12 files changed, 138 insertions, 46 deletions
diff --git a/src/lib/libssl/src/test/enginetest.c b/src/lib/libssl/src/test/enginetest.c
index a5a3c47fcb..87fa8c57b7 100644
--- a/src/lib/libssl/src/test/enginetest.c
+++ b/src/lib/libssl/src/test/enginetest.c
@@ -3,7 +3,7 @@
 * project 2000.
 */
 /* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
@@ -56,8 +56,11 @@
 *
 */
+#include <openssl/e_os2.h>
 #include <stdio.h>
 #include <string.h>
+#include <openssl/buffer.h>
+#include <openssl/crypto.h>
 #include <openssl/engine.h>
 #include <openssl/err.h>
@@ -76,6 +79,9 @@ static void display_engine_list()
                h = ENGINE_get_next(h);
                }
        printf("end of list\n");
+        /* ENGINE_get_first() increases the struct_ref counter, so we 
+           must call ENGINE_free() to decrease it again */
+        ENGINE_free(h);
        }
 int main(int argc, char *argv[])
@@ -91,6 +97,18 @@ int main(int argc, char *argv[])
        ENGINE *new_h3 = NULL;
        ENGINE *new_h4 = NULL;
+        /* enable memory leak checking unless explicitly disabled */
+        if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))))
+                {
+                CRYPTO_malloc_debug_init();
+                CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
+                }
+        else
+                {
+                /* OPENSSL_DEBUG_MEMORY=off */
+                CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
+                }
+        CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
        ERR_load_crypto_strings();
        memset(block, 0, 512 * sizeof(ENGINE *));
@@ -124,6 +142,8 @@ int main(int argc, char *argv[])
                printf("Remove failed!\n");
                goto end;
                }
+        if (ptr)
+                ENGINE_free(ptr);
        display_engine_list();
        if(!ENGINE_add(new_h3) || !ENGINE_add(new_h2))
                {
@@ -158,12 +178,7 @@ int main(int argc, char *argv[])
                }
        else
                printf("Remove that should fail did.\n");
-        if(!ENGINE_remove(new_h1))
+        ERR_clear_error();
-                {
-                printf("Remove failed!\n");
-                goto end;
-                }
-        display_engine_list();
        if(!ENGINE_remove(new_h3))
                {
                printf("Remove failed!\n");
@@ -183,6 +198,8 @@ int main(int argc, char *argv[])
                if(!ENGINE_remove(ptr))
                        printf("Remove failed!i - probably no hardware "
                                "support present.\n");
+        if (ptr)
+                ENGINE_free(ptr);
        display_engine_list();
        if(!ENGINE_add(new_h1) || !ENGINE_remove(new_h1))
                {
@@ -195,9 +212,9 @@ int main(int argc, char *argv[])
        for(loop = 0; loop < 512; loop++)
                {
                sprintf(buf, "id%i", loop);
-                id = strdup(buf);
+                id = BUF_strdup(buf);
                sprintf(buf, "Fake engine type %i", loop);
-                name = strdup(buf);
+                name = BUF_strdup(buf);
                if(((block[loop] = ENGINE_new()) == NULL) ||
                                !ENGINE_set_id(block[loop], id) ||
                                !ENGINE_set_name(block[loop], name))
@@ -228,12 +245,13 @@ cleanup_loop:
                        printf("\nRemove failed!\n");
                        goto end;
                        }
+                ENGINE_free(ptr);
                printf("."); fflush(stdout);
                }
        for(loop = 0; loop < 512; loop++)
                {
-                free((char *)(ENGINE_get_id(block[loop])));
+                OPENSSL_free((void *)ENGINE_get_id(block[loop]));
-                free((char *)(ENGINE_get_name(block[loop])));
+                OPENSSL_free((void *)ENGINE_get_name(block[loop]));
                }
        printf("\nTests completed happily\n");
        to_return = 0;
@@ -247,5 +265,10 @@ end:
        for(loop = 0; loop < 512; loop++)
                if(block[loop])
                        ENGINE_free(block[loop]);
+        ENGINE_cleanup();
+        CRYPTO_cleanup_all_ex_data();
+        ERR_free_strings();
+        ERR_remove_state(0);
+        CRYPTO_mem_leaks_fp(stderr);
        return to_return;
        }
diff --git a/src/lib/libssl/src/test/md4test.c b/src/lib/libssl/src/test/md4test.c
index 97e6e21efd..e0fdc42282 100644
--- a/src/lib/libssl/src/test/md4test.c
+++ b/src/lib/libssl/src/test/md4test.c
@@ -60,13 +60,14 @@
 #include <string.h>
 #include <stdlib.h>
-#ifdef NO_MD4
+#ifdef OPENSSL_NO_MD4
 int main(int argc, char *argv[])
 {
    printf("No MD4 support\n");
    return(0);
 }
 #else
+#include <openssl/evp.h>
 #include <openssl/md4.h>
 static char *test[]={
@@ -96,13 +97,15 @@ int main(int argc, char *argv[])
        int i,err=0;
        unsigned char **P,**R;
        char *p;
+        unsigned char md[MD4_DIGEST_LENGTH];
        P=(unsigned char **)test;
        R=(unsigned char **)ret;
        i=1;
        while (*P != NULL)
                {
-                p=pt(MD4(&(P[0][0]),(unsigned long)strlen((char *)*P),NULL));
+                EVP_Digest(&(P[0][0]),(unsigned long)strlen((char *)*P),md,NULL,EVP_md4(), NULL);
+                p=pt(md);
                if (strcmp(p,(char *)*R) != 0)
                        {
                        printf("error calculating MD4 on '%s'\n",*P);
diff --git a/src/lib/libssl/src/test/rsa_test.c b/src/lib/libssl/src/test/rsa_test.c
index e5ae0c1f69..b8b462d33b 100644
--- a/src/lib/libssl/src/test/rsa_test.c
+++ b/src/lib/libssl/src/test/rsa_test.c
@@ -3,12 +3,12 @@
 #include <stdio.h>
 #include <string.h>
-#include "openssl/e_os.h"
+#include "e_os.h"
 #include <openssl/crypto.h>
 #include <openssl/err.h>
 #include <openssl/rand.h>
-#ifdef NO_RSA
+#ifdef OPENSSL_NO_RSA
 int main(int argc, char *argv[])
 {
    printf("No RSA support\n");
@@ -16,6 +16,7 @@ int main(int argc, char *argv[])
 }
 #else
 #include <openssl/rsa.h>
+#include <openssl/engine.h>
 #define SetKey \
  key->n = BN_bin2bn(n, sizeof(n)-1, key->n); \
@@ -219,10 +220,12 @@ int main(int argc, char *argv[])
    int clen = 0;
    int num;
+    CRYPTO_malloc_debug_init();
+    CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
+    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
    RAND_seed(rnd_seed, sizeof rnd_seed); /* or OAEP may fail */
-    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
-        
    plen = sizeof(ptext_ex) - 1;
    for (v = 0; v < 3; v++)
@@ -305,9 +308,10 @@ int main(int argc, char *argv[])
        RSA_free(key);
        }
+    CRYPTO_cleanup_all_ex_data();
    ERR_remove_state(0);
-    CRYPTO_mem_leaks_fp(stdout);
+    CRYPTO_mem_leaks_fp(stderr);
    return err;
    }
diff --git a/src/lib/libssl/src/test/testgen b/src/lib/libssl/src/test/testgen
index c5f61b582b..6a4b6b9221 100644
--- a/src/lib/libssl/src/test/testgen
+++ b/src/lib/libssl/src/test/testgen
@@ -11,13 +11,19 @@ export PATH
 echo "generating certificate request"
-echo "There should be a 2 sequences of .'s and some +'s."
-echo "There should not be more that at most 80 per line"
-echo "This could take some time."
 echo "string to make the random number generator think it has entropy" >> ./.rnd
-../apps/openssl req -config test.cnf -new -out testreq.pem
+if ../apps/openssl no-rsa; then
+  req_new='-newkey dsa:../apps/dsa512.pem'
+else
+  req_new='-new'
+  echo "There should be a 2 sequences of .'s and some +'s."
+  echo "There should not be more that at most 80 per line"
+fi
+echo "This could take some time."
+../apps/openssl req -config test.cnf $req_new -out testreq.pem
 if [ $? != 0 ]; then
 echo problems creating request
 exit 1
diff --git a/src/lib/libssl/src/test/treq b/src/lib/libssl/src/test/treq
index 0464c9d902..9f5eb7eea5 100644
--- a/src/lib/libssl/src/test/treq
+++ b/src/lib/libssl/src/test/treq
@@ -11,6 +11,11 @@ else
        t=testreq.pem
 fi
+if $cmd -in $t -inform p -noout -text | fgrep 'Unknown Public Key'; then
+  echo "skipping req conversion test for $t"
+  exit 0
+fi
 echo testing req conversions
 cp $t fff.p
diff --git a/src/lib/libssl/src/test/trsa b/src/lib/libssl/src/test/trsa
index d6a4dd826d..bd6c07650a 100644
--- a/src/lib/libssl/src/test/trsa
+++ b/src/lib/libssl/src/test/trsa
@@ -3,6 +3,11 @@
 PATH=../apps:$PATH
 export PATH
+if ../apps/openssl no-rsa; then
+  echo skipping rsa conversion test
+  exit 0
+fi
 cmd='../apps/openssl rsa'
 if [ "$1"x != "x" ]; then
diff --git a/src/lib/libssl/test/enginetest.c b/src/lib/libssl/test/enginetest.c
index a5a3c47fcb..87fa8c57b7 100644
--- a/src/lib/libssl/test/enginetest.c
+++ b/src/lib/libssl/test/enginetest.c
@@ -3,7 +3,7 @@
 * project 2000.
 */
 /* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
@@ -56,8 +56,11 @@
 *
 */
+#include <openssl/e_os2.h>
 #include <stdio.h>
 #include <string.h>
+#include <openssl/buffer.h>
+#include <openssl/crypto.h>
 #include <openssl/engine.h>
 #include <openssl/err.h>
@@ -76,6 +79,9 @@ static void display_engine_list()
                h = ENGINE_get_next(h);
                }
        printf("end of list\n");
+        /* ENGINE_get_first() increases the struct_ref counter, so we 
+           must call ENGINE_free() to decrease it again */
+        ENGINE_free(h);
        }
 int main(int argc, char *argv[])
@@ -91,6 +97,18 @@ int main(int argc, char *argv[])
        ENGINE *new_h3 = NULL;
        ENGINE *new_h4 = NULL;
+        /* enable memory leak checking unless explicitly disabled */
+        if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))))
+                {
+                CRYPTO_malloc_debug_init();
+                CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
+                }
+        else
+                {
+                /* OPENSSL_DEBUG_MEMORY=off */
+                CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
+                }
+        CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
        ERR_load_crypto_strings();
        memset(block, 0, 512 * sizeof(ENGINE *));
@@ -124,6 +142,8 @@ int main(int argc, char *argv[])
                printf("Remove failed!\n");
                goto end;
                }
+        if (ptr)
+                ENGINE_free(ptr);
        display_engine_list();
        if(!ENGINE_add(new_h3) || !ENGINE_add(new_h2))
                {
@@ -158,12 +178,7 @@ int main(int argc, char *argv[])
                }
        else
                printf("Remove that should fail did.\n");
-        if(!ENGINE_remove(new_h1))
+        ERR_clear_error();
-                {
-                printf("Remove failed!\n");
-                goto end;
-                }
-        display_engine_list();
        if(!ENGINE_remove(new_h3))
                {
                printf("Remove failed!\n");
@@ -183,6 +198,8 @@ int main(int argc, char *argv[])
                if(!ENGINE_remove(ptr))
                        printf("Remove failed!i - probably no hardware "
                                "support present.\n");
+        if (ptr)
+                ENGINE_free(ptr);
        display_engine_list();
        if(!ENGINE_add(new_h1) || !ENGINE_remove(new_h1))
                {
@@ -195,9 +212,9 @@ int main(int argc, char *argv[])
        for(loop = 0; loop < 512; loop++)
                {
                sprintf(buf, "id%i", loop);
-                id = strdup(buf);
+                id = BUF_strdup(buf);
                sprintf(buf, "Fake engine type %i", loop);
-                name = strdup(buf);
+                name = BUF_strdup(buf);
                if(((block[loop] = ENGINE_new()) == NULL) ||
                                !ENGINE_set_id(block[loop], id) ||
                                !ENGINE_set_name(block[loop], name))
@@ -228,12 +245,13 @@ cleanup_loop:
                        printf("\nRemove failed!\n");
                        goto end;
                        }
+                ENGINE_free(ptr);
                printf("."); fflush(stdout);
                }
        for(loop = 0; loop < 512; loop++)
                {
-                free((char *)(ENGINE_get_id(block[loop])));
+                OPENSSL_free((void *)ENGINE_get_id(block[loop]));
-                free((char *)(ENGINE_get_name(block[loop])));
+                OPENSSL_free((void *)ENGINE_get_name(block[loop]));
                }
        printf("\nTests completed happily\n");
        to_return = 0;
@@ -247,5 +265,10 @@ end:
        for(loop = 0; loop < 512; loop++)
                if(block[loop])
                        ENGINE_free(block[loop]);
+        ENGINE_cleanup();
+        CRYPTO_cleanup_all_ex_data();
+        ERR_free_strings();
+        ERR_remove_state(0);
+        CRYPTO_mem_leaks_fp(stderr);
        return to_return;
        }
diff --git a/src/lib/libssl/test/md4test.c b/src/lib/libssl/test/md4test.c
index 97e6e21efd..e0fdc42282 100644
--- a/src/lib/libssl/test/md4test.c
+++ b/src/lib/libssl/test/md4test.c
@@ -60,13 +60,14 @@
 #include <string.h>
 #include <stdlib.h>
-#ifdef NO_MD4
+#ifdef OPENSSL_NO_MD4
 int main(int argc, char *argv[])
 {
    printf("No MD4 support\n");
    return(0);
 }
 #else
+#include <openssl/evp.h>
 #include <openssl/md4.h>
 static char *test[]={
@@ -96,13 +97,15 @@ int main(int argc, char *argv[])
        int i,err=0;
        unsigned char **P,**R;
        char *p;
+        unsigned char md[MD4_DIGEST_LENGTH];
        P=(unsigned char **)test;
        R=(unsigned char **)ret;
        i=1;
        while (*P != NULL)
                {
-                p=pt(MD4(&(P[0][0]),(unsigned long)strlen((char *)*P),NULL));
+                EVP_Digest(&(P[0][0]),(unsigned long)strlen((char *)*P),md,NULL,EVP_md4(), NULL);
+                p=pt(md);
                if (strcmp(p,(char *)*R) != 0)
                        {
                        printf("error calculating MD4 on '%s'\n",*P);
diff --git a/src/lib/libssl/test/rsa_test.c b/src/lib/libssl/test/rsa_test.c
index e5ae0c1f69..b8b462d33b 100644
--- a/src/lib/libssl/test/rsa_test.c
+++ b/src/lib/libssl/test/rsa_test.c
@@ -3,12 +3,12 @@
 #include <stdio.h>
 #include <string.h>
-#include "openssl/e_os.h"
+#include "e_os.h"
 #include <openssl/crypto.h>
 #include <openssl/err.h>
 #include <openssl/rand.h>
-#ifdef NO_RSA
+#ifdef OPENSSL_NO_RSA
 int main(int argc, char *argv[])
 {
    printf("No RSA support\n");
@@ -16,6 +16,7 @@ int main(int argc, char *argv[])
 }
 #else
 #include <openssl/rsa.h>
+#include <openssl/engine.h>
 #define SetKey \
  key->n = BN_bin2bn(n, sizeof(n)-1, key->n); \
@@ -219,10 +220,12 @@ int main(int argc, char *argv[])
    int clen = 0;
    int num;
+    CRYPTO_malloc_debug_init();
+    CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
+    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
    RAND_seed(rnd_seed, sizeof rnd_seed); /* or OAEP may fail */
-    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
-        
    plen = sizeof(ptext_ex) - 1;
    for (v = 0; v < 3; v++)
@@ -305,9 +308,10 @@ int main(int argc, char *argv[])
        RSA_free(key);
        }
+    CRYPTO_cleanup_all_ex_data();
    ERR_remove_state(0);
-    CRYPTO_mem_leaks_fp(stdout);
+    CRYPTO_mem_leaks_fp(stderr);
    return err;
    }
diff --git a/src/lib/libssl/test/testgen b/src/lib/libssl/test/testgen
index c5f61b582b..6a4b6b9221 100644
--- a/src/lib/libssl/test/testgen
+++ b/src/lib/libssl/test/testgen
@@ -11,13 +11,19 @@ export PATH
 echo "generating certificate request"
-echo "There should be a 2 sequences of .'s and some +'s."
-echo "There should not be more that at most 80 per line"
-echo "This could take some time."
 echo "string to make the random number generator think it has entropy" >> ./.rnd
-../apps/openssl req -config test.cnf -new -out testreq.pem
+if ../apps/openssl no-rsa; then
+  req_new='-newkey dsa:../apps/dsa512.pem'
+else
+  req_new='-new'
+  echo "There should be a 2 sequences of .'s and some +'s."
+  echo "There should not be more that at most 80 per line"
+fi
+echo "This could take some time."
+../apps/openssl req -config test.cnf $req_new -out testreq.pem
 if [ $? != 0 ]; then
 echo problems creating request
 exit 1
diff --git a/src/lib/libssl/test/treq b/src/lib/libssl/test/treq
index 0464c9d902..9f5eb7eea5 100644
--- a/src/lib/libssl/test/treq
+++ b/src/lib/libssl/test/treq
@@ -11,6 +11,11 @@ else
        t=testreq.pem
 fi
+if $cmd -in $t -inform p -noout -text | fgrep 'Unknown Public Key'; then
+  echo "skipping req conversion test for $t"
+  exit 0
+fi
 echo testing req conversions
 cp $t fff.p
diff --git a/src/lib/libssl/test/trsa b/src/lib/libssl/test/trsa
index d6a4dd826d..bd6c07650a 100644
--- a/src/lib/libssl/test/trsa
+++ b/src/lib/libssl/test/trsa
@@ -3,6 +3,11 @@
 PATH=../apps:$PATH
 export PATH
+if ../apps/openssl no-rsa; then
+  echo skipping rsa conversion test
+  exit 0
+fi
 cmd='../apps/openssl rsa'
 if [ "$1"x != "x" ]; then