2019-12-31  Juan Manuel Guerrero  <juan.guerrero@gmx.de>

	* Configure:  -march=i386 -mtune=i586 flags added to CFLAGS.
	Added DJGPP_DEBUG flag to CFLAGS.
	Adjust openssldir for DJGPP.

	* crypto/rand/rand_unix.c [OPENSSL_SYS_MSDOS]:  New DJGPP specific
	function RAND_poll to replace the unix version used previously.
	As the unix one it uses /dev/urandom or/dev/random as entropy source.
	If this fails it tries generate psuedo entropy using rand48 and
	rawclock data as seed.
	This code exists only for debugging purposes!!!  It is selected by
	defining the DJGPP_DEBUG macro in the Configure script.

	* demos/bio/Makefile:  -march=i386 -mtune=i586 flags added to CFLAGS.

	* demos/prime/Makefile:  -march=i386 -mtune=i586 flags added to CFLAGS.

	* demos/sign/Makefile:  -march=i386 -mtune=i586 flags added to CFLAGS.

	* demos/state_machine/Makefile:  -march=i386 -mtune=i586 flags added
	to CFLAGS.

	* demos/state_machine/Makefile:  Adjust for use with DJGPP.

	* tools/Makefile:  Add INSTALL_OPENSSLDIR to variable list to pass to
	recursive makefiles.

	* apps/Makefile:  Add INSTALL_OPENSSLDIR to variable list to pass to
	recursive makefiles.

	* Makefile.org:  Use INSTALL_OPENSSLDIR, INSTALL_MANDIR and
	INSTALL_HTMLDIR for installing into DJGPP installation tree.

	* demos/bio/Makefile:  Adjust for use with DJGPP.

	* demos/prime/Makefile:  Adjust for use with DJGPP.

	* demos/sign/Makefile:  Adjust for use with DJGPP.








diff -aprNU5 openssl-1.0.2u.orig/apps/Makefile openssl-1.0.2u/apps/Makefile
--- openssl-1.0.2u.orig/apps/Makefile	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/apps/Makefile	2019-12-31 12:24:24 +0000
@@ -110,17 +110,17 @@ install:
 	 mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \
 	 done;
 	@set -e; for i in $(SCRIPTS); \
 	do  \
 	(echo installing $$i; \
-	 cp $$i $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \
-	 chmod 755 $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \
-	 mv -f $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i ); \
+	 cp $$i $(INSTALL_PREFIX)$(INSTALL_OPENSSLDIR)/misc/$$i.new; \
+	 chmod 755 $(INSTALL_PREFIX)$(INSTALL_OPENSSLDIR)/misc/$$i.new; \
+	 mv -f $(INSTALL_PREFIX)$(INSTALL_OPENSSLDIR)/misc/$$i.new $(INSTALL_PREFIX)$(INSTALL_OPENSSLDIR)/misc/$$i ); \
 	 done
-	@cp openssl.cnf $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new; \
-	chmod 644 $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new; \
-	mv -f  $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf
+	@cp openssl.cnf $(INSTALL_PREFIX)$(INSTALL_OPENSSLDIR)/openssl.cnf.new; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALL_OPENSSLDIR)/openssl.cnf.new; \
+	mv -f  $(INSTALL_PREFIX)$(INSTALL_OPENSSLDIR)/openssl.cnf.new $(INSTALL_PREFIX)$(INSTALL_OPENSSLDIR)/openssl.cnf
 
 tags:
 	ctags $(SRC)
 
 tests:
diff -aprNU5 openssl-1.0.2u.orig/Configure openssl-1.0.2u/Configure
--- openssl-1.0.2u.orig/Configure	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/Configure	2019-12-31 12:24:24 +0000
@@ -633,11 +633,16 @@ my %table=(
 "netware-libc-bsdsock", "mwccnlm::::::BN_LLONG ${x86_gcc_opts}::",
 "netware-libc-gcc", "i586-netware-gcc:-nostdinc -I/ndk/libc/include -I/ndk/libc/include/winsock -DL_ENDIAN -DNETWARE_LIBC -DOPENSSL_SYSNAME_NETWARE -DTERMIO -O2 -Wall:::::BN_LLONG ${x86_gcc_opts}::",
 "netware-libc-bsdsock-gcc", "i586-netware-gcc:-nostdinc -I/ndk/libc/include -DNETWARE_BSDSOCK -DL_ENDIAN -DNETWARE_LIBC -DOPENSSL_SYSNAME_NETWARE -DTERMIO -O2 -Wall:::::BN_LLONG ${x86_gcc_opts}::",
 
 # DJGPP
-"DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIO -DL_ENDIAN -fomit-frame-pointer -O2 -Wall:::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:",
+# This is for gcc 4.3.0 or higher.
+"DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fgnu89-inline -march=i386 -mtune=i586 -fomit-frame-pointer -O2 -Wall:::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:",
+# This is other versions.
+#"DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -march=i386 -mtune=i586 -fomit-frame-pointer -O2 -Wall:::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:",
+# This is for debugging purposes.
+#"DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fgnu89-inline -march=i386 -mtune=i586 -save-temps -O0 -g2 -Wall:::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:",
 
 # Ultrix from Bernhard Simon <simon@zid.tuwien.ac.at>
 "ultrix-cc","cc:-std1 -O -Olimit 2500 -DL_ENDIAN::(unknown):::::::",
 "ultrix-gcc","gcc:-O3 -DL_ENDIAN::(unknown):::BN_LLONG::::",
 # K&R C is no longer supported; you need gcc on old Ultrix installations
@@ -1207,12 +1212,17 @@ my $make = $ENV{'MAKE'} || "make";
 $cross_compile_prefix=$ENV{'CROSS_COMPILE'} if $cross_compile_prefix eq "";
 
 chop $openssldir if $openssldir =~ /\/$/;
 chop $prefix if $prefix =~ /.\/$/;
 
-$openssldir=$prefix . "/ssl" if $openssldir eq "";
-$openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/])/;
+if ($^O eq 'dos') {
+  # For DJGPP.
+  $openssldir=$prefix . "/share/ssl" if $openssldir eq "";
+} else {
+  $openssldir=$prefix . "/ssl" if $openssldir eq "";
+  $openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/])/;
+}
 
 
 print "IsMK1MF=$IsMK1MF\n";
 
 my @fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
@@ -1746,10 +1756,14 @@ while (<IN>)
 		s/^AR=\s*ar/AR= $ar/;
 		s/^RANLIB=.*/RANLIB= $ranlib/;
 		s/^RC=.*/RC= $windres/;
 		s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $cc_as_makedepend;
 		}
+#	if ($target =~ /^DJGPP/)
+#	{
+#		s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $cc eq "gcc";
+#	}
 	s/^CFLAG=.*$/CFLAG= $cflags/;
 	s/^DEPFLAG=.*$/DEPFLAG=$depflags/;
 	s/^PEX_LIBS=.*$/PEX_LIBS= $prelflags/;
 	s/^EX_LIBS=.*$/EX_LIBS= $lflags/;
 	s/^EXE_EXT=.*$/EXE_EXT= $exe_ext/;
diff -aprNU5 openssl-1.0.2u.orig/crypto/rand/rand_unix.c openssl-1.0.2u/crypto/rand/rand_unix.c
--- openssl-1.0.2u.orig/crypto/rand/rand_unix.c	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/crypto/rand/rand_unix.c	2019-12-31 12:24:24 +0000
@@ -220,10 +220,176 @@ int RAND_poll(void)
         RAND_add(&v, sizeof(v), 1);
         v = 0;
     }
     return 1;
 }
+# elif defined(DJGPP_DEBUG)
+/*
+# elif defined(OPENSSL_SYS_MSDOS)
+*/
+int RAND_poll(void)
+{
+    unsigned long l;
+    pid_t curr_pid = getpid();
+#  if defined(DEVRANDOM)
+    unsigned char tmpbuf[ENTROPY_NEEDED];
+    int n = 0;
+#  endif
+#  ifdef DEVRANDOM
+    static const char *randomfiles[] = { DEVRANDOM };
+    struct stat randomstats[sizeof(randomfiles) / sizeof(randomfiles[0])];
+    int fd;
+    unsigned int i;
+#  endif
+
+#  ifdef DEVRANDOM
+    memset(randomstats, 0, sizeof(randomstats));
+    /*
+     * Use a random entropy pool device. Linux, FreeBSD and OpenBSD have
+     * this. Use /dev/urandom if you can as /dev/random may block if it runs
+     * out of random entries.
+     */
+
+    for (i = 0; (i < sizeof(randomfiles) / sizeof(randomfiles[0])) &&
+         (n < ENTROPY_NEEDED); i++) {
+        if ((fd = open(randomfiles[i], O_RDONLY
+#   ifdef O_NONBLOCK
+                       | O_NONBLOCK
+#   endif
+#   ifdef O_BINARY
+                       | O_BINARY
+#   endif
+#   ifdef O_NOCTTY              /* If it happens to be a TTY (god forbid), do
+                                 * not make it our controlling tty */
+                       | O_NOCTTY
+#   endif
+             )) >= 0) {
+            int usec = 10 * 1000; /* spend 10ms on each file */
+            int r;
+            unsigned int j;
+            struct stat *st = &randomstats[i];
+
+            /*
+             * Avoid using same input... Used to be O_NOFOLLOW above, but
+             * it's not universally appropriate...
+             */
+            if (fstat(fd, st) != 0) {
+                close(fd);
+                continue;
+            }
+            for (j = 0; j < i; j++) {
+                if (randomstats[j].st_ino == st->st_ino &&
+                    randomstats[j].st_dev == st->st_dev)
+                    break;
+            }
+            if (j < i) {
+                close(fd);
+                continue;
+            }
+
+            do {
+                int try_read = 0;
+
+                /* use select() */
+                fd_set fset;
+                struct timeval t;
+
+                t.tv_sec = 0;
+                t.tv_usec = usec;
+
+                if (FD_SETSIZE > 0 && (unsigned)fd >= FD_SETSIZE) {
+                    /*
+                     * can't use select, so just try to read once anyway
+                     */
+                    try_read = 1;
+                } else {
+                    FD_ZERO(&fset);
+                    FD_SET(fd, &fset);
+
+                    if (select(fd + 1, &fset, NULL, NULL, &t) >= 0) {
+                        usec = t.tv_usec;
+                        if (FD_ISSET(fd, &fset))
+                            try_read = 1;
+                    } else
+                        usec = 0;
+                }
+
+                if (try_read) {
+                    r = read(fd, (unsigned char *)tmpbuf + n,
+                             ENTROPY_NEEDED - n);
+                    if (r > 0)
+                        n += r;
+                } else
+                    r = -1;
+
+                /*
+                 * Some Unixen will update t in select(), some won't.  For
+                 * those who won't, or if we didn't use select() in the first
+                 * place, give up here, otherwise, we will do this once again
+                 * for the remaining time.
+                 */
+                if (usec == 10 * 1000)
+                    usec = 0;
+            }
+            while ((r > 0 ||
+                    (errno == EINTR || errno == EAGAIN)) && usec != 0
+                   && n < ENTROPY_NEEDED);
+
+            close(fd);
+        }
+    }
+#  endif                        /* defined(DEVRANDOM) */
+
+#  if defined(DEVRANDOM)
+    if (n > 0) {
+        RAND_add(tmpbuf, sizeof tmpbuf, (double)n);
+        OPENSSL_cleanse(tmpbuf, n);
+    }
+#  endif
+
+    if (n > 0) {
+        /* put in some default random data, we need more than just this */
+
+        l = curr_pid;
+        RAND_add(&l, sizeof(l), 0.0);
+        l = getuid();
+        RAND_add(&l, sizeof(l), 0.0);
+        l = time(NULL);
+        RAND_add(&l, sizeof(l), 0.0);
+    } else {
+        unsigned char v;
+
+
+        /*
+         * Seed with the gid, pid, and uid, to ensure *some* variation between
+         * different processes.
+         */
+
+        l = curr_pid;
+        RAND_add(&l, sizeof(l), 1);
+        l = getuid();
+        RAND_add(&l, sizeof(l), 1);
+        l = time(NULL);
+        RAND_add(&l, sizeof(l), 1);
+    
+        for (i = 0; i < (ENTROPY_NEEDED * 4); i++) {
+            srand48(rawclock() ^ i ^ l);
+            l = lrand48();
+
+            /* take 8 bits */
+            v = (unsigned char)(l % 256);
+            RAND_add(&v, sizeof v, 1);
+        }
+    }
+
+
+#  if defined(DEVRANDOM)
+    return 1;
+#  else
+    return 0;
+#  endif
+}
 # elif defined __OpenBSD__
 int RAND_poll(void)
 {
     u_int32_t rnd = 0, i;
     unsigned char buf[ENTROPY_NEEDED];
diff -aprNU5 openssl-1.0.2u.orig/demos/bio/Makefile openssl-1.0.2u/demos/bio/Makefile
--- openssl-1.0.2u.orig/demos/bio/Makefile	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/demos/bio/Makefile	2019-12-31 12:24:24 +0000
@@ -1,22 +1,23 @@
-CC=cc
-CFLAGS= -g -I../../include
-LIBS= -L../.. ../../libssl.a ../../libcrypto.a -ldl
-EXAMPLES=saccept sconnect client-arg client-conf
+CC=gcc
+CFLAGS= -g2 -O0 -fgnu89-inline -march=i386 -mtune=i586 -I../../include
+LIBS= -L../.. ../../libssl.a ../../libcrypto.a /dev/env/DJDIR/net/watt/lib/libwatt.a -lz
+EXE=.exe
+EXAMPLES=saccept$(EXE) sconnect$(EXE) client-arg$(EXE) client-conf$(EXE)
 
 all: $(EXAMPLES) 
 
-saccept: saccept.o
-	$(CC) -o saccept saccept.o $(LIBS)
+saccept$(EXE): saccept.o
+	$(CC) -o saccept$(EXE) saccept.o $(LIBS)
 
-sconnect: sconnect.o
-	$(CC) -o sconnect sconnect.o $(LIBS)
+sconnect$(EXE): sconnect.o
+	$(CC) -o sconnect$(EXE) sconnect.o $(LIBS)
 
-client-arg: client-arg.o
-	$(CC) -o client-arg client-arg.o $(LIBS)
+client-arg$(EXE): client-arg.o
+	$(CC) -o client-arg$(EXE) client-arg.o $(LIBS)
 
-client-conf: client-conf.o
-	$(CC) -o client-conf client-conf.o $(LIBS)
+client-conf$(EXE): client-conf.o
+	$(CC) -o client-conf$(EXE) client-conf.o $(LIBS)
 
 clean:	
 	rm -f $(EXAMPLES) *.o
 
diff -aprNU5 openssl-1.0.2u.orig/demos/prime/Makefile openssl-1.0.2u/demos/prime/Makefile
--- openssl-1.0.2u.orig/demos/prime/Makefile	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/demos/prime/Makefile	2019-12-31 12:24:24 +0000
@@ -1,14 +1,15 @@
-CC=cc
-CFLAGS= -g -I../../include -Wall
-LIBS=  -L../.. -lcrypto
-EXAMPLES=prime
+CC=gcc
+CFLAGS= -g2 -O0 -fgnu89-inline -march=i386 -mtune=i586 -I../../include -Wall
+LIBS=  -L../.. -lcrypto /dev/env/DJDIR/net/watt/lib/libwatt.a -lz
+EXE=.exe
+EXAMPLES=prime$(EXE)
 
 all: $(EXAMPLES) 
 
-prime: prime.o
-	$(CC) -o prime prime.o $(LIBS)
+prime$(EXE): prime.o
+	$(CC) -o prime$(EXE) prime.o $(LIBS)
 
 clean:	
 	rm -f $(EXAMPLES) *.o
 
 test: all
diff -aprNU5 openssl-1.0.2u.orig/demos/sign/Makefile openssl-1.0.2u/demos/sign/Makefile
--- openssl-1.0.2u.orig/demos/sign/Makefile	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/demos/sign/Makefile	2019-12-31 12:24:24 +0000
@@ -1,14 +1,15 @@
-CC=cc
-CFLAGS= -g -I../../include -Wall
-LIBS=  -L../.. -lcrypto
-EXAMPLES=sign
+CC=gcc
+CFLAGS= -g2 -O0 -fgnu89-inline -march=i386 -mtune=i586 -I../../include -Wall
+LIBS=  -L../.. -lcrypto /dev/env/DJDIR/net/watt/lib/libwatt.a -lz
+EXE=.exe
+EXAMPLES=sign$(EXE)
 
 all: $(EXAMPLES) 
 
-sign: sign.o
-	$(CC) -o sign sign.o $(LIBS)
+sign$(EXE): sign.o
+	$(CC) -o sign$(EXE) sign.o $(LIBS)
 
 clean:	
 	rm -f $(EXAMPLES) *.o
 
 test: all
diff -aprNU5 openssl-1.0.2u.orig/demos/state_machine/Makefile openssl-1.0.2u/demos/state_machine/Makefile
--- openssl-1.0.2u.orig/demos/state_machine/Makefile	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/demos/state_machine/Makefile	2019-12-31 12:24:24 +0000
@@ -1,9 +1,10 @@
-CFLAGS=-I../../include -Wall -Werror -g
+CFLAGS=-I../../include -Wall -g2 -O0 -fgnu89-inline -march=i386 -mtune=i586
+EXE=.exe
 
-all: state_machine
+all: state_machine$(EXE)
 
-state_machine: state_machine.o
-	$(CC) -o state_machine state_machine.o -L../.. -lssl -lcrypto
+state_machine$(EXE): state_machine.o
+	$(CC) -o state_machine$(EXE) state_machine.o -L../.. -lssl -lcrypto /dev/env/DJDIR/net/watt/lib/libwatt.a -lz
 
 test: state_machine
 	./state_machine 10000 ../../apps/server.pem ../../apps/server.pem
diff -aprNU5 openssl-1.0.2u.orig/Makefile.org openssl-1.0.2u/Makefile.org
--- openssl-1.0.2u.orig/Makefile.org	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/Makefile.org	2019-12-31 12:24:24 +0000
@@ -157,10 +157,13 @@ SDIRS=  \
 # should be performed.
 TESTS = alltests
 
 MAKEFILE= Makefile
 
+INSTALL_OPENSSLDIR=$(INSTALLTOP)/share/ssl
+INSTALL_HTMLDIR=$(INSTALLTOP)/share/ssl/html
+INSTALL_MANDIR=$(INSTALLTOP)/share/ssl/man
 MANDIR=$(OPENSSLDIR)/man
 MAN1=1
 MAN3=3
 MANSUFFIX=
 HTMLSUFFIX=html
@@ -214,11 +217,11 @@ BUILDENV=	LC_ALL=C PLATFORM='$(PLATFORM)
 		CROSS_COMPILE='$(CROSS_COMPILE)'	\
 		PERL='$(PERL)' ENGDIRS='$(ENGDIRS)'		\
 		SDIRS='$(SDIRS)' LIBRPATH='$(INSTALLTOP)/$(LIBDIR)'	\
 		INSTALL_PREFIX='$(INSTALL_PREFIX)'		\
 		INSTALLTOP='$(INSTALLTOP)' OPENSSLDIR='$(OPENSSLDIR)'	\
-		LIBDIR='$(LIBDIR)'				\
+		INSTALL_OPENSSLDIR='$(INSTALL_OPENSSLDIR)' LIBDIR='$(LIBDIR)'	\
 		MAKEDEPEND='$$$${TOP}/util/domd $$$${TOP} -MD $(MAKEDEPPROG)' \
 		DEPFLAG='-DOPENSSL_NO_DEPRECATED $(DEPFLAG)'	\
 		MAKEDEPPROG='$(MAKEDEPPROG)'			\
 		SHARED_LDFLAGS='$(SHARED_LDFLAGS)'		\
 		KRB5_INCLUDES='$(KRB5_INCLUDES)' LIBKRB5='$(LIBKRB5)'	\
@@ -538,21 +541,22 @@ tar-snap: $(TARFILE).list
 dist:   
 	$(PERL) Configure dist
 	@$(MAKE) SDIRS='$(SDIRS)' clean
 	@$(MAKE) TAR='$(TAR)' TARFLAGS='$(TARFLAGS)' $(DISTTARVARS) tar
 
-install: all install_docs install_sw
+# install: all install_docs install_sw
+install: install_html_docs install_docs install_sw
 
 install_sw:
 	@$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
 		$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \
 		$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \
 		$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig \
 		$(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl \
-		$(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
-		$(INSTALL_PREFIX)$(OPENSSLDIR)/certs \
-		$(INSTALL_PREFIX)$(OPENSSLDIR)/private
+		$(INSTALL_PREFIX)$(INSTALL_OPENSSLDIR)/misc \
+		$(INSTALL_PREFIX)$(INSTALL_OPENSSLDIR)/certs \
+		$(INSTALL_PREFIX)$(INSTALL_OPENSSLDIR)/private
 	@set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\
 	do \
 	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
 	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
 	done;
@@ -620,34 +624,34 @@ install_html_docs:
 	filecase=; \
 	case "$(PLATFORM)" in DJGPP|Cygwin*|mingw*|darwin*-*-cc) \
 		filecase=-i; \
 	esac; \
 	for subdir in apps crypto ssl; do \
-		mkdir -p $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir; \
+		mkdir -p $(INSTALL_PREFIX)$(INSTALL_HTMLDIR)/$$subdir; \
 		for i in doc/$$subdir/*.pod; do \
 			fn=`basename $$i .pod`; \
 			echo "installing html/$$fn.$(HTMLSUFFIX)"; \
 			cat $$i \
 			| sed -r 's/L<([^)]*)(\([0-9]\))?\|([^)]*)(\([0-9]\))?>/L<\1|\3>/g' \
 			| pod2html --podroot=doc --htmlroot=.. --podpath=apps:crypto:ssl \
 			| sed -r 's/<!DOCTYPE.*//g' \
-			> $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir/$$fn.$(HTMLSUFFIX); \
+			> $(INSTALL_PREFIX)$(INSTALL_HTMLDIR)/$$subdir/$$fn.$(HTMLSUFFIX); \
 			$(PERL) util/extract-names.pl < $$i | \
 				grep -v $$filecase "^$$fn\$$" | \
-				(cd $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir; \
+				(cd $(INSTALL_PREFIX)$(INSTALL_HTMLDIR)/$$subdir; \
 				 while read n; do \
 					PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$(HTMLSUFFIX) "$$n".$(HTMLSUFFIX); \
 				 done); \
 		done; \
 	done
 
 install_docs:
 	@$(PERL) $(TOP)/util/mkdir-p.pl \
-		$(INSTALL_PREFIX)$(MANDIR)/man1 \
-		$(INSTALL_PREFIX)$(MANDIR)/man3 \
-		$(INSTALL_PREFIX)$(MANDIR)/man5 \
-		$(INSTALL_PREFIX)$(MANDIR)/man7
+		$(INSTALL_PREFIX)$(INSTALL_MANDIR)/man1 \
+		$(INSTALL_PREFIX)$(INSTALL_MANDIR)/man3 \
+		$(INSTALL_PREFIX)$(INSTALL_MANDIR)/man5 \
+		$(INSTALL_PREFIX)$(INSTALL_MANDIR)/man7
 	@pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \
 	here="`pwd`"; \
 	filecase=; \
 	case "$(PLATFORM)" in DJGPP|Cygwin*|mingw*|darwin*-*-cc) \
 		filecase=-i; \
@@ -658,15 +662,15 @@ install_docs:
 		echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
 		(cd `$(PERL) util/dirname.pl $$i`; \
 		sh -c "$$pod2man \
 			--section=$$sec --center=OpenSSL \
 			--release=$(VERSION) `basename $$i`") \
-			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
+			>  $(INSTALL_PREFIX)$(INSTALL_MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
 		$(PERL) util/extract-names.pl < $$i | \
 			(grep -v $$filecase "^$$fn\$$"; true) | \
 			(grep -v "[	]"; true) | \
-			(cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
+			(cd $(INSTALL_PREFIX)$(INSTALL_MANDIR)/man$$sec/; \
 			 while read n; do \
 				PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
 			 done); \
 	done; \
 	set -e; for i in doc/crypto/*.pod doc/ssl/*.pod; do \
@@ -675,15 +679,15 @@ install_docs:
 		echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
 		(cd `$(PERL) util/dirname.pl $$i`; \
 		sh -c "$$pod2man \
 			--section=$$sec --center=OpenSSL \
 			--release=$(VERSION) `basename $$i`") \
-			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
+			>  $(INSTALL_PREFIX)$(INSTALL_MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
 		$(PERL) util/extract-names.pl < $$i | \
 			(grep -v $$filecase "^$$fn\$$"; true) | \
 			(grep -v "[	]"; true) | \
-			(cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
+			(cd $(INSTALL_PREFIX)$(INSTALL_MANDIR)/man$$sec/; \
 			 while read n; do \
 				PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
 			 done); \
 	done
 
diff -aprNU5 openssl-1.0.2u.orig/tools/Makefile openssl-1.0.2u/tools/Makefile
--- openssl-1.0.2u.orig/tools/Makefile	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/tools/Makefile	2019-12-31 12:24:24 +0000
@@ -26,13 +26,13 @@ install:
 	chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
 	mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \
 	done;
 	@for i in $(MISC_APPS) ; \
 	do  \
-	(cp $$i $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \
-	chmod 755 $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \
-	mv -f $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i ); \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALL_OPENSSLDIR)/misc/$$i.new; \
+	chmod 755 $(INSTALL_PREFIX)$(INSTALL_OPENSSLDIR)/misc/$$i.new; \
+	mv -f $(INSTALL_PREFIX)$(INSTALL_OPENSSLDIR)/misc/$$i.new $(INSTALL_PREFIX)$(INSTALL_OPENSSLDIR)/misc/$$i ); \
 	done;
 
 files:
 	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
 








This is the patch submitted to the OpenSSL maintainers to fix and improve
certain DJGPP specific issues and to support the upcomming Watt-32 version.
The maintainers have committed these changes into the 1.1.0 version but they
will not be committed into any of the maintenance 1.0.N versions.




2019-12-31  Juan Manuel Guerrero  <juan.guerrero@gmx.de>

	* Configure:  Replaced -DTERMIO by -DTERMIOS in CFLAGS.

	* crypto/bio/bss_dgram.c [WATT32]:  Remove obsolete redefinition of
	function names: sock_write, sock_read and sock_puts.

	* crypto/bio/bss_sock.c [WATT32]:  For Watt-32 2.2.11 sock_write,
	sock_read and sock_puts are redefined to their private names so their
	names must be undefined first before they can be redefined again.

	* crypto/bio/bss_file.c (file_fopen) [OPENSSL_SYS_MSDOS]:  Call
	dosify_filename to replace leading dot if file system does not support
	it.
	(dosify_filename):  Replace leading dot in passed file name if file
	system does not support LFN.  Replace all leading dots in the dirname
	part and the basname part of the file name.

	* e_os.h [__DJGPP__]:  Undefine macro DEVRANDOM_EGD.  Neither MS-DOS
	nor FreeDOS provide 'egd' sockets.
	New macro HAS_LFN_SUPPORT checks if underlying file system supports
	long file names or not.

	* util/mklink.pl:  Do not use symlinks for DJGPP.

	* INSTALL.DJGPP:  Update URL of WATT-32 library.

	* Configure:  -fgnu89-inline flag added to CFLAGS depending on compiler
	version used.

	* demos/bio/Makefile:  -fgnu89-inline flag added to CFLAGS depending on
	compiler version used.

	* demos/prime/Makefile:  -fgnu89-inline flag added to CFLAGS depending
	on compiler version used.

	* demos/sign/Makefile:  -fgnu89-inline flag added to CFLAGS depending
	on compiler version used.

	* demos/state_machine/Makefile:  -fgnu89-inline flag added to CFLAGS
	depending on compiler version used.











diff -aprNU5 openssl-1.0.2u.orig/Configure openssl-1.0.2u/Configure
--- openssl-1.0.2u.orig/Configure	2019-12-31 12:24:24 +0000
+++ openssl-1.0.2u/Configure	2019-12-31 12:30:58 +0000
@@ -633,16 +633,11 @@ my %table=(
 "netware-libc-bsdsock", "mwccnlm::::::BN_LLONG ${x86_gcc_opts}::",
 "netware-libc-gcc", "i586-netware-gcc:-nostdinc -I/ndk/libc/include -I/ndk/libc/include/winsock -DL_ENDIAN -DNETWARE_LIBC -DOPENSSL_SYSNAME_NETWARE -DTERMIO -O2 -Wall:::::BN_LLONG ${x86_gcc_opts}::",
 "netware-libc-bsdsock-gcc", "i586-netware-gcc:-nostdinc -I/ndk/libc/include -DNETWARE_BSDSOCK -DL_ENDIAN -DNETWARE_LIBC -DOPENSSL_SYSNAME_NETWARE -DTERMIO -O2 -Wall:::::BN_LLONG ${x86_gcc_opts}::",
 
 # DJGPP
-# This is for gcc 4.3.0 or higher.
-"DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fgnu89-inline -march=i386 -mtune=i586 -fomit-frame-pointer -O2 -Wall:::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:",
-# This is other versions.
-#"DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -march=i386 -mtune=i586 -fomit-frame-pointer -O2 -Wall:::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:",
-# This is for debugging purposes.
-#"DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fgnu89-inline -march=i386 -mtune=i586 -save-temps -O0 -g2 -Wall:::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:",
+"DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall:::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:",
 
 # Ultrix from Bernhard Simon <simon@zid.tuwien.ac.at>
 "ultrix-cc","cc:-std1 -O -Olimit 2500 -DL_ENDIAN::(unknown):::::::",
 "ultrix-gcc","gcc:-O3 -DL_ENDIAN::(unknown):::BN_LLONG::::",
 # K&R C is no longer supported; you need gcc on old Ultrix installations
@@ -1544,10 +1539,33 @@ if ($sys_id ne "")
 if ($ranlib eq "")
 	{
 	$ranlib = $default_ranlib;
 	}
 
+# DJGPP specific CFLAG adjustments
+if ($target =~ /^DJGPP/)
+	{
+	my $gccver=0;
+	if (open(FD,"$cc --version |"))
+		{
+		while(<FD>) { $gccver=$1 if (/ (([1-3])\.|4\.([0-1])([.0-9]*))/); }
+		close(FD);
+		}
+	if ($gccver==0)
+		{
+		# For gcc 4.3.0 and above ensure that always old GNU extern inline semantics
+		# are used (aka -fgnu89-inline) even if ISO C99 semantics has been specified.
+		$cflags=~s/-fomit-frame-pointer/-fgnu89-inline -march=i386 -mtune=i586 -fomit-frame-pointer/;
+		}
+	else
+		{
+		$cflags=~s/-fomit-frame-pointer/-march=i386 -mtune=i586 -fomit-frame-pointer/;
+		}
+	# This is for debugging purposes.
+	# $cflags=~s/-fomit-frame-pointer -O2/-save-temps -O0 -g2 -DDJGPP_DEBUG/;
+	}
+
 #my ($bn1)=split(/\s+/,$bn_obj);
 #$bn1 = "" unless defined $bn1;
 #$bn1=$bn_asm unless ($bn1 =~ /\.o$/);
 #$bn_obj="$bn1";
 
diff -aprNU5 openssl-1.0.2u.orig/crypto/bio/bss_dgram.c openssl-1.0.2u/crypto/bio/bss_dgram.c
--- openssl-1.0.2u.orig/crypto/bio/bss_dgram.c	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/crypto/bio/bss_dgram.c	2019-12-31 12:30:58 +0000
@@ -92,16 +92,10 @@
         (((a)->s6_addr32[0] == 0) &&          \
          ((a)->s6_addr32[1] == 0) &&          \
          ((a)->s6_addr32[2] == htonl(0x0000ffff)))
 # endif
 
-# ifdef WATT32
-#  define sock_write SockWrite  /* Watt-32 uses same names */
-#  define sock_read  SockRead
-#  define sock_puts  SockPuts
-# endif
-
 static int dgram_write(BIO *h, const char *buf, int num);
 static int dgram_read(BIO *h, char *buf, int size);
 static int dgram_puts(BIO *h, const char *str);
 static long dgram_ctrl(BIO *h, int cmd, long arg1, void *arg2);
 static int dgram_new(BIO *h);
diff -aprNU5 openssl-1.0.2u.orig/crypto/bio/bss_file.c openssl-1.0.2u/crypto/bio/bss_file.c
--- openssl-1.0.2u.orig/crypto/bio/bss_file.c	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/crypto/bio/bss_file.c	2019-12-31 12:30:58 +0000
@@ -93,10 +93,14 @@
 #  include <nwfileio.h>
 # endif
 
 # if !defined(OPENSSL_NO_STDIO)
 
+#ifdef OPENSSL_SYS_MSDOS
+# include <libc/unconst.h>
+static void dosify_filename(const char *filename);
+#endif
 static int MS_CALLBACK file_write(BIO *h, const char *buf, int num);
 static int MS_CALLBACK file_read(BIO *h, char *buf, int size);
 static int MS_CALLBACK file_puts(BIO *h, const char *str);
 static int MS_CALLBACK file_gets(BIO *h, char *str, int size);
 static long MS_CALLBACK file_ctrl(BIO *h, int cmd, long arg1, void *arg2);
@@ -159,10 +163,13 @@ static FILE *file_fopen(const char *file
         }
     } else if (GetLastError() == ERROR_NO_UNICODE_TRANSLATION) {
         file = fopen(filename, mode);
     }
 #  else
+#   ifdef OPENSSL_SYS_MSDOS
+    dosify_filename(filename);
+#   endif
     file = fopen(filename, mode);
 #  endif
     return (file);
 }
 
@@ -484,8 +491,25 @@ static int MS_CALLBACK file_puts(BIO *bp
     n = strlen(str);
     ret = file_write(bp, str, n);
     return (ret);
 }
 
+#  ifdef OPENSSL_SYS_MSDOS
+static void dosify_filename(const char *filename)
+{
+    if (filename && *filename && !HAS_LFN_SUPPORT(filename)) {
+        char *nextchar = unconst(filename, char *);
+
+        do {
+            if (nextchar[0] == '/' && nextchar[2] != '.' && nextchar[2] != '/') {
+
+                /* Leading dot not allowed on plain DOS.  */
+                if (nextchar[1] == '.')
+                    *++nextchar = '_';
+            }
+        } while (*++nextchar);
+    }
+}
+#  endif
 # endif                         /* OPENSSL_NO_STDIO */
 
 #endif                          /* HEADER_BSS_FILE_C */
diff -aprNU5 openssl-1.0.2u.orig/crypto/bio/bss_sock.c openssl-1.0.2u/crypto/bio/bss_sock.c
--- openssl-1.0.2u.orig/crypto/bio/bss_sock.c	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/crypto/bio/bss_sock.c	2019-12-31 12:30:58 +0000
@@ -64,11 +64,15 @@
 #ifndef OPENSSL_NO_SOCK
 
 # include <openssl/bio.h>
 
 # ifdef WATT32
-#  define sock_write SockWrite  /* Watt-32 uses same names */
+/* Watt-32 uses same names */
+#  undef sock_write
+#  undef sock_read
+#  undef sock_puts
+#  define sock_write SockWrite
 #  define sock_read  SockRead
 #  define sock_puts  SockPuts
 # endif
 
 static int sock_write(BIO *h, const char *buf, int num);
diff -aprNU5 openssl-1.0.2u.orig/demos/bio/Makefile openssl-1.0.2u/demos/bio/Makefile
--- openssl-1.0.2u.orig/demos/bio/Makefile	2019-12-31 12:24:24 +0000
+++ openssl-1.0.2u/demos/bio/Makefile	2019-12-31 12:30:58 +0000
@@ -1,10 +1,16 @@
 CC=gcc
-CFLAGS= -g2 -O0 -fgnu89-inline -march=i386 -mtune=i586 -I../../include
+CFLAGS= -g2 -O0 -march=i386 -mtune=i586 -I../../include
+ifeq ($(filter 2 3 4,$(word 3, $(shell true | $(CC) -E -dD -x c - | grep 'define\ *__GNUC__'))),)
+# We have gcc >= 5.x and we must ensure that always traditional
+# GNU extern inline semantics are used (aka -fgnu89-inline) even
+# if ISO C99 semantics have been specified.
+CFLAGS += -fgnu89-inline
+endif
 LIBS= -L../.. ../../libssl.a ../../libcrypto.a /dev/env/DJDIR/net/watt/lib/libwatt.a -lz
 EXE=.exe
-EXAMPLES=saccept$(EXE) sconnect$(EXE) client-arg$(EXE) client-conf$(EXE)
+EXAMPLES=saccept$(EXE) sconnect$(EXE)
 
 all: $(EXAMPLES) 
 
 saccept$(EXE): saccept.o
 	$(CC) -o saccept$(EXE) saccept.o $(LIBS)
diff -aprNU5 openssl-1.0.2u.orig/demos/prime/Makefile openssl-1.0.2u/demos/prime/Makefile
--- openssl-1.0.2u.orig/demos/prime/Makefile	2019-12-31 12:24:24 +0000
+++ openssl-1.0.2u/demos/prime/Makefile	2019-12-31 12:30:58 +0000
@@ -1,7 +1,13 @@
 CC=gcc
-CFLAGS= -g2 -O0 -fgnu89-inline -march=i386 -mtune=i586 -I../../include -Wall
+CFLAGS= -g2 -O0 -march=i386 -mtune=i586 -I../../include -Wall
+ifeq ($(filter 2 3 4,$(word 3, $(shell true | $(CC) -E -dD -x c - | grep 'define\ *__GNUC__'))),)
+# We have gcc >= 5.x and we must ensure that always traditional
+# GNU extern inline semantics are used (aka -fgnu89-inline) even
+# if ISO C99 semantics have been specified.
+CFLAGS += -fgnu89-inline
+endif
 LIBS=  -L../.. -lcrypto /dev/env/DJDIR/net/watt/lib/libwatt.a -lz
 EXE=.exe
 EXAMPLES=prime$(EXE)
 
 all: $(EXAMPLES) 
diff -aprNU5 openssl-1.0.2u.orig/demos/sign/Makefile openssl-1.0.2u/demos/sign/Makefile
--- openssl-1.0.2u.orig/demos/sign/Makefile	2019-12-31 12:24:24 +0000
+++ openssl-1.0.2u/demos/sign/Makefile	2019-12-31 12:30:58 +0000
@@ -1,7 +1,13 @@
 CC=gcc
-CFLAGS= -g2 -O0 -fgnu89-inline -march=i386 -mtune=i586 -I../../include -Wall
+CFLAGS= -g2 -O0 -march=i386 -mtune=i586 -I../../include -Wall
+ifeq ($(filter 2 3 4,$(word 3, $(shell true | $(CC) -E -dD -x c - | grep 'define\ *__GNUC__'))),)
+# We have gcc >= 5.x and we must ensure that always traditional
+# GNU extern inline semantics are used (aka -fgnu89-inline) even
+# if ISO C99 semantics have been specified.
+CFLAGS += -fgnu89-inline
+endif
 LIBS=  -L../.. -lcrypto /dev/env/DJDIR/net/watt/lib/libwatt.a -lz
 EXE=.exe
 EXAMPLES=sign$(EXE)
 
 all: $(EXAMPLES) 
diff -aprNU5 openssl-1.0.2u.orig/demos/state_machine/Makefile openssl-1.0.2u/demos/state_machine/Makefile
--- openssl-1.0.2u.orig/demos/state_machine/Makefile	2019-12-31 12:24:24 +0000
+++ openssl-1.0.2u/demos/state_machine/Makefile	2019-12-31 12:30:58 +0000
@@ -1,10 +1,16 @@
-CFLAGS=-I../../include -Wall -g2 -O0 -fgnu89-inline -march=i386 -mtune=i586
+CFLAGS=-I../../include -Wall -g2 -O0 -march=i386 -mtune=i586
+ifeq ($(filter 2 3 4,$(word 3, $(shell true | $(CC) -E -dD -x c - | grep 'define\ *__GNUC__'))),)
+# We have gcc >= 5.x and we must ensure that always traditional
+# GNU extern inline semantics are used (aka -fgnu89-inline) even
+# if ISO C99 semantics have been specified.
+CFLAGS += -fgnu89-inline
+endif
 EXE=.exe
 
 all: state_machine$(EXE)
 
 state_machine$(EXE): state_machine.o
 	$(CC) -o state_machine$(EXE) state_machine.o -L../.. -lssl -lcrypto /dev/env/DJDIR/net/watt/lib/libwatt.a -lz
 
-test: state_machine
-	./state_machine 10000 ../../apps/server.pem ../../apps/server.pem
+test: state_machine$(EXE)
+	./state_machine$(EXE) 10000 ../../apps/server.pem ../../apps/server.pem
diff -aprNU5 openssl-1.0.2u.orig/e_os.h openssl-1.0.2u/e_os.h
--- openssl-1.0.2u.orig/e_os.h	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/e_os.h	2019-12-31 12:30:58 +0000
@@ -240,10 +240,12 @@ extern "C" {
 #   include <tcp.h>
 #   include <netdb.h>
 #   define _setmode setmode
 #   define _O_TEXT O_TEXT
 #   define _O_BINARY O_BINARY
+#   define HAS_LFN_SUPPORT(name)  (pathconf((name), _PC_NAME_MAX) > 12)
+#   undef DEVRANDOM_EGD  /*  Neither MS-DOS nor FreeDOS provide 'egd' sockets.  */
 #   undef DEVRANDOM
 #   define DEVRANDOM "/dev/urandom\x24"
 #  endif                        /* __DJGPP__ */
 
 #  ifndef S_IFDIR
diff -aprNU5 openssl-1.0.2u.orig/util/mklink.pl openssl-1.0.2u/util/mklink.pl
--- openssl-1.0.2u.orig/util/mklink.pl	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/util/mklink.pl	2019-12-31 12:30:58 +0000
@@ -49,11 +49,11 @@ foreach $dirname (@from_path) {
 
 my $to = join('/', @to_path);
 
 my $file;
 $symlink_exists=eval {symlink("",""); 1};
-if ($^O eq "msys") { $symlink_exists=0 };
+if ($^O eq "msys" || $^O eq 'dos') { $symlink_exists=0 };
 foreach $file (@files) {
     my $err = "";
     if ($symlink_exists) {
         if (!-l "$from/$file") {
 	    unlink "$from/$file";








2019-12-31  Juan Manuel Guerrero  <juan.guerrero@gmx.de>

	Applied some patches taken from openssl1.0_1.0.2r-1~deb9u1.debian.tar.xz
	available at:
	  http://ftp.de.debian.org/debian/pool/main/o/openssl/.
	The applied patches are:
	  block_digicert_malaysia.patch
	  block_diginotar.patch
	  c_rehash-compat.patch
	  disable_freelist.patch
	  disable_sslv3_test.patch
	  libdoc-manpgs-pod-spell.patch
	  stddef.patch
	  soname.patch






diff -aprNU5 openssl-1.0.2u.orig/crypto/opensslv.h openssl-1.0.2u/crypto/opensslv.h
--- openssl-1.0.2u.orig/crypto/opensslv.h	2019-12-20 13:09:20 +0000
+++ openssl-1.0.2u/crypto/opensslv.h	2019-12-31 12:35:10 +0000
@@ -86,11 +86,11 @@ extern "C" {
  * we need to keep a history of version numbers, which is done in the
  * macro SHLIB_VERSION_HISTORY.  The numbers are separated by colons and
  * should only keep the versions that are binary compatible with the current.
  */
 # define SHLIB_VERSION_HISTORY ""
-# define SHLIB_VERSION_NUMBER "1.0.0"
+# define SHLIB_VERSION_NUMBER "1.0.2"
 
 
 #ifdef  __cplusplus
 }
 #endif
diff -aprNU5 openssl-1.0.2u.orig/crypto/sha/sha.h openssl-1.0.2u/crypto/sha/sha.h
--- openssl-1.0.2u.orig/crypto/sha/sha.h	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/crypto/sha/sha.h	2019-12-31 12:35:10 +0000
@@ -57,12 +57,12 @@
  */
 
 #ifndef HEADER_SHA_H
 # define HEADER_SHA_H
 
-# include <openssl/e_os2.h>
 # include <stddef.h>
+# include <openssl/e_os2.h>
 
 #ifdef  __cplusplus
 extern "C" {
 #endif
 
diff -aprNU5 openssl-1.0.2u.orig/crypto/x509/x509_vfy.c openssl-1.0.2u/crypto/x509/x509_vfy.c
--- openssl-1.0.2u.orig/crypto/x509/x509_vfy.c	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/crypto/x509/x509_vfy.c	2019-12-31 12:35:10 +0000
@@ -118,10 +118,11 @@ static int check_name_constraints(X509_S
 static int check_id(X509_STORE_CTX *ctx);
 static int check_trust(X509_STORE_CTX *ctx);
 static int check_revocation(X509_STORE_CTX *ctx);
 static int check_cert(X509_STORE_CTX *ctx);
 static int check_policy(X509_STORE_CTX *ctx);
+static int check_ca_blacklist(X509_STORE_CTX *ctx);
 
 static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer,
                          unsigned int *preasons, X509_CRL *crl, X509 *x);
 static int get_crl_delta(X509_STORE_CTX *ctx,
                          X509_CRL **pcrl, X509_CRL **pdcrl, X509 *x);
@@ -500,10 +501,14 @@ int X509_verify_cert(X509_STORE_CTX *ctx
     else
         ok = internal_verify(ctx);
     if (!ok)
         goto err;
 
+    ok = check_ca_blacklist(ctx);
+    if (!ok)
+        goto err;
+
 #ifndef OPENSSL_NO_RFC3779
     /* RFC 3779 path validation, now that CRL check has been done */
     ok = v3_asid_validate_path(ctx);
     if (!ok)
         goto err;
@@ -1108,10 +1113,34 @@ static int check_crl_time(X509_STORE_CTX
         ctx->current_crl = NULL;
 
     return 1;
 }
 
+static int check_ca_blacklist(X509_STORE_CTX *ctx)
+	{
+	X509 *x;
+	int i;
+	/* Check all certificates against the blacklist */
+	for (i = sk_X509_num(ctx->chain) - 1; i >= 0; i--)
+		{
+		x = sk_X509_value(ctx->chain, i);
+		/* Mark certificates containing the following names as
+		 * revoked, no matter where in the chain they are.
+		 */
+		if (x->name && (strstr(x->name, "DigiNotar") ||
+			strstr(x->name, "Digicert Sdn. Bhd.")))
+			{
+			ctx->error = X509_V_ERR_CERT_REVOKED;
+			ctx->error_depth = i;
+			ctx->current_cert = x;
+			if (!ctx->verify_cb(0,ctx))
+				return 0;
+			}
+		}
+	return 1;
+	}
+
 static int get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509_CRL **pdcrl,
                       X509 **pissuer, int *pscore, unsigned int *preasons,
                       STACK_OF(X509_CRL) *crls)
 {
     int i, crl_score, best_score = *pscore;
diff -aprNU5 openssl-1.0.2u.orig/doc/crypto/EVP_PKEY_cmp.pod openssl-1.0.2u/doc/crypto/EVP_PKEY_cmp.pod
--- openssl-1.0.2u.orig/doc/crypto/EVP_PKEY_cmp.pod	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/doc/crypto/EVP_PKEY_cmp.pod	2019-12-31 12:35:10 +0000
@@ -26,11 +26,11 @@ B<from> or present in both B<from> and B
 in B<from> and B<to> are both present and match this function has no effect.
 
 The function EVP_PKEY_cmp_parameters() compares the parameters of keys
 B<a> and B<b>.
 
-The function EVP_PKEY_cmp() compares the public key components and paramters
+The function EVP_PKEY_cmp() compares the public key components and parameters
 (if present) of keys B<a> and B<b>.
 
 =head1 NOTES
 
 The main purpose of the functions EVP_PKEY_missing_parameters() and
diff -aprNU5 openssl-1.0.2u.orig/ssl/s3_both.c openssl-1.0.2u/ssl/s3_both.c
--- openssl-1.0.2u.orig/ssl/s3_both.c	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/ssl/s3_both.c	2019-12-31 12:35:10 +0000
@@ -582,10 +582,11 @@ int ssl_verify_alarm_type(long type)
         break;
     }
     return (al);
 }
 
+#define OPENSSL_NO_BUF_FREELISTS
 #ifndef OPENSSL_NO_BUF_FREELISTS
 /*-
  * On some platforms, malloc() performance is bad enough that you can't just
  * free() and malloc() buffers all the time, so we need to use freelists from
  * unused buffers.  Currently, each freelist holds memory chunks of only a
diff -aprNU5 openssl-1.0.2u.orig/ssl/ssl_lib.c openssl-1.0.2u/ssl/ssl_lib.c
--- openssl-1.0.2u.orig/ssl/ssl_lib.c	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/ssl/ssl_lib.c	2019-12-31 12:35:10 +0000
@@ -160,10 +160,12 @@
 # include <openssl/engine.h>
 #endif
 
 const char *SSL_version_str = OPENSSL_VERSION_TEXT;
 
+#define OPENSSL_NO_BUF_FREELISTS
+
 SSL3_ENC_METHOD ssl3_undef_enc_method = {
     /*
      * evil casts, but these functions are only called if there's a library
      * bug
      */
diff -aprNU5 openssl-1.0.2u.orig/test/testssl openssl-1.0.2u/test/testssl
--- openssl-1.0.2u.orig/test/testssl	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/test/testssl	2019-12-31 12:35:10 +0000
@@ -158,11 +158,11 @@ test_cipher() {
 	  exit 1
     fi
 }
 
 echo "Testing ciphersuites"
-for protocol in TLSv1.2 SSLv3; do
+for protocol in TLSv1.2; do
   echo "Testing ciphersuites for $protocol"
   for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "RSA+$protocol" | tr ':' ' '`; do
     test_cipher $cipher $protocol
   done
   if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
diff -aprNU5 openssl-1.0.2u.orig/tools/c_rehash.in openssl-1.0.2u/tools/c_rehash.in
--- openssl-1.0.2u.orig/tools/c_rehash.in	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/tools/c_rehash.in	2019-12-31 12:35:10 +0000
@@ -6,24 +6,19 @@
 my $dir;
 my $prefix;
 
 my $openssl = $ENV{OPENSSL} || "openssl";
 my $pwd;
-my $x509hash = "-subject_hash";
-my $crlhash = "-hash";
 my $verbose = 0;
 my $symlink_exists=eval {symlink("",""); 1};
 my $removelinks = 1;
 
 ##  Parse flags.
 while ( $ARGV[0] =~ /^-/ ) {
     my $flag = shift @ARGV;
     last if ( $flag eq '--');
-    if ( $flag eq '-old') {
-	    $x509hash = "-subject_hash_old";
-	    $crlhash = "-hash_old";
-    } elsif ( $flag eq '-h') {
+    if ( $flag eq '-h') {
 	    help();
     } elsif ( $flag eq '-n' ) {
 	    $removelinks = 0;
     } elsif ( $flag eq '-v' ) {
 	    $verbose++;
@@ -111,11 +106,13 @@ sub hash_dir {
 		if(!$cert && !$crl) {
 			print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n";
 			next;
 		}
 		link_hash_cert($fname) if($cert);
+		link_hash_cert_old($fname) if($cert);
 		link_hash_crl($fname) if($crl);
+		link_hash_crl_old($fname) if($crl);
 	}
 }
 
 sub check_file {
 	my ($is_cert, $is_crl) = (0,0);
@@ -144,10 +141,11 @@ sub check_file {
 # case we skip the link. We check for duplicates by comparing the
 # certificate fingerprints
 
 sub link_hash_cert {
 		my $fname = $_[0];
+		my $x509hash = $_[1] || '-subject_hash';
 		$fname =~ s/'/'\\''/g;
 		my ($hash, $fprint) = `"$openssl" x509 $x509hash -fingerprint -noout -in "$fname"`;
 		chomp $hash;
 		chomp $fprint;
 		$fprint =~ s/^.*=//;
@@ -175,14 +173,24 @@ sub link_hash_cert {
 			print "copy $fname -> $hash\n" if $verbose;
 		}
 		$hashlist{$hash} = $fprint;
 }
 
+sub link_hash_cert_old {
+		link_hash_cert($_[0], '-subject_hash_old');
+}
+
+sub link_hash_crl_old {
+		link_hash_crl($_[0], '-hash_old');
+}
+
+
 # Same as above except for a CRL. CRL links are of the form <hash>.r<n>
 
 sub link_hash_crl {
 		my $fname = $_[0];
+		my $crlhash = $_[1] || "-hash";
 		$fname =~ s/'/'\\''/g;
 		my ($hash, $fprint) = `"$openssl" crl $crlhash -fingerprint -noout -in '$fname'`;
 		chomp $hash;
 		chomp $fprint;
 		$fprint =~ s/^.*=//;









2019-12-31  Juan Manuel Guerrero  <juan.guerrero@gmx.de>

	* e_os.h [__DJGPP__]:  Undefine macro DEVRANDOM_EGD.  Neither MS-DOS
	nor FreeDOS provide 'egd' sockets.
	New macro HAS_LFN_SUPPORT checks if underlying file system supports
	long file names or not.








diff -aprNU5 openssl-1.0.2u.orig/e_os.h openssl-1.0.2u/e_os.h
--- openssl-1.0.2u.orig/e_os.h	2019-12-31 12:43:36 +0000
+++ openssl-1.0.2u/e_os.h	2019-12-31 12:45:54 +0000
@@ -243,11 +243,11 @@ extern "C" {
 #   define _O_TEXT O_TEXT
 #   define _O_BINARY O_BINARY
 #   define HAS_LFN_SUPPORT(name)  (pathconf((name), _PC_NAME_MAX) > 12)
 #   undef DEVRANDOM_EGD  /*  Neither MS-DOS nor FreeDOS provide 'egd' sockets.  */
 #   undef DEVRANDOM
-#   define DEVRANDOM "/dev/urandom\x24"
+#   define DEVRANDOM "/dev/urandom\x24","/dev/env/RANDFILE"  /* Allow for a file in case no noise source is installed.  */
 #  endif                        /* __DJGPP__ */
 
 #  ifndef S_IFDIR
 #   define S_IFDIR     _S_IFDIR
 #  endif








2019-12-31  Juan Manuel Guerrero  <juan.guerrero@gmx.de>

	* crypto/threads/profile.sh: Use variables to specify programs.

	* crypto/threads/pthread.sh: Use variables to specify programs.

	* crypto/threads/pthread2.sh: Use variables to specify programs.

	* crypto/threads/purify.sh: Use variables to specify programs.

	* crypto/threads/solaris.sh: Use variables to specify programs.

	* demos/ssltest-ecc/ECC-RSAcertgen.sh: Use variables to specify programs.

	* demos/ssltest-ecc/ECCcertgen.sh: Use variables to specify programs.

	* demos/ssltest-ecc/RSAcertgen.sh: Use variables to specify programs.

	* test/tcrl: Use variables to specify programs.

	* test/testca: Use variables to specify programs.

	* test/testenc: Use variables to specify programs.

	* test/testss: Use variables to specify programs.

	* test/tpkcs7: Use variables to specify programs.

	* test/tpkcs7d: Use variables to specify programs.

	* test/treq: Use variables to specify programs.

	* test/trsa: Use variables to specify programs.

	* test/tsid: Use variables to specify programs.

	* test/tx509: Use variables to specify programs.

	* util/mkcerts.sh: Use variables to specify programs.

	* util/speed.sh: Use variables to specify programs.









diff -aprNU5 openssl-1.0.2u.orig/crypto/threads/profile.sh openssl-1.0.2u/crypto/threads/profile.sh
--- openssl-1.0.2u.orig/crypto/threads/profile.sh	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/crypto/threads/profile.sh	2019-12-31 13:06:40 +0000
@@ -1,4 +1,10 @@
 #!/bin/sh
-/bin/rm -f mttest
+if test -d /dev/env/DJDIR -a -n "$DJGPP" -a -f "$DJGPP"; then
+  RM=/dev/env/DJDIR/bin/rm.exe
+else
+  RM=/bin/rm
+fi
+
+$RM -f mttest
 cc -p -DSOLARIS -I../../include -g mttest.c -o mttest -L/usr/lib/libc -ldl -L../.. -lthread  -lssl -lcrypto -lnsl -lsocket
 
diff -aprNU5 openssl-1.0.2u.orig/crypto/threads/pthread.sh openssl-1.0.2u/crypto/threads/pthread.sh
--- openssl-1.0.2u.orig/crypto/threads/pthread.sh	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/crypto/threads/pthread.sh	2019-12-31 13:06:40 +0000
@@ -2,8 +2,14 @@
 #
 # build using pthreads
 #
 # http://www.mit.edu:8001/people/proven/pthreads.html
 #
-/bin/rm -f mttest
+if test -d /dev/env/DJDIR -a -n "$DJGPP" -a -f "$DJGPP"; then
+  RM=/dev/env/DJDIR/bin/rm.exe
+else
+  RM=/bin/rm
+fi
+
+$RM -f mttest
 pgcc -DPTHREADS -I../../include -g mttest.c -o mttest -L../.. -lssl -lcrypto 
 
diff -aprNU5 openssl-1.0.2u.orig/crypto/threads/pthread2.sh openssl-1.0.2u/crypto/threads/pthread2.sh
--- openssl-1.0.2u.orig/crypto/threads/pthread2.sh	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/crypto/threads/pthread2.sh	2019-12-31 13:06:40 +0000
@@ -1,6 +1,12 @@
 #!/bin/sh
 #
 # build using pthreads where it's already built into the system
 #
-/bin/rm -f mttest
+if test -d /dev/env/DJDIR -a -n "$DJGPP" -a -f "$DJGPP"; then
+  RM=/dev/env/DJDIR/bin/rm.exe
+else
+  RM=/bin/rm
+fi
+
+$RM -f mttest
 gcc -DPTHREADS -I../../include -g mttest.c -o mttest -L../.. -lssl -lcrypto -lpthread -ldl
diff -aprNU5 openssl-1.0.2u.orig/crypto/threads/purify.sh openssl-1.0.2u/crypto/threads/purify.sh
--- openssl-1.0.2u.orig/crypto/threads/purify.sh	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/crypto/threads/purify.sh	2019-12-31 13:06:40 +0000
@@ -1,4 +1,10 @@
 #!/bin/sh
-/bin/rm -f mttest
+if test -d /dev/env/DJDIR -a -n "$DJGPP" -a -f "$DJGPP"; then
+  RM=/dev/env/DJDIR/bin/rm.exe
+else
+  RM=/bin/rm
+fi
+
+$RM -f mttest
 purify cc -DSOLARIS -I../../include -g mttest.c -o mttest -L../.. -lthread  -lssl -lcrypto -lnsl -lsocket
 
diff -aprNU5 openssl-1.0.2u.orig/crypto/threads/solaris.sh openssl-1.0.2u/crypto/threads/solaris.sh
--- openssl-1.0.2u.orig/crypto/threads/solaris.sh	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/crypto/threads/solaris.sh	2019-12-31 13:06:40 +0000
@@ -1,4 +1,10 @@
 #!/bin/sh
-/bin/rm -f mttest
+if test -d /dev/env/DJDIR -a -n "$DJGPP" -a -f "$DJGPP"; then
+  RM=/dev/env/DJDIR/bin/rm.exe
+else
+  RM=/bin/rm
+fi
+
+$RM -f mttest
 cc -DSOLARIS -I../../include -g mttest.c -o mttest -L../.. -lthread  -lssl -lcrypto -lnsl -lsocket
 
diff -aprNU5 openssl-1.0.2u.orig/demos/ssltest-ecc/ECC-RSAcertgen.sh openssl-1.0.2u/demos/ssltest-ecc/ECC-RSAcertgen.sh
--- openssl-1.0.2u.orig/demos/ssltest-ecc/ECC-RSAcertgen.sh	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/demos/ssltest-ecc/ECC-RSAcertgen.sh	2019-12-31 13:06:40 +0000
@@ -13,16 +13,25 @@ CERTS_DIR=./Certs
 # Directory where private key files are stored
 KEYS_DIR=$CERTS_DIR
 # Directory where combo files (containing a certificate and corresponding
 # private key together) are stored
 COMBO_DIR=$CERTS_DIR
-# cat command
-CAT=/bin/cat
-# rm command
-RM=/bin/rm
-# mkdir command
-MKDIR=/bin/mkdir
+if test -d /dev/env/DJDIR -a -n "$DJGPP" -a -f "$DJGPP"; then
+  # cat command
+  CAT=/dev/env/DJDIR/bin/cat.exe
+  # rm command
+  RM=/dev/env/DJDIR/bin/rm.exe
+  # mkdir command
+  MKDIR=/dev/env/DJDIR/bin/mkdir.exe
+else
+  # cat command
+  CAT=/bin/cat
+  # rm command
+  RM=/bin/rm
+  # mkdir command
+  MKDIR=/bin/mkdir
+fi
 # The certificate will expire these many days after the issue date.
 DAYS=1500
 TEST_CA_FILE=rsa1024TestCA
 
 TEST_SERVER_CURVE=sect163r1
diff -aprNU5 openssl-1.0.2u.orig/demos/ssltest-ecc/ECCcertgen.sh openssl-1.0.2u/demos/ssltest-ecc/ECCcertgen.sh
--- openssl-1.0.2u.orig/demos/ssltest-ecc/ECCcertgen.sh	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/demos/ssltest-ecc/ECCcertgen.sh	2019-12-31 13:06:40 +0000
@@ -13,16 +13,25 @@ CERTS_DIR=./Certs
 # Directory where private key files are stored
 KEYS_DIR=$CERTS_DIR
 # Directory where combo files (containing a certificate and corresponding
 # private key together) are stored
 COMBO_DIR=$CERTS_DIR
-# cat command
-CAT=/bin/cat
-# rm command
-RM=/bin/rm
-# mkdir command
-MKDIR=/bin/mkdir
+if test -d /dev/env/DJDIR -a -n "$DJGPP" -a -f "$DJGPP"; then
+  # cat command
+  CAT=/dev/env/DJDIR/bin/cat.exe
+  # rm command
+  RM=/dev/env/DJDIR/bin/rm.exe
+  # mkdir command
+  MKDIR=/dev/env/DJDIR/bin/mkdir.exe
+else
+  # cat command
+  CAT=/bin/cat
+  # rm command
+  RM=/bin/rm
+  # mkdir command
+  MKDIR=/bin/mkdir
+fi
 # The certificate will expire these many days after the issue date.
 DAYS=1500
 TEST_CA_CURVE=secp160r1
 TEST_CA_FILE=secp160r1TestCA
 TEST_CA_DN="/C=US/ST=CA/L=Mountain View/O=Sun Microsystems, Inc./OU=Sun Microsystems Laboratories/CN=Test CA (Elliptic curve secp160r1)"
diff -aprNU5 openssl-1.0.2u.orig/demos/ssltest-ecc/RSAcertgen.sh openssl-1.0.2u/demos/ssltest-ecc/RSAcertgen.sh
--- openssl-1.0.2u.orig/demos/ssltest-ecc/RSAcertgen.sh	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/demos/ssltest-ecc/RSAcertgen.sh	2019-12-31 13:06:40 +0000
@@ -13,16 +13,25 @@ CERTS_DIR=./Certs
 # Directory where private key files are stored
 KEYS_DIR=$CERTS_DIR
 # Directory where combo files (containing a certificate and corresponding
 # private key together) are stored
 COMBO_DIR=$CERTS_DIR
-# cat command
-CAT=/bin/cat
-# rm command
-RM=/bin/rm
-# mkdir command
-MKDIR=/bin/mkdir
+if test -d /dev/env/DJDIR -a -n "$DJGPP" -a -f "$DJGPP"; then
+  # cat command
+  CAT=/dev/env/DJDIR/bin/cat.exe
+  # rm command
+  RM=/dev/env/DJDIR/bin/rm.exe
+  # mkdir command
+  MKDIR=/dev/env/DJDIR/bin/mkdir.exe
+else
+  # cat command
+  CAT=/bin/cat
+  # rm command
+  RM=/bin/rm
+  # mkdir command
+  MKDIR=/bin/mkdir
+fi
 # The certificate will expire these many days after the issue date.
 DAYS=1500
 TEST_CA_FILE=rsa1024TestCA
 TEST_CA_DN="/C=US/ST=CA/L=Mountain View/O=Sun Microsystems, Inc./OU=Sun Microsystems Laboratories/CN=Test CA (1024 bit RSA)"
 
diff -aprNU5 openssl-1.0.2u.orig/test/tcrl openssl-1.0.2u/test/tcrl
--- openssl-1.0.2u.orig/test/tcrl	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/test/tcrl	2019-12-31 13:06:40 +0000
@@ -72,7 +72,13 @@ if [ $? != 0 ]; then exit 1; fi
 #cmp crl-f.p crl-ff.p2
 #if [ $? != 0 ]; then exit 1; fi
 cmp crl-f.p crl-ff.p3
 if [ $? != 0 ]; then exit 1; fi
 
-/bin/rm -f crl-f.* crl-ff.* crl-fff.*
+if test -d /dev/env/DJDIR -a -n "$DJGPP" -a -f "$DJGPP"; then
+  RM=/dev/env/DJDIR/bin/rm.exe
+else
+  RM=/bin/rm
+fi
+
+$RM -f crl-f.* crl-ff.* crl-fff.*
 exit 0
diff -aprNU5 openssl-1.0.2u.orig/test/testca openssl-1.0.2u/test/testca
--- openssl-1.0.2u.orig/test/testca	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/test/testca	2019-12-31 13:06:40 +0000
@@ -44,8 +44,14 @@ fi
 $SH ../apps/CA.sh -verify newcert.pem
 if [ $? != 0 ]; then
 	exit 1;
 fi
 
-/bin/rm -fr demoCA newcert.pem newreq.pem
+if test -d /dev/env/DJDIR -a -n "$DJGPP" -a -f "$DJGPP"; then
+  RM=/dev/env/DJDIR/bin/rm.exe
+else
+  RM=/bin/rm
+fi
+
+$RM -fr demoCA newcert.pem newreq.pem
 #usage: CA -newcert|-newreq|-newca|-sign|-verify
 
diff -aprNU5 openssl-1.0.2u.orig/test/testenc openssl-1.0.2u/test/testenc
--- openssl-1.0.2u.orig/test/testenc	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/test/testenc	2019-12-31 13:06:40 +0000
@@ -2,31 +2,37 @@
 
 testsrc=testenc
 test=./p
 cmd="../util/shlib_wrap.sh ../apps/openssl"
 
+if test -d /dev/env/DJDIR -a -n "$DJGPP" -a -f "$DJGPP"; then
+  RM=/dev/env/DJDIR/bin/rm.exe
+else
+  RM=/bin/rm
+fi
+
 cat $testsrc >$test;
 
 echo cat
 $cmd enc < $test > $test.cipher
 $cmd enc < $test.cipher >$test.clear
 cmp $test $test.clear
 if [ $? != 0 ]
 then
 	exit 1
 else
-	/bin/rm $test.cipher $test.clear
+	$RM $test.cipher $test.clear
 fi
 echo base64
 $cmd enc -a -e < $test > $test.cipher
 $cmd enc -a -d < $test.cipher >$test.clear
 cmp $test $test.clear
 if [ $? != 0 ]
 then
 	exit 1
 else
-	/bin/rm $test.cipher $test.clear
+	$RM $test.cipher $test.clear
 fi
 
 for i in `$cmd list-cipher-commands`
 do
 	echo $i
@@ -35,20 +41,20 @@ do
 	cmp $test $test.$i.clear
 	if [ $? != 0 ]
 	then
 		exit 1
 	else
-		/bin/rm $test.$i.cipher $test.$i.clear
+		$RM $test.$i.cipher $test.$i.clear
 	fi
 
 	echo $i base64
 	$cmd $i -bufsize 113 -a -e -k test < $test > $test.$i.cipher
 	$cmd $i -bufsize 157 -a -d -k test < $test.$i.cipher >$test.$i.clear
 	cmp $test $test.$i.clear
 	if [ $? != 0 ]
 	then
 		exit 1
 	else
-		/bin/rm $test.$i.cipher $test.$i.clear
+		$RM $test.$i.cipher $test.$i.clear
 	fi
 done
 rm -f $test
diff -aprNU5 openssl-1.0.2u.orig/test/testss openssl-1.0.2u/test/testss
--- openssl-1.0.2u.orig/test/testss	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/test/testss	2019-12-31 13:06:40 +0000
@@ -155,9 +155,15 @@ echo The first generated proxy certifica
 echo The first generated proxy private key is $P1key
 
 echo The second generated proxy certificate is $P2cert
 echo The second generated proxy private key is $P2key
 
-/bin/rm err.ss
+if test -d /dev/env/DJDIR -a -n "$DJGPP" -a -f "$DJGPP"; then
+  RM=/dev/env/DJDIR/bin/rm.exe
+else
+  RM=/bin/rm
+fi
+
+$RM err.ss
 #/bin/rm $P1intermediate
 #/bin/rm $P2intermediate
 exit 0
diff -aprNU5 openssl-1.0.2u.orig/test/tpkcs7 openssl-1.0.2u/test/tpkcs7
--- openssl-1.0.2u.orig/test/tpkcs7	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/test/tpkcs7	2019-12-31 13:06:40 +0000
@@ -42,7 +42,13 @@ if [ $? != 0 ]; then exit 1; fi
 cmp p7-f.p p7-ff.p1
 if [ $? != 0 ]; then exit 1; fi
 cmp p7-f.p p7-ff.p3
 if [ $? != 0 ]; then exit 1; fi
 
-/bin/rm -f p7-f.* p7-ff.* p7-fff.*
+if test -d /dev/env/DJDIR -a -n "$DJGPP" -a -f "$DJGPP"; then
+  RM=/dev/env/DJDIR/bin/rm.exe
+else
+  RM=/bin/rm
+fi
+
+$RM -f p7-f.* p7-ff.* p7-fff.*
 exit 0
diff -aprNU5 openssl-1.0.2u.orig/test/tpkcs7d openssl-1.0.2u/test/tpkcs7d
--- openssl-1.0.2u.orig/test/tpkcs7d	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/test/tpkcs7d	2019-12-31 13:06:40 +0000
@@ -35,7 +35,13 @@ if [ $? != 0 ]; then exit 1; fi
 cmp p7d-f.p p7d-ff.p1
 if [ $? != 0 ]; then exit 1; fi
 cmp p7d-f.p p7d-ff.p3
 if [ $? != 0 ]; then exit 1; fi
 
-/bin/rm -f p7d-f.* p7d-ff.* p7d-fff.*
+if test -d /dev/env/DJDIR -a -n "$DJGPP" -a -f "$DJGPP"; then
+  RM=/dev/env/DJDIR/bin/rm.exe
+else
+  RM=/bin/rm
+fi
+
+$RM -f p7d-f.* p7d-ff.* p7d-fff.*
 exit 0
diff -aprNU5 openssl-1.0.2u.orig/test/treq openssl-1.0.2u/test/treq
--- openssl-1.0.2u.orig/test/treq	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/test/treq	2019-12-31 13:06:40 +0000
@@ -77,7 +77,13 @@ if [ $? != 0 ]; then exit 1; fi
 #cmp req-f.p req-ff.p2
 #if [ $? != 0 ]; then exit 1; fi
 cmp req-f.p req-ff.p3
 if [ $? != 0 ]; then exit 1; fi
 
-/bin/rm -f req-f.* req-ff.* req-fff.*
+if test -d /dev/env/DJDIR -a -n "$DJGPP" -a -f "$DJGPP"; then
+  RM=/dev/env/DJDIR/bin/rm.exe
+else
+  RM=/bin/rm
+fi
+
+$RM -f req-f.* req-ff.* req-fff.*
 exit 0
diff -aprNU5 openssl-1.0.2u.orig/test/trsa openssl-1.0.2u/test/trsa
--- openssl-1.0.2u.orig/test/trsa	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/test/trsa	2019-12-31 13:06:40 +0000
@@ -77,7 +77,13 @@ if [ $? != 0 ]; then exit 1; fi
 #cmp rsa-f.p rsa-ff.p2
 #if [ $? != 0 ]; then exit 1; fi
 cmp rsa-f.p rsa-ff.p3
 if [ $? != 0 ]; then exit 1; fi
 
-/bin/rm -f rsa-f.* rsa-ff.* rsa-fff.*
+if test -d /dev/env/DJDIR -a -n "$DJGPP" -a -f "$DJGPP"; then
+  RM=/dev/env/DJDIR/bin/rm.exe
+else
+  RM=/bin/rm
+fi
+
+$RM -f rsa-f.* rsa-ff.* rsa-fff.*
 exit 0
diff -aprNU5 openssl-1.0.2u.orig/test/tsid openssl-1.0.2u/test/tsid
--- openssl-1.0.2u.orig/test/tsid	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/test/tsid	2019-12-31 13:06:40 +0000
@@ -72,7 +72,13 @@ if [ $? != 0 ]; then exit 1; fi
 #cmp sid-f.p sid-ff.p2
 #if [ $? != 0 ]; then exit 1; fi
 cmp sid-f.p sid-ff.p3
 if [ $? != 0 ]; then exit 1; fi
 
-/bin/rm -f sid-f.* sid-ff.* sid-fff.*
+if test -d /dev/env/DJDIR -a -n "$DJGPP" -a -f "$DJGPP"; then
+  RM=/dev/env/DJDIR/bin/rm.exe
+else
+  RM=/bin/rm
+fi
+
+$RM -f sid-f.* sid-ff.* sid-fff.*
 exit 0
diff -aprNU5 openssl-1.0.2u.orig/test/tx509 openssl-1.0.2u/test/tx509
--- openssl-1.0.2u.orig/test/tx509	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/test/tx509	2019-12-31 13:06:40 +0000
@@ -79,7 +79,13 @@ echo "Parsing test certificates"
 $cmd -in certs/pss1.pem -text -noout >/dev/null
 if [ $? != 0 ]; then exit 1; fi
 
 echo OK
 
-/bin/rm -f x509-f.* x509-ff.* x509-fff.*
+if test -d /dev/env/DJDIR -a -n "$DJGPP" -a -f "$DJGPP"; then
+  RM=/dev/env/DJDIR/bin/rm.exe
+else
+  RM=/bin/rm
+fi
+
+$RM -f x509-f.* x509-ff.* x509-fff.*
 exit 0
diff -aprNU5 openssl-1.0.2u.orig/util/mkcerts.sh openssl-1.0.2u/util/mkcerts.sh
--- openssl-1.0.2u.orig/util/mkcerts.sh	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/util/mkcerts.sh	2019-12-31 13:06:40 +0000
@@ -204,16 +204,26 @@ cat pca-key.pem  >> pca-cert.pem
 cat ca-key.pem   >> ca-cert.pem
 cat s512-key.pem >> server.pem
 cat s1024key.pem >> server2.pem
 cat c512-key.pem >> client.pem
 
+
+if test -d /dev/env/DJDIR -a -n "$DJGPP" -a -f "$DJGPP"; then
+  CAT=/dev/env/DJDIR/bin/cat.exe
+  MV=/dev/env/DJDIR/bin/mv.exe
+else
+  CAT=/bin/cat
+  MV=/bin/mv
+fi
+
+$RM -f crl-f.* crl-ff.* crl-fff.*
 for i in pca-cert.pem ca-cert.pem server.pem server2.pem client.pem
 do
 $SSLEAY x509 -issuer -subject -in $i -noout >$$
 cat $$
-/bin/cat $i >>$$
-/bin/mv $$ $i
+$CAT $i >>$$
+$MV $$ $i
 done
 
 #/bin/rm -f *key.pem *req.pem *.srl
 
 echo Finished
diff -aprNU5 openssl-1.0.2u.orig/util/speed.sh openssl-1.0.2u/util/speed.sh
--- openssl-1.0.2u.orig/util/speed.sh	2019-12-20 13:02:40 +0000
+++ openssl-1.0.2u/util/speed.sh	2019-12-31 13:06:40 +0000
@@ -9,28 +9,34 @@
 # from the $(TOP) directory
 # Edit Configure, modifying things to do with the b/bl-4c-2c etc
 # configurations.
 #
 
+if test -d /dev/env/DJDIR -a -n "$DJGPP" -a -f "$DJGPP"; then
+  RM=/dev/env/DJDIR/bin/rm.exe
+else
+  RM=/bin/rm
+fi
+
 make clean
 perl Configure b
 make
 apps/ssleay version -v -b -f >speed.1
 apps/ssleay speed >speed.1l
 
 perl Configure bl-4c-2c
-/bin/rm -f crypto/rc4/*.o crypto/bn/bn*.o crypto/md2/md2_dgst.o
+$RM -f crypto/rc4/*.o crypto/bn/bn*.o crypto/md2/md2_dgst.o
 make
 apps/ssleay speed rc4 rsa md2 >speed.2l
 
 perl Configure bl-4c-ri
-/bin/rm -f crypto/rc4/rc4*.o
+$RM -f crypto/rc4/rc4*.o
 make
 apps/ssleay speed rc4 >speed.3l
 
 perl Configure b2-is-ri-dp
-/bin/rm -f crypto/idea/i_*.o crypto/rc4/*.o crypto/des/ecb_enc.o crypto/bn/bn*.o
+$RM -f crypto/idea/i_*.o crypto/rc4/*.o crypto/des/ecb_enc.o crypto/bn/bn*.o
 apps/ssleay speed rsa rc4 idea des >speed.4l
 
 cat speed.1 >speed.log
 cat speed.1l >>speed.log
 perl util/sp-diff.pl speed.1l speed.2l >>speed.log
