Temporarily revive MD4 for MS CHAP support.

author: doug <> 2015-09-14 01:45:03 +0000
committer: doug <> 2015-09-14 01:45:03 +0000
commit: ccf0b47cd77c8c167d186cc3f01dfc310ee5b29f (patch)
tree: 587478d440edfb518946564a3da5958afa932346 /src/lib
parent: 516aee833d4c8a3fa73b13184ca096bf2ad7f1f2 (diff)
download: openbsd-ccf0b47cd77c8c167d186cc3f01dfc310ee5b29f.tar.gz
openbsd-ccf0b47cd77c8c167d186cc3f01dfc310ee5b29f.tar.bz2
openbsd-ccf0b47cd77c8c167d186cc3f01dfc310ee5b29f.zip
27 files changed, 1320 insertions, 42 deletions
diff --git a/src/lib/libcrypto/crypto/Makefile b/src/lib/libcrypto/crypto/Makefile
index 121aaf1d0a..9a58b30627 100644
--- a/src/lib/libcrypto/crypto/Makefile
+++ b/src/lib/libcrypto/crypto/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.64 2015/09/13 23:36:21 doug Exp $
+# $OpenBSD: Makefile,v 1.65 2015/09/14 01:45:03 doug Exp $
 LIB=    crypto
@@ -144,7 +144,7 @@ SRCS+= encode.c digest.c evp_enc.c evp_key.c
 SRCS+= e_des.c e_bf.c e_idea.c e_des3.c e_camellia.c
 SRCS+= e_rc4.c e_aes.c names.c
 SRCS+= e_xcbc_d.c e_rc2.c e_cast.c
-SRCS+= m_null.c m_md5.c m_sha1.c m_wp.c
+SRCS+= m_null.c m_md4.c m_md5.c m_sha1.c m_wp.c
 SRCS+= m_dss.c m_dss1.c m_ripemd.c m_ecdsa.c
 SRCS+= p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c
 SRCS+= bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c
@@ -173,6 +173,9 @@ SRCS+= krb5_asn.c
 # lhash/
 SRCS+= lhash.c lh_stats.c
+# md4/
+SRCS+= md4_dgst.c md4_one.c
 # md5/
 SRCS+= md5_dgst.c md5_one.c
@@ -283,6 +286,7 @@ SRCS+= pcy_cache.c pcy_node.c pcy_data.c pcy_map.c pcy_tree.c pcy_lib.c
        ${LCRYPTO_SRC}/idea \
        ${LCRYPTO_SRC}/krb5 \
        ${LCRYPTO_SRC}/lhash \
+        ${LCRYPTO_SRC}/md4 \
        ${LCRYPTO_SRC}/md5 \
        ${LCRYPTO_SRC}/modes \
        ${LCRYPTO_SRC}/objects \
@@ -340,6 +344,7 @@ HDRS=\
        crypto/idea/idea.h \
        crypto/krb5/krb5_asn.h \
        crypto/lhash/lhash.h \
+        crypto/md4/md4.h \
        crypto/md5/md5.h \
        crypto/modes/modes.h \
        crypto/objects/objects.h \
diff --git a/src/lib/libcrypto/doc/MD5.pod b/src/lib/libcrypto/doc/MD5.pod
index 056f94bd9e..b0edd5416f 100644
--- a/src/lib/libcrypto/doc/MD5.pod
+++ b/src/lib/libcrypto/doc/MD5.pod
@@ -2,10 +2,33 @@
 =head1 NAME
-MD5, MD5_Init, MD5_Update, MD5_Final - MD5 hash functions
+MD2, MD4, MD5, MD2_Init, MD2_Update, MD2_Final, MD4_Init, MD4_Update,
+MD4_Final, MD5_Init, MD5_Update, MD5_Final - MD2, MD4, and MD5 hash functions
 =head1 SYNOPSIS
+ #include <openssl/md2.h>
+ unsigned char *MD2(const unsigned char *d, unsigned long n,
+                  unsigned char *md);
+ int MD2_Init(MD2_CTX *c);
+ int MD2_Update(MD2_CTX *c, const unsigned char *data,
+                  unsigned long len);
+ int MD2_Final(unsigned char *md, MD2_CTX *c);
+ #include <openssl/md4.h>
+ unsigned char *MD4(const unsigned char *d, unsigned long n,
+                  unsigned char *md);
+ int MD4_Init(MD4_CTX *c);
+ int MD4_Update(MD4_CTX *c, const void *data,
+                  unsigned long len);
+ int MD4_Final(unsigned char *md, MD4_CTX *c);
 #include <openssl/md5.h>
 unsigned char *MD5(const unsigned char *d, unsigned long n,
@@ -18,43 +41,61 @@ MD5, MD5_Init, MD5_Update, MD5_Final - MD5 hash functions
 =head1 DESCRIPTION
-MD5 is a cryptographic hash function with a 128 bit output.
+MD2, MD4, and MD5 are cryptographic hash functions with a 128 bit output.
-MD5() computes the MD5 message digest of the B<n> bytes at B<d> and
+MD2(), MD4(), and MD5() compute the MD2, MD4, and MD5 message digest
-places it in B<md> (which must have space for MD5_DIGEST_LENGTH == 16
+of the B<n> bytes at B<d> and place it in B<md> (which must have space
+for MD2_DIGEST_LENGTH == MD4_DIGEST_LENGTH == MD5_DIGEST_LENGTH == 16
 bytes of output). If B<md> is NULL, the digest is placed in a static
 array.
 The following functions may be used if the message is not completely
 stored in memory:
+MD2_Init() initializes a B<MD2_CTX> structure.
+MD2_Update() can be called repeatedly with chunks of the message to
+be hashed (B<len> bytes at B<data>).
+MD2_Final() places the message digest in B<md>, which must have space
+for MD2_DIGEST_LENGTH == 16 bytes of output, and erases the B<MD2_CTX>.
+MD4_Init(), MD4_Update(), MD4_Final(), MD5_Init(), MD5_Update(), and
+MD5_Final() are analogous using an B<MD4_CTX> and B<MD5_CTX> structure.
 Applications should use the higher level functions
 L<EVP_DigestInit(3)|EVP_DigestInit(3)>
 etc. instead of calling the hash functions directly.
 =head1 NOTE
-MD5 is recommended only for compatibility with legacy applications.
+MD2, MD4, and MD5 are recommended only for compatibility with existing
-In new applications, SHA-2 should be preferred.
+applications. In new applications, SHA-1 or RIPEMD-160 should be
+preferred.
 =head1 RETURN VALUES
-MD5() returns a pointer to the hash value.
+MD2(), MD4(), and MD5() return pointers to the hash value.
-MD5_Init(), MD5_Update(), and MD5_Final() return 1 for success, 0
+MD2_Init(), MD2_Update(), MD2_Final(), MD4_Init(), MD4_Update(),
-otherwise.
+MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() return 1 for
+success, 0 otherwise.
 =head1 CONFORMING TO
-RFC 1321
+RFC 1319, RFC 1320, RFC 1321
 =head1 SEE ALSO
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>
+L<sha(3)|sha(3)>, L<ripemd(3)|ripemd(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>
 =head1 HISTORY
-MD5(), MD5_Init(), MD5_Update() and MD5_Final() are available in all
+MD2(), MD2_Init(), MD2_Update() MD2_Final(), MD5(), MD5_Init(),
-versions of OpenSSL.
+MD5_Update() and MD5_Final() are available in all versions of SSLeay
+and OpenSSL.
+MD4(), MD4_Init(), and MD4_Update() are available in OpenSSL 0.9.6 and
+above.
 =cut
diff --git a/src/lib/libcrypto/evp/c_all.c b/src/lib/libcrypto/evp/c_all.c
index 6b23460210..b83195b370 100644
--- a/src/lib/libcrypto/evp/c_all.c
+++ b/src/lib/libcrypto/evp/c_all.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: c_all.c,v 1.19 2015/09/13 23:36:21 doug Exp $ */
+/* $OpenBSD: c_all.c,v 1.20 2015/09/14 01:45:03 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -228,6 +228,10 @@ OpenSSL_add_all_ciphers(void)
 void
 OpenSSL_add_all_digests(void)
 {
+#ifndef OPENSSL_NO_MD4
+        EVP_add_digest(EVP_md4());
+#endif
 #ifndef OPENSSL_NO_MD5
        EVP_add_digest(EVP_md5());
        EVP_add_digest_alias(SN_md5, "ssl2-md5");
diff --git a/src/lib/libcrypto/evp/evp.h b/src/lib/libcrypto/evp/evp.h
index 381d4a45c1..2ddbf6142e 100644
--- a/src/lib/libcrypto/evp/evp.h
+++ b/src/lib/libcrypto/evp/evp.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: evp.h,v 1.47 2015/09/13 23:36:21 doug Exp $ */
+/* $OpenBSD: evp.h,v 1.48 2015/09/14 01:45:03 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -648,6 +648,9 @@ void BIO_set_cipher(BIO *b, const EVP_CIPHER *c, const unsigned char *k,
 #endif
 const EVP_MD *EVP_md_null(void);
+#ifndef OPENSSL_NO_MD4
+const EVP_MD *EVP_md4(void);
+#endif
 #ifndef OPENSSL_NO_MD5
 const EVP_MD *EVP_md5(void);
 #endif
diff --git a/src/lib/libcrypto/evp/m_md4.c b/src/lib/libcrypto/evp/m_md4.c
new file mode 100644
index 0000000000..ab3cc852be
--- /dev/null
+++ b/src/lib/libcrypto/evp/m_md4.c
@@ -0,0 +1,118 @@
+/* $OpenBSD: m_md4.c,v 1.16 2015/09/14 01:45:03 doug Exp $ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include <openssl/opensslconf.h>
+#ifndef OPENSSL_NO_MD4
+#include <openssl/evp.h>
+#include <openssl/md4.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+#ifndef OPENSSL_NO_RSA
+#include <openssl/rsa.h>
+#endif
+static int
+init(EVP_MD_CTX *ctx)
+{
+        return MD4_Init(ctx->md_data);
+}
+static int
+update(EVP_MD_CTX *ctx, const void *data, size_t count)
+{
+        return MD4_Update(ctx->md_data, data, count);
+}
+static int
+final(EVP_MD_CTX *ctx, unsigned char *md)
+{
+        return MD4_Final(md, ctx->md_data);
+}
+static const EVP_MD md4_md = {
+        .type = NID_md4,
+        .pkey_type = NID_md4WithRSAEncryption,
+        .md_size = MD4_DIGEST_LENGTH,
+        .flags = 0,
+        .init = init,
+        .update = update,
+        .final = final,
+        .copy = NULL,
+        .cleanup = NULL,
+#ifndef OPENSSL_NO_RSA
+        .sign = (evp_sign_method *)RSA_sign,
+        .verify = (evp_verify_method *)RSA_verify,
+        .required_pkey_type = {
+                EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0,
+        },
+#endif
+        .block_size = MD4_CBLOCK,
+        .ctx_size = sizeof(EVP_MD *) + sizeof(MD4_CTX),
+};
+const EVP_MD *
+EVP_md4(void)
+{
+        return (&md4_md);
+}
+#endif
diff --git a/src/lib/libcrypto/man/Makefile b/src/lib/libcrypto/man/Makefile
index 101f79b6ff..01e5fef270 100644
--- a/src/lib/libcrypto/man/Makefile
+++ b/src/lib/libcrypto/man/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.22 2015/09/13 23:36:21 doug Exp $
+# $OpenBSD: Makefile,v 1.23 2015/09/14 01:45:03 doug Exp $
 .include <bsd.own.mk>           # for NOMAN
@@ -642,9 +642,11 @@ MLINKS+=\
        EVP_DigestInit.3 EVP_get_digestbyname.3 \
        EVP_DigestInit.3 EVP_get_digestbynid.3 \
        EVP_DigestInit.3 EVP_get_digestbyobj.3 \
+        EVP_DigestInit.3 EVP_md2.3 \
        EVP_DigestInit.3 EVP_md5.3 \
        EVP_DigestInit.3 EVP_md_null.3 \
        EVP_DigestInit.3 EVP_ripemd160.3 \
+        EVP_DigestInit.3 EVP_sha.3 \
        EVP_DigestInit.3 EVP_sha1.3 \
        EVP_DigestSignInit.3 EVP_DigestSignUpdate.3 \
        EVP_DigestSignInit.3 EVP_DigestSignFinal.3 \
@@ -793,6 +795,14 @@ MLINKS+=\
        HMAC.3 HMAC_Init.3 \
        HMAC.3 HMAC_Update.3 \
        HMAC.3 HMAC_cleanup.3 \
+        MD5.3 MD2.3 \
+        MD5.3 MD2_Final.3 \
+        MD5.3 MD2_Init.3 \
+        MD5.3 MD2_Update.3 \
+        MD5.3 MD4.3 \
+        MD5.3 MD4_Final.3 \
+        MD5.3 MD4_Init.3 \
+        MD5.3 MD4_Update.3 \
        MD5.3 MD5_Final.3 \
        MD5.3 MD5_Init.3 \
        MD5.3 MD5_Update.3 \
diff --git a/src/lib/libcrypto/md4/md4.h b/src/lib/libcrypto/md4/md4.h
new file mode 100644
index 0000000000..04aacc9801
--- /dev/null
+++ b/src/lib/libcrypto/md4/md4.h
@@ -0,0 +1,103 @@
+/* $OpenBSD: md4.h,v 1.16 2015/09/14 01:45:03 doug Exp $ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stddef.h>
+#ifndef HEADER_MD4_H
+#define HEADER_MD4_H
+#include <openssl/opensslconf.h>
+#ifdef  __cplusplus
+extern "C" {
+#endif
+#ifdef OPENSSL_NO_MD4
+#error MD4 is disabled.
+#endif
+/*
+ * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+ * ! MD4_LONG has to be at least 32 bits wide.                     !
+ * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+ */
+#define MD4_LONG unsigned int
+#define MD4_CBLOCK      64
+#define MD4_LBLOCK      (MD4_CBLOCK/4)
+#define MD4_DIGEST_LENGTH 16
+typedef struct MD4state_st
+        {
+        MD4_LONG A,B,C,D;
+        MD4_LONG Nl,Nh;
+        MD4_LONG data[MD4_LBLOCK];
+        unsigned int num;
+        } MD4_CTX;
+int MD4_Init(MD4_CTX *c);
+int MD4_Update(MD4_CTX *c, const void *data, size_t len);
+int MD4_Final(unsigned char *md, MD4_CTX *c);
+unsigned char *MD4(const unsigned char *d, size_t n, unsigned char *md);
+void MD4_Transform(MD4_CTX *c, const unsigned char *b);
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/src/lib/libcrypto/md4/md4_dgst.c b/src/lib/libcrypto/md4/md4_dgst.c
new file mode 100644
index 0000000000..4d3801fc26
--- /dev/null
+++ b/src/lib/libcrypto/md4/md4_dgst.c
@@ -0,0 +1,167 @@
+/* $OpenBSD: md4_dgst.c,v 1.16 2015/09/14 01:45:03 doug Exp $ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include <openssl/opensslv.h>
+#include <openssl/crypto.h>
+#include "md4_locl.h"
+/* Implemented from RFC1186 The MD4 Message-Digest Algorithm
+ */
+#define INIT_DATA_A (unsigned long)0x67452301L
+#define INIT_DATA_B (unsigned long)0xefcdab89L
+#define INIT_DATA_C (unsigned long)0x98badcfeL
+#define INIT_DATA_D (unsigned long)0x10325476L
+int MD4_Init(MD4_CTX *c)
+        {
+        memset (c,0,sizeof(*c));
+        c->A=INIT_DATA_A;
+        c->B=INIT_DATA_B;
+        c->C=INIT_DATA_C;
+        c->D=INIT_DATA_D;
+        return 1;
+        }
+#ifndef md4_block_data_order
+#ifdef X
+#undef X
+#endif
+void md4_block_data_order (MD4_CTX *c, const void *data_, size_t num)
+        {
+        const unsigned char *data=data_;
+        unsigned MD32_REG_T A,B,C,D,l;
+#ifndef MD32_XARRAY
+        /* See comment in crypto/sha/sha_locl.h for details. */
+        unsigned MD32_REG_T     XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
+                                XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
+# define X(i)   XX##i
+#else
+        MD4_LONG XX[MD4_LBLOCK];
+# define X(i)   XX[i]
+#endif
+        A=c->A;
+        B=c->B;
+        C=c->C;
+        D=c->D;
+        for (;num--;)
+                {
+        HOST_c2l(data,l); X( 0)=l;
+        HOST_c2l(data,l); X( 1)=l;
+        /* Round 0 */
+        R0(A,B,C,D,X( 0), 3,0); HOST_c2l(data,l); X( 2)=l;
+        R0(D,A,B,C,X( 1), 7,0); HOST_c2l(data,l); X( 3)=l;
+        R0(C,D,A,B,X( 2),11,0); HOST_c2l(data,l); X( 4)=l;
+        R0(B,C,D,A,X( 3),19,0); HOST_c2l(data,l); X( 5)=l;
+        R0(A,B,C,D,X( 4), 3,0); HOST_c2l(data,l); X( 6)=l;
+        R0(D,A,B,C,X( 5), 7,0); HOST_c2l(data,l); X( 7)=l;
+        R0(C,D,A,B,X( 6),11,0); HOST_c2l(data,l); X( 8)=l;
+        R0(B,C,D,A,X( 7),19,0); HOST_c2l(data,l); X( 9)=l;
+        R0(A,B,C,D,X( 8), 3,0); HOST_c2l(data,l); X(10)=l;
+        R0(D,A,B,C,X( 9), 7,0); HOST_c2l(data,l); X(11)=l;
+        R0(C,D,A,B,X(10),11,0); HOST_c2l(data,l); X(12)=l;
+        R0(B,C,D,A,X(11),19,0); HOST_c2l(data,l); X(13)=l;
+        R0(A,B,C,D,X(12), 3,0); HOST_c2l(data,l); X(14)=l;
+        R0(D,A,B,C,X(13), 7,0); HOST_c2l(data,l); X(15)=l;
+        R0(C,D,A,B,X(14),11,0);
+        R0(B,C,D,A,X(15),19,0);
+        /* Round 1 */
+        R1(A,B,C,D,X( 0), 3,0x5A827999L);
+        R1(D,A,B,C,X( 4), 5,0x5A827999L);
+        R1(C,D,A,B,X( 8), 9,0x5A827999L);
+        R1(B,C,D,A,X(12),13,0x5A827999L);
+        R1(A,B,C,D,X( 1), 3,0x5A827999L);
+        R1(D,A,B,C,X( 5), 5,0x5A827999L);
+        R1(C,D,A,B,X( 9), 9,0x5A827999L);
+        R1(B,C,D,A,X(13),13,0x5A827999L);
+        R1(A,B,C,D,X( 2), 3,0x5A827999L);
+        R1(D,A,B,C,X( 6), 5,0x5A827999L);
+        R1(C,D,A,B,X(10), 9,0x5A827999L);
+        R1(B,C,D,A,X(14),13,0x5A827999L);
+        R1(A,B,C,D,X( 3), 3,0x5A827999L);
+        R1(D,A,B,C,X( 7), 5,0x5A827999L);
+        R1(C,D,A,B,X(11), 9,0x5A827999L);
+        R1(B,C,D,A,X(15),13,0x5A827999L);
+        /* Round 2 */
+        R2(A,B,C,D,X( 0), 3,0x6ED9EBA1L);
+        R2(D,A,B,C,X( 8), 9,0x6ED9EBA1L);
+        R2(C,D,A,B,X( 4),11,0x6ED9EBA1L);
+        R2(B,C,D,A,X(12),15,0x6ED9EBA1L);
+        R2(A,B,C,D,X( 2), 3,0x6ED9EBA1L);
+        R2(D,A,B,C,X(10), 9,0x6ED9EBA1L);
+        R2(C,D,A,B,X( 6),11,0x6ED9EBA1L);
+        R2(B,C,D,A,X(14),15,0x6ED9EBA1L);
+        R2(A,B,C,D,X( 1), 3,0x6ED9EBA1L);
+        R2(D,A,B,C,X( 9), 9,0x6ED9EBA1L);
+        R2(C,D,A,B,X( 5),11,0x6ED9EBA1L);
+        R2(B,C,D,A,X(13),15,0x6ED9EBA1L);
+        R2(A,B,C,D,X( 3), 3,0x6ED9EBA1L);
+        R2(D,A,B,C,X(11), 9,0x6ED9EBA1L);
+        R2(C,D,A,B,X( 7),11,0x6ED9EBA1L);
+        R2(B,C,D,A,X(15),15,0x6ED9EBA1L);
+        A = c->A += A;
+        B = c->B += B;
+        C = c->C += C;
+        D = c->D += D;
+                }
+        }
+#endif
diff --git a/src/lib/libcrypto/md4/md4_locl.h b/src/lib/libcrypto/md4/md4_locl.h
new file mode 100644
index 0000000000..ef574c040d
--- /dev/null
+++ b/src/lib/libcrypto/md4/md4_locl.h
@@ -0,0 +1,108 @@
+/* $OpenBSD: md4_locl.h,v 1.9 2015/09/14 01:45:03 doug Exp $ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/opensslconf.h>
+#include <openssl/md4.h>
+void md4_block_data_order (MD4_CTX *c, const void *p,size_t num);
+#define DATA_ORDER_IS_LITTLE_ENDIAN
+#define HASH_LONG               MD4_LONG
+#define HASH_CTX                MD4_CTX
+#define HASH_CBLOCK             MD4_CBLOCK
+#define HASH_UPDATE             MD4_Update
+#define HASH_TRANSFORM          MD4_Transform
+#define HASH_FINAL              MD4_Final
+#define HASH_MAKE_STRING(c,s)   do {    \
+        unsigned long ll;               \
+        ll=(c)->A; HOST_l2c(ll,(s));    \
+        ll=(c)->B; HOST_l2c(ll,(s));    \
+        ll=(c)->C; HOST_l2c(ll,(s));    \
+        ll=(c)->D; HOST_l2c(ll,(s));    \
+        } while (0)
+#define HASH_BLOCK_DATA_ORDER   md4_block_data_order
+#include "md32_common.h"
+/*
+#define F(x,y,z)        (((x) & (y))  |  ((~(x)) & (z)))
+#define G(x,y,z)        (((x) & (y))  |  ((x) & ((z))) | ((y) & ((z))))
+*/
+/* As pointed out by Wei Dai <weidai@eskimo.com>, the above can be
+ * simplified to the code below.  Wei attributes these optimizations
+ * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
+ */
+#define F(b,c,d)        ((((c) ^ (d)) & (b)) ^ (d))
+#define G(b,c,d)        (((b) & (c)) | ((b) & (d)) | ((c) & (d)))
+#define H(b,c,d)        ((b) ^ (c) ^ (d))
+#define R0(a,b,c,d,k,s,t) { \
+        a+=((k)+(t)+F((b),(c),(d))); \
+        a=ROTATE(a,s); };
+#define R1(a,b,c,d,k,s,t) { \
+        a+=((k)+(t)+G((b),(c),(d))); \
+        a=ROTATE(a,s); };\
+#define R2(a,b,c,d,k,s,t) { \
+        a+=((k)+(t)+H((b),(c),(d))); \
+        a=ROTATE(a,s); };
diff --git a/src/lib/libcrypto/md4/md4_one.c b/src/lib/libcrypto/md4/md4_one.c
new file mode 100644
index 0000000000..c1fd6f3e52
--- /dev/null
+++ b/src/lib/libcrypto/md4/md4_one.c
@@ -0,0 +1,77 @@
+/* $OpenBSD: md4_one.c,v 1.10 2015/09/14 01:45:03 doug Exp $ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include <string.h>
+#include <openssl/md4.h>
+#include <openssl/crypto.h>
+unsigned char *MD4(const unsigned char *d, size_t n, unsigned char *md)
+        {
+        MD4_CTX c;
+        static unsigned char m[MD4_DIGEST_LENGTH];
+        if (md == NULL) md=m;
+        if (!MD4_Init(&c))
+                return NULL;
+        MD4_Update(&c,d,n);
+        MD4_Final(md,&c);
+        explicit_bzero(&c,sizeof(c));
+        return(md);
+        }
diff --git a/src/lib/libcrypto/opensslfeatures.h b/src/lib/libcrypto/opensslfeatures.h
index 3d1972f661..ba4dbba959 100644
--- a/src/lib/libcrypto/opensslfeatures.h
+++ b/src/lib/libcrypto/opensslfeatures.h
@@ -6,7 +6,6 @@
 # define OPENSSL_NO_JPAKE
 # define OPENSSL_NO_KRB5
 # define OPENSSL_NO_MD2
-# define OPENSSL_NO_MD4
 # define OPENSSL_NO_MDC2
 # define OPENSSL_NO_PSK
 # define OPENSSL_NO_RC5
diff --git a/src/lib/libssl/doc/standards.txt b/src/lib/libssl/doc/standards.txt
index e9eacc5840..7bada8d35f 100644
--- a/src/lib/libssl/doc/standards.txt
+++ b/src/lib/libssl/doc/standards.txt
@@ -27,6 +27,12 @@ Implemented:
 These are documents that describe things that are implemented (in
 whole or at least great parts) in OpenSSL.
+1319 The MD2 Message-Digest Algorithm. B. Kaliski. April 1992.
+     (Format: TXT=25661 bytes) (Status: INFORMATIONAL)
+1320 The MD4 Message-Digest Algorithm. R. Rivest. April 1992. (Format:
+     TXT=32407 bytes) (Status: INFORMATIONAL)
 1321 The MD5 Message-Digest Algorithm. R. Rivest. April 1992. (Format:
     TXT=35222 bytes) (Status: INFORMATIONAL)
diff --git a/src/lib/libssl/src/crypto/evp/c_all.c b/src/lib/libssl/src/crypto/evp/c_all.c
index 6b23460210..b83195b370 100644
--- a/src/lib/libssl/src/crypto/evp/c_all.c
+++ b/src/lib/libssl/src/crypto/evp/c_all.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: c_all.c,v 1.19 2015/09/13 23:36:21 doug Exp $ */
+/* $OpenBSD: c_all.c,v 1.20 2015/09/14 01:45:03 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -228,6 +228,10 @@ OpenSSL_add_all_ciphers(void)
 void
 OpenSSL_add_all_digests(void)
 {
+#ifndef OPENSSL_NO_MD4
+        EVP_add_digest(EVP_md4());
+#endif
 #ifndef OPENSSL_NO_MD5
        EVP_add_digest(EVP_md5());
        EVP_add_digest_alias(SN_md5, "ssl2-md5");
diff --git a/src/lib/libssl/src/crypto/evp/evp.h b/src/lib/libssl/src/crypto/evp/evp.h
index 381d4a45c1..2ddbf6142e 100644
--- a/src/lib/libssl/src/crypto/evp/evp.h
+++ b/src/lib/libssl/src/crypto/evp/evp.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: evp.h,v 1.47 2015/09/13 23:36:21 doug Exp $ */
+/* $OpenBSD: evp.h,v 1.48 2015/09/14 01:45:03 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -648,6 +648,9 @@ void BIO_set_cipher(BIO *b, const EVP_CIPHER *c, const unsigned char *k,
 #endif
 const EVP_MD *EVP_md_null(void);
+#ifndef OPENSSL_NO_MD4
+const EVP_MD *EVP_md4(void);
+#endif
 #ifndef OPENSSL_NO_MD5
 const EVP_MD *EVP_md5(void);
 #endif
diff --git a/src/lib/libssl/src/crypto/evp/m_md4.c b/src/lib/libssl/src/crypto/evp/m_md4.c
new file mode 100644
index 0000000000..ab3cc852be
--- /dev/null
+++ b/src/lib/libssl/src/crypto/evp/m_md4.c
@@ -0,0 +1,118 @@
+/* $OpenBSD: m_md4.c,v 1.16 2015/09/14 01:45:03 doug Exp $ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include <openssl/opensslconf.h>
+#ifndef OPENSSL_NO_MD4
+#include <openssl/evp.h>
+#include <openssl/md4.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+#ifndef OPENSSL_NO_RSA
+#include <openssl/rsa.h>
+#endif
+static int
+init(EVP_MD_CTX *ctx)
+{
+        return MD4_Init(ctx->md_data);
+}
+static int
+update(EVP_MD_CTX *ctx, const void *data, size_t count)
+{
+        return MD4_Update(ctx->md_data, data, count);
+}
+static int
+final(EVP_MD_CTX *ctx, unsigned char *md)
+{
+        return MD4_Final(md, ctx->md_data);
+}
+static const EVP_MD md4_md = {
+        .type = NID_md4,
+        .pkey_type = NID_md4WithRSAEncryption,
+        .md_size = MD4_DIGEST_LENGTH,
+        .flags = 0,
+        .init = init,
+        .update = update,
+        .final = final,
+        .copy = NULL,
+        .cleanup = NULL,
+#ifndef OPENSSL_NO_RSA
+        .sign = (evp_sign_method *)RSA_sign,
+        .verify = (evp_verify_method *)RSA_verify,
+        .required_pkey_type = {
+                EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0,
+        },
+#endif
+        .block_size = MD4_CBLOCK,
+        .ctx_size = sizeof(EVP_MD *) + sizeof(MD4_CTX),
+};
+const EVP_MD *
+EVP_md4(void)
+{
+        return (&md4_md);
+}
+#endif
diff --git a/src/lib/libssl/src/crypto/md4/md4.h b/src/lib/libssl/src/crypto/md4/md4.h
new file mode 100644
index 0000000000..04aacc9801
--- /dev/null
+++ b/src/lib/libssl/src/crypto/md4/md4.h
@@ -0,0 +1,103 @@
+/* $OpenBSD: md4.h,v 1.16 2015/09/14 01:45:03 doug Exp $ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stddef.h>
+#ifndef HEADER_MD4_H
+#define HEADER_MD4_H
+#include <openssl/opensslconf.h>
+#ifdef  __cplusplus
+extern "C" {
+#endif
+#ifdef OPENSSL_NO_MD4
+#error MD4 is disabled.
+#endif
+/*
+ * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+ * ! MD4_LONG has to be at least 32 bits wide.                     !
+ * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+ */
+#define MD4_LONG unsigned int
+#define MD4_CBLOCK      64
+#define MD4_LBLOCK      (MD4_CBLOCK/4)
+#define MD4_DIGEST_LENGTH 16
+typedef struct MD4state_st
+        {
+        MD4_LONG A,B,C,D;
+        MD4_LONG Nl,Nh;
+        MD4_LONG data[MD4_LBLOCK];
+        unsigned int num;
+        } MD4_CTX;
+int MD4_Init(MD4_CTX *c);
+int MD4_Update(MD4_CTX *c, const void *data, size_t len);
+int MD4_Final(unsigned char *md, MD4_CTX *c);
+unsigned char *MD4(const unsigned char *d, size_t n, unsigned char *md);
+void MD4_Transform(MD4_CTX *c, const unsigned char *b);
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/src/lib/libssl/src/crypto/md4/md4_dgst.c b/src/lib/libssl/src/crypto/md4/md4_dgst.c
new file mode 100644
index 0000000000..4d3801fc26
--- /dev/null
+++ b/src/lib/libssl/src/crypto/md4/md4_dgst.c
@@ -0,0 +1,167 @@
+/* $OpenBSD: md4_dgst.c,v 1.16 2015/09/14 01:45:03 doug Exp $ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include <openssl/opensslv.h>
+#include <openssl/crypto.h>
+#include "md4_locl.h"
+/* Implemented from RFC1186 The MD4 Message-Digest Algorithm
+ */
+#define INIT_DATA_A (unsigned long)0x67452301L
+#define INIT_DATA_B (unsigned long)0xefcdab89L
+#define INIT_DATA_C (unsigned long)0x98badcfeL
+#define INIT_DATA_D (unsigned long)0x10325476L
+int MD4_Init(MD4_CTX *c)
+        {
+        memset (c,0,sizeof(*c));
+        c->A=INIT_DATA_A;
+        c->B=INIT_DATA_B;
+        c->C=INIT_DATA_C;
+        c->D=INIT_DATA_D;
+        return 1;
+        }
+#ifndef md4_block_data_order
+#ifdef X
+#undef X
+#endif
+void md4_block_data_order (MD4_CTX *c, const void *data_, size_t num)
+        {
+        const unsigned char *data=data_;
+        unsigned MD32_REG_T A,B,C,D,l;
+#ifndef MD32_XARRAY
+        /* See comment in crypto/sha/sha_locl.h for details. */
+        unsigned MD32_REG_T     XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
+                                XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
+# define X(i)   XX##i
+#else
+        MD4_LONG XX[MD4_LBLOCK];
+# define X(i)   XX[i]
+#endif
+        A=c->A;
+        B=c->B;
+        C=c->C;
+        D=c->D;
+        for (;num--;)
+                {
+        HOST_c2l(data,l); X( 0)=l;
+        HOST_c2l(data,l); X( 1)=l;
+        /* Round 0 */
+        R0(A,B,C,D,X( 0), 3,0); HOST_c2l(data,l); X( 2)=l;
+        R0(D,A,B,C,X( 1), 7,0); HOST_c2l(data,l); X( 3)=l;
+        R0(C,D,A,B,X( 2),11,0); HOST_c2l(data,l); X( 4)=l;
+        R0(B,C,D,A,X( 3),19,0); HOST_c2l(data,l); X( 5)=l;
+        R0(A,B,C,D,X( 4), 3,0); HOST_c2l(data,l); X( 6)=l;
+        R0(D,A,B,C,X( 5), 7,0); HOST_c2l(data,l); X( 7)=l;
+        R0(C,D,A,B,X( 6),11,0); HOST_c2l(data,l); X( 8)=l;
+        R0(B,C,D,A,X( 7),19,0); HOST_c2l(data,l); X( 9)=l;
+        R0(A,B,C,D,X( 8), 3,0); HOST_c2l(data,l); X(10)=l;
+        R0(D,A,B,C,X( 9), 7,0); HOST_c2l(data,l); X(11)=l;
+        R0(C,D,A,B,X(10),11,0); HOST_c2l(data,l); X(12)=l;
+        R0(B,C,D,A,X(11),19,0); HOST_c2l(data,l); X(13)=l;
+        R0(A,B,C,D,X(12), 3,0); HOST_c2l(data,l); X(14)=l;
+        R0(D,A,B,C,X(13), 7,0); HOST_c2l(data,l); X(15)=l;
+        R0(C,D,A,B,X(14),11,0);
+        R0(B,C,D,A,X(15),19,0);
+        /* Round 1 */
+        R1(A,B,C,D,X( 0), 3,0x5A827999L);
+        R1(D,A,B,C,X( 4), 5,0x5A827999L);
+        R1(C,D,A,B,X( 8), 9,0x5A827999L);
+        R1(B,C,D,A,X(12),13,0x5A827999L);
+        R1(A,B,C,D,X( 1), 3,0x5A827999L);
+        R1(D,A,B,C,X( 5), 5,0x5A827999L);
+        R1(C,D,A,B,X( 9), 9,0x5A827999L);
+        R1(B,C,D,A,X(13),13,0x5A827999L);
+        R1(A,B,C,D,X( 2), 3,0x5A827999L);
+        R1(D,A,B,C,X( 6), 5,0x5A827999L);
+        R1(C,D,A,B,X(10), 9,0x5A827999L);
+        R1(B,C,D,A,X(14),13,0x5A827999L);
+        R1(A,B,C,D,X( 3), 3,0x5A827999L);
+        R1(D,A,B,C,X( 7), 5,0x5A827999L);
+        R1(C,D,A,B,X(11), 9,0x5A827999L);
+        R1(B,C,D,A,X(15),13,0x5A827999L);
+        /* Round 2 */
+        R2(A,B,C,D,X( 0), 3,0x6ED9EBA1L);
+        R2(D,A,B,C,X( 8), 9,0x6ED9EBA1L);
+        R2(C,D,A,B,X( 4),11,0x6ED9EBA1L);
+        R2(B,C,D,A,X(12),15,0x6ED9EBA1L);
+        R2(A,B,C,D,X( 2), 3,0x6ED9EBA1L);
+        R2(D,A,B,C,X(10), 9,0x6ED9EBA1L);
+        R2(C,D,A,B,X( 6),11,0x6ED9EBA1L);
+        R2(B,C,D,A,X(14),15,0x6ED9EBA1L);
+        R2(A,B,C,D,X( 1), 3,0x6ED9EBA1L);
+        R2(D,A,B,C,X( 9), 9,0x6ED9EBA1L);
+        R2(C,D,A,B,X( 5),11,0x6ED9EBA1L);
+        R2(B,C,D,A,X(13),15,0x6ED9EBA1L);
+        R2(A,B,C,D,X( 3), 3,0x6ED9EBA1L);
+        R2(D,A,B,C,X(11), 9,0x6ED9EBA1L);
+        R2(C,D,A,B,X( 7),11,0x6ED9EBA1L);
+        R2(B,C,D,A,X(15),15,0x6ED9EBA1L);
+        A = c->A += A;
+        B = c->B += B;
+        C = c->C += C;
+        D = c->D += D;
+                }
+        }
+#endif
diff --git a/src/lib/libssl/src/crypto/md4/md4_locl.h b/src/lib/libssl/src/crypto/md4/md4_locl.h
new file mode 100644
index 0000000000..ef574c040d
--- /dev/null
+++ b/src/lib/libssl/src/crypto/md4/md4_locl.h
@@ -0,0 +1,108 @@
+/* $OpenBSD: md4_locl.h,v 1.9 2015/09/14 01:45:03 doug Exp $ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/opensslconf.h>
+#include <openssl/md4.h>
+void md4_block_data_order (MD4_CTX *c, const void *p,size_t num);
+#define DATA_ORDER_IS_LITTLE_ENDIAN
+#define HASH_LONG               MD4_LONG
+#define HASH_CTX                MD4_CTX
+#define HASH_CBLOCK             MD4_CBLOCK
+#define HASH_UPDATE             MD4_Update
+#define HASH_TRANSFORM          MD4_Transform
+#define HASH_FINAL              MD4_Final
+#define HASH_MAKE_STRING(c,s)   do {    \
+        unsigned long ll;               \
+        ll=(c)->A; HOST_l2c(ll,(s));    \
+        ll=(c)->B; HOST_l2c(ll,(s));    \
+        ll=(c)->C; HOST_l2c(ll,(s));    \
+        ll=(c)->D; HOST_l2c(ll,(s));    \
+        } while (0)
+#define HASH_BLOCK_DATA_ORDER   md4_block_data_order
+#include "md32_common.h"
+/*
+#define F(x,y,z)        (((x) & (y))  |  ((~(x)) & (z)))
+#define G(x,y,z)        (((x) & (y))  |  ((x) & ((z))) | ((y) & ((z))))
+*/
+/* As pointed out by Wei Dai <weidai@eskimo.com>, the above can be
+ * simplified to the code below.  Wei attributes these optimizations
+ * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
+ */
+#define F(b,c,d)        ((((c) ^ (d)) & (b)) ^ (d))
+#define G(b,c,d)        (((b) & (c)) | ((b) & (d)) | ((c) & (d)))
+#define H(b,c,d)        ((b) ^ (c) ^ (d))
+#define R0(a,b,c,d,k,s,t) { \
+        a+=((k)+(t)+F((b),(c),(d))); \
+        a=ROTATE(a,s); };
+#define R1(a,b,c,d,k,s,t) { \
+        a+=((k)+(t)+G((b),(c),(d))); \
+        a=ROTATE(a,s); };\
+#define R2(a,b,c,d,k,s,t) { \
+        a+=((k)+(t)+H((b),(c),(d))); \
+        a=ROTATE(a,s); };
diff --git a/src/lib/libssl/src/crypto/md4/md4_one.c b/src/lib/libssl/src/crypto/md4/md4_one.c
new file mode 100644
index 0000000000..c1fd6f3e52
--- /dev/null
+++ b/src/lib/libssl/src/crypto/md4/md4_one.c
@@ -0,0 +1,77 @@
+/* $OpenBSD: md4_one.c,v 1.10 2015/09/14 01:45:03 doug Exp $ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include <string.h>
+#include <openssl/md4.h>
+#include <openssl/crypto.h>
+unsigned char *MD4(const unsigned char *d, size_t n, unsigned char *md)
+        {
+        MD4_CTX c;
+        static unsigned char m[MD4_DIGEST_LENGTH];
+        if (md == NULL) md=m;
+        if (!MD4_Init(&c))
+                return NULL;
+        MD4_Update(&c,d,n);
+        MD4_Final(md,&c);
+        explicit_bzero(&c,sizeof(c));
+        return(md);
+        }
diff --git a/src/lib/libssl/src/crypto/opensslfeatures.h b/src/lib/libssl/src/crypto/opensslfeatures.h
index 3d1972f661..ba4dbba959 100644
--- a/src/lib/libssl/src/crypto/opensslfeatures.h
+++ b/src/lib/libssl/src/crypto/opensslfeatures.h
@@ -6,7 +6,6 @@
 # define OPENSSL_NO_JPAKE
 # define OPENSSL_NO_KRB5
 # define OPENSSL_NO_MD2
-# define OPENSSL_NO_MD4
 # define OPENSSL_NO_MDC2
 # define OPENSSL_NO_PSK
 # define OPENSSL_NO_RC5
diff --git a/src/lib/libssl/src/doc/apps/dgst.pod b/src/lib/libssl/src/doc/apps/dgst.pod
index daaa87a50a..d8b2abc6fb 100644
--- a/src/lib/libssl/src/doc/apps/dgst.pod
+++ b/src/lib/libssl/src/doc/apps/dgst.pod
@@ -2,12 +2,12 @@
 =head1 NAME
-dgst, md5, sha1, ripemd160 - message digests
+dgst, md5, md4, md2, sha1, sha, ripemd160 - message digests
 =head1 SYNOPSIS
 B<openssl> B<dgst>
-[B<-md5|-sha1|-ripemd160|-dss1>]
+[B<-md5|-md4|-md2|-sha1|-sha|-ripemd160|-dss1>]
 [B<-c>]
 [B<-d>]
 [B<-hex>]
@@ -22,7 +22,7 @@ B<openssl> B<dgst>
 [B<-hmac key>]
 [B<file...>]
-[B<md5|sha1|ripemd160>]
+[B<md5|md4|md2|sha1|sha|ripemd160>]
 [B<-c>]
 [B<-d>]
 [B<file...>]
diff --git a/src/lib/libssl/src/doc/apps/openssl.pod b/src/lib/libssl/src/doc/apps/openssl.pod
index a000a02331..718d679dbb 100644
--- a/src/lib/libssl/src/doc/apps/openssl.pod
+++ b/src/lib/libssl/src/doc/apps/openssl.pod
@@ -263,6 +263,10 @@ X.509 Certificate Data Management.
 =over 10
+=item B<md2>
+MD2 Digest
 =item B<md5>
 MD5 Digest
@@ -271,6 +275,10 @@ MD5 Digest
 RMD-160 Digest
+=item B<sha>
+SHA Digest
 =item B<sha1>
 SHA-1 Digest
diff --git a/src/lib/libssl/src/doc/apps/speed.pod b/src/lib/libssl/src/doc/apps/speed.pod
index 61990f0dd5..c309d9a060 100644
--- a/src/lib/libssl/src/doc/apps/speed.pod
+++ b/src/lib/libssl/src/doc/apps/speed.pod
@@ -8,6 +8,7 @@ speed - test library performance
 B<openssl speed>
 [B<-engine id>]
+[B<md2>]
 [B<md5>]
 [B<hmac>]
 [B<sha1>]
diff --git a/src/lib/libssl/src/doc/apps/ts.pod b/src/lib/libssl/src/doc/apps/ts.pod
index f495a14038..3075b6887a 100644
--- a/src/lib/libssl/src/doc/apps/ts.pod
+++ b/src/lib/libssl/src/doc/apps/ts.pod
@@ -12,7 +12,7 @@ B<-query>
 [B<-config> configfile]
 [B<-data> file_to_hash]
 [B<-digest> digest_bytes]
-[B<-md5>|B<-sha1>|B<-ripemd160>|B<...>]
+[B<-md2>|B<-md4>|B<-md5>|B<-sha>|B<-sha1>|B<-ripemd160>|B<...>]
 [B<-policy> object_id]
 [B<-no_nonce>]
 [B<-cert>]
@@ -124,7 +124,7 @@ per byte, the bytes optionally separated by colons (e.g. 1A:F6:01:... or
 1AF601...). The number of bytes must match the message digest algorithm
 in use. (Optional)
-=item B<-md5>|B<-sha1>|B<-ripemd160>|B<...>
+=item B<-md2>|B<-md4>|B<-md5>|B<-sha>|B<-sha1>|B<-ripemd160>|B<...>
 The message digest to apply to the data file, it supports all the message
 digest algorithms that are supported by the openssl B<dgst> command.
diff --git a/src/lib/libssl/src/doc/crypto/MD5.pod b/src/lib/libssl/src/doc/crypto/MD5.pod
index 056f94bd9e..b0edd5416f 100644
--- a/src/lib/libssl/src/doc/crypto/MD5.pod
+++ b/src/lib/libssl/src/doc/crypto/MD5.pod
@@ -2,10 +2,33 @@
 =head1 NAME
-MD5, MD5_Init, MD5_Update, MD5_Final - MD5 hash functions
+MD2, MD4, MD5, MD2_Init, MD2_Update, MD2_Final, MD4_Init, MD4_Update,
+MD4_Final, MD5_Init, MD5_Update, MD5_Final - MD2, MD4, and MD5 hash functions
 =head1 SYNOPSIS
+ #include <openssl/md2.h>
+ unsigned char *MD2(const unsigned char *d, unsigned long n,
+                  unsigned char *md);
+ int MD2_Init(MD2_CTX *c);
+ int MD2_Update(MD2_CTX *c, const unsigned char *data,
+                  unsigned long len);
+ int MD2_Final(unsigned char *md, MD2_CTX *c);
+ #include <openssl/md4.h>
+ unsigned char *MD4(const unsigned char *d, unsigned long n,
+                  unsigned char *md);
+ int MD4_Init(MD4_CTX *c);
+ int MD4_Update(MD4_CTX *c, const void *data,
+                  unsigned long len);
+ int MD4_Final(unsigned char *md, MD4_CTX *c);
 #include <openssl/md5.h>
 unsigned char *MD5(const unsigned char *d, unsigned long n,
@@ -18,43 +41,61 @@ MD5, MD5_Init, MD5_Update, MD5_Final - MD5 hash functions
 =head1 DESCRIPTION
-MD5 is a cryptographic hash function with a 128 bit output.
+MD2, MD4, and MD5 are cryptographic hash functions with a 128 bit output.
-MD5() computes the MD5 message digest of the B<n> bytes at B<d> and
+MD2(), MD4(), and MD5() compute the MD2, MD4, and MD5 message digest
-places it in B<md> (which must have space for MD5_DIGEST_LENGTH == 16
+of the B<n> bytes at B<d> and place it in B<md> (which must have space
+for MD2_DIGEST_LENGTH == MD4_DIGEST_LENGTH == MD5_DIGEST_LENGTH == 16
 bytes of output). If B<md> is NULL, the digest is placed in a static
 array.
 The following functions may be used if the message is not completely
 stored in memory:
+MD2_Init() initializes a B<MD2_CTX> structure.
+MD2_Update() can be called repeatedly with chunks of the message to
+be hashed (B<len> bytes at B<data>).
+MD2_Final() places the message digest in B<md>, which must have space
+for MD2_DIGEST_LENGTH == 16 bytes of output, and erases the B<MD2_CTX>.
+MD4_Init(), MD4_Update(), MD4_Final(), MD5_Init(), MD5_Update(), and
+MD5_Final() are analogous using an B<MD4_CTX> and B<MD5_CTX> structure.
 Applications should use the higher level functions
 L<EVP_DigestInit(3)|EVP_DigestInit(3)>
 etc. instead of calling the hash functions directly.
 =head1 NOTE
-MD5 is recommended only for compatibility with legacy applications.
+MD2, MD4, and MD5 are recommended only for compatibility with existing
-In new applications, SHA-2 should be preferred.
+applications. In new applications, SHA-1 or RIPEMD-160 should be
+preferred.
 =head1 RETURN VALUES
-MD5() returns a pointer to the hash value.
+MD2(), MD4(), and MD5() return pointers to the hash value.
-MD5_Init(), MD5_Update(), and MD5_Final() return 1 for success, 0
+MD2_Init(), MD2_Update(), MD2_Final(), MD4_Init(), MD4_Update(),
-otherwise.
+MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() return 1 for
+success, 0 otherwise.
 =head1 CONFORMING TO
-RFC 1321
+RFC 1319, RFC 1320, RFC 1321
 =head1 SEE ALSO
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>
+L<sha(3)|sha(3)>, L<ripemd(3)|ripemd(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>
 =head1 HISTORY
-MD5(), MD5_Init(), MD5_Update() and MD5_Final() are available in all
+MD2(), MD2_Init(), MD2_Update() MD2_Final(), MD5(), MD5_Init(),
-versions of OpenSSL.
+MD5_Update() and MD5_Final() are available in all versions of SSLeay
+and OpenSSL.
+MD4(), MD4_Init(), and MD4_Update() are available in OpenSSL 0.9.6 and
+above.
 =cut
diff --git a/src/lib/libssl/src/doc/crypto/crypto.pod b/src/lib/libssl/src/doc/crypto/crypto.pod
index 11087ccc1f..bbd6ce9ea9 100644
--- a/src/lib/libssl/src/doc/crypto/crypto.pod
+++ b/src/lib/libssl/src/doc/crypto/crypto.pod
@@ -28,7 +28,7 @@ hash functions and a cryptographic pseudo-random number generator.
 =item SYMMETRIC CIPHERS
 L<blowfish(3)|blowfish(3)>, L<cast(3)|cast(3)>, L<des(3)|des(3)>,
-L<idea(3)|idea(3)>, L<rc2(3)|rc2(3)>, L<rc4(3)|rc4(3)>
+L<idea(3)|idea(3)>, L<rc2(3)|rc2(3)>, L<rc4(3)|rc4(3)>, L<rc5(3)|rc5(3)>
 =item PUBLIC KEY CRYPTOGRAPHY AND KEY AGREEMENT
@@ -40,7 +40,9 @@ L<x509(3)|x509(3)>, L<x509v3(3)|x509v3(3)>
 =item AUTHENTICATION CODES, HASH FUNCTIONS
-L<hmac(3)|hmac(3)>, L<md5(3)|md5(3)>, L<ripemd(3)|ripemd(3)>
+L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>, L<md4(3)|md4(3)>,
+L<md5(3)|md5(3)>, L<ripemd(3)|ripemd(3)>,
+L<sha(3)|sha(3)>
 =item AUXILIARY FUNCTIONS
diff --git a/src/lib/libssl/src/doc/standards.txt b/src/lib/libssl/src/doc/standards.txt
index e9eacc5840..7bada8d35f 100644
--- a/src/lib/libssl/src/doc/standards.txt
+++ b/src/lib/libssl/src/doc/standards.txt
@@ -27,6 +27,12 @@ Implemented:
 These are documents that describe things that are implemented (in
 whole or at least great parts) in OpenSSL.
+1319 The MD2 Message-Digest Algorithm. B. Kaliski. April 1992.
+     (Format: TXT=25661 bytes) (Status: INFORMATIONAL)
+1320 The MD4 Message-Digest Algorithm. R. Rivest. April 1992. (Format:
+     TXT=32407 bytes) (Status: INFORMATIONAL)
 1321 The MD5 Message-Digest Algorithm. R. Rivest. April 1992. (Format:
     TXT=35222 bytes) (Status: INFORMATIONAL)
author	doug <>	2015-09-14 01:45:03 +0000
committer	doug <>	2015-09-14 01:45:03 +0000
commit	ccf0b47cd77c8c167d186cc3f01dfc310ee5b29f (patch)
tree	587478d440edfb518946564a3da5958afa932346 /src/lib
parent	516aee833d4c8a3fa73b13184ca096bf2ad7f1f2 (diff)
download	openbsd-ccf0b47cd77c8c167d186cc3f01dfc310ee5b29f.tar.gz openbsd-ccf0b47cd77c8c167d186cc3f01dfc310ee5b29f.tar.bz2 openbsd-ccf0b47cd77c8c167d186cc3f01dfc310ee5b29f.zip