Import of old SSLeay release: SSLeay 0.8.1b

29 files changed, 6925 insertions, 0 deletions

diff --git a/crypto/x509/Makefile.ssl b/crypto/x509/Makefile.ssl
new file mode 100644
index 0000000000..e54a74d1e8
--- /dev/null
+++ b/crypto/x509/Makefile.ssl
@@ -0,0 +1,96 @@
+#
+# SSLeay/crypto/x509/Makefile
+#
+
+DIR=	x509
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I../../include
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE=		make -f Makefile.ssl
+MAKEDEPEND=	makedepend -f Makefile.ssl
+MAKEFILE=	Makefile.ssl
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+ERR=x509
+ERRC=x509_err
+GENERAL=Makefile README
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	x509_def.c x509_d2.c x509_r2x.c x509_cmp.c \
+	x509_obj.c x509_req.c x509_vfy.c \
+	x509_set.c x509rset.c $(ERRC).c \
+	x509name.c x509_v3.c x509_ext.c x509pack.c \
+	x509type.c x509_lu.c x_all.c x509_txt.c \
+	by_file.c by_dir.c \
+	v3_net.c v3_x509.c
+LIBOBJ= x509_def.o x509_d2.o x509_r2x.o x509_cmp.o \
+	x509_obj.o x509_req.o x509_vfy.o \
+	x509_set.o x509rset.o $(ERRC).o \
+	x509name.o x509_v3.o x509_ext.o x509pack.o \
+	x509type.o x509_lu.o x_all.o x509_txt.o \
+	by_file.o by_dir.o \
+	v3_net.o v3_x509.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= x509.h x509_vfy.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/util/ranlib.sh $(LIB)
+	@touch lib
+
+files:
+	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+	/bin/rm -f Makefile
+	$(TOP)/util/point.sh Makefile.ssl Makefile ;
+	$(TOP)/util/mklink.sh ../../include $(EXHEADER)
+	$(TOP)/util/mklink.sh ../../test $(TEST)
+	$(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+	@for i in $(EXHEADER) ; \
+	do  \
+	(cp $$i $(INSTALLTOP)/include/$$i; \
+	chmod 644 $(INSTALLTOP)/include/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+	perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
+	perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/x509/attrib b/crypto/x509/attrib
new file mode 100644
index 0000000000..37f6cd755f
--- /dev/null
+++ b/crypto/x509/attrib
@@ -0,0 +1,38 @@
+
+PKCS7
+	STACK of X509_ATTRIBUTES
+		ASN1_OBJECT
+		STACK of ASN1_TYPE
+
+So it is
+
+p7.xa[].obj
+p7.xa[].data[]
+
+get_obj_by_nid(STACK , nid)
+get_num_by_nid(STACK , nid)
+get_data_by_nid(STACK , nid, index)
+
+X509_ATTRIBUTE *X509_ATTRIBUTE_new(void );
+void		X509_ATTRIBUTE_free(X509_ATTRIBUTE *a);
+
+X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **ex,
+			int nid, STACK *value);
+
+X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **ex,
+			int nid, STACK *value);
+
+int		X509_ATTRIBUTE_set_object(X509_ATTRIBUTE *ex,ASN1_OBJECT *obj);
+int		X509_ATTRIBUTE_add_data(X509_ATTRIBUTE *ex, int index,
+			ASN1_TYPE *value);
+
+ASN1_OBJECT *	X509_ATTRIBUTE_get_object(X509_ATTRIBUTE *ex);
+int 		X509_ATTRIBUTE_get_num(X509_ATTRIBUTE *ne);
+ASN1_TYPE *	X509_ATTRIBUTE_get_data(X509_ATTRIBUTE *ne,int index);
+
+ASN1_TYPE *	X509_ATTRIBUTE_get_data_by_NID(X509_ATTRIBUTE *ne,
+			ASN1_OBJECT *obj);
+
+X509_ATTRUBUTE *PKCS7_get_s_att_by_NID(PKCS7 *p7,int nid);
+X509_ATTRUBUTE *PKCS7_get_u_att_by_NID(PKCS7 *p7,int nid);
+
diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c
new file mode 100644
index 0000000000..6676a2e404
--- /dev/null
+++ b/crypto/x509/by_dir.c
@@ -0,0 +1,320 @@
+/* crypto/x509/by_dir.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include <errno.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include "cryptlib.h"
+#include "lhash.h"
+#include "x509.h"
+#include "pem.h"
+
+typedef struct lookup_dir_st
+	{
+	BUF_MEM *buffer;
+	int num_dirs;
+	char **dirs;
+	int *dirs_type;
+	int num_dirs_alloced;
+	} BY_DIR;
+
+#ifndef NOPROTO
+static int dir_ctrl(X509_LOOKUP *ctx,int cmd,char *argp,long argl,char **ret);
+static int new_dir(X509_LOOKUP *lu);
+static void free_dir(X509_LOOKUP *lu);
+static int add_cert_dir(BY_DIR *ctx,char *dir,int type);
+static int get_cert_by_subject(X509_LOOKUP *xl,int type,X509_NAME *name,
+	X509_OBJECT *ret);
+#else
+static int dir_ctrl();
+static int new_dir();
+static void free_dir();
+static int add_cert_dir();
+static int get_cert_by_subject();
+#endif
+
+X509_LOOKUP_METHOD x509_dir_lookup=
+	{
+	"Load certs from files in a directory",
+	new_dir,		/* new */
+	free_dir,		/* free */
+	NULL, 			/* init */
+	NULL,			/* shutdown */
+	dir_ctrl,		/* ctrl */
+	get_cert_by_subject,	/* get_by_subject */
+	NULL,			/* get_by_issuer_serial */
+	NULL,			/* get_by_fingerprint */
+	NULL,			/* get_by_alias */
+	};
+
+X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir()
+	{
+	return(&x509_dir_lookup);
+	}
+
+static int dir_ctrl(ctx,cmd,argp,argl,retp)
+X509_LOOKUP *ctx;
+int cmd;
+long argl;
+char *argp;
+char **retp;
+	{
+	int ret=0;
+	BY_DIR *ld;
+	char *dir;
+
+	ld=(BY_DIR *)ctx->method_data;
+
+	switch (cmd)
+		{
+	case X509_L_ADD_DIR:
+		if (argl == X509_FILETYPE_DEFAULT)
+			{
+			ret=add_cert_dir(ld,X509_get_default_cert_dir(),
+				X509_FILETYPE_PEM);
+			if (!ret)
+				{
+				X509err(X509_F_DIR_CTRL,X509_R_LOADING_CERT_DIR);
+				}
+			else
+				{
+				dir=(char *)Getenv(X509_get_default_cert_dir_env());
+				ret=add_cert_dir(ld,dir,X509_FILETYPE_PEM);
+				}
+			}
+		else
+			ret=add_cert_dir(ld,argp,(int)argl);
+		break;
+		}
+	return(ret);
+	}
+
+static int new_dir(lu)
+X509_LOOKUP *lu;
+	{
+	BY_DIR *a;
+
+	if ((a=(BY_DIR *)Malloc(sizeof(BY_DIR))) == NULL)
+		return(0);
+	if ((a->buffer=BUF_MEM_new()) == NULL)
+		{
+		Free(a);
+		return(0);
+		}
+	a->num_dirs=0;
+	a->dirs=NULL;
+	a->dirs_type=NULL;
+	a->num_dirs_alloced=0;
+	lu->method_data=(char *)a;
+	return(1);
+	}
+
+static void free_dir(lu)
+X509_LOOKUP *lu;
+	{
+	BY_DIR *a;
+	int i;
+
+	a=(BY_DIR *)lu->method_data;
+	for (i=0; i<a->num_dirs; i++)
+		if (a->dirs[i] != NULL) Free(a->dirs[i]);
+	if (a->dirs != NULL) Free(a->dirs);
+	if (a->dirs_type != NULL) Free(a->dirs_type);
+	if (a->buffer != NULL) BUF_MEM_free(a->buffer);
+	Free(a);
+	}
+
+static int add_cert_dir(ctx,dir, type)
+BY_DIR *ctx;
+char *dir;
+int type;
+	{
+	int j,len;
+	int *ip;
+	char *s,*ss,*p;
+	char **pp;
+
+	if (dir == NULL) return(0);
+
+	s=dir;
+	p=s;
+	for (;;)
+		{
+		if ((*p == LIST_SEPARATOR_CHAR) || (*p == '\0'))
+			{
+			ss=s;
+			s=p+1;
+			len=(int)(p-ss);
+			if (len == 0) continue;
+			for (j=0; j<ctx->num_dirs; j++)
+				if (strncmp(ctx->dirs[j],ss,(unsigned int)len) == 0)
+					continue;
+			if (ctx->num_dirs_alloced < (ctx->num_dirs+1))
+				{
+				ctx->num_dirs_alloced+=10;
+				pp=(char **)Malloc(ctx->num_dirs_alloced*
+					sizeof(char *));
+				ip=(int *)Malloc(ctx->num_dirs_alloced*
+					sizeof(int));
+				if ((pp == NULL) || (ip == NULL))
+					{
+					X509err(X509_F_ADD_CERT_DIR,ERR_R_MALLOC_FAILURE);
+					return(0);
+					}
+				memcpy(pp,ctx->dirs,(ctx->num_dirs_alloced-10)*
+					sizeof(char *));
+				memcpy(ip,ctx->dirs_type,(ctx->num_dirs_alloced-10)*
+					sizeof(int));
+				if (ctx->dirs != NULL)
+					Free((char *)ctx->dirs);
+				if (ctx->dirs_type != NULL)
+					Free((char *)ctx->dirs_type);
+				ctx->dirs=pp;
+				ctx->dirs_type=ip;
+				}
+			ctx->dirs_type[ctx->num_dirs]=type;
+			ctx->dirs[ctx->num_dirs]=(char *)Malloc((unsigned int)len+1);
+			if (ctx->dirs[ctx->num_dirs] == NULL) return(0);
+			strncpy(ctx->dirs[ctx->num_dirs],ss,(unsigned int)len);
+			ctx->dirs[ctx->num_dirs][len]='\0';
+			ctx->num_dirs++;
+			}
+		if (*p == '\0') break;
+		p++;
+		}
+	return(1);
+	}
+
+static int get_cert_by_subject(xl,type,name,ret)
+X509_LOOKUP *xl;
+int type;
+X509_NAME *name;
+X509_OBJECT *ret;
+	{
+	BY_DIR *ctx;
+	X509 st_x509;
+	X509_CINF st_x509_cinf;
+	int ok=0;
+	int i,j,k;
+	unsigned long h;
+	BUF_MEM *b=NULL;
+	struct stat st;
+	X509_OBJECT stmp,*tmp;
+
+	if (name == NULL) return(0);
+
+	st_x509.cert_info= &st_x509_cinf;
+	st_x509_cinf.subject=name;
+	stmp.data.x509= &st_x509;
+	stmp.type=type;
+
+	if ((b=BUF_MEM_new()) == NULL)
+		{
+		X509err(X509_F_GET_CERT_BY_SUBJECT,ERR_R_BUF_LIB);
+		goto finish;
+		}
+	
+	ctx=(BY_DIR *)xl->method_data;
+
+	h=X509_NAME_hash(name);
+	for (i=0; i<ctx->num_dirs; i++)
+		{
+		j=strlen(ctx->dirs[i])+1+8+6+1;
+		if (!BUF_MEM_grow(b,j))
+			{
+			X509err(X509_F_GET_CERT_BY_SUBJECT,ERR_R_MALLOC_FAILURE);
+			goto finish;
+			}
+		k=0;
+		for (;;)
+			{
+			sprintf(b->data,"%s/%08lx.%d",ctx->dirs[i],h,k);
+			k++;
+			if (stat(b->data,&st) < 0)
+				break;
+			/* found one. */
+			if ((X509_load_cert_file(xl,b->data,
+				ctx->dirs_type[i])) == 0)
+					break;
+			}
+
+		/* we have added it to the cache so now pull
+		 * it out again */
+		CRYPTO_r_lock(CRYPTO_LOCK_X509_STORE);
+		tmp=(X509_OBJECT *)lh_retrieve(xl->store_ctx->certs,
+			(char *)&stmp);
+		CRYPTO_r_unlock(CRYPTO_LOCK_X509_STORE);
+
+		if (tmp != NULL)
+			{
+			ok=1;
+			ret->type=tmp->type;
+			ret->data.x509=tmp->data.x509;
+	/*		CRYPTO_add(&tmp->data.x509->references,1,
+				CRYPTO_LOCK_X509);*/
+			goto finish;
+			}
+		}
+finish:
+	if (b != NULL) BUF_MEM_free(b);
+	return(ok);
+	}
+
diff --git a/crypto/x509/by_file.c b/crypto/x509/by_file.c
new file mode 100644
index 0000000000..2dac28f542
--- /dev/null
+++ b/crypto/x509/by_file.c
@@ -0,0 +1,205 @@
+/* crypto/x509/by_file.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include <errno.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include "cryptlib.h"
+#include "lhash.h"
+#include "buffer.h"
+#include "x509.h"
+#include "pem.h"
+
+#ifndef NOPROTO
+static int by_file_ctrl(X509_LOOKUP *ctx,int cmd,char *argc,
+	long argl,char **ret);
+#else
+static int by_file_ctrl();
+#endif
+
+X509_LOOKUP_METHOD x509_file_lookup=
+	{
+	"Load file into cache",
+	NULL,		/* new */
+	NULL,		/* free */
+	NULL, 		/* init */
+	NULL,		/* shutdown */
+	by_file_ctrl,	/* ctrl */
+	NULL,		/* get_by_subject */
+	NULL,		/* get_by_issuer_serial */
+	NULL,		/* get_by_fingerprint */
+	NULL,		/* get_by_alias */
+	};
+
+X509_LOOKUP_METHOD *X509_LOOKUP_file()
+	{
+	return(&x509_file_lookup);
+	}
+
+static int by_file_ctrl(ctx,cmd,argp,argl,ret)
+X509_LOOKUP *ctx;
+int cmd;
+char *argp;
+long argl;
+char **ret;
+	{
+	int ok=0;
+	char *file;
+
+	switch (cmd)
+		{
+	case X509_L_FILE_LOAD:
+		if (argl == X509_FILETYPE_DEFAULT)
+			{
+			ok=X509_load_cert_file(ctx,X509_get_default_cert_file(),
+				X509_FILETYPE_PEM);
+			if (!ok)
+				{
+				X509err(X509_F_BY_FILE_CTRL,X509_R_LOADING_DEFAULTS);
+				}
+			else
+				{
+				file=(char *)Getenv(X509_get_default_cert_file_env());
+				ok=X509_load_cert_file(ctx,file,
+					X509_FILETYPE_PEM);
+				}
+			}
+		else
+			ok=X509_load_cert_file(ctx,argp,(int)argl);
+		break;
+		}
+	return(ok);
+	}
+
+int X509_load_cert_file(ctx,file,type)
+X509_LOOKUP *ctx;
+char *file;
+int type;
+	{
+	int ret=0;
+	BIO *in=NULL;
+	int i,count=0;
+	X509 *x=NULL;
+
+	if (file == NULL) return(1);
+#ifndef WIN16
+	in=BIO_new(BIO_s_file());
+#else
+	in=BIO_new(BIO_s_file_internal_w16());
+#endif
+
+	if ((in == NULL) || (BIO_read_filename(in,file) <= 0))
+		{
+		X509err(X509_F_X509_LOAD_CERT_FILE,ERR_R_SYS_LIB);
+		goto err;
+		}
+
+	if (type == X509_FILETYPE_PEM)
+		{
+		for (;;)
+			{
+			x=PEM_read_bio_X509(in,NULL,NULL);
+			if (x == NULL)
+				{
+				if ((ERR_GET_REASON(ERR_peek_error()) ==
+					PEM_R_NO_START_LINE) && (count > 0))
+					{
+					ERR_clear_error();
+					break;
+					}
+				else
+					{
+					X509err(X509_F_X509_LOAD_CERT_FILE,
+						ERR_R_PEM_LIB);
+					goto err;
+					}
+				}
+			i=X509_STORE_add_cert(ctx->store_ctx,x);
+			if (!i) goto err;
+			count++;
+			X509_free(x);
+			x=NULL;
+			}
+		ret=count;
+		}
+	else if (type == X509_FILETYPE_ASN1)
+		{
+		x=d2i_X509_bio(in,NULL);
+		if (x == NULL)
+			{
+			X509err(X509_F_X509_LOAD_CERT_FILE,ERR_R_ASN1_LIB);
+			goto err;
+			}
+		i=X509_STORE_add_cert(ctx->store_ctx,x);
+		if (!i) goto err;
+		ret=i;
+		}
+	else
+		{
+		X509err(X509_F_X509_LOAD_CERT_FILE,X509_R_BAD_X509_FILETYPE);
+		goto err;
+		}
+err:
+	if (x != NULL) X509_free(x);
+	if (in != NULL) BIO_free(in);
+	return(ret);
+	}
+
diff --git a/crypto/x509/f b/crypto/x509/f
new file mode 100644
index 0000000000..6ec986db87
--- /dev/null
+++ b/crypto/x509/f
@@ -0,0 +1,465 @@
+*** x509name.c	Wed Jul  2 09:35:35 1997
+--- /home/eay/play/x	Sat Jul  5 01:39:56 1997
+***************
+*** 1,202 ****
+! /* crypto/x509/x509name.c */
+! /* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+!  * All rights reserved.
+!  *
+!  * This package is an SSL implementation written
+!  * by Eric Young (eay@cryptsoft.com).
+!  * The implementation was written so as to conform with Netscapes SSL.
+!  * 
+!  * This library is free for commercial and non-commercial use as long as
+!  * the following conditions are aheared to.  The following conditions
+!  * apply to all code found in this distribution, be it the RC4, RSA,
+!  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+!  * included with this distribution is covered by the same copyright terms
+!  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+!  * 
+!  * Copyright remains Eric Young's, and as such any Copyright notices in
+!  * the code are not to be removed.
+!  * If this package is used in a product, Eric Young should be given attribution
+!  * as the author of the parts of the library used.
+!  * This can be in the form of a textual message at program startup or
+!  * in documentation (online or textual) provided with the package.
+!  * 
+!  * Redistribution and use in source and binary forms, with or without
+!  * modification, are permitted provided that the following conditions
+!  * are met:
+!  * 1. Redistributions of source code must retain the copyright
+!  *    notice, this list of conditions and the following disclaimer.
+!  * 2. Redistributions in binary form must reproduce the above copyright
+!  *    notice, this list of conditions and the following disclaimer in the
+!  *    documentation and/or other materials provided with the distribution.
+!  * 3. All advertising materials mentioning features or use of this software
+!  *    must display the following acknowledgement:
+!  *    "This product includes cryptographic software written by
+!  *     Eric Young (eay@cryptsoft.com)"
+!  *    The word 'cryptographic' can be left out if the rouines from the library
+!  *    being used are not cryptographic related :-).
+!  * 4. If you include any Windows specific code (or a derivative thereof) from 
+!  *    the apps directory (application code) you must include an acknowledgement:
+!  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+!  * 
+!  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+!  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+!  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+!  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+!  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+!  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+!  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+!  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+!  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+!  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+!  * SUCH DAMAGE.
+!  * 
+!  * The licence and distribution terms for any publically available version or
+!  * derivative of this code cannot be changed.  i.e. this code cannot simply be
+!  * copied and put under another distribution licence
+!  * [including the GNU Public Licence.]
+!  */
+! 
+! #include <stdio.h>
+! #include "stack.h"
+! #include "cryptlib.h"
+! #include "asn1.h"
+! #include "objects.h"
+! #include "evp.h"
+! #include "x509.h"
+! 
+! int X509_NAME_get_text_by_NID(name,nid,buf,len)
+! X509_NAME *name;
+! int nid;
+! char *buf;
+! int len;
+  	{
+  	ASN1_OBJECT *obj;
+  
+  	obj=OBJ_nid2obj(nid);
+! 	if (obj == NULL) return(-1);
+! 	return(X509_NAME_get_text_by_OBJ(name,obj,buf,len));
+  	}
+  
+- int X509_NAME_get_text_by_OBJ(name,obj,buf,len)
+- X509_NAME *name;
+- ASN1_OBJECT *obj;
+- char *buf;
+- int len;
+- 	{
+- 	int i;
+- 	ASN1_STRING *data;
+  
+! 	i=X509_NAME_get_index_by_OBJ(name,obj,0);
+! 	if (i < 0) return(-1);
+! 	data=X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name,i));
+! 	i=(data->length > (len-1))?(len-1):data->length;
+! 	if (buf == NULL) return(data->length);
+! 	memcpy(buf,data->data,i);
+! 	buf[i]='\0';
+! 	return(i);
+! 	}
+  
+! int X509_NAME_entry_count(name)
+! X509_NAME *name;
+  	{
+! 	if (name == NULL) return(0);
+! 	return(sk_num(name->entries));
+  	}
+  
+! int X509_NAME_get_index_by_NID(name,nid,oldpos)
+! X509_NAME *name;
+! int nid;
+! int oldpos;
+! 	{
+! 	ASN1_OBJECT *obj;
+  
+! 	obj=OBJ_nid2obj(nid);
+! 	if (obj == NULL) return(-2);
+! 	return(X509_NAME_get_index_by_OBJ(name,obj,oldpos));
+  	}
+  
+- int X509_NAME_get_index_by_OBJ(name,obj,oldpos)
+- X509_NAME *name;
+- ASN1_OBJECT *obj;
+- int oldpos;
+- 	{
+- 	int n;
+- 	X509_NAME_ENTRY *ne;
+- 	STACK *sk;
+  
+! 	if (name == NULL) return(-1);
+! 	if (oldpos < 0)
+! 		oldpos= -1;
+! 	sk=name->entries;
+! 	n=sk_num(sk);
+! 	for (oldpos++; oldpos < n; oldpos++)
+  		{
+! 		ne=(X509_NAME_ENTRY *)sk_value(sk,oldpos);
+! 		if (OBJ_cmp(ne->object,obj) == 0)
+! 			return(oldpos);
+  		}
+! 	return(-1);
+  	}
+  
+- X509_NAME_ENTRY *X509_NAME_get_entry(name,loc)
+- X509_NAME *name;
+- int loc;
+- 	{
+- 	if (	(name == NULL) || (sk_num(name->entries) <= loc) || (loc < 0))
+- 		return(NULL);
+- 	else
+- 		return((X509_NAME_ENTRY *)sk_value(name->entries,loc));
+- 	}
+  
+! X509_NAME_ENTRY *X509_NAME_delete_entry(name,loc)
+! X509_NAME *name;
+! int loc;
+  	{
+! 	X509_NAME_ENTRY *ret;
+! 	int i,j,n,set_prev,set_next;
+! 	STACK *sk;
+! 
+! 	if ((name == NULL) || (sk_num(name->entries) <= loc) || (loc < 0))
+! 		return(NULL);
+! 	sk=name->entries;
+! 	ret=(X509_NAME_ENTRY *)sk_delete(sk,loc);
+! 	n=sk_num(sk);
+! 	name->modified=1;
+! 	if (loc == n) return(ret);
+! 
+! 	/* else we need to fixup the set field */
+! 	if (loc != 0)
+! 		set_prev=((X509_NAME_ENTRY *)sk_value(sk,loc-1))->set;
+! 	else
+! 		set_prev=ret->set-1;
+! 	set_next=((X509_NAME_ENTRY *)sk_value(sk,loc))->set;
+  
+! 	/* set_prev is the previous set
+! 	 * set is the current set
+! 	 * set_next is the following
+! 	 * prev  1 1	1 1	1 1	1 1
+! 	 * set   1	1	2	2
+! 	 * next  1 1	2 2	2 2	3 2
+! 	 * so basically only if prev and next differ by 2, then
+! 	 * re-number down by 1 */
+! 	if (set_prev+1 < set_next)
+! 		{
+! 		j=set_next-set_prev-1;
+! 		for (i=loc; i<n; i++)
+! 			((X509_NAME_ENTRY *)sk_value(sk,loc-1))->set-=j;
+! 		}
+! 	return(ret);
+  	}
+  
+  /* if set is -1, append to previous set, 0 'a new one', and 1,