return;
+			((NodeControlService *)arg)->_doCommand(ipcc,commandLine);
+		}	break;
+
+		case IpcConnection::IPC_EVENT_NEW_CONNECTION: {
+			Mutex::Lock _l(((NodeControlService *)arg)->_connections_m);
+			((NodeControlService *)arg)->_connections[ipcc] = false; // not yet authenticated
+		}	break;
+
+		case IpcConnection::IPC_EVENT_CONNECTION_CLOSED: {
+			Mutex::Lock _l(((NodeControlService *)arg)->_connections_m);
+			((NodeControlService *)arg)->_connections.erase(ipcc);
+			delete ipcc;
+		}	break;
+	}
+}
+
+void NodeControlService::_doCommand(IpcConnection *ipcc,const char *commandLine)
+{
+	std::vector<std::string> r;
+	std::vector<std::string> cmd(Utils::split(commandLine,"\r\n \t","\\","'"));
+
+	if ((cmd.empty())||(cmd[0] == "help")) {
+		ipcc->printf("200 help help"ZT_EOL_S);
+		ipcc->printf("200 help auth <token>"ZT_EOL_S);
+		ipcc->printf("200 help info"ZT_EOL_S);
+		ipcc->printf("200 help listpeers"ZT_EOL_S);
+		ipcc->printf("200 help listnetworks"ZT_EOL_S);
+		ipcc->printf("200 help join <network ID>"ZT_EOL_S);
+		ipcc->printf("200 help leave <network ID>"ZT_EOL_S);
+		ipcc->printf("200 help terminate [<reason>]"ZT_EOL_S);
+		ipcc->printf("200 help updatecheck"ZT_EOL_S);
+	} else if (cmd[0] == "auth") {
+		if ((cmd.size() > 1)&&(_authToken.length() > 0)&&(_authToken == cmd[1])) {
+			Mutex::Lock _l(_connections_m);
+			_connections[ipcc] = true;
+			ipcc->printf("200 auth OK"ZT_EOL_S);
+		} else ipcc->printf("403 auth failed"ZT_EOL_S);
+	} else {
+		{
+			Mutex::Lock _l(_connections_m);
+			if (!_connections[ipcc]) {
+				ipcc->printf("403 %s unauthorized"ZT_EOL_S"."ZT_EOL_S,cmd[0].c_str());
+				return;
+			}
+		}
+
+		if (cmd[0] == "info") {
+			ipcc->printf("200 info %.10llx %s %s"ZT_EOL_S,_node->address(),(_node->online() ? "ONLINE" : "OFFLINE"),Node::versionString());
+		} else if (cmd[0] == "listpeers") {
+			ipcc->printf("200 listpeers <ztaddr> <paths> <latency> <version> <role>"ZT_EOL_S);
+			ZT1_Node_PeerList *pl = _node->listPeers();
+			if (pl) {
+				for(unsigned int i=0;i<pl->numPeers;++i) {
+					ipcc->printf("200 listpeers %.10llx ",(unsigned long long)pl->peers[i].rawAddress);
+					if (pl->peers[i].numPaths == 0)
+						ipcc->printf("-");
+					else {
+						for(unsigned int j=0;j<pl->peers[i].numPaths;++j) {
+							if (j > 0)
+								ipcc->printf(",");
+							switch(pl->peers[i].paths[j].type) {
+								default:
+									ipcc->printf("unknown;");
+									break;
+								case ZT1_Node_PhysicalPath_TYPE_UDP:
+									ipcc->printf("udp;");
+									break;
+								case ZT1_Node_PhysicalPath_TYPE_TCP_OUT:
+									ipcc->printf("tcp_out;");
+									break;
+								case ZT1_Node_PhysicalPath_TYPE_TCP_IN:
+									ipcc->printf("tcp_in;");
+									break;
+								case ZT1_Node_PhysicalPath_TYPE_ETHERNET:
+									ipcc->printf("eth;");
+									break;
+							}
+							ipcc->printf("%s/%d;%ld;%ld;%ld;%s",
+								pl->peers[i].paths[j].address.ascii,
+								(int)pl->peers[i].paths[j].address.port,
+								pl->peers[i].paths[j].lastSend,
+								pl->peers[i].paths[j].lastReceive,
+								pl->peers[i].paths[j].lastPing,
+								(pl->peers[i].paths[j].fixed ? "fixed" : (pl->peers[i].paths[j].active ? "active" : "inactive")));
+						}
+					}
+					const char *rolestr;
+					switch(pl->peers[i].role) {
+						case ZT1_Node_Peer_SUPERNODE: rolestr = "SUPERNODE"; break;
+						case ZT1_Node_Peer_HUB: rolestr = "HUB"; break;
+						case ZT1_Node_Peer_NODE: rolestr = "NODE"; break;
+						default: rolestr = "?"; break;
+					}
+					ipcc->printf(" %u %s %s"ZT_EOL_S,
+						pl->peers[i].latency,
+						((pl->peers[i].remoteVersion[0]) ? pl->peers[i].remoteVersion : "-"),
+						rolestr);
+				}
+				_node->freeQueryResult(pl);
+			}
+		} else if (cmd[0] == "listnetworks") {
+			ipcc->printf("200 listnetworks <nwid> <name> <mac> <status> <config age> <type> <dev> <ips>"ZT_EOL_S);
+			ZT1_Node_NetworkList *nl = _node->listNetworks();
+			if (nl) {
+				for(unsigned int i=0;i<nl->numNetworks;++i) {
+					ipcc->printf("200 listnetworks %s %s %s %s %ld %s %s ",
+						nl->networks[i].nwidHex,
+						nl->networks[i].name,
+						nl->networks[i].macStr,
+						nl->networks[i].statusStr,
+						nl->networks[i].configAge,
+						(nl->networks[i].isPrivate ? "private" : "public"),
+						nl->networks[i].device);
+					if (nl->networks[i].numIps > 0) {
+						for(unsigned int j=0;j<nl->networks[i].numIps;++j) {
+							if (j > 0)
+								ipcc->printf(",");
+							ipcc->printf("%s/%d",nl->networks[i].ips[j].ascii,(int)nl->networks[i].ips[j].port);
+						}
+					} else ipcc->printf("-");
+					ipcc->printf(ZT_EOL_S);
+				}
+				_node->freeQueryResult(nl);
+			}
+		} else if (cmd[0] == "join") {
+			if (cmd.size() > 1) {
+				uint64_t nwid = Utils::hexStrToU64(cmd[1].c_str());
+				_node->join(nwid);
+				ipcc->printf("200 join %.16llx OK"ZT_EOL_S,(unsigned long long)nwid);
+			} else {
+				ipcc->printf("400 join requires a network ID (>0) in hexadecimal format"ZT_EOL_S);
+			}
+		} else if (cmd[0] == "leave") {
+			if (cmd.size() > 1) {
+				uint64_t nwid = Utils::hexStrToU64(cmd[1].c_str());
+				_node->leave(nwid);
+				ipcc->printf("200 leave %.16llx OK"ZT_EOL_S,(unsigned long long)nwid);
+			} else {
+				ipcc->printf("400 leave requires a network ID (>0) in hexadecimal format"ZT_EOL_S);
+			}
+		} else if (cmd[0] == "terminate") {
+			if (cmd.size() > 1)
+				_node->terminate(Node::NODE_NORMAL_TERMINATION,cmd[1].c_str());
+			else _node->terminate(Node::NODE_NORMAL_TERMINATION,"terminate via IPC command");
+		} else if (cmd[0] == "updatecheck") {
+			if (_node->updateCheck()) {
+				ipcc->printf("500 software updates are not enabled"ZT_EOL_S);
+			} else {
+				ipcc->printf("200 OK"ZT_EOL_S);
+			}
+		} else {
+			ipcc->printf("404 %s No such command. Use 'help' for help."ZT_EOL_S,cmd[0].c_str());
+		}
+	}
+
+	ipcc->printf("."ZT_EOL_S);
+}
+
+} // namespace ZeroTier

control/NodeControlService.hpp

@@ -0,0 +1,84 @@
+/*
+ * ZeroTier One - Global Peer to Peer Ethernet
+ * Copyright (C) 2011-2014  ZeroTier Networks LLC
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * --
+ *
+ * ZeroTier may be used and distributed under the terms of the GPLv3, which
+ * are available at: http://www.gnu.org/licenses/gpl-3.0.html
+ *
+ * If you would like to embed ZeroTier into a commercial application or
+ * redistribute it in a modified binary form, please contact ZeroTier Networks
+ * LLC. Start here: http://www.zerotier.com/
+ */
+
+#ifndef ZT_NODECONTROLSERVICE_HPP
+#define ZT_NODECONTROLSERVICE_HPP
+
+#include <string>
+#include <map>
+
+#include "IpcConnection.hpp"
+#include "IpcListener.hpp"
+
+#include "../node/Constants.hpp"
+#include "../node/NonCopyable.hpp"
+#include "../node/Thread.hpp"
+
+namespace ZeroTier {
+
+class Node;
+
+/**
+ * Background controller service that controls and configures a node
+ *
+ * This is used with system-installed instances of ZeroTier One to
+ * provide the IPC-based control bus service for node configuration.
+ */
+class NodeControlService : NonCopyable
+{
+public:
+	/**
+	 * @param node Node to control and configure
+	 * @param authToken Authorization token for clients
+	 */
+	NodeControlService(Node *node,const char *authToken);
+
+	~NodeControlService();
+
+	// Background thread waits for node to initialize, then creates IpcListener and
+	// terminates. It also terminates on delete if it hasn't bootstrapped yet.
+	void threadMain()
+		throw();
+
+private:
+	static void _CBcommandHandler(void *arg,IpcConnection *ipcc,IpcConnection::EventType event,const char *commandLine);
+	void _doCommand(IpcConnection *ipcc,const char *commandLine);
+
+	Node *_node;
+	IpcListener *_listener;
+	std::string _authToken;
+
+	std::map< IpcConnection *,bool > _connections;
+	Mutex _connections_m;
+
+	volatile bool _running;
+	Thread _thread;
+};
+
+} // namespace ZeroTier
+
+#endif

control/README.md

@@ -0,0 +1,4 @@
+ZeroTier Control Plane
+======
+
+This code is responsible for the local command bus used to control the ZeroTier One service on a local machine via zerotier-cli or the Qt GUI. It's not part of the core node implementation. It uses Unix domain sockets on unix-like OSes and named pipes on Windows. Authentication is via a simple token mechanism. (Eventually this part of the software is getting a rework.)

ext/README.md

@@ -0,0 +1 @@
+The ext/ folder contains third party code, drivers, installation support files, etc.

ext/README.txt

@@ -1 +0,0 @@
-ext/ contains external code, such as libraries, and scripts for building such.

ext/bin/devcon/README.txt

@@ -0,0 +1,7 @@
+This is the Microsoft "devcon" utility, which as far as I know is
+fair game to redistribute. It's packaged with OpenVPN and several
+other things and also distributed in source code form as an example
+program by Microsoft.
+
+It's called by zerotier-one.exe to automagically install and remove
+instances of the tap device.

ext/bin/libcrypto/VERSION.txt

@@ -1 +0,0 @@
-openssl-1.0.1e

ext/bin/libcrypto/include/openssl/aes.h

@@ -1,147 +0,0 @@
-/* crypto/aes/aes.h -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#ifndef HEADER_AES_H
-#define HEADER_AES_H
-
-#include <openssl/opensslconf.h>
-
-#ifdef OPENSSL_NO_AES
-#error AES is disabled.
-#endif
-
-#include <stddef.h>
-
-#define AES_ENCRYPT	1
-#define AES_DECRYPT	0
-
-/* Because array size can't be a const in C, the following two are macros.
-   Both sizes are in bytes. */
-#define AES_MAXNR 14
-#define AES_BLOCK_SIZE 16
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* This should be a hidden type, but EVP requires that the size be known */
-struct aes_key_st {
-#ifdef AES_LONG
-    unsigned long rd_key[4 *(AES_MAXNR + 1)];
-#else
-    unsigned int rd_key[4 *(AES_MAXNR + 1)];
-#endif
-    int rounds;
-};
-typedef struct aes_key_st AES_KEY;
-
-const char *AES_options(void);
-
-int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
-	AES_KEY *key);
-int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
-	AES_KEY *key);
-
-int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
-	AES_KEY *key);
-int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
-	AES_KEY *key);
-
-void AES_encrypt(const unsigned char *in, unsigned char *out,
-	const AES_KEY *key);
-void AES_decrypt(const unsigned char *in, unsigned char *out,
-	const AES_KEY *key);
-
-void AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
-	const AES_KEY *key, const int enc);
-void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
-	size_t length, const AES_KEY *key,
-	unsigned char *ivec, const int enc);
-void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
-	size_t length, const AES_KEY *key,
-	unsigned char *ivec, int *num, const int enc);
-void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
-	size_t length, const AES_KEY *key,
-	unsigned char *ivec, int *num, const int enc);
-void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
-	size_t length, const AES_KEY *key,
-	unsigned char *ivec, int *num, const int enc);
-void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
-	size_t length, const AES_KEY *key,
-	unsigned char *ivec, int *num);
-void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
-	size_t length, const AES_KEY *key,
-	unsigned char ivec[AES_BLOCK_SIZE],
-	unsigned char ecount_buf[AES_BLOCK_SIZE],
-	unsigned int *num);
-/* NB: the IV is _two_ blocks long */
-void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
-		     size_t length, const AES_KEY *key,
-		     unsigned char *ivec, const int enc);
-/* NB: the IV is _four_ blocks long */
-void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
-			size_t length, const AES_KEY *key,
-			const AES_KEY *key2, const unsigned char *ivec,
-			const int enc);
-
-int AES_wrap_key(AES_KEY *key, const unsigned char *iv,
-		unsigned char *out,
-		const unsigned char *in, unsigned int inlen);
-int AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
-		unsigned char *out,
-		const unsigned char *in, unsigned int inlen);
-
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif /* !HEADER_AES_H */

ext/bin/libcrypto/include/openssl/asn1_mac.h

@@ -1,578 +0,0 @@
-/* crypto/asn1/asn1_mac.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_ASN1_MAC_H
-#define HEADER_ASN1_MAC_H
-
-#include <openssl/asn1.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#ifndef ASN1_MAC_ERR_LIB
-#define ASN1_MAC_ERR_LIB	ERR_LIB_ASN1
-#endif 
-
-#define ASN1_MAC_H_err(f,r,line) \
-	ERR_PUT_error(ASN1_MAC_ERR_LIB,(f),(r),__FILE__,(line))
-
-#define M_ASN1_D2I_vars(a,type,func) \
-	ASN1_const_CTX c; \
-	type ret=NULL; \
-	\
-	c.pp=(const unsigned char **)pp; \
-	c.q= *(const unsigned char **)pp; \
-	c.error=ERR_R_NESTED_ASN1_ERROR; \
-	if ((a == NULL) || ((*a) == NULL)) \
-		{ if ((ret=(type)func()) == NULL) \
-			{ c.line=__LINE__; goto err; } } \
-	else	ret=(*a);
-
-#define M_ASN1_D2I_Init() \
-	c.p= *(const unsigned char **)pp; \
-	c.max=(length == 0)?0:(c.p+length);
-
-#define M_ASN1_D2I_Finish_2(a) \
-	if (!asn1_const_Finish(&c)) \
-		{ c.line=__LINE__; goto err; } \
-	*(const unsigned char **)pp=c.p; \
-	if (a != NULL) (*a)=ret; \
-	return(ret);
-
-#define M_ASN1_D2I_Finish(a,func,e) \
-	M_ASN1_D2I_Finish_2(a); \
-err:\
-	ASN1_MAC_H_err((e),c.error,c.line); \
-	asn1_add_error(*(const unsigned char **)pp,(int)(c.q- *pp)); \
-	if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \
-	return(NULL)
-
-#define M_ASN1_D2I_start_sequence() \
-	if (!asn1_GetSequence(&c,&length)) \
-		{ c.line=__LINE__; goto err; }
-/* Begin reading ASN1 without a surrounding sequence */
-#define M_ASN1_D2I_begin() \
-	c.slen = length;
-
-/* End reading ASN1 with no check on length */
-#define M_ASN1_D2I_Finish_nolen(a, func, e) \
-	*pp=c.p; \
-	if (a != NULL) (*a)=ret; \
-	return(ret); \
-err:\
-	ASN1_MAC_H_err((e),c.error,c.line); \
-	asn1_add_error(*pp,(int)(c.q- *pp)); \
-	if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \
-	return(NULL)
-
-#define M_ASN1_D2I_end_sequence() \
-	(((c.inf&1) == 0)?(c.slen <= 0): \
-		(c.eos=ASN1_const_check_infinite_end(&c.p,c.slen)))
-
-/* Don't use this with d2i_ASN1_BOOLEAN() */
-#define M_ASN1_D2I_get(b, func) \
-	c.q=c.p; \
-	if (func(&(b),&c.p,c.slen) == NULL) \
-		{c.line=__LINE__; goto err; } \
-	c.slen-=(c.p-c.q);
-
-/* Don't use this with d2i_ASN1_BOOLEAN() */
-#define M_ASN1_D2I_get_x(type,b,func) \
-	c.q=c.p; \
-	if (((D2I_OF(type))func)(&(b),&c.p,c.slen) == NULL) \
-		{c.line=__LINE__; goto err; } \
-	c.slen-=(c.p-c.q);
-
-/* use this instead () */
-#define M_ASN1_D2I_get_int(b,func) \
-	c.q=c.p; \
-	if (func(&(b),&c.p,c.slen) < 0) \
-		{c.line=__LINE__; goto err; } \
-	c.slen-=(c.p-c.q);
-
-#define M_ASN1_D2I_get_opt(b,func,type) \
-	if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) \
-		== (V_ASN1_UNIVERSAL|(type)))) \
-		{ \
-		M_ASN1_D2I_get(b,func); \
-		}
-
-#define M_ASN1_D2I_get_int_opt(b,func,type) \
-	if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) \
-		== (V_ASN1_UNIVERSAL|(type)))) \
-		{ \
-		M_ASN1_D2I_get_int(b,func); \
-		}
-
-#define M_ASN1_D2I_get_imp(b,func, type) \
-	M_ASN1_next=(_tmp& V_ASN1_CONSTRUCTED)|type; \
-	c.q=c.p; \
-	if (func(&(b),&c.p,c.slen) == NULL) \
-		{c.line=__LINE__; M_ASN1_next_prev = _tmp; goto err; } \
-	c.slen-=(c.p-c.q);\
-	M_ASN1_next_prev=_tmp;
-
-#define M_ASN1_D2I_get_IMP_opt(b,func,tag,type) \
-	if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) == \
-		(V_ASN1_CONTEXT_SPECIFIC|(tag)))) \
-		{ \
-		unsigned char _tmp = M_ASN1_next; \
-		M_ASN1_D2I_get_imp(b,func, type);\
-		}
-
-#define M_ASN1_D2I_get_set(r,func,free_func) \
-		M_ASN1_D2I_get_imp_set(r,func,free_func, \
-			V_ASN1_SET,V_ASN1_UNIVERSAL);
-
-#define M_ASN1_D2I_get_set_type(type,r,func,free_func) \
-		M_ASN1_D2I_get_imp_set_type(type,r,func,free_func, \
-			V_ASN1_SET,V_ASN1_UNIVERSAL);
-
-#define M_ASN1_D2I_get_set_opt(r,func,free_func) \
-	if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
-		V_ASN1_CONSTRUCTED|V_ASN1_SET)))\
-		{ M_ASN1_D2I_get_set(r,func,free_func); }
-
-#define M_ASN1_D2I_get_set_opt_type(type,r,func,free_func) \
-	if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
-		V_ASN1_CONSTRUCTED|V_ASN1_SET)))\
-		{ M_ASN1_D2I_get_set_type(type,r,func,free_func); }
-
-#define M_ASN1_I2D_len_SET_opt(a,f) \
-	if ((a != NULL) && (sk_num(a) != 0)) \
-		M_ASN1_I2D_len_SET(a,f);
-
-#define M_ASN1_I2D_put_SET_opt(a,f) \
-	if ((a != NULL) && (sk_num(a) != 0)) \
-		M_ASN1_I2D_put_SET(a,f);
-
-#define M_ASN1_I2D_put_SEQUENCE_opt(a,f) \
-	if ((a != NULL) && (sk_num(a) != 0)) \
-		M_ASN1_I2D_put_SEQUENCE(a,f);
-
-#define M_ASN1_I2D_put_SEQUENCE_opt_type(type,a,f) \
-	if ((a != NULL) && (sk_##type##_num(a) != 0)) \
-		M_ASN1_I2D_put_SEQUENCE_type(type,a,f);
-
-#define M_ASN1_D2I_get_IMP_set_opt(b,func,free_func,tag) \
-	if ((c.slen != 0) && \
-		(M_ASN1_next == \
-		(V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\
-		{ \
-		M_ASN1_D2I_get_imp_set(b,func,free_func,\
-			tag,V_ASN1_CONTEXT_SPECIFIC); \
-		}
-
-#define M_ASN1_D2I_get_IMP_set_opt_type(type,b,func,free_func,tag) \
-	if ((c.slen != 0) && \
-		(M_ASN1_next == \
-		(V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\
-		{ \
-		M_ASN1_D2I_get_imp_set_type(type,b,func,free_func,\
-			tag,V_ASN1_CONTEXT_SPECIFIC); \
-		}
-
-#define M_ASN1_D2I_get_seq(r,func,free_func) \
-		M_ASN1_D2I_get_imp_set(r,func,free_func,\
-			V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-
-#define M_ASN1_D2I_get_seq_type(type,r,func,free_func) \
-		M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,\
-					    V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL)
-
-#define M_ASN1_D2I_get_seq_opt(r,func,free_func) \
-	if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
-		V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\
-		{ M_ASN1_D2I_get_seq(r,func,free_func); }
-
-#define M_ASN1_D2I_get_seq_opt_type(type,r,func,free_func) \
-	if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
-		V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\
-		{ M_ASN1_D2I_get_seq_type(type,r,func,free_func); }
-
-#define M_ASN1_D2I_get_IMP_set(r,func,free_func,x) \
-		M_ASN1_D2I_get_imp_set(r,func,free_func,\
-			x,V_ASN1_CONTEXT_SPECIFIC);
-
-#define M_ASN1_D2I_get_IMP_set_type(type,r,func,free_func,x) \
-		M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,\
-			x,V_ASN1_CONTEXT_SPECIFIC);
-
-#define M_ASN1_D2I_get_imp_set(r,func,free_func,a,b) \
-	c.q=c.p; \
-	if (d2i_ASN1_SET(&(r),&c.p,c.slen,(char *(*)())func,\
-		(void (*)())free_func,a,b) == NULL) \
-		{ c.line=__LINE__; goto err; } \
-	c.slen-=(c.p-c.q);
-
-#define M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,a,b) \
-	c.q=c.p; \
-	if (d2i_ASN1_SET_OF_##type(&(r),&c.p,c.slen,func,\
-				   free_func,a,b) == NULL) \
-		{ c.line=__LINE__; goto err; } \
-	c.slen-=(c.p-c.q);
-
-#define M_ASN1_D2I_get_set_strings(r,func,a,b) \
-	c.q=c.p; \
-	if (d2i_ASN1_STRING_SET(&(r),&c.p,c.slen,a,b) == NULL) \
-		{ c.line=__LINE__; goto err; } \
-	c.slen-=(c.p-c.q);
-
-#define M_ASN1_D2I_get_EXP_opt(r,func,tag) \
-	if ((c.slen != 0L) && (M_ASN1_next == \
-		(V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
-		{ \
-		int Tinf,Ttag,Tclass; \
-		long Tlen; \
-		\
-		c.q=c.p; \
-		Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
-		if (Tinf & 0x80) \
-			{ c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
-			c.line=__LINE__; goto err; } \
-		if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
-					Tlen = c.slen - (c.p - c.q) - 2; \
-		if (func(&(r),&c.p,Tlen) == NULL) \
-			{ c.line=__LINE__; goto err; } \
-		if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
-			Tlen = c.slen - (c.p - c.q); \
-			if(!ASN1_const_check_infinite_end(&c.p, Tlen)) \
-				{ c.error=ERR_R_MISSING_ASN1_EOS; \
-				c.line=__LINE__; goto err; } \
-		}\
-		c.slen-=(c.p-c.q); \
-		}
-
-#define M_ASN1_D2I_get_EXP_set_opt(r,func,free_func,tag,b) \
-	if ((c.slen != 0) && (M_ASN1_next == \
-		(V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
-		{ \
-		int Tinf,Ttag,Tclass; \
-		long Tlen; \
-		\
-		c.q=c.p; \
-		Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
-		if (Tinf & 0x80) \
-			{ c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
-			c.line=__LINE__; goto err; } \
-		if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
-					Tlen = c.slen - (c.p - c.q) - 2; \
-		if (d2i_ASN1_SET(&(r),&c.p,Tlen,(char *(*)())func, \
-			(void (*)())free_func, \
-			b,V_ASN1_UNIVERSAL) == NULL) \
-			{ c.line=__LINE__; goto err; } \
-		if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
-			Tlen = c.slen - (c.p - c.q); \
-			if(!ASN1_check_infinite_end(&c.p, Tlen)) \
-				{ c.error=ERR_R_MISSING_ASN1_EOS; \
-				c.line=__LINE__; goto err; } \
-		}\
-		c.slen-=(c.p-c.q); \
-		}
-
-#define M_ASN1_D2I_get_EXP_set_opt_type(type,r,func,free_func,tag,b) \
-	if ((c.slen != 0) && (M_ASN1_next == \
-		(V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
-		{ \
-		int Tinf,Ttag,Tclass; \
-		long Tlen; \
-		\
-		c.q=c.p; \
-		Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
-		if (Tinf & 0x80) \
-			{ c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
-			c.line=__LINE__; goto err; } \
-		if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
-					Tlen = c.slen - (c.p - c.q) - 2; \
-		if (d2i_ASN1_SET_OF_##type(&(r),&c.p,Tlen,func, \
-			free_func,b,V_ASN1_UNIVERSAL) == NULL) \
-			{ c.line=__LINE__; goto err; } \
-		if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
-			Tlen = c.slen - (c.p - c.q); \
-			if(!ASN1_check_infinite_end(&c.p, Tlen)) \
-				{ c.error=ERR_R_MISSING_ASN1_EOS; \
-				c.line=__LINE__; goto err; } \
-		}\
-		c.slen-=(c.p-c.q); \
-		}
-
-/* New macros */
-#define M_ASN1_New_Malloc(ret,type) \
-	if ((ret=(type *)OPENSSL_malloc(sizeof(type))) == NULL) \
-		{ c.line=__LINE__; goto err2; }
-
-#define M_ASN1_New(arg,func) \
-	if (((arg)=func()) == NULL) return(NULL)
-
-#define M_ASN1_New_Error(a) \
-/*	err:	ASN1_MAC_H_err((a),ERR_R_NESTED_ASN1_ERROR,c.line); \
-		return(NULL);*/ \
-	err2:	ASN1_MAC_H_err((a),ERR_R_MALLOC_FAILURE,c.line); \
-		return(NULL)
-
-
-/* BIG UGLY WARNING!  This is so damn ugly I wanna puke.  Unfortunately,
-   some macros that use ASN1_const_CTX still insist on writing in the input
-   stream.  ARGH!  ARGH!  ARGH!  Let's get rid of this macro package.
-   Please?						-- Richard Levitte */
-#define M_ASN1_next		(*((unsigned char *)(c.p)))
-#define M_ASN1_next_prev	(*((unsigned char *)(c.q)))
-
-/*************************************************/
-
-#define M_ASN1_I2D_vars(a)	int r=0,ret=0; \
-				unsigned char *p; \
-				if (a == NULL) return(0)
-
-/* Length Macros */
-#define M_ASN1_I2D_len(a,f)	ret+=f(a,NULL)
-#define M_ASN1_I2D_len_IMP_opt(a,f)	if (a != NULL) M_ASN1_I2D_len(a,f)
-
-#define M_ASN1_I2D_len_SET(a,f) \
-		ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET);
-
-#define M_ASN1_I2D_len_SET_type(type,a,f) \
-		ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,V_ASN1_SET, \
-					    V_ASN1_UNIVERSAL,IS_SET);
-
-#define M_ASN1_I2D_len_SEQUENCE(a,f) \
-		ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL, \
-				  IS_SEQUENCE);
-
-#define M_ASN1_I2D_len_SEQUENCE_type(type,a,f) \
-		ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,V_ASN1_SEQUENCE, \
-					    V_ASN1_UNIVERSAL,IS_SEQUENCE)
-
-#define M_ASN1_I2D_len_SEQUENCE_opt(a,f) \
-		if ((a != NULL) && (sk_num(a) != 0)) \
-			M_ASN1_I2D_len_SEQUENCE(a,f);
-
-#define M_ASN1_I2D_len_SEQUENCE_opt_type(type,a,f) \
-		if ((a != NULL) && (sk_##type##_num(a) != 0)) \
-			M_ASN1_I2D_len_SEQUENCE_type(type,a,f);
-
-#define M_ASN1_I2D_len_IMP_SET(a,f,x) \
-		ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC,IS_SET);
-
-#define M_ASN1_I2D_len_IMP_SET_type(type,a,f,x) \
-		ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
-					    V_ASN1_CONTEXT_SPECIFIC,IS_SET);
-
-#define M_ASN1_I2D_len_IMP_SET_opt(a,f,x) \
-		if ((a != NULL) && (sk_num(a) != 0)) \
-			ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \
-					  IS_SET);
-
-#define M_ASN1_I2D_len_IMP_SET_opt_type(type,a,f,x) \
-		if ((a != NULL) && (sk_##type##_num(a) != 0)) \
-			ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
-					       V_ASN1_CONTEXT_SPECIFIC,IS_SET);
-
-#define M_ASN1_I2D_len_IMP_SEQUENCE(a,f,x) \
-		ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \
-				  IS_SEQUENCE);
-
-#define M_ASN1_I2D_len_IMP_SEQUENCE_opt(a,f,x) \
-		if ((a != NULL) && (sk_num(a) != 0)) \
-			ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \
-					  IS_SEQUENCE);
-
-#define M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(type,a,f,x) \
-		if ((a != NULL) && (sk_##type##_num(a) != 0)) \
-			ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
-						    V_ASN1_CONTEXT_SPECIFIC, \
-						    IS_SEQUENCE);
-
-#define M_ASN1_I2D_len_EXP_opt(a,f,mtag,v) \
-		if (a != NULL)\
-			{ \
-			v=f(a,NULL); \
-			ret+=ASN1_object_size(1,v,mtag); \
-			}
-
-#define M_ASN1_I2D_len_EXP_SET_opt(a,f,mtag,tag,v) \
-		if ((a != NULL) && (sk_num(a) != 0))\
-			{ \
-			v=i2d_ASN1_SET(a,NULL,f,tag,V_ASN1_UNIVERSAL,IS_SET); \
-			ret+=ASN1_object_size(1,v,mtag); \
-			}
-
-#define M_ASN1_I2D_len_EXP_SEQUENCE_opt(a,f,mtag,tag,v) \
-		if ((a != NULL) && (sk_num(a) != 0))\
-			{ \
-			v=i2d_ASN1_SET(a,NULL,f,tag,V_ASN1_UNIVERSAL, \
-				       IS_SEQUENCE); \
-			ret+=ASN1_object_size(1,v,mtag); \
-			}
-
-#define M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(type,a,f,mtag,tag,v) \
-		if ((a != NULL) && (sk_##type##_num(a) != 0))\
-			{ \
-			v=i2d_ASN1_SET_OF_##type(a,NULL,f,tag, \
-						 V_ASN1_UNIVERSAL, \
-						 IS_SEQUENCE); \
-			ret+=ASN1_object_size(1,v,mtag); \
-			}
-
-/* Put Macros */
-#define M_ASN1_I2D_put(a,f)	f(a,&p)
-
-#define M_ASN1_I2D_put_IMP_opt(a,f,t)	\
-		if (a != NULL) \
-			{ \
-			unsigned char *q=p; \
-			f(a,&p); \
-			*q=(V_ASN1_CONTEXT_SPECIFIC|t|(*q&V_ASN1_CONSTRUCTED));\
-			}
-
-#define M_ASN1_I2D_put_SET(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SET,\
-			V_ASN1_UNIVERSAL,IS_SET)
-#define M_ASN1_I2D_put_SET_type(type,a,f) \
-     i2d_ASN1_SET_OF_##type(a,&p,f,V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET)
-#define M_ASN1_I2D_put_IMP_SET(a,f,x) i2d_ASN1_SET(a,&p,f,x,\
-			V_ASN1_CONTEXT_SPECIFIC,IS_SET)
-#define M_ASN1_I2D_put_IMP_SET_type(type,a,f,x) \
-     i2d_ASN1_SET_OF_##type(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC,IS_SET)
-#define M_ASN1_I2D_put_IMP_SEQUENCE(a,f,x) i2d_ASN1_SET(a,&p,f,x,\
-			V_ASN1_CONTEXT_SPECIFIC,IS_SEQUENCE)
-
-#define M_ASN1_I2D_put_SEQUENCE(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SEQUENCE,\
-					     V_ASN1_UNIVERSAL,IS_SEQUENCE)
-
-#define M_ASN1_I2D_put_SEQUENCE_type(type,a,f) \
-     i2d_ASN1_SET_OF_##type(a,&p,f,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL, \
-			    IS_SEQUENCE)
-
-#define M_ASN1_I2D_put_SEQUENCE_opt(a,f) \
-		if ((a != NULL) && (sk_num(a) != 0)) \
-			M_ASN1_I2D_put_SEQUENCE(a,f);
-
-#define M_ASN1_I2D_put_IMP_SET_opt(a,f,x) \
-		if ((a != NULL) && (sk_num(a) != 0)) \
-			{ i2d_ASN1_SET(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC, \
-				       IS_SET); }
-
-#define M_ASN1_I2D_put_IMP_SET_opt_type(type,a,f,x) \
-		if ((a != NULL) && (sk_##type##_num(a) != 0)) \
-			{ i2d_ASN1_SET_OF_##type(a,&p,f,x, \
-						 V_ASN1_CONTEXT_SPECIFIC, \
-						 IS_SET); }
-
-#define M_ASN1_I2D_put_IMP_SEQUENCE_opt(a,f,x) \
-		if ((a != NULL) && (sk_num(a) != 0)) \
-			{ i2d_ASN1_SET(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC, \
-				       IS_SEQUENCE); }
-
-#define M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(type,a,f,x) \
-		if ((a != NULL) && (sk_##type##_num(a) != 0)) \
-			{ i2d_ASN1_SET_OF_##type(a,&p,f,x, \
-						 V_ASN1_CONTEXT_SPECIFIC, \
-						 IS_SEQUENCE); }
-
-#define M_ASN1_I2D_put_EXP_opt(a,f,tag,v) \
-		if (a != NULL) \
-			{ \
-			ASN1_put_object(&p,1,v,tag,V_ASN1_CONTEXT_SPECIFIC); \
-			f(a,&p); \
-			}
-
-#define M_ASN1_I2D_put_EXP_SET_opt(a,f,mtag,tag,v) \
-		if ((a != NULL) && (sk_num(a) != 0)) \
-			{ \
-			ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
-			i2d_ASN1_SET(a,&p,f,tag,V_ASN1_UNIVERSAL,IS_SET); \
-			}
-
-#define M_ASN1_I2D_put_EXP_SEQUENCE_opt(a,f,mtag,tag,v) \
-		if ((a != NULL) && (sk_num(a) != 0)) \
-			{ \
-			ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
-			i2d_ASN1_SET(a,&p,f,tag,V_ASN1_UNIVERSAL,IS_SEQUENCE); \
-			}
-
-#define M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(type,a,f,mtag,tag,v) \
-		if ((a != NULL) && (sk_##type##_num(a) != 0)) \
-			{ \
-			ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
-			i2d_ASN1_SET_OF_##type(a,&p,f,tag,V_ASN1_UNIVERSAL, \
-					       IS_SEQUENCE); \
-			}
-
-#define M_ASN1_I2D_seq_total() \
-		r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE); \
-		if (pp == NULL) return(r); \
-		p= *pp; \
-		ASN1_put_object(&p,1,ret,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL)
-
-#define M_ASN1_I2D_INF_seq_start(tag,ctx) \
-		*(p++)=(V_ASN1_CONSTRUCTED|(tag)|(ctx)); \
-		*(p++)=0x80
-
-#define M_ASN1_I2D_INF_seq_end() *(p++)=0x00; *(p++)=0x00
-
-#define M_ASN1_I2D_finish()	*pp=p; \
-				return(r);
-
-int asn1_GetSequence(ASN1_const_CTX *c, long *length);
-void asn1_add_error(const unsigned char *address,int offset);
-#ifdef  __cplusplus
-}
-#endif
-
-#endif

ext/bin/libcrypto/include/openssl/asn1t.h

@@ -1,960 +0,0 @@
-/* asn1t.h */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#ifndef HEADER_ASN1T_H
-#define HEADER_ASN1T_H
-
-#include <stddef.h>
-#include <openssl/e_os2.h>
-#include <openssl/asn1.h>
-
-#ifdef OPENSSL_BUILD_SHLIBCRYPTO
-# undef OPENSSL_EXTERN
-# define OPENSSL_EXTERN OPENSSL_EXPORT
-#endif
-
-/* ASN1 template defines, structures and functions */
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-
-#ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
-
-/* Macro to obtain ASN1_ADB pointer from a type (only used internally) */
-#define ASN1_ADB_ptr(iptr) ((const ASN1_ADB *)(iptr))
-
-
-/* Macros for start and end of ASN1_ITEM definition */
-
-#define ASN1_ITEM_start(itname) \
-	OPENSSL_GLOBAL const ASN1_ITEM itname##_it = {
-
-#define ASN1_ITEM_end(itname) \
-		};
-
-#else
-
-/* Macro to obtain ASN1_ADB pointer from a type (only used internally) */
-#define ASN1_ADB_ptr(iptr) ((const ASN1_ADB *)(iptr()))
-
-
-/* Macros for start and end of ASN1_ITEM definition */
-
-#define ASN1_ITEM_start(itname) \
-	const ASN1_ITEM * itname##_it(void) \
-	{ \
-		static const ASN1_ITEM local_it = { 
-
-#define ASN1_ITEM_end(itname) \
-		}; \
-	return &local_it; \
-	}
-
-#endif
-
-
-/* Macros to aid ASN1 template writing */
-
-#define ASN1_ITEM_TEMPLATE(tname) \
-	static const ASN1_TEMPLATE tname##_item_tt 
-
-#define ASN1_ITEM_TEMPLATE_END(tname) \
-	;\
-	ASN1_ITEM_start(tname) \
-		ASN1_ITYPE_PRIMITIVE,\
-		-1,\
-		&tname##_item_tt,\
-		0,\
-		NULL,\
-		0,\
-		#tname \
-	ASN1_ITEM_end(tname)
-
-
-/* This is a ASN1 type which just embeds a template */
- 
-/* This pair helps declare a SEQUENCE. We can do:
- *
- * 	ASN1_SEQUENCE(stname) = {
- * 		... SEQUENCE components ...
- * 	} ASN1_SEQUENCE_END(stname)
- *
- * 	This will produce an ASN1_ITEM called stname_it
- *	for a structure called stname.
- *
- * 	If you want the same structure but a different
- *	name then use:
- *
- * 	ASN1_SEQUENCE(itname) = {
- * 		... SEQUENCE components ...
- * 	} ASN1_SEQUENCE_END_name(stname, itname)
- *
- *	This will create an item called itname_it using
- *	a structure called stname.
- */
-
-#define ASN1_SEQUENCE(tname) \
-	static const ASN1_TEMPLATE tname##_seq_tt[] 
-
-#define ASN1_SEQUENCE_END(stname) ASN1_SEQUENCE_END_name(stname, stname)
-
-#define ASN1_SEQUENCE_END_name(stname, tname) \
-	;\
-	ASN1_ITEM_start(tname) \
-		ASN1_ITYPE_SEQUENCE,\
-		V_ASN1_SEQUENCE,\
-		tname##_seq_tt,\
-		sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
-		NULL,\
-		sizeof(stname),\
-		#stname \
-	ASN1_ITEM_end(tname)
-
-#define ASN1_NDEF_SEQUENCE(tname) \
-	ASN1_SEQUENCE(tname)
-
-#define ASN1_NDEF_SEQUENCE_cb(tname, cb) \
-	ASN1_SEQUENCE_cb(tname, cb)
-
-#define ASN1_SEQUENCE_cb(tname, cb) \
-	static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
-	ASN1_SEQUENCE(tname)
-
-#define ASN1_BROKEN_SEQUENCE(tname) \
-	static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_BROKEN, 0, 0, 0, 0}; \
-	ASN1_SEQUENCE(tname)
-
-#define ASN1_SEQUENCE_ref(tname, cb, lck) \
-	static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), lck, cb, 0}; \
-	ASN1_SEQUENCE(tname)
-
-#define ASN1_SEQUENCE_enc(tname, enc, cb) \
-	static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_ENCODING, 0, 0, cb, offsetof(tname, enc)}; \
-	ASN1_SEQUENCE(tname)
-
-#define ASN1_NDEF_SEQUENCE_END(tname) \
-	;\
-	ASN1_ITEM_start(tname) \
-		ASN1_ITYPE_NDEF_SEQUENCE,\
-		V_ASN1_SEQUENCE,\
-		tname##_seq_tt,\
-		sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
-		NULL,\
-		sizeof(tname),\
-		#tname \
-	ASN1_ITEM_end(tname)
-
-#define ASN1_BROKEN_SEQUENCE_END(stname) ASN1_SEQUENCE_END_ref(stname, stname)
-
-#define ASN1_SEQUENCE_END_enc(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
-
-#define ASN1_SEQUENCE_END_cb(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
-
-#define ASN1_SEQUENCE_END_ref(stname, tname) \
-	;\
-	ASN1_ITEM_start(tname) \
-		ASN1_ITYPE_SEQUENCE,\
-		V_ASN1_SEQUENCE,\
-		tname##_seq_tt,\
-		sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
-		&tname##_aux,\
-		sizeof(stname),\
-		#stname \
-	ASN1_ITEM_end(tname)
-
-#define ASN1_NDEF_SEQUENCE_END_cb(stname, tname) \
-	;\
-	ASN1_ITEM_start(tname) \
-		ASN1_ITYPE_NDEF_SEQUENCE,\
-		V_ASN1_SEQUENCE,\
-		tname##_seq_tt,\
-		sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
-		&tname##_aux,\
-		sizeof(stname),\
-		#stname \
-	ASN1_ITEM_end(tname)
-
-
-/* This pair helps declare a CHOICE type. We can do:
- *
- * 	ASN1_CHOICE(chname) = {
- * 		... CHOICE options ...
- * 	ASN1_CHOICE_END(chname)
- *
- * 	This will produce an ASN1_ITEM called chname_it
- *	for a structure called chname. The structure
- *	definition must look like this:
- *	typedef struct {
- *		int type;
- *		union {
- *			ASN1_SOMETHING *opt1;
- *			ASN1_SOMEOTHER *opt2;
- *		} value;
- *	} chname;
- *	
- *	the name of the selector must be 'type'.
- * 	to use an alternative selector name use the
- *      ASN1_CHOICE_END_selector() version.
- */
-
-#define ASN1_CHOICE(tname) \
-	static const ASN1_TEMPLATE tname##_ch_tt[] 
-
-#define ASN1_CHOICE_cb(tname, cb) \
-	static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
-	ASN1_CHOICE(tname)
-
-#define ASN1_CHOICE_END(stname) ASN1_CHOICE_END_name(stname, stname)
-
-#define ASN1_CHOICE_END_name(stname, tname) ASN1_CHOICE_END_selector(stname, tname, type)
-
-#define ASN1_CHOICE_END_selector(stname, tname, selname) \
-	;\
-	ASN1_ITEM_start(tname) \
-		ASN1_ITYPE_CHOICE,\
-		offsetof(stname,selname) ,\
-		tname##_ch_tt,\
-		sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\
-		NULL,\
-		sizeof(stname),\
-		#stname \
-	ASN1_ITEM_end(tname)
-
-#define ASN1_CHOICE_END_cb(stname, tname, selname) \
-	;\
-	ASN1_ITEM_start(tname) \
-		ASN1_ITYPE_CHOICE,\
-		offsetof(stname,selname) ,\
-		tname##_ch_tt,\
-		sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\
-		&tname##_aux,\
-		sizeof(stname),\
-		#stname \
-	ASN1_ITEM_end(tname)
-
-/* This helps with the template wrapper form of ASN1_ITEM */
-
-#define ASN1_EX_TEMPLATE_TYPE(flags, tag, name, type) { \
-	(flags), (tag), 0,\
-	#name, ASN1_ITEM_ref(type) }
-
-/* These help with SEQUENCE or CHOICE components */
-
-/* used to declare other types */
-
-#define ASN1_EX_TYPE(flags, tag, stname, field, type) { \
-	(flags), (tag), offsetof(stname, field),\
-	#field, ASN1_ITEM_ref(type) }
-
-/* used when the structure is combined with the parent */
-
-#define ASN1_EX_COMBINE(flags, tag, type) { \
-	(flags)|ASN1_TFLG_COMBINE, (tag), 0, NULL, ASN1_ITEM_ref(type) }
-
-/* implicit and explicit helper macros */
-
-#define ASN1_IMP_EX(stname, field, type, tag, ex) \
-		ASN1_EX_TYPE(ASN1_TFLG_IMPLICIT | ex, tag, stname, field, type)
-
-#define ASN1_EXP_EX(stname, field, type, tag, ex) \
-		ASN1_EX_TYPE(ASN1_TFLG_EXPLICIT | ex, tag, stname, field, type)
-
-/* Any defined by macros: the field used is in the table itself */
-
-#ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
-#define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, (const ASN1_ITEM *)&(tblname##_adb) }
-#define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, (const ASN1_ITEM *)&(tblname##_adb) }
-#else
-#define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, tblname##_adb }
-#define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, tblname##_adb }
-#endif
-/* Plain simple type */
-#define ASN1_SIMPLE(stname, field, type) ASN1_EX_TYPE(0,0, stname, field, type)
-
-/* OPTIONAL simple type */
-#define ASN1_OPT(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_OPTIONAL, 0, stname, field, type)
-
-/* IMPLICIT tagged simple type */
-#define ASN1_IMP(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, 0)
-
-/* IMPLICIT tagged OPTIONAL simple type */
-#define ASN1_IMP_OPT(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
-
-/* Same as above but EXPLICIT */
-
-#define ASN1_EXP(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, 0)
-#define ASN1_EXP_OPT(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
-
-/* SEQUENCE OF type */
-#define ASN1_SEQUENCE_OF(stname, field, type) \
-		ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, stname, field, type)
-
-/* OPTIONAL SEQUENCE OF */
-#define ASN1_SEQUENCE_OF_OPT(stname, field, type) \
-		ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
-
-/* Same as above but for SET OF */
-
-#define ASN1_SET_OF(stname, field, type) \
-		ASN1_EX_TYPE(ASN1_TFLG_SET_OF, 0, stname, field, type)
-
-#define ASN1_SET_OF_OPT(stname, field, type) \
-		ASN1_EX_TYPE(ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
-
-/* Finally compound types of SEQUENCE, SET, IMPLICIT, EXPLICIT and OPTIONAL */
-
-#define ASN1_IMP_SET_OF(stname, field, type, tag) \
-			ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
-
-#define ASN1_EXP_SET_OF(stname, field, type, tag) \
-			ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
-
-#define ASN1_IMP_SET_OF_OPT(stname, field, type, tag) \
-			ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
-
-#define ASN1_EXP_SET_OF_OPT(stname, field, type, tag) \
-			ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
-
-#define ASN1_IMP_SEQUENCE_OF(stname, field, type, tag) \
-			ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
-
-#define ASN1_IMP_SEQUENCE_OF_OPT(stname, field, type, tag) \
-			ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
-
-#define ASN1_EXP_SEQUENCE_OF(stname, field, type, tag) \
-			ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
-
-#define ASN1_EXP_SEQUENCE_OF_OPT(stname, field, type, tag) \
-			ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
-
-/* EXPLICIT using indefinite length constructed form */
-#define ASN1_NDEF_EXP(stname, field, type, tag) \
-			ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_NDEF)
-
-/* EXPLICIT OPTIONAL using indefinite length constructed form */
-#define ASN1_NDEF_EXP_OPT(stname, field, type, tag) \
-			ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_NDEF)
-
-/* Macros for the ASN1_ADB structure */
-
-#define ASN1_ADB(name) \
-	static const ASN1_ADB_TABLE name##_adbtbl[] 
-
-#ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
-
-#define ASN1_ADB_END(name, flags, field, app_table, def, none) \
-	;\
-	static const ASN1_ADB name##_adb = {\
-		flags,\
-		offsetof(name, field),\
-		app_table,\
-		name##_adbtbl,\
-		sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\
-		def,\
-		none\
-	}
-
-#else
-
-#define ASN1_ADB_END(name, flags, field, app_table, def, none) \
-	;\
-	static const ASN1_ITEM *name##_adb(void) \
-	{ \
-	static const ASN1_ADB internal_adb = \
-		{\
-		flags,\
-		offsetof(name, field),\
-		app_table,\
-		name##_adbtbl,\
-		sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\
-		def,\
-		none\
-		}; \
-		return (const ASN1_ITEM *) &internal_adb; \
-	} \
-	void dummy_function(void)
-
-#endif
-
-#define ADB_ENTRY(val, template) {val, template}
-
-#define ASN1_ADB_TEMPLATE(name) \
-	static const ASN1_TEMPLATE name##_tt 
-
-/* This is the ASN1 template structure that defines
- * a wrapper round the actual type. It determines the
- * actual position of the field in the value structure,
- * various flags such as OPTIONAL and the field name.
- */
-
-struct ASN1_TEMPLATE_st {
-unsigned long flags;		/* Various flags */
-long tag;			/* tag, not used if no tagging */
-unsigned long offset;		/* Offset of this field in structure */
-#ifndef NO_ASN1_FIELD_NAMES
-const char *field_name;		/* Field name */
-#endif
-ASN1_ITEM_EXP *item;		/* Relevant ASN1_ITEM or ASN1_ADB */
-};
-
-/* Macro to extract ASN1_ITEM and ASN1_ADB pointer from ASN1_TEMPLATE */
-
-#define ASN1_TEMPLATE_item(t) (t->item_ptr)
-#define ASN1_TEMPLATE_adb(t) (t->item_ptr)
-
-typedef struct ASN1_ADB_TABLE_st ASN1_ADB_TABLE;
-typedef struct ASN1_ADB_st ASN1_ADB;
-
-struct ASN1_ADB_st {
-	unsigned long flags;	/* Various flags */
-	unsigned long offset;	/* Offset of selector field */
-	STACK_OF(ASN1_ADB_TABLE) **app_items; /* Application defined items */
-	const ASN1_ADB_TABLE *tbl;	/* Table of possible types */
-	long tblcount;		/* Number of entries in tbl */
-	const ASN1_TEMPLATE *default_tt;  /* Type to use if no match */
-	const ASN1_TEMPLATE *null_tt;  /* Type to use if selector is NULL */
-};
-
-struct ASN1_ADB_TABLE_st {
-	long value;		/* NID for an object or value for an int */
-	const ASN1_TEMPLATE tt;		/* item for this value */
-};
-
-/* template flags */
-
-/* Field is optional */
-#define ASN1_TFLG_OPTIONAL	(0x1)
-
-/* Field is a SET OF */
-#define ASN1_TFLG_SET_OF	(0x1 << 1)
-
-/* Field is a SEQUENCE OF */
-#define ASN1_TFLG_SEQUENCE_OF	(0x2 << 1)
-
-/* Special case: this refers to a SET OF that
- * will be sorted into DER order when encoded *and*
- * the corresponding STACK will be modified to match
- * the new order.
- */
-#define ASN1_TFLG_SET_ORDER	(0x3 << 1)
-
-/* Mask for SET OF or SEQUENCE OF */
-#define ASN1_TFLG_SK_MASK	(0x3 << 1)
-
-/* These flags mean the tag should be taken from the
- * tag field. If EXPLICIT then the underlying type
- * is used for the inner tag.
- */
-
-/* IMPLICIT tagging */
-#define ASN1_TFLG_IMPTAG	(0x1 << 3)
-
-
-/* EXPLICIT tagging, inner tag from underlying type */
-#define ASN1_TFLG_EXPTAG	(0x2 << 3)
-
-#define ASN1_TFLG_TAG_MASK	(0x3 << 3)
-
-/* context specific IMPLICIT */
-#define ASN1_TFLG_IMPLICIT	ASN1_TFLG_IMPTAG|ASN1_TFLG_CONTEXT
-
-/* context specific EXPLICIT */
-#define ASN1_TFLG_EXPLICIT	ASN1_TFLG_EXPTAG|ASN1_TFLG_CONTEXT
-
-/* If tagging is in force these determine the
- * type of tag to use. Otherwise the tag is
- * determined by the underlying type. These 
- * values reflect the actual octet format.
- */
-
-/* Universal tag */ 
-#define ASN1_TFLG_UNIVERSAL	(0x0<<6)
-/* Application tag */ 
-#define ASN1_TFLG_APPLICATION	(0x1<<6)
-/* Context specific tag */ 
-#define ASN1_TFLG_CONTEXT	(0x2<<6)
-/* Private tag */ 
-#define ASN1_TFLG_PRIVATE	(0x3<<6)
-
-#define ASN1_TFLG_TAG_CLASS	(0x3<<6)
-
-/* These are for ANY DEFINED BY type. In this case
- * the 'item' field points to an ASN1_ADB structure
- * which contains a table of values to decode the
- * relevant type
- */
-
-#define ASN1_TFLG_ADB_MASK	(0x3<<8)
-
-#define ASN1_TFLG_ADB_OID	(0x1<<8)
-
-#define ASN1_TFLG_ADB_INT	(0x1<<9)
-
-/* This flag means a parent structure is passed
- * instead of the field: this is useful is a
- * SEQUENCE is being combined with a CHOICE for
- * example. Since this means the structure and
- * item name will differ we need to use the
- * ASN1_CHOICE_END_name() macro for example.
- */
-
-#define ASN1_TFLG_COMBINE	(0x1<<10)
-
-/* This flag when present in a SEQUENCE OF, SET OF
- * or EXPLICIT causes indefinite length constructed
- * encoding to be used if required.
- */
-
-#define ASN1_TFLG_NDEF		(0x1<<11)
-
-/* This is the actual ASN1 item itself */
-
-struct ASN1_ITEM_st {
-char itype;			/* The item type, primitive, SEQUENCE, CHOICE or extern */
-long utype;			/* underlying type */
-const ASN1_TEMPLATE *templates;	/* If SEQUENCE or CHOICE this contains the contents */
-long tcount;			/* Number of templates if SEQUENCE or CHOICE */
-const void *funcs;		/* functions that handle this type */
-long size;			/* Structure size (usually)*/
-#ifndef NO_ASN1_FIELD_NAMES
-const char *sname;		/* Structure name */
-#endif
-};
-
-/* These are values for the itype field and
- * determine how the type is interpreted.
- *
- * For PRIMITIVE types the underlying type
- * determines the behaviour if items is NULL.
- *
- * Otherwise templates must contain a single 
- * template and the type is treated in the
- * same way as the type specified in the template.
- *
- * For SEQUENCE types the templates field points
- * to the members, the size field is the
- * structure size.
- *
- * For CHOICE types the templates field points
- * to each possible member (typically a union)
- * and the 'size' field is the offset of the
- * selector.
- *
- * The 'funcs' field is used for application
- * specific functions. 
- *
- * For COMPAT types the funcs field gives a
- * set of functions that handle this type, this
- * supports the old d2i, i2d convention.
- *
- * The EXTERN type uses a new style d2i/i2d.
- * The new style should be used where possible
- * because it avoids things like the d2i IMPLICIT
- * hack.
- *
- * MSTRING is a multiple string type, it is used
- * for a CHOICE of character strings where the
- * actual strings all occupy an ASN1_STRING
- * structure. In this case the 'utype' field
- * has a special meaning, it is used as a mask
- * of acceptable types using the B_ASN1 constants.
- *
- * NDEF_SEQUENCE is the same as SEQUENCE except
- * that it will use indefinite length constructed
- * encoding if requested.
- *
- */
-
-#define ASN1_ITYPE_PRIMITIVE		0x0
-
-#define ASN1_ITYPE_SEQUENCE		0x1
-
-#define ASN1_ITYPE_CHOICE		0x2
-
-#define ASN1_ITYPE_COMPAT		0x3
-
-#define ASN1_ITYPE_EXTERN		0x4
-
-#define ASN1_ITYPE_MSTRING		0x5
-
-#define ASN1_ITYPE_NDEF_SEQUENCE	0x6
-
-/* Cache for ASN1 tag and length, so we
- * don't keep re-reading it for things
- * like CHOICE
- */
-
-struct ASN1_TLC_st{
-	char valid;	/* Values below are valid */
-	int ret;	/* return value */
-	long plen;	/* length */
-	int ptag;	/* class value */
-	int pclass;	/* class value */
-	int hdrlen;	/* header length */
-};
-
-/* Typedefs for ASN1 function pointers */
-
-typedef ASN1_VALUE * ASN1_new_func(void);
-typedef void ASN1_free_func(ASN1_VALUE *a);
-typedef ASN1_VALUE * ASN1_d2i_func(ASN1_VALUE **a, const unsigned char ** in, long length);
-typedef int ASN1_i2d_func(ASN1_VALUE * a, unsigned char **in);
-
-typedef int ASN1_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it,
-					int tag, int aclass, char opt, ASN1_TLC *ctx);
-
-typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass);
-typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
-typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
-
-typedef int ASN1_ex_print_func(BIO *out, ASN1_VALUE **pval, 
-						int indent, const char *fname, 
-						const ASN1_PCTX *pctx);
-
-typedef int ASN1_primitive_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it);
-typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
-typedef int ASN1_primitive_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it, int indent, const ASN1_PCTX *pctx);
-
-typedef struct ASN1_COMPAT_FUNCS_st {
-	ASN1_new_func *asn1_new;
-	ASN1_free_func *asn1_free;
-	ASN1_d2i_func *asn1_d2i;
-	ASN1_i2d_func *asn1_i2d;
-} ASN1_COMPAT_FUNCS;
-
-typedef struct ASN1_EXTERN_FUNCS_st {
-	void *app_data;
-	ASN1_ex_new_func *asn1_ex_new;
-	ASN1_ex_free_func *asn1_ex_free;
-	ASN1_ex_free_func *asn1_ex_clear;
-	ASN1_ex_d2i *asn1_ex_d2i;
-	ASN1_ex_i2d *asn1_ex_i2d;
-	ASN1_ex_print_func *asn1_ex_print;
-} ASN1_EXTERN_FUNCS;
-
-typedef struct ASN1_PRIMITIVE_FUNCS_st {
-	void *app_data;
-	unsigned long flags;
-	ASN1_ex_new_func *prim_new;
-	ASN1_ex_free_func *prim_free;
-	ASN1_ex_free_func *prim_clear;
-	ASN1_primitive_c2i *prim_c2i;
-	ASN1_primitive_i2c *prim_i2c;
-	ASN1_primitive_print *prim_print;
-} ASN1_PRIMITIVE_FUNCS;
-
-/* This is the ASN1_AUX structure: it handles various
- * miscellaneous requirements. For example the use of
- * reference counts and an informational callback.
- *
- * The "informational callback" is called at various
- * points during the ASN1 encoding and decoding. It can
- * be used to provide minor customisation of the structures
- * used. This is most useful where the supplied routines
- * *almost* do the right thing but need some extra help
- * at a few points. If the callback returns zero then
- * it is assumed a fatal error has occurred and the 
- * main operation should be abandoned.
- *
- * If major changes in the default behaviour are required
- * then an external type is more appropriate.
- */
-
-typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it,
-				void *exarg);
-
-typedef struct ASN1_AUX_st {
-	void *app_data;
-	int flags;
-	int ref_offset;		/* Offset of reference value */
-	int ref_lock;		/* Lock type to use */
-	ASN1_aux_cb *asn1_cb;
-	int enc_offset;		/* Offset of ASN1_ENCODING structure */
-} ASN1_AUX;
-
-/* For print related callbacks exarg points to this structure */
-typedef struct ASN1_PRINT_ARG_st {
-	BIO *out;
-	int indent;
-	const ASN1_PCTX *pctx;
-} ASN1_PRINT_ARG;
-
-/* For streaming related callbacks exarg points to this structure */
-typedef struct ASN1_STREAM_ARG_st {
-	/* BIO to stream through */
-	BIO *out;
-	/* BIO with filters appended */
-	BIO *ndef_bio;
-	/* Streaming I/O boundary */
-	unsigned char **boundary;
-} ASN1_STREAM_ARG;
-
-/* Flags in ASN1_AUX */
-
-/* Use a reference count */
-#define ASN1_AFLG_REFCOUNT	1
-/* Save the encoding of structure (useful for signatures) */
-#define ASN1_AFLG_ENCODING	2
-/* The Sequence length is invalid */
-#define ASN1_AFLG_BROKEN	4
-
-/* operation values for asn1_cb */
-
-#define ASN1_OP_NEW_PRE		0
-#define ASN1_OP_NEW_POST	1
-#define ASN1_OP_FREE_PRE	2
-#define ASN1_OP_FREE_POST	3
-#define ASN1_OP_D2I_PRE		4
-#define ASN1_OP_D2I_POST	5
-#define ASN1_OP_I2D_PRE		6
-#define ASN1_OP_I2D_POST	7
-#define ASN1_OP_PRINT_PRE	8
-#define ASN1_OP_PRINT_POST	9
-#define ASN1_OP_STREAM_PRE	10
-#define ASN1_OP_STREAM_POST	11
-#define ASN1_OP_DETACHED_PRE	12
-#define ASN1_OP_DETACHED_POST	13
-
-/* Macro to implement a primitive type */
-#define IMPLEMENT_ASN1_TYPE(stname) IMPLEMENT_ASN1_TYPE_ex(stname, stname, 0)
-#define IMPLEMENT_ASN1_TYPE_ex(itname, vname, ex) \
-				ASN1_ITEM_start(itname) \
-					ASN1_ITYPE_PRIMITIVE, V_##vname, NULL, 0, NULL, ex, #itname \
-				ASN1_ITEM_end(itname)
-
-/* Macro to implement a multi string type */
-#define IMPLEMENT_ASN1_MSTRING(itname, mask) \
-				ASN1_ITEM_start(itname) \
-					ASN1_ITYPE_MSTRING, mask, NULL, 0, NULL, sizeof(ASN1_STRING), #itname \
-				ASN1_ITEM_end(itname)
-
-/* Macro to implement an ASN1_ITEM in terms of old style funcs */
-
-#define IMPLEMENT_COMPAT_ASN1(sname) IMPLEMENT_COMPAT_ASN1_type(sname, V_ASN1_SEQUENCE)
-
-#define IMPLEMENT_COMPAT_ASN1_type(sname, tag) \
-	static const ASN1_COMPAT_FUNCS sname##_ff = { \
-		(ASN1_new_func *)sname##_new, \
-		(ASN1_free_func *)sname##_free, \
-		(ASN1_d2i_func *)d2i_##sname, \
-		(ASN1_i2d_func *)i2d_##sname, \
-	}; \
-	ASN1_ITEM_start(sname) \
-		ASN1_ITYPE_COMPAT, \
-		tag, \
-		NULL, \
-		0, \
-		&sname##_ff, \
-		0, \
-		#sname \
-	ASN1_ITEM_end(sname)
-
-#define IMPLEMENT_EXTERN_ASN1(sname, tag, fptrs) \
-	ASN1_ITEM_start(sname) \
-		ASN1_ITYPE_EXTERN, \
-		tag, \
-		NULL, \
-		0, \
-		&fptrs, \
-		0, \
-		#sname \
-	ASN1_ITEM_end(sname)
-
-/* Macro to implement standard functions in terms of ASN1_ITEM structures */
-
-#define IMPLEMENT_ASN1_FUNCTIONS(stname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, stname, stname)
-
-#define IMPLEMENT_ASN1_FUNCTIONS_name(stname, itname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, itname)
-
-#define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \
-			IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname)
-
-#define IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(stname) \
-		IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(static, stname, stname, stname)
-
-#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS(stname) \
-		IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, stname, stname)
-
-#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(pre, stname, itname, fname) \
-	pre stname *fname##_new(void) \
-	{ \
-		return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
-	} \
-	pre void fname##_free(stname *a) \
-	{ \
-		ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
-	}
-
-#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \
-	stname *fname##_new(void) \
-	{ \
-		return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
-	} \
-	void fname##_free(stname *a) \
-	{ \
-		ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
-	}
-
-#define IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, fname) \
-	IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
-	IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
-
-#define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
-	stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
-	{ \
-		return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\
-	} \
-	int i2d_##fname(stname *a, unsigned char **out) \
-	{ \
-		return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
-	} 
-
-#define IMPLEMENT_ASN1_NDEF_FUNCTION(stname) \
-	int i2d_##stname##_NDEF(stname *a, unsigned char **out) \
-	{ \
-		return ASN1_item_ndef_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(stname));\
-	} 
-
-/* This includes evil casts to remove const: they will go away when full
- * ASN1 constification is done.
- */
-#define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
-	stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
-	{ \
-		return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\
-	} \
-	int i2d_##fname(const stname *a, unsigned char **out) \
-	{ \
-		return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
-	} 
-
-#define IMPLEMENT_ASN1_DUP_FUNCTION(stname) \
-	stname * stname##_dup(stname *x) \
-        { \
-        return ASN1_item_dup(ASN1_ITEM_rptr(stname), x); \
-        }
-
-#define IMPLEMENT_ASN1_PRINT_FUNCTION(stname) \
-	IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, stname, stname)
-
-#define IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, itname, fname) \
-	int fname##_print_ctx(BIO *out, stname *x, int indent, \
-						const ASN1_PCTX *pctx) \
-	{ \
-		return ASN1_item_print(out, (ASN1_VALUE *)x, indent, \
-			ASN1_ITEM_rptr(itname), pctx); \
-	} 
-
-#define IMPLEMENT_ASN1_FUNCTIONS_const(name) \
-		IMPLEMENT_ASN1_FUNCTIONS_const_fname(name, name, name)
-
-#define IMPLEMENT_ASN1_FUNCTIONS_const_fname(stname, itname, fname) \
-	IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
-	IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
-
-/* external definitions for primitive types */
-
-DECLARE_ASN1_ITEM(ASN1_BOOLEAN)
-DECLARE_ASN1_ITEM(ASN1_TBOOLEAN)
-DECLARE_ASN1_ITEM(ASN1_FBOOLEAN)
-DECLARE_ASN1_ITEM(ASN1_SEQUENCE)
-DECLARE_ASN1_ITEM(CBIGNUM)
-DECLARE_ASN1_ITEM(BIGNUM)
-DECLARE_ASN1_ITEM(LONG)
-DECLARE_ASN1_ITEM(ZLONG)
-
-DECLARE_STACK_OF(ASN1_VALUE)
-
-/* Functions used internally by the ASN1 code */
-
-int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
-void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
-int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
-int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
-
-void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
-int ASN1_template_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_TEMPLATE *tt);
-int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it,
-				int tag, int aclass, char opt, ASN1_TLC *ctx);
-
-int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass);
-int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_TEMPLATE *tt);
-void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
-
-int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it);
-int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
-
-int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it);
-int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it);
-
-ASN1_VALUE ** asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
-
-const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, int nullerr);
-
-int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it);
-
-void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it);
-void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
-int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, const ASN1_ITEM *it);
-int asn1_enc_save(ASN1_VALUE **pval, const unsigned char *in, int inlen, const ASN1_ITEM *it);
-
-#ifdef  __cplusplus
-}
-#endif
-#endif

ext/bin/libcrypto/include/openssl/bio.h

@@ -1,847 +0,0 @@
-/* crypto/bio/bio.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_BIO_H
-#define HEADER_BIO_H
-
-#include <openssl/e_os2.h>
-
-#ifndef OPENSSL_NO_FP_API
-# include <stdio.h>
-#endif
-#include <stdarg.h>
-
-#include <openssl/crypto.h>
-
-#ifndef OPENSSL_NO_SCTP
-# ifndef OPENSSL_SYS_VMS
-# include <stdint.h>
-# else
-# include <inttypes.h>
-# endif
-#endif
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* These are the 'types' of BIOs */
-#define BIO_TYPE_NONE		0
-#define BIO_TYPE_MEM		(1|0x0400)
-#define BIO_TYPE_FILE		(2|0x0400)
-
-#define BIO_TYPE_FD		(4|0x0400|0x0100)
-#define BIO_TYPE_SOCKET		(5|0x0400|0x0100)
-#define BIO_TYPE_NULL		(6|0x0400)
-#define BIO_TYPE_SSL		(7|0x0200)
-#define BIO_TYPE_MD		(8|0x0200)		/* passive filter */
-#define BIO_TYPE_BUFFER		(9|0x0200)		/* filter */
-#define BIO_TYPE_CIPHER		(10|0x0200)		/* filter */
-#define BIO_TYPE_BASE64		(11|0x0200)		/* filter */
-#define BIO_TYPE_CONNECT	(12|0x0400|0x0100)	/* socket - connect */
-#define BIO_TYPE_ACCEPT		(13|0x0400|0x0100)	/* socket for accept */
-#define BIO_TYPE_PROXY_CLIENT	(14|0x0200)		/* client proxy BIO */
-#define BIO_TYPE_PROXY_SERVER	(15|0x0200)		/* server proxy BIO */
-#define BIO_TYPE_NBIO_TEST	(16|0x0200)		/* server proxy BIO */
-#define BIO_TYPE_NULL_FILTER	(17|0x0200)
-#define BIO_TYPE_BER		(18|0x0200)		/* BER -> bin filter */
-#define BIO_TYPE_BIO		(19|0x0400)		/* (half a) BIO pair */
-#define BIO_TYPE_LINEBUFFER	(20|0x0200)		/* filter */
-#define BIO_TYPE_DGRAM		(21|0x0400|0x0100)
-#ifndef OPENSSL_NO_SCTP
-#define BIO_TYPE_DGRAM_SCTP	(24|0x0400|0x0100)
-#endif
-#define BIO_TYPE_ASN1 		(22|0x0200)		/* filter */
-#define BIO_TYPE_COMP 		(23|0x0200)		/* filter */
-
-#define BIO_TYPE_DESCRIPTOR	0x0100	/* socket, fd, connect or accept */
-#define BIO_TYPE_FILTER		0x0200
-#define BIO_TYPE_SOURCE_SINK	0x0400
-
-/* BIO_FILENAME_READ|BIO_CLOSE to open or close on free.
- * BIO_set_fp(in,stdin,BIO_NOCLOSE); */
-#define BIO_NOCLOSE		0x00
-#define BIO_CLOSE		0x01
-
-/* These are used in the following macros and are passed to
- * BIO_ctrl() */
-#define BIO_CTRL_RESET		1  /* opt - rewind/zero etc */
-#define BIO_CTRL_EOF		2  /* opt - are we at the eof */
-#define BIO_CTRL_INFO		3  /* opt - extra tit-bits */
-#define BIO_CTRL_SET		4  /* man - set the 'IO' type */
-#define BIO_CTRL_GET		5  /* man - get the 'IO' type */
-#define BIO_CTRL_PUSH		6  /* opt - internal, used to signify change */
-#define BIO_CTRL_POP		7  /* opt - internal, used to signify change */
-#define BIO_CTRL_GET_CLOSE	8  /* man - set the 'close' on free */
-#define BIO_CTRL_SET_CLOSE	9  /* man - set the 'close' on free */
-#define BIO_CTRL_PENDING	10  /* opt - is their more data buffered */
-#define BIO_CTRL_FLUSH		11  /* opt - 'flush' buffered output */
-#define BIO_CTRL_DUP		12  /* man - extra stuff for 'duped' BIO */
-#define BIO_CTRL_WPENDING	13  /* opt - number of bytes still to write */
-/* callback is int cb(BIO *bio,state,ret); */
-#define BIO_CTRL_SET_CALLBACK	14  /* opt - set callback function */
-#define BIO_CTRL_GET_CALLBACK	15  /* opt - set callback function */
-
-#define BIO_CTRL_SET_FILENAME	30	/* BIO_s_file special */
-
-/* dgram BIO stuff */
-#define BIO_CTRL_DGRAM_CONNECT       31  /* BIO dgram special */
-#define BIO_CTRL_DGRAM_SET_CONNECTED 32  /* allow for an externally
-					  * connected socket to be
-					  * passed in */ 
-#define BIO_CTRL_DGRAM_SET_RECV_TIMEOUT 33 /* setsockopt, essentially */
-#define BIO_CTRL_DGRAM_GET_RECV_TIMEOUT 34 /* getsockopt, essentially */
-#define BIO_CTRL_DGRAM_SET_SEND_TIMEOUT 35 /* setsockopt, essentially */
-#define BIO_CTRL_DGRAM_GET_SEND_TIMEOUT 36 /* getsockopt, essentially */
-
-#define BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP 37 /* flag whether the last */
-#define BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP 38 /* I/O operation tiemd out */
-					
-/* #ifdef IP_MTU_DISCOVER */
-#define BIO_CTRL_DGRAM_MTU_DISCOVER       39 /* set DF bit on egress packets */
-/* #endif */
-
-#define BIO_CTRL_DGRAM_QUERY_MTU          40 /* as kernel for current MTU */
-#define BIO_CTRL_DGRAM_GET_FALLBACK_MTU   47
-#define BIO_CTRL_DGRAM_GET_MTU            41 /* get cached value for MTU */
-#define BIO_CTRL_DGRAM_SET_MTU            42 /* set cached value for
-					      * MTU. want to use this
-					      * if asking the kernel
-					      * fails */
-
-#define BIO_CTRL_DGRAM_MTU_EXCEEDED       43 /* check whether the MTU
-					      * was exceed in the
-					      * previous write
-					      * operation */
-
-#define BIO_CTRL_DGRAM_GET_PEER           46
-#define BIO_CTRL_DGRAM_SET_PEER           44 /* Destination for the data */
-
-#define BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT   45 /* Next DTLS handshake timeout to
-                                              * adjust socket timeouts */
-
-#ifndef OPENSSL_NO_SCTP
-/* SCTP stuff */
-#define BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE	50
-#define BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY		51
-#define BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY		52
-#define BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD		53
-#define BIO_CTRL_DGRAM_SCTP_GET_SNDINFO		60
-#define BIO_CTRL_DGRAM_SCTP_SET_SNDINFO		61
-#define BIO_CTRL_DGRAM_SCTP_GET_RCVINFO		62
-#define BIO_CTRL_DGRAM_SCTP_SET_RCVINFO		63
-#define BIO_CTRL_DGRAM_SCTP_GET_PRINFO			64
-#define BIO_CTRL_DGRAM_SCTP_SET_PRINFO			65
-#define BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN		70
-#endif
-
-/* modifiers */
-#define BIO_FP_READ		0x02
-#define BIO_FP_WRITE		0x04
-#define BIO_FP_APPEND		0x08
-#define BIO_FP_TEXT		0x10
-
-#define BIO_FLAGS_READ		0x01
-#define BIO_FLAGS_WRITE		0x02
-#define BIO_FLAGS_IO_SPECIAL	0x04
-#define BIO_FLAGS_RWS (BIO_FLAGS_READ|BIO_FLAGS_WRITE|BIO_FLAGS_IO_SPECIAL)
-#define BIO_FLAGS_SHOULD_RETRY	0x08
-#ifndef	BIO_FLAGS_UPLINK
-/* "UPLINK" flag denotes file descriptors provided by application.
-   It defaults to 0, as most platforms don't require UPLINK interface. */
-#define	BIO_FLAGS_UPLINK	0
-#endif
-
-/* Used in BIO_gethostbyname() */
-#define BIO_GHBN_CTRL_HITS		1
-#define BIO_GHBN_CTRL_MISSES		2
-#define BIO_GHBN_CTRL_CACHE_SIZE	3
-#define BIO_GHBN_CTRL_GET_ENTRY		4
-#define BIO_GHBN_CTRL_FLUSH		5
-
-/* Mostly used in the SSL BIO */
-/* Not used anymore
- * #define BIO_FLAGS_PROTOCOL_DELAYED_READ 0x10
- * #define BIO_FLAGS_PROTOCOL_DELAYED_WRITE 0x20
- * #define BIO_FLAGS_PROTOCOL_STARTUP	0x40
- */
-
-#define BIO_FLAGS_BASE64_NO_NL	0x100
-
-/* This is used with memory BIOs: it means we shouldn't free up or change the
- * data in any way.
- */
-#define BIO_FLAGS_MEM_RDONLY	0x200
-
-typedef struct bio_st BIO;
-
-void BIO_set_flags(BIO *b, int flags);
-int  BIO_test_flags(const BIO *b, int flags);
-void BIO_clear_flags(BIO *b, int flags);
-
-#define BIO_get_flags(b) BIO_test_flags(b, ~(0x0))
-#define BIO_set_retry_special(b) \
-		BIO_set_flags(b, (BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY))
-#define BIO_set_retry_read(b) \
-		BIO_set_flags(b, (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY))
-#define BIO_set_retry_write(b) \
-		BIO_set_flags(b, (BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY))
-
-/* These are normally used internally in BIOs */
-#define BIO_clear_retry_flags(b) \
-		BIO_clear_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
-#define BIO_get_retry_flags(b) \
-		BIO_test_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
-
-/* These should be used by the application to tell why we should retry */
-#define BIO_should_read(a)		BIO_test_flags(a, BIO_FLAGS_READ)
-#define BIO_should_write(a)		BIO_test_flags(a, BIO_FLAGS_WRITE)
-#define BIO_should_io_special(a)	BIO_test_flags(a, BIO_FLAGS_IO_SPECIAL)
-#define BIO_retry_type(a)		BIO_test_flags(a, BIO_FLAGS_RWS)
-#define BIO_should_retry(a)		BIO_test_flags(a, BIO_FLAGS_SHOULD_RETRY)
-
-/* The next three are used in conjunction with the
- * BIO_should_io_special() condition.  After this returns true,
- * BIO *BIO_get_retry_BIO(BIO *bio, int *reason); will walk the BIO 
- * stack and return the 'reason' for the special and the offending BIO.
- * Given a BIO, BIO_get_retry_reason(bio) will return the code. */
-/* Returned from the SSL bio when the certificate retrieval code had an error */
-#define BIO_RR_SSL_X509_LOOKUP		0x01
-/* Returned from the connect BIO when a connect would have blocked */
-#define BIO_RR_CONNECT			0x02
-/* Returned from the accept BIO when an accept would have blocked */
-#define BIO_RR_ACCEPT			0x03
-
-/* These are passed by the BIO callback */
-#define BIO_CB_FREE	0x01
-#define BIO_CB_READ	0x02
-#define BIO_CB_WRITE	0x03
-#define BIO_CB_PUTS	0x04
-#define BIO_CB_GETS	0x05
-#define BIO_CB_CTRL	0x06
-
-/* The callback is called before and after the underling operation,
- * The BIO_CB_RETURN flag indicates if it is after the call */
-#define BIO_CB_RETURN	0x80
-#define BIO_CB_return(a) ((a)|BIO_CB_RETURN))
-#define BIO_cb_pre(a)	(!((a)&BIO_CB_RETURN))
-#define BIO_cb_post(a)	((a)&BIO_CB_RETURN)
-
-long (*BIO_get_callback(const BIO *b)) (struct bio_st *,int,const char *,int, long,long);
-void BIO_set_callback(BIO *b, 
-	long (*callback)(struct bio_st *,int,const char *,int, long,long));
-char *BIO_get_callback_arg(const BIO *b);
-void BIO_set_callback_arg(BIO *b, char *arg);
-
-const char * BIO_method_name(const BIO *b);
-int BIO_method_type(const BIO *b);
-
-typedef void bio_info_cb(struct bio_st *, int, const char *, int, long, long);
-
-typedef struct bio_method_st
-	{
-	int type;
-	const char *name;
-	int (*bwrite)(BIO *, const char *, int);
-	int (*bread)(BIO *, char *, int);
-	int (*bputs)(BIO *, const char *);
-	int (*bgets)(BIO *, char *, int);
-	long (*ctrl)(BIO *, int, long, void *);
-	int (*create)(BIO *);
-	int (*destroy)(BIO *);
-        long (*callback_ctrl)(BIO *, int, bio_info_cb *);
-	} BIO_METHOD;
-
-struct bio_st
-	{
-	BIO_METHOD *method;
-	/* bio, mode, argp, argi, argl, ret */
-	long (*callback)(struct bio_st *,int,const char *,int, long,long);
-	char *cb_arg; /* first argument for the callback */
-
-	int init;
-	int shutdown;
-	int flags;	/* extra storage */
-	int retry_reason;
-	int num;
-	void *ptr;
-	struct bio_st *next_bio;	/* used by filter BIOs */
-	struct bio_st *prev_bio;	/* used by filter BIOs */
-	int references;
-	unsigned long num_read;
-	unsigned long num_write;
-
-	CRYPTO_EX_DATA ex_data;
-	};
-
-DECLARE_STACK_OF(BIO)
-
-typedef struct bio_f_buffer_ctx_struct
-	{
-	/* Buffers are setup like this:
-	 *
-	 * <---------------------- size ----------------------->
-	 * +---------------------------------------------------+
-	 * | consumed | remaining          | free space        |
-	 * +---------------------------------------------------+
-	 * <-- off --><------- len ------->
-	 */
-
-	/* BIO *bio; */ /* this is now in the BIO struct */
-	int ibuf_size;	/* how big is the input buffer */
-	int obuf_size;	/* how big is the output buffer */
-
-	char *ibuf;		/* the char array */
-	int ibuf_len;		/* how many bytes are in it */
-	int ibuf_off;		/* write/read offset */
-
-	char *obuf;		/* the char array */
-	int obuf_len;		/* how many bytes are in it */
-	int obuf_off;		/* write/read offset */
-	} BIO_F_BUFFER_CTX;
-
-/* Prefix and suffix callback in ASN1 BIO */
-typedef int asn1_ps_func(BIO *b, unsigned char **pbuf, int *plen, void *parg);
-
-#ifndef OPENSSL_NO_SCTP
-/* SCTP parameter structs */
-struct bio_dgram_sctp_sndinfo
-	{
-	uint16_t snd_sid;
-	uint16_t snd_flags;
-	uint32_t snd_ppid;
-	uint32_t snd_context;
-	};
-
-struct bio_dgram_sctp_rcvinfo
-	{
-	uint16_t rcv_sid;
-	uint16_t rcv_ssn;
-	uint16_t rcv_flags;
-	uint32_t rcv_ppid;
-	uint32_t rcv_tsn;
-	uint32_t rcv_cumtsn;
-	uint32_t rcv_context;
-	};
-
-struct bio_dgram_sctp_prinfo
-	{
-	uint16_t pr_policy;
-	uint32_t pr_value;
-	};
-#endif
-
-/* connect BIO stuff */
-#define BIO_CONN_S_BEFORE		1
-#define BIO_CONN_S_GET_IP		2
-#define BIO_CONN_S_GET_PORT		3
-#define BIO_CONN_S_CREATE_SOCKET	4
-#define BIO_CONN_S_CONNECT		5
-#define BIO_CONN_S_OK			6
-#define BIO_CONN_S_BLOCKED_CONNECT	7
-#define BIO_CONN_S_NBIO			8
-/*#define BIO_CONN_get_param_hostname	BIO_ctrl */
-
-#define BIO_C_SET_CONNECT			100
-#define BIO_C_DO_STATE_MACHINE			101
-#define BIO_C_SET_NBIO				102
-#define BIO_C_SET_PROXY_PARAM			103
-#define BIO_C_SET_FD				104
-#define BIO_C_GET_FD				105
-#define BIO_C_SET_FILE_PTR			106
-#define BIO_C_GET_FILE_PTR			107
-#define BIO_C_SET_FILENAME			108
-#define BIO_C_SET_SSL				109
-#define BIO_C_GET_SSL				110
-#define BIO_C_SET_MD				111
-#define BIO_C_GET_MD				112
-#define BIO_C_GET_CIPHER_STATUS			113
-#define BIO_C_SET_BUF_MEM			114
-#define BIO_C_GET_BUF_MEM_PTR			115
-#define BIO_C_GET_BUFF_NUM_LINES		116
-#define BIO_C_SET_BUFF_SIZE			117
-#define BIO_C_SET_ACCEPT			118
-#define BIO_C_SSL_MODE				119
-#define BIO_C_GET_MD_CTX			120
-#define BIO_C_GET_PROXY_PARAM			121
-#define BIO_C_SET_BUFF_READ_DATA		122 /* data to read first */
-#define BIO_C_GET_CONNECT			123
-#define BIO_C_GET_ACCEPT			124
-#define BIO_C_SET_SSL_RENEGOTIATE_BYTES		125
-#define BIO_C_GET_SSL_NUM_RENEGOTIATES		126
-#define BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT	127
-#define BIO_C_FILE_SEEK				128
-#define BIO_C_GET_CIPHER_CTX			129
-#define BIO_C_SET_BUF_MEM_EOF_RETURN		130/*return end of input value*/
-#define BIO_C_SET_BIND_MODE			131
-#define BIO_C_GET_BIND_MODE			132
-#define BIO_C_FILE_TELL				133
-#define BIO_C_GET_SOCKS				134
-#define BIO_C_SET_SOCKS				135
-
-#define BIO_C_SET_WRITE_BUF_SIZE		136/* for BIO_s_bio */
-#define BIO_C_GET_WRITE_BUF_SIZE		137
-#define BIO_C_MAKE_BIO_PAIR			138
-#define BIO_C_DESTROY_BIO_PAIR			139
-#define BIO_C_GET_WRITE_GUARANTEE		140
-#define BIO_C_GET_READ_REQUEST			141
-#define BIO_C_SHUTDOWN_WR			142
-#define BIO_C_NREAD0				143
-#define BIO_C_NREAD				144
-#define BIO_C_NWRITE0				145
-#define BIO_C_NWRITE				146
-#define BIO_C_RESET_READ_REQUEST		147
-#define BIO_C_SET_MD_CTX			148
-
-#define BIO_C_SET_PREFIX			149
-#define BIO_C_GET_PREFIX			150
-#define BIO_C_SET_SUFFIX			151
-#define BIO_C_GET_SUFFIX			152
-
-#define BIO_C_SET_EX_ARG			153
-#define BIO_C_GET_EX_ARG			154
-
-#define BIO_set_app_data(s,arg)		BIO_set_ex_data(s,0,arg)
-#define BIO_get_app_data(s)		BIO_get_ex_data(s,0)
-
-/* BIO_s_connect() and BIO_s_socks4a_connect() */
-#define BIO_set_conn_hostname(b,name) BIO_ctrl(b,BIO_C_SET_CONNECT,0,(char *)name)
-#define BIO_set_conn_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,1,(char *)port)
-#define BIO_set_conn_ip(b,ip)	  BIO_ctrl(b,BIO_C_SET_CONNECT,2,(char *)ip)
-#define BIO_set_conn_int_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,3,(char *)port)
-#define BIO_get_conn_hostname(b)  BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0)
-#define BIO_get_conn_port(b)      BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1)
-#define BIO_get_conn_ip(b) 		 BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,2)
-#define BIO_get_conn_int_port(b) BIO_int_ctrl(b,BIO_C_GET_CONNECT,3,0)
-
-
-#define BIO_set_nbio(b,n)	BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL)
-
-/* BIO_s_accept_socket() */
-#define BIO_set_accept_port(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0,(char *)name)
-#define BIO_get_accept_port(b)	BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0)
-/* #define BIO_set_nbio(b,n)	BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) */
-#define BIO_set_nbio_accept(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,1,(n)?(void *)"a":NULL)
-#define BIO_set_accept_bios(b,bio) BIO_ctrl(b,BIO_C_SET_ACCEPT,2,(char *)bio)
-
-#define BIO_BIND_NORMAL			0
-#define BIO_BIND_REUSEADDR_IF_UNUSED	1
-#define BIO_BIND_REUSEADDR		2
-#define BIO_set_bind_mode(b,mode) BIO_ctrl(b,BIO_C_SET_BIND_MODE,mode,NULL)
-#define BIO_get_bind_mode(b,mode) BIO_ctrl(b,BIO_C_GET_BIND_MODE,0,NULL)
-
-#define BIO_do_connect(b)	BIO_do_handshake(b)
-#define BIO_do_accept(b)	BIO_do_handshake(b)
-#define BIO_do_handshake(b)	BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)
-
-/* BIO_s_proxy_client() */
-#define BIO_set_url(b,url)	BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,0,(char *)(url))
-#define BIO_set_proxies(b,p)	BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,1,(char *)(p))
-/* BIO_set_nbio(b,n) */
-#define BIO_set_filter_bio(b,s) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,2,(char *)(s))
-/* BIO *BIO_get_filter_bio(BIO *bio); */
-#define BIO_set_proxy_cb(b,cb) BIO_callback_ctrl(b,BIO_C_SET_PROXY_PARAM,3,(void *(*cb)()))
-#define BIO_set_proxy_header(b,sk) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,4,(char *)sk)
-#define BIO_set_no_connect_return(b,bool) BIO_int_ctrl(b,BIO_C_SET_PROXY_PARAM,5,bool)
-
-#define BIO_get_proxy_header(b,skp) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,0,(char *)skp)
-#define BIO_get_proxies(b,pxy_p) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,1,(char *)(pxy_p))
-#define BIO_get_url(b,url)	BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,2,(char *)(url))
-#define BIO_get_no_connect_return(b)	BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,5,NULL)
-
-#define BIO_set_fd(b,fd,c)	BIO_int_ctrl(b,BIO_C_SET_FD,c,fd)
-#define BIO_get_fd(b,c)		BIO_ctrl(b,BIO_C_GET_FD,0,(char *)c)
-
-#define BIO_set_fp(b,fp,c)	BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,(char *)fp)
-#define BIO_get_fp(b,fpp)	BIO_ctrl(b,BIO_C_GET_FILE_PTR,0,(char *)fpp)
-
-#define BIO_seek(b,ofs)	(int)BIO_ctrl(b,BIO_C_FILE_SEEK,ofs,NULL)
-#define BIO_tell(b)	(int)BIO_ctrl(b,BIO_C_FILE_TELL,0,NULL)
-
-/* name is cast to lose const, but might be better to route through a function
-   so we can do it safely */
-#ifdef CONST_STRICT
-/* If you are wondering why this isn't defined, its because CONST_STRICT is
- * purely a compile-time kludge to allow const to be checked.
- */
-int BIO_read_filename(BIO *b,const char *name);
-#else
-#define BIO_read_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
-		BIO_CLOSE|BIO_FP_READ,(char *)name)
-#endif
-#define BIO_write_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
-		BIO_CLOSE|BIO_FP_WRITE,name)
-#define BIO_append_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
-		BIO_CLOSE|BIO_FP_APPEND,name)
-#define BIO_rw_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
-		BIO_CLOSE|BIO_FP_READ|BIO_FP_WRITE,name)
-
-/* WARNING WARNING, this ups the reference count on the read bio of the
- * SSL structure.  This is because the ssl read BIO is now pointed to by
- * the next_bio field in the bio.  So when you free the BIO, make sure
- * you are doing a BIO_free_all() to catch the underlying BIO. */
-#define BIO_set_ssl(b,ssl,c)	BIO_ctrl(b,BIO_C_SET_SSL,c,(char *)ssl)
-#define BIO_get_ssl(b,sslp)	BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)sslp)
-#define BIO_set_ssl_mode(b,client)	BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL)
-#define BIO_set_ssl_renegotiate_bytes(b,num) \
-	BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL);
-#define BIO_get_num_renegotiates(b) \
-	BIO_ctrl(b,BIO_C_GET_SSL_NUM_RENEGOTIATES,0,NULL);
-#define BIO_set_ssl_renegotiate_timeout(b,seconds) \
-	BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL);
-
-/* defined in evp.h */
-/* #define BIO_set_md(b,md)	BIO_ctrl(b,BIO_C_SET_MD,1,(char *)md) */
-
-#define BIO_get_mem_data(b,pp)	BIO_ctrl(b,BIO_CTRL_INFO,0,(char *)pp)
-#define BIO_set_mem_buf(b,bm,c)	BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,(char *)bm)
-#define BIO_get_mem_ptr(b,pp)	BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0,(char *)pp)
-#define BIO_set_mem_eof_return(b,v) \
-				BIO_ctrl(b,BIO_C_SET_BUF_MEM_EOF_RETURN,v,NULL)
-
-/* For the BIO_f_buffer() type */
-#define BIO_get_buffer_num_lines(b)	BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL)
-#define BIO_set_buffer_size(b,size)	BIO_ctrl(b,BIO_C_SET_BUFF_SIZE,size,NULL)
-#define BIO_set_read_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,0)
-#define BIO_set_write_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,1)
-#define BIO_set_buffer_read_data(b,buf,num) BIO_ctrl(b,BIO_C_SET_BUFF_READ_DATA,num,buf)
-
-/* Don't use the next one unless you know what you are doing :-) */
-#define BIO_dup_state(b,ret)	BIO_ctrl(b,BIO_CTRL_DUP,0,(char *)(ret))
-
-#define BIO_reset(b)		(int)BIO_ctrl(b,BIO_CTRL_RESET,0,NULL)
-#define BIO_eof(b)		(int)BIO_ctrl(b,BIO_CTRL_EOF,0,NULL)
-#define BIO_set_close(b,c)	(int)BIO_ctrl(b,BIO_CTRL_SET_CLOSE,(c),NULL)
-#define BIO_get_close(b)	(int)BIO_ctrl(b,BIO_CTRL_GET_CLOSE,0,NULL)
-#define BIO_pending(b)		(int)BIO_ctrl(b,BIO_CTRL_PENDING,0,NULL)
-#define BIO_wpending(b)		(int)BIO_ctrl(b,BIO_CTRL_WPENDING,0,NULL)
-/* ...pending macros have inappropriate return type */
-size_t BIO_ctrl_pending(BIO *b);
-size_t BIO_ctrl_wpending(BIO *b);
-#define BIO_flush(b)		(int)BIO_ctrl(b,BIO_CTRL_FLUSH,0,NULL)
-#define BIO_get_info_callback(b,cbp) (int)BIO_ctrl(b,BIO_CTRL_GET_CALLBACK,0, \
-						   cbp)
-#define BIO_set_info_callback(b,cb) (int)BIO_callback_ctrl(b,BIO_CTRL_SET_CALLBACK,cb)
-
-/* For the BIO_f_buffer() type */
-#define BIO_buffer_get_num_lines(b) BIO_ctrl(b,BIO_CTRL_GET,0,NULL)
-
-/* For BIO_s_bio() */
-#define BIO_set_write_buf_size(b,size) (int)BIO_ctrl(b,BIO_C_SET_WRITE_BUF_SIZE,size,NULL)
-#define BIO_get_write_buf_size(b,size) (size_t)BIO_ctrl(b,BIO_C_GET_WRITE_BUF_SIZE,size,NULL)
-#define BIO_make_bio_pair(b1,b2)   (int)BIO_ctrl(b1,BIO_C_MAKE_BIO_PAIR,0,b2)
-#define BIO_destroy_bio_pair(b)    (int)BIO_ctrl(b,BIO_C_DESTROY_BIO_PAIR,0,NULL)
-#define BIO_shutdown_wr(b) (int)BIO_ctrl(b, BIO_C_SHUTDOWN_WR, 0, NULL)
-/* macros with inappropriate type -- but ...pending macros use int too: */
-#define BIO_get_write_guarantee(b) (int)BIO_ctrl(b,BIO_C_GET_WRITE_GUARANTEE,0,NULL)
-#define BIO_get_read_request(b)    (int)BIO_ctrl(b,BIO_C_GET_READ_REQUEST,0,NULL)
-size_t BIO_ctrl_get_write_guarantee(BIO *b);
-size_t BIO_ctrl_get_read_request(BIO *b);
-int BIO_ctrl_reset_read_request(BIO *b);
-
-/* ctrl macros for dgram */
-#define BIO_ctrl_dgram_connect(b,peer)  \
-                     (int)BIO_ctrl(b,BIO_CTRL_DGRAM_CONNECT,0, (char *)peer)
-#define BIO_ctrl_set_connected(b, state, peer) \
-         (int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_CONNECTED, state, (char *)peer)
-#define BIO_dgram_recv_timedout(b) \
-         (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP, 0, NULL)
-#define BIO_dgram_send_timedout(b) \
-         (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP, 0, NULL)
-#define BIO_dgram_get_peer(b,peer) \
-         (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_PEER, 0, (char *)peer)
-#define BIO_dgram_set_peer(b,peer) \
-         (int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, (char *)peer)
-
-/* These two aren't currently implemented */
-/* int BIO_get_ex_num(BIO *bio); */
-/* void BIO_set_ex_free_func(BIO *bio,int idx,void (*cb)()); */
-int BIO_set_ex_data(BIO *bio,int idx,void *data);
-void *BIO_get_ex_data(BIO *bio,int idx);
-int BIO_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-	CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-unsigned long BIO_number_read(BIO *bio);
-unsigned long BIO_number_written(BIO *bio);
-
-/* For BIO_f_asn1() */
-int BIO_asn1_set_prefix(BIO *b, asn1_ps_func *prefix,
-					asn1_ps_func *prefix_free);
-int BIO_asn1_get_prefix(BIO *b, asn1_ps_func **pprefix,
-					asn1_ps_func **pprefix_free);
-int BIO_asn1_set_suffix(BIO *b, asn1_ps_func *suffix,
-					asn1_ps_func *suffix_free);
-int BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix,
-					asn1_ps_func **psuffix_free);
-
-# ifndef OPENSSL_NO_FP_API
-BIO_METHOD *BIO_s_file(void );
-BIO *BIO_new_file(const char *filename, const char *mode);
-BIO *BIO_new_fp(FILE *stream, int close_flag);
-# define BIO_s_file_internal	BIO_s_file
-# endif
-BIO *	BIO_new(BIO_METHOD *type);
-int	BIO_set(BIO *a,BIO_METHOD *type);
-int	BIO_free(BIO *a);
-void	BIO_vfree(BIO *a);
-int	BIO_read(BIO *b, void *data, int len);
-int	BIO_gets(BIO *bp,char *buf, int size);
-int	BIO_write(BIO *b, const void *data, int len);
-int	BIO_puts(BIO *bp,const char *buf);
-int	BIO_indent(BIO *b,int indent,int max);
-long	BIO_ctrl(BIO *bp,int cmd,long larg,void *parg);
-long BIO_callback_ctrl(BIO *b, int cmd, void (*fp)(struct bio_st *, int, const char *, int, long, long));
-char *	BIO_ptr_ctrl(BIO *bp,int cmd,long larg);
-long	BIO_int_ctrl(BIO *bp,int cmd,long larg,int iarg);
-BIO *	BIO_push(BIO *b,BIO *append);
-BIO *	BIO_pop(BIO *b);
-void	BIO_free_all(BIO *a);
-BIO *	BIO_find_type(BIO *b,int bio_type);
-BIO *	BIO_next(BIO *b);
-BIO *	BIO_get_retry_BIO(BIO *bio, int *reason);
-int	BIO_get_retry_reason(BIO *bio);
-BIO *	BIO_dup_chain(BIO *in);
-
-int BIO_nread0(BIO *bio, char **buf);
-int BIO_nread(BIO *bio, char **buf, int num);
-int BIO_nwrite0(BIO *bio, char **buf);
-int BIO_nwrite(BIO *bio, char **buf, int num);
-
-long BIO_debug_callback(BIO *bio,int cmd,const char *argp,int argi,
-	long argl,long ret);
-
-BIO_METHOD *BIO_s_mem(void);
-BIO *BIO_new_mem_buf(void *buf, int len);
-BIO_METHOD *BIO_s_socket(void);
-BIO_METHOD *BIO_s_connect(void);
-BIO_METHOD *BIO_s_accept(void);
-BIO_METHOD *BIO_s_fd(void);
-#ifndef OPENSSL_SYS_OS2
-BIO_METHOD *BIO_s_log(void);
-#endif
-BIO_METHOD *BIO_s_bio(void);
-BIO_METHOD *BIO_s_null(void);
-BIO_METHOD *BIO_f_null(void);
-BIO_METHOD *BIO_f_buffer(void);
-#ifdef OPENSSL_SYS_VMS
-BIO_METHOD *BIO_f_linebuffer(void);
-#endif
-BIO_METHOD *BIO_f_nbio_test(void);
-#ifndef OPENSSL_NO_DGRAM
-BIO_METHOD *BIO_s_datagram(void);
-#ifndef OPENSSL_NO_SCTP
-BIO_METHOD *BIO_s_datagram_sctp(void);
-#endif
-#endif
-
-/* BIO_METHOD *BIO_f_ber(void); */
-
-int BIO_sock_should_retry(int i);
-int BIO_sock_non_fatal_error(int error);
-int BIO_dgram_non_fatal_error(int error);
-
-int BIO_fd_should_retry(int i);
-int BIO_fd_non_fatal_error(int error);
-int BIO_dump_cb(int (*cb)(const void *data, size_t len, void *u),
-		void *u, const char *s, int len);
-int BIO_dump_indent_cb(int (*cb)(const void *data, size_t len, void *u),
-		       void *u, const char *s, int len, int indent);
-int BIO_dump(BIO *b,const char *bytes,int len);
-int BIO_dump_indent(BIO *b,const char *bytes,int len,int indent);
-#ifndef OPENSSL_NO_FP_API
-int BIO_dump_fp(FILE *fp, const char *s, int len);
-int BIO_dump_indent_fp(FILE *fp, const char *s, int len, int indent);
-#endif
-struct hostent *BIO_gethostbyname(const char *name);
-/* We might want a thread-safe interface too:
- * struct hostent *BIO_gethostbyname_r(const char *name,
- *     struct hostent *result, void *buffer, size_t buflen);
- * or something similar (caller allocates a struct hostent,
- * pointed to by "result", and additional buffer space for the various
- * substructures; if the buffer does not suffice, NULL is returned
- * and an appropriate error code is set).
- */
-int BIO_sock_error(int sock);
-int BIO_socket_ioctl(int fd, long type, void *arg);
-int BIO_socket_nbio(int fd,int mode);
-int BIO_get_port(const char *str, unsigned short *port_ptr);
-int BIO_get_host_ip(const char *str, unsigned char *ip);
-int BIO_get_accept_socket(char *host_port,int mode);
-int BIO_accept(int sock,char **ip_port);
-int BIO_sock_init(void );
-void BIO_sock_cleanup(void);
-int BIO_set_tcp_ndelay(int sock,int turn_on);
-
-BIO *BIO_new_socket(int sock, int close_flag);
-BIO *BIO_new_dgram(int fd, int close_flag);
-#ifndef OPENSSL_NO_SCTP
-BIO *BIO_new_dgram_sctp(int fd, int close_flag);
-int BIO_dgram_is_sctp(BIO *bio);
-int BIO_dgram_sctp_notification_cb(BIO *b,
-                                   void (*handle_notifications)(BIO *bio, void *context, void *buf),
-                                   void *context);
-int BIO_dgram_sctp_wait_for_dry(BIO *b);
-int BIO_dgram_sctp_msg_waiting(BIO *b);
-#endif
-BIO *BIO_new_fd(int fd, int close_flag);
-BIO *BIO_new_connect(char *host_port);
-BIO *BIO_new_accept(char *host_port);
-
-int BIO_new_bio_pair(BIO **bio1, size_t writebuf1,
-	BIO **bio2, size_t writebuf2);
-/* If successful, returns 1 and in *bio1, *bio2 two BIO pair endpoints.
- * Otherwise returns 0 and sets *bio1 and *bio2 to NULL.
- * Size 0 uses default value.
- */
-
-void BIO_copy_next_retry(BIO *b);
-
-/*long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);*/
-
-#ifdef __GNUC__
-#  define __bio_h__attr__ __attribute__
-#else
-#  define __bio_h__attr__(x)
-#endif
-int BIO_printf(BIO *bio, const char *format, ...)
-	__bio_h__attr__((__format__(__printf__,2,3)));
-int BIO_vprintf(BIO *bio, const char *format, va_list args)
-	__bio_h__attr__((__format__(__printf__,2,0)));
-int BIO_snprintf(char *buf, size_t n, const char *format, ...)
-	__bio_h__attr__((__format__(__printf__,3,4)));
-int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)
-	__bio_h__attr__((__format__(__printf__,3,0)));
-#undef __bio_h__attr__
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_BIO_strings(void);
-
-/* Error codes for the BIO functions. */
-
-/* Function codes. */
-#define BIO_F_ACPT_STATE				 100
-#define BIO_F_BIO_ACCEPT				 101
-#define BIO_F_BIO_BER_GET_HEADER			 102
-#define BIO_F_BIO_CALLBACK_CTRL				 131
-#define BIO_F_BIO_CTRL					 103
-#define BIO_F_BIO_GETHOSTBYNAME				 120
-#define BIO_F_BIO_GETS					 104
-#define BIO_F_BIO_GET_ACCEPT_SOCKET			 105
-#define BIO_F_BIO_GET_HOST_IP				 106
-#define BIO_F_BIO_GET_PORT				 107
-#define BIO_F_BIO_MAKE_PAIR				 121
-#define BIO_F_BIO_NEW					 108
-#define BIO_F_BIO_NEW_FILE				 109
-#define BIO_F_BIO_NEW_MEM_BUF				 126
-#define BIO_F_BIO_NREAD					 123
-#define BIO_F_BIO_NREAD0				 124
-#define BIO_F_BIO_NWRITE				 125
-#define BIO_F_BIO_NWRITE0				 122
-#define BIO_F_BIO_PUTS					 110
-#define BIO_F_BIO_READ					 111
-#define BIO_F_BIO_SOCK_INIT				 112
-#define BIO_F_BIO_WRITE					 113
-#define BIO_F_BUFFER_CTRL				 114
-#define BIO_F_CONN_CTRL					 127
-#define BIO_F_CONN_STATE				 115
-#define BIO_F_DGRAM_SCTP_READ				 132
-#define BIO_F_FILE_CTRL					 116
-#define BIO_F_FILE_READ					 130
-#define BIO_F_LINEBUFFER_CTRL				 129
-#define BIO_F_MEM_READ					 128
-#define BIO_F_MEM_WRITE					 117
-#define BIO_F_SSL_NEW					 118
-#define BIO_F_WSASTARTUP				 119
-
-/* Reason codes. */
-#define BIO_R_ACCEPT_ERROR				 100
-#define BIO_R_BAD_FOPEN_MODE				 101
-#define BIO_R_BAD_HOSTNAME_LOOKUP			 102
-#define BIO_R_BROKEN_PIPE				 124
-#define BIO_R_CONNECT_ERROR				 103
-#define BIO_R_EOF_ON_MEMORY_BIO				 127
-#define BIO_R_ERROR_SETTING_NBIO			 104
-#define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET	 105
-#define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET	 106
-#define BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET		 107
-#define BIO_R_INVALID_ARGUMENT				 125
-#define BIO_R_INVALID_IP_ADDRESS			 108
-#define BIO_R_IN_USE					 123
-#define BIO_R_KEEPALIVE					 109
-#define BIO_R_NBIO_CONNECT_ERROR			 110
-#define BIO_R_NO_ACCEPT_PORT_SPECIFIED			 111
-#define BIO_R_NO_HOSTNAME_SPECIFIED			 112
-#define BIO_R_NO_PORT_DEFINED				 113
-#define BIO_R_NO_PORT_SPECIFIED				 114
-#define BIO_R_NO_SUCH_FILE				 128
-#define BIO_R_NULL_PARAMETER				 115
-#define BIO_R_TAG_MISMATCH				 116
-#define BIO_R_UNABLE_TO_BIND_SOCKET			 117
-#define BIO_R_UNABLE_TO_CREATE_SOCKET			 118
-#define BIO_R_UNABLE_TO_LISTEN_SOCKET			 119
-#define BIO_R_UNINITIALIZED				 120
-#define BIO_R_UNSUPPORTED_METHOD			 121
-#define BIO_R_WRITE_TO_READ_ONLY_BIO			 126
-#define BIO_R_WSASTARTUP				 122
-
-#ifdef  __cplusplus
-}
-#endif
-#endif

ext/bin/libcrypto/include/openssl/blowfish.h

@@ -1,129 +0,0 @@
-/* crypto/bf/blowfish.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_BLOWFISH_H
-#define HEADER_BLOWFISH_H
-
-#include <openssl/e_os2.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#ifdef OPENSSL_NO_BF
-#error BF is disabled.
-#endif
-
-#define BF_ENCRYPT	1
-#define BF_DECRYPT	0
-
-/*
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- * ! BF_LONG has to be at least 32 bits wide. If it's wider, then !
- * ! BF_LONG_LOG2 has to be defined along.                        !
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- */
-
-#if defined(__LP32__)
-#define BF_LONG unsigned long
-#elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
-#define BF_LONG unsigned long
-#define BF_LONG_LOG2 3
-/*
- * _CRAY note. I could declare short, but I have no idea what impact
- * does it have on performance on none-T3E machines. I could declare
- * int, but at least on C90 sizeof(int) can be chosen at compile time.
- * So I've chosen long...
- *					<appro@fy.chalmers.se>
- */
-#else
-#define BF_LONG unsigned int
-#endif
-
-#define BF_ROUNDS	16
-#define BF_BLOCK	8
-
-typedef struct bf_key_st
-	{
-	BF_LONG P[BF_ROUNDS+2];
-	BF_LONG S[4*256];
-	} BF_KEY;
-
-#ifdef OPENSSL_FIPS 
-void private_BF_set_key(BF_KEY *key, int len, const unsigned char *data);
-#endif
-void BF_set_key(BF_KEY *key, int len, const unsigned char *data);
-
-void BF_encrypt(BF_LONG *data,const BF_KEY *key);
-void BF_decrypt(BF_LONG *data,const BF_KEY *key);
-
-void BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
-	const BF_KEY *key, int enc);
-void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
-	const BF_KEY *schedule, unsigned char *ivec, int enc);
-void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length,
-	const BF_KEY *schedule, unsigned char *ivec, int *num, int enc);
-void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out, long length,
-	const BF_KEY *schedule, unsigned char *ivec, int *num);
-const char *BF_options(void);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif

ext/bin/libcrypto/include/openssl/bn.h

@@ -1,891 +0,0 @@
-/* crypto/bn/bn.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by 
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the Eric Young open source
- * license provided above.
- *
- * The binary polynomial arithmetic software is originally written by 
- * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
- *
- */
-
-#ifndef HEADER_BN_H
-#define HEADER_BN_H
-
-#include <openssl/e_os2.h>
-#ifndef OPENSSL_NO_FP_API
-#include <stdio.h> /* FILE */
-#endif
-#include <openssl/ossl_typ.h>
-#include <openssl/crypto.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* These preprocessor symbols control various aspects of the bignum headers and
- * library code. They're not defined by any "normal" configuration, as they are
- * intended for development and testing purposes. NB: defining all three can be
- * useful for debugging application code as well as openssl itself.
- *
- * BN_DEBUG - turn on various debugging alterations to the bignum code
- * BN_DEBUG_RAND - uses random poisoning of unused words to trip up
- * mismanagement of bignum internals. You must also define BN_DEBUG.
- */
-/* #define BN_DEBUG */
-/* #define BN_DEBUG_RAND */
-
-#ifndef OPENSSL_SMALL_FOOTPRINT
-#define BN_MUL_COMBA
-#define BN_SQR_COMBA
-#define BN_RECURSION
-#endif
-
-/* This next option uses the C libraries (2 word)/(1 word) function.
- * If it is not defined, I use my C version (which is slower).
- * The reason for this flag is that when the particular C compiler
- * library routine is used, and the library is linked with a different
- * compiler, the library is missing.  This mostly happens when the
- * library is built with gcc and then linked using normal cc.  This would
- * be a common occurrence because gcc normally produces code that is
- * 2 times faster than system compilers for the big number stuff.
- * For machines with only one compiler (or shared libraries), this should
- * be on.  Again this in only really a problem on machines
- * using "long long's", are 32bit, and are not using my assembler code. */
-#if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS) || \
-    defined(OPENSSL_SYS_WIN32) || defined(linux)
-# ifndef BN_DIV2W
-#  define BN_DIV2W
-# endif
-#endif
-
-/* assuming long is 64bit - this is the DEC Alpha
- * unsigned long long is only 64 bits :-(, don't define
- * BN_LLONG for the DEC Alpha */
-#ifdef SIXTY_FOUR_BIT_LONG
-#define BN_ULLONG	unsigned long long
-#define BN_ULONG	unsigned long
-#define BN_LONG		long
-#define BN_BITS		128
-#define BN_BYTES	8
-#define BN_BITS2	64
-#define BN_BITS4	32
-#define BN_MASK		(0xffffffffffffffffffffffffffffffffLL)
-#define BN_MASK2	(0xffffffffffffffffL)
-#define BN_MASK2l	(0xffffffffL)
-#define BN_MASK2h	(0xffffffff00000000L)
-#define BN_MASK2h1	(0xffffffff80000000L)
-#define BN_TBIT		(0x8000000000000000L)
-#define BN_DEC_CONV	(10000000000000000000UL)
-#define BN_DEC_FMT1	"%lu"
-#define BN_DEC_FMT2	"%019lu"
-#define BN_DEC_NUM	19
-#define BN_HEX_FMT1	"%lX"
-#define BN_HEX_FMT2	"%016lX"
-#endif
-
-/* This is where the long long data type is 64 bits, but long is 32.
- * For machines where there are 64bit registers, this is the mode to use.
- * IRIX, on R4000 and above should use this mode, along with the relevant
- * assembler code :-).  Do NOT define BN_LLONG.
- */
-#ifdef SIXTY_FOUR_BIT
-#undef BN_LLONG
-#undef BN_ULLONG
-#define BN_ULONG	unsigned long long
-#define BN_LONG		long long
-#define BN_BITS		128
-#define BN_BYTES	8
-#define BN_BITS2	64
-#define BN_BITS4	32
-#define BN_MASK2	(0xffffffffffffffffLL)
-#define BN_MASK2l	(0xffffffffL)
-#define BN_MASK2h	(0xffffffff00000000LL)
-#define BN_MASK2h1	(0xffffffff80000000LL)
-#define BN_TBIT		(0x8000000000000000LL)
-#define BN_DEC_CONV	(10000000000000000000ULL)
-#define BN_DEC_FMT1	"%llu"
-#define BN_DEC_FMT2	"%019llu"
-#define BN_DEC_NUM	19
-#define BN_HEX_FMT1	"%llX"
-#define BN_HEX_FMT2	"%016llX"
-#endif
-
-#ifdef THIRTY_TWO_BIT
-#ifdef BN_LLONG
-# if defined(_WIN32) && !defined(__GNUC__)
-#  define BN_ULLONG	unsigned __int64
-#  define BN_MASK	(0xffffffffffffffffI64)
-# else
-#  define BN_ULLONG	unsigned long long
-#  define BN_MASK	(0xffffffffffffffffLL)
-# endif
-#endif
-#define BN_ULONG	unsigned int
-#define BN_LONG		int
-#define BN_BITS		64
-#define BN_BYTES	4
-#define BN_BITS2	32
-#define BN_BITS4	16
-#define BN_MASK2	(0xffffffffL)
-#define BN_MASK2l	(0xffff)
-#define BN_MASK2h1	(0xffff8000L)
-#define BN_MASK2h	(0xffff0000L)
-#define BN_TBIT		(0x80000000L)
-#define BN_DEC_CONV	(1000000000L)
-#define BN_DEC_FMT1	"%u"
-#define BN_DEC_FMT2	"%09u"
-#define BN_DEC_NUM	9
-#define BN_HEX_FMT1	"%X"
-#define BN_HEX_FMT2	"%08X"
-#endif
-
-/* 2011-02-22 SMS.
- * In various places, a size_t variable or a type cast to size_t was
- * used to perform integer-only operations on pointers.  This failed on
- * VMS with 64-bit pointers (CC /POINTER_SIZE = 64) because size_t is
- * still only 32 bits.  What's needed in these cases is an integer type
- * with the same size as a pointer, which size_t is not certain to be. 
- * The only fix here is VMS-specific.
- */
-#if defined(OPENSSL_SYS_VMS)
-# if __INITIAL_POINTER_SIZE == 64
-#  define PTR_SIZE_INT long long
-# else /* __INITIAL_POINTER_SIZE == 64 */
-#  define PTR_SIZE_INT int
-# endif /* __INITIAL_POINTER_SIZE == 64 [else] */
-#else /* defined(OPENSSL_SYS_VMS) */
-# define PTR_SIZE_INT size_t
-#endif /* defined(OPENSSL_SYS_VMS) [else] */
-
-#define BN_DEFAULT_BITS	1280
-
-#define BN_FLG_MALLOCED		0x01
-#define BN_FLG_STATIC_DATA	0x02
-#define BN_FLG_CONSTTIME	0x04 /* avoid leaking exponent information through timing,
-                                      * BN_mod_exp_mont() will call BN_mod_exp_mont_consttime,
-                                      * BN_div() will call BN_div_no_branch,
-                                      * BN_mod_inverse() will call BN_mod_inverse_no_branch.
-                                      */
-
-#ifndef OPENSSL_NO_DEPRECATED
-#define BN_FLG_EXP_CONSTTIME BN_FLG_CONSTTIME /* deprecated name for the flag */
-                                      /* avoid leaking exponent information through timings
-                                      * (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime) */
-#endif
-
-#ifndef OPENSSL_NO_DEPRECATED
-#define BN_FLG_FREE		0x8000	/* used for debuging */
-#endif
-#define BN_set_flags(b,n)	((b)->flags|=(n))
-#define BN_get_flags(b,n)	((b)->flags&(n))
-
-/* get a clone of a BIGNUM with changed flags, for *temporary* use only
- * (the two BIGNUMs cannot not be used in parallel!) */
-#define BN_with_flags(dest,b,n)  ((dest)->d=(b)->d, \
-                                  (dest)->top=(b)->top, \
-                                  (dest)->dmax=(b)->dmax, \
-                                  (dest)->neg=(b)->neg, \
-                                  (dest)->flags=(((dest)->flags & BN_FLG_MALLOCED) \
-                                                 |  ((b)->flags & ~BN_FLG_MALLOCED) \
-                                                 |  BN_FLG_STATIC_DATA \
-                                                 |  (n)))
-
-/* Already declared in ossl_typ.h */
-#if 0
-typedef struct bignum_st BIGNUM;
-/* Used for temp variables (declaration hidden in bn_lcl.h) */
-typedef struct bignum_ctx BN_CTX;
-typedef struct bn_blinding_st BN_BLINDING;
-typedef struct bn_mont_ctx_st BN_MONT_CTX;
-typedef struct bn_recp_ctx_st BN_RECP_CTX;
-typedef struct bn_gencb_st BN_GENCB;
-#endif
-
-struct bignum_st
-	{
-	BN_ULONG *d;	/* Pointer to an array of 'BN_BITS2' bit chunks. */
-	int top;	/* Index of last used d +1. */
-	/* The next are internal book keeping for bn_expand. */
-	int dmax;	/* Size of the d array. */
-	int neg;	/* one if the number is negative */
-	int flags;
-	};
-
-/* Used for montgomery multiplication */
-struct bn_mont_ctx_st
-	{
-	int ri;        /* number of bits in R */
-	BIGNUM RR;     /* used to convert to montgomery form */
-	BIGNUM N;      /* The modulus */
-	BIGNUM Ni;     /* R*(1/R mod N) - N*Ni = 1
-	                * (Ni is only stored for bignum algorithm) */
-	BN_ULONG n0[2];/* least significant word(s) of Ni;
-	                  (type changed with 0.9.9, was "BN_ULONG n0;" before) */
-	int flags;
-	};
-
-/* Used for reciprocal division/mod functions
- * It cannot be shared between threads
- */
-struct bn_recp_ctx_st
-	{
-	BIGNUM N;	/* the divisor */
-	BIGNUM Nr;	/* the reciprocal */
-	int num_bits;
-	int shift;
-	int flags;
-	};
-
-/* Used for slow "generation" functions. */
-struct bn_gencb_st
-	{
-	unsigned int ver;	/* To handle binary (in)compatibility */
-	void *arg;		/* callback-specific data */
-	union
-		{
-		/* if(ver==1) - handles old style callbacks */
-		void (*cb_1)(int, int, void *);
-		/* if(ver==2) - new callback style */
-		int (*cb_2)(int, int, BN_GENCB *);
-		} cb;
-	};
-/* Wrapper function to make using BN_GENCB easier,  */
-int BN_GENCB_call(BN_GENCB *cb, int a, int b);
-/* Macro to populate a BN_GENCB structure with an "old"-style callback */
-#define BN_GENCB_set_old(gencb, callback, cb_arg) { \
-		BN_GENCB *tmp_gencb = (gencb); \
-		tmp_gencb->ver = 1; \
-		tmp_gencb->arg = (cb_arg); \
-		tmp_gencb->cb.cb_1 = (callback); }
-/* Macro to populate a BN_GENCB structure with a "new"-style callback */
-#define BN_GENCB_set(gencb, callback, cb_arg) { \
-		BN_GENCB *tmp_gencb = (gencb); \
-		tmp_gencb->ver = 2; \
-		tmp_gencb->arg = (cb_arg); \
-		tmp_gencb->cb.cb_2 = (callback); }
-
-#define BN_prime_checks 0 /* default: select number of iterations
-			     based on the size of the number */
-
-/* number of Miller-Rabin iterations for an error rate  of less than 2^-80
- * for random 'b'-bit input, b >= 100 (taken from table 4.4 in the Handbook
- * of Applied Cryptography [Menezes, van Oorschot, Vanstone; CRC Press 1996];
- * original paper: Damgaard, Landrock, Pomerance: Average case error estimates
- * for the strong probable prime test. -- Math. Comp. 61 (1993) 177-194) */
-#define BN_prime_checks_for_size(b) ((b) >= 1300 ?  2 : \
-                                (b) >=  850 ?  3 : \
-                                (b) >=  650 ?  4 : \
-                                (b) >=  550 ?  5 : \
-                                (b) >=  450 ?  6 : \
-                                (b) >=  400 ?  7 : \
-                                (b) >=  350 ?  8 : \
-                                (b) >=  300 ?  9 : \
-                                (b) >=  250 ? 12 : \
-                                (b) >=  200 ? 15 : \
-                                (b) >=  150 ? 18 : \
-                                /* b >= 100 */ 27)
-
-#define BN_num_bytes(a)	((BN_num_bits(a)+7)/8)
-
-/* Note that BN_abs_is_word didn't work reliably for w == 0 until 0.9.8 */
-#define BN_abs_is_word(a,w) ((((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w))) || \
-				(((w) == 0) && ((a)->top == 0)))
-#define BN_is_zero(a)       ((a)->top == 0)
-#define BN_is_one(a)        (BN_abs_is_word((a),1) && !(a)->neg)
-#define BN_is_word(a,w)     (BN_abs_is_word((a),(w)) && (!(w) || !(a)->neg))
-#define BN_is_odd(a)	    (((a)->top > 0) && ((a)->d[0] & 1))
-
-#define BN_one(a)	(BN_set_word((a),1))
-#define BN_zero_ex(a) \
-	do { \
-		BIGNUM *_tmp_bn = (a); \
-		_tmp_bn->top = 0; \
-		_tmp_bn->neg = 0; \
-	} while(0)
-#ifdef OPENSSL_NO_DEPRECATED
-#define BN_zero(a)	BN_zero_ex(a)
-#else
-#define BN_zero(a)	(BN_set_word((a),0))
-#endif
-
-const BIGNUM *BN_value_one(void);
-char *	BN_options(void);
-BN_CTX *BN_CTX_new(void);
-#ifndef OPENSSL_NO_DEPRECATED
-void	BN_CTX_init(BN_CTX *c);
-#endif
-void	BN_CTX_free(BN_CTX *c);
-void	BN_CTX_start(BN_CTX *ctx);
-BIGNUM *BN_CTX_get(BN_CTX *ctx);
-void	BN_CTX_end(BN_CTX *ctx);
-int     BN_rand(BIGNUM *rnd, int bits, int top,int bottom);
-int     BN_pseudo_rand(BIGNUM *rnd, int bits, int top,int bottom);
-int	BN_rand_range(BIGNUM *rnd, const BIGNUM *range);
-int	BN_pseudo_rand_range(BIGNUM *rnd, const BIGNUM *range);
-int	BN_num_bits(const BIGNUM *a);
-int	BN_num_bits_word(BN_ULONG);
-BIGNUM *BN_new(void);
-void	BN_init(BIGNUM *);
-void	BN_clear_free(BIGNUM *a);
-BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b);
-void	BN_swap(BIGNUM *a, BIGNUM *b);
-BIGNUM *BN_bin2bn(const unsigned char *s,int len,BIGNUM *ret);
-int	BN_bn2bin(const BIGNUM *a, unsigned char *to);
-BIGNUM *BN_mpi2bn(const unsigned char *s,int len,BIGNUM *ret);
-int	BN_bn2mpi(const BIGNUM *a, unsigned char *to);
-int	BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-int	BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-int	BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-int	BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-int	BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
-int	BN_sqr(BIGNUM *r, const BIGNUM *a,BN_CTX *ctx);
-/** BN_set_negative sets sign of a BIGNUM
- * \param  b  pointer to the BIGNUM object
- * \param  n  0 if the BIGNUM b should be positive and a value != 0 otherwise 
- */
-void	BN_set_negative(BIGNUM *b, int n);
-/** BN_is_negative returns 1 if the BIGNUM is negative
- * \param  a  pointer to the BIGNUM object
- * \return 1 if a < 0 and 0 otherwise
- */
-#define BN_is_negative(a) ((a)->neg != 0)
-
-int	BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
-	BN_CTX *ctx);
-#define BN_mod(rem,m,d,ctx) BN_div(NULL,(rem),(m),(d),(ctx))
-int	BN_nnmod(BIGNUM *r, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx);
-int	BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx);
-int	BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m);
-int	BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx);
-int	BN_mod_sub_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m);
-int	BN_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-	const BIGNUM *m, BN_CTX *ctx);
-int	BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
-int	BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
-int	BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *m);
-int	BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m, BN_CTX *ctx);
-int	BN_mod_lshift_quick(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m);
-
-BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w);
-BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w);
-int	BN_mul_word(BIGNUM *a, BN_ULONG w);
-int	BN_add_word(BIGNUM *a, BN_ULONG w);
-int	BN_sub_word(BIGNUM *a, BN_ULONG w);
-int	BN_set_word(BIGNUM *a, BN_ULONG w);
-BN_ULONG BN_get_word(const BIGNUM *a);
-
-int	BN_cmp(const BIGNUM *a, const BIGNUM *b);
-void	BN_free(BIGNUM *a);
-int	BN_is_bit_set(const BIGNUM *a, int n);
-int	BN_lshift(BIGNUM *r, const BIGNUM *a, int n);
-int	BN_lshift1(BIGNUM *r, const BIGNUM *a);
-int	BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,BN_CTX *ctx);
-
-int	BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-	const BIGNUM *m,BN_CTX *ctx);
-int	BN_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-	const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
-	const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont);
-int	BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p,
-	const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-int	BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1, const BIGNUM *p1,
-	const BIGNUM *a2, const BIGNUM *p2,const BIGNUM *m,
-	BN_CTX *ctx,BN_MONT_CTX *m_ctx);
-int	BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-	const BIGNUM *m,BN_CTX *ctx);
-
-int	BN_mask_bits(BIGNUM *a,int n);
-#ifndef OPENSSL_NO_FP_API
-int	BN_print_fp(FILE *fp, const BIGNUM *a);
-#endif
-#ifdef HEADER_BIO_H
-int	BN_print(BIO *fp, const BIGNUM *a);
-#else
-int	BN_print(void *fp, const BIGNUM *a);
-#endif
-int	BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx);
-int	BN_rshift(BIGNUM *r, const BIGNUM *a, int n);
-int	BN_rshift1(BIGNUM *r, const BIGNUM *a);
-void	BN_clear(BIGNUM *a);
-BIGNUM *BN_dup(const BIGNUM *a);
-int	BN_ucmp(const BIGNUM *a, const BIGNUM *b);
-int	BN_set_bit(BIGNUM *a, int n);
-int	BN_clear_bit(BIGNUM *a, int n);
-char *	BN_bn2hex(const BIGNUM *a);
-char *	BN_bn2dec(const BIGNUM *a);
-int 	BN_hex2bn(BIGNUM **a, const char *str);
-int 	BN_dec2bn(BIGNUM **a, const char *str);
-int	BN_asc2bn(BIGNUM **a, const char *str);
-int	BN_gcd(BIGNUM *r,const BIGNUM *a,const BIGNUM *b,BN_CTX *ctx);
-int	BN_kronecker(const BIGNUM *a,const BIGNUM *b,BN_CTX *ctx); /* returns -2 for error */
-BIGNUM *BN_mod_inverse(BIGNUM *ret,
-	const BIGNUM *a, const BIGNUM *n,BN_CTX *ctx);
-BIGNUM *BN_mod_sqrt(BIGNUM *ret,
-	const BIGNUM *a, const BIGNUM *n,BN_CTX *ctx);
-
-/* Deprecated versions */
-#ifndef OPENSSL_NO_DEPRECATED
-BIGNUM *BN_generate_prime(BIGNUM *ret,int bits,int safe,
-	const BIGNUM *add, const BIGNUM *rem,
-	void (*callback)(int,int,void *),void *cb_arg);
-int	BN_is_prime(const BIGNUM *p,int nchecks,
-	void (*callback)(int,int,void *),
-	BN_CTX *ctx,void *cb_arg);
-int	BN_is_prime_fasttest(const BIGNUM *p,int nchecks,
-	void (*callback)(int,int,void *),BN_CTX *ctx,void *cb_arg,
-	int do_trial_division);
-#endif /* !defined(OPENSSL_NO_DEPRECATED) */
-
-/* Newer versions */
-int	BN_generate_prime_ex(BIGNUM *ret,int bits,int safe, const BIGNUM *add,
-		const BIGNUM *rem, BN_GENCB *cb);
-int	BN_is_prime_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx, BN_GENCB *cb);
-int	BN_is_prime_fasttest_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx,
-		int do_trial_division, BN_GENCB *cb);
-
-int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx);
-
-int BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
-			const BIGNUM *Xp, const BIGNUM *Xp1, const BIGNUM *Xp2,
-			const BIGNUM *e, BN_CTX *ctx, BN_GENCB *cb);
-int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
-			BIGNUM *Xp1, BIGNUM *Xp2,
-			const BIGNUM *Xp,
-			const BIGNUM *e, BN_CTX *ctx,
-			BN_GENCB *cb);
-
-BN_MONT_CTX *BN_MONT_CTX_new(void );
-void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
-int BN_mod_mul_montgomery(BIGNUM *r,const BIGNUM *a,const BIGNUM *b,
-	BN_MONT_CTX *mont, BN_CTX *ctx);
-#define BN_to_montgomery(r,a,mont,ctx)	BN_mod_mul_montgomery(\
-	(r),(a),&((mont)->RR),(mont),(ctx))
-int BN_from_montgomery(BIGNUM *r,const BIGNUM *a,
-	BN_MONT_CTX *mont, BN_CTX *ctx);
-void BN_MONT_CTX_free(BN_MONT_CTX *mont);
-int BN_MONT_CTX_set(BN_MONT_CTX *mont,const BIGNUM *mod,BN_CTX *ctx);
-BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to,BN_MONT_CTX *from);
-BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock,
-					const BIGNUM *mod, BN_CTX *ctx);
-
-/* BN_BLINDING flags */
-#define	BN_BLINDING_NO_UPDATE	0x00000001
-#define	BN_BLINDING_NO_RECREATE	0x00000002
-
-BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod);
-void BN_BLINDING_free(BN_BLINDING *b);
-int BN_BLINDING_update(BN_BLINDING *b,BN_CTX *ctx);
-int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
-int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
-int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *);
-int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *);
-#ifndef OPENSSL_NO_DEPRECATED
-unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *);
-void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long);
-#endif
-CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *);
-unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
-void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
-BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
-	const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
-	int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-			  const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx),
-	BN_MONT_CTX *m_ctx);
-
-#ifndef OPENSSL_NO_DEPRECATED
-void BN_set_params(int mul,int high,int low,int mont);
-int BN_get_params(int which); /* 0, mul, 1 high, 2 low, 3 mont */
-#endif
-
-void	BN_RECP_CTX_init(BN_RECP_CTX *recp);
-BN_RECP_CTX *BN_RECP_CTX_new(void);
-void	BN_RECP_CTX_free(BN_RECP_CTX *recp);
-int	BN_RECP_CTX_set(BN_RECP_CTX *recp,const BIGNUM *rdiv,BN_CTX *ctx);
-int	BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y,
-	BN_RECP_CTX *recp,BN_CTX *ctx);
-int	BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-	const BIGNUM *m, BN_CTX *ctx);
-int	BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
-	BN_RECP_CTX *recp, BN_CTX *ctx);
-
-#ifndef OPENSSL_NO_EC2M
-
-/* Functions for arithmetic over binary polynomials represented by BIGNUMs. 
- *
- * The BIGNUM::neg property of BIGNUMs representing binary polynomials is
- * ignored.
- *
- * Note that input arguments are not const so that their bit arrays can
- * be expanded to the appropriate size if needed.
- */
-
-int	BN_GF2m_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); /*r = a + b*/
-#define BN_GF2m_sub(r, a, b) BN_GF2m_add(r, a, b)
-int	BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p); /*r=a mod p*/
-int	BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-	const BIGNUM *p, BN_CTX *ctx); /* r = (a * b) mod p */
-int	BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-	BN_CTX *ctx); /* r = (a * a) mod p */
-int	BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *b, const BIGNUM *p,
-	BN_CTX *ctx); /* r = (1 / b) mod p */
-int	BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-	const BIGNUM *p, BN_CTX *ctx); /* r = (a / b) mod p */
-int	BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-	const BIGNUM *p, BN_CTX *ctx); /* r = (a ^ b) mod p */
-int	BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-	BN_CTX *ctx); /* r = sqrt(a) mod p */
-int	BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-	BN_CTX *ctx); /* r^2 + r = a mod p */
-#define BN_GF2m_cmp(a, b) BN_ucmp((a), (b))
-/* Some functions allow for representation of the irreducible polynomials
- * as an unsigned int[], say p.  The irreducible f(t) is then of the form:
- *     t^p[0] + t^p[1] + ... + t^p[k]
- * where m = p[0] > p[1] > ... > p[k] = 0.
- */
-int	BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const int p[]);
-	/* r = a mod p */
-int	BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-	const int p[], BN_CTX *ctx); /* r = (a * b) mod p */
-int	BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const int p[],
-	BN_CTX *ctx); /* r = (a * a) mod p */
-int	BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *b, const int p[],
-	BN_CTX *ctx); /* r = (1 / b) mod p */
-int	BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-	const int p[], BN_CTX *ctx); /* r = (a / b) mod p */
-int	BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-	const int p[], BN_CTX *ctx); /* r = (a ^ b) mod p */
-int	BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a,
-	const int p[], BN_CTX *ctx); /* r = sqrt(a) mod p */
-int	BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a,
-	const int p[], BN_CTX *ctx); /* r^2 + r = a mod p */
-int	BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max);
-int	BN_GF2m_arr2poly(const int p[], BIGNUM *a);
-
-#endif
-
-/* faster mod functions for the 'NIST primes' 
- * 0 <= a < p^2 */
-int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-int BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-
-const BIGNUM *BN_get0_nist_prime_192(void);
-const BIGNUM *BN_get0_nist_prime_224(void);
-const BIGNUM *BN_get0_nist_prime_256(void);
-const BIGNUM *BN_get0_nist_prime_384(void);
-const BIGNUM *BN_get0_nist_prime_521(void);
-
-/* library internal functions */
-
-#define bn_expand(a,bits) ((((((bits+BN_BITS2-1))/BN_BITS2)) <= (a)->dmax)?\
-	(a):bn_expand2((a),(bits+BN_BITS2-1)/BN_BITS2))
-#define bn_wexpand(a,words) (((words) <= (a)->dmax)?(a):bn_expand2((a),(words)))
-BIGNUM *bn_expand2(BIGNUM *a, int words);
-#ifndef OPENSSL_NO_DEPRECATED
-BIGNUM *bn_dup_expand(const BIGNUM *a, int words); /* unused */
-#endif
-
-/* Bignum consistency macros
- * There is one "API" macro, bn_fix_top(), for stripping leading zeroes from
- * bignum data after direct manipulations on the data. There is also an
- * "internal" macro, bn_check_top(), for verifying that there are no leading
- * zeroes. Unfortunately, some auditing is required due to the fact that
- * bn_fix_top() has become an overabused duct-tape because bignum data is
- * occasionally passed around in an inconsistent state. So the following
- * changes have been made to sort this out;
- * - bn_fix_top()s implementation has been moved to bn_correct_top()
- * - if BN_DEBUG isn't defined, bn_fix_top() maps to bn_correct_top(), and
- *   bn_check_top() is as before.
- * - if BN_DEBUG *is* defined;
- *   - bn_check_top() tries to pollute unused words even if the bignum 'top' is
- *     consistent. (ed: only if BN_DEBUG_RAND is defined)
- *   - bn_fix_top() maps to bn_check_top() rather than "fixing" anything.
- * The idea is to have debug builds flag up inconsistent bignums when they
- * occur. If that occurs in a bn_fix_top(), we examine the code in question; if
- * the use of bn_fix_top() was appropriate (ie. it follows directly after code
- * that manipulates the bignum) it is converted to bn_correct_top(), and if it
- * was not appropriate, we convert it permanently to bn_check_top() and track
- * down the cause of the bug. Eventually, no internal code should be using the
- * bn_fix_top() macro. External applications and libraries should try this with
- * their own code too, both in terms of building against the openssl headers
- * with BN_DEBUG defined *and* linking with a version of OpenSSL built with it
- * defined. This not only improves external code, it provides more test
- * coverage for openssl's own code.
- */
-
-#ifdef BN_DEBUG
-
-/* We only need assert() when debugging */
-#include <assert.h>
-
-#ifdef BN_DEBUG_RAND
-/* To avoid "make update" cvs wars due to BN_DEBUG, use some tricks */
-#ifndef RAND_pseudo_bytes
-int RAND_pseudo_bytes(unsigned char *buf,int num);
-#define BN_DEBUG_TRIX
-#endif
-#define bn_pollute(a) \
-	do { \
-		const BIGNUM *_bnum1 = (a); \
-		if(_bnum1->top < _bnum1->dmax) { \
-			unsigned char _tmp_char; \
-			/* We cast away const without the compiler knowing, any \
-			 * *genuinely* constant variables that aren't mutable \
-			 * wouldn't be constructed with top!=dmax. */ \
-			BN_ULONG *_not_const; \
-			memcpy(&_not_const, &_bnum1->d, sizeof(BN_ULONG*)); \
-			RAND_pseudo_bytes(&_tmp_char, 1); \
-			memset((unsigned char *)(_not_const + _bnum1->top), _tmp_char, \
-				(_bnum1->dmax - _bnum1->top) * sizeof(BN_ULONG)); \
-		} \
-	} while(0)
-#ifdef BN_DEBUG_TRIX
-#undef RAND_pseudo_bytes
-#endif
-#else
-#define bn_pollute(a)
-#endif
-#define bn_check_top(a) \
-	do { \
-		const BIGNUM *_bnum2 = (a); \
-		if (_bnum2 != NULL) { \
-			assert((_bnum2->top == 0) || \
-				(_bnum2->d[_bnum2->top - 1] != 0)); \
-			bn_pollute(_bnum2); \
-		} \
-	} while(0)
-
-#define bn_fix_top(a)		bn_check_top(a)
-
-#else /* !BN_DEBUG */
-
-#define bn_pollute(a)
-#define bn_check_top(a)
-#define bn_fix_top(a)		bn_correct_top(a)
-
-#endif
-
-#define bn_correct_top(a) \
-        { \
-        BN_ULONG *ftl; \
-	int tmp_top = (a)->top; \
-	if (tmp_top > 0) \
-		{ \
-		for (ftl= &((a)->d[tmp_top-1]); tmp_top > 0; tmp_top--) \
-			if (*(ftl--)) break; \
-		(a)->top = tmp_top; \
-		} \
-	bn_pollute(a); \
-	}
-
-BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w);
-BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w);
-void     bn_sqr_words(BN_ULONG *rp, const BN_ULONG *ap, int num);
-BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d);
-BN_ULONG bn_add_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int num);
-BN_ULONG bn_sub_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int num);
-
-/* Primes from RFC 2409 */
-BIGNUM *get_rfc2409_prime_768(BIGNUM *bn);
-BIGNUM *get_rfc2409_prime_1024(BIGNUM *bn);
-
-/* Primes from RFC 3526 */
-BIGNUM *get_rfc3526_prime_1536(BIGNUM *bn);
-BIGNUM *get_rfc3526_prime_2048(BIGNUM *bn);
-BIGNUM *get_rfc3526_prime_3072(BIGNUM *bn);
-BIGNUM *get_rfc3526_prime_4096(BIGNUM *bn);
-BIGNUM *get_rfc3526_prime_6144(BIGNUM *bn);
-BIGNUM *get_rfc3526_prime_8192(BIGNUM *bn);
-
-int BN_bntest_rand(BIGNUM *rnd, int bits, int top,int bottom);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_BN_strings(void);
-
-/* Error codes for the BN functions. */
-
-/* Function codes. */
-#define BN_F_BNRAND					 127
-#define BN_F_BN_BLINDING_CONVERT_EX			 100
-#define BN_F_BN_BLINDING_CREATE_PARAM			 128
-#define BN_F_BN_BLINDING_INVERT_EX			 101
-#define BN_F_BN_BLINDING_NEW				 102
-#define BN_F_BN_BLINDING_UPDATE				 103
-#define BN_F_BN_BN2DEC					 104
-#define BN_F_BN_BN2HEX					 105
-#define BN_F_BN_CTX_GET					 116
-#define BN_F_BN_CTX_NEW					 106
-#define BN_F_BN_CTX_START				 129
-#define BN_F_BN_DIV					 107
-#define BN_F_BN_DIV_NO_BRANCH				 138
-#define BN_F_BN_DIV_RECP				 130
-#define BN_F_BN_EXP					 123
-#define BN_F_BN_EXPAND2					 108
-#define BN_F_BN_EXPAND_INTERNAL				 120
-#define BN_F_BN_GF2M_MOD				 131
-#define BN_F_BN_GF2M_MOD_EXP				 132
-#define BN_F_BN_GF2M_MOD_MUL				 133
-#define BN_F_BN_GF2M_MOD_SOLVE_QUAD			 134
-#define BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR			 135
-#define BN_F_BN_GF2M_MOD_SQR				 136
-#define BN_F_BN_GF2M_MOD_SQRT				 137
-#define BN_F_BN_MOD_EXP2_MONT				 118
-#define BN_F_BN_MOD_EXP_MONT				 109
-#define BN_F_BN_MOD_EXP_MONT_CONSTTIME			 124
-#define BN_F_BN_MOD_EXP_MONT_WORD			 117
-#define BN_F_BN_MOD_EXP_RECP				 125
-#define BN_F_BN_MOD_EXP_SIMPLE				 126
-#define BN_F_BN_MOD_INVERSE				 110
-#define BN_F_BN_MOD_INVERSE_NO_BRANCH			 139
-#define BN_F_BN_MOD_LSHIFT_QUICK			 119
-#define BN_F_BN_MOD_MUL_RECIPROCAL			 111
-#define BN_F_BN_MOD_SQRT				 121
-#define BN_F_BN_MPI2BN					 112
-#define BN_F_BN_NEW					 113
-#define BN_F_BN_RAND					 114
-#define BN_F_BN_RAND_RANGE				 122
-#define BN_F_BN_USUB					 115
-
-/* Reason codes. */
-#define BN_R_ARG2_LT_ARG3				 100
-#define BN_R_BAD_RECIPROCAL				 101
-#define BN_R_BIGNUM_TOO_LONG				 114
-#define BN_R_CALLED_WITH_EVEN_MODULUS			 102
-#define BN_R_DIV_BY_ZERO				 103
-#define BN_R_ENCODING_ERROR				 104
-#define BN_R_EXPAND_ON_STATIC_BIGNUM_DATA		 105
-#define BN_R_INPUT_NOT_REDUCED				 110
-#define BN_R_INVALID_LENGTH				 106
-#define BN_R_INVALID_RANGE				 115
-#define BN_R_NOT_A_SQUARE				 111
-#define BN_R_NOT_INITIALIZED				 107
-#define BN_R_NO_INVERSE					 108
-#define BN_R_NO_SOLUTION				 116
-#define BN_R_P_IS_NOT_PRIME				 112
-#define BN_R_TOO_MANY_ITERATIONS			 113
-#define BN_R_TOO_MANY_TEMPORARY_VARIABLES		 109
-
-#ifdef  __cplusplus
-}
-#endif
-#endif

ext/bin/libcrypto/include/openssl/buffer.h

@@ -1,119 +0,0 @@
-/* crypto/buffer/buffer.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_BUFFER_H
-#define HEADER_BUFFER_H
-
-#include <openssl/ossl_typ.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#include <stddef.h>
-
-#if !defined(NO_SYS_TYPES_H)
-#include <sys/types.h>
-#endif
-
-/* Already declared in ossl_typ.h */
-/* typedef struct buf_mem_st BUF_MEM; */
-
-struct buf_mem_st
-	{
-	size_t length;	/* current number of bytes */
-	char *data;
-	size_t max;	/* size of buffer */
-	};
-
-BUF_MEM *BUF_MEM_new(void);
-void	BUF_MEM_free(BUF_MEM *a);
-int	BUF_MEM_grow(BUF_MEM *str, size_t len);
-int	BUF_MEM_grow_clean(BUF_MEM *str, size_t len);
-char *	BUF_strdup(const char *str);
-char *	BUF_strndup(const char *str, size_t siz);
-void *	BUF_memdup(const void *data, size_t siz);
-void	BUF_reverse(unsigned char *out, unsigned char *in, size_t siz);
-
-/* safe string functions */
-size_t BUF_strlcpy(char *dst,const char *src,size_t siz);
-size_t BUF_strlcat(char *dst,const char *src,size_t siz);
-
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_BUF_strings(void);
-
-/* Error codes for the BUF functions. */
-
-/* Function codes. */
-#define BUF_F_BUF_MEMDUP				 103
-#define BUF_F_BUF_MEM_GROW				 100
-#define BUF_F_BUF_MEM_GROW_CLEAN			 105
-#define BUF_F_BUF_MEM_NEW				 101
-#define BUF_F_BUF_STRDUP				 102
-#define BUF_F_BUF_STRNDUP				 104
-
-/* Reason codes. */
-
-#ifdef  __cplusplus
-}
-#endif
-#endif

ext/bin/libcrypto/include/openssl/camellia.h

@@ -1,130 +0,0 @@
-/* crypto/camellia/camellia.h -*- mode:C; c-file-style: "eay" -*- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#ifndef HEADER_CAMELLIA_H
-#define HEADER_CAMELLIA_H
-
-#include <openssl/opensslconf.h>
-
-#ifdef OPENSSL_NO_CAMELLIA
-#error CAMELLIA is disabled.
-#endif
-
-#include <stddef.h>
-
-#define CAMELLIA_ENCRYPT	1
-#define CAMELLIA_DECRYPT	0
-
-/* Because array size can't be a const in C, the following two are macros.
-   Both sizes are in bytes. */
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* This should be a hidden type, but EVP requires that the size be known */
-
-#define CAMELLIA_BLOCK_SIZE 16
-#define CAMELLIA_TABLE_BYTE_LEN 272
-#define CAMELLIA_TABLE_WORD_LEN (CAMELLIA_TABLE_BYTE_LEN / 4)
-
-typedef unsigned int KEY_TABLE_TYPE[CAMELLIA_TABLE_WORD_LEN]; /* to match with WORD */
-
-struct camellia_key_st 
-	{
-	union	{
-		double d;	/* ensures 64-bit align */
-		KEY_TABLE_TYPE rd_key;
-		} u;
-	int grand_rounds;
-	};
-typedef struct camellia_key_st CAMELLIA_KEY;
-
-#ifdef OPENSSL_FIPS
-int private_Camellia_set_key(const unsigned char *userKey, const int bits,
-	CAMELLIA_KEY *key);
-#endif
-int Camellia_set_key(const unsigned char *userKey, const int bits,
-	CAMELLIA_KEY *key);
-
-void Camellia_encrypt(const unsigned char *in, unsigned char *out,
-	const CAMELLIA_KEY *key);
-void Camellia_decrypt(const unsigned char *in, unsigned char *out,
-	const CAMELLIA_KEY *key);
-
-void Camellia_ecb_encrypt(const unsigned char *in, unsigned char *out,
-	const CAMELLIA_KEY *key, const int enc);
-void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
-	size_t length, const CAMELLIA_KEY *key,
-	unsigned char *ivec, const int enc);
-void Camellia_cfb128_encrypt(const unsigned char *in, unsigned char *out,
-	size_t length, const CAMELLIA_KEY *key,
-	unsigned char *ivec, int *num, const int enc);
-void Camellia_cfb1_encrypt(const unsigned char *in, unsigned char *out,
-	size_t length, const CAMELLIA_KEY *key,
-	unsigned char *ivec, int *num, const int enc);
-void Camellia_cfb8_encrypt(const unsigned char *in, unsigned char *out,
-	size_t length, const CAMELLIA_KEY *key,
-	unsigned char *ivec, int *num, const int enc);
-void Camellia_ofb128_encrypt(const unsigned char *in, unsigned char *out,
-	size_t length, const CAMELLIA_KEY *key,
-	unsigned char *ivec, int *num);
-void Camellia_ctr128_encrypt(const unsigned char *in, unsigned char *out,
-	size_t length, const CAMELLIA_KEY *key,
-	unsigned char ivec[CAMELLIA_BLOCK_SIZE],
-	unsigned char ecount_buf[CAMELLIA_BLOCK_SIZE],
-	unsigned int *num);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif /* !HEADER_Camellia_H */

ext/bin/libcrypto/include/openssl/cast.h

@@ -1,107 +0,0 @@
-/* crypto/cast/cast.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_CAST_H
-#define HEADER_CAST_H
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#include <openssl/opensslconf.h>
-
-#ifdef OPENSSL_NO_CAST
-#error CAST is disabled.
-#endif
-
-#define CAST_ENCRYPT	1
-#define CAST_DECRYPT	0
-
-#define CAST_LONG unsigned int
-
-#define CAST_BLOCK	8
-#define CAST_KEY_LENGTH	16
-
-typedef struct cast_key_st
-	{
-	CAST_LONG data[32];
-	int short_key;	/* Use reduced rounds for short key */
-	} CAST_KEY;
-
-#ifdef OPENSSL_FIPS 
-void private_CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
-#endif
-void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
-void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out, const CAST_KEY *key,
-		      int enc);
-void CAST_encrypt(CAST_LONG *data, const CAST_KEY *key);
-void CAST_decrypt(CAST_LONG *data, const CAST_KEY *key);
-void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
-		      const CAST_KEY *ks, unsigned char *iv, int enc);
-void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-			long length, const CAST_KEY *schedule, unsigned char *ivec,
-			int *num, int enc);
-void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out, 
-			long length, const CAST_KEY *schedule, unsigned char *ivec,
-			int *num);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif

ext/bin/libcrypto/include/openssl/cmac.h

@@ -1,82 +0,0 @@
-/* crypto/cmac/cmac.h */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2010 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-
-#ifndef HEADER_CMAC_H
-#define HEADER_CMAC_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#include <openssl/evp.h>
-
-/* Opaque */
-typedef struct CMAC_CTX_st CMAC_CTX;
-
-CMAC_CTX *CMAC_CTX_new(void);
-void CMAC_CTX_cleanup(CMAC_CTX *ctx);
-void CMAC_CTX_free(CMAC_CTX *ctx);
-EVP_CIPHER_CTX *CMAC_CTX_get0_cipher_ctx(CMAC_CTX *ctx);
-int CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in);
-
-int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen, 
-			const EVP_CIPHER *cipher, ENGINE *impl);
-int CMAC_Update(CMAC_CTX *ctx, const void *data, size_t dlen);
-int CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen);
-int CMAC_resume(CMAC_CTX *ctx);
-
-#ifdef  __cplusplus
-}
-#endif
-#endif

ext/bin/libcrypto/include/openssl/cms.h

@@ -1,501 +0,0 @@
-/* crypto/cms/cms.h */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-
-#ifndef HEADER_CMS_H
-#define HEADER_CMS_H
-
-#include <openssl/x509.h>
-
-#ifdef OPENSSL_NO_CMS
-#error CMS is disabled.
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-
-typedef struct CMS_ContentInfo_st CMS_ContentInfo;
-typedef struct CMS_SignerInfo_st CMS_SignerInfo;
-typedef struct CMS_CertificateChoices CMS_CertificateChoices;
-typedef struct CMS_RevocationInfoChoice_st CMS_RevocationInfoChoice;
-typedef struct CMS_RecipientInfo_st CMS_RecipientInfo;
-typedef struct CMS_ReceiptRequest_st CMS_ReceiptRequest;
-typedef struct CMS_Receipt_st CMS_Receipt;
-
-DECLARE_STACK_OF(CMS_SignerInfo)
-DECLARE_STACK_OF(GENERAL_NAMES)
-DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
-DECLARE_ASN1_FUNCTIONS(CMS_ReceiptRequest)
-DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
-
-#define CMS_SIGNERINFO_ISSUER_SERIAL	0
-#define CMS_SIGNERINFO_KEYIDENTIFIER	1
-
-#define CMS_RECIPINFO_TRANS		0
-#define CMS_RECIPINFO_AGREE		1
-#define CMS_RECIPINFO_KEK		2
-#define CMS_RECIPINFO_PASS		3
-#define CMS_RECIPINFO_OTHER		4
-
-/* S/MIME related flags */
-
-#define CMS_TEXT			0x1
-#define CMS_NOCERTS			0x2
-#define CMS_NO_CONTENT_VERIFY		0x4
-#define CMS_NO_ATTR_VERIFY		0x8
-#define CMS_NOSIGS			\
-			(CMS_NO_CONTENT_VERIFY|CMS_NO_ATTR_VERIFY)
-#define CMS_NOINTERN			0x10
-#define CMS_NO_SIGNER_CERT_VERIFY	0x20
-#define CMS_NOVERIFY			0x20
-#define CMS_DETACHED			0x40
-#define CMS_BINARY			0x80
-#define CMS_NOATTR			0x100
-#define	CMS_NOSMIMECAP			0x200
-#define CMS_NOOLDMIMETYPE		0x400
-#define CMS_CRLFEOL			0x800
-#define CMS_STREAM			0x1000
-#define CMS_NOCRL			0x2000
-#define CMS_PARTIAL			0x4000
-#define CMS_REUSE_DIGEST		0x8000
-#define CMS_USE_KEYID			0x10000
-#define CMS_DEBUG_DECRYPT		0x20000
-
-const ASN1_OBJECT *CMS_get0_type(CMS_ContentInfo *cms);
-
-BIO *CMS_dataInit(CMS_ContentInfo *cms, BIO *icont);
-int CMS_dataFinal(CMS_ContentInfo *cms, BIO *bio);
-
-ASN1_OCTET_STRING **CMS_get0_content(CMS_ContentInfo *cms);
-int CMS_is_detached(CMS_ContentInfo *cms);
-int CMS_set_detached(CMS_ContentInfo *cms, int detached);
-
-#ifdef HEADER_PEM_H
-DECLARE_PEM_rw_const(CMS, CMS_ContentInfo)
-#endif
-
-int CMS_stream(unsigned char ***boundary, CMS_ContentInfo *cms);
-CMS_ContentInfo *d2i_CMS_bio(BIO *bp, CMS_ContentInfo **cms);
-int i2d_CMS_bio(BIO *bp, CMS_ContentInfo *cms);
-
-BIO *BIO_new_CMS(BIO *out, CMS_ContentInfo *cms);
-int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags);
-int PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags);
-CMS_ContentInfo *SMIME_read_CMS(BIO *bio, BIO **bcont);
-int SMIME_write_CMS(BIO *bio, CMS_ContentInfo *cms, BIO *data, int flags);
-
-int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont, unsigned int flags);
-
-CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
-						BIO *data, unsigned int flags);
-
-CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
-					X509 *signcert, EVP_PKEY *pkey,
-					STACK_OF(X509) *certs,
-					unsigned int flags);
-
-int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags);
-CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags);
-
-int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
-							unsigned int flags);
-CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md,
-							unsigned int flags);
-
-int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms,
-				const unsigned char *key, size_t keylen,
-				BIO *dcont, BIO *out, unsigned int flags);
-
-CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
-					const unsigned char *key, size_t keylen,
-					unsigned int flags);
-
-int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph,
-				const unsigned char *key, size_t keylen);
-
-int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
-		 X509_STORE *store, BIO *dcont, BIO *out, unsigned int flags);
-
-int CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms,
-			STACK_OF(X509) *certs,
-			X509_STORE *store, unsigned int flags);
-
-STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms);
-
-CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in,
-				const EVP_CIPHER *cipher, unsigned int flags);
-
-int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pkey, X509 *cert,
-				BIO *dcont, BIO *out,
-				unsigned int flags);
-	
-int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert);
-int CMS_decrypt_set1_key(CMS_ContentInfo *cms, 
-				unsigned char *key, size_t keylen,
-				unsigned char *id, size_t idlen);
-int CMS_decrypt_set1_password(CMS_ContentInfo *cms, 
-				unsigned char *pass, ossl_ssize_t passlen);
-
-STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
-int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
-CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher);
-CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms,
-					X509 *recip, unsigned int flags);
-int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey);
-int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert);
-int CMS_RecipientInfo_ktri_get0_algs(CMS_RecipientInfo *ri,
-					EVP_PKEY **pk, X509 **recip,
-					X509_ALGOR **palg);
-int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri,
-					ASN1_OCTET_STRING **keyid,
-					X509_NAME **issuer, ASN1_INTEGER **sno);
-
-CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid,
-					unsigned char *key, size_t keylen,
-					unsigned char *id, size_t idlen,
-					ASN1_GENERALIZEDTIME *date,
-					ASN1_OBJECT *otherTypeId,
-					ASN1_TYPE *otherType);
-
-int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri,
-					X509_ALGOR **palg,
-					ASN1_OCTET_STRING **pid,
-					ASN1_GENERALIZEDTIME **pdate,
-					ASN1_OBJECT **potherid,
-					ASN1_TYPE **pothertype);
-
-int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri, 
-				unsigned char *key, size_t keylen);
-
-int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri, 
-					const unsigned char *id, size_t idlen);
-
-int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri, 
-					unsigned char *pass,
-					ossl_ssize_t passlen);
-
-CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
-					int iter, int wrap_nid, int pbe_nid,
-					unsigned char *pass,
-					ossl_ssize_t passlen,
-					const EVP_CIPHER *kekciph);
-
-int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
-	
-int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
-							unsigned int flags);
-CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags);
-
-int CMS_set1_eContentType(CMS_ContentInfo *cms, const ASN1_OBJECT *oid);
-const ASN1_OBJECT *CMS_get0_eContentType(CMS_ContentInfo *cms);
-
-CMS_CertificateChoices *CMS_add0_CertificateChoices(CMS_ContentInfo *cms);
-int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert);
-int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert);
-STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms);
-
-CMS_RevocationInfoChoice *CMS_add0_RevocationInfoChoice(CMS_ContentInfo *cms);
-int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl);
-int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl);
-STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms);
-
-int CMS_SignedData_init(CMS_ContentInfo *cms);
-CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
-			X509 *signer, EVP_PKEY *pk, const EVP_MD *md,
-			unsigned int flags);
-STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms);
-
-void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer);
-int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si,
-					ASN1_OCTET_STRING **keyid,
-					X509_NAME **issuer, ASN1_INTEGER **sno);
-int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert);
-int CMS_set1_signers_certs(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
-					unsigned int flags);
-void CMS_SignerInfo_get0_algs(CMS_SignerInfo *si, EVP_PKEY **pk, X509 **signer,
-					X509_ALGOR **pdig, X509_ALGOR **psig);
-int CMS_SignerInfo_sign(CMS_SignerInfo *si);
-int CMS_SignerInfo_verify(CMS_SignerInfo *si);
-int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain);
-
-int CMS_add_smimecap(CMS_SignerInfo *si, STACK_OF(X509_ALGOR) *algs);
-int CMS_add_simple_smimecap(STACK_OF(X509_ALGOR) **algs,
-				int algnid, int keysize);
-int CMS_add_standard_smimecap(STACK_OF(X509_ALGOR) **smcap);
-
-int CMS_signed_get_attr_count(const CMS_SignerInfo *si);
-int CMS_signed_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
-			  int lastpos);
-int CMS_signed_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
-			  int lastpos);
-X509_ATTRIBUTE *CMS_signed_get_attr(const CMS_SignerInfo *si, int loc);
-X509_ATTRIBUTE *CMS_signed_delete_attr(CMS_SignerInfo *si, int loc);
-int CMS_signed_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr);
-int CMS_signed_add1_attr_by_OBJ(CMS_SignerInfo *si,
-			const ASN1_OBJECT *obj, int type,
-			const void *bytes, int len);
-int CMS_signed_add1_attr_by_NID(CMS_SignerInfo *si,
-			int nid, int type,
-			const void *bytes, int len);
-int CMS_signed_add1_attr_by_txt(CMS_SignerInfo *si,
-			const char *attrname, int type,
-			const void *bytes, int len);
-void *CMS_signed_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
-					int lastpos, int type);
-
-int CMS_unsigned_get_attr_count(const CMS_SignerInfo *si);
-int CMS_unsigned_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
-			  int lastpos);
-int CMS_unsigned_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
-			  int lastpos);
-X509_ATTRIBUTE *CMS_unsigned_get_attr(const CMS_SignerInfo *si, int loc);
-X509_ATTRIBUTE *CMS_unsigned_delete_attr(CMS_SignerInfo *si, int loc);
-int CMS_unsigned_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr);
-int CMS_unsigned_add1_attr_by_OBJ(CMS_SignerInfo *si,
-			const ASN1_OBJECT *obj, int type,
-			const void *bytes, int len);
-int CMS_unsigned_add1_attr_by_NID(CMS_SignerInfo *si,
-			int nid, int type,
-			const void *bytes, int len);
-int CMS_unsigned_add1_attr_by_txt(CMS_SignerInfo *si,
-			const char *attrname, int type,
-			const void *bytes, int len);
-void *CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
-					int lastpos, int type);
-
-#ifdef HEADER_X509V3_H
-
-int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr);
-CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
-				int allorfirst,
-				STACK_OF(GENERAL_NAMES) *receiptList,
-				STACK_OF(GENERAL_NAMES) *receiptsTo);
-int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr);
-void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr,
-					ASN1_STRING **pcid,
-					int *pallorfirst,
-					STACK_OF(GENERAL_NAMES) **plist,
-					STACK_OF(GENERAL_NAMES) **prto);
-
-#endif
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_CMS_strings(void);
-
-/* Error codes for the CMS functions. */
-
-/* Function codes. */
-#define CMS_F_CHECK_CONTENT				 99
-#define CMS_F_CMS_ADD0_CERT				 164
-#define CMS_F_CMS_ADD0_RECIPIENT_KEY			 100
-#define CMS_F_CMS_ADD0_RECIPIENT_PASSWORD		 165
-#define CMS_F_CMS_ADD1_RECEIPTREQUEST			 158
-#define CMS_F_CMS_ADD1_RECIPIENT_CERT			 101
-#define CMS_F_CMS_ADD1_SIGNER				 102
-#define CMS_F_CMS_ADD1_SIGNINGTIME			 103
-#define CMS_F_CMS_COMPRESS				 104
-#define CMS_F_CMS_COMPRESSEDDATA_CREATE			 105
-#define CMS_F_CMS_COMPRESSEDDATA_INIT_BIO		 106
-#define CMS_F_CMS_COPY_CONTENT				 107
-#define CMS_F_CMS_COPY_MESSAGEDIGEST			 108
-#define CMS_F_CMS_DATA					 109
-#define CMS_F_CMS_DATAFINAL				 110
-#define CMS_F_CMS_DATAINIT				 111
-#define CMS_F_CMS_DECRYPT				 112
-#define CMS_F_CMS_DECRYPT_SET1_KEY			 113
-#define CMS_F_CMS_DECRYPT_SET1_PASSWORD			 166
-#define CMS_F_CMS_DECRYPT_SET1_PKEY			 114
-#define CMS_F_CMS_DIGESTALGORITHM_FIND_CTX		 115
-#define CMS_F_CMS_DIGESTALGORITHM_INIT_BIO		 116
-#define CMS_F_CMS_DIGESTEDDATA_DO_FINAL			 117
-#define CMS_F_CMS_DIGEST_VERIFY				 118
-#define CMS_F_CMS_ENCODE_RECEIPT			 161
-#define CMS_F_CMS_ENCRYPT				 119
-#define CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO		 120
-#define CMS_F_CMS_ENCRYPTEDDATA_DECRYPT			 121
-#define CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT			 122
-#define CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY		 123
-#define CMS_F_CMS_ENVELOPEDDATA_CREATE			 124
-#define CMS_F_CMS_ENVELOPEDDATA_INIT_BIO		 125
-#define CMS_F_CMS_ENVELOPED_DATA_INIT			 126
-#define CMS_F_CMS_FINAL					 127
-#define CMS_F_CMS_GET0_CERTIFICATE_CHOICES		 128
-#define CMS_F_CMS_GET0_CONTENT				 129
-#define CMS_F_CMS_GET0_ECONTENT_TYPE			 130
-#define CMS_F_CMS_GET0_ENVELOPED			 131
-#define CMS_F_CMS_GET0_REVOCATION_CHOICES		 132
-#define CMS_F_CMS_GET0_SIGNED				 133
-#define CMS_F_CMS_MSGSIGDIGEST_ADD1			 162
-#define CMS_F_CMS_RECEIPTREQUEST_CREATE0		 159
-#define CMS_F_CMS_RECEIPT_VERIFY			 160
-#define CMS_F_CMS_RECIPIENTINFO_DECRYPT			 134
-#define CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT		 135
-#define CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT		 136
-#define CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID		 137
-#define CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP		 138
-#define CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP		 139
-#define CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT		 140
-#define CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT		 141
-#define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS		 142
-#define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID	 143
-#define CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT		 167
-#define CMS_F_CMS_RECIPIENTINFO_SET0_KEY		 144
-#define CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD		 168
-#define CMS_F_CMS_RECIPIENTINFO_SET0_PKEY		 145
-#define CMS_F_CMS_SET1_SIGNERIDENTIFIER			 146
-#define CMS_F_CMS_SET_DETACHED				 147
-#define CMS_F_CMS_SIGN					 148
-#define CMS_F_CMS_SIGNED_DATA_INIT			 149
-#define CMS_F_CMS_SIGNERINFO_CONTENT_SIGN		 150
-#define CMS_F_CMS_SIGNERINFO_SIGN			 151
-#define CMS_F_CMS_SIGNERINFO_VERIFY			 152
-#define CMS_F_CMS_SIGNERINFO_VERIFY_CERT		 153
-#define CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT		 154
-#define CMS_F_CMS_SIGN_RECEIPT				 163
-#define CMS_F_CMS_STREAM				 155
-#define CMS_F_CMS_UNCOMPRESS				 156
-#define CMS_F_CMS_VERIFY				 157
-
-/* Reason codes. */
-#define CMS_R_ADD_SIGNER_ERROR				 99
-#define CMS_R_CERTIFICATE_ALREADY_PRESENT		 175
-#define CMS_R_CERTIFICATE_HAS_NO_KEYID			 160
-#define CMS_R_CERTIFICATE_VERIFY_ERROR			 100
-#define CMS_R_CIPHER_INITIALISATION_ERROR		 101
-#define CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR	 102
-#define CMS_R_CMS_DATAFINAL_ERROR			 103
-#define CMS_R_CMS_LIB					 104
-#define CMS_R_CONTENTIDENTIFIER_MISMATCH		 170
-#define CMS_R_CONTENT_NOT_FOUND				 105
-#define CMS_R_CONTENT_TYPE_MISMATCH			 171
-#define CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA		 106
-#define CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA		 107
-#define CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA		 108
-#define CMS_R_CONTENT_VERIFY_ERROR			 109
-#define CMS_R_CTRL_ERROR				 110
-#define CMS_R_CTRL_FAILURE				 111
-#define CMS_R_DECRYPT_ERROR				 112
-#define CMS_R_DIGEST_ERROR				 161
-#define CMS_R_ERROR_GETTING_PUBLIC_KEY			 113
-#define CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE	 114
-#define CMS_R_ERROR_SETTING_KEY				 115
-#define CMS_R_ERROR_SETTING_RECIPIENTINFO		 116
-#define CMS_R_INVALID_ENCRYPTED_KEY_LENGTH		 117
-#define CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER		 176
-#define CMS_R_INVALID_KEY_LENGTH			 118
-#define CMS_R_MD_BIO_INIT_ERROR				 119
-#define CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH	 120
-#define CMS_R_MESSAGEDIGEST_WRONG_LENGTH		 121
-#define CMS_R_MSGSIGDIGEST_ERROR			 172
-#define CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE		 162
-#define CMS_R_MSGSIGDIGEST_WRONG_LENGTH			 163
-#define CMS_R_NEED_ONE_SIGNER				 164
-#define CMS_R_NOT_A_SIGNED_RECEIPT			 165
-#define CMS_R_NOT_ENCRYPTED_DATA			 122
-#define CMS_R_NOT_KEK					 123
-#define CMS_R_NOT_KEY_TRANSPORT				 124
-#define CMS_R_NOT_PWRI					 177
-#define CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE		 125
-#define CMS_R_NO_CIPHER					 126
-#define CMS_R_NO_CONTENT				 127
-#define CMS_R_NO_CONTENT_TYPE				 173
-#define CMS_R_NO_DEFAULT_DIGEST				 128
-#define CMS_R_NO_DIGEST_SET				 129
-#define CMS_R_NO_KEY					 130
-#define CMS_R_NO_KEY_OR_CERT				 174
-#define CMS_R_NO_MATCHING_DIGEST			 131
-#define CMS_R_NO_MATCHING_RECIPIENT			 132
-#define CMS_R_NO_MATCHING_SIGNATURE			 166
-#define CMS_R_NO_MSGSIGDIGEST				 167
-#define CMS_R_NO_PASSWORD				 178
-#define CMS_R_NO_PRIVATE_KEY				 133
-#define CMS_R_NO_PUBLIC_KEY				 134
-#define CMS_R_NO_RECEIPT_REQUEST			 168
-#define CMS_R_NO_SIGNERS				 135
-#define CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE	 136
-#define CMS_R_RECEIPT_DECODE_ERROR			 169
-#define CMS_R_RECIPIENT_ERROR				 137
-#define CMS_R_SIGNER_CERTIFICATE_NOT_FOUND		 138
-#define CMS_R_SIGNFINAL_ERROR				 139
-#define CMS_R_SMIME_TEXT_ERROR				 140
-#define CMS_R_STORE_INIT_ERROR				 141
-#define CMS_R_TYPE_NOT_COMPRESSED_DATA			 142
-#define CMS_R_TYPE_NOT_DATA				 143
-#define CMS_R_TYPE_NOT_DIGESTED_DATA			 144
-#define CMS_R_TYPE_NOT_ENCRYPTED_DATA			 145
-#define CMS_R_TYPE_NOT_ENVELOPED_DATA			 146
-#define CMS_R_UNABLE_TO_FINALIZE_CONTEXT		 147
-#define CMS_R_UNKNOWN_CIPHER				 148
-#define CMS_R_UNKNOWN_DIGEST_ALGORIHM			 149
-#define CMS_R_UNKNOWN_ID				 150
-#define CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM		 151
-#define CMS_R_UNSUPPORTED_CONTENT_TYPE			 152
-#define CMS_R_UNSUPPORTED_KEK_ALGORITHM			 153
-#define CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM	 179
-#define CMS_R_UNSUPPORTED_RECIPIENT_TYPE		 154
-#define CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE		 155
-#define CMS_R_UNSUPPORTED_TYPE				 156
-#define CMS_R_UNWRAP_ERROR				 157
-#define CMS_R_UNWRAP_FAILURE				 180
-#define CMS_R_VERIFICATION_FAILURE			 158
-#define CMS_R_WRAP_ERROR				 159
-
-#ifdef  __cplusplus
-}
-#endif
-#endif

ext/bin/libcrypto/include/openssl/comp.h

@@ -1,80 +0,0 @@
-
-#ifndef HEADER_COMP_H
-#define HEADER_COMP_H
-
-#include <openssl/crypto.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct comp_ctx_st COMP_CTX;
-
-typedef struct comp_method_st
-	{
-	int type;		/* NID for compression library */
-	const char *name;	/* A text string to identify the library */
-	int (*init)(COMP_CTX *ctx);
-	void (*finish)(COMP_CTX *ctx);
-	int (*compress)(COMP_CTX *ctx,
-			unsigned char *out, unsigned int olen,
-			unsigned char *in, unsigned int ilen);
-	int (*expand)(COMP_CTX *ctx,
-		      unsigned char *out, unsigned int olen,
-		      unsigned char *in, unsigned int ilen);
-	/* The following two do NOTHING, but are kept for backward compatibility */
-	long (*ctrl)(void);
-	long (*callback_ctrl)(void);
-	} COMP_METHOD;
-
-struct comp_ctx_st
-	{
-	COMP_METHOD *meth;
-	unsigned long compress_in;
-	unsigned long compress_out;
-	unsigned long expand_in;
-	unsigned long expand_out;
-
-	CRYPTO_EX_DATA	ex_data;
-	};
-
-
-COMP_CTX *COMP_CTX_new(COMP_METHOD *meth);
-void COMP_CTX_free(COMP_CTX *ctx);
-int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen,
-	unsigned char *in, int ilen);
-int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen,
-	unsigned char *in, int ilen);
-COMP_METHOD *COMP_rle(void );
-COMP_METHOD *COMP_zlib(void );
-void COMP_zlib_cleanup(void);
-
-#ifdef HEADER_BIO_H
-#ifdef ZLIB
-BIO_METHOD *BIO_f_zlib(void);
-#endif
-#endif
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_COMP_strings(void);
-
-/* Error codes for the COMP functions. */
-
-/* Function codes. */
-#define COMP_F_BIO_ZLIB_FLUSH				 99
-#define COMP_F_BIO_ZLIB_NEW				 100
-#define COMP_F_BIO_ZLIB_READ				 101
-#define COMP_F_BIO_ZLIB_WRITE				 102
-
-/* Reason codes. */
-#define COMP_R_ZLIB_DEFLATE_ERROR			 99
-#define COMP_R_ZLIB_INFLATE_ERROR			 100
-#define COMP_R_ZLIB_NOT_SUPPORTED			 101
-
-#ifdef  __cplusplus
-}
-#endif
-#endif

ext/bin/libcrypto/include/openssl/conf.h

@@ -1,263 +0,0 @@
-/* crypto/conf/conf.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef  HEADER_CONF_H
-#define HEADER_CONF_H
-
-#include <openssl/bio.h>
-#include <openssl/lhash.h>
-#include <openssl/stack.h>
-#include <openssl/safestack.h>
-#include <openssl/e_os2.h>
-
-#include <openssl/ossl_typ.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct
-	{
-	char *section;
-	char *name;
-	char *value;
-	} CONF_VALUE;
-
-DECLARE_STACK_OF(CONF_VALUE)
-DECLARE_LHASH_OF(CONF_VALUE);
-
-struct conf_st;
-struct conf_method_st;
-typedef struct conf_method_st CONF_METHOD;
-
-struct conf_method_st
-	{
-	const char *name;
-	CONF *(*create)(CONF_METHOD *meth);
-	int (*init)(CONF *conf);
-	int (*destroy)(CONF *conf);
-	int (*destroy_data)(CONF *conf);
-	int (*load_bio)(CONF *conf, BIO *bp, long *eline);
-	int (*dump)(const CONF *conf, BIO *bp);
-	int (*is_number)(const CONF *conf, char c);
-	int (*to_int)(const CONF *conf, char c);
-	int (*load)(CONF *conf, const char *name, long *eline);
-	};
-
-/* Module definitions */
-
-typedef struct conf_imodule_st CONF_IMODULE;
-typedef struct conf_module_st CONF_MODULE;
-
-DECLARE_STACK_OF(CONF_MODULE)
-DECLARE_STACK_OF(CONF_IMODULE)
-
-/* DSO module function typedefs */
-typedef int conf_init_func(CONF_IMODULE *md, const CONF *cnf);
-typedef void conf_finish_func(CONF_IMODULE *md);
-
-#define	CONF_MFLAGS_IGNORE_ERRORS	0x1
-#define CONF_MFLAGS_IGNORE_RETURN_CODES	0x2
-#define CONF_MFLAGS_SILENT		0x4
-#define CONF_MFLAGS_NO_DSO		0x8
-#define CONF_MFLAGS_IGNORE_MISSING_FILE	0x10
-#define CONF_MFLAGS_DEFAULT_SECTION	0x20
-
-int CONF_set_default_method(CONF_METHOD *meth);
-void CONF_set_nconf(CONF *conf,LHASH_OF(CONF_VALUE) *hash);
-LHASH_OF(CONF_VALUE) *CONF_load(LHASH_OF(CONF_VALUE) *conf,const char *file,
-				long *eline);
-#ifndef OPENSSL_NO_FP_API
-LHASH_OF(CONF_VALUE) *CONF_load_fp(LHASH_OF(CONF_VALUE) *conf, FILE *fp,
-				   long *eline);
-#endif
-LHASH_OF(CONF_VALUE) *CONF_load_bio(LHASH_OF(CONF_VALUE) *conf, BIO *bp,long *eline);
-STACK_OF(CONF_VALUE) *CONF_get_section(LHASH_OF(CONF_VALUE) *conf,
-				       const char *section);
-char *CONF_get_string(LHASH_OF(CONF_VALUE) *conf,const char *group,
-		      const char *name);
-long CONF_get_number(LHASH_OF(CONF_VALUE) *conf,const char *group,
-		     const char *name);
-void CONF_free(LHASH_OF(CONF_VALUE) *conf);
-int CONF_dump_fp(LHASH_OF(CONF_VALUE) *conf, FILE *out);
-int CONF_dump_bio(LHASH_OF(CONF_VALUE) *conf, BIO *out);
-
-void OPENSSL_config(const char *config_name);
-void OPENSSL_no_config(void);
-
-/* New conf code.  The semantics are different from the functions above.
-   If that wasn't the case, the above functions would have been replaced */
-
-struct conf_st
-	{
-	CONF_METHOD *meth;
-	void *meth_data;
-	LHASH_OF(CONF_VALUE) *data;
-	};
-
-CONF *NCONF_new(CONF_METHOD *meth);
-CONF_METHOD *NCONF_default(void);
-CONF_METHOD *NCONF_WIN32(void);
-#if 0 /* Just to give you an idea of what I have in mind */
-CONF_METHOD *NCONF_XML(void);
-#endif
-void NCONF_free(CONF *conf);
-void NCONF_free_data(CONF *conf);
-
-int NCONF_load(CONF *conf,const char *file,long *eline);
-#ifndef OPENSSL_NO_FP_API
-int NCONF_load_fp(CONF *conf, FILE *fp,long *eline);
-#endif
-int NCONF_load_bio(CONF *conf, BIO *bp,long *eline);
-STACK_OF(CONF_VALUE) *NCONF_get_section(const CONF *conf,const char *section);
-char *NCONF_get_string(const CONF *conf,const char *group,const char *name);
-int NCONF_get_number_e(const CONF *conf,const char *group,const char *name,
-		       long *result);
-int NCONF_dump_fp(const CONF *conf, FILE *out);
-int NCONF_dump_bio(const CONF *conf, BIO *out);
-
-#if 0 /* The following function has no error checking,
-	 and should therefore be avoided */
-long NCONF_get_number(CONF *conf,char *group,char *name);
-#else
-#define NCONF_get_number(c,g,n,r) NCONF_get_number_e(c,g,n,r)
-#endif
-  
-/* Module functions */
-
-int CONF_modules_load(const CONF *cnf, const char *appname,
-		      unsigned long flags);
-int CONF_modules_load_file(const char *filename, const char *appname,
-			   unsigned long flags);
-void CONF_modules_unload(int all);
-void CONF_modules_finish(void);
-void CONF_modules_free(void);
-int CONF_module_add(const char *name, conf_init_func *ifunc,
-		    conf_finish_func *ffunc);
-
-const char *CONF_imodule_get_name(const CONF_IMODULE *md);
-const char *CONF_imodule_get_value(const CONF_IMODULE *md);
-void *CONF_imodule_get_usr_data(const CONF_IMODULE *md);
-void CONF_imodule_set_usr_data(CONF_IMODULE *md, void *usr_data);
-CONF_MODULE *CONF_imodule_get_module(const CONF_IMODULE *md);
-unsigned long CONF_imodule_get_flags(const CONF_IMODULE *md);
-void CONF_imodule_set_flags(CONF_IMODULE *md, unsigned long flags);
-void *CONF_module_get_usr_data(CONF_MODULE *pmod);
-void CONF_module_set_usr_data(CONF_MODULE *pmod, void *usr_data);
-
-char *CONF_get1_default_config_file(void);
-
-int CONF_parse_list(const char *list, int sep, int nospc,
-	int (*list_cb)(const char *elem, int len, void *usr), void *arg);
-
-void OPENSSL_load_builtin_modules(void);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_CONF_strings(void);
-
-/* Error codes for the CONF functions. */
-
-/* Function codes. */
-#define CONF_F_CONF_DUMP_FP				 104
-#define CONF_F_CONF_LOAD				 100
-#define CONF_F_CONF_LOAD_BIO				 102
-#define CONF_F_CONF_LOAD_FP				 103
-#define CONF_F_CONF_MODULES_LOAD			 116
-#define CONF_F_CONF_PARSE_LIST				 119
-#define CONF_F_DEF_LOAD					 120
-#define CONF_F_DEF_LOAD_BIO				 121
-#define CONF_F_MODULE_INIT				 115
-#define CONF_F_MODULE_LOAD_DSO				 117
-#define CONF_F_MODULE_RUN				 118
-#define CONF_F_NCONF_DUMP_BIO				 105
-#define CONF_F_NCONF_DUMP_FP				 106
-#define CONF_F_NCONF_GET_NUMBER				 107
-#define CONF_F_NCONF_GET_NUMBER_E			 112
-#define CONF_F_NCONF_GET_SECTION			 108
-#define CONF_F_NCONF_GET_STRING				 109
-#define CONF_F_NCONF_LOAD				 113
-#define CONF_F_NCONF_LOAD_BIO				 110
-#define CONF_F_NCONF_LOAD_FP				 114
-#define CONF_F_NCONF_NEW				 111
-#define CONF_F_STR_COPY					 101
-
-/* Reason codes. */
-#define CONF_R_ERROR_LOADING_DSO			 110
-#define CONF_R_LIST_CANNOT_BE_NULL			 115
-#define CONF_R_MISSING_CLOSE_SQUARE_BRACKET		 100
-#define CONF_R_MISSING_EQUAL_SIGN			 101
-#define CONF_R_MISSING_FINISH_FUNCTION			 111
-#define CONF_R_MISSING_INIT_FUNCTION			 112
-#define CONF_R_MODULE_INITIALIZATION_ERROR		 109
-#define CONF_R_NO_CLOSE_BRACE				 102
-#define CONF_R_NO_CONF					 105
-#define CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE		 106
-#define CONF_R_NO_SECTION				 107
-#define CONF_R_NO_SUCH_FILE				 114
-#define CONF_R_NO_VALUE					 108
-#define CONF_R_UNABLE_TO_CREATE_NEW_SECTION		 103
-#define CONF_R_UNKNOWN_MODULE_NAME			 113
-#define CONF_R_VARIABLE_HAS_NO_VALUE			 104
-
-#ifdef  __cplusplus
-}
-#endif
-#endif

ext/bin/libcrypto/include/openssl/conf_api.h

@@ -1,89 +0,0 @@
-/* conf_api.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef  HEADER_CONF_API_H
-#define HEADER_CONF_API_H
-
-#include <openssl/lhash.h>
-#include <openssl/conf.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* Up until OpenSSL 0.9.5a, this was new_section */
-CONF_VALUE *_CONF_new_section(CONF *conf, const char *section);
-/* Up until OpenSSL 0.9.5a, this was get_section */
-CONF_VALUE *_CONF_get_section(const CONF *conf, const char *section);
-/* Up until OpenSSL 0.9.5a, this was CONF_get_section */
-STACK_OF(CONF_VALUE) *_CONF_get_section_values(const CONF *conf,
-					       const char *section);
-
-int _CONF_add_string(CONF *conf, CONF_VALUE *section, CONF_VALUE *value);
-char *_CONF_get_string(const CONF *conf, const char *section,
-		       const char *name);
-long _CONF_get_number(const CONF *conf, const char *section, const char *name);
-
-int _CONF_new_data(CONF *conf);
-void _CONF_free_data(CONF *conf);
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
-

ext/bin/libcrypto/include/openssl/crypto.h

@@ -1,611 +0,0 @@
-/* crypto/crypto.h */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECDH support in OpenSSL originally developed by 
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#ifndef HEADER_CRYPTO_H
-#define HEADER_CRYPTO_H
-
-#include <stdlib.h>
-
-#include <openssl/e_os2.h>
-
-#ifndef OPENSSL_NO_FP_API
-#include <stdio.h>
-#endif
-
-#include <openssl/stack.h>
-#include <openssl/safestack.h>
-#include <openssl/opensslv.h>
-#include <openssl/ossl_typ.h>
-
-#ifdef CHARSET_EBCDIC
-#include <openssl/ebcdic.h>
-#endif
-
-/* Resolve problems on some operating systems with symbol names that clash
-   one way or another */
-#include <openssl/symhacks.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* Backward compatibility to SSLeay */
-/* This is more to be used to check the correct DLL is being used
- * in the MS world. */
-#define SSLEAY_VERSION_NUMBER	OPENSSL_VERSION_NUMBER
-#define SSLEAY_VERSION		0
-/* #define SSLEAY_OPTIONS	1 no longer supported */
-#define SSLEAY_CFLAGS		2
-#define SSLEAY_BUILT_ON		3
-#define SSLEAY_PLATFORM		4
-#define SSLEAY_DIR		5
-
-/* Already declared in ossl_typ.h */
-#if 0
-typedef struct crypto_ex_data_st CRYPTO_EX_DATA;
-/* Called when a new object is created */
-typedef int CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
-					int idx, long argl, void *argp);
-/* Called when an object is free()ed */
-typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
-					int idx, long argl, void *argp);
-/* Called when we need to dup an object */
-typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d, 
-					int idx, long argl, void *argp);
-#endif
-
-/* A generic structure to pass assorted data in a expandable way */
-typedef struct openssl_item_st
-	{
-	int code;
-	void *value;		/* Not used for flag attributes */
-	size_t value_size;	/* Max size of value for output, length for input */
-	size_t *value_length;	/* Returned length of value for output */
-	} OPENSSL_ITEM;
-
-
-/* When changing the CRYPTO_LOCK_* list, be sure to maintin the text lock
- * names in cryptlib.c
- */
-
-#define	CRYPTO_LOCK_ERR			1
-#define	CRYPTO_LOCK_EX_DATA		2
-#define	CRYPTO_LOCK_X509		3
-#define	CRYPTO_LOCK_X509_INFO		4
-#define	CRYPTO_LOCK_X509_PKEY		5
-#define CRYPTO_LOCK_X509_CRL		6
-#define CRYPTO_LOCK_X509_REQ		7
-#define CRYPTO_LOCK_DSA			8
-#define CRYPTO_LOCK_RSA			9
-#define CRYPTO_LOCK_EVP_PKEY		10
-#define CRYPTO_LOCK_X509_STORE		11
-#define CRYPTO_LOCK_SSL_CTX		12
-#define CRYPTO_LOCK_SSL_CERT		13
-#define CRYPTO_LOCK_SSL_SESSION		14
-#define CRYPTO_LOCK_SSL_SESS_CERT	15
-#define CRYPTO_LOCK_SSL			16
-#define CRYPTO_LOCK_SSL_METHOD		17
-#define CRYPTO_LOCK_RAND		18
-#define CRYPTO_LOCK_RAND2		19
-#define CRYPTO_LOCK_MALLOC		20
-#define CRYPTO_LOCK_BIO			21
-#define CRYPTO_LOCK_GETHOSTBYNAME	22
-#define CRYPTO_LOCK_GETSERVBYNAME	23
-#define CRYPTO_LOCK_READDIR		24
-#define CRYPTO_LOCK_RSA_BLINDING	25
-#define CRYPTO_LOCK_DH			26
-#define CRYPTO_LOCK_MALLOC2		27
-#define CRYPTO_LOCK_DSO			28
-#define CRYPTO_LOCK_DYNLOCK		29
-#define CRYPTO_LOCK_ENGINE		30
-#define CRYPTO_LOCK_UI			31
-#define CRYPTO_LOCK_ECDSA               32
-#define CRYPTO_LOCK_EC			33
-#define CRYPTO_LOCK_ECDH		34
-#define CRYPTO_LOCK_BN  		35
-#define CRYPTO_LOCK_EC_PRE_COMP		36
-#define CRYPTO_LOCK_STORE		37
-#define CRYPTO_LOCK_COMP		38
-#define CRYPTO_LOCK_FIPS		39
-#define CRYPTO_LOCK_FIPS2		40
-#define CRYPTO_NUM_LOCKS		41
-
-#define CRYPTO_LOCK		1
-#define CRYPTO_UNLOCK		2
-#define CRYPTO_READ		4
-#define CRYPTO_WRITE		8
-
-#ifndef OPENSSL_NO_LOCKING
-#ifndef CRYPTO_w_lock
-#define CRYPTO_w_lock(type)	\
-	CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
-#define CRYPTO_w_unlock(type)	\
-	CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
-#define CRYPTO_r_lock(type)	\
-	CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__)
-#define CRYPTO_r_unlock(type)	\
-	CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__)
-#define CRYPTO_add(addr,amount,type)	\
-	CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__)
-#endif
-#else
-#define CRYPTO_w_lock(a)
-#define CRYPTO_w_unlock(a)
-#define CRYPTO_r_lock(a)
-#define CRYPTO_r_unlock(a)
-#define CRYPTO_add(a,b,c)	((*(a))+=(b))
-#endif
-
-/* Some applications as well as some parts of OpenSSL need to allocate
-   and deallocate locks in a dynamic fashion.  The following typedef
-   makes this possible in a type-safe manner.  */
-/* struct CRYPTO_dynlock_value has to be defined by the application. */
-typedef struct
-	{
-	int references;
-	struct CRYPTO_dynlock_value *data;
-	} CRYPTO_dynlock;
-
-
-/* The following can be used to detect memory leaks in the SSLeay library.
- * It used, it turns on malloc checking */
-
-#define CRYPTO_MEM_CHECK_OFF	0x0	/* an enume */
-#define CRYPTO_MEM_CHECK_ON	0x1	/* a bit */
-#define CRYPTO_MEM_CHECK_ENABLE	0x2	/* a bit */
-#define CRYPTO_MEM_CHECK_DISABLE 0x3	/* an enume */
-
-/* The following are bit values to turn on or off options connected to the
- * malloc checking functionality */
-
-/* Adds time to the memory checking information */
-#define V_CRYPTO_MDEBUG_TIME	0x1 /* a bit */
-/* Adds thread number to the memory checking information */
-#define V_CRYPTO_MDEBUG_THREAD	0x2 /* a bit */
-
-#define V_CRYPTO_MDEBUG_ALL (V_CRYPTO_MDEBUG_TIME | V_CRYPTO_MDEBUG_THREAD)
-
-
-/* predec of the BIO type */
-typedef struct bio_st BIO_dummy;
-
-struct crypto_ex_data_st
-	{
-	STACK_OF(void) *sk;
-	int dummy; /* gcc is screwing up this data structure :-( */
-	};
-DECLARE_STACK_OF(void)
-
-/* This stuff is basically class callback functions
- * The current classes are SSL_CTX, SSL, SSL_SESSION, and a few more */
-
-typedef struct crypto_ex_data_func_st
-	{
-	long argl;	/* Arbitary long */
-	void *argp;	/* Arbitary void * */
-	CRYPTO_EX_new *new_func;
-	CRYPTO_EX_free *free_func;
-	CRYPTO_EX_dup *dup_func;
-	} CRYPTO_EX_DATA_FUNCS;
-
-DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS)
-
-/* Per class, we have a STACK of CRYPTO_EX_DATA_FUNCS for each CRYPTO_EX_DATA
- * entry.
- */
-
-#define CRYPTO_EX_INDEX_BIO		0
-#define CRYPTO_EX_INDEX_SSL		1
-#define CRYPTO_EX_INDEX_SSL_CTX		2
-#define CRYPTO_EX_INDEX_SSL_SESSION	3
-#define CRYPTO_EX_INDEX_X509_STORE	4
-#define CRYPTO_EX_INDEX_X509_STORE_CTX	5
-#define CRYPTO_EX_INDEX_RSA		6
-#define CRYPTO_EX_INDEX_DSA		7
-#define CRYPTO_EX_INDEX_DH		8
-#define CRYPTO_EX_INDEX_ENGINE		9
-#define CRYPTO_EX_INDEX_X509		10
-#define CRYPTO_EX_INDEX_UI		11
-#define CRYPTO_EX_INDEX_ECDSA		12
-#define CRYPTO_EX_INDEX_ECDH		13
-#define CRYPTO_EX_INDEX_COMP		14
-#define CRYPTO_EX_INDEX_STORE		15
-
-/* Dynamically assigned indexes start from this value (don't use directly, use
- * via CRYPTO_ex_data_new_class). */
-#define CRYPTO_EX_INDEX_USER		100
-
-
-/* This is the default callbacks, but we can have others as well:
- * this is needed in Win32 where the application malloc and the
- * library malloc may not be the same.
- */
-#define CRYPTO_malloc_init()	CRYPTO_set_mem_functions(\
-	malloc, realloc, free)
-
-#if defined CRYPTO_MDEBUG_ALL || defined CRYPTO_MDEBUG_TIME || defined CRYPTO_MDEBUG_THREAD
-# ifndef CRYPTO_MDEBUG /* avoid duplicate #define */
-#  define CRYPTO_MDEBUG
-# endif
-#endif
-
-/* Set standard debugging functions (not done by default
- * unless CRYPTO_MDEBUG is defined) */
-#define CRYPTO_malloc_debug_init()	do {\
-	CRYPTO_set_mem_debug_functions(\
-		CRYPTO_dbg_malloc,\
-		CRYPTO_dbg_realloc,\
-		CRYPTO_dbg_free,\
-		CRYPTO_dbg_set_options,\
-		CRYPTO_dbg_get_options);\
-	} while(0)
-
-int CRYPTO_mem_ctrl(int mode);
-int CRYPTO_is_mem_check_on(void);
-
-/* for applications */
-#define MemCheck_start() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON)
-#define MemCheck_stop()	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_OFF)
-
-/* for library-internal use */
-#define MemCheck_on()	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE)
-#define MemCheck_off()	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE)
-#define is_MemCheck_on() CRYPTO_is_mem_check_on()
-
-#define OPENSSL_malloc(num)	CRYPTO_malloc((int)num,__FILE__,__LINE__)
-#define OPENSSL_strdup(str)	CRYPTO_strdup((str),__FILE__,__LINE__)
-#define OPENSSL_realloc(addr,num) \
-	CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__)
-#define OPENSSL_realloc_clean(addr,old_num,num) \
-	CRYPTO_realloc_clean(addr,old_num,num,__FILE__,__LINE__)
-#define OPENSSL_remalloc(addr,num) \
-	CRYPTO_remalloc((char **)addr,(int)num,__FILE__,__LINE__)
-#define OPENSSL_freeFunc	CRYPTO_free
-#define OPENSSL_free(addr)	CRYPTO_free(addr)
-
-#define OPENSSL_malloc_locked(num) \
-	CRYPTO_malloc_locked((int)num,__FILE__,__LINE__)
-#define OPENSSL_free_locked(addr) CRYPTO_free_locked(addr)
-
-
-const char *SSLeay_version(int type);
-unsigned long SSLeay(void);
-
-int OPENSSL_issetugid(void);
-
-/* An opaque type representing an implementation of "ex_data" support */
-typedef struct st_CRYPTO_EX_DATA_IMPL	CRYPTO_EX_DATA_IMPL;
-/* Return an opaque pointer to the current "ex_data" implementation */
-const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void);
-/* Sets the "ex_data" implementation to be used (if it's not too late) */
-int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i);
-/* Get a new "ex_data" class, and return the corresponding "class_index" */
-int CRYPTO_ex_data_new_class(void);
-/* Within a given class, get/register a new index */
-int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp,
-		CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
-		CRYPTO_EX_free *free_func);
-/* Initialise/duplicate/free CRYPTO_EX_DATA variables corresponding to a given
- * class (invokes whatever per-class callbacks are applicable) */
-int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad);
-int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to,
-		CRYPTO_EX_DATA *from);
-void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad);
-/* Get/set data in a CRYPTO_EX_DATA variable corresponding to a particular index
- * (relative to the class type involved) */
-int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val);
-void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad,int idx);
-/* This function cleans up all "ex_data" state. It mustn't be called under
- * potential race-conditions. */
-void CRYPTO_cleanup_all_ex_data(void);
-
-int CRYPTO_get_new_lockid(char *name);
-
-int CRYPTO_num_locks(void); /* return CRYPTO_NUM_LOCKS (shared libs!) */
-void CRYPTO_lock(int mode, int type,const char *file,int line);
-void CRYPTO_set_locking_callback(void (*func)(int mode,int type,
-					      const char *file,int line));
-void (*CRYPTO_get_locking_callback(void))(int mode,int type,const char *file,
-		int line);
-void CRYPTO_set_add_lock_callback(int (*func)(int *num,int mount,int type,
-					      const char *file, int line));
-int (*CRYPTO_get_add_lock_callback(void))(int *num,int mount,int type,
-					  const char *file,int line);
-
-/* Don't use this structure directly. */
-typedef struct crypto_threadid_st
-	{
-	void *ptr;
-	unsigned long val;
-	} CRYPTO_THREADID;
-/* Only use CRYPTO_THREADID_set_[numeric|pointer]() within callbacks */
-void CRYPTO_THREADID_set_numeric(CRYPTO_THREADID *id, unsigned long val);
-void CRYPTO_THREADID_set_pointer(CRYPTO_THREADID *id, void *ptr);
-int CRYPTO_THREADID_set_callback(void (*threadid_func)(CRYPTO_THREADID *));
-void (*CRYPTO_THREADID_get_callback(void))(CRYPTO_THREADID *);
-void CRYPTO_THREADID_current(CRYPTO_THREADID *id);
-int CRYPTO_THREADID_cmp(const CRYPTO_THREADID *a, const CRYPTO_THREADID *b);
-void CRYPTO_THREADID_cpy(CRYPTO_THREADID *dest, const CRYPTO_THREADID *src);
-unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id);
-#ifndef OPENSSL_NO_DEPRECATED
-void CRYPTO_set_id_callback(unsigned long (*func)(void));
-unsigned long (*CRYPTO_get_id_callback(void))(void);
-unsigned long CRYPTO_thread_id(void);
-#endif
-
-const char *CRYPTO_get_lock_name(int type);
-int CRYPTO_add_lock(int *pointer,int amount,int type, const char *file,
-		    int line);
-
-int CRYPTO_get_new_dynlockid(void);
-void CRYPTO_destroy_dynlockid(int i);
-struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i);
-void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *(*dyn_create_function)(const char *file, int line));
-void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function)(int mode, struct CRYPTO_dynlock_value *l, const char *file, int line));
-void CRYPTO_set_dynlock_destroy_callback(void (*dyn_destroy_function)(struct CRYPTO_dynlock_value *l, const char *file, int line));
-struct CRYPTO_dynlock_value *(*CRYPTO_get_dynlock_create_callback(void))(const char *file,int line);
-void (*CRYPTO_get_dynlock_lock_callback(void))(int mode, struct CRYPTO_dynlock_value *l, const char *file,int line);
-void (*CRYPTO_get_dynlock_destroy_callback(void))(struct CRYPTO_dynlock_value *l, const char *file,int line);
-
-/* CRYPTO_set_mem_functions includes CRYPTO_set_locked_mem_functions --
- * call the latter last if you need different functions */
-int CRYPTO_set_mem_functions(void *(*m)(size_t),void *(*r)(void *,size_t), void (*f)(void *));
-int CRYPTO_set_locked_mem_functions(void *(*m)(size_t), void (*free_func)(void *));
-int CRYPTO_set_mem_ex_functions(void *(*m)(size_t,const char *,int),
-                                void *(*r)(void *,size_t,const char *,int),
-                                void (*f)(void *));
-int CRYPTO_set_locked_mem_ex_functions(void *(*m)(size_t,const char *,int),
-                                       void (*free_func)(void *));
-int CRYPTO_set_mem_debug_functions(void (*m)(void *,int,const char *,int,int),
-				   void (*r)(void *,void *,int,const char *,int,int),
-				   void (*f)(void *,int),
-				   void (*so)(long),
-				   long (*go)(void));
-void CRYPTO_get_mem_functions(void *(**m)(size_t),void *(**r)(void *, size_t), void (**f)(void *));
-void CRYPTO_get_locked_mem_functions(void *(**m)(size_t), void (**f)(void *));
-void CRYPTO_get_mem_ex_functions(void *(**m)(size_t,const char *,int),
-                                 void *(**r)(void *, size_t,const char *,int),
-                                 void (**f)(void *));
-void CRYPTO_get_locked_mem_ex_functions(void *(**m)(size_t,const char *,int),
-                                        void (**f)(void *));
-void CRYPTO_get_mem_debug_functions(void (**m)(void *,int,const char *,int,int),
-				    void (**r)(void *,void *,int,const char *,int,int),
-				    void (**f)(void *,int),
-				    void (**so)(long),
-				    long (**go)(void));
-
-void *CRYPTO_malloc_locked(int num, const char *file, int line);
-void CRYPTO_free_locked(void *ptr);
-void *CRYPTO_malloc(int num, const char *file, int line);
-char *CRYPTO_strdup(const char *str, const char *file, int line);
-void CRYPTO_free(void *ptr);
-void *CRYPTO_realloc(void *addr,int num, const char *file, int line);
-void *CRYPTO_realloc_clean(void *addr,int old_num,int num,const char *file,
-			   int line);
-void *CRYPTO_remalloc(void *addr,int num, const char *file, int line);
-
-void OPENSSL_cleanse(void *ptr, size_t len);
-
-void CRYPTO_set_mem_debug_options(long bits);
-long CRYPTO_get_mem_debug_options(void);
-
-#define CRYPTO_push_info(info) \
-        CRYPTO_push_info_(info, __FILE__, __LINE__);
-int CRYPTO_push_info_(const char *info, const char *file, int line);
-int CRYPTO_pop_info(void);
-int CRYPTO_remove_all_info(void);
-
-
-/* Default debugging functions (enabled by CRYPTO_malloc_debug_init() macro;
- * used as default in CRYPTO_MDEBUG compilations): */
-/* The last argument has the following significance:
- *
- * 0:	called before the actual memory allocation has taken place
- * 1:	called after the actual memory allocation has taken place
- */
-void CRYPTO_dbg_malloc(void *addr,int num,const char *file,int line,int before_p);
-void CRYPTO_dbg_realloc(void *addr1,void *addr2,int num,const char *file,int line,int before_p);
-void CRYPTO_dbg_free(void *addr,int before_p);
-/* Tell the debugging code about options.  By default, the following values
- * apply:
- *
- * 0:                           Clear all options.
- * V_CRYPTO_MDEBUG_TIME (1):    Set the "Show Time" option.
- * V_CRYPTO_MDEBUG_THREAD (2):  Set the "Show Thread Number" option.
- * V_CRYPTO_MDEBUG_ALL (3):     1 + 2
- */
-void CRYPTO_dbg_set_options(long bits);
-long CRYPTO_dbg_get_options(void);
-
-
-#ifndef OPENSSL_NO_FP_API
-void CRYPTO_mem_leaks_fp(FILE *);
-#endif
-void CRYPTO_mem_leaks(struct bio_st *bio);
-/* unsigned long order, char *file, int line, int num_bytes, char *addr */
-typedef void *CRYPTO_MEM_LEAK_CB(unsigned long, const char *, int, int, void *);
-void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb);
-
-/* die if we have to */
-void OpenSSLDie(const char *file,int line,const char *assertion);
-#define OPENSSL_assert(e)       (void)((e) ? 0 : (OpenSSLDie(__FILE__, __LINE__, #e),1))
-
-unsigned long *OPENSSL_ia32cap_loc(void);
-#define OPENSSL_ia32cap (*(OPENSSL_ia32cap_loc()))
-int OPENSSL_isservice(void);
-
-int FIPS_mode(void);
-int FIPS_mode_set(int r);
-
-void OPENSSL_init(void);
-
-#define fips_md_init(alg) fips_md_init_ctx(alg, alg)
-
-#ifdef OPENSSL_FIPS
-#define fips_md_init_ctx(alg, cx) \
-	int alg##_Init(cx##_CTX *c) \
-	{ \
-	if (FIPS_mode()) OpenSSLDie(__FILE__, __LINE__, \
-		"Low level API call to digest " #alg " forbidden in FIPS mode!"); \
-	return private_##alg##_Init(c); \
-	} \
-	int private_##alg##_Init(cx##_CTX *c)
-
-#define fips_cipher_abort(alg) \
-	if (FIPS_mode()) OpenSSLDie(__FILE__, __LINE__, \
-		"Low level API call to cipher " #alg " forbidden in FIPS mode!")
-
-#else
-#define fips_md_init_ctx(alg, cx) \
-	int alg##_Init(cx##_CTX *c)
-#define fips_cipher_abort(alg) while(0)
-#endif
-
-/* CRYPTO_memcmp returns zero iff the |len| bytes at |a| and |b| are equal. It
- * takes an amount of time dependent on |len|, but independent of the contents
- * of |a| and |b|. Unlike memcmp, it cannot be used to put elements into a
- * defined order as the return value when a != b is undefined, other than to be
- * non-zero. */
-int CRYPTO_memcmp(const void *a, const void *b, size_t len);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_CRYPTO_strings(void);
-
-/* Error codes for the CRYPTO functions. */
-
-/* Function codes. */
-#define CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX		 100
-#define CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID		 103
-#define CRYPTO_F_CRYPTO_GET_NEW_LOCKID			 101
-#define CRYPTO_F_CRYPTO_SET_EX_DATA			 102
-#define CRYPTO_F_DEF_ADD_INDEX				 104
-#define CRYPTO_F_DEF_GET_CLASS				 105
-#define CRYPTO_F_FIPS_MODE_SET				 109
-#define CRYPTO_F_INT_DUP_EX_DATA			 106
-#define CRYPTO_F_INT_FREE_EX_DATA			 107
-#define CRYPTO_F_INT_NEW_EX_DATA			 108
-
-/* Reason codes. */
-#define CRYPTO_R_FIPS_MODE_NOT_SUPPORTED		 101
-#define CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK		 100
-
-#ifdef  __cplusplus
-}
-#endif
-#endif

ext/bin/libcrypto/include/openssl/des.h

@@ -1,248 +0,0 @@
-/* crypto/des/des.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_NEW_DES_H
-#define HEADER_NEW_DES_H
-
-#include <openssl/e_os2.h>	/* OPENSSL_EXTERN, OPENSSL_NO_DES,
-				   DES_LONG (via openssl/opensslconf.h */
-
-#ifdef OPENSSL_NO_DES
-#error DES is disabled.
-#endif
-
-#ifdef OPENSSL_BUILD_SHLIBCRYPTO
-# undef OPENSSL_EXTERN
-# define OPENSSL_EXTERN OPENSSL_EXPORT
-#endif
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef unsigned char DES_cblock[8];
-typedef /* const */ unsigned char const_DES_cblock[8];
-/* With "const", gcc 2.8.1 on Solaris thinks that DES_cblock *
- * and const_DES_cblock * are incompatible pointer types. */
-
-typedef struct DES_ks
-    {
-    union
-	{
-	DES_cblock cblock;
-	/* make sure things are correct size on machines with
-	 * 8 byte longs */
-	DES_LONG deslong[2];
-	} ks[16];
-    } DES_key_schedule;
-
-#ifndef OPENSSL_DISABLE_OLD_DES_SUPPORT
-# ifndef OPENSSL_ENABLE_OLD_DES_SUPPORT
-#  define OPENSSL_ENABLE_OLD_DES_SUPPORT
-# endif
-#endif
-
-#ifdef OPENSSL_ENABLE_OLD_DES_SUPPORT
-# include <openssl/des_old.h>
-#endif
-
-#define DES_KEY_SZ 	(sizeof(DES_cblock))
-#define DES_SCHEDULE_SZ (sizeof(DES_key_schedule))
-
-#define DES_ENCRYPT	1
-#define DES_DECRYPT	0
-
-#define DES_CBC_MODE	0
-#define DES_PCBC_MODE	1
-
-#define DES_ecb2_encrypt(i,o,k1,k2,e) \
-	DES_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
-
-#define DES_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
-	DES_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
-
-#define DES_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
-	DES_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
-
-#define DES_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
-	DES_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
-
-OPENSSL_DECLARE_GLOBAL(int,DES_check_key);	/* defaults to false */
-#define DES_check_key OPENSSL_GLOBAL_REF(DES_check_key)
-OPENSSL_DECLARE_GLOBAL(int,DES_rw_mode);	/* defaults to DES_PCBC_MODE */
-#define DES_rw_mode OPENSSL_GLOBAL_REF(DES_rw_mode)
-
-const char *DES_options(void);
-void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
-		      DES_key_schedule *ks1,DES_key_schedule *ks2,
-		      DES_key_schedule *ks3, int enc);
-DES_LONG DES_cbc_cksum(const unsigned char *input,DES_cblock *output,
-		       long length,DES_key_schedule *schedule,
-		       const_DES_cblock *ivec);
-/* DES_cbc_encrypt does not update the IV!  Use DES_ncbc_encrypt instead. */
-void DES_cbc_encrypt(const unsigned char *input,unsigned char *output,
-		     long length,DES_key_schedule *schedule,DES_cblock *ivec,
-		     int enc);
-void DES_ncbc_encrypt(const unsigned char *input,unsigned char *output,
-		      long length,DES_key_schedule *schedule,DES_cblock *ivec,
-		      int enc);
-void DES_xcbc_encrypt(const unsigned char *input,unsigned char *output,
-		      long length,DES_key_schedule *schedule,DES_cblock *ivec,
-		      const_DES_cblock *inw,const_DES_cblock *outw,int enc);
-void DES_cfb_encrypt(const unsigned char *in,unsigned char *out,int numbits,
-		     long length,DES_key_schedule *schedule,DES_cblock *ivec,
-		     int enc);
-void DES_ecb_encrypt(const_DES_cblock *input,DES_cblock *output,
-		     DES_key_schedule *ks,int enc);
-
-/* 	This is the DES encryption function that gets called by just about
-	every other DES routine in the library.  You should not use this
-	function except to implement 'modes' of DES.  I say this because the
-	functions that call this routine do the conversion from 'char *' to
-	long, and this needs to be done to make sure 'non-aligned' memory
-	access do not occur.  The characters are loaded 'little endian'.
-	Data is a pointer to 2 unsigned long's and ks is the
-	DES_key_schedule to use.  enc, is non zero specifies encryption,
-	zero if decryption. */
-void DES_encrypt1(DES_LONG *data,DES_key_schedule *ks, int enc);
-
-/* 	This functions is the same as DES_encrypt1() except that the DES
-	initial permutation (IP) and final permutation (FP) have been left
-	out.  As for DES_encrypt1(), you should not use this function.
-	It is used by the routines in the library that implement triple DES.
-	IP() DES_encrypt2() DES_encrypt2() DES_encrypt2() FP() is the same
-	as DES_encrypt1() DES_encrypt1() DES_encrypt1() except faster :-). */
-void DES_encrypt2(DES_LONG *data,DES_key_schedule *ks, int enc);
-
-void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1,
-		  DES_key_schedule *ks2, DES_key_schedule *ks3);
-void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1,
-		  DES_key_schedule *ks2, DES_key_schedule *ks3);
-void DES_ede3_cbc_encrypt(const unsigned char *input,unsigned char *output, 
-			  long length,
-			  DES_key_schedule *ks1,DES_key_schedule *ks2,
-			  DES_key_schedule *ks3,DES_cblock *ivec,int enc);
-void DES_ede3_cbcm_encrypt(const unsigned char *in,unsigned char *out,
-			   long length,
-			   DES_key_schedule *ks1,DES_key_schedule *ks2,
-			   DES_key_schedule *ks3,
-			   DES_cblock *ivec1,DES_cblock *ivec2,
-			   int enc);
-void DES_ede3_cfb64_encrypt(const unsigned char *in,unsigned char *out,
-			    long length,DES_key_schedule *ks1,
-			    DES_key_schedule *ks2,DES_key_schedule *ks3,
-			    DES_cblock *ivec,int *num,int enc);
-void DES_ede3_cfb_encrypt(const unsigned char *in,unsigned char *out,
-			  int numbits,long length,DES_key_schedule *ks1,
-			  DES_key_schedule *ks2,DES_key_schedule *ks3,
-			  DES_cblock *ivec,int enc);
-void DES_ede3_ofb64_encrypt(const unsigned char *in,unsigned char *out,
-			    long length,DES_key_schedule *ks1,
-			    DES_key_schedule *ks2,DES_key_schedule *ks3,
-			    DES_cblock *ivec,int *num);
-#if 0
-void DES_xwhite_in2out(const_DES_cblock *DES_key,const_DES_cblock *in_white,
-		       DES_cblock *out_white);
-#endif
-
-int DES_enc_read(int fd,void *buf,int len,DES_key_schedule *sched,
-		 DES_cblock *iv);
-int DES_enc_write(int fd,const void *buf,int len,DES_key_schedule *sched,
-		  DES_cblock *iv);
-char *DES_fcrypt(const char *buf,const char *salt, char *ret);
-char *DES_crypt(const char *buf,const char *salt);
-void DES_ofb_encrypt(const unsigned char *in,unsigned char *out,int numbits,
-		     long length,DES_key_schedule *schedule,DES_cblock *ivec);
-void DES_pcbc_encrypt(const unsigned char *input,unsigned char *output,
-		      long length,DES_key_schedule *schedule,DES_cblock *ivec,
-		      int enc);
-DES_LONG DES_quad_cksum(const unsigned char *input,DES_cblock output[],
-			long length,int out_count,DES_cblock *seed);
-int DES_random_key(DES_cblock *ret);
-void DES_set_odd_parity(DES_cblock *key);
-int DES_check_key_parity(const_DES_cblock *key);
-int DES_is_weak_key(const_DES_cblock *key);
-/* DES_set_key (= set_key = DES_key_sched = key_sched) calls
- * DES_set_key_checked if global variable DES_check_key is set,
- * DES_set_key_unchecked otherwise. */
-int DES_set_key(const_DES_cblock *key,DES_key_schedule *schedule);
-int DES_key_sched(const_DES_cblock *key,DES_key_schedule *schedule);
-int DES_set_key_checked(const_DES_cblock *key,DES_key_schedule *schedule);
-void DES_set_key_unchecked(const_DES_cblock *key,DES_key_schedule *schedule);
-#ifdef OPENSSL_FIPS
-void private_DES_set_key_unchecked(const_DES_cblock *key,DES_key_schedule *schedule);
-#endif
-void DES_string_to_key(const char *str,DES_cblock *key);
-void DES_string_to_2keys(const char *str,DES_cblock *key1,DES_cblock *key2);
-void DES_cfb64_encrypt(const unsigned char *in,unsigned char *out,long length,
-		       DES_key_schedule *schedule,DES_cblock *ivec,int *num,
-		       int enc);
-void DES_ofb64_encrypt(const unsigned char *in,unsigned char *out,long length,
-		       DES_key_schedule *schedule,DES_cblock *ivec,int *num);
-
-int DES_read_password(DES_cblock *key, const char *prompt, int verify);
-int DES_read_2passwords(DES_cblock *key1, DES_cblock *key2, const char *prompt,
-	int verify);
-
-#define DES_fixup_key_parity DES_set_odd_parity
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif

ext/bin/libcrypto/include/openssl/des_old.h

@@ -1,446 +0,0 @@
-/* crypto/des/des_old.h -*- mode:C; c-file-style: "eay" -*- */
-
-/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
- *
- * The function names in here are deprecated and are only present to
- * provide an interface compatible with openssl 0.9.6 and older as
- * well as libdes.  OpenSSL now provides functions where "des_" has
- * been replaced with "DES_" in the names, to make it possible to
- * make incompatible changes that are needed for C type security and
- * other stuff.
- *
- * This include files has two compatibility modes:
- *
- *   - If OPENSSL_DES_LIBDES_COMPATIBILITY is defined, you get an API
- *     that is compatible with libdes and SSLeay.
- *   - If OPENSSL_DES_LIBDES_COMPATIBILITY isn't defined, you get an
- *     API that is compatible with OpenSSL 0.9.5x to 0.9.6x.
- *
- * Note that these modes break earlier snapshots of OpenSSL, where
- * libdes compatibility was the only available mode or (later on) the
- * prefered compatibility mode.  However, after much consideration
- * (and more or less violent discussions with external parties), it
- * was concluded that OpenSSL should be compatible with earlier versions
- * of itself before anything else.  Also, in all honesty, libdes is
- * an old beast that shouldn't really be used any more.
- *
- * Please consider starting to use the DES_ functions rather than the
- * des_ ones.  The des_ functions will disappear completely before
- * OpenSSL 1.0!
- *
- * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
- */
-
-/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_DES_H
-#define HEADER_DES_H
-
-#include <openssl/e_os2.h>	/* OPENSSL_EXTERN, OPENSSL_NO_DES, DES_LONG */
-
-#ifdef OPENSSL_NO_DES
-#error DES is disabled.
-#endif
-
-#ifndef HEADER_NEW_DES_H
-#error You must include des.h, not des_old.h directly.
-#endif
-
-#ifdef _KERBEROS_DES_H
-#error <openssl/des_old.h> replaces <kerberos/des.h>.
-#endif
-
-#include <openssl/symhacks.h>
-
-#ifdef OPENSSL_BUILD_SHLIBCRYPTO
-# undef OPENSSL_EXTERN
-# define OPENSSL_EXTERN OPENSSL_EXPORT
-#endif
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#ifdef _
-#undef _
-#endif
-
-typedef unsigned char _ossl_old_des_cblock[8];
-typedef struct _ossl_old_des_ks_struct
-	{
-	union	{
-		_ossl_old_des_cblock _;
-		/* make sure things are correct size on machines with
-		 * 8 byte longs */
-		DES_LONG pad[2];
-		} ks;
-	} _ossl_old_des_key_schedule[16];
-
-#ifndef OPENSSL_DES_LIBDES_COMPATIBILITY
-#define des_cblock DES_cblock
-#define const_des_cblock const_DES_cblock
-#define des_key_schedule DES_key_schedule
-#define des_ecb3_encrypt(i,o,k1,k2,k3,e)\
-	DES_ecb3_encrypt((i),(o),&(k1),&(k2),&(k3),(e))
-#define des_ede3_cbc_encrypt(i,o,l,k1,k2,k3,iv,e)\
-	DES_ede3_cbc_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(e))
-#define des_ede3_cbcm_encrypt(i,o,l,k1,k2,k3,iv1,iv2,e)\
-	DES_ede3_cbcm_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv1),(iv2),(e))
-#define des_ede3_cfb64_encrypt(i,o,l,k1,k2,k3,iv,n,e)\
-	DES_ede3_cfb64_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(n),(e))
-#define des_ede3_ofb64_encrypt(i,o,l,k1,k2,k3,iv,n)\
-	DES_ede3_ofb64_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(n))
-#define des_options()\
-	DES_options()
-#define des_cbc_cksum(i,o,l,k,iv)\
-	DES_cbc_cksum((i),(o),(l),&(k),(iv))
-#define des_cbc_encrypt(i,o,l,k,iv,e)\
-	DES_cbc_encrypt((i),(o),(l),&(k),(iv),(e))
-#define des_ncbc_encrypt(i,o,l,k,iv,e)\
-	DES_ncbc_encrypt((i),(o),(l),&(k),(iv),(e))
-#define des_xcbc_encrypt(i,o,l,k,iv,inw,outw,e)\
-	DES_xcbc_encrypt((i),(o),(l),&(k),(iv),(inw),(outw),(e))
-#define des_cfb_encrypt(i,o,n,l,k,iv,e)\
-	DES_cfb_encrypt((i),(o),(n),(l),&(k),(iv),(e))
-#define des_ecb_encrypt(i,o,k,e)\
-	DES_ecb_encrypt((i),(o),&(k),(e))
-#define des_encrypt1(d,k,e)\
-	DES_encrypt1((d),&(k),(e))
-#define des_encrypt2(d,k,e)\
-	DES_encrypt2((d),&(k),(e))
-#define des_encrypt3(d,k1,k2,k3)\
-	DES_encrypt3((d),&(k1),&(k2),&(k3))
-#define des_decrypt3(d,k1,k2,k3)\
-	DES_decrypt3((d),&(k1),&(k2),&(k3))
-#define des_xwhite_in2out(k,i,o)\
-	DES_xwhite_in2out((k),(i),(o))
-#define des_enc_read(f,b,l,k,iv)\
-	DES_enc_read((f),(b),(l),&(k),(iv))
-#define des_enc_write(f,b,l,k,iv)\
-	DES_enc_write((f),(b),(l),&(k),(iv))
-#define des_fcrypt(b,s,r)\
-	DES_fcrypt((b),(s),(r))
-#if 0
-#define des_crypt(b,s)\
-	DES_crypt((b),(s))
-#if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) && !defined(__OpenBSD__)
-#define crypt(b,s)\
-	DES_crypt((b),(s))
-#endif
-#endif
-#define des_ofb_encrypt(i,o,n,l,k,iv)\
-	DES_ofb_encrypt((i),(o),(n),(l),&(k),(iv))
-#define des_pcbc_encrypt(i,o,l,k,iv,e)\
-	DES_pcbc_encrypt((i),(o),(l),&(k),(iv),(e))
-#define des_quad_cksum(i,o,l,c,s)\
-	DES_quad_cksum((i),(o),(l),(c),(s))
-#define des_random_seed(k)\
-	_ossl_096_des_random_seed((k))
-#define des_random_key(r)\
-	DES_random_key((r))
-#define des_read_password(k,p,v) \
-	DES_read_password((k),(p),(v))
-#define des_read_2passwords(k1,k2,p,v) \
-	DES_read_2passwords((k1),(k2),(p),(v))
-#define des_set_odd_parity(k)\
-	DES_set_odd_parity((k))
-#define des_check_key_parity(k)\
-	DES_check_key_parity((k))
-#define des_is_weak_key(k)\
-	DES_is_weak_key((k))
-#define des_set_key(k,ks)\
-	DES_set_key((k),&(ks))
-#define des_key_sched(k,ks)\
-	DES_key_sched((k),&(ks))
-#define des_set_key_checked(k,ks)\
-	DES_set_key_checked((k),&(ks))
-#define des_set_key_unchecked(k,ks)\
-	DES_set_key_unchecked((k),&(ks))
-#define des_string_to_key(s,k)\
-	DES_string_to_key((s),(k))
-#define des_string_to_2keys(s,k1,k2)\
-	DES_string_to_2keys((s),(k1),(k2))
-#define des_cfb64_encrypt(i,o,l,ks,iv,n,e)\
-	DES_cfb64_encrypt((i),(o),(l),&(ks),(iv),(n),(e))
-#define des_ofb64_encrypt(i,o,l,ks,iv,n)\
-	DES_ofb64_encrypt((i),(o),(l),&(ks),(iv),(n))
-		
-
-#define des_ecb2_encrypt(i,o,k1,k2,e) \
-	des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
-
-#define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
-	des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
-
-#define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
-	des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
-
-#define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
-	des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
-
-#define des_check_key DES_check_key
-#define des_rw_mode DES_rw_mode
-#else /* libdes compatibility */
-/* Map all symbol names to _ossl_old_des_* form, so we avoid all
-   clashes with libdes */
-#define des_cblock _ossl_old_des_cblock
-#define des_key_schedule _ossl_old_des_key_schedule
-#define des_ecb3_encrypt(i,o,k1,k2,k3,e)\
-	_ossl_old_des_ecb3_encrypt((i),(o),(k1),(k2),(k3),(e))
-#define des_ede3_cbc_encrypt(i,o,l,k1,k2,k3,iv,e)\
-	_ossl_old_des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(e))
-#define des_ede3_cfb64_encrypt(i,o,l,k1,k2,k3,iv,n,e)\
-	_ossl_old_des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(n),(e))
-#define des_ede3_ofb64_encrypt(i,o,l,k1,k2,k3,iv,n)\
-	_ossl_old_des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(n))
-#define des_options()\
-	_ossl_old_des_options()
-#define des_cbc_cksum(i,o,l,k,iv)\
-	_ossl_old_des_cbc_cksum((i),(o),(l),(k),(iv))
-#define des_cbc_encrypt(i,o,l,k,iv,e)\
-	_ossl_old_des_cbc_encrypt((i),(o),(l),(k),(iv),(e))
-#define des_ncbc_encrypt(i,o,l,k,iv,e)\
-	_ossl_old_des_ncbc_encrypt((i),(o),(l),(k),(iv),(e))
-#define des_xcbc_encrypt(i,o,l,k,iv,inw,outw,e)\
-	_ossl_old_des_xcbc_encrypt((i),(o),(l),(k),(iv),(inw),(outw),(e))
-#define des_cfb_encrypt(i,o,n,l,k,iv,e)\
-	_ossl_old_des_cfb_encrypt((i),(o),(n),(l),(k),(iv),(e))
-#define des_ecb_encrypt(i,o,k,e)\
-	_ossl_old_des_ecb_encrypt((i),(o),(k),(e))
-#define des_encrypt(d,k,e)\
-	_ossl_old_des_encrypt((d),(k),(e))
-#define des_encrypt2(d,k,e)\
-	_ossl_old_des_encrypt2((d),(k),(e))
-#define des_encrypt3(d,k1,k2,k3)\
-	_ossl_old_des_encrypt3((d),(k1),(k2),(k3))
-#define des_decrypt3(d,k1,k2,k3)\
-	_ossl_old_des_decrypt3((d),(k1),(k2),(k3))
-#define des_xwhite_in2out(k,i,o)\
-	_ossl_old_des_xwhite_in2out((k),(i),(o))
-#define des_enc_read(f,b,l,k,iv)\
-	_ossl_old_des_enc_read((f),(b),(l),(k),(iv))
-#define des_enc_write(f,b,l,k,iv)\
-	_ossl_old_des_enc_write((f),(b),(l),(k),(iv))
-#define des_fcrypt(b,s,r)\
-	_ossl_old_des_fcrypt((b),(s),(r))
-#define des_crypt(b,s)\
-	_ossl_old_des_crypt((b),(s))
-#if 0
-#define crypt(b,s)\
-	_ossl_old_crypt((b),(s))
-#endif
-#define des_ofb_encrypt(i,o,n,l,k,iv)\
-	_ossl_old_des_ofb_encrypt((i),(o),(n),(l),(k),(iv))
-#define des_pcbc_encrypt(i,o,l,k,iv,e)\
-	_ossl_old_des_pcbc_encrypt((i),(o),(l),(k),(iv),(e))
-#define des_quad_cksum(i,o,l,c,s)\
-	_ossl_old_des_quad_cksum((i),(o),(l),(c),(s))
-#define des_random_seed(k)\
-	_ossl_old_des_random_seed((k))
-#define des_random_key(r)\
-	_ossl_old_des_random_key((r))
-#define des_read_password(k,p,v) \
-	_ossl_old_des_read_password((k),(p),(v))
-#define des_read_2passwords(k1,k2,p,v) \
-	_ossl_old_des_read_2passwords((k1),(k2),(p),(v))
-#define des_set_odd_parity(k)\
-	_ossl_old_des_set_odd_parity((k))
-#define des_is_weak_key(k)\
-	_ossl_old_des_is_weak_key((k))
-#define des_set_key(k,ks)\
-	_ossl_old_des_set_key((k),(ks))
-#define des_key_sched(k,ks)\
-	_ossl_old_des_key_sched((k),(ks))
-#define des_string_to_key(s,k)\
-	_ossl_old_des_string_to_key((s),(k))
-#define des_string_to_2keys(s,k1,k2)\
-	_ossl_old_des_string_to_2keys((s),(k1),(k2))
-#define des_cfb64_encrypt(i,o,l,ks,iv,n,e)\
-	_ossl_old_des_cfb64_encrypt((i),(o),(l),(ks),(iv),(n),(e))
-#define des_ofb64_encrypt(i,o,l,ks,iv,n)\
-	_ossl_old_des_ofb64_encrypt((i),(o),(l),(ks),(iv),(n))
-		
-
-#define des_ecb2_encrypt(i,o,k1,k2,e) \
-	des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
-
-#define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
-	des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
-
-#define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
-	des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
-
-#define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
-	des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
-
-#define des_check_key DES_check_key
-#define des_rw_mode DES_rw_mode
-#endif
-
-const char *_ossl_old_des_options(void);
-void _ossl_old_des_ecb3_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
-	_ossl_old_des_key_schedule ks1,_ossl_old_des_key_schedule ks2,
-	_ossl_old_des_key_schedule ks3, int enc);
-DES_LONG _ossl_old_des_cbc_cksum(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
-	long length,_ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec);
-void _ossl_old_des_cbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
-	_ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc);
-void _ossl_old_des_ncbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
-	_ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc);
-void _ossl_old_des_xcbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
-	_ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec,
-	_ossl_old_des_cblock *inw,_ossl_old_des_cblock *outw,int enc);
-void _ossl_old_des_cfb_encrypt(unsigned char *in,unsigned char *out,int numbits,
-	long length,_ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc);
-void _ossl_old_des_ecb_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
-	_ossl_old_des_key_schedule ks,int enc);
-void _ossl_old_des_encrypt(DES_LONG *data,_ossl_old_des_key_schedule ks, int enc);
-void _ossl_old_des_encrypt2(DES_LONG *data,_ossl_old_des_key_schedule ks, int enc);
-void _ossl_old_des_encrypt3(DES_LONG *data, _ossl_old_des_key_schedule ks1,
-	_ossl_old_des_key_schedule ks2, _ossl_old_des_key_schedule ks3);
-void _ossl_old_des_decrypt3(DES_LONG *data, _ossl_old_des_key_schedule ks1,
-	_ossl_old_des_key_schedule ks2, _ossl_old_des_key_schedule ks3);
-void _ossl_old_des_ede3_cbc_encrypt(_ossl_old_des_cblock *input, _ossl_old_des_cblock *output, 
-	long length, _ossl_old_des_key_schedule ks1, _ossl_old_des_key_schedule ks2, 
-	_ossl_old_des_key_schedule ks3, _ossl_old_des_cblock *ivec, int enc);
-void _ossl_old_des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out,
-	long length, _ossl_old_des_key_schedule ks1, _ossl_old_des_key_schedule ks2,
-	_ossl_old_des_key_schedule ks3, _ossl_old_des_cblock *ivec, int *num, int enc);
-void _ossl_old_des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out,
-	long length, _ossl_old_des_key_schedule ks1, _ossl_old_des_key_schedule ks2,
-	_ossl_old_des_key_schedule ks3, _ossl_old_des_cblock *ivec, int *num);
-#if 0
-void _ossl_old_des_xwhite_in2out(_ossl_old_des_cblock (*des_key), _ossl_old_des_cblock (*in_white),
-	_ossl_old_des_cblock (*out_white));
-#endif
-
-int _ossl_old_des_enc_read(int fd,char *buf,int len,_ossl_old_des_key_schedule sched,
-	_ossl_old_des_cblock *iv);
-int _ossl_old_des_enc_write(int fd,char *buf,int len,_ossl_old_des_key_schedule sched,
-	_ossl_old_des_cblock *iv);
-char *_ossl_old_des_fcrypt(const char *buf,const char *salt, char *ret);
-char *_ossl_old_des_crypt(const char *buf,const char *salt);
-#if !defined(PERL5) && !defined(NeXT)
-char *_ossl_old_crypt(const char *buf,const char *salt);
-#endif
-void _ossl_old_des_ofb_encrypt(unsigned char *in,unsigned char *out,
-	int numbits,long length,_ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec);
-void _ossl_old_des_pcbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
-	_ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc);
-DES_LONG _ossl_old_des_quad_cksum(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
-	long length,int out_count,_ossl_old_des_cblock *seed);
-void _ossl_old_des_random_seed(_ossl_old_des_cblock key);
-void _ossl_old_des_random_key(_ossl_old_des_cblock ret);
-int _ossl_old_des_read_password(_ossl_old_des_cblock *key,const char *prompt,int verify);
-int _ossl_old_des_read_2passwords(_ossl_old_des_cblock *key1,_ossl_old_des_cblock *key2,
-	const char *prompt,int verify);
-void _ossl_old_des_set_odd_parity(_ossl_old_des_cblock *key);
-int _ossl_old_des_is_weak_key(_ossl_old_des_cblock *key);
-int _ossl_old_des_set_key(_ossl_old_des_cblock *key,_ossl_old_des_key_schedule schedule);
-int _ossl_old_des_key_sched(_ossl_old_des_cblock *key,_ossl_old_des_key_schedule schedule);
-void _ossl_old_des_string_to_key(char *str,_ossl_old_des_cblock *key);
-void _ossl_old_des_string_to_2keys(char *str,_ossl_old_des_cblock *key1,_ossl_old_des_cblock *key2);
-void _ossl_old_des_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
-	_ossl_old_des_key_schedule schedule, _ossl_old_des_cblock *ivec, int *num, int enc);
-void _ossl_old_des_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
-	_ossl_old_des_key_schedule schedule, _ossl_old_des_cblock *ivec, int *num);
-
-void _ossl_096_des_random_seed(des_cblock *key);
-
-/* The following definitions provide compatibility with the MIT Kerberos
- * library. The _ossl_old_des_key_schedule structure is not binary compatible. */
-
-#define _KERBEROS_DES_H
-
-#define KRBDES_ENCRYPT DES_ENCRYPT
-#define KRBDES_DECRYPT DES_DECRYPT
-
-#ifdef KERBEROS
-#  define ENCRYPT DES_ENCRYPT
-#  define DECRYPT DES_DECRYPT
-#endif
-
-#ifndef NCOMPAT
-#  define C_Block des_cblock
-#  define Key_schedule des_key_schedule
-#  define KEY_SZ DES_KEY_SZ
-#  define string_to_key des_string_to_key
-#  define read_pw_string des_read_pw_string
-#  define random_key des_random_key
-#  define pcbc_encrypt des_pcbc_encrypt
-#  define set_key des_set_key
-#  define key_sched des_key_sched
-#  define ecb_encrypt des_ecb_encrypt
-#  define cbc_encrypt des_cbc_encrypt
-#  define ncbc_encrypt des_ncbc_encrypt
-#  define xcbc_encrypt des_xcbc_encrypt
-#  define cbc_cksum des_cbc_cksum
-#  define quad_cksum des_quad_cksum
-#  define check_parity des_check_key_parity
-#endif
-
-#define des_fixup_key_parity DES_fixup_key_parity
-
-#ifdef  __cplusplus
-}
-#endif
-
-/* for DES_read_pw_string et al */
-#include <openssl/ui_compat.h>
-
-#endif

ext/bin/libcrypto/include/openssl/dh.h

@@ -1,280 +0,0 @@
-/* crypto/dh/dh.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_DH_H
-#define HEADER_DH_H
-
-#include <openssl/e_os2.h>
-
-#ifdef OPENSSL_NO_DH
-#error DH is disabled.
-#endif
-
-#ifndef OPENSSL_NO_BIO
-#include <openssl/bio.h>
-#endif
-#include <openssl/ossl_typ.h>
-#ifndef OPENSSL_NO_DEPRECATED
-#include <openssl/bn.h>
-#endif
-	
-#ifndef OPENSSL_DH_MAX_MODULUS_BITS
-# define OPENSSL_DH_MAX_MODULUS_BITS	10000
-#endif
-
-#define DH_FLAG_CACHE_MONT_P     0x01
-#define DH_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DH
-                                       * implementation now uses constant time
-                                       * modular exponentiation for secret exponents
-                                       * by default. This flag causes the
-                                       * faster variable sliding window method to
-                                       * be used for all exponents.
-                                       */
-
-/* If this flag is set the DH method is FIPS compliant and can be used
- * in FIPS mode. This is set in the validated module method. If an
- * application sets this flag in its own methods it is its reposibility
- * to ensure the result is compliant.
- */
-
-#define DH_FLAG_FIPS_METHOD			0x0400
-
-/* If this flag is set the operations normally disabled in FIPS mode are
- * permitted it is then the applications responsibility to ensure that the
- * usage is compliant.
- */
-
-#define DH_FLAG_NON_FIPS_ALLOW			0x0400
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* Already defined in ossl_typ.h */
-/* typedef struct dh_st DH; */
-/* typedef struct dh_method DH_METHOD; */
-
-struct dh_method
-	{
-	const char *name;
-	/* Methods here */
-	int (*generate_key)(DH *dh);
-	int (*compute_key)(unsigned char *key,const BIGNUM *pub_key,DH *dh);
-	int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a,
-				const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
-				BN_MONT_CTX *m_ctx); /* Can be null */
-
-	int (*init)(DH *dh);
-	int (*finish)(DH *dh);
-	int flags;
-	char *app_data;
-	/* If this is non-NULL, it will be used to generate parameters */
-	int (*generate_params)(DH *dh, int prime_len, int generator, BN_GENCB *cb);
-	};
-
-struct dh_st
-	{
-	/* This first argument is used to pick up errors when
-	 * a DH is passed instead of a EVP_PKEY */
-	int pad;
-	int version;
-	BIGNUM *p;
-	BIGNUM *g;
-	long length; /* optional */
-	BIGNUM *pub_key;	/* g^x */
-	BIGNUM *priv_key;	/* x */
-
-	int flags;
-	BN_MONT_CTX *method_mont_p;
-	/* Place holders if we want to do X9.42 DH */
-	BIGNUM *q;
-	BIGNUM *j;
-	unsigned char *seed;
-	int seedlen;
-	BIGNUM *counter;
-
-	int references;
-	CRYPTO_EX_DATA ex_data;
-	const DH_METHOD *meth;
-	ENGINE *engine;
-	};
-
-#define DH_GENERATOR_2		2
-/* #define DH_GENERATOR_3	3 */
-#define DH_GENERATOR_5		5
-
-/* DH_check error codes */
-#define DH_CHECK_P_NOT_PRIME		0x01
-#define DH_CHECK_P_NOT_SAFE_PRIME	0x02
-#define DH_UNABLE_TO_CHECK_GENERATOR	0x04
-#define DH_NOT_SUITABLE_GENERATOR	0x08
-
-/* DH_check_pub_key error codes */
-#define DH_CHECK_PUBKEY_TOO_SMALL	0x01
-#define DH_CHECK_PUBKEY_TOO_LARGE	0x02
-
-/* primes p where (p-1)/2 is prime too are called "safe"; we define
-   this for backward compatibility: */
-#define DH_CHECK_P_NOT_STRONG_PRIME	DH_CHECK_P_NOT_SAFE_PRIME
-
-#define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
-		(char *(*)())d2i_DHparams,(fp),(unsigned char **)(x))
-#define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \
-		(unsigned char *)(x))
-#define d2i_DHparams_bio(bp,x) ASN1_d2i_bio_of(DH,DH_new,d2i_DHparams,bp,x)
-#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio_of_const(DH,i2d_DHparams,bp,x)
-
-DH *DHparams_dup(DH *);
-
-const DH_METHOD *DH_OpenSSL(void);
-
-void DH_set_default_method(const DH_METHOD *meth);
-const DH_METHOD *DH_get_default_method(void);
-int DH_set_method(DH *dh, const DH_METHOD *meth);
-DH *DH_new_method(ENGINE *engine);
-
-DH *	DH_new(void);
-void	DH_free(DH *dh);
-int	DH_up_ref(DH *dh);
-int	DH_size(const DH *dh);
-int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-	     CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int DH_set_ex_data(DH *d, int idx, void *arg);
-void *DH_get_ex_data(DH *d, int idx);
-
-/* Deprecated version */
-#ifndef OPENSSL_NO_DEPRECATED
-DH *	DH_generate_parameters(int prime_len,int generator,
-		void (*callback)(int,int,void *),void *cb_arg);
-#endif /* !defined(OPENSSL_NO_DEPRECATED) */
-
-/* New version */
-int	DH_generate_parameters_ex(DH *dh, int prime_len,int generator, BN_GENCB *cb);
-
-int	DH_check(const DH *dh,int *codes);
-int	DH_check_pub_key(const DH *dh,const BIGNUM *pub_key, int *codes);
-int	DH_generate_key(DH *dh);
-int	DH_compute_key(unsigned char *key,const BIGNUM *pub_key,DH *dh);
-DH *	d2i_DHparams(DH **a,const unsigned char **pp, long length);
-int	i2d_DHparams(const DH *a,unsigned char **pp);
-#ifndef OPENSSL_NO_FP_API
-int	DHparams_print_fp(FILE *fp, const DH *x);
-#endif
-#ifndef OPENSSL_NO_BIO
-int	DHparams_print(BIO *bp, const DH *x);
-#else
-int	DHparams_print(char *bp, const DH *x);
-#endif
-
-#define EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len) \
-	EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
-			EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, len, NULL)
-
-#define EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, gen) \
-	EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
-			EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR, gen, NULL)
-
-#define	EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN	(EVP_PKEY_ALG_CTRL + 1)
-#define	EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR	(EVP_PKEY_ALG_CTRL + 2)
-		
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_DH_strings(void);
-
-/* Error codes for the DH functions. */
-
-/* Function codes. */
-#define DH_F_COMPUTE_KEY				 102
-#define DH_F_DHPARAMS_PRINT_FP				 101
-#define DH_F_DH_BUILTIN_GENPARAMS			 106
-#define DH_F_DH_COMPUTE_KEY				 114
-#define DH_F_DH_GENERATE_KEY				 115
-#define DH_F_DH_GENERATE_PARAMETERS_EX			 116
-#define DH_F_DH_NEW_METHOD				 105
-#define DH_F_DH_PARAM_DECODE				 107
-#define DH_F_DH_PRIV_DECODE				 110
-#define DH_F_DH_PRIV_ENCODE				 111
-#define DH_F_DH_PUB_DECODE				 108
-#define DH_F_DH_PUB_ENCODE				 109
-#define DH_F_DO_DH_PRINT				 100
-#define DH_F_GENERATE_KEY				 103
-#define DH_F_GENERATE_PARAMETERS			 104
-#define DH_F_PKEY_DH_DERIVE				 112
-#define DH_F_PKEY_DH_KEYGEN				 113
-
-/* Reason codes. */
-#define DH_R_BAD_GENERATOR				 101
-#define DH_R_BN_DECODE_ERROR				 109
-#define DH_R_BN_ERROR					 106
-#define DH_R_DECODE_ERROR				 104
-#define DH_R_INVALID_PUBKEY				 102
-#define DH_R_KEYS_NOT_SET				 108
-#define DH_R_KEY_SIZE_TOO_SMALL				 110
-#define DH_R_MODULUS_TOO_LARGE				 103
-#define DH_R_NON_FIPS_METHOD				 111
-#define DH_R_NO_PARAMETERS_SET				 107
-#define DH_R_NO_PRIVATE_VALUE				 100
-#define DH_R_PARAMETER_ENCODING_ERROR			 105
-
-#ifdef  __cplusplus
-}
-#endif
-#endif

ext/bin/libcrypto/include/openssl/dsa.h

@@ -1,327 +0,0 @@
-/* crypto/dsa/dsa.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*
- * The DSS routines are based on patches supplied by
- * Steven Schoch <schoch@sheba.arc.nasa.gov>.  He basically did the
- * work and I have just tweaked them a little to fit into my
- * stylistic vision for SSLeay :-) */
-
-#ifndef HEADER_DSA_H
-#define HEADER_DSA_H
-
-#include <openssl/e_os2.h>
-
-#ifdef OPENSSL_NO_DSA
-#error DSA is disabled.
-#endif
-
-#ifndef OPENSSL_NO_BIO
-#include <openssl/bio.h>
-#endif
-#include <openssl/crypto.h>
-#include <openssl/ossl_typ.h>
-
-#ifndef OPENSSL_NO_DEPRECATED
-#include <openssl/bn.h>
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-#endif
-
-#ifndef OPENSSL_DSA_MAX_MODULUS_BITS
-# define OPENSSL_DSA_MAX_MODULUS_BITS	10000
-#endif
-
-#define DSA_FLAG_CACHE_MONT_P	0x01
-#define DSA_FLAG_NO_EXP_CONSTTIME       0x02 /* new with 0.9.7h; the built-in DSA
-                                              * implementation now uses constant time
-                                              * modular exponentiation for secret exponents
-                                              * by default. This flag causes the
-                                              * faster variable sliding window method to
-                                              * be used for all exponents.
-                                              */
-
-/* If this flag is set the DSA method is FIPS compliant and can be used
- * in FIPS mode. This is set in the validated module method. If an
- * application sets this flag in its own methods it is its reposibility
- * to ensure the result is compliant.
- */
-
-#define DSA_FLAG_FIPS_METHOD			0x0400
-
-/* If this flag is set the operations normally disabled in FIPS mode are
- * permitted it is then the applications responsibility to ensure that the
- * usage is compliant.
- */
-
-#define DSA_FLAG_NON_FIPS_ALLOW			0x0400
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* Already defined in ossl_typ.h */
-/* typedef struct dsa_st DSA; */
-/* typedef struct dsa_method DSA_METHOD; */
-
-typedef struct DSA_SIG_st
-	{
-	BIGNUM *r;
-	BIGNUM *s;
-	} DSA_SIG;
-
-struct dsa_method
-	{
-	const char *name;
-	DSA_SIG * (*dsa_do_sign)(const unsigned char *dgst, int dlen, DSA *dsa);
-	int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
-								BIGNUM **rp);
-	int (*dsa_do_verify)(const unsigned char *dgst, int dgst_len,
-			     DSA_SIG *sig, DSA *dsa);
-	int (*dsa_mod_exp)(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
-			BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
-			BN_MONT_CTX *in_mont);
-	int (*bn_mod_exp)(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
-				const BIGNUM *m, BN_CTX *ctx,
-				BN_MONT_CTX *m_ctx); /* Can be null */
-	int (*init)(DSA *dsa);
-	int (*finish)(DSA *dsa);
-	int flags;
-	char *app_data;
-	/* If this is non-NULL, it is used to generate DSA parameters */
-	int (*dsa_paramgen)(DSA *dsa, int bits,
-			const unsigned char *seed, int seed_len,
-			int *counter_ret, unsigned long *h_ret,
-			BN_GENCB *cb);
-	/* If this is non-NULL, it is used to generate DSA keys */
-	int (*dsa_keygen)(DSA *dsa);
-	};
-
-struct dsa_st
-	{
-	/* This first variable is used to pick up errors where
-	 * a DSA is passed instead of of a EVP_PKEY */
-	int pad;
-	long version;
-	int write_params;
-	BIGNUM *p;
-	BIGNUM *q;	/* == 20 */
-	BIGNUM *g;
-
-	BIGNUM *pub_key;  /* y public key */
-	BIGNUM *priv_key; /* x private key */
-
-	BIGNUM *kinv;	/* Signing pre-calc */
-	BIGNUM *r;	/* Signing pre-calc */
-
-	int flags;
-	/* Normally used to cache montgomery values */
-	BN_MONT_CTX *method_mont_p;
-	int references;
-	CRYPTO_EX_DATA ex_data;
-	const DSA_METHOD *meth;
-	/* functional reference if 'meth' is ENGINE-provided */
-	ENGINE *engine;
-	};
-
-#define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \
-		(char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x))
-#define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \
-		(unsigned char *)(x))
-#define d2i_DSAparams_bio(bp,x) ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSAparams,bp,x)
-#define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio_of_const(DSA,i2d_DSAparams,bp,x)
-
-
-DSA *DSAparams_dup(DSA *x);
-DSA_SIG * DSA_SIG_new(void);
-void	DSA_SIG_free(DSA_SIG *a);
-int	i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp);
-DSA_SIG * d2i_DSA_SIG(DSA_SIG **v, const unsigned char **pp, long length);
-
-DSA_SIG * DSA_do_sign(const unsigned char *dgst,int dlen,DSA *dsa);
-int	DSA_do_verify(const unsigned char *dgst,int dgst_len,
-		      DSA_SIG *sig,DSA *dsa);
-
-const DSA_METHOD *DSA_OpenSSL(void);
-
-void	DSA_set_default_method(const DSA_METHOD *);
-const DSA_METHOD *DSA_get_default_method(void);
-int	DSA_set_method(DSA *dsa, const DSA_METHOD *);
-
-DSA *	DSA_new(void);
-DSA *	DSA_new_method(ENGINE *engine);
-void	DSA_free (DSA *r);
-/* "up" the DSA object's reference count */
-int	DSA_up_ref(DSA *r);
-int	DSA_size(const DSA *);
-	/* next 4 return -1 on error */
-int	DSA_sign_setup( DSA *dsa,BN_CTX *ctx_in,BIGNUM **kinvp,BIGNUM **rp);
-int	DSA_sign(int type,const unsigned char *dgst,int dlen,
-		unsigned char *sig, unsigned int *siglen, DSA *dsa);
-int	DSA_verify(int type,const unsigned char *dgst,int dgst_len,
-		const unsigned char *sigbuf, int siglen, DSA *dsa);
-int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-	     CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int DSA_set_ex_data(DSA *d, int idx, void *arg);
-void *DSA_get_ex_data(DSA *d, int idx);
-
-DSA *	d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length);
-DSA *	d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length);
-DSA * 	d2i_DSAparams(DSA **a, const unsigned char **pp, long length);
-
-/* Deprecated version */
-#ifndef OPENSSL_NO_DEPRECATED
-DSA *	DSA_generate_parameters(int bits,
-		unsigned char *seed,int seed_len,
-		int *counter_ret, unsigned long *h_ret,void
-		(*callback)(int, int, void *),void *cb_arg);
-#endif /* !defined(OPENSSL_NO_DEPRECATED) */
-
-/* New version */
-int	DSA_generate_parameters_ex(DSA *dsa, int bits,
-		const unsigned char *seed,int seed_len,
-		int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
-
-int	DSA_generate_key(DSA *a);
-int	i2d_DSAPublicKey(const DSA *a, unsigned char **pp);
-int 	i2d_DSAPrivateKey(const DSA *a, unsigned char **pp);
-int	i2d_DSAparams(const DSA *a,unsigned char **pp);
-
-#ifndef OPENSSL_NO_BIO
-int	DSAparams_print(BIO *bp, const DSA *x);
-int	DSA_print(BIO *bp, const DSA *x, int off);
-#endif
-#ifndef OPENSSL_NO_FP_API
-int	DSAparams_print_fp(FILE *fp, const DSA *x);
-int	DSA_print_fp(FILE *bp, const DSA *x, int off);
-#endif
-
-#define DSS_prime_checks 50
-/* Primality test according to FIPS PUB 186[-1], Appendix 2.1:
- * 50 rounds of Rabin-Miller */
-#define DSA_is_prime(n, callback, cb_arg) \
-	BN_is_prime(n, DSS_prime_checks, callback, NULL, cb_arg)
-
-#ifndef OPENSSL_NO_DH
-/* Convert DSA structure (key or just parameters) into DH structure
- * (be careful to avoid small subgroup attacks when using this!) */
-DH *DSA_dup_DH(const DSA *r);
-#endif
-
-#define EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits) \
-	EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \
-				EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, nbits, NULL)
-
-#define	EVP_PKEY_CTRL_DSA_PARAMGEN_BITS		(EVP_PKEY_ALG_CTRL + 1)
-#define	EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS	(EVP_PKEY_ALG_CTRL + 2)
-#define	EVP_PKEY_CTRL_DSA_PARAMGEN_MD		(EVP_PKEY_ALG_CTRL + 3)
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_DSA_strings(void);
-
-/* Error codes for the DSA functions. */
-
-/* Function codes. */
-#define DSA_F_D2I_DSA_SIG				 110
-#define DSA_F_DO_DSA_PRINT				 104
-#define DSA_F_DSAPARAMS_PRINT				 100
-#define DSA_F_DSAPARAMS_PRINT_FP			 101
-#define DSA_F_DSA_DO_SIGN				 112
-#define DSA_F_DSA_DO_VERIFY				 113
-#define DSA_F_DSA_GENERATE_KEY				 124
-#define DSA_F_DSA_GENERATE_PARAMETERS_EX		 123
-#define DSA_F_DSA_NEW_METHOD				 103
-#define DSA_F_DSA_PARAM_DECODE				 119
-#define DSA_F_DSA_PRINT_FP				 105
-#define DSA_F_DSA_PRIV_DECODE				 115
-#define DSA_F_DSA_PRIV_ENCODE				 116
-#define DSA_F_DSA_PUB_DECODE				 117
-#define DSA_F_DSA_PUB_ENCODE				 118
-#define DSA_F_DSA_SIGN					 106
-#define DSA_F_DSA_SIGN_SETUP				 107
-#define DSA_F_DSA_SIG_NEW				 109
-#define DSA_F_DSA_SIG_PRINT				 125
-#define DSA_F_DSA_VERIFY				 108
-#define DSA_F_I2D_DSA_SIG				 111
-#define DSA_F_OLD_DSA_PRIV_DECODE			 122
-#define DSA_F_PKEY_DSA_CTRL				 120
-#define DSA_F_PKEY_DSA_KEYGEN				 121
-#define DSA_F_SIG_CB					 114
-
-/* Reason codes. */
-#define DSA_R_BAD_Q_VALUE				 102
-#define DSA_R_BN_DECODE_ERROR				 108
-#define DSA_R_BN_ERROR					 109
-#define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE		 100
-#define DSA_R_DECODE_ERROR				 104
-#define DSA_R_INVALID_DIGEST_TYPE			 106
-#define DSA_R_MISSING_PARAMETERS			 101
-#define DSA_R_MODULUS_TOO_LARGE				 103
-#define DSA_R_NEED_NEW_SETUP_VALUES			 110
-#define DSA_R_NON_FIPS_DSA_METHOD			 111
-#define DSA_R_NO_PARAMETERS_SET				 107
-#define DSA_R_PARAMETER_ENCODING_ERROR			 105
-
-#ifdef  __cplusplus
-}
-#endif
-#endif

ext/bin/libcrypto/include/openssl/dso.h

@@ -1,409 +0,0 @@
-/* dso.h -*- mode:C; c-file-style: "eay" -*- */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_DSO_H
-#define HEADER_DSO_H
-
-#include <openssl/crypto.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* These values are used as commands to DSO_ctrl() */
-#define DSO_CTRL_GET_FLAGS	1
-#define DSO_CTRL_SET_FLAGS	2
-#define DSO_CTRL_OR_FLAGS	3
-
-/* By default, DSO_load() will translate the provided filename into a form
- * typical for the platform (more specifically the DSO_METHOD) using the
- * dso_name_converter function of the method. Eg. win32 will transform "blah"
- * into "blah.dll", and dlfcn will transform it into "libblah.so". The
- * behaviour can be overriden by setting the name_converter callback in the DSO
- * object (using DSO_set_name_converter()). This callback could even utilise
- * the DSO_METHOD's converter too if it only wants to override behaviour for
- * one or two possible DSO methods. However, the following flag can be set in a
- * DSO to prevent *any* native name-translation at all - eg. if the caller has
- * prompted the user for a path to a driver library so the filename should be
- * interpreted as-is. */
-#define DSO_FLAG_NO_NAME_TRANSLATION		0x01
-/* An extra flag to give if only the extension should be added as
- * translation.  This is obviously only of importance on Unix and
- * other operating systems where the translation also may prefix
- * the name with something, like 'lib', and ignored everywhere else.
- * This flag is also ignored if DSO_FLAG_NO_NAME_TRANSLATION is used
- * at the same time. */
-#define DSO_FLAG_NAME_TRANSLATION_EXT_ONLY	0x02
-
-/* The following flag controls the translation of symbol names to upper
- * case.  This is currently only being implemented for OpenVMS.
- */
-#define DSO_FLAG_UPCASE_SYMBOL			0x10
-
-/* This flag loads the library with public symbols.
- * Meaning: The exported symbols of this library are public
- * to all libraries loaded after this library.
- * At the moment only implemented in unix.
- */
-#define DSO_FLAG_GLOBAL_SYMBOLS			0x20
-
-
-typedef void (*DSO_FUNC_TYPE)(void);
-
-typedef struct dso_st DSO;
-
-/* The function prototype used for method functions (or caller-provided
- * callbacks) that transform filenames. They are passed a DSO structure pointer
- * (or NULL if they are to be used independantly of a DSO object) and a
- * filename to transform. They should either return NULL (if there is an error
- * condition) or a newly allocated string containing the transformed form that
- * the caller will need to free with OPENSSL_free() when done. */
-typedef char* (*DSO_NAME_CONVERTER_FUNC)(DSO *, const char *);
-/* The function prototype used for method functions (or caller-provided
- * callbacks) that merge two file specifications. They are passed a
- * DSO structure pointer (or NULL if they are to be used independantly of
- * a DSO object) and two file specifications to merge. They should
- * either return NULL (if there is an error condition) or a newly allocated
- * string containing the result of merging that the caller will need
- * to free with OPENSSL_free() when done.
- * Here, merging means that bits and pieces are taken from each of the
- * file specifications and added together in whatever fashion that is
- * sensible for the DSO method in question.  The only rule that really
- * applies is that if the two specification contain pieces of the same
- * type, the copy from the first string takes priority.  One could see
- * it as the first specification is the one given by the user and the
- * second being a bunch of defaults to add on if they're missing in the
- * first. */
-typedef char* (*DSO_MERGER_FUNC)(DSO *, const char *, const char *);
-
-typedef struct dso_meth_st
-	{
-	const char *name;
-	/* Loads a shared library, NB: new DSO_METHODs must ensure that a
-	 * successful load populates the loaded_filename field, and likewise a
-	 * successful unload OPENSSL_frees and NULLs it out. */
-	int (*dso_load)(DSO *dso);
-	/* Unloads a shared library */
-	int (*dso_unload)(DSO *dso);
-	/* Binds a variable */
-	void *(*dso_bind_var)(DSO *dso, const char *symname);
-	/* Binds a function - assumes a return type of DSO_FUNC_TYPE.
-	 * This should be cast to the real function prototype by the
-	 * caller. Platforms that don't have compatible representations
-	 * for different prototypes (this is possible within ANSI C)
-	 * are highly unlikely to have shared libraries at all, let
-	 * alone a DSO_METHOD implemented for them. */
-	DSO_FUNC_TYPE (*dso_bind_func)(DSO *dso, const char *symname);
-
-/* I don't think this would actually be used in any circumstances. */
-#if 0
-	/* Unbinds a variable */
-	int (*dso_unbind_var)(DSO *dso, char *symname, void *symptr);
-	/* Unbinds a function */
-	int (*dso_unbind_func)(DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
-#endif
-	/* The generic (yuck) "ctrl()" function. NB: Negative return
-	 * values (rather than zero) indicate errors. */
-	long (*dso_ctrl)(DSO *dso, int cmd, long larg, void *parg);
-	/* The default DSO_METHOD-specific function for converting filenames to
-	 * a canonical native form. */
-	DSO_NAME_CONVERTER_FUNC dso_name_converter;
-	/* The default DSO_METHOD-specific function for converting filenames to
-	 * a canonical native form. */
-	DSO_MERGER_FUNC dso_merger;
-
-	/* [De]Initialisation handlers. */
-	int (*init)(DSO *dso);
-	int (*finish)(DSO *dso);
-
-	/* Return pathname of the module containing location */
-	int (*pathbyaddr)(void *addr,char *path,int sz);
-	/* Perform global symbol lookup, i.e. among *all* modules */
-	void *(*globallookup)(const char *symname);
-	} DSO_METHOD;
-
-/**********************************************************************/
-/* The low-level handle type used to refer to a loaded shared library */
-
-struct dso_st
-	{
-	DSO_METHOD *meth;
-	/* Standard dlopen uses a (void *). Win32 uses a HANDLE. VMS
-	 * doesn't use anything but will need to cache the filename
-	 * for use in the dso_bind handler. All in all, let each
-	 * method control its own destiny. "Handles" and such go in
-	 * a STACK. */
-	STACK_OF(void) *meth_data;
-	int references;
-	int flags;
-	/* For use by applications etc ... use this for your bits'n'pieces,
-	 * don't touch meth_data! */
-	CRYPTO_EX_DATA ex_data;
-	/* If this callback function pointer is set to non-NULL, then it will
-	 * be used in DSO_load() in place of meth->dso_name_converter. NB: This
-	 * should normally set using DSO_set_name_converter(). */
-	DSO_NAME_CONVERTER_FUNC name_converter;
-	/* If this callback function pointer is set to non-NULL, then it will
-	 * be used in DSO_load() in place of meth->dso_merger. NB: This
-	 * should normally set using DSO_set_merger(). */
-	DSO_MERGER_FUNC merger;
-	/* This is populated with (a copy of) the platform-independant
-	 * filename used for this DSO. */
-	char *filename;
-	/* This is populated with (a copy of) the translated filename by which
-	 * the DSO was actually loaded. It is NULL iff the DSO is not currently
-	 * loaded. NB: This is here because the filename translation process
-	 * may involve a callback being invoked more than once not only to
-	 * convert to a platform-specific form, but also to try different
-	 * filenames in the process of trying to perform a load. As such, this
-	 * variable can be used to indicate (a) whether this DSO structure
-	 * corresponds to a loaded library or not, and (b) the filename with
-	 * which it was actually loaded. */
-	char *loaded_filename;
-	};
-
-
-DSO *	DSO_new(void);
-DSO *	DSO_new_method(DSO_METHOD *method);
-int	DSO_free(DSO *dso);
-int	DSO_flags(DSO *dso);
-int	DSO_up_ref(DSO *dso);
-long	DSO_ctrl(DSO *dso, int cmd, long larg, void *parg);
-
-/* This function sets the DSO's name_converter callback. If it is non-NULL,
- * then it will be used instead of the associated DSO_METHOD's function. If
- * oldcb is non-NULL then it is set to the function pointer value being
- * replaced. Return value is non-zero for success. */
-int	DSO_set_name_converter(DSO *dso, DSO_NAME_CONVERTER_FUNC cb,
-				DSO_NAME_CONVERTER_FUNC *oldcb);
-/* These functions can be used to get/set the platform-independant filename
- * used for a DSO. NB: set will fail if the DSO is already loaded. */
-const char *DSO_get_filename(DSO *dso);
-int	DSO_set_filename(DSO *dso, const char *filename);
-/* This function will invoke the DSO's name_converter callback to translate a
- * filename, or if the callback isn't set it will instead use the DSO_METHOD's
- * converter. If "filename" is NULL, the "filename" in the DSO itself will be
- * used. If the DSO_FLAG_NO_NAME_TRANSLATION flag is set, then the filename is
- * simply duplicated. NB: This function is usually called from within a
- * DSO_METHOD during the processing of a DSO_load() call, and is exposed so that
- * caller-created DSO_METHODs can do the same thing. A non-NULL return value
- * will need to be OPENSSL_free()'d. */
-char	*DSO_convert_filename(DSO *dso, const char *filename);
-/* This function will invoke the DSO's merger callback to merge two file
- * specifications, or if the callback isn't set it will instead use the
- * DSO_METHOD's merger.  A non-NULL return value will need to be
- * OPENSSL_free()'d. */
-char	*DSO_merge(DSO *dso, const char *filespec1, const char *filespec2);
-/* If the DSO is currently loaded, this returns the filename that it was loaded
- * under, otherwise it returns NULL. So it is also useful as a test as to
- * whether the DSO is currently loaded. NB: This will not necessarily return
- * the same value as DSO_convert_filename(dso, dso->filename), because the
- * DSO_METHOD's load function may have tried a variety of filenames (with
- * and/or without the aid of the converters) before settling on the one it
- * actually loaded. */
-const char *DSO_get_loaded_filename(DSO *dso);
-
-void	DSO_set_default_method(DSO_METHOD *meth);
-DSO_METHOD *DSO_get_default_method(void);
-DSO_METHOD *DSO_get_method(DSO *dso);
-DSO_METHOD *DSO_set_method(DSO *dso, DSO_METHOD *meth);
-
-/* The all-singing all-dancing load function, you normally pass NULL
- * for the first and third parameters. Use DSO_up and DSO_free for
- * subsequent reference count handling. Any flags passed in will be set
- * in the constructed DSO after its init() function but before the
- * load operation. If 'dso' is non-NULL, 'flags' is ignored. */
-DSO *DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags);
-
-/* This function binds to a variable inside a shared library. */
-void *DSO_bind_var(DSO *dso, const char *symname);
-
-/* This function binds to a function inside a shared library. */
-DSO_FUNC_TYPE DSO_bind_func(DSO *dso, const char *symname);
-
-/* This method is the default, but will beg, borrow, or steal whatever
- * method should be the default on any particular platform (including
- * DSO_METH_null() if necessary). */
-DSO_METHOD *DSO_METHOD_openssl(void);
-
-/* This method is defined for all platforms - if a platform has no
- * DSO support then this will be the only method! */
-DSO_METHOD *DSO_METHOD_null(void);
-
-/* If DSO_DLFCN is defined, the standard dlfcn.h-style functions
- * (dlopen, dlclose, dlsym, etc) will be used and incorporated into
- * this method. If not, this method will return NULL. */
-DSO_METHOD *DSO_METHOD_dlfcn(void);
-
-/* If DSO_DL is defined, the standard dl.h-style functions (shl_load, 
- * shl_unload, shl_findsym, etc) will be used and incorporated into
- * this method. If not, this method will return NULL. */
-DSO_METHOD *DSO_METHOD_dl(void);
-
-/* If WIN32 is defined, use DLLs. If not, return NULL. */
-DSO_METHOD *DSO_METHOD_win32(void);
-
-/* If VMS is defined, use shared images. If not, return NULL. */
-DSO_METHOD *DSO_METHOD_vms(void);
-
-/* This function writes null-terminated pathname of DSO module
- * containing 'addr' into 'sz' large caller-provided 'path' and
- * returns the number of characters [including trailing zero]
- * written to it. If 'sz' is 0 or negative, 'path' is ignored and
- * required amount of charachers [including trailing zero] to
- * accomodate pathname is returned. If 'addr' is NULL, then
- * pathname of cryptolib itself is returned. Negative or zero
- * return value denotes error.
- */
-int DSO_pathbyaddr(void *addr,char *path,int sz);
-
-/* This function should be used with caution! It looks up symbols in
- * *all* loaded modules and if module gets unloaded by somebody else
- * attempt to dereference the pointer is doomed to have fatal
- * consequences. Primary usage for this function is to probe *core*
- * system functionality, e.g. check if getnameinfo(3) is available
- * at run-time without bothering about OS-specific details such as
- * libc.so.versioning or where does it actually reside: in libc
- * itself or libsocket. */
-void *DSO_global_lookup(const char *name);
-
-/* If BeOS is defined, use shared images. If not, return NULL. */
-DSO_METHOD *DSO_METHOD_beos(void);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_DSO_strings(void);
-
-/* Error codes for the DSO functions. */
-
-/* Function codes. */
-#define DSO_F_BEOS_BIND_FUNC				 144
-#define DSO_F_BEOS_BIND_VAR				 145
-#define DSO_F_BEOS_LOAD					 146
-#define DSO_F_BEOS_NAME_CONVERTER			 147
-#define DSO_F_BEOS_UNLOAD				 148
-#define DSO_F_DLFCN_BIND_FUNC				 100
-#define DSO_F_DLFCN_BIND_VAR				 101
-#define DSO_F_DLFCN_LOAD				 102
-#define DSO_F_DLFCN_MERGER				 130
-#define DSO_F_DLFCN_NAME_CONVERTER			 123
-#define DSO_F_DLFCN_UNLOAD				 103
-#define DSO_F_DL_BIND_FUNC				 104
-#define DSO_F_DL_BIND_VAR				 105
-#define DSO_F_DL_LOAD					 106
-#define DSO_F_DL_MERGER					 131
-#define DSO_F_DL_NAME_CONVERTER				 124
-#define DSO_F_DL_UNLOAD					 107
-#define DSO_F_DSO_BIND_FUNC				 108
-#define DSO_F_DSO_BIND_VAR				 109
-#define DSO_F_DSO_CONVERT_FILENAME			 126
-#define DSO_F_DSO_CTRL					 110
-#define DSO_F_DSO_FREE					 111
-#define DSO_F_DSO_GET_FILENAME				 127
-#define DSO_F_DSO_GET_LOADED_FILENAME			 128
-#define DSO_F_DSO_GLOBAL_LOOKUP				 139
-#define DSO_F_DSO_LOAD					 112
-#define DSO_F_DSO_MERGE					 132
-#define DSO_F_DSO_NEW_METHOD				 113
-#define DSO_F_DSO_PATHBYADDR				 140
-#define DSO_F_DSO_SET_FILENAME				 129
-#define DSO_F_DSO_SET_NAME_CONVERTER			 122
-#define DSO_F_DSO_UP_REF				 114
-#define DSO_F_GLOBAL_LOOKUP_FUNC			 138
-#define DSO_F_PATHBYADDR				 137
-#define DSO_F_VMS_BIND_SYM				 115
-#define DSO_F_VMS_LOAD					 116
-#define DSO_F_VMS_MERGER				 133
-#define DSO_F_VMS_UNLOAD				 117
-#define DSO_F_WIN32_BIND_FUNC				 118
-#define DSO_F_WIN32_BIND_VAR				 119
-#define DSO_F_WIN32_GLOBALLOOKUP			 142
-#define DSO_F_WIN32_GLOBALLOOKUP_FUNC			 143
-#define DSO_F_WIN32_JOINER				 135
-#define DSO_F_WIN32_LOAD				 120
-#define DSO_F_WIN32_MERGER				 134
-#define DSO_F_WIN32_NAME_CONVERTER			 125
-#define DSO_F_WIN32_PATHBYADDR				 141
-#define DSO_F_WIN32_SPLITTER				 136
-#define DSO_F_WIN32_UNLOAD				 121
-
-/* Reason codes. */
-#define DSO_R_CTRL_FAILED				 100
-#define DSO_R_DSO_ALREADY_LOADED			 110
-#define DSO_R_EMPTY_FILE_STRUCTURE			 113
-#define DSO_R_FAILURE					 114
-#define DSO_R_FILENAME_TOO_BIG				 101
-#define DSO_R_FINISH_FAILED				 102
-#define DSO_R_INCORRECT_FILE_SYNTAX			 115
-#define DSO_R_LOAD_FAILED				 103
-#define DSO_R_NAME_TRANSLATION_FAILED			 109
-#define DSO_R_NO_FILENAME				 111
-#define DSO_R_NO_FILE_SPECIFICATION			 116
-#define DSO_R_NULL_HANDLE				 104
-#define DSO_R_SET_FILENAME_FAILED			 112
-#define DSO_R_STACK_ERROR				 105
-#define DSO_R_SYM_FAILURE				 106
-#define DSO_R_UNLOAD_FAILED				 107
-#define DSO_R_UNSUPPORTED				 108
-
-#ifdef  __cplusplus
-}
-#endif
-#endif

ext/bin/libcrypto/include/openssl/dtls1.h

@@ -1,287 +0,0 @@
-/* ssl/dtls1.h */
-/* 
- * DTLS implementation written by Nagendra Modadugu
- * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.  
- */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_DTLS1_H
-#define HEADER_DTLS1_H
-
-#include <openssl/buffer.h>
-#include <openssl/pqueue.h>
-#ifdef OPENSSL_SYS_VMS
-#include <resource.h>
-#include <sys/timeb.h>
-#endif
-#ifdef OPENSSL_SYS_WIN32
-/* Needed for struct timeval */
-#include <winsock.h>
-#elif defined(OPENSSL_SYS_NETWARE) && !defined(_WINSOCK2API_)
-#include <sys/timeval.h>
-#else
-#if defined(OPENSSL_SYS_VXWORKS)
-#include <sys/times.h>
-#else
-#include <sys/time.h>
-#endif
-#endif
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#define DTLS1_VERSION			0xFEFF
-#define DTLS1_BAD_VER			0x0100
-
-#if 0
-/* this alert description is not specified anywhere... */
-#define DTLS1_AD_MISSING_HANDSHAKE_MESSAGE    110
-#endif
-
-/* lengths of messages */
-#define DTLS1_COOKIE_LENGTH                     256
-
-#define DTLS1_RT_HEADER_LENGTH                  13
-
-#define DTLS1_HM_HEADER_LENGTH                  12
-
-#define DTLS1_HM_BAD_FRAGMENT                   -2
-#define DTLS1_HM_FRAGMENT_RETRY                 -3
-
-#define DTLS1_CCS_HEADER_LENGTH                  1
-
-#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
-#define DTLS1_AL_HEADER_LENGTH                   7
-#else
-#define DTLS1_AL_HEADER_LENGTH                   2
-#endif
-
-#ifndef OPENSSL_NO_SSL_INTERN
-
-#ifndef OPENSSL_NO_SCTP
-#define DTLS1_SCTP_AUTH_LABEL	"EXPORTER_DTLS_OVER_SCTP"
-#endif
-
-typedef struct dtls1_bitmap_st
-	{
-	unsigned long map;		/* track 32 packets on 32-bit systems
-					   and 64 - on 64-bit systems */
-	unsigned char max_seq_num[8];	/* max record number seen so far,
-					   64-bit value in big-endian
-					   encoding */
-	} DTLS1_BITMAP;
-
-struct dtls1_retransmit_state
-	{
-	EVP_CIPHER_CTX *enc_write_ctx;	/* cryptographic state */
-	EVP_MD_CTX *write_hash;			/* used for mac generation */
-#ifndef OPENSSL_NO_COMP
-	COMP_CTX *compress;				/* compression */
-#else
-	char *compress;	
-#endif
-	SSL_SESSION *session;
-	unsigned short epoch;
-	};
-
-struct hm_header_st
-	{
-	unsigned char type;
-	unsigned long msg_len;
-	unsigned short seq;
-	unsigned long frag_off;
-	unsigned long frag_len;
-	unsigned int is_ccs;
-	struct dtls1_retransmit_state saved_retransmit_state;
-	};
-
-struct ccs_header_st
-	{
-	unsigned char type;
-	unsigned short seq;
-	};
-
-struct dtls1_timeout_st
-	{
-	/* Number of read timeouts so far */
-	unsigned int read_timeouts;
-	
-	/* Number of write timeouts so far */
-	unsigned int write_timeouts;
-	
-	/* Number of alerts received so far */
-	unsigned int num_alerts;
-	};
-
-typedef struct record_pqueue_st
-	{
-	unsigned short epoch;
-	pqueue q;
-	} record_pqueue;
-
-typedef struct hm_fragment_st
-	{
-	struct hm_header_st msg_header;
-	unsigned char *fragment;
-	unsigned char *reassembly;
-	} hm_fragment;
-
-typedef struct dtls1_state_st
-	{
-	unsigned int send_cookie;
-	unsigned char cookie[DTLS1_COOKIE_LENGTH];
-	unsigned char rcvd_cookie[DTLS1_COOKIE_LENGTH];
-	unsigned int cookie_len;
-
-	/* 
-	 * The current data and handshake epoch.  This is initially
-	 * undefined, and starts at zero once the initial handshake is
-	 * completed 
-	 */
-	unsigned short r_epoch;
-	unsigned short w_epoch;
-
-	/* records being received in the current epoch */
-	DTLS1_BITMAP bitmap;
-
-	/* renegotiation starts a new set of sequence numbers */
-	DTLS1_BITMAP next_bitmap;
-
-	/* handshake message numbers */
-	unsigned short handshake_write_seq;
-	unsigned short next_handshake_write_seq;
-
-	unsigned short handshake_read_seq;
-
-	/* save last sequence number for retransmissions */
-	unsigned char last_write_sequence[8];
-
-	/* Received handshake records (processed and unprocessed) */
-	record_pqueue unprocessed_rcds;
-	record_pqueue processed_rcds;
-
-	/* Buffered handshake messages */
-	pqueue buffered_messages;
-
-	/* Buffered (sent) handshake records */
-	pqueue sent_messages;
-
-	/* Buffered application records.
-	 * Only for records between CCS and Finished
-	 * to prevent either protocol violation or
-	 * unnecessary message loss.
-	 */
-	record_pqueue buffered_app_data;
-
-	/* Is set when listening for new connections with dtls1_listen() */
-	unsigned int listen;
-
-	unsigned int mtu; /* max DTLS packet size */
-
-	struct hm_header_st w_msg_hdr;
-	struct hm_header_st r_msg_hdr;
-
-	struct dtls1_timeout_st timeout;
-
-	/* Indicates when the last handshake msg or heartbeat sent will timeout */
-	struct timeval next_timeout;
-
-	/* Timeout duration */
-	unsigned short timeout_duration;
-
-	/* storage for Alert/Handshake protocol data received but not
-	 * yet processed by ssl3_read_bytes: */
-	unsigned char alert_fragment[DTLS1_AL_HEADER_LENGTH];
-	unsigned int alert_fragment_len;
-	unsigned char handshake_fragment[DTLS1_HM_HEADER_LENGTH];
-	unsigned int handshake_fragment_len;
-
-	unsigned int retransmitting;
-	unsigned int change_cipher_spec_ok;
-
-#ifndef OPENSSL_NO_SCTP
-	/* used when SSL_ST_XX_FLUSH is entered */
-	int next_state;
-
-	int shutdown_received;
-#endif
-
-	} DTLS1_STATE;
-
-typedef struct dtls1_record_data_st
-	{
-	unsigned char *packet;
-	unsigned int   packet_length;
-	SSL3_BUFFER    rbuf;
-	SSL3_RECORD    rrec;
-#ifndef OPENSSL_NO_SCTP
-	struct bio_dgram_sctp_rcvinfo recordinfo;
-#endif
-	} DTLS1_RECORD_DATA;
-
-#endif
-
-/* Timeout multipliers (timeout slice is defined in apps/timeouts.h */
-#define DTLS1_TMO_READ_COUNT                      2
-#define DTLS1_TMO_WRITE_COUNT                     2
-
-#define DTLS1_TMO_ALERT_COUNT                     12
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
-

ext/bin/libcrypto/include/openssl/e_os2.h

@@ -1,315 +0,0 @@
-/* e_os2.h */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/opensslconf.h>
-
-#ifndef HEADER_E_OS2_H
-#define HEADER_E_OS2_H
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/******************************************************************************
- * Detect operating systems.  This probably needs completing.
- * The result is that at least one OPENSSL_SYS_os macro should be defined.
- * However, if none is defined, Unix is assumed.
- **/
-
-#define OPENSSL_SYS_UNIX
-
-/* ----------------------- Macintosh, before MacOS X ----------------------- */
-#if defined(__MWERKS__) && defined(macintosh) || defined(OPENSSL_SYSNAME_MAC)
-# undef OPENSSL_SYS_UNIX
-# define OPENSSL_SYS_MACINTOSH_CLASSIC
-#endif
-
-/* ----------------------- NetWare ----------------------------------------- */
-#if defined(NETWARE) || defined(OPENSSL_SYSNAME_NETWARE)
-# undef OPENSSL_SYS_UNIX
-# define OPENSSL_SYS_NETWARE
-#endif
-
-/* ---------------------- Microsoft operating systems ---------------------- */
-
-/* Note that MSDOS actually denotes 32-bit environments running on top of
-   MS-DOS, such as DJGPP one. */
-#if defined(OPENSSL_SYSNAME_MSDOS)
-# undef OPENSSL_SYS_UNIX
-# define OPENSSL_SYS_MSDOS
-#endif
-
-/* For 32 bit environment, there seems to be the CygWin environment and then
-   all the others that try to do the same thing Microsoft does... */
-#if defined(OPENSSL_SYSNAME_UWIN)
-# undef OPENSSL_SYS_UNIX
-# define OPENSSL_SYS_WIN32_UWIN
-#else
-# if defined(__CYGWIN32__) || defined(OPENSSL_SYSNAME_CYGWIN32)
-#  undef OPENSSL_SYS_UNIX
-#  define OPENSSL_SYS_WIN32_CYGWIN
-# else
-#  if defined(_WIN32) || defined(OPENSSL_SYSNAME_WIN32)
-#   undef OPENSSL_SYS_UNIX
-#   define OPENSSL_SYS_WIN32
-#  endif
-#  if defined(OPENSSL_SYSNAME_WINNT)
-#   undef OPENSSL_SYS_UNIX
-#   define OPENSSL_SYS_WINNT
-#  endif
-#  if defined(OPENSSL_SYSNAME_WINCE)
-#   undef OPENSSL_SYS_UNIX
-#   define OPENSSL_SYS_WINCE
-#  endif
-# endif
-#endif
-
-/* Anything that tries to look like Microsoft is "Windows" */
-#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WINNT) || defined(OPENSSL_SYS_WINCE)
-# undef OPENSSL_SYS_UNIX
-# define OPENSSL_SYS_WINDOWS
-# ifndef OPENSSL_SYS_MSDOS
-#  define OPENSSL_SYS_MSDOS
-# endif
-#endif
-
-/* DLL settings.  This part is a bit tough, because it's up to the application
-   implementor how he or she will link the application, so it requires some
-   macro to be used. */
-#ifdef OPENSSL_SYS_WINDOWS
-# ifndef OPENSSL_OPT_WINDLL
-#  if defined(_WINDLL) /* This is used when building OpenSSL to indicate that
-                          DLL linkage should be used */
-#   define OPENSSL_OPT_WINDLL
-#  endif
-# endif
-#endif
-
-/* -------------------------------- OpenVMS -------------------------------- */
-#if defined(__VMS) || defined(VMS) || defined(OPENSSL_SYSNAME_VMS)
-# undef OPENSSL_SYS_UNIX
-# define OPENSSL_SYS_VMS
-# if defined(__DECC)
-#  define OPENSSL_SYS_VMS_DECC
-# elif defined(__DECCXX)
-#  define OPENSSL_SYS_VMS_DECC
-#  define OPENSSL_SYS_VMS_DECCXX
-# else
-#  define OPENSSL_SYS_VMS_NODECC
-# endif
-#endif
-
-/* --------------------------------- OS/2 ---------------------------------- */
-#if defined(__EMX__) || defined(__OS2__)
-# undef OPENSSL_SYS_UNIX
-# define OPENSSL_SYS_OS2
-#endif
-
-/* --------------------------------- Unix ---------------------------------- */
-#ifdef OPENSSL_SYS_UNIX
-# if defined(linux) || defined(__linux__) || defined(OPENSSL_SYSNAME_LINUX)
-#  define OPENSSL_SYS_LINUX
-# endif
-# ifdef OPENSSL_SYSNAME_MPE
-#  define OPENSSL_SYS_MPE
-# endif
-# ifdef OPENSSL_SYSNAME_SNI
-#  define OPENSSL_SYS_SNI
-# endif
-# ifdef OPENSSL_SYSNAME_ULTRASPARC
-#  define OPENSSL_SYS_ULTRASPARC
-# endif
-# ifdef OPENSSL_SYSNAME_NEWS4
-#  define OPENSSL_SYS_NEWS4
-# endif
-# ifdef OPENSSL_SYSNAME_MACOSX
-#  define OPENSSL_SYS_MACOSX
-# endif
-# ifdef OPENSSL_SYSNAME_MACOSX_RHAPSODY
-#  define OPENSSL_SYS_MACOSX_RHAPSODY
-#  define OPENSSL_SYS_MACOSX
-# endif
-# ifdef OPENSSL_SYSNAME_SUNOS
-#  define OPENSSL_SYS_SUNOS
-#endif
-# if defined(_CRAY) || defined(OPENSSL_SYSNAME_CRAY)
-#  define OPENSSL_SYS_CRAY
-# endif
-# if defined(_AIX) || defined(OPENSSL_SYSNAME_AIX)
-#  define OPENSSL_SYS_AIX
-# endif
-#endif
-
-/* --------------------------------- VOS ----------------------------------- */
-#if defined(__VOS__) || defined(OPENSSL_SYSNAME_VOS)
-# define OPENSSL_SYS_VOS
-#ifdef __HPPA__
-# define OPENSSL_SYS_VOS_HPPA
-#endif
-#ifdef __IA32__
-# define OPENSSL_SYS_VOS_IA32
-#endif
-#endif
-
-/* ------------------------------- VxWorks --------------------------------- */
-#ifdef OPENSSL_SYSNAME_VXWORKS
-# define OPENSSL_SYS_VXWORKS
-#endif
-
-/* --------------------------------- BeOS ---------------------------------- */
-#if defined(__BEOS__)
-# define OPENSSL_SYS_BEOS
-# include <sys/socket.h>
-# if defined(BONE_VERSION)
-#  define OPENSSL_SYS_BEOS_BONE
-# else
-#  define OPENSSL_SYS_BEOS_R5
-# endif
-#endif
-
-/**
- * That's it for OS-specific stuff
- *****************************************************************************/
-
-
-/* Specials for I/O an exit */
-#ifdef OPENSSL_SYS_MSDOS
-# define OPENSSL_UNISTD_IO <io.h>
-# define OPENSSL_DECLARE_EXIT extern void exit(int);
-#else
-# define OPENSSL_UNISTD_IO OPENSSL_UNISTD
-# define OPENSSL_DECLARE_EXIT /* declared in unistd.h */
-#endif
-
-/* Definitions of OPENSSL_GLOBAL and OPENSSL_EXTERN, to define and declare
-   certain global symbols that, with some compilers under VMS, have to be
-   defined and declared explicitely with globaldef and globalref.
-   Definitions of OPENSSL_EXPORT and OPENSSL_IMPORT, to define and declare
-   DLL exports and imports for compilers under Win32.  These are a little
-   more complicated to use.  Basically, for any library that exports some
-   global variables, the following code must be present in the header file
-   that declares them, before OPENSSL_EXTERN is used:
-
-   #ifdef SOME_BUILD_FLAG_MACRO
-   # undef OPENSSL_EXTERN
-   # define OPENSSL_EXTERN OPENSSL_EXPORT
-   #endif
-
-   The default is to have OPENSSL_EXPORT, OPENSSL_IMPORT and OPENSSL_GLOBAL
-   have some generally sensible values, and for OPENSSL_EXTERN to have the
-   value OPENSSL_IMPORT.
-*/
-
-#if defined(OPENSSL_SYS_VMS_NODECC)
-# define OPENSSL_EXPORT globalref
-# define OPENSSL_IMPORT globalref
-# define OPENSSL_GLOBAL globaldef
-#elif defined(OPENSSL_SYS_WINDOWS) && defined(OPENSSL_OPT_WINDLL)
-# define OPENSSL_EXPORT extern __declspec(dllexport)
-# define OPENSSL_IMPORT extern __declspec(dllimport)
-# define OPENSSL_GLOBAL
-#else
-# define OPENSSL_EXPORT extern
-# define OPENSSL_IMPORT extern
-# define OPENSSL_GLOBAL
-#endif
-#define OPENSSL_EXTERN OPENSSL_IMPORT
-
-/* Macros to allow global variables to be reached through function calls when
-   required (if a shared library version requires it, for example.
-   The way it's done allows definitions like this:
-
-	// in foobar.c
-	OPENSSL_IMPLEMENT_GLOBAL(int,foobar,0)
-	// in foobar.h
-	OPENSSL_DECLARE_GLOBAL(int,foobar);
-	#define foobar OPENSSL_GLOBAL_REF(foobar)
-*/
-#ifdef OPENSSL_EXPORT_VAR_AS_FUNCTION
-# define OPENSSL_IMPLEMENT_GLOBAL(type,name,value)			\
-	type *_shadow_##name(void)					\
-	{ static type _hide_##name=value; return &_hide_##name; }
-# define OPENSSL_DECLARE_GLOBAL(type,name) type *_shadow_##name(void)
-# define OPENSSL_GLOBAL_REF(name) (*(_shadow_##name()))
-#else
-# define OPENSSL_IMPLEMENT_GLOBAL(type,name,value) OPENSSL_GLOBAL type _shadow_##name=value;
-# define OPENSSL_DECLARE_GLOBAL(type,name) OPENSSL_EXPORT type _shadow_##name
-# define OPENSSL_GLOBAL_REF(name) _shadow_##name
-#endif
-
-#if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) && macintosh==1 && !defined(MAC_OS_GUSI_SOURCE)
-#  define ossl_ssize_t long
-#endif
-
-#ifdef OPENSSL_SYS_MSDOS
-#  define ossl_ssize_t long
-#endif
-
-#if defined(NeXT) || defined(OPENSSL_SYS_NEWS4) || defined(OPENSSL_SYS_SUNOS)
-#  define ssize_t int
-#endif
-
-#if defined(__ultrix) && !defined(ssize_t)
-#  define ossl_ssize_t int 
-#endif
-
-#ifndef ossl_ssize_t
-#  define ossl_ssize_t ssize_t
-#endif
-
-#ifdef  __cplusplus
-}
-#endif
-#endif

ext/bin/libcrypto/include/openssl/ebcdic.h

@@ -1,19 +0,0 @@
-/* crypto/ebcdic.h */
-
-#ifndef HEADER_EBCDIC_H
-#define HEADER_EBCDIC_H
-
-#include <sys/types.h>
-
-/* Avoid name clashes with other applications */
-#define os_toascii   _openssl_os_toascii
-#define os_toebcdic  _openssl_os_toebcdic
-#define ebcdic2ascii _openssl_ebcdic2ascii
-#define ascii2ebcdic _openssl_ascii2ebcdic
-
-extern const unsigned char os_toascii[256];
-extern const unsigned char os_toebcdic[256];
-void *ebcdic2ascii(void *dest, const void *srce, size_t count);
-void *ascii2ebcdic(void *dest, const void *srce, size_t count);
-
-#endif

ext/bin/libcrypto/include/openssl/ecdh.h

@@ -1,125 +0,0 @@
-/* crypto/ecdh/ecdh.h */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
- * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
- * to the OpenSSL project.
- *
- * The ECC Code is licensed pursuant to the OpenSSL open source
- * license provided below.
- *
- * The ECDH software is originally written by Douglas Stebila of
- * Sun Microsystems Laboratories.
- *
- */
-/* ====================================================================
- * Copyright (c) 2000-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#ifndef HEADER_ECDH_H
-#define HEADER_ECDH_H
-
-#include <openssl/opensslconf.h>
-
-#ifdef OPENSSL_NO_ECDH
-#error ECDH is disabled.
-#endif
-
-#include <openssl/ec.h>
-#include <openssl/ossl_typ.h>
-#ifndef OPENSSL_NO_DEPRECATED
-#include <openssl/bn.h>
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-const ECDH_METHOD *ECDH_OpenSSL(void);
-
-void	  ECDH_set_default_method(const ECDH_METHOD *);
-const ECDH_METHOD *ECDH_get_default_method(void);
-int 	  ECDH_set_method(EC_KEY *, const ECDH_METHOD *);
-
-int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
-                     void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen));
-
-int 	  ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new 
-		*new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int 	  ECDH_set_ex_data(EC_KEY *d, int idx, void *arg);
-void 	  *ECDH_get_ex_data(EC_KEY *d, int idx);
-
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_ECDH_strings(void);
-
-/* Error codes for the ECDH functions. */
-
-/* Function codes. */
-#define ECDH_F_ECDH_CHECK				 102
-#define ECDH_F_ECDH_COMPUTE_KEY				 100
-#define ECDH_F_ECDH_DATA_NEW_METHOD			 101
-
-/* Reason codes. */
-#define ECDH_R_KDF_FAILED				 102
-#define ECDH_R_NON_FIPS_METHOD				 103
-#define ECDH_R_NO_PRIVATE_VALUE				 100
-#define ECDH_R_POINT_ARITHMETIC_FAILURE			 101
-
-#ifdef  __cplusplus
-}
-#endif
-#endif

ext/bin/libcrypto/include/openssl/ecdsa.h

@@ -1,260 +0,0 @@
-/* crypto/ecdsa/ecdsa.h */
-/**
- * \file   crypto/ecdsa/ecdsa.h Include file for the OpenSSL ECDSA functions
- * \author Written by Nils Larsch for the OpenSSL project
- */
-/* ====================================================================
- * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#ifndef HEADER_ECDSA_H
-#define HEADER_ECDSA_H
-
-#include <openssl/opensslconf.h>
-
-#ifdef OPENSSL_NO_ECDSA
-#error ECDSA is disabled.
-#endif
-
-#include <openssl/ec.h>
-#include <openssl/ossl_typ.h>
-#ifndef OPENSSL_NO_DEPRECATED
-#include <openssl/bn.h>
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct ECDSA_SIG_st
-	{
-	BIGNUM *r;
-	BIGNUM *s;
-	} ECDSA_SIG;
-
-/** Allocates and initialize a ECDSA_SIG structure
- *  \return pointer to a ECDSA_SIG structure or NULL if an error occurred
- */
-ECDSA_SIG *ECDSA_SIG_new(void);
-
-/** frees a ECDSA_SIG structure
- *  \param  sig  pointer to the ECDSA_SIG structure
- */
-void	  ECDSA_SIG_free(ECDSA_SIG *sig);
-
-/** DER encode content of ECDSA_SIG object (note: this function modifies *pp
- *  (*pp += length of the DER encoded signature)).
- *  \param  sig  pointer to the ECDSA_SIG object
- *  \param  pp   pointer to a unsigned char pointer for the output or NULL
- *  \return the length of the DER encoded ECDSA_SIG object or 0 
- */
-int	  i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
-
-/** Decodes a DER encoded ECDSA signature (note: this function changes *pp
- *  (*pp += len)). 
- *  \param  sig  pointer to ECDSA_SIG pointer (may be NULL)
- *  \param  pp   memory buffer with the DER encoded signature
- *  \param  len  length of the buffer
- *  \return pointer to the decoded ECDSA_SIG structure (or NULL)
- */
-ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
-
-/** Computes the ECDSA signature of the given hash value using
- *  the supplied private key and returns the created signature.
- *  \param  dgst      pointer to the hash value
- *  \param  dgst_len  length of the hash value
- *  \param  eckey     EC_KEY object containing a private EC key
- *  \return pointer to a ECDSA_SIG structure or NULL if an error occurred
- */
-ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst,int dgst_len,EC_KEY *eckey);
-
-/** Computes ECDSA signature of a given hash value using the supplied
- *  private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
- *  \param  dgst     pointer to the hash value to sign
- *  \param  dgstlen  length of the hash value
- *  \param  kinv     BIGNUM with a pre-computed inverse k (optional)
- *  \param  rp       BIGNUM with a pre-computed rp value (optioanl), 
- *                   see ECDSA_sign_setup
- *  \param  eckey    EC_KEY object containing a private EC key
- *  \return pointer to a ECDSA_SIG structure or NULL if an error occurred
- */
-ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen, 
-		const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);
-
-/** Verifies that the supplied signature is a valid ECDSA
- *  signature of the supplied hash value using the supplied public key.
- *  \param  dgst      pointer to the hash value
- *  \param  dgst_len  length of the hash value
- *  \param  sig       ECDSA_SIG structure
- *  \param  eckey     EC_KEY object containing a public EC key
- *  \return 1 if the signature is valid, 0 if the signature is invalid
- *          and -1 on error
- */
-int	  ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
-		const ECDSA_SIG *sig, EC_KEY* eckey);
-
-const ECDSA_METHOD *ECDSA_OpenSSL(void);
-
-/** Sets the default ECDSA method
- *  \param  meth  new default ECDSA_METHOD
- */
-void	  ECDSA_set_default_method(const ECDSA_METHOD *meth);
-
-/** Returns the default ECDSA method
- *  \return pointer to ECDSA_METHOD structure containing the default method
- */
-const ECDSA_METHOD *ECDSA_get_default_method(void);
-
-/** Sets method to be used for the ECDSA operations
- *  \param  eckey  EC_KEY object
- *  \param  meth   new method
- *  \return 1 on success and 0 otherwise 
- */
-int 	  ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth);
-
-/** Returns the maximum length of the DER encoded signature
- *  \param  eckey  EC_KEY object
- *  \return numbers of bytes required for the DER encoded signature
- */
-int	  ECDSA_size(const EC_KEY *eckey);
-
-/** Precompute parts of the signing operation
- *  \param  eckey  EC_KEY object containing a private EC key
- *  \param  ctx    BN_CTX object (optional)
- *  \param  kinv   BIGNUM pointer for the inverse of k
- *  \param  rp     BIGNUM pointer for x coordinate of k * generator
- *  \return 1 on success and 0 otherwise
- */
-int 	  ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, 
-		BIGNUM **rp);
-
-/** Computes ECDSA signature of a given hash value using the supplied
- *  private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
- *  \param  type     this parameter is ignored
- *  \param  dgst     pointer to the hash value to sign
- *  \param  dgstlen  length of the hash value
- *  \param  sig      memory for the DER encoded created signature
- *  \param  siglen   pointer to the length of the returned signature
- *  \param  eckey    EC_KEY object containing a private EC key
- *  \return 1 on success and 0 otherwise
- */
-int	  ECDSA_sign(int type, const unsigned char *dgst, int dgstlen, 
-		unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
-
-
-/** Computes ECDSA signature of a given hash value using the supplied
- *  private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
- *  \param  type     this parameter is ignored
- *  \param  dgst     pointer to the hash value to sign
- *  \param  dgstlen  length of the hash value
- *  \param  sig      buffer to hold the DER encoded signature
- *  \param  siglen   pointer to the length of the returned signature
- *  \param  kinv     BIGNUM with a pre-computed inverse k (optional)
- *  \param  rp       BIGNUM with a pre-computed rp value (optioanl), 
- *                   see ECDSA_sign_setup
- *  \param  eckey    EC_KEY object containing a private EC key
- *  \return 1 on success and 0 otherwise
- */
-int	  ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen, 
-		unsigned char *sig, unsigned int *siglen, const BIGNUM *kinv,
-		const BIGNUM *rp, EC_KEY *eckey);
-
-/** Verifies that the given signature is valid ECDSA signature
- *  of the supplied hash value using the specified public key.
- *  \param  type     this parameter is ignored
- *  \param  dgst     pointer to the hash value 
- *  \param  dgstlen  length of the hash value
- *  \param  sig      pointer to the DER encoded signature
- *  \param  siglen   length of the DER encoded signature
- *  \param  eckey    EC_KEY object containing a public EC key
- *  \return 1 if the signature is valid, 0 if the signature is invalid
- *          and -1 on error
- */
-int 	  ECDSA_verify(int type, const unsigned char *dgst, int dgstlen, 
-		const unsigned char *sig, int siglen, EC_KEY *eckey);
-
-/* the standard ex_data functions */
-int 	  ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new 
-		*new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int 	  ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg);
-void 	  *ECDSA_get_ex_data(EC_KEY *d, int idx);
-
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_ECDSA_strings(void);
-
-/* Error codes for the ECDSA functions. */
-
-/* Function codes. */
-#define ECDSA_F_ECDSA_CHECK				 104
-#define ECDSA_F_ECDSA_DATA_NEW_METHOD			 100
-#define ECDSA_F_ECDSA_DO_SIGN				 101
-#define ECDSA_F_ECDSA_DO_VERIFY				 102
-#define ECDSA_F_ECDSA_SIGN_SETUP			 103
-
-/* Reason codes. */
-#define ECDSA_R_BAD_SIGNATURE				 100
-#define ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE		 101
-#define ECDSA_R_ERR_EC_LIB				 102
-#define ECDSA_R_MISSING_PARAMETERS			 103
-#define ECDSA_R_NEED_NEW_SETUP_VALUES			 106
-#define ECDSA_R_NON_FIPS_METHOD				 107
-#define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED		 104
-#define ECDSA_R_SIGNATURE_MALLOC_FAILED			 105
-
-#ifdef  __cplusplus
-}
-#endif
-#endif

ext/bin/libcrypto/include/openssl/engine.h

@@ -1,842 +0,0 @@
-/* openssl/engine.h */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECDH support in OpenSSL originally developed by 
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#ifndef HEADER_ENGINE_H
-#define HEADER_ENGINE_H
-
-#include <openssl/opensslconf.h>
-
-#ifdef OPENSSL_NO_ENGINE
-#error ENGINE is disabled.
-#endif
-
-#ifndef OPENSSL_NO_DEPRECATED
-#include <openssl/bn.h>
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_DH
-#include <openssl/dh.h>
-#endif
-#ifndef OPENSSL_NO_ECDH
-#include <openssl/ecdh.h>
-#endif
-#ifndef OPENSSL_NO_ECDSA
-#include <openssl/ecdsa.h>
-#endif
-#include <openssl/rand.h>
-#include <openssl/ui.h>
-#include <openssl/err.h>
-#endif
-
-#include <openssl/ossl_typ.h>
-#include <openssl/symhacks.h>
-
-#include <openssl/x509.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* These flags are used to control combinations of algorithm (methods)
- * by bitwise "OR"ing. */
-#define ENGINE_METHOD_RSA		(unsigned int)0x0001
-#define ENGINE_METHOD_DSA		(unsigned int)0x0002
-#define ENGINE_METHOD_DH		(unsigned int)0x0004
-#define ENGINE_METHOD_RAND		(unsigned int)0x0008
-#define ENGINE_METHOD_ECDH		(unsigned int)0x0010
-#define ENGINE_METHOD_ECDSA		(unsigned int)0x0020
-#define ENGINE_METHOD_CIPHERS		(unsigned int)0x0040
-#define ENGINE_METHOD_DIGESTS		(unsigned int)0x0080
-#define ENGINE_METHOD_STORE		(unsigned int)0x0100
-#define ENGINE_METHOD_PKEY_METHS	(unsigned int)0x0200
-#define ENGINE_METHOD_PKEY_ASN1_METHS	(unsigned int)0x0400
-/* Obvious all-or-nothing cases. */
-#define ENGINE_METHOD_ALL		(unsigned int)0xFFFF
-#define ENGINE_METHOD_NONE		(unsigned int)0x0000
-
-/* This(ese) flag(s) controls behaviour of the ENGINE_TABLE mechanism used
- * internally to control registration of ENGINE implementations, and can be set
- * by ENGINE_set_table_flags(). The "NOINIT" flag prevents attempts to
- * initialise registered ENGINEs if they are not already initialised. */
-#define ENGINE_TABLE_FLAG_NOINIT	(unsigned int)0x0001
-
-/* ENGINE flags that can be set by ENGINE_set_flags(). */
-/* #define ENGINE_FLAGS_MALLOCED	0x0001 */ /* Not used */
-
-/* This flag is for ENGINEs that wish to handle the various 'CMD'-related
- * control commands on their own. Without this flag, ENGINE_ctrl() handles these
- * control commands on behalf of the ENGINE using their "cmd_defns" data. */
-#define ENGINE_FLAGS_MANUAL_CMD_CTRL	(int)0x0002
-
-/* This flag is for ENGINEs who return new duplicate structures when found via
- * "ENGINE_by_id()". When an ENGINE must store state (eg. if ENGINE_ctrl()
- * commands are called in sequence as part of some stateful process like
- * key-generation setup and execution), it can set this flag - then each attempt
- * to obtain the ENGINE will result in it being copied into a new structure.
- * Normally, ENGINEs don't declare this flag so ENGINE_by_id() just increments
- * the existing ENGINE's structural reference count. */
-#define ENGINE_FLAGS_BY_ID_COPY		(int)0x0004
-
-/* This flag if for an ENGINE that does not want its methods registered as 
- * part of ENGINE_register_all_complete() for example if the methods are
- * not usable as default methods.
- */
-
-#define ENGINE_FLAGS_NO_REGISTER_ALL	(int)0x0008
-
-/* ENGINEs can support their own command types, and these flags are used in
- * ENGINE_CTRL_GET_CMD_FLAGS to indicate to the caller what kind of input each
- * command expects. Currently only numeric and string input is supported. If a
- * control command supports none of the _NUMERIC, _STRING, or _NO_INPUT options,
- * then it is regarded as an "internal" control command - and not for use in
- * config setting situations. As such, they're not available to the
- * ENGINE_ctrl_cmd_string() function, only raw ENGINE_ctrl() access. Changes to
- * this list of 'command types' should be reflected carefully in
- * ENGINE_cmd_is_executable() and ENGINE_ctrl_cmd_string(). */
-
-/* accepts a 'long' input value (3rd parameter to ENGINE_ctrl) */
-#define ENGINE_CMD_FLAG_NUMERIC		(unsigned int)0x0001
-/* accepts string input (cast from 'void*' to 'const char *', 4th parameter to
- * ENGINE_ctrl) */
-#define ENGINE_CMD_FLAG_STRING		(unsigned int)0x0002
-/* Indicates that the control command takes *no* input. Ie. the control command
- * is unparameterised. */
-#define ENGINE_CMD_FLAG_NO_INPUT	(unsigned int)0x0004
-/* Indicates that the control command is internal. This control command won't
- * be shown in any output, and is only usable through the ENGINE_ctrl_cmd()
- * function. */
-#define ENGINE_CMD_FLAG_INTERNAL	(unsigned int)0x0008
-
-/* NB: These 3 control commands are deprecated and should not be used. ENGINEs
- * relying on these commands should compile conditional support for
- * compatibility (eg. if these symbols are defined) but should also migrate the
- * same functionality to their own ENGINE-specific control functions that can be
- * "discovered" by calling applications. The fact these control commands
- * wouldn't be "executable" (ie. usable by text-based config) doesn't change the
- * fact that application code can find and use them without requiring per-ENGINE
- * hacking. */
-
-/* These flags are used to tell the ctrl function what should be done.
- * All command numbers are shared between all engines, even if some don't
- * make sense to some engines.  In such a case, they do nothing but return
- * the error ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED. */
-#define ENGINE_CTRL_SET_LOGSTREAM		1
-#define ENGINE_CTRL_SET_PASSWORD_CALLBACK	2
-#define ENGINE_CTRL_HUP				3 /* Close and reinitialise any
-						     handles/connections etc. */
-#define ENGINE_CTRL_SET_USER_INTERFACE          4 /* Alternative to callback */
-#define ENGINE_CTRL_SET_CALLBACK_DATA           5 /* User-specific data, used
-						     when calling the password
-						     callback and the user
-						     interface */
-#define ENGINE_CTRL_LOAD_CONFIGURATION		6 /* Load a configuration, given
-						     a string that represents a
-						     file name or so */
-#define ENGINE_CTRL_LOAD_SECTION		7 /* Load data from a given
-						     section in the already loaded
-						     configuration */
-
-/* These control commands allow an application to deal with an arbitrary engine
- * in a dynamic way. Warn: Negative return values indicate errors FOR THESE
- * COMMANDS because zero is used to indicate 'end-of-list'. Other commands,
- * including ENGINE-specific command types, return zero for an error.
- *
- * An ENGINE can choose to implement these ctrl functions, and can internally
- * manage things however it chooses - it does so by setting the
- * ENGINE_FLAGS_MANUAL_CMD_CTRL flag (using ENGINE_set_flags()). Otherwise the
- * ENGINE_ctrl() code handles this on the ENGINE's behalf using the cmd_defns
- * data (set using ENGINE_set_cmd_defns()). This means an ENGINE's ctrl()
- * handler need only implement its own commands - the above "meta" commands will
- * be taken care of. */
-
-/* Returns non-zero if the supplied ENGINE has a ctrl() handler. If "not", then
- * all the remaining control commands will return failure, so it is worth
- * checking this first if the caller is trying to "discover" the engine's
- * capabilities and doesn't want errors generated unnecessarily. */
-#define ENGINE_CTRL_HAS_CTRL_FUNCTION		10
-/* Returns a positive command number for the first command supported by the
- * engine. Returns zero if no ctrl commands are supported. */
-#define ENGINE_CTRL_GET_FIRST_CMD_TYPE		11
-/* The 'long' argument specifies a command implemented by the engine, and the
- * return value is the next command supported, or zero if there are no more. */
-#define ENGINE_CTRL_GET_NEXT_CMD_TYPE		12
-/* The 'void*' argument is a command name (cast from 'const char *'), and the
- * return value is the command that corresponds to it. */
-#define ENGINE_CTRL_GET_CMD_FROM_NAME		13
-/* The next two allow a command to be converted into its corresponding string
- * form. In each case, the 'long' argument supplies the command. In the NAME_LEN
- * case, the return value is the length of the command name (not counting a
- * trailing EOL). In the NAME case, the 'void*' argument must be a string buffer
- * large enough, and it will be populated with the name of the command (WITH a
- * trailing EOL). */
-#define ENGINE_CTRL_GET_NAME_LEN_FROM_CMD	14
-#define ENGINE_CTRL_GET_NAME_FROM_CMD		15
-/* The next two are similar but give a "short description" of a command. */
-#define ENGINE_CTRL_GET_DESC_LEN_FROM_CMD	16
-#define ENGINE_CTRL_GET_DESC_FROM_CMD		17
-/* With this command, the return value is the OR'd combination of
- * ENGINE_CMD_FLAG_*** values that indicate what kind of input a given
- * engine-specific ctrl command expects. */
-#define ENGINE_CTRL_GET_CMD_FLAGS		18
-
-/* ENGINE implementations should start the numbering of their own control
- * commands from this value. (ie. ENGINE_CMD_BASE, ENGINE_CMD_BASE + 1, etc). */
-#define ENGINE_CMD_BASE				200
-
-/* NB: These 2 nCipher "chil" control commands are deprecated, and their
- * functionality is now available through ENGINE-specific control commands
- * (exposed through the above-mentioned 'CMD'-handling). Code using these 2
- * commands should be migrated to the more general command handling before these
- * are removed. */
-
-/* Flags specific to the nCipher "chil" engine */
-#define ENGINE_CTRL_CHIL_SET_FORKCHECK		100
-	/* Depending on the value of the (long)i argument, this sets or
-	 * unsets the SimpleForkCheck flag in the CHIL API to enable or
-	 * disable checking and workarounds for applications that fork().
-	 */
-#define ENGINE_CTRL_CHIL_NO_LOCKING		101
-	/* This prevents the initialisation function from providing mutex
-	 * callbacks to the nCipher library. */
-
-/* If an ENGINE supports its own specific control commands and wishes the
- * framework to handle the above 'ENGINE_CMD_***'-manipulation commands on its
- * behalf, it should supply a null-terminated array of ENGINE_CMD_DEFN entries
- * to ENGINE_set_cmd_defns(). It should also implement a ctrl() handler that
- * supports the stated commands (ie. the "cmd_num" entries as described by the
- * array). NB: The array must be ordered in increasing order of cmd_num.
- * "null-terminated" means that the last ENGINE_CMD_DEFN element has cmd_num set
- * to zero and/or cmd_name set to NULL. */
-typedef struct ENGINE_CMD_DEFN_st
-	{
-	unsigned int cmd_num; /* The command number */
-	const char *cmd_name; /* The command name itself */
-	const char *cmd_desc; /* A short description of the command */
-	unsigned int cmd_flags; /* The input the command expects */
-	} ENGINE_CMD_DEFN;
-
-/* Generic function pointer */
-typedef int (*ENGINE_GEN_FUNC_PTR)(void);
-/* Generic function pointer taking no arguments */
-typedef int (*ENGINE_GEN_INT_FUNC_PTR)(ENGINE *);
-/* Specific control function pointer */
-typedef int (*ENGINE_CTRL_FUNC_PTR)(ENGINE *, int, long, void *, void (*f)(void));
-/* Generic load_key function pointer */
-typedef EVP_PKEY * (*ENGINE_LOAD_KEY_PTR)(ENGINE *, const char *,
-	UI_METHOD *ui_method, void *callback_data);
-typedef int (*ENGINE_SSL_CLIENT_CERT_PTR)(ENGINE *, SSL *ssl,
-	STACK_OF(X509_NAME) *ca_dn, X509 **pcert, EVP_PKEY **pkey,
-	STACK_OF(X509) **pother, UI_METHOD *ui_method, void *callback_data);
-/* These callback types are for an ENGINE's handler for cipher and digest logic.
- * These handlers have these prototypes;
- *   int foo(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid);
- *   int foo(ENGINE *e, const EVP_MD **digest, const int **nids, int nid);
- * Looking at how to implement these handlers in the case of cipher support, if
- * the framework wants the EVP_CIPHER for 'nid', it will call;
- *   foo(e, &p_evp_cipher, NULL, nid);    (return zero for failure)
- * If the framework wants a list of supported 'nid's, it will call;
- *   foo(e, NULL, &p_nids, 0); (returns number of 'nids' or -1 for error)
- */
-/* Returns to a pointer to the array of supported cipher 'nid's. If the second
- * parameter is non-NULL it is set to the size of the returned array. */
-typedef int (*ENGINE_CIPHERS_PTR)(ENGINE *, const EVP_CIPHER **, const int **, int);
-typedef int (*ENGINE_DIGESTS_PTR)(ENGINE *, const EVP_MD **, const int **, int);
-typedef int (*ENGINE_PKEY_METHS_PTR)(ENGINE *, EVP_PKEY_METHOD **, const int **, int);
-typedef int (*ENGINE_PKEY_ASN1_METHS_PTR)(ENGINE *, EVP_PKEY_ASN1_METHOD **, const int **, int);
-/* STRUCTURE functions ... all of these functions deal with pointers to ENGINE
- * structures where the pointers have a "structural reference". This means that
- * their reference is to allowed access to the structure but it does not imply
- * that the structure is functional. To simply increment or decrement the
- * structural reference count, use ENGINE_by_id and ENGINE_free. NB: This is not
- * required when iterating using ENGINE_get_next as it will automatically
- * decrement the structural reference count of the "current" ENGINE and
- * increment the structural reference count of the ENGINE it returns (unless it
- * is NULL). */
-
-/* Get the first/last "ENGINE" type available. */
-ENGINE *ENGINE_get_first(void);
-ENGINE *ENGINE_get_last(void);
-/* Iterate to the next/previous "ENGINE" type (NULL = end of the list). */
-ENGINE *ENGINE_get_next(ENGINE *e);
-ENGINE *ENGINE_get_prev(ENGINE *e);
-/* Add another "ENGINE" type into the array. */
-int ENGINE_add(ENGINE *e);
-/* Remove an existing "ENGINE" type from the array. */
-int ENGINE_remove(ENGINE *e);
-/* Retrieve an engine from the list by its unique "id" value. */
-ENGINE *ENGINE_by_id(const char *id);
-/* Add all the built-in engines. */
-void ENGINE_load_openssl(void);
-void ENGINE_load_dynamic(void);
-#ifndef OPENSSL_NO_STATIC_ENGINE
-void ENGINE_load_4758cca(void);
-void ENGINE_load_aep(void);
-void ENGINE_load_atalla(void);
-void ENGINE_load_chil(void);
-void ENGINE_load_cswift(void);
-void ENGINE_load_nuron(void);
-void ENGINE_load_sureware(void);
-void ENGINE_load_ubsec(void);
-void ENGINE_load_padlock(void);
-void ENGINE_load_capi(void);
-#ifndef OPENSSL_NO_GMP
-void ENGINE_load_gmp(void);
-#endif
-#ifndef OPENSSL_NO_GOST
-void ENGINE_load_gost(void);
-#endif
-#endif
-void ENGINE_load_cryptodev(void);
-void ENGINE_load_rsax(void);
-void ENGINE_load_rdrand(void);
-void ENGINE_load_builtin_engines(void);
-
-/* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation
- * "registry" handling. */
-unsigned int ENGINE_get_table_flags(void);
-void ENGINE_set_table_flags(unsigned int flags);
-
-/* Manage registration of ENGINEs per "table". For each type, there are 3
- * functions;
- *   ENGINE_register_***(e) - registers the implementation from 'e' (if it has one)
- *   ENGINE_unregister_***(e) - unregister the implementation from 'e'
- *   ENGINE_register_all_***() - call ENGINE_register_***() for each 'e' in the list
- * Cleanup is automatically registered from each table when required, so
- * ENGINE_cleanup() will reverse any "register" operations. */
-
-int ENGINE_register_RSA(ENGINE *e);
-void ENGINE_unregister_RSA(ENGINE *e);
-void ENGINE_register_all_RSA(void);
-
-int ENGINE_register_DSA(ENGINE *e);
-void ENGINE_unregister_DSA(ENGINE *e);
-void ENGINE_register_all_DSA(void);
-
-int ENGINE_register_ECDH(ENGINE *e);
-void ENGINE_unregister_ECDH(ENGINE *e);
-void ENGINE_register_all_ECDH(void);
-
-int ENGINE_register_ECDSA(ENGINE *e);
-void ENGINE_unregister_ECDSA(ENGINE *e);
-void ENGINE_register_all_ECDSA(void);
-
-int ENGINE_register_DH(ENGINE *e);
-void ENGINE_unregister_DH(ENGINE *e);
-void ENGINE_register_all_DH(void);
-
-int ENGINE_register_RAND(ENGINE *e);
-void ENGINE_unregister_RAND(ENGINE *e);
-void ENGINE_register_all_RAND(void);
-
-int ENGINE_register_STORE(ENGINE *e);
-void ENGINE_unregister_STORE(ENGINE *e);
-void ENGINE_register_all_STORE(void);
-
-int ENGINE_register_ciphers(ENGINE *e);
-void ENGINE_unregister_ciphers(ENGINE *e);
-void ENGINE_register_all_ciphers(void);
-
-int ENGINE_register_digests(ENGINE *e);
-void ENGINE_unregister_digests(ENGINE *e);
-void ENGINE_register_all_digests(void);
-
-int ENGINE_register_pkey_meths(ENGINE *e);
-void ENGINE_unregister_pkey_meths(ENGINE *e);
-void ENGINE_register_all_pkey_meths(void);
-
-int ENGINE_register_pkey_asn1_meths(ENGINE *e);
-void ENGINE_unregister_pkey_asn1_meths(ENGINE *e);
-void ENGINE_register_all_pkey_asn1_meths(void);
-
-/* These functions register all support from the above categories. Note, use of
- * these functions can result in static linkage of code your application may not
- * need. If you only need a subset of functionality, consider using more
- * selective initialisation. */
-int ENGINE_register_complete(ENGINE *e);
-int ENGINE_register_all_complete(void);
-
-/* Send parametrised control commands to the engine. The possibilities to send
- * down an integer, a pointer to data or a function pointer are provided. Any of
- * the parameters may or may not be NULL, depending on the command number. In
- * actuality, this function only requires a structural (rather than functional)
- * reference to an engine, but many control commands may require the engine be
- * functional. The caller should be aware of trying commands that require an
- * operational ENGINE, and only use functional references in such situations. */
-int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
-
-/* This function tests if an ENGINE-specific command is usable as a "setting".
- * Eg. in an application's config file that gets processed through
- * ENGINE_ctrl_cmd_string(). If this returns zero, it is not available to
- * ENGINE_ctrl_cmd_string(), only ENGINE_ctrl(). */
-int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
-
-/* This function works like ENGINE_ctrl() with the exception of taking a
- * command name instead of a command number, and can handle optional commands.
- * See the comment on ENGINE_ctrl_cmd_string() for an explanation on how to
- * use the cmd_name and cmd_optional. */
-int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
-        long i, void *p, void (*f)(void), int cmd_optional);
-
-/* This function passes a command-name and argument to an ENGINE. The cmd_name
- * is converted to a command number and the control command is called using
- * 'arg' as an argument (unless the ENGINE doesn't support such a command, in
- * which case no control command is called). The command is checked for input
- * flags, and if necessary the argument will be converted to a numeric value. If
- * cmd_optional is non-zero, then if the ENGINE doesn't support the given
- * cmd_name the return value will be success anyway. This function is intended
- * for applications to use so that users (or config files) can supply
- * engine-specific config data to the ENGINE at run-time to control behaviour of
- * specific engines. As such, it shouldn't be used for calling ENGINE_ctrl()
- * functions that return data, deal with binary data, or that are otherwise
- * supposed to be used directly through ENGINE_ctrl() in application code. Any
- * "return" data from an ENGINE_ctrl() operation in this function will be lost -
- * the return value is interpreted as failure if the return value is zero,
- * success otherwise, and this function returns a boolean value as a result. In
- * other words, vendors of 'ENGINE'-enabled devices should write ENGINE
- * implementations with parameterisations that work in this scheme, so that
- * compliant ENGINE-based applications can work consistently with the same
- * configuration for the same ENGINE-enabled devices, across applications. */
-int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
-				int cmd_optional);
-
-/* These functions are useful for manufacturing new ENGINE structures. They
- * don't address reference counting at all - one uses them to populate an ENGINE
- * structure with personalised implementations of things prior to using it
- * directly or adding it to the builtin ENGINE list in OpenSSL. These are also
- * here so that the ENGINE structure doesn't have to be exposed and break binary
- * compatibility! */
-ENGINE *ENGINE_new(void);
-int ENGINE_free(ENGINE *e);
-int ENGINE_up_ref(ENGINE *e);
-int ENGINE_set_id(ENGINE *e, const char *id);
-int ENGINE_set_name(ENGINE *e, const char *name);
-int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
-int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
-int ENGINE_set_ECDH(ENGINE *e, const ECDH_METHOD *ecdh_meth);
-int ENGINE_set_ECDSA(ENGINE *e, const ECDSA_METHOD *ecdsa_meth);
-int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
-int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
-int ENGINE_set_STORE(ENGINE *e, const STORE_METHOD *store_meth);
-int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
-int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
-int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
-int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
-int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
-int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
-int ENGINE_set_load_ssl_client_cert_function(ENGINE *e,
-				ENGINE_SSL_CLIENT_CERT_PTR loadssl_f);
-int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
-int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
-int ENGINE_set_pkey_meths(ENGINE *e, ENGINE_PKEY_METHS_PTR f);
-int ENGINE_set_pkey_asn1_meths(ENGINE *e, ENGINE_PKEY_ASN1_METHS_PTR f);
-int ENGINE_set_flags(ENGINE *e, int flags);
-int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
-/* These functions allow control over any per-structure ENGINE data. */
-int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-		CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg);
-void *ENGINE_get_ex_data(const ENGINE *e, int idx);
-
-/* This function cleans up anything that needs it. Eg. the ENGINE_add() function
- * automatically ensures the list cleanup function is registered to be called
- * from ENGINE_cleanup(). Similarly, all ENGINE_register_*** functions ensure
- * ENGINE_cleanup() will clean up after them. */
-void ENGINE_cleanup(void);
-
-/* These return values from within the ENGINE structure. These can be useful
- * with functional references as well as structural references - it depends
- * which you obtained. Using the result for functional purposes if you only
- * obtained a structural reference may be problematic! */
-const char *ENGINE_get_id(const ENGINE *e);
-const char *ENGINE_get_name(const ENGINE *e);
-const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
-const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
-const ECDH_METHOD *ENGINE_get_ECDH(const ENGINE *e);
-const ECDSA_METHOD *ENGINE_get_ECDSA(const ENGINE *e);
-const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
-const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
-const STORE_METHOD *ENGINE_get_STORE(const ENGINE *e);
-ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
-ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
-ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
-ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
-ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
-ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
-ENGINE_SSL_CLIENT_CERT_PTR ENGINE_get_ssl_client_cert_function(const ENGINE *e);
-ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
-ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
-ENGINE_PKEY_METHS_PTR ENGINE_get_pkey_meths(const ENGINE *e);
-ENGINE_PKEY_ASN1_METHS_PTR ENGINE_get_pkey_asn1_meths(const ENGINE *e);
-const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
-const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
-const EVP_PKEY_METHOD *ENGINE_get_pkey_meth(ENGINE *e, int nid);
-const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth(ENGINE *e, int nid);
-const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth_str(ENGINE *e,
-					const char *str, int len);
-const EVP_PKEY_ASN1_METHOD *ENGINE_pkey_asn1_find_str(ENGINE **pe,
-					const char *str, int len);
-const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
-int ENGINE_get_flags(const ENGINE *e);
-
-/* FUNCTIONAL functions. These functions deal with ENGINE structures
- * that have (or will) be initialised for use. Broadly speaking, the
- * structural functions are useful for iterating the list of available
- * engine types, creating new engine types, and other "list" operations.
- * These functions actually deal with ENGINEs that are to be used. As
- * such these functions can fail (if applicable) when particular
- * engines are unavailable - eg. if a hardware accelerator is not
- * attached or not functioning correctly. Each ENGINE has 2 reference
- * counts; structural and functional. Every time a functional reference
- * is obtained or released, a corresponding structural reference is
- * automatically obtained or released too. */
-
-/* Initialise a engine type for use (or up its reference count if it's
- * already in use). This will fail if the engine is not currently
- * operational and cannot initialise. */
-int ENGINE_init(ENGINE *e);
-/* Free a functional reference to a engine type. This does not require
- * a corresponding call to ENGINE_free as it also releases a structural
- * reference. */
-int ENGINE_finish(ENGINE *e);
-
-/* The following functions handle keys that are stored in some secondary
- * location, handled by the engine.  The storage may be on a card or
- * whatever. */
-EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
-	UI_METHOD *ui_method, void *callback_data);
-EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
-	UI_METHOD *ui_method, void *callback_data);
-int ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s,
-	STACK_OF(X509_NAME) *ca_dn, X509 **pcert, EVP_PKEY **ppkey,
-	STACK_OF(X509) **pother,
-	UI_METHOD *ui_method, void *callback_data);
-
-/* This returns a pointer for the current ENGINE structure that
- * is (by default) performing any RSA operations. The value returned
- * is an incremented reference, so it should be free'd (ENGINE_finish)
- * before it is discarded. */
-ENGINE *ENGINE_get_default_RSA(void);
-/* Same for the other "methods" */
-ENGINE *ENGINE_get_default_DSA(void);
-ENGINE *ENGINE_get_default_ECDH(void);
-ENGINE *ENGINE_get_default_ECDSA(void);
-ENGINE *ENGINE_get_default_DH(void);
-ENGINE *ENGINE_get_default_RAND(void);
-/* These functions can be used to get a functional reference to perform
- * ciphering or digesting corresponding to "nid". */
-ENGINE *ENGINE_get_cipher_engine(int nid);
-ENGINE *ENGINE_get_digest_engine(int nid);
-ENGINE *ENGINE_get_pkey_meth_engine(int nid);
-ENGINE *ENGINE_get_pkey_asn1_meth_engine(int nid);
-
-/* This sets a new default ENGINE structure for performing RSA
- * operations. If the result is non-zero (success) then the ENGINE
- * structure will have had its reference count up'd so the caller
- * should still free their own reference 'e'. */
-int ENGINE_set_default_RSA(ENGINE *e);
-int ENGINE_set_default_string(ENGINE *e, const char *def_list);
-/* Same for the other "methods" */
-int ENGINE_set_default_DSA(ENGINE *e);
-int ENGINE_set_default_ECDH(ENGINE *e);
-int ENGINE_set_default_ECDSA(ENGINE *e);
-int ENGINE_set_default_DH(ENGINE *e);
-int ENGINE_set_default_RAND(ENGINE *e);
-int ENGINE_set_default_ciphers(ENGINE *e);
-int ENGINE_set_default_digests(ENGINE *e);
-int ENGINE_set_default_pkey_meths(ENGINE *e);
-int ENGINE_set_default_pkey_asn1_meths(ENGINE *e);
-
-/* The combination "set" - the flags are bitwise "OR"d from the
- * ENGINE_METHOD_*** defines above. As with the "ENGINE_register_complete()"
- * function, this function can result in unnecessary static linkage. If your
- * application requires only specific functionality, consider using more
- * selective functions. */
-int ENGINE_set_default(ENGINE *e, unsigned int flags);
-
-void ENGINE_add_conf_module(void);
-
-/* Deprecated functions ... */
-/* int ENGINE_clear_defaults(void); */
-
-/**************************/
-/* DYNAMIC ENGINE SUPPORT */
-/**************************/
-
-/* Binary/behaviour compatibility levels */
-#define OSSL_DYNAMIC_VERSION		(unsigned long)0x00020000
-/* Binary versions older than this are too old for us (whether we're a loader or
- * a loadee) */
-#define OSSL_DYNAMIC_OLDEST		(unsigned long)0x00020000
-
-/* When compiling an ENGINE entirely as an external shared library, loadable by
- * the "dynamic" ENGINE, these types are needed. The 'dynamic_fns' structure
- * type provides the calling application's (or library's) error functionality
- * and memory management function pointers to the loaded library. These should
- * be used/set in the loaded library code so that the loading application's
- * 'state' will be used/changed in all operations. The 'static_state' pointer
- * allows the loaded library to know if it shares the same static data as the
- * calling application (or library), and thus whether these callbacks need to be
- * set or not. */
-typedef void *(*dyn_MEM_malloc_cb)(size_t);
-typedef void *(*dyn_MEM_realloc_cb)(void *, size_t);
-typedef void (*dyn_MEM_free_cb)(void *);
-typedef struct st_dynamic_MEM_fns {
-	dyn_MEM_malloc_cb			malloc_cb;
-	dyn_MEM_realloc_cb			realloc_cb;
-	dyn_MEM_free_cb				free_cb;
-	} dynamic_MEM_fns;
-/* FIXME: Perhaps the memory and locking code (crypto.h) should declare and use
- * these types so we (and any other dependant code) can simplify a bit?? */
-typedef void (*dyn_lock_locking_cb)(int,int,const char *,int);
-typedef int (*dyn_lock_add_lock_cb)(int*,int,int,const char *,int);
-typedef struct CRYPTO_dynlock_value *(*dyn_dynlock_create_cb)(
-						const char *,int);
-typedef void (*dyn_dynlock_lock_cb)(int,struct CRYPTO_dynlock_value *,
-						const char *,int);
-typedef void (*dyn_dynlock_destroy_cb)(struct CRYPTO_dynlock_value *,
-						const char *,int);
-typedef struct st_dynamic_LOCK_fns {
-	dyn_lock_locking_cb			lock_locking_cb;
-	dyn_lock_add_lock_cb			lock_add_lock_cb;
-	dyn_dynlock_create_cb			dynlock_create_cb;
-	dyn_dynlock_lock_cb			dynlock_lock_cb;
-	dyn_dynlock_destroy_cb			dynlock_destroy_cb;
-	} dynamic_LOCK_fns;
-/* The top-level structure */
-typedef struct st_dynamic_fns {
-	void 					*static_state;
-	const ERR_FNS				*err_fns;
-	const CRYPTO_EX_DATA_IMPL		*ex_data_fns;
-	dynamic_MEM_fns				mem_fns;
-	dynamic_LOCK_fns			lock_fns;
-	} dynamic_fns;
-
-/* The version checking function should be of this prototype. NB: The
- * ossl_version value passed in is the OSSL_DYNAMIC_VERSION of the loading code.
- * If this function returns zero, it indicates a (potential) version
- * incompatibility and the loaded library doesn't believe it can proceed.
- * Otherwise, the returned value is the (latest) version supported by the
- * loading library. The loader may still decide that the loaded code's version
- * is unsatisfactory and could veto the load. The function is expected to
- * be implemented with the symbol name "v_check", and a default implementation
- * can be fully instantiated with IMPLEMENT_DYNAMIC_CHECK_FN(). */
-typedef unsigned long (*dynamic_v_check_fn)(unsigned long ossl_version);
-#define IMPLEMENT_DYNAMIC_CHECK_FN() \
-	OPENSSL_EXPORT unsigned long v_check(unsigned long v); \
-	OPENSSL_EXPORT unsigned long v_check(unsigned long v) { \
-		if(v >= OSSL_DYNAMIC_OLDEST) return OSSL_DYNAMIC_VERSION; \
-		return 0; }
-
-/* This function is passed the ENGINE structure to initialise with its own
- * function and command settings. It should not adjust the structural or
- * functional reference counts. If this function returns zero, (a) the load will
- * be aborted, (b) the previous ENGINE state will be memcpy'd back onto the
- * structure, and (c) the shared library will be unloaded. So implementations
- * should do their own internal cleanup in failure circumstances otherwise they
- * could leak. The 'id' parameter, if non-NULL, represents the ENGINE id that
- * the loader is looking for. If this is NULL, the shared library can choose to
- * return failure or to initialise a 'default' ENGINE. If non-NULL, the shared
- * library must initialise only an ENGINE matching the passed 'id'. The function
- * is expected to be implemented with the symbol name "bind_engine". A standard
- * implementation can be instantiated with IMPLEMENT_DYNAMIC_BIND_FN(fn) where
- * the parameter 'fn' is a callback function that populates the ENGINE structure
- * and returns an int value (zero for failure). 'fn' should have prototype;
- *    [static] int fn(ENGINE *e, const char *id); */
-typedef int (*dynamic_bind_engine)(ENGINE *e, const char *id,
-				const dynamic_fns *fns);
-#define IMPLEMENT_DYNAMIC_BIND_FN(fn) \
-	OPENSSL_EXPORT \
-	int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns); \
-	OPENSSL_EXPORT \
-	int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \
-		if(ENGINE_get_static_state() == fns->static_state) goto skip_cbs; \
-		if(!CRYPTO_set_mem_functions(fns->mem_fns.malloc_cb, \
-			fns->mem_fns.realloc_cb, fns->mem_fns.free_cb)) \
-			return 0; \
-		CRYPTO_set_locking_callback(fns->lock_fns.lock_locking_cb); \
-		CRYPTO_set_add_lock_callback(fns->lock_fns.lock_add_lock_cb); \
-		CRYPTO_set_dynlock_create_callback(fns->lock_fns.dynlock_create_cb); \
-		CRYPTO_set_dynlock_lock_callback(fns->lock_fns.dynlock_lock_cb); \
-		CRYPTO_set_dynlock_destroy_callback(fns->lock_fns.dynlock_destroy_cb); \
-		if(!CRYPTO_set_ex_data_implementation(fns->ex_data_fns)) \
-			return 0; \
-		if(!ERR_set_implementation(fns->err_fns)) return 0; \
-	skip_cbs: \
-		if(!fn(e,id)) return 0; \
-		return 1; }
-
-/* If the loading application (or library) and the loaded ENGINE library share
- * the same static data (eg. they're both dynamically linked to the same
- * libcrypto.so) we need a way to avoid trying to set system callbacks - this
- * would fail, and for the same reason that it's unnecessary to try. If the
- * loaded ENGINE has (or gets from through the loader) its own copy of the
- * libcrypto static data, we will need to set the callbacks. The easiest way to
- * detect this is to have a function that returns a pointer to some static data
- * and let the loading application and loaded ENGINE compare their respective
- * values. */
-void *ENGINE_get_static_state(void);
-
-#if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)
-void ENGINE_setup_bsd_cryptodev(void);
-#endif
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_ENGINE_strings(void);
-
-/* Error codes for the ENGINE functions. */
-
-/* Function codes. */
-#define ENGINE_F_DYNAMIC_CTRL				 180
-#define ENGINE_F_DYNAMIC_GET_DATA_CTX			 181
-#define ENGINE_F_DYNAMIC_LOAD				 182
-#define ENGINE_F_DYNAMIC_SET_DATA_CTX			 183
-#define ENGINE_F_ENGINE_ADD				 105
-#define ENGINE_F_ENGINE_BY_ID				 106
-#define ENGINE_F_ENGINE_CMD_IS_EXECUTABLE		 170
-#define ENGINE_F_ENGINE_CTRL				 142
-#define ENGINE_F_ENGINE_CTRL_CMD			 178
-#define ENGINE_F_ENGINE_CTRL_CMD_STRING			 171
-#define ENGINE_F_ENGINE_FINISH				 107
-#define ENGINE_F_ENGINE_FREE_UTIL			 108
-#define ENGINE_F_ENGINE_GET_CIPHER			 185
-#define ENGINE_F_ENGINE_GET_DEFAULT_TYPE		 177
-#define ENGINE_F_ENGINE_GET_DIGEST			 186
-#define ENGINE_F_ENGINE_GET_NEXT			 115
-#define ENGINE_F_ENGINE_GET_PKEY_ASN1_METH		 193
-#define ENGINE_F_ENGINE_GET_PKEY_METH			 192
-#define ENGINE_F_ENGINE_GET_PREV			 116
-#define ENGINE_F_ENGINE_INIT				 119
-#define ENGINE_F_ENGINE_LIST_ADD			 120
-#define ENGINE_F_ENGINE_LIST_REMOVE			 121
-#define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY		 150
-#define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY			 151
-#define ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT		 194
-#define ENGINE_F_ENGINE_NEW				 122
-#define ENGINE_F_ENGINE_REMOVE				 123
-#define ENGINE_F_ENGINE_SET_DEFAULT_STRING		 189
-#define ENGINE_F_ENGINE_SET_DEFAULT_TYPE		 126
-#define ENGINE_F_ENGINE_SET_ID				 129
-#define ENGINE_F_ENGINE_SET_NAME			 130
-#define ENGINE_F_ENGINE_TABLE_REGISTER			 184
-#define ENGINE_F_ENGINE_UNLOAD_KEY			 152
-#define ENGINE_F_ENGINE_UNLOCKED_FINISH			 191
-#define ENGINE_F_ENGINE_UP_REF				 190
-#define ENGINE_F_INT_CTRL_HELPER			 172
-#define ENGINE_F_INT_ENGINE_CONFIGURE			 188
-#define ENGINE_F_INT_ENGINE_MODULE_INIT			 187
-#define ENGINE_F_LOG_MESSAGE				 141
-
-/* Reason codes. */
-#define ENGINE_R_ALREADY_LOADED				 100
-#define ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER		 133
-#define ENGINE_R_CMD_NOT_EXECUTABLE			 134
-#define ENGINE_R_COMMAND_TAKES_INPUT			 135
-#define ENGINE_R_COMMAND_TAKES_NO_INPUT			 136
-#define ENGINE_R_CONFLICTING_ENGINE_ID			 103
-#define ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED		 119
-#define ENGINE_R_DH_NOT_IMPLEMENTED			 139
-#define ENGINE_R_DSA_NOT_IMPLEMENTED			 140
-#define ENGINE_R_DSO_FAILURE				 104
-#define ENGINE_R_DSO_NOT_FOUND				 132
-#define ENGINE_R_ENGINES_SECTION_ERROR			 148
-#define ENGINE_R_ENGINE_CONFIGURATION_ERROR		 102
-#define ENGINE_R_ENGINE_IS_NOT_IN_LIST			 105
-#define ENGINE_R_ENGINE_SECTION_ERROR			 149
-#define ENGINE_R_FAILED_LOADING_PRIVATE_KEY		 128
-#define ENGINE_R_FAILED_LOADING_PUBLIC_KEY		 129
-#define ENGINE_R_FINISH_FAILED				 106
-#define ENGINE_R_GET_HANDLE_FAILED			 107
-#define ENGINE_R_ID_OR_NAME_MISSING			 108
-#define ENGINE_R_INIT_FAILED				 109
-#define ENGINE_R_INTERNAL_LIST_ERROR			 110
-#define ENGINE_R_INVALID_ARGUMENT			 143
-#define ENGINE_R_INVALID_CMD_NAME			 137
-#define ENGINE_R_INVALID_CMD_NUMBER			 138
-#define ENGINE_R_INVALID_INIT_VALUE			 151
-#define ENGINE_R_INVALID_STRING				 150
-#define ENGINE_R_NOT_INITIALISED			 117
-#define ENGINE_R_NOT_LOADED				 112
-#define ENGINE_R_NO_CONTROL_FUNCTION			 120
-#define ENGINE_R_NO_INDEX				 144
-#define ENGINE_R_NO_LOAD_FUNCTION			 125
-#define ENGINE_R_NO_REFERENCE				 130
-#define ENGINE_R_NO_SUCH_ENGINE				 116
-#define ENGINE_R_NO_UNLOAD_FUNCTION			 126
-#define ENGINE_R_PROVIDE_PARAMETERS			 113
-#define ENGINE_R_RSA_NOT_IMPLEMENTED			 141
-#define ENGINE_R_UNIMPLEMENTED_CIPHER			 146
-#define ENGINE_R_UNIMPLEMENTED_DIGEST			 147
-#define ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD	 101
-#define ENGINE_R_VERSION_INCOMPATIBILITY		 145
-
-#ifdef  __cplusplus
-}
-#endif
-#endif

ext/bin/libcrypto/include/openssl/err.h

@@ -1,386 +0,0 @@
-/* crypto/err/err.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_ERR_H
-#define HEADER_ERR_H
-
-#include <openssl/e_os2.h>
-
-#ifndef OPENSSL_NO_FP_API
-#include <stdio.h>
-#include <stdlib.h>
-#endif
-
-#include <openssl/ossl_typ.h>
-#ifndef OPENSSL_NO_BIO
-#include <openssl/bio.h>
-#endif
-#ifndef OPENSSL_NO_LHASH
-#include <openssl/lhash.h>
-#endif
-
-#ifdef	__cplusplus
-extern "C" {
-#endif
-
-#ifndef OPENSSL_NO_ERR
-#define ERR_PUT_error(a,b,c,d,e)	ERR_put_error(a,b,c,d,e)
-#else
-#define ERR_PUT_error(a,b,c,d,e)	ERR_put_error(a,b,c,NULL,0)
-#endif
-
-#include <errno.h>
-
-#define ERR_TXT_MALLOCED	0x01
-#define ERR_TXT_STRING		0x02
-
-#define ERR_FLAG_MARK		0x01
-
-#define ERR_NUM_ERRORS	16
-typedef struct err_state_st
-	{
-	CRYPTO_THREADID tid;
-	int err_flags[ERR_NUM_ERRORS];
-	unsigned long err_buffer[ERR_NUM_ERRORS];
-	char *err_data[ERR_NUM_ERRORS];
-	int err_data_flags[ERR_NUM_ERRORS];
-	const char *err_file[ERR_NUM_ERRORS];
-	int err_line[ERR_NUM_ERRORS];
-	int top,bottom;
-	} ERR_STATE;
-
-/* library */
-#define ERR_LIB_NONE		1
-#define ERR_LIB_SYS		2
-#define ERR_LIB_BN		3
-#define ERR_LIB_RSA		4
-#define ERR_LIB_DH		5
-#define ERR_LIB_EVP		6
-#define ERR_LIB_BUF		7
-#define ERR_LIB_OBJ		8
-#define ERR_LIB_PEM		9
-#define ERR_LIB_DSA		10
-#define ERR_LIB_X509		11
-/* #define ERR_LIB_METH         12 */
-#define ERR_LIB_ASN1		13
-#define ERR_LIB_CONF		14
-#define ERR_LIB_CRYPTO		15
-#define ERR_LIB_EC		16
-#define ERR_LIB_SSL		20
-/* #define ERR_LIB_SSL23        21 */
-/* #define ERR_LIB_SSL2         22 */
-/* #define ERR_LIB_SSL3         23 */
-/* #define ERR_LIB_RSAREF       30 */
-/* #define ERR_LIB_PROXY        31 */
-#define ERR_LIB_BIO		32
-#define ERR_LIB_PKCS7		33
-#define ERR_LIB_X509V3		34
-#define ERR_LIB_PKCS12		35
-#define ERR_LIB_RAND		36
-#define ERR_LIB_DSO		37
-#define ERR_LIB_ENGINE		38
-#define ERR_LIB_OCSP            39
-#define ERR_LIB_UI              40
-#define ERR_LIB_COMP            41
-#define ERR_LIB_ECDSA		42
-#define ERR_LIB_ECDH		43
-#define ERR_LIB_STORE           44
-#define ERR_LIB_FIPS		45
-#define ERR_LIB_CMS		46
-#define ERR_LIB_TS		47
-#define ERR_LIB_HMAC		48
-#define ERR_LIB_JPAKE		49
-
-#define ERR_LIB_USER		128
-
-#define SYSerr(f,r)  ERR_PUT_error(ERR_LIB_SYS,(f),(r),__FILE__,__LINE__)
-#define BNerr(f,r)   ERR_PUT_error(ERR_LIB_BN,(f),(r),__FILE__,__LINE__)
-#define RSAerr(f,r)  ERR_PUT_error(ERR_LIB_RSA,(f),(r),__FILE__,__LINE__)
-#define DHerr(f,r)   ERR_PUT_error(ERR_LIB_DH,(f),(r),__FILE__,__LINE__)
-#define EVPerr(f,r)  ERR_PUT_error(ERR_LIB_EVP,(f),(r),__FILE__,__LINE__)
-#define BUFerr(f,r)  ERR_PUT_error(ERR_LIB_BUF,(f),(r),__FILE__,__LINE__)
-#define OBJerr(f,r)  ERR_PUT_error(ERR_LIB_OBJ,(f),(r),__FILE__,__LINE__)
-#define PEMerr(f,r)  ERR_PUT_error(ERR_LIB_PEM,(f),(r),__FILE__,__LINE__)
-#define DSAerr(f,r)  ERR_PUT_error(ERR_LIB_DSA,(f),(r),__FILE__,__LINE__)
-#define X509err(f,r) ERR_PUT_error(ERR_LIB_X509,(f),(r),__FILE__,__LINE__)
-#define ASN1err(f,r) ERR_PUT_error(ERR_LIB_ASN1,(f),(r),__FILE__,__LINE__)
-#define CONFerr(f,r) ERR_PUT_error(ERR_LIB_CONF,(f),(r),__FILE__,__LINE__)
-#define CRYPTOerr(f,r) ERR_PUT_error(ERR_LIB_CRYPTO,(f),(r),__FILE__,__LINE__)
-#define ECerr(f,r)   ERR_PUT_error(ERR_LIB_EC,(f),(r),__FILE__,__LINE__)
-#define SSLerr(f,r)  ERR_PUT_error(ERR_LIB_SSL,(f),(r),__FILE__,__LINE__)
-#define BIOerr(f,r)  ERR_PUT_error(ERR_LIB_BIO,(f),(r),__FILE__,__LINE__)
-#define PKCS7err(f,r) ERR_PUT_error(ERR_LIB_PKCS7,(f),(r),__FILE__,__LINE__)
-#define X509V3err(f,r) ERR_PUT_error(ERR_LIB_X509V3,(f),(r),__FILE__,__LINE__)
-#define PKCS12err(f,r) ERR_PUT_error(ERR_LIB_PKCS12,(f),(r),__FILE__,__LINE__)
-#define RANDerr(f,r) ERR_PUT_error(ERR_LIB_RAND,(f),(r),__FILE__,__LINE__)
-#define DSOerr(f,r) ERR_PUT_error(ERR_LIB_DSO,(f),(r),__FILE__,__LINE__)
-#define ENGINEerr(f,r) ERR_PUT_error(ERR_LIB_ENGINE,(f),(r),__FILE__,__LINE__)
-#define OCSPerr(f,r) ERR_PUT_error(ERR_LIB_OCSP,(f),(r),__FILE__,__LINE__)
-#define UIerr(f,r) ERR_PUT_error(ERR_LIB_UI,(f),(r),__FILE__,__LINE__)
-#define COMPerr(f,r) ERR_PUT_error(ERR_LIB_COMP,(f),(r),__FILE__,__LINE__)
-#define ECDSAerr(f,r)  ERR_PUT_error(ERR_LIB_ECDSA,(f),(r),__FILE__,__LINE__)
-#define ECDHerr(f,r)  ERR_PUT_error(ERR_LIB_ECDH,(f),(r),__FILE__,__LINE__)
-#define STOREerr(f,r) ERR_PUT_error(ERR_LIB_STORE,(f),(r),__FILE__,__LINE__)
-#define FIPSerr(f,r) ERR_PUT_error(ERR_LIB_FIPS,(f),(r),__FILE__,__LINE__)
-#define CMSerr(f,r) ERR_PUT_error(ERR_LIB_CMS,(f),(r),__FILE__,__LINE__)
-#define TSerr(f,r) ERR_PUT_error(ERR_LIB_TS,(f),(r),__FILE__,__LINE__)
-#define HMACerr(f,r) ERR_PUT_error(ERR_LIB_HMAC,(f),(r),__FILE__,__LINE__)
-#define JPAKEerr(f,r) ERR_PUT_error(ERR_LIB_JPAKE,(f),(r),__FILE__,__LINE__)
-
-/* Borland C seems too stupid to be able to shift and do longs in
- * the pre-processor :-( */
-#define ERR_PACK(l,f,r)		(((((unsigned long)l)&0xffL)*0x1000000)| \
-				((((unsigned long)f)&0xfffL)*0x1000)| \
-				((((unsigned long)r)&0xfffL)))
-#define ERR_GET_LIB(l)		(int)((((unsigned long)l)>>24L)&0xffL)
-#define ERR_GET_FUNC(l)		(int)((((unsigned long)l)>>12L)&0xfffL)
-#define ERR_GET_REASON(l)	(int)((l)&0xfffL)
-#define ERR_FATAL_ERROR(l)	(int)((l)&ERR_R_FATAL)
-
-
-/* OS functions */
-#define SYS_F_FOPEN		1
-#define SYS_F_CONNECT		2
-#define SYS_F_GETSERVBYNAME	3
-#define SYS_F_SOCKET		4
-#define SYS_F_IOCTLSOCKET	5
-#define SYS_F_BIND		6
-#define SYS_F_LISTEN		7
-#define SYS_F_ACCEPT		8
-#define SYS_F_WSASTARTUP	9 /* Winsock stuff */
-#define SYS_F_OPENDIR		10
-#define SYS_F_FREAD		11
-
-
-/* reasons */
-#define ERR_R_SYS_LIB	ERR_LIB_SYS       /* 2 */
-#define ERR_R_BN_LIB	ERR_LIB_BN        /* 3 */
-#define ERR_R_RSA_LIB	ERR_LIB_RSA       /* 4 */
-#define ERR_R_DH_LIB	ERR_LIB_DH        /* 5 */
-#define ERR_R_EVP_LIB	ERR_LIB_EVP       /* 6 */
-#define ERR_R_BUF_LIB	ERR_LIB_BUF       /* 7 */
-#define ERR_R_OBJ_LIB	ERR_LIB_OBJ       /* 8 */
-#define ERR_R_PEM_LIB	ERR_LIB_PEM       /* 9 */
-#define ERR_R_DSA_LIB	ERR_LIB_DSA      /* 10 */
-#define ERR_R_X509_LIB	ERR_LIB_X509     /* 11 */
-#define ERR_R_ASN1_LIB	ERR_LIB_ASN1     /* 13 */
-#define ERR_R_CONF_LIB	ERR_LIB_CONF     /* 14 */
-#define ERR_R_CRYPTO_LIB ERR_LIB_CRYPTO  /* 15 */
-#define ERR_R_EC_LIB	ERR_LIB_EC       /* 16 */
-#define ERR_R_SSL_LIB	ERR_LIB_SSL      /* 20 */
-#define ERR_R_BIO_LIB	ERR_LIB_BIO      /* 32 */
-#define ERR_R_PKCS7_LIB	ERR_LIB_PKCS7    /* 33 */
-#define ERR_R_X509V3_LIB ERR_LIB_X509V3  /* 34 */
-#define ERR_R_PKCS12_LIB ERR_LIB_PKCS12  /* 35 */
-#define ERR_R_RAND_LIB	ERR_LIB_RAND     /* 36 */
-#define ERR_R_DSO_LIB	ERR_LIB_DSO      /* 37 */
-#define ERR_R_ENGINE_LIB ERR_LIB_ENGINE  /* 38 */
-#define ERR_R_OCSP_LIB  ERR_LIB_OCSP     /* 39 */
-#define ERR_R_UI_LIB    ERR_LIB_UI       /* 40 */
-#define ERR_R_COMP_LIB	ERR_LIB_COMP     /* 41 */
-#define ERR_R_ECDSA_LIB ERR_LIB_ECDSA	 /* 42 */
-#define ERR_R_ECDH_LIB  ERR_LIB_ECDH	 /* 43 */
-#define ERR_R_STORE_LIB ERR_LIB_STORE    /* 44 */
-#define ERR_R_TS_LIB	ERR_LIB_TS       /* 45 */
-
-#define ERR_R_NESTED_ASN1_ERROR			58
-#define ERR_R_BAD_ASN1_OBJECT_HEADER		59
-#define ERR_R_BAD_GET_ASN1_OBJECT_CALL		60
-#define ERR_R_EXPECTING_AN_ASN1_SEQUENCE	61
-#define ERR_R_ASN1_LENGTH_MISMATCH		62
-#define ERR_R_MISSING_ASN1_EOS			63
-
-/* fatal error */
-#define ERR_R_FATAL				64
-#define	ERR_R_MALLOC_FAILURE			(1|ERR_R_FATAL)
-#define	ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED	(2|ERR_R_FATAL)
-#define	ERR_R_PASSED_NULL_PARAMETER		(3|ERR_R_FATAL)
-#define	ERR_R_INTERNAL_ERROR			(4|ERR_R_FATAL)
-#define	ERR_R_DISABLED				(5|ERR_R_FATAL)
-
-/* 99 is the maximum possible ERR_R_... code, higher values
- * are reserved for the individual libraries */
-
-
-typedef struct ERR_string_data_st
-	{
-	unsigned long error;
-	const char *string;
-	} ERR_STRING_DATA;
-
-void ERR_put_error(int lib, int func,int reason,const char *file,int line);
-void ERR_set_error_data(char *data,int flags);
-
-unsigned long ERR_get_error(void);
-unsigned long ERR_get_error_line(const char **file,int *line);
-unsigned long ERR_get_error_line_data(const char **file,int *line,
-				      const char **data, int *flags);
-unsigned long ERR_peek_error(void);
-unsigned long ERR_peek_error_line(const char **file,int *line);
-unsigned long ERR_peek_error_line_data(const char **file,int *line,
-				       const char **data,int *flags);
-unsigned long ERR_peek_last_error(void);
-unsigned long ERR_peek_last_error_line(const char **file,int *line);
-unsigned long ERR_peek_last_error_line_data(const char **file,int *line,
-				       const char **data,int *flags);
-void ERR_clear_error(void );
-char *ERR_error_string(unsigned long e,char *buf);
-void ERR_error_string_n(unsigned long e, char *buf, size_t len);
-const char *ERR_lib_error_string(unsigned long e);
-const char *ERR_func_error_string(unsigned long e);
-const char *ERR_reason_error_string(unsigned long e);
-void ERR_print_errors_cb(int (*cb)(const char *str, size_t len, void *u),
-			 void *u);
-#ifndef OPENSSL_NO_FP_API
-void ERR_print_errors_fp(FILE *fp);
-#endif
-#ifndef OPENSSL_NO_BIO
-void ERR_print_errors(BIO *bp);
-#endif
-void ERR_add_error_data(int num, ...);
-void ERR_add_error_vdata(int num, va_list args);
-void ERR_load_strings(int lib,ERR_STRING_DATA str[]);
-void ERR_unload_strings(int lib,ERR_STRING_DATA str[]);
-void ERR_load_ERR_strings(void);
-void ERR_load_crypto_strings(void);
-void ERR_free_strings(void);
-
-void ERR_remove_thread_state(const CRYPTO_THREADID *tid);
-#ifndef OPENSSL_NO_DEPRECATED
-void ERR_remove_state(unsigned long pid); /* if zero we look it up */
-#endif
-ERR_STATE *ERR_get_state(void);
-
-#ifndef OPENSSL_NO_LHASH
-LHASH_OF(ERR_STRING_DATA) *ERR_get_string_table(void);
-LHASH_OF(ERR_STATE) *ERR_get_err_state_table(void);
-void ERR_release_err_state_table(LHASH_OF(ERR_STATE) **hash);
-#endif
-
-int ERR_get_next_error_library(void);
-
-int ERR_set_mark(void);
-int ERR_pop_to_mark(void);
-
-/* Already defined in ossl_typ.h */
-/* typedef struct st_ERR_FNS ERR_FNS; */
-/* An application can use this function and provide the return value to loaded
- * modules that should use the application's ERR state/functionality */
-const ERR_FNS *ERR_get_implementation(void);
-/* A loaded module should call this function prior to any ERR operations using
- * the application's "ERR_FNS". */
-int ERR_set_implementation(const ERR_FNS *fns);
-
-#ifdef	__cplusplus
-}
-#endif
-
-#endif

ext/bin/libcrypto/include/openssl/hmac.h

@@ -1,110 +0,0 @@
-/* crypto/hmac/hmac.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#ifndef HEADER_HMAC_H
-#define HEADER_HMAC_H
-
-#include <openssl/opensslconf.h>
-
-#ifdef OPENSSL_NO_HMAC
-#error HMAC is disabled.
-#endif
-
-#include <openssl/evp.h>
-
-#define HMAC_MAX_MD_CBLOCK	128	/* largest known is SHA512 */
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct hmac_ctx_st
-	{
-	const EVP_MD *md;
-	EVP_MD_CTX md_ctx;
-	EVP_MD_CTX i_ctx;
-	EVP_MD_CTX o_ctx;
-	unsigned int key_length;
-	unsigned char key[HMAC_MAX_MD_CBLOCK];
-	} HMAC_CTX;
-
-#define HMAC_size(e)	(EVP_MD_size((e)->md))
-
-
-void HMAC_CTX_init(HMAC_CTX *ctx);
-void HMAC_CTX_cleanup(HMAC_CTX *ctx);
-
-#define HMAC_cleanup(ctx) HMAC_CTX_cleanup(ctx) /* deprecated */
-
-int HMAC_Init(HMAC_CTX *ctx, const void *key, int len,
-	       const EVP_MD *md); /* deprecated */
-int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
-		  const EVP_MD *md, ENGINE *impl);
-int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len);
-int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
-unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
-		    const unsigned char *d, size_t n, unsigned char *md,
-		    unsigned int *md_len);
-int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);
-
-void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif

ext/bin/libcrypto/include/openssl/idea.h

@@ -1,103 +0,0 @@
-/* crypto/idea/idea.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_IDEA_H
-#define HEADER_IDEA_H
-
-#include <openssl/opensslconf.h> /* IDEA_INT, OPENSSL_NO_IDEA */
-
-#ifdef OPENSSL_NO_IDEA
-#error IDEA is disabled.
-#endif
-
-#define IDEA_ENCRYPT	1
-#define IDEA_DECRYPT	0
-
-#define IDEA_BLOCK	8
-#define IDEA_KEY_LENGTH	16
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct idea_key_st
-	{
-	IDEA_INT data[9][6];
-	} IDEA_KEY_SCHEDULE;
-
-const char *idea_options(void);
-void idea_ecb_encrypt(const unsigned char *in, unsigned char *out,
-	IDEA_KEY_SCHEDULE *ks);
-#ifdef OPENSSL_FIPS
-void private_idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks);
-#endif
-void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks);
-void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk);
-void idea_cbc_encrypt(const unsigned char *in, unsigned char *out,
-	long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,int enc);
-void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-	long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
-	int *num,int enc);
-void idea_ofb64_encrypt(const unsigned char *in, unsigned char *out,
-	long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv, int *num);
-void idea_encrypt(unsigned long *in, IDEA_KEY_SCHEDULE *ks);
-#ifdef  __cplusplus
-}
-#endif
-
-#endif

ext/bin/libcrypto/include/openssl/krb5_asn.h

@@ -1,256 +0,0 @@
-/* krb5_asn.h */
-/* Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project,
-** using ocsp/{*.h,*asn*.c} as a starting point
-*/
-
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_KRB5_ASN_H
-#define HEADER_KRB5_ASN_H
-
-/*
-#include <krb5.h>
-*/
-#include <openssl/safestack.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-
-/*	ASN.1 from Kerberos RFC 1510
-*/
-
-/*	EncryptedData ::=   SEQUENCE {
-**		etype[0]                      INTEGER, -- EncryptionType
-**		kvno[1]                       INTEGER OPTIONAL,
-**		cipher[2]                     OCTET STRING -- ciphertext
-**	}
-*/
-typedef	struct	krb5_encdata_st
-	{
-	ASN1_INTEGER			*etype;
-	ASN1_INTEGER			*kvno;
-	ASN1_OCTET_STRING		*cipher;
-	}	KRB5_ENCDATA;
-
-DECLARE_STACK_OF(KRB5_ENCDATA)
-
-/*	PrincipalName ::=   SEQUENCE {
-**		name-type[0]                  INTEGER,
-**		name-string[1]                SEQUENCE OF GeneralString
-**	}
-*/
-typedef	struct	krb5_princname_st
-	{
-	ASN1_INTEGER			*nametype;
-	STACK_OF(ASN1_GENERALSTRING)	*namestring;
-	}	KRB5_PRINCNAME;
-
-DECLARE_STACK_OF(KRB5_PRINCNAME)
-
-
-/*	Ticket ::=	[APPLICATION 1] SEQUENCE {
-**		tkt-vno[0]                    INTEGER,
-**		realm[1]                      Realm,
-**		sname[2]                      PrincipalName,
-**		enc-part[3]                   EncryptedData
-**	}
-*/
-typedef	struct	krb5_tktbody_st
-	{
-	ASN1_INTEGER			*tktvno;
-	ASN1_GENERALSTRING		*realm;
-	KRB5_PRINCNAME			*sname;
-	KRB5_ENCDATA			*encdata;
-	}	KRB5_TKTBODY;
-
-typedef STACK_OF(KRB5_TKTBODY) KRB5_TICKET;
-DECLARE_STACK_OF(KRB5_TKTBODY)
-
-
-/*	AP-REQ ::=      [APPLICATION 14] SEQUENCE {
-**		pvno[0]                       INTEGER,
-**		msg-type[1]                   INTEGER,
-**		ap-options[2]                 APOptions,
-**		ticket[3]                     Ticket,
-**		authenticator[4]              EncryptedData
-**	}
-**
-**	APOptions ::=   BIT STRING {
-**		reserved(0), use-session-key(1), mutual-required(2) }
-*/
-typedef	struct	krb5_ap_req_st
-	{
-	ASN1_INTEGER			*pvno;
-	ASN1_INTEGER			*msgtype;
-	ASN1_BIT_STRING			*apoptions;
-	KRB5_TICKET			*ticket;
-	KRB5_ENCDATA			*authenticator;
-	}	KRB5_APREQBODY;
-
-typedef STACK_OF(KRB5_APREQBODY) KRB5_APREQ;
-DECLARE_STACK_OF(KRB5_APREQBODY)
-
-
-/*	Authenticator Stuff	*/
-
-
-/*	Checksum ::=   SEQUENCE {
-**		cksumtype[0]                  INTEGER,
-**		checksum[1]                   OCTET STRING
-**	}
-*/
-typedef	struct	krb5_checksum_st
-	{
-	ASN1_INTEGER			*ctype;
-	ASN1_OCTET_STRING		*checksum;
-	}	KRB5_CHECKSUM;
-
-DECLARE_STACK_OF(KRB5_CHECKSUM)
-
-
-/*	EncryptionKey ::=   SEQUENCE {
-**		keytype[0]                    INTEGER,
-**		keyvalue[1]                   OCTET STRING
-**	}
-*/
-typedef struct  krb5_encryptionkey_st
-	{
-	ASN1_INTEGER			*ktype;
-	ASN1_OCTET_STRING		*keyvalue;
-	}	KRB5_ENCKEY;
-
-DECLARE_STACK_OF(KRB5_ENCKEY)
-
-
-/*	AuthorizationData ::=   SEQUENCE OF SEQUENCE {
-**		ad-type[0]                    INTEGER,
-**              ad-data[1]                    OCTET STRING
-**	}
-*/
-typedef struct	krb5_authorization_st
-	{
-	ASN1_INTEGER			*adtype;
-	ASN1_OCTET_STRING		*addata;
-	}	KRB5_AUTHDATA;
-
-DECLARE_STACK_OF(KRB5_AUTHDATA)
-
-			
-/*	-- Unencrypted authenticator
-**	Authenticator ::=    [APPLICATION 2] SEQUENCE    {
-**		authenticator-vno[0]          INTEGER,
-**		crealm[1]                     Realm,
-**		cname[2]                      PrincipalName,
-**		cksum[3]                      Checksum OPTIONAL,
-**		cusec[4]                      INTEGER,
-**		ctime[5]                      KerberosTime,
-**		subkey[6]                     EncryptionKey OPTIONAL,
-**		seq-number[7]                 INTEGER OPTIONAL,
-**		authorization-data[8]         AuthorizationData OPTIONAL
-**	}
-*/
-typedef struct	krb5_authenticator_st
-	{
-	ASN1_INTEGER			*avno;
-	ASN1_GENERALSTRING		*crealm;
-	KRB5_PRINCNAME			*cname;
-	KRB5_CHECKSUM			*cksum;
-	ASN1_INTEGER			*cusec;
-	ASN1_GENERALIZEDTIME		*ctime;
-	KRB5_ENCKEY			*subkey;
-	ASN1_INTEGER			*seqnum;
-	KRB5_AUTHDATA			*authorization;
-	}	KRB5_AUTHENTBODY;
-
-typedef STACK_OF(KRB5_AUTHENTBODY) KRB5_AUTHENT;
-DECLARE_STACK_OF(KRB5_AUTHENTBODY)
-
-
-/*  DECLARE_ASN1_FUNCTIONS(type) = DECLARE_ASN1_FUNCTIONS_name(type, type) =
-**	type *name##_new(void);
-**	void name##_free(type *a);
-**	DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) =
-**	 DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) =
-**	  type *d2i_##name(type **a, const unsigned char **in, long len);
-**	  int i2d_##name(type *a, unsigned char **out);
-**	  DECLARE_ASN1_ITEM(itname) = OPENSSL_EXTERN const ASN1_ITEM itname##_it
-*/
-
-DECLARE_ASN1_FUNCTIONS(KRB5_ENCDATA)
-DECLARE_ASN1_FUNCTIONS(KRB5_PRINCNAME)
-DECLARE_ASN1_FUNCTIONS(KRB5_TKTBODY)
-DECLARE_ASN1_FUNCTIONS(KRB5_APREQBODY)
-DECLARE_ASN1_FUNCTIONS(KRB5_TICKET)
-DECLARE_ASN1_FUNCTIONS(KRB5_APREQ)
-
-DECLARE_ASN1_FUNCTIONS(KRB5_CHECKSUM)
-DECLARE_ASN1_FUNCTIONS(KRB5_ENCKEY)
-DECLARE_ASN1_FUNCTIONS(KRB5_AUTHDATA)
-DECLARE_ASN1_FUNCTIONS(KRB5_AUTHENTBODY)
-DECLARE_ASN1_FUNCTIONS(KRB5_AUTHENT)
-
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
-

ext/bin/libcrypto/include/openssl/kssl.h

@@ -1,183 +0,0 @@
-/* ssl/kssl.h -*- mode: C; c-file-style: "eay" -*- */
-/* Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project 2000.
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
-**	19990701	VRS 	Started.
-*/
-
-#ifndef	KSSL_H
-#define	KSSL_H
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_KRB5
-
-#include <stdio.h>
-#include <ctype.h>
-#include <krb5.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/*
-**	Depending on which KRB5 implementation used, some types from
-**	the other may be missing.  Resolve that here and now
-*/
-#ifdef KRB5_HEIMDAL
-typedef unsigned char krb5_octet;
-#define FAR
-#else
-
-#ifndef FAR
-#define FAR
-#endif
-
-#endif
-
-/*	Uncomment this to debug kssl problems or
-**	to trace usage of the Kerberos session key
-**
-**	#define		KSSL_DEBUG
-*/
-
-#ifndef	KRB5SVC
-#define KRB5SVC	"host"
-#endif
-
-#ifndef	KRB5KEYTAB
-#define KRB5KEYTAB	"/etc/krb5.keytab"
-#endif
-
-#ifndef KRB5SENDAUTH
-#define KRB5SENDAUTH	1
-#endif
-
-#ifndef KRB5CHECKAUTH
-#define KRB5CHECKAUTH	1
-#endif
-
-#ifndef KSSL_CLOCKSKEW
-#define	KSSL_CLOCKSKEW	300;
-#endif
-
-#define	KSSL_ERR_MAX	255
-typedef struct kssl_err_st  {
-	int  reason;
-	char text[KSSL_ERR_MAX+1];
-	} KSSL_ERR;
-
-
-/*	Context for passing
-**		(1) Kerberos session key to SSL, and
-**		(2)	Config data between application and SSL lib
-*/
-typedef struct kssl_ctx_st
-        {
-                                /*	used by:    disposition:            */
-	char *service_name;	/*	C,S	    default ok (kssl)       */
-	char *service_host;	/*	C	    input, REQUIRED         */
-	char *client_princ;	/*	S	    output from krb5 ticket */
-	char *keytab_file;	/*      S	    NULL (/etc/krb5.keytab) */
-	char *cred_cache;	/*	C	    NULL (default)          */
-	krb5_enctype enctype;
-	int length;
-	krb5_octet FAR *key;
-	} KSSL_CTX;
-
-#define	KSSL_CLIENT 	1
-#define KSSL_SERVER 	2
-#define	KSSL_SERVICE	3
-#define	KSSL_KEYTAB 	4
-
-#define KSSL_CTX_OK 	0
-#define KSSL_CTX_ERR	1
-#define KSSL_NOMEM	2
-
-/* Public (for use by applications that use OpenSSL with Kerberos 5 support */
-krb5_error_code kssl_ctx_setstring(KSSL_CTX *kssl_ctx, int which, char *text);
-KSSL_CTX *kssl_ctx_new(void);
-KSSL_CTX *kssl_ctx_free(KSSL_CTX *kssl_ctx);
-void kssl_ctx_show(KSSL_CTX *kssl_ctx);
-krb5_error_code kssl_ctx_setprinc(KSSL_CTX *kssl_ctx, int which,
-        krb5_data *realm, krb5_data *entity, int nentities);
-krb5_error_code	kssl_cget_tkt(KSSL_CTX *kssl_ctx,  krb5_data **enc_tktp,
-        krb5_data *authenp, KSSL_ERR *kssl_err);
-krb5_error_code	kssl_sget_tkt(KSSL_CTX *kssl_ctx,  krb5_data *indata,
-        krb5_ticket_times *ttimes, KSSL_ERR *kssl_err);
-krb5_error_code kssl_ctx_setkey(KSSL_CTX *kssl_ctx, krb5_keyblock *session);
-void	kssl_err_set(KSSL_ERR *kssl_err, int reason, char *text);
-void kssl_krb5_free_data_contents(krb5_context context, krb5_data *data);
-krb5_error_code  kssl_build_principal_2(krb5_context context,
-			krb5_principal *princ, int rlen, const char *realm,
-			int slen, const char *svc, int hlen, const char *host);
-krb5_error_code  kssl_validate_times(krb5_timestamp atime,
-					krb5_ticket_times *ttimes);
-krb5_error_code  kssl_check_authent(KSSL_CTX *kssl_ctx, krb5_data *authentp,
-			            krb5_timestamp *atimep, KSSL_ERR *kssl_err);
-unsigned char	*kssl_skip_confound(krb5_enctype enctype, unsigned char *authn);
-
-void SSL_set0_kssl_ctx(SSL *s, KSSL_CTX *kctx);
-KSSL_CTX * SSL_get0_kssl_ctx(SSL *s);
-char *kssl_ctx_get0_client_princ(KSSL_CTX *kctx);
-
-#ifdef  __cplusplus
-}
-#endif
-#endif	/* OPENSSL_NO_KRB5	*/
-#endif	/* KSSL_H 	*/

ext/bin/libcrypto/include/openssl/lhash.h

@@ -1,241 +0,0 @@
-/* crypto/lhash/lhash.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Header for dynamic hash table routines
- * Author - Eric Young
- */
-
-#ifndef HEADER_LHASH_H
-#define HEADER_LHASH_H
-
-#include <openssl/e_os2.h>
-#ifndef OPENSSL_NO_FP_API
-#include <stdio.h>
-#endif
-
-#ifndef OPENSSL_NO_BIO
-#include <openssl/bio.h>
-#endif
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct lhash_node_st
-	{
-	void *data;
-	struct lhash_node_st *next;
-#ifndef OPENSSL_NO_HASH_COMP
-	unsigned long hash;
-#endif
-	} LHASH_NODE;
-
-typedef int (*LHASH_COMP_FN_TYPE)(const void *, const void *);
-typedef unsigned long (*LHASH_HASH_FN_TYPE)(const void *);
-typedef void (*LHASH_DOALL_FN_TYPE)(void *);
-typedef void (*LHASH_DOALL_ARG_FN_TYPE)(void *, void *);
-
-/* Macros for declaring and implementing type-safe wrappers for LHASH callbacks.
- * This way, callbacks can be provided to LHASH structures without function
- * pointer casting and the macro-defined callbacks provide per-variable casting
- * before deferring to the underlying type-specific callbacks. NB: It is
- * possible to place a "static" in front of both the DECLARE and IMPLEMENT
- * macros if the functions are strictly internal. */
-
-/* First: "hash" functions */
-#define DECLARE_LHASH_HASH_FN(name, o_type) \
-	unsigned long name##_LHASH_HASH(const void *);
-#define IMPLEMENT_LHASH_HASH_FN(name, o_type) \
-	unsigned long name##_LHASH_HASH(const void *arg) { \
-		const o_type *a = arg; \
-		return name##_hash(a); }
-#define LHASH_HASH_FN(name) name##_LHASH_HASH
-
-/* Second: "compare" functions */
-#define DECLARE_LHASH_COMP_FN(name, o_type) \
-	int name##_LHASH_COMP(const void *, const void *);
-#define IMPLEMENT_LHASH_COMP_FN(name, o_type) \
-	int name##_LHASH_COMP(const void *arg1, const void *arg2) { \
-		const o_type *a = arg1;		    \
-		const o_type *b = arg2; \
-		return name##_cmp(a,b); }
-#define LHASH_COMP_FN(name) name##_LHASH_COMP
-
-/* Third: "doall" functions */
-#define DECLARE_LHASH_DOALL_FN(name, o_type) \
-	void name##_LHASH_DOALL(void *);
-#define IMPLEMENT_LHASH_DOALL_FN(name, o_type) \
-	void name##_LHASH_DOALL(void *arg) { \
-		o_type *a = arg; \
-		name##_doall(a); }
-#define LHASH_DOALL_FN(name) name##_LHASH_DOALL
-
-/* Fourth: "doall_arg" functions */
-#define DECLARE_LHASH_DOALL_ARG_FN(name, o_type, a_type) \
-	void name##_LHASH_DOALL_ARG(void *, void *);
-#define IMPLEMENT_LHASH_DOALL_ARG_FN(name, o_type, a_type) \
-	void name##_LHASH_DOALL_ARG(void *arg1, void *arg2) { \
-		o_type *a = arg1; \
-		a_type *b = arg2; \
-		name##_doall_arg(a, b); }
-#define LHASH_DOALL_ARG_FN(name) name##_LHASH_DOALL_ARG
-
-typedef struct lhash_st
-	{
-	LHASH_NODE **b;
-	LHASH_COMP_FN_TYPE comp;
-	LHASH_HASH_FN_TYPE hash;
-	unsigned int num_nodes;
-	unsigned int num_alloc_nodes;
-	unsigned int p;
-	unsigned int pmax;
-	unsigned long up_load; /* load times 256 */
-	unsigned long down_load; /* load times 256 */
-	unsigned long num_items;
-
-	unsigned long num_expands;
-	unsigned long num_expand_reallocs;
-	unsigned long num_contracts;
-	unsigned long num_contract_reallocs;
-	unsigned long num_hash_calls;
-	unsigned long num_comp_calls;
-	unsigned long num_insert;
-	unsigned long num_replace;
-	unsigned long num_delete;
-	unsigned long num_no_delete;
-	unsigned long num_retrieve;
-	unsigned long num_retrieve_miss;
-	unsigned long num_hash_comps;
-
-	int error;
-	} _LHASH;	/* Do not use _LHASH directly, use LHASH_OF
-			 * and friends */
-
-#define LH_LOAD_MULT	256
-
-/* Indicates a malloc() error in the last call, this is only bad
- * in lh_insert(). */
-#define lh_error(lh)	((lh)->error)
-
-_LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c);
-void lh_free(_LHASH *lh);
-void *lh_insert(_LHASH *lh, void *data);
-void *lh_delete(_LHASH *lh, const void *data);
-void *lh_retrieve(_LHASH *lh, const void *data);
-void lh_doall(_LHASH *lh, LHASH_DOALL_FN_TYPE func);
-void lh_doall_arg(_LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg);
-unsigned long lh_strhash(const char *c);
-unsigned long lh_num_items(const _LHASH *lh);
-
-#ifndef OPENSSL_NO_FP_API
-void lh_stats(const _LHASH *lh, FILE *out);
-void lh_node_stats(const _LHASH *lh, FILE *out);
-void lh_node_usage_stats(const _LHASH *lh, FILE *out);
-#endif
-
-#ifndef OPENSSL_NO_BIO
-void lh_stats_bio(const _LHASH *lh, BIO *out);
-void lh_node_stats_bio(const _LHASH *lh, BIO *out);
-void lh_node_usage_stats_bio(const _LHASH *lh, BIO *out);
-#endif
-
-/* Type checking... */
-
-#define LHASH_OF(type) struct lhash_st_##type
-
-#define DECLARE_LHASH_OF(type) LHASH_OF(type) { int dummy; }
-
-#define CHECKED_LHASH_OF(type,lh) \
-  ((_LHASH *)CHECKED_PTR_OF(LHASH_OF(type),lh))
-
-/* Define wrapper functions. */
-#define LHM_lh_new(type, name) \
-  ((LHASH_OF(type) *)lh_new(LHASH_HASH_FN(name), LHASH_COMP_FN(name)))
-#define LHM_lh_error(type, lh) \
-  lh_error(CHECKED_LHASH_OF(type,lh))
-#define LHM_lh_insert(type, lh, inst) \
-  ((type *)lh_insert(CHECKED_LHASH_OF(type, lh), \
-		     CHECKED_PTR_OF(type, inst)))
-#define LHM_lh_retrieve(type, lh, inst) \
-  ((type *)lh_retrieve(CHECKED_LHASH_OF(type, lh), \
-		       CHECKED_PTR_OF(type, inst)))
-#define LHM_lh_delete(type, lh, inst) \
-  ((type *)lh_delete(CHECKED_LHASH_OF(type, lh),			\
-		     CHECKED_PTR_OF(type, inst)))
-#define LHM_lh_doall(type, lh,fn) lh_doall(CHECKED_LHASH_OF(type, lh), fn)
-#define LHM_lh_doall_arg(type, lh, fn, arg_type, arg) \
-  lh_doall_arg(CHECKED_LHASH_OF(type, lh), fn, CHECKED_PTR_OF(arg_type, arg))
-#define LHM_lh_num_items(type, lh) lh_num_items(CHECKED_LHASH_OF(type, lh))
-#define LHM_lh_down_load(type, lh) (CHECKED_LHASH_OF(type, lh)->down_load)
-#define LHM_lh_node_stats_bio(type, lh, out) \
-  lh_node_stats_bio(CHECKED_LHASH_OF(type, lh), out)
-#define LHM_lh_node_usage_stats_bio(type, lh, out) \
-  lh_node_usage_stats_bio(CHECKED_LHASH_OF(type, lh), out)
-#define LHM_lh_stats_bio(type, lh, out) \
-  lh_stats_bio(CHECKED_LHASH_OF(type, lh), out)
-#define LHM_lh_free(type, lh) lh_free(CHECKED_LHASH_OF(type, lh))
-
-DECLARE_LHASH_OF(OPENSSL_STRING);
-DECLARE_LHASH_OF(OPENSSL_CSTRING);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
-