Remove demos/tunala

This has been unmaintained for a long time. If it's still of interest
to anyone, it can be obtained easily enough by reverting this commit.
(It could join other demo code in some other repository, perhaps.) In
any case we don't want it taking up space in the baseline source
package, so <snip>.

Signed-off-by: Geoff Thorpe <geoff@openssl.org>

19 files changed, 0 insertions, 2818 deletions

diff --git a/demos/tunala/.cvsignore b/demos/tunala/.cvsignore
deleted file mode 100644
index f9eca981d2..0000000000
--- a/demos/tunala/.cvsignore
+++ /dev/null
@@ -1,4 +0,0 @@
-tunala
-
-*.flc
-semantic.cache
diff --git a/demos/tunala/A-client.pem b/demos/tunala/A-client.pem
deleted file mode 100644
index a4caf6ef8a..0000000000
--- a/demos/tunala/A-client.pem
+++ /dev/null
@@ -1,84 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 2 (0x2)
-        Signature Algorithm: md5WithRSAEncryption
-        Issuer: C=NZ, L=Wellington, O=Really Irresponsible Authorisation Authority (RIAA), OU=Cert-stamping, CN=Jackov al-Trades/Email=none@fake.domain
-        Validity
-            Not Before: Jan 16 05:19:30 2002 GMT
-            Not After : Jan 14 05:19:30 2012 GMT
-        Subject: C=NZ, L=Auckland, O=Mordor, OU=SSL grunt things, CN=tunala-client/Email=client@fake.domain
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-            RSA Public Key: (1024 bit)
-                Modulus (1024 bit):
-                    00:b0:d3:56:5c:c8:7f:fb:f4:95:9d:04:84:4f:82:
-                    b7:a2:75:5c:81:48:8c:56:5d:52:ee:38:e1:5c:c8:
-                    9a:70:8e:72:f2:00:1c:17:ef:df:b7:06:59:82:04:
-                    f1:f6:49:11:12:a6:4d:cb:1e:ed:ac:59:1c:4a:d0:
-                    3d:de:e6:f2:8d:cd:39:c2:0f:e0:46:2f:db:cb:9f:
-                    47:f7:56:e7:f8:16:5f:68:71:fb:3a:e3:ab:d2:e5:
-                    05:b7:da:65:61:fe:6d:30:e4:12:a8:b5:c1:71:24:
-                    6b:aa:80:05:41:17:a0:8b:6e:8b:e6:04:cf:85:7b:
-                    2a:ac:a1:79:7d:f4:96:6e:77
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            Netscape Comment: 
-                OpenSSL Generated Certificate
-            X509v3 Subject Key Identifier: 
-                F8:43:CB:4F:4D:4F:BC:6E:52:1A:FD:F9:7B:E1:12:3F:A7:A3:BA:93
-            X509v3 Authority Key Identifier: 
-                keyid:49:FB:45:72:12:C4:CC:E1:45:A1:D3:08:9E:95:C4:2C:6D:55:3F:17
-                DirName:/C=NZ/L=Wellington/O=Really Irresponsible Authorisation Authority (RIAA)/OU=Cert-stamping/CN=Jackov al-Trades/Email=none@fake.domain
-                serial:00
-
-    Signature Algorithm: md5WithRSAEncryption
-        8f:5f:0e:43:da:9d:61:43:7e:03:38:9a:e6:50:9d:42:e8:95:
-        34:49:75:ec:04:8d:5c:85:99:94:70:a0:e7:1f:1e:a0:8b:0f:
-        d6:e2:cb:f7:35:d9:96:72:bd:a6:e9:8d:4e:b1:e2:ac:97:7f:
-        2f:70:01:9d:aa:04:bc:d4:01:2b:63:77:a5:de:63:3c:a8:f5:
-        f2:72:af:ec:11:12:c0:d4:70:cf:71:a6:fb:e9:1d:b3:27:07:
-        aa:f2:b1:f3:87:d6:ab:8b:ce:c2:08:1b:3c:f9:ba:ff:77:71:
-        86:09:ef:9e:4e:04:06:63:44:e9:93:20:90:c7:2d:50:c6:50:
-        f8:66
------BEGIN CERTIFICATE-----
-MIID9TCCA16gAwIBAgIBAjANBgkqhkiG9w0BAQQFADCBtDELMAkGA1UEBhMCTlox
-EzARBgNVBAcTCldlbGxpbmd0b24xPDA6BgNVBAoTM1JlYWxseSBJcnJlc3BvbnNp
-YmxlIEF1dGhvcmlzYXRpb24gQXV0aG9yaXR5IChSSUFBKTEWMBQGA1UECxMNQ2Vy
-dC1zdGFtcGluZzEZMBcGA1UEAxMQSmFja292IGFsLVRyYWRlczEfMB0GCSqGSIb3
-DQEJARYQbm9uZUBmYWtlLmRvbWFpbjAeFw0wMjAxMTYwNTE5MzBaFw0xMjAxMTQw
-NTE5MzBaMIGHMQswCQYDVQQGEwJOWjERMA8GA1UEBxMIQXVja2xhbmQxDzANBgNV
-BAoTBk1vcmRvcjEZMBcGA1UECxMQU1NMIGdydW50IHRoaW5nczEWMBQGA1UEAxMN
-dHVuYWxhLWNsaWVudDEhMB8GCSqGSIb3DQEJARYSY2xpZW50QGZha2UuZG9tYWlu
-MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCw01ZcyH/79JWdBIRPgreidVyB
-SIxWXVLuOOFcyJpwjnLyABwX79+3BlmCBPH2SRESpk3LHu2sWRxK0D3e5vKNzTnC
-D+BGL9vLn0f3Vuf4Fl9ocfs646vS5QW32mVh/m0w5BKotcFxJGuqgAVBF6CLbovm
-BM+FeyqsoXl99JZudwIDAQABo4IBQDCCATwwCQYDVR0TBAIwADAsBglghkgBhvhC
-AQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFPhD
-y09NT7xuUhr9+XvhEj+no7qTMIHhBgNVHSMEgdkwgdaAFEn7RXISxMzhRaHTCJ6V
-xCxtVT8XoYG6pIG3MIG0MQswCQYDVQQGEwJOWjETMBEGA1UEBxMKV2VsbGluZ3Rv
-bjE8MDoGA1UEChMzUmVhbGx5IElycmVzcG9uc2libGUgQXV0aG9yaXNhdGlvbiBB
-dXRob3JpdHkgKFJJQUEpMRYwFAYDVQQLEw1DZXJ0LXN0YW1waW5nMRkwFwYDVQQD
-ExBKYWNrb3YgYWwtVHJhZGVzMR8wHQYJKoZIhvcNAQkBFhBub25lQGZha2UuZG9t
-YWluggEAMA0GCSqGSIb3DQEBBAUAA4GBAI9fDkPanWFDfgM4muZQnULolTRJdewE
-jVyFmZRwoOcfHqCLD9biy/c12ZZyvabpjU6x4qyXfy9wAZ2qBLzUAStjd6XeYzyo
-9fJyr+wREsDUcM9xpvvpHbMnB6rysfOH1quLzsIIGzz5uv93cYYJ755OBAZjROmT
-IJDHLVDGUPhm
------END CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-MIICXgIBAAKBgQCw01ZcyH/79JWdBIRPgreidVyBSIxWXVLuOOFcyJpwjnLyABwX
-79+3BlmCBPH2SRESpk3LHu2sWRxK0D3e5vKNzTnCD+BGL9vLn0f3Vuf4Fl9ocfs6
-46vS5QW32mVh/m0w5BKotcFxJGuqgAVBF6CLbovmBM+FeyqsoXl99JZudwIDAQAB
-AoGAU4chbqbPvkclPYzaq2yGLlneHrwUft+KwzlfS6L/QVgo+CQRIUWQmjaHpaGM
-YtjVFcg1S1QK1bUqZjTEZT0XKhfbYmqW8yYTfbcDEbnY7esoYlvIlW8qRlPRlTBE
-utKrtZafmVhLgoNawYGD0aLZofPqpYjbGUlrC7nrem2vNJECQQDVLD3Qb+OlEMET
-73ApnJhYsK3e+G2LTrtjrS8y5zS4+Xv61XUqvdV7ogzRl0tpvSAmMOItVyoYadkB
-S3xSIWX9AkEA1Fm1FhkQSZwGG5rf4c6gMN71jJ6JE3/kocdVa0sUjRevIupo4XQ2
-Vkykxi84MRP8cfHqyjewq7Ozv3op2MGWgwJBAKemsb66IJjzAkaBav7u70nhOf0/
-+Dc1Zl7QF2y7NVW8sGrnccx5m+ot2lMD4AV6/kvK6jaqdKrapBZGnbGiHqkCQQDI
-T1r33mqz1R8Z2S2Jtzz6/McKf930a/dC+GLGVEutkILf39lRmytKmv/wB0jtWtoO
-rlJ5sLDSNzC+1cE1u997AkEAu3IrtGmLKiuS6kDj6W47m+iiTIsuSJtTJb1SbUaK
-fIoBNFxbvJYW6rUU9+PxpMRaEhzh5s24/jBOE+mlb17mRQ==
------END RSA PRIVATE KEY-----
diff --git a/demos/tunala/A-server.pem b/demos/tunala/A-server.pem
deleted file mode 100644
index e9f37b1895..0000000000
--- a/demos/tunala/A-server.pem
+++ /dev/null
@@ -1,84 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 1 (0x1)
-        Signature Algorithm: md5WithRSAEncryption
-        Issuer: C=NZ, L=Wellington, O=Really Irresponsible Authorisation Authority (RIAA), OU=Cert-stamping, CN=Jackov al-Trades/Email=none@fake.domain
-        Validity
-            Not Before: Jan 16 05:14:06 2002 GMT
-            Not After : Jan 14 05:14:06 2012 GMT
-        Subject: C=NZ, L=Wellington, O=Middle Earth, OU=SSL dev things, CN=tunala-server/Email=server@fake.domain
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-            RSA Public Key: (1024 bit)
-                Modulus (1024 bit):
-                    00:a9:3e:62:87:97:13:6b:de:8f:bc:1d:0a:3f:65:
-                    0c:f9:76:a3:53:ce:97:30:27:0d:c6:df:72:1f:8d:
-                    5a:ce:58:23:6a:65:e5:e3:72:1a:8d:7f:fe:90:01:
-                    ea:42:f1:9f:6e:7b:0a:bd:eb:52:15:7b:f4:3d:9c:
-                    4e:db:74:29:2b:d1:81:9d:b9:9e:18:2b:87:e1:da:
-                    50:20:3c:59:6c:c9:83:3e:2c:11:0b:78:1e:03:f4:
-                    56:3a:db:95:6a:75:33:85:a9:7b:cc:3c:4a:67:96:
-                    f2:24:b2:a0:cb:2e:cc:52:18:16:6f:44:d9:29:64:
-                    07:2e:fb:56:cc:7c:dc:a2:d7
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            Netscape Comment: 
-                OpenSSL Generated Certificate
-            X509v3 Subject Key Identifier: 
-                70:AC:7A:B5:6E:97:C2:82:AF:11:9E:32:CB:8D:48:49:93:B7:DC:22
-            X509v3 Authority Key Identifier: 
-                keyid:49:FB:45:72:12:C4:CC:E1:45:A1:D3:08:9E:95:C4:2C:6D:55:3F:17
-                DirName:/C=NZ/L=Wellington/O=Really Irresponsible Authorisation Authority (RIAA)/OU=Cert-stamping/CN=Jackov al-Trades/Email=none@fake.domain
-                serial:00
-
-    Signature Algorithm: md5WithRSAEncryption
-        2e:cb:a3:cd:6d:a8:9d:d1:dc:e5:f0:e0:27:7e:4b:5a:90:a8:
-        85:43:f0:05:f7:04:43:d7:5f:d1:a5:8f:5c:58:eb:fc:da:c6:
-        7c:e0:0b:2b:98:72:95:f6:79:48:96:7a:fa:0c:6b:09:ec:c6:
-        8c:91:74:45:9f:8f:0f:16:78:e3:66:14:fa:1e:f4:f0:23:ec:
-        cd:a9:52:77:20:4d:c5:05:2c:52:b6:7b:f3:42:33:fd:90:1f:
-        3e:88:6f:9b:23:61:c8:80:3b:e6:57:84:2e:f7:26:c7:35:ed:
-        00:8b:08:30:9b:aa:21:83:b6:6d:b8:7c:8a:9b:2a:ef:79:3d:
-        96:31
------BEGIN CERTIFICATE-----
-MIID+zCCA2SgAwIBAgIBATANBgkqhkiG9w0BAQQFADCBtDELMAkGA1UEBhMCTlox
-EzARBgNVBAcTCldlbGxpbmd0b24xPDA6BgNVBAoTM1JlYWxseSBJcnJlc3BvbnNp
-YmxlIEF1dGhvcmlzYXRpb24gQXV0aG9yaXR5IChSSUFBKTEWMBQGA1UECxMNQ2Vy
-dC1zdGFtcGluZzEZMBcGA1UEAxMQSmFja292IGFsLVRyYWRlczEfMB0GCSqGSIb3
-DQEJARYQbm9uZUBmYWtlLmRvbWFpbjAeFw0wMjAxMTYwNTE0MDZaFw0xMjAxMTQw
-NTE0MDZaMIGNMQswCQYDVQQGEwJOWjETMBEGA1UEBxMKV2VsbGluZ3RvbjEVMBMG
-A1UEChMMTWlkZGxlIEVhcnRoMRcwFQYDVQQLEw5TU0wgZGV2IHRoaW5nczEWMBQG
-A1UEAxMNdHVuYWxhLXNlcnZlcjEhMB8GCSqGSIb3DQEJARYSc2VydmVyQGZha2Uu
-ZG9tYWluMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCpPmKHlxNr3o+8HQo/
-ZQz5dqNTzpcwJw3G33IfjVrOWCNqZeXjchqNf/6QAepC8Z9uewq961IVe/Q9nE7b
-dCkr0YGduZ4YK4fh2lAgPFlsyYM+LBELeB4D9FY625VqdTOFqXvMPEpnlvIksqDL
-LsxSGBZvRNkpZAcu+1bMfNyi1wIDAQABo4IBQDCCATwwCQYDVR0TBAIwADAsBglg
-hkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0O
-BBYEFHCserVul8KCrxGeMsuNSEmTt9wiMIHhBgNVHSMEgdkwgdaAFEn7RXISxMzh
-RaHTCJ6VxCxtVT8XoYG6pIG3MIG0MQswCQYDVQQGEwJOWjETMBEGA1UEBxMKV2Vs
-bGluZ3RvbjE8MDoGA1UEChMzUmVhbGx5IElycmVzcG9uc2libGUgQXV0aG9yaXNh
-dGlvbiBBdXRob3JpdHkgKFJJQUEpMRYwFAYDVQQLEw1DZXJ0LXN0YW1waW5nMRkw
-FwYDVQQDExBKYWNrb3YgYWwtVHJhZGVzMR8wHQYJKoZIhvcNAQkBFhBub25lQGZh
-a2UuZG9tYWluggEAMA0GCSqGSIb3DQEBBAUAA4GBAC7Lo81tqJ3R3OXw4Cd+S1qQ
-qIVD8AX3BEPXX9Glj1xY6/zaxnzgCyuYcpX2eUiWevoMawnsxoyRdEWfjw8WeONm
-FPoe9PAj7M2pUncgTcUFLFK2e/NCM/2QHz6Ib5sjYciAO+ZXhC73Jsc17QCLCDCb
-qiGDtm24fIqbKu95PZYx
------END CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQCpPmKHlxNr3o+8HQo/ZQz5dqNTzpcwJw3G33IfjVrOWCNqZeXj
-chqNf/6QAepC8Z9uewq961IVe/Q9nE7bdCkr0YGduZ4YK4fh2lAgPFlsyYM+LBEL
-eB4D9FY625VqdTOFqXvMPEpnlvIksqDLLsxSGBZvRNkpZAcu+1bMfNyi1wIDAQAB
-AoGANCwqHZhiAU/TyW6+WPqivEhpYw19p/dyFMuPF9DwnEmpaUROUQY8z0AUznn4
-qHhp6Jn/nrprTHowucl0ucweYIYVxZoUiUDFpxdFUbzMdFvo6HcyV1Pe4Rt81HaY
-KYWrTZ6PaPtN65hLms8NhPEdGcGAFlY1owYv4QNGq2bU1JECQQDd32LM0NSfyGmK
-4ziajqGcvzK9NO2XyV/nJsGlJZNgMh2zm1t7yR28l/6Q2uyU49cCN+2aYULZCAfs
-taNvxBspAkEAw0alNub+xj2AVQvaxOB1sGfKzsJjHCzKIxUXn/tJi3j0+2asmkBZ
-Umx1MWr9jKQBnCMciCRUbnMEZiElOxCN/wJAfAeQl6Z19gx206lJzzzEo3dOye54
-k02DSxijT8q9pBzf9bN3ZK987BybtiZr8p+bZiYVsSOF1wViSLURdD1QYQJAIaMU
-qH1n24wShBPTrmAfxbBLTgxL+Dl65Eoo1KT7iSvfv0JzbuqwuDL4iPeuD0DdCiE+
-M/FWHeRwGIuTFzaFzwJBANKwx0jZS/h093w9g0Clw6UzeA1P5VcAt9y+qMC9hO3c
-4KXwIxQAt9yRaFLpiIR9do5bjjKNnMguf3aO/XRSDQM=
------END RSA PRIVATE KEY-----
diff --git a/demos/tunala/CA.pem b/demos/tunala/CA.pem
deleted file mode 100644
index 7a55b5463e..0000000000
--- a/demos/tunala/CA.pem
+++ /dev/null
@@ -1,24 +0,0 @@
------BEGIN CERTIFICATE-----
-MIID9zCCA2CgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBtDELMAkGA1UEBhMCTlox
-EzARBgNVBAcTCldlbGxpbmd0b24xPDA6BgNVBAoTM1JlYWxseSBJcnJlc3BvbnNp
-YmxlIEF1dGhvcmlzYXRpb24gQXV0aG9yaXR5IChSSUFBKTEWMBQGA1UECxMNQ2Vy
-dC1zdGFtcGluZzEZMBcGA1UEAxMQSmFja292IGFsLVRyYWRlczEfMB0GCSqGSIb3
-DQEJARYQbm9uZUBmYWtlLmRvbWFpbjAeFw0wMjAxMTYwNTA5NTlaFw0xMjAxMTQw
-NTA5NTlaMIG0MQswCQYDVQQGEwJOWjETMBEGA1UEBxMKV2VsbGluZ3RvbjE8MDoG
-A1UEChMzUmVhbGx5IElycmVzcG9uc2libGUgQXV0aG9yaXNhdGlvbiBBdXRob3Jp
-dHkgKFJJQUEpMRYwFAYDVQQLEw1DZXJ0LXN0YW1waW5nMRkwFwYDVQQDExBKYWNr
-b3YgYWwtVHJhZGVzMR8wHQYJKoZIhvcNAQkBFhBub25lQGZha2UuZG9tYWluMIGf
-MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC7QdDfFIrJn3X24hKmpkyk3TG0Ivxd
-K2wWmDPXq1wjr8lUTwrA6hM5Ba9N36jLieWpXhviLOWu9DBza5GmtgCuXloATKTC
-94xOdKHlciTVujG3wDlLDB5e710Kar84nnj6VueL1RyZ0bmP5PANa4mbGW9Tqc7J
-CkBTTW2y9d0SgQIDAQABo4IBFTCCAREwHQYDVR0OBBYEFEn7RXISxMzhRaHTCJ6V
-xCxtVT8XMIHhBgNVHSMEgdkwgdaAFEn7RXISxMzhRaHTCJ6VxCxtVT8XoYG6pIG3
-MIG0MQswCQYDVQQGEwJOWjETMBEGA1UEBxMKV2VsbGluZ3RvbjE8MDoGA1UEChMz
-UmVhbGx5IElycmVzcG9uc2libGUgQXV0aG9yaXNhdGlvbiBBdXRob3JpdHkgKFJJ
-QUEpMRYwFAYDVQQLEw1DZXJ0LXN0YW1waW5nMRkwFwYDVQQDExBKYWNrb3YgYWwt
-VHJhZGVzMR8wHQYJKoZIhvcNAQkBFhBub25lQGZha2UuZG9tYWluggEAMAwGA1Ud
-EwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAYQo95V/NY+eKxYxkhibZiUQygph+
-gTfgbDG20MsnH6+8//w5ArHauFCgDrf0P2VyACgq+N4pBTWFGaAaLwbjKy9HCe2E
-j9C91tO1CqDS4MJkDB5AP13FTkK6fP1ZCiTQranOAp3DlGWTTWsFVyW5kVfQ9diS
-ZOyJZ9Fit5XM2X0=
------END CERTIFICATE-----
diff --git a/demos/tunala/INSTALL b/demos/tunala/INSTALL
deleted file mode 100644
index a65bbeb8d1..0000000000
--- a/demos/tunala/INSTALL
+++ /dev/null
@@ -1,107 +0,0 @@
-There are two ways to build this code;
-
-(1) Manually
-
-(2) Using all-singing all-dancing (all-confusing) autotools, ie. autoconf,
-automake, and their little friends (autoheader, etc).
-
-=================
-Building Manually
-=================
-
-There is a basic "Makefile" in this directory that gets moved out of the way and
-ignored when building with autoconf et al. This Makefile is suitable for
-building tunala on Linux using gcc. Any other platform probably requires some
-tweaking. Here are the various bits you might need to do if you want to build
-this way and the default Makefile isn't sufficient;
-
-* Compiler: Edit the "CC" definition in Makefile
-
-* Headers, features: tunala.h controls what happens in the non-autoconf world.
-  It, by default, assumes the system has *everything* (except autoconf's
-  "config.h") so if a target system is missing something it must define the
-  appropriate "NO_***" symbols in CFLAGS. These include;
-
-  - NO_HAVE_UNISTD_H, NO_HAVE_FCNTL_H, NO_HAVE_LIMITS_H
-    Indicates the compiling system doesn't have (or need) these header files.
-  - NO_HAVE_STRSTR, NO_HAVE_STRTOUL
-    Indicates the compiling system doesn't have these functions. Replacements
-    are compiled and used in breakage.c
-  - NO_HAVE_SELECT, NO_HAVE_SOCKET
-    Pointless symbols - these indicate select() and/or socket() are missing in
-    which case the program won't compile anyway.
-
-  If you want to specify any of these, add them with "-D" prefixed to each in
-  the CFLAGS definition in Makefile.
-
-* Compilation flags: edit DEBUG_FLAGS and/or CFLAGS directly to control the
-  flags passed to the compiler. This can also be used to change the degree of
-  optimisation.
-
-* Linker flags: some systems (eg. Solaris) require extra linker flags such as;
-  -ldl, -lsocket, -lnsl, etc. If unsure, bring up the man page for whichever
-  function is "undefined" when the linker fails - that usually indicates what
-  you need to add. Make changes to the LINK_FLAGS symbol.
-
-* Linker command: if a different linker syntax or even a different program is
-  required to link, edit the linker line directly in the "tunala:" target
-  definition - it currently assumes the "CC" (compiler) program is used to link.
-
-======================
-Building Automagically
-======================
-
-Automagic building is handled courtesy of autoconf, automake, etc. There are in
-fact two steps required to build, and only the first has to be done on a system
-with these tools installed (and if I was prepared to bloat out the CVS
-repository, I could store these extra files, but I'm not).
-
-First step: "autogunk.sh"
--------------------------
-
-The "./autogunk.sh" script will call all the necessary autotool commands to
-create missing files and run automake and autoconf. The result is that a
-"./configure" script should be generated and a "Makefile.in" generated from the
-supplied "Makefile.am". NB: This script also moves the "manual" Makefile (see
-above) out of the way and calls it "Makefile.plain" - the "ungunk" script
-reverses this to leave the directory it was previously.
-
-Once "ungunk" has been run, the resulting directory should be able to build on
-other systems without autoconf, automake, or libtool. Which is what the second
-step describes;
-
-Second step: "./configure"
---------------------------
-
-The second step is to run the generated "./configure" script to create a
-config.h header for your system and to generate a "Makefile" (generated from
-"Makefile.in") tweaked to compile on your system. This is the standard sort of
-thing you see in GNU packages, for example, and the standard tricks also work.
-Eg. to override "configure"'s choice of compiler, set the CC environment
-variable prior to running configure, eg.
-
-    CC=gcc ./configure
-
-would cause "gcc" to be used even if there is an otherwise preferable (to
-autoconf) native compiler on your system.
-
-After this run "make" and it should build the "tunala" executable.
-
-Notes
------
-
-- Some versions of autoconf (or automake?) generate a Makefile syntax that gives
-  trouble to some "make" programs on some systems (eg. OpenBSD). If this
-  happens, either build 'Manually' (see above) or use "gmake" instead of "make".
-  I don't like this either but like even less the idea of sifting into all the
-  script magic crud that's involved.
-
-- On a solaris system I tried, the "configure" script specified some broken
-  compiler flags in the resulting Makefile that don't even get echoed to
-  stdout/err when the error happens (evil!). If this happens, go into the
-  generated Makefile, find the two affected targets ("%.o:" and "%.lo"), and
-  remove the offending hidden option in the $(COMPILE) line all the sludge after
-  the two first lines of script (ie. after the "echo" and the "COMPILE" lines).
-  NB: This will probably only function if "--disable-shared" was used, otherwise
-  who knows what would result ...
-
diff --git a/demos/tunala/Makefile b/demos/tunala/Makefile
deleted file mode 100644
index bef1704a3c..0000000000
--- a/demos/tunala/Makefile
+++ /dev/null
@@ -1,41 +0,0 @@
-# Edit these to suit
-#
-# Oh yeah, and please read the README too.
-
-
-SSL_HOMEDIR=../..
-SSL_INCLUDEDIR=$(SSL_HOMEDIR)/include
-SSL_LIBDIR=$(SSL_HOMEDIR)
-
-RM=rm -f
-CC=gcc
-DEBUG_FLAGS=-g -ggdb3 -Wall -Wshadow
-INCLUDE_FLAGS=-I$(SSL_INCLUDEDIR)
-CFLAGS=$(DEBUG_FLAGS) $(INCLUDE_FLAGS) -DNO_CONFIG_H
-COMPILE=$(CC) $(CFLAGS) -c
-
-# Edit, particularly the "-ldl" if not building with "dlfcn" support
-LINK_FLAGS=-L$(SSL_LIBDIR) -lssl -lcrypto -ldl
-
-SRCS=buffer.c cb.c ip.c sm.c tunala.c breakage.c
-OBJS=buffer.o cb.o ip.o sm.o tunala.o breakage.o
-
-TARGETS=tunala
-
-default: $(TARGETS)
-
-clean:
-	$(RM) $(OBJS) $(TARGETS) *.bak core
-
-.c.o:
-	$(COMPILE) $<
-
-tunala: $(OBJS)
-	$(CC) -o tunala $(OBJS) $(LINK_FLAGS)
-
-# Extra dependencies, should really use makedepend
-buffer.o: buffer.c tunala.h
-cb.o: cb.c tunala.h
-ip.o: ip.c tunala.h
-sm.o: sm.c tunala.h
-tunala.o: tunala.c tunala.h
diff --git a/demos/tunala/Makefile.am b/demos/tunala/Makefile.am
deleted file mode 100644
index 706c7806c9..0000000000
--- a/demos/tunala/Makefile.am
+++ /dev/null
@@ -1,7 +0,0 @@
-# Our includes come from the OpenSSL build-tree we're in
-INCLUDES		= -I$(top_builddir)/../../include
-
-bin_PROGRAMS		= tunala
-
-tunala_SOURCES		= tunala.c buffer.c cb.c ip.c sm.c breakage.c
-tunala_LDADD		= -L$(top_builddir)/../.. -lssl -lcrypto
diff --git a/demos/tunala/README b/demos/tunala/README
deleted file mode 100644
index 15690088f3..0000000000
--- a/demos/tunala/README
+++ /dev/null
@@ -1,233 +0,0 @@
-This is intended to be an example of a state-machine driven SSL application. It
-acts as an SSL tunneler (functioning as either the server or client half,
-depending on command-line arguments). *PLEASE* read the comments in tunala.h
-before you treat this stuff as anything more than a curiosity - YOU HAVE BEEN
-WARNED!! There, that's the draconian bit out of the way ...
-
-
-Why "tunala"??
---------------
-
-I thought I asked you to read tunala.h?? :-)
-
-
-Show me
--------
-
-If you want to simply see it running, skip to the end and see some example
-command-line arguments to demonstrate with.
-
-
-Where to look and what to do?
------------------------------
-
-The code is split up roughly coinciding with the detaching of an "abstract" SSL
-state machine (which is the purpose of all this) and its surrounding application
-specifics. This is primarily to make it possible for me to know when I could cut
-corners and when I needed to be rigorous (or at least maintain the pretense as
-such :-).
-
-Network stuff:
-
-Basically, the network part of all this is what is supposed to be abstracted out
-of the way. The intention is to illustrate one way to stick OpenSSL's mechanisms
-inside a little memory-driven sandbox and operate it like a pure state-machine.
-So, the network code is inside both ip.c (general utility functions and gory
-IPv4 details) and tunala.c itself, which takes care of application specifics
-like the main select() loop. The connectivity between the specifics of this
-application (TCP/IP tunneling and the associated network code) and the
-underlying abstract SSL state machine stuff is through the use of the "buffer_t"
-type, declared in tunala.h and implemented in buffer.c.
-
-State machine:
-
-Which leaves us, generally speaking, with the abstract "state machine" code left
-over and this is sitting inside sm.c, with declarations inside tunala.h. As can
-be seen by the definition of the state_machine_t structure and the associated
-functions to manipulate it, there are the 3 OpenSSL "handles" plus 4 buffer_t
-structures dealing with IO on both the encrypted and unencrypted sides ("dirty"
-and "clean" respectively). The "SSL" handle is what facilitates the reading and
-writing of the unencrypted (tunneled) data. The two "BIO" handles act as the
-read and write channels for encrypted tunnel traffic - in other applications
-these are often socket BIOs so that the OpenSSL framework operates with the
-network layer directly. In this example, those two BIOs are memory BIOs
-(BIO_s_mem()) so that the sending and receiving of the tunnel traffic stays
-within the state-machine, and we can handle where this gets send to (or read
-from) ourselves.
-
-
-Why?
-----
-
-If you take a look at the "state_machine_t" section of tunala.h and the code in
-sm.c, you will notice that nothing related to the concept of 'transport' is
-involved. The binding to TCP/IP networking occurs in tunala.c, specifically
-within the "tunala_item_t" structure that associates a state_machine_t object
-with 4 file-descriptors. The way to best see where the bridge between the
-outside world (TCP/IP reads, writes, select()s, file-descriptors, etc) and the
-state machine is, is to examine the "tunala_item_io()" function in tunala.c.
-This is currently around lines 641-732 but of course could be subject to change.
-
-
-And...?
--------
-
-Well, although that function is around 90 lines of code, it could easily have
-been a lot less only I was trying to address an easily missed "gotcha" (item (2)
-below). The main() code that drives the select/accept/IO loop initialises new
-tunala_item_t structures when connections arrive, and works out which
-file-descriptors go where depending on whether we're an SSL client or server
-(client --> accepted connection is clean and proxied is dirty, server -->
-accepted connection is dirty and proxied is clean). What that tunala_item_io()
-function is attempting to do is 2 things;
-
-  (1) Perform all reads and writes on the network directly into the
-      state_machine_t's buffers (based on a previous select() result), and only
-      then allow the abstact state_machine_t to "churn()" using those buffers.
-      This will cause the SSL machine to consume as much input data from the two
-      "IN" buffers as possible, and generate as much output data into the two
-      "OUT" buffers as possible. Back up in the main() function, the next main
-      loop loop will examine these output buffers and select() for writability
-      on the corresponding sockets if the buffers are non-empty.
-
-  (2) Handle the complicated tunneling-specific issue of cascading "close"s.
-      This is the reason for most of the complexity in the logic - if one side
-      of the tunnel is closed, you can't simply close the other side and throw
-      away the whole thing - (a) there may still be outgoing data on the other
-      side of the tunnel that hasn't been sent yet, (b) the close (or things
-      happening during the close) may cause more data to be generated that needs
-      sending on the other side. Of course, this logic is complicated yet futher
-      by the fact that it's different depending on which side closes first :-)
-      state_machine_close_clean() will indicate to the state machine that the
-      unencrypted side of the tunnel has closed, so any existing outgoing data
-      needs to be flushed, and the SSL stream needs to be closed down using the
-      appropriate shutdown sequence. state_machine_close_dirty() is simpler
-      because it indicates that the SSL stream has been disconnected, so all
-      that remains before closing the other side is to flush out anything that
-      remains and wait for it to all be sent.
-
-Anyway, with those things in mind, the code should be a little easier to follow
-in terms of "what is *this* bit supposed to achieve??!!".
-
-
-How might this help?
---------------------
-
-Well, the reason I wrote this is that there seemed to be rather a flood of
-questions of late on the openssl-dev and openssl-users lists about getting this
-whole IO logic thing sorted out, particularly by those who were trying to either
-use non-blocking IO, or wanted SSL in an environment where "something else" was
-handling the network already and they needed to operate in memory only. This
-code is loosely based on some other stuff I've been working on, although that
-stuff is far more complete, far more dependant on a whole slew of other
-network/framework code I don't want to incorporate here, and far harder to look
-at for 5 minutes and follow where everything is going. I will be trying over
-time to suck in a few things from that into this demo in the hopes it might be
-more useful, and maybe to even make this demo usable as a utility of its own.
-Possible things include:
-
-  * controlling multiple processes/threads - this can be used to combat
-    latencies and get passed file-descriptor limits on some systems, and it uses
-    a "controller" process/thread that maintains IPC links with the
-    processes/threads doing the real work.
-
-  * cert verification rules - having some say over which certs get in or out :-)
-
-  * control over SSL protocols and cipher suites
-
-  * A few other things you can already do in s_client and s_server :-)
-
-  * Support (and control over) session resuming, particularly when functioning
-    as an SSL client.
-
-If you have a particular environment where this model might work to let you "do
-SSL" without having OpenSSL be aware of the transport, then you should find you
-could use the state_machine_t structure (or your own variant thereof) and hook
-it up to your transport stuff in much the way tunala.c matches it up with those
-4 file-descriptors. The state_machine_churn(), state_machine_close_clean(), and
-state_machine_close_dirty() functions are the main things to understand - after
-that's done, you just have to ensure you're feeding and bleeding the 4
-state_machine buffers in a logical fashion. This state_machine loop handles not
-only handshakes and normal streaming, but also renegotiates - there's no special
-handling required beyond keeping an eye on those 4 buffers and keeping them in
-sync with your outer "loop" logic. Ie. if one of the OUT buffers is not empty,
-you need to find an opportunity to try and forward its data on. If one of the IN
-buffers is not full, you should keep an eye out for data arriving that should be
-placed there.
-
-This approach could hopefully also allow you to run the SSL protocol in very
-different environments. As an example, you could support encrypted event-driven
-IPC where threads/processes pass messages to each other inside an SSL layer;
-each IPC-message's payload would be in fact the "dirty" content, and the "clean"
-payload coming out of the tunnel at each end would be the real intended message.
-Likewise, this could *easily* be made to work across unix domain sockets, or
-even entirely different network/comms protocols.
-
-This is also a quick and easy way to do VPN if you (and the remote network's
-gateway) support virtual network devices that are encapsulted in a single
-network connection, perhaps PPP going through an SSL tunnel?
-
-
-Suggestions
------------
-
-Please let me know if you find this useful, or if there's anything wrong or
-simply too confusing about it. Patches are also welcome, but please attach a
-description of what it changes and why, and "diff -urN" format is preferred.
-Mail to geoff@openssl.org should do the trick.
-
-
-Example
--------
-
-Here is an example of how to use "tunala" ...
-
-First, it's assumed that OpenSSL has already built, and that you are building
-inside the ./demos/tunala/ directory. If not - please correct the paths and
-flags inside the Makefile. Likewise, if you want to tweak the building, it's
-best to try and do so in the makefile (eg. removing the debug flags and adding
-optimisation flags).
-
-Secondly, this code has mostly only been tested on Linux. However, some
-autoconf/etc support has been added and the code has been compiled on openbsd
-and solaris using that.
-
-Thirdly, if you are Win32, you probably need to do some *major* rewriting of
-ip.c to stand a hope in hell. Good luck, and please mail me the diff if you do
-this, otherwise I will take a look at another time. It can certainly be done,
-but it's very non-POSIXy.
-
-See the INSTALL document for details on building.
-
-Now, if you don't have an executable "tunala" compiled, go back to "First,...".
-Rinse and repeat.
-
-Inside one console, try typing;
-
-(i)  ./tunala -listen localhost:8080 -proxy localhost:8081 -cacert CA.pem \
-              -cert A-client.pem -out_totals -v_peer -v_strict
-
-In another console, type;
-
-(ii) ./tunala -listen localhost:8081 -proxy localhost:23 -cacert CA.pem \
-              -cert A-server.pem -server 1 -out_totals -v_peer -v_strict
-
-Now if you open another console and "telnet localhost 8080", you should be
-tunneled through to the telnet service on your local machine (if it's running -
-you could change it to port "22" and tunnel ssh instead if you so desired). When
-you logout of the telnet session, the tunnel should cleanly shutdown and show
-you some traffic stats in both consoles. Feel free to experiment. :-)
-
-Notes:
-
- - the format for the "-listen" argument can skip the host part (eg. "-listen
-   8080" is fine). If you do, the listening socket will listen on all interfaces
-   so you can connect from other machines for example. Using the "localhost"
-   form listens only on 127.0.0.1 so you can only connect locally (unless, of
-   course, you've set up weird stuff with your networking in which case probably
-   none of the above applies).
-
- - ./tunala -? gives you a list of other command-line options, but tunala.c is
-   also a good place to look :-)
-
-
diff --git a/demos/tunala/autogunk.sh b/demos/tunala/autogunk.sh
deleted file mode 100755
index c9783c6261..0000000000
--- a/demos/tunala/autogunk.sh
+++ /dev/null
@@ -1,25 +0,0 @@
-#!/bin/sh
-
-# This script tries to follow the "GNU way" w.r.t. the autobits.
-# This does of course generate a number of irritating files.
-# Try to get over it (I am getting there myself).
-
-# This should generate any missing crud, and then run autoconf which should turn
-# configure.in into a "./configure" script and "Makefile.am" into a
-# "Makefile.in". Then running "./configure" should turn "Makefile.in" into
-# "Makefile" and should generate the config.h containing your systems various
-# settings. I know ... what a hassle ...
-
-# Also, sometimes these autobits things generate bizarre output (looking like
-# errors). So I direct everything "elsewhere" ...
-
-(aclocal
-autoheader
-libtoolize --copy --force
-automake --foreign --add-missing --copy
-autoconf) 1> /dev/null 2>&1
-
-# Move the "no-autotools" Makefile out of the way
-if test ! -f Makefile.plain; then
-	mv Makefile Makefile.plain
-fi
diff --git a/demos/tunala/autoungunk.sh b/demos/tunala/autoungunk.sh
deleted file mode 100755
index 21790880d7..0000000000
--- a/demos/tunala/autoungunk.sh
+++ /dev/null
@@ -1,19 +0,0 @@
-#!/bin/sh
-
-# This script tries to clean up as much as is possible from whatever diabolical
-# mess has been left in the directory thanks to autoconf, automake, and their
-# friends.
-
-if test -f Makefile.plain; then
-	if test -f Makefile; then
-		make distclean
-	fi
-	mv Makefile.plain Makefile
-else
-	make clean
-fi
-
-rm -f aclocal.m4 config.* configure install-sh \
-	missing mkinstalldirs stamp-h.* Makefile.in \
-	ltconfig ltmain.sh depcomp
-rm -rf autom4te.cache
diff --git a/demos/tunala/breakage.c b/demos/tunala/breakage.c
deleted file mode 100644
index dcdd64b0ef..0000000000
--- a/demos/tunala/breakage.c
+++ /dev/null
@@ -1,66 +0,0 @@
-#include "tunala.h"
-
-int int_strtoul(const char *str, unsigned long *val)
-{
-#ifdef HAVE_STRTOUL
-	char *tmp;
-	unsigned long ret = strtoul(str, &tmp, 10);
-	if((str == tmp) || (*tmp != '\0'))
-		/* The value didn't parse cleanly */
-		return 0;
-	if(ret == ULONG_MAX)
-		/* We hit a limit */
-		return 0;
-	*val = ret;
-	return 1;
-#else
-	char buf[2];
-	unsigned long ret = 0;
-	buf[1] = '\0';
-	if(str == '\0')
-		/* An empty string ... */
-		r