Remove bugs/ and crypto/threads/

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

18 files changed, 0 insertions, 1973 deletions

diff --git a/bugs/MS b/bugs/MS
deleted file mode 100644
index a1dcfb90de..0000000000
--- a/bugs/MS
+++ /dev/null
@@ -1,7 +0,0 @@
-If you use the function that does an fopen inside the DLL, it's malloc
-will be used and when the function is then written inside, more
-hassles
-....
-
-
-think about it.
diff --git a/bugs/SSLv3 b/bugs/SSLv3
deleted file mode 100644
index a75a1652d9..0000000000
--- a/bugs/SSLv3
+++ /dev/null
@@ -1,49 +0,0 @@
-So far...
-
-ssl3.netscape.com:443 does not support client side dynamic
-session-renegotiation.
-
-ssl3.netscape.com:444 (asks for client cert) sends out all the CA RDN
-in an invalid format (the outer sequence is removed).
-
-Netscape-Commerce/1.12, when talking SSLv2, accepts a 32 byte
-challenge but then appears to only use 16 bytes when generating the
-encryption keys.  Using 16 bytes is ok but it should be ok to use 32.
-According to the SSLv3 spec, one should use 32 bytes for the challenge
-when opperating in SSLv2/v3 compatablity mode, but as mentioned above,
-this breaks this server so 16 bytes is the way to go.
-
-www.microsoft.com - when talking SSLv2, if session-id reuse is
-performed, the session-id passed back in the server-finished message
-is different from the one decided upon.
-
-ssl3.netscape.com:443, first a connection is established with RC4-MD5.
-If it is then resumed, we end up using DES-CBC3-SHA.  It should be
-RC4-MD5 according to 7.6.1.3, 'cipher_suite'.
-Netscape-Enterprise/2.01 (https://merchant.netscape.com) has this bug.
-It only really shows up when connecting via SSLv2/v3 then reconnecting
-via SSLv3. The cipher list changes....
-NEW INFORMATION.  Try connecting with a cipher list of just
-DES-CBC-SHA:RC4-MD5.  For some weird reason, each new connection uses
-RC4-MD5, but a re-connect tries to use DES-CBC-SHA.  So netscape, when
-doing a re-connect, always takes the first cipher in the cipher list.
-
-If we accept a netscape connection, demand a client cert, have a
-non-self-signed CA which does not have it's CA in netscape, and the
-browser has a cert, it will crash/hang.  Works for 3.x and 4.xbeta
-
-Netscape browsers do not really notice the server sending a
-close notify message.  I was sending one, and then some invalid data.
-netscape complained of an invalid mac. (a fork()ed child doing a
-SSL_shutdown() and still sharing the socket with its parent).
-
-Netscape, when using export ciphers, will accept a 1024 bit temporary
-RSA key.  It is supposed to only accept 512.
-
-If Netscape connects to a server which requests a client certificate
-it will frequently hang after the user has selected one and never
-complete the connection. Hitting "Stop" and reload fixes this and
-all subsequent connections work fine. This appears to be because 
-Netscape wont read any new records in when it is awaiting a server
-done message at this point. The fix is to send the certificate request
-and server done messages in one record.
diff --git a/bugs/alpha.c b/bugs/alpha.c
deleted file mode 100644
index 3b4bc93779..0000000000
--- a/bugs/alpha.c
+++ /dev/null
@@ -1,92 +0,0 @@
-/* bugs/alpha.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*
- * while not exactly a bug (ASN1 C leaves this undefined) it is something to
- * watch out for.  This was fine on linux/NT/Solaris but not Alpha
- */
-
-/*-
- * it is basically an example of
- * func(*(a++),*(a++))
- * which parameter is evaluated first?  It is not defined in ASN1 C.
- */
-
-#include <stdio.h>
-
-#define TYPE    unsigned int
-
-void func(a, b)
-TYPE *a;
-TYPE b;
-{
-    printf("%ld -1 == %ld\n", a[0], b);
-}
-
-main()
-{
-    TYPE data[5] = { 1L, 2L, 3L, 4L, 5L };
-    TYPE *p;
-    int i;
-
-    p = data;
-
-    for (i = 0; i < 4; i++) {
-        func(p, *(p++));
-    }
-}
diff --git a/bugs/sgiccbug.c b/bugs/sgiccbug.c
deleted file mode 100644
index 6b1b3d4ab0..0000000000
--- a/bugs/sgiccbug.c
+++ /dev/null
@@ -1,60 +0,0 @@
-/* NOCW */
-/* sgibug.c */
-/* bug found by Eric Young (eay@mincom.oz.au) May 95 */
-
-#include <stdio.h>
-
-/*
- * This compiler bug it present on IRIX 5.3, 5.1 and 4.0.5 (these are the
- * only versions of IRIX I have access to. defining FIXBUG removes the bug.
- * (bug is still present in IRIX 6.3 according to Gage
- * <agage@forgetmenot.Mines.EDU>
- */
-
-/*-
- * Compare the output from
- * cc sgiccbug.c; ./a.out
- * and
- * cc -O sgiccbug.c; ./a.out
- */
-
-static unsigned long a[4] =
-    { 0x01234567, 0x89ABCDEF, 0xFEDCBA98, 0x76543210 };
-static unsigned long b[4] =
-    { 0x89ABCDEF, 0xFEDCBA98, 0x76543210, 0x01234567 };
-static unsigned long c[4] =
-    { 0x77777778, 0x8ACF1357, 0x88888888, 0x7530ECA9 };
-
-main()
-{
-    unsigned long r[4];
-    sub(r, a, b);
-    fprintf(stderr, "input a= %08X %08X %08X %08X\n", a[3], a[2], a[1], a[0]);
-    fprintf(stderr, "input b= %08X %08X %08X %08X\n", b[3], b[2], b[1], b[0]);
-    fprintf(stderr, "output = %08X %08X %08X %08X\n", r[3], r[2], r[1], r[0]);
-    fprintf(stderr, "correct= %08X %08X %08X %08X\n", c[3], c[2], c[1], c[0]);
-}
-
-int sub(r, a, b)
-unsigned long *r, *a, *b;
-{
-    register unsigned long t1, t2, *ap, *bp, *rp;
-    int i, carry;
-#ifdef FIXBUG
-    unsigned long dummy;
-#endif
-
-    ap = a;
-    bp = b;
-    rp = r;
-    carry = 0;
-    for (i = 0; i < 4; i++) {
-        t1 = *(ap++);
-        t2 = *(bp++);
-        t1 = (t1 - t2);
-#ifdef FIXBUG
-        dummy = t1;
-#endif
-        *(rp++) = t1 & 0xffffffff;
-    }
-}
diff --git a/bugs/sslref.dif b/bugs/sslref.dif
deleted file mode 100644
index 0817009bb4..0000000000
--- a/bugs/sslref.dif
+++ /dev/null
@@ -1,26 +0,0 @@
-The February 9th, 1995 version of the SSL document differs from
-https://www.netscape.com in the following ways.
-=====
-The key material for generating a SSL_CK_DES_64_CBC_WITH_MD5 key is
-KEY-MATERIAL-0 = MD5[MASTER-KEY,"0",CHALLENGE,CONNECTION-ID]
-not
-KEY-MATERIAL-0 = MD5[MASTER-KEY,CHALLENGE,CONNECTION-ID]
-as specified in the documentation.
-=====
-From the section 2.6 Server Only Protocol Messages
-
-If the SESSION-ID-HIT flag is non-zero then the CERTIFICATE-TYPE,
-CERTIFICATE-LENGTH and CIPHER-SPECS-LENGTH fields will be zero. 
-
-This is not true for https://www.netscape.com.  The CERTIFICATE-TYPE
-is returned as 1.
-=====
-I have not tested the following but it is reported by holtzman@mit.edu.
-
-SSLref clients wait to receive a server-verify before they send a
-client-finished.  Besides this not being evident from the examples in
-2.2.1, it makes more sense to always send all packets you can before
-reading.  SSLeay was waiting in the server to receive a client-finish
-before sending the server-verify :-).  I have changed SSLeay to send a
-server-verify before trying to read the client-finished.
-
diff --git a/bugs/stream.c b/bugs/stream.c
deleted file mode 100644
index 9af239553a..0000000000
--- a/bugs/stream.c
+++ /dev/null
@@ -1,132 +0,0 @@
-/* bugs/stream.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/rc4.h>
-#ifdef OPENSSL_NO_DES
-# include <des.h>
-#else
-# include <openssl/des.h>
-#endif
-
-/*
- * show how stream ciphers are not very good.  The mac has no affect on RC4
- * while it does for cfb DES
- */
-
-main()
-{
-    fprintf(stderr, "rc4\n");
-    rc4();
-    fprintf(stderr, "cfb des\n");
-    des();
-}
-
-int des()
-{
-    des_key_schedule ks;
-    des_cblock iv, key;
-    int num;
-    static char *keystr = "01234567";
-    static char *in1 = "0123456789ABCEDFdata 12345";
-    static char *in2 = "9876543210abcdefdata 12345";
-    unsigned char out[100];
-    int i;
-
-    des_set_key((des_cblock *)keystr, ks);
-
-    num = 0;
-    memset(iv, 0, 8);
-    des_cfb64_encrypt(in1, out, 26, ks, (des_cblock *)iv, &num, 1);
-    for (i = 0; i < 26; i++)
-        fprintf(stderr, "%02X ", out[i]);
-    fprintf(stderr, "\n");
-
-    num = 0;
-    memset(iv, 0, 8);
-    des_cfb64_encrypt(in2, out, 26, ks, (des_cblock *)iv, &num, 1);
-    for (i = 0; i < 26; i++)
-        fprintf(stderr, "%02X ", out[i]);
-    fprintf(stderr, "\n");
-}
-
-int rc4()
-{
-    static char *keystr = "0123456789abcdef";
-    RC4_KEY key;
-    unsigned char in[100], out[100];
-    int i;
-
-    RC4_set_key(&key, 16, keystr);
-    in[0] = '\0';
-    strcpy(in, "0123456789ABCEDFdata 12345");
-    RC4(key, 26, in, out);
-
-    for (i = 0; i < 26; i++)
-        fprintf(stderr, "%02X ", out[i]);
-    fprintf(stderr, "\n");
-
-    RC4_set_key(&key, 16, keystr);
-    in[0] = '\0';
-    strcpy(in, "9876543210abcdefdata 12345");
-    RC4(key, 26, in, out);
-
-    for (i = 0; i < 26; i++)
-        fprintf(stderr, "%02X ", out[i]);
-    fprintf(stderr, "\n");
-}
diff --git a/bugs/ultrixcc.c b/bugs/ultrixcc.c
deleted file mode 100644
index 6e24549d5e..0000000000
--- a/bugs/ultrixcc.c
+++ /dev/null
@@ -1,44 +0,0 @@
-#include <stdio.h>
-
-/*-
- * This is a cc optimiser bug for ultrix 4.3, mips CPU.
- * What happens is that the compiler, due to the (a)&7,
- * does
- * i=a&7;
- * i--;
- * i*=4;
- * Then uses i as the offset into a jump table.
- * The problem is that a value of 0 generates an offset of
- * 0xfffffffc.
- */
-
-main()
-{
-    f(5);
-    f(0);
-}
-
-int f(a)
-int a;
-{
-    switch (a & 7) {
-    case 7:
-        printf("7\n");
-    case 6:
-        printf("6\n");
-    case 5:
-        printf("5\n");
-    case 4:
-        printf("4\n");
-    case 3:
-        printf("3\n");
-    case 2:
-        printf("2\n");
-    case 1:
-        printf("1\n");
-#ifdef FIX_BUG
-    case 0:
-        ;
-#endif
-    }
-}
diff --git a/crypto/threads/mttest.c b/crypto/threads/mttest.c
deleted file mode 100644
index 914ba7bb6f..0000000000
--- a/crypto/threads/mttest.c
+++ /dev/null
@@ -1,1071 +0,0 @@
-/* crypto/threads/mttest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-#ifdef LINUX
-# include <typedefs.h>
-#endif
-#ifdef OPENSSL_SYS_WIN32
-# include <windows.h>
-#endif
-#ifdef SOLARIS
-# include <synch.h>
-# include <thread.h>
-#endif
-#ifdef IRIX
-# include <ulocks.h>
-# include <sys/prctl.h>
-#endif
-#ifdef PTHREADS
-# include <pthread.h>
-#endif
-#ifdef OPENSSL_SYS_NETWARE
-# if !defined __int64
-#  define __int64 long long
-# endif
-# include <nwmpk.h>
-#endif
-#include <openssl/lhash.h>
-#include <openssl/crypto.h>
-#include <openssl/buffer.h>
-#include <openssl/x509.h>
-#include <openssl/ssl.h>
-#include <openssl/err.h>
-#include <openssl/rand.h>
-
-#ifdef OPENSSL_SYS_NETWARE
-# define TEST_SERVER_CERT "/openssl/apps/server.pem"
-# define TEST_CLIENT_CERT "/openssl/apps/client.pem"
-#else
-# define TEST_SERVER_CERT "../../apps/server.pem"
-# define TEST_CLIENT_CERT "../../apps/client.pem"
-#endif
-
-#define MAX_THREAD_NUMBER       100
-
-int verify_callback(int ok, X509_STORE_CTX *xs);
-void thread_setup(void);
-void thread_cleanup(void);
-void do_threads(SSL_CTX *s_ctx, SSL_CTX *c_ctx);
-
-void irix_locking_callback(int mode, int type, const char *file, int line);
-void solaris_locking_callback(int mode, int type, const char *file, int line);
-void win32_locking_callback(int mode, int type, const char *file, int line);
-void pthreads_locking_callback(int mode, int type, const char *file, int line);
-void netware_locking_callback(int mode, int type, const char *file, int line);
-void beos_locking_callback(int mode, int type, const char *file, int line);
-
-void irix_thread_id(CRYPTO_THREADID *tid);
-void solaris_thread_id(CRYPTO_THREADID *tid);
-void pthreads_thread_id(CRYPTO_THREADID *tid);
-void netware_thread_id(CRYPTO_THREADID *tid);
-void beos_thread_id(CRYPTO_THREADID *tid);
-
-#if defined(OPENSSL_SYS_NETWARE)
-static MPKMutex *lock_cs;
-static MPKSema ThreadSem;
-static long *lock_count;
-#endif
-
-BIO *bio_err = NULL;
-BIO *bio_stdout = NULL;
-
-static char *cipher = NULL;
-int verbose = 0;
-#ifdef FIONBIO
-static int s_nbio = 0;
-#endif
-
-int thread_number = 10;
-int number_of_loops = 10;
-int reconnect = 0;
-int cache_stats = 0;
-
-static const char rnd_seed[] =
-    "string to make the random number generator think it has entropy";
-
-int doit(char *ctx[4]);
-static void print_stats(BIO *bio, SSL_CTX *ctx)
-{
-    BIO_printf(bio, "%4ld items in the session cache\n",
-	       SSL_CTX_sess_number(ctx));
-    BIO_printf(bio, "%4d client connects (SSL_connect())\n",
-	       SSL_CTX_sess_connect(ctx));
-    BIO_printf(bio, "%4d client connects that finished\n",
-	       SSL_CTX_sess_connect_good(ctx));
-    BIO_printf(bio, "%4d server connects (SSL_accept())\n",
-	       SSL_CTX_sess_accept(ctx));
-    BIO_printf(bio, "%4d server connects that finished\n",
-	       SSL_CTX_sess_accept_good(ctx));
-    BIO_printf(bio, "%4d session cache hits\n", SSL_CTX_sess_hits(ctx));
-    BIO_printf(bio, "%4d session cache misses\n", SSL_CTX_sess_misses(ctx));
-    BIO_printf(bio, "%4d session cache timeouts\n", SSL_CTX_sess_timeouts(ctx));
-}
-
-static void sv_usage(void)
-{
-    BIO_printf(bio_err, "usage: ssltest [args ...]\n");
-    BIO_printf(bio_err, "\n");
-    BIO_printf(bio_err, " -server_auth  - check server certificate\n");
-    BIO_printf(bio_err, " -client_auth  - do client authentication\n");
-    BIO_printf(bio_err, " -v            - more output\n");
-    BIO_printf(bio_err, " -CApath arg   - PEM format directory of CA's\n");
-    BIO_printf(bio_err, " -CAfile arg   - PEM format file of CA's\n");
-    BIO_printf(bio_err, " -threads arg  - number of threads\n");
-    BIO_printf(bio_err, " -loops arg    - number of 'connections', per thread\n");
-    BIO_printf(bio_err, " -reconnect    - reuse session-id's\n");
-    BIO_printf(bio_err, " -stats        - server session-id cache stats\n");
-    BIO_printf(bio_err, " -cert arg     - server certificate/key\n");
-    BIO_printf(bio_err, " -ccert arg    - client certificate/key\n");
-    BIO_printf(bio_err, " -ssl3         - just SSLv3n\n");
-}
-
-int main(int argc, char *argv[])
-{
-    char *CApath = NULL, *CAfile = NULL;
-    int badop = 0;
-    int ret = 1;
-    int client_auth = 0;
-    int server_auth = 0;
-    SSL_CTX *s_ctx = NULL;
-    SSL_CTX *c_ctx = NULL;
-    char *scert = TEST_SERVER_CERT;
-    char *ccert = TEST_CLIENT_CERT;
-    const SSL_METHOD *ssl_method = TLS_method();
-
-    RAND_seed(rnd_seed, sizeof rnd_seed);
-
-    if (bio_err == NULL)
-        bio_err = BIO_new_fd(2, BIO_NOCLOSE);
-    if (bio_stdout == NULL)
-        bio_stdout = BIO_new_fd(1, BIO_NOCLOSE);
-    argc--;
-    argv++;
-
-    while (argc >= 1) {
-        if (strcmp(*argv, "-server_auth") == 0)
-            server_auth = 1;
-        else if (strcmp(*argv, "-client_auth") == 0)
-            client_auth = 1;
-        else if (strcmp(*argv, "-reconnect") == 0)
-            reconnect = 1;
-        else if (strcmp(*argv, "-stats") == 0)
-            cache_stats = 1;
-        else if (strcmp(*argv, "-ssl3") == 0)
-            ssl_method = SSLv3_method();
-        else if (strcmp(*argv, "-CApath") == 0) {
-            if (--argc < 1)
-                goto bad;
-            CApath = *(++argv);
-        } else if (strcmp(*argv, "-CAfile") == 0) {
-            if (--argc < 1)
-                goto bad;
-            CAfile = *(++argv);
-        } else if (strcmp(*argv, "-cert") == 0) {
-            if (--argc < 1)
-                goto bad;
-            scert = *(++argv);
-        } else if (strcmp(*argv, "-ccert") == 0) {
-            if (--argc < 1)
-                goto bad;
-            ccert = *(++argv);
-        } else if (strcmp(*argv, "-threads") == 0) {
-            if (--argc < 1)
-                goto bad;
-            thread_number = atoi(*(++argv));
-            if (thread_number == 0)
-                thread_number = 1;
-            if (thread_number > MAX_THREAD_NUMBER)
-                thread_number = MAX_THREAD_NUMBER;
-        } else if (strcmp(*argv, "-loops") == 0) {
-            if (--argc < 1)
-                goto bad;
-            number_of_loops = atoi(*(++argv));
-            if (number_of_loops == 0)
-                number_of_loops = 1;
-        } else {
-            BIO_printf(bio_err, "unknown option %s\n", *argv);
-            badop = 1;
-            break;
-        }
-        argc--;
-        argv++;
-    }
-    if (badop) {
- bad:
-        sv_usage();
-        goto end;
-    }
-
-    if (cipher == NULL && OPENSSL_issetugid() == 0)
-        cipher = getenv("SSL_CIPHER");
-
-    SSL_load_error_strings();
-    OpenSSL_add_ssl_algorithms();
-
-    c_ctx = SSL_CTX_new(ssl_method);
-    s_ctx = SSL_CTX_new(ssl_method);
-    if ((c_ctx == NULL) || (s_ctx == NULL)) {
-        ERR_print_errors(bio_err);
-        goto end;
-    }
-
-    SSL_CTX_set_session_cache_mode(s_ctx,
-                                   SSL_SESS_CACHE_NO_AUTO_CLEAR |
-                                   SSL_SESS_CACHE_SERVER);
-    SSL_CTX_set_session_cache_mode(c_ctx,
-                                   SSL_SESS_CACHE_NO_AUTO_CLEAR |
-                                   SSL_SESS_CACHE_SERVER);
-
-    if (!SSL_CTX_use_certificate_file(s_ctx, scert, SSL_FILETYPE_PEM)) {
-        BIO_printf(bio_err, "SSL_CTX_use_certificate_file (%s)\n", scert);
-        ERR_print_errors(bio_err);
-        goto end;
-    } else
-        if (!SSL_CTX_use_RSAPrivateKey_file(s_ctx, scert, SSL_FILETYPE_PEM)) {
-        BIO_printf(bio_err, "SSL_CTX_use_RSAPrivateKey_file (%s)\n", scert);
-        ERR_print_errors(bio_err);
-        goto end;
-    }
-
-    if (client_auth) {
-        SSL_CTX_use_certificate_file(c_ctx, ccert, SSL_FILETYPE_PEM);
-        SSL_CTX_use_RSAPrivateKey_file(c_ctx, ccert, SSL_FILETYPE_PEM);
-    }
-
-    if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) ||
-        (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
-        (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) ||
-        (!SSL_CTX_set_default_verify_paths(c_ctx))) {
-        BIO_printf(bio_err, "SSL_load_verify_locations\n");
-        ERR_print_errors(bio_err);
-        goto end;
-    }
-
-    if (client_auth) {
-        BIO_printf(bio_err, "client authentication\n");
-        SSL_CTX_set_verify(s_ctx,
-                           SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
-                           verify_callback);
-    }
-    if (server_auth) {
-        BIO_printf(bio_err, "server authentication\n");
-        SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, verify_callback);
-    }
-
-    thread_setup();
-    do_threads(s_ctx, c_ctx);
-    thread_cleanup();
- end:
-
-    if (c_ctx != NULL) {
-        BIO_printf(bio_err, "Client SSL_CTX stats then free it\n");
-        print_stats(bio_err, c_ctx);
-        SSL_CTX_free(c_ctx);
-    }
-    if (s_ctx != NULL) {
-        BIO_printf(bio_err, "Server SSL_CTX stats then free it\n");
-        print_stats(bio_err, s_ctx);
-        if (cache_stats) {
-            BIO_printf(bio_err, "-----\n");
-            lh_SSL_SESSION_stats_bio(SSL_CTX_sessions(s_ctx), bio_err);
-            BIO_printf(bio_err, "-----\n");
-    /*-     lh_SSL_SESSION_node_stats_bio(SSL_CTX_sessions(s_ctx),bio_err);
-            BIO_printf(bio_err,"-----\n"); */
-            lh_SSL_SESSION_node_usage_stats_bio(SSL_CTX_sessions(s_ctx), bio_err);
-            BIO_printf(bio_err, "-----\n");
-        }
-        SSL_CTX_free(s_ctx);
-        BIO_printf(bio_err, "done free\n");
-    }
-    exit(ret);
-    return (0);
-}
-
-#define W_READ  1
-#define W_WRITE 2
-#define C_DONE  1
-#define S_DONE  2
-
-int ndoit(SSL_CTX *ssl_ctx[2])
-{
-    int i;
-    int ret;
-    char *ctx[4];
-    CRYPTO_THREADID thread_id;
-
-    ctx[0] = (char *)ssl_ctx[0];
-    ctx[1] = (char *)ssl_ctx[1];
-
-    if (reconnect) {
-        ctx[2] = (char *)SSL_new(ssl_ctx[0]);
-        ctx[3] = (char *)SSL_new(ssl_ctx[1]);
-    } else {
-        ctx[2] = NULL;
-        ctx[3] = NULL;
-    }
-
-    CRYPTO_THREADID_current(&thread_id);
-    BIO_printf(bio_stdout, "started thread %lu\n",
-	       CRYPTO_THREADID_hash(&thread_id));
-    for (i = 0; i < number_of_loops; i++) {
-/*-     BIO_printf(bio_err,"%4d %2d ctx->ref (%3d,%3d)\n",
-                   CRYPTO_THREADID_hash(&thread_id),i,
-                   ssl_ctx[0]->references,
-                   ssl_ctx[1]->references); */
-/*      pthread_delay_np(&tm); */
-
-        ret = doit(ctx);
-        if (ret != 0) {
-            BIO_printf(bio_stdout, "error[%d] %lu - %d\n",
-                       i, CRYPTO_THREADID_hash(&thread_id), ret);
-            return (ret);
-        }
-    }
-    BIO_printf(bio_stdout, "DONE %lu\n", CRYPTO_THREADID_hash(&thread_id));
-    if (reconnect) {
-        SSL_free((SSL *)ctx[2]);
-        SSL_free((SSL *)ctx[3]);
-    }
-#ifdef OPENSSL_SYS_NETWARE
-    MPKSemaphoreSignal(ThreadSem);
-#endif
-    return (0);
-}
-
-int doit(char *ctx[4])
-{
-    SSL_CTX *s_ctx, *c_ctx;
-    static char cbuf[200], sbuf[200];
-    SSL *c_ssl = NULL;
-    SSL *s_ssl = NULL;
-    BIO *c_to_s = NULL;
-    BIO *s_to_c = NULL;
-    BIO *c_bio = NULL;
-    BIO *s_bio = NULL;
-    int c_r, c_w, s_r, s_w;
-    int c_want, s_want;
-    int i;
-    int done = 0;
-    int c_write, s_write;
-    int do_server = 0, do_client = 0;
-
-    s_ctx = (SSL_CTX *)ctx[0];
-    c_ctx = (SSL_CTX *)ctx[1];
-
-    if (ctx[2] != NULL)
-        s_ssl = (SSL *)ctx[2];