23 files changed, 281 insertions, 111 deletions
diff --git a/src/lib/libcrypto/engine/Makefile.ssl b/src/lib/libcrypto/engine/Makefile.ssl
index 8bc8985e02..30a4446ff9 100644
--- a/src/lib/libcrypto/engine/Makefile.ssl
+++ b/src/lib/libcrypto/engine/Makefile.ssl
@@ -50,7 +50,7 @@ all:	lib
 lib:    $(LIBOBJ)
        $(AR) $(LIB) $(LIBOBJ)
-        $(RANLIB) $(LIB)
+        $(RANLIB) $(LIB) || echo Never mind.
        @touch lib
 files:
@@ -82,7 +82,7 @@ lint:
        lint -DLINT $(INCLUDES) $(SRC)>fluff
 depend:
-        $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
 dclean:
        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
@@ -304,6 +304,27 @@ hw_atalla.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 hw_atalla.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
 hw_atalla.o: ../cryptlib.h hw_atalla.c hw_atalla_err.c hw_atalla_err.h
 hw_atalla.o: vendor_defns/atalla.h
+hw_cryptodev.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+hw_cryptodev.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+hw_cryptodev.o: ../../include/openssl/bn.h ../../include/openssl/cast.h
+hw_cryptodev.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+hw_cryptodev.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+hw_cryptodev.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+hw_cryptodev.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+hw_cryptodev.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+hw_cryptodev.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+hw_cryptodev.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+hw_cryptodev.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+hw_cryptodev.o: ../../include/openssl/objects.h
+hw_cryptodev.o: ../../include/openssl/opensslconf.h
+hw_cryptodev.o: ../../include/openssl/opensslv.h
+hw_cryptodev.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+hw_cryptodev.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+hw_cryptodev.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+hw_cryptodev.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+hw_cryptodev.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+hw_cryptodev.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+hw_cryptodev.o: ../../include/openssl/ui_compat.h hw_cryptodev.c
 hw_cswift.o: ../../e_os.h ../../include/openssl/asn1.h
 hw_cswift.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
 hw_cswift.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@@ -354,45 +375,6 @@ hw_nuron.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
 hw_nuron.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 hw_nuron.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
 hw_nuron.o: ../cryptlib.h hw_nuron.c hw_nuron_err.c hw_nuron_err.h
-hw_cryptodev.o: ../../include/openssl/aes.h
-hw_cryptodev.o: ../../include/openssl/asn1.h
-hw_cryptodev.o: ../../include/openssl/bio.h
-hw_cryptodev.o: ../../include/openssl/blowfish.h
-hw_cryptodev.o: ../../include/openssl/bn.h
-hw_cryptodev.o: ../../include/openssl/cast.h
-hw_cryptodev.o: ../../include/openssl/conf.h
-hw_cryptodev.o: ../../include/openssl/crypto.h
-hw_cryptodev.o: ../../include/openssl/des.h
-hw_cryptodev.o: ../../include/openssl/des_old.h
-hw_cryptodev.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-hw_cryptodev.o: ../../include/openssl/e_os2.h
-hw_cryptodev.o: ../../include/openssl/engine.h
-hw_cryptodev.o: ../../include/openssl/err.h
-hw_cryptodev.o: ../../include/openssl/evp.h
-hw_cryptodev.o: ../../include/openssl/idea.h
-hw_cryptodev.o: ../../include/openssl/lhash.h
-hw_cryptodev.o: ../../include/openssl/md2.h
-hw_cryptodev.o: ../../include/openssl/md4.h
-hw_cryptodev.o: ../../include/openssl/md5.h
-hw_cryptodev.o: ../../include/openssl/mdc2.h
-hw_cryptodev.o: ../../include/openssl/obj_mac.h
-hw_cryptodev.o: ../../include/openssl/objects.h
-hw_cryptodev.o: ../../include/openssl/opensslconf.h
-hw_cryptodev.o: ../../include/openssl/opensslv.h
-hw_cryptodev.o: ../../include/openssl/ossl_typ.h
-hw_cryptodev.o: ../../include/openssl/rand.h
-hw_cryptodev.o: ../../include/openssl/rc2.h
-hw_cryptodev.o: ../../include/openssl/rc4.h
-hw_cryptodev.o: ../../include/openssl/rc5.h
-hw_cryptodev.o: ../../include/openssl/ripemd.h
-hw_cryptodev.o: ../../include/openssl/rsa.h
-hw_cryptodev.o: ../../include/openssl/safestack.h
-hw_cryptodev.o: ../../include/openssl/sha.h
-hw_cryptodev.o: ../../include/openssl/stack.h
-hw_cryptodev.o: ../../include/openssl/symhacks.h
-hw_cryptodev.o: ../../include/openssl/ui.h
-hw_cryptodev.o: ../../include/openssl/ui_compat.h ../evp/evp_locl.h
-hw_cryptodev.o: eng_int.h hw_cryptodev.c
 hw_sureware.o: ../../e_os.h ../../include/openssl/aes.h
 hw_sureware.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
 hw_sureware.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
diff --git a/src/lib/libcrypto/engine/eng_all.c b/src/lib/libcrypto/engine/eng_all.c
index bc50465422..0f6992a40d 100644
--- a/src/lib/libcrypto/engine/eng_all.c
+++ b/src/lib/libcrypto/engine/eng_all.c
@@ -60,10 +60,6 @@
 #include <openssl/engine.h>
 #include "eng_int.h"
-#ifdef __OpenBSD__
-static int openbsd_default_loaded = 0;
-#endif
 void ENGINE_load_builtin_engines(void)
        {
        /* There's no longer any need for an "openssl" ENGINE unless, one day,
@@ -99,21 +95,19 @@ void ENGINE_load_builtin_engines(void)
 #ifndef OPENSSL_NO_HW_4758_CCA
        ENGINE_load_4758cca();
 #endif
-#ifdef OPENSSL_OPENBSD_DEV_CRYPTO
+#if defined(__OpenBSD__) || defined(__FreeBSD__)
-        ENGINE_load_openbsd_dev_crypto();
-#endif
-#ifdef __OpenBSD__
        ENGINE_load_cryptodev();
 #endif
 #endif
        }
-#ifdef __OpenBSD__
+#if defined(__OpenBSD__) || defined(__FreeBSD__)
-void ENGINE_setup_openbsd(void) {
+void ENGINE_setup_bsd_cryptodev(void) {
-        if (!openbsd_default_loaded) {
+        static int bsd_cryptodev_default_loaded = 0;
+        if (!bsd_cryptodev_default_loaded) {
                ENGINE_load_cryptodev();
                ENGINE_register_all_complete();
        }
-        openbsd_default_loaded=1;
+        bsd_cryptodev_default_loaded=1;
 }
 #endif
diff --git a/src/lib/libcrypto/engine/eng_err.c b/src/lib/libcrypto/engine/eng_err.c
index f6c5630395..814d95ee32 100644
--- a/src/lib/libcrypto/engine/eng_err.c
+++ b/src/lib/libcrypto/engine/eng_err.c
@@ -1,6 +1,6 @@
 /* crypto/engine/eng_err.c */
 /* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
@@ -96,6 +96,7 @@ static ERR_STRING_DATA ENGINE_str_functs[]=
 {ERR_PACK(0,ENGINE_F_ENGINE_SET_NAME,0),        "ENGINE_set_name"},
 {ERR_PACK(0,ENGINE_F_ENGINE_TABLE_REGISTER,0),  "ENGINE_TABLE_REGISTER"},
 {ERR_PACK(0,ENGINE_F_ENGINE_UNLOAD_KEY,0),      "ENGINE_UNLOAD_KEY"},
+{ERR_PACK(0,ENGINE_F_ENGINE_UP_REF,0),  "ENGINE_up_ref"},
 {ERR_PACK(0,ENGINE_F_INT_CTRL_HELPER,0),        "INT_CTRL_HELPER"},
 {ERR_PACK(0,ENGINE_F_INT_ENGINE_CONFIGURE,0),   "INT_ENGINE_CONFIGURE"},
 {ERR_PACK(0,ENGINE_F_LOG_MESSAGE,0),    "LOG_MESSAGE"},
diff --git a/src/lib/libcrypto/engine/eng_fat.c b/src/lib/libcrypto/engine/eng_fat.c
index f7edb5ad32..0d7dae00b2 100644
--- a/src/lib/libcrypto/engine/eng_fat.c
+++ b/src/lib/libcrypto/engine/eng_fat.c
@@ -66,18 +66,18 @@ int ENGINE_set_default(ENGINE *e, unsigned int flags)
        if((flags & ENGINE_METHOD_DIGESTS) && !ENGINE_set_default_digests(e))
                return 0;
 #ifndef OPENSSL_NO_RSA
-        if((flags & ENGINE_METHOD_RSA) & !ENGINE_set_default_RSA(e))
+        if((flags & ENGINE_METHOD_RSA) && !ENGINE_set_default_RSA(e))
                return 0;
 #endif
 #ifndef OPENSSL_NO_DSA
-        if((flags & ENGINE_METHOD_DSA) & !ENGINE_set_default_DSA(e))
+        if((flags & ENGINE_METHOD_DSA) && !ENGINE_set_default_DSA(e))
                return 0;
 #endif
 #ifndef OPENSSL_NO_DH
-        if((flags & ENGINE_METHOD_DH) & !ENGINE_set_default_DH(e))
+        if((flags & ENGINE_METHOD_DH) && !ENGINE_set_default_DH(e))
                return 0;
 #endif
-        if((flags & ENGINE_METHOD_RAND) & !ENGINE_set_default_RAND(e))
+        if((flags & ENGINE_METHOD_RAND) && !ENGINE_set_default_RAND(e))
                return 0;
        return 1;
        }
diff --git a/src/lib/libcrypto/engine/eng_list.c b/src/lib/libcrypto/engine/eng_list.c
index 0c220558e7..1cc3217f4c 100644
--- a/src/lib/libcrypto/engine/eng_list.c
+++ b/src/lib/libcrypto/engine/eng_list.c
@@ -191,14 +191,14 @@ ENGINE *ENGINE_get_first(void)
        {
        ENGINE *ret;
-        CRYPTO_r_lock(CRYPTO_LOCK_ENGINE);
+        CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
        ret = engine_list_head;
        if(ret)
                {
                ret->struct_ref++;
                engine_ref_debug(ret, 0, 1)
                }
-        CRYPTO_r_unlock(CRYPTO_LOCK_ENGINE);
+        CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
        return ret;
        }
@@ -206,14 +206,14 @@ ENGINE *ENGINE_get_last(void)
        {
        ENGINE *ret;
-        CRYPTO_r_lock(CRYPTO_LOCK_ENGINE);
+        CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-                ret = engine_list_tail;
+        ret = engine_list_tail;
        if(ret)
                {
                ret->struct_ref++;
                engine_ref_debug(ret, 0, 1)
                }
-        CRYPTO_r_unlock(CRYPTO_LOCK_ENGINE);
+        CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
        return ret;
        }
@@ -227,7 +227,7 @@ ENGINE *ENGINE_get_next(ENGINE *e)
                        ERR_R_PASSED_NULL_PARAMETER);
                return 0;
                }
-        CRYPTO_r_lock(CRYPTO_LOCK_ENGINE);
+        CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
        ret = e->next;
        if(ret)
                {
@@ -235,7 +235,7 @@ ENGINE *ENGINE_get_next(ENGINE *e)
                ret->struct_ref++;
                engine_ref_debug(ret, 0, 1)
                }
-        CRYPTO_r_unlock(CRYPTO_LOCK_ENGINE);
+        CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
        /* Release the structural reference to the previous ENGINE */
        ENGINE_free(e);
        return ret;
@@ -250,7 +250,7 @@ ENGINE *ENGINE_get_prev(ENGINE *e)
                        ERR_R_PASSED_NULL_PARAMETER);
                return 0;
                }
-        CRYPTO_r_lock(CRYPTO_LOCK_ENGINE);
+        CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
        ret = e->prev;
        if(ret)
                {
@@ -258,7 +258,7 @@ ENGINE *ENGINE_get_prev(ENGINE *e)
                ret->struct_ref++;
                engine_ref_debug(ret, 0, 1)
                }
-        CRYPTO_r_unlock(CRYPTO_LOCK_ENGINE);
+        CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
        /* Release the structural reference to the previous ENGINE */
        ENGINE_free(e);
        return ret;
@@ -346,7 +346,7 @@ ENGINE *ENGINE_by_id(const char *id)
                        ERR_R_PASSED_NULL_PARAMETER);
                return NULL;
                }
-        CRYPTO_r_lock(CRYPTO_LOCK_ENGINE);
+        CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
        iterator = engine_list_head;
        while(iterator && (strcmp(id, iterator->id) != 0))
                iterator = iterator->next;
@@ -372,7 +372,7 @@ ENGINE *ENGINE_by_id(const char *id)
                        engine_ref_debug(iterator, 0, 1)
                        }
                }
-        CRYPTO_r_unlock(CRYPTO_LOCK_ENGINE);
+        CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
        if(iterator == NULL)
                {
                ENGINEerr(ENGINE_F_ENGINE_BY_ID,
@@ -381,3 +381,14 @@ ENGINE *ENGINE_by_id(const char *id)
                }
        return iterator;
        }
+int ENGINE_up_ref(ENGINE *e)
+        {
+        if (e == NULL)
+                {
+                ENGINEerr(ENGINE_F_ENGINE_UP_REF,ERR_R_PASSED_NULL_PARAMETER);
+                return 0;
+                }
+        CRYPTO_add(&e->struct_ref,1,CRYPTO_LOCK_ENGINE);
+        return 1;
+        }
diff --git a/src/lib/libcrypto/engine/eng_openssl.c b/src/lib/libcrypto/engine/eng_openssl.c
index e9d976f46b..54579eea2e 100644
--- a/src/lib/libcrypto/engine/eng_openssl.c
+++ b/src/lib/libcrypto/engine/eng_openssl.c
@@ -63,6 +63,7 @@
 #include <openssl/engine.h>
 #include <openssl/dso.h>
 #include <openssl/pem.h>
+#include <openssl/evp.h>
 /* This testing gunk is implemented (and explained) lower down. It also assumes
 * the application explicitly calls "ENGINE_load_openssl()" because this is no
@@ -78,6 +79,21 @@
 /* #define TEST_ENG_OPENSSL_SHA_P_UPDATE */
 /* #define TEST_ENG_OPENSSL_SHA_P_FINAL */
+/* Now check what of those algorithms are actually enabled */
+#ifdef OPENSSL_NO_RC4
+#undef TEST_ENG_OPENSSL_RC4
+#undef TEST_ENG_OPENSSL_RC4_OTHERS
+#undef TEST_ENG_OPENSSL_RC4_P_INIT
+#undef TEST_ENG_OPENSSL_RC4_P_CIPHER
+#endif
+#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA0) || defined(OPENSSL_NO_SHA1)
+#undef TEST_ENG_OPENSSL_SHA
+#undef TEST_ENG_OPENSSL_SHA_OTHERS
+#undef TEST_ENG_OPENSSL_SHA_P_INIT
+#undef TEST_ENG_OPENSSL_SHA_P_UPDATE
+#undef TEST_ENG_OPENSSL_SHA_P_FINAL 
+#endif
 #ifdef TEST_ENG_OPENSSL_RC4
 static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
                                const int **nids, int nid);
@@ -180,7 +196,6 @@ IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
 *        the "init_key" handler is called.
 *    TEST_ENG_OPENSSL_RC4_P_CIPHER - ditto for the "cipher" handler.
 */
-#include <openssl/evp.h>
 #include <openssl/rc4.h>
 #define TEST_RC4_KEY_SIZE               16
 static int test_cipher_nids[] = {NID_rc4,NID_rc4_40};
@@ -265,7 +280,6 @@ static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
 #ifdef TEST_ENG_OPENSSL_SHA
 /* Much the same sort of comment as for TEST_ENG_OPENSSL_RC4 */
-#include <openssl/evp.h>
 #include <openssl/sha.h>
 static int test_digest_nids[] = {NID_sha1};
 static int test_digest_nids_number = 1;
diff --git a/src/lib/libcrypto/engine/engine.h b/src/lib/libcrypto/engine/engine.h
index fd17ff616d..8686879e1a 100644
--- a/src/lib/libcrypto/engine/engine.h
+++ b/src/lib/libcrypto/engine/engine.h
@@ -59,6 +59,12 @@
 #ifndef HEADER_ENGINE_H
 #define HEADER_ENGINE_H
+#include <openssl/opensslconf.h>
+#ifdef OPENSSL_NO_ENGINE
+#error ENGINE is disabled.
+#endif
 #include <openssl/ossl_typ.h>
 #include <openssl/bn.h>
 #ifndef OPENSSL_NO_RSA
@@ -307,11 +313,8 @@ void ENGINE_load_ubsec(void);
 void ENGINE_load_aep(void);
 void ENGINE_load_sureware(void);
 void ENGINE_load_4758cca(void);
-void ENGINE_load_openbsd_dev_crypto(void);
-void ENGINE_load_builtin_engines(void);
-#ifdef __OpenBSD__
 void ENGINE_load_cryptodev(void);
-#endif  
+void ENGINE_load_builtin_engines(void);
 /* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation
 * "registry" handling. */
@@ -409,6 +412,7 @@ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
 * compatibility! */
 ENGINE *ENGINE_new(void);
 int ENGINE_free(ENGINE *e);
+int ENGINE_up_ref(ENGINE *e);
 int ENGINE_set_id(ENGINE *e, const char *id);
 int ENGINE_set_name(ENGINE *e, const char *name);
 int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
@@ -665,6 +669,7 @@ void ERR_load_ENGINE_strings(void);
 #define ENGINE_F_ENGINE_SET_NAME                         130
 #define ENGINE_F_ENGINE_TABLE_REGISTER                   184
 #define ENGINE_F_ENGINE_UNLOAD_KEY                       152
+#define ENGINE_F_ENGINE_UP_REF                           190
 #define ENGINE_F_INT_CTRL_HELPER                         172
 #define ENGINE_F_INT_ENGINE_CONFIGURE                    188
 #define ENGINE_F_LOG_MESSAGE                             141
diff --git a/src/lib/libcrypto/engine/enginetest.c b/src/lib/libcrypto/engine/enginetest.c
index 87fa8c57b7..c2d0297392 100644
--- a/src/lib/libcrypto/engine/enginetest.c
+++ b/src/lib/libcrypto/engine/enginetest.c
@@ -56,9 +56,17 @@
 *
 */
-#include <openssl/e_os2.h>
 #include <stdio.h>
 #include <string.h>
+#ifdef OPENSSL_NO_ENGINE
+int main(int argc, char *argv[])
+{
+    printf("No ENGINE support\n");
+    return(0);
+}
+#else
+#include <openssl/e_os2.h>
 #include <openssl/buffer.h>
 #include <openssl/crypto.h>
 #include <openssl/engine.h>
@@ -272,3 +280,4 @@ end:
        CRYPTO_mem_leaks_fp(stderr);
        return to_return;
        }
+#endif
diff --git a/src/lib/libcrypto/engine/hw_4758_cca.c b/src/lib/libcrypto/engine/hw_4758_cca.c
index 6d41b9ed2a..4f5ae8a46d 100644
--- a/src/lib/libcrypto/engine/hw_4758_cca.c
+++ b/src/lib/libcrypto/engine/hw_4758_cca.c
@@ -223,6 +223,7 @@ static int bind_helper(ENGINE *e)
        return 1;
        }
+#ifndef ENGINE_DYNAMIC_SUPPORT
 static ENGINE *engine_4758_cca(void)
        {
        ENGINE *ret = ENGINE_new();
@@ -244,6 +245,7 @@ void ENGINE_load_4758cca(void)
        ENGINE_free(e_4758);
        ERR_clear_error();   
        }
+#endif
 static int ibm_4758_cca_destroy(ENGINE *e)
        {
@@ -715,7 +717,7 @@ static int cca_rsa_verify(int type, const unsigned char *m, unsigned int m_len,
        if (type == NID_sha1 || type == NID_md5)
                {
-                memset(hashBuffer, 0, keyLength+1);
+                OPENSSL_cleanse(hashBuffer, keyLength+1);
                OPENSSL_free(hashBuffer);
                }
@@ -838,7 +840,7 @@ static int cca_rsa_sign(int type, const unsigned char *m, unsigned int m_len,
        if (type == NID_sha1 || type == NID_md5)
                {
-                memset(hashBuffer, 0, keyLength+1);
+                OPENSSL_cleanse(hashBuffer, keyLength+1);
                OPENSSL_free(hashBuffer);
                }
diff --git a/src/lib/libcrypto/engine/hw_atalla.c b/src/lib/libcrypto/engine/hw_atalla.c
index 6151c46902..e9eff9fad1 100644
--- a/src/lib/libcrypto/engine/hw_atalla.c
+++ b/src/lib/libcrypto/engine/hw_atalla.c
@@ -242,6 +242,7 @@ static int bind_helper(ENGINE *e)
        return 1;
        }
+#ifndef ENGINE_DYNAMIC_SUPPORT
 static ENGINE *engine_atalla(void)
        {
        ENGINE *ret = ENGINE_new();
@@ -264,6 +265,7 @@ void ENGINE_load_atalla(void)
        ENGINE_free(toadd);
        ERR_clear_error();
        }
+#endif
 /* This is a process-global DSO handle used for loading and unloading
 * the Atalla library. NB: This is only set (or unset) during an
diff --git a/src/lib/libcrypto/engine/hw_cryptodev.c b/src/lib/libcrypto/engine/hw_cryptodev.c
index 034c7ca213..139119b80c 100644
--- a/src/lib/libcrypto/engine/hw_cryptodev.c
+++ b/src/lib/libcrypto/engine/hw_cryptodev.c
@@ -29,8 +29,32 @@
 *
 */
-#include <sys/types.h>
+#include <openssl/objects.h>
+#include <openssl/engine.h>
+#include <openssl/evp.h>
+#if (defined(__unix__) || defined(unix)) && !defined(USG)
 #include <sys/param.h>
+# if (OpenBSD >= 200112) || ((__FreeBSD_version >= 470101 && __FreeBSD_version < 500000) || __FreeBSD_version >= 500041)
+# define HAVE_CRYPTODEV
+# endif
+# if (OpenBSD >= 200110)
+# define HAVE_SYSLOG_R
+# endif
+#endif
+#ifndef HAVE_CRYPTODEV
+void
+ENGINE_load_cryptodev(void)
+{
+        /* This is a NOP on platforms without /dev/crypto */
+        return;
+}
+#else 
+#include <sys/types.h>
 #include <crypto/cryptodev.h>
 #include <sys/ioctl.h>
 #include <errno.h>
@@ -39,9 +63,6 @@
 #include <fcntl.h>
 #include <stdarg.h>
 #include <syslog.h>
-#include <ssl/objects.h>
-#include <ssl/engine.h>
-#include <ssl/evp.h>
 #include <errno.h>
 #include <string.h>
@@ -101,10 +122,6 @@ static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p,
 void ENGINE_load_cryptodev(void);
 static const ENGINE_CMD_DEFN cryptodev_defns[] = {
-        {ENGINE_CMD_BASE,
-                "SO_PATH",
-                "Specifies the path to the some stupid shared library",
-                ENGINE_CMD_FLAG_STRING},
        { 0, NULL, NULL, 0 }
 };
@@ -1011,12 +1028,18 @@ static DH_METHOD cryptodev_dh = {
 static int
 cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
 {
+#ifdef HAVE_SYSLOG_R
        struct syslog_data sd = SYSLOG_DATA_INIT;
+#endif
        switch (cmd) {
        default:
+#ifdef HAVE_SYSLOG_R
                syslog_r(LOG_ERR, &sd,
                    "cryptodev_ctrl: unknown command %d", cmd);
+#else
+                syslog(LOG_ERR, "cryptodev_ctrl: unknown command %d", cmd);
+#endif
                break;
        }
        return (1);
@@ -1043,7 +1066,7 @@ ENGINE_load_cryptodev(void)
        close(fd);
        if (!ENGINE_set_id(engine, "cryptodev") ||
-            !ENGINE_set_name(engine, "OpenBSD cryptodev engine") ||
+            !ENGINE_set_name(engine, "BSD cryptodev engine") ||
            !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) ||
            !ENGINE_set_digests(engine, cryptodev_engine_digests) ||
            !ENGINE_set_ctrl_function(engine, cryptodev_ctrl) ||
@@ -1104,3 +1127,5 @@ ENGINE_load_cryptodev(void)
        ENGINE_free(engine);
        ERR_clear_error();
 }
+#endif /* HAVE_CRYPTODEV */
diff --git a/src/lib/libcrypto/engine/hw_cswift.c b/src/lib/libcrypto/engine/hw_cswift.c
index f5c897bdbb..f128ee5a68 100644
--- a/src/lib/libcrypto/engine/hw_cswift.c
+++ b/src/lib/libcrypto/engine/hw_cswift.c
@@ -121,6 +121,10 @@ static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r,
                const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
 #endif
+/* RAND stuff */
+static int cswift_rand_bytes(unsigned char *buf, int num);
+static int cswift_rand_status(void);
 /* The definitions for control commands specific to this engine */
 #define CSWIFT_CMD_SO_PATH              ENGINE_CMD_BASE
 static const ENGINE_CMD_DEFN cswift_cmd_defns[] = {
@@ -183,6 +187,18 @@ static DH_METHOD cswift_dh =
        };
 #endif
+static RAND_METHOD cswift_random =
+    {
+    /* "CryptoSwift RAND method", */
+    NULL,
+    cswift_rand_bytes,
+    NULL,
+    NULL,
+    cswift_rand_bytes,
+    cswift_rand_status,
+    };
 /* Constants used when creating the ENGINE */
 static const char *engine_cswift_id = "cswift";
 static const char *engine_cswift_name = "CryptoSwift hardware engine support";
@@ -208,6 +224,7 @@ static int bind_helper(ENGINE *e)
 #ifndef OPENSSL_NO_DH
                        !ENGINE_set_DH(e, &cswift_dh) ||
 #endif
+                        !ENGINE_set_RAND(e, &cswift_random) ||
                        !ENGINE_set_destroy_function(e, cswift_destroy) ||
                        !ENGINE_set_init_function(e, cswift_init) ||
                        !ENGINE_set_finish_function(e, cswift_finish) ||
@@ -242,6 +259,7 @@ static int bind_helper(ENGINE *e)
        return 1;
        }
+#ifndef ENGINE_DYNAMIC_SUPPORT
 static ENGINE *engine_cswift(void)
        {
        ENGINE *ret = ENGINE_new();
@@ -264,6 +282,7 @@ void ENGINE_load_cswift(void)
        ENGINE_free(toadd);
        ERR_clear_error();
        }
+#endif
 /* This is a process-global DSO handle used for loading and unloading
 * the CryptoSwift library. NB: This is only set (or unset) during an
@@ -905,6 +924,60 @@ static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r,
        }
 #endif
+/* Random bytes are good */
+static int cswift_rand_bytes(unsigned char *buf, int num)
+{
+        SW_CONTEXT_HANDLE hac;
+        SW_STATUS swrc;
+        SW_LARGENUMBER largenum;
+        size_t nbytes = 0;
+        int acquired = 0;
+        int to_return = 0; /* assume failure */
+        if (!get_context(&hac))
+        {
+                CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, CSWIFT_R_UNIT_FAILURE);
+                goto err;
+        }
+        acquired = 1;
+        while (nbytes < (size_t)num)
+        {
+                /* tell CryptoSwift how many bytes we want and where we want it.
+                 * Note: - CryptoSwift cannot do more than 4096 bytes at a time.
+                 *       - CryptoSwift can only do multiple of 32-bits. */
+                largenum.value = (SW_BYTE *) buf + nbytes;
+                if (4096 > num - nbytes)
+                        largenum.nbytes = num - nbytes;
+                else
+                        largenum.nbytes = 4096;
+                swrc = p_CSwift_SimpleRequest(hac, SW_CMD_RAND, NULL, 0, &largenum, 1);
+                if (swrc != SW_OK)
+                {
+                        char tmpbuf[20];
+                        CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, CSWIFT_R_REQUEST_FAILED);
+                        sprintf(tmpbuf, "%ld", swrc);
+                        ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
+                        goto err;
+                }
+                nbytes += largenum.nbytes;
+        }
+        to_return = 1;  /* success */
+err:
+        if (acquired)
+                release_context(hac);
+        return to_return;
+}
+static int cswift_rand_status(void)
+{
+        return 1;
+}
 /* This stuff is needed if this ENGINE is being compiled into a self-contained
 * shared-library. */
 #ifdef ENGINE_DYNAMIC_SUPPORT
diff --git a/src/lib/libcrypto/engine/hw_ncipher.c b/src/lib/libcrypto/engine/hw_ncipher.c
index a43d4360f2..0d1c6b8df0 100644
--- a/src/lib/libcrypto/engine/hw_ncipher.c
+++ b/src/lib/libcrypto/engine/hw_ncipher.c
@@ -91,11 +91,19 @@ static int hwcrhk_init(ENGINE *e);
 static int hwcrhk_finish(ENGINE *e);
 static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()); 
-/* Functions to handle mutexes */
+/* Functions to handle mutexes if have dynamic locks */
 static int hwcrhk_mutex_init(HWCryptoHook_Mutex*, HWCryptoHook_CallerContext*);
 static int hwcrhk_mutex_lock(HWCryptoHook_Mutex*);
 static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex*);
 static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex*);
+#if 1 /* This is a HACK which will disappear in 0.9.8 */
+/* Functions to handle mutexes if only have static locks */
+static int hwcrhk_static_mutex_init(HWCryptoHook_Mutex *m,
+                                    HWCryptoHook_CallerContext *c);
+static int hwcrhk_static_mutex_lock(HWCryptoHook_Mutex *m);
+static void hwcrhk_static_mutex_unlock(HWCryptoHook_Mutex *m);
+static void hwcrhk_static_mutex_destroy(HWCryptoHook_Mutex *m);
+#endif
 /* BIGNUM stuff */
 static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
@@ -373,6 +381,7 @@ static int bind_helper(ENGINE *e)
        return 1;
        }
+#ifndef ENGINE_DYNAMIC_SUPPORT
 static ENGINE *engine_ncipher(void)
        {
        ENGINE *ret = ENGINE_new();
@@ -395,6 +404,7 @@ void ENGINE_load_chil(void)
        ENGINE_free(toadd);
        ERR_clear_error();
        }
+#endif
 /* This is a process-global DSO handle used for loading and unloading
 * the HWCryptoHook library. NB: This is only set (or unset) during an
@@ -558,15 +568,31 @@ static int hwcrhk_init(ENGINE *e)
        /* Check if the application decided to support dynamic locks,
           and if it does, use them. */
-        if (disable_mutex_callbacks == 0 &&
+        if (disable_mutex_callbacks == 0)
-                CRYPTO_get_dynlock_create_callback() != NULL &&
-                CRYPTO_get_dynlock_lock_callback() != NULL &&
-                CRYPTO_get_dynlock_destroy_callback() != NULL)
                {
-                hwcrhk_globals.mutex_init = hwcrhk_mutex_init;
+                if (CRYPTO_get_dynlock_create_callback() != NULL &&
-                hwcrhk_globals.mutex_acquire = hwcrhk_mutex_lock;
+                        CRYPTO_get_dynlock_lock_callback() != NULL &&
-                hwcrhk_globals.mutex_release = hwcrhk_mutex_unlock;
+                        CRYPTO_get_dynlock_destroy_callback() != NULL)
-                hwcrhk_globals.mutex_destroy = hwcrhk_mutex_destroy;
+                        {
+                        hwcrhk_globals.mutex_init = hwcrhk_mutex_init;
+                        hwcrhk_globals.mutex_acquire = hwcrhk_mutex_lock;
+                        hwcrhk_globals.mutex_release = hwcrhk_mutex_unlock;
+                        hwcrhk_globals.mutex_destroy = hwcrhk_mutex_destroy;
+                        }
+                else if (CRYPTO_get_locking_callback() != NULL)
+                        {
+                        HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_DYNAMIC_LOCKING_MISSING);
+                        ERR_add_error_data(1,"You HAVE to add dynamic locking callbacks via CRYPTO_set_dynlock_{create,lock,destroy}_callback()");
+#if 1 /* This is a HACK which will disappear in 0.9.8 */
+                        hwcrhk_globals.maxmutexes    = 1; /* Only have one lock */
+                        hwcrhk_globals.mutex_init    = hwcrhk_static_mutex_init;
+                        hwcrhk_globals.mutex_acquire = hwcrhk_static_mutex_lock;
+                        hwcrhk_globals.mutex_release = hwcrhk_static_mutex_unlock;
+                        hwcrhk_globals.mutex_destroy = hwcrhk_static_mutex_destroy;
+#else
+                        goto err;
+#endif
+                        }
                }
        /* Try and get a context - if not, we may have a DSO but no
@@ -1020,7 +1046,7 @@ static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa)
                /* Perform the operation */
                ret = p_hwcrhk_ModExpCRT(hwcrhk_context, m_a, m_p, m_q,
-                        m_dmp1, m_dmq1, m_iqmp, &m_r, NULL);
+                        m_dmp1, m_dmq1, m_iqmp, &m_r, &rmsg);
                /* Convert the response */
                r->top = m_r.size / sizeof(BN_ULONG);
@@ -1171,6 +1197,26 @@ static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex *mt)
        CRYPTO_destroy_dynlockid(mt->lockid);
        }
+/* Mutex upcalls to use if the application does not support dynamic locks */
+static int hwcrhk_static_mutex_init(HWCryptoHook_Mutex *m,
+        HWCryptoHook_CallerContext *c)
+        {
+        return 0;
+        }
+static int hwcrhk_static_mutex_lock(HWCryptoHook_Mutex *m)
+        {
+        CRYPTO_w_lock(CRYPTO_LOCK_HWCRHK);
+        return 0;
+        }
+static void hwcrhk_static_mutex_unlock(HWCryptoHook_Mutex *m)
+        {
+        CRYPTO_w_unlock(CRYPTO_LOCK_HWCRHK);
+        }
+static void hwcrhk_static_mutex_destroy(HWCryptoHook_Mutex *m)
+        {
+        }
 static int hwcrhk_get_pass(const char *prompt_info,
        int *len_io, char *buf,
        HWCryptoHook_PassphraseContext *ppctx,
@@ -1318,7 +1364,7 @@ static void hwcrhk_log_message(void *logstr, const char *message)
                lstream=*(BIO **)logstr;
        if (lstream)
                {
-                BIO_write(lstream, message, strlen(message));
+                BIO_printf(lstream, "%s\n", message);
                }
        CRYPTO_w_unlock(CRYPTO_LOCK_BIO);
        }
diff --git a/src/lib/libcrypto/engine/hw_ncipher_err.c b/src/lib/libcrypto/engine/hw_ncipher_err.c
index 24024cfc6f..5bc94581b7 100644
--- a/src/lib/libcrypto/engine/hw_ncipher_err.c
+++ b/src/lib/libcrypto/engine/hw_ncipher_err.c
@@ -1,6 +1,6 @@
 /* hw_ncipher_err.c */
 /* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
@@ -86,6 +86,7 @@ static ERR_STRING_DATA HWCRHK_str_reasons[]=
 {HWCRHK_R_CHIL_ERROR                     ,"chil error"},
 {HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED   ,"ctrl command not implemented"},
 {HWCRHK_R_DSO_FAILURE                    ,"dso failure"},
+{HWCRHK_R_DYNAMIC_LOCKING_MISSING        ,"dynamic locking missing"},
 {HWCRHK_R_MISSING_KEY_COMPONENTS         ,"missing key components"},
 {HWCRHK_R_NOT_INITIALISED                ,"not initialised"},
 {HWCRHK_R_NOT_LOADED                     ,"not loaded"},
diff --git a/src/lib/libcrypto/engine/hw_ncipher_err.h b/src/lib/libcrypto/engine/hw_ncipher_err.h
index 4d65b1d470..d232d02319 100644
--- a/src/lib/libcrypto/engine/hw_ncipher_err.h
+++ b/src/lib/libcrypto/engine/hw_ncipher_err.h
@@ -84,6 +84,7 @@ static void ERR_HWCRHK_error(int function, int reason, char *file, int line);
 #define HWCRHK_R_CHIL_ERROR                              102
 #define HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED            103
 #define HWCRHK_R_DSO_FAILURE                             104
+#define HWCRHK_R_DYNAMIC_LOCKING_MISSING                 114
 #define HWCRHK_R_MISSING_KEY_COMPONENTS                  105
 #define HWCRHK_R_NOT_INITIALISED                         106
 #define HWCRHK_R_NOT_LOADED                              107
diff --git a/src/lib/libcrypto/engine/hw_nuron.c b/src/lib/libcrypto/engine/hw_nuron.c
index 130b6d8b40..fb9188bfe5 100644
--- a/src/lib/libcrypto/engine/hw_nuron.c
+++ b/src/lib/libcrypto/engine/hw_nuron.c
@@ -374,6 +374,7 @@ static int bind_helper(ENGINE *e)
        return 1;
        }
+#ifndef ENGINE_DYNAMIC_SUPPORT
 static ENGINE *engine_nuron(void)
        {
        ENGINE *ret = ENGINE_new();
@@ -396,6 +397,7 @@ void ENGINE_load_nuron(void)
        ENGINE_free(toadd);
        ERR_clear_error();
        }
+#endif
 /* This stuff is needed if this ENGINE is being compiled into a self-contained
 * shared-library. */      
diff --git a/src/lib/libcrypto/engine/hw_ubsec.c b/src/lib/libcrypto/engine/hw_ubsec.c
index ed8401ec16..6286dd851c 100644
--- a/src/lib/libcrypto/engine/hw_ubsec.c
+++ b/src/lib/libcrypto/engine/hw_ubsec.c
@@ -242,6 +242,7 @@ static int bind_helper(ENGINE *e)
        return 1;
        }
+#ifndef ENGINE_DYNAMIC_SUPPORT
 static ENGINE *engine_ubsec(void)
        {
        ENGINE *ret = ENGINE_new();
@@ -264,6 +265,7 @@ void ENGINE_load_ubsec(void)
        ENGINE_free(toadd);
        ERR_clear_error();
        }
+#endif
 /* This is a process-global DSO handle used for loading and unloading
 * the UBSEC library. NB: This is only set (or unset) during an
diff --git a/src/lib/libcrypto/engine/tb_cipher.c b/src/lib/libcrypto/engine/tb_cipher.c
index c5a50fc910..50b3cec1fa 100644
--- a/src/lib/libcrypto/engine/tb_cipher.c
+++ b/src/lib/libcrypto/engine/tb_cipher.c
@@ -81,7 +81,7 @@ int ENGINE_register_ciphers(ENGINE *e)
                int num_nids = e->ciphers(e, NULL, &nids, 0);
                if(num_nids > 0)
                        return engine_table_register(&cipher_table,
-                                        &engine_unregister_all_ciphers, e, nids,
+                                        engine_unregister_all_ciphers, e, nids,
                                        num_nids, 0);
                }
        return 1;
@@ -103,7 +103,7 @@ int ENGINE_set_default_ciphers(ENGINE *e)
                int num_nids = e->ciphers(e, NULL, &nids, 0);
                if(num_nids > 0)
                        return engine_table_register(&cipher_table,
-                                        &engine_unregister_all_ciphers, e, nids,
+                                        engine_unregister_all_ciphers, e, nids,
                                        num_nids, 1);
                }
        return 1;
diff --git a/src/lib/libcrypto/engine/tb_dh.c b/src/lib/libcrypto/engine/tb_dh.c
index c9347235ea..e290e1702b 100644
--- a/src/lib/libcrypto/engine/tb_dh.c
+++ b/src/lib/libcrypto/engine/tb_dh.c
@@ -78,7 +78,7 @@ int ENGINE_register_DH(ENGINE *e)
        {
        if(e->dh_meth)
                return engine_table_register(&dh_table,
-                                &engine_unregister_all_DH, e, &dummy_nid, 1, 0);
+                                engine_unregister_all_DH, e, &dummy_nid, 1, 0);
        return 1;
        }
@@ -94,7 +94,7 @@ int ENGINE_set_default_DH(ENGINE *e)
        {
        if(e->dh_meth)
                return engine_table_register(&dh_table,
-                                &engine_unregister_all_DH, e, &dummy_nid, 1, 1);
+                                engine_unregister_all_DH, e, &dummy_nid, 1, 1);
        return 1;
        }
diff --git a/src/lib/libcrypto/engine/tb_digest.c b/src/lib/libcrypto/engine/tb_digest.c
index 2c4dd6f796..e82d2a17c9 100644
--- a/src/lib/libcrypto/engine/tb_digest.c
+++ b/src/lib/libcrypto/engine/tb_digest.c
@@ -81,7 +81,7 @@ int ENGINE_register_digests(ENGINE *e)
                int num_nids = e->digests(e, NULL, &nids, 0);
                if(num_nids > 0)
                        return engine_table_register(&digest_table,
-                                        &engine_unregister_all_digests, e, nids,
+                                        engine_unregister_all_digests, e, nids,
                                        num_nids, 0);
                }
        return 1;
@@ -103,7 +103,7 @@ int ENGINE_set_default_digests(ENGINE *e)
                int num_nids = e->digests(e, NULL, &nids, 0);
                if(num_nids > 0)
                        return engine_table_register(&digest_table,
-                                        &engine_unregister_all_digests, e, nids,
+                                        engine_unregister_all_digests, e, nids,
                                        num_nids, 1);
                }
        return 1;
diff --git a/src/lib/libcrypto/engine/tb_dsa.c b/src/lib/libcrypto/engine/tb_dsa.c
index e9209476b8..80170591f2 100644
--- a/src/lib/libcrypto/engine/tb_dsa.c
+++ b/src/lib/libcrypto/engine/tb_dsa.c
@@ -78,7 +78,7 @@ int ENGINE_register_DSA(ENGINE *e)
        {
        if(e->dsa_meth)
                return engine_table_register(&dsa_table,
-                                &engine_unregister_all_DSA, e, &dummy_nid, 1, 0);
+                                engine_unregister_all_DSA, e, &dummy_nid, 1, 0);
        return 1;
        }
@@ -94,7 +94,7 @@ int ENGINE_set_default_DSA(ENGINE *e)
        {
        if(e->dsa_meth)
                return engine_table_register(&dsa_table,
-                                &engine_unregister_all_DSA, e, &dummy_nid, 1, 0);
+                                engine_unregister_all_DSA, e, &dummy_nid, 1, 0);
        return 1;
        }
diff --git a/src/lib/libcrypto/engine/tb_rand.c b/src/lib/libcrypto/engine/tb_rand.c
index 0b1d031f1e..69b67111bc 100644
--- a/src/lib/libcrypto/engine/tb_rand.c
+++ b/src/lib/libcrypto/engine/tb_rand.c
@@ -78,7 +78,7 @@ int ENGINE_register_RAND(ENGINE *e)
        {
        if(e->rand_meth)
                return engine_table_register(&rand_table,
-                                &engine_unregister_all_RAND, e, &dummy_nid, 1, 0);
+                                engine_unregister_all_RAND, e, &dummy_nid, 1, 0);
        return 1;
        }
@@ -94,7 +94,7 @@ int ENGINE_set_default_RAND(ENGINE *e)
        {
        if(e->rand_meth)
                return engine_table_register(&rand_table,
-                                &engine_unregister_all_RAND, e, &dummy_nid, 1, 1);
+                                engine_unregister_all_RAND, e, &dummy_nid, 1, 1);
        return 1;
        }
diff --git a/src/lib/libcrypto/engine/tb_rsa.c b/src/lib/libcrypto/engine/tb_rsa.c
index f84fea3968..fee4867f52 100644
--- a/src/lib/libcrypto/engine/tb_rsa.c
+++ b/src/lib/libcrypto/engine/tb_rsa.c
@@ -78,7 +78,7 @@ int ENGINE_register_RSA(ENGINE *e)
        {
        if(e->rsa_meth)
                return engine_table_register(&rsa_table,
-                                &engine_unregister_all_RSA, e, &dummy_nid, 1, 0);
+                                engine_unregister_all_RSA, e, &dummy_nid, 1, 0);
        return 1;
        }
@@ -94,7 +94,7 @@ int ENGINE_set_default_RSA(ENGINE *e)
        {
        if(e->rsa_meth)
                return engine_table_register(&rsa_table,
-                                &engine_unregister_all_RSA, e, &dummy_nid, 1, 1);
+                                engine_unregister_all_RSA, e, &dummy_nid, 1, 1);
        return 1;
        }