The bell tolls for BUF_strdup - Start the migration to using

intrinsics. This is the easy ones, a few left to check one at
a time.
ok miod@ deraadt@

40 files changed, 155 insertions, 145 deletions

diff --git a/src/lib/libcrypto/asn1/ameth_lib.c b/src/lib/libcrypto/asn1/ameth_lib.c
index e9f73cb3a6..e88496cc9d 100644
--- a/src/lib/libcrypto/asn1/ameth_lib.c
+++ b/src/lib/libcrypto/asn1/ameth_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ameth_lib.c,v 1.13 2014/07/11 13:41:59 miod Exp $ */
+/* $OpenBSD: ameth_lib.c,v 1.14 2014/07/13 16:03:09 beck Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2006.
  */
@@ -294,14 +294,14 @@ EVP_PKEY_asn1_new(int id, int flags, const char *pem_str, const char *info)
         ameth->pkey_flags = flags | ASN1_PKEY_DYNAMIC;
 
         if (info) {
-                ameth->info = BUF_strdup(info);
+                ameth->info = strdup(info);
                 if (!ameth->info)
                         goto err;
         } else
                 ameth->info = NULL;
 
         if (pem_str) {
-                ameth->pem_str = BUF_strdup(pem_str);
+                ameth->pem_str = strdup(pem_str);
                 if (!ameth->pem_str)
                         goto err;
         } else
diff --git a/src/lib/libcrypto/asn1/asn_mime.c b/src/lib/libcrypto/asn1/asn_mime.c
index 994531837f..c153deca1e 100644
--- a/src/lib/libcrypto/asn1/asn_mime.c
+++ b/src/lib/libcrypto/asn1/asn_mime.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: asn_mime.c,v 1.21 2014/07/11 13:41:59 miod Exp $ */
+/* $OpenBSD: asn_mime.c,v 1.22 2014/07/13 16:03:09 beck Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project.
  */
@@ -833,13 +833,13 @@ mime_hdr_new(char *name, char *value)
         char *tmpname = NULL, *tmpval = NULL, *p;
 
         if (name) {
-                if (!(tmpname = BUF_strdup(name)))
+                if (!(tmpname = strdup(name)))
                         goto err;
                 for (p = tmpname; *p; p++)
                         *p = tolower((unsigned char)*p);
         }
         if (value) {
-                if (!(tmpval = BUF_strdup(value)))
+                if (!(tmpval = strdup(value)))
                         goto err;
                 for (p = tmpval; *p; p++)
                         *p = tolower((unsigned char)*p);
@@ -867,14 +867,14 @@ mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value)
         MIME_PARAM *mparam;
 
         if (name) {
-                tmpname = BUF_strdup(name);
+                tmpname = strdup(name);
                 if (!tmpname)
                         goto err;
                 for (p = tmpname; *p; p++)
                         *p = tolower((unsigned char)*p);
         }
         if (value) {
-                tmpval = BUF_strdup(value);
+                tmpval = strdup(value);
                 if (!tmpval)
                         goto err;
         }
diff --git a/src/lib/libcrypto/bio/b_sock.c b/src/lib/libcrypto/bio/b_sock.c
index 8c37a3e175..ced0406bc1 100644
--- a/src/lib/libcrypto/bio/b_sock.c
+++ b/src/lib/libcrypto/bio/b_sock.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: b_sock.c,v 1.54 2014/07/11 08:44:47 jsing Exp $ */
+/* $OpenBSD: b_sock.c,v 1.55 2014/07/13 16:03:09 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -235,7 +235,7 @@ BIO_get_accept_socket(char *host, int bind_mode)
         unsigned long l;
         int err_num;
 
-        if ((str = BUF_strdup(host)) == NULL)
+        if (host == NULL || (str = strdup(host)) == NULL)
                 return (-1);
 
         h = p = NULL;
diff --git a/src/lib/libcrypto/bio/bss_acpt.c b/src/lib/libcrypto/bio/bss_acpt.c
index c0316a2999..65d4bb2547 100644
--- a/src/lib/libcrypto/bio/bss_acpt.c
+++ b/src/lib/libcrypto/bio/bss_acpt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bss_acpt.c,v 1.23 2014/07/11 08:44:47 jsing Exp $ */
+/* $OpenBSD: bss_acpt.c,v 1.24 2014/07/13 16:03:09 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -354,7 +354,7 @@ acpt_ctrl(BIO *b, int cmd, long num, void *ptr)
                         if (num == 0) {
                                 b->init = 1;
                                 free(data->param_addr);
-                                data->param_addr = BUF_strdup(ptr);
+                                data->param_addr = strdup(ptr);
                         } else if (num == 1) {
                                 data->accept_nbio = (ptr != NULL);
                         } else if (num == 2) {
diff --git a/src/lib/libcrypto/bio/bss_conn.c b/src/lib/libcrypto/bio/bss_conn.c
index 8049f5c3f0..5120dabcb5 100644
--- a/src/lib/libcrypto/bio/bss_conn.c
+++ b/src/lib/libcrypto/bio/bss_conn.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bss_conn.c,v 1.29 2014/07/11 08:44:47 jsing Exp $ */
+/* $OpenBSD: bss_conn.c,v 1.30 2014/07/13 16:03:09 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -152,7 +152,7 @@ conn_state(BIO *b, BIO_CONNECT *c)
                                                         break;
                                                 }
                                         free(c->param_port);
-                                        c->param_port = BUF_strdup(p);
+                                        c->param_port = strdup(p);
                                 }
                         }
 
@@ -471,10 +471,10 @@ conn_ctrl(BIO *b, int cmd, long num, void *ptr)
                         b->init = 1;
                         if (num == 0) {
                                 free(data->param_hostname);
-                                data->param_hostname = BUF_strdup(ptr);
+                                data->param_hostname = strdup(ptr);
                         } else if (num == 1) {
                                 free(data->param_port);
-                                data->param_port = BUF_strdup(ptr);
+                                data->param_port = strdup(ptr);
                         } else if (num == 2) {
                                 unsigned char *p = ptr;
                                 free(data->param_hostname);
diff --git a/src/lib/libcrypto/conf/conf_mod.c b/src/lib/libcrypto/conf/conf_mod.c
index 36ffeb9f95..c4c429497c 100644
--- a/src/lib/libcrypto/conf/conf_mod.c
+++ b/src/lib/libcrypto/conf/conf_mod.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: conf_mod.c,v 1.23 2014/07/11 08:44:48 jsing Exp $ */
+/* $OpenBSD: conf_mod.c,v 1.24 2014/07/13 16:03:09 beck Exp $ */
 /* Written by Stephen Henson (steve@openssl.org) for the OpenSSL
  * project 2001.
  */
@@ -347,8 +347,8 @@ module_init(CONF_MODULE *pmod, char *name, char *value, const CONF *cnf)
                 goto err;
 
         imod->pmod = pmod;
-        imod->name = BUF_strdup(name);
-        imod->value = BUF_strdup(value);
+        imod->name = name ? strdup(name) : NULL;
+        imod->value = value ? strdup(value) : NULL;
         imod->usr_data = NULL;
 
         if (!imod->name || !imod->value)
@@ -547,7 +547,7 @@ CONF_get1_default_config_file(void)
         if (issetugid() == 0)
                 file = getenv("OPENSSL_CONF");
         if (file)
-                return BUF_strdup(file);
+                return strdup(file);
         if (asprintf(&file, "%s/openssl.cnf",
             X509_get_default_cert_area()) == -1)
                 return (NULL);
diff --git a/src/lib/libcrypto/engine/eng_dyn.c b/src/lib/libcrypto/engine/eng_dyn.c
index ec2ad7a8e7..dfb35a8403 100644
--- a/src/lib/libcrypto/engine/eng_dyn.c
+++ b/src/lib/libcrypto/engine/eng_dyn.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: eng_dyn.c,v 1.11 2014/07/10 13:58:22 jsing Exp $ */
+/* $OpenBSD: eng_dyn.c,v 1.12 2014/07/13 16:03:09 beck Exp $ */
 /* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
  * project 2001.
  */
@@ -348,7 +348,7 @@ dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void))
                         p = NULL;
                 free((void *)ctx->DYNAMIC_LIBNAME);
                 if (p)
-                        ctx->DYNAMIC_LIBNAME = BUF_strdup(p);
+                        ctx->DYNAMIC_LIBNAME = strdup(p);
                 else
                         ctx->DYNAMIC_LIBNAME = NULL;
                 return (ctx->DYNAMIC_LIBNAME ? 1 : 0);
@@ -361,7 +361,7 @@ dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void))
                         p = NULL;
                 free((void *)ctx->engine_id);
                 if (p)
-                        ctx->engine_id = BUF_strdup(p);
+                        ctx->engine_id = strdup(p);
                 else
                         ctx->engine_id = NULL;
                 return (ctx->engine_id ? 1 : 0);
@@ -391,7 +391,7 @@ dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void))
                         return 0;
                 }
                 {
-                        char *tmp_str = BUF_strdup(p);
+                        char *tmp_str = strdup(p);
                         if (!tmp_str) {
                                 ENGINEerr(ENGINE_F_DYNAMIC_CTRL,
                                     ERR_R_MALLOC_FAILURE);
diff --git a/src/lib/libcrypto/ocsp/ocsp_lib.c b/src/lib/libcrypto/ocsp/ocsp_lib.c
index 8599e48bff..51d2c719f2 100644
--- a/src/lib/libcrypto/ocsp/ocsp_lib.c
+++ b/src/lib/libcrypto/ocsp/ocsp_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ocsp_lib.c,v 1.14 2014/07/11 08:44:49 jsing Exp $ */
+/* $OpenBSD: ocsp_lib.c,v 1.15 2014/07/13 16:03:09 beck Exp $ */
 /* Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
  * project. */
 
@@ -191,7 +191,7 @@ OCSP_parse_url(char *url, char **phost, char **pport, char **ppath, int *pssl)
         *ppath = NULL;
 
         /* dup the buffer since we are going to mess with it */
-        buf = BUF_strdup(url);
+        buf = url ? strdup(url) : NULL;
         if (!buf)
                 goto mem_err;
 
@@ -222,9 +222,9 @@ OCSP_parse_url(char *url, char **phost, char **pport, char **ppath, int *pssl)
         /* Check for trailing part of path */
         p = strchr(p, '/');
         if (!p)
-                *ppath = BUF_strdup("/");
+                *ppath = strdup("/");
         else {
-                *ppath = BUF_strdup(p);
+                *ppath = strdup(p);
                 /* Set start of path to 0 so hostname is valid */
                 *p = '\0';
         }
@@ -244,11 +244,11 @@ OCSP_parse_url(char *url, char **phost, char **pport, char **ppath, int *pssl)
                         port = "80";
         }
 
-        *pport = BUF_strdup(port);
+        *pport = strdup(port);
         if (!*pport)
                 goto mem_err;
 
-        *phost = BUF_strdup(host);
+        *phost = strdup(host);
 
         if (!*phost)
                 goto mem_err;
diff --git a/src/lib/libcrypto/srp/srp_vfy.c b/src/lib/libcrypto/srp/srp_vfy.c
index 0981890086..6de843527d 100644
--- a/src/lib/libcrypto/srp/srp_vfy.c
+++ b/src/lib/libcrypto/srp/srp_vfy.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: srp_vfy.c,v 1.7 2014/07/11 08:44:49 jsing Exp $ */
+/* $OpenBSD: srp_vfy.c,v 1.8 2014/07/13 16:03:10 beck Exp $ */
 /* Written by Christophe Renou (christophe.renou@edelweb.fr) with 
  * the precious help of Peter Sylvester (peter.sylvester@edelweb.fr) 
  * for the EdelKey project and contributed to the OpenSSL project 2004.
@@ -218,9 +218,9 @@ static void SRP_user_pwd_set_gN(SRP_user_pwd *vinfo, const BIGNUM *g,
 static int SRP_user_pwd_set_ids(SRP_user_pwd *vinfo, const char *id,
                                 const char *info)
         {
-        if (id != NULL && NULL == (vinfo->id = BUF_strdup(id)))
+        if (id != NULL && NULL == (vinfo->id = strdup(id)))
                 return 0;
-        return (info == NULL || NULL != (vinfo->info = BUF_strdup(info))) ;
+        return (info == NULL || NULL != (vinfo->info = strdup(info))) ;
         }
 
 static int SRP_user_pwd_set_sv(SRP_user_pwd *vinfo, const char *s,
@@ -261,7 +261,7 @@ SRP_VBASE *SRP_VBASE_new(char *seed_key)
         vb->default_N = NULL;
         vb->seed_key = NULL;
         if ((seed_key != NULL) && 
-                (vb->seed_key = BUF_strdup(seed_key)) == NULL)
+                (vb->seed_key = strdup(seed_key)) == NULL)
                 {
                 sk_SRP_user_pwd_free(vb->users_pwd);
                 sk_SRP_gN_cache_free(vb->gN_cache);
diff --git a/src/lib/libcrypto/ui/ui_lib.c b/src/lib/libcrypto/ui/ui_lib.c
index a33484c72b..4fabcd9909 100644
--- a/src/lib/libcrypto/ui/ui_lib.c
+++ b/src/lib/libcrypto/ui/ui_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ui_lib.c,v 1.26 2014/07/11 16:22:29 deraadt Exp $ */
+/* $OpenBSD: ui_lib.c,v 1.27 2014/07/13 16:03:10 beck Exp $ */
 /* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
  * project 2001.
  */
@@ -245,7 +245,7 @@ UI_dup_input_string(UI *ui, const char *prompt, int flags, char *result_buf,
         char *prompt_copy = NULL;
 
         if (prompt) {
-                prompt_copy = BUF_strdup(prompt);
+                prompt_copy = strdup(prompt);
                 if (prompt_copy == NULL) {
                         UIerr(UI_F_UI_DUP_INPUT_STRING, ERR_R_MALLOC_FAILURE);
                         return 0;
@@ -270,7 +270,7 @@ UI_dup_verify_string(UI *ui, const char *prompt, int flags,
         char *prompt_copy = NULL;
 
         if (prompt) {
-                prompt_copy = BUF_strdup(prompt);
+                prompt_copy = strdup(prompt);
                 if (prompt_copy == NULL) {
                         UIerr(UI_F_UI_DUP_VERIFY_STRING, ERR_R_MALLOC_FAILURE);
                         return -1;
@@ -298,28 +298,28 @@ UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
         char *cancel_chars_copy = NULL;
 
         if (prompt) {
-                prompt_copy = BUF_strdup(prompt);
+                prompt_copy = strdup(prompt);
                 if (prompt_copy == NULL) {
                         UIerr(UI_F_UI_DUP_INPUT_BOOLEAN, ERR_R_MALLOC_FAILURE);
                         goto err;
                 }
         }
         if (action_desc) {
-                action_desc_copy = BUF_strdup(action_desc);
+                action_desc_copy = strdup(action_desc);
                 if (action_desc_copy == NULL) {
                         UIerr(UI_F_UI_DUP_INPUT_BOOLEAN, ERR_R_MALLOC_FAILURE);
                         goto err;
                 }
         }
         if (ok_chars) {
-                ok_chars_copy = BUF_strdup(ok_chars);
+                ok_chars_copy = strdup(ok_chars);
                 if (ok_chars_copy == NULL) {
                         UIerr(UI_F_UI_DUP_INPUT_BOOLEAN, ERR_R_MALLOC_FAILURE);
                         goto err;
                 }
         }
         if (cancel_chars) {
-                cancel_chars_copy = BUF_strdup(cancel_chars);
+                cancel_chars_copy = strdup(cancel_chars);
                 if (cancel_chars_copy == NULL) {
                         UIerr(UI_F_UI_DUP_INPUT_BOOLEAN, ERR_R_MALLOC_FAILURE);
                         goto err;
@@ -350,7 +350,7 @@ UI_dup_info_string(UI *ui, const char *text)
         char *text_copy = NULL;
 
         if (text) {
-                text_copy = BUF_strdup(text);
+                text_copy = strdup(text);
                 if (text_copy == NULL) {
                         UIerr(UI_F_UI_DUP_INFO_STRING, ERR_R_MALLOC_FAILURE);
                         return -1;
@@ -373,7 +373,7 @@ UI_dup_error_string(UI *ui, const char *text)
         char *text_copy = NULL;
 
         if (text) {
-                text_copy = BUF_strdup(text);
+                text_copy = strdup(text);
                 if (text_copy == NULL) {
                         UIerr(UI_F_UI_DUP_ERROR_STRING, ERR_R_MALLOC_FAILURE);
                         return -1;
diff --git a/src/lib/libcrypto/x509v3/v3_addr.c b/src/lib/libcrypto/x509v3/v3_addr.c
index 28031a0754..1e016586c7 100644
--- a/src/lib/libcrypto/x509v3/v3_addr.c
+++ b/src/lib/libcrypto/x509v3/v3_addr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: v3_addr.c,v 1.12 2014/07/11 08:44:49 jsing Exp $ */
+/* $OpenBSD: v3_addr.c,v 1.13 2014/07/13 16:03:10 beck Exp $ */
 /*
  * Contributed to the OpenSSL Project by the American Registry for
  * Internet Numbers ("ARIN").
@@ -1032,9 +1032,9 @@ v2i_IPAddrBlocks(const struct v3_ext_method *method, struct v3_ext_ctx *ctx,
                                 goto err;
                         }
                         t += strspn(t, " \t");
-                        s = BUF_strdup(t);
+                        s = strdup(t);
                 } else {
-                        s = BUF_strdup(val->value);
+                        s = strdup(val->value);
                 }
                 if (s == NULL) {
                         X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
diff --git a/src/lib/libcrypto/x509v3/v3_asid.c b/src/lib/libcrypto/x509v3/v3_asid.c
index 4ff8f0da37..680eed31ec 100644
--- a/src/lib/libcrypto/x509v3/v3_asid.c
+++ b/src/lib/libcrypto/x509v3/v3_asid.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: v3_asid.c,v 1.10 2014/07/11 08:44:49 jsing Exp $ */
+/* $OpenBSD: v3_asid.c,v 1.11 2014/07/13 16:03:10 beck Exp $ */
 /*
  * Contributed to the OpenSSL Project by the American Registry for
  * Internet Numbers ("ARIN").
@@ -643,7 +643,7 @@ v2i_ASIdentifiers(const struct v3_ext_method *method, struct v3_ext_ctx *ctx,
                                 goto err;
                         }
                 } else {
-                        char *s = BUF_strdup(val->value);
+                        char *s = strdup(val->value);
                         if (s == NULL) {
                                 X509V3err(X509V3_F_V2I_ASIDENTIFIERS,
                                     ERR_R_MALLOC_FAILURE);
diff --git a/src/lib/libcrypto/x509v3/v3_enum.c b/src/lib/libcrypto/x509v3/v3_enum.c
index 8900d7e01b..c09601edad 100644
--- a/src/lib/libcrypto/x509v3/v3_enum.c
+++ b/src/lib/libcrypto/x509v3/v3_enum.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: v3_enum.c,v 1.9 2014/07/11 08:44:49 jsing Exp $ */
+/* $OpenBSD: v3_enum.c,v 1.10 2014/07/13 16:03:10 beck Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
@@ -57,7 +57,7 @@
  */
 
 #include <stdio.h>
-
+#include <string.h>
 #include <openssl/x509v3.h>
 
 static ENUMERATED_NAMES crl_reasons[] = {
@@ -93,7 +93,7 @@ i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *method, ASN1_ENUMERATED *e)
         strval = ASN1_ENUMERATED_get(e);
         for (enam = method->usr_data; enam->lname; enam++) {
                 if (strval == enam->bitnum)
-                        return BUF_strdup(enam->lname);
+                        return strdup(enam->lname);
         }
         return i2s_ASN1_ENUMERATED(method, e);
 }
diff --git a/src/lib/libcrypto/x509v3/v3_purp.c b/src/lib/libcrypto/x509v3/v3_purp.c
index 03fb427277..b8db8d69a2 100644
--- a/src/lib/libcrypto/x509v3/v3_purp.c
+++ b/src/lib/libcrypto/x509v3/v3_purp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: v3_purp.c,v 1.21 2014/07/11 08:44:49 jsing Exp $ */
+/* $OpenBSD: v3_purp.c,v 1.22 2014/07/13 16:03:10 beck Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2001.
  */
@@ -227,8 +227,8 @@ X509_PURPOSE_add(int id, int trust, int flags,
                 free(ptmp->sname);
         }
         /* dup supplied name */
-        ptmp->name = BUF_strdup(name);
-        ptmp->sname = BUF_strdup(sname);
+        ptmp->name = name ? strdup(name) : NULL;
+        ptmp->sname = sname ? strdup(sname) : NULL;
         if (!ptmp->name || !ptmp->sname) {
                 free(ptmp->name);
                 free(ptmp->sname);
diff --git a/src/lib/libcrypto/x509v3/v3_utl.c b/src/lib/libcrypto/x509v3/v3_utl.c
index d9987e32a5..99090f3cd2 100644
--- a/src/lib/libcrypto/x509v3/v3_utl.c
+++ b/src/lib/libcrypto/x509v3/v3_utl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: v3_utl.c,v 1.22 2014/07/11 08:44:49 jsing Exp $ */
+/* $OpenBSD: v3_utl.c,v 1.23 2014/07/13 16:03:10 beck Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project.
  */
@@ -87,9 +87,9 @@ X509V3_add_value(const char *name, const char *value,
         CONF_VALUE *vtmp = NULL;
         char *tname = NULL, *tvalue = NULL;
 
-        if (name && !(tname = BUF_strdup(name)))
+        if (name && !(tname = strdup(name)))
                 goto err;
-        if (value && !(tvalue = BUF_strdup(value)))
+        if (value && !(tvalue = strdup(value)))
                 goto err;
         if (!(vtmp = malloc(sizeof(CONF_VALUE))))
                 goto err;
@@ -301,7 +301,10 @@ X509V3_parse_list(const char *line)
         int state;
 
         /* We are going to modify the line so copy it first */
-        linebuf = BUF_strdup(line);
+        if ((linebuf = strdup(line)) == NULL) {
+                X509V3err(X509V3_F_X509V3_PARSE_LIST, ERR_R_MALLOC_FAILURE);
+                goto err;
+        }
         state = HDR_NAME;
         ntmp = NULL;
 
@@ -632,7 +635,7 @@ append_ia5(STACK_OF(OPENSSL_STRING) **sk, ASN1_IA5STRING *email)
         /* Don't add duplicates */
         if (sk_OPENSSL_STRING_find(*sk, (char *)email->data) != -1)
                 return 1;
-        emtmp = BUF_strdup((char *)email->data);
+        emtmp = strdup((char *)email->data);
         if (!emtmp || !sk_OPENSSL_STRING_push(*sk, emtmp)) {
                 X509_email_free(*sk);
                 *sk = NULL;
@@ -686,7 +689,7 @@ a2i_IPADDRESS_NC(const char *ipasc)
         p = strchr(ipasc, '/');
         if (!p)
                 return NULL;
-        iptmp = BUF_strdup(ipasc);
+        iptmp = strdup(ipasc);
         if (!iptmp)
                 return NULL;
         p = iptmp + (p - ipasc);
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
index decdda90a3..8a40b758a9 100644
--- a/src/lib/libssl/s3_lib.c
+++ b/src/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.70 2014/07/12 22:33:39 jsing Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.71 2014/07/13 16:03:10 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -2566,7 +2566,7 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
                                     SSL_R_SSL3_EXT_INVALID_SERVERNAME);
                                 return 0;
                         }
-                        if ((s->tlsext_hostname = BUF_strdup((char *)parg))
+                        if ((s->tlsext_hostname = strdup((char *)parg))
                             == NULL) {
                                 SSLerr(SSL_F_SSL3_CTRL,
                                     ERR_R_INTERNAL_ERROR);
diff --git a/src/lib/libssl/src/apps/apps.c b/src/lib/libssl/src/apps/apps.c
index 84dd13339d..fdbd436acc 100644
--- a/src/lib/libssl/src/apps/apps.c
+++ b/src/lib/libssl/src/apps/apps.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: apps.c,v 1.65 2014/07/12 17:54:31 jsing Exp $ */
+/* $OpenBSD: apps.c,v 1.66 2014/07/13 16:03:09 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -473,7 +473,7 @@ app_get_pass(BIO *err, char *arg, int keepbio)
         int i;
 
         if (!strncmp(arg, "pass:", 5))
-                return BUF_strdup(arg + 5);
+                return strdup(arg + 5);
         if (!strncmp(arg, "env:", 4)) {
                 tmp = getenv(arg + 4);
                 if (!tmp) {
@@ -481,7 +481,7 @@ app_get_pass(BIO *err, char *arg, int keepbio)
                             arg + 4);
                         return NULL;
                 }
-                return BUF_strdup(tmp);
+                return strdup(tmp);
         }
         if (!keepbio || !pwdbio) {
                 if (!strncmp(arg, "file:", 5)) {
@@ -537,7 +537,7 @@ app_get_pass(BIO *err, char *arg, int keepbio)
         tmp = strchr(tpass, '\n');
         if (tmp)
                 *tmp = 0;
-        return BUF_strdup(tpass);
+        return strdup(tpass);
 }
 
 int
diff --git a/src/lib/libssl/src/apps/ca.c b/src/lib/libssl/src/apps/ca.c
index 8ebfd77f0a..ae711a2e07 100644
--- a/src/lib/libssl/src/apps/ca.c
+++ b/src/lib/libssl/src/apps/ca.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ca.c,v 1.62 2014/07/12 17:54:31 jsing Exp $ */
+/* $OpenBSD: ca.c,v 1.63 2014/07/13 16:03:09 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1729,7 +1729,7 @@ again2:
         }
 
         if (BN_is_zero(serial))
-                row[DB_serial] = BUF_strdup("00");
+                row[DB_serial] = strdup("00");
         else
                 row[DB_serial] = BN_bn2hex(serial);
         if (row[DB_serial] == NULL) {
@@ -2195,7 +2195,7 @@ do_revoke(X509 * x509, CA_DB * db, int type, char *value)
         if (!bn)
                 goto err;
         if (BN_is_zero(bn))
-                row[DB_serial] = BUF_strdup("00");
+                row[DB_serial] = strdup("00");
         else
                 row[DB_serial] = BN_bn2hex(bn);
         BN_free(bn);
@@ -2631,7 +2631,10 @@ unpack_revinfo(ASN1_TIME ** prevtm, int *preason, ASN1_OBJECT ** phold,
         ASN1_OBJECT *hold = NULL;
         ASN1_GENERALIZEDTIME *comp_time = NULL;
 
-        tmp = BUF_strdup(str);
+        if ((tmp = strdup(str)) == NULL) {
+                BIO_printf(bio_err, "malloc failed\n");
+                goto err;
+        }
         p = strchr(tmp, ',');
         rtime_str = tmp;
 
diff --git a/src/lib/libssl/src/apps/cms.c b/src/lib/libssl/src/apps/cms.c
index bafbce1f5c..91203bc719 100644
--- a/src/lib/libssl/src/apps/cms.c
+++ b/src/lib/libssl/src/apps/cms.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cms.c,v 1.19 2014/07/12 17:54:31 jsing Exp $ */
+/* $OpenBSD: cms.c,v 1.20 2014/07/13 16:03:09 beck Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project.
  */
@@ -747,8 +747,7 @@ argerr:
                         secret_keyid = NULL;
                 }
                 if (pwri_pass) {
-                        pwri_tmp =
-                            (unsigned char *)BUF_strdup((char *)pwri_pass);
+                        pwri_tmp = strdup(pwri_pass);
                         if (!pwri_tmp)
                                 goto end;
                         if (!CMS_add0_recipient_password(cms, -1, NID_undef,
diff --git a/src/lib/libssl/src/apps/ocsp.c b/src/lib/libssl/src/apps/ocsp.c
index b431a3c9fd..9bb7da0d88 100644
--- a/src/lib/libssl/src/apps/ocsp.c
+++ b/src/lib/libssl/src/apps/ocsp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ocsp.c,v 1.29 2014/07/12 19:31:21 jsing Exp $ */
+/* $OpenBSD: ocsp.c,v 1.30 2014/07/13 16:03:09 beck Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2000.
  */
@@ -991,7 +991,7 @@ lookup_serial(CA_DB * db, ASN1_INTEGER * ser)
         OPENSSL_assert(bn);     /* FIXME: should report an error at this
                                  * point and abort */
         if (BN_is_zero(bn))
-                itmp = BUF_strdup("00");
+                itmp = strdup("00");
         else
                 itmp = BN_bn2hex(bn);
         row[DB_serial] = itmp;
diff --git a/src/lib/libssl/src/crypto/asn1/ameth_lib.c b/src/lib/libssl/src/crypto/asn1/ameth_lib.c
index e9f73cb3a6..e88496cc9d 100644
--- a/src/lib/libssl/src/crypto/asn1/ameth_lib.c
+++ b/src/lib/libssl/src/crypto/asn1/ameth_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ameth_lib.c,v 1.13 2014/07/11 13:41:59 miod Exp $ */
+/* $OpenBSD: ameth_lib.c,v 1.14 2014/07/13 16:03:09 beck Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2006.
  */
@@ -294,14 +294,14 @@ EVP_PKEY_asn1_new(int id, int flags, const char *pem_str, const char *info)
         ameth->pkey_flags = flags | ASN1_PKEY_DYNAMIC;
 
         if (info) {
-                ameth->info = BUF_strdup(info);
+                ameth->info = strdup(info);
                 if (!ameth->info)
                         goto err;
         } else
                 ameth->info = NULL;
 
         if (pem_str) {
-                ameth->pem_str = BUF_strdup(pem_str);
+                ameth->pem_str = strdup(pem_str);
                 if (!ameth->pem_str)
                         goto err;
         } else
diff --git a/src/lib/libssl/src/crypto/asn1/asn_mime.c b/src/lib/libssl/src/crypto/asn1/asn_mime.c
index 994531837f..c153deca1e 100644
--- a/src/lib/libssl/src/crypto/asn1/asn_mime.c
+++ b/src/lib/libssl/src/crypto/asn1/asn_mime.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: asn_mime.c,v 1.21 2014/07/11 13:41:59 miod Exp $ */
+/* $OpenBSD: asn_mime.c,v 1.22 2014/07/13 16:03:09 beck Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project.
  */
@@ -833,13 +833,13 @@ mime_hdr_new(char *name, char *value)
         char *tmpname = NULL, *tmpval = NULL, *p;
 
         if (name) {
-                if (!(tmpname = BUF_strdup(name)))
+                if (!(tmpname = strdup(name)))
                         goto err;
                 for (p = tmpname; *p; p++)
                         *p = tolower((unsigned char)*p);
         }
         if (value) {
-                if (!(tmpval = BUF_strdup(value)))
+                if (!(tmpval = strdup(value)))
                         goto err;
                 for (p = tmpval; *p; p++)
                         *p = tolower((unsigned char)*p);
@@ -867,14 +867,14 @@ mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value)
         MIME_PARAM *mparam;
 
         if (name) {
-                tmpname = BUF_strdup(name);
+                tmpname = strdup(name);
                 if (!tmpname)
                         goto err;
                 for (p = tmpname; *p; p++)
                         *p = tolower((unsigned char)*p);
         }
         if (value) {
-                tmpval = BUF_strdup(value);
+                tmpval = strdup(value);
                 if (!tmpval)
                         goto err;
         }
diff --git a/src/lib/libssl/src/crypto/bio/b_sock.c b/src/lib/libssl/src/crypto/bio/b_sock.c
index 8c37a3e175..ced0406bc1 100644
--- a/src/lib/libssl/src/crypto/bio/b_sock.c
+++ b/src/lib/libssl/src/crypto/bio/b_sock.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: b_sock.c,v 1.54 2014/07/11 08:44:47 jsing Exp $ */
+/* $OpenBSD: b_sock.c,v 1.55 2014/07/13 16:03:09 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -235,7 +235,7 @@ BIO_get_accept_socket(char *host, int bind_mode)
         unsigned long l;
         int err_num;
 
-        if ((str = BUF_strdup(host)) == NULL)
+        if (host == NULL || (str = strdup(host)) == NULL)
                 return (-1);
 
         h = p = NULL;
diff --git a/src/lib/libssl/src/crypto/bio/bss_acpt.c b/src/lib/libssl/src/crypto/bio/bss_acpt.c
index c0316a2999..65d4bb2547 100644
--- a/src/lib/libssl/src/crypto/bio/bss_acpt.c
+++ b/src/lib/libssl/src/crypto/bio/bss_acpt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bss_acpt.c,v 1.23 2014/07/11 08:44:47 jsing Exp $ */
+/* $OpenBSD: bss_acpt.c,v 1.24 2014/07/13 16:03:09 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -354,7 +354,7 @@ acpt_ctrl(BIO *b, int cmd, long num, void *ptr)
                         if (num == 0) {
                                 b->init = 1;
                                 free(data->param_addr);
-                                data->param_addr = BUF_strdup(ptr);
+                                data->param_addr = strdup(ptr);
                         } else if (num == 1) {
                                 data->accept_nbio = (ptr != NULL);
                         } else if (num == 2) {
diff --git a/src/lib/libssl/src/crypto/bio/bss_conn.c b/src/lib/libssl/src/crypto/bio/bss_conn.c
index 8049f5c3f0..5120dabcb5 100644
--- a/src/lib/libssl/src/crypto/bio/bss_conn.c
+++ b/src/lib/libssl/src/crypto/bio/bss_conn.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bss_conn.c,v 1.29 2014/07/11 08:44:47 jsing Exp $ */
+/* $OpenBSD: bss_conn.c,v 1.30 2014/07/13 16:03:09 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -152,7 +152,7 @@ conn_state(BIO *b, BIO_CONNECT *c)
                                                         break;
                                                 }
                                         free(c->param_port);
-                                        c->param_port = BUF_strdup(p);
+                                        c->param_port = strdup(p);
                                 }
                         }
 
@@ -471,10 +471,10 @@ conn_ctrl(BIO *b, int cmd, long num, void *ptr)
                         b->init = 1;
                         if (num == 0) {
                                 free(data->param_hostname);
-                                data->param_hostname = BUF_strdup(ptr);
+                                data->param_hostname = strdup(ptr);
                         } else if (num == 1) {
                                 free(data->param_port);
-                                data->param_port = BUF_strdup(ptr);
+                                data->param_port = strdup(ptr);
                         } else if (num == 2) {
                                 unsigned char *p = ptr;
                                 free(data->param_hostname);
diff --git a/src/lib/libssl/src/crypto/conf/conf_mod.c b/src/lib/libssl/src/crypto/conf/conf_mod.c
index 36ffeb9f95..c4c429497c 100644
--- a/src/lib/libssl/src/crypto/conf/conf_mod.c
+++ b/src/lib/libssl/src/crypto/conf/conf_mod.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: conf_mod.c,v 1.23 2014/07/11 08:44:48 jsing Exp $ */
+/* $OpenBSD: conf_mod.c,v 1.24 2014/07/13 16:03:09 beck Exp $ */
 /* Written by Stephen Henson (steve@openssl.org) for the OpenSSL
  * project 2001.
  */
@@ -347,8 +347,8 @@ module_init(CONF_MODULE *pmod, char *name, char *value, const CONF *cnf)
                 goto err;
 
         imod->pmod = pmod;
-        imod->name = BUF_strdup(name);
-        imod->value = BUF_strdup(value);
+        imod->name = name ? strdup(name) : NULL;
+        imod->value = value ? strdup(value) : NULL;
         imod->usr_data = NULL;
 
         if (!imod->name || !imod->value)
@@ -547,7 +547,7 @@ CONF_get1_default_config_file(void)
         if (issetugid() == 0)
                 file = getenv("OPENSSL_CONF");
         if (file)
-                return BUF_strdup(file);
+                return strdup(file);
         if (asprintf(&file, "%s/openssl.cnf",
             X509_get_default_cert_area()) == -1)
                 return (NULL);
diff --git a/src/lib/libssl/src/crypto/engine/eng_dyn.c b/src/lib/libssl/src/crypto/engine/eng_dyn.c
index ec2ad7a8e7..dfb35a8403 100644
--- a/src/lib/libssl/src/crypto/engine/eng_dyn.c
+++ b/src/lib/libssl/src/crypto/engine/eng_dyn.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: eng_dyn.c,v 1.11 2014/07/10 13:58:22 jsing Exp $ */
+/* $OpenBSD: eng_dyn.c,v 1.12 2014/07/13 16:03:09 beck Exp $ */
 /* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
  * project 2001.
  */
@@ -348,7 +348,7 @@ dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void))
                         p = NULL;
                 free((void *)ctx->DYNAMIC_LIBNAME);
                 if (p)
-                        ctx->DYNAMIC_LIBNAME = BUF_strdup(p);
+                        ctx->DYNAMIC_LIBNAME = strdup(p);
                 else
                         ctx->DYNAMIC_LIBNAME = NULL;
                 return (ctx->DYNAMIC_LIBNAME ? 1 : 0);
@@ -361,7 +361,7 @@ dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void))
                         p = NULL;
                 free((void *)ctx->engine_id);
                 if (p)
-                        ctx->engine_id = BUF_strdup(p);
+                        ctx->engine_id = strdup(p);
                 else
                         ctx->engine_id = NULL;
                 return (ctx->engine_id ? 1 : 0);
@@ -391,7 +391,7 @@ dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void))
                         return 0;
                 }
                 {
-                        char *tmp_str = BUF_strdup(p);
+                        char *tmp_str = strdup(p);
                         if (!tmp_str) {
                                 ENGINEerr(ENGINE_F_DYNAMIC_CTRL,
                                     ERR_R_MALLOC_FAILURE);
diff --git a/src/lib/libssl/src/crypto/ocsp/ocsp_lib.c b/src/lib/libssl/src/crypto/ocsp/ocsp_lib.c
index 8599e48bff..51d2c719f2 100644
--- a/src/lib/libssl/src/crypto/ocsp/ocsp_lib.c
+++ b/src/lib/libssl/src/crypto/ocsp/ocsp_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ocsp_lib.c,v 1.14 2014/07/11 08:44:49 jsing Exp $ */
+/* $OpenBSD: ocsp_lib.c,v 1.15 2014/07/13 16:03:09 beck Exp $ */
 /* Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
  * project. */
 
@@ -191,7 +191,7 @@ OCSP_parse_url(char *url, char **phost, char **pport, char **ppath, int *pssl)
         *ppath = NULL;
 
         /* dup the buffer since we are going to mess with it */
-        buf = BUF_strdup(url);
+        buf = url ? strdup(url) : NULL;
         if (!buf)
                 goto mem_err;
 
@@ -222,9 +222,9 @@ OCSP_parse_url(char *url, char **phost, char **pport, char **ppath, int *pssl)
         /* Check for trailing part of path */
         p = strchr(p, '/');
         if (!p)
-                *ppath = BUF_strdup("/");
+                *ppath = strdup("/");
         else {
-                *ppath = BUF_strdup(p);
+                *ppath = strdup(p);
                 /* Set start of path to 0 so hostname is valid */
                 *p = '\0';
         }
@@ -244,11 +244,11 @@ OCSP_parse_url(char *url, char **phost, char **pport, char **ppath, int *pssl)
                         port = "80";
         }
 
-        *pport = BUF_strdup(port);
+        *pport = strdup(port);
         if (!*pport)
                 goto mem_err;
 
-        *phost = BUF_strdup(host);
+        *phost = strdup(host);
 
         if (!*phost)
                 goto mem_err;
diff --git a/src/lib/libssl/src/crypto/srp/srp_vfy.c b/src/lib/libssl/src/crypto/srp/srp_vfy.c
index 0981890086..6de843527d 100644
--- a/src/lib/libssl/src/crypto/srp/srp_vfy.c
+++ b/src/lib/libssl/src/crypto/srp/srp_vfy.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: srp_vfy.c,v 1.7 2014/07/11 08:44:49 jsing Exp $ */
+/* $OpenBSD: srp_vfy.c,v 1.8 2014/07/13 16:03:10 beck Exp $ */
 /* Written by Christophe Renou (christophe.renou@edelweb.fr) with 
  * the precious help of Peter Sylvester (peter.sylvester@edelweb.fr) 
  * for the EdelKey project and contributed to the OpenSSL project 2004.
@@ -218,9 +218,9 @@ static void SRP_user_pwd_set_gN(SRP_user_pwd *vinfo, const BIGNUM *g,
 static int SRP_user_pwd_set_ids(SRP_user_pwd *vinfo, const char *id,
                                 const char *info)
         {
-        if (id != NULL && NULL == (vinfo->id = BUF_strdup(id)))
+        if (id != NULL && NULL == (vinfo->id = strdup(id)))
                 return 0;
-        return (info == NULL || NULL != (vinfo->info = BUF_strdup(info))) ;
+        return (info == NULL || NULL != (vinfo->info = strdup(info))) ;
         }
 
 static int SRP_user_pwd_set_sv(SRP_user_pwd *vinfo, const char *s,
@@ -261,7 +261,7 @@ SRP_VBASE *SRP_VBASE_new(char *seed_key)
         vb->default_N = NULL;
         vb->seed_key = NULL;
         if ((seed_key != NULL) && 
-                (vb->seed_key = BUF_strdup(seed_key)) == NULL)
+                (vb->seed_key = strdup(seed_key)) == NULL)
                 {
                 sk_SRP_user_pwd_free(vb->users_pwd);
                 sk_SRP_gN_cache_free(vb->gN_cache);
diff --git a/src/lib/libssl/src/crypto/ui/ui_lib.c b/src/lib/libssl/src/crypto/ui/ui_lib.c
index a33484c72b..4fabcd9909 100644
--- a/src/lib/libssl/src/crypto/ui/ui_lib.c
+++ b/src/lib/libssl/src/crypto/ui/ui_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ui_lib.c,v 1.26 2014/07/11 16:22:29 deraadt Exp $ */
+/* $OpenBSD: ui_lib.c,v 1.27 2014/07/13 16:03:10 beck Exp $ */
 /* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
  * project 2001.
  */
@@ -245,7 +245,7 @@ UI_dup_input_string(UI *ui, const char *prompt, int flags, char *result_buf,
         char *prompt_copy = NULL;
 
         if (prompt) {
-                prompt_copy = BUF_strdup(prompt);
+                prompt_copy = strdup(prompt);
                 if (prompt_copy == NULL) {
                         UIerr(UI_F_UI_DUP_INPUT_STRING, ERR_R_MALLOC_FAILURE);
                         return 0;
@@ -270,7 +270,7 @@ UI_dup_verify_string(UI *ui, const char *prompt, int flags,
         char *prompt_copy = NULL;
 
         if (prompt) {
-                prompt_copy = BUF_strdup(prompt);
+                prompt_copy = strdup(prompt);
                 if (prompt_copy == NULL) {
                         UIerr(UI_F_UI_DUP_VERIFY_STRING, ERR_R_MALLOC_FAILURE);
                         return -1;
@@ -298,28 +298,28 @@ UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
         char *cancel_chars_copy = NULL;
 
         if (prompt) {
-                prompt_copy = BUF_strdup(prompt);
+                prompt_copy = strdup(prompt);
                 if (prompt_copy == NULL) {
                         UIerr(UI_F_UI_DUP_INPUT_BOOLEAN, ERR_R_MALLOC_FAILURE);
                         goto err;
                 }
         }
         if (action_desc) {
-                action_desc_copy = BUF_strdup(action_desc);
+                action_desc_copy = strdup(action_desc);
                 if (action_desc_copy == NULL) {
                         UIerr(UI_F_UI_DUP_INPUT_BOOLEAN, ERR_R_MALLOC_FAILURE);
                         goto err;
                 }
         }
         if (ok_chars) {
-                ok_chars_copy = BUF_strdup(ok_chars);
+                ok_chars_copy = strdup(ok_chars);
                 if (ok_chars_copy == NULL) {
                         UIerr(UI_F_UI_DUP_INPUT_BOOLEAN, ERR_R_MALLOC_FAILURE);
                         goto err;
                 }
         }
         if (cancel_chars) {
-                cancel_chars_copy = BUF_strdup(cancel_chars);
+                cancel_chars_copy = strdup(cancel_chars);
                 if (cancel_chars_copy == NULL) {
                         UIerr(UI_F_UI_DUP_INPUT_BOOLEAN, ERR_R_MALLOC_FAILURE);
                         goto err;
@@ -350,7 +350,7 @@ UI_dup_info_string(UI *ui, const char *text)
         char *text_copy = NULL;
 
         if (text) {
-                text_copy = BUF_strdup(text);
+                text_copy = strdup(text);
                 if (text_copy == NULL) {
                         UIerr(UI_F_UI_DUP_INFO_STRING, ERR_R_MALLOC_FAILURE);
                         return -1;
@@ -373,7 +373,7 @@ UI_dup_error_string(UI *ui, const char *text)
         char *text_copy = NULL;
 
         if (text) {
-                text_copy = BUF_strdup(text);
+                text_copy = strdup(text);
                 if (text_copy == NULL) {
                         UIerr(UI_F_UI_DUP_ERROR_STRING, ERR_R_MALLOC_FAILURE);
                         return -1;
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_addr.c b/src/lib/libssl/src/crypto/x509v3/v3_addr.c
index 28031a0754..1e016586c7 100644
--- a/src/lib/libssl/src/crypto/x509v3/v3_addr.c
+++ b/src/lib/libssl/src/crypto/x509v3/v3_addr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: v3_addr.c,v 1.12 2014/07/11 08:44:49 jsing Exp $ */
+/* $OpenBSD: v3_addr.c,v 1.13 2014/07/13 16:03:10 beck Exp $ */
 /*
  * Contributed to the OpenSSL Project by the American Registry for
  * Internet Numbers ("ARIN").
@@ -1032,9 +1032,9 @@ v2i_IPAddrBlocks(const struct v3_ext_method *method, struct v3_ext_ctx *ctx,
                                 goto err;
                         }
                         t += strspn(t, " \t");
-                        s = BUF_strdup(t);
+                        s = strdup(t);
                 } else {
-                        s = BUF_strdup(val->value);
+                        s = strdup(val->value);
                 }
                 if (s == NULL) {
                         X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_asid.c b/src/lib/libssl/src/crypto/x509v3/v3_asid.c
index 4ff8f0da37..680eed31ec 100644
--- a/src/lib/libssl/src/crypto/x509v3/v3_asid.c
+++ b/src/lib/libssl/src/crypto/x509v3/v3_asid.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: v3_asid.c,v 1.10 2014/07/11 08:44:49 jsing Exp $ */
+/* $OpenBSD: v3_asid.c,v 1.11 2014/07/13 16:03:10 beck Exp $ */
 /*
  * Contributed to the OpenSSL Project by the American Registry for
  * Internet Numbers ("ARIN").
@@ -643,7 +643,7 @@ v2i_ASIdentifiers(const struct v3_ext_method *method, struct v3_ext_ctx *ctx,
                                 goto err;
                         }
                 } else {
-                        char *s = BUF_strdup(val->value);
+                        char *s = strdup(val->value);
                         if (s == NULL) {
                                 X509V3err(X509V3_F_V2I_ASIDENTIFIERS,
                                     ERR_R_MALLOC_FAILURE);
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_enum.c b/src/lib/libssl/src/crypto/x509v3/v3_enum.c
index 8900d7e01b..c09601edad 100644
--- a/src/lib/libssl/src/crypto/x509v3/v3_enum.c
+++ b/src/lib/libssl/src/crypto/x509v3/v3_enum.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: v3_enum.c,v 1.9 2014/07/11 08:44:49 jsing Exp $ */
+/* $OpenBSD: v3_enum.c,v 1.10 2014/07/13 16:03:10 beck Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
@@ -57,7 +57,7 @@
  */
 
 #include <stdio.h>
-
+#include <string.h>
 #include <openssl/x509v3.h>
 
 static ENUMERATED_NAMES crl_reasons[] = {
@@ -93,7 +93,7 @@ i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *method, ASN1_ENUMERATED *e)
         strval = ASN1_ENUMERATED_get(e);
         for (enam = method->usr_data; enam->lname; enam++) {
                 if (strval == enam->bitnum)
-                        return BUF_strdup(enam->lname);
+                        return strdup(enam->lname);
         }
         return i2s_ASN1_ENUMERATED(method, e);
 }
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_purp.c b/src/lib/libssl/src/crypto/x509v3/v3_purp.c
index 03fb427277..b8db8d69a2 100644
--- a/src/lib/libssl/src/crypto/x509v3/v3_purp.c
+++ b/src/lib/libssl/src/crypto/x509v3/v3_purp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: v3_purp.c,v 1.21 2014/07/11 08:44:49 jsing Exp $ */
+/* $OpenBSD: v3_purp.c,v 1.22 2014/07/13 16:03:10 beck Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2001.
  */
@@ -227,8 +227,8 @@ X509_PURPOSE_add(int id, int trust, int flags,
                 free(ptmp->sname);
         }
         /* dup supplied name */
-        ptmp->name = BUF_strdup(name);
-        ptmp->sname = BUF_strdup(sname);
+        ptmp->name = name ? strdup(name) : NULL;
+        ptmp->sname = sname ? strdup(sname) : NULL;
         if (!ptmp->name || !ptmp->sname) {
                 free(ptmp->name);
                 free(ptmp->sname);
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_utl.c b/src/lib/libssl/src/crypto/x509v3/v3_utl.c
index d9987e32a5..99090f3cd2 100644
--- a/src/lib/libssl/src/crypto/x509v3/v3_utl.c
+++ b/src/lib/libssl/src/crypto/x509v3/v3_utl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: v3_utl.c,v 1.22 2014/07/11 08:44:49 jsing Exp $ */
+/* $OpenBSD: v3_utl.c,v 1.23 2014/07/13 16:03:10 beck Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project.
  */
@@ -87,9 +87,9 @@ X509V3_add_value(const char *name, const char *value,
         CONF_VALUE *vtmp = NULL;
         char *tname = NULL, *tvalue = NULL;
 
-        if (name && !(tname = BUF_strdup(name)))
+        if (name && !(tname = strdup(name)))
                 goto err;
-        if (value && !(tvalue = BUF_strdup(value)))
+        if (value && !(tvalue = strdup(value)))
                 goto err;
         if (!(vtmp = malloc(sizeof(CONF_VALUE))))
                 goto err;
@@ -301,7 +301,10 @@ X509V3_parse_list(const char *line)
         int state;
 
         /* We are going to modify the line so copy it first */
-        linebuf = BUF_strdup(line);
+        if ((linebuf = strdup(line)) == NULL) {
+                X509V3err(X509V3_F_X509V3_PARSE_LIST, ERR_R_MALLOC_FAILURE);
+                goto err;
+        }
         state = HDR_NAME;
         ntmp = NULL;
 
@@ -632,7 +635,7 @@ append_ia5(STACK_OF(OPENSSL_STRING) **sk, ASN1_IA5STRING *email)
         /* Don't add duplicates */
         if (sk_OPENSSL_STRING_find(*sk, (char *)email->data) != -1)
                 return 1;
-        emtmp = BUF_strdup((char *)email->data);
+        emtmp = strdup((char *)email->data);
         if (!emtmp || !sk_OPENSSL_STRING_push(*sk, emtmp)) {
                 X509_email_free(*sk);
                 *sk = NULL;
@@ -686,7 +689,7 @@ a2i_IPADDRESS_NC(const char *ipasc)
         p = strchr(ipasc, '/');
         if (!p)
                 return NULL;
-        iptmp = BUF_strdup(ipasc);
+        iptmp = strdup(ipasc);
         if (!iptmp)
                 return NULL;
         p = iptmp + (p - ipasc);
diff --git a/src/lib/libssl/src/ssl/s3_lib.c b/src/lib/libssl/src/ssl/s3_lib.c
index decdda90a3..8a40b758a9 100644
--- a/src/lib/libssl/src/ssl/s3_lib.c
+++ b/src/lib/libssl/src/ssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.70 2014/07/12 22:33:39 jsing Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.71 2014/07/13 16:03:10 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -2566,7 +2566,7 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
                                     SSL_R_SSL3_EXT_INVALID_SERVERNAME);
                                 return 0;
                         }
-                        if ((s->tlsext_hostname = BUF_strdup((char *)parg))
+                        if ((s->tlsext_hostname = strdup((char *)parg))
                             == NULL) {
                                 SSLerr(SSL_F_SSL3_CTRL,
                                     ERR_R_INTERNAL_ERROR);
diff --git a/src/lib/libssl/src/ssl/ssl_sess.c b/src/lib/libssl/src/ssl/ssl_sess.c
index 101da82b56..d1cd418601 100644
--- a/src/lib/libssl/src/ssl/ssl_sess.c
+++ b/src/lib/libssl/src/ssl/ssl_sess.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_sess.c,v 1.37 2014/07/12 23:59:11 jsing Exp $ */
+/* $OpenBSD: ssl_sess.c,v 1.38 2014/07/13 16:03:10 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -367,7 +367,7 @@ ssl_get_new_session(SSL *s, int session)
 
 sess_id_done:
                 if (s->tlsext_hostname) {
-                        ss->tlsext_hostname = BUF_strdup(s->tlsext_hostname);
+                        ss->tlsext_hostname = strdup(s->tlsext_hostname);
                         if (ss->tlsext_hostname == NULL) {
                                 SSLerr(SSL_F_SSL_GET_NEW_SESSION,
                                     ERR_R_INTERNAL_ERROR);
diff --git a/src/lib/libssl/src/ssl/t1_lib.c b/src/lib/libssl/src/ssl/t1_lib.c
index 46b47a95b7..d82573fdb6 100644
--- a/src/lib/libssl/src/ssl/t1_lib.c
+++ b/src/lib/libssl/src/ssl/t1_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_lib.c,v 1.50 2014/07/12 22:33:39 jsing Exp $ */
+/* $OpenBSD: t1_lib.c,v 1.51 2014/07/13 16:03:10 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1426,7 +1426,8 @@ ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
         if (!s->hit && tlsext_servername == 1) {
                 if (s->tlsext_hostname) {
                         if (s->session->tlsext_hostname == NULL) {
-                                s->session->tlsext_hostname = BUF_strdup(s->tlsext_hostname);
+                                s->session->tlsext_hostname =
+                                    strdup(s->tlsext_hostname);
 
                                 if (!s->session->tlsext_hostname) {
                                         *al = SSL_AD_UNRECOGNIZED_NAME;
diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c
index 101da82b56..d1cd418601 100644
--- a/src/lib/libssl/ssl_sess.c
+++ b/src/lib/libssl/ssl_sess.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_sess.c,v 1.37 2014/07/12 23:59:11 jsing Exp $ */
+/* $OpenBSD: ssl_sess.c,v 1.38 2014/07/13 16:03:10 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -367,7 +367,7 @@ ssl_get_new_session(SSL *s, int session)
 
 sess_id_done:
                 if (s->tlsext_hostname) {
-                        ss->tlsext_hostname = BUF_strdup(s->tlsext_hostname);
+                        ss->tlsext_hostname = strdup(s->tlsext_hostname);
                         if (ss->tlsext_hostname == NULL) {
                                 SSLerr(SSL_F_SSL_GET_NEW_SESSION,
                                     ERR_R_INTERNAL_ERROR);
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index 46b47a95b7..d82573fdb6 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_lib.c,v 1.50 2014/07/12 22:33:39 jsing Exp $ */
+/* $OpenBSD: t1_lib.c,v 1.51 2014/07/13 16:03:10 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1426,7 +1426,8 @@ ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
         if (!s->hit && tlsext_servername == 1) {
                 if (s->tlsext_hostname) {
                         if (s->session->tlsext_hostname == NULL) {
-                                s->session->tlsext_hostname = BUF_strdup(s->tlsext_hostname);
+                                s->session->tlsext_hostname =
+                                    strdup(s->tlsext_hostname);
 
                                 if (!s->session->tlsext_hostname) {
                                         *al = SSL_AD_UNRECOGNIZED_NAME;