diff --git a/CHANGES b/CHANGES
index 95aabc64..cc142508 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2,6 +2,110 @@
  OpenSSL CHANGES
  _______________
 
+ This is a high-level summary of the most important changes.
+ For a full list of changes, see the git commit log; for example,
+ https://github.com/openssl/openssl/commits/ and pick the appropriate
+ release branch.
+
+ Changes between 1.0.2n and 1.0.2o [27 Mar 2018]
+
+  *) Constructed ASN.1 types with a recursive definition could exceed the stack
+
+     Constructed ASN.1 types with a recursive definition (such as can be found
+     in PKCS7) could eventually exceed the stack given malicious input with
+     excessive recursion. This could result in a Denial Of Service attack. There
+     are no such structures used within SSL/TLS that come from untrusted sources
+     so this is considered safe.
+
+     This issue was reported to OpenSSL on 4th January 2018 by the OSS-fuzz
+     project.
+     (CVE-2018-0739)
+     [Matt Caswell]
+
+ Changes between 1.0.2m and 1.0.2n [7 Dec 2017]
+
+  *) Read/write after SSL object in error state
+
+     OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error state"
+     mechanism. The intent was that if a fatal error occurred during a handshake
+     then OpenSSL would move into the error state and would immediately fail if
+     you attempted to continue the handshake. This works as designed for the
+     explicit handshake functions (SSL_do_handshake(), SSL_accept() and
+     SSL_connect()), however due to a bug it does not work correctly if
+     SSL_read() or SSL_write() is called directly. In that scenario, if the
+     handshake fails then a fatal error will be returned in the initial function
+     call. If SSL_read()/SSL_write() is subsequently called by the application
+     for the same SSL object then it will succeed and the data is passed without
+     being decrypted/encrypted directly from the SSL/TLS record layer.
+
+     In order to exploit this issue an application bug would have to be present
+     that resulted in a call to SSL_read()/SSL_write() being issued after having
+     already received a fatal error.
+
+     This issue was reported to OpenSSL by David Benjamin (Google).
+     (CVE-2017-3737)
+     [Matt Caswell]
+
+  *) rsaz_1024_mul_avx2 overflow bug on x86_64
+
+     There is an overflow bug in the AVX2 Montgomery multiplication procedure
+     used in exponentiation with 1024-bit moduli. No EC algorithms are affected.
+     Analysis suggests that attacks against RSA and DSA as a result of this
+     defect would be very difficult to perform and are not believed likely.
+     Attacks against DH1024 are considered just feasible, because most of the
+     work necessary to deduce information about a private key may be performed
+     offline. The amount of resources required for such an attack would be
+     significant. However, for an attack on TLS to be meaningful, the server
+     would have to share the DH1024 private key among multiple clients, which is
+     no longer an option since CVE-2016-0701.
+
+     This only affects processors that support the AVX2 but not ADX extensions
+     like Intel Haswell (4th generation).
+
+     This issue was reported to OpenSSL by David Benjamin (Google). The issue
+     was originally found via the OSS-Fuzz project.
+     (CVE-2017-3738)
+     [Andy Polyakov]
+
+ Changes between 1.0.2l and 1.0.2m [2 Nov 2017]
+
+  *) bn_sqrx8x_internal carry bug on x86_64
+
+     There is a carry propagating bug in the x86_64 Montgomery squaring
+     procedure. No EC algorithms are affected. Analysis suggests that attacks
+     against RSA and DSA as a result of this defect would be very difficult to
+     perform and are not believed likely. Attacks against DH are considered just
+     feasible (although very difficult) because most of the work necessary to
+     deduce information about a private key may be performed offline. The amount
+     of resources required for such an attack would be very significant and
+     likely only accessible to a limited number of attackers. An attacker would
+     additionally need online access to an unpatched system using the target
+     private key in a scenario with persistent DH parameters and a private
+     key that is shared between multiple clients.
+
+     This only affects processors that support the BMI1, BMI2 and ADX extensions
+     like Intel Broadwell (5th generation) and later or AMD Ryzen.
+
+     This issue was reported to OpenSSL by the OSS-Fuzz project.
+     (CVE-2017-3736)
+     [Andy Polyakov]
+
+  *) Malformed X.509 IPAddressFamily could cause OOB read
+
+     If an X.509 certificate has a malformed IPAddressFamily extension,
+     OpenSSL could do a one-byte buffer overread. The most likely result
+     would be an erroneous display of the certificate in text format.
+
+     This issue was reported to OpenSSL by the OSS-Fuzz project.
+     (CVE-2017-3735)
+     [Rich Salz]
+
+ Changes between 1.0.2k and 1.0.2l [25 May 2017]
+
+  *) Have 'config' recognise 64-bit mingw and choose 'mingw64' as the target
+     platform rather than 'mingw'.
+     [Richard Levitte]
+
  Changes between 1.0.2j and 1.0.2k [26 Jan 2017]
 
   *) Truncated packet could crash via OOB read
@@ -1923,8 +2027,11 @@
      to work with OPENSSL_NO_SSL_INTERN defined.
      [Steve Henson]
 
-  *) Add SRP support.
-     [Tom Wu <tjw@cs.stanford.edu> and Ben Laurie]
+  *) A long standing patch to add support for SRP from EdelWeb (Peter
+     Sylvester and Christophe Renou) was integrated.
+     [Christophe Renou <christophe.renou@edelweb.fr>, Peter Sylvester
+     <peter.sylvester@edelweb.fr>, Tom Wu <tjw@cs.stanford.edu>, and
+     Ben Laurie]
 
   *) Add functions to copy EVP_PKEY_METHOD and retrieve flags and id.
      [Steve Henson]
diff --git a/Configure b/Configure
index 5da7cadb..744b493b 100644
--- a/Configure
+++ b/Configure
@@ -109,7 +109,7 @@ my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimenta
 # Minimum warning options... any contributions to OpenSSL should at least get
 # past these. 
 
-my $gcc_devteam_warn = "-Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DOPENSSL_NO_DEPRECATED";
+my $gcc_devteam_warn = "-Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Wundef -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DOPENSSL_NO_DEPRECATED";
 
 # TODO(openssl-team): fix problems and investigate if (at least) the following
 # warnings can also be enabled:
@@ -354,7 +354,7 @@ my %table=(
 "hpux-gcc",	"gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown)::-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 
 #### HP MPE/iX http://jazz.external.hp.com/src/openssl/
-"MPE/iX-gcc",	"gcc:-D_ENDIAN -DBN_DIV2W -O3 -D_POSIX_SOURCE -D_SOCKET_SOURCE -I/SYSLOG/PUB::(unknown):MPE:-L/SYSLOG/PUB -lsyslog -lsocket -lcurses:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:::",
+"MPE/iX-gcc",	"gcc:-DBN_DIV2W -O3 -D_POSIX_SOURCE -D_SOCKET_SOURCE -I/SYSLOG/PUB::(unknown):MPE:-L/SYSLOG/PUB -lsyslog -lsocket -lcurses:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:::",
 
 # DEC Alpha OSF/1/Tru64 targets.
 #
@@ -592,9 +592,9 @@ my %table=(
 "debug-VC-WIN64A","cl:-W3 -Gs0 -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64A::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:".eval{my $asm=$x86_64_asm;$asm=~s/x86_64-gcc\.o/bn_asm.o/;$asm}.":auto:win32",
 # x86 Win32 target defaults to ANSI API, if you want UNICODE, complement
 # 'perl Configure VC-WIN32' with '-DUNICODE -D_UNICODE'
-"VC-WIN32","cl:-W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE:::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${x86_asm}:win32n:win32",
+"VC-WIN32","cl:-W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS:::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${x86_asm}:win32n:win32",
 # Unified CE target
-"debug-VC-WIN32","cl:-W3 -Gs0 -GF -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE:::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${x86_asm}:win32n:win32",
+"debug-VC-WIN32","cl:-W3 -WX -Gs0 -GF -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS:::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${x86_asm}:win32n:win32",
 "VC-CE","cl::::WINCE::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${no_asm}:win32",
 
 # Borland C++ 4.5
@@ -1269,7 +1269,7 @@ my ($prelflags,$postlflags)=split('%',$lflags);
 if (defined($postlflags))	{ $lflags=$postlflags;	}
 else				{ $lflags=$prelflags; undef $prelflags;	}
 
-if ($target =~ /^mingw/ && `$cc --target-help 2>&1` !~ m/\-mno\-cygwin/m)
+if ($target =~ /^mingw/ && `$cross_compile_prefix$cc --target-help 2>&1` !~ m/\-mno\-cygwin/m)
 	{
 	$cflags =~ s/\-mno\-cygwin\s*//;
 	$shared_ldflag =~ s/\-mno\-cygwin\s*//;
@@ -1661,18 +1661,25 @@ if ($shlib_version_number =~ /(^[0-9]*)\.([0-9\.]*)/)
 	$shlib_minor=$2;
 	}
 
-my $ecc = $cc;
-$ecc = "clang" if `$cc --version 2>&1` =~ /clang/;
+my %predefined;
+
+# collect compiler pre-defines from gcc or gcc-alike...
+open(PIPE, "$cross_compile_prefix$cc -dM -E -x c /dev/null 2>&1 |");
+while (<PIPE>) {
+  m/^#define\s+(\w+(?:\(\w+\))?)(?:\s+(.+))?/ or last;
+  $predefined{$1} = defined($2) ? $2 : "";
+}
+close(PIPE);
 
 if ($strict_warnings)
 	{
 	my $wopt;
-	die "ERROR --strict-warnings requires gcc or clang" unless ($ecc =~ /gcc$/ or $ecc =~ /clang$/);
+	die "ERROR --strict-warnings requires gcc or clang" unless defined($predefined{__GNUC__});
 	foreach $wopt (split /\s+/, $gcc_devteam_warn)
 		{
 		$cflags .= " $wopt" unless ($cflags =~ /(^|\s)$wopt(\s|$)/)
 		}
-	if ($ecc eq "clang")
+	if (defined($predefined{__clang__}))
 		{
 		foreach $wopt (split /\s+/, $clang_devteam_warn)
 			{
@@ -1723,15 +1730,14 @@ while (<IN>)
 		s/^NM=\s*/NM= \$\(CROSS_COMPILE\)/;
 		s/^RANLIB=\s*/RANLIB= \$\(CROSS_COMPILE\)/;
 		s/^RC=\s*/RC= \$\(CROSS_COMPILE\)/;
-		s/^MAKEDEPPROG=.*$/MAKEDEPPROG= \$\(CROSS_COMPILE\)$cc/ if $cc eq "gcc";
+		s/^MAKEDEPPROG=.*$/MAKEDEPPROG= \$\(CROSS_COMPILE\)$cc/ if $predefined{__GNUC__} >= 3;
 		}
 	else	{
 		s/^CC=.*$/CC= $cc/;
 		s/^AR=\s*ar/AR= $ar/;
 		s/^RANLIB=.*/RANLIB= $ranlib/;
 		s/^RC=.*/RC= $windres/;
-		s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $cc eq "gcc";
-		s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $ecc eq "gcc" || $ecc eq "clang";
+		s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $predefined{__GNUC__} >= 3;
 		}
 	s/^CFLAG=.*$/CFLAG= $cflags/;
 	s/^DEPFLAG=.*$/DEPFLAG=$depflags/;
@@ -2041,12 +2047,13 @@ EOF
 	close(OUT);
 } else {
 	my $make_command = "$make PERL=\'$perl\'";
-	my $make_targets = "";
-	$make_targets .= " links" if $symlink;
-	$make_targets .= " depend" if $depflags ne $default_depflags && $make_depend;
-	$make_targets .= " gentests" if $symlink;
-	(system $make_command.$make_targets) == 0 or exit $?
-		if $make_targets ne "";
+	my @make_targets = ();
+	push @make_targets, "links" if $symlink;
+	push @make_targets, "depend" if $depflags ne $default_depflags && $make_depend;
+	push @make_targets, "gentests" if $symlink;
+	foreach my $make_target (@make_targets) {
+	    (system "$make_command $make_target") == 0 or exit $?;
+	}
 	if ( $perl =~ m@^/@) {
 	    &dofile("tools/c_rehash",$perl,'^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";', '^my \$prefix;$', 'my $prefix = "' . $prefix . '";');
 	    &dofile("apps/CA.pl",$perl,'^#!/', '#!%s');
@@ -2056,8 +2063,8 @@ EOF
 	    &dofile("apps/CA.pl",'/usr/local/bin/perl','^#!/', '#!%s');
 	}
 	if ($depflags ne $default_depflags && !$make_depend) {
-            $warn_make_depend++;
-        }
+	    $warn_make_depend++;
+	}
 }
 
 # create the ms/version32.rc file if needed
diff --git a/INSTALL b/INSTALL
index aa7e35fa..fcdbfc0a 100644
--- a/INSTALL
+++ b/INSTALL
@@ -190,10 +190,8 @@
      the failure that isn't a problem in OpenSSL itself (like a missing
      or malfunctioning bc).  If it is a problem with OpenSSL itself,
      try removing any compiler optimization flags from the CFLAG line
-     in Makefile.ssl and run "make clean; make". Please send a bug
-     report to <openssl-bugs@openssl.org>, including the output of
-     "make report" in order to be added to the request tracker at
-     http://www.openssl.org/support/rt.html.
+     in Makefile.ssl and run "make clean; make". To report a bug please open an
+     issue on GitHub, at https://github.com/openssl/openssl/issues.
 
   4. If everything tests ok, install OpenSSL with
 
diff --git a/LICENSE b/LICENSE
index fb03713d..b1fa6f9f 100644
--- a/LICENSE
+++ b/LICENSE
@@ -2,7 +2,7 @@
   LICENSE ISSUES
   ==============
 
-  The OpenSSL toolkit stays under a dual license, i.e. both the conditions of
+  The OpenSSL toolkit stays under a double license, i.e. both the conditions of
   the OpenSSL License and the original SSLeay license apply to the toolkit.
   See below for the actual license texts. Actually both licenses are BSD-style
   Open Source licenses. In case of any license issues related to OpenSSL
@@ -12,7 +12,7 @@
   ---------------
 
 /* ====================================================================
- * Copyright (c) 1998-2016 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2018 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
diff --git a/MINFO b/MINFO
index 4ad21a55..4b193976 100644
--- a/MINFO
+++ b/MINFO
@@ -3,17 +3,17 @@ AES_ENC=aes-586.o vpaes-x86.o aesni-x86.o
 AR=ar  r
 ARFLAGS=
 AS=cl -c
-ASFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+ASFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 BASEADDR=0xFB00000
 BASENAME=openssl
 BF_ENC=bf-586.o
 BN_ASM=bn-586.o co-586.o x86-mont.o x86-gf2m.o
-BUILDENV=LC_ALL=C PLATFORM='VC-WIN32' PROCESSOR='' CC='cl' CFLAG='-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM' AS='cl' ASFLAG='-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -c' AR='ar  r' NM='nm' RANLIB='true' RC='windres' CROSS_COMPILE='' PERL='perl' ENGDIRS='ccgost' SDIRS='objects md4 md5 sha hmac ripemd whrlpool des aes rc2 rc4 bf cast camellia seed modes bn ec rsa dsa ecdsa dh ecdh dso engine buffer bio stack lhash rand err evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 cms pqueue ts srp cmac' LIBRPATH='/usr/local/ssl/lib' INSTALL_PREFIX='' INSTALLTOP='/usr/local/ssl' OPENSSLDIR='/usr/local/ssl' LIBDIR='lib' MAKEDEPEND='$$$./util/domd $$$. -MD makedepend' DEPFLAG='-DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_IDEA -DOPENSSL_NO_JPAKE -DOPENSSL_NO_LIBUNBOUND -DOPENSSL_NO_MD2 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_SSL_TRACE -DOPENSSL_NO_SSL2 -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST -DOPENSSL_NO_WEAK_SSL_CIPHERS' MAKEDEPPROG='makedepend' SHARED_LDFLAGS='' KRB5_INCLUDES='' LIBKRB5='' ZLIB_INCLUDE='' LIBZLIB='' EXE_EXT='' SHARED_LIBS='' SHLIB_EXT='' SHLIB_TARGET='' PEX_LIBS='' EX_LIBS='' CPUID_OBJ='x86cpuid.o' BN_ASM='bn-586.o co-586.o x86-mont.o x86-gf2m.o' EC_ASM='' DES_ENC='des-586.o crypt586.o' AES_ENC='aes-586.o vpaes-x86.o aesni-x86.o' CMLL_ENC='cmll-x86.o' BF_ENC='bf-586.o' CAST_ENC='cast-586.o' RC4_ENC='rc4-586.o' RC5_ENC='rc5-586.o' SHA1_ASM_OBJ='sha1-586.o sha256-586.o sha512-586.o' MD5_ASM_OBJ='md5-586.o' RMD160_ASM_OBJ='rmd-586.o' WP_ASM_OBJ='wp_block.o wp-mmx.o' MODES_ASM_OBJ='ghash-x86.o' ENGINES_ASM_OBJ='' PERLASM_SCHEME='win32n' FIPSLIBDIR='' FIPSDIR='/usr/local/ssl/fips-2.0' FIPSCANLIB="$}" THIS=$ MAKEFILE=Makefile MAKEOVERRIDES=
-BUILD_CMD=if [ -d "$$dir" ]; then ( cd $$dir && echo "making $$target in $$dir..." && TOP= && unset TOP $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ &&  -e LC_ALL=C PLATFORM='VC-WIN32' PROCESSOR='' CC='cl' CFLAG='-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM' AS='cl' ASFLAG='-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -c' AR='ar  r' NM='nm' RANLIB='true' RC='windres' CROSS_COMPILE='' PERL='perl' ENGDIRS='ccgost' SDIRS='objects md4 md5 sha hmac ripemd whrlpool des aes rc2 rc4 bf cast camellia seed modes bn ec rsa dsa ecdsa dh ecdh dso engine buffer bio stack lhash rand err evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 cms pqueue ts srp cmac' LIBRPATH='/usr/local/ssl/lib' INSTALL_PREFIX='' INSTALLTOP='/usr/local/ssl' OPENSSLDIR='/usr/local/ssl' LIBDIR='lib' MAKEDEPEND='$$$./util/domd $$$. -MD makedepend' DEPFLAG='-DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_IDEA -DOPENSSL_NO_JPAKE -DOPENSSL_NO_LIBUNBOUND -DOPENSSL_NO_MD2 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_SSL_TRACE -DOPENSSL_NO_SSL2 -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST -DOPENSSL_NO_WEAK_SSL_CIPHERS' MAKEDEPPROG='makedepend' SHARED_LDFLAGS='' KRB5_INCLUDES='' LIBKRB5='' ZLIB_INCLUDE='' LIBZLIB='' EXE_EXT='' SHARED_LIBS='' SHLIB_EXT='' SHLIB_TARGET='' PEX_LIBS='' EX_LIBS='' CPUID_OBJ='x86cpuid.o' BN_ASM='bn-586.o co-586.o x86-mont.o x86-gf2m.o' EC_ASM='' DES_ENC='des-586.o crypt586.o' AES_ENC='aes-586.o vpaes-x86.o aesni-x86.o' CMLL_ENC='cmll-x86.o' BF_ENC='bf-586.o' CAST_ENC='cast-586.o' RC4_ENC='rc4-586.o' RC5_ENC='rc5-586.o' SHA1_ASM_OBJ='sha1-586.o sha256-586.o sha512-586.o' MD5_ASM_OBJ='md5-586.o' RMD160_ASM_OBJ='rmd-586.o' WP_ASM_OBJ='wp_block.o wp-mmx.o' MODES_ASM_OBJ='ghash-x86.o' ENGINES_ASM_OBJ='' PERLASM_SCHEME='win32n' FIPSLIBDIR='' FIPSDIR='/usr/local/ssl/fips-2.0' FIPSCANLIB="$}" THIS=$ MAKEFILE=Makefile MAKEOVERRIDES= TOP=.. DIR=$$dir $$target ) || exit 1; fi
-BUILD_ONE_CMD=if expr " crypto ssl engines apps test tools " : ".* $$dir " >/dev/null 2>&1; then if [ -d "$$dir" ]; then ( cd $$dir && echo "making $$target in $$dir..." && TOP= && unset TOP $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ &&  -e LC_ALL=C PLATFORM='VC-WIN32' PROCESSOR='' CC='cl' CFLAG='-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM' AS='cl' ASFLAG='-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -c' AR='ar  r' NM='nm' RANLIB='true' RC='windres' CROSS_COMPILE='' PERL='perl' ENGDIRS='ccgost' SDIRS='objects md4 md5 sha hmac ripemd whrlpool des aes rc2 rc4 bf cast camellia seed modes bn ec rsa dsa ecdsa dh ecdh dso engine buffer bio stack lhash rand err evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 cms pqueue ts srp cmac' LIBRPATH='/usr/local/ssl/lib' INSTALL_PREFIX='' INSTALLTOP='/usr/local/ssl' OPENSSLDIR='/usr/local/ssl' LIBDIR='lib' MAKEDEPEND='$$$./util/domd $$$. -MD makedepend' DEPFLAG='-DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_IDEA -DOPENSSL_NO_JPAKE -DOPENSSL_NO_LIBUNBOUND -DOPENSSL_NO_MD2 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_SSL_TRACE -DOPENSSL_NO_SSL2 -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST -DOPENSSL_NO_WEAK_SSL_CIPHERS' MAKEDEPPROG='makedepend' SHARED_LDFLAGS='' KRB5_INCLUDES='' LIBKRB5='' ZLIB_INCLUDE='' LIBZLIB='' EXE_EXT='' SHARED_LIBS='' SHLIB_EXT='' SHLIB_TARGET='' PEX_LIBS='' EX_LIBS='' CPUID_OBJ='x86cpuid.o' BN_ASM='bn-586.o co-586.o x86-mont.o x86-gf2m.o' EC_ASM='' DES_ENC='des-586.o crypt586.o' AES_ENC='aes-586.o vpaes-x86.o aesni-x86.o' CMLL_ENC='cmll-x86.o' BF_ENC='bf-586.o' CAST_ENC='cast-586.o' RC4_ENC='rc4-586.o' RC5_ENC='rc5-586.o' SHA1_ASM_OBJ='sha1-586.o sha256-586.o sha512-586.o' MD5_ASM_OBJ='md5-586.o' RMD160_ASM_OBJ='rmd-586.o' WP_ASM_OBJ='wp_block.o wp-mmx.o' MODES_ASM_OBJ='ghash-x86.o' ENGINES_ASM_OBJ='' PERLASM_SCHEME='win32n' FIPSLIBDIR='' FIPSDIR='/usr/local/ssl/fips-2.0' FIPSCANLIB="$}" THIS=$ MAKEFILE=Makefile MAKEOVERRIDES= TOP=.. DIR=$$dir $$target ) || exit 1; fi; fi
+BUILDENV=LC_ALL=C PLATFORM='VC-WIN32' PROCESSOR='' CC='cl' CFLAG='-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM' AS='cl' ASFLAG='-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -c' AR='ar  r' NM='nm' RANLIB='true' RC='windres' CROSS_COMPILE='' PERL='perl' ENGDIRS='ccgost' SDIRS='objects md4 md5 sha hmac ripemd whrlpool des aes rc2 rc4 bf cast camellia seed modes bn ec rsa dsa ecdsa dh ecdh dso engine buffer bio stack lhash rand err evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 cms pqueue ts srp cmac' LIBRPATH='/usr/local/ssl/lib' INSTALL_PREFIX='' INSTALLTOP='/usr/local/ssl' OPENSSLDIR='/usr/local/ssl' LIBDIR='lib' MAKEDEPEND='$$$./util/domd $$$. -MD makedepend' DEPFLAG='-DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_IDEA -DOPENSSL_NO_JPAKE -DOPENSSL_NO_LIBUNBOUND -DOPENSSL_NO_MD2 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_SSL_TRACE -DOPENSSL_NO_SSL2 -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST -DOPENSSL_NO_WEAK_SSL_CIPHERS' MAKEDEPPROG='makedepend' SHARED_LDFLAGS='' KRB5_INCLUDES='' LIBKRB5='' ZLIB_INCLUDE='' LIBZLIB='' EXE_EXT='' SHARED_LIBS='' SHLIB_EXT='' SHLIB_TARGET='' PEX_LIBS='' EX_LIBS='' CPUID_OBJ='x86cpuid.o' BN_ASM='bn-586.o co-586.o x86-mont.o x86-gf2m.o' EC_ASM='' DES_ENC='des-586.o crypt586.o' AES_ENC='aes-586.o vpaes-x86.o aesni-x86.o' CMLL_ENC='cmll-x86.o' BF_ENC='bf-586.o' CAST_ENC='cast-586.o' RC4_ENC='rc4-586.o' RC5_ENC='rc5-586.o' SHA1_ASM_OBJ='sha1-586.o sha256-586.o sha512-586.o' MD5_ASM_OBJ='md5-586.o' RMD160_ASM_OBJ='rmd-586.o' WP_ASM_OBJ='wp_block.o wp-mmx.o' MODES_ASM_OBJ='ghash-x86.o' ENGINES_ASM_OBJ='' PERLASM_SCHEME='win32n' FIPSLIBDIR='' FIPSDIR='/usr/local/ssl/fips-2.0' FIPSCANLIB="$}" THIS=$ MAKEFILE=Makefile MAKEOVERRIDES=
+BUILD_CMD=if [ -d "$$dir" ]; then ( cd $$dir && echo "making $$target in $$dir..." && TOP= && unset TOP $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ &&  -e LC_ALL=C PLATFORM='VC-WIN32' PROCESSOR='' CC='cl' CFLAG='-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM' AS='cl' ASFLAG='-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -c' AR='ar  r' NM='nm' RANLIB='true' RC='windres' CROSS_COMPILE='' PERL='perl' ENGDIRS='ccgost' SDIRS='objects md4 md5 sha hmac ripemd whrlpool des aes rc2 rc4 bf cast camellia seed modes bn ec rsa dsa ecdsa dh ecdh dso engine buffer bio stack lhash rand err evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 cms pqueue ts srp cmac' LIBRPATH='/usr/local/ssl/lib' INSTALL_PREFIX='' INSTALLTOP='/usr/local/ssl' OPENSSLDIR='/usr/local/ssl' LIBDIR='lib' MAKEDEPEND='$$$./util/domd $$$. -MD makedepend' DEPFLAG='-DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_IDEA -DOPENSSL_NO_JPAKE -DOPENSSL_NO_LIBUNBOUND -DOPENSSL_NO_MD2 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_SSL_TRACE -DOPENSSL_NO_SSL2 -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST -DOPENSSL_NO_WEAK_SSL_CIPHERS' MAKEDEPPROG='makedepend' SHARED_LDFLAGS='' KRB5_INCLUDES='' LIBKRB5='' ZLIB_INCLUDE='' LIBZLIB='' EXE_EXT='' SHARED_LIBS='' SHLIB_EXT='' SHLIB_TARGET='' PEX_LIBS='' EX_LIBS='' CPUID_OBJ='x86cpuid.o' BN_ASM='bn-586.o co-586.o x86-mont.o x86-gf2m.o' EC_ASM='' DES_ENC='des-586.o crypt586.o' AES_ENC='aes-586.o vpaes-x86.o aesni-x86.o' CMLL_ENC='cmll-x86.o' BF_ENC='bf-586.o' CAST_ENC='cast-586.o' RC4_ENC='rc4-586.o' RC5_ENC='rc5-586.o' SHA1_ASM_OBJ='sha1-586.o sha256-586.o sha512-586.o' MD5_ASM_OBJ='md5-586.o' RMD160_ASM_OBJ='rmd-586.o' WP_ASM_OBJ='wp_block.o wp-mmx.o' MODES_ASM_OBJ='ghash-x86.o' ENGINES_ASM_OBJ='' PERLASM_SCHEME='win32n' FIPSLIBDIR='' FIPSDIR='/usr/local/ssl/fips-2.0' FIPSCANLIB="$}" THIS=$ MAKEFILE=Makefile MAKEOVERRIDES= TOP=.. DIR=$$dir $$target ) || exit 1; fi
+BUILD_ONE_CMD=if expr " crypto ssl engines apps test tools " : ".* $$dir " >/dev/null 2>&1; then if [ -d "$$dir" ]; then ( cd $$dir && echo "making $$target in $$dir..." && TOP= && unset TOP $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ &&  -e LC_ALL=C PLATFORM='VC-WIN32' PROCESSOR='' CC='cl' CFLAG='-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM' AS='cl' ASFLAG='-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -c' AR='ar  r' NM='nm' RANLIB='true' RC='windres' CROSS_COMPILE='' PERL='perl' ENGDIRS='ccgost' SDIRS='objects md4 md5 sha hmac ripemd whrlpool des aes rc2 rc4 bf cast camellia seed modes bn ec rsa dsa ecdsa dh ecdh dso engine buffer bio stack lhash rand err evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 cms pqueue ts srp cmac' LIBRPATH='/usr/local/ssl/lib' INSTALL_PREFIX='' INSTALLTOP='/usr/local/ssl' OPENSSLDIR='/usr/local/ssl' LIBDIR='lib' MAKEDEPEND='$$$./util/domd $$$. -MD makedepend' DEPFLAG='-DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_IDEA -DOPENSSL_NO_JPAKE -DOPENSSL_NO_LIBUNBOUND -DOPENSSL_NO_MD2 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_SSL_TRACE -DOPENSSL_NO_SSL2 -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST -DOPENSSL_NO_WEAK_SSL_CIPHERS' MAKEDEPPROG='makedepend' SHARED_LDFLAGS='' KRB5_INCLUDES='' LIBKRB5='' ZLIB_INCLUDE='' LIBZLIB='' EXE_EXT='' SHARED_LIBS='' SHLIB_EXT='' SHLIB_TARGET='' PEX_LIBS='' EX_LIBS='' CPUID_OBJ='x86cpuid.o' BN_ASM='bn-586.o co-586.o x86-mont.o x86-gf2m.o' EC_ASM='' DES_ENC='des-586.o crypt586.o' AES_ENC='aes-586.o vpaes-x86.o aesni-x86.o' CMLL_ENC='cmll-x86.o' BF_ENC='bf-586.o' CAST_ENC='cast-586.o' RC4_ENC='rc4-586.o' RC5_ENC='rc5-586.o' SHA1_ASM_OBJ='sha1-586.o sha256-586.o sha512-586.o' MD5_ASM_OBJ='md5-586.o' RMD160_ASM_OBJ='rmd-586.o' WP_ASM_OBJ='wp_block.o wp-mmx.o' MODES_ASM_OBJ='ghash-x86.o' ENGINES_ASM_OBJ='' PERLASM_SCHEME='win32n' FIPSLIBDIR='' FIPSDIR='/usr/local/ssl/fips-2.0' FIPSCANLIB="$}" THIS=$ MAKEFILE=Makefile MAKEOVERRIDES= TOP=.. DIR=$$dir $$target ) || exit 1; fi; fi
 CAST_ENC=cast-586.o
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 CLEARENV=TOP= && unset TOP $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $
 CMLL_ENC=cmll-x86.o
 CONFIGURE_ARGS=VC-WIN32 no-idea no-mdc2
@@ -53,7 +53,7 @@ MANSUFFIX=
 MD5_ASM_OBJ=md5-586.o
 MINOR=0.2
 MODES_ASM_OBJ=ghash-x86.o
-NAME=openssl-1.0.2k
+NAME=openssl-1.0.2o
 NM=nm
 ONEDIRS=out tmp
 OPENSSLDIR=/usr/local/ssl
@@ -67,7 +67,7 @@ RANLIB=true
 RC=windres
 RC4_ENC=rc4-586.o
 RC5_ENC=rc5-586.o
-RECURSIVE_BUILD_CMD=for dir in crypto ssl engines apps test tools; do if [ -d "$$dir" ]; then ( cd $$dir && echo "making $$target in $$dir..." && TOP= && unset TOP $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ &&  -e LC_ALL=C PLATFORM='VC-WIN32' PROCESSOR='' CC='cl' CFLAG='-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM' AS='cl' ASFLAG='-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -c' AR='ar  r' NM='nm' RANLIB='true' RC='windres' CROSS_COMPILE='' PERL='perl' ENGDIRS='ccgost' SDIRS='objects md4 md5 sha hmac ripemd whrlpool des aes rc2 rc4 bf cast camellia seed modes bn ec rsa dsa ecdsa dh ecdh dso engine buffer bio stack lhash rand err evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 cms pqueue ts srp cmac' LIBRPATH='/usr/local/ssl/lib' INSTALL_PREFIX='' INSTALLTOP='/usr/local/ssl' OPENSSLDIR='/usr/local/ssl' LIBDIR='lib' MAKEDEPEND='$$$./util/domd $$$. -MD makedepend' DEPFLAG='-DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_IDEA -DOPENSSL_NO_JPAKE -DOPENSSL_NO_LIBUNBOUND -DOPENSSL_NO_MD2 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_SSL_TRACE -DOPENSSL_NO_SSL2 -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST -DOPENSSL_NO_WEAK_SSL_CIPHERS' MAKEDEPPROG='makedepend' SHARED_LDFLAGS='' KRB5_INCLUDES='' LIBKRB5='' ZLIB_INCLUDE='' LIBZLIB='' EXE_EXT='' SHARED_LIBS='' SHLIB_EXT='' SHLIB_TARGET='' PEX_LIBS='' EX_LIBS='' CPUID_OBJ='x86cpuid.o' BN_ASM='bn-586.o co-586.o x86-mont.o x86-gf2m.o' EC_ASM='' DES_ENC='des-586.o crypt586.o' AES_ENC='aes-586.o vpaes-x86.o aesni-x86.o' CMLL_ENC='cmll-x86.o' BF_ENC='bf-586.o' CAST_ENC='cast-586.o' RC4_ENC='rc4-586.o' RC5_ENC='rc5-586.o' SHA1_ASM_OBJ='sha1-586.o sha256-586.o sha512-586.o' MD5_ASM_OBJ='md5-586.o' RMD160_ASM_OBJ='rmd-586.o' WP_ASM_OBJ='wp_block.o wp-mmx.o' MODES_ASM_OBJ='ghash-x86.o' ENGINES_ASM_OBJ='' PERLASM_SCHEME='win32n' FIPSLIBDIR='' FIPSDIR='/usr/local/ssl/fips-2.0' FIPSCANLIB="$}" THIS=$ MAKEFILE=Makefile MAKEOVERRIDES= TOP=.. DIR=$$dir $$target ) || exit 1; fi; done
+RECURSIVE_BUILD_CMD=for dir in crypto ssl engines apps test tools; do if [ -d "$$dir" ]; then ( cd $$dir && echo "making $$target in $$dir..." && TOP= && unset TOP $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ &&  -e LC_ALL=C PLATFORM='VC-WIN32' PROCESSOR='' CC='cl' CFLAG='-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM' AS='cl' ASFLAG='-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -c' AR='ar  r' NM='nm' RANLIB='true' RC='windres' CROSS_COMPILE='' PERL='perl' ENGDIRS='ccgost' SDIRS='objects md4 md5 sha hmac ripemd whrlpool des aes rc2 rc4 bf cast camellia seed modes bn ec rsa dsa ecdsa dh ecdh dso engine buffer bio stack lhash rand err evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 cms pqueue ts srp cmac' LIBRPATH='/usr/local/ssl/lib' INSTALL_PREFIX='' INSTALLTOP='/usr/local/ssl' OPENSSLDIR='/usr/local/ssl' LIBDIR='lib' MAKEDEPEND='$$$./util/domd $$$. -MD makedepend' DEPFLAG='-DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_IDEA -DOPENSSL_NO_JPAKE -DOPENSSL_NO_LIBUNBOUND -DOPENSSL_NO_MD2 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_SSL_TRACE -DOPENSSL_NO_SSL2 -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST -DOPENSSL_NO_WEAK_SSL_CIPHERS' MAKEDEPPROG='makedepend' SHARED_LDFLAGS='' KRB5_INCLUDES='' LIBKRB5='' ZLIB_INCLUDE='' LIBZLIB='' EXE_EXT='' SHARED_LIBS='' SHLIB_EXT='' SHLIB_TARGET='' PEX_LIBS='' EX_LIBS='' CPUID_OBJ='x86cpuid.o' BN_ASM='bn-586.o co-586.o x86-mont.o x86-gf2m.o' EC_ASM='' DES_ENC='des-586.o crypt586.o' AES_ENC='aes-586.o vpaes-x86.o aesni-x86.o' CMLL_ENC='cmll-x86.o' BF_ENC='bf-586.o' CAST_ENC='cast-586.o' RC4_ENC='rc4-586.o' RC5_ENC='rc5-586.o' SHA1_ASM_OBJ='sha1-586.o sha256-586.o sha512-586.o' MD5_ASM_OBJ='md5-586.o' RMD160_ASM_OBJ='rmd-586.o' WP_ASM_OBJ='wp_block.o wp-mmx.o' MODES_ASM_OBJ='ghash-x86.o' ENGINES_ASM_OBJ='' PERLASM_SCHEME='win32n' FIPSLIBDIR='' FIPSDIR='/usr/local/ssl/fips-2.0' FIPSCANLIB="$}" THIS=$ MAKEFILE=Makefile MAKEOVERRIDES= TOP=.. DIR=$$dir $$target ) || exit 1; fi; done
 RMD160_ASM_OBJ=rmd-586.o
 SDIRS=objects md4 md5 sha hmac ripemd whrlpool des aes rc2 rc4 bf cast camellia seed modes bn ec rsa dsa ecdsa dh ecdh dso engine buffer bio stack lhash rand err evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 cms pqueue ts srp cmac
 SHA1_ASM_OBJ=sha1-586.o sha256-586.o sha512-586.o
@@ -85,24 +85,24 @@ SHLIB_TARGET=
 SHLIB_VERSION_HISTORY=
 SHLIB_VERSION_NUMBER=1.0.0
 TAR=tar
-TARFILE=../openssl-1.0.2k.tar
+TARFILE=../openssl-1.0.2o.tar
 TARFLAGS=--no-recursion
-TAR_COMMAND=tar --no-recursion --files-from ../openssl-1.0.2k.tar.list --owner 0 --group 0 --transform 's|^|openssl-1.0.2k/|' -cvf -
+TAR_COMMAND=tar --no-recursion --files-from ../openssl-1.0.2o.tar.list --owner 0 --group 0 --transform 's|^|openssl-1.0.2o/|' -cvf -
 TESTS=alltests
 TOP=.
-VERSION=1.0.2k
+VERSION=1.0.2o
 WDIRS=windows
 WP_ASM_OBJ=wp_block.o wp-mmx.o
 ZLIB_INCLUDE=
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto
-AFLAGS=-I. -I.. -I../include  -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+AFLAGS=-I. -I.. -I../include  -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 ALL=Makefile README crypto-lib.com install.com cryptlib.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c cpt_err.c ebcdic.c uid.c o_time.c o_str.c o_dir.c o_fips.c o_init.c fips_ers.c cryptlib.h buildinf.h md32_common.h o_time.h o_str.h o_dir.h constant_time_locl.h crypto.h opensslv.h opensslconf.h ebcdic.h symhacks.h ossl_typ.h
 AR=ar  r
-ASFLAGS=-I. -I.. -I../include  -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+ASFLAGS=-I. -I.. -I../include  -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I. -I.. -I../include  -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I. -I.. -I../include  -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 CPUID_OBJ=x86cpuid.o
 DIR=crypto
 EXHEADER=crypto.h opensslv.h opensslconf.h ebcdic.h symhacks.h ossl_typ.h
@@ -131,8 +131,8 @@ ALL=Makefile md2_dgst.c md2_one.c md2.h
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=md2
 EXHEADER=md2.h
 GENERAL=Makefile
@@ -151,8 +151,8 @@ ALL=Makefile md4_dgst.c md4_one.c md4_locl.h md4.h
 APPS=md4.c
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 CPP=cl -E
 DIR=md4
 EXHEADER=md4.h
@@ -168,14 +168,14 @@ TEST=md4test.c
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/md5
-AFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+AFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 ALL=Makefile md5_dgst.c md5_one.c md5_locl.h md5.h
 APPS=
 AR=ar  r
-ASFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+ASFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 CPP=cl -E
 DIR=md5
 EXHEADER=md5.h
@@ -192,14 +192,14 @@ TEST=md5test.c
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/sha
-AFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+AFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 ALL=Makefile sha_dgst.c sha1dgst.c sha_one.c sha1_one.c sha256.c sha512.c sha_locl.h sha.h
 APPS=
 AR=ar  r
-ASFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+ASFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 CPP=cl -E
 DIR=sha
 EXHEADER=sha.h
@@ -220,8 +220,8 @@ ALL=Makefile mdc2dgst.c mdc2_one.c mdc2.h
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=mdc2
 EXHEADER=mdc2.h
 GENERAL=Makefile
@@ -240,8 +240,8 @@ ALL=Makefile hmac.c hm_ameth.c hm_pmeth.c hmac.h
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=hmac
 EXHEADER=hmac.h
 GENERAL=Makefile
@@ -260,8 +260,8 @@ ALL=Makefile cmac.c cm_ameth.c cm_pmeth.c cmac.h
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=cmac
 EXHEADER=cmac.h
 GENERAL=Makefile
@@ -276,14 +276,14 @@ TEST=
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/ripemd
-AFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+AFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 ALL=Makefile rmd_dgst.c rmd_one.c rmd_locl.h rmdconst.h ripemd.h
 APPS=
 AR=ar  r
-ASFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+ASFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 CPP=cl -E
 DIR=ripemd
 EXHEADER=ripemd.h
@@ -300,14 +300,14 @@ TEST=rmdtest.c
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/des
-AFLAGS=-I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+AFLAGS=-I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 ALL=Makefile cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c ecb3_enc.c ecb_enc.c enc_read.c enc_writ.c fcrypt.c ofb64enc.c ofb_enc.c pcbc_enc.c qud_cksm.c rand_key.c rpc_enc.c set_key.c des_enc.c fcrypt_b.c xcbc_enc.c str2key.c cfb64ede.c ofb64ede.c ede_cbcm_enc.c des_old.c des_old2.c read2pwd.c des_locl.h rpc_des.h spr.h des_ver.h des.h des_old.h
 APPS=
 AR=ar  r
-ASFLAGS=-I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+ASFLAGS=-I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 CPP=cl -E
 DES_ENC=des-586.o crypt586.o
 DIR=des
@@ -329,8 +329,8 @@ ALL=Makefile rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c rc2_locl.h rc2
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=rc2
 EXHEADER=rc2.h
 GENERAL=Makefile
@@ -345,14 +345,14 @@ TEST=rc2test.c
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/rc4
-AFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+AFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 ALL=Makefile rc4_skey.c rc4_enc.c rc4_utl.c rc4.h rc4_locl.h
 APPS=
 AR=ar  r
-ASFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+ASFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 CPP=cl -E
 DIR=rc4
 EXHEADER=rc4.h
@@ -368,14 +368,14 @@ TEST=rc4test.c
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/rc5
-AFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+AFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 ALL=Makefile rc5_skey.c rc5_ecb.c rc5_enc.c rc5cfb64.c rc5ofb64.c rc5_locl.h rc5.h
 APPS=
 AR=ar  r
-ASFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+ASFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 CPP=cl -E
 DIR=rc5
 EXHEADER=rc5.h
@@ -396,8 +396,8 @@ ALL=Makefile i_cbc.c i_cfb64.c i_ofb64.c i_ecb.c i_skey.c idea_lcl.h idea.h
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=idea
 EXHEADER=idea.h
 GENERAL=Makefile
@@ -412,15 +412,15 @@ TEST=ideatest.c
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/bf
-AFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+AFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 ALL=Makefile bf_skey.c bf_ecb.c bf_enc.c bf_cfb64.c bf_ofb64.c bf_pi.h bf_locl.h blowfish.h
 APPS=
 AR=ar  r
-ASFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+ASFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 BF_ENC=bf-586.o
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 CPP=cl -E
 DIR=bf
 EXHEADER=blowfish.h
@@ -436,15 +436,15 @@ TEST=bftest.c
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/cast
-AFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+AFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 ALL=Makefile c_skey.c c_ecb.c c_enc.c c_cfb64.c c_ofb64.c cast_s.h cast_lcl.h cast.h
 APPS=
 AR=ar  r
-ASFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+ASFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 CAST_ENC=cast-586.o
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 CPP=cl -E
 DIR=cast
 EXHEADER=cast.h
@@ -461,14 +461,14 @@ TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/aes
 AES_ENC=aes-586.o vpaes-x86.o aesni-x86.o
-AFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+AFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 ALL=Makefile aes_core.c aes_misc.c aes_ecb.c aes_cbc.c aes_cfb.c aes_ofb.c aes_ctr.c aes_ige.c aes_wrap.c aes_locl.h aes.h
 APPS=
 AR=ar  r
-ASFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+ASFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 CPP=cl -E
 DIR=aes
 EXHEADER=aes.h
@@ -484,14 +484,14 @@ TEST=
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/camellia
-AFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+AFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 ALL=Makefile camellia.c cmll_misc.c cmll_ecb.c cmll_cbc.c cmll_ofb.c cmll_cfb.c cmll_ctr.c cmll_utl.c cmll_locl.h camellia.h
 APPS=
 AR=ar  r
-ASFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+ASFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 CMLL_ENC=cmll-x86.o
 CPP=cl -E
 DIR=camellia
@@ -511,8 +511,8 @@ ALL=Makefile seed.c seed_ecb.c seed_cbc.c seed_cfb.c seed_ofb.c seed_locl.h seed
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 CPP=cl -E
 DIR=seed
 EXHEADER=seed.h
@@ -528,14 +528,14 @@ TEST=
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/modes
-AFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+AFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 ALL=Makefile cbc128.c ctr128.c cts128.c cfb128.c ofb128.c gcm128.c ccm128.c xts128.c wrap128.c modes_lcl.h modes.h
 APPS=
 AR=ar  r
-ASFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+ASFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=modes
 EXHEADER=modes.h
 GENERAL=Makefile
@@ -551,15 +551,15 @@ TEST=
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/bn
-AFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+AFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 ALL=Makefile bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_gf2m.c bn_nist.c bn_depr.c bn_const.c bn_x931p.c bn_lcl.h bn_prime.h bn.h
 APPS=
 AR=ar  r
-ASFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+ASFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 BN_ASM=bn-586.o co-586.o x86-mont.o x86-gf2m.o
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 CPP=cl -E
 DIR=bn
 EXHEADER=bn.h
@@ -579,8 +579,8 @@ ALL=Makefile rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c rsa_p
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=rsa
 EXHEADER=rsa.h
 GENERAL=Makefile
@@ -599,8 +599,8 @@ ALL=Makefile dsa_gen.c dsa_key.c dsa_lib.c dsa_asn1.c dsa_vrf.c dsa_sign.c dsa_e
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=dsa
 EXHEADER=dsa.h
 GENERAL=Makefile
@@ -619,8 +619,8 @@ ALL=Makefile dso_dl.c dso_dlfcn.c dso_err.c dso_lib.c dso_null.c dso_openssl.c d
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=dso
 EXHEADER=dso.h
 GENERAL=Makefile
@@ -639,8 +639,8 @@ ALL=Makefile dh_asn1.c dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c dh_depr.c
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=dh
 EXHEADER=dh.h
 GENERAL=Makefile
@@ -655,14 +655,14 @@ TEST=dhtest.c
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/ec
-AFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+AFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 ALL=Makefile ec_lib.c ecp_smpl.c ecp_mont.c ecp_nist.c ec_cvt.c ec_mult.c ec_err.c ec_curve.c ec_check.c ec_print.c ec_asn1.c ec_key.c ec2_smpl.c ec2_mult.c ec_ameth.c ec_pmeth.c eck_prn.c ecp_nistp224.c ecp_nistp256.c ecp_nistp521.c ecp_nistputil.c ecp_oct.c ec2_oct.c ec_oct.c ec_lcl.h ec.h
 APPS=
 AR=ar  r
-ASFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+ASFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=ec
 EXHEADER=ec.h
 GENERAL=Makefile
@@ -681,8 +681,8 @@ ALL=Makefile ech_lib.c ech_ossl.c ech_key.c ech_err.c ech_kdf.c ech_locl.h ecdh.
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=ecdh
 EXHEADER=ecdh.h
 GENERAL=Makefile
@@ -701,8 +701,8 @@ ALL=Makefile ecs_lib.c ecs_asn1.c ecs_ossl.c ecs_sign.c ecs_vrf.c ecs_err.c ecs_
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=ecdsa
 EXHEADER=ecdsa.h
 GENERAL=Makefile
@@ -721,8 +721,8 @@ ALL=Makefile buffer.c buf_str.c buf_err.c buffer.h
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=buffer
 EXHEADER=buffer.h
 GENERAL=Makefile
@@ -741,8 +741,8 @@ ALL=Makefile bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=bio
 EXHEADER=bio.h
 GENERAL=Makefile
@@ -761,8 +761,8 @@ ALL=Makefile stack.c stack.h safestack.h
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=stack
 EXHEADER=stack.h safestack.h
 GENERAL=Makefile
@@ -781,8 +781,8 @@ ALL=Makefile lhash.c lh_stats.c lhash.h
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=lhash
 EXHEADER=lhash.h
 GENERAL=Makefile
@@ -801,8 +801,8 @@ ALL=Makefile md_rand.c randfile.c rand_lib.c rand_err.c rand_egd.c rand_win.c ra
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=rand
 EXHEADER=rand.h
 GENERAL=Makefile
@@ -821,8 +821,8 @@ ALL=Makefile err.c err_all.c err_prn.c err.h
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=err
 EXHEADER=err.h
 GENERAL=Makefile
@@ -841,8 +841,8 @@ ALL=Makefile README o_names.c obj_dat.c obj_lib.c obj_err.c obj_xref.c objects.h
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=objects
 EXHEADER=objects.h obj_mac.h
 GENERAL=Makefile README
@@ -862,8 +862,8 @@ ALL=Makefile encode.c digest.c evp_enc.c evp_key.c evp_acnf.c evp_cnf.c e_des.c
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=evp
 EXHEADER=evp.h
 GENERAL=Makefile
@@ -883,8 +883,8 @@ ALL=Makefile README a_object.c a_bitstr.c a_utctm.c a_gentm.c a_time.c a_int.c a
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=asn1
 EXHEADER=asn1.h asn1_mac.h asn1t.h
 GENERAL=Makefile README
@@ -903,8 +903,8 @@ ALL=Makefile pem_sign.c pem_seal.c pem_info.c pem_lib.c pem_all.c pem_err.c pem_
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=pem
 EXHEADER=pem.h pem2.h
 GENERAL=Makefile
@@ -923,8 +923,8 @@ ALL=Makefile README x509_def.c x509_d2.c x509_r2x.c x509_cmp.c x509_obj.c x509_r
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=x509
 EXHEADER=x509.h x509_vfy.h
 GENERAL=Makefile README
@@ -943,8 +943,8 @@ ALL=Makefile README v3_bcons.c v3_bitst.c v3_conf.c v3_extku.c v3_ia5.c v3_lib.c
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=x509v3
 EXHEADER=x509v3.h
 GENERAL=Makefile README
@@ -963,8 +963,8 @@ ALL=Makefile cms_lib.c cms_asn1.c cms_att.c cms_io.c cms_smime.c cms_err.c cms_s
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=cms
 EXHEADER=cms.h
 GENERAL=Makefile
@@ -983,8 +983,8 @@ ALL=Makefile conf_err.c conf_lib.c conf_api.c conf_def.c conf_mod.c conf_mall.c
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=conf
 EXHEADER=conf.h conf_api.h
 GENERAL=Makefile
@@ -999,7 +999,7 @@ TEST=
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/jpake
-CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=jpake
 EXHEADER=jpake.h
 LIB=../../libcrypto.a
@@ -1013,8 +1013,8 @@ ALL=Makefile txt_db.c txt_db.h
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=txt_db
 EXHEADER=txt_db.h
 GENERAL=Makefile
@@ -1033,8 +1033,8 @@ ALL=Makefile README pk7_asn1.c pk7_lib.c pkcs7err.c pk7_doit.c pk7_smime.c pk7_a
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=pkcs7
 EXHEADER=pkcs7.h
 EX_LIBS=
@@ -1055,8 +1055,8 @@ ALL=Makefile p12_add.c p12_asn.c p12_attr.c p12_crpt.c p12_crt.c p12_decr.c p12_
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=pkcs12
 EXHEADER=pkcs12.h
 GENERAL=Makefile
@@ -1075,8 +1075,8 @@ ALL=Makefile comp_lib.c comp_err.c c_rle.c c_zlib.c comp.h
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=comp
 EXHEADER=comp.h
 GENERAL=Makefile
@@ -1095,8 +1095,8 @@ ALL=Makefile eng_err.c eng_lib.c eng_list.c eng_init.c eng_ctrl.c eng_table.c en
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=engine
 EXHEADER=engine.h
 GENERAL=Makefile
@@ -1115,8 +1115,8 @@ ALL=Makefile README ocsp_asn.c ocsp_ext.c ocsp_ht.c ocsp_lib.c ocsp_cl.c ocsp_sr
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=ocsp
 EXHEADER=ocsp.h
 GENERAL=Makefile README
@@ -1135,8 +1135,8 @@ ALL=Makefile ui_err.c ui_lib.c ui_openssl.c ui_util.c ui_compat.c ui.h ui_compat
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 COMPATOBJ=ui_compat.o
 COMPATSRC=ui_compat.c
 DIR=ui
@@ -1157,8 +1157,8 @@ ALL=Makefile README krb5_asn.c krb5_asn.h
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=krb5
 EXHEADER=krb5_asn.h
 GENERAL=Makefile README
@@ -1177,8 +1177,8 @@ ALL=Makefile pqueue.c pqueue.h
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=pqueue
 EXHEADER=pqueue.h
 GENERAL=Makefile
@@ -1193,14 +1193,14 @@ TEST=
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/whrlpool
-AFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+AFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 ALL=Makefile wp_dgst.c wp_block.c wp_locl.h whrlpool.h
 APPS=
 AR=ar  r
-ASFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+ASFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS= -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 CPP=cl -E
 DIR=whrlpool
 EXHEADER=whrlpool.h
@@ -1221,8 +1221,8 @@ ALL=Makefile ts_err.c ts_req_utils.c ts_req_print.c ts_rsp_utils.c ts_rsp_print.
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=ts
 EXHEADER=ts.h
 EX_LIBS=
@@ -1247,8 +1247,8 @@ RELATIVE_DIRECTORY=crypto/srp
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I.. -I../.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=srp
 EXHEADER=srp.h
 GENERAL=Makefile
@@ -1273,8 +1273,8 @@ ALL=Makefile README ssl-lib.com install.com s2_meth.c s2_srvr.c s2_clnt.c s2_lib
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I../crypto -I.. -I../include  -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I../crypto -I.. -I../include  -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=ssl
 EXHEADER=ssl.h ssl2.h ssl3.h ssl23.h tls1.h dtls1.h kssl.h srtp.h
 GENERAL=Makefile README ssl-lib.com install.com
@@ -1287,7 +1287,7 @@ LIBSRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srv
 MAKEFILE=Makefile
 SHARED_LIB=libssl
 SRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s3_cbc.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c t1_ext.c d1_meth.c d1_srvr.c d1_clnt.c d1_lib.c d1_pkt.c d1_both.c d1_srtp.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c ssl_conf.c bio_ssl.c ssl_err.c kssl.c t1_reneg.c tls_srp.c t1_trce.c ssl_utst.c
-TEST=ssltest.c heartbeat_test.c clienthellotest.c sslv2conftest.c dtlstest.c bad_dtls_test.c
+TEST=ssltest.c heartbeat_test.c clienthellotest.c sslv2conftest.c dtlstest.c bad_dtls_test.c fatalerrtest.c
 TOP=..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=apps
@@ -1295,8 +1295,8 @@ ALL=Makefile makeapps.com install.com verify.c asn1pars.c req.c dgst.c dh.c enc.
 A_OBJ=apps.o
 A_SRC=apps.c
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-DMONOLITH -I.. -I../include  -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-DMONOLITH -I.. -I../include  -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=apps
 DLIBCRYPTO=../libcrypto.a
 DLIBSSL=../libssl.a
@@ -1334,8 +1334,8 @@ ALL=Makefile engines.com install.com engine_vector.mar e_4758cca.c e_aep.c e_ata
 APPS=
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=engines
 ENGDIRS=ccgost
 EXHEADER=
@@ -1357,8 +1357,8 @@ RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=engines/ccgost
 AR=ar  r
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=ccgost
 INCLUDES=-I../../include
 LIB=../../libcrypto.a
@@ -1370,7 +1370,7 @@ SRC=gost2001.c gost2001_keyx.c gost89.c gost94_keyx.c gost_ameth.c gost_asn1.c g
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=test
-ALL=Makefile maketests.com tests.com testenc.com tx509.com trsa.com tcrl.com tsid.com treq.com tpkcs7.com tpkcs7d.com tverify.com testgen.com testss.com testssl.com testca.com VMSca-response.1 VMSca-response.2 bntest.c ectest.c ecdsatest.c ecdhtest.c ideatest.c md2test.c md4test.c md5test.c hmactest.c wp_test.c rc2test.c rc4test.c rc5test.c destest.c shatest.c sha1test.c mdc2test.c rmdtest.c randtest.c dhtest.c enginetest.c casttest.c bftest.c ssltest.c dsatest.c exptest.c rsa_test.c evp_test.c evp_extra_test.c igetest.c jpaketest.c srptest.c asn1test.c v3nametest.c heartbeat_test.c constant_time_test.c verify_extra_test.c clienthellotest.c sslv2conftest.c dtlstest.c ssltestlib.c bad_dtls_test.c testutil.h ssltestlib.h 
+ALL=Makefile maketests.com tests.com testenc.com tx509.com trsa.com tcrl.com tsid.com treq.com tpkcs7.com tpkcs7d.com tverify.com testgen.com testss.com testssl.com testca.com VMSca-response.1 VMSca-response.2 bntest.c ectest.c ecdsatest.c ecdhtest.c ideatest.c md2test.c md4test.c md5test.c hmactest.c wp_test.c rc2test.c rc4test.c rc5test.c destest.c shatest.c sha1test.c mdc2test.c rmdtest.c randtest.c dhtest.c enginetest.c casttest.c bftest.c ssltest.c dsatest.c exptest.c rsa_test.c evp_test.c evp_extra_test.c igetest.c jpaketest.c srptest.c asn1test.c v3nametest.c heartbeat_test.c constant_time_test.c verify_extra_test.c clienthellotest.c sslv2conftest.c dtlstest.c ssltestlib.c bad_dtls_test.c fatalerrtest.c testutil.h ssltestlib.h 
 ASN1TEST=asn1test
 BADDTLSTEST=bad_dtls_test
 BFTEST=bftest
@@ -1379,8 +1379,8 @@ BUILD_CMD=shlib_target=; if [ -n "" ]; then shlib_target=""; fi; LIBRARIES="-L..
 BUILD_CMD_STATIC=shlib_target=; LIBRARIES="../libssl.a ../libcrypto.a ";  -f ../Makefile.shared -e APPNAME=$$target OBJECTS="$$target.o" LIBDEPS=" $$LIBRARIES " link_app.$
 CASTTEST=casttest
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I.. -I../include  -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I.. -I../include  -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 CLIENTHELLOTEST=clienthellotest
 CONSTTIMETEST=constant_time_test
 DESTEST=destest
@@ -1396,10 +1396,11 @@ ECTEST=ectest
 ENGINETEST=enginetest
 EVPEXTRATEST=evp_extra_test
 EVPTEST=evp_test
-EXE=bntest ectest ecdsatest ecdhtest ideatest md2test md4test md5test hmactest wp_test rc2test rc4test rc5test destest shatest sha1test sha256t sha512t mdc2test rmdtest randtest dhtest enginetest bftest casttest ssltest exptest dsatest rsa_test evp_test evp_extra_test igetest jpaketest srptest asn1test v3nametest heartbeat_test constant_time_test verify_extra_test clienthellotest sslv2conftest dtlstest bad_dtls_test
+EXE=bntest ectest ecdsatest ecdhtest ideatest md2test md4test md5test hmactest wp_test rc2test rc4test rc5test destest shatest sha1test sha256t sha512t mdc2test rmdtest randtest dhtest enginetest bftest casttest ssltest exptest dsatest rsa_test evp_test evp_extra_test igetest jpaketest srptest asn1test v3nametest heartbeat_test constant_time_test verify_extra_test clienthellotest sslv2conftest dtlstest bad_dtls_test fatalerrtest
 EXHEADER=
 EXPTEST=exptest
 EX_LIBS=
+FATALERRTEST=fatalerrtest
 FIPS_BUILD_CMD=shlib_target=; if [ -n "" ]; then shlib_target=""; fi; LIBRARIES="-L.. -lssl -L.. -lcrypto "; if [ -z "" -a -n "" ] ; then FIPSLD_CC="cl"; CC=/usr/local/ssl/fips-2.0/bin/fipsld; export CC FIPSLD_CC; fi;  -f ../Makefile.shared -e CC="$cl" APPNAME=$$target OBJECTS="$$target.o" LIBDEPS=" $$LIBRARIES " link_app.$
 GENERAL=Makefile maketests.com tests.com testenc.com tx509.com trsa.com tcrl.com tsid.com treq.com tpkcs7.com tpkcs7d.com tverify.com testgen.com testss.com testssl.com testca.com VMSca-response.1 VMSca-response.2
 HEADER=testutil.h ssltestlib.h 
@@ -1419,7 +1420,7 @@ MD4TEST=md4test
 MD5TEST=md5test
 MDC2TEST=mdc2test
 METHTEST=methtest
-OBJ=bntest.o ectest.o ecdsatest.o ecdhtest.o ideatest.o md2test.o md4test.o md5test.o hmactest.o wp_test.o rc2test.o rc4test.o rc5test.o destest.o shatest.o sha1test.o sha256t.o sha512t.o mdc2test.o rmdtest.o randtest.o dhtest.o enginetest.o casttest.o bftest.o ssltest.o dsatest.o exptest.o rsa_test.o evp_test.o evp_extra_test.o igetest.o jpaketest.o asn1test.o v3nametest.o heartbeat_test.o constant_time_test.o verify_extra_test.o clienthellotest.o sslv2conftest.o dtlstest.o ssltestlib.o bad_dtls_test.o
+OBJ=bntest.o ectest.o ecdsatest.o ecdhtest.o ideatest.o md2test.o md4test.o md5test.o hmactest.o wp_test.o rc2test.o rc4test.o rc5test.o destest.o shatest.o sha1test.o sha256t.o sha512t.o mdc2test.o rmdtest.o randtest.o dhtest.o enginetest.o casttest.o bftest.o ssltest.o dsatest.o exptest.o rsa_test.o evp_test.o evp_extra_test.o igetest.o jpaketest.o asn1test.o v3nametest.o heartbeat_test.o constant_time_test.o verify_extra_test.o clienthellotest.o sslv2conftest.o dtlstest.o ssltestlib.o bad_dtls_test.o fatalerrtest.o
 PERL=perl
 PEX_LIBS=
 RANDTEST=randtest
@@ -1432,7 +1433,7 @@ SHA1TEST=sha1test
 SHA256TEST=sha256t
 SHA512TEST=sha512t
 SHATEST=shatest
-SRC=bntest.c ectest.c ecdsatest.c ecdhtest.c ideatest.c md2test.c md4test.c md5test.c hmactest.c wp_test.c rc2test.c rc4test.c rc5test.c destest.c shatest.c sha1test.c mdc2test.c rmdtest.c randtest.c dhtest.c enginetest.c casttest.c bftest.c ssltest.c dsatest.c exptest.c rsa_test.c evp_test.c evp_extra_test.c igetest.c jpaketest.c srptest.c asn1test.c v3nametest.c heartbeat_test.c constant_time_test.c verify_extra_test.c clienthellotest.c sslv2conftest.c dtlstest.c ssltestlib.c bad_dtls_test.c
+SRC=bntest.c ectest.c ecdsatest.c ecdhtest.c ideatest.c md2test.c md4test.c md5test.c hmactest.c wp_test.c rc2test.c rc4test.c rc5test.c destest.c shatest.c sha1test.c mdc2test.c rmdtest.c randtest.c dhtest.c enginetest.c casttest.c bftest.c ssltest.c dsatest.c exptest.c rsa_test.c evp_test.c evp_extra_test.c igetest.c jpaketest.c srptest.c asn1test.c v3nametest.c heartbeat_test.c constant_time_test.c verify_extra_test.c clienthellotest.c sslv2conftest.c dtlstest.c ssltestlib.c bad_dtls_test.c fatalerrtest.c
 SRPTEST=srptest
 SSLTEST=ssltest
 SSLV2CONFTEST=sslv2conftest
@@ -1446,8 +1447,8 @@ RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=tools
 APPS=c_rehash
 CC=cl
-CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
-CFLAGS=-I.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG=-DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAGS=-I.. -I../../include -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DIR=tools
 GENERAL=Makefile
 INCLUDES=-I.. -I../../include
diff --git a/MacOS/Randomizer.cpp b/MacOS/Randomizer.cpp
index cceb6bde..52dc8842 100644
--- a/MacOS/Randomizer.cpp
+++ b/MacOS/Randomizer.cpp
@@ -266,7 +266,7 @@ void CRandomizer::AddCurrentMouse (void)
 	
 	if (labs (mLastMouse.h - mouseLoc.h) > kMouseResolution/2 &&
 	    labs (mLastMouse.v - mouseLoc.v) > kMouseResolution/2)
-		AddBytes (&mouseLoc, sizeof (mouseLoc),
+		AddBytes (&mouseLoc, sizeof(mouseLoc),
 				kMousePositionEntropy);
 	
 	if (mLastMouse.h == mouseLoc.h && mLastMouse.v == mouseLoc.v)
@@ -286,7 +286,7 @@ void CRandomizer::AddCurrentMouse (void)
 			(kTypicalMouseIdleTicks/(double)lastCheck);
 		if (entropy < 0.0)
 			entropy = 0.0;
-		AddBytes (&mMouseStill, sizeof (mMouseStill), entropy);
+		AddBytes (&mMouseStill, sizeof(mMouseStill), entropy);
 		mMouseStill = 0;
 	}
 	mLastMouse = mouseLoc;
@@ -299,7 +299,7 @@ void CRandomizer::AddAbsoluteSystemStartupTime (void)
 	GetDateTime (&now);
 	now -= TickCount() / 60;	// Time in ticks since machine
 					// startup
-	AddBytes (&now, sizeof (now), kSysStartupEntropy);
+	AddBytes (&now, sizeof(now), kSysStartupEntropy);
 }
 
 void CRandomizer::AddTimeSinceMachineStartup (void)
@@ -314,7 +314,7 @@ void CRandomizer::AddAppRunningTime (void)
 	ProcessSerialNumber PSN;
 	ProcessInfoRec		ProcessInfo;
 	
-	ProcessInfo.processInfoLength = sizeof (ProcessInfoRec);
+	ProcessInfo.processInfoLength = sizeof(ProcessInfoRec);
 	ProcessInfo.processName = nil;
 	ProcessInfo.processAppSpec = nil;
 	
@@ -324,7 +324,7 @@ void CRandomizer::AddAppRunningTime (void)
 	// Now add the amount of time in ticks that the current process
 	// has been active
 
-	AddBytes (&ProcessInfo, sizeof (ProcessInfoRec),
+	AddBytes (&ProcessInfo, sizeof(ProcessInfoRec),
 			kApplicationUpTimeEntropy);
 }
 
@@ -353,7 +353,7 @@ void CRandomizer::AddStartupVolumeInfo (void)
 	// unpredictable, so might as well toss the whole block in. See
 	// comments for entropy estimate justifications.
 
-	AddBytes (&pb, sizeof (pb),
+	AddBytes (&pb, sizeof(pb),
 		kVolumeBytesEntropy +
 		log2l (((pb.ioVTotalBytes.hi - pb.ioVFreeBytes.hi)
 				* 4294967296.0D +
@@ -419,7 +419,7 @@ void CRandomizer::AddBytes (void *data, long size, double entropy)
 void CRandomizer::AddNow (double millisecondUncertainty)
 {
 	long time = SysTimer();
-	AddBytes (&time, sizeof (time), log2l (millisecondUncertainty *
+	AddBytes (&time, sizeof(time), log2l (millisecondUncertainty *
 			mTimebaseTicksPerMillisec));
 }
 
diff --git a/Makefile b/Makefile
index e29cabb6..8d76d881 100644
--- a/Makefile
+++ b/Makefile
@@ -4,7 +4,7 @@
 ## Makefile for OpenSSL
 ##
 
-VERSION=1.0.2k
+VERSION=1.0.2o
 MAJOR=1
 MINOR=0.2
 SHLIB_VERSION_NUMBER=1.0.0
@@ -60,7 +60,7 @@ OPENSSLDIR=/usr/local/ssl
 # PKCS1_CHECK - pkcs1 tests.
 
 CC= cl
-CFLAG= -DOPENSSL_THREADS  -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
+CFLAG= -DOPENSSL_THREADS  -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
 DEPFLAG= -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_IDEA -DOPENSSL_NO_JPAKE -DOPENSSL_NO_LIBUNBOUND -DOPENSSL_NO_MD2 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_SSL_TRACE -DOPENSSL_NO_SSL2 -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST -DOPENSSL_NO_WEAK_SSL_CIPHERS
 PEX_LIBS= 
 EX_LIBS= 
@@ -426,6 +426,14 @@ clean:	libclean
 	rm -fr $$i/*; \
 	done
 
+distclean: clean
+	-$(RM) `find . -name .git -prune -o -type l -print`
+	$(RM) apps/CA.pl
+	$(RM) test/evptests.txt test/newkey.pem test/testkey.pem test/testreq.pem
+	$(RM) tools/c_rehash
+	$(RM) crypto/opensslconf.h
+	$(RM) Makefile Makefile.bak
+
 makefile.one: files
 	$(PERL) util/mk1mf.pl >makefile.one; \
 	sh util/do_ms.sh
diff --git a/Makefile.bak b/Makefile.bak
index c9f682be..7fcced47 100644
--- a/Makefile.bak
+++ b/Makefile.bak
@@ -4,7 +4,7 @@
 ## Makefile for OpenSSL
 ##
 
-VERSION=1.0.2k
+VERSION=1.0.2o
 MAJOR=1
 MINOR=0.2
 SHLIB_VERSION_NUMBER=1.0.0
@@ -426,6 +426,14 @@ clean:	libclean
 	rm -fr $$i/*; \
 	done
 
+distclean: clean
+	-$(RM) `find . -name .git -prune -o -type l -print`
+	$(RM) apps/CA.pl
+	$(RM) test/evptests.txt test/newkey.pem test/testkey.pem test/testreq.pem
+	$(RM) tools/c_rehash
+	$(RM) crypto/opensslconf.h
+	$(RM) Makefile Makefile.bak
+
 makefile.one: files
 	$(PERL) util/mk1mf.pl >makefile.one; \
 	sh util/do_ms.sh
diff --git a/Makefile.org b/Makefile.org
index 61a329b4..f51f0a75 100644
--- a/Makefile.org
+++ b/Makefile.org
@@ -424,6 +424,14 @@ clean:	libclean
 	rm -fr $$i/*; \
 	done
 
+distclean: clean
+	-$(RM) `find . -name .git -prune -o -type l -print`
+	$(RM) apps/CA.pl
+	$(RM) test/evptests.txt test/newkey.pem test/testkey.pem test/testreq.pem
+	$(RM) tools/c_rehash
+	$(RM) crypto/opensslconf.h
+	$(RM) Makefile Makefile.bak
+
 makefile.one: files
 	$(PERL) util/mk1mf.pl >makefile.one; \
 	sh util/do_ms.sh
diff --git a/NEWS b/NEWS
index be4a266b..5080f79a 100644
--- a/NEWS
+++ b/NEWS
@@ -5,6 +5,25 @@
   This file gives a brief overview of the major changes between each OpenSSL
   release. For more details please read the CHANGES file.
 
+  Major changes between OpenSSL 1.0.2n and OpenSSL 1.0.2o [27 Mar 2018]
+
+      o Constructed ASN.1 types with a recursive definition could exceed the
+        stack (CVE-2018-0739)
+
+  Major changes between OpenSSL 1.0.2m and OpenSSL 1.0.2n [7 Dec 2017]
+
+      o Read/write after SSL object in error state (CVE-2017-3737)
+      o rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738)
+
+  Major changes between OpenSSL 1.0.2l and OpenSSL 1.0.2m [2 Nov 2017]
+
+      o bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736)
+      o Malformed X.509 IPAddressFamily could cause OOB read (CVE-2017-3735)
+
+  Major changes between OpenSSL 1.0.2k and OpenSSL 1.0.2l [25 May 2017]
+
+      o config now recognises 64-bit mingw and chooses mingw64 instead of mingw
+
   Major changes between OpenSSL 1.0.2j and OpenSSL 1.0.2k [26 Jan 2017]
 
       o Truncated packet could crash via OOB read (CVE-2017-3731)
diff --git a/README b/README
index 615d0c6a..a0fce3f5 100644
--- a/README
+++ b/README
@@ -1,5 +1,5 @@
 
- OpenSSL 1.0.2k 26 Jan 2017
+ OpenSSL 1.0.2o 27 Mar 2018
 
  Copyright (c) 1998-2015 The OpenSSL Project
  Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
diff --git a/apps/app_rand.c b/apps/app_rand.c
index 7f40bba7..0bbf342e 100644
--- a/apps/app_rand.c
+++ b/apps/app_rand.c
@@ -128,7 +128,7 @@ int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn)
 #endif
 
     if (file == NULL)
-        file = RAND_file_name(buffer, sizeof buffer);
+        file = RAND_file_name(buffer, sizeof(buffer));
     else if (RAND_egd(file) > 0) {
         /*
          * we try if the given filename is an EGD socket. if it is, we don't
@@ -203,7 +203,7 @@ int app_RAND_write_file(const char *file, BIO *bio_e)
         return 0;
 
     if (file == NULL)
-        file = RAND_file_name(buffer, sizeof buffer);
+        file = RAND_file_name(buffer, sizeof(buffer));
     if (file == NULL || !RAND_write_file(file)) {
         BIO_printf(bio_e, "unable to write 'random state'\n");
         return 0;
diff --git a/apps/apps.c b/apps/apps.c
index c487bd92..c5a51522 100644
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -148,6 +148,10 @@
 #ifdef _WIN32
 static int WIN32_rename(const char *from, const char *to);
 # define rename(from,to) WIN32_rename((from),(to))
+# ifdef fileno
+#  undef fileno
+# endif
+# define fileno(a) (int)_fileno(a)
 #endif
 
 typedef struct {
@@ -1734,9 +1738,9 @@ int save_serial(char *serialfile, char *suffix, BIGNUM *serial,
         BUF_strlcpy(buf[0], serialfile, BSIZE);
     else {
 #ifndef OPENSSL_SYS_VMS
-        j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", serialfile, suffix);
+        j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s.%s", serialfile, suffix);
 #else
-        j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", serialfile, suffix);
+        j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s-%s", serialfile, suffix);
 #endif
     }
 #ifdef RL_DEBUG
@@ -1785,14 +1789,14 @@ int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix)
         goto err;
     }
 #ifndef OPENSSL_SYS_VMS
-    j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", serialfile, new_suffix);
+    j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s.%s", serialfile, new_suffix);
 #else
-    j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", serialfile, new_suffix);
+    j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s-%s", serialfile, new_suffix);
 #endif
 #ifndef OPENSSL_SYS_VMS
-    j = BIO_snprintf(buf[1], sizeof buf[1], "%s.%s", serialfile, old_suffix);
+    j = BIO_snprintf(buf[1], sizeof(buf[1]), "%s.%s", serialfile, old_suffix);
 #else
-    j = BIO_snprintf(buf[1], sizeof buf[1], "%s-%s", serialfile, old_suffix);
+    j = BIO_snprintf(buf[1], sizeof(buf[1]), "%s-%s", serialfile, old_suffix);
 #endif
 #ifdef RL_DEBUG
     BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
@@ -1873,9 +1877,9 @@ CA_DB *load_index(char *dbfile, DB_ATTR *db_attr)
         goto err;
 
 #ifndef OPENSSL_SYS_VMS
-    BIO_snprintf(buf[0], sizeof buf[0], "%s.attr", dbfile);
+    BIO_snprintf(buf[0], sizeof(buf[0]), "%s.attr", dbfile);
 #else
-    BIO_snprintf(buf[0], sizeof buf[0], "%s-attr", dbfile);
+    BIO_snprintf(buf[0], sizeof(buf[0]), "%s-attr", dbfile);
 #endif
     dbattr_conf = NCONF_new(NULL);
     if (NCONF_load(dbattr_conf, buf[0], &errorline) <= 0) {
@@ -1963,19 +1967,19 @@ int save_index(const char *dbfile, const char *suffix, CA_DB *db)
         goto err;
     }
 #ifndef OPENSSL_SYS_VMS
-    j = BIO_snprintf(buf[2], sizeof buf[2], "%s.attr", dbfile);
+    j = BIO_snprintf(buf[2], sizeof(buf[2]), "%s.attr", dbfile);
 #else
-    j = BIO_snprintf(buf[2], sizeof buf[2], "%s-attr", dbfile);
+    j = BIO_snprintf(buf[2], sizeof(buf[2]), "%s-attr", dbfile);
 #endif
 #ifndef OPENSSL_SYS_VMS
-    j = BIO_snprintf(buf[1], sizeof buf[1], "%s.attr.%s", dbfile, suffix);
+    j = BIO_snprintf(buf[1], sizeof(buf[1]), "%s.attr.%s", dbfile, suffix);
 #else
-    j = BIO_snprintf(buf[1], sizeof buf[1], "%s-attr-%s", dbfile, suffix);
+    j = BIO_snprintf(buf[1], sizeof(buf[1]), "%s-attr-%s", dbfile, suffix);
 #endif
 #ifndef OPENSSL_SYS_VMS
-    j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", dbfile, suffix);
+    j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s.%s", dbfile, suffix);
 #else
-    j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", dbfile, suffix);
+    j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s-%s", dbfile, suffix);
 #endif
 #ifdef RL_DEBUG
     BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[0]);
@@ -2024,29 +2028,29 @@ int rotate_index(const char *dbfile, const char *new_suffix,
         goto err;
     }
 #ifndef OPENSSL_SYS_VMS
-    j = BIO_snprintf(buf[4], sizeof buf[4], "%s.attr", dbfile);
+    j = BIO_snprintf(buf[4], sizeof(buf[4]), "%s.attr", dbfile);
 #else
-    j = BIO_snprintf(buf[4], sizeof buf[4], "%s-attr", dbfile);
+    j = BIO_snprintf(buf[4], sizeof(buf[4]), "%s-attr", dbfile);
 #endif
 #ifndef OPENSSL_SYS_VMS
-    j = BIO_snprintf(buf[2], sizeof buf[2], "%s.attr.%s", dbfile, new_suffix);
+    j = BIO_snprintf(buf[2], sizeof(buf[2]), "%s.attr.%s", dbfile, new_suffix);
 #else
-    j = BIO_snprintf(buf[2], sizeof buf[2], "%s-attr-%s", dbfile, new_suffix);
+    j = BIO_snprintf(buf[2], sizeof(buf[2]), "%s-attr-%s", dbfile, new_suffix);
 #endif
 #ifndef OPENSSL_SYS_VMS
-    j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", dbfile, new_suffix);
+    j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s.%s", dbfile, new_suffix);
 #else
-    j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", dbfile, new_suffix);
+    j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s-%s", dbfile, new_suffix);
 #endif
 #ifndef OPENSSL_SYS_VMS
-    j = BIO_snprintf(buf[1], sizeof buf[1], "%s.%s", dbfile, old_suffix);
+    j = BIO_snprintf(buf[1], sizeof(buf[1]), "%s.%s", dbfile, old_suffix);
 #else
-    j = BIO_snprintf(buf[1], sizeof buf[1], "%s-%s", dbfile, old_suffix);
+    j = BIO_snprintf(buf[1], sizeof(buf[1]), "%s-%s", dbfile, old_suffix);
 #endif
 #ifndef OPENSSL_SYS_VMS
-    j = BIO_snprintf(buf[3], sizeof buf[3], "%s.attr.%s", dbfile, old_suffix);
+    j = BIO_snprintf(buf[3], sizeof(buf[3]), "%s.attr.%s", dbfile, old_suffix);
 #else
-    j = BIO_snprintf(buf[3], sizeof buf[3], "%s-attr-%s", dbfile, old_suffix);
+    j = BIO_snprintf(buf[3], sizeof(buf[3]), "%s-attr-%s", dbfile, old_suffix);
 #endif
 #ifdef RL_DEBUG
     BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", dbfile, buf[1]);
@@ -2600,7 +2604,7 @@ static void jpake_send_step3a(BIO *bconn, JPAKE_CTX *ctx)
 
     JPAKE_STEP3A_init(&s3a);
     JPAKE_STEP3A_generate(&s3a, ctx);
-    BIO_write(bconn, s3a.hhk, sizeof s3a.hhk);
+    BIO_write(bconn, s3a.hhk, sizeof(s3a.hhk));
     (void)BIO_flush(bconn);
     JPAKE_STEP3A_release(&s3a);
 }
@@ -2611,7 +2615,7 @@ static void jpake_send_step3b(BIO *bconn, JPAKE_CTX *ctx)
 
     JPAKE_STEP3B_init(&s3b);
     JPAKE_STEP3B_generate(&s3b, ctx);
-    BIO_write(bconn, s3b.hk, sizeof s3b.hk);
+    BIO_write(bconn, s3b.hk, sizeof(s3b.hk));
     (void)BIO_flush(bconn);
     JPAKE_STEP3B_release(&s3b);
 }
@@ -2621,7 +2625,7 @@ static void readbn(BIGNUM **bn, BIO *bconn)
     char buf[10240];
     int l;
 
-    l = BIO_gets(bconn, buf, sizeof buf);
+    l = BIO_gets(bconn, buf, sizeof(buf));
     assert(l > 0);
     assert(buf[l - 1] == '\n');
     buf[l - 1] = '\0';
@@ -2668,8 +2672,8 @@ static void jpake_receive_step3a(JPAKE_CTX *ctx, BIO *bconn)
     int l;
 
     JPAKE_STEP3A_init(&s3a);
-    l = BIO_read(bconn, s3a.hhk, sizeof s3a.hhk);
-    assert(l == sizeof s3a.hhk);
+    l = BIO_read(bconn, s3a.hhk, sizeof(s3a.hhk));
+    assert(l == sizeof(s3a.hhk));
     if (!JPAKE_STEP3A_process(ctx, &s3a)) {
         ERR_print_errors(bio_err);
         exit(1);
@@ -2683,8 +2687,8 @@ static void jpake_receive_step3b(JPAKE_CTX *ctx, BIO *bconn)
     int l;
 
     JPAKE_STEP3B_init(&s3b);
-    l = BIO_read(bconn, s3b.hk, sizeof s3b.hk);
-    assert(l == sizeof s3b.hk);
+    l = BIO_read(bconn, s3b.hk, sizeof(s3b.hk));
+    assert(l == sizeof(s3b.hk));
     if (!JPAKE_STEP3B_process(ctx, &s3b)) {
         ERR_print_errors(bio_err);
         exit(1);
@@ -2788,13 +2792,13 @@ unsigned char *next_protos_parse(unsigned short *outlen, const char *in)
                 OPENSSL_free(out);
                 return NULL;
             }
-            out[start] = i - start;
+            out[start] = (unsigned char)(i - start);
             start = i + 1;
         } else
             out[i + 1] = in[i];
     }
 
-    *outlen = len + 1;
+    *outlen = (unsigned char)(len + 1);
     return out;
 }
 #endif                          /* ndef OPENSSL_NO_TLSEXT */
diff --git a/apps/ca.c b/apps/ca.c
index 4cea3cb7..4f9de549 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -1628,8 +1628,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
                    CONF *lconf, unsigned long certopt, unsigned long nameopt,
                    int default_op, int ext_copy, int selfsign)
 {
-    X509_NAME *name = NULL, *CAname = NULL, *subject = NULL, *dn_subject =
-        NULL;
+    X509_NAME *name = NULL, *CAname = NULL, *subject = NULL;
     ASN1_UTCTIME *tm, *tmptm;
     ASN1_STRING *str, *str2;
     ASN1_OBJECT *obj;
@@ -1817,8 +1816,6 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
 
             if (push != NULL) {
                 if (!X509_NAME_add_entry(subject, push, -1, 0)) {
-                    if (push != NULL)
-                        X509_NAME_ENTRY_free(push);
                     BIO_printf(bio_err, "Memory allocation failure\n");
                     goto err;
                 }
@@ -1836,104 +1833,6 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
             goto err;
     }
 
-    if (verbose)
-        BIO_printf(bio_err,
-                   "The subject name appears to be ok, checking data base for clashes\n");
-
-    /* Build the correct Subject if no e-mail is wanted in the subject */
-    /*
-     * and add it later on because of the method extensions are added
-     * (altName)
-     */
-
-    if (email_dn)
-        dn_subject = subject;
-    else {
-        X509_NAME_ENTRY *tmpne;
-        /*
-         * Its best to dup the subject DN and then delete any email addresses
-         * because this retains its structure.
-         */
-        if (!(dn_subject = X509_NAME_dup(subject))) {
-            BIO_printf(bio_err, "Memory allocation failure\n");
-            goto err;
-        }
-        while ((i = X509_NAME_get_index_by_NID(dn_subject,
-                                               NID_pkcs9_emailAddress,
-                                               -1)) >= 0) {
-            tmpne = X509_NAME_get_entry(dn_subject, i);
-            X509_NAME_delete_entry(dn_subject, i);
-            X509_NAME_ENTRY_free(tmpne);
-        }
-    }
-
-    if (BN_is_zero(serial))
-        row[DB_serial] = BUF_strdup("00");
-    else
-        row[DB_serial] = BN_bn2hex(serial);
-    if (row[DB_serial] == NULL) {
-        BIO_printf(bio_err, "Memory allocation failure\n");
-        goto err;
-    }
-
-    if (db->attributes.unique_subject) {
-        OPENSSL_STRING *crow = row;
-
-        rrow = TXT_DB_get_by_index(db->db, DB_name, crow);
-        if (rrow != NULL) {
-            BIO_printf(bio_err,
-                       "ERROR:There is already a certificate for %s\n",
-                       row[DB_name]);
-        }
-    }
-    if (rrow == NULL) {
-        rrow = TXT_DB_get_by_index(db->db, DB_serial, row);
-        if (rrow != NULL) {
-            BIO_printf(bio_err,
-                       "ERROR:Serial number %s has already been issued,\n",
-                       row[DB_serial]);
-            BIO_printf(bio_err,
-                       "      check the database/serial_file for corruption\n");
-        }
-    }
-
-    if (rrow != NULL) {
-        BIO_printf(bio_err, "The matching entry has the following details\n");
-        if (rrow[DB_type][0] == 'E')
-            p = "Expired";
-        else if (rrow[DB_type][0] == 'R')
-            p = "Revoked";
-        else if (rrow[DB_type][0] == 'V')
-            p = "Valid";
-        else
-            p = "\ninvalid type, Data base error\n";
-        BIO_printf(bio_err, "Type          :%s\n", p);;
-        if (rrow[DB_type][0] == 'R') {
-            p = rrow[DB_exp_date];
-            if (p == NULL)
-                p = "undef";
-            BIO_printf(bio_err, "Was revoked on:%s\n", p);
-        }
-        p = rrow[DB_exp_date];
-        if (p == NULL)
-            p = "undef";
-        BIO_printf(bio_err, "Expires on    :%s\n", p);
-        p = rrow[DB_serial];
-        if (p == NULL)
-            p = "undef";
-        BIO_printf(bio_err, "Serial Number :%s\n", p);
-        p = rrow[DB_file];
-        if (p == NULL)
-            p = "undef";
-        BIO_printf(bio_err, "File name     :%s\n", p);
-        p = rrow[DB_name];
-        if (p == NULL)
-            p = "undef";
-        BIO_printf(bio_err, "Subject Name  :%s\n", p);
-        ok = -1;                /* This is now a 'bad' error. */
-        goto err;
-    }
-
     /* We are now totally happy, lets make and sign the certificate */
     if (verbose)
         BIO_printf(bio_err,
@@ -1985,10 +1884,6 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
     /* Lets add the extensions, if there are any */
     if (ext_sect) {
         X509V3_CTX ctx;
-        if (ci->version == NULL)
-            if ((ci->version = ASN1_INTEGER_new()) == NULL)
-                goto err;
-        ASN1_INTEGER_set(ci->version, 2); /* version 3 certificate */
 
         /*
          * Free the current entries if any, there should not be any I believe
@@ -2051,10 +1946,133 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
         goto err;
     }
 
-    /* Set the right value for the noemailDN option */
-    if (email_dn == 0) {
-        if (!X509_set_subject_name(ret, dn_subject))
+    {
+        STACK_OF(X509_EXTENSION) *exts = ci->extensions;
+
+        if (exts != NULL && sk_X509_EXTENSION_num(exts) > 0)
+            /* Make it an X509 v3 certificate. */
+            if (!X509_set_version(ret, 2))
+                goto err;
+    }
+
+    if (verbose)
+        BIO_printf(bio_err,
+                   "The subject name appears to be ok, checking data base for clashes\n");
+
+    /* Build the correct Subject if no e-mail is wanted in the subject */
+
+    if (!email_dn) {
+        X509_NAME_ENTRY *tmpne;
+        X509_NAME *dn_subject;
+
+        /*
+         * Its best to dup the subject DN and then delete any email addresses
+         * because this retains its structure.
+         */
+        if (!(dn_subject = X509_NAME_dup(subject))) {
+            BIO_printf(bio_err, "Memory allocation failure\n");
             goto err;
+        }
+        while ((i = X509_NAME_get_index_by_NID(dn_subject,
+                                               NID_pkcs9_emailAddress,
+                                               -1)) >= 0) {
+            tmpne = X509_NAME_get_entry(dn_subject, i);
+            X509_NAME_delete_entry(dn_subject, i);
+            X509_NAME_ENTRY_free(tmpne);
+        }
+
+        if (!X509_set_subject_name(ret, dn_subject)) {
+            X509_NAME_free(dn_subject);
+            goto err;
+        }
+        X509_NAME_free(dn_subject);
+    }
+
+    row[DB_name] = X509_NAME_oneline(X509_get_subject_name(ret), NULL, 0);
+    if (row[DB_name] == NULL) {
+        BIO_printf(bio_err, "Memory allocation failure\n");
+        goto err;
+    }
+
+    if (BN_is_zero(serial))
+        row[DB_serial] = BUF_strdup("00");
+    else
+        row[DB_serial] = BN_bn2hex(serial);
+    if (row[DB_serial] == NULL) {
+        BIO_printf(bio_err, "Memory allocation failure\n");
+        goto err;
+    }
+
+    if (row[DB_name][0] == '\0') {
+        /*
+         * An empty subject! We'll use the serial number instead. If
+         * unique_subject is in use then we don't want different entries with
+         * empty subjects matching each other.
+         */
+        OPENSSL_free(row[DB_name]);
+        row[DB_name] = OPENSSL_strdup(row[DB_serial]);
+        if (row[DB_name] == NULL) {
+            BIO_printf(bio_err, "Memory allocation failure\n");
+            goto err;
+        }
+    }
+
+    if (db->attributes.unique_subject) {
+        OPENSSL_STRING *crow = row;
+
+        rrow = TXT_DB_get_by_index(db->db, DB_name, crow);
+        if (rrow != NULL) {
+            BIO_printf(bio_err,
+                       "ERROR:There is already a certificate for %s\n",
+                       row[DB_name]);
+        }
+    }
+    if (rrow == NULL) {
+        rrow = TXT_DB_get_by_index(db->db, DB_serial, row);
+        if (rrow != NULL) {
+            BIO_printf(bio_err,
+                       "ERROR:Serial number %s has already been issued,\n",
+                       row[DB_serial]);
+            BIO_printf(bio_err,
+                       "      check the database/serial_file for corruption\n");
+        }
+    }
+
+    if (rrow != NULL) {
+        BIO_printf(bio_err, "The matching entry has the following details\n");
+        if (rrow[DB_type][0] == 'E')
+            p = "Expired";
+        else if (rrow[DB_type][0] == 'R')
+            p = "Revoked";
+        else if (rrow[DB_type][0] == 'V')
+            p = "Valid";
+        else
+            p = "\ninvalid type, Data base error\n";
+        BIO_printf(bio_err, "Type          :%s\n", p);;
+        if (rrow[DB_type][0] == 'R') {
+            p = rrow[DB_exp_date];
+            if (p == NULL)
+                p = "undef";
+            BIO_printf(bio_err, "Was revoked on:%s\n", p);
+        }
+        p = rrow[DB_exp_date];
+        if (p == NULL)
+            p = "undef";
+        BIO_printf(bio_err, "Expires on    :%s\n", p);
+        p = rrow[DB_serial];
+        if (p == NULL)
+            p = "undef";
+        BIO_printf(bio_err, "Serial Number :%s\n", p);
+        p = rrow[DB_file];
+        if (p == NULL)
+            p = "undef";
+        BIO_printf(bio_err, "File name     :%s\n", p);
+        p = rrow[DB_name];
+        if (p == NULL)
+            p = "undef";
+        BIO_printf(bio_err, "Subject Name  :%s\n", p);
+        ok = -1;                /* This is now a 'bad' error. */
+        goto err;
     }
 
     if (!default_op) {
@@ -2105,10 +2123,9 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
     row[DB_exp_date] = OPENSSL_malloc(tm->length + 1);
     row[DB_rev_date] = OPENSSL_malloc(1);
     row[DB_file] = OPENSSL_malloc(8);
-    row[DB_name] = X509_NAME_oneline(X509_get_subject_name(ret), NULL, 0);
     if ((row[DB_type] == NULL) || (row[DB_exp_date] == NULL) ||
         (row[DB_rev_date] == NULL) ||
-        (row[DB_file] == NULL) || (row[DB_name] == NULL)) {
+        (row[DB_file] == NULL)) {
         BIO_printf(bio_err, "Memory allocation failure\n");
         goto err;
     }
@@ -2126,10 +2143,8 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
         goto err;
     }
 
-    for (i = 0; i < DB_NUMBER; i++) {
+    for (i = 0; i < DB_NUMBER; i++)
         irow[i] = row[i];
-        row[i] = NULL;
-    }
     irow[DB_NUMBER] = NULL;
 
     if (!TXT_DB_insert(db->db, irow)) {
@@ -2137,18 +2152,19 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
         BIO_printf(bio_err, "TXT_DB error number %ld\n", db->db->error);
         goto err;
     }
+    irow = NULL;
     ok = 1;
  err:
-    for (i = 0; i < DB_NUMBER; i++)
-        if (row[i] != NULL)
+    if (ok != 1) {
+        for (i = 0; i < DB_NUMBER; i++)
             OPENSSL_free(row[i]);
+    }
+    OPENSSL_free(irow);
 
     if (CAname != NULL)
         X509_NAME_free(CAname);
     if (subject != NULL)
         X509_NAME_free(subject);
-    if ((dn_subject != NULL) && !email_dn)
-        X509_NAME_free(dn_subject);
     if (tmptm != NULL)
         ASN1_UTCTIME_free(tmptm);
     if (ok <= 0) {
@@ -2351,6 +2367,11 @@ static int do_revoke(X509 *x509, CA_DB *db, int type, char *value)
     else
         row[DB_serial] = BN_bn2hex(bn);
     BN_free(bn);
+    if (row[DB_name] != NULL && row[DB_name][0] == '\0') {
+        /* Entries with empty Subjects actually use the serial number instead */
+        OPENSSL_free(row[DB_name]);
+        row[DB_name] = OPENSSL_strdup(row[DB_serial]);
+    }
     if ((row[DB_name] == NULL) || (row[DB_serial] == NULL)) {
         BIO_printf(bio_err, "Memory allocation failure\n");
         goto err;
@@ -2396,18 +2417,20 @@ static int do_revoke(X509 *x509, CA_DB *db, int type, char *value)
             goto err;
         }
 
-        for (i = 0; i < DB_NUMBER; i++) {
+        for (i = 0; i < DB_NUMBER; i++)
             irow[i] = row[i];
-            row[i] = NULL;
-        }
         irow[DB_NUMBER] = NULL;
 
         if (!TXT_DB_insert(db->db, irow)) {
             BIO_printf(bio_err, "failed to update database\n");
             BIO_printf(bio_err, "TXT_DB error number %ld\n", db->db->error);
+            OPENSSL_free(irow);
             goto err;
         }
 
+        for (i = 0; i < DB_NUMBER; i++)
+            row[i] = NULL;
+
         /* Revoke Certificate */
         if (type == -1)
             ok = 1;
diff --git a/apps/ciphers.c b/apps/ciphers.c
index 66636d2d..4856141f 100644
--- a/apps/ciphers.c
+++ b/apps/ciphers.c
@@ -217,7 +217,7 @@ int MAIN(int argc, char **argv)
                 BIO_printf(STDout, "%s - ", nm);
             }
 #endif
-            BIO_puts(STDout, SSL_CIPHER_description(c, buf, sizeof buf));
+            BIO_puts(STDout, SSL_CIPHER_description(c, buf, sizeof(buf)));
         }
     }
 
diff --git a/apps/cms.c b/apps/cms.c
index f9a63bc0..de4ba136 100644
--- a/apps/cms.c
+++ b/apps/cms.c
@@ -4,7 +4,7 @@
  * project.
  */
 /* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 2008-2018 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -977,12 +977,16 @@ int MAIN(int argc, char **argv)
 
             signer = load_cert(bio_err, signerfile, FORMAT_PEM, NULL,
                                e, "signer certificate");
-            if (!signer)
+            if (!signer) {
+                ret = 2;
                 goto end;
+            }
             key = load_key(bio_err, keyfile, keyform, 0, passin, e,
                            "signing key file");
-            if (!key)
+            if (!key) {
+                ret = 2;
                 goto end;
+            }
             for (kparam = key_first; kparam; kparam = kparam->next) {
                 if (kparam->idx == i) {
                     tflags |= CMS_KEY_PARAM;
diff --git a/apps/dgst.c b/apps/dgst.c
index bc2601e4..686fe344 100644
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -145,7 +145,7 @@ int MAIN(int argc, char **argv)
         goto end;
 
     /* first check the program name */
-    program_name(argv[0], pname, sizeof pname);
+    program_name(argv[0], pname, sizeof(pname));
 
     md = EVP_get_digestbyname(pname);
 
diff --git a/apps/dhparam.c b/apps/dhparam.c
index 1210adb1..bd91234a 100644
--- a/apps/dhparam.c
+++ b/apps/dhparam.c
@@ -381,10 +381,19 @@ int MAIN(int argc, char **argv)
         } else
 # endif
         {
-            if (informat == FORMAT_ASN1)
+            if (informat == FORMAT_ASN1) {
+                /*
+                 * We have no PEM header to determine what type of DH params it
+                 * is. We'll just try both.
+                 */
                 dh = d2i_DHparams_bio(in, NULL);
-            else                /* informat == FORMAT_PEM */
+                /* BIO_reset() returns 0 for success for file BIOs only!!! */
+                if (dh == NULL && BIO_reset(in) == 0)
+                    dh = d2i_DHxparams_bio(in, NULL);
+            } else {
+                /* informat == FORMAT_PEM */
                 dh = PEM_read_bio_DHparams(in, NULL, NULL, NULL);
+            }
 
             if (dh == NULL) {
                 BIO_printf(bio_err, "unable to load DH parameters\n");
@@ -484,10 +493,13 @@ int MAIN(int argc, char **argv)
     }
 
     if (!noout) {
-        if (outformat == FORMAT_ASN1)
-            i = i2d_DHparams_bio(out, dh);
-        else if (outformat == FORMAT_PEM) {
-            if (dh->q)
+        if (outformat == FORMAT_ASN1) {
+            if (dh->q != NULL)
+                i = i2d_DHxparams_bio(out, dh);
+            else
+                i = i2d_DHparams_bio(out, dh);
+        } else if (outformat == FORMAT_PEM) {
+            if (dh->q != NULL)
                 i = PEM_write_bio_DHxparams(out, dh);
             else
                 i = PEM_write_bio_DHparams(out, dh);
diff --git a/apps/dsa.c b/apps/dsa.c
index 4ed21d89..82a870eb 100644
--- a/apps/dsa.c
+++ b/apps/dsa.c
@@ -327,6 +327,9 @@ int MAIN(int argc, char **argv)
     } else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) {
         EVP_PKEY *pk;
         pk = EVP_PKEY_new();
+        if (pk == NULL)
+           goto end;
+
         EVP_PKEY_set1_DSA(pk, dsa);
         if (outformat == FORMAT_PVK)
             i = i2b_PVK_bio(out, pk, pvk_encr, 0, passout);
diff --git a/apps/dsaparam.c b/apps/dsaparam.c
index f2cf553d..3a4a1238 100644
--- a/apps/dsaparam.c
+++ b/apps/dsaparam.c
@@ -382,6 +382,9 @@ int MAIN(int argc, char **argv)
         printf("\treturn(dsa);\n\t}\n");
     }
 
+    if (outformat == FORMAT_ASN1 && genkey)
+        noout = 1;
+
     if (!noout) {
         if (outformat == FORMAT_ASN1)
             i = i2d_DSAparams_bio(out, dsa);
diff --git a/apps/ecparam.c b/apps/ecparam.c
index a9bf489c..8d5b7044 100644
--- a/apps/ecparam.c
+++ b/apps/ecparam.c
@@ -3,7 +3,7 @@
  * Written by Nils Larsch for the OpenSSL project.
  */
 /* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2018 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -546,6 +546,9 @@ int MAIN(int argc, char **argv)
         BIO_printf(out, "\treturn(group);\n\t}\n");
     }
 
+    if (outformat == FORMAT_ASN1 && genkey)
+        noout = 1;
+
     if (!noout) {
         if (outformat == FORMAT_ASN1)
             i = i2d_ECPKParameters_bio(out, group);
@@ -582,6 +585,9 @@ int MAIN(int argc, char **argv)
         if (EC_KEY_set_group(eckey, group) == 0)
             goto end;
 
+        if (new_form)
+            EC_KEY_set_conv_form(eckey, form);
+
         if (!EC_KEY_generate_key(eckey)) {
             EC_KEY_free(eckey);
             goto end;
diff --git a/apps/enc.c b/apps/enc.c
index 8c8f1ef0..3b7e1eea 100644
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -81,20 +81,32 @@ int set_hex(char *in, unsigned char *out, int size);
 #define BSIZE   (8*1024)
 #define PROG    enc_main
 
-static void show_ciphers(const OBJ_NAME *name, void *bio_)
+struct doall_enc_ciphers {
+    BIO *bio;
+    int n;
+};
+
+static void show_ciphers(const OBJ_NAME *name, void *arg)
 {
-    BIO *bio = bio_;
-    static int n;
+    struct doall_enc_ciphers *dec = (struct doall_enc_ciphers *)arg;
+    const EVP_CIPHER *cipher;
 
     if (!islower((unsigned char)*name->name))
         return;
 
-    BIO_printf(bio, "-%-25s", name->name);
-    if (++n == 3) {
-        BIO_printf(bio, "\n");
-        n = 0;
+    /* Filter out ciphers that we cannot use */
+    cipher = EVP_get_cipherbyname(name->name);
+    if (cipher == NULL ||
+            (EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) != 0 ||
+            EVP_CIPHER_mode(cipher) == EVP_CIPH_XTS_MODE)
+        return;
+
+    BIO_printf(dec->bio, "-%-25s", name->name);
+    if (++dec->n == 3) {
+        BIO_printf(dec->bio, "\n");
+        dec->n = 0;
     } else
-        BIO_printf(bio, " ");
+        BIO_printf(dec->bio, " ");
 }
 
 int MAIN(int, char **);
@@ -102,7 +114,7 @@ int MAIN(int, char **);
 int MAIN(int argc, char **argv)
 {
     static const char magic[] = "Salted__";
-    char mbuf[sizeof magic - 1];
+    char mbuf[sizeof(magic) - 1];
     char *strbuf = NULL;
     unsigned char *buff = NULL, *bufsize = NULL;
     int bsize = BSIZE, verbose = 0;
@@ -130,6 +142,7 @@ int MAIN(int argc, char **argv)
     ENGINE *e = NULL;
     const EVP_MD *dgst = NULL;
     int non_fips_allow = 0;
+    struct doall_enc_ciphers dec;
 
     apps_startup();
 
@@ -141,7 +154,7 @@ int MAIN(int argc, char **argv)
         goto end;
 
     /* first check the program name */
-    program_name(argv[0], pname, sizeof pname);
+    program_name(argv[0], pname, sizeof(pname));
     if (strcmp(pname, "base64") == 0)
         base64 = 1;
 #ifdef ZLIB
@@ -234,7 +247,7 @@ int MAIN(int argc, char **argv)
                 goto bad;
             }
             buf[0] = '\0';
-            if (!fgets(buf, sizeof buf, infile)) {
+            if (!fgets(buf, sizeof(buf), infile)) {
                 BIO_printf(bio_err, "unable to read key from '%s'\n", file);
                 goto bad;
             }
@@ -311,8 +324,10 @@ int MAIN(int argc, char **argv)
 #endif
 
             BIO_printf(bio_err, "Cipher Types\n");
+            dec.n = 0;
+            dec.bio = bio_err;
             OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH,
-                                   show_ciphers, bio_err);
+                                   show_ciphers, &dec);
             BIO_printf(bio_err, "\n");
 
             goto end;
@@ -417,7 +432,7 @@ int MAIN(int argc, char **argv)
         for (;;) {
             char buf[200];
 
-            BIO_snprintf(buf, sizeof buf, "enter %s %s password:",
+            BIO_snprintf(buf, sizeof(buf), "enter %s %s password:",
                          OBJ_nid2ln(EVP_CIPHER_nid(cipher)),
                          (enc) ? "encryption" : "decryption");
             strbuf[0] = '\0';
@@ -502,31 +517,31 @@ int MAIN(int argc, char **argv)
             else {
                 if (enc) {
                     if (hsalt) {
-                        if (!set_hex(hsalt, salt, sizeof salt)) {
+                        if (!set_hex(hsalt, salt, sizeof(salt))) {
                             BIO_printf(bio_err, "invalid hex salt value\n");
                             goto end;
                         }
-                    } else if (RAND_bytes(salt, sizeof salt) <= 0)
+                    } else if (RAND_bytes(salt, sizeof(salt)) <= 0)
                         goto end;
                     /*
                      * If -P option then don't bother writing
                      */
                     if ((printkey != 2)
                         && (BIO_write(wbio, magic,
-                                      sizeof magic - 1) != sizeof magic - 1
+                                      sizeof(magic) - 1) != sizeof(magic) - 1
                             || BIO_write(wbio,
                                          (char *)salt,
-                                         sizeof salt) != sizeof salt)) {
+                                         sizeof(salt)) != sizeof(salt))) {
                         BIO_printf(bio_err, "error writing output file\n");
                         goto end;
                     }
-                } else if (BIO_read(rbio, mbuf, sizeof mbuf) != sizeof mbuf
+                } else if (BIO_read(rbio, mbuf, sizeof(mbuf)) != sizeof(mbuf)
                            || BIO_read(rbio,
                                        (unsigned char *)salt,
-                                       sizeof salt) != sizeof salt) {
+                                       sizeof(salt)) != sizeof(salt)) {
                     BIO_printf(bio_err, "error reading input file\n");
                     goto end;
-                } else if (memcmp(mbuf, magic, sizeof magic - 1)) {
+                } else if (memcmp(mbuf, magic, sizeof(magic) - 1)) {
                     BIO_printf(bio_err, "bad magic number\n");
                     goto end;
                 }
@@ -549,7 +564,7 @@ int MAIN(int argc, char **argv)
             int siz = EVP_CIPHER_iv_length(cipher);
             if (siz == 0) {
                 BIO_printf(bio_err, "warning: iv not use by this cipher\n");
-            } else if (!set_hex(hiv, iv, sizeof iv)) {
+            } else if (!set_hex(hiv, iv, sizeof(iv))) {
                 BIO_printf(bio_err, "invalid hex iv value\n");
                 goto end;
             }
diff --git a/apps/engine.c b/apps/engine.c
index f54631b5..a8eed9af 100644
--- a/apps/engine.c
+++ b/apps/engine.c
@@ -108,13 +108,16 @@ static int append_buf(char **buf, const char *s, int *size, int step)
     }
 
     if (strlen(*buf) + strlen(s) >= (unsigned int)*size) {
+        char *p = *buf;
+
         *size += step;
         *buf = OPENSSL_realloc(*buf, *size);
+        if (*buf == NULL) {
+            OPENSSL_free(p);
+            return 0;
+        }
     }
 
-    if (*buf == NULL)
-        return 0;
-
     if (**buf != '\0')
         BUF_strlcat(*buf, ", ", *size);
     BUF_strlcat(*buf, s, *size);
diff --git a/apps/errstr.c b/apps/errstr.c
index c2d4fdec..c3fef610 100644
--- a/apps/errstr.c
+++ b/apps/errstr.c
@@ -108,7 +108,7 @@ int MAIN(int argc, char **argv)
 
     for (i = 1; i < argc; i++) {
         if (sscanf(argv[i], "%lx", &l)) {
-            ERR_error_string_n(l, buf, sizeof buf);
+            ERR_error_string_n(l, buf, sizeof(buf));
             printf("%s\n", buf);
         } else {
             printf("%s: bad error code\n", argv[i]);
diff --git a/apps/ocsp.c b/apps/ocsp.c
index 5da51df5..654eebcb 100644
--- a/apps/ocsp.c
+++ b/apps/ocsp.c
@@ -1195,7 +1195,7 @@ static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio,
     *pcbio = cbio;
 
     for (;;) {
-        len = BIO_gets(cbio, inbuf, sizeof inbuf);
+        len = BIO_gets(cbio, inbuf, sizeof(inbuf));
         if (len <= 0)
             return 1;
         /* Look for "POST" signalling start of query */
diff --git a/apps/openssl.c b/apps/openssl.c
index 68731452..c3da5d6c 100644
--- a/apps/openssl.c
+++ b/apps/openssl.c
@@ -351,7 +351,7 @@ int main(int Argc, char *ARGV[])
     prog = prog_init();
 
     /* first check the program name */
-    program_name(Argv[0], pname, sizeof pname);
+    program_name(Argv[0], pname, sizeof(pname));
 
     f.name = pname;
     fp = lh_FUNCTION_retrieve(prog, &f);
@@ -379,7 +379,7 @@ int main(int Argc, char *ARGV[])
     for (;;) {
         ret = 0;
         p = buf;
-        n = sizeof buf;
+        n = sizeof(buf);
         i = 0;
         for (;;) {
             p[0] = '\0';
@@ -685,7 +685,7 @@ static LHASH_OF(FUNCTION) *prog_init(void)
 
     /* Purely so it looks nice when the user hits ? */
     for (i = 0, f = functions; f->name != NULL; ++f, ++i) ;
-    qsort(functions, i, sizeof *functions, SortFnByName);
+    qsort(functions, i, sizeof(*functions), SortFnByName);
 
     if ((ret = lh_FUNCTION_new()) == NULL)
         return (NULL);
diff --git a/apps/passwd.c b/apps/passwd.c
index 798a6d59..56e10ad3 100644
--- a/apps/passwd.c
+++ b/apps/passwd.c
@@ -252,7 +252,7 @@ int MAIN(int argc, char **argv)
                     /* ignore rest of line */
                     char trash[BUFSIZ];
                     do
-                        r = BIO_gets(in, trash, sizeof trash);
+                        r = BIO_gets(in, trash, sizeof(trash));
                     while ((r > 0) && (!strchr(trash, '\n')));
                 }
 
@@ -329,8 +329,8 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
     EVP_DigestUpdate(&md2, passwd, passwd_len);
     EVP_DigestFinal_ex(&md2, buf, NULL);
 
-    for (i = passwd_len; i > sizeof buf; i -= sizeof buf)
-        EVP_DigestUpdate(&md, buf, sizeof buf);
+    for (i = passwd_len; i > sizeof(buf); i -= sizeof(buf))
+        EVP_DigestUpdate(&md, buf, sizeof(buf));
     EVP_DigestUpdate(&md, buf, i);
 
     n = passwd_len;
@@ -343,13 +343,13 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
     for (i = 0; i < 1000; i++) {
         EVP_DigestInit_ex(&md2, EVP_md5(), NULL);
         EVP_DigestUpdate(&md2, (i & 1) ? (unsigned const char *)passwd : buf,
-                         (i & 1) ? passwd_len : sizeof buf);
+                         (i & 1) ? passwd_len : sizeof(buf));
         if (i % 3)
             EVP_DigestUpdate(&md2, salt_out, salt_len);
         if (i % 7)
             EVP_DigestUpdate(&md2, passwd, passwd_len);
         EVP_DigestUpdate(&md2, (i & 1) ? buf : (unsigned const char *)passwd,
-                         (i & 1) ? sizeof buf : passwd_len);
+                         (i & 1) ? sizeof(buf) : passwd_len);
         EVP_DigestFinal_ex(&md2, buf, NULL);
     }
     EVP_MD_CTX_cleanup(&md2);
@@ -357,7 +357,7 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
     {
         /* transform buf into output string */
 
-        unsigned char buf_perm[sizeof buf];
+        unsigned char buf_perm[sizeof(buf)];
         int dest, source;
         char *output;
 
@@ -369,7 +369,7 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
         buf_perm[15] = buf[11];
 #  ifndef PEDANTIC              /* Unfortunately, this generates a "no
                                  * effect" warning */
-        assert(16 == sizeof buf_perm);
+        assert(16 == sizeof(buf_perm));
 #  endif
 
         output = salt_out + salt_len;
diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index d0bd97af..0ba4c9a8 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -481,7 +481,7 @@ int MAIN(int argc, char **argv)
         CRYPTO_push_info("read MAC password");
 # endif
         if (EVP_read_pw_string
-            (macpass, sizeof macpass, "Enter MAC Password:", export_cert)) {
+            (macpass, sizeof(macpass), "Enter MAC Password:", export_cert)) {
             BIO_printf(bio_err, "Can't read Password\n");
             goto end;
         }
@@ -629,13 +629,13 @@ int MAIN(int argc, char **argv)
 # endif
 
         if (!noprompt &&
-            EVP_read_pw_string(pass, sizeof pass, "Enter Export Password:",
+            EVP_read_pw_string(pass, sizeof(pass), "Enter Export Password:",
                                1)) {
             BIO_printf(bio_err, "Can't read Password\n");
             goto export_end;
         }
         if (!twopass)
-            BUF_strlcpy(macpass, pass, sizeof macpass);
+            BUF_strlcpy(macpass, pass, sizeof(macpass));
 
 # ifdef CRYPTO_MDEBUG
         CRYPTO_pop_info();
@@ -698,7 +698,7 @@ int MAIN(int argc, char **argv)
     CRYPTO_push_info("read import password");
 # endif
     if (!noprompt
-        && EVP_read_pw_string(pass, sizeof pass, "Enter Import Password:",
+        && EVP_read_pw_string(pass, sizeof(pass), "Enter Import Password:",
                               0)) {
         BIO_printf(bio_err, "Can't read Password\n");
         goto end;
@@ -708,7 +708,7 @@ int MAIN(int argc, char **argv)
 # endif
 
     if (!twopass)
-        BUF_strlcpy(macpass, pass, sizeof macpass);
+        BUF_strlcpy(macpass, pass, sizeof(macpass));
 
     if ((options & INFO) && p12->mac)
         BIO_printf(bio_err, "MAC Iteration %ld\n",
diff --git a/apps/pkcs8.c b/apps/pkcs8.c
index 71e31689..d7f0720c 100644
--- a/apps/pkcs8.c
+++ b/apps/pkcs8.c
@@ -277,7 +277,7 @@ int MAIN(int argc, char **argv)
             else {
                 p8pass = pass;
                 if (EVP_read_pw_string
-                    (pass, sizeof pass, "Enter Encryption Password:", 1))
+                    (pass, sizeof(pass), "Enter Encryption Password:", 1))
                     goto end;
             }
             app_RAND_load_file(NULL, bio_err, 0);
@@ -331,7 +331,7 @@ int MAIN(int argc, char **argv)
             p8pass = passin;
         else {
             p8pass = pass;
-            EVP_read_pw_string(pass, sizeof pass, "Enter Password:", 0);
+            EVP_read_pw_string(pass, sizeof(pass), "Enter Password:", 0);
         }
         p8inf = PKCS8_decrypt(p8, p8pass, strlen(p8pass));
     }
diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c
index 7c62d1c8..19f2e5d9 100644
--- a/apps/pkeyutl.c
+++ b/apps/pkeyutl.c
@@ -322,8 +322,10 @@ int MAIN(int argc, char **argv)
                              buf_in, (size_t)buf_inlen);
         if (rv == 0)
             BIO_puts(out, "Signature Verification Failure\n");
-        else if (rv == 1)
+        else if (rv == 1) {
             BIO_puts(out, "Signature Verified Successfully\n");
+            ret = 0;
+        }
         if (rv >= 0)
             goto end;
     } else {
diff --git a/apps/prime.c b/apps/prime.c
index 133167f2..d8f764a3 100644
--- a/apps/prime.c
+++ b/apps/prime.c
@@ -155,5 +155,8 @@ int MAIN(int argc, char **argv)
     BIO_printf(bio_err, "options are\n");
     BIO_printf(bio_err, "%-14s hex\n", "-hex");
     BIO_printf(bio_err, "%-14s number of checks\n", "-checks <n>");
+    BIO_printf(bio_err, "%-14s generate prime\n", "-generate");
+    BIO_printf(bio_err, "%-14s number of bits\n", "-bits <n>");
+    BIO_printf(bio_err, "%-14s safe prime\n", "-safe");
     return 1;
 }
diff --git a/apps/progs.h b/apps/progs.h
index fb498fd2..d5c0039b 100644
--- a/apps/progs.h
+++ b/apps/progs.h
@@ -58,7 +58,7 @@ extern int srp_main(int argc, char *argv[]);
 typedef struct {
     int type;
     const char *name;
-    int (*func) (int argc, char *argv[]);
+    int (*func)(int argc, char *argv[]);
 } FUNCTION;
 DECLARE_LHASH_OF(FUNCTION);
 
diff --git a/apps/progs.pl b/apps/progs.pl
index fa6258cf..73498e3d 100644
--- a/apps/progs.pl
+++ b/apps/progs.pl
@@ -6,22 +6,22 @@ print "/* automatically generated by progs.pl for openssl.c */\n\n";
 grep(s/^asn1pars$/asn1parse/,@ARGV);
 
 foreach (@ARGV)
-	{ printf "extern int %s_main(int argc,char *argv[]);\n",$_; }
+	{ printf "extern int %s_main(int argc, char *argv[]);\n",$_; }
 
 print <<'EOF';
 
-#define FUNC_TYPE_GENERAL	1
-#define FUNC_TYPE_MD		2
-#define FUNC_TYPE_CIPHER	3
-#define FUNC_TYPE_PKEY		4
-#define FUNC_TYPE_MD_ALG	5
-#define FUNC_TYPE_CIPHER_ALG	6
+#define FUNC_TYPE_GENERAL       1
+#define FUNC_TYPE_MD            2
+#define FUNC_TYPE_CIPHER        3
+#define FUNC_TYPE_PKEY          4
+#define FUNC_TYPE_MD_ALG        5
+#define FUNC_TYPE_CIPHER_ALG    6
 
 typedef struct {
-	int type;
-	const char *name;
-	int (*func)(int argc,char *argv[]);
-	} FUNCTION;
+    int type;
+    const char *name;
+    int (*func)(int argc, char *argv[]);
+} FUNCTION;
 DECLARE_LHASH_OF(FUNCTION);
 
 FUNCTION functions[] = {
@@ -30,7 +30,7 @@ EOF
 foreach (@ARGV)
 	{
 	push(@files,$_);
-	$str="\t{FUNC_TYPE_GENERAL,\"$_\",${_}_main},\n";
+	$str="    {FUNC_TYPE_GENERAL, \"$_\", ${_}_main},\n";
 	if (($_ =~ /^s_/) || ($_ =~ /^ciphers$/))
 		{ print "#if !defined(OPENSSL_NO_SOCK)\n${str}#endif\n"; } 
 	elsif ( ($_ =~ /^speed$/))
@@ -60,7 +60,7 @@ foreach (@ARGV)
 foreach ("md2","md4","md5","sha","sha1","mdc2","rmd160")
 	{
 	push(@files,$_);
-	printf "#ifndef OPENSSL_NO_".uc($_)."\n\t{FUNC_TYPE_MD,\"".$_."\",dgst_main},\n#endif\n";
+	printf "#ifndef OPENSSL_NO_".uc($_)."\n    {FUNC_TYPE_MD, \"".$_."\", dgst_main},\n#endif\n";
 	}
 
 foreach (
@@ -86,7 +86,7 @@ foreach (
 	{
 	push(@files,$_);
 
-	$t=sprintf("\t{FUNC_TYPE_CIPHER,\"%s\",enc_main},\n",$_);
+	$t=sprintf("    {FUNC_TYPE_CIPHER, \"%s\", enc_main},\n",$_);
 	if    ($_ =~ /des/)  { $t="#ifndef OPENSSL_NO_DES\n${t}#endif\n"; }
 	elsif ($_ =~ /aes/)  { $t="#ifndef OPENSSL_NO_AES\n${t}#endif\n"; }
 	elsif ($_ =~ /camellia/)  { $t="#ifndef OPENSSL_NO_CAMELLIA\n${t}#endif\n"; }
@@ -101,4 +101,4 @@ foreach (
 	print $t;
 	}
 
-print "\t{0,NULL,NULL}\n\t};\n";
+print "    {0, NULL, NULL}\n};\n";
diff --git a/apps/rand.c b/apps/rand.c
index 96dcb727..eddb8af8 100644
--- a/apps/rand.c
+++ b/apps/rand.c
@@ -198,7 +198,7 @@ int MAIN(int argc, char **argv)
 
         chunk = num;
         if (chunk > (int)sizeof(buf))
-            chunk = sizeof buf;
+            chunk = sizeof(buf);
         r = RAND_bytes(buf, chunk);
         if (r <= 0)
             goto err;
diff --git a/apps/req.c b/apps/req.c
index cdea1f61..7fcab18c 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -331,7 +331,6 @@ int MAIN(int argc, char **argv)
         else if (strcmp(*argv, "-text") == 0)
             text = 1;
         else if (strcmp(*argv, "-x509") == 0) {
-            newreq = 1;
             x509 = 1;
         } else if (strcmp(*argv, "-asn1-kludge") == 0)
             kludge = 1;
@@ -447,6 +446,9 @@ int MAIN(int argc, char **argv)
         goto end;
     }
 
+    if (x509 && infile == NULL)
+        newreq = 1;
+
     ERR_load_crypto_strings();
     if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
         BIO_printf(bio_err, "Error getting passwords\n");
@@ -753,7 +755,7 @@ int MAIN(int argc, char **argv)
         }
     }
 
-    if (newreq) {
+    if (newreq || x509) {
         if (pkey == NULL) {
             BIO_printf(bio_err, "you need to specify a private key\n");
             goto end;
@@ -1191,7 +1193,7 @@ static int prompt_info(X509_REQ *req,
             /* If OBJ not recognised ignore it */
             if ((nid = OBJ_txt2nid(type)) == NID_undef)
                 goto start;
-            if (BIO_snprintf(buf, sizeof buf, "%s_default", v->name)
+            if (BIO_snprintf(buf, sizeof(buf), "%s_default", v->name)
                 >= (int)sizeof(buf)) {
                 BIO_printf(bio_err, "Name '%s' too long\n", v->name);
                 return 0;
@@ -1202,19 +1204,19 @@ static int prompt_info(X509_REQ *req,
                 def = "";
             }
 
-            BIO_snprintf(buf, sizeof buf, "%s_value", v->name);
+            BIO_snprintf(buf, sizeof(buf), "%s_value", v->name);
             if ((value = NCONF_get_string(req_conf, dn_sect, buf)) == NULL) {
                 ERR_clear_error();
                 value = NULL;
             }
 
-            BIO_snprintf(buf, sizeof buf, "%s_min", v->name);
+            BIO_snprintf(buf, sizeof(buf), "%s_min", v->name);
             if (!NCONF_get_number(req_conf, dn_sect, buf, &n_min)) {
                 ERR_clear_error();
                 n_min = -1;
             }
 
-            BIO_snprintf(buf, sizeof buf, "%s_max", v->name);
+            BIO_snprintf(buf, sizeof(buf), "%s_max", v->name);
             if (!NCONF_get_number(req_conf, dn_sect, buf, &n_max)) {
                 ERR_clear_error();
                 n_max = -1;
@@ -1250,7 +1252,7 @@ static int prompt_info(X509_REQ *req,
                 if ((nid = OBJ_txt2nid(type)) == NID_undef)
                     goto start2;
 
-                if (BIO_snprintf(buf, sizeof buf, "%s_default", type)
+                if (BIO_snprintf(buf, sizeof(buf), "%s_default", type)
                     >= (int)sizeof(buf)) {
                     BIO_printf(bio_err, "Name '%s' too long\n", v->name);
                     return 0;
@@ -1262,20 +1264,20 @@ static int prompt_info(X509_REQ *req,
                     def = "";
                 }
 
-                BIO_snprintf(buf, sizeof buf, "%s_value", type);
+                BIO_snprintf(buf, sizeof(buf), "%s_value", type);
                 if ((value = NCONF_get_string(req_conf, attr_sect, buf))
                     == NULL) {
                     ERR_clear_error();
                     value = NULL;
                 }
 
-                BIO_snprintf(buf, sizeof buf, "%s_min", type);
+                BIO_snprintf(buf, sizeof(buf), "%s_min", type);
                 if (!NCONF_get_number(req_conf, attr_sect, buf, &n_min)) {
                     ERR_clear_error();
                     n_min = -1;
                 }
 
-                BIO_snprintf(buf, sizeof buf, "%s_max", type);
+                BIO_snprintf(buf, sizeof(buf), "%s_max", type);
                 if (!NCONF_get_number(req_conf, attr_sect, buf, &n_max)) {
                     ERR_clear_error();
                     n_max = -1;
@@ -1370,13 +1372,13 @@ static int add_DN_object(X509_NAME *n, char *text, const char *def,
         BIO_printf(bio_err, "%s [%s]:", text, def);
     (void)BIO_flush(bio_err);
     if (value != NULL) {
-        BUF_strlcpy(buf, value, sizeof buf);
-        BUF_strlcat(buf, "\n", sizeof buf);
+        BUF_strlcpy(buf, value, sizeof(buf));
+        BUF_strlcat(buf, "\n", sizeof(buf));
         BIO_printf(bio_err, "%s\n", value);
     } else {
         buf[0] = '\0';
         if (!batch) {
-            if (!fgets(buf, sizeof buf, stdin))
+            if (!fgets(buf, sizeof(buf), stdin))
                 return 0;
         } else {
             buf[0] = '\n';
@@ -1389,8 +1391,8 @@ static int add_DN_object(X509_NAME *n, char *text, const char *def,
     else if (buf[0] == '\n') {
         if ((def == NULL) || (def[0] == '\0'))
             return (1);
-        BUF_strlcpy(buf, def, sizeof buf);
-        BUF_strlcat(buf, "\n", sizeof buf);
+        BUF_strlcpy(buf, def, sizeof(buf));
+        BUF_strlcat(buf, "\n", sizeof(buf));
     } else if ((buf[0] == '.') && (buf[1] == '\n'))
         return (1);
 
@@ -1429,13 +1431,13 @@ static int add_attribute_object(X509_REQ *req, char *text, const char *def,
         BIO_printf(bio_err, "%s [%s]:", text, def);
     (void)BIO_flush(bio_err);
     if (value != NULL) {
-        BUF_strlcpy(buf, value, sizeof buf);
-        BUF_strlcat(buf, "\n", sizeof buf);
+        BUF_strlcpy(buf, value, sizeof(buf));
+        BUF_strlcat(buf, "\n", sizeof(buf));
         BIO_printf(bio_err, "%s\n", value);
     } else {
         buf[0] = '\0';
         if (!batch) {
-            if (!fgets(buf, sizeof buf, stdin))
+            if (!fgets(buf, sizeof(buf), stdin))
                 return 0;
         } else {
             buf[0] = '\n';
@@ -1448,8 +1450,8 @@ static int add_attribute_object(X509_REQ *req, char *text, const char *def,
     else if (buf[0] == '\n') {
         if ((def == NULL) || (def[0] == '\0'))
             return (1);
-        BUF_strlcpy(buf, def, sizeof buf);
-        BUF_strlcat(buf, "\n", sizeof buf);
+        BUF_strlcpy(buf, def, sizeof(buf));
+        BUF_strlcat(buf, "\n", sizeof(buf));
     } else if ((buf[0] == '.') && (buf[1] == '\n'))
         return (1);
 
diff --git a/apps/s_client.c b/apps/s_client.c
index 3cabfb50..c8556685 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -630,10 +630,11 @@ static int serverinfo_cli_parse_cb(SSL *s, unsigned int ext_type,
     unsigned char ext_buf[4 + 65536];
 
     /* Reconstruct the type/len fields prior to extension data */
-    ext_buf[0] = ext_type >> 8;
-    ext_buf[1] = ext_type & 0xFF;
-    ext_buf[2] = inlen >> 8;
-    ext_buf[3] = inlen & 0xFF;
+    inlen &= 0xffff; /* for formal memcpy correctness */
+    ext_buf[0] = (unsigned char)(ext_type >> 8);
+    ext_buf[1] = (unsigned char)(ext_type);
+    ext_buf[2] = (unsigned char)(inlen >> 8);
+    ext_buf[3] = (unsigned char)(inlen);
     memcpy(ext_buf + 4, in, inlen);
 
     BIO_snprintf(pem_name, sizeof(pem_name), "SERVERINFO FOR EXTENSION %d",
@@ -1667,6 +1668,8 @@ int MAIN(int argc, char **argv)
             if (strstr(mbuf, "/stream:features>"))
                 goto shut;
             seen = BIO_read(sbio, mbuf, BUFSIZZ);
+            if (seen <= 0)
+                goto shut;
             mbuf[seen] = 0;
         }
         BIO_printf(sbio,
@@ -2132,6 +2135,7 @@ int MAIN(int argc, char **argv)
         BIO_free(bio_c_msg);
         bio_c_msg = NULL;
     }
+    SSL_COMP_free_compression_methods();
     apps_shutdown();
     OPENSSL_EXIT(ret);
 }
@@ -2162,10 +2166,10 @@ static void print_stuff(BIO *bio, SSL *s, int full)
             BIO_printf(bio, "---\nCertificate chain\n");
             for (i = 0; i < sk_X509_num(sk); i++) {
                 X509_NAME_oneline(X509_get_subject_name(sk_X509_value(sk, i)),
-                                  buf, sizeof buf);
+                                  buf, sizeof(buf));
                 BIO_printf(bio, "%2d s:%s\n", i, buf);
                 X509_NAME_oneline(X509_get_issuer_name(sk_X509_value(sk, i)),
-                                  buf, sizeof buf);
+                                  buf, sizeof(buf));
                 BIO_printf(bio, "   i:%s\n", buf);
                 if (c_showcerts)
                     PEM_write_bio_X509(bio, sk_X509_value(sk, i));
@@ -2180,9 +2184,9 @@ static void print_stuff(BIO *bio, SSL *s, int full)
             /* Redundant if we showed the whole chain */
             if (!(c_showcerts && got_a_chain))
                 PEM_write_bio_X509(bio, peer);
-            X509_NAME_oneline(X509_get_subject_name(peer), buf, sizeof buf);
+            X509_NAME_oneline(X509_get_subject_name(peer), buf, sizeof(buf));
             BIO_printf(bio, "subject=%s\n", buf);
-            X509_NAME_oneline(X509_get_issuer_name(peer), buf, sizeof buf);
+            X509_NAME_oneline(X509_get_issuer_name(peer), buf, sizeof(buf));
             BIO_printf(bio, "issuer=%s\n", buf);
         } else
             BIO_printf(bio, "no peer certificate available\n");
@@ -2199,7 +2203,7 @@ static void print_stuff(BIO *bio, SSL *s, int full)
         } else {
             BIO_printf(bio, "---\nNo client certificate CA names sent\n");
         }
-        p = SSL_get_shared_ciphers(s, buf, sizeof buf);
+        p = SSL_get_shared_ciphers(s, buf, sizeof(buf));
         if (p != NULL) {
             /*
              * This works only for SSL 2.  In later protocol versions, the
diff --git a/apps/s_server.c b/apps/s_server.c
index b561cf3a..83918fb6 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -2008,7 +2008,7 @@ int MAIN(int argc, char *argv[])
 
     SSL_CTX_set_verify(ctx, s_server_verify, verify_callback);
     SSL_CTX_set_session_id_context(ctx, (void *)&s_server_session_id_context,
-                                   sizeof s_server_session_id_context);
+                                   sizeof(s_server_session_id_context));
 
     /* Set DTLS cookie generation and verification callbacks */
     SSL_CTX_set_cookie_generate_cb(ctx, generate_cookie_callback);
@@ -2019,7 +2019,7 @@ int MAIN(int argc, char *argv[])
         SSL_CTX_set_verify(ctx2, s_server_verify, verify_callback);
         SSL_CTX_set_session_id_context(ctx2,
                                        (void *)&s_server_session_id_context,
-                                       sizeof s_server_session_id_context);
+                                       sizeof(s_server_session_id_context));
 
         tlsextcbp.biodebug = bio_s_out;
         SSL_CTX_set_tlsext_servername_callback(ctx2, ssl_servername_cb);
@@ -2132,6 +2132,7 @@ int MAIN(int argc, char *argv[])
         BIO_free(bio_s_msg);
         bio_s_msg = NULL;
     }
+    SSL_COMP_free_compression_methods();
     apps_shutdown();
     OPENSSL_EXIT(ret);
 }
@@ -2665,14 +2666,14 @@ static int init_ssl_connection(SSL *con)
     if (peer != NULL) {
         BIO_printf(bio_s_out, "Client certificate\n");
         PEM_write_bio_X509(bio_s_out, peer);
-        X509_NAME_oneline(X509_get_subject_name(peer), buf, sizeof buf);
+        X509_NAME_oneline(X509_get_subject_name(peer), buf, sizeof(buf));
         BIO_printf(bio_s_out, "subject=%s\n", buf);
-        X509_NAME_oneline(X509_get_issuer_name(peer), buf, sizeof buf);
+        X509_NAME_oneline(X509_get_issuer_name(peer), buf, sizeof(buf));
         BIO_printf(bio_s_out, "issuer=%s\n", buf);
         X509_free(peer);
     }
 
-    if (SSL_get_shared_ciphers(con, buf, sizeof buf) != NULL)
+    if (SSL_get_shared_ciphers(con, buf, sizeof(buf)) != NULL)
         BIO_printf(bio_s_out, "Shared ciphers:%s\n", buf);
     str = SSL_CIPHER_get_name(SSL_get_current_cipher(con));
     ssl_print_sigalgs(bio_s_out, con);
@@ -3016,7 +3017,7 @@ static int www_body(char *hostname, int s, int stype, unsigned char *context)
                 PEM_write_bio_X509(io, peer);
             } else
                 BIO_puts(io, "no client certificate available\n");
-            BIO_puts(io, "</BODY></HTML>\r\n\r\n");
+            BIO_puts(io, "</pre></BODY></HTML>\r\n\r\n");
             break;
         } else if ((www == 2 || www == 3)
                    && (strncmp("GET /", buf, 5) == 0)) {
diff --git a/apps/s_socket.c b/apps/s_socket.c
index 77a7688f..83624ca8 100644
--- a/apps/s_socket.c
+++ b/apps/s_socket.c
@@ -235,7 +235,7 @@ int init_client(int *sock, char *host, int port, int type)
 {
     unsigned char ip[4];
 
-    memset(ip, '\0', sizeof ip);
+    memset(ip, '\0', sizeof(ip));
     if (!host_ip(host, &(ip[0])))
         return 0;
     return init_client_ip(sock, ip, port, type);
@@ -360,7 +360,7 @@ static int init_server_long(int *sock, int port, char *ip, int type)
 # if defined SOL_SOCKET && defined SO_REUSEADDR
     {
         int j = 1;
-        setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (void *)&j, sizeof j);
+        setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (void *)&j, sizeof(j));
     }
 # endif
     if (bind(s, (struct sockaddr *)&server, sizeof(server)) == -1) {
@@ -595,7 +595,7 @@ static struct hostent *GetHostByName(char *name)
         if (ret == NULL)
             return (NULL);
         /* else add to cache */
-        if (strlen(name) < sizeof ghbn_cache[0].name) {
+        if (strlen(name) < sizeof(ghbn_cache[0].name)) {
             strcpy(ghbn_cache[lowi].name, name);
             memcpy((char *)&(ghbn_cache[lowi].ent), ret,
                    sizeof(struct hostent));
diff --git a/apps/s_time.c b/apps/s_time.c
index 38788f71..0bb2f8cc 100644
--- a/apps/s_time.c
+++ b/apps/s_time.c
@@ -422,7 +422,7 @@ int MAIN(int argc, char **argv)
             goto end;
 
         if (s_www_path != NULL) {
-            BIO_snprintf(buf, sizeof buf, "GET %s HTTP/1.0\r\n\r\n",
+            BIO_snprintf(buf, sizeof(buf), "GET %s HTTP/1.0\r\n\r\n",
                          s_www_path);
             SSL_write(scon, buf, strlen(buf));
             while ((i = SSL_read(scon, buf, sizeof(buf))) > 0)
@@ -481,7 +481,7 @@ int MAIN(int argc, char **argv)
     }
 
     if (s_www_path != NULL) {
-        BIO_snprintf(buf, sizeof buf, "GET %s HTTP/1.0\r\n\r\n", s_www_path);
+        BIO_snprintf(buf, sizeof(buf), "GET %s HTTP/1.0\r\n\r\n", s_www_path);
         SSL_write(scon, buf, strlen(buf));
         while (SSL_read(scon, buf, sizeof(buf)) > 0) ;
     }
@@ -517,7 +517,7 @@ int MAIN(int argc, char **argv)
             goto end;
 
         if (s_www_path) {
-            BIO_snprintf(buf, sizeof buf, "GET %s HTTP/1.0\r\n\r\n",
+            BIO_snprintf(buf, sizeof(buf), "GET %s HTTP/1.0\r\n\r\n",
                          s_www_path);
             SSL_write(scon, buf, strlen(buf));
             while ((i = SSL_read(scon, buf, sizeof(buf))) > 0)
diff --git a/apps/speed.c b/apps/speed.c
index 6cd10215..aaa982ee 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -307,7 +307,8 @@ static SIGRETTYPE sig_done(int sig)
 #  if !defined(SIGALRM)
 #   define SIGALRM
 #  endif
-static unsigned int lapse, schlock;
+static volatile unsigned int lapse;
+static volatile unsigned int schlock;
 static void alarm_win32(unsigned int secs)
 {
     lapse = secs * 1000;
@@ -725,6 +726,7 @@ int MAIN(int argc, char **argv)
                 BIO_printf(bio_err, "no EVP given\n");
                 goto end;
             }
+            evp_md = NULL;
             evp_cipher = EVP_get_cipherbyname(*argv);
             if (!evp_cipher) {
                 evp_md = EVP_get_digestbyname(*argv);
@@ -2089,7 +2091,7 @@ int MAIN(int argc, char **argv)
     RAND_pseudo_bytes(buf, 20);
 # ifndef OPENSSL_NO_DSA
     if (RAND_status() != 1) {
-        RAND_seed(rnd_seed, sizeof rnd_seed);
+        RAND_seed(rnd_seed, sizeof(rnd_seed));
         rnd_fake = 1;
     }
     for (j = 0; j < DSA_NUM; j++) {
@@ -2168,7 +2170,7 @@ int MAIN(int argc, char **argv)
 
 # ifndef OPENSSL_NO_ECDSA
     if (RAND_status() != 1) {
-        RAND_seed(rnd_seed, sizeof rnd_seed);
+        RAND_seed(rnd_seed, sizeof(rnd_seed));
         rnd_fake = 1;
     }
     for (j = 0; j < EC_NUM; j++) {
@@ -2263,7 +2265,7 @@ int MAIN(int argc, char **argv)
 
 # ifndef OPENSSL_NO_ECDH
     if (RAND_status() != 1) {
-        RAND_seed(rnd_seed, sizeof rnd_seed);
+        RAND_seed(rnd_seed, sizeof(rnd_seed));
         rnd_fake = 1;
     }
     for (j = 0; j < EC_NUM; j++) {
@@ -2586,7 +2588,7 @@ static char *sstrsep(char **string, const char *delim)
     if (**string == 0)
         return NULL;
 
-    memset(isdelim, 0, sizeof isdelim);
+    memset(isdelim, 0, sizeof(isdelim));
     isdelim[0] = 1;
 
     while (*delim) {
@@ -2613,7 +2615,7 @@ static int do_multi(int multi)
     int *fds;
     static char sep[] = ":";
 
-    fds = malloc(multi * sizeof *fds);
+    fds = malloc(multi * sizeof(*fds));
     if (fds == NULL) {
         fprintf(stderr, "Out of memory in speed (do_multi)\n");
         exit(1);
@@ -2651,7 +2653,7 @@ static int do_multi(int multi)
         char *p;
 
         f = fdopen(fds[n], "r");
-        while (fgets(buf, sizeof buf, f)) {
+        while (fgets(buf, sizeof(buf), f)) {
             p = strchr(buf, '\n');
             if (p)
                 *p = '\0';
@@ -2827,8 +2829,8 @@ static void multiblock_speed(const EVP_CIPHER *evp_cipher)
 
                 RAND_bytes(out, 16);
                 len += 16;
-                aad[11] = len >> 8;
-                aad[12] = len;
+                aad[11] = (unsigned char)(len >> 8);
+                aad[12] = (unsigned char)(len);
                 pad = EVP_CIPHER_CTX_ctrl(&ctx,
                                           EVP_CTRL_AEAD_TLS1_AAD,
                                           EVP_AEAD_TLS1_AAD_LEN, aad);
diff --git a/apps/spkac.c b/apps/spkac.c
index 7f5333fe..4b4106d0 100644
--- a/apps/spkac.c
+++ b/apps/spkac.c
@@ -5,7 +5,7 @@
  * 1999. Based on an original idea by Massimiliano Pala (madwolf@openca.org).
  */
 /* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2017 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -185,20 +185,23 @@ int MAIN(int argc, char **argv)
     }
     e = setup_engine(bio_err, engine, 0);
 
-    if (keyfile) {
+    if (keyfile != NULL) {
         pkey = load_key(bio_err,
                         strcmp(keyfile, "-") ? keyfile : NULL,
                         FORMAT_PEM, 1, passin, e, "private key");
-        if (!pkey) {
+        if (pkey == NULL)
             goto end;
-        }
         spki = NETSCAPE_SPKI_new();
-        if (challenge)
+        if (spki == NULL)
+            goto end;
+        if (challenge != NULL)
             ASN1_STRING_set(spki->spkac->challenge,
                             challenge, (int)strlen(challenge));
         NETSCAPE_SPKI_set_pubkey(spki, pkey);
         NETSCAPE_SPKI_sign(spki, pkey, EVP_md5());
         spkstr = NETSCAPE_SPKI_b64_encode(spki);
+        if (spkstr == NULL)
+            goto end;
 
         if (outfile)
             out = BIO_new_file(outfile, "w");
@@ -253,7 +256,7 @@ int MAIN(int argc, char **argv)
 
     spki = NETSCAPE_SPKI_b64_decode(spkstr, -1);
 
-    if (!spki) {
+    if (spki == NULL) {
         BIO_printf(bio_err, "Error loading SPKAC\n");
         ERR_print_errors(bio_err);
         goto end;
@@ -282,9 +285,9 @@ int MAIN(int argc, char **argv)
     pkey = NETSCAPE_SPKI_get_pubkey(spki);
     if (verify) {
         i = NETSCAPE_SPKI_verify(spki, pkey);
-        if (i > 0)
+        if (i > 0) {
             BIO_printf(bio_err, "Signature OK\n");
-        else {
+        } else {
             BIO_printf(bio_err, "Signature Failure\n");
             ERR_print_errors(bio_err);
             goto end;
diff --git a/apps/srp.c b/apps/srp.c
index 37341a5d..491445df 100644
--- a/apps/srp.c
+++ b/apps/srp.c
@@ -123,13 +123,14 @@ static int get_index(CA_DB *db, char *id, char type)
     int i;
     if (id == NULL)
         return -1;
-    if (type == DB_SRP_INDEX)
+    if (type == DB_SRP_INDEX) {
         for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) {
             pp = sk_OPENSSL_PSTRING_value(db->db->data, i);
             if (pp[DB_srptype][0] == DB_SRP_INDEX
                 && !strcmp(id, pp[DB_srpid]))
                 return i;
-    } else
+        }
+    } else {
         for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) {
             pp = sk_OPENSSL_PSTRING_value(db->db->data, i);
 
@@ -137,6 +138,7 @@ static int get_index(CA_DB *db, char *id, char type)
                 && !strcmp(id, pp[DB_srpid]))
                 return i;
         }
+    }
 
     return -1;
 }
@@ -177,16 +179,14 @@ static int update_index(CA_DB *db, BIO *bio, char **row)
     char **irow;
     int i;
 
-    if ((irow =
-         (char **)OPENSSL_malloc(sizeof(char *) * (DB_NUMBER + 1))) == NULL) {
+    irow = (char **)OPENSSL_malloc(sizeof(char *) * (DB_NUMBER + 1));
+    if (irow == NULL) {
         BIO_printf(bio_err, "Memory allocation failure\n");
         return 0;
     }
 
-    for (i = 0; i < DB_NUMBER; i++) {
+    for (i = 0; i < DB_NUMBER; i++)
         irow[i] = row[i];
-        row[i] = NULL;
-    }
     irow[DB_NUMBER] = NULL;
 
     if (!TXT_DB_insert(db->db, irow)) {
@@ -207,30 +207,32 @@ static char *srp_verify_user(const char *user, const char *srp_verifier,
                              char *srp_usersalt, const char *g, const char *N,
                              const char *passin, BIO *bio, int verbose)
 {
-    char password[1024];
+    char password[1025];
     PW_CB_DATA cb_tmp;
     char *verifier = NULL;
     char *gNid = NULL;
+    int len;
 
     cb_tmp.prompt_info = user;
     cb_tmp.password = passin;
 
-    if (password_callback(password, 1024, 0, &cb_tmp) > 0) {
+    len = password_callback(password, sizeof(password)-1, 0, &cb_tmp);
+    if (len > 0) {
+        password[len] = 0;
         VERBOSE BIO_printf(bio,
                            "Validating\n   user=\"%s\"\n srp_verifier=\"%s\"\n srp_usersalt=\"%s\"\n g=\"%s\"\n N=\"%s\"\n",
                            user, srp_verifier, srp_usersalt, g, N);
-        BIO_printf(bio, "Pass %s\n", password);
+        VVERBOSE BIO_printf(bio, "Pass %s\n", password);
 
-        if (!
-            (gNid =
-             SRP_create_verifier(user, password, &srp_usersalt, &verifier, N,
-                                 g))) {
+        if (!(gNid = SRP_create_verifier(user, password, &srp_usersalt,
+                                         &verifier, N, g))) {
             BIO_printf(bio, "Internal error validating SRP verifier\n");
         } else {
             if (strcmp(verifier, srp_verifier))
                 gNid = NULL;
             OPENSSL_free(verifier);
         }
+        OPENSSL_cleanse(password, len);
     }
     return gNid;
 }
@@ -239,24 +241,27 @@ static char *srp_create_user(char *user, char **srp_verifier,
                              char **srp_usersalt, char *g, char *N,
                              char *passout, BIO *bio, int verbose)
 {
-    char password[1024];
+    char password[1025];
     PW_CB_DATA cb_tmp;
     char *gNid = NULL;
     char *salt = NULL;
+    int len;
     cb_tmp.prompt_info = user;
     cb_tmp.password = passout;
 
-    if (password_callback(password, 1024, 1, &cb_tmp) > 0) {
+    len = password_callback(password, sizeof(password)-1, 1, &cb_tmp);
+    if (len > 0) {
+        password[len] = 0;
         VERBOSE BIO_printf(bio,
                            "Creating\n user=\"%s\"\n g=\"%s\"\n N=\"%s\"\n",
                            user, g, N);
-        if (!
-            (gNid =
-             SRP_create_verifier(user, password, &salt, srp_verifier, N,
-                                 g))) {
+        if (!(gNid = SRP_create_verifier(user, password, &salt,
+                                         srp_verifier, N, g))) {
             BIO_printf(bio, "Internal error creating SRP verifier\n");
-        } else
+        } else {
             *srp_usersalt = salt;
+        }
+        OPENSSL_cleanse(password, len);
         VVERBOSE BIO_printf(bio, "gNid=%s salt =\"%s\"\n verifier =\"%s\"\n",
                             gNid, salt, *srp_verifier);
 
@@ -316,9 +321,9 @@ int MAIN(int argc, char **argv)
     argc--;
     argv++;
     while (argc >= 1 && badops == 0) {
-        if (strcmp(*argv, "-verbose") == 0)
+        if (strcmp(*argv, "-verbose") == 0) {
             verbose++;
-        else if (strcmp(*argv, "-config") == 0) {
+        } else if (strcmp(*argv, "-config") == 0) {
             if (--argc < 1)
                 goto bad;
             configfile = *(++argv);
@@ -330,15 +335,15 @@ int MAIN(int argc, char **argv)
             if (--argc < 1)
                 goto bad;
             dbfile = *(++argv);
-        } else if (strcmp(*argv, "-add") == 0)
+        } else if (strcmp(*argv, "-add") == 0) {
             add_user = 1;
-        else if (strcmp(*argv, "-delete") == 0)
+        } else if (strcmp(*argv, "-delete") == 0) {
             delete_user = 1;
-        else if (strcmp(*argv, "-modify") == 0)
+        } else if (strcmp(*argv, "-modify") == 0) {
             modify_user = 1;
-        else if (strcmp(*argv, "-list") == 0)
+        } else if (strcmp(*argv, "-list") == 0) {
             list_user = 1;
-        else if (strcmp(*argv, "-gn") == 0) {
+        } else if (strcmp(*argv, "-gn") == 0) {
             if (--argc < 1)
                 goto bad;
             gN = *(++argv);
@@ -368,8 +373,9 @@ int MAIN(int argc, char **argv)
             BIO_printf(bio_err, "unknown option %s\n", *argv);
             badops = 1;
             break;
-        } else
+        } else {
             break;
+        }
 
         argc--;
         argv++;
@@ -390,7 +396,7 @@ int MAIN(int argc, char **argv)
                    "Need at least one user for options -add, -delete, -modify. \n");
         badops = 1;
     }
-    if ((passin || passout) && argc != 1) {
+    if ((passargin || passargout) && argc != 1) {
         BIO_printf(bio_err,
                    "-passin, -passout arguments only valid with one user.\n");
         badops = 1;
@@ -708,9 +714,9 @@ int MAIN(int argc, char **argv)
                 doupdatedb = 1;
             }
         }
-        if (--argc > 0)
+        if (--argc > 0) {
             user = *(argv++);
-        else {
+        } else {
             user = NULL;
             list_user = 0;
         }
diff --git a/apps/tsget b/apps/tsget
index 0d54e9fc..0fca99f4 100644
--- a/apps/tsget
+++ b/apps/tsget
@@ -193,4 +193,3 @@ REQUEST: foreach (@ARGV) {
     STDERR->printflush(", $output written.\n") if $options{v};
 }
 $curl->cleanup();
-WWW::Curl::Easy::global_cleanup();
diff --git a/apps/vms_term_sock.c b/apps/vms_term_sock.c
index a7d87ff3..bc0c173e 100644
--- a/apps/vms_term_sock.c
+++ b/apps/vms_term_sock.c
@@ -143,7 +143,7 @@ int main (int argc, char *argv[], char *envp[])
         ** Process the terminal input
         */
         LogMessage ("Waiting on terminal I/O ...\n");
-        len = recv (TermSock, TermBuff, sizeof (TermBuff), 0) ;
+        len = recv (TermSock, TermBuff, sizeof(TermBuff), 0) ;
         TermBuff[len] = '\0';
         LogMessage ("Received terminal I/O [%s]", TermBuff);
 
@@ -209,7 +209,7 @@ int TerminalSocket (int FunctionCode, int *ReturnSocket)
                           TerminalDeviceAst,
                           0,
                           TerminalDeviceBuff,
-                          sizeof (TerminalDeviceBuff) - 2,
+                          sizeof(TerminalDeviceBuff) - 2,
                           0, 0, 0, 0);
         if (! (status & 1)) {
             LogMessage ("TerminalSocket: SYS$QIO () - %08X", status);
@@ -317,7 +317,7 @@ static int CreateSocketPair (int SocketFamily,
     /*
     ** Initialize the socket information
     */
-    slen = sizeof (sin);
+    slen = sizeof(sin);
     memset ((char *) &sin, 0, slen);
     sin.sin_family = SocketFamily;
     sin.sin_addr.s_addr = inet_addr (LocalHostAddr);
@@ -434,12 +434,12 @@ static int CreateSocketPair (int SocketFamily,
     /*
     ** Now issue the connect
     */
-    memset ((char *) &sin, 0, sizeof (sin)) ;
+    memset ((char *) &sin, 0, sizeof(sin)) ;
     sin.sin_family = SocketFamily;
     sin.sin_addr.s_addr = inet_addr (LocalHostAddr) ;
     sin.sin_port = LocalHostPort ;
 
-    status = connect (SockDesc2, (struct sockaddr *) &sin, sizeof (sin));
+    status = connect (SockDesc2, (struct sockaddr *) &sin, sizeof(sin));
     if (status < 0 ) {
         LogMessage ("CreateSocketPair: connect () - %d", errno);
         sys$cantim (&sptb, 0);
@@ -528,7 +528,7 @@ static int TerminalDeviceAst (int astparm)
                       TerminalDeviceAst,
                       0,
                       TerminalDeviceBuff,
-                      sizeof (TerminalDeviceBuff) - 1,
+                      sizeof(TerminalDeviceBuff) - 1,
                       0, 0, 0, 0);
 
     /*
diff --git a/apps/winrand.c b/apps/winrand.c
index 44f57a38..fd5cf3b1 100644
--- a/apps/winrand.c
+++ b/apps/winrand.c
@@ -77,7 +77,7 @@ int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance,
     char buffer[200];
 
     if (cmdline[0] == '\0')
-        filename = RAND_file_name(buffer, sizeof buffer);
+        filename = RAND_file_name(buffer, sizeof(buffer));
     else
         filename = cmdline;
 
diff --git a/apps/x509.c b/apps/x509.c
index ad9fc98e..add74d55 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -817,10 +817,10 @@ int MAIN(int argc, char **argv)
                 char *m;
                 int y, z;
 
-                X509_NAME_oneline(X509_get_subject_name(x), buf, sizeof buf);
+                X509_NAME_oneline(X509_get_subject_name(x), buf, sizeof(buf));
                 BIO_printf(STDout, "/* subject:%s */\n", buf);
                 m = X509_NAME_oneline(X509_get_issuer_name(x), buf,
-                                      sizeof buf);
+                                      sizeof(buf));
                 BIO_printf(STDout, "/* issuer :%s */\n", buf);
 
                 z = i2d_X509(x, NULL);
diff --git a/appveyor.yml b/appveyor.yml
index 86953594..8c38feae 100644
--- a/appveyor.yml
+++ b/appveyor.yml
@@ -50,11 +50,3 @@ build_script:
 
 test_script:
     - nmake /f ms\%MAK% test
-
-notifications:
-    - provider: Email
-      to:
-          - openssl-commits@openssl.org
-      on_build_success: false
-      on_build_failure: true
-      on_build_status_changed: true
diff --git a/config b/config
index bba370c4..21534e00 100644
--- a/config
+++ b/config
@@ -344,6 +344,15 @@ case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in
 	echo "mips-sony-newsos4"; exit 0;
 	;;
 
+    # The following combinations are supported
+    # MINGW64* on x86_64 => mingw64
+    # MINGW32* on x86_64 => mingw
+    # MINGW32* on i?86 => mingw
+    #
+    # MINGW64* on i?86 isn't expected to work...
+    MINGW64*:*:*:x86_64)
+	echo "${MACHINE}-whatever-mingw64"; exit 0;
+	;;
     MINGW*)
 	echo "${MACHINE}-whatever-mingw"; exit 0;
 	;;
diff --git a/crypto/LPdir_win.c b/crypto/LPdir_win.c
index 07e63fb4..4961254d 100644
--- a/crypto/LPdir_win.c
+++ b/crypto/LPdir_win.c
@@ -94,8 +94,23 @@ const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
             TCHAR *wdir = NULL;
             /* len_0 denotes string length *with* trailing 0 */
             size_t index = 0, len_0 = strlen(extdir) + 1;
+            size_t amount;
 
-            wdir = (TCHAR *)calloc(len_0, sizeof(TCHAR));
+            /*
+             * Size check
+             * The reasoning is that absolutely worst case, each byte in
+             * extdir will take up one TCHAR each, so the maximum size in
+             * bytes that we can tolerate is MAX_PATH TCHARs...  not counting
+             * the ending NUL.
+             */
+            if ((len_0 - 1) > MAX_PATH * sizeof(TCHAR)) {
+                free(*ctx);
+                *ctx = NULL;
+                errno = EINVAL;
+                return 0;
+            }
+            amount = len_0 * sizeof(TCHAR);
+            wdir = (TCHAR *)malloc(amount);
             if (wdir == NULL) {
                 if (extdirbuf != NULL) {
                     free(extdirbuf);
diff --git a/crypto/aes/Makefile b/crypto/aes/Makefile
index e825c140..05e4a014 100644
--- a/crypto/aes/Makefile
+++ b/crypto/aes/Makefile
@@ -133,7 +133,7 @@ dclean:
 	mv -f Makefile.new $(MAKEFILE)
 
 clean:
-	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+	rm -f *.s *.S *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
 
diff --git a/crypto/aes/asm/aes-armv4.pl b/crypto/aes/asm/aes-armv4.pl
index 4f891708..c1b5e352 100644
--- a/crypto/aes/asm/aes-armv4.pl
+++ b/crypto/aes/asm/aes-armv4.pl
@@ -184,7 +184,7 @@ AES_encrypt:
 #if __ARM_ARCH__<7
 	sub	r3,pc,#8		@ AES_encrypt
 #else
-	adr	r3,AES_encrypt
+	adr	r3,.
 #endif
 	stmdb   sp!,{r1,r4-r12,lr}
 	mov	$rounds,r0		@ inp
@@ -430,7 +430,7 @@ _armv4_AES_set_encrypt_key:
 #if __ARM_ARCH__<7
 	sub	r3,pc,#8		@ AES_set_encrypt_key
 #else
-	adr	r3,private_AES_set_encrypt_key
+	adr	r3,.
 #endif
 	teq	r0,#0
 #if __ARM_ARCH__>=7
@@ -952,7 +952,7 @@ AES_decrypt:
 #if __ARM_ARCH__<7
 	sub	r3,pc,#8		@ AES_decrypt
 #else
-	adr	r3,AES_decrypt
+	adr	r3,.
 #endif
 	stmdb   sp!,{r1,r4-r12,lr}
 	mov	$rounds,r0		@ inp
diff --git a/crypto/aes/asm/aesni-sha1-x86_64.pl b/crypto/aes/asm/aesni-sha1-x86_64.pl
index 8c842608..7a30e893 100644
--- a/crypto/aes/asm/aesni-sha1-x86_64.pl
+++ b/crypto/aes/asm/aesni-sha1-x86_64.pl
@@ -1702,6 +1702,7 @@ $code.=<<___;
 	mov	240($key),$rounds
 	sub	$in0,$out
 	movups	($key),$rndkey0			# $key[0]
+	movups	($ivp),$iv			# load IV
 	movups	16($key),$rndkey[0]		# forward reference
 	lea	112($key),$key			# size optimization
 
diff --git a/crypto/aes/asm/aesni-sha256-x86_64.pl b/crypto/aes/asm/aesni-sha256-x86_64.pl
index 72f44ecf..588ade64 100644
--- a/crypto/aes/asm/aesni-sha256-x86_64.pl
+++ b/crypto/aes/asm/aesni-sha256-x86_64.pl
@@ -1299,6 +1299,7 @@ $code.=<<___;
 	mov		240($key),$rounds
 	sub		$in0,$out
 	movups		($key),$rndkey0		# $key[0]
+	movups		($ivp),$iv		# load IV
 	movups		16($key),$rndkey[0]	# forward reference
 	lea		112($key),$key		# size optimization
 
diff --git a/crypto/aes/asm/bsaes-armv7.pl b/crypto/aes/asm/bsaes-armv7.pl
index 83343e2d..ec66b050 100644
--- a/crypto/aes/asm/bsaes-armv7.pl
+++ b/crypto/aes/asm/bsaes-armv7.pl
@@ -724,7 +724,7 @@ $code.=<<___;
 .type	_bsaes_decrypt8,%function
 .align	4
 _bsaes_decrypt8:
-	adr	$const,_bsaes_decrypt8
+	adr	$const,.
 	vldmia	$key!, {@XMM[9]}		@ round 0 key
 	add	$const,$const,#.LM0ISR-_bsaes_decrypt8
 
@@ -819,7 +819,7 @@ _bsaes_const:
 .type	_bsaes_encrypt8,%function
 .align	4
 _bsaes_encrypt8:
-	adr	$const,_bsaes_encrypt8
+	adr	$const,.
 	vldmia	$key!, {@XMM[9]}		@ round 0 key
 	sub	$const,$const,#_bsaes_encrypt8-.LM0SR
 
@@ -923,7 +923,7 @@ $code.=<<___;
 .type	_bsaes_key_convert,%function
 .align	4
 _bsaes_key_convert:
-	adr	$const,_bsaes_key_convert
+	adr	$const,.
 	vld1.8	{@XMM[7]},  [$inp]!		@ load round 0 key
 	sub	$const,$const,#_bsaes_key_convert-.LM0
 	vld1.8	{@XMM[15]}, [$inp]!		@ load round 1 key
@@ -1333,7 +1333,7 @@ bsaes_cbc_encrypt:
 	vmov	@XMM[4],@XMM[15]		@ just in case ensure that IV
 	vmov	@XMM[5],@XMM[0]			@ and input are preserved
 	bl	AES_decrypt
-	vld1.8	{@XMM[0]}, [$fp,:64]		@ load result
+	vld1.8	{@XMM[0]}, [$fp]		@ load result
 	veor	@XMM[0], @XMM[0], @XMM[4]	@ ^= IV
 	vmov	@XMM[15], @XMM[5]		@ @XMM[5] holds input
 	vst1.8	{@XMM[0]}, [$rounds]		@ write output
diff --git a/crypto/asn1/Makefile b/crypto/asn1/Makefile
index 330fe81b..fb3140c1 100644
--- a/crypto/asn1/Makefile
+++ b/crypto/asn1/Makefile
@@ -680,7 +680,7 @@ tasn_fre.o: ../../include/openssl/e_os2.h ../../include/openssl/obj_mac.h
 tasn_fre.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 tasn_fre.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 tasn_fre.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-tasn_fre.o: ../../include/openssl/symhacks.h tasn_fre.c
+tasn_fre.o: ../../include/openssl/symhacks.h asn1_int.h tasn_fre.c
 tasn_new.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
 tasn_new.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
 tasn_new.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
@@ -688,7 +688,7 @@ tasn_new.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
 tasn_new.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 tasn_new.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 tasn_new.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-tasn_new.o: ../../include/openssl/symhacks.h tasn_new.c
+tasn_new.o: ../../include/openssl/symhacks.h asn1_int.h tasn_new.c
 tasn_prn.o: ../../e_os.h ../../include/openssl/asn1.h
 tasn_prn.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 tasn_prn.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
diff --git a/crypto/asn1/a_bitstr.c b/crypto/asn1/a_bitstr.c
index f906188b..0c8bb144 100644
--- a/crypto/asn1/a_bitstr.c
+++ b/crypto/asn1/a_bitstr.c
@@ -56,6 +56,7 @@
  * [including the GNU Public Licence.]
  */
 
+#include <limits.h>
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/asn1.h>
@@ -114,10 +115,11 @@ int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp)
 
     *(p++) = (unsigned char)bits;
     d = a->data;
-    memcpy(p, d, len);
-    p += len;
-    if (len > 0)
+    if (len > 0) {
+        memcpy(p, d, len);
+        p += len;
         p[-1] &= (0xff << bits);
+    }
     *pp = p;
     return (ret);
 }
@@ -135,6 +137,11 @@ ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,
         goto err;
     }
 
+    if (len > INT_MAX) {
+        i = ASN1_R_STRING_TOO_LONG;
+        goto err;
+    }
+
     if ((a == NULL) || ((*a) == NULL)) {
         if ((ret = M_ASN1_BIT_STRING_new()) == NULL)
             return (NULL);
diff --git a/crypto/asn1/a_digest.c b/crypto/asn1/a_digest.c
index 7cbc4751..57a04f76 100644
--- a/crypto/asn1/a_digest.c
+++ b/crypto/asn1/a_digest.c
@@ -86,8 +86,10 @@ int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data,
     p = str;
     i2d(data, &p);
 
-    if (!EVP_Digest(str, i, md, len, type, NULL))
+    if (!EVP_Digest(str, i, md, len, type, NULL)) {
+        OPENSSL_free(str);
         return 0;
+    }
     OPENSSL_free(str);
     return (1);
 }
@@ -104,8 +106,10 @@ int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *asn,
     if (!str)
         return (0);
 
-    if (!EVP_Digest(str, i, md, len, type, NULL))
+    if (!EVP_Digest(str, i, md, len, type, NULL)) {
+        OPENSSL_free(str);
         return 0;
+    }
     OPENSSL_free(str);
     return (1);
 }
diff --git a/crypto/asn1/a_gentm.c b/crypto/asn1/a_gentm.c
index fa76dcac..cb448159 100644
--- a/crypto/asn1/a_gentm.c
+++ b/crypto/asn1/a_gentm.c
@@ -78,7 +78,7 @@ int i2d_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME *a, unsigned char **pp)
     ASN1_STRING tmpstr = *(ASN1_STRING *)a;
 
     len = tmpstr.length;
-    ebcdic2ascii(tmp, tmpstr.data, (len >= sizeof tmp) ? sizeof tmp : len);
+    ebcdic2ascii(tmp, tmpstr.data, (len >= sizeof(tmp)) ? sizeof(tmp) : len);
     tmpstr.data = tmp;
 
     a = (ASN1_GENERALIZEDTIME *)&tmpstr;
@@ -202,7 +202,7 @@ int asn1_generalizedtime_to_tm(struct tm *tm, const ASN1_GENERALIZEDTIME *d)
     if (a[o] == 'Z')
         o++;
     else if ((a[o] == '+') || (a[o] == '-')) {
-        int offsign = a[o] == '-' ? -1 : 1, offset = 0;
+        int offsign = a[o] == '-' ? 1 : -1, offset = 0;
         o++;
         if (o + 4 > l)
             goto err;
diff --git a/crypto/asn1/a_i2d_fp.c b/crypto/asn1/a_i2d_fp.c
index 0f56cd4e..2e85e041 100644
--- a/crypto/asn1/a_i2d_fp.c
+++ b/crypto/asn1/a_i2d_fp.c
@@ -87,6 +87,9 @@ int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x)
     int i, j = 0, n, ret = 1;
 
     n = i2d(x, NULL);
+    if (n <= 0)
+        return 0;
+
     b = (char *)OPENSSL_malloc(n);
     if (b == NULL) {
         ASN1err(ASN1_F_ASN1_I2D_BIO, ERR_R_MALLOC_FAILURE);
diff --git a/crypto/asn1/a_mbstr.c b/crypto/asn1/a_mbstr.c
index 6935efe0..5b8028aa 100644
--- a/crypto/asn1/a_mbstr.c
+++ b/crypto/asn1/a_mbstr.c
@@ -149,14 +149,14 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
 
     if ((minsize > 0) && (nchar < minsize)) {
         ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_STRING_TOO_SHORT);
-        BIO_snprintf(strbuf, sizeof strbuf, "%ld", minsize);
+        BIO_snprintf(strbuf, sizeof(strbuf), "%ld", minsize);
         ERR_add_error_data(2, "minsize=", strbuf);
         return -1;
     }
 
     if ((maxsize > 0) && (nchar > maxsize)) {
         ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_STRING_TOO_LONG);
-        BIO_snprintf(strbuf, sizeof strbuf, "%ld", maxsize);
+        BIO_snprintf(strbuf, sizeof(strbuf), "%ld", maxsize);
         ERR_add_error_data(2, "maxsize=", strbuf);
         return -1;
     }
diff --git a/crypto/asn1/a_object.c b/crypto/asn1/a_object.c
index 229a40ff..ad6b12a5 100644
--- a/crypto/asn1/a_object.c
+++ b/crypto/asn1/a_object.c
@@ -89,7 +89,7 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
 {
     int i, first, len = 0, c, use_bn;
     char ftmp[24], *tmp = ftmp;
-    int tmpsize = sizeof ftmp;
+    int tmpsize = sizeof(ftmp);
     const char *p;
     unsigned long l;
     BIGNUM *bl = NULL;
@@ -226,7 +226,7 @@ int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a)
 
     if ((a == NULL) || (a->data == NULL))
         return (BIO_write(bp, "NULL", 4));
-    i = i2t_ASN1_OBJECT(buf, sizeof buf, a);
+    i = i2t_ASN1_OBJECT(buf, sizeof(buf), a);
     if (i > (int)(sizeof(buf) - 1)) {
         p = OPENSSL_malloc(i + 1);
         if (!p)
diff --git a/crypto/asn1/a_strex.c b/crypto/asn1/a_strex.c
index 2d562f93..95f04162 100644
--- a/crypto/asn1/a_strex.c
+++ b/crypto/asn1/a_strex.c
@@ -130,13 +130,13 @@ static int do_esc_char(unsigned long c, unsigned char flags, char *do_quotes,
     if (c > 0xffffffffL)
         return -1;
     if (c > 0xffff) {
-        BIO_snprintf(tmphex, sizeof tmphex, "\\W%08lX", c);
+        BIO_snprintf(tmphex, sizeof(tmphex), "\\W%08lX", c);
         if (!io_ch(arg, tmphex, 10))
             return -1;
         return 10;
     }
     if (c > 0xff) {
-        BIO_snprintf(tmphex, sizeof tmphex, "\\U%04lX", c);
+        BIO_snprintf(tmphex, sizeof(tmphex), "\\U%04lX", c);
         if (!io_ch(arg, tmphex, 6))
             return -1;
         return 6;
@@ -236,7 +236,7 @@ static int do_buf(unsigned char *buf, int buflen,
         if (type & BUF_TYPE_CONVUTF8) {
             unsigned char utfbuf[6];
             int utflen;
-            utflen = UTF8_putc(utfbuf, sizeof utfbuf, c);
+            utflen = UTF8_putc(utfbuf, sizeof(utfbuf), c);
             for (i = 0; i < utflen; i++) {
                 /*
                  * We don't need to worry about setting orflags correctly
@@ -533,7 +533,7 @@ static int do_name_ex(char_io *io_ch, void *arg, X509_NAME *n,
         if (fn_opt != XN_FLAG_FN_NONE) {
             int objlen, fld_len;
             if ((fn_opt == XN_FLAG_FN_OID) || (fn_nid == NID_undef)) {
-                OBJ_obj2txt(objtmp, sizeof objtmp, fn, 1);
+                OBJ_obj2txt(objtmp, sizeof(objtmp), fn, 1);
                 fld_len = 0;    /* XXX: what should this be? */
                 objbuf = objtmp;
             } else {
diff --git a/crypto/asn1/a_strnid.c b/crypto/asn1/a_strnid.c
index 2d2303d8..99ffe737 100644
--- a/crypto/asn1/a_strnid.c
+++ b/crypto/asn1/a_strnid.c
@@ -192,7 +192,8 @@ static const ASN1_STRING_TABLE tbl_standard[] = {
     {NID_name, 1, ub_name, DIRSTRING_TYPE, 0},
     {NID_dnQualifier, -1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},
     {NID_domainComponent, 1, -1, B_ASN1_IA5STRING, STABLE_NO_MASK},
-    {NID_ms_csp_name, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK}
+    {NID_ms_csp_name, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK},
+    {NID_jurisdictionCountryName, 2, 2, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK}
 };
 
 static int sk_table_cmp(const ASN1_STRING_TABLE *const *a,
diff --git a/crypto/asn1/a_time.c b/crypto/asn1/a_time.c
index fcb2d565..28831d6b 100644
--- a/crypto/asn1/a_time.c
+++ b/crypto/asn1/a_time.c
@@ -86,7 +86,7 @@ int i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **pp)
         tmpstr = *(ASN1_STRING *)a;
         len = tmpstr.length;
         ebcdic2ascii(tmp, tmpstr.data,
-                     (len >= sizeof tmp) ? sizeof tmp : len);
+                     (len >= sizeof(tmp)) ? sizeof(tmp) : len);
         tmpstr.data = tmp;
         a = (ASN1_GENERALIZEDTIME *)&tmpstr;
     }
@@ -137,7 +137,7 @@ int ASN1_TIME_check(ASN1_TIME *t)
 ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
                                                    ASN1_GENERALIZEDTIME **out)
 {
-    ASN1_GENERALIZEDTIME *ret;
+    ASN1_GENERALIZEDTIME *ret = NULL;
     char *str;
     int newlen;
 
@@ -146,22 +146,21 @@ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
 
     if (!out || !*out) {
         if (!(ret = ASN1_GENERALIZEDTIME_new()))
-            return NULL;
-        if (out)
-            *out = ret;
-    } else
+            goto err;
+    } else {
         ret = *out;
+    }
 
     /* If already GeneralizedTime just copy across */
     if (t->type == V_ASN1_GENERALIZEDTIME) {
         if (!ASN1_STRING_set(ret, t->data, t->length))
-            return NULL;
-        return ret;
+            goto err;
+        goto done;
     }
 
     /* grow the string */
     if (!ASN1_STRING_set(ret, NULL, t->length + 2))
-        return NULL;
+        goto err;
     /* ASN1_STRING_set() allocated 'len + 1' bytes. */
     newlen = t->length + 2 + 1;
     str = (char *)ret->data;
@@ -173,9 +172,18 @@ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
 
     BUF_strlcat(str, (char *)t->data, newlen);
 
-    return ret;
+ done:
+   if (out != NULL && *out == NULL)
+       *out = ret;
+   return ret;
+
+ err:
+    if (out == NULL || *out != ret)
+        ASN1_GENERALIZEDTIME_free(ret);
+    return NULL;
 }
 
+
 int ASN1_TIME_set_string(ASN1_TIME *s, const char *str)
 {
     ASN1_TIME t;
diff --git a/crypto/asn1/a_utctm.c b/crypto/asn1/a_utctm.c
index 724a10be..9cbad7c5 100644
--- a/crypto/asn1/a_utctm.c
+++ b/crypto/asn1/a_utctm.c
@@ -76,7 +76,7 @@ int i2d_ASN1_UTCTIME(ASN1_UTCTIME *a, unsigned char **pp)
     ASN1_STRING x = *(ASN1_STRING *)a;
 
     len = x.length;
-    ebcdic2ascii(tmp, x.data, (len >= sizeof tmp) ? sizeof tmp : len);
+    ebcdic2ascii(tmp, x.data, (len >= sizeof(tmp)) ? sizeof(tmp) : len);
     x.data = tmp;
     return i2d_ASN1_bytes(&x, pp, V_ASN1_UTCTIME, V_ASN1_UNIVERSAL);
 # endif
@@ -172,7 +172,7 @@ int asn1_utctime_to_tm(struct tm *tm, const ASN1_UTCTIME *d)
     if (a[o] == 'Z')
         o++;
     else if ((a[o] == '+') || (a[o] == '-')) {
-        int offsign = a[o] == '-' ? -1 : 1, offset = 0;
+        int offsign = a[o] == '-' ? 1 : -1, offset = 0;
         o++;
         if (o + 4 > l)
             goto err;
@@ -317,7 +317,7 @@ time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s)
     struct tm tm;
     int offset;
 
-    memset(&tm, '\0', sizeof tm);
+    memset(&tm, '\0', sizeof(tm));
 
 # define g2(p) (((p)[0]-'0')*10+(p)[1]-'0')
     tm.tm_year = g2(s->data);
diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h
index 68e791fc..35a2b2aa 100644
--- a/crypto/asn1/asn1.h
+++ b/crypto/asn1/asn1.h
@@ -1365,6 +1365,7 @@ void ERR_load_ASN1_strings(void);
 # define ASN1_R_MSTRING_NOT_UNIVERSAL                     139
 # define ASN1_R_MSTRING_WRONG_TAG                         140
 # define ASN1_R_NESTED_ASN1_STRING                        197
+# define ASN1_R_NESTED_TOO_DEEP                           219
 # define ASN1_R_NON_HEX_CHARACTERS                        141
 # define ASN1_R_NOT_ASCII_FORMAT                          190
 # define ASN1_R_NOT_ENOUGH_DATA                           142
diff --git a/crypto/asn1/asn1_err.c b/crypto/asn1/asn1_err.c
index fd4ac8d9..cfc1512f 100644
--- a/crypto/asn1/asn1_err.c
+++ b/crypto/asn1/asn1_err.c
@@ -1,6 +1,6 @@
 /* crypto/asn1/asn1_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2014 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2018 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -279,6 +279,7 @@ static ERR_STRING_DATA ASN1_str_reasons[] = {
     {ERR_REASON(ASN1_R_MSTRING_NOT_UNIVERSAL), "mstring not universal"},
     {ERR_REASON(ASN1_R_MSTRING_WRONG_TAG), "mstring wrong tag"},
     {ERR_REASON(ASN1_R_NESTED_ASN1_STRING), "nested asn1 string"},
+    {ERR_REASON(ASN1_R_NESTED_TOO_DEEP), "nested too deep"},
     {ERR_REASON(ASN1_R_NON_HEX_CHARACTERS), "non hex characters"},
     {ERR_REASON(ASN1_R_NOT_ASCII_FORMAT), "not ascii format"},
     {ERR_REASON(ASN1_R_NOT_ENOUGH_DATA), "not enough data"},
diff --git a/crypto/asn1/asn1_int.h b/crypto/asn1/asn1_int.h
new file mode 100644
index 00000000..c9fd8b12
--- /dev/null
+++ b/crypto/asn1/asn1_int.h
@@ -0,0 +1,63 @@
+/* asn1t.h */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/* Internal ASN1 template structures and functions: not for application use */
+
+void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it,
+                            int combine);
diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c
index e63e82a8..b52c3e12 100644
--- a/crypto/asn1/asn1_lib.c
+++ b/crypto/asn1/asn1_lib.c
@@ -456,8 +456,8 @@ void asn1_add_error(const unsigned char *address, int offset)
 {
     char buf1[DECIMAL_SIZE(address) + 1], buf2[DECIMAL_SIZE(offset) + 1];
 
-    BIO_snprintf(buf1, sizeof buf1, "%lu", (unsigned long)address);
-    BIO_snprintf(buf2, sizeof buf2, "%d", offset);
+    BIO_snprintf(buf1, sizeof(buf1), "%lu", (unsigned long)address);
+    BIO_snprintf(buf2, sizeof(buf2), "%d", offset);
     ERR_add_error_data(4, "address=", buf1, " offset=", buf2);
 }
 
diff --git a/crypto/asn1/asn1_par.c b/crypto/asn1/asn1_par.c
index e85e3398..0b1a689d 100644
--- a/crypto/asn1/asn1_par.c
+++ b/crypto/asn1/asn1_par.c
@@ -87,13 +87,13 @@ static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
 
     p = str;
     if ((xclass & V_ASN1_PRIVATE) == V_ASN1_PRIVATE)
-        BIO_snprintf(str, sizeof str, "priv [ %d ] ", tag);
+        BIO_snprintf(str, sizeof(str), "priv [ %d ] ", tag);
     else if ((xclass & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC)
-        BIO_snprintf(str, sizeof str, "cont [ %d ]", tag);
+        BIO_snprintf(str, sizeof(str), "cont [ %d ]", tag);
     else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION)
-        BIO_snprintf(str, sizeof str, "appl [ %d ]", tag);
+        BIO_snprintf(str, sizeof(str), "appl [ %d ]", tag);
     else if (tag > 30)
-        BIO_snprintf(str, sizeof str, "<ASN1 %d>", tag);
+        BIO_snprintf(str, sizeof(str), "<ASN1 %d>", tag);
     else
         p = ASN1_tag2str(tag);
 
diff --git a/crypto/asn1/asn_mime.c b/crypto/asn1/asn_mime.c
index 5170906c..02b7c9b7 100644
--- a/crypto/asn1/asn_mime.c
+++ b/crypto/asn1/asn_mime.c
@@ -4,7 +4,7 @@
  * project.
  */
 /* ====================================================================
- * Copyright (c) 1999-2008 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2018 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -473,6 +473,7 @@ ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it)
         if (!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) {
             sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
             ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_SIG_CONTENT_TYPE);
+            sk_BIO_pop_free(parts, BIO_vfree);
             return NULL;
         }
 
diff --git a/crypto/asn1/f_enum.c b/crypto/asn1/f_enum.c
index 94cd54db..527f1d8f 100644
--- a/crypto/asn1/f_enum.c
+++ b/crypto/asn1/f_enum.c
@@ -138,7 +138,7 @@ int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size)
         bufp = (unsigned char *)buf;
         if (first) {
             first = 0;
-            if ((bufp[0] == '0') && (buf[1] == '0')) {
+            if ((bufp[0] == '0') && (bufp[1] == '0')) {
                 bufp += 2;
                 i -= 2;
             }
diff --git a/crypto/asn1/f_int.c b/crypto/asn1/f_int.c
index 2bdc78d7..e6ed7f1e 100644
--- a/crypto/asn1/f_int.c
+++ b/crypto/asn1/f_int.c
@@ -152,7 +152,7 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size)
         bufp = (unsigned char *)buf;
         if (first) {
             first = 0;
-            if ((bufp[0] == '0') && (buf[1] == '0')) {
+            if ((bufp[0] == '0') && (bufp[1] == '0')) {
                 bufp += 2;
                 i -= 2;
             }
diff --git a/crypto/asn1/t_x509a.c b/crypto/asn1/t_x509a.c
index f4b8f94c..d1b897a4 100644
--- a/crypto/asn1/t_x509a.c
+++ b/crypto/asn1/t_x509a.c
@@ -81,7 +81,7 @@ int X509_CERT_AUX_print(BIO *out, X509_CERT_AUX *aux, int indent)
                 BIO_puts(out, ", ");
             else
                 first = 0;
-            OBJ_obj2txt(oidstr, sizeof oidstr,
+            OBJ_obj2txt(oidstr, sizeof(oidstr),
                         sk_ASN1_OBJECT_value(aux->trust, i), 0);
             BIO_puts(out, oidstr);
         }
@@ -96,7 +96,7 @@ int X509_CERT_AUX_print(BIO *out, X509_CERT_AUX *aux, int indent)
                 BIO_puts(out, ", ");
             else
                 first = 0;
-            OBJ_obj2txt(oidstr, sizeof oidstr,
+            OBJ_obj2txt(oidstr, sizeof(oidstr),
                         sk_ASN1_OBJECT_value(aux->reject, i), 0);
             BIO_puts(out, oidstr);
         }
diff --git a/crypto/asn1/tasn_dec.c b/crypto/asn1/tasn_dec.c
index d2540273..e657c36d 100644
--- a/crypto/asn1/tasn_dec.c
+++ b/crypto/asn1/tasn_dec.c
@@ -4,7 +4,7 @@
  * 2000.
  */
 /* ====================================================================
- * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 2000-2018 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -65,6 +65,14 @@
 #include <openssl/buffer.h>
 #include <openssl/err.h>
 
+/*
+ * Constructed types with a recursive definition (such as can be found in PKCS7)
+ * could eventually exceed the stack given malicious input with excessive
+ * recursion. Therefore we limit the stack depth. This is the maximum number of
+ * recursive invocations of asn1_item_embed_d2i().
+ */
+#define ASN1_MAX_CONSTRUCTED_NEST 30
+
 static int asn1_check_eoc(const unsigned char **in, long len);
 static int asn1_find_end(const unsigned char **in, long len, char inf);
 
@@ -81,11 +89,11 @@ static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass,
 static int asn1_template_ex_d2i(ASN1_VALUE **pval,
                                 const unsigned char **in, long len,
                                 const ASN1_TEMPLATE *tt, char opt,
-                                ASN1_TLC *ctx);
+                                ASN1_TLC *ctx, int depth);
 static int asn1_template_noexp_d2i(ASN1_VALUE **val,
                                    const unsigned char **in, long len,
                                    const ASN1_TEMPLATE *tt, char opt,
-                                   ASN1_TLC *ctx);
+                                   ASN1_TLC *ctx, int depth);
 static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
                                  const unsigned char **in, long len,
                                  const ASN1_ITEM *it,
@@ -154,17 +162,16 @@ int ASN1_template_d2i(ASN1_VALUE **pval,
 {
     ASN1_TLC c;
     asn1_tlc_clear_nc(&c);
-    return asn1_template_ex_d2i(pval, in, len, tt, 0, &c);
+    return asn1_template_ex_d2i(pval, in, len, tt, 0, &c, 0);
 }
 
 /*
  * Decode an item, taking care of IMPLICIT tagging, if any. If 'opt' set and
  * tag mismatch return -1 to handle OPTIONAL
  */
-
-int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
-                     const ASN1_ITEM *it,
-                     int tag, int aclass, char opt, ASN1_TLC *ctx)
+static int asn1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in,
+                            long len, const ASN1_ITEM *it, int tag, int aclass,
+                            char opt, ASN1_TLC *ctx, int depth)
 {
     const ASN1_TEMPLATE *tt, *errtt = NULL;
     const ASN1_COMPAT_FUNCS *cf;
@@ -189,6 +196,11 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
     else
         asn1_cb = 0;
 
+    if (++depth > ASN1_MAX_CONSTRUCTED_NEST) {
+        ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_NESTED_TOO_DEEP);
+        goto err;
+    }
+
     switch (it->itype) {
     case ASN1_ITYPE_PRIMITIVE:
         if (it->templates) {
@@ -204,7 +216,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
                 goto err;
             }
             return asn1_template_ex_d2i(pval, in, len,
-                                        it->templates, opt, ctx);
+                                        it->templates, opt, ctx, depth);
         }
         return asn1_d2i_ex_primitive(pval, in, len, it,
                                      tag, aclass, opt, ctx);
@@ -326,7 +338,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
             /*
              * We mark field as OPTIONAL so its absence can be recognised.
              */
-            ret = asn1_template_ex_d2i(pchptr, &p, len, tt, 1, ctx);
+            ret = asn1_template_ex_d2i(pchptr, &p, len, tt, 1, ctx, depth);
             /* If field not present, try the next one */
             if (ret == -1)
                 continue;
@@ -444,7 +456,8 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
              * attempt to read in field, allowing each to be OPTIONAL
              */
 
-            ret = asn1_template_ex_d2i(pseqval, &p, len, seqtt, isopt, ctx);
+            ret = asn1_template_ex_d2i(pseqval, &p, len, seqtt, isopt, ctx,
+                                       depth);
             if (!ret) {
                 errtt = seqtt;
                 goto err;
@@ -514,6 +527,13 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
     return 0;
 }
 
+int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
+                     const ASN1_ITEM *it,
+                     int tag, int aclass, char opt, ASN1_TLC *ctx)
+{
+    return asn1_item_ex_d2i(pval, in, len, it, tag, aclass, opt, ctx, 0);
+}
+
 /*
  * Templates are handled with two separate functions. One handles any
  * EXPLICIT tag and the other handles the rest.
@@ -522,7 +542,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
 static int asn1_template_ex_d2i(ASN1_VALUE **val,
                                 const unsigned char **in, long inlen,
                                 const ASN1_TEMPLATE *tt, char opt,
-                                ASN1_TLC *ctx)
+                                ASN1_TLC *ctx, int depth)
 {
     int flags, aclass;
     int ret;
@@ -557,7 +577,7 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val,
             return 0;
         }
         /* We've found the field so it can't be OPTIONAL now */
-        ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx);
+        ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx, depth);
         if (!ret) {
             ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
             return 0;
@@ -581,7 +601,7 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val,
             }
         }
     } else
-        return asn1_template_noexp_d2i(val, in, inlen, tt, opt, ctx);
+        return asn1_template_noexp_d2i(val, in, inlen, tt, opt, ctx, depth);
 
     *in = p;
     return 1;
@@ -594,7 +614,7 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val,
 static int asn1_template_noexp_d2i(ASN1_VALUE **val,
                                    const unsigned char **in, long len,
                                    const ASN1_TEMPLATE *tt, char opt,
-                                   ASN1_TLC *ctx)
+                                   ASN1_TLC *ctx, int depth)
 {
     int flags, aclass;
     int ret;
@@ -665,14 +685,15 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
                 break;
             }
             skfield = NULL;
-            if (!ASN1_item_ex_d2i(&skfield, &p, len,
-                                  ASN1_ITEM_ptr(tt->item), -1, 0, 0, ctx)) {
+            if (!asn1_item_ex_d2i(&skfield, &p, len, ASN1_ITEM_ptr(tt->item),
+                                  -1, 0, 0, ctx, depth)) {
                 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
                         ERR_R_NESTED_ASN1_ERROR);
                 goto err;
             }
             len -= p - q;
             if (!sk_ASN1_VALUE_push((STACK_OF(ASN1_VALUE) *)*val, skfield)) {
+                ASN1_item_ex_free(&skfield, ASN1_ITEM_ptr(tt->item));
                 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_MALLOC_FAILURE);
                 goto err;
             }
@@ -683,9 +704,8 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
         }
     } else if (flags & ASN1_TFLG_IMPTAG) {
         /* IMPLICIT tagging */
-        ret = ASN1_item_ex_d2i(val, &p, len,
-                               ASN1_ITEM_ptr(tt->item), tt->tag, aclass, opt,
-                               ctx);
+        ret = asn1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item), tt->tag,
+                               aclass, opt, ctx, depth);
         if (!ret) {
             ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR);
             goto err;
@@ -693,8 +713,9 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
             return -1;
     } else {
         /* Nothing special */
-        ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item),
-                               -1, tt->flags & ASN1_TFLG_COMBINE, opt, ctx);
+        ret = asn1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item),
+                               -1, tt->flags & ASN1_TFLG_COMBINE, opt, ctx,
+                               depth);
         if (!ret) {
             ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR);
             goto err;
diff --git a/crypto/asn1/tasn_fre.c b/crypto/asn1/tasn_fre.c
index aeea4eff..0cf7510f 100644
--- a/crypto/asn1/tasn_fre.c
+++ b/crypto/asn1/tasn_fre.c
@@ -61,9 +61,7 @@
 #include <openssl/asn1.h>
 #include <openssl/asn1t.h>
 #include <openssl/objects.h>
-
-static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it,
-                                   int combine);
+#include "asn1_int.h"
 
 /* Free up an ASN1 structure */
 
@@ -77,8 +75,7 @@ void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
     asn1_item_combine_free(pval, it, 0);
 }
 
-static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it,
-                                   int combine)
+void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine)
 {
     const ASN1_TEMPLATE *tt = NULL, *seqtt;
     const ASN1_EXTERN_FUNCS *ef;
diff --git a/crypto/asn1/tasn_new.c b/crypto/asn1/tasn_new.c
index b0c73bee..6ba90260 100644
--- a/crypto/asn1/tasn_new.c
+++ b/crypto/asn1/tasn_new.c
@@ -63,6 +63,7 @@
 #include <openssl/err.h>
 #include <openssl/asn1t.h>
 #include <string.h>
+#include "asn1_int.h"
 
 static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
                                     int combine);
@@ -158,7 +159,7 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
         }
         asn1_set_choice_selector(pval, -1, it);
         if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it, NULL))
-            goto auxerr;
+            goto auxerr2;
         break;
 
     case ASN1_ITYPE_NDEF_SEQUENCE:
@@ -186,10 +187,10 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
         for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
             pseqval = asn1_get_field_ptr(pval, tt);
             if (!ASN1_template_new(pseqval, tt))
-                goto memerr;
+                goto memerr2;
         }
         if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it, NULL))
-            goto auxerr;
+            goto auxerr2;
         break;
     }
 #ifdef CRYPTO_MDEBUG
@@ -198,6 +199,8 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
 #endif
     return 1;
 
+ memerr2:
+    asn1_item_combine_free(pval, it, combine);
  memerr:
     ASN1err(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW, ERR_R_MALLOC_FAILURE);
 #ifdef CRYPTO_MDEBUG
@@ -206,9 +209,10 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
 #endif
     return 0;
 
+ auxerr2:
+    asn1_item_combine_free(pval, it, combine);
  auxerr:
     ASN1err(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW, ASN1_R_AUX_ERROR);
-    ASN1_item_ex_free(pval, it);
 #ifdef CRYPTO_MDEBUG
     if (it->sname)
         CRYPTO_pop_info();
diff --git a/crypto/asn1/tasn_prn.c b/crypto/asn1/tasn_prn.c
index f628cadd..e93fd11f 100644
--- a/crypto/asn1/tasn_prn.c
+++ b/crypto/asn1/tasn_prn.c
@@ -463,7 +463,7 @@ static int asn1_print_oid_ctx(BIO *out, const ASN1_OBJECT *oid,
     ln = OBJ_nid2ln(OBJ_obj2nid(oid));
     if (!ln)
         ln = "";
-    OBJ_obj2txt(objbuf, sizeof objbuf, oid, 1);
+    OBJ_obj2txt(objbuf, sizeof(objbuf), oid, 1);
     if (BIO_printf(out, "%s (%s)", ln, objbuf) <= 0)
         return 0;
     return 1;
diff --git a/crypto/asn1/x_long.c b/crypto/asn1/x_long.c
index 3aed44a3..aecb9506 100644
--- a/crypto/asn1/x_long.c
+++ b/crypto/asn1/x_long.c
@@ -126,7 +126,7 @@ static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
      * set.
      */
     if (ltmp < 0)
-        utmp = -ltmp - 1;
+        utmp = 0 - (unsigned long)ltmp - 1;
     else
         utmp = ltmp;
     clen = BN_num_bits_word(utmp);
@@ -155,19 +155,41 @@ static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
 static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
                     int utype, char *free_cont, const ASN1_ITEM *it)
 {
-    int neg, i;
+    int neg = -1, i;
     long ltmp;
     unsigned long utmp = 0;
     char *cp = (char *)pval;
+
+    if (len) {
+        /*
+         * Check possible pad byte.  Worst case, we're skipping past actual
+         * content, but since that's only with 0x00 and 0xff and we set neg
+         * accordingly, the result will be correct in the end anyway.
+         */
+        switch (cont[0]) {
+        case 0xff:
+            cont++;
+            len--;
+            neg = 1;
+            break;
+        case 0:
+            cont++;
+            len--;
+            neg = 0;
+            break;
+        }
+    }
     if (len > (int)sizeof(long)) {
         ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
         return 0;
     }
-    /* Is it negative? */
-    if (len && (cont[0] & 0x80))
-        neg = 1;
-    else
-        neg = 0;
+    if (neg == -1) {
+        /* Is it negative? */
+        if (len && (cont[0] & 0x80))
+            neg = 1;
+        else
+            neg = 0;
+    }
     utmp = 0;
     for (i = 0; i < len; i++) {
         utmp <<= 8;
@@ -178,8 +200,8 @@ static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
     }
     ltmp = (long)utmp;
     if (neg) {
-        ltmp++;
         ltmp = -ltmp;
+        ltmp--;
     }
     if (ltmp == it->size) {
         ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
diff --git a/crypto/asn1/x_name.c b/crypto/asn1/x_name.c
index 26378fdb..aea0c276 100644
--- a/crypto/asn1/x_name.c
+++ b/crypto/asn1/x_name.c
@@ -178,6 +178,16 @@ static void x509_name_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
     *pval = NULL;
 }
 
+static void local_sk_X509_NAME_ENTRY_free(STACK_OF(X509_NAME_ENTRY) *ne)
+{
+    sk_X509_NAME_ENTRY_free(ne);
+}
+
+static void local_sk_X509_NAME_ENTRY_pop_free(STACK_OF(X509_NAME_ENTRY) *ne)
+{
+    sk_X509_NAME_ENTRY_pop_free(ne, X509_NAME_ENTRY_free);
+}
+
 static int x509_name_ex_d2i(ASN1_VALUE **val,
                             const unsigned char **in, long len,
                             const ASN1_ITEM *it, int tag, int aclass,
@@ -228,13 +238,14 @@ static int x509_name_ex_d2i(ASN1_VALUE **val,
             entry->set = i;
             if (!sk_X509_NAME_ENTRY_push(nm.x->entries, entry))
                 goto err;
+            sk_X509_NAME_ENTRY_set(entries, j, NULL);
         }
-        sk_X509_NAME_ENTRY_free(entries);
     }
-    sk_STACK_OF_X509_NAME_ENTRY_free(intname.s);
     ret = x509_name_canon(nm.x);
     if (!ret)
         goto err;
+    sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s,
+                                         local_sk_X509_NAME_ENTRY_free);
     nm.x->modified = 0;
     *val = nm.a;
     *in = p;
@@ -242,6 +253,8 @@ static int x509_name_ex_d2i(ASN1_VALUE **val,
  err:
     if (nm.x != NULL)
         X509_NAME_free(nm.x);
+    sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s,
+                                         local_sk_X509_NAME_ENTRY_pop_free);
     ASN1err(ASN1_F_X509_NAME_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
     return 0;
 }
@@ -267,16 +280,6 @@ static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out,
     return ret;
 }
 
-static void local_sk_X509_NAME_ENTRY_free(STACK_OF(X509_NAME_ENTRY) *ne)
-{
-    sk_X509_NAME_ENTRY_free(ne);
-}
-
-static void local_sk_X509_NAME_ENTRY_pop_free(STACK_OF(X509_NAME_ENTRY) *ne)
-{
-    sk_X509_NAME_ENTRY_pop_free(ne, X509_NAME_ENTRY_free);
-}
-
 static int x509_name_encode(X509_NAME *a)
 {
     union {
@@ -299,8 +302,10 @@ static int x509_name_encode(X509_NAME *a)
             entries = sk_X509_NAME_ENTRY_new_null();
             if (!entries)
                 goto memerr;
-            if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname.s, entries))
+            if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname.s, entries)) {
+                sk_X509_NAME_ENTRY_free(entries);
                 goto memerr;
+            }
             set = entry->set;
         }
         if (!sk_X509_NAME_ENTRY_push(entries, entry))
@@ -370,8 +375,10 @@ static int x509_name_canon(X509_NAME *a)
             entries = sk_X509_NAME_ENTRY_new_null();
             if (!entries)
                 goto err;
-            if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname, entries))
+            if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname, entries)) {
+                sk_X509_NAME_ENTRY_free(entries);
                 goto err;
+            }
             set = entry->set;
         }
         tmpentry = X509_NAME_ENTRY_new();
@@ -516,19 +523,11 @@ static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) * _intname,
 
 int X509_NAME_set(X509_NAME **xn, X509_NAME *name)
 {
-    X509_NAME *in;
-
-    if (!xn || !name)
-        return (0);
-
-    if (*xn != name) {
-        in = X509_NAME_dup(name);
-        if (in != NULL) {
-            X509_NAME_free(*xn);
-            *xn = in;
-        }
-    }
-    return (*xn != NULL);
+    if ((name = X509_NAME_dup(name)) == NULL)
+        return 0;
+    X509_NAME_free(*xn);
+    *xn = name;
+    return 1;
 }
 
 IMPLEMENT_STACK_OF(X509_NAME_ENTRY)
diff --git a/crypto/asn1/x_pkey.c b/crypto/asn1/x_pkey.c
index 2da23e47..59f85539 100644
--- a/crypto/asn1/x_pkey.c
+++ b/crypto/asn1/x_pkey.c
@@ -106,10 +106,14 @@ X509_PKEY *X509_PKEY_new(void)
     X509_PKEY *ret = NULL;
     ASN1_CTX c;
 
-    M_ASN1_New_Malloc(ret, X509_PKEY);
+    ret = OPENSSL_malloc(sizeof(X509_PKEY));
+    if (ret == NULL) {
+        c.line = __LINE__;
+        goto err;
+    }
     ret->version = 0;
-    M_ASN1_New(ret->enc_algor, X509_ALGOR_new);
-    M_ASN1_New(ret->enc_pkey, M_ASN1_OCTET_STRING_new);
+    ret->enc_algor = X509_ALGOR_new();
+    ret->enc_pkey = M_ASN1_OCTET_STRING_new();
     ret->dec_pkey = NULL;
     ret->key_length = 0;
     ret->key_data = NULL;
@@ -117,8 +121,15 @@ X509_PKEY *X509_PKEY_new(void)
     ret->cipher.cipher = NULL;
     memset(ret->cipher.iv, 0, EVP_MAX_IV_LENGTH);
     ret->references = 1;
-    return (ret);
-    M_ASN1_New_Error(ASN1_F_X509_PKEY_NEW);
+    if (ret->enc_algor == NULL || ret->enc_pkey == NULL) {
+        c.line = __LINE__;
+        goto err;
+    }
+    return ret;
+err:
+    X509_PKEY_free(ret);
+    ASN1_MAC_H_err(ASN1_F_X509_PKEY_NEW, ERR_R_MALLOC_FAILURE, c.line);
+    return NULL;
 }
 
 void X509_PKEY_free(X509_PKEY *x)
diff --git a/crypto/bf/bftest.c b/crypto/bf/bftest.c
index 0b008f09..bd20a8e2 100644
--- a/crypto/bf/bftest.c
+++ b/crypto/bf/bftest.c
@@ -462,9 +462,9 @@ static int test(void)
     len = strlen(cbc_data) + 1;
 
     BF_set_key(&key, 16, cbc_key);
-    memset(cbc_in, 0, sizeof cbc_in);
-    memset(cbc_out, 0, sizeof cbc_out);
-    memcpy(iv, cbc_iv, sizeof iv);
+    memset(cbc_in, 0, sizeof(cbc_in));
+    memset(cbc_out, 0, sizeof(cbc_out));
+    memcpy(iv, cbc_iv, sizeof(iv));
     BF_cbc_encrypt((unsigned char *)cbc_data, cbc_out, len,
                    &key, iv, BF_ENCRYPT);
     if (memcmp(cbc_out, cbc_ok, 32) != 0) {
diff --git a/crypto/bio/b_dump.c b/crypto/bio/b_dump.c
index ccf0e287..fcfd6995 100644
--- a/crypto/bio/b_dump.c
+++ b/crypto/bio/b_dump.c
@@ -64,7 +64,6 @@
 #include "cryptlib.h"
 #include "bio_lcl.h"
 
-#define TRUNCATE
 #define DUMP_WIDTH      16
 #define DUMP_WIDTH_LESS_INDENT(i) (DUMP_WIDTH-((i-(i>6?6:i)+3)/4))
 
@@ -79,17 +78,10 @@ int BIO_dump_indent_cb(int (*cb) (const void *data, size_t len, void *u),
 {
     int ret = 0;
     char buf[288 + 1], tmp[20], str[128 + 1];
-    int i, j, rows, trc;
+    int i, j, rows;
     unsigned char ch;
     int dump_width;
 
-    trc = 0;
-
-#ifdef TRUNCATE
-    for (; (len > 0) && ((s[len - 1] == ' ') || (s[len - 1] == '\0')); len--)
-        trc++;
-#endif
-
     if (indent < 0)
         indent = 0;
     if (indent) {
@@ -104,50 +96,43 @@ int BIO_dump_indent_cb(int (*cb) (const void *data, size_t len, void *u),
     if ((rows * dump_width) < len)
         rows++;
     for (i = 0; i < rows; i++) {
-        BUF_strlcpy(buf, str, sizeof buf);
-        BIO_snprintf(tmp, sizeof tmp, "%04x - ", i * dump_width);
-        BUF_strlcat(buf, tmp, sizeof buf);
+        BUF_strlcpy(buf, str, sizeof(buf));
+        BIO_snprintf(tmp, sizeof(tmp), "%04x - ", i * dump_width);
+        BUF_strlcat(buf, tmp, sizeof(buf));
         for (j = 0; j < dump_width; j++) {
             if (((i * dump_width) + j) >= len) {
-                BUF_strlcat(buf, "   ", sizeof buf);
+                BUF_strlcat(buf, "   ", sizeof(buf));
             } else {
                 ch = ((unsigned char)*(s + i * dump_width + j)) & 0xff;
-                BIO_snprintf(tmp, sizeof tmp, "%02x%c", ch,
+                BIO_snprintf(tmp, sizeof(tmp), "%02x%c", ch,
                              j == 7 ? '-' : ' ');
-                BUF_strlcat(buf, tmp, sizeof buf);
+                BUF_strlcat(buf, tmp, sizeof(buf));
             }
         }
-        BUF_strlcat(buf, "  ", sizeof buf);
+        BUF_strlcat(buf, "  ", sizeof(buf));
         for (j = 0; j < dump_width; j++) {
             if (((i * dump_width) + j) >= len)
                 break;
             ch = ((unsigned char)*(s + i * dump_width + j)) & 0xff;
 #ifndef CHARSET_EBCDIC
-            BIO_snprintf(tmp, sizeof tmp, "%c",
+            BIO_snprintf(tmp, sizeof(tmp), "%c",
                          ((ch >= ' ') && (ch <= '~')) ? ch : '.');
 #else
-            BIO_snprintf(tmp, sizeof tmp, "%c",
+            BIO_snprintf(tmp, sizeof(tmp), "%c",
                          ((ch >= os_toascii[' ']) && (ch <= os_toascii['~']))
                          ? os_toebcdic[ch]
                          : '.');
 #endif
-            BUF_strlcat(buf, tmp, sizeof buf);
+            BUF_strlcat(buf, tmp, sizeof(buf));
         }
-        BUF_strlcat(buf, "\n", sizeof buf);
+        BUF_strlcat(buf, "\n", sizeof(buf));
         /*
          * if this is the last call then update the ddt_dump thing so that we
          * will move the selection point in the debug window
          */
         ret += cb((void *)buf, strlen(buf), u);
     }
-#ifdef TRUNCATE
-    if (trc > 0) {
-        BIO_snprintf(buf, sizeof buf, "%s%04x - <SPACES/NULS>\n", str,
-                     len + trc);
-        ret += cb((void *)buf, strlen(buf), u);
-    }
-#endif
-    return (ret);
+    return ret;
 }
 
 #ifndef OPENSSL_NO_FP_API
diff --git a/crypto/bio/b_print.c b/crypto/bio/b_print.c
index 987fe068..47654f85 100644
--- a/crypto/bio/b_print.c
+++ b/crypto/bio/b_print.c
@@ -385,7 +385,7 @@ _dopr(char **sbuffer,
                 if (cflags == DP_C_SHORT) {
                     short int *num;
                     num = va_arg(args, short int *);
-                    *num = currlen;
+                    *num = (short int)currlen;
                 } else if (cflags == DP_C_LONG) { /* XXX */
                     long int *num;
                     num = va_arg(args, long int *);
@@ -502,7 +502,7 @@ fmtint(char **sbuffer,
     if (!(flags & DP_F_UNSIGNED)) {
         if (value < 0) {
             signvalue = '-';
-            uvalue = -value;
+            uvalue = 0 - (unsigned LLONG)value;
         } else if (flags & DP_F_PLUS)
             signvalue = '+';
         else if (flags & DP_F_SPACE)
@@ -663,7 +663,7 @@ fmtfp(char **sbuffer,
         iconvert[iplace++] = "0123456789"[intpart % 10];
         intpart = (intpart / 10);
     } while (intpart && (iplace < (int)sizeof(iconvert)));
-    if (iplace == sizeof iconvert)
+    if (iplace == sizeof(iconvert))
         iplace--;
     iconvert[iplace] = 0;
 
@@ -672,7 +672,7 @@ fmtfp(char **sbuffer,
         fconvert[fplace++] = "0123456789"[fracpart % 10];
         fracpart = (fracpart / 10);
     } while (fplace < max);
-    if (fplace == sizeof fconvert)
+    if (fplace == sizeof(fconvert))
         fplace--;
     fconvert[fplace] = 0;
 
diff --git a/crypto/bio/bio_cb.c b/crypto/bio/bio_cb.c
index d3e86068..2ff52636 100644
--- a/crypto/bio/bio_cb.c
+++ b/crypto/bio/bio_cb.c
@@ -76,8 +76,11 @@ long MS_CALLBACK BIO_debug_callback(BIO *bio, int cmd, const char *argp,
     if (BIO_CB_RETURN & cmd)
         r = ret;
 
-    len = BIO_snprintf(buf,sizeof buf,"BIO[%p]: ",(void *)bio);
+    len = BIO_snprintf(buf,sizeof(buf),"BIO[%p]: ",(void *)bio);
 
+    /* Ignore errors and continue printing the other information. */
+    if (len < 0)
+        len = 0;
     p = buf + len;
     p_maxlen = sizeof(buf) - len;
 
diff --git a/crypto/bio/bss_bio.c b/crypto/bio/bss_bio.c
index 3dd81877..096ea415 100644
--- a/crypto/bio/bss_bio.c
+++ b/crypto/bio/bss_bio.c
@@ -144,7 +144,7 @@ static int bio_new(BIO *bio)
 {
     struct bio_bio_st *b;
 
-    b = OPENSSL_malloc(sizeof *b);
+    b = OPENSSL_malloc(sizeof(*b));
     if (b == NULL)
         return 0;
 
diff --git a/crypto/bio/bss_conn.c b/crypto/bio/bss_conn.c
index 7d15ad29..bbc6d5ab 100644
--- a/crypto/bio/bss_conn.c
+++ b/crypto/bio/bss_conn.c
@@ -481,7 +481,7 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
                 char buf[16];
                 unsigned char *p = ptr;
 
-                BIO_snprintf(buf, sizeof buf, "%d.%d.%d.%d",
+                BIO_snprintf(buf, sizeof(buf), "%d.%d.%d.%d",
                              p[0], p[1], p[2], p[3]);
                 if (data->param_hostname != NULL)
                     OPENSSL_free(data->param_hostname);
@@ -490,7 +490,7 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
             } else if (num == 3) {
                 char buf[DECIMAL_SIZE(int) + 1];
 
-                BIO_snprintf(buf, sizeof buf, "%d", *(int *)ptr);
+                BIO_snprintf(buf, sizeof(buf), "%d", *(int *)ptr);
                 if (data->param_port != NULL)
                     OPENSSL_free(data->param_port);
                 data->param_port = BUF_strdup(buf);
diff --git a/crypto/bio/bss_file.c b/crypto/bio/bss_file.c
index a6e3b3ac..bbf906fa 100644
--- a/crypto/bio/bss_file.c
+++ b/crypto/bio/bss_file.c
@@ -251,7 +251,7 @@ static int MS_CALLBACK file_read(BIO *b, char *out, int outl)
             ret = fread(out, 1, (int)outl, (FILE *)b->ptr);
         if (ret == 0
             && (b->flags & BIO_FLAGS_UPLINK) ? UP_ferror((FILE *)b->ptr) :
-            ferror((FILE *)b->ptr)) {
+                                               ferror((FILE *)b->ptr)) {
             SYSerr(SYS_F_FREAD, get_last_sys_error());
             BIOerr(BIO_F_FILE_READ, ERR_R_SYS_LIB);
             ret = -1;
@@ -287,6 +287,7 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr)
     FILE *fp = (FILE *)b->ptr;
     FILE **fpp;
     char p[4];
+    int st;
 
     switch (cmd) {
     case BIO_C_FILE_SEEK:
@@ -318,8 +319,11 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr)
 #   if defined(__MINGW32__) && defined(__MSVCRT__) && !defined(_IOB_ENTRIES)
 #    define _IOB_ENTRIES 20
 #   endif
-#   if defined(_IOB_ENTRIES)
         /* Safety net to catch purely internal BIO_set_fp calls */
+#   if defined(_MSC_VER) && _MSC_VER>=1900
+        if (ptr == stdin || ptr == stdout || ptr == stderr)
+            BIO_clear_flags(b, BIO_FLAGS_UPLINK);
+#   elif defined(_IOB_ENTRIES)
         if ((size_t)ptr >= (size_t)stdin &&
             (size_t)ptr < (size_t)(stdin + _IOB_ENTRIES))
             BIO_clear_flags(b, BIO_FLAGS_UPLINK);
@@ -371,15 +375,15 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr)
         b->shutdown = (int)num & BIO_CLOSE;
         if (num & BIO_FP_APPEND) {
             if (num & BIO_FP_READ)
-                BUF_strlcpy(p, "a+", sizeof p);
+                BUF_strlcpy(p, "a+", sizeof(p));
             else
-                BUF_strlcpy(p, "a", sizeof p);
+                BUF_strlcpy(p, "a", sizeof(p));
         } else if ((num & BIO_FP_READ) && (num & BIO_FP_WRITE))
-            BUF_strlcpy(p, "r+", sizeof p);
+            BUF_strlcpy(p, "r+", sizeof(p));
         else if (num & BIO_FP_WRITE)
-            BUF_strlcpy(p, "w", sizeof p);
+            BUF_strlcpy(p, "w", sizeof(p));
         else if (num & BIO_FP_READ)
-            BUF_strlcpy(p, "r", sizeof p);
+            BUF_strlcpy(p, "r", sizeof(p));
         else {
             BIOerr(BIO_F_FILE_CTRL, BIO_R_BAD_FOPEN_MODE);
             ret = 0;
@@ -424,10 +428,14 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr)
         b->shutdown = (int)num;
         break;
     case BIO_CTRL_FLUSH:
-        if (b->flags & BIO_FLAGS_UPLINK)
-            UP_fflush(b->ptr);
-        else
-            fflush((FILE *)b->ptr);
+        st = b->flags & BIO_FLAGS_UPLINK
+                ? UP_fflush(b->ptr) : fflush((FILE *)b->ptr);
+        if (st == EOF) {
+            SYSerr(SYS_F_FFLUSH, get_last_sys_error());
+            ERR_add_error_data(1, "fflush()");
+            BIOerr(BIO_F_FILE_CTRL, ERR_R_SYS_LIB);
+            ret = 0;
+        }
         break;
     case BIO_CTRL_DUP:
         ret = 1;
diff --git a/crypto/bn/Makefile b/crypto/bn/Makefile
index c4c64095..20e8ef0a 100644
--- a/crypto/bn/Makefile
+++ b/crypto/bn/Makefile
@@ -187,7 +187,7 @@ dclean:
 	mv -f Makefile.new $(MAKEFILE)
 
 clean:
-	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+	rm -f *.s *.S *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
 
diff --git a/crypto/bn/asm/rsaz-avx2.pl b/crypto/bn/asm/rsaz-avx2.pl
index 712a77fe..2b3f8b0e 100644
--- a/crypto/bn/asm/rsaz-avx2.pl
+++ b/crypto/bn/asm/rsaz-avx2.pl
@@ -239,7 +239,7 @@ $code.=<<___;
 	vmovdqu		32*8-128($ap), $ACC8
 
 	lea	192(%rsp), $tp0			# 64+128=192
-	vpbroadcastq	.Land_mask(%rip), $AND_MASK
+	vmovdqu	.Land_mask(%rip), $AND_MASK
 	jmp	.LOOP_GRANDE_SQR_1024
 
 .align	32
@@ -1070,10 +1070,10 @@ $code.=<<___;
 	vpmuludq	32*6-128($np),$Yi,$TEMP1
 	vpaddq		$TEMP1,$ACC6,$ACC6
 	vpmuludq	32*7-128($np),$Yi,$TEMP2
-	 vpblendd	\$3, $ZERO, $ACC9, $ACC9	# correct $ACC3
+	 vpblendd	\$3, $ZERO, $ACC9, $TEMP1	# correct $ACC3
 	vpaddq		$TEMP2,$ACC7,$ACC7
 	vpmuludq	32*8-128($np),$Yi,$TEMP0
-	 vpaddq		$ACC9, $ACC3, $ACC3		# correct $ACC3
+	 vpaddq		$TEMP1, $ACC3, $ACC3		# correct $ACC3
 	vpaddq		$TEMP0,$ACC8,$ACC8
 
 	mov	%rbx, %rax
@@ -1086,7 +1086,9 @@ $code.=<<___;
 	 vmovdqu	-8+32*2-128($ap),$TEMP2
 
 	mov	$r1, %rax
+	 vpblendd	\$0xfc, $ZERO, $ACC9, $ACC9	# correct $ACC3
 	imull	$n0, %eax
+	 vpaddq		$ACC9,$ACC4,$ACC4		# correct $ACC3
 	and	\$0x1fffffff, %eax
 
 	 imulq	16-128($ap),%rbx
@@ -1322,15 +1324,12 @@ ___
 #	But as we underutilize resources, it's possible to correct in
 #	each iteration with marginal performance loss. But then, as
 #	we do it in each iteration, we can correct less digits, and
-#	avoid performance penalties completely. Also note that we
-#	correct only three digits out of four. This works because
-#	most significant digit is subjected to less additions.
+#	avoid performance penalties completely.
 
 $TEMP0 = $ACC9;
 $TEMP3 = $Bi;
 $TEMP4 = $Yi;
 $code.=<<___;
-	vpermq		\$0, $AND_MASK, $AND_MASK
 	vpaddq		(%rsp), $TEMP1, $ACC0
 
 	vpsrlq		\$29, $ACC0, $TEMP1
@@ -1763,7 +1762,7 @@ $code.=<<___;
 
 .align	64
 .Land_mask:
-	.quad	0x1fffffff,0x1fffffff,0x1fffffff,-1
+	.quad	0x1fffffff,0x1fffffff,0x1fffffff,0x1fffffff
 .Lscatter_permd:
 	.long	0,2,4,6,7,7,7,7
 .Lgather_permd:
diff --git a/crypto/bn/asm/sparcv9-mont.pl b/crypto/bn/asm/sparcv9-mont.pl
index b8fb1e8a..d8662878 100644
--- a/crypto/bn/asm/sparcv9-mont.pl
+++ b/crypto/bn/asm/sparcv9-mont.pl
@@ -290,7 +290,7 @@ ___
 ######## .Lbn_sqr_mont gives up to 20% *overall* improvement over
 ######## code without following dedicated squaring procedure.
 ########
-$sbit="%i2";		# re-use $bp!
+$sbit="%o5";
 
 $code.=<<___;
 .align	32
@@ -403,7 +403,7 @@ $code.=<<___;
 	mulx	$apj,$mul0,$acc0
 	mulx	$npj,$mul1,$acc1
 	add	$acc0,$car0,$car0
-	add	$tpj,$car1,$car1
+	add	$tpj,$sbit,$sbit
 	ld	[$ap+$j],$apj			! ap[j]
 	and	$car0,$mask,$acc0
 	ld	[$np+$j],$npj			! np[j]
@@ -412,7 +412,7 @@ $code.=<<___;
 	ld	[$tp+8],$tpj			! tp[j]
 	add	$acc0,$acc0,$acc0
 	add	$j,4,$j				! j++
-	or	$sbit,$acc0,$acc0
+	add	$sbit,$acc0,$acc0
 	srlx	$acc0,32,$sbit
 	and	$acc0,$mask,$acc0
 	cmp	$j,$num
@@ -426,12 +426,12 @@ $code.=<<___;
 	mulx	$apj,$mul0,$acc0
 	mulx	$npj,$mul1,$acc1
 	add	$acc0,$car0,$car0
-	add	$tpj,$car1,$car1
+	add	$tpj,$sbit,$sbit
 	and	$car0,$mask,$acc0
 	srlx	$car0,32,$car0
 	add	$acc1,$car1,$car1
 	add	$acc0,$acc0,$acc0
-	or	$sbit,$acc0,$acc0
+	add	$sbit,$acc0,$acc0
 	srlx	$acc0,32,$sbit
 	and	$acc0,$mask,$acc0
 	add	$acc0,$car1,$car1
@@ -439,7 +439,7 @@ $code.=<<___;
 	srlx	$car1,32,$car1
 
 	add	$car0,$car0,$car0
-	or	$sbit,$car0,$car0
+	add	$sbit,$car0,$car0
 	add	$car0,$car1,$car1
 	add	$car2,$car1,$car1
 	st	$car1,[$tp+4]
@@ -499,7 +499,7 @@ $code.=<<___;
 .Lsqr_inner2:
 	mulx	$apj,$mul0,$acc0
 	mulx	$npj,$mul1,$acc1
-	add	$tpj,$car1,$car1
+	add	$tpj,$sbit,$sbit
 	add	$acc0,$car0,$car0
 	ld	[$ap+$j],$apj			! ap[j]
 	and	$car0,$mask,$acc0
@@ -507,7 +507,7 @@ $code.=<<___;
 	srlx	$car0,32,$car0
 	add	$acc0,$acc0,$acc0
 	ld	[$tp+8],$tpj			! tp[j]
-	or	$sbit,$acc0,$acc0
+	add	$sbit,$acc0,$acc0
 	add	$j,4,$j				! j++
 	srlx	$acc0,32,$sbit
 	and	$acc0,$mask,$acc0
@@ -522,12 +522,12 @@ $code.=<<___;
 .Lsqr_no_inner2:
 	mulx	$apj,$mul0,$acc0
 	mulx	$npj,$mul1,$acc1
-	add	$tpj,$car1,$car1
+	add	$tpj,$sbit,$sbit
 	add	$acc0,$car0,$car0
 	and	$car0,$mask,$acc0
 	srlx	$car0,32,$car0
 	add	$acc0,$acc0,$acc0
-	or	$sbit,$acc0,$acc0
+	add	$sbit,$acc0,$acc0
 	srlx	$acc0,32,$sbit
 	and	$acc0,$mask,$acc0
 	add	$acc0,$car1,$car1
@@ -536,7 +536,7 @@ $code.=<<___;
 	srlx	$car1,32,$car1
 
 	add	$car0,$car0,$car0
-	or	$sbit,$car0,$car0
+	add	$sbit,$car0,$car0
 	add	$car0,$car1,$car1
 	add	$car2,$car1,$car1
 	st	$car1,[$tp+4]
@@ -581,14 +581,17 @@ $code.=<<___;
 !.Lsqr_last
 
 	mulx	$npj,$mul1,$acc1
-	add	$tpj,$car1,$car1
+	add	$tpj,$acc0,$acc0
+	srlx	$acc0,32,$tmp0
+	and	$acc0,$mask,$acc0
+	add	$tmp0,$sbit,$sbit
 	add	$acc0,$car1,$car1
 	add	$acc1,$car1,$car1
 	st	$car1,[$tp]
 	srlx	$car1,32,$car1
 
 	add	$car0,$car0,$car0		! recover $car0
-	or	$sbit,$car0,$car0
+	add	$sbit,$car0,$car0
 	add	$car0,$car1,$car1
 	add	$car2,$car1,$car1
 	st	$car1,[$tp+4]
diff --git a/crypto/bn/asm/x86_64-mont5.pl b/crypto/bn/asm/x86_64-mont5.pl
index 3bb0cdf5..42178e45 100644
--- a/crypto/bn/asm/x86_64-mont5.pl
+++ b/crypto/bn/asm/x86_64-mont5.pl
@@ -3090,11 +3090,19 @@ $code.=<<___;
 
 .align	32
 .Lsqrx8x_break:
-	sub	16+8(%rsp),%r8		# consume last carry
+	xor	$zero,$zero
+	sub	16+8(%rsp),%rbx		# mov 16(%rsp),%cf
+	adcx	$zero,%r8
 	mov	24+8(%rsp),$carry	# initial $tptr, borrow $carry
+	adcx	$zero,%r9
 	mov	0*8($aptr),%rdx		# a[8], modulo-scheduled
-	xor	%ebp,%ebp		# xor	$zero,$zero
+	adc	\$0,%r10
 	mov	%r8,0*8($tptr)
+	adc	\$0,%r11
+	adc	\$0,%r12
+	adc	\$0,%r13
+	adc	\$0,%r14
+	adc	\$0,%r15
 	cmp	$carry,$tptr		# cf=0, of=0
 	je	.Lsqrx8x_outer_loop
 
diff --git a/crypto/bn/bn_exp.c b/crypto/bn/bn_exp.c
index 195a7867..40115fc7 100644
--- a/crypto/bn/bn_exp.c
+++ b/crypto/bn/bn_exp.c
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2018 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -145,10 +145,11 @@ int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
     int i, bits, ret = 0;
     BIGNUM *v, *rr;
 
-    if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
+    if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0
+            || BN_get_flags(a, BN_FLG_CONSTTIME) != 0) {
         /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
         BNerr(BN_F_BN_EXP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return -1;
+        return 0;
     }
 
     BN_CTX_start(ctx);
@@ -245,7 +246,9 @@ int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
     if (BN_is_odd(m)) {
 # ifdef MONT_EXP_WORD
         if (a->top == 1 && !a->neg
-            && (BN_get_flags(p, BN_FLG_CONSTTIME) == 0)) {
+            && (BN_get_flags(p, BN_FLG_CONSTTIME) == 0)
+            && (BN_get_flags(a, BN_FLG_CONSTTIME) == 0)
+            && (BN_get_flags(m, BN_FLG_CONSTTIME) == 0)) {
             BN_ULONG A = a->d[0];
             ret = BN_mod_exp_mont_word(r, A, p, m, ctx, NULL);
         } else
@@ -277,10 +280,12 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
     BIGNUM *val[TABLE_SIZE];
     BN_RECP_CTX recp;
 
-    if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
+    if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0
+            || BN_get_flags(a, BN_FLG_CONSTTIME) != 0
+            || BN_get_flags(m, BN_FLG_CONSTTIME) != 0) {
         /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
         BNerr(BN_F_BN_MOD_EXP_RECP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return -1;
+        return 0;
     }
 
     bits = BN_num_bits(p);
@@ -411,7 +416,9 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
     BIGNUM *val[TABLE_SIZE];
     BN_MONT_CTX *mont = NULL;
 
-    if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
+    if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0
+            || BN_get_flags(a, BN_FLG_CONSTTIME) != 0
+            || BN_get_flags(m, BN_FLG_CONSTTIME) != 0) {
         return BN_mod_exp_mont_consttime(rr, a, p, m, ctx, in_mont);
     }
 
@@ -720,7 +727,11 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
 
     top = m->top;
 
-    bits = BN_num_bits(p);
+    /*
+     * Use all bits stored in |p|, rather than |BN_num_bits|, so we do not leak
+     * whether the top bits are zero.
+     */
+    bits = p->top * BN_BITS2;
     if (bits == 0) {
         /* x**0 mod 1 is still zero. */
         if (BN_is_one(m)) {
@@ -1217,10 +1228,11 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p,
 #define BN_TO_MONTGOMERY_WORD(r, w, mont) \
                 (BN_set_word(r, (w)) && BN_to_montgomery(r, r, (mont), ctx))
 
-    if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
+    if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0
+            || BN_get_flags(m, BN_FLG_CONSTTIME) != 0) {
         /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
         BNerr(BN_F_BN_MOD_EXP_MONT_WORD, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return -1;
+        return 0;
     }
 
     bn_check_top(p);
@@ -1348,10 +1360,12 @@ int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
     /* Table of variables obtained from 'ctx' */
     BIGNUM *val[TABLE_SIZE];
 
-    if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
+    if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0
+            || BN_get_flags(a, BN_FLG_CONSTTIME) != 0
+            || BN_get_flags(m, BN_FLG_CONSTTIME) != 0) {
         /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
         BNerr(BN_F_BN_MOD_EXP_SIMPLE, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return -1;
+        return 0;
     }
 
     bits = BN_num_bits(p);
diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c
index 10b78f51..27b9bdbc 100644
--- a/crypto/bn/bn_lib.c
+++ b/crypto/bn/bn_lib.c
@@ -144,74 +144,47 @@ const BIGNUM *BN_value_one(void)
 
 int BN_num_bits_word(BN_ULONG l)
 {
-    static const unsigned char bits[256] = {
-        0, 1, 2, 2, 3, 3, 3, 3, 4, 4, 4, 4, 4, 4, 4, 4,
-        5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5,
-        6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
-        6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
-        7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
-        7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
-        7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
-        7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-    };
+    BN_ULONG x, mask;
+    int bits = (l != 0);
 
-#if defined(SIXTY_FOUR_BIT_LONG)
-    if (l & 0xffffffff00000000L) {
-        if (l & 0xffff000000000000L) {
-            if (l & 0xff00000000000000L) {
-                return (bits[(int)(l >> 56)] + 56);
-            } else
-                return (bits[(int)(l >> 48)] + 48);
-        } else {
-            if (l & 0x0000ff0000000000L) {
-                return (bits[(int)(l >> 40)] + 40);
-            } else
-                return (bits[(int)(l >> 32)] + 32);
-        }
-    } else
-#else
-# ifdef SIXTY_FOUR_BIT
-    if (l & 0xffffffff00000000LL) {
-        if (l & 0xffff000000000000LL) {
-            if (l & 0xff00000000000000LL) {
-                return (bits[(int)(l >> 56)] + 56);
-            } else
-                return (bits[(int)(l >> 48)] + 48);
-        } else {
-            if (l & 0x0000ff0000000000LL) {
-                return (bits[(int)(l >> 40)] + 40);
-            } else
-                return (bits[(int)(l >> 32)] + 32);
-        }
-    } else
-# endif
+#if BN_BITS2 > 32
+    x = l >> 32;
+    mask = (0 - x) & BN_MASK2;
+    mask = (0 - (mask >> (BN_BITS2 - 1)));
+    bits += 32 & mask;
+    l ^= (x ^ l) & mask;
 #endif
-    {
-#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
-        if (l & 0xffff0000L) {
-            if (l & 0xff000000L)
-                return (bits[(int)(l >> 24L)] + 24);
-            else
-                return (bits[(int)(l >> 16L)] + 16);
-        } else
-#endif
-        {
-#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
-            if (l & 0xff00L)
-                return (bits[(int)(l >> 8)] + 8);
-            else
-#endif
-                return (bits[(int)(l)]);
-        }
-    }
+
+    x = l >> 16;
+    mask = (0 - x) & BN_MASK2;
+    mask = (0 - (mask >> (BN_BITS2 - 1)));
+    bits += 16 & mask;
+    l ^= (x ^ l) & mask;
+
+    x = l >> 8;
+    mask = (0 - x) & BN_MASK2;
+    mask = (0 - (mask >> (BN_BITS2 - 1)));
+    bits += 8 & mask;
+    l ^= (x ^ l) & mask;
+
+    x = l >> 4;
+    mask = (0 - x) & BN_MASK2;
+    mask = (0 - (mask >> (BN_BITS2 - 1)));
+    bits += 4 & mask;
+    l ^= (x ^ l) & mask;
+
+    x = l >> 2;
+    mask = (0 - x) & BN_MASK2;
+    mask = (0 - (mask >> (BN_BITS2 - 1)));
+    bits += 2 & mask;
+    l ^= (x ^ l) & mask;
+
+    x = l >> 1;
+    mask = (0 - x) & BN_MASK2;
+    mask = (0 - (mask >> (BN_BITS2 - 1)));
+    bits += 1 & mask;
+
+    return bits;
 }
 
 int BN_num_bits(const BIGNUM *a)
diff --git a/crypto/bn/bn_mont.c b/crypto/bn/bn_mont.c
index be95bd55..c1703650 100644
--- a/crypto/bn/bn_mont.c
+++ b/crypto/bn/bn_mont.c
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2018 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -207,26 +207,13 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
     r->top = max;
     n0 = mont->n0[0];
 
-# ifdef BN_COUNT
-    fprintf(stderr, "word BN_from_montgomery_word %d * %d\n", nl, nl);
-# endif
+    /*
+     * Add multiples of |n| to |r| until R = 2^(nl * BN_BITS2) divides it. On
+     * input, we had |r| < |n| * R, so now |r| < 2 * |n| * R. Note that |r|
+     * includes |carry| which is stored separately.
+     */
     for (carry = 0, i = 0; i < nl; i++, rp++) {
-# ifdef __TANDEM
-        {
-            long long t1;
-            long long t2;
-            long long t3;
-            t1 = rp[0] * (n0 & 0177777);
-            t2 = 037777600000l;
-            t2 = n0 & t2;
-            t3 = rp[0] & 0177777;
-            t2 = (t3 * t2) & BN_MASK2;
-            t1 = t1 + t2;
-            v = bn_mul_add_words(rp, np, nl, (BN_ULONG)t1);
-        }
-# else
         v = bn_mul_add_words(rp, np, nl, (rp[0] * n0) & BN_MASK2);
-# endif
         v = (v + carry + rp[nl]) & BN_MASK2;
         carry |= (v != rp[nl]);
         carry &= (v <= rp[nl]);
@@ -239,46 +226,24 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
     ret->neg = r->neg;
 
     rp = ret->d;
+
+    /*
+     * Shift |nl| words to divide by R. We have |ap| < 2 * |n|. Note that |ap|
+     * includes |carry| which is stored separately.
+     */
     ap = &(r->d[nl]);
 
-# define BRANCH_FREE 1
-# if BRANCH_FREE
-    {
-        BN_ULONG *nrp;
-        size_t m;
-
-        v = bn_sub_words(rp, ap, np, nl) - carry;
-        /*
-         * if subtraction result is real, then trick unconditional memcpy
-         * below to perform in-place "refresh" instead of actual copy.
-         */
-        m = (0 - (size_t)v);
-        nrp =
-            (BN_ULONG *)(((PTR_SIZE_INT) rp & ~m) | ((PTR_SIZE_INT) ap & m));
-
-        for (i = 0, nl -= 4; i < nl; i += 4) {
-            BN_ULONG t1, t2, t3, t4;
-
-            t1 = nrp[i + 0];
-            t2 = nrp[i + 1];
-            t3 = nrp[i + 2];
-            ap[i + 0] = 0;
-            t4 = nrp[i + 3];
-            ap[i + 1] = 0;
-            rp[i + 0] = t1;
-            ap[i + 2] = 0;
-            rp[i + 1] = t2;
-            ap[i + 3] = 0;
-            rp[i + 2] = t3;
-            rp[i + 3] = t4;
-        }
-        for (nl += 4; i < nl; i++)
-            rp[i] = nrp[i], ap[i] = 0;
+    /*
+     * |v| is one if |ap| - |np| underflowed or zero if it did not. Note |v|
+     * cannot be -1. That would imply the subtraction did not fit in |nl| words,
+     * and we know at most one subtraction is needed.
+     */
+    v = bn_sub_words(rp, ap, np, nl) - carry;
+    v = 0 - v;
+    for (i = 0; i < nl; i++) {
+        rp[i] = (v & ap[i]) | (~v & rp[i]);
+        ap[i] = 0;
     }
-# else
-    if (bn_sub_words(rp, ap, np, nl) - carry)
-        memcpy(rp, ap, nl * sizeof(BN_ULONG));
-# endif
     bn_correct_top(r);
     bn_correct_top(ret);
     bn_check_top(ret);
@@ -382,6 +347,8 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx)
     R = &(mont->RR);            /* grab RR as a temp */
     if (!BN_copy(&(mont->N), mod))
         goto err;               /* Set N */
+    if (BN_get_flags(mod, BN_FLG_CONSTTIME) != 0)
+        BN_set_flags(&(mont->N), BN_FLG_CONSTTIME);
     mont->N.neg = 0;
 
 #ifdef MONT_WORD
@@ -394,6 +361,9 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx)
         tmod.dmax = 2;
         tmod.neg = 0;
 
+        if (BN_get_flags(mod, BN_FLG_CONSTTIME) != 0)
+            BN_set_flags(&tmod, BN_FLG_CONSTTIME);
+
         mont->ri = (BN_num_bits(mod) + (BN_BITS2 - 1)) / BN_BITS2 * BN_BITS2;
 
 # if defined(OPENSSL_BN_ASM_MONT) && (BN_BITS2<=32)
diff --git a/crypto/bn/bn_mul.c b/crypto/bn/bn_mul.c
index 3c618dc3..6b455a75 100644
--- a/crypto/bn/bn_mul.c
+++ b/crypto/bn/bn_mul.c
@@ -1032,46 +1032,6 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
             rr->top = top;
             goto end;
         }
-# if 0
-        if (i == 1 && !BN_get_flags(b, BN_FLG_STATIC_DATA)) {
-            BIGNUM *tmp_bn = (BIGNUM *)b;
-            if (bn_wexpand(tmp_bn, al) == NULL)
-                goto err;
-            tmp_bn->d[bl] = 0;
-            bl++;
-            i--;
-        } else if (i == -1 && !BN_get_flags(a, BN_FLG_STATIC_DATA)) {
-            BIGNUM *tmp_bn = (BIGNUM *)a;
-            if (bn_wexpand(tmp_bn, bl) == NULL)
-                goto err;
-            tmp_bn->d[al] = 0;
-            al++;
-            i++;
-        }
-        if (i == 0) {
-            /* symmetric and > 4 */
-            /* 16 or larger */
-            j = BN_num_bits_word((BN_ULONG)al);
-            j = 1 << (j - 1);
-            k = j + j;
-            t = BN_CTX_get(ctx);
-            if (al == j) {      /* exact multiple */
-                if (bn_wexpand(t, k * 2) == NULL)
-                    goto err;
-                if (bn_wexpand(rr, k * 2) == NULL)
-                    goto err;
-                bn_mul_recursive(rr->d, a->d, b->d, al, t->d);
-            } else {
-                if (bn_wexpand(t, k * 4) == NULL)
-                    goto err;
-                if (bn_wexpand(rr, k * 4) == NULL)
-                    goto err;
-                bn_mul_part_recursive(rr->d, a->d, b->d, al - j, j, t->d);
-            }
-            rr->top = top;
-            goto end;
-        }
-# endif
     }
 #endif                          /* BN_RECURSION */
     if (bn_wexpand(rr, top) == NULL)
diff --git a/crypto/bn/bn_prime.c b/crypto/bn/bn_prime.c
index 8177fd29..e911e157 100644
--- a/crypto/bn/bn_prime.c
+++ b/crypto/bn/bn_prime.c
@@ -252,7 +252,6 @@ int BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed,
     BN_CTX *ctx = NULL;
     BIGNUM *A1, *A1_odd, *check; /* taken from ctx */
     BN_MONT_CTX *mont = NULL;
-    const BIGNUM *A = NULL;
 
     if (BN_cmp(a, BN_value_one()) <= 0)
         return 0;
@@ -278,25 +277,14 @@ int BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed,
         goto err;
     BN_CTX_start(ctx);
 
-    /* A := abs(a) */
-    if (a->neg) {
-        BIGNUM *t;
-        if ((t = BN_CTX_get(ctx)) == NULL)
-            goto err;
-        if (BN_copy(t, a) == NULL)
-            goto err;
-        t->neg = 0;
-        A = t;
-    } else
-        A = a;
     A1 = BN_CTX_get(ctx);
     A1_odd = BN_CTX_get(ctx);
     check = BN_CTX_get(ctx);
     if (check == NULL)
         goto err;
 
-    /* compute A1 := A - 1 */
-    if (!BN_copy(A1, A))
+    /* compute A1 := a - 1 */
+    if (!BN_copy(A1, a))
         goto err;
     if (!BN_sub_word(A1, 1))
         goto err;
@@ -312,11 +300,11 @@ int BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed,
     if (!BN_rshift(A1_odd, A1, k))
         goto err;
 
-    /* Montgomery setup for computations mod A */
+    /* Montgomery setup for computations mod a */
     mont = BN_MONT_CTX_new();
     if (mont == NULL)
         goto err;
-    if (!BN_MONT_CTX_set(mont, A, ctx))
+    if (!BN_MONT_CTX_set(mont, a, ctx))
         goto err;
 
     for (i = 0; i < checks; i++) {
@@ -324,9 +312,9 @@ int BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed,
             goto err;
         if (!BN_add_word(check, 1))
             goto err;
-        /* now 1 <= check < A */
+        /* now 1 <= check < a */
 
-        j = witness(check, A, A1, A1_odd, k, ctx, mont);
+        j = witness(check, a, A1, A1_odd, k, ctx, mont);
         if (j == -1)
             goto err;
         if (j) {
diff --git a/crypto/bn/bn_prime.h b/crypto/bn/bn_prime.h
index 5cf0de16..489af8b4 100644
--- a/crypto/bn/bn_prime.h
+++ b/crypto/bn/bn_prime.h
@@ -64,263 +64,263 @@ typedef unsigned short prime_t;
 typedef unsigned char prime_t;
 #endif
 static const prime_t primes[NUMPRIMES] = {
-    2, 3, 5, 7, 11, 13, 17, 19,
-    23, 29, 31, 37, 41, 43, 47, 53,
-    59, 61, 67, 71, 73, 79, 83, 89,
-    97, 101, 103, 107, 109, 113, 127, 131,
-    137, 139, 149, 151, 157, 163, 167, 173,
-    179, 181, 191, 193, 197, 199, 211, 223,
-    227, 229, 233, 239, 241, 251,
+         2,     3,     5,     7,    11,    13,    17,    19,
+        23,    29,    31,    37,    41,    43,    47,    53,
+        59,    61,    67,    71,    73,    79,    83,    89,
+        97,   101,   103,   107,   109,   113,   127,   131,
+       137,   139,   149,   151,   157,   163,   167,   173,
+       179,   181,   191,   193,   197,   199,   211,   223,
+       227,   229,   233,   239,   241,   251,
 #ifndef EIGHT_BIT
-    257, 263,
-    269, 271, 277, 281, 283, 293, 307, 311,
-    313, 317, 331, 337, 347, 349, 353, 359,
-    367, 373, 379, 383, 389, 397, 401, 409,
-    419, 421, 431, 433, 439, 443, 449, 457,
-    461, 463, 467, 479, 487, 491, 499, 503,
-    509, 521, 523, 541, 547, 557, 563, 569,
-    571, 577, 587, 593, 599, 601, 607, 613,
-    617, 619, 631, 641, 643, 647, 653, 659,
-    661, 673, 677, 683, 691, 701, 709, 719,
-    727, 733, 739, 743, 751, 757, 761, 769,
-    773, 787, 797, 809, 811, 821, 823, 827,
-    829, 839, 853, 857, 859, 863, 877, 881,
-    883, 887, 907, 911, 919, 929, 937, 941,
-    947, 953, 967, 971, 977, 983, 991, 997,
-    1009, 1013, 1019, 1021, 1031, 1033, 1039, 1049,
-    1051, 1061, 1063, 1069, 1087, 1091, 1093, 1097,
-    1103, 1109, 1117, 1123, 1129, 1151, 1153, 1163,
-    1171, 1181, 1187, 1193, 1201, 1213, 1217, 1223,
-    1229, 1231, 1237, 1249, 1259, 1277, 1279, 1283,
-    1289, 1291, 1297, 1301, 1303, 1307, 1319, 1321,
-    1327, 1361, 1367, 1373, 1381, 1399, 1409, 1423,
-    1427, 1429, 1433, 1439, 1447, 1451, 1453, 1459,
-    1471, 1481, 1483, 1487, 1489, 1493, 1499, 1511,
-    1523, 1531, 1543, 1549, 1553, 1559, 1567, 1571,
-    1579, 1583, 1597, 1601, 1607, 1609, 1613, 1619,
-    1621, 1627, 1637, 1657, 1663, 1667, 1669, 1693,
-    1697, 1699, 1709, 1721, 1723, 1733, 1741, 1747,
-    1753, 1759, 1777, 1783, 1787, 1789, 1801, 1811,
-    1823, 1831, 1847, 1861, 1867, 1871, 1873, 1877,
-    1879, 1889, 1901, 1907, 1913, 1931, 1933, 1949,
-    1951, 1973, 1979, 1987, 1993, 1997, 1999, 2003,
-    2011, 2017, 2027, 2029, 2039, 2053, 2063, 2069,
-    2081, 2083, 2087, 2089, 2099, 2111, 2113, 2129,
-    2131, 2137, 2141, 2143, 2153, 2161, 2179, 2203,
-    2207, 2213, 2221, 2237, 2239, 2243, 2251, 2267,
-    2269, 2273, 2281, 2287, 2293, 2297, 2309, 2311,
-    2333, 2339, 2341, 2347, 2351, 2357, 2371, 2377,
-    2381, 2383, 2389, 2393, 2399, 2411, 2417, 2423,
-    2437, 2441, 2447, 2459, 2467, 2473, 2477, 2503,
-    2521, 2531, 2539, 2543, 2549, 2551, 2557, 2579,
-    2591, 2593, 2609, 2617, 2621, 2633, 2647, 2657,
-    2659, 2663, 2671, 2677, 2683, 2687, 2689, 2693,
-    2699, 2707, 2711, 2713, 2719, 2729, 2731, 2741,
-    2749, 2753, 2767, 2777, 2789, 2791, 2797, 2801,
-    2803, 2819, 2833, 2837, 2843, 2851, 2857, 2861,
-    2879, 2887, 2897, 2903, 2909, 2917, 2927, 2939,
-    2953, 2957, 2963, 2969, 2971, 2999, 3001, 3011,
-    3019, 3023, 3037, 3041, 3049, 3061, 3067, 3079,
-    3083, 3089, 3109, 3119, 3121, 3137, 3163, 3167,
-    3169, 3181, 3187, 3191, 3203, 3209, 3217, 3221,
-    3229, 3251, 3253, 3257, 3259, 3271, 3299, 3301,
-    3307, 3313, 3319, 3323, 3329, 3331, 3343, 3347,
-    3359, 3361, 3371, 3373, 3389, 3391, 3407, 3413,
-    3433, 3449, 3457, 3461, 3463, 3467, 3469, 3491,
-    3499, 3511, 3517, 3527, 3529, 3533, 3539, 3541,
-    3547, 3557, 3559, 3571, 3581, 3583, 3593, 3607,
-    3613, 3617, 3623, 3631, 3637, 3643, 3659, 3671,
-    3673, 3677, 3691, 3697, 3701, 3709, 3719, 3727,
-    3733, 3739, 3761, 3767, 3769, 3779, 3793, 3797,
-    3803, 3821, 3823, 3833, 3847, 3851, 3853, 3863,
-    3877, 3881, 3889, 3907, 3911, 3917, 3919, 3923,
-    3929, 3931, 3943, 3947, 3967, 3989, 4001, 4003,
-    4007, 4013, 4019, 4021, 4027, 4049, 4051, 4057,
-    4073, 4079, 4091, 4093, 4099, 4111, 4127, 4129,
-    4133, 4139, 4153, 4157, 4159, 4177, 4201, 4211,
-    4217, 4219, 4229, 4231, 4241, 4243, 4253, 4259,
-    4261, 4271, 4273, 4283, 4289, 4297, 4327, 4337,
-    4339, 4349, 4357, 4363, 4373, 4391, 4397, 4409,
-    4421, 4423, 4441, 4447, 4451, 4457, 4463, 4481,
-    4483, 4493, 4507, 4513, 4517, 4519, 4523, 4547,
-    4549, 4561, 4567, 4583, 4591, 4597, 4603, 4621,
-    4637, 4639, 4643, 4649, 4651, 4657, 4663, 4673,
-    4679, 4691, 4703, 4721, 4723, 4729, 4733, 4751,
-    4759, 4783, 4787, 4789, 4793, 4799, 4801, 4813,
-    4817, 4831, 4861, 4871, 4877, 4889, 4903, 4909,
-    4919, 4931, 4933, 4937, 4943, 4951, 4957, 4967,
-    4969, 4973, 4987, 4993, 4999, 5003, 5009, 5011,
-    5021, 5023, 5039, 5051, 5059, 5077, 5081, 5087,
-    5099, 5101, 5107, 5113, 5119, 5147, 5153, 5167,
-    5171, 5179, 5189, 5197, 5209, 5227, 5231, 5233,
-    5237, 5261, 5273, 5279, 5281, 5297, 5303, 5309,
-    5323, 5333, 5347, 5351, 5381, 5387, 5393, 5399,
-    5407, 5413, 5417, 5419, 5431, 5437, 5441, 5443,
-    5449, 5471, 5477, 5479, 5483, 5501, 5503, 5507,
-    5519, 5521, 5527, 5531, 5557, 5563, 5569, 5573,
-    5581, 5591, 5623, 5639, 5641, 5647, 5651, 5653,
-    5657, 5659, 5669, 5683, 5689, 5693, 5701, 5711,
-    5717, 5737, 5741, 5743, 5749, 5779, 5783, 5791,
-    5801, 5807, 5813, 5821, 5827, 5839, 5843, 5849,
-    5851, 5857, 5861, 5867, 5869, 5879, 5881, 5897,
-    5903, 5923, 5927, 5939, 5953, 5981, 5987, 6007,
-    6011, 6029, 6037, 6043, 6047, 6053, 6067, 6073,
-    6079, 6089, 6091, 6101, 6113, 6121, 6131, 6133,
-    6143, 6151, 6163, 6173, 6197, 6199, 6203, 6211,
-    6217, 6221, 6229, 6247, 6257, 6263, 6269, 6271,
-    6277, 6287, 6299, 6301, 6311, 6317, 6323, 6329,
-    6337, 6343, 6353, 6359, 6361, 6367, 6373, 6379,
-    6389, 6397, 6421, 6427, 6449, 6451, 6469, 6473,
-    6481, 6491, 6521, 6529, 6547, 6551, 6553, 6563,
-    6569, 6571, 6577, 6581, 6599, 6607, 6619, 6637,
-    6653, 6659, 6661, 6673, 6679, 6689, 6691, 6701,
-    6703, 6709, 6719, 6733, 6737, 6761, 6763, 6779,
-    6781, 6791, 6793, 6803, 6823, 6827, 6829, 6833,
-    6841, 6857, 6863, 6869, 6871, 6883, 6899, 6907,
-    6911, 6917, 6947, 6949, 6959, 6961, 6967, 6971,
-    6977, 6983, 6991, 6997, 7001, 7013, 7019, 7027,
-    7039, 7043, 7057, 7069, 7079, 7103, 7109, 7121,
-    7127, 7129, 7151, 7159, 7177, 7187, 7193, 7207,
-    7211, 7213, 7219, 7229, 7237, 7243, 7247, 7253,
-    7283, 7297, 7307, 7309, 7321, 7331, 7333, 7349,
-    7351, 7369, 7393, 7411, 7417, 7433, 7451, 7457,
-    7459, 7477, 7481, 7487, 7489, 7499, 7507, 7517,
-    7523, 7529, 7537, 7541, 7547, 7549, 7559, 7561,
-    7573, 7577, 7583, 7589, 7591, 7603, 7607, 7621,
-    7639, 7643, 7649, 7669, 7673, 7681, 7687, 7691,
-    7699, 7703, 7717, 7723, 7727, 7741, 7753, 7757,
-    7759, 7789, 7793, 7817, 7823, 7829, 7841, 7853,
-    7867, 7873, 7877, 7879, 7883, 7901, 7907, 7919,
-    7927, 7933, 7937, 7949, 7951, 7963, 7993, 8009,
-    8011, 8017, 8039, 8053, 8059, 8069, 8081, 8087,
-    8089, 8093, 8101, 8111, 8117, 8123, 8147, 8161,
-    8167, 8171, 8179, 8191, 8209, 8219, 8221, 8231,
-    8233, 8237, 8243, 8263, 8269, 8273, 8287, 8291,
-    8293, 8297, 8311, 8317, 8329, 8353, 8363, 8369,
-    8377, 8387, 8389, 8419, 8423, 8429, 8431, 8443,
-    8447, 8461, 8467, 8501, 8513, 8521, 8527, 8537,
-    8539, 8543, 8563, 8573, 8581, 8597, 8599, 8609,
-    8623, 8627, 8629, 8641, 8647, 8663, 8669, 8677,
-    8681, 8689, 8693, 8699, 8707, 8713, 8719, 8731,
-    8737, 8741, 8747, 8753, 8761, 8779, 8783, 8803,
-    8807, 8819, 8821, 8831, 8837, 8839, 8849, 8861,
-    8863, 8867, 8887, 8893, 8923, 8929, 8933, 8941,
-    8951, 8963, 8969, 8971, 8999, 9001, 9007, 9011,
-    9013, 9029, 9041, 9043, 9049, 9059, 9067, 9091,
-    9103, 9109, 9127, 9133, 9137, 9151, 9157, 9161,
-    9173, 9181, 9187, 9199, 9203, 9209, 9221, 9227,
-    9239, 9241, 9257, 9277, 9281, 9283, 9293, 9311,
-    9319, 9323, 9337, 9341, 9343, 9349, 9371, 9377,
-    9391, 9397, 9403, 9413, 9419, 9421, 9431, 9433,
-    9437, 9439, 9461, 9463, 9467, 9473, 9479, 9491,
-    9497, 9511, 9521, 9533, 9539, 9547, 9551, 9587,
-    9601, 9613, 9619, 9623, 9629, 9631, 9643, 9649,
-    9661, 9677, 9679, 9689, 9697, 9719, 9721, 9733,
-    9739, 9743, 9749, 9767, 9769, 9781, 9787, 9791,
-    9803, 9811, 9817, 9829, 9833, 9839, 9851, 9857,
-    9859, 9871, 9883, 9887, 9901, 9907, 9923, 9929,
-    9931, 9941, 9949, 9967, 9973, 10007, 10009, 10037,
-    10039, 10061, 10067, 10069, 10079, 10091, 10093, 10099,
-    10103, 10111, 10133, 10139, 10141, 10151, 10159, 10163,
-    10169, 10177, 10181, 10193, 10211, 10223, 10243, 10247,
-    10253, 10259, 10267, 10271, 10273, 10289, 10301, 10303,
-    10313, 10321, 10331, 10333, 10337, 10343, 10357, 10369,
-    10391, 10399, 10427, 10429, 10433, 10453, 10457, 10459,
-    10463, 10477, 10487, 10499, 10501, 10513, 10529, 10531,
-    10559, 10567, 10589, 10597, 10601, 10607, 10613, 10627,
-    10631, 10639, 10651, 10657, 10663, 10667, 10687, 10691,
-    10709, 10711, 10723, 10729, 10733, 10739, 10753, 10771,
-    10781, 10789, 10799, 10831, 10837, 10847, 10853, 10859,
-    10861, 10867, 10883, 10889, 10891, 10903, 10909, 10937,
-    10939, 10949, 10957, 10973, 10979, 10987, 10993, 11003,
-    11027, 11047, 11057, 11059, 11069, 11071, 11083, 11087,
-    11093, 11113, 11117, 11119, 11131, 11149, 11159, 11161,
-    11171, 11173, 11177, 11197, 11213, 11239, 11243, 11251,
-    11257, 11261, 11273, 11279, 11287, 11299, 11311, 11317,
-    11321, 11329, 11351, 11353, 11369, 11383, 11393, 11399,
-    11411, 11423, 11437, 11443, 11447, 11467, 11471, 11483,
-    11489, 11491, 11497, 11503, 11519, 11527, 11549, 11551,
-    11579, 11587, 11593, 11597, 11617, 11621, 11633, 11657,
-    11677, 11681, 11689, 11699, 11701, 11717, 11719, 11731,
-    11743, 11777, 11779, 11783, 11789, 11801, 11807, 11813,
-    11821, 11827, 11831, 11833, 11839, 11863, 11867, 11887,
-    11897, 11903, 11909, 11923, 11927, 11933, 11939, 11941,
-    11953, 11959, 11969, 11971, 11981, 11987, 12007, 12011,
-    12037, 12041, 12043, 12049, 12071, 12073, 12097, 12101,
-    12107, 12109, 12113, 12119, 12143, 12149, 12157, 12161,
-    12163, 12197, 12203, 12211, 12227, 12239, 12241, 12251,
-    12253, 12263, 12269, 12277, 12281, 12289, 12301, 12323,
-    12329, 12343, 12347, 12373, 12377, 12379, 12391, 12401,
-    12409, 12413, 12421, 12433, 12437, 12451, 12457, 12473,
-    12479, 12487, 12491, 12497, 12503, 12511, 12517, 12527,
-    12539, 12541, 12547, 12553, 12569, 12577, 12583, 12589,
-    12601, 12611, 12613, 12619, 12637, 12641, 12647, 12653,
-    12659, 12671, 12689, 12697, 12703, 12713, 12721, 12739,
-    12743, 12757, 12763, 12781, 12791, 12799, 12809, 12821,
-    12823, 12829, 12841, 12853, 12889, 12893, 12899, 12907,
-    12911, 12917, 12919, 12923, 12941, 12953, 12959, 12967,
-    12973, 12979, 12983, 13001, 13003, 13007, 13009, 13033,
-    13037, 13043, 13049, 13063, 13093, 13099, 13103, 13109,
-    13121, 13127, 13147, 13151, 13159, 13163, 13171, 13177,
-    13183, 13187, 13217, 13219, 13229, 13241, 13249, 13259,
-    13267, 13291, 13297, 13309, 13313, 13327, 13331, 13337,
-    13339, 13367, 13381, 13397, 13399, 13411, 13417, 13421,
-    13441, 13451, 13457, 13463, 13469, 13477, 13487, 13499,
-    13513, 13523, 13537, 13553, 13567, 13577, 13591, 13597,
-    13613, 13619, 13627, 13633, 13649, 13669, 13679, 13681,
-    13687, 13691, 13693, 13697, 13709, 13711, 13721, 13723,
-    13729, 13751, 13757, 13759, 13763, 13781, 13789, 13799,
-    13807, 13829, 13831, 13841, 13859, 13873, 13877, 13879,
-    13883, 13901, 13903, 13907, 13913, 13921, 13931, 13933,
-    13963, 13967, 13997, 13999, 14009, 14011, 14029, 14033,
-    14051, 14057, 14071, 14081, 14083, 14087, 14107, 14143,
-    14149, 14153, 14159, 14173, 14177, 14197, 14207, 14221,
-    14243, 14249, 14251, 14281, 14293, 14303, 14321, 14323,
-    14327, 14341, 14347, 14369, 14387, 14389, 14401, 14407,
-    14411, 14419, 14423, 14431, 14437, 14447, 14449, 14461,
-    14479, 14489, 14503, 14519, 14533, 14537, 14543, 14549,
-    14551, 14557, 14561, 14563, 14591, 14593, 14621, 14627,
-    14629, 14633, 14639, 14653, 14657, 14669, 14683, 14699,
-    14713, 14717, 14723, 14731, 14737, 14741, 14747, 14753,
-    14759, 14767, 14771, 14779, 14783, 14797, 14813, 14821,
-    14827, 14831, 14843, 14851, 14867, 14869, 14879, 14887,
-    14891, 14897, 14923, 14929, 14939, 14947, 14951, 14957,
-    14969, 14983, 15013, 15017, 15031, 15053, 15061, 15073,
-    15077, 15083, 15091, 15101, 15107, 15121, 15131, 15137,
-    15139, 15149, 15161, 15173, 15187, 15193, 15199, 15217,
-    15227, 15233, 15241, 15259, 15263, 15269, 15271, 15277,
-    15287, 15289, 15299, 15307, 15313, 15319, 15329, 15331,
-    15349, 15359, 15361, 15373, 15377, 15383, 15391, 15401,
-    15413, 15427, 15439, 15443, 15451, 15461, 15467, 15473,
-    15493, 15497, 15511, 15527, 15541, 15551, 15559, 15569,
-    15581, 15583, 15601, 15607, 15619, 15629, 15641, 15643,
-    15647, 15649, 15661, 15667, 15671, 15679, 15683, 15727,
-    15731, 15733, 15737, 15739, 15749, 15761, 15767, 15773,
-    15787, 15791, 15797, 15803, 15809, 15817, 15823, 15859,
-    15877, 15881, 15887, 15889, 15901, 15907, 15913, 15919,
-    15923, 15937, 15959, 15971, 15973, 15991, 16001, 16007,
-    16033, 16057, 16061, 16063, 16067, 16069, 16073, 16087,
-    16091, 16097, 16103, 16111, 16127, 16139, 16141, 16183,
-    16187, 16189, 16193, 16217, 16223, 16229, 16231, 16249,
-    16253, 16267, 16273, 16301, 16319, 16333, 16339, 16349,
-    16361, 16363, 16369, 16381, 16411, 16417, 16421, 16427,
-    16433, 16447, 16451, 16453, 16477, 16481, 16487, 16493,
-    16519, 16529, 16547, 16553, 16561, 16567, 16573, 16603,
-    16607, 16619, 16631, 16633, 16649, 16651, 16657, 16661,
-    16673, 16691, 16693, 16699, 16703, 16729, 16741, 16747,
-    16759, 16763, 16787, 16811, 16823, 16829, 16831, 16843,
-    16871, 16879, 16883, 16889, 16901, 16903, 16921, 16927,
-    16931, 16937, 16943, 16963, 16979, 16981, 16987, 16993,
-    17011, 17021, 17027, 17029, 17033, 17041, 17047, 17053,
-    17077, 17093, 17099, 17107, 17117, 17123, 17137, 17159,
-    17167, 17183, 17189, 17191, 17203, 17207, 17209, 17231,
-    17239, 17257, 17291, 17293, 17299, 17317, 17321, 17327,
-    17333, 17341, 17351, 17359, 17377, 17383, 17387, 17389,
-    17393, 17401, 17417, 17419, 17431, 17443, 17449, 17467,
-    17471, 17477, 17483, 17489, 17491, 17497, 17509, 17519,
-    17539, 17551, 17569, 17573, 17579, 17581, 17597, 17599,
-    17609, 17623, 17627, 17657, 17659, 17669, 17681, 17683,
-    17707, 17713, 17729, 17737, 17747, 17749, 17761, 17783,
-    17789, 17791, 17807, 17827, 17837, 17839, 17851, 17863,
+       257,   263,
+       269,   271,   277,   281,   283,   293,   307,   311,
+       313,   317,   331,   337,   347,   349,   353,   359,
+       367,   373,   379,   383,   389,   397,   401,   409,
+       419,   421,   431,   433,   439,   443,   449,   457,
+       461,   463,   467,   479,   487,   491,   499,   503,
+       509,   521,   523,   541,   547,   557,   563,   569,
+       571,   577,   587,   593,   599,   601,   607,   613,
+       617,   619,   631,   641,   643,   647,   653,   659,
+       661,   673,   677,   683,   691,   701,   709,   719,
+       727,   733,   739,   743,   751,   757,   761,   769,
+       773,   787,   797,   809,   811,   821,   823,   827,
+       829,   839,   853,   857,   859,   863,   877,   881,
+       883,   887,   907,   911,   919,   929,   937,   941,
+       947,   953,   967,   971,   977,   983,   991,   997,
+      1009,  1013,  1019,  1021,  1031,  1033,  1039,  1049,
+      1051,  1061,  1063,  1069,  1087,  1091,  1093,  1097,
+      1103,  1109,  1117,  1123,  1129,  1151,  1153,  1163,
+      1171,  1181,  1187,  1193,  1201,  1213,  1217,  1223,
+      1229,  1231,  1237,  1249,  1259,  1277,  1279,  1283,
+      1289,  1291,  1297,  1301,  1303,  1307,  1319,  1321,
+      1327,  1361,  1367,  1373,  1381,  1399,  1409,  1423,
+      1427,  1429,  1433,  1439,  1447,  1451,  1453,  1459,
+      1471,  1481,  1483,  1487,  1489,  1493,  1499,  1511,
+      1523,  1531,  1543,  1549,  1553,  1559,  1567,  1571,
+      1579,  1583,  1597,  1601,  1607,  1609,  1613,  1619,
+      1621,  1627,  1637,  1657,  1663,  1667,  1669,  1693,
+      1697,  1699,  1709,  1721,  1723,  1733,  1741,  1747,
+      1753,  1759,  1777,  1783,  1787,  1789,  1801,  1811,
+      1823,  1831,  1847,  1861,  1867,  1871,  1873,  1877,
+      1879,  1889,  1901,  1907,  1913,  1931,  1933,  1949,
+      1951,  1973,  1979,  1987,  1993,  1997,  1999,  2003,
+      2011,  2017,  2027,  2029,  2039,  2053,  2063,  2069,
+      2081,  2083,  2087,  2089,  2099,  2111,  2113,  2129,
+      2131,  2137,  2141,  2143,  2153,  2161,  2179,  2203,
+      2207,  2213,  2221,  2237,  2239,  2243,  2251,  2267,
+      2269,  2273,  2281,  2287,  2293,  2297,  2309,  2311,
+      2333,  2339,  2341,  2347,  2351,  2357,  2371,  2377,
+      2381,  2383,  2389,  2393,  2399,  2411,  2417,  2423,
+      2437,  2441,  2447,  2459,  2467,  2473,  2477,  2503,
+      2521,  2531,  2539,  2543,  2549,  2551,  2557,  2579,
+      2591,  2593,  2609,  2617,  2621,  2633,  2647,  2657,
+      2659,  2663,  2671,  2677,  2683,  2687,  2689,  2693,
+      2699,  2707,  2711,  2713,  2719,  2729,  2731,  2741,
+      2749,  2753,  2767,  2777,  2789,  2791,  2797,  2801,
+      2803,  2819,  2833,  2837,  2843,  2851,  2857,  2861,
+      2879,  2887,  2897,  2903,  2909,  2917,  2927,  2939,
+      2953,  2957,  2963,  2969,  2971,  2999,  3001,  3011,
+      3019,  3023,  3037,  3041,  3049,  3061,  3067,  3079,
+      3083,  3089,  3109,  3119,  3121,  3137,  3163,  3167,
+      3169,  3181,  3187,  3191,  3203,  3209,  3217,  3221,
+      3229,  3251,  3253,  3257,  3259,  3271,  3299,  3301,
+      3307,  3313,  3319,  3323,  3329,  3331,  3343,  3347,
+      3359,  3361,  3371,  3373,  3389,  3391,  3407,  3413,
+      3433,  3449,  3457,  3461,  3463,  3467,  3469,  3491,
+      3499,  3511,  3517,  3527,  3529,  3533,  3539,  3541,
+      3547,  3557,  3559,  3571,  3581,  3583,  3593,  3607,
+      3613,  3617,  3623,  3631,  3637,  3643,  3659,  3671,
+      3673,  3677,  3691,  3697,  3701,  3709,  3719,  3727,
+      3733,  3739,  3761,  3767,  3769,  3779,  3793,  3797,
+      3803,  3821,  3823,  3833,  3847,  3851,  3853,  3863,
+      3877,  3881,  3889,  3907,  3911,  3917,  3919,  3923,
+      3929,  3931,  3943,  3947,  3967,  3989,  4001,  4003,
+      4007,  4013,  4019,  4021,  4027,  4049,  4051,  4057,
+      4073,  4079,  4091,  4093,  4099,  4111,  4127,  4129,
+      4133,  4139,  4153,  4157,  4159,  4177,  4201,  4211,
+      4217,  4219,  4229,  4231,  4241,  4243,  4253,  4259,
+      4261,  4271,  4273,  4283,  4289,  4297,  4327,  4337,
+      4339,  4349,  4357,  4363,  4373,  4391,  4397,  4409,
+      4421,  4423,  4441,  4447,  4451,  4457,  4463,  4481,
+      4483,  4493,  4507,  4513,  4517,  4519,  4523,  4547,
+      4549,  4561,  4567,  4583,  4591,  4597,  4603,  4621,
+      4637,  4639,  4643,  4649,  4651,  4657,  4663,  4673,
+      4679,  4691,  4703,  4721,  4723,  4729,  4733,  4751,
+      4759,  4783,  4787,  4789,  4793,  4799,  4801,  4813,
+      4817,  4831,  4861,  4871,  4877,  4889,  4903,  4909,
+      4919,  4931,  4933,  4937,  4943,  4951,  4957,  4967,
+      4969,  4973,  4987,  4993,  4999,  5003,  5009,  5011,
+      5021,  5023,  5039,  5051,  5059,  5077,  5081,  5087,
+      5099,  5101,  5107,  5113,  5119,  5147,  5153,  5167,
+      5171,  5179,  5189,  5197,  5209,  5227,  5231,  5233,
+      5237,  5261,  5273,  5279,  5281,  5297,  5303,  5309,
+      5323,  5333,  5347,  5351,  5381,  5387,  5393,  5399,
+      5407,  5413,  5417,  5419,  5431,  5437,  5441,  5443,
+      5449,  5471,  5477,  5479,  5483,  5501,  5503,  5507,
+      5519,  5521,  5527,  5531,  5557,  5563,  5569,  5573,
+      5581,  5591,  5623,  5639,  5641,  5647,  5651,  5653,
+      5657,  5659,  5669,  5683,  5689,  5693,  5701,  5711,
+      5717,  5737,  5741,  5743,  5749,  5779,  5783,  5791,
+      5801,  5807,  5813,  5821,  5827,  5839,  5843,  5849,
+      5851,  5857,  5861,  5867,  5869,  5879,  5881,  5897,
+      5903,  5923,  5927,  5939,  5953,  5981,  5987,  6007,
+      6011,  6029,  6037,  6043,  6047,  6053,  6067,  6073,
+      6079,  6089,  6091,  6101,  6113,  6121,  6131,  6133,
+      6143,  6151,  6163,  6173,  6197,  6199,  6203,  6211,
+      6217,  6221,  6229,  6247,  6257,  6263,  6269,  6271,
+      6277,  6287,  6299,  6301,  6311,  6317,  6323,  6329,
+      6337,  6343,  6353,  6359,  6361,  6367,  6373,  6379,
+      6389,  6397,  6421,  6427,  6449,  6451,  6469,  6473,
+      6481,  6491,  6521,  6529,  6547,  6551,  6553,  6563,
+      6569,  6571,  6577,  6581,  6599,  6607,  6619,  6637,
+      6653,  6659,  6661,  6673,  6679,  6689,  6691,  6701,
+      6703,  6709,  6719,  6733,  6737,  6761,  6763,  6779,
+      6781,  6791,  6793,  6803,  6823,  6827,  6829,  6833,
+      6841,  6857,  6863,  6869,  6871,  6883,  6899,  6907,
+      6911,  6917,  6947,  6949,  6959,  6961,  6967,  6971,
+      6977,  6983,  6991,  6997,  7001,  7013,  7019,  7027,
+      7039,  7043,  7057,  7069,  7079,  7103,  7109,  7121,
+      7127,  7129,  7151,  7159,  7177,  7187,  7193,  7207,
+      7211,  7213,  7219,  7229,  7237,  7243,  7247,  7253,
+      7283,  7297,  7307,  7309,  7321,  7331,  7333,  7349,
+      7351,  7369,  7393,  7411,  7417,  7433,  7451,  7457,
+      7459,  7477,  7481,  7487,  7489,  7499,  7507,  7517,
+      7523,  7529,  7537,  7541,  7547,  7549,  7559,  7561,
+      7573,  7577,  7583,  7589,  7591,  7603,  7607,  7621,
+      7639,  7643,  7649,  7669,  7673,  7681,  7687,  7691,
+      7699,  7703,  7717,  7723,  7727,  7741,  7753,  7757,
+      7759,  7789,  7793,  7817,  7823,  7829,  7841,  7853,
+      7867,  7873,  7877,  7879,  7883,  7901,  7907,  7919,
+      7927,  7933,  7937,  7949,  7951,  7963,  7993,  8009,
+      8011,  8017,  8039,  8053,  8059,  8069,  8081,  8087,
+      8089,  8093,  8101,  8111,  8117,  8123,  8147,  8161,
+      8167,  8171,  8179,  8191,  8209,  8219,  8221,  8231,
+      8233,  8237,  8243,  8263,  8269,  8273,  8287,  8291,
+      8293,  8297,  8311,  8317,  8329,  8353,  8363,  8369,
+      8377,  8387,  8389,  8419,  8423,  8429,  8431,  8443,
+      8447,  8461,  8467,  8501,  8513,  8521,  8527,  8537,
+      8539,  8543,  8563,  8573,  8581,  8597,  8599,  8609,
+      8623,  8627,  8629,  8641,  8647,  8663,  8669,  8677,
+      8681,  8689,  8693,  8699,  8707,  8713,  8719,  8731,
+      8737,  8741,  8747,  8753,  8761,  8779,  8783,  8803,
+      8807,  8819,  8821,  8831,  8837,  8839,  8849,  8861,
+      8863,  8867,  8887,  8893,  8923,  8929,  8933,  8941,
+      8951,  8963,  8969,  8971,  8999,  9001,  9007,  9011,
+      9013,  9029,  9041,  9043,  9049,  9059,  9067,  9091,
+      9103,  9109,  9127,  9133,  9137,  9151,  9157,  9161,
+      9173,  9181,  9187,  9199,  9203,  9209,  9221,  9227,
+      9239,  9241,  9257,  9277,  9281,  9283,  9293,  9311,
+      9319,  9323,  9337,  9341,  9343,  9349,  9371,  9377,
+      9391,  9397,  9403,  9413,  9419,  9421,  9431,  9433,
+      9437,  9439,  9461,  9463,  9467,  9473,  9479,  9491,
+      9497,  9511,  9521,  9533,  9539,  9547,  9551,  9587,
+      9601,  9613,  9619,  9623,  9629,  9631,  9643,  9649,
+      9661,  9677,  9679,  9689,  9697,  9719,  9721,  9733,
+      9739,  9743,  9749,  9767,  9769,  9781,  9787,  9791,
+      9803,  9811,  9817,  9829,  9833,  9839,  9851,  9857,
+      9859,  9871,  9883,  9887,  9901,  9907,  9923,  9929,
+      9931,  9941,  9949,  9967,  9973, 10007, 10009, 10037,
+     10039, 10061, 10067, 10069, 10079, 10091, 10093, 10099,
+     10103, 10111, 10133, 10139, 10141, 10151, 10159, 10163,
+     10169, 10177, 10181, 10193, 10211, 10223, 10243, 10247,
+     10253, 10259, 10267, 10271, 10273, 10289, 10301, 10303,
+     10313, 10321, 10331, 10333, 10337, 10343, 10357, 10369,
+     10391, 10399, 10427, 10429, 10433, 10453, 10457, 10459,
+     10463, 10477, 10487, 10499, 10501, 10513, 10529, 10531,
+     10559, 10567, 10589, 10597, 10601, 10607, 10613, 10627,
+     10631, 10639, 10651, 10657, 10663, 10667, 10687, 10691,
+     10709, 10711, 10723, 10729, 10733, 10739, 10753, 10771,
+     10781, 10789, 10799, 10831, 10837, 10847, 10853, 10859,
+     10861, 10867, 10883, 10889, 10891, 10903, 10909, 10937,
+     10939, 10949, 10957, 10973, 10979, 10987, 10993, 11003,
+     11027, 11047, 11057, 11059, 11069, 11071, 11083, 11087,
+     11093, 11113, 11117, 11119, 11131, 11149, 11159, 11161,
+     11171, 11173, 11177, 11197, 11213, 11239, 11243, 11251,
+     11257, 11261, 11273, 11279, 11287, 11299, 11311, 11317,
+     11321, 11329, 11351, 11353, 11369, 11383, 11393, 11399,
+     11411, 11423, 11437, 11443, 11447, 11467, 11471, 11483,
+     11489, 11491, 11497, 11503, 11519, 11527, 11549, 11551,
+     11579, 11587, 11593, 11597, 11617, 11621, 11633, 11657,
+     11677, 11681, 11689, 11699, 11701, 11717, 11719, 11731,
+     11743, 11777, 11779, 11783, 11789, 11801, 11807, 11813,
+     11821, 11827, 11831, 11833, 11839, 11863, 11867, 11887,
+     11897, 11903, 11909, 11923, 11927, 11933, 11939, 11941,
+     11953, 11959, 11969, 11971, 11981, 11987, 12007, 12011,
+     12037, 12041, 12043, 12049, 12071, 12073, 12097, 12101,
+     12107, 12109, 12113, 12119, 12143, 12149, 12157, 12161,
+     12163, 12197, 12203, 12211, 12227, 12239, 12241, 12251,
+     12253, 12263, 12269, 12277, 12281, 12289, 12301, 12323,
+     12329, 12343, 12347, 12373, 12377, 12379, 12391, 12401,
+     12409, 12413, 12421, 12433, 12437, 12451, 12457, 12473,
+     12479, 12487, 12491, 12497, 12503, 12511, 12517, 12527,
+     12539, 12541, 12547, 12553, 12569, 12577, 12583, 12589,
+     12601, 12611, 12613, 12619, 12637, 12641, 12647, 12653,
+     12659, 12671, 12689, 12697, 12703, 12713, 12721, 12739,
+     12743, 12757, 12763, 12781, 12791, 12799, 12809, 12821,
+     12823, 12829, 12841, 12853, 12889, 12893, 12899, 12907,
+     12911, 12917, 12919, 12923, 12941, 12953, 12959, 12967,
+     12973, 12979, 12983, 13001, 13003, 13007, 13009, 13033,
+     13037, 13043, 13049, 13063, 13093, 13099, 13103, 13109,
+     13121, 13127, 13147, 13151, 13159, 13163, 13171, 13177,
+     13183, 13187, 13217, 13219, 13229, 13241, 13249, 13259,
+     13267, 13291, 13297, 13309, 13313, 13327, 13331, 13337,
+     13339, 13367, 13381, 13397, 13399, 13411, 13417, 13421,
+     13441, 13451, 13457, 13463, 13469, 13477, 13487, 13499,
+     13513, 13523, 13537, 13553, 13567, 13577, 13591, 13597,
+     13613, 13619, 13627, 13633, 13649, 13669, 13679, 13681,
+     13687, 13691, 13693, 13697, 13709, 13711, 13721, 13723,
+     13729, 13751, 13757, 13759, 13763, 13781, 13789, 13799,
+     13807, 13829, 13831, 13841, 13859, 13873, 13877, 13879,
+     13883, 13901, 13903, 13907, 13913, 13921, 13931, 13933,
+     13963, 13967, 13997, 13999, 14009, 14011, 14029, 14033,
+     14051, 14057, 14071, 14081, 14083, 14087, 14107, 14143,
+     14149, 14153, 14159, 14173, 14177, 14197, 14207, 14221,
+     14243, 14249, 14251, 14281, 14293, 14303, 14321, 14323,
+     14327, 14341, 14347, 14369, 14387, 14389, 14401, 14407,
+     14411, 14419, 14423, 14431, 14437, 14447, 14449, 14461,
+     14479, 14489, 14503, 14519, 14533, 14537, 14543, 14549,
+     14551, 14557, 14561, 14563, 14591, 14593, 14621, 14627,
+     14629, 14633, 14639, 14653, 14657, 14669, 14683, 14699,
+     14713, 14717, 14723, 14731, 14737, 14741, 14747, 14753,
+     14759, 14767, 14771, 14779, 14783, 14797, 14813, 14821,
+     14827, 14831, 14843, 14851, 14867, 14869, 14879, 14887,
+     14891, 14897, 14923, 14929, 14939, 14947, 14951, 14957,
+     14969, 14983, 15013, 15017, 15031, 15053, 15061, 15073,
+     15077, 15083, 15091, 15101, 15107, 15121, 15131, 15137,
+     15139, 15149, 15161, 15173, 15187, 15193, 15199, 15217,
+     15227, 15233, 15241, 15259, 15263, 15269, 15271, 15277,
+     15287, 15289, 15299, 15307, 15313, 15319, 15329, 15331,
+     15349, 15359, 15361, 15373, 15377, 15383, 15391, 15401,
+     15413, 15427, 15439, 15443, 15451, 15461, 15467, 15473,
+     15493, 15497, 15511, 15527, 15541, 15551, 15559, 15569,
+     15581, 15583, 15601, 15607, 15619, 15629, 15641, 15643,
+     15647, 15649, 15661, 15667, 15671, 15679, 15683, 15727,
+     15731, 15733, 15737, 15739, 15749, 15761, 15767, 15773,
+     15787, 15791, 15797, 15803, 15809, 15817, 15823, 15859,
+     15877, 15881, 15887, 15889, 15901, 15907, 15913, 15919,
+     15923, 15937, 15959, 15971, 15973, 15991, 16001, 16007,
+     16033, 16057, 16061, 16063, 16067, 16069, 16073, 16087,
+     16091, 16097, 16103, 16111, 16127, 16139, 16141, 16183,
+     16187, 16189, 16193, 16217, 16223, 16229, 16231, 16249,
+     16253, 16267, 16273, 16301, 16319, 16333, 16339, 16349,
+     16361, 16363, 16369, 16381, 16411, 16417, 16421, 16427,
+     16433, 16447, 16451, 16453, 16477, 16481, 16487, 16493,
+     16519, 16529, 16547, 16553, 16561, 16567, 16573, 16603,
+     16607, 16619, 16631, 16633, 16649, 16651, 16657, 16661,
+     16673, 16691, 16693, 16699, 16703, 16729, 16741, 16747,
+     16759, 16763, 16787, 16811, 16823, 16829, 16831, 16843,
+     16871, 16879, 16883, 16889, 16901, 16903, 16921, 16927,
+     16931, 16937, 16943, 16963, 16979, 16981, 16987, 16993,
+     17011, 17021, 17027, 17029, 17033, 17041, 17047, 17053,
+     17077, 17093, 17099, 17107, 17117, 17123, 17137, 17159,
+     17167, 17183, 17189, 17191, 17203, 17207, 17209, 17231,
+     17239, 17257, 17291, 17293, 17299, 17317, 17321, 17327,
+     17333, 17341, 17351, 17359, 17377, 17383, 17387, 17389,
+     17393, 17401, 17417, 17419, 17431, 17443, 17449, 17467,
+     17471, 17477, 17483, 17489, 17491, 17497, 17509, 17519,
+     17539, 17551, 17569, 17573, 17579, 17581, 17597, 17599,
+     17609, 17623, 17627, 17657, 17659, 17669, 17681, 17683,
+     17707, 17713, 17729, 17737, 17747, 17749, 17761, 17783,
+     17789, 17791, 17807, 17827, 17837, 17839, 17851, 17863,
 #endif
 };
diff --git a/crypto/bn/bn_prime.pl b/crypto/bn/bn_prime.pl
index 3fafb6f3..6bede65e 100644
--- a/crypto/bn/bn_prime.pl
+++ b/crypto/bn/bn_prime.pl
@@ -26,7 +26,7 @@ loop: while ($#primes < $num-1)
 #  * the code are not to be removed.
 #  * See the COPYRIGHT file in the SSLeay distribution for more details.
 #  */
-# 
+#
 # EOF
 
 print <<\EOF;
@@ -37,21 +37,21 @@ print <<\EOF;
  * This package is an SSL implementation written
  * by Eric Young (eay@cryptsoft.com).
  * The implementation was written so as to conform with Netscapes SSL.
- * 
+ *
  * This library is free for commercial and non-commercial use as long as
  * the following conditions are aheared to.  The following conditions
  * apply to all code found in this distribution, be it the RC4, RSA,
  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
  * included with this distribution is covered by the same copyright terms
  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
+ *
  * Copyright remains Eric Young's, and as such any Copyright notices in
  * the code are not to be removed.
  * If this package is used in a product, Eric Young should be given attribution
  * as the author of the parts of the library used.
  * This can be in the form of a textual message at program startup or
  * in documentation (online or textual) provided with the package.
- * 
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -66,10 +66,10 @@ print <<\EOF;
  *     Eric Young (eay@cryptsoft.com)"
  *    The word 'cryptographic' can be left out if the rouines from the library
  *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
+ * 4. If you include any Windows specific code (or a derivative thereof) from
  *    the apps directory (application code) you must include an acknowledgement:
  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
+ *
  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -81,7 +81,7 @@ print <<\EOF;
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
- * 
+ *
  * The licence and distribution terms for any publically available version or
  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  * copied and put under another distribution licence
@@ -100,20 +100,20 @@ for ($i=0; $i <= $#primes; $i++)
 	}
 
 printf "#ifndef EIGHT_BIT\n";
-printf "#define NUMPRIMES %d\n",$num;
+printf "# define NUMPRIMES %d\n",$num;
 printf "typedef unsigned short prime_t;\n";
 printf "#else\n";
-printf "#define NUMPRIMES %d\n",$eight;
+printf "# define NUMPRIMES %d\n",$eight;
 printf "typedef unsigned char prime_t;\n";
 printf "#endif\n";
-print "static const prime_t primes[NUMPRIMES]=\n\t{\n\t";
+print "static const prime_t primes[NUMPRIMES] = {";
 $init=0;
 for ($i=0; $i <= $#primes; $i++)
 	{
-	printf "\n#ifndef EIGHT_BIT\n\t" if ($primes[$i] > 256) && !($init++);
-	printf("\n\t") if (($i%8) == 0) && ($i != 0);
-	printf("%4d,",$primes[$i]);
+	printf "\n#ifndef EIGHT_BIT\n    " if ($primes[$i] > 256) && !($init++);
+	printf("\n    ") if ($i%8) == 0;
+	printf(" %5d,",$primes[$i]);
 	}
-print "\n#endif\n\t};\n";
+print "\n#endif\n};\n";
 
 
diff --git a/crypto/bn/bn_print.c b/crypto/bn/bn_print.c
index f121fb6e..c0b029da 100644
--- a/crypto/bn/bn_print.c
+++ b/crypto/bn/bn_print.c
@@ -82,8 +82,6 @@ char *BN_bn2hex(const BIGNUM *a)
     p = buf;
     if (a->neg)
         *(p++) = '-';
-    if (BN_is_zero(a))
-        *(p++) = '0';
     for (i = a->top - 1; i >= 0; i--) {
         for (j = BN_BITS2 - 8; j >= 0; j -= 8) {
             /* strip leading zeros */
@@ -393,10 +391,10 @@ char *BN_options(void)
     if (!init) {
         init++;
 #ifdef BN_LLONG
-        BIO_snprintf(data, sizeof data, "bn(%d,%d)",
+        BIO_snprintf(data, sizeof(data), "bn(%d,%d)",
                      (int)sizeof(BN_ULLONG) * 8, (int)sizeof(BN_ULONG) * 8);
 #else
-        BIO_snprintf(data, sizeof data, "bn(%d,%d)",
+        BIO_snprintf(data, sizeof(data), "bn(%d,%d)",
                      (int)sizeof(BN_ULONG) * 8, (int)sizeof(BN_ULONG) * 8);
 #endif
     }
diff --git a/crypto/bn/bn_x931p.c b/crypto/bn/bn_x931p.c
index efa48bdf..f444af3f 100644
--- a/crypto/bn/bn_x931p.c
+++ b/crypto/bn/bn_x931p.c
@@ -217,6 +217,8 @@ int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx)
 
     BN_CTX_start(ctx);
     t = BN_CTX_get(ctx);
+    if (t == NULL)
+        goto err;
 
     for (i = 0; i < 1000; i++) {
         if (!BN_rand(Xq, nbits, 1, 0))
@@ -255,10 +257,12 @@ int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
     int ret = 0;
 
     BN_CTX_start(ctx);
-    if (!Xp1)
+    if (Xp1 == NULL)
         Xp1 = BN_CTX_get(ctx);
-    if (!Xp2)
+    if (Xp2 == NULL)
         Xp2 = BN_CTX_get(ctx);
+    if (Xp1 == NULL || Xp2 == NULL)
+        goto error;
 
     if (!BN_rand(Xp1, 101, 0, 0))
         goto error;
diff --git a/crypto/bn/bntest.c b/crypto/bn/bntest.c
index a327b1a6..abe5dbe0 100644
--- a/crypto/bn/bntest.c
+++ b/crypto/bn/bntest.c
@@ -148,7 +148,7 @@ int main(int argc, char *argv[])
 
     results = 0;
 
-    RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_generate_prime may fail */
+    RAND_seed(rnd_seed, sizeof(rnd_seed)); /* or BN_generate_prime may fail */
 
     argc--;
     argv++;
diff --git a/crypto/bn/expspeed.c b/crypto/bn/expspeed.c
index 513a568a..8ea980cd 100644
--- a/crypto/bn/expspeed.c
+++ b/crypto/bn/expspeed.c
@@ -198,7 +198,7 @@ static int mul_c[NUM_SIZES] =
  * static int sizes[NUM_SIZES]={59,179,299,419,539};
  */
 
-#define RAND_SEED(string) { const char str[] = string; RAND_seed(string, sizeof str); }
+#define RAND_SEED(string) { const char str[] = string; RAND_seed(string, sizeof(str)); }
 
 void do_mul_exp(BIGNUM *r, BIGNUM *a, BIGNUM *b, BIGNUM *c, BN_CTX *ctx);
 
diff --git a/crypto/bn/exptest.c b/crypto/bn/exptest.c
index ac611c2e..779ee902 100644
--- a/crypto/bn/exptest.c
+++ b/crypto/bn/exptest.c
@@ -183,9 +183,11 @@ int main(int argc, char *argv[])
     unsigned char c;
     BIGNUM *r_mont, *r_mont_const, *r_recp, *r_simple, *a, *b, *m;
 
-    RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_rand may fail, and we
-                                           * don't even check its return
-                                           * value (which we should) */
+    /*
+     * Seed or BN_rand may fail, and we don't even check its return
+     * value (which we should)
+     */
+    RAND_seed(rnd_seed, sizeof(rnd_seed));
 
     ERR_load_BN_strings();
 
diff --git a/crypto/buildinf.h b/crypto/buildinf.h
index 9584f4e1..d65ecf72 100644
--- a/crypto/buildinf.h
+++ b/crypto/buildinf.h
@@ -7,13 +7,13 @@
 #endif
 #ifdef MK1MF_PLATFORM_VC_WIN32
   /* auto-generated/updated by util/mk1mf.pl for crypto/cversion.c */
-  #define CFLAGS "compiler: cl  /MD /Ox /O2 /Ob2 -DOPENSSL_THREADS  -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DOPENSSL_USE_APPLINK -I. -DOPENSSL_NO_IDEA -DOPENSSL_NO_RC5 -DOPENSSL_NO_MD2 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_SSL2 -DOPENSSL_NO_KRB5 -DOPENSSL_NO_JPAKE -DOPENSSL_NO_WEAK_SSL_CIPHERS -DOPENSSL_NO_STATIC_ENGINE    "
+  #define CFLAGS "compiler: cl  /MD /Ox /O2 /Ob2 -DOPENSSL_THREADS  -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DOPENSSL_USE_APPLINK -I. -DOPENSSL_NO_IDEA -DOPENSSL_NO_RC5 -DOPENSSL_NO_MD2 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_SSL2 -DOPENSSL_NO_KRB5 -DOPENSSL_NO_JPAKE -DOPENSSL_NO_WEAK_SSL_CIPHERS -DOPENSSL_NO_STATIC_ENGINE    "
   #define PLATFORM "VC-WIN32"
-  #define DATE "Fri Mar  3 21:16:05 2017"
+  #define DATE "Fri Apr 13 17:33:21 2018"
 #endif
 #ifdef MK1MF_PLATFORM_BC_NT
   /* auto-generated/updated by util/mk1mf.pl for crypto/cversion.c */
   #define CFLAGS "compiler: bcc32 -DWIN32_LEAN_AND_MEAN -q -w-ccc -w-rch -w-pia -w-aus -w-par -w-inl  -c -tWC -tWM -DOPENSSL_SYSNAME_WIN32 -DL_ENDIAN -DDSO_WIN32 -D_stricmp=stricmp -D_strnicmp=strnicmp -O2 -ff -fp -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM -DOPENSSL_NO_IDEA -DOPENSSL_NO_RC5 -DOPENSSL_NO_MD2 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_SSL2 -DOPENSSL_NO_KRB5 -DOPENSSL_NO_JPAKE -DOPENSSL_NO_WEAK_SSL_CIPHERS -DOPENSSL_NO_DYNAMIC_ENGINE    "
   #define PLATFORM "BC-NT"
-  #define DATE "Fri Mar  3 21:16:05 2017"
+  #define DATE "Fri Apr 13 17:33:21 2018"
 #endif
diff --git a/crypto/comp/c_rle.c b/crypto/comp/c_rle.c
index e9aabbd1..41919613 100644
--- a/crypto/comp/c_rle.c
+++ b/crypto/comp/c_rle.c
@@ -31,12 +31,11 @@ static int rle_compress_block(COMP_CTX *ctx, unsigned char *out,
                               unsigned int olen, unsigned char *in,
                               unsigned int ilen)
 {
-    /* int i; */
+    if (ilen == 0)
+        return 0;
 
-    if (ilen == 0 || olen < (ilen - 1)) {
-        /* ZZZZZZZZZZZZZZZZZZZZZZ */
-        return (-1);
-    }
+    if (olen <= ilen)
+        return -1;
 
     *(out++) = 0;
     memcpy(out, in, ilen);
@@ -49,14 +48,16 @@ static int rle_expand_block(COMP_CTX *ctx, unsigned char *out,
 {
     int i;
 
-    if (olen < (ilen - 1)) {
-        /* ZZZZZZZZZZZZZZZZZZZZZZ */
-        return (-1);
-    }
+    if (ilen == 0)
+        return 0;
+
+    if (olen < (ilen - 1))
+        return -1;
 
     i = *(in++);
-    if (i == 0) {
-        memcpy(out, in, ilen - 1);
-    }
+    if (i != 0)
+        return -1;
+
+    memcpy(out, in, ilen - 1);
     return (ilen - 1);
 }
diff --git a/crypto/conf/conf.h b/crypto/conf/conf.h
index 8d926d5d..fe491130 100644
--- a/crypto/conf/conf.h
+++ b/crypto/conf/conf.h
@@ -259,6 +259,7 @@ void ERR_load_CONF_strings(void);
 # define CONF_R_NO_VALUE                                  108
 # define CONF_R_UNABLE_TO_CREATE_NEW_SECTION              103
 # define CONF_R_UNKNOWN_MODULE_NAME                       113
+# define CONF_R_VARIABLE_EXPANSION_TOO_LONG               116
 # define CONF_R_VARIABLE_HAS_NO_VALUE                     104
 
 #ifdef  __cplusplus
diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c
index 68c77cec..6237f6a1 100644
--- a/crypto/conf/conf_def.c
+++ b/crypto/conf/conf_def.c
@@ -69,6 +69,12 @@
 #include <openssl/buffer.h>
 #include <openssl/err.h>
 
+/*
+ * The maximum length we can grow a value to after variable expansion. 64k
+ * should be more than enough for all reasonable uses.
+ */
+#define MAX_CONF_VALUE_LENGTH       65536
+
 static char *eat_ws(CONF *conf, char *p);
 static char *eat_alpha_numeric(CONF *conf, char *p);
 static void clear_comments(CONF *conf, char *p);
@@ -417,7 +423,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
         OPENSSL_free(section);
     if (line != NULL)
         *line = eline;
-    BIO_snprintf(btmp, sizeof btmp, "%ld", eline);
+    BIO_snprintf(btmp, sizeof(btmp), "%ld", eline);
     ERR_add_error_data(2, "line ", btmp);
     if ((h != conf->data) && (conf->data != NULL)) {
         CONF_free(conf->data);
@@ -530,6 +536,8 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from)
         } else if (IS_EOF(conf, *from))
             break;
         else if (*from == '$') {
+            size_t newsize;
+
             /* try to expand it */
             rrp = NULL;
             s = &(from[1]);
@@ -584,8 +592,12 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from)
                 CONFerr(CONF_F_STR_COPY, CONF_R_VARIABLE_HAS_NO_VALUE);
                 goto err;
             }
-            if (!BUF_MEM_grow_clean(buf,
-                        (strlen(p) + buf->length - (e - from)))) {
+            newsize = strlen(p) + buf->length - (e - from);
+            if (newsize > MAX_CONF_VALUE_LENGTH) {
+                CONFerr(CONF_F_STR_COPY, CONF_R_VARIABLE_EXPANSION_TOO_LONG);
+                goto err;
+            }
+            if (!BUF_MEM_grow_clean(buf, newsize)) {
                 CONFerr(CONF_F_STR_COPY, ERR_R_MALLOC_FAILURE);
                 goto err;
             }
diff --git a/crypto/conf/conf_err.c b/crypto/conf/conf_err.c
index bb5e2fe2..b0b6896f 100644
--- a/crypto/conf/conf_err.c
+++ b/crypto/conf/conf_err.c
@@ -115,6 +115,8 @@ static ERR_STRING_DATA CONF_str_reasons[] = {
     {ERR_REASON(CONF_R_UNABLE_TO_CREATE_NEW_SECTION),
      "unable to create new section"},
     {ERR_REASON(CONF_R_UNKNOWN_MODULE_NAME), "unknown module name"},
+    {ERR_REASON(CONF_R_VARIABLE_EXPANSION_TOO_LONG),
+     "variable expansion too long"},
     {ERR_REASON(CONF_R_VARIABLE_HAS_NO_VALUE), "variable has no value"},
     {0, NULL}
 };
diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c
index e0c9a67f..e2a9a816 100644
--- a/crypto/conf/conf_mod.c
+++ b/crypto/conf/conf_mod.c
@@ -221,7 +221,7 @@ static int module_run(const CONF *cnf, char *name, char *value,
         if (!(flags & CONF_MFLAGS_SILENT)) {
             char rcode[DECIMAL_SIZE(ret) + 1];
             CONFerr(CONF_F_MODULE_RUN, CONF_R_MODULE_INITIALIZATION_ERROR);
-            BIO_snprintf(rcode, sizeof rcode, "%-8d", ret);
+            BIO_snprintf(rcode, sizeof(rcode), "%-8d", ret);
             ERR_add_error_data(6, "module=", name, ", value=", value,
                                ", retcode=", rcode);
         }
diff --git a/crypto/cryptlib.c b/crypto/cryptlib.c
index 1925428f..5fab45b2 100644
--- a/crypto/cryptlib.c
+++ b/crypto/cryptlib.c
@@ -469,11 +469,18 @@ void CRYPTO_THREADID_set_pointer(CRYPTO_THREADID *id, void *ptr)
     }
 }
 
+#ifdef OPENSSL_FIPS
+extern int FIPS_crypto_threadid_set_callback(void (*func) (CRYPTO_THREADID *));
+#endif
+
 int CRYPTO_THREADID_set_callback(void (*func) (CRYPTO_THREADID *))
 {
     if (threadid_callback)
         return 0;
     threadid_callback = func;
+#ifdef OPENSSL_FIPS
+    FIPS_crypto_threadid_set_callback(func);
+#endif
     return 1;
 }
 
diff --git a/crypto/des/Makefile b/crypto/des/Makefile
index 8b5166ca..89156ba5 100644
--- a/crypto/des/Makefile
+++ b/crypto/des/Makefile
@@ -107,7 +107,7 @@ dclean:
 	mv -f Makefile.new $(MAKEFILE)
 
 clean:
-	rm -f *.s *.o *.obj des lib tags core .pure .nfs* *.old *.bak fluff
+	rm -f *.s *.S *.o *.obj des lib tags core .pure .nfs* *.old *.bak fluff
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
 
diff --git a/crypto/des/destest.c b/crypto/des/destest.c
index c6be3420..f2041c1e 100644
--- a/crypto/des/destest.c
+++ b/crypto/des/destest.c
@@ -398,7 +398,7 @@ int main(int argc, char *argv[])
     i = strlen((char *)cbc_data) + 1;
     /* i=((i+7)/8)*8; */
     memcpy(iv3, cbc_iv, sizeof(cbc_iv));
-    memset(iv2, '\0', sizeof iv2);
+    memset(iv2, '\0', sizeof(iv2));
 
     DES_ede3_cbcm_encrypt(cbc_data, cbc_out, 16L, &ks, &ks2, &ks3, &iv3, &iv2,
                           DES_ENCRYPT);
@@ -412,7 +412,7 @@ int main(int argc, char *argv[])
         }
 */
     memcpy(iv3, cbc_iv, sizeof(cbc_iv));
-    memset(iv2, '\0', sizeof iv2);
+    memset(iv2, '\0', sizeof(iv2));
     DES_ede3_cbcm_encrypt(cbc_out, cbc_in, i, &ks, &ks2, &ks3, &iv3, &iv2,
                           DES_DECRYPT);
     if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data) + 1) != 0) {
diff --git a/crypto/des/ecb_enc.c b/crypto/des/ecb_enc.c
index f97fd971..60470d6d 100644
--- a/crypto/des/ecb_enc.c
+++ b/crypto/des/ecb_enc.c
@@ -96,7 +96,7 @@ const char *DES_options(void)
             size = "int";
         else
             size = "long";
-        BIO_snprintf(buf, sizeof buf, "des(%s,%s,%s,%s)", ptr, risc, unroll,
+        BIO_snprintf(buf, sizeof(buf), "des(%s,%s,%s,%s)", ptr, risc, unroll,
                      size);
         init = 0;
     }
diff --git a/crypto/des/fcrypt.c b/crypto/des/fcrypt.c
index 111f1e46..09f5792b 100644
--- a/crypto/des/fcrypt.c
+++ b/crypto/des/fcrypt.c
@@ -80,10 +80,10 @@ char *DES_crypt(const char *buf, const char *salt)
     e_salt[sizeof(e_salt) - 1] = e_buf[sizeof(e_buf) - 1] = '\0';
 
     /* Convert the e_salt to ASCII, as that's what DES_fcrypt works on */
-    ebcdic2ascii(e_salt, e_salt, sizeof e_salt);
+    ebcdic2ascii(e_salt, e_salt, sizeof(e_salt));
 
     /* Convert the cleartext password to ASCII */
-    ebcdic2ascii(e_buf, e_buf, sizeof e_buf);
+    ebcdic2ascii(e_buf, e_buf, sizeof(e_buf));
 
     /* Encrypt it (from/to ASCII) */
     ret = DES_fcrypt(e_buf, e_salt, buff);
diff --git a/crypto/des/read_pwd.c b/crypto/des/read_pwd.c
index 514a7063..080d3e8d 100644
--- a/crypto/des/read_pwd.c
+++ b/crypto/des/read_pwd.c
@@ -434,7 +434,7 @@ static void pushsig(void)
 # ifdef SIGACTION
     struct sigaction sa;
 
-    memset(&sa, 0, sizeof sa);
+    memset(&sa, 0, sizeof(sa));
     sa.sa_handler = recsig;
 # endif
 
diff --git a/crypto/des/set_key.c b/crypto/des/set_key.c
index 8fd8fe14..0a9ddb4b 100644
--- a/crypto/des/set_key.c
+++ b/crypto/des/set_key.c
@@ -120,7 +120,7 @@ int DES_check_key_parity(const_DES_cblock *key)
 }
 
 /*-
- * Weak and semi week keys as take from
+ * Weak and semi weak keys as taken from
  * %A D.W. Davies
  * %A W.L. Price
  * %T Security for Computer Networks
@@ -377,7 +377,7 @@ void private_DES_set_key_unchecked(const_DES_cblock *key,
     register int i;
 
 #ifdef OPENBSD_DEV_CRYPTO
-    memcpy(schedule->key, key, sizeof schedule->key);
+    memcpy(schedule->key, key, sizeof(schedule->key));
     schedule->session = NULL;
 #endif
     k = &schedule->ks->deslong[0];
diff --git a/crypto/dh/Makefile b/crypto/dh/Makefile
index 46fa5ac5..cc366ec6 100644
--- a/crypto/dh/Makefile
+++ b/crypto/dh/Makefile
@@ -134,7 +134,7 @@ dh_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
 dh_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
 dh_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 dh_gen.o: ../cryptlib.h dh_gen.c
-dh_kdf.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+dh_kdf.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
 dh_kdf.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
 dh_kdf.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
 dh_kdf.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h
index a5bd9016..80b28fb3 100644
--- a/crypto/dh/dh.h
+++ b/crypto/dh/dh.h
@@ -182,12 +182,29 @@ struct dh_st {
  */
 # define DH_CHECK_P_NOT_STRONG_PRIME     DH_CHECK_P_NOT_SAFE_PRIME
 
-# define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
-                (char *(*)())d2i_DHparams,(fp),(unsigned char **)(x))
-# define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \
-                (unsigned char *)(x))
-# define d2i_DHparams_bio(bp,x) ASN1_d2i_bio_of(DH,DH_new,d2i_DHparams,bp,x)
-# define i2d_DHparams_bio(bp,x) ASN1_i2d_bio_of_const(DH,i2d_DHparams,bp,x)
+# define d2i_DHparams_fp(fp,x) \
+    (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
+                      (char *(*)())d2i_DHparams, \
+                      (fp), \
+                      (unsigned char **)(x))
+# define i2d_DHparams_fp(fp,x) \
+    ASN1_i2d_fp(i2d_DHparams,(fp), (unsigned char *)(x))
+# define d2i_DHparams_bio(bp,x) \
+    ASN1_d2i_bio_of(DH, DH_new, d2i_DHparams, bp, x)
+# define i2d_DHparams_bio(bp,x) \
+    ASN1_i2d_bio_of_const(DH,i2d_DHparams,bp,x)
+
+# define d2i_DHxparams_fp(fp,x) \
+    (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
+                      (char *(*)())d2i_DHxparams, \
+                      (fp), \
+                      (unsigned char **)(x))
+# define i2d_DHxparams_fp(fp,x) \
+    ASN1_i2d_fp(i2d_DHxparams,(fp), (unsigned char *)(x))
+# define d2i_DHxparams_bio(bp,x) \
+    ASN1_d2i_bio_of(DH, DH_new, d2i_DHxparams, bp, x)
+# define i2d_DHxparams_bio(bp,x) \
+    ASN1_i2d_bio_of_const(DH, i2d_DHxparams, bp, x)
 
 DH *DHparams_dup(DH *);
 
@@ -240,11 +257,13 @@ DH *DH_get_1024_160(void);
 DH *DH_get_2048_224(void);
 DH *DH_get_2048_256(void);
 
+# ifndef OPENSSL_NO_CMS
 /* RFC2631 KDF */
 int DH_KDF_X9_42(unsigned char *out, size_t outlen,
                  const unsigned char *Z, size_t Zlen,
                  ASN1_OBJECT *key_oid,
                  const unsigned char *ukm, size_t ukmlen, const EVP_MD *md);
+# endif
 
 # define EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len) \
         EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
diff --git a/crypto/dh/dh_kdf.c b/crypto/dh/dh_kdf.c
index a882cb28..8947a087 100644
--- a/crypto/dh/dh_kdf.c
+++ b/crypto/dh/dh_kdf.c
@@ -51,6 +51,9 @@
  * ====================================================================
  */
 
+#include <e_os.h>
+
+#ifndef OPENSSL_NO_CMS
 #include <string.h>
 #include <openssl/dh.h>
 #include <openssl/evp.h>
@@ -185,3 +188,4 @@ int DH_KDF_X9_42(unsigned char *out, size_t outlen,
     EVP_MD_CTX_cleanup(&mctx);
     return rv;
 }
+#endif
diff --git a/crypto/dh/dh_pmeth.c b/crypto/dh/dh_pmeth.c
index b58e3fa8..6452482c 100644
--- a/crypto/dh/dh_pmeth.c
+++ b/crypto/dh/dh_pmeth.c
@@ -207,7 +207,11 @@ static int pkey_dh_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
     case EVP_PKEY_CTRL_DH_KDF_TYPE:
         if (p1 == -2)
             return dctx->kdf_type;
+#ifdef OPENSSL_NO_CMS
+        if (p1 != EVP_PKEY_DH_KDF_NONE)
+#else
         if (p1 != EVP_PKEY_DH_KDF_NONE && p1 != EVP_PKEY_DH_KDF_X9_42)
+#endif
             return -2;
         dctx->kdf_type = p1;
         return 1;
@@ -448,7 +452,9 @@ static int pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
             return ret;
         *keylen = ret;
         return 1;
-    } else if (dctx->kdf_type == EVP_PKEY_DH_KDF_X9_42) {
+    }
+#ifndef OPENSSL_NO_CMS
+    else if (dctx->kdf_type == EVP_PKEY_DH_KDF_X9_42) {
         unsigned char *Z = NULL;
         size_t Zlen = 0;
         if (!dctx->kdf_outlen || !dctx->kdf_oid)
@@ -479,6 +485,7 @@ static int pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
         }
         return ret;
     }
+#endif
     return 1;
 }
 
diff --git a/crypto/dh/dhtest.c b/crypto/dh/dhtest.c
index c5d3d87e..cb83109c 100644
--- a/crypto/dh/dhtest.c
+++ b/crypto/dh/dhtest.c
@@ -116,7 +116,7 @@ int main(int argc, char *argv[])
     CRYPTO_malloc_init();
 # endif
 
-    RAND_seed(rnd_seed, sizeof rnd_seed);
+    RAND_seed(rnd_seed, sizeof(rnd_seed));
 
     out = BIO_new(BIO_s_file());
     if (out == NULL)
diff --git a/crypto/dsa/dsa_ameth.c b/crypto/dsa/dsa_ameth.c
index c4fa1057..e22627f8 100644
--- a/crypto/dsa/dsa_ameth.c
+++ b/crypto/dsa/dsa_ameth.c
@@ -133,6 +133,7 @@ static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
     unsigned char *penc = NULL;
     int penclen;
     ASN1_STRING *str = NULL;
+    ASN1_OBJECT *aobj;
 
     dsa = pkey->pkey.dsa;
     if (pkey->save_parameters && dsa->p && dsa->q && dsa->g) {
@@ -159,8 +160,11 @@ static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
         goto err;
     }
 
-    if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DSA),
-                               ptype, str, penc, penclen))
+    aobj = OBJ_nid2obj(EVP_PKEY_DSA);
+    if (aobj == NULL)
+        goto err;
+
+    if (X509_PUBKEY_set0_param(pk, aobj, ptype, str, penc, penclen))
         return 1;
 
  err:
@@ -258,6 +262,7 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
         goto dsaerr;
     }
 
+    BN_set_flags(dsa->priv_key, BN_FLG_CONSTTIME);
     if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) {
         DSAerr(DSA_F_DSA_PRIV_DECODE, DSA_R_BN_ERROR);
         goto dsaerr;
diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c
index 1fce0f81..21af2e15 100644
--- a/crypto/dsa/dsa_gen.c
+++ b/crypto/dsa/dsa_gen.c
@@ -482,6 +482,8 @@ int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
     } else {
         p = BN_CTX_get(ctx);
         q = BN_CTX_get(ctx);
+        if (q == NULL)
+            goto err;
     }
 
     if (!BN_lshift(test, BN_value_one(), L - 1))
diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c
index 58013a4a..aa10dd12 100644
--- a/crypto/dsa/dsa_ossl.c
+++ b/crypto/dsa/dsa_ossl.c
@@ -224,7 +224,9 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
 {
     BN_CTX *ctx;
     BIGNUM k, kq, *K, *kinv = NULL, *r = NULL;
+    BIGNUM l, m;
     int ret = 0;
+    int q_bits;
 
     if (!dsa->p || !dsa->q || !dsa->g) {
         DSAerr(DSA_F_DSA_SIGN_SETUP, DSA_R_MISSING_PARAMETERS);
@@ -233,6 +235,8 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
 
     BN_init(&k);
     BN_init(&kq);
+    BN_init(&l);
+    BN_init(&m);
 
     if (ctx_in == NULL) {
         if ((ctx = BN_CTX_new()) == NULL)
@@ -243,6 +247,13 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
     if ((r = BN_new()) == NULL)
         goto err;
 
+    /* Preallocate space */
+    q_bits = BN_num_bits(dsa->q);
+    if (!BN_set_bit(&k, q_bits)
+        || !BN_set_bit(&l, q_bits)
+        || !BN_set_bit(&m, q_bits))
+        goto err;
+
     /* Get random k */
     do
         if (!BN_rand_range(&k, dsa->q))
@@ -263,25 +274,24 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
     /* Compute r = (g^k mod p) mod q */
 
     if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) {
-        if (!BN_copy(&kq, &k))
+        /*
+         * We do not want timing information to leak the length of k, so we
+         * compute G^k using an equivalent scalar of fixed bit-length.
+         *
+         * We unconditionally perform both of these additions to prevent a
+         * small timing information leakage.  We then choose the sum that is
+         * one bit longer than the modulus.
+         *
+         * TODO: revisit the BN_copy aiming for a memory access agnostic
+         * conditional copy.
+         */
+        if (!BN_add(&l, &k, dsa->q)
+            || !BN_add(&m, &l, dsa->q)
+            || !BN_copy(&kq, BN_num_bits(&l) > q_bits ? &l : &m))
             goto err;
 
         BN_set_flags(&kq, BN_FLG_CONSTTIME);
 
-        /*
-         * We do not want timing information to leak the length of k, so we
-         * compute g^k using an equivalent exponent of fixed length. (This
-         * is a kludge that we need because the BN_mod_exp_mont() does not
-         * let us specify the desired timing behaviour.)
-         */
-
-        if (!BN_add(&kq, &kq, dsa->q))
-            goto err;
-        if (BN_num_bits(&kq) <= BN_num_bits(dsa->q)) {
-            if (!BN_add(&kq, &kq, dsa->q))
-                goto err;
-        }
-
         K = &kq;
     } else {
         K = &k;
@@ -314,7 +324,9 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
         BN_CTX_free(ctx);
     BN_clear_free(&k);
     BN_clear_free(&kq);
-    return (ret);
+    BN_clear_free(&l);
+    BN_clear_free(&m);
+    return ret;
 }
 
 static int dsa_do_verify(const unsigned char *dgst, int dgst_len,
diff --git a/crypto/dsa/dsatest.c b/crypto/dsa/dsatest.c
index 8a224a88..bee95431 100644
--- a/crypto/dsa/dsatest.c
+++ b/crypto/dsa/dsatest.c
@@ -157,7 +157,7 @@ int main(int argc, char **argv)
     CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
 
     ERR_load_crypto_strings();
-    RAND_seed(rnd_seed, sizeof rnd_seed);
+    RAND_seed(rnd_seed, sizeof(rnd_seed));
 
     BIO_printf(bio_err, "test generation of DSA parameters\n");
 
diff --git a/crypto/ec/asm/ecp_nistz256-x86_64.pl b/crypto/ec/asm/ecp_nistz256-x86_64.pl
index 7948bf71..35d2b6d1 100644
--- a/crypto/ec/asm/ecp_nistz256-x86_64.pl
+++ b/crypto/ec/asm/ecp_nistz256-x86_64.pl
@@ -1178,19 +1178,18 @@ __ecp_nistz256_sqr_montx:
 	adox	$t1, $acc5
 	.byte	0x67,0x67
 	mulx	%rdx, $t0, $t4
-	 mov	$acc0, %rdx
+	 mov	.Lpoly+8*3(%rip), %rdx
 	adox	$t0, $acc6
 	 shlx	$a_ptr, $acc0, $t0
 	adox	$t4, $acc7
 	 shrx	$a_ptr, $acc0, $t4
-	 mov	.Lpoly+8*3(%rip), $t1
+	mov	%rdx,$t1
 
 	# reduction step 1
 	add	$t0, $acc1
 	adc	$t4, $acc2
 
-	mulx	$t1, $t0, $acc0
-	 mov	$acc1, %rdx
+	mulx	$acc0, $t0, $acc0
 	adc	$t0, $acc3
 	 shlx	$a_ptr, $acc1, $t0
 	adc	\$0, $acc0
@@ -1200,8 +1199,7 @@ __ecp_nistz256_sqr_montx:
 	add	$t0, $acc2
 	adc	$t4, $acc3
 
-	mulx	$t1, $t0, $acc1
-	 mov	$acc2, %rdx
+	mulx	$acc1, $t0, $acc1
 	adc	$t0, $acc0
 	 shlx	$a_ptr, $acc2, $t0
 	adc	\$0, $acc1
@@ -1211,8 +1209,7 @@ __ecp_nistz256_sqr_montx:
 	add	$t0, $acc3
 	adc	$t4, $acc0
 
-	mulx	$t1, $t0, $acc2
-	 mov	$acc3, %rdx
+	mulx	$acc2, $t0, $acc2
 	adc	$t0, $acc1
 	 shlx	$a_ptr, $acc3, $t0
 	adc	\$0, $acc2
@@ -1222,12 +1219,12 @@ __ecp_nistz256_sqr_montx:
 	add	$t0, $acc0
 	adc	$t4, $acc1
 
-	mulx	$t1, $t0, $acc3
+	mulx	$acc3, $t0, $acc3
 	adc	$t0, $acc2
 	adc	\$0, $acc3
 
-	xor	$t3, $t3		# cf=0
-	adc	$acc0, $acc4		# accumulate upper half
+	xor	$t3, $t3
+	add	$acc0, $acc4		# accumulate upper half
 	 mov	.Lpoly+8*1(%rip), $a_ptr
 	adc	$acc1, $acc5
 	 mov	$acc4, $acc0
@@ -1236,8 +1233,7 @@ __ecp_nistz256_sqr_montx:
 	 mov	$acc5, $acc1
 	adc	\$0, $t3
 
-	xor	%eax, %eax		# cf=0
-	sbb	\$-1, $acc4		# .Lpoly[0]
+	sub	\$-1, $acc4		# .Lpoly[0]
 	 mov	$acc6, $acc2
 	sbb	$a_ptr, $acc5		# .Lpoly[1]
 	sbb	\$0, $acc6		# .Lpoly[2]
diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c
index d089af7a..2c41c6e7 100644
--- a/crypto/ec/ec_ameth.c
+++ b/crypto/ec/ec_ameth.c
@@ -342,8 +342,10 @@ static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
     }
 
     if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_X9_62_id_ecPublicKey), 0,
-                         ptype, pval, ep, eplen))
+                         ptype, pval, ep, eplen)) {
+        OPENSSL_free(ep);
         return 0;
+    }
 
     return 1;
 }
diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c
index 33abf61f..b0cd3e17 100644
--- a/crypto/ec/ec_asn1.c
+++ b/crypto/ec/ec_asn1.c
@@ -62,17 +62,22 @@
 #include <openssl/asn1t.h>
 #include <openssl/objects.h>
 
+#define OSSL_NELEM(x)    (sizeof(x)/sizeof(x[0]))
+
 int EC_GROUP_get_basis_type(const EC_GROUP *group)
 {
-    int i = 0;
+    int i;
 
     if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) !=
         NID_X9_62_characteristic_two_field)
         /* everything else is currently not supported */
         return 0;
 
-    while (group->poly[i] != 0)
-        i++;
+    /* Find the last non-zero element of group->poly[] */
+    for (i = 0;
+         i < (int)OSSL_NELEM(group->poly) && group->poly[i] != 0;
+         i++)
+        continue;
 
     if (i == 4)
         return NID_X9_62_ppBasis;
diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c
index 3ffa112c..3241aa51 100644
--- a/crypto/ec/ec_lib.c
+++ b/crypto/ec/ec_lib.c
@@ -85,7 +85,7 @@ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth)
         return NULL;
     }
 
-    ret = OPENSSL_malloc(sizeof *ret);
+    ret = OPENSSL_malloc(sizeof(*ret));
     if (ret == NULL) {
         ECerr(EC_F_EC_GROUP_NEW, ERR_R_MALLOC_FAILURE);
         return NULL;
@@ -164,7 +164,7 @@ void EC_GROUP_clear_free(EC_GROUP *group)
         OPENSSL_free(group->seed);
     }
 
-    OPENSSL_cleanse(group, sizeof *group);
+    OPENSSL_cleanse(group, sizeof(*group));
     OPENSSL_free(group);
 }
 
@@ -575,7 +575,7 @@ int EC_EX_DATA_set_data(EC_EXTRA_DATA **ex_data, void *data,
         /* no explicit entry needed */
         return 1;
 
-    d = OPENSSL_malloc(sizeof *d);
+    d = OPENSSL_malloc(sizeof(*d));
     if (d == NULL)
         return 0;
 
@@ -712,7 +712,7 @@ EC_POINT *EC_POINT_new(const EC_GROUP *group)
         return NULL;
     }
 
-    ret = OPENSSL_malloc(sizeof *ret);
+    ret = OPENSSL_malloc(sizeof(*ret));
     if (ret == NULL) {
         ECerr(EC_F_EC_POINT_NEW, ERR_R_MALLOC_FAILURE);
         return NULL;
@@ -747,7 +747,7 @@ void EC_POINT_clear_free(EC_POINT *point)
         point->meth->point_clear_finish(point);
     else if (point->meth->point_finish != 0)
         point->meth->point_finish(point);
-    OPENSSL_cleanse(point, sizeof *point);
+    OPENSSL_cleanse(point, sizeof(*point));
     OPENSSL_free(point);
 }
 
diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c
index 23b8c308..2231f995 100644
--- a/crypto/ec/ec_mult.c
+++ b/crypto/ec/ec_mult.c
@@ -68,10 +68,14 @@
 #include "ec_lcl.h"
 
 /*
- * This file implements the wNAF-based interleaving multi-exponentation method
- * (<URL:http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller.html#multiexp>);
- * for multiplication with precomputation, we use wNAF splitting
- * (<URL:http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller.html#fastexp>).
+ * This file implements the wNAF-based interleaving multi-exponentiation method
+ * Formerly at:
+ *   http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller.html#multiexp
+ * You might now find it here:
+ *   http://link.springer.com/chapter/10.1007%2F3-540-45537-X_13
+ *   http://www.bmoeller.de/pdf/TI-01-08.multiexp.pdf
+ * For multiplication with precomputation, we use wNAF splitting, formerly at:
+ *   http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller.html#fastexp
  */
 
 /* structure for precomputed multiples of the generator */
@@ -165,11 +169,11 @@ static void ec_pre_comp_clear_free(void *pre_)
 
         for (p = pre->points; *p != NULL; p++) {
             EC_POINT_clear_free(*p);
-            OPENSSL_cleanse(p, sizeof *p);
+            OPENSSL_cleanse(p, sizeof(*p));
         }
         OPENSSL_free(pre->points);
     }
-    OPENSSL_cleanse(pre, sizeof *pre);
+    OPENSSL_cleanse(pre, sizeof(*pre));
     OPENSSL_free(pre);
 }
 
@@ -426,11 +430,11 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
 
     totalnum = num + numblocks;
 
-    wsize = OPENSSL_malloc(totalnum * sizeof wsize[0]);
-    wNAF_len = OPENSSL_malloc(totalnum * sizeof wNAF_len[0]);
-    wNAF = OPENSSL_malloc((totalnum + 1) * sizeof wNAF[0]); /* includes space
-                                                             * for pivot */
-    val_sub = OPENSSL_malloc(totalnum * sizeof val_sub[0]);
+    wsize = OPENSSL_malloc(totalnum * sizeof(wsize[0]));
+    wNAF_len = OPENSSL_malloc(totalnum * sizeof(wNAF_len[0]));
+    /* include space for pivot */
+    wNAF = OPENSSL_malloc((totalnum + 1) * sizeof(wNAF[0]));
+    val_sub = OPENSSL_malloc(totalnum * sizeof(val_sub[0]));
 
     /* Ensure wNAF is initialised in case we end up going to err */
     if (wNAF)
@@ -576,7 +580,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
      * 'val_sub[i]' is a pointer to the subarray for the i-th point, or to a
      * subarray of 'pre_comp->points' if we already have precomputation.
      */
-    val = OPENSSL_malloc((num_val + 1) * sizeof val[0]);
+    val = OPENSSL_malloc((num_val + 1) * sizeof(val[0]));
     if (val == NULL) {
         ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);
         goto err;
diff --git a/crypto/ec/eck_prn.c b/crypto/ec/eck_prn.c
index df9b37a7..176ec1f1 100644
--- a/crypto/ec/eck_prn.c
+++ b/crypto/ec/eck_prn.c
@@ -342,7 +342,7 @@ static int print_bin(BIO *fp, const char *name, const unsigned char *buf,
                      size_t len, int off)
 {
     size_t i;
-    char str[128];
+    char str[128 + 1 + 4];
 
     if (buf == NULL)
         return 1;
diff --git a/crypto/ec/ecp_mont.c b/crypto/ec/ecp_mont.c
index b2de7fae..43c4330c 100644
--- a/crypto/ec/ecp_mont.c
+++ b/crypto/ec/ecp_mont.c
@@ -247,6 +247,8 @@ int ec_GFp_mont_group_set_curve(EC_GROUP *group, const BIGNUM *p,
         BN_CTX_free(new_ctx);
     if (mont != NULL)
         BN_MONT_CTX_free(mont);
+    if (one != NULL)
+        BN_free(one);
     return ret;
 }
 
diff --git a/crypto/ec/ecp_nistp224.c b/crypto/ec/ecp_nistp224.c
index d81cc9ce..121f587b 100644
--- a/crypto/ec/ecp_nistp224.c
+++ b/crypto/ec/ecp_nistp224.c
@@ -48,7 +48,6 @@ typedef __uint128_t uint128_t;  /* nonstandard; implemented by gcc on 64-bit
 
 typedef uint8_t u8;
 typedef uint64_t u64;
-typedef int64_t s64;
 
 /******************************************************************************/
 /*-
@@ -351,9 +350,9 @@ static int BN_to_felem(felem out, const BIGNUM *bn)
     unsigned num_bytes;
 
     /* BN_bn2bin eats leading zeroes */
-    memset(b_out, 0, sizeof b_out);
+    memset(b_out, 0, sizeof(b_out));
     num_bytes = BN_num_bytes(bn);
-    if (num_bytes > sizeof b_out) {
+    if (num_bytes > sizeof(b_out)) {
         ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
         return 0;
     }
@@ -372,8 +371,8 @@ static BIGNUM *felem_to_BN(BIGNUM *out, const felem in)
 {
     felem_bytearray b_in, b_out;
     felem_to_bin28(b_in, in);
-    flip_endian(b_out, b_in, sizeof b_out);
-    return BN_bin2bn(b_out, sizeof b_out, out);
+    flip_endian(b_out, b_in, sizeof(b_out));
+    return BN_bin2bn(b_out, sizeof(b_out), out);
 }
 
 /******************************************************************************/
@@ -716,7 +715,7 @@ static limb felem_is_zero(const felem in)
     return (zero | two224m96p1 | two225m97p2);
 }
 
-static limb felem_is_zero_int(const felem in)
+static int felem_is_zero_int(const void *in)
 {
     return (int)(felem_is_zero(in) & ((limb) 1));
 }
@@ -1234,7 +1233,7 @@ static void batch_mul(felem x_out, felem y_out, felem z_out,
 static NISTP224_PRE_COMP *nistp224_pre_comp_new()
 {
     NISTP224_PRE_COMP *ret = NULL;
-    ret = (NISTP224_PRE_COMP *) OPENSSL_malloc(sizeof *ret);
+    ret = (NISTP224_PRE_COMP *) OPENSSL_malloc(sizeof(*ret));
     if (!ret) {
         ECerr(EC_F_NISTP224_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE);
         return ret;
@@ -1281,7 +1280,7 @@ static void nistp224_pre_comp_clear_free(void *pre_)
     if (i > 0)
         return;
 
-    OPENSSL_cleanse(pre, sizeof *pre);
+    OPENSSL_cleanse(pre, sizeof(*pre));
     OPENSSL_free(pre);
 }
 
@@ -1391,7 +1390,6 @@ static void make_points_affine(size_t num, felem points[ /* num */ ][3],
                                              sizeof(felem),
                                              tmp_felems,
                                              (void (*)(void *))felem_one,
-                                             (int (*)(const void *))
                                              felem_is_zero_int,
                                              (void (*)(void *, const void *))
                                              felem_assign,
@@ -1569,7 +1567,7 @@ int ec_GFp_nistp224_points_mul(const EC_GROUP *group, EC_POINT *r,
 
     /* the scalar for the generator */
     if ((scalar != NULL) && (have_pre_comp)) {
-        memset(g_secret, 0, sizeof g_secret);
+        memset(g_secret, 0, sizeof(g_secret));
         /* reduce scalar to 0 <= scalar < 2^224 */
         if ((BN_num_bits(scalar) > 224) || (BN_is_negative(scalar))) {
             /*
diff --git a/crypto/ec/ecp_nistp256.c b/crypto/ec/ecp_nistp256.c
index 78d191aa..378f0bae 100644
--- a/crypto/ec/ecp_nistp256.c
+++ b/crypto/ec/ecp_nistp256.c
@@ -51,7 +51,6 @@ typedef __int128_t int128_t;
 typedef uint8_t u8;
 typedef uint32_t u32;
 typedef uint64_t u64;
-typedef int64_t s64;
 
 /*
  * The underlying field. P256 operates over GF(2^256-2^224+2^192+2^96-1). We
@@ -161,9 +160,9 @@ static int BN_to_felem(felem out, const BIGNUM *bn)
     unsigned num_bytes;
 
     /* BN_bn2bin eats leading zeroes */
-    memset(b_out, 0, sizeof b_out);
+    memset(b_out, 0, sizeof(b_out));
     num_bytes = BN_num_bytes(bn);
-    if (num_bytes > sizeof b_out) {
+    if (num_bytes > sizeof(b_out)) {
         ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
         return 0;
     }
@@ -182,8 +181,8 @@ static BIGNUM *smallfelem_to_BN(BIGNUM *out, const smallfelem in)
 {
     felem_bytearray b_in, b_out;
     smallfelem_to_bin32(b_in, in);
-    flip_endian(b_out, b_in, sizeof b_out);
-    return BN_bin2bn(b_out, sizeof b_out, out);
+    flip_endian(b_out, b_in, sizeof(b_out));
+    return BN_bin2bn(b_out, sizeof(b_out), out);
 }
 
 /*-
@@ -392,7 +391,7 @@ static void felem_shrink(smallfelem out, const felem in)
 {
     felem tmp;
     u64 a, b, mask;
-    s64 high, low;
+    u64 high, low;
     static const u64 kPrime3Test = 0x7fffffff00000001ul; /* 2^63 - 2^32 + 1 */
 
     /* Carry 2->3 */
@@ -433,29 +432,31 @@ static void felem_shrink(smallfelem out, const felem in)
      * In order to make space in tmp[3] for the carry from 2 -> 3, we
      * conditionally subtract kPrime if tmp[3] is large enough.
      */
-    high = tmp[3] >> 64;
+    high = (u64)(tmp[3] >> 64);
     /* As tmp[3] < 2^65, high is either 1 or 0 */
-    high <<= 63;
-    high >>= 63;
+    high = 0 - high;
     /*-
      * high is:
      *   all ones   if the high word of tmp[3] is 1
-     *   all zeros  if the high word of tmp[3] if 0 */
-    low = tmp[3];
-    mask = low >> 63;
+     *   all zeros  if the high word of tmp[3] if 0
+     */
+    low = (u64)tmp[3];
+    mask = 0 - (low >> 63);
     /*-
      * mask is:
      *   all ones   if the MSB of low is 1
-     *   all zeros  if the MSB of low if 0 */
+     *   all zeros  if the MSB of low if 0
+     */
     low &= bottom63bits;
     low -= kPrime3Test;
     /* if low was greater than kPrime3Test then the MSB is zero */
     low = ~low;
-    low >>= 63;
+    low = 0 - (low >> 63);
     /*-
      * low is:
      *   all ones   if low was > kPrime3Test
-     *   all zeros  if low was <= kPrime3Test */
+     *   all zeros  if low was <= kPrime3Test
+     */
     mask = (mask & low) | high;
     tmp[0] -= mask & kPrime[0];
     tmp[1] -= mask & kPrime[1];
@@ -889,7 +890,7 @@ static void felem_contract(smallfelem out, const felem in)
         equal &= equal << 4;
         equal &= equal << 2;
         equal &= equal << 1;
-        equal = ((s64) equal) >> 63;
+        equal = 0 - (equal >> 63);
 
         all_equal_so_far &= equal;
     }
@@ -956,7 +957,7 @@ static limb smallfelem_is_zero(const smallfelem small)
     is_zero &= is_zero << 4;
     is_zero &= is_zero << 2;
     is_zero &= is_zero << 1;
-    is_zero = ((s64) is_zero) >> 63;
+    is_zero = 0 - (is_zero >> 63);
 
     is_p = (small[0] ^ kPrime[0]) |
         (small[1] ^ kPrime[1]) |
@@ -968,7 +969,7 @@ static limb smallfelem_is_zero(const smallfelem small)
     is_p &= is_p << 4;
     is_p &= is_p << 2;
     is_p &= is_p << 1;
-    is_p = ((s64) is_p) >> 63;
+    is_p = 0 - (is_p >> 63);
 
     is_zero |= is_p;
 
@@ -977,7 +978,7 @@ static limb smallfelem_is_zero(const smallfelem small)
     return result;
 }
 
-static int smallfelem_is_zero_int(const smallfelem small)
+static int smallfelem_is_zero_int(const void *small)
 {
     return (int)(smallfelem_is_zero(small) & ((limb) 1));
 }
@@ -1820,7 +1821,7 @@ const EC_METHOD *EC_GFp_nistp256_method(void)
 static NISTP256_PRE_COMP *nistp256_pre_comp_new()
 {
     NISTP256_PRE_COMP *ret = NULL;
-    ret = (NISTP256_PRE_COMP *) OPENSSL_malloc(sizeof *ret);
+    ret = (NISTP256_PRE_COMP *) OPENSSL_malloc(sizeof(*ret));
     if (!ret) {
         ECerr(EC_F_NISTP256_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE);
         return ret;
@@ -1867,7 +1868,7 @@ static void nistp256_pre_comp_clear_free(void *pre_)
     if (i > 0)
         return;
 
-    OPENSSL_cleanse(pre, sizeof *pre);
+    OPENSSL_cleanse(pre, sizeof(*pre));
     OPENSSL_free(pre);
 }
 
@@ -1979,7 +1980,6 @@ static void make_points_affine(size_t num, smallfelem points[][3],
                                              sizeof(smallfelem),
                                              tmp_smallfelems,
                                              (void (*)(void *))smallfelem_one,
-                                             (int (*)(const void *))
                                              smallfelem_is_zero_int,
                                              (void (*)(void *, const void *))
                                              smallfelem_assign,
diff --git a/crypto/ec/ecp_nistp521.c b/crypto/ec/ecp_nistp521.c
index c53a61bb..90989c5a 100644
--- a/crypto/ec/ecp_nistp521.c
+++ b/crypto/ec/ecp_nistp521.c
@@ -49,7 +49,6 @@ typedef __uint128_t uint128_t;  /* nonstandard; implemented by gcc on 64-bit
 
 typedef uint8_t u8;
 typedef uint64_t u64;
-typedef int64_t s64;
 
 /*
  * The underlying field. P521 operates over GF(2^521-1). We can serialise an
@@ -185,9 +184,9 @@ static int BN_to_felem(felem out, const BIGNUM *bn)
     unsigned num_bytes;
 
     /* BN_bn2bin eats leading zeroes */
-    memset(b_out, 0, sizeof b_out);
+    memset(b_out, 0, sizeof(b_out));
     num_bytes = BN_num_bytes(bn);
-    if (num_bytes > sizeof b_out) {
+    if (num_bytes > sizeof(b_out)) {
         ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
         return 0;
     }
@@ -206,8 +205,8 @@ static BIGNUM *felem_to_BN(BIGNUM *out, const felem in)
 {
     felem_bytearray b_in, b_out;
     felem_to_bin66(b_in, in);
-    flip_endian(b_out, b_in, sizeof b_out);
-    return BN_bin2bn(b_out, sizeof b_out, out);
+    flip_endian(b_out, b_in, sizeof(b_out));
+    return BN_bin2bn(b_out, sizeof(b_out), out);
 }
 
 /*-
@@ -852,7 +851,7 @@ static limb felem_is_zero(const felem in)
      * We know that ftmp[i] < 2^63, therefore the only way that the top bit
      * can be set is if is_zero was 0 before the decrement.
      */
-    is_zero = ((s64) is_zero) >> 63;
+    is_zero = 0 - (is_zero >> 63);
 
     is_p = ftmp[0] ^ kPrime[0];
     is_p |= ftmp[1] ^ kPrime[1];
@@ -865,13 +864,13 @@ static limb felem_is_zero(const felem in)
     is_p |= ftmp[8] ^ kPrime[8];
 
     is_p--;
-    is_p = ((s64) is_p) >> 63;
+    is_p = 0 - (is_p >> 63);
 
     is_zero |= is_p;
     return is_zero;
 }
 
-static int felem_is_zero_int(const felem in)
+static int felem_is_zero_int(const void *in)
 {
     return (int)(felem_is_zero(in) & ((limb) 1));
 }
@@ -936,7 +935,7 @@ static void felem_contract(felem out, const felem in)
     is_p &= is_p << 4;
     is_p &= is_p << 2;
     is_p &= is_p << 1;
-    is_p = ((s64) is_p) >> 63;
+    is_p = 0 - (is_p >> 63);
     is_p = ~is_p;
 
     /* is_p is 0 iff |out| == 2^521-1 and all ones otherwise */
@@ -962,7 +961,7 @@ static void felem_contract(felem out, const felem in)
     is_greater |= is_greater << 4;
     is_greater |= is_greater << 2;
     is_greater |= is_greater << 1;
-    is_greater = ((s64) is_greater) >> 63;
+    is_greater = 0 - (is_greater >> 63);
 
     out[0] -= kPrime[0] & is_greater;
     out[1] -= kPrime[1] & is_greater;
@@ -1787,7 +1786,6 @@ static void make_points_affine(size_t num, felem points[][3],
                                              sizeof(felem),
                                              tmp_felems,
                                              (void (*)(void *))felem_one,
-                                             (int (*)(const void *))
                                              felem_is_zero_int,
                                              (void (*)(void *, const void *))
                                              felem_assign,
diff --git a/crypto/ec/ecp_nistz256.c b/crypto/ec/ecp_nistz256.c
index 99b8d613..9a53a39a 100644
--- a/crypto/ec/ecp_nistz256.c
+++ b/crypto/ec/ecp_nistz256.c
@@ -1504,7 +1504,7 @@ static void ecp_nistz256_pre_comp_clear_free(void *pre_)
                         32 * sizeof(unsigned char) * (1 << pre->w) * 2 * 37);
         OPENSSL_free(pre->precomp_storage);
     }
-    OPENSSL_cleanse(pre, sizeof *pre);
+    OPENSSL_cleanse(pre, sizeof(*pre));
     OPENSSL_free(pre);
 }
 
diff --git a/crypto/ec/ecp_smpl.c b/crypto/ec/ecp_smpl.c
index 2b848216..e94a7d49 100644
--- a/crypto/ec/ecp_smpl.c
+++ b/crypto/ec/ecp_smpl.c
@@ -1270,7 +1270,7 @@ int ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num,
     if (tmp == NULL || tmp_Z == NULL)
         goto err;
 
-    prod_Z = OPENSSL_malloc(num * sizeof prod_Z[0]);
+    prod_Z = OPENSSL_malloc(num * sizeof(prod_Z[0]));
     if (prod_Z == NULL)
         goto err;
     for (i = 0; i < num; i++) {
diff --git a/crypto/ec/ectest.c b/crypto/ec/ectest.c
index 40a1f003..5e1ef509 100644
--- a/crypto/ec/ectest.c
+++ b/crypto/ec/ectest.c
@@ -469,7 +469,7 @@ static void prime_field_tests(void)
 
     len =
         EC_POINT_point2oct(group, Q, POINT_CONVERSION_COMPRESSED, buf,
-                           sizeof buf, ctx);
+                           sizeof(buf), ctx);
     if (len == 0)
         ABORT;
     if (!EC_POINT_oct2point(group, P, buf, len, ctx))
@@ -482,7 +482,7 @@ static void prime_field_tests(void)
 
     len =
         EC_POINT_point2oct(group, Q, POINT_CONVERSION_UNCOMPRESSED, buf,
-                           sizeof buf, ctx);
+                           sizeof(buf), ctx);
     if (len == 0)
         ABORT;
     if (!EC_POINT_oct2point(group, P, buf, len, ctx))
@@ -494,7 +494,7 @@ static void prime_field_tests(void)
         fprintf(stdout, "%02X", buf[i]);
 
     len =
-        EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, buf, sizeof buf,
+        EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, buf, sizeof(buf),
                            ctx);
     if (len == 0)
         ABORT;
@@ -1206,7 +1206,7 @@ static void char2_field_tests(void)
 #  ifdef OPENSSL_EC_BIN_PT_COMP
     len =
         EC_POINT_point2oct(group, Q, POINT_CONVERSION_COMPRESSED, buf,
-                           sizeof buf, ctx);
+                           sizeof(buf), ctx);
     if (len == 0)
         ABORT;
     if (!EC_POINT_oct2point(group, P, buf, len, ctx))
@@ -1220,7 +1220,7 @@ static void char2_field_tests(void)
 
     len =
         EC_POINT_point2oct(group, Q, POINT_CONVERSION_UNCOMPRESSED, buf,
-                           sizeof buf, ctx);
+                           sizeof(buf), ctx);
     if (len == 0)
         ABORT;
     if (!EC_POINT_oct2point(group, P, buf, len, ctx))
@@ -1234,7 +1234,7 @@ static void char2_field_tests(void)
 /* Change test based on whether binary point compression is enabled or not. */
 #  ifdef OPENSSL_EC_BIN_PT_COMP
     len =
-        EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, buf, sizeof buf,
+        EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, buf, sizeof(buf),
                            ctx);
     if (len == 0)
         ABORT;
@@ -1844,7 +1844,7 @@ int main(int argc, char *argv[])
     CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
     ERR_load_crypto_strings();
 
-    RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_generate_prime may fail */
+    RAND_seed(rnd_seed, sizeof(rnd_seed)); /* or BN_generate_prime may fail */
 
     prime_field_tests();
     puts("");
diff --git a/crypto/ecdh/ecdhtest.c b/crypto/ecdh/ecdhtest.c
index 2fe2c664..3febf101 100644
--- a/crypto/ecdh/ecdhtest.c
+++ b/crypto/ecdh/ecdhtest.c
@@ -490,7 +490,7 @@ int main(int argc, char *argv[])
     CRYPTO_malloc_init();
 # endif
 
-    RAND_seed(rnd_seed, sizeof rnd_seed);
+    RAND_seed(rnd_seed, sizeof(rnd_seed));
 
     out = BIO_new(BIO_s_file());
     if (out == NULL)
diff --git a/crypto/ecdh/ech_lib.c b/crypto/ecdh/ech_lib.c
index cbc21d1a..9cc22582 100644
--- a/crypto/ecdh/ech_lib.c
+++ b/crypto/ecdh/ech_lib.c
@@ -225,9 +225,16 @@ ECDH_DATA *ecdh_check(EC_KEY *key)
              */
             ecdh_data_free(ecdh_data);
             ecdh_data = (ECDH_DATA *)data;
+        } else if (EC_KEY_get_key_method_data(key, ecdh_data_dup,
+                                              ecdh_data_free,
+                                              ecdh_data_free) != ecdh_data) {
+            /* Or an out of memory error in EC_KEY_insert_key_method_data. */
+            ecdh_data_free(ecdh_data);
+            return NULL;
         }
-    } else
+    } else {
         ecdh_data = (ECDH_DATA *)data;
+    }
 #ifdef OPENSSL_FIPS
     if (FIPS_mode() && !(ecdh_data->flags & ECDH_FLAG_FIPS_METHOD)
         && !(EC_KEY_get_flags(key) & EC_FLAG_NON_FIPS_ALLOW)) {
diff --git a/crypto/ecdsa/ecs_lib.c b/crypto/ecdsa/ecs_lib.c
index 8dc1dda4..f1dd4723 100644
--- a/crypto/ecdsa/ecs_lib.c
+++ b/crypto/ecdsa/ecs_lib.c
@@ -203,9 +203,16 @@ ECDSA_DATA *ecdsa_check(EC_KEY *key)
              */
             ecdsa_data_free(ecdsa_data);
             ecdsa_data = (ECDSA_DATA *)data;
+        } else if (EC_KEY_get_key_method_data(key, ecdsa_data_dup,
+                                              ecdsa_data_free,
+                                              ecdsa_data_free) != ecdsa_data) {
+            /* Or an out of memory error in EC_KEY_insert_key_method_data. */
+            ecdsa_data_free(ecdsa_data);
+            return NULL;
         }
-    } else
+    } else {
         ecdsa_data = (ECDSA_DATA *)data;
+    }
 #ifdef OPENSSL_FIPS
     if (FIPS_mode() && !(ecdsa_data->flags & ECDSA_FLAG_FIPS_METHOD)
         && !(EC_KEY_get_flags(key) & EC_FLAG_NON_FIPS_ALLOW)) {
diff --git a/crypto/ecdsa/ecs_ossl.c b/crypto/ecdsa/ecs_ossl.c
index dd769609..16d4f59b 100644
--- a/crypto/ecdsa/ecs_ossl.c
+++ b/crypto/ecdsa/ecs_ossl.c
@@ -95,6 +95,7 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
     EC_POINT *tmp_point = NULL;
     const EC_GROUP *group;
     int ret = 0;
+    int order_bits;
 
     if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL) {
         ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_PASSED_NULL_PARAMETER);
@@ -126,6 +127,13 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
         goto err;
     }
 
+    /* Preallocate space */
+    order_bits = BN_num_bits(order);
+    if (!BN_set_bit(k, order_bits)
+        || !BN_set_bit(r, order_bits)
+        || !BN_set_bit(X, order_bits))
+        goto err;
+
     do {
         /* get random k */
         do
@@ -139,13 +147,19 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
         /*
          * We do not want timing information to leak the length of k, so we
          * compute G*k using an equivalent scalar of fixed bit-length.
+         *
+         * We unconditionally perform both of these additions to prevent a
+         * small timing information leakage.  We then choose the sum that is
+         * one bit longer than the order.  This guarantees the code
+         * path used in the constant time implementations elsewhere.
+         *
+         * TODO: revisit the BN_copy aiming for a memory access agnostic
+         * conditional copy.
          */
-
-        if (!BN_add(k, k, order))
+        if (!BN_add(r, k, order)
+            || !BN_add(X, r, order)
+            || !BN_copy(k, BN_num_bits(r) > order_bits ? r : X))
             goto err;
-        if (BN_num_bits(k) <= BN_num_bits(order))
-            if (!BN_add(k, k, order))
-                goto err;
 
         /* compute r the x-coordinate of generator * k */
         if (!EC_POINT_mul(group, tmp_point, k, NULL, NULL, ctx)) {
diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c
index 2a2b95ce..d8cac4bd 100644
--- a/crypto/engine/eng_cryptodev.c
+++ b/crypto/engine/eng_cryptodev.c
@@ -810,14 +810,15 @@ static int cryptodev_digest_update(EVP_MD_CTX *ctx, const void *data,
 
     if (!(ctx->flags & EVP_MD_CTX_FLAG_ONESHOT)) {
         /* if application doesn't support one buffer */
-        state->mac_data =
+        char *mac_data =
             OPENSSL_realloc(state->mac_data, state->mac_len + count);
 
-        if (!state->mac_data) {
+        if (mac_data == NULL) {
             printf("cryptodev_digest_update: realloc failed\n");
             return (0);
         }
 
+        state->mac_data = mac_data;
         memcpy(state->mac_data + state->mac_len, data, count);
         state->mac_len += count;
 
@@ -1056,7 +1057,7 @@ static int crparam2bn(struct crparam *crp, BIGNUM *a)
         return (-1);
 
     for (i = 0; i < bytes; i++)
-        pd[i] = crp->crp_p[bytes - i - 1];
+        pd[i] = ((char *)crp->crp_p)[bytes - i - 1];
 
     BN_bin2bn(pd, bytes, a);
     free(pd);
@@ -1132,7 +1133,7 @@ cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
         return (ret);
     }
 
-    memset(&kop, 0, sizeof kop);
+    memset(&kop, 0, sizeof(kop));
     kop.crk_op = CRK_MOD_EXP;
 
     /* inputs: a^p % m */
@@ -1183,7 +1184,7 @@ cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
         return (0);
     }
 
-    memset(&kop, 0, sizeof kop);
+    memset(&kop, 0, sizeof(kop));
     kop.crk_op = CRK_MOD_EXP_CRT;
     /* inputs: rsa->p rsa->q I rsa->dmp1 rsa->dmq1 rsa->iqmp */
     if (bn2crparam(rsa->p, &kop.crk_param[0]))
@@ -1286,7 +1287,7 @@ static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen,
         goto err;
     }
 
-    memset(&kop, 0, sizeof kop);
+    memset(&kop, 0, sizeof(kop));
     kop.crk_op = CRK_DSA_SIGN;
 
     /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */
@@ -1329,7 +1330,7 @@ cryptodev_dsa_verify(const unsigned char *dgst, int dlen,
     struct crypt_kop kop;
     int dsaret = 1;
 
-    memset(&kop, 0, sizeof kop);
+    memset(&kop, 0, sizeof(kop));
     kop.crk_op = CRK_DSA_VERIFY;
 
     /* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */
@@ -1402,7 +1403,7 @@ cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
 
     keylen = BN_num_bits(dh->p);
 
-    memset(&kop, 0, sizeof kop);
+    memset(&kop, 0, sizeof(kop));
     kop.crk_op = CRK_DH_COMPUTE_KEY;
 
     /* inputs: dh->priv_key pub_key dh->p key */
diff --git a/crypto/engine/eng_fat.c b/crypto/engine/eng_fat.c
index 4279dd94..55d3858b 100644
--- a/crypto/engine/eng_fat.c
+++ b/crypto/engine/eng_fat.c
@@ -167,6 +167,7 @@ int ENGINE_register_complete(ENGINE *e)
 #endif
     ENGINE_register_RAND(e);
     ENGINE_register_pkey_meths(e);
+    ENGINE_register_pkey_asn1_meths(e);
     return 1;
 }
 
diff --git a/crypto/engine/eng_table.c b/crypto/engine/eng_table.c
index 27d31f70..709393fa 100644
--- a/crypto/engine/eng_table.c
+++ b/crypto/engine/eng_table.c
@@ -1,5 +1,5 @@
 /* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 2001-2018 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -159,6 +159,11 @@ int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup,
             }
             fnd->funct = NULL;
             (void)lh_ENGINE_PILE_insert(&(*table)->piles, fnd);
+            if (lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate) != fnd) {
+                sk_ENGINE_free(fnd->sk);
+                OPENSSL_free(fnd);
+                goto end;
+            }
         }
         /* A registration shouldn't add duplciate entries */
         (void)sk_ENGINE_delete_ptr(fnd->sk, e);
diff --git a/crypto/err/err.c b/crypto/err/err.c
index 52dc9a5d..e9ef2156 100644
--- a/crypto/err/err.c
+++ b/crypto/err/err.c
@@ -172,6 +172,7 @@ static ERR_STRING_DATA ERR_str_functs[] = {
 # endif
     {ERR_PACK(0, SYS_F_OPENDIR, 0), "opendir"},
     {ERR_PACK(0, SYS_F_FREAD, 0), "fread"},
+    {ERR_PACK(0, SYS_F_FFLUSH, 0), "fflush"},
     {0, NULL},
 };
 
@@ -601,8 +602,8 @@ static void build_SYS_str_reasons(void)
             char (*dest)[LEN_SYS_STR_REASON] = &(strerror_tab[i - 1]);
             char *src = strerror(i);
             if (src != NULL) {
-                strncpy(*dest, src, sizeof *dest);
-                (*dest)[sizeof *dest - 1] = '\0';
+                strncpy(*dest, src, sizeof(*dest));
+                (*dest)[sizeof(*dest) - 1] = '\0';
                 str->string = *dest;
             }
         }
@@ -724,6 +725,8 @@ void ERR_put_error(int lib, int func, int reason, const char *file, int line)
     }
 #endif
     es = ERR_get_state();
+    if (es == NULL)
+        return;
 
     es->top = (es->top + 1) % ERR_NUM_ERRORS;
     if (es->top == es->bottom)
@@ -741,6 +744,8 @@ void ERR_clear_error(void)
     ERR_STATE *es;
 
     es = ERR_get_state();
+    if (es == NULL)
+        return;
 
     for (i = 0; i < ERR_NUM_ERRORS; i++) {
         err_clear(es, i);
@@ -805,6 +810,8 @@ static unsigned long get_error_values(int inc, int top, const char **file,
     unsigned long ret;
 
     es = ERR_get_state();
+    if (es == NULL)
+        return 0;
 
     if (inc && top) {
         if (file)
@@ -1015,7 +1022,6 @@ void ERR_remove_state(unsigned long pid)
 
 ERR_STATE *ERR_get_state(void)
 {
-    static ERR_STATE fallback;
     ERR_STATE *ret, tmp, *tmpp = NULL;
     int i;
     CRYPTO_THREADID tid;
@@ -1029,7 +1035,7 @@ ERR_STATE *ERR_get_state(void)
     if (ret == NULL) {
         ret = (ERR_STATE *)OPENSSL_malloc(sizeof(ERR_STATE));
         if (ret == NULL)
-            return (&fallback);
+            return NULL;
         CRYPTO_THREADID_cpy(&ret->tid, &tid);
         ret->top = 0;
         ret->bottom = 0;
@@ -1041,7 +1047,7 @@ ERR_STATE *ERR_get_state(void)
         /* To check if insertion failed, do a get. */
         if (ERRFN(thread_get_item) (ret) != ret) {
             ERR_STATE_free(ret); /* could not insert it */
-            return (&fallback);
+            return NULL;
         }
         /*
          * If a race occured in this function and we came second, tmpp is the
@@ -1065,10 +1071,10 @@ void ERR_set_error_data(char *data, int flags)
     int i;
 
     es = ERR_get_state();
+    if (es == NULL)
+        return;
 
     i = es->top;
-    if (i == 0)
-        i = ERR_NUM_ERRORS - 1;
 
     err_clear_data(es, i);
     es->err_data[i] = data;
@@ -1120,6 +1126,8 @@ int ERR_set_mark(void)
     ERR_STATE *es;
 
     es = ERR_get_state();
+    if (es == NULL)
+        return 0;
 
     if (es->bottom == es->top)
         return 0;
@@ -1132,6 +1140,8 @@ int ERR_pop_to_mark(void)
     ERR_STATE *es;
 
     es = ERR_get_state();
+    if (es == NULL)
+        return 0;
 
     while (es->bottom != es->top
            && (es->err_flags[es->top] & ERR_FLAG_MARK) == 0) {
diff --git a/crypto/err/err.h b/crypto/err/err.h
index 585aa8ba..f4236562 100644
--- a/crypto/err/err.h
+++ b/crypto/err/err.h
@@ -258,6 +258,7 @@ typedef struct err_state_st {
 # define SYS_F_WSASTARTUP        9/* Winsock stuff */
 # define SYS_F_OPENDIR           10
 # define SYS_F_FREAD             11
+# define SYS_F_FFLUSH            18
 
 /* reasons */
 # define ERR_R_SYS_LIB   ERR_LIB_SYS/* 2 */
diff --git a/crypto/err/err_prn.c b/crypto/err/err_prn.c
index 6e352eff..25c808ea 100644
--- a/crypto/err/err_prn.c
+++ b/crypto/err/err_prn.c
@@ -77,7 +77,7 @@ void ERR_print_errors_cb(int (*cb) (const char *str, size_t len, void *u),
     CRYPTO_THREADID_current(&cur);
     es = CRYPTO_THREADID_hash(&cur);
     while ((l = ERR_get_error_line_data(&file, &line, &data, &flags)) != 0) {
-        ERR_error_string_n(l, buf, sizeof buf);
+        ERR_error_string_n(l, buf, sizeof(buf));
         BIO_snprintf(buf2, sizeof(buf2), "%lu:%s:%s:%d:%s\n", es, buf,
                      file, line, (flags & ERR_TXT_STRING) ? data : "");
         if (cb(buf2, strlen(buf2), u) <= 0)
diff --git a/crypto/evp/bio_b64.c b/crypto/evp/bio_b64.c
index 538b5202..5ad5a950 100644
--- a/crypto/evp/bio_b64.c
+++ b/crypto/evp/bio_b64.c
@@ -330,6 +330,14 @@ static int b64_read(BIO *b, char *out, int outl)
                                  (unsigned char *)ctx->tmp, i);
             ctx->tmp_len = 0;
         }
+        /*
+         * If eof or an error was signalled, then the condition
+         * 'ctx->cont <= 0' will prevent b64_read() from reading
+         * more data on subsequent calls. This assignment was
+         * deleted accidentally in commit 5562cfaca4f3.
+         */
+        ctx->cont = i;
+
         ctx->buf_off = 0;
         if (i < 0) {
             ret_code = 0;
diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index 4db17962..d4274c57 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -124,12 +124,12 @@
 
 void EVP_MD_CTX_init(EVP_MD_CTX *ctx)
 {
-    memset(ctx, '\0', sizeof *ctx);
+    memset(ctx, '\0', sizeof(*ctx));
 }
 
 EVP_MD_CTX *EVP_MD_CTX_create(void)
 {
-    EVP_MD_CTX *ctx = OPENSSL_malloc(sizeof *ctx);
+    EVP_MD_CTX *ctx = OPENSSL_malloc(sizeof(*ctx));
 
     if (ctx)
         EVP_MD_CTX_init(ctx);
@@ -316,7 +316,7 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
     } else
         tmp_buf = NULL;
     EVP_MD_CTX_cleanup(out);
-    memcpy(out, in, sizeof *out);
+    memcpy(out, in, sizeof(*out));
 
     if (in->md_data && out->digest->ctx_size) {
         if (tmp_buf)
@@ -402,7 +402,7 @@ int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
 #ifdef OPENSSL_FIPS
     FIPS_md_ctx_cleanup(ctx);
 #endif
-    memset(ctx, '\0', sizeof *ctx);
+    memset(ctx, '\0', sizeof(*ctx));
 
     return 1;
 }
diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
index 7c62d327..ccc626f1 100644
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -1,5 +1,5 @@
 /* ====================================================================
- * Copyright (c) 2001-2011 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 2001-2018 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -1089,6 +1089,8 @@ static int aes_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
         CRYPTO_cfb128_1_encrypt(in, out, MAXBITCHUNK * 8, &dat->ks,
                                 ctx->iv, &ctx->num, ctx->encrypt, dat->block);
         len -= MAXBITCHUNK;
+        out += MAXBITCHUNK;
+        in  += MAXBITCHUNK;
     }
     if (len)
         CRYPTO_cfb128_1_encrypt(in, out, len * 8, &dat->ks,
@@ -1120,6 +1122,8 @@ BLOCK_CIPHER_generic_pack(NID_aes, 128, EVP_CIPH_FLAG_FIPS)
 static int aes_gcm_cleanup(EVP_CIPHER_CTX *c)
 {
     EVP_AES_GCM_CTX *gctx = c->cipher_data;
+    if (gctx == NULL)
+        return 0;
     OPENSSL_cleanse(&gctx->gcm, sizeof(gctx->gcm));
     if (gctx->iv != c->iv)
         OPENSSL_free(gctx->iv);
@@ -1235,10 +1239,15 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
         {
             unsigned int len = c->buf[arg - 2] << 8 | c->buf[arg - 1];
             /* Correct length for explicit IV */
+            if (len < EVP_GCM_TLS_EXPLICIT_IV_LEN)
+                return 0;
             len -= EVP_GCM_TLS_EXPLICIT_IV_LEN;
             /* If decrypting correct for tag too */
-            if (!c->encrypt)
+            if (!c->encrypt) {
+                if (len < EVP_GCM_TLS_TAG_LEN)
+                    return 0;
                 len -= EVP_GCM_TLS_TAG_LEN;
+            }
             c->buf[arg - 2] = len >> 8;
             c->buf[arg - 1] = len & 0xff;
         }
diff --git a/crypto/evp/e_aes_cbc_hmac_sha1.c b/crypto/evp/e_aes_cbc_hmac_sha1.c
index 6dfd590a..b25fc6d5 100644
--- a/crypto/evp/e_aes_cbc_hmac_sha1.c
+++ b/crypto/evp/e_aes_cbc_hmac_sha1.c
@@ -579,12 +579,17 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
             maxpad |= (255 - maxpad) >> (sizeof(maxpad) * 8 - 8);
             maxpad &= 255;
 
-            ret &= constant_time_ge(maxpad, pad);
+            mask = constant_time_ge(maxpad, pad);
+            ret &= mask;
+            /*
+             * If pad is invalid then we will fail the above test but we must
+             * continue anyway because we are in constant time code. However,
+             * we'll use the maxpad value instead of the supplied pad to make
+             * sure we perform well defined pointer arithmetic.
+             */
+            pad = constant_time_select(mask, pad, maxpad);
 
             inp_len = len - (SHA_DIGEST_LENGTH + pad + 1);
-            mask = (0 - ((inp_len - len) >> (sizeof(inp_len) * 8 - 1)));
-            inp_len &= mask;
-            ret &= (int)mask;
 
             key->aux.tls_aad[plen - 2] = inp_len >> 8;
             key->aux.tls_aad[plen - 1] = inp_len;
@@ -859,6 +864,8 @@ static int aesni_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
                 key->payload_length = len;
                 if ((key->aux.tls_ver =
                      p[arg - 4] << 8 | p[arg - 3]) >= TLS1_1_VERSION) {
+                    if (len < AES_BLOCK_SIZE)
+                        return 0;
                     len -= AES_BLOCK_SIZE;
                     p[arg - 2] = len >> 8;
                     p[arg - 1] = len;
diff --git a/crypto/evp/e_aes_cbc_hmac_sha256.c b/crypto/evp/e_aes_cbc_hmac_sha256.c
index 46c9d033..9a8a2ad7 100644
--- a/crypto/evp/e_aes_cbc_hmac_sha256.c
+++ b/crypto/evp/e_aes_cbc_hmac_sha256.c
@@ -507,10 +507,12 @@ static int aesni_cbc_hmac_sha256_cipher(EVP_CIPHER_CTX *ctx,
          * to identify it and avoid stitch invocation. So that after we
          * establish that current CPU supports AVX, we even see if it's
          * either even XOP-capable Bulldozer-based or GenuineIntel one.
+         * But SHAEXT-capable go ahead...
          */
-        if (OPENSSL_ia32cap_P[1] & (1 << (60 - 32)) && /* AVX? */
-            ((OPENSSL_ia32cap_P[1] & (1 << (43 - 32))) /* XOP? */
-             | (OPENSSL_ia32cap_P[0] & (1<<30))) &&    /* "Intel CPU"? */
+        if (((OPENSSL_ia32cap_P[2] & (1 << 29)) ||         /* SHAEXT? */
+             ((OPENSSL_ia32cap_P[1] & (1 << (60 - 32))) && /* AVX? */
+              ((OPENSSL_ia32cap_P[1] & (1 << (43 - 32)))   /* XOP? */
+               | (OPENSSL_ia32cap_P[0] & (1 << 30))))) &&  /* "Intel CPU"? */
             plen > (sha_off + iv) &&
             (blocks = (plen - (sha_off + iv)) / SHA256_CBLOCK)) {
             SHA256_Update(&key->md, in + iv, sha_off);
@@ -590,12 +592,17 @@ static int aesni_cbc_hmac_sha256_cipher(EVP_CIPHER_CTX *ctx,
             maxpad |= (255 - maxpad) >> (sizeof(maxpad) * 8 - 8);
             maxpad &= 255;
 
-            ret &= constant_time_ge(maxpad, pad);
+            mask = constant_time_ge(maxpad, pad);
+            ret &= mask;
+            /*
+             * If pad is invalid then we will fail the above test but we must
+             * continue anyway because we are in constant time code. However,
+             * we'll use the maxpad value instead of the supplied pad to make
+             * sure we perform well defined pointer arithmetic.
+             */
+            pad = constant_time_select(mask, pad, maxpad);
 
             inp_len = len - (SHA256_DIGEST_LENGTH + pad + 1);
-            mask = (0 - ((inp_len - len) >> (sizeof(inp_len) * 8 - 1)));
-            inp_len &= mask;
-            ret &= (int)mask;
 
             key->aux.tls_aad[plen - 2] = inp_len >> 8;
             key->aux.tls_aad[plen - 1] = inp_len;
@@ -825,15 +832,19 @@ static int aesni_cbc_hmac_sha256_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
     case EVP_CTRL_AEAD_TLS1_AAD:
         {
             unsigned char *p = ptr;
-            unsigned int len = p[arg - 2] << 8 | p[arg - 1];
+            unsigned int len;
 
             if (arg != EVP_AEAD_TLS1_AAD_LEN)
                 return -1;
 
+            len = p[arg - 2] << 8 | p[arg - 1];
+
             if (ctx->encrypt) {
                 key->payload_length = len;
                 if ((key->aux.tls_ver =
                      p[arg - 4] << 8 | p[arg - 3]) >= TLS1_1_VERSION) {
+                    if (len < AES_BLOCK_SIZE)
+                        return 0;
                     len -= AES_BLOCK_SIZE;
                     p[arg - 2] = len >> 8;
                     p[arg - 1] = len;
diff --git a/crypto/evp/e_camellia.c b/crypto/evp/e_camellia.c
index f273f9c9..996aed2a 100644
--- a/crypto/evp/e_camellia.c
+++ b/crypto/evp/e_camellia.c
@@ -1,6 +1,6 @@
 /* crypto/evp/e_camellia.c */
 /* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 2006-2018 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -356,6 +356,8 @@ static int camellia_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
         CRYPTO_cfb128_1_encrypt(in, out, MAXBITCHUNK * 8, &dat->ks,
                                 ctx->iv, &ctx->num, ctx->encrypt, dat->block);
         len -= MAXBITCHUNK;
+        out += MAXBITCHUNK;
+        in  += MAXBITCHUNK;
     }
     if (len)
         CRYPTO_cfb128_1_encrypt(in, out, len * 8, &dat->ks,
diff --git a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c
index 0e910d6d..ab8126e5 100644
--- a/crypto/evp/e_des3.c
+++ b/crypto/evp/e_des3.c
@@ -212,6 +212,8 @@ static int des_ede3_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     size_t n;
     unsigned char c[1], d[1];
 
+    if (!EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS))
+            inl *= 8;
     for (n = 0; n < inl; ++n) {
         c[0] = (in[n / 8] & (1 << (7 - n % 8))) ? 0x80 : 0;
         DES_ede3_cfb_encrypt(c, d, 1, 1,
diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h
index d258ef87..cf1de15e 100644
--- a/crypto/evp/evp.h
+++ b/crypto/evp/evp.h
@@ -1363,6 +1363,98 @@ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
                                              const char *type,
                                              const char *value));
 
+void EVP_PKEY_meth_get_init(EVP_PKEY_METHOD *pmeth,
+                            int (**pinit) (EVP_PKEY_CTX *ctx));
+
+void EVP_PKEY_meth_get_copy(EVP_PKEY_METHOD *pmeth,
+                            int (**pcopy) (EVP_PKEY_CTX *dst,
+                                           EVP_PKEY_CTX *src));
+
+void EVP_PKEY_meth_get_cleanup(EVP_PKEY_METHOD *pmeth,
+                               void (**pcleanup) (EVP_PKEY_CTX *ctx));
+
+void EVP_PKEY_meth_get_paramgen(EVP_PKEY_METHOD *pmeth,
+                                int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                   EVP_PKEY *pkey));
+
+void EVP_PKEY_meth_get_keygen(EVP_PKEY_METHOD *pmeth,
+                              int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                              int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                               EVP_PKEY *pkey));
+
+void EVP_PKEY_meth_get_sign(EVP_PKEY_METHOD *pmeth,
+                            int (**psign_init) (EVP_PKEY_CTX *ctx),
+                            int (**psign) (EVP_PKEY_CTX *ctx,
+                                           unsigned char *sig, size_t *siglen,
+                                           const unsigned char *tbs,
+                                           size_t tbslen));
+
+void EVP_PKEY_meth_get_verify(EVP_PKEY_METHOD *pmeth,
+                              int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                              int (**pverify) (EVP_PKEY_CTX *ctx,
+                                               const unsigned char *sig,
+                                               size_t siglen,
+                                               const unsigned char *tbs,
+                                               size_t tbslen));
+
+void EVP_PKEY_meth_get_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                      int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                    *ctx),
+                                      int (**pverify_recover) (EVP_PKEY_CTX
+                                                               *ctx,
+                                                               unsigned char
+                                                               *sig,
+                                                               size_t *siglen,
+                                                               const unsigned
+                                                               char *tbs,
+                                                               size_t tbslen));
+
+void EVP_PKEY_meth_get_signctx(EVP_PKEY_METHOD *pmeth,
+                               int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                      EVP_MD_CTX *mctx),
+                               int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                 unsigned char *sig,
+                                                 size_t *siglen,
+                                                 EVP_MD_CTX *mctx));
+
+void EVP_PKEY_meth_get_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                 int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                          EVP_MD_CTX *mctx),
+                                 int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                     const unsigned char *sig,
+                                                     int siglen,
+                                                     EVP_MD_CTX *mctx));
+
+void EVP_PKEY_meth_get_encrypt(EVP_PKEY_METHOD *pmeth,
+                               int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                               int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                   unsigned char *out,
+                                                   size_t *outlen,
+                                                   const unsigned char *in,
+                                                   size_t inlen));
+
+void EVP_PKEY_meth_get_decrypt(EVP_PKEY_METHOD *pmeth,
+                               int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                               int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                 unsigned char *out,
+                                                 size_t *outlen,
+                                                 const unsigned char *in,
+                                                 size_t inlen));
+
+void EVP_PKEY_meth_get_derive(EVP_PKEY_METHOD *pmeth,
+                              int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                              int (**pderive) (EVP_PKEY_CTX *ctx,
+                                               unsigned char *key,
+                                               size_t *keylen));
+
+void EVP_PKEY_meth_get_ctrl(EVP_PKEY_METHOD *pmeth,
+                            int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                           void *p2),
+                            int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                               const char *type,
+                                               const char *value));
+
 void EVP_add_alg_module(void);
 
 /* BEGIN ERROR CODES */
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index 0e40f09f..0c740d16 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -85,7 +85,7 @@ void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
 
 EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void)
 {
-    EVP_CIPHER_CTX *ctx = OPENSSL_malloc(sizeof *ctx);
+    EVP_CIPHER_CTX *ctx = OPENSSL_malloc(sizeof(*ctx));
     if (ctx)
         EVP_CIPHER_CTX_init(ctx);
     return ctx;
@@ -182,6 +182,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
         if (ctx->cipher->ctx_size) {
             ctx->cipher_data = OPENSSL_malloc(ctx->cipher->ctx_size);
             if (!ctx->cipher_data) {
+                ctx->cipher = NULL;
                 EVPerr(EVP_F_EVP_CIPHERINIT_EX, ERR_R_MALLOC_FAILURE);
                 return 0;
             }
@@ -193,6 +194,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
         ctx->flags &= EVP_CIPHER_CTX_FLAG_WRAP_ALLOW;
         if (ctx->cipher->flags & EVP_CIPH_CTRL_INIT) {
             if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) {
+                ctx->cipher = NULL;
                 EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR);
                 return 0;
             }
@@ -400,7 +402,7 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
     }
 
     b = ctx->cipher->block_size;
-    OPENSSL_assert(b <= sizeof ctx->buf);
+    OPENSSL_assert(b <= sizeof(ctx->buf));
     if (b == 1) {
         *outl = 0;
         return 1;
@@ -452,7 +454,7 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
         return EVP_EncryptUpdate(ctx, out, outl, in, inl);
 
     b = ctx->cipher->block_size;
-    OPENSSL_assert(b <= sizeof ctx->final);
+    OPENSSL_assert(b <= sizeof(ctx->final));
 
     if (ctx->final_used) {
         memcpy(out, ctx->final, b);
@@ -518,7 +520,7 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
             EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_WRONG_FINAL_BLOCK_LENGTH);
             return (0);
         }
-        OPENSSL_assert(b <= sizeof ctx->final);
+        OPENSSL_assert(b <= sizeof(ctx->final));
 
         /*
          * The following assumes that the ciphertext has been authenticated.
@@ -649,11 +651,12 @@ int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
 #endif
 
     EVP_CIPHER_CTX_cleanup(out);
-    memcpy(out, in, sizeof *out);
+    memcpy(out, in, sizeof(*out));
 
     if (in->cipher_data && in->cipher->ctx_size) {
         out->cipher_data = OPENSSL_malloc(in->cipher->ctx_size);
         if (!out->cipher_data) {
+            out->cipher = NULL;
             EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, ERR_R_MALLOC_FAILURE);
             return 0;
         }
@@ -661,6 +664,10 @@ int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
     }
 
     if (in->cipher->flags & EVP_CIPH_CUSTOM_COPY)
-        return in->cipher->ctrl((EVP_CIPHER_CTX *)in, EVP_CTRL_COPY, 0, out);
+        if (!in->cipher->ctrl((EVP_CIPHER_CTX *)in, EVP_CTRL_COPY, 0, out)) {
+            out->cipher = NULL;
+            EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, EVP_R_INITIALIZATION_ERROR);
+            return 0;
+        }
     return 1;
 }
diff --git a/crypto/evp/evp_key.c b/crypto/evp/evp_key.c
index 5be9e336..cdffe1c8 100644
--- a/crypto/evp/evp_key.c
+++ b/crypto/evp/evp_key.c
@@ -97,7 +97,7 @@ int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
 int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt,
                            int verify)
 {
-    int ret;
+    int ret = -1;
     char buff[BUFSIZ];
     UI *ui;
 
@@ -105,16 +105,18 @@ int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt,
         prompt = prompt_string;
     ui = UI_new();
     if (ui == NULL)
-        return -1;
-    UI_add_input_string(ui, prompt, 0, buf, min,
-                        (len >= BUFSIZ) ? BUFSIZ - 1 : len);
-    if (verify)
-        UI_add_verify_string(ui, prompt, 0,
-                             buff, min, (len >= BUFSIZ) ? BUFSIZ - 1 : len,
-                             buf);
+        return ret;
+    if (UI_add_input_string(ui, prompt, 0, buf, min,
+                            (len >= BUFSIZ) ? BUFSIZ - 1 : len) < 0
+        || (verify
+            && UI_add_verify_string(ui, prompt, 0, buff, min,
+                                    (len >= BUFSIZ) ? BUFSIZ - 1 : len,
+                                    buf) < 0))
+        goto end;
     ret = UI_process(ui);
-    UI_free(ui);
     OPENSSL_cleanse(buff, BUFSIZ);
+ end:
+    UI_free(ui);
     return ret;
 }
 
diff --git a/crypto/evp/evp_locl.h b/crypto/evp/evp_locl.h
index 2bb709a0..bee7f6d1 100644
--- a/crypto/evp/evp_locl.h
+++ b/crypto/evp/evp_locl.h
@@ -4,7 +4,7 @@
  * 2000.
  */
 /* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2018 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -116,7 +116,7 @@ static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
         if (inl<chunk) chunk=inl;\
         while(inl && inl>=chunk)\
             {\
-            cprefix##_cfb##cbits##_encrypt(in, out, (long)((cbits==1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ?inl*8:inl), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\
+            cprefix##_cfb##cbits##_encrypt(in, out, (long)((cbits==1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ?chunk*8:chunk), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\
             inl-=chunk;\
             in +=chunk;\
             out+=chunk;\
diff --git a/crypto/evp/evp_pbe.c b/crypto/evp/evp_pbe.c
index 7934c95f..5d2f04bf 100644
--- a/crypto/evp/evp_pbe.c
+++ b/crypto/evp/evp_pbe.c
@@ -161,9 +161,9 @@ int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
         char obj_tmp[80];
         EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_PBE_ALGORITHM);
         if (!pbe_obj)
-            BUF_strlcpy(obj_tmp, "NULL", sizeof obj_tmp);
+            BUF_strlcpy(obj_tmp, "NULL", sizeof(obj_tmp));
         else
-            i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj);
+            i2t_ASN1_OBJECT(obj_tmp, sizeof(obj_tmp), pbe_obj);
         ERR_add_error_data(2, "TYPE=", obj_tmp);
         return 0;
     }
diff --git a/crypto/evp/evp_test.c b/crypto/evp/evp_test.c
index 98796427..97a20830 100644
--- a/crypto/evp/evp_test.c
+++ b/crypto/evp/evp_test.c
@@ -506,7 +506,7 @@ int main(int argc, char **argv)
         int an = 0;
         int tn = 0;
 
-        if (!fgets((char *)line, sizeof line, f))
+        if (!fgets((char *)line, sizeof(line), f))
             break;
         if (line[0] == '#' || line[0] == '\n')
             continue;
diff --git a/crypto/evp/openbsd_hw.c b/crypto/evp/openbsd_hw.c
index 07decf26..24a358e5 100644
--- a/crypto/evp/openbsd_hw.c
+++ b/crypto/evp/openbsd_hw.c
@@ -111,7 +111,7 @@ static int dev_crypto_init(session_op *ses)
         close(cryptodev_fd);
     }
     assert(ses);
-    memset(ses, '\0', sizeof *ses);
+    memset(ses, '\0', sizeof(*ses));
 
     return 1;
 }
@@ -164,7 +164,7 @@ static int dev_crypto_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     assert(CDATA(ctx));
     assert(!dev_failed);
 
-    memset(&cryp, '\0', sizeof cryp);
+    memset(&cryp, '\0', sizeof(cryp));
     cryp.ses = CDATA(ctx)->ses;
     cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT;
     cryp.flags = 0;
@@ -329,7 +329,7 @@ static int do_digest(int ses, unsigned char *md, const void *data, int len)
         return 1;
     }
 
-    memset(&cryp, '\0', sizeof cryp);
+    memset(&cryp, '\0', sizeof(cryp));
     cryp.ses = ses;
     cryp.op = COP_ENCRYPT;      /* required to do the MAC rather than check
                                  * it */
diff --git a/crypto/evp/p5_crpt2.c b/crypto/evp/p5_crpt2.c
index f2ae1e57..46fefa9a 100644
--- a/crypto/evp/p5_crpt2.c
+++ b/crypto/evp/p5_crpt2.c
@@ -262,7 +262,7 @@ int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass,
         goto err;
     }
     keylen = EVP_CIPHER_CTX_key_length(ctx);
-    OPENSSL_assert(keylen <= sizeof key);
+    OPENSSL_assert(keylen <= sizeof(key));
 
     /* Decode parameter */
 
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index d0668629..e50826b5 100644
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -188,6 +188,7 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id)
 
     if (pmeth->init) {
         if (pmeth->init(ret) <= 0) {
+            ret->pmeth = NULL;
             EVP_PKEY_CTX_free(ret);
             return NULL;
         }
@@ -315,6 +316,7 @@ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx)
     if (pctx->pmeth->copy(rctx, pctx) > 0)
         return rctx;
 
+    rctx->pmeth = NULL;
     EVP_PKEY_CTX_free(rctx);
     return NULL;
 
@@ -587,3 +589,170 @@ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
     pmeth->ctrl = ctrl;
     pmeth->ctrl_str = ctrl_str;
 }
+
+void EVP_PKEY_meth_get_init(EVP_PKEY_METHOD *pmeth,
+                            int (**pinit) (EVP_PKEY_CTX *ctx))
+{
+    *pinit = pmeth->init;
+}
+
+void EVP_PKEY_meth_get_copy(EVP_PKEY_METHOD *pmeth,
+                            int (**pcopy) (EVP_PKEY_CTX *dst,
+                                           EVP_PKEY_CTX *src))
+{
+    *pcopy = pmeth->copy;
+}
+
+void EVP_PKEY_meth_get_cleanup(EVP_PKEY_METHOD *pmeth,
+                               void (**pcleanup) (EVP_PKEY_CTX *ctx))
+{
+    *pcleanup = pmeth->cleanup;
+}
+
+void EVP_PKEY_meth_get_paramgen(EVP_PKEY_METHOD *pmeth,
+                                int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                   EVP_PKEY *pkey))
+{
+    if (pparamgen_init)
+        *pparamgen_init = pmeth->paramgen_init;
+    if (pparamgen)
+        *pparamgen = pmeth->paramgen;
+}
+
+void EVP_PKEY_meth_get_keygen(EVP_PKEY_METHOD *pmeth,
+                              int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                              int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                               EVP_PKEY *pkey))
+{
+    if (pkeygen_init)
+        *pkeygen_init = pmeth->keygen_init;
+    if (pkeygen)
+        *pkeygen = pmeth->keygen;
+}
+
+void EVP_PKEY_meth_get_sign(EVP_PKEY_METHOD *pmeth,
+                            int (**psign_init) (EVP_PKEY_CTX *ctx),
+                            int (**psign) (EVP_PKEY_CTX *ctx,
+                                           unsigned char *sig, size_t *siglen,
+                                           const unsigned char *tbs,
+                                           size_t tbslen))
+{
+    if (psign_init)
+        *psign_init = pmeth->sign_init;
+    if (psign)
+        *psign = pmeth->sign;
+}
+
+void EVP_PKEY_meth_get_verify(EVP_PKEY_METHOD *pmeth,
+                              int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                              int (**pverify) (EVP_PKEY_CTX *ctx,
+                                               const unsigned char *sig,
+                                               size_t siglen,
+                                               const unsigned char *tbs,
+                                               size_t tbslen))
+{
+    if (pverify_init)
+        *pverify_init = pmeth->verify_init;
+    if (pverify)
+        *pverify = pmeth->verify;
+}
+
+void EVP_PKEY_meth_get_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                      int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                    *ctx),
+                                      int (**pverify_recover) (EVP_PKEY_CTX
+                                                               *ctx,
+                                                               unsigned char
+                                                               *sig,
+                                                               size_t *siglen,
+                                                               const unsigned
+                                                               char *tbs,
+                                                               size_t tbslen))
+{
+    if (pverify_recover_init)
+        *pverify_recover_init = pmeth->verify_recover_init;
+    if (pverify_recover)
+        *pverify_recover = pmeth->verify_recover;
+}
+
+void EVP_PKEY_meth_get_signctx(EVP_PKEY_METHOD *pmeth,
+                               int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                      EVP_MD_CTX *mctx),
+                               int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                 unsigned char *sig,
+                                                 size_t *siglen,
+                                                 EVP_MD_CTX *mctx))
+{
+    if (psignctx_init)
+        *psignctx_init = pmeth->signctx_init;
+    if (psignctx)
+        *psignctx = pmeth->signctx;
+}
+
+void EVP_PKEY_meth_get_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                 int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                          EVP_MD_CTX *mctx),
+                                 int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                     const unsigned char *sig,
+                                                     int siglen,
+                                                     EVP_MD_CTX *mctx))
+{
+    if (pverifyctx_init)
+        *pverifyctx_init = pmeth->verifyctx_init;
+    if (pverifyctx)
+        *pverifyctx = pmeth->verifyctx;
+}
+
+void EVP_PKEY_meth_get_encrypt(EVP_PKEY_METHOD *pmeth,
+                               int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                               int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                   unsigned char *out,
+                                                   size_t *outlen,
+                                                   const unsigned char *in,
+                                                   size_t inlen))
+{
+    if (pencrypt_init)
+        *pencrypt_init = pmeth->encrypt_init;
+    if (pencryptfn)
+        *pencryptfn = pmeth->encrypt;
+}
+
+void EVP_PKEY_meth_get_decrypt(EVP_PKEY_METHOD *pmeth,
+                               int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                               int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                 unsigned char *out,
+                                                 size_t *outlen,
+                                                 const unsigned char *in,
+                                                 size_t inlen))
+{
+    if (pdecrypt_init)
+        *pdecrypt_init = pmeth->decrypt_init;
+    if (pdecrypt)
+        *pdecrypt = pmeth->decrypt;
+}
+
+void EVP_PKEY_meth_get_derive(EVP_PKEY_METHOD *pmeth,
+                              int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                              int (**pderive) (EVP_PKEY_CTX *ctx,
+                                               unsigned char *key,
+                                               size_t *keylen))
+{
+    if (pderive_init)
+        *pderive_init = pmeth->derive_init;
+    if (pderive)
+        *pderive = pmeth->derive;
+}
+
+void EVP_PKEY_meth_get_ctrl(EVP_PKEY_METHOD *pmeth,
+                            int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                           void *p2),
+                            int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                               const char *type,
+                                               const char *value))
+{
+    if (pctrl)
+        *pctrl = pmeth->ctrl;
+    if (pctrl_str)
+        *pctrl_str = pmeth->ctrl_str;
+}
diff --git a/crypto/ex_data.c b/crypto/ex_data.c
index f96a5178..723b21b3 100644
--- a/crypto/ex_data.c
+++ b/crypto/ex_data.c
@@ -331,7 +331,11 @@ static EX_CLASS_ITEM *def_get_class(int class_index)
                  * from the insert will be NULL
                  */
                 (void)lh_EX_CLASS_ITEM_insert(ex_data, gen);
-                p = gen;
+                p = lh_EX_CLASS_ITEM_retrieve(ex_data, &d);
+                if (p != gen) {
+                    sk_CRYPTO_EX_DATA_FUNCS_free(gen->meth);
+                    OPENSSL_free(gen);
+                }
             }
         }
     }
@@ -455,7 +459,7 @@ static int int_dup_ex_data(int class_index, CRYPTO_EX_DATA *to,
                            CRYPTO_EX_DATA *from)
 {
     int mx, j, i;
-    char *ptr;
+    void *ptr;
     CRYPTO_EX_DATA_FUNCS **storage = NULL;
     EX_CLASS_ITEM *item;
     if (!from->sk)
@@ -469,6 +473,15 @@ static int int_dup_ex_data(int class_index, CRYPTO_EX_DATA *to,
     if (j < mx)
         mx = j;
     if (mx > 0) {
+        /*
+         * Make sure the ex_data stack is at least |mx| elements long to avoid
+         * issues in the for loop that follows; so go get the |mx|'th element
+         * (if it does not exist CRYPTO_get_ex_data() returns NULL), and assign
+         * to itself. This is normally a no-op; but ensures the stack is the
+         * proper size
+         */
+        if (!CRYPTO_set_ex_data(to, mx - 1, CRYPTO_get_ex_data(to, mx - 1)))
+            goto skip;
         storage = OPENSSL_malloc(mx * sizeof(CRYPTO_EX_DATA_FUNCS *));
         if (!storage)
             goto skip;
@@ -499,11 +512,12 @@ static void int_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
     int mx, i;
     EX_CLASS_ITEM *item;
     void *ptr;
+    CRYPTO_EX_DATA_FUNCS *f;
     CRYPTO_EX_DATA_FUNCS **storage = NULL;
     if (ex_data == NULL)
-        return;
+        goto err;
     if ((item = def_get_class(class_index)) == NULL)
-        return;
+        goto err;
     CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA);
     mx = sk_CRYPTO_EX_DATA_FUNCS_num(item->meth);
     if (mx > 0) {
@@ -515,23 +529,23 @@ static void int_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
     }
  skip:
     CRYPTO_r_unlock(CRYPTO_LOCK_EX_DATA);
-    if ((mx > 0) && !storage) {
-        CRYPTOerr(CRYPTO_F_INT_FREE_EX_DATA, ERR_R_MALLOC_FAILURE);
-        return;
-    }
     for (i = 0; i < mx; i++) {
-        if (storage[i] && storage[i]->free_func) {
+        if (storage != NULL)
+            f = storage[i];
+        else {
+            CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA);
+            f = sk_CRYPTO_EX_DATA_FUNCS_value(item->meth, i);
+            CRYPTO_r_unlock(CRYPTO_LOCK_EX_DATA);
+        }
+        if (f != NULL && f->free_func != NULL) {
             ptr = CRYPTO_get_ex_data(ad, i);
-            storage[i]->free_func(obj, ptr, ad, i,
-                                  storage[i]->argl, storage[i]->argp);
+            f->free_func(obj, ptr, ad, i, f->argl, f->argp);
         }
     }
-    if (storage)
-        OPENSSL_free(storage);
-    if (ad->sk) {
-        sk_void_free(ad->sk);
-        ad->sk = NULL;
-    }
+    OPENSSL_free(storage);
+ err:
+    sk_void_free(ad->sk);
+    ad->sk = NULL;
 }
 
 /********************************************************************/
diff --git a/crypto/hmac/hm_pmeth.c b/crypto/hmac/hm_pmeth.c
index 0ffff79c..0a59a01c 100644
--- a/crypto/hmac/hm_pmeth.c
+++ b/crypto/hmac/hm_pmeth.c
@@ -99,15 +99,18 @@ static int pkey_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
     sctx = src->data;
     dctx = dst->data;
     dctx->md = sctx->md;
-    HMAC_CTX_init(&dctx->ctx);
     if (!HMAC_CTX_copy(&dctx->ctx, &sctx->ctx))
-        return 0;
-    if (sctx->ktmp.data) {
+        goto err;
+    if (sctx->ktmp.data != NULL) {
         if (!ASN1_OCTET_STRING_set(&dctx->ktmp,
                                    sctx->ktmp.data, sctx->ktmp.length))
-            return 0;
+            goto err;
     }
     return 1;
+ err:
+    HMAC_CTX_cleanup(&dctx->ctx);
+    OPENSSL_free(dctx);
+    return 0;
 }
 
 static void pkey_hmac_cleanup(EVP_PKEY_CTX *ctx)
diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
index 213504e8..023ec456 100644
--- a/crypto/hmac/hmac.c
+++ b/crypto/hmac/hmac.c
@@ -234,7 +234,7 @@ void HMAC_CTX_cleanup(HMAC_CTX *ctx)
     EVP_MD_CTX_cleanup(&ctx->i_ctx);
     EVP_MD_CTX_cleanup(&ctx->o_ctx);
     EVP_MD_CTX_cleanup(&ctx->md_ctx);
-    OPENSSL_cleanse(ctx, sizeof *ctx);
+    OPENSSL_cleanse(ctx, sizeof(*ctx));
 }
 
 unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
diff --git a/crypto/jpake/jpake.c b/crypto/jpake/jpake.c
index 2ba75f01..daf27228 100644
--- a/crypto/jpake/jpake.c
+++ b/crypto/jpake/jpake.c
@@ -108,14 +108,14 @@ static void JPAKE_CTX_release(JPAKE_CTX *ctx)
     OPENSSL_free(ctx->p.peer_name);
     OPENSSL_free(ctx->p.name);
 
-    memset(ctx, '\0', sizeof *ctx);
+    memset(ctx, '\0', sizeof(*ctx));
 }
 
 JPAKE_CTX *JPAKE_CTX_new(const char *name, const char *peer_name,
                          const BIGNUM *p, const BIGNUM *g, const BIGNUM *q,
                          const BIGNUM *secret)
 {
-    JPAKE_CTX *ctx = OPENSSL_malloc(sizeof *ctx);
+    JPAKE_CTX *ctx = OPENSSL_malloc(sizeof(*ctx));
     if (ctx == NULL)
         return NULL;
 
@@ -460,7 +460,7 @@ void JPAKE_STEP3A_init(JPAKE_STEP3A *s3a)
 int JPAKE_STEP3A_generate(JPAKE_STEP3A *send, JPAKE_CTX *ctx)
 {
     quickhashbn(send->hhk, ctx->key);
-    SHA1(send->hhk, sizeof send->hhk, send->hhk);
+    SHA1(send->hhk, sizeof(send->hhk), send->hhk);
 
     return 1;
 }
@@ -470,8 +470,8 @@ int JPAKE_STEP3A_process(JPAKE_CTX *ctx, const JPAKE_STEP3A *received)
     unsigned char hhk[SHA_DIGEST_LENGTH];
 
     quickhashbn(hhk, ctx->key);
-    SHA1(hhk, sizeof hhk, hhk);
-    if (memcmp(hhk, received->hhk, sizeof hhk)) {
+    SHA1(hhk, sizeof(hhk), hhk);
+    if (memcmp(hhk, received->hhk, sizeof(hhk))) {
         JPAKEerr(JPAKE_F_JPAKE_STEP3A_PROCESS,
                  JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH);
         return 0;
@@ -499,7 +499,7 @@ int JPAKE_STEP3B_process(JPAKE_CTX *ctx, const JPAKE_STEP3B *received)
     unsigned char hk[SHA_DIGEST_LENGTH];
 
     quickhashbn(hk, ctx->key);
-    if (memcmp(hk, received->hk, sizeof hk)) {
+    if (memcmp(hk, received->hk, sizeof(hk))) {
         JPAKEerr(JPAKE_F_JPAKE_STEP3B_PROCESS, JPAKE_R_HASH_OF_KEY_MISMATCH);
         return 0;
     }
diff --git a/crypto/lhash/lhash.c b/crypto/lhash/lhash.c
index f20353ae..51bb258e 100644
--- a/crypto/lhash/lhash.c
+++ b/crypto/lhash/lhash.c
@@ -101,6 +101,24 @@
 #include <openssl/crypto.h>
 #include <openssl/lhash.h>
 
+/*
+ * A hashing implementation that appears to be based on the linear hashing
+ * alogrithm:
+ * https://en.wikipedia.org/wiki/Linear_hashing
+ *
+ * Litwin, Witold (1980), "Linear hashing: A new tool for file and table
+ * addressing", Proc. 6th Conference on Very Large Databases: 212-223
+ * http://hackthology.com/pdfs/Litwin-1980-Linear_Hashing.pdf
+ *
+ * From the wikipedia article "Linear hashing is used in the BDB Berkeley
+ * database system, which in turn is used by many software systems such as
+ * OpenLDAP, using a C implementation derived from the CACM article and first
+ * published on the Usenet in 1988 by Esmond Pitt."
+ *
+ * The CACM paper is available here:
+ * https://pdfs.semanticscholar.org/ff4d/1c5deca6269cc316bfd952172284dbf610ee.pdf
+ */
+
 const char lh_version[] = "lhash" OPENSSL_VERSION_PTEXT;
 
 #undef MIN_NODES
@@ -108,7 +126,7 @@ const char lh_version[] = "lhash" OPENSSL_VERSION_PTEXT;
 #define UP_LOAD         (2*LH_LOAD_MULT) /* load times 256 (default 2) */
 #define DOWN_LOAD       (LH_LOAD_MULT) /* load times 256 (default 1) */
 
-static void expand(_LHASH *lh);
+static int expand(_LHASH *lh);
 static void contract(_LHASH *lh);
 static LHASH_NODE **getrn(_LHASH *lh, const void *data, unsigned long *rhash);
 
@@ -182,8 +200,9 @@ void *lh_insert(_LHASH *lh, void *data)
     void *ret;
 
     lh->error = 0;
-    if (lh->up_load <= (lh->num_items * LH_LOAD_MULT / lh->num_nodes))
-        expand(lh);
+    if (lh->up_load <= (lh->num_items * LH_LOAD_MULT / lh->num_nodes)
+            && !expand(lh))
+        return NULL;
 
     rn = getrn(lh, data, &hash);
 
@@ -300,19 +319,37 @@ void lh_doall_arg(_LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg)
     doall_util_fn(lh, 1, (LHASH_DOALL_FN_TYPE)0, func, arg);
 }
 
-static void expand(_LHASH *lh)
+static int expand(_LHASH *lh)
 {
     LHASH_NODE **n, **n1, **n2, *np;
-    unsigned int p, i, j;
-    unsigned long hash, nni;
+    unsigned int p, pmax, nni, j;
+    unsigned long hash;
+
+    nni = lh->num_alloc_nodes;
+    p = lh->p;
+    pmax = lh->pmax;
+    if (p + 1 >= pmax) {
+        j = nni * 2;
+        n = OPENSSL_realloc(lh->b, (int)(sizeof(LHASH_NODE *) * j));
+        if (n == NULL) {
+            lh->error++;
+            return 0;
+        }
+        lh->b = n;
+        memset(n + nni, 0, sizeof(*n) * (j - nni));
+        lh->pmax = nni;
+        lh->num_alloc_nodes = j;
+        lh->num_expand_reallocs++;
+        lh->p = 0;
+    } else {
+        lh->p++;
+    }
 
     lh->num_nodes++;
     lh->num_expands++;
-    p = (int)lh->p++;
     n1 = &(lh->b[p]);
-    n2 = &(lh->b[p + (int)lh->pmax]);
-    *n2 = NULL;                 /* 27/07/92 - eay - undefined pointer bug */
-    nni = lh->num_alloc_nodes;
+    n2 = &(lh->b[p + pmax]);
+    *n2 = NULL;
 
     for (np = *n1; np != NULL;) {
 #ifndef OPENSSL_NO_HASH_COMP
@@ -330,25 +367,7 @@ static void expand(_LHASH *lh)
         np = *n1;
     }
 
-    if ((lh->p) >= lh->pmax) {
-        j = (int)lh->num_alloc_nodes * 2;
-        n = (LHASH_NODE **)OPENSSL_realloc(lh->b,
-                                           (int)(sizeof(LHASH_NODE *) * j));
-        if (n == NULL) {
-            lh->error++;
-            lh->num_nodes--;
-            lh->p = 0;
-            return;
-        }
-        /* else */
-        for (i = (int)lh->num_alloc_nodes; i < j; i++) /* 26/02/92 eay */
-            n[i] = NULL;        /* 02/03/92 eay */
-        lh->pmax = lh->num_alloc_nodes;
-        lh->num_alloc_nodes = j;
-        lh->num_expand_reallocs++;
-        lh->p = 0;
-        lh->b = n;
-    }
+    return 1;
 }
 
 static void contract(_LHASH *lh)
diff --git a/crypto/md2/md2_dgst.c b/crypto/md2/md2_dgst.c
index 7f5d9ba6..44193e28 100644
--- a/crypto/md2/md2_dgst.c
+++ b/crypto/md2/md2_dgst.c
@@ -122,9 +122,9 @@ const char *MD2_options(void)
 fips_md_init(MD2)
 {
     c->num = 0;
-    memset(c->state, 0, sizeof c->state);
-    memset(c->cksm, 0, sizeof c->cksm);
-    memset(c->data, 0, sizeof c->data);
+    memset(c->state, 0, sizeof(c->state));
+    memset(c->cksm, 0, sizeof(c->cksm));
+    memset(c->data, 0, sizeof(c->data));
     return 1;
 }
 
diff --git a/crypto/md4/md4.c b/crypto/md4/md4.c
index c9fab666..a79997f8 100644
--- a/crypto/md4/md4.c
+++ b/crypto/md4/md4.c
@@ -102,7 +102,7 @@ void do_fp(FILE *f)
     fd = fileno(f);
     MD4_Init(&c);
     for (;;) {
-        i = read(fd, buf, sizeof buf);
+        i = read(fd, buf, sizeof(buf));
         if (i <= 0)
             break;
         MD4_Update(&c, buf, (unsigned long)i);
diff --git a/crypto/md5/Makefile b/crypto/md5/Makefile
index f5240da7..9942cb4e 100644
--- a/crypto/md5/Makefile
+++ b/crypto/md5/Makefile
@@ -90,7 +90,7 @@ dclean:
 	mv -f Makefile.new $(MAKEFILE)
 
 clean:
-	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+	rm -f *.s *.S *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
 
diff --git a/crypto/mem.c b/crypto/mem.c
index 06c3960c..dd4c9ce9 100644
--- a/crypto/mem.c
+++ b/crypto/mem.c
@@ -150,12 +150,12 @@ static long (*get_debug_options_func) (void) = NULL;
 int CRYPTO_set_mem_functions(void *(*m) (size_t), void *(*r) (void *, size_t),
                              void (*f) (void *))
 {
-    /* Dummy call just to ensure OPENSSL_init() gets linked in */
-    OPENSSL_init();
     if (!allow_customize)
         return 0;
     if ((m == 0) || (r == 0) || (f == 0))
         return 0;
+    /* Dummy call just to ensure OPENSSL_init() gets linked in */
+    OPENSSL_init();
     malloc_func = m;
     malloc_ex_func = default_malloc_ex;
     realloc_func = r;
diff --git a/crypto/mem_dbg.c b/crypto/mem_dbg.c
index 8525ded7..9e1be508 100644
--- a/crypto/mem_dbg.c
+++ b/crypto/mem_dbg.c
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2018 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -633,16 +633,22 @@ static void print_leak_doall_arg(const MEM *m, MEM_LEAK *l)
     APP_INFO *amip;
     int ami_cnt;
     struct tm *lcl = NULL;
+    struct tm result = {0};
     CRYPTO_THREADID ti;
 
-#define BUF_REMAIN (sizeof buf - (size_t)(bufp - buf))
+#define BUF_REMAIN (sizeof(buf) - (size_t)(bufp - buf))
 
     if (m->addr == (char *)l->bio)
         return;
 
     if (options & V_CRYPTO_MDEBUG_TIME) {
+# if defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32) && \
+            !defined(OPENSSL_SYS_OS2) && !defined(OPENSSL_SYS_SUNOS) && \
+            (!defined(OPENSSL_SYS_VMS) || defined(localtime_r))
+        lcl = localtime_r(&m->time, &result);
+# else
         lcl = localtime(&m->time);
-
+# endif
         BIO_snprintf(bufp, BUF_REMAIN, "[%02d:%02d:%02d] ",
                      lcl->tm_hour, lcl->tm_min, lcl->tm_sec);
         bufp += strlen(bufp);
@@ -679,7 +685,7 @@ static void print_leak_doall_arg(const MEM *m, MEM_LEAK *l)
 
         ami_cnt++;
         memset(buf, '>', ami_cnt);
-        BIO_snprintf(buf + ami_cnt, sizeof buf - ami_cnt,
+        BIO_snprintf(buf + ami_cnt, sizeof(buf) - ami_cnt,
                      " thread=%lu, file=%s, line=%d, info=\"",
                      CRYPTO_THREADID_hash(&amip->threadid), amip->file,
                      amip->line);
@@ -689,10 +695,10 @@ static void print_leak_doall_arg(const MEM *m, MEM_LEAK *l)
             memcpy(buf + buf_len, amip->info, 128 - buf_len - 3);
             buf_len = 128 - 3;
         } else {
-            BUF_strlcpy(buf + buf_len, amip->info, sizeof buf - buf_len);
+            BUF_strlcpy(buf + buf_len, amip->info, sizeof(buf) - buf_len);
             buf_len = strlen(buf);
         }
-        BIO_snprintf(buf + buf_len, sizeof buf - buf_len, "\"\n");
+        BIO_snprintf(buf + buf_len, sizeof(buf) - buf_len, "\"\n");
 
         BIO_puts(l->bio, buf);
 
diff --git a/crypto/modes/Makefile b/crypto/modes/Makefile
index a7863d98..2528f4a1 100644
--- a/crypto/modes/Makefile
+++ b/crypto/modes/Makefile
@@ -106,7 +106,7 @@ dclean:
 	mv -f Makefile.new $(MAKEFILE)
 
 clean:
-	rm -f *.s *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+	rm -f *.s *.S *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
 
diff --git a/crypto/o_dir.c b/crypto/o_dir.c
index f9dbed87..fb3b2fd8 100644
--- a/crypto/o_dir.c
+++ b/crypto/o_dir.c
@@ -73,7 +73,8 @@
 #include "o_dir.h"
 
 #define LPDIR_H
-#if defined OPENSSL_SYS_UNIX || defined DJGPP
+#if defined OPENSSL_SYS_UNIX || defined DJGPP \
+    || (defined __VMS_VER && __VMS_VER >= 70000000)
 # include "LPdir_unix.c"
 #elif defined OPENSSL_SYS_VMS
 # include "LPdir_vms.c"
diff --git a/crypto/o_init.c b/crypto/o_init.c
index 185841ea..18bb8589 100644
--- a/crypto/o_init.c
+++ b/crypto/o_init.c
@@ -58,6 +58,11 @@
 #ifdef OPENSSL_FIPS
 # include <openssl/fips.h>
 # include <openssl/rand.h>
+
+# ifndef OPENSSL_NO_DEPRECATED
+/* the prototype is missing in <openssl/fips.h> */
+void FIPS_crypto_set_id_callback(unsigned long (*func)(void));
+# endif
 #endif
 
 /*
diff --git a/crypto/o_time.c b/crypto/o_time.c
index b99e5990..61927439 100644
--- a/crypto/o_time.c
+++ b/crypto/o_time.c
@@ -8,7 +8,7 @@
  * 2008.
  */
 /* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 2001-2018 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -105,12 +105,9 @@ struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result)
 {
     struct tm *ts = NULL;
 
-#if defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_OS2) && (!defined(OPENSSL_SYS_VMS) || defined(gmtime_r)) && !defined(OPENSSL_SYS_MACOSX) && !defined(OPENSSL_SYS_SUNOS)
-    /*
-     * should return &data, but doesn't on some systems, so we don't even
-     * look at the return value
-     */
-    gmtime_r(timer, result);
+#if defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_OS2) && (!defined(OPENSSL_SYS_VMS) || defined(gmtime_r)) && !defined(OPENSSL_SYS_SUNOS)
+    if (gmtime_r(timer, result) == NULL)
+        return NULL;
     ts = result;
 #elif !defined(OPENSSL_SYS_VMS) || defined(VMS_GMTIME_OK)
     ts = gmtime(timer);
@@ -144,14 +141,14 @@ struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result)
         pitem->ileb_64$w_mbo = 1;
         pitem->ileb_64$w_code = LNM$_STRING;
         pitem->ileb_64$l_mbmo = -1;
-        pitem->ileb_64$q_length = sizeof (logvalue);
+        pitem->ileb_64$q_length = sizeof(logvalue);
         pitem->ileb_64$pq_bufaddr = logvalue;
         pitem->ileb_64$pq_retlen_addr = (unsigned __int64 *) &reslen;
         pitem++;
         /* Last item of the item list is null terminated */
         pitem->ileb_64$q_length = pitem->ileb_64$w_code = 0;
 # else
-        pitem->ile3$w_length = sizeof (logvalue);
+        pitem->ile3$w_length = sizeof(logvalue);
         pitem->ile3$w_code = LNM$_STRING;
         pitem->ile3$ps_bufaddr = logvalue;
         pitem->ile3$ps_retlen_addr = (unsigned short int *) &reslen;
diff --git a/crypto/objects/o_names.c b/crypto/objects/o_names.c
index f106905f..b8bdc5c5 100644
--- a/crypto/objects/o_names.c
+++ b/crypto/objects/o_names.c
@@ -312,13 +312,13 @@ void OBJ_NAME_do_all_sorted(int type,
 
     d.type = type;
     d.names =
-        OPENSSL_malloc(lh_OBJ_NAME_num_items(names_lh) * sizeof *d.names);
+        OPENSSL_malloc(lh_OBJ_NAME_num_items(names_lh) * sizeof(*d.names));
     /* Really should return an error if !d.names...but its a void function! */
     if (d.names) {
         d.n = 0;
         OBJ_NAME_do_all(type, do_all_sorted_fn, &d);
 
-        qsort((void *)d.names, d.n, sizeof *d.names, do_all_sorted_cmp);
+        qsort((void *)d.names, d.n, sizeof(*d.names), do_all_sorted_cmp);
 
         for (n = 0; n < d.n; ++n)
             fn(d.names[n], arg);
diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c
index aca382a6..315afa9d 100644
--- a/crypto/objects/obj_dat.c
+++ b/crypto/objects/obj_dat.c
@@ -305,9 +305,8 @@ int OBJ_add_object(const ASN1_OBJECT *obj)
     for (i = ADDED_DATA; i <= ADDED_NID; i++)
         if (ao[i] != NULL)
             OPENSSL_free(ao[i]);
-    if (o != NULL)
-        OPENSSL_free(o);
-    return (NID_undef);
+    ASN1_OBJECT_free(o);
+    return NID_undef;
 }
 
 ASN1_OBJECT *OBJ_nid2obj(int n)
@@ -591,7 +590,7 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
             n += i;
             OPENSSL_free(bndec);
         } else {
-            BIO_snprintf(tbuf, sizeof tbuf, ".%lu", l);
+            BIO_snprintf(tbuf, sizeof(tbuf), ".%lu", l);
             i = strlen(tbuf);
             if (buf && (buf_len > 0)) {
                 BUF_strlcpy(buf, tbuf, buf_len);
@@ -725,6 +724,10 @@ const void *OBJ_bsearch_ex_(const void *key, const void *base_, int num,
     return (p);
 }
 
+/*
+ * Parse a BIO sink to create some extra oid's objects.
+ * Line format:<OID:isdigit or '.']><isspace><SN><isspace><LN>
+ */
 int OBJ_create_objects(BIO *in)
 {
     MS_STATIC char buf[512];
@@ -746,9 +749,9 @@ int OBJ_create_objects(BIO *in)
             *(s++) = '\0';
             while (isspace((unsigned char)*s))
                 s++;
-            if (*s == '\0')
+            if (*s == '\0') {
                 s = NULL;
-            else {
+            } else {
                 l = s;
                 while ((*l != '\0') && !isspace((unsigned char)*l))
                     l++;
@@ -756,15 +759,18 @@ int OBJ_create_objects(BIO *in)
                     *(l++) = '\0';
                     while (isspace((unsigned char)*l))
                         l++;
-                    if (*l == '\0')
+                    if (*l == '\0') {
                         l = NULL;
-                } else
+                    }
+                } else {
                     l = NULL;
+                }
             }
-        } else
+        } else {
             s = NULL;
-        if ((o == NULL) || (*o == '\0'))
-            return (num);
+        }
+        if (*o == '\0')
+            return num;
         if (!OBJ_create(o, s, l))
             return (num);
         num++;
diff --git a/crypto/ocsp/ocsp_vfy.c b/crypto/ocsp/ocsp_vfy.c
index d4a257c3..7a7d0609 100644
--- a/crypto/ocsp/ocsp_vfy.c
+++ b/crypto/ocsp/ocsp_vfy.c
@@ -118,6 +118,8 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
                     goto end;
                 }
             }
+        } else if (certs != NULL) {
+            untrusted = certs;
         } else {
             untrusted = bs->certs;
         }
diff --git a/crypto/opensslv.h b/crypto/opensslv.h
index 645dd079..77f124e2 100644
--- a/crypto/opensslv.h
+++ b/crypto/opensslv.h
@@ -30,11 +30,11 @@ extern "C" {
  * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
  *  major minor fix final patch/beta)
  */
-# define OPENSSL_VERSION_NUMBER  0x100020bfL
+# define OPENSSL_VERSION_NUMBER  0x100020ffL
 # ifdef OPENSSL_FIPS
-#  define OPENSSL_VERSION_TEXT    "OpenSSL 1.0.2k-fips  26 Jan 2017"
+#  define OPENSSL_VERSION_TEXT    "OpenSSL 1.0.2o-fips  27 Mar 2018"
 # else
-#  define OPENSSL_VERSION_TEXT    "OpenSSL 1.0.2k  26 Jan 2017"
+#  define OPENSSL_VERSION_TEXT    "OpenSSL 1.0.2o  27 Mar 2018"
 # endif
 # define OPENSSL_VERSION_PTEXT   " part of " OPENSSL_VERSION_TEXT
 
diff --git a/crypto/pem/pem_info.c b/crypto/pem/pem_info.c
index 4d736a1d..0994020d 100644
--- a/crypto/pem/pem_info.c
+++ b/crypto/pem/pem_info.c
@@ -354,7 +354,7 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
 
             /* create the right magic header stuff */
             OPENSSL_assert(strlen(objstr) + 23 + 2 * enc->iv_len + 13 <=
-                           sizeof buf);
+                           sizeof(buf));
             buf[0] = '\0';
             PEM_proc_type(buf, PEM_TYPE_ENCRYPTED);
             PEM_dek_info(buf, objstr, enc->iv_len, (char *)iv);
diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c
index c82b3c0a..4d5f053e 100644
--- a/crypto/pem/pem_lib.c
+++ b/crypto/pem/pem_lib.c
@@ -406,7 +406,7 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
             OPENSSL_cleanse(buf, PEM_BUFSIZE);
 
         OPENSSL_assert(strlen(objstr) + 23 + 2 * enc->iv_len + 13 <=
-                       sizeof buf);
+                       sizeof(buf));
 
         buf[0] = '\0';
         PEM_proc_type(buf, PEM_TYPE_ENCRYPTED);
@@ -536,7 +536,8 @@ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
               ((c >= '0') && (c <= '9'))))
             break;
 #else
-        if (!(isupper(c) || (c == '-') || isdigit(c)))
+        if (!(isupper((unsigned char)c) || (c == '-')
+            || isdigit((unsigned char)c)))
             break;
 #endif
         header++;
diff --git a/crypto/pem/pem_pk8.c b/crypto/pem/pem_pk8.c
index 5747c736..daf210fd 100644
--- a/crypto/pem/pem_pk8.c
+++ b/crypto/pem/pem_pk8.c
@@ -178,6 +178,7 @@ EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
     }
     p8inf = PKCS8_decrypt(p8, psbuf, klen);
     X509_SIG_free(p8);
+    OPENSSL_cleanse(psbuf, klen);
     if (!p8inf)
         return NULL;
     ret = EVP_PKCS82PKEY(p8inf);
diff --git a/crypto/pem/pem_pkey.c b/crypto/pem/pem_pkey.c
index 04d6319a..e8b3a1b9 100644
--- a/crypto/pem/pem_pkey.c
+++ b/crypto/pem/pem_pkey.c
@@ -120,6 +120,7 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
         }
         p8inf = PKCS8_decrypt(p8, psbuf, klen);
         X509_SIG_free(p8);
+        OPENSSL_cleanse(psbuf, klen);
         if (!p8inf)
             goto p8err;
         ret = EVP_PKCS82PKEY(p8inf);
diff --git a/crypto/perlasm/x86_64-xlate.pl b/crypto/perlasm/x86_64-xlate.pl
index b7ae40b4..d19195ea 100644
--- a/crypto/perlasm/x86_64-xlate.pl
+++ b/crypto/perlasm/x86_64-xlate.pl
@@ -206,8 +206,9 @@ my %globals;
 	    }
 	    sprintf "\$%s",$self->{value};
 	} else {
-	    $self->{value} =~ s/0x([0-9a-f]+)/0$1h/ig if ($masm);
-	    sprintf "%s",$self->{value};
+	    my $value = $self->{value};
+	    $value =~ s/0x([0-9a-f]+)/0$1h/ig if ($masm);
+	    sprintf "%s",$value;
 	}
     }
 }
@@ -414,7 +415,7 @@ my %globals;
 	}
     }
 }
-{ package expr;		# pick up expressioins
+{ package expr;		# pick up expressions
     sub re {
 	my	$self = shift;	# single instance is enough...
 	local	*line = shift;
@@ -977,7 +978,7 @@ close STDOUT;
 # the area above user stack pointer in true asynchronous manner...
 #
 # All the above means that if assembler programmer adheres to Unix
-# register and stack layout, but disregards the "red zone" existense,
+# register and stack layout, but disregards the "red zone" existence,
 # it's possible to use following prologue and epilogue to "gear" from
 # Unix to Win64 ABI in leaf functions with not more than 6 arguments.
 #
diff --git a/crypto/pkcs12/p12_kiss.c b/crypto/pkcs12/p12_kiss.c
index 9aa3c90c..1841f78f 100644
--- a/crypto/pkcs12/p12_kiss.c
+++ b/crypto/pkcs12/p12_kiss.c
@@ -84,6 +84,12 @@ int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
 {
     STACK_OF(X509) *ocerts = NULL;
     X509 *x = NULL;
+
+    if (pkey)
+        *pkey = NULL;
+    if (cert)
+        *cert = NULL;
+
     /* Check for NULL PKCS12 structure */
 
     if (!p12) {
@@ -92,11 +98,6 @@ int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
         return 0;
     }
 
-    if (pkey)
-        *pkey = NULL;
-    if (cert)
-        *cert = NULL;
-
     /* Check the mac */
 
     /*
@@ -125,7 +126,7 @@ int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
 
     if (!ocerts) {
         PKCS12err(PKCS12_F_PKCS12_PARSE, ERR_R_MALLOC_FAILURE);
-        return 0;
+        goto err;
     }
 
     if (!parse_pk12(p12, pass, -1, pkey, ocerts)) {
@@ -163,10 +164,14 @@ int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
 
  err:
 
-    if (pkey && *pkey)
+    if (pkey) {
         EVP_PKEY_free(*pkey);
-    if (cert && *cert)
+        *pkey = NULL;
+    }
+    if (cert) {
         X509_free(*cert);
+        *cert = NULL;
+    }
     if (x)
         X509_free(x);
     if (ocerts)
diff --git a/crypto/pkcs12/p12_mutl.c b/crypto/pkcs12/p12_mutl.c
index cbf34da0..b1f7381a 100644
--- a/crypto/pkcs12/p12_mutl.c
+++ b/crypto/pkcs12/p12_mutl.c
@@ -159,7 +159,10 @@ int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen,
 int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, int saltlen,
                      const EVP_MD *md_type)
 {
-    if (!(p12->mac = PKCS12_MAC_DATA_new()))
+    PKCS12_MAC_DATA_free(p12->mac);
+    p12->mac = NULL;
+
+    if ((p12->mac = PKCS12_MAC_DATA_new()) == NULL)
         return PKCS12_ERROR;
     if (iter > 1) {
         if (!(p12->mac->iter = M_ASN1_INTEGER_new())) {
diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c
index 6cf8253b..6a463680 100644
--- a/crypto/pkcs7/pk7_doit.c
+++ b/crypto/pkcs7/pk7_doit.c
@@ -375,16 +375,18 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
     }
 
     if (bio == NULL) {
-        if (PKCS7_is_detached(p7))
+        if (PKCS7_is_detached(p7)) {
             bio = BIO_new(BIO_s_null());
-        else if (os && os->length > 0)
+        } else if (os && os->length > 0) {
             bio = BIO_new_mem_buf(os->data, os->length);
-        if (bio == NULL) {
+        } else {
             bio = BIO_new(BIO_s_mem());
             if (bio == NULL)
                 goto err;
             BIO_set_mem_eof_return(bio, 0);
         }
+        if (bio == NULL)
+            goto err;
     }
     if (out)
         BIO_push(out, bio);
diff --git a/crypto/ppccap.c b/crypto/ppccap.c
index 74af4732..60566b1a 100644
--- a/crypto/ppccap.c
+++ b/crypto/ppccap.c
@@ -7,6 +7,10 @@
 #if defined(__linux) || defined(_AIX)
 # include <sys/utsname.h>
 #endif
+#if defined(__APPLE__) && defined(__MACH__)
+# include <sys/types.h>
+# include <sys/sysctl.h>
+#endif
 #include <openssl/crypto.h>
 #include <openssl/bn.h>
 
@@ -123,6 +127,26 @@ void OPENSSL_cpuid_setup(void)
     }
 #endif
 
+#if defined(__APPLE__) && defined(__MACH__)
+    {
+        int val;
+        size_t len = sizeof(val);
+
+        if (sysctlbyname("hw.optional.64bitops", &val, &len, NULL, 0) == 0) {
+            if (val)
+                OPENSSL_ppccap_P |= PPC_FPU64;
+        }
+
+        len = sizeof(val);
+        if (sysctlbyname("hw.optional.altivec", &val, &len, NULL, 0) == 0) {
+            if (val)
+                OPENSSL_ppccap_P |= PPC_ALTIVEC;
+        }
+
+        return;
+    }
+#endif
+
     memset(&ill_act, 0, sizeof(ill_act));
     ill_act.sa_handler = ill_handler;
     ill_act.sa_mask = all_masked;
diff --git a/crypto/rand/md_rand.c b/crypto/rand/md_rand.c
index bd76e23e..a7af9f9d 100644
--- a/crypto/rand/md_rand.c
+++ b/crypto/rand/md_rand.c
@@ -238,7 +238,7 @@ static void ssleay_rand_add(const void *buf, int num, double add)
     md_c[0] = md_count[0];
     md_c[1] = md_count[1];
 
-    memcpy(local_md, md, sizeof md);
+    memcpy(local_md, md, sizeof(md));
 
     /* state_index <= state_num <= STATE_SIZE */
     state_index += num;
@@ -266,17 +266,21 @@ static void ssleay_rand_add(const void *buf, int num, double add)
         j = (num - i);
         j = (j > MD_DIGEST_LENGTH) ? MD_DIGEST_LENGTH : j;
 
-        MD_Init(&m);
-        MD_Update(&m, local_md, MD_DIGEST_LENGTH);
+        if (!MD_Init(&m) ||
+            !MD_Update(&m, local_md, MD_DIGEST_LENGTH))
+            goto err;
         k = (st_idx + j) - STATE_SIZE;
         if (k > 0) {
-            MD_Update(&m, &(state[st_idx]), j - k);
-            MD_Update(&m, &(state[0]), k);
+            if (!MD_Update(&m, &(state[st_idx]), j - k) ||
+                !MD_Update(&m, &(state[0]), k))
+                goto err;
         } else
-            MD_Update(&m, &(state[st_idx]), j);
+            if (!MD_Update(&m, &(state[st_idx]), j))
+                goto err;
 
         /* DO NOT REMOVE THE FOLLOWING CALL TO MD_Update()! */
-        MD_Update(&m, buf, j);
+        if (!MD_Update(&m, buf, j))
+            goto err;
         /*
          * We know that line may cause programs such as purify and valgrind
          * to complain about use of uninitialized data.  The problem is not,
@@ -285,8 +289,9 @@ static void ssleay_rand_add(const void *buf, int num, double add)
          * insecure keys.
          */
 
-        MD_Update(&m, (unsigned char *)&(md_c[0]), sizeof(md_c));
-        MD_Final(&m, local_md);
+        if (!MD_Update(&m, (unsigned char *)&(md_c[0]), sizeof(md_c)) ||
+            !MD_Final(&m, local_md))
+            goto err;
         md_c[1]++;
 
         buf = (const char *)buf + j;
@@ -305,7 +310,6 @@ static void ssleay_rand_add(const void *buf, int num, double add)
                 st_idx = 0;
         }
     }
-    EVP_MD_CTX_cleanup(&m);
 
     if (!do_not_lock)
         CRYPTO_w_lock(CRYPTO_LOCK_RAND);
@@ -326,6 +330,9 @@ static void ssleay_rand_add(const void *buf, int num, double add)
 #if !defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32)
     assert(md_c[1] == md_count[1]);
 #endif
+
+ err:
+    EVP_MD_CTX_cleanup(&m);
 }
 
 static void ssleay_rand_seed(const void *buf, int num)
@@ -447,7 +454,7 @@ int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock)
     st_num = state_num;
     md_c[0] = md_count[0];
     md_c[1] = md_count[1];
-    memcpy(local_md, md, sizeof md);
+    memcpy(local_md, md, sizeof(md));
 
     state_index += num_ceil;
     if (state_index > state_num)
@@ -469,15 +476,18 @@ int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock)
         /* num_ceil -= MD_DIGEST_LENGTH/2 */
         j = (num >= MD_DIGEST_LENGTH / 2) ? MD_DIGEST_LENGTH / 2 : num;
         num -= j;
-        MD_Init(&m);
+        if (!MD_Init(&m))
+           goto err;
 #ifndef GETPID_IS_MEANINGLESS
         if (curr_pid) {         /* just in the first iteration to save time */
-            MD_Update(&m, (unsigned char *)&curr_pid, sizeof curr_pid);
+            if (!MD_Update(&m, (unsigned char *)&curr_pid, sizeof(curr_pid)))
+                goto err;
             curr_pid = 0;
         }
 #endif
-        MD_Update(&m, local_md, MD_DIGEST_LENGTH);
-        MD_Update(&m, (unsigned char *)&(md_c[0]), sizeof(md_c));
+        if (!MD_Update(&m, local_md, MD_DIGEST_LENGTH) ||
+            !MD_Update(&m, (unsigned char *)&(md_c[0]), sizeof(md_c)))
+            goto err;
 
 #ifndef PURIFY                  /* purify complains */
         /*
@@ -487,16 +497,21 @@ int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock)
          * builds it is not used: the removal of such a small source of
          * entropy has negligible impact on security.
          */
-        MD_Update(&m, buf, j);
+        if (!MD_Update(&m, buf, j))
+            goto err;
 #endif
 
         k = (st_idx + MD_DIGEST_LENGTH / 2) - st_num;
         if (k > 0) {
-            MD_Update(&m, &(state[st_idx]), MD_DIGEST_LENGTH / 2 - k);
-            MD_Update(&m, &(state[0]), k);
-        } else
-            MD_Update(&m, &(state[st_idx]), MD_DIGEST_LENGTH / 2);
-        MD_Final(&m, local_md);
+            if (!MD_Update(&m, &(state[st_idx]), MD_DIGEST_LENGTH / 2 - k) ||
+                !MD_Update(&m, &(state[0]), k))
+                goto err;
+        } else {
+            if (!MD_Update(&m, &(state[st_idx]), MD_DIGEST_LENGTH / 2))
+                goto err;
+        }
+        if (!MD_Final(&m, local_md))
+            goto err;
 
         for (i = 0; i < MD_DIGEST_LENGTH / 2; i++) {
             /* may compete with other threads */
@@ -508,13 +523,18 @@ int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock)
         }
     }
 
-    MD_Init(&m);
-    MD_Update(&m, (unsigned char *)&(md_c[0]), sizeof(md_c));
-    MD_Update(&m, local_md, MD_DIGEST_LENGTH);
+    if (!MD_Init(&m) ||
+        !MD_Update(&m, (unsigned char *)&(md_c[0]), sizeof(md_c)) ||
+        !MD_Update(&m, local_md, MD_DIGEST_LENGTH))
+        goto err;
     if (lock)
         CRYPTO_w_lock(CRYPTO_LOCK_RAND);
-    MD_Update(&m, md, MD_DIGEST_LENGTH);
-    MD_Final(&m, md);
+    if (!MD_Update(&m, md, MD_DIGEST_LENGTH) ||
+        !MD_Final(&m, md)) {
+        if (lock)
+            CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+        goto err;
+    }
     if (lock)
         CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
 
@@ -529,6 +549,10 @@ int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock)
                            "http://www.openssl.org/support/faq.html");
         return (0);
     }
+
+ err:
+    EVP_MD_CTX_cleanup(&m);
+    return (0);
 }
 
 static int ssleay_rand_nopseudo_bytes(unsigned char *buf, int num)
diff --git a/crypto/rand/rand_egd.c b/crypto/rand/rand_egd.c
index 737aebfa..66fb14c8 100644
--- a/crypto/rand/rand_egd.c
+++ b/crypto/rand/rand_egd.c
@@ -148,7 +148,7 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
     addr.sun_family = AF_UNIX;
     if (strlen(path) >= sizeof(addr.sun_path))
         return (-1);
-    BUF_strlcpy(addr.sun_path, path, sizeof addr.sun_path);
+    BUF_strlcpy(addr.sun_path, path, sizeof(addr.sun_path));
     len = offsetof(struct sockaddr_un, sun_path) + strlen(path);
     fd = socket(AF_UNIX, SOCK_STREAM, 0);
     if (fd == -1)
diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c
index 6c5b65da..097e4099 100644
--- a/crypto/rand/rand_unix.c
+++ b/crypto/rand/rand_unix.c
@@ -181,15 +181,15 @@ int RAND_poll(void)
      */
 
     curr_gid = getgid();
-    RAND_add(&curr_gid, sizeof curr_gid, 1);
+    RAND_add(&curr_gid, sizeof(curr_gid), 1);
     curr_gid = 0;
 
     curr_pid = getpid();
-    RAND_add(&curr_pid, sizeof curr_pid, 1);
+    RAND_add(&curr_pid, sizeof(curr_pid), 1);
     curr_pid = 0;
 
     curr_uid = getuid();
-    RAND_add(&curr_uid, sizeof curr_uid, 1);
+    RAND_add(&curr_uid, sizeof(curr_uid), 1);
     curr_uid = 0;
 
     for (i = 0; i < (ENTROPY_NEEDED * 4); i++) {
@@ -217,7 +217,7 @@ int RAND_poll(void)
 
         /* take 8 bits */
         v = (unsigned char)(ts.tv_nsec % 256);
-        RAND_add(&v, sizeof v, 1);
+        RAND_add(&v, sizeof(v), 1);
         v = 0;
     }
     return 1;
@@ -402,7 +402,7 @@ int RAND_poll(void)
 
 #  if defined(DEVRANDOM) || defined(DEVRANDOM_EGD)
     if (n > 0) {
-        RAND_add(tmpbuf, sizeof tmpbuf, (double)n);
+        RAND_add(tmpbuf, sizeof(tmpbuf), (double)n);
         OPENSSL_cleanse(tmpbuf, n);
     }
 #  endif
diff --git a/crypto/rand/rand_win.c b/crypto/rand/rand_win.c
index 06670ae0..b4be3097 100644
--- a/crypto/rand/rand_win.c
+++ b/crypto/rand/rand_win.c
@@ -196,6 +196,8 @@ typedef NET_API_STATUS(NET_API_FUNCTION *NETFREE) (LPBYTE);
 #  endif                        /* 1 */
 # endif                         /* !OPENSSL_SYS_WINCE */
 
+#define NOTTOOLONG(start) ((GetTickCount() - (start)) < MAXDELAY)
+
 int RAND_poll(void)
 {
     MEMORYSTATUS m;
@@ -466,9 +468,7 @@ int RAND_poll(void)
                                 do
                                     RAND_add(&hentry, hentry.dwSize, 5);
                                 while (heap_next(&hentry)
-                                       && (!good
-                                           || (GetTickCount() - starttime) <
-                                           MAXDELAY)
+                                       && (!good || NOTTOOLONG(starttime))
                                        && --entrycnt > 0);
                             }
                         }
@@ -480,8 +480,7 @@ int RAND_poll(void)
                             ex_cnt_limit--;
                         }
                     } while (heaplist_next(handle, &hlist)
-                             && (!good
-                                 || (GetTickCount() - starttime) < MAXDELAY)
+                             && (!good || NOTTOOLONG(starttime))
                              && ex_cnt_limit > 0);
                 }
 #  else
@@ -496,11 +495,11 @@ int RAND_poll(void)
                             do
                                 RAND_add(&hentry, hentry.dwSize, 5);
                             while (heap_next(&hentry)
+                                   && (!good || NOTTOOLONG(starttime))
                                    && --entrycnt > 0);
                         }
                     } while (heaplist_next(handle, &hlist)
-                             && (!good
-                                 || (GetTickCount() - starttime) < MAXDELAY));
+                             && (!good || NOTTOOLONG(starttime)));
                 }
 #  endif
 
@@ -518,8 +517,7 @@ int RAND_poll(void)
                     do
                         RAND_add(&p, p.dwSize, 9);
                     while (process_next(handle, &p)
-                           && (!good
-                               || (GetTickCount() - starttime) < MAXDELAY));
+                           && (!good || NOTTOOLONG(starttime)));
 
                 /* thread walking */
                 /*
@@ -533,8 +531,7 @@ int RAND_poll(void)
                     do
                         RAND_add(&t, t.dwSize, 6);
                     while (thread_next(handle, &t)
-                           && (!good
-                               || (GetTickCount() - starttime) < MAXDELAY));
+                           && (!good || NOTTOOLONG(starttime)));
 
                 /* module walking */
                 /*
@@ -548,8 +545,7 @@ int RAND_poll(void)
                     do
                         RAND_add(&m, m.dwSize, 9);
                     while (module_next(handle, &m)
-                           && (!good
-                               || (GetTickCount() - starttime) < MAXDELAY));
+                           && (!good || NOTTOOLONG(starttime)));
                 if (close_snap)
                     close_snap(handle);
                 else
@@ -708,14 +704,13 @@ static void readscreen(void)
     hBitmap = CreateCompatibleBitmap(hScrDC, w, n);
 
     /* Get bitmap properties */
-    GetObject(hBitmap, sizeof(BITMAP), (LPSTR) & bm);
-    size = (unsigned int)bm.bmWidthBytes * bm.bmHeight * bm.bmPlanes;
-
-    bi.biSize = sizeof(BITMAPINFOHEADER);
+    GetObject(hBitmap, sizeof(bm), (LPSTR)&bm);
+    size = (unsigned int)4 * bm.bmHeight * bm.bmWidth;
+    bi.biSize = sizeof(bi);
     bi.biWidth = bm.bmWidth;
     bi.biHeight = bm.bmHeight;
-    bi.biPlanes = bm.bmPlanes;
-    bi.biBitCount = bm.bmBitsPixel;
+    bi.biPlanes = 1;
+    bi.biBitCount = 32;
     bi.biCompression = BI_RGB;
     bi.biSizeImage = 0;
     bi.biXPelsPerMeter = 0;
@@ -731,7 +726,7 @@ static void readscreen(void)
 
             /* Copy the bits of the current line range into the buffer */
             GetDIBits(hScrDC, hBitmap, y, n,
-                      bmbits, (BITMAPINFO *) & bi, DIB_RGB_COLORS);
+                      bmbits, (LPBITMAPINFO)&bi, DIB_RGB_COLORS);
 
             /* Get the hash of the bitmap */
             MD(bmbits, size, md);
diff --git a/crypto/rc4/Makefile b/crypto/rc4/Makefile
index 7434ff73..a495324c 100644
--- a/crypto/rc4/Makefile
+++ b/crypto/rc4/Makefile
@@ -100,7 +100,7 @@ dclean:
 	mv -f Makefile.new $(MAKEFILE)
 
 clean:
-	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+	rm -f *.s *.S *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
 
diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c
index 951e1d5c..ddead3d7 100644
--- a/crypto/rsa/rsa_ameth.c
+++ b/crypto/rsa/rsa_ameth.c
@@ -768,6 +768,7 @@ static int rsa_item_sign(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
     return 2;
 }
 
+#ifndef OPENSSL_NO_CMS
 static RSA_OAEP_PARAMS *rsa_oaep_decode(const X509_ALGOR *alg,
                                         X509_ALGOR **pmaskHash)
 {
@@ -791,7 +792,6 @@ static RSA_OAEP_PARAMS *rsa_oaep_decode(const X509_ALGOR *alg,
     return pss;
 }
 
-#ifndef OPENSSL_NO_CMS
 static int rsa_cms_decrypt(CMS_RecipientInfo *ri)
 {
     EVP_PKEY_CTX *pkctx;
diff --git a/crypto/rsa/rsa_crpt.c b/crypto/rsa/rsa_crpt.c
index 5c416b53..68f2981c 100644
--- a/crypto/rsa/rsa_crpt.c
+++ b/crypto/rsa/rsa_crpt.c
@@ -219,7 +219,7 @@ BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx)
          * if PRNG is not properly seeded, resort to secret exponent as
          * unpredictable seed
          */
-        RAND_add(rsa->d->d, rsa->d->dmax * sizeof rsa->d->d[0], 0.0);
+        RAND_add(rsa->d->d, rsa->d->dmax * sizeof(rsa->d->d[0]), 0.0);
     }
 
     if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c
index 082c8da2..9ca5dfef 100644
--- a/crypto/rsa/rsa_gen.c
+++ b/crypto/rsa/rsa_gen.c
@@ -109,6 +109,17 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value,
     BIGNUM *pr0, *d, *p;
     int bitsp, bitsq, ok = -1, n = 0;
     BN_CTX *ctx = NULL;
+    unsigned long error = 0;
+
+    /*
+     * When generating ridiculously small keys, we can get stuck
+     * continually regenerating the same prime values.
+     */
+    if (bits < 16) {
+        ok = 0;             /* we set our own err */
+        RSAerr(RSA_F_RSA_BUILTIN_KEYGEN, RSA_R_KEY_SIZE_TOO_SMALL);
+        goto err;
+    }
 
     ctx = BN_CTX_new();
     if (ctx == NULL)
@@ -145,43 +156,51 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value,
     if (BN_copy(rsa->e, e_value) == NULL)
         goto err;
 
+    BN_set_flags(r2, BN_FLG_CONSTTIME);
     /* generate p and q */
     for (;;) {
         if (!BN_generate_prime_ex(rsa->p, bitsp, 0, NULL, NULL, cb))
             goto err;
         if (!BN_sub(r2, rsa->p, BN_value_one()))
             goto err;
-        if (!BN_gcd(r1, r2, rsa->e, ctx))
-            goto err;
-        if (BN_is_one(r1))
+        ERR_set_mark();
+        if (BN_mod_inverse(r1, r2, rsa->e, ctx) != NULL) {
+            /* GCD == 1 since inverse exists */
             break;
+        }
+        error = ERR_peek_last_error();
+        if (ERR_GET_LIB(error) == ERR_LIB_BN
+            && ERR_GET_REASON(error) == BN_R_NO_INVERSE) {
+            /* GCD != 1 */
+            ERR_pop_to_mark();
+        } else {
+            goto err;
+        }
         if (!BN_GENCB_call(cb, 2, n++))
             goto err;
     }
     if (!BN_GENCB_call(cb, 3, 0))
         goto err;
     for (;;) {
-        /*
-         * When generating ridiculously small keys, we can get stuck
-         * continually regenerating the same prime values. Check for this and
-         * bail if it happens 3 times.
-         */
-        unsigned int degenerate = 0;
         do {
             if (!BN_generate_prime_ex(rsa->q, bitsq, 0, NULL, NULL, cb))
                 goto err;
-        } while ((BN_cmp(rsa->p, rsa->q) == 0) && (++degenerate < 3));
-        if (degenerate == 3) {
-            ok = 0;             /* we set our own err */
-            RSAerr(RSA_F_RSA_BUILTIN_KEYGEN, RSA_R_KEY_SIZE_TOO_SMALL);
-            goto err;
-        }
+        } while (BN_cmp(rsa->p, rsa->q) == 0);
         if (!BN_sub(r2, rsa->q, BN_value_one()))
             goto err;
-        if (!BN_gcd(r1, r2, rsa->e, ctx))
-            goto err;
-        if (BN_is_one(r1))
+        ERR_set_mark();
+        if (BN_mod_inverse(r1, r2, rsa->e, ctx) != NULL) {
+            /* GCD == 1 since inverse exists */
             break;
+        }
+        error = ERR_peek_last_error();
+        if (ERR_GET_LIB(error) == ERR_LIB_BN
+            && ERR_GET_REASON(error) == BN_R_NO_INVERSE) {
+            /* GCD != 1 */
+            ERR_pop_to_mark();
+        } else {
+            goto err;
+        }
         if (!BN_GENCB_call(cb, 2, n++))
             goto err;
     }
diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c
index 19d28c6f..9a01b4af 100644
--- a/crypto/rsa/rsa_oaep.c
+++ b/crypto/rsa/rsa_oaep.c
@@ -237,10 +237,14 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen,
     RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1,
            RSA_R_OAEP_DECODING_ERROR);
  cleanup:
-    if (db != NULL)
+    if (db != NULL) {
+        OPENSSL_cleanse(db, dblen);
         OPENSSL_free(db);
-    if (em != NULL)
+    }
+    if (em != NULL) {
+        OPENSSL_cleanse(em, num);
         OPENSSL_free(em);
+    }
     return mlen;
 }
 
diff --git a/crypto/rsa/rsa_pk1.c b/crypto/rsa/rsa_pk1.c
index efa1fd3e..50397c33 100644
--- a/crypto/rsa/rsa_pk1.c
+++ b/crypto/rsa/rsa_pk1.c
@@ -255,8 +255,6 @@ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
      * We can't continue in constant-time because we need to copy the result
      * and we cannot fake its length. This unavoidably leaks timing
      * information at the API boundary.
-     * TODO(emilia): this could be addressed at the call site,
-     * see BoringSSL commit 0aa0767340baf925bda4804882aab0cb974b2d26.
      */
     if (!good) {
         mlen = -1;
@@ -266,8 +264,10 @@ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
     memcpy(to, em + msg_index, mlen);
 
  err:
-    if (em != NULL)
+    if (em != NULL) {
+        OPENSSL_cleanse(em, num);
         OPENSSL_free(em);
+    }
     if (mlen == -1)
         RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,
                RSA_R_PKCS_DECODING_ERROR);
diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c
index ac583bf6..00e730ff 100644
--- a/crypto/rsa/rsa_pmeth.c
+++ b/crypto/rsa/rsa_pmeth.c
@@ -180,27 +180,25 @@ static void pkey_rsa_cleanup(EVP_PKEY_CTX *ctx)
  * FIPS mode.
  */
 
-static int pkey_fips_check_ctx(EVP_PKEY_CTX *ctx)
+static int pkey_fips_check_rsa(const RSA *rsa, const EVP_MD **pmd,
+                               const EVP_MD **pmgf1md)
 {
-    RSA_PKEY_CTX *rctx = ctx->data;
-    RSA *rsa = ctx->pkey->pkey.rsa;
     int rv = -1;
+
     if (!FIPS_mode())
         return 0;
     if (rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)
         rv = 0;
     if (!(rsa->meth->flags & RSA_FLAG_FIPS_METHOD) && rv)
         return -1;
-    if (rctx->md) {
-        const EVP_MD *fmd;
-        fmd = FIPS_get_digestbynid(EVP_MD_type(rctx->md));
-        if (!fmd || !(fmd->flags & EVP_MD_FLAG_FIPS))
+    if (*pmd != NULL) {
+        *pmd = FIPS_get_digestbynid(EVP_MD_type(*pmd));
+        if (*pmd == NULL || !((*pmd)->flags & EVP_MD_FLAG_FIPS))
             return rv;
     }
-    if (rctx->mgf1md && !(rctx->mgf1md->flags & EVP_MD_FLAG_FIPS)) {
-        const EVP_MD *fmd;
-        fmd = FIPS_get_digestbynid(EVP_MD_type(rctx->mgf1md));
-        if (!fmd || !(fmd->flags & EVP_MD_FLAG_FIPS))
+    if (*pmgf1md != NULL) {
+        *pmgf1md = FIPS_get_digestbynid(EVP_MD_type(*pmgf1md));
+        if (*pmgf1md == NULL || !((*pmgf1md)->flags & EVP_MD_FLAG_FIPS))
             return rv;
     }
     return 1;
@@ -214,27 +212,27 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig,
     int ret;
     RSA_PKEY_CTX *rctx = ctx->data;
     RSA *rsa = ctx->pkey->pkey.rsa;
+    const EVP_MD *md = rctx->md;
+    const EVP_MD *mgf1md = rctx->mgf1md;
 
 #ifdef OPENSSL_FIPS
-    ret = pkey_fips_check_ctx(ctx);
+    ret = pkey_fips_check_rsa(rsa, &md, &mgf1md);
     if (ret < 0) {
         RSAerr(RSA_F_PKEY_RSA_SIGN, RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE);
         return -1;
     }
 #endif
 
-    if (rctx->md) {
-        if (tbslen != (size_t)EVP_MD_size(rctx->md)) {
+    if (md != NULL) {
+        if (tbslen != (size_t)EVP_MD_size(md)) {
             RSAerr(RSA_F_PKEY_RSA_SIGN, RSA_R_INVALID_DIGEST_LENGTH);
             return -1;
         }
 #ifdef OPENSSL_FIPS
         if (ret > 0) {
             unsigned int slen;
-            ret = FIPS_rsa_sign_digest(rsa, tbs, tbslen, rctx->md,
-                                       rctx->pad_mode,
-                                       rctx->saltlen,
-                                       rctx->mgf1md, sig, &slen);
+            ret = FIPS_rsa_sign_digest(rsa, tbs, tbslen, md, rctx->pad_mode,
+                                       rctx->saltlen, mgf1md, sig, &slen);
             if (ret > 0)
                 *siglen = slen;
             else
@@ -243,12 +241,12 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig,
         }
 #endif
 
-        if (EVP_MD_type(rctx->md) == NID_mdc2) {
+        if (EVP_MD_type(md) == NID_mdc2) {
             unsigned int sltmp;
             if (rctx->pad_mode != RSA_PKCS1_PADDING)
                 return -1;
-            ret = RSA_sign_ASN1_OCTET_STRING(NID_mdc2,
-                                             tbs, tbslen, sig, &sltmp, rsa);
+            ret = RSA_sign_ASN1_OCTET_STRING(NID_mdc2, tbs, tbslen, sig, &sltmp,
+                                             rsa);
 
             if (ret <= 0)
                 return ret;
@@ -263,23 +261,20 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig,
                 return -1;
             }
             memcpy(rctx->tbuf, tbs, tbslen);
-            rctx->tbuf[tbslen] = RSA_X931_hash_id(EVP_MD_type(rctx->md));
+            rctx->tbuf[tbslen] = RSA_X931_hash_id(EVP_MD_type(md));
             ret = RSA_private_encrypt(tbslen + 1, rctx->tbuf,
                                       sig, rsa, RSA_X931_PADDING);
         } else if (rctx->pad_mode == RSA_PKCS1_PADDING) {
             unsigned int sltmp;
-            ret = RSA_sign(EVP_MD_type(rctx->md),
-                           tbs, tbslen, sig, &sltmp, rsa);
+            ret = RSA_sign(EVP_MD_type(md), tbs, tbslen, sig, &sltmp, rsa);
             if (ret <= 0)
                 return ret;
             ret = sltmp;
         } else if (rctx->pad_mode == RSA_PKCS1_PSS_PADDING) {
             if (!setup_tbuf(rctx, ctx))
                 return -1;
-            if (!RSA_padding_add_PKCS1_PSS_mgf1(rsa,
-                                                rctx->tbuf, tbs,
-                                                rctx->md, rctx->mgf1md,
-                                                rctx->saltlen))
+            if (!RSA_padding_add_PKCS1_PSS_mgf1(rsa, rctx->tbuf, tbs,
+                                                md, mgf1md, rctx->saltlen))
                 return -1;
             ret = RSA_private_encrypt(RSA_size(rsa), rctx->tbuf,
                                       sig, rsa, RSA_NO_PADDING);
@@ -348,32 +343,31 @@ static int pkey_rsa_verify(EVP_PKEY_CTX *ctx,
 {
     RSA_PKEY_CTX *rctx = ctx->data;
     RSA *rsa = ctx->pkey->pkey.rsa;
+    const EVP_MD *md = rctx->md;
+    const EVP_MD *mgf1md = rctx->mgf1md;
     size_t rslen;
+
 #ifdef OPENSSL_FIPS
-    int rv;
-    rv = pkey_fips_check_ctx(ctx);
+    int rv = pkey_fips_check_rsa(rsa, &md, &mgf1md);
+
     if (rv < 0) {
         RSAerr(RSA_F_PKEY_RSA_VERIFY,
                RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE);
         return -1;
     }
 #endif
-    if (rctx->md) {
+    if (md != NULL) {
 #ifdef OPENSSL_FIPS
         if (rv > 0) {
-            return FIPS_rsa_verify_digest(rsa,
-                                          tbs, tbslen,
-                                          rctx->md,
-                                          rctx->pad_mode,
-                                          rctx->saltlen,
-                                          rctx->mgf1md, sig, siglen);
+            return FIPS_rsa_verify_digest(rsa, tbs, tbslen, md, rctx->pad_mode,
+                                          rctx->saltlen, mgf1md, sig, siglen);
 
         }
 #endif
         if (rctx->pad_mode == RSA_PKCS1_PADDING)
-            return RSA_verify(EVP_MD_type(rctx->md), tbs, tbslen,
+            return RSA_verify(EVP_MD_type(md), tbs, tbslen,
                               sig, siglen, rsa);
-        if (tbslen != (size_t)EVP_MD_size(rctx->md)) {
+        if (tbslen != (size_t)EVP_MD_size(md)) {
             RSAerr(RSA_F_PKEY_RSA_VERIFY, RSA_R_INVALID_DIGEST_LENGTH);
             return -1;
         }
@@ -388,8 +382,7 @@ static int pkey_rsa_verify(EVP_PKEY_CTX *ctx,
                                      rsa, RSA_NO_PADDING);
             if (ret <= 0)
                 return 0;
-            ret = RSA_verify_PKCS1_PSS_mgf1(rsa, tbs,
-                                            rctx->md, rctx->mgf1md,
+            ret = RSA_verify_PKCS1_PSS_mgf1(rsa, tbs, md, mgf1md,
                                             rctx->tbuf, rctx->saltlen);
             if (ret <= 0)
                 return 0;
@@ -446,19 +439,14 @@ static int pkey_rsa_decrypt(EVP_PKEY_CTX *ctx,
     int ret;
     RSA_PKEY_CTX *rctx = ctx->data;
     if (rctx->pad_mode == RSA_PKCS1_OAEP_PADDING) {
-        int i;
         if (!setup_tbuf(rctx, ctx))
             return -1;
         ret = RSA_private_decrypt(inlen, in, rctx->tbuf,
                                   ctx->pkey->pkey.rsa, RSA_NO_PADDING);
         if (ret <= 0)
             return ret;
-        for (i = 0; i < ret; i++) {
-            if (rctx->tbuf[i])
-                break;
-        }
-        ret = RSA_padding_check_PKCS1_OAEP_mgf1(out, ret, rctx->tbuf + i,
-                                                ret - i, ret,
+        ret = RSA_padding_check_PKCS1_OAEP_mgf1(out, ret, rctx->tbuf,
+                                                ret, ret,
                                                 rctx->oaep_label,
                                                 rctx->oaep_labellen,
                                                 rctx->md, rctx->mgf1md);
diff --git a/crypto/rsa/rsa_pss.c b/crypto/rsa/rsa_pss.c
index 41bc0844..3c9250ba 100644
--- a/crypto/rsa/rsa_pss.c
+++ b/crypto/rsa/rsa_pss.c
@@ -122,7 +122,11 @@ int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
         EM++;
         emLen--;
     }
-    if (emLen < (hLen + sLen + 2)) { /* sLen can be small negative */
+    if (emLen < hLen + 2) {
+        RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_DATA_TOO_LARGE);
+        goto err;
+    }
+    if (sLen > emLen - hLen - 2) { /* sLen can be small negative */
         RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_DATA_TOO_LARGE);
         goto err;
     }
@@ -153,7 +157,7 @@ int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
         goto err;
     }
     if (!EVP_DigestInit_ex(&ctx, Hash, NULL)
-        || !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes)
+        || !EVP_DigestUpdate(&ctx, zeroes, sizeof(zeroes))
         || !EVP_DigestUpdate(&ctx, mHash, hLen))
         goto err;
     if (maskedDBLen - i) {
@@ -222,9 +226,14 @@ int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
         *EM++ = 0;
         emLen--;
     }
+    if (emLen < hLen + 2) {
+        RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1,
+               RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
+        goto err;
+    }
     if (sLen == -2) {
         sLen = emLen - hLen - 2;
-    } else if (emLen < (hLen + sLen + 2)) {
+    } else if (sLen > emLen - hLen - 2) {
         RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1,
                RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
         goto err;
@@ -243,7 +252,7 @@ int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
     H = EM + maskedDBLen;
     EVP_MD_CTX_init(&ctx);
     if (!EVP_DigestInit_ex(&ctx, Hash, NULL)
-        || !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes)
+        || !EVP_DigestUpdate(&ctx, zeroes, sizeof(zeroes))
         || !EVP_DigestUpdate(&ctx, mHash, hLen))
         goto err;
     if (sLen && !EVP_DigestUpdate(&ctx, salt, sLen))
diff --git a/crypto/rsa/rsa_test.c b/crypto/rsa/rsa_test.c
index 85c7440b..ed78f010 100644
--- a/crypto/rsa/rsa_test.c
+++ b/crypto/rsa/rsa_test.c
@@ -226,7 +226,7 @@ int main(int argc, char *argv[])
     CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
     CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
 
-    RAND_seed(rnd_seed, sizeof rnd_seed); /* or OAEP may fail */
+    RAND_seed(rnd_seed, sizeof(rnd_seed)); /* or OAEP may fail */
 
     plen = sizeof(ptext_ex) - 1;
 
diff --git a/crypto/sha/Makefile b/crypto/sha/Makefile
index de6cdde5..8b8f8b28 100644
--- a/crypto/sha/Makefile
+++ b/crypto/sha/Makefile
@@ -135,7 +135,7 @@ dclean:
 	mv -f Makefile.new $(MAKEFILE)
 
 clean:
-	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+	rm -f *.s *.S *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
 
diff --git a/crypto/sha/asm/sha256-armv4.pl b/crypto/sha/asm/sha256-armv4.pl
index 4fee74d8..750216eb 100644
--- a/crypto/sha/asm/sha256-armv4.pl
+++ b/crypto/sha/asm/sha256-armv4.pl
@@ -205,7 +205,7 @@ sha256_block_data_order:
 #if __ARM_ARCH__<7
 	sub	r3,pc,#8		@ sha256_block_data_order
 #else
-	adr	r3,sha256_block_data_order
+	adr	r3,.
 #endif
 #if __ARM_MAX_ARCH__>=7 && !defined(__KERNEL__)
 	ldr	r12,.LOPENSSL_armcap
diff --git a/crypto/srp/srp_grps.h b/crypto/srp/srp_grps.h
index 31312de1..f76652cb 100644
--- a/crypto/srp/srp_grps.h
+++ b/crypto/srp/srp_grps.h
@@ -21,8 +21,8 @@ static BN_ULONG bn_group_1024_value[] = {
 
 static BIGNUM bn_group_1024 = {
     bn_group_1024_value,
-    (sizeof bn_group_1024_value) / sizeof(BN_ULONG),
-    (sizeof bn_group_1024_value) / sizeof(BN_ULONG),
+    (sizeof(bn_group_1024_value)) / sizeof(BN_ULONG),
+    (sizeof(bn_group_1024_value)) / sizeof(BN_ULONG),
     0,
     BN_FLG_STATIC_DATA
 };
@@ -56,8 +56,8 @@ static BN_ULONG bn_group_1536_value[] = {
 
 static BIGNUM bn_group_1536 = {
     bn_group_1536_value,
-    (sizeof bn_group_1536_value) / sizeof(BN_ULONG),
-    (sizeof bn_group_1536_value) / sizeof(BN_ULONG),
+    (sizeof(bn_group_1536_value)) / sizeof(BN_ULONG),
+    (sizeof(bn_group_1536_value)) / sizeof(BN_ULONG),
     0,
     BN_FLG_STATIC_DATA
 };
@@ -99,8 +99,8 @@ static BN_ULONG bn_group_2048_value[] = {
 
 static BIGNUM bn_group_2048 = {
     bn_group_2048_value,
-    (sizeof bn_group_2048_value) / sizeof(BN_ULONG),
-    (sizeof bn_group_2048_value) / sizeof(BN_ULONG),
+    (sizeof(bn_group_2048_value)) / sizeof(BN_ULONG),
+    (sizeof(bn_group_2048_value)) / sizeof(BN_ULONG),
     0,
     BN_FLG_STATIC_DATA
 };
@@ -158,8 +158,8 @@ static BN_ULONG bn_group_3072_value[] = {
 
 static BIGNUM bn_group_3072 = {
     bn_group_3072_value,
-    (sizeof bn_group_3072_value) / sizeof(BN_ULONG),
-    (sizeof bn_group_3072_value) / sizeof(BN_ULONG),
+    (sizeof(bn_group_3072_value)) / sizeof(BN_ULONG),
+    (sizeof(bn_group_3072_value)) / sizeof(BN_ULONG),
     0,
     BN_FLG_STATIC_DATA
 };
@@ -233,8 +233,8 @@ static BN_ULONG bn_group_4096_value[] = {
 
 static BIGNUM bn_group_4096 = {
     bn_group_4096_value,
-    (sizeof bn_group_4096_value) / sizeof(BN_ULONG),
-    (sizeof bn_group_4096_value) / sizeof(BN_ULONG),
+    (sizeof(bn_group_4096_value)) / sizeof(BN_ULONG),
+    (sizeof(bn_group_4096_value)) / sizeof(BN_ULONG),
     0,
     BN_FLG_STATIC_DATA
 };
@@ -340,8 +340,8 @@ static BN_ULONG bn_group_6144_value[] = {
 
 static BIGNUM bn_group_6144 = {
     bn_group_6144_value,
-    (sizeof bn_group_6144_value) / sizeof(BN_ULONG),
-    (sizeof bn_group_6144_value) / sizeof(BN_ULONG),
+    (sizeof(bn_group_6144_value)) / sizeof(BN_ULONG),
+    (sizeof(bn_group_6144_value)) / sizeof(BN_ULONG),
     0,
     BN_FLG_STATIC_DATA
 };
@@ -479,8 +479,8 @@ static BN_ULONG bn_group_8192_value[] = {
 
 static BIGNUM bn_group_8192 = {
     bn_group_8192_value,
-    (sizeof bn_group_8192_value) / sizeof(BN_ULONG),
-    (sizeof bn_group_8192_value) / sizeof(BN_ULONG),
+    (sizeof(bn_group_8192_value)) / sizeof(BN_ULONG),
+    (sizeof(bn_group_8192_value)) / sizeof(BN_ULONG),
     0,
     BN_FLG_STATIC_DATA
 };
diff --git a/crypto/srp/srp_vfy.c b/crypto/srp/srp_vfy.c
index a8ec52a4..c8bc7a94 100644
--- a/crypto/srp/srp_vfy.c
+++ b/crypto/srp/srp_vfy.c
@@ -86,10 +86,13 @@ static int t_fromb64(unsigned char *a, size_t alen, const char *src)
     int i, j;
     int size;
 
+    if (alen == 0 || alen > INT_MAX)
+        return -1;
+
     while (*src && (*src == ' ' || *src == '\t' || *src == '\n'))
         ++src;
     size = strlen(src);
-    if (alen > INT_MAX || size > (int)alen)
+    if (size < 0 || size >= (int)alen)
         return -1;
 
     i = 0;
@@ -127,7 +130,7 @@ static int t_fromb64(unsigned char *a, size_t alen, const char *src)
         if (--i < 0)
             break;
     }
-    while (a[j] == 0 && j <= size)
+    while (j <= size && a[j] == 0)
         ++j;
     i = 0;
     while (j <= size)
diff --git a/crypto/symhacks.h b/crypto/symhacks.h
index 239fa4fb..30019579 100644
--- a/crypto/symhacks.h
+++ b/crypto/symhacks.h
@@ -280,6 +280,8 @@
 #  define OPENSSL_add_all_algorithms_conf         OPENSSL_add_all_algo_conf
 #  undef EVP_PKEY_meth_set_verify_recover
 #  define EVP_PKEY_meth_set_verify_recover        EVP_PKEY_meth_set_vrfy_recover
+#  undef EVP_PKEY_meth_get_verify_recover
+#  define EVP_PKEY_meth_get_verify_recover        EVP_PKEY_meth_get_vrfy_recover
 
 /* Hack some long EC names */
 #  undef EC_GROUP_set_point_conversion_form
diff --git a/crypto/threads/mttest.c b/crypto/threads/mttest.c
index dbff4a69..b26ed28a 100644
--- a/crypto/threads/mttest.c
+++ b/crypto/threads/mttest.c
@@ -190,7 +190,7 @@ int main(int argc, char *argv[])
     char *ccert = TEST_CLIENT_CERT;
     const SSL_METHOD *ssl_method = SSLv23_method();
 
-    RAND_seed(rnd_seed, sizeof rnd_seed);
+    RAND_seed(rnd_seed, sizeof(rnd_seed));
 
     if (bio_err == NULL)
         bio_err = BIO_new_fd(2, BIO_NOCLOSE);
diff --git a/crypto/ts/Makefile b/crypto/ts/Makefile
index cf991efe..4a3c0f00 100644
--- a/crypto/ts/Makefile
+++ b/crypto/ts/Makefile
@@ -217,7 +217,8 @@ ts_rsp_sign.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 ts_rsp_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 ts_rsp_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
 ts_rsp_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-ts_rsp_sign.o: ../../include/openssl/x509v3.h ../cryptlib.h ts_rsp_sign.c
+ts_rsp_sign.o: ../../include/openssl/x509v3.h ../cryptlib.h ../o_time.h
+ts_rsp_sign.o: ts_rsp_sign.c
 ts_rsp_utils.o: ../../e_os.h ../../include/openssl/asn1.h
 ts_rsp_utils.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
 ts_rsp_utils.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
diff --git a/crypto/ts/ts_rsp_sign.c b/crypto/ts/ts_rsp_sign.c
index db6ce324..d55e903e 100644
--- a/crypto/ts/ts_rsp_sign.c
+++ b/crypto/ts/ts_rsp_sign.c
@@ -4,7 +4,7 @@
  * 2002.
  */
 /* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 2006-2018 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -58,6 +58,7 @@
  */
 
 #include "cryptlib.h"
+#include "o_time.h"
 
 #if defined(OPENSSL_SYS_UNIX)
 # include <sys/time.h>
@@ -948,6 +949,7 @@ static ASN1_GENERALIZEDTIME
 {
     time_t time_sec = (time_t)sec;
     struct tm *tm = NULL;
+    struct tm result = {0};
     char genTime_str[17 + TS_MAX_CLOCK_PRECISION_DIGITS];
     char *p = genTime_str;
     char *p_end = genTime_str + sizeof(genTime_str);
@@ -955,7 +957,7 @@ static ASN1_GENERALIZEDTIME
     if (precision > TS_MAX_CLOCK_PRECISION_DIGITS)
         goto err;
 
-    if (!(tm = gmtime(&time_sec)))
+    if (!(tm = OPENSSL_gmtime(&time_sec, &result)))
         goto err;
 
     /*
diff --git a/crypto/txt_db/txt_db.c b/crypto/txt_db/txt_db.c
index f9b42ac6..ed02efc2 100644
--- a/crypto/txt_db/txt_db.c
+++ b/crypto/txt_db/txt_db.c
@@ -162,6 +162,7 @@ TXT_DB *TXT_DB_read(BIO *in, int num)
                     "wrong number of fields on line %ld (looking for field %d, got %d, '%s' left)\n",
                     ln, num, n, f);
 #endif
+            OPENSSL_free(pp);
             er = 2;
             goto err;
         }
@@ -171,6 +172,7 @@ TXT_DB *TXT_DB_read(BIO *in, int num)
                                                                * fix :-( */
             fprintf(stderr, "failure in sk_push\n");
 #endif
+            OPENSSL_free(pp);
             er = 2;
             goto err;
         }
@@ -222,7 +224,7 @@ int TXT_DB_create_index(TXT_DB *db, int field, int (*qual) (OPENSSL_STRING *),
                         LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp)
 {
     LHASH_OF(OPENSSL_STRING) *idx;
-    OPENSSL_STRING *r;
+    OPENSSL_STRING *r, *k;
     int i, n;
 
     if (field >= db->num_fields) {
@@ -239,13 +241,18 @@ int TXT_DB_create_index(TXT_DB *db, int field, int (*qual) (OPENSSL_STRING *),
         r = sk_OPENSSL_PSTRING_value(db->data, i);
         if ((qual != NULL) && (qual(r) == 0))
             continue;
-        if ((r = lh_OPENSSL_STRING_insert(idx, r)) != NULL) {
+        if ((k = lh_OPENSSL_STRING_insert(idx, r)) != NULL) {
             db->error = DB_ERROR_INDEX_CLASH;
-            db->arg1 = sk_OPENSSL_PSTRING_find(db->data, r);
+            db->arg1 = sk_OPENSSL_PSTRING_find(db->data, k);
             db->arg2 = i;
             lh_OPENSSL_STRING_free(idx);
             return (0);
         }
+        if (lh_OPENSSL_STRING_retrieve(idx, r) == NULL) {
+            db->error = DB_ERROR_MALLOC;
+            lh_OPENSSL_STRING_free(idx);
+            return (0);
+        }
     }
     if (db->index[field] != NULL)
         lh_OPENSSL_STRING_free(db->index[field]);
@@ -320,20 +327,29 @@ int TXT_DB_insert(TXT_DB *db, OPENSSL_STRING *row)
             }
         }
     }
-    /* We have passed the index checks, now just append and insert */
-    if (!sk_OPENSSL_PSTRING_push(db->data, row)) {
-        db->error = DB_ERROR_MALLOC;
-        goto err;
-    }
 
     for (i = 0; i < db->num_fields; i++) {
         if (db->index[i] != NULL) {
             if ((db->qual[i] != NULL) && (db->qual[i] (row) == 0))
                 continue;
             (void)lh_OPENSSL_STRING_insert(db->index[i], row);
+            if (lh_OPENSSL_STRING_retrieve(db->index[i], row) == NULL)
+                goto err1;
         }
     }
+    if (!sk_OPENSSL_PSTRING_push(db->data, row))
+        goto err1;
     return (1);
+
+ err1:
+    db->error = DB_ERROR_MALLOC;
+    while (i-- > 0) {
+        if (db->index[i] != NULL) {
+            if ((db->qual[i] != NULL) && (db->qual[i] (row) == 0))
+                continue;
+            (void)lh_OPENSSL_STRING_delete(db->index[i], row);
+        }
+    }
  err:
     return (0);
 }
diff --git a/crypto/ui/ui_lib.c b/crypto/ui/ui_lib.c
index 3cc067c3..03ef981c 100644
--- a/crypto/ui/ui_lib.c
+++ b/crypto/ui/ui_lib.c
@@ -520,6 +520,7 @@ int UI_process(UI *ui)
             }
         }
     }
+
  err:
     if (ui->meth->ui_close_session != NULL
         && ui->meth->ui_close_session(ui) <= 0)
@@ -747,7 +748,6 @@ const char *UI_get0_action_string(UI_STRING *uis)
     if (!uis)
         return NULL;
     switch (uis->type) {
-    case UIT_PROMPT:
     case UIT_BOOLEAN:
         return uis->_.boolean_data.action_desc;
     default:
diff --git a/crypto/ui/ui_openssl.c b/crypto/ui/ui_openssl.c
index 17d14f58..8a435903 100644
--- a/crypto/ui/ui_openssl.c
+++ b/crypto/ui/ui_openssl.c
@@ -614,7 +614,7 @@ static void pushsig(void)
 # ifdef SIGACTION
     struct sigaction sa;
 
-    memset(&sa, 0, sizeof sa);
+    memset(&sa, 0, sizeof(sa));
     sa.sa_handler = recsig;
 # endif
 
diff --git a/crypto/whrlpool/wp_dgst.c b/crypto/whrlpool/wp_dgst.c
index 807d1c49..96d042f5 100644
--- a/crypto/whrlpool/wp_dgst.c
+++ b/crypto/whrlpool/wp_dgst.c
@@ -166,7 +166,7 @@ void WHIRLPOOL_BitUpdate(WHIRLPOOL_CTX *c, const void *_inp, size_t bits)
                 goto reconsider;
             } else
 #endif
-            if (bits >= 8) {
+            if (bits > 8) {
                 b = ((inp[0] << inpgap) | (inp[1] >> (8 - inpgap)));
                 b &= 0xff;
                 if (bitrem)
@@ -183,7 +183,7 @@ void WHIRLPOOL_BitUpdate(WHIRLPOOL_CTX *c, const void *_inp, size_t bits)
                 }
                 if (bitrem)
                     c->data[byteoff] = b << (8 - bitrem);
-            } else {            /* remaining less than 8 bits */
+            } else {            /* remaining less than or equal to 8 bits */
 
                 b = (inp[0] << inpgap) & 0xff;
                 if (bitrem)
diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c
index bbc31893..6f0209a2 100644
--- a/crypto/x509/by_dir.c
+++ b/crypto/x509/by_dir.c
@@ -402,6 +402,7 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
             if (!hent) {
                 hent = OPENSSL_malloc(sizeof(BY_DIR_HASH));
                 if (hent == NULL) {
+                    CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
                     X509err(X509_F_GET_CERT_BY_SUBJECT, ERR_R_MALLOC_FAILURE);
                     goto finish;
                 }
diff --git a/crypto/x509/by_file.c b/crypto/x509/by_file.c
index 43a07300..82ce4e8d 100644
--- a/crypto/x509/by_file.c
+++ b/crypto/x509/by_file.c
@@ -92,12 +92,12 @@ static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp,
                         long argl, char **ret)
 {
     int ok = 0;
-    char *file;
+    const char *file;
 
     switch (cmd) {
     case X509_L_FILE_LOAD:
         if (argl == X509_FILETYPE_DEFAULT) {
-            file = (char *)getenv(X509_get_default_cert_file_env());
+            file = getenv(X509_get_default_cert_file_env());
             if (file)
                 ok = (X509_load_cert_crl_file(ctx, file,
                                               X509_FILETYPE_PEM) != 0);
@@ -140,7 +140,7 @@ int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type)
 
     if (type == X509_FILETYPE_PEM) {
         for (;;) {
-            x = PEM_read_bio_X509_AUX(in, NULL, NULL, NULL);
+            x = PEM_read_bio_X509_AUX(in, NULL, NULL, "");
             if (x == NULL) {
                 if ((ERR_GET_REASON(ERR_peek_last_error()) ==
                      PEM_R_NO_START_LINE) && (count > 0)) {
@@ -199,7 +199,7 @@ int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type)
 
     if (type == X509_FILETYPE_PEM) {
         for (;;) {
-            x = PEM_read_bio_X509_CRL(in, NULL, NULL, NULL);
+            x = PEM_read_bio_X509_CRL(in, NULL, NULL, "");
             if (x == NULL) {
                 if ((ERR_GET_REASON(ERR_peek_last_error()) ==
                      PEM_R_NO_START_LINE) && (count > 0)) {
@@ -253,7 +253,7 @@ int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type)
         X509err(X509_F_X509_LOAD_CERT_CRL_FILE, ERR_R_SYS_LIB);
         return 0;
     }
-    inf = PEM_X509_INFO_read_bio(in, NULL, NULL, NULL);
+    inf = PEM_X509_INFO_read_bio(in, NULL, NULL, "");
     BIO_free(in);
     if (!inf) {
         X509err(X509_F_X509_LOAD_CERT_CRL_FILE, ERR_R_PEM_LIB);
diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c
index 50120a4d..b7424809 100644
--- a/crypto/x509/x509_lu.c
+++ b/crypto/x509/x509_lu.c
@@ -185,14 +185,16 @@ X509_STORE *X509_STORE_new(void)
 
     if ((ret = (X509_STORE *)OPENSSL_malloc(sizeof(X509_STORE))) == NULL)
         return NULL;
-    ret->objs = sk_X509_OBJECT_new(x509_object_cmp);
+    if ((ret->objs = sk_X509_OBJECT_new(x509_object_cmp)) == NULL)
+        goto err0;
     ret->cache = 1;
-    ret->get_cert_methods = sk_X509_LOOKUP_new_null();
+    if ((ret->get_cert_methods = sk_X509_LOOKUP_new_null()) == NULL)
+        goto err1;
     ret->verify = 0;
     ret->verify_cb = 0;
 
     if ((ret->param = X509_VERIFY_PARAM_new()) == NULL)
-        return NULL;
+        goto err2;
 
     ret->get_issuer = 0;
     ret->check_issued = 0;
@@ -204,14 +206,21 @@ X509_STORE *X509_STORE_new(void)
     ret->lookup_crls = 0;
     ret->cleanup = 0;
 
-    if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data)) {
-        sk_X509_OBJECT_free(ret->objs);
-        OPENSSL_free(ret);
-        return NULL;
-    }
+    if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data))
+       goto err3;
 
     ret->references = 1;
     return ret;
+
+ err3:
+    X509_VERIFY_PARAM_free(ret->param);
+ err2:
+    sk_X509_LOOKUP_free(ret->get_cert_methods);
+ err1:
+    sk_X509_OBJECT_free(ret->objs);
+ err0:
+    OPENSSL_free(ret);
+    return NULL;
 }
 
 static void cleanup(X509_OBJECT *a)
@@ -360,8 +369,12 @@ int X509_STORE_add_cert(X509_STORE *ctx, X509 *x)
         X509err(X509_F_X509_STORE_ADD_CERT,
                 X509_R_CERT_ALREADY_IN_HASH_TABLE);
         ret = 0;
-    } else
-        sk_X509_OBJECT_push(ctx->objs, obj);
+    } else if (!sk_X509_OBJECT_push(ctx->objs, obj)) {
+        X509_OBJECT_free_contents(obj);
+        OPENSSL_free(obj);
+        X509err(X509_F_X509_STORE_ADD_CERT, ERR_R_MALLOC_FAILURE);
+        ret = 0;
+    }
 
     CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
 
@@ -392,8 +405,12 @@ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x)
         OPENSSL_free(obj);
         X509err(X509_F_X509_STORE_ADD_CRL, X509_R_CERT_ALREADY_IN_HASH_TABLE);
         ret = 0;
-    } else
-        sk_X509_OBJECT_push(ctx->objs, obj);
+    } else if (!sk_X509_OBJECT_push(ctx->objs, obj)) {
+        X509_OBJECT_free_contents(obj);
+        OPENSSL_free(obj);
+        X509err(X509_F_X509_STORE_ADD_CRL, ERR_R_MALLOC_FAILURE);
+        ret = 0;
+    }
 
     CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
 
diff --git a/crypto/x509/x509_txt.c b/crypto/x509/x509_txt.c
index 35db0955..594031e7 100644
--- a/crypto/x509/x509_txt.c
+++ b/crypto/x509/x509_txt.c
@@ -212,7 +212,7 @@ const char *X509_verify_cert_error_string(long n)
         return ("proxy subject name violation");
 
     default:
-        BIO_snprintf(buf, sizeof buf, "error number %ld", n);
+        BIO_snprintf(buf, sizeof(buf), "error number %ld", n);
         return (buf);
     }
 }
diff --git a/crypto/x509/x509_v3.c b/crypto/x509/x509_v3.c
index 4a03445a..9a3517e0 100644
--- a/crypto/x509/x509_v3.c
+++ b/crypto/x509/x509_v3.c
@@ -177,7 +177,7 @@ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
  err2:
     if (new_ex != NULL)
         X509_EXTENSION_free(new_ex);
-    if (sk != NULL)
+    if (x != NULL && *x == NULL && sk != NULL)
         sk_X509_EXTENSION_free(sk);
     return (NULL);
 }
diff --git a/crypto/x509/x509_vpm.c b/crypto/x509/x509_vpm.c
index 1ac15a88..7d68a4ab 100644
--- a/crypto/x509/x509_vpm.c
+++ b/crypto/x509/x509_vpm.c
@@ -173,7 +173,7 @@ X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void)
     X509_VERIFY_PARAM *param;
     X509_VERIFY_PARAM_ID *paramid;
 
-    param = OPENSSL_malloc(sizeof *param);
+    param = OPENSSL_malloc(sizeof(*param));
     if (!param)
         return NULL;
     memset(param, 0, sizeof(*param));
diff --git a/crypto/x509v3/pcy_tree.c b/crypto/x509v3/pcy_tree.c
index 09b8691c..03c9533b 100644
--- a/crypto/x509v3/pcy_tree.c
+++ b/crypto/x509v3/pcy_tree.c
@@ -732,6 +732,7 @@ int X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy,
                       STACK_OF(ASN1_OBJECT) *policy_oids, unsigned int flags)
 {
     int ret;
+    int calc_ret;
     X509_POLICY_TREE *tree = NULL;
     STACK_OF(X509_POLICY_NODE) *nodes, *auth_nodes = NULL;
     *ptree = NULL;
@@ -800,16 +801,19 @@ int X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy,
 
     /* Tree is not empty: continue */
 
-    ret = tree_calculate_authority_set(tree, &auth_nodes);
+    calc_ret = tree_calculate_authority_set(tree, &auth_nodes);
+
+    if (!calc_ret)
+        goto error;
+
+    ret = tree_calculate_user_set(tree, policy_oids, auth_nodes);
+
+    if (calc_ret == 2)
+        sk_X509_POLICY_NODE_free(auth_nodes);
 
     if (!ret)
         goto error;
 
-    if (!tree_calculate_user_set(tree, policy_oids, auth_nodes))
-        goto error;
-
-    if (ret == 2)
-        sk_X509_POLICY_NODE_free(auth_nodes);
 
     if (tree)
         *ptree = tree;
diff --git a/crypto/x509v3/v3_addr.c b/crypto/x509v3/v3_addr.c
index 1290dec9..af080a04 100644
--- a/crypto/x509v3/v3_addr.c
+++ b/crypto/x509v3/v3_addr.c
@@ -130,10 +130,12 @@ static int length_from_afi(const unsigned afi)
  */
 unsigned int v3_addr_get_afi(const IPAddressFamily *f)
 {
-    return ((f != NULL &&
-             f->addressFamily != NULL && f->addressFamily->data != NULL)
-            ? ((f->addressFamily->data[0] << 8) | (f->addressFamily->data[1]))
-            : 0);
+    if (f == NULL
+            || f->addressFamily == NULL
+            || f->addressFamily->data == NULL
+            || f->addressFamily->length < 2)
+        return 0;
+    return (f->addressFamily->data[0] << 8) | f->addressFamily->data[1];
 }
 
 /*
diff --git a/crypto/x509v3/v3_alt.c b/crypto/x509v3/v3_alt.c
index 7f1e71dd..d4d024c5 100644
--- a/crypto/x509v3/v3_alt.c
+++ b/crypto/x509v3/v3_alt.c
@@ -119,58 +119,68 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
     int i;
     switch (gen->type) {
     case GEN_OTHERNAME:
-        X509V3_add_value("othername", "<unsupported>", &ret);
+        if (!X509V3_add_value("othername", "<unsupported>", &ret))
+            return NULL;
         break;
 
     case GEN_X400:
-        X509V3_add_value("X400Name", "<unsupported>", &ret);
+        if (!X509V3_add_value("X400Name", "<unsupported>", &ret))
+            return NULL;
         break;
 
     case GEN_EDIPARTY:
-        X509V3_add_value("EdiPartyName", "<unsupported>", &ret);
+        if (!X509V3_add_value("EdiPartyName", "<unsupported>", &ret))
+            return NULL;
         break;
 
     case GEN_EMAIL:
-        X509V3_add_value_uchar("email", gen->d.ia5->data, &ret);
+        if (!X509V3_add_value_uchar("email", gen->d.ia5->data, &ret))
+            return NULL;
         break;
 
     case GEN_DNS:
-        X509V3_add_value_uchar("DNS", gen->d.ia5->data, &ret);
+        if (!X509V3_add_value_uchar("DNS", gen->d.ia5->data, &ret))
+            return NULL;
         break;
 
     case GEN_URI:
-        X509V3_add_value_uchar("URI", gen->d.ia5->data, &ret);
+        if (!X509V3_add_value_uchar("URI", gen->d.ia5->data, &ret))
+            return NULL;
         break;
 
     case GEN_DIRNAME:
-        X509_NAME_oneline(gen->d.dirn, oline, 256);
-        X509V3_add_value("DirName", oline, &ret);
+        if (X509_NAME_oneline(gen->d.dirn, oline, 256) == NULL
+                || !X509V3_add_value("DirName", oline, &ret))
+            return NULL;
         break;
 
     case GEN_IPADD:
         p = gen->d.ip->data;
         if (gen->d.ip->length == 4)
-            BIO_snprintf(oline, sizeof oline,
+            BIO_snprintf(oline, sizeof(oline),
                          "%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
         else if (gen->d.ip->length == 16) {
             oline[0] = 0;
             for (i = 0; i < 8; i++) {
-                BIO_snprintf(htmp, sizeof htmp, "%X", p[0] << 8 | p[1]);
+                BIO_snprintf(htmp, sizeof(htmp), "%X", p[0] << 8 | p[1]);
                 p += 2;
                 strcat(oline, htmp);
                 if (i != 7)
                     strcat(oline, ":");
             }
         } else {
-            X509V3_add_value("IP Address", "<invalid>", &ret);
+            if (!X509V3_add_value("IP Address", "<invalid>", &ret))
+                return NULL;
             break;
         }
-        X509V3_add_value("IP Address", oline, &ret);
+        if (!X509V3_add_value("IP Address", oline, &ret))
+            return NULL;
         break;
 
     case GEN_RID:
         i2t_ASN1_OBJECT(oline, 256, gen->d.rid);
-        X509V3_add_value("Registered ID", oline, &ret);
+        if (!X509V3_add_value("Registered ID", oline, &ret))
+            return NULL;
         break;
     }
     return ret;
diff --git a/crypto/x509v3/v3_conf.c b/crypto/x509v3/v3_conf.c
index c1b4c1a8..a38848cc 100644
--- a/crypto/x509v3/v3_conf.c
+++ b/crypto/x509v3/v3_conf.c
@@ -4,7 +4,7 @@
  * 1999.
  */
 /* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2018 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -340,8 +340,12 @@ int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, char *section,
         val = sk_CONF_VALUE_value(nval, i);
         if (!(ext = X509V3_EXT_nconf(conf, ctx, val->name, val->value)))
             return 0;
-        if (sk)
-            X509v3_add_ext(sk, ext, -1);
+        if (sk != NULL) {
+            if (X509v3_add_ext(sk, ext, -1) == NULL) {
+                X509_EXTENSION_free(ext);
+                return 0;
+            }
+        }
         X509_EXTENSION_free(ext);
     }
     return 1;
diff --git a/crypto/x509v3/v3_cpols.c b/crypto/x509v3/v3_cpols.c
index d97f6226..b99269e7 100644
--- a/crypto/x509v3/v3_cpols.c
+++ b/crypto/x509v3/v3_cpols.c
@@ -390,10 +390,10 @@ static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos)
     return 1;
 
  merr:
+    ASN1_INTEGER_free(aint);
     X509V3err(X509V3_F_NREF_NOS, ERR_R_MALLOC_FAILURE);
 
  err:
-    sk_ASN1_INTEGER_pop_free(nnums, ASN1_STRING_free);
     return 0;
 }
 
@@ -458,9 +458,15 @@ static void print_notice(BIO *out, USERNOTICE *notice, int indent)
             num = sk_ASN1_INTEGER_value(ref->noticenos, i);
             if (i)
                 BIO_puts(out, ", ");
-            tmp = i2s_ASN1_INTEGER(NULL, num);
-            BIO_puts(out, tmp);
-            OPENSSL_free(tmp);
+            if (num == NULL)
+                BIO_puts(out, "(null)");
+            else {
+                tmp = i2s_ASN1_INTEGER(NULL, num);
+                if (tmp == NULL)
+                    return;
+                BIO_puts(out, tmp);
+                OPENSSL_free(tmp);
+            }
         }
         BIO_puts(out, "\n");
     }
diff --git a/crypto/x509v3/v3_genn.c b/crypto/x509v3/v3_genn.c
index 7f40bfab..9bb01ee3 100644
--- a/crypto/x509v3/v3_genn.c
+++ b/crypto/x509v3/v3_genn.c
@@ -231,6 +231,7 @@ int GENERAL_NAME_set0_othername(GENERAL_NAME *gen,
     oth = OTHERNAME_new();
     if (!oth)
         return 0;
+    ASN1_TYPE_free(oth->value);
     oth->type_id = oid;
     oth->value = value;
     GENERAL_NAME_set0_value(gen, GEN_OTHERNAME, oth);
diff --git a/crypto/x509v3/v3_info.c b/crypto/x509v3/v3_info.c
index e052a34b..0c64b0ad 100644
--- a/crypto/x509v3/v3_info.c
+++ b/crypto/x509v3/v3_info.c
@@ -107,29 +107,30 @@ ASN1_ITEM_TEMPLATE_END(AUTHORITY_INFO_ACCESS)
 
 IMPLEMENT_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS)
 
-static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD
-                                                       *method, AUTHORITY_INFO_ACCESS
-                                                       *ainfo, STACK_OF(CONF_VALUE)
-                                                       *ret)
+static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(
+    X509V3_EXT_METHOD *method, AUTHORITY_INFO_ACCESS *ainfo,
+    STACK_OF(CONF_VALUE) *ret)
 {
     ACCESS_DESCRIPTION *desc;
     int i, nlen;
     char objtmp[80], *ntmp;
     CONF_VALUE *vtmp;
+    STACK_OF(CONF_VALUE) *tret = ret;
+
     for (i = 0; i < sk_ACCESS_DESCRIPTION_num(ainfo); i++) {
+        STACK_OF(CONF_VALUE) *tmp;
+
         desc = sk_ACCESS_DESCRIPTION_value(ainfo, i);
-        ret = i2v_GENERAL_NAME(method, desc->location, ret);
-        if (!ret)
-            break;
-        vtmp = sk_CONF_VALUE_value(ret, i);
-        i2t_ASN1_OBJECT(objtmp, sizeof objtmp, desc->method);
+        tmp = i2v_GENERAL_NAME(method, desc->location, tret);
+        if (tmp == NULL)
+            goto err;
+        tret = tmp;
+        vtmp = sk_CONF_VALUE_value(tret, i);
+        i2t_ASN1_OBJECT(objtmp, sizeof(objtmp), desc->method);
         nlen = strlen(objtmp) + strlen(vtmp->name) + 5;
         ntmp = OPENSSL_malloc(nlen);
-        if (!ntmp) {
-            X509V3err(X509V3_F_I2V_AUTHORITY_INFO_ACCESS,
-                      ERR_R_MALLOC_FAILURE);
-            return NULL;
-        }
+        if (ntmp == NULL)
+            goto err;
         BUF_strlcpy(ntmp, objtmp, nlen);
         BUF_strlcat(ntmp, " - ", nlen);
         BUF_strlcat(ntmp, vtmp->name, nlen);
@@ -137,9 +138,15 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD
         vtmp->name = ntmp;
 
     }
-    if (!ret)
+    if (ret == NULL && tret == NULL)
         return sk_CONF_VALUE_new_null();
-    return ret;
+
+    return tret;
+ err:
+    X509V3err(X509V3_F_I2V_AUTHORITY_INFO_ACCESS, ERR_R_MALLOC_FAILURE);
+    if (ret == NULL && tret != NULL)
+        sk_CONF_VALUE_pop_free(tret, X509V3_conf_free);
+    return NULL;
 }
 
 static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD
diff --git a/crypto/x509v3/v3_lib.c b/crypto/x509v3/v3_lib.c
index 8350429a..11128024 100644
--- a/crypto/x509v3/v3_lib.c
+++ b/crypto/x509v3/v3_lib.c
@@ -286,9 +286,9 @@ void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit,
 int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
                     int crit, unsigned long flags)
 {
-    int extidx = -1;
-    int errcode;
-    X509_EXTENSION *ext, *extmp;
+    int errcode, extidx = -1;
+    X509_EXTENSION *ext = NULL, *extmp;
+    STACK_OF(X509_EXTENSION) *ret = NULL;
     unsigned long ext_op = flags & X509V3_ADD_OP_MASK;
 
     /*
@@ -347,13 +347,21 @@ int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
         return 1;
     }
 
-    if (!*x && !(*x = sk_X509_EXTENSION_new_null()))
-        return -1;
-    if (!sk_X509_EXTENSION_push(*x, ext))
-        return -1;
+    if ((ret = *x) == NULL
+         && (ret = sk_X509_EXTENSION_new_null()) == NULL)
+        goto m_fail;
+    if (!sk_X509_EXTENSION_push(ret, ext))
+        goto m_fail;
 
+    *x = ret;
     return 1;
 
+ m_fail:
+    if (ret != *x)
+        sk_X509_EXTENSION_free(ret);
+    X509_EXTENSION_free(ext);
+    return -1;
+
  err:
     if (!(flags & X509V3_ADD_SILENT))
         X509V3err(X509V3_F_X509V3_ADD1_I2D, errcode);
diff --git a/crypto/x509v3/v3_ncons.c b/crypto/x509v3/v3_ncons.c
index 28552696..1184091c 100644
--- a/crypto/x509v3/v3_ncons.c
+++ b/crypto/x509v3/v3_ncons.c
@@ -107,6 +107,47 @@ ASN1_SEQUENCE(NAME_CONSTRAINTS) = {
 IMPLEMENT_ASN1_ALLOC_FUNCTIONS(GENERAL_SUBTREE)
 IMPLEMENT_ASN1_ALLOC_FUNCTIONS(NAME_CONSTRAINTS)
 
+/*
+ * We cannot use strncasecmp here because that applies locale specific rules.
+ * For example in Turkish 'I' is not the uppercase character for 'i'. We need to
+ * do a simple ASCII case comparison ignoring the locale (that is why we use
+ * numeric constants below).
+ */
+static int ia5ncasecmp(const char *s1, const char *s2, size_t n)
+{
+    for (; n > 0; n--, s1++, s2++) {
+        if (*s1 != *s2) {
+            unsigned char c1 = (unsigned char)*s1, c2 = (unsigned char)*s2;
+
+            /* Convert to lower case */
+            if (c1 >= 0x41 /* A */ && c1 <= 0x5A /* Z */)
+                c1 += 0x20;
+            if (c2 >= 0x41 /* A */ && c2 <= 0x5A /* Z */)
+                c2 += 0x20;
+
+            if (c1 == c2)
+                continue;
+
+            if (c1 < c2)
+                return -1;
+
+            /* c1 > c2 */
+            return 1;
+        } else if (*s1 == 0) {
+            /* If we get here we know that *s2 == 0 too */
+            return 0;
+        }
+    }
+
+    return 0;
+}
+
+static int ia5casecmp(const char *s1, const char *s2)
+{
+    /* No portable definition of SIZE_MAX, so we use (size_t)(-1) instead */
+    return ia5ncasecmp(s1, s2, (size_t)(-1));
+}
+
 static void *v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method,
                                   X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
 {
@@ -384,7 +425,7 @@ static int nc_dns(ASN1_IA5STRING *dns, ASN1_IA5STRING *base)
             return X509_V_ERR_PERMITTED_VIOLATION;
     }
 
-    if (strcasecmp(baseptr, dnsptr))
+    if (ia5casecmp(baseptr, dnsptr))
         return X509_V_ERR_PERMITTED_VIOLATION;
 
     return X509_V_OK;
@@ -404,7 +445,7 @@ static int nc_email(ASN1_IA5STRING *eml, ASN1_IA5STRING *base)
     if (!baseat && (*baseptr == '.')) {
         if (eml->length > base->length) {
             emlptr += eml->length - base->length;
-            if (!strcasecmp(baseptr, emlptr))
+            if (ia5casecmp(baseptr, emlptr) == 0)
                 return X509_V_OK;
         }
         return X509_V_ERR_PERMITTED_VIOLATION;
@@ -425,7 +466,7 @@ static int nc_email(ASN1_IA5STRING *eml, ASN1_IA5STRING *base)
     }
     emlptr = emlat + 1;
     /* Just have hostname left to match: case insensitive */
-    if (strcasecmp(baseptr, emlptr))
+    if (ia5casecmp(baseptr, emlptr))
         return X509_V_ERR_PERMITTED_VIOLATION;
 
     return X509_V_OK;
@@ -464,14 +505,14 @@ static int nc_uri(ASN1_IA5STRING *uri, ASN1_IA5STRING *base)
     if (*baseptr == '.') {
         if (hostlen > base->length) {
             p = hostptr + hostlen - base->length;
-            if (!strncasecmp(p, baseptr, base->length))
+            if (ia5ncasecmp(p, baseptr, base->length) == 0)
                 return X509_V_OK;
         }
         return X509_V_ERR_PERMITTED_VIOLATION;
     }
 
     if ((base->length != (int)hostlen)
-        || strncasecmp(hostptr, baseptr, hostlen))
+        || ia5ncasecmp(hostptr, baseptr, hostlen))
         return X509_V_ERR_PERMITTED_VIOLATION;
 
     return X509_V_OK;
diff --git a/crypto/x509v3/v3_purp.c b/crypto/x509v3/v3_purp.c
index 845be673..96e629a9 100644
--- a/crypto/x509v3/v3_purp.c
+++ b/crypto/x509v3/v3_purp.c
@@ -321,6 +321,7 @@ int X509_supported_extension(X509_EXTENSION *ex)
         NID_subject_alt_name,   /* 85 */
         NID_basic_constraints,  /* 87 */
         NID_certificate_policies, /* 89 */
+        NID_crl_distribution_points, /* 103 */
         NID_ext_key_usage,      /* 126 */
 #ifndef OPENSSL_NO_RFC3779
         NID_sbgp_ipAddrBlock,   /* 290 */
diff --git a/crypto/x509v3/v3_scts.c b/crypto/x509v3/v3_scts.c
index 0b7c6818..87a6ae1d 100644
--- a/crypto/x509v3/v3_scts.c
+++ b/crypto/x509v3/v3_scts.c
@@ -156,7 +156,7 @@ static void timestamp_print(BIO *out, SCT_TIMESTAMP timestamp)
     gen = ASN1_GENERALIZEDTIME_new();
     ASN1_GENERALIZEDTIME_adj(gen, (time_t)0,
                              (int)(timestamp / 86400000),
-                             (timestamp % 86400000) / 1000);
+                             (int)(timestamp % 86400000) / 1000);
     /*
      * Note GeneralizedTime from ASN1_GENERALIZETIME_adj is always 15
      * characters long with a final Z. Update it with fractional seconds.
diff --git a/crypto/x86_64cpuid.pl b/crypto/x86_64cpuid.pl
index d208d023..ef3608b1 100644
--- a/crypto/x86_64cpuid.pl
+++ b/crypto/x86_64cpuid.pl
@@ -59,7 +59,7 @@ OPENSSL_ia32_cpuid:
 	mov	%rbx,%r8		# save %rbx
 
 	xor	%eax,%eax
-	mov	%eax,8(%rdi)		# clear 3rd word
+	mov	%eax,8(%rdi)		# clear extended feature flags
 	cpuid
 	mov	%eax,%r11d		# max value for standard query level
 
@@ -127,14 +127,6 @@ OPENSSL_ia32_cpuid:
 	shr	\$14,%r10d
 	and	\$0xfff,%r10d		# number of cores -1 per L1D
 
-	cmp	\$7,%r11d
-	jb	.Lnocacheinfo
-
-	mov	\$7,%eax
-	xor	%ecx,%ecx
-	cpuid
-	mov	%ebx,8(%rdi)
-
 .Lnocacheinfo:
 	mov	\$1,%eax
 	cpuid
@@ -144,8 +136,19 @@ OPENSSL_ia32_cpuid:
 	or	\$0x40000000,%edx	# set reserved bit#30 on Intel CPUs
 	and	\$15,%ah
 	cmp	\$15,%ah		# examine Family ID
-	jne	.Lnotintel
+	jne	.LnotP4
 	or	\$0x00100000,%edx	# set reserved bit#20 to engage RC4_CHAR
+.LnotP4:
+	cmp	\$6,%ah
+	jne	.Lnotintel
+	and	\$0x0fff0ff0,%eax
+	cmp	\$0x00050670,%eax	# Knights Landing
+	je	.Lknights
+	cmp	\$0x00080650,%eax	# Knights Mill (according to sde)
+	jne	.Lnotintel
+.Lknights:
+	and	\$0xfbffffff,%ecx	# clear XSAVE flag to mimic Silvermont
+
 .Lnotintel:
 	bt	\$28,%edx		# test hyper-threading bit
 	jnc	.Lgeneric
@@ -164,6 +167,19 @@ OPENSSL_ia32_cpuid:
 	or	%ecx,%r9d		# merge AMD XOP flag
 
 	mov	%edx,%r10d		# %r9d:%r10d is copy of %ecx:%edx
+
+	cmp	\$7,%r11d
+	jb	.Lno_extended_info
+	mov	\$7,%eax
+	xor	%ecx,%ecx
+	cpuid
+	bt	\$26,%r9d		# check XSAVE bit, cleared on Knights
+	jc	.Lnotknights
+	and	\$0xfff7ffff,%ebx	# clear ADCX/ADOX flag
+.Lnotknights:
+	mov	%ebx,8(%rdi)		# save extended feature flags
+.Lno_extended_info:
+
 	bt	\$27,%r9d		# check OSXSAVE bit
 	jnc	.Lclear_avx
 	xor	%ecx,%ecx		# XCR0
@@ -174,7 +190,7 @@ OPENSSL_ia32_cpuid:
 .Lclear_avx:
 	mov	\$0xefffe7ff,%eax	# ~(1<<28|1<<12|1<<11)
 	and	%eax,%r9d		# clear AVX, FMA and AMD XOP bits
-	andl	\$0xffffffdf,8(%rdi)	# cleax AVX2, ~(1<<5)
+	andl	\$0xffffffdf,8(%rdi)	# clear AVX2, ~(1<<5)
 .Ldone:
 	shl	\$32,%r9
 	mov	%r10d,%eax
diff --git a/crypto/x86cpuid.pl b/crypto/x86cpuid.pl
index e95f6274..90ed196c 100644
--- a/crypto/x86cpuid.pl
+++ b/crypto/x86cpuid.pl
@@ -20,10 +20,10 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
 	&pop	("eax");
 	&xor	("ecx","eax");
 	&xor	("eax","eax");
+	&mov	("esi",&wparam(0));
+	&mov	(&DWP(8,"esi"),"eax");	# clear extended feature flags
 	&bt	("ecx",21);
 	&jnc	(&label("nocpuid"));
-	&mov	("esi",&wparam(0));
-	&mov	(&DWP(8,"esi"),"eax");	# clear 3rd word
 	&cpuid	();
 	&mov	("edi","eax");		# max value for standard query level
 
@@ -81,26 +81,16 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
 	&jmp	(&label("generic"));
 	
 &set_label("intel");
-	&cmp	("edi",7);
-	&jb	(&label("cacheinfo"));
-
-	&mov	("esi",&wparam(0));
-	&mov	("eax",7);
-	&xor	("ecx","ecx");
-	&cpuid	();
-	&mov	(&DWP(8,"esi"),"ebx");
-
-&set_label("cacheinfo");
 	&cmp	("edi",4);
-	&mov	("edi",-1);
+	&mov	("esi",-1);
 	&jb	(&label("nocacheinfo"));
 
 	&mov	("eax",4);
 	&mov	("ecx",0);		# query L1D
 	&cpuid	();
-	&mov	("edi","eax");
-	&shr	("edi",14);
-	&and	("edi",0xfff);		# number of cores -1 per L1D
+	&mov	("esi","eax");
+	&shr	("esi",14);
+	&and	("esi",0xfff);		# number of cores -1 per L1D
 
 &set_label("nocacheinfo");
 	&mov	("eax",1);
@@ -118,7 +108,7 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
 	&bt	("edx",28);		# test hyper-threading bit
 	&jnc	(&label("generic"));
 	&and	("edx",0xefffffff);
-	&cmp	("edi",0);
+	&cmp	("esi",0);
 	&je	(&label("generic"));
 
 	&or	("edx",0x10000000);
@@ -130,10 +120,19 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
 &set_label("generic");
 	&and	("ebp",1<<11);		# isolate AMD XOP flag
 	&and	("ecx",0xfffff7ff);	# force 11th bit to 0
-	&mov	("esi","edx");
+	&mov	("esi","edx");		# %ebp:%esi is copy of %ecx:%edx
 	&or	("ebp","ecx");		# merge AMD XOP flag
 
-	&bt	("ecx",27);		# check OSXSAVE bit
+	&cmp	("edi",7);
+	&mov	("edi",&wparam(0));
+	&jb	(&label("no_extended_info"));
+	&mov	("eax",7);
+	&xor	("ecx","ecx");
+	&cpuid	();
+	&mov	(&DWP(8,"edi"),"ebx");	# save extended feature flag
+&set_label("no_extended_info");
+
+	&bt	("ebp",27);		# check OSXSAVE bit
 	&jnc	(&label("clear_avx"));
 	&xor	("ecx","ecx");
 	&data_byte(0x0f,0x01,0xd0);	# xgetbv
@@ -147,7 +146,6 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
 	&and	("esi",0xfeffffff);	# clear FXSR
 &set_label("clear_avx");
 	&and	("ebp",0xefffe7ff);	# clear AVX, FMA and AMD XOP bits
-	&mov	("edi",&wparam(0));
 	&and	(&DWP(8,"edi"),0xffffffdf);	# clear AVX2
 &set_label("done");
 	&mov	("eax","esi");
diff --git a/demos/easy_tls/easy-tls.c b/demos/easy_tls/easy-tls.c
index 45063a48..717b81aa 100644
--- a/demos/easy_tls/easy-tls.c
+++ b/demos/easy_tls/easy-tls.c
@@ -295,9 +295,9 @@ static void tls_errflush(void *apparg)
     if (errbuf_i == 0)
         return;
 
-    assert(errbuf_i < sizeof errbuf);
+    assert(errbuf_i < sizeof(errbuf));
     assert(errbuf[errbuf_i] == 0);
-    if (errbuf_i == sizeof errbuf - 1) {
+    if (errbuf_i == sizeof(errbuf) - 1) {
         /* make sure we have a newline, even if string has been truncated */
         errbuf[errbuf_i - 1] = '\n';
     }
@@ -316,11 +316,11 @@ static void tls_errprintf(int flush, void *apparg, const char *fmt, ...)
     va_list args;
     int r;
 
-    if (errbuf_i < sizeof errbuf - 1) {
+    if (errbuf_i < sizeof(errbuf) - 1) {
         size_t n;
 
         va_start(args, fmt);
-        n = (sizeof errbuf) - errbuf_i;
+        n = (sizeof(errbuf)) - errbuf_i;
         r = vsnprintf(errbuf + errbuf_i, n, fmt, args);
         va_end(args);
         if (r >= n)
@@ -328,10 +328,10 @@ static void tls_errprintf(int flush, void *apparg, const char *fmt, ...)
         if (r >= 0) {
             errbuf_i += r;
         } else {
-            errbuf_i = sizeof errbuf - 1;
+            errbuf_i = sizeof(errbuf) - 1;
             errbuf[errbuf_i] = '\0';
         }
-        assert(errbuf_i < sizeof errbuf);
+        assert(errbuf_i < sizeof(errbuf));
         assert(errbuf[errbuf_i] == 0);
     }
 #ifndef TLS_CUMULATE_ERRORS
@@ -369,11 +369,11 @@ static char *tls_openssl_errors(const char *app_prefix_1,
         default_text = "?" "?" "?";
 
     while ((err = ERR_get_error_line_data(&file, &line, &data, &flags)) != 0) {
-        if (reasons_i < sizeof reasons) {
+        if (reasons_i < sizeof(reasons)) {
             size_t n;
             int r;
 
-            n = (sizeof reasons) - reasons_i;
+            n = (sizeof(reasons)) - reasons_i;
             r = snprintf(reasons + reasons_i, n, "%s%s",
                          (reasons_i > 0 ? ", " : ""),
                          ERR_reason_error_string(err));
@@ -382,9 +382,9 @@ static char *tls_openssl_errors(const char *app_prefix_1,
             if (r >= 0) {
                 reasons_i += r;
             } else {
-                reasons_i = sizeof reasons;
+                reasons_i = sizeof(reasons);
             }
-            assert(reasons_i <= sizeof reasons);
+            assert(reasons_i <= sizeof(reasons));
         }
 
         errstring = ERR_error_string(err, NULL);
@@ -397,7 +397,7 @@ static char *tls_openssl_errors(const char *app_prefix_1,
 
     if (!printed_something) {
         assert(reasons_i == 0);
-        snprintf(reasons, sizeof reasons, "%s", default_text);
+        snprintf(reasons, sizeof(reasons), "%s", default_text);
         tls_errprintf(0, apparg, "OpenSSL error%s%s: %s\n", app_prefix_1,
                       app_prefix_2, default_text);
     }
@@ -442,7 +442,7 @@ static void tls_rand_seed_uniquely(void)
     data.time = time(NULL);
     data.stack = (void *)&data;
 
-    RAND_seed((const void *)&data, sizeof data);
+    RAND_seed((const void *)&data, sizeof(data));
 }
 
 void tls_rand_seed(void)
@@ -465,7 +465,7 @@ void tls_rand_seed(void)
     data.gid = getgid();
     data.egid = getegid();
 
-    RAND_seed((const void *)&data, sizeof data);
+    RAND_seed((const void *)&data, sizeof(data));
     tls_rand_seed_uniquely();
 }
 
@@ -543,7 +543,7 @@ tls_get_x509_subject_name_oneline(X509 *cert,
     name = X509_get_subject_name(cert); /* does not increment any reference
                                          * counter */
 
-    assert(sizeof namestring->str >= 4); /* "?" or "...", plus 0 */
+    assert(sizeof(namestring->str) >= 4); /* "?" or "...", plus 0 */
 
     if (name == NULL) {
         namestring->str[0] = '?';
@@ -551,12 +551,12 @@ tls_get_x509_subject_name_oneline(X509 *cert,
     } else {
         size_t len;
 
-        X509_NAME_oneline(name, namestring->str, sizeof namestring->str);
+        X509_NAME_oneline(name, namestring->str, sizeof(namestring->str));
         len = strlen(namestring->str);
         assert(namestring->str[len] == 0);
-        assert(len < sizeof namestring->str);
+        assert(len < sizeof(namestring->str));
 
-        if (len + 1 == sizeof namestring->str) {
+        if (len + 1 == sizeof(namestring->str)) {
             /*
              * (Probably something was cut off.) Does not really work --
              * X509_NAME_oneline truncates after name components, we cannot
@@ -617,7 +617,7 @@ void tls_set_dhe1024(int i, void *apparg)
 
     tls_init(apparg);
     if (i >= 0) {
-        i %= sizeof seed / sizeof seed[0];
+        i %= sizeof(seed) / sizeof(seed[0]);
         assert(strlen(seed[i]) == 20);
         memcpy(seedbuf, seed[i], 20);
         dsaparams =
@@ -711,7 +711,7 @@ SSL_CTX *tls_create_ctx(struct tls_create_ctx_args a, void *apparg)
     if ((a.ca_file != NULL) || (a.verify_depth > 0)) {
         context_num++;
         r = SSL_CTX_set_session_id_context(ret, (const void *)&context_num,
-                                           (unsigned int)sizeof context_num);
+                                           (unsigned int)sizeof(context_num));
         if (!r)
             goto err;
 
@@ -762,7 +762,7 @@ SSL_CTX *tls_create_ctx(struct tls_create_ctx_args a, void *apparg)
         if (tls_dhe1024 == NULL) {
             int i;
 
-            if (RAND_bytes((unsigned char *)&i, sizeof i) <= 0)
+            if (RAND_bytes((unsigned char *)&i, sizeof(i)) <= 0)
                 goto err_return;
             /*
              * make sure that i is non-negative -- pick one of the provided
@@ -955,11 +955,11 @@ static void write_info(SSL *ssl, int *info_fd)
             /* should not happen, but make sure */
             *strchr(peer.str, '\n') = '\0';
         }
-        r = snprintf(infobuf, sizeof infobuf, "%c:%s\n%s\n", v_ok,
+        r = snprintf(infobuf, sizeof(infobuf), "%c:%s\n%s\n", v_ok,
                      X509_verify_cert_error_string(v), peer.str);
         DEBUG_MSG2("snprintf", r);
-        if (r == -1 || r >= sizeof infobuf)
-            r = sizeof infobuf - 1;
+        if (r == -1 || r >= sizeof(infobuf))
+            r = sizeof(infobuf) - 1;
         write(*info_fd, infobuf, r);
         close(*info_fd);
         *info_fd = -1;
@@ -1082,7 +1082,7 @@ tls_proxy(int clear_fd, int tls_fd, int info_fd, SSL_CTX *ctx, int client_p)
 
         if (!closed) {
             if (clear_to_tls.offset + clear_to_tls.len <
-                sizeof clear_to_tls.buf) {
+                sizeof(clear_to_tls.buf)) {
                 r = read_attempt(clear_fd, &clear_to_tls, &clear_read_select,
                                  &closed, &progress);
                 if (r != 0)
@@ -1096,7 +1096,7 @@ tls_proxy(int clear_fd, int tls_fd, int info_fd, SSL_CTX *ctx, int client_p)
 
         if (!closed && !in_handshake) {
             if (tls_to_clear.offset + tls_to_clear.len <
-                sizeof tls_to_clear.buf) {
+                sizeof(tls_to_clear.buf)) {
                 r = tls_read_attempt(ssl, &tls_to_clear, &tls_write_select,
                                      &tls_read_select, &closed, &progress,
                                      &err_pref_1);
@@ -1231,13 +1231,13 @@ tls_read_attempt(SSL *ssl, struct tunnelbuf *buf, int *write_select,
 
     DEBUG_MSG("tls_read_attempt");
     total = buf->offset + buf->len;
-    assert(total < sizeof buf->buf);
-    n = SSL_read(ssl, buf->buf + total, (sizeof buf->buf) - total);
+    assert(total < sizeof(buf->buf));
+    n = SSL_read(ssl, buf->buf + total, sizeof(buf->buf) - total);
     DEBUG_MSG2("SSL_read", n);
     r = tls_get_error(ssl, n, write_select, read_select, closed, progress);
     if (n > 0) {
         buf->len += n;
-        assert(buf->offset + buf->len <= sizeof buf->buf);
+        assert(buf->offset + buf->len <= sizeof(buf->buf));
     }
     if (r == -1)
         *err_pref = " during SSL_read";
@@ -1297,13 +1297,13 @@ read_attempt(int fd, struct tunnelbuf *buf, int *select, int *closed,
 
     DEBUG_MSG("read_attempt");
     total = buf->offset + buf->len;
-    assert(total < sizeof buf->buf);
-    n = read(fd, buf->buf + total, (sizeof buf->buf) - total);
+    assert(total < sizeof(buf->buf));
+    n = read(fd, buf->buf + total, sizeof(buf->buf) - total);
     DEBUG_MSG2("read", n);
     r = get_error(n, select, closed, progress);
     if (n > 0) {
         buf->len += n;
-        assert(buf->offset + buf->len <= sizeof buf->buf);
+        assert(buf->offset + buf->len <= sizeof(buf->buf));
     }
     if (r == -1)
         tls_errprintf(1, tls_child_apparg, "read error: %s\n",
diff --git a/demos/easy_tls/test.c b/demos/easy_tls/test.c
index d1dd53d0..3877370f 100644
--- a/demos/easy_tls/test.c
+++ b/demos/easy_tls/test.c
@@ -78,7 +78,7 @@ int main(int argc, char *argv[])
 
     if (client_p) {
         struct sockaddr_in addr;
-        size_t addr_len = sizeof addr;
+        size_t addr_len = sizeof(addr);
 
         addr.sin_family = AF_INET;
         assert(argc > 1);
@@ -101,7 +101,7 @@ int main(int argc, char *argv[])
         {
             int i = 1;
 
-            r = setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (void *)&i, sizeof i);
+            r = setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (void *)&i, sizeof(i));
             if (r == -1) {
                 perror("setsockopt");
                 exit(1);
@@ -110,7 +110,7 @@ int main(int argc, char *argv[])
 
         {
             struct sockaddr_in addr;
-            size_t addr_len = sizeof addr;
+            size_t addr_len = sizeof(addr);
 
             if (argc > 1)
                 sscanf(argv[1], "%d", &port);
@@ -158,7 +158,7 @@ int main(int argc, char *argv[])
     setvbuf(conn_in, NULL, _IOLBF, 256);
     setvbuf(conn_out, NULL, _IOLBF, 256);
 
-    while (fgets(buf, sizeof buf, stdin) != NULL) {
+    while (fgets(buf, sizeof(buf), stdin) != NULL) {
         if (buf[0] == 'W') {
             fprintf(conn_out, "%.*s\r\n", (int)(strlen(buf + 1) - 1),
                     buf + 1);
@@ -174,7 +174,7 @@ int main(int argc, char *argv[])
 
             sscanf(buf + 1, "%d", &lines);
             do {
-                if (fgets(buf, sizeof buf, conn_in) == NULL) {
+                if (fgets(buf, sizeof(buf), conn_in) == NULL) {
                     if (ferror(conn_in)) {
                         fprintf(stderr, "ERROR\n");
                         exit(1);
@@ -225,7 +225,7 @@ int main(int argc, char *argv[])
                 exit(1);
             }
 
-            r = read(infofd, infobuf, sizeof infobuf - 1);
+            r = read(infofd, infobuf, sizeof(infobuf) - 1);
             if (r > 0) {
                 const char *info = infobuf;
                 const char *eol;
diff --git a/demos/engines/zencod/hw_zencod.c b/demos/engines/zencod/hw_zencod.c
index daf0aef1..dfbe7d15 100644
--- a/demos/engines/zencod/hw_zencod.c
+++ b/demos/engines/zencod/hw_zencod.c
@@ -1289,10 +1289,10 @@ static const EVP_MD engine_sha1_md = {
     engine_md_cleanup,          /* dev_crypto_sha_cleanup */
     EVP_PKEY_RSA_method,
     SHA_CBLOCK,
-    /* sizeof ( EVP_MD * ) + sizeof ( SHA_CTX ) */
+    /* sizeof(EVP_MD *) + sizeof(SHA_CTX) */
     sizeof(ZEN_MD_DATA)
         /*
-         * sizeof ( MD_CTX_DATA ) The message digest data structure ...
+         * sizeof(MD_CTX_DATA) The message digest data structure ...
          */
 };
 
@@ -1315,10 +1315,10 @@ static const EVP_MD engine_md5_md = {
     engine_md_cleanup,          /* dev_crypto_md5_cleanup */
     EVP_PKEY_RSA_method,
     MD5_CBLOCK,
-    /* sizeof ( EVP_MD * ) + sizeof ( MD5_CTX ) */
+    /* sizeof(EVP_MD *) + sizeof(MD5_CTX) */
     sizeof(ZEN_MD_DATA)
         /*
-         * sizeof ( MD_CTX_DATA ) The message digest data structure ...
+         * sizeof(MD_CTX_DATA) The message digest data structure ...
          */
 };
 
diff --git a/demos/spkigen.c b/demos/spkigen.c
index c272a8c2..9ccb34a1 100644
--- a/demos/spkigen.c
+++ b/demos/spkigen.c
@@ -73,7 +73,7 @@ char *argv[];
     fprintf(stderr, "please enter challenge string:");
     fflush(stderr);
     buf[0] = '\0';
-    fgets(buf, sizeof buf, stdin);
+    fgets(buf, sizeof(buf), stdin);
     i = strlen(buf);
     if (i > 0)
         buf[--i] = '\0';
diff --git a/demos/ssl/serv.cpp b/demos/ssl/serv.cpp
index b142c758..bccce2bd 100644
--- a/demos/ssl/serv.cpp
+++ b/demos/ssl/serv.cpp
@@ -87,7 +87,7 @@ void main ()
   sa_serv.sin_port        = htons (1111);          /* Server Port number */
   
   err = bind(listen_sd, (struct sockaddr*) &sa_serv,
-	     sizeof (sa_serv));                   CHK_ERR(err, "bind");
+	     sizeof(sa_serv));                    CHK_ERR(err, "bind");
 	     
   /* Receive a TCP connection. */
 	     
diff --git a/demos/state_machine/state_machine.c b/demos/state_machine/state_machine.c
index 2ec196af..aca9cd83 100644
--- a/demos/state_machine/state_machine.c
+++ b/demos/state_machine/state_machine.c
@@ -106,7 +106,7 @@ void SSLStateMachine_print_error(SSLStateMachine * pMachine,
     while ((l = ERR_get_error())) {
         char buf[1024];
 
-        ERR_error_string_n(l, buf, sizeof buf);
+        ERR_error_string_n(l, buf, sizeof(buf));
         fprintf(stderr, "Error %lx: %s\n", l, buf);
     }
 }
@@ -114,7 +114,7 @@ void SSLStateMachine_print_error(SSLStateMachine * pMachine,
 SSLStateMachine *SSLStateMachine_new(const char *szCertificateFile,
                                      const char *szKeyFile)
 {
-    SSLStateMachine *pMachine = malloc(sizeof *pMachine);
+    SSLStateMachine *pMachine = malloc(sizeof(*pMachine));
     int n;
 
     die_unless(pMachine);
@@ -252,15 +252,15 @@ int OpenSocket(int nPort)
     }
 
     if (setsockopt
-        (nSocket, SOL_SOCKET, SO_REUSEADDR, (char *)&one, sizeof one) < 0) {
+        (nSocket, SOL_SOCKET, SO_REUSEADDR, (char *)&one, sizeof(one)) < 0) {
         perror("setsockopt");
         exit(2);
     }
 
-    memset(&saServer, 0, sizeof saServer);
+    memset(&saServer, 0, sizeof(saServer));
     saServer.sin_family = AF_INET;
     saServer.sin_port = htons(nPort);
-    nSize = sizeof saServer;
+    nSize = sizeof(saServer);
     if (bind(nSocket, (struct sockaddr *)&saServer, nSize) < 0) {
         perror("bind");
         exit(3);
@@ -271,7 +271,7 @@ int OpenSocket(int nPort)
         exit(4);
     }
 
-    nLen = sizeof saClient;
+    nLen = sizeof(saClient);
     nFD = accept(nSocket, (struct sockaddr *)&saClient, &nLen);
     if (nFD < 0) {
         perror("accept");
@@ -343,7 +343,7 @@ int main(int argc, char **argv)
 
         /* Socket is ready for input */
         if (FD_ISSET(nFD, &rfds)) {
-            n = read(nFD, buf, sizeof buf);
+            n = read(nFD, buf, sizeof(buf));
             if (n == 0) {
                 fprintf(stderr, "Got EOF on socket\n");
                 exit(0);
@@ -360,7 +360,7 @@ int main(int argc, char **argv)
             nrbuf = 0;
 
             n = SSLStateMachine_read_extract(pMachine, buf + 1,
-                                             sizeof buf - 1);
+                                             sizeof(buf) - 1);
             if (n < 0) {
                 SSLStateMachine_print_error(pMachine, "read extract failed");
                 break;
@@ -382,7 +382,7 @@ int main(int argc, char **argv)
         if (FD_ISSET(nFD, &wfds)) {
             int w;
 
-            n = SSLStateMachine_write_extract(pMachine, buf, sizeof buf);
+            n = SSLStateMachine_write_extract(pMachine, buf, sizeof(buf));
             assert(n > 0);
 
             w = write(nFD, buf, n);
@@ -392,7 +392,7 @@ int main(int argc, char **argv)
 
         /* Stdin is ready for input */
         if (FD_ISSET(0, &rfds)) {
-            n = read(0, buf, sizeof buf);
+            n = read(0, buf, sizeof(buf));
             if (n == 0) {
                 fprintf(stderr, "Got EOF on stdin\n");
                 exit(0);
diff --git a/doc/apps/asn1parse.pod b/doc/apps/asn1parse.pod
index 76a765da..a84dbc37 100644
--- a/doc/apps/asn1parse.pod
+++ b/doc/apps/asn1parse.pod
@@ -2,6 +2,7 @@
 
 =head1 NAME
 
+openssl-asn1parse,
 asn1parse - ASN.1 parsing tool
 
 =head1 SYNOPSIS
diff --git a/doc/apps/ca.pod b/doc/apps/ca.pod
index c90e6482..8d94ecb4 100644
--- a/doc/apps/ca.pod
+++ b/doc/apps/ca.pod
@@ -3,6 +3,7 @@
 
 =head1 NAME
 
+openssl-ca,
 ca - sample minimal CA application
 
 =head1 SYNOPSIS
@@ -423,6 +424,10 @@ versions of OpenSSL.  However, to make CA certificate roll-over easier,
 it's recommended to use the value B<no>, especially if combined with
 the B<-selfsign> command line option.
 
+Note that it is valid in some circumstances for certificates to be created
+without any subject. In the case where there are multiple certificates without
+subjects this does not count as a duplicate.
+
 =item B<serial>
 
 a text file containing the next serial number to use in hex. Mandatory.
diff --git a/doc/apps/ciphers.pod b/doc/apps/ciphers.pod
index 92245572..fa16124d 100644
--- a/doc/apps/ciphers.pod
+++ b/doc/apps/ciphers.pod
@@ -2,6 +2,7 @@
 
 =head1 NAME
 
+openssl-ciphers,
 ciphers - SSL cipher display and cipher list tool.
 
 =head1 SYNOPSIS
@@ -179,7 +180,8 @@ When in doubt, include B<!aNULL> in your cipherlist.
 
 =item B<kRSA>, B<RSA>
 
-cipher suites using RSA key exchange.
+cipher suites using RSA key exchange or authentication. B<RSA> is an alias for
+B<kRSA>.
 
 =item B<kDHr>, B<kDHd>, B<kDH>
 
diff --git a/doc/apps/cms.pod b/doc/apps/cms.pod
index ac698042..4a7783d4 100644
--- a/doc/apps/cms.pod
+++ b/doc/apps/cms.pod
@@ -2,6 +2,7 @@
 
 =head1 NAME
 
+openssl-cms,
 cms - CMS utility
 
 =head1 SYNOPSIS
diff --git a/doc/apps/config.pod b/doc/apps/config.pod
index e1259152..3f607d3b 100644
--- a/doc/apps/config.pod
+++ b/doc/apps/config.pod
@@ -47,7 +47,8 @@ or B<${section::name}>. By using the form B<$ENV::name> environment
 variables can be substituted. It is also possible to assign values to
 environment variables by using the name B<ENV::name>, this will work
 if the program looks up environment variables using the B<CONF> library
-instead of calling B<getenv()> directly.
+instead of calling B<getenv()> directly. The value string must not exceed 64k in
+length after variable expansion. Otherwise an error will occur.
 
 It is possible to escape certain characters by using any kind of quote
 or the B<\> character. By making the last character of a line a B<\>
diff --git a/doc/apps/crl.pod b/doc/apps/crl.pod
index 044a9da9..cdced1c7 100644
--- a/doc/apps/crl.pod
+++ b/doc/apps/crl.pod
@@ -2,6 +2,7 @@
 
 =head1 NAME
 
+openssl-crl,
 crl - CRL utility
 
 =head1 SYNOPSIS
diff --git a/doc/apps/crl2pkcs7.pod b/doc/apps/crl2pkcs7.pod
index 3797bc0d..18654c5a 100644
--- a/doc/apps/crl2pkcs7.pod
+++ b/doc/apps/crl2pkcs7.pod
@@ -2,6 +2,7 @@
 
 =head1 NAME
 
+openssl-crl2pkcs7,
 crl2pkcs7 - Create a PKCS#7 structure from a CRL and certificates.
 
 =head1 SYNOPSIS
diff --git a/doc/apps/dgst.pod b/doc/apps/dgst.pod
index b27bb946..72d6c87f 100644
--- a/doc/apps/dgst.pod
+++ b/doc/apps/dgst.pod
@@ -2,6 +2,7 @@
 
 =head1 NAME
 
+openssl-dgst,
 dgst, sha, sha1, mdc2, ripemd160, sha224, sha256, sha384, sha512, md2, md4, md5, dss1 - message digests
 
 =head1 SYNOPSIS
diff --git a/doc/apps/dhparam.pod b/doc/apps/dhparam.pod
index 1cd4c766..018d9935 100644
--- a/doc/apps/dhparam.pod
+++ b/doc/apps/dhparam.pod
@@ -2,6 +2,7 @@
 
 =head1 NAME
 
+openssl-dhparam,
 dhparam - DH parameter manipulation and generation
 
 =head1 SYNOPSIS
diff --git a/doc/apps/dsa.pod b/doc/apps/dsa.pod
index 8bf6cc9d..77d66089 100644
--- a/doc/apps/dsa.pod
+++ b/doc/apps/dsa.pod
@@ -2,6 +2,7 @@
 
 =head1 NAME
 
+openssl-dsa,
 dsa - DSA key processing
 
 =head1 SYNOPSIS
diff --git a/doc/apps/dsaparam.pod b/doc/apps/dsaparam.pod
index ba5ec4d7..44690349 100644
--- a/doc/apps/dsaparam.pod
+++ b/doc/apps/dsaparam.pod
@@ -2,6 +2,7 @@
 
 =head1 NAME
 
+openssl-dsaparam,
 dsaparam - DSA parameter manipulation and generation
 
 =head1 SYNOPSIS
diff --git a/doc/apps/ec.pod b/doc/apps/ec.pod
index 5c7b45d4..658eac5d 100644
--- a/doc/apps/ec.pod
+++ b/doc/apps/ec.pod
@@ -2,6 +2,7 @@
 
 =head1 NAME
 
+openssl-ec,
 ec - EC key processing
 
 =head1 SYNOPSIS
diff --git a/doc/apps/ecparam.pod b/doc/apps/ecparam.pod
index 88e9d1e8..94820952 100644
--- a/doc/apps/ecparam.pod
+++ b/doc/apps/ecparam.pod
@@ -2,6 +2,7 @@
 
 =head1 NAME
 
+openssl-ecparam,
 ecparam - EC parameter manipulation and generation
 
 =head1 SYNOPSIS
@@ -85,8 +86,8 @@ currently implemented EC parameters names and exit.
 =item B<-conv_form>
 
 This specifies how the points on the elliptic curve are converted
-into octet strings. Possible values are: B<compressed> (the default
-value), B<uncompressed> and B<hybrid>. For more information regarding
+into octet strings. Possible values are: B<compressed>, B<uncompressed> (the
+default value) and B<hybrid>. For more information regarding
 the point conversion forms please read the X9.62 standard.
 B<Note> Due to patent issues the B<compressed> option is disabled
 by default for binary curves and can be enabled by defining
diff --git a/doc/apps/enc.pod b/doc/apps/enc.pod
index 41791ad6..aceafcd4 100644
--- a/doc/apps/enc.pod
+++ b/doc/apps/enc.pod
@@ -2,6 +2,7 @@
 
 =head1 NAME
 
+openssl-enc,
 enc - symmetric cipher routines
 
 =head1 SYNOPSIS
diff --git a/doc/apps/errstr.pod b/doc/apps/errstr.pod
index b3c6ccfc..0dee51c8 100644
--- a/doc/apps/errstr.pod
+++ b/doc/apps/errstr.pod
@@ -2,6 +2,7 @@
 
 =head1 NAME
 
+openssl-errstr,
 errstr - lookup error codes
 
 =head1 SYNOPSIS
diff --git a/doc/apps/gendsa.pod b/doc/apps/gendsa.pod
index d9f56be8..2c8e5c86 100644
--- a/doc/apps/gendsa.pod
+++ b/doc/apps/gendsa.pod
@@ -2,6 +2,7 @@
 
 =head1 NAME
 
+openssl-gendsa,
 gendsa - generate a DSA private key from a set of parameters
 
 =head1 SYNOPSIS
diff --git a/doc/apps/genpkey.pod b/doc/apps/genpkey.pod
index 929edcd2..4d09fc09 100644
--- a/doc/apps/genpkey.pod
+++ b/doc/apps/genpkey.pod
@@ -2,6 +2,7 @@
 
 =head1 NAME
 
+openssl-genpkey,
 genpkey - generate a private key
 
 =head1 SYNOPSIS
diff --git a/doc/apps/genrsa.pod b/doc/apps/genrsa.pod
index 3dc9870f..8be06834 100644
--- a/doc/apps/genrsa.pod
+++ b/doc/apps/genrsa.pod
@@ -2,16 +2,21 @@
 
 =head1 NAME
 
+openssl-genrsa,
 genrsa - generate an RSA private key
 
 =head1 SYNOPSIS
 
 B<openssl> B<genrsa>
+[B<-help>]
 [B<-out filename>]
 [B<-passout arg>]
 [B<-aes128>]
 [B<-aes192>]
 [B<-aes256>]
+[B<-aria128>]
+[B<-aria192>]
+[B<-aria256>]
 [B<-camellia128>]
 [B<-camellia192>]
 [B<-camellia256>]
@@ -32,17 +37,21 @@ The B<genrsa> command generates an RSA private key.
 
 =over 4
 
+=item B<-help>
+
+Print out a usage message.
+
 =item B<-out filename>
 
-the output filename. If this argument is not specified then standard output is
-used.  
+Output the key to the specified file. If this argument is not specified then
+standard output is used.
 
 =item B<-passout arg>
 
 the output file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
 
-=item B<-aes128|-aes192|-aes256|-camellia128|-camellia192|-camellia256|-des|-des3|-idea>
+=item B<-aes128|-aes192|-aes256|-aria128|-aria192|-aria256|-camellia128|-camellia192|-camellia256|-des|-des3|-idea>
 
 These options encrypt the private key with specified
 cipher before outputting it. If none of these options is
@@ -56,8 +65,8 @@ the public exponent to use, either 65537 or 3. The default is 65537.
 =item B<-rand file(s)>
 
 a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
-Multiple files can be specified separated by a OS-dependent character.
+generator, or an EGD socket (see L<RAND_egd(3)>).
+Multiple files can be specified separated by an OS-dependent character.
 The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
 all others.
 
@@ -71,7 +80,7 @@ for all available algorithms.
 =item B<numbits>
 
 the size of the private key to generate in bits. This must be the last option
-specified. The default is 512.
+specified. The default is 2048.
 
 =back
 
@@ -96,7 +105,15 @@ be much larger (typically 1024 bits).
 
 =head1 SEE ALSO
 
-L<gendsa(1)|gendsa(1)>
+L<gendsa(1)>
+
+=head1 COPYRIGHT
+
+Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the OpenSSL license (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
 
 =cut
-
diff --git a/doc/apps/nseq.pod b/doc/apps/nseq.pod
index 989c3108..de441fa8 100644
--- a/doc/apps/nseq.pod
+++ b/doc/apps/nseq.pod
@@ -2,6 +2,7 @@
 
 =head1 NAME
 
+openssl-nseq,
 nseq - create or examine a netscape certificate sequence
 
 =head1 SYNOPSIS
diff --git a/doc/apps/ocsp.pod b/doc/apps/ocsp.pod
index 1bb7958d..9e2716f0 100644
--- a/doc/apps/ocsp.pod
+++ b/doc/apps/ocsp.pod
@@ -2,6 +2,7 @@
 
 =head1 NAME
 
+openssl-ocsp,
 ocsp - Online Certificate Status Protocol utility
 
 =head1 SYNOPSIS
diff --git a/doc/apps/passwd.pod b/doc/apps/passwd.pod
index f4498254..7f74ce01 100644
--- a/doc/apps/passwd.pod
+++ b/doc/apps/passwd.pod
@@ -2,6 +2,7 @@
 
 =head1 NAME
 
+openssl-passwd,
 passwd - compute password hashes
 
 =head1 SYNOPSIS
diff --git a/doc/apps/pkcs12.pod b/doc/apps/pkcs12.pod
index 74498483..debc9ea2 100644
--- a/doc/apps/pkcs12.pod
+++ b/doc/apps/pkcs12.pod
@@ -3,6 +3,7 @@
 
 =head1 NAME
 
+openssl-pkcs12,
 pkcs12 - PKCS#12 file utility
 
 =head1 SYNOPSIS
diff --git a/doc/apps/pkcs7.pod b/doc/apps/pkcs7.pod
index acfb8100..651e9371 100644
--- a/doc/apps/pkcs7.pod
+++ b/doc/apps/pkcs7.pod
@@ -2,6 +2,7 @@
 
 =head1 NAME
 
+openssl-pkcs7,
 pkcs7 - PKCS#7 utility
 
 =head1 SYNOPSIS
diff --git a/doc/apps/pkcs8.pod b/doc/apps/pkcs8.pod
index 6901f1f3..f741741e 100644
--- a/doc/apps/pkcs8.pod
+++ b/doc/apps/pkcs8.pod
@@ -2,6 +2,7 @@
 
 =head1 NAME
 
+openssl-pkcs8,
 pkcs8 - PKCS#8 format private key conversion tool
 
 =head1 SYNOPSIS
diff --git a/doc/apps/pkey.pod b/doc/apps/pkey.pod
index 4851223f..6db8a623 100644
--- a/doc/apps/pkey.pod
+++ b/doc/apps/pkey.pod
@@ -3,6 +3,7 @@
 
 =head1 NAME
 
+openssl-pkey,
 pkey - public or private key processing tool
 
 =head1 SYNOPSIS
diff --git a/doc/apps/pkeyparam.pod b/doc/apps/pkeyparam.pod
index 154f6721..27c10a6a 100644
--- a/doc/apps/pkeyparam.pod
+++ b/doc/apps/pkeyparam.pod
@@ -3,6 +3,7 @@
 
 =head1 NAME
 
+openssl-pkeyparam,
 pkeyparam - public key algorithm parameter processing tool
 
 =head1 SYNOPSIS
diff --git a/doc/apps/pkeyutl.pod b/doc/apps/pkeyutl.pod
index 5da347c9..78b3b02a 100644
--- a/doc/apps/pkeyutl.pod
+++ b/doc/apps/pkeyutl.pod
@@ -2,6 +2,7 @@
 
 =head1 NAME
 
+openssl-pkeyutl,
 pkeyutl - public key algorithm utility
 
 =head1 SYNOPSIS
diff --git a/doc/apps/rand.pod b/doc/apps/rand.pod
index d1d213ef..94df10d9 100644
--- a/doc/apps/rand.pod
+++ b/doc/apps/rand.pod
@@ -2,6 +2,7 @@
 
 =head1 NAME
 
+openssl-rand,
 rand - generate pseudo-random bytes
 
 =head1 SYNOPSIS
diff --git a/doc/apps/req.pod b/doc/apps/req.pod
index 30653e50..20b2f39e 100644
--- a/doc/apps/req.pod
+++ b/doc/apps/req.pod
@@ -3,6 +3,7 @@
 
 =head1 NAME
 
+openssl-req,
 req - PKCS#10 certificate request and certificate generating utility.
 
 =head1 SYNOPSIS
@@ -237,6 +238,9 @@ a self signed root CA. The extensions added to the certificate
 using the B<set_serial> option, a large random number will be used for
 the serial number.
 
+If existing request is specified with the B<-in> option, it is converted
+to the self signed certificate otherwise new request is created.
+
 =item B<-days n>
 
 when the B<-x509> option is being used this specifies the number of
diff --git a/doc/apps/rsa.pod b/doc/apps/rsa.pod
index 21cbf8ee..7e43e0f3 100644
--- a/doc/apps/rsa.pod
+++ b/doc/apps/rsa.pod
@@ -3,6 +3,7 @@
 
 =head1 NAME
 
+openssl-rsa,
 rsa - RSA key processing tool
 
 =head1 SYNOPSIS
diff --git a/doc/apps/rsautl.pod b/doc/apps/rsautl.pod
index 1a498c2f..e16ce29c 100644
--- a/doc/apps/rsautl.pod
+++ b/doc/apps/rsautl.pod
@@ -2,6 +2,7 @@
 
 =head1 NAME
 
+openssl-rsautl,
 rsautl - RSA utility
 
 =head1 SYNOPSIS
@@ -105,7 +106,7 @@ Recover the signed data
 
 Examine the raw signed data:
 
- openssl rsautl -verify -in file -inkey key.pem -raw -hexdump
+ openssl rsautl -verify -in sig -inkey key.pem -raw -hexdump
 
  0000 - 00 01 ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
  0010 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
diff --git a/doc/apps/s_client.pod b/doc/apps/s_client.pod
index 29675dd2..d2cad29d 100644
--- a/doc/apps/s_client.pod
+++ b/doc/apps/s_client.pod
@@ -3,6 +3,7 @@
 
 =head1 NAME
 
+openssl-s_client,
 s_client - SSL/TLS client program
 
 =head1 SYNOPSIS
@@ -42,6 +43,8 @@ B<openssl> B<s_client>
 [B<-no_tls1_2>]
 [B<-fallback_scsv>]
 [B<-bugs>]
+[B<-sigalgs sigalglist>]
+[B<-curves curvelist>]
 [B<-cipher cipherlist>]
 [B<-serverpref>]
 [B<-starttls protocol>]
@@ -195,12 +198,14 @@ Can be used to override the implicit B<-ign_eof> after B<-quiet>.
 =item B<-psk_identity identity>
 
 Use the PSK identity B<identity> when using a PSK cipher suite.
+The default value is "Client_identity" (without the quotes).
 
 =item B<-psk key>
 
 Use the PSK key B<key> when using a PSK cipher suite. The key is
 given as a hexadecimal number without leading 0x, for example -psk
 1a2b3c4d.
+This option must be provided in order to use a PSK cipher.
 
 =item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
 
@@ -217,6 +222,19 @@ Send TLS_FALLBACK_SCSV in the ClientHello.
 there are several known bug in SSL and TLS implementations. Adding this
 option enables various workarounds.
 
+=item B<-sigalgs sigalglist>
+
+Specifies the list of signature algorithms that are sent by the client.
+The server selects one entry in the list based on its preferences.
+For example strings, see L<SSL_CTX_set1_sigalgs(3)>
+
+=item B<-curves curvelist>
+
+Specifies the list of supported curves to be sent by the client. The curve is
+is ultimately selected by the server. For a list of all curves, use:
+
+    $ openssl ecparam -list_curves
+
 =item B<-cipher cipherlist>
 
 this allows the cipher list sent by the client to be modified. Although
@@ -232,7 +250,7 @@ use the server's cipher preferences; only used for SSLV2.
 
 send the protocol-specific message(s) to switch to TLS for communication.
 B<protocol> is a keyword for the intended protocol.  Currently, the only
-supported keywords are "smtp", "pop3", "imap", and "ftp".
+supported keywords are "smtp", "pop3", "imap", "ftp" and "xmpp".
 
 =item B<-tlsextdebug>
 
diff --git a/doc/apps/s_server.pod b/doc/apps/s_server.pod
index fa17488d..9916fc3e 100644
--- a/doc/apps/s_server.pod
+++ b/doc/apps/s_server.pod
@@ -3,6 +3,7 @@
 
 =head1 NAME
 
+openssl-s_server,
 s_server - SSL/TLS server program
 
 =head1 SYNOPSIS
@@ -35,6 +36,8 @@ B<openssl> B<s_server>
 [B<-CAfile filename>]
 [B<-no_alt_chains>]
 [B<-nocert>]
+[B<-client_sigalgs sigalglist>]
+[B<-named_curve curve>]
 [B<-cipher cipherlist>]
 [B<-serverpref>]
 [B<-quiet>]
@@ -217,6 +220,7 @@ Use the PSK identity hint B<hint> when using a PSK cipher suite.
 Use the PSK key B<key> when using a PSK cipher suite. The key is
 given as a hexadecimal number without leading 0x, for example -psk
 1a2b3c4d.
+This option must be provided in order to use a PSK cipher.
 
 =item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
 
@@ -234,6 +238,18 @@ option enables various workarounds.
 this option enables a further workaround for some some early Netscape
 SSL code (?).
 
+=item B<-client_sigalgs sigalglist>
+
+Signature algorithms to support for client certificate authentication
+(colon-separated list)
+
+=item B<-named_curve curve>
+
+Specifies the elliptic curve to use. NOTE: this is single curve, not a list.
+For a list of all possible curves, use:
+
+    $ openssl ecparam -list_curves
+
 =item B<-cipher cipherlist>
 
 this allows the cipher list used by the server to be modified.  When
@@ -389,10 +405,6 @@ a web browser the command:
 
 can be used for example.
 
-Most web browsers (in particular Netscape and MSIE) only support RSA cipher
-suites, so they cannot connect to servers which don't use a certificate
-carrying an RSA key or a version of OpenSSL with RSA disabled.
-
 Although specifying an empty list of CAs when requesting a client certificate
 is strictly speaking a protocol violation, some SSL clients interpret this to
 mean any CA is acceptable. This is useful for debugging purposes.
diff --git a/doc/apps/s_time.pod b/doc/apps/s_time.pod
index 9082d876..1fa02800 100644
--- a/doc/apps/s_time.pod
+++ b/doc/apps/s_time.pod
@@ -3,6 +3,7 @@
 
 =head1 NAME
 
+openssl-s_time,
 s_time - SSL/TLS performance timing program
 
 =head1 SYNOPSIS
diff --git a/doc/apps/sess_id.pod b/doc/apps/sess_id.pod
index 9988d2cd..0771baef 100644
--- a/doc/apps/sess_id.pod
+++ b/doc/apps/sess_id.pod
@@ -3,6 +3,7 @@
 
 =head1 NAME
 
+openssl-sess_id,
 sess_id - SSL/TLS session handling utility
 
 =head1 SYNOPSIS
diff --git a/doc/apps/smime.pod b/doc/apps/smime.pod
index 04a83ca8..fbf60da2 100644
--- a/doc/apps/smime.pod
+++ b/doc/apps/smime.pod
@@ -2,6 +2,7 @@
 
 =head1 NAME
 
+openssl-smime,
 smime - S/MIME utility
 
 =head1 SYNOPSIS
diff --git a/doc/apps/speed.pod b/doc/apps/speed.pod
index 1cd1998d..2bfe91e3 100644
--- a/doc/apps/speed.pod
+++ b/doc/apps/speed.pod
@@ -2,6 +2,7 @@
 
 =head1 NAME
 
+openssl-speed,
 speed - test library performance
 
 =head1 SYNOPSIS
diff --git a/doc/apps/spkac.pod b/doc/apps/spkac.pod
index 97fb80e4..b8a5477a 100644
--- a/doc/apps/spkac.pod
+++ b/doc/apps/spkac.pod
@@ -2,6 +2,7 @@
 
 =head1 NAME
 
+openssl-spkac,
 spkac - SPKAC printing and generating utility
 
 =head1 SYNOPSIS
diff --git a/doc/apps/ts.pod b/doc/apps/ts.pod
index d6aa47d3..5da019b2 100644
--- a/doc/apps/ts.pod
+++ b/doc/apps/ts.pod
@@ -2,6 +2,7 @@
 
 =head1 NAME
 
+openssl-ts,
 ts - Time Stamping Authority tool (client/server)
 
 =head1 SYNOPSIS
diff --git a/doc/apps/tsget.pod b/doc/apps/tsget.pod
index 56db985c..4856c850 100644
--- a/doc/apps/tsget.pod
+++ b/doc/apps/tsget.pod
@@ -2,6 +2,7 @@
 
 =head1 NAME
 
+openssl-tsget,
 tsget - Time Stamping HTTP/HTTPS client
 
 =head1 SYNOPSIS
diff --git a/doc/apps/verify.pod b/doc/apps/verify.pod
index b3767325..25167189 100644
--- a/doc/apps/verify.pod
+++ b/doc/apps/verify.pod
@@ -2,6 +2,7 @@
 
 =head1 NAME
 
+openssl-verify,
 verify - Utility to verify certificates.
 
 =head1 SYNOPSIS
@@ -14,7 +15,7 @@ B<openssl> B<verify>
 [B<-ignore_critical>]
 [B<-attime timestamp>]
 [B<-check_ss_sig>]
-[B<-crlfile file>]
+[B<-CRLfile file>]
 [B<-crl_download>]
 [B<-crl_check>]
 [B<-crl_check_all>]
@@ -68,7 +69,7 @@ current system time. B<timestamp> is the number of seconds since
 Verify the signature on the self-signed root CA. This is disabled by default
 because it doesn't add any security.
 
-=item B<-crlfile file>
+=item B<-CRLfile file>
 
 File containing one or more CRL's (in PEM format) to load.
 
diff --git a/doc/apps/version.pod b/doc/apps/version.pod
index 58f543bc..675b0f84 100644
--- a/doc/apps/version.pod
+++ b/doc/apps/version.pod
@@ -2,6 +2,7 @@
 
 =head1 NAME
 
+openssl-version,
 version - print OpenSSL version information
 
 =head1 SYNOPSIS
diff --git a/doc/apps/x509.pod b/doc/apps/x509.pod
index 1479a749..408a5c6b 100644
--- a/doc/apps/x509.pod
+++ b/doc/apps/x509.pod
@@ -3,6 +3,7 @@
 
 =head1 NAME
 
+openssl-x509,
 x509 - Certificate display and signing utility
 
 =head1 SYNOPSIS
@@ -224,8 +225,11 @@ non-zero if yes it will expire or zero if not.
 
 =item B<-fingerprint>
 
-prints out the digest of the DER encoded version of the whole certificate
-(see digest options).
+Calculates and outputs the digest of the DER encoded version of the entire
+certificate (see digest options).
+This is commonly called a "fingerprint". Because of the nature of message
+digests, the fingerprint of a certificate is unique to that certificate and
+two certificates with the same fingerprint can be considered to be the same.
 
 =item B<-C>
 
@@ -673,10 +677,6 @@ supporting UTF8:
 
  openssl x509 -in cert.pem -noout -subject -nameopt oneline,-esc_msb
 
-Display the certificate MD5 fingerprint:
-
- openssl x509 -in cert.pem -noout -fingerprint
-
 Display the certificate SHA1 fingerprint:
 
  openssl x509 -sha1 -in cert.pem -noout -fingerprint
@@ -730,13 +730,6 @@ T61Strings use the ISO8859-1 character set. This is wrong but Netscape
 and MSIE do this as do many certificates. So although this is incorrect
 it is more likely to display the majority of certificates correctly.
 
-The B<-fingerprint> option takes the digest of the DER encoded certificate.
-This is commonly called a "fingerprint". Because of the nature of message
-digests the fingerprint of a certificate is unique to that certificate and
-two certificates with the same fingerprint can be considered to be the same.
-
-The Netscape fingerprint uses MD5 whereas MSIE uses SHA1.
-
 The B<-email> option searches the subject name and the subject alternative
 name extension. Only unique email addresses will be printed out: it will
 not print the same address more than once.
diff --git a/doc/crypto/ASN1_STRING_length.pod b/doc/crypto/ASN1_STRING_length.pod
index f651e4f2..4ea6e8c2 100644
--- a/doc/crypto/ASN1_STRING_length.pod
+++ b/doc/crypto/ASN1_STRING_length.pod
@@ -66,8 +66,8 @@ utility functions should be used instead.
 In general it cannot be assumed that the data returned by ASN1_STRING_data()
 is null terminated or does not contain embedded nulls. The actual format
 of the data will depend on the actual string type itself: for example
-for and IA5String the data will be ASCII, for a BMPString two bytes per
-character in big endian format, UTF8String will be in UTF8 format.
+for an IA5String the data will be ASCII, for a BMPString two bytes per
+character in big endian format, and for an UTF8String it will be in UTF8 format.
 
 Similar care should be take to ensure the data is in the correct format
 when calling ASN1_STRING_set().
diff --git a/doc/crypto/BIO_s_mem.pod b/doc/crypto/BIO_s_mem.pod
index 9f239648..7663d8bf 100644
--- a/doc/crypto/BIO_s_mem.pod
+++ b/doc/crypto/BIO_s_mem.pod
@@ -50,14 +50,14 @@ zero then it will return B<v> when it is empty and it will set the read retry
 flag (that is BIO_read_retry(b) is true). To avoid ambiguity with a normal
 positive return value B<v> should be set to a negative value, typically -1.
 
-BIO_get_mem_data() sets B<pp> to a pointer to the start of the memory BIOs data
+BIO_get_mem_data() sets *B<pp> to a pointer to the start of the memory BIOs data
 and returns the total amount of data available. It is implemented as a macro.
 
 BIO_set_mem_buf() sets the internal BUF_MEM structure to B<bm> and sets the
 close flag to B<c>, that is B<c> should be either BIO_CLOSE or BIO_NOCLOSE.
 It is a macro.
 
-BIO_get_mem_ptr() places the underlying BUF_MEM structure in B<pp>. It is
+BIO_get_mem_ptr() places the underlying BUF_MEM structure in *B<pp>. It is
 a macro.
 
 BIO_new_mem_buf() creates a memory BIO using B<len> bytes of data at B<buf>,
diff --git a/doc/crypto/BN_bn2bin.pod b/doc/crypto/BN_bn2bin.pod
index 3bed47f8..f6bb484f 100644
--- a/doc/crypto/BN_bn2bin.pod
+++ b/doc/crypto/BN_bn2bin.pod
@@ -70,8 +70,9 @@ BN_bn2bin() returns the length of the big-endian number placed at B<to>.
 BN_bin2bn() returns the B<BIGNUM>, NULL on error.
 
 BN_bn2hex() and BN_bn2dec() return a null-terminated string, or NULL
-on error. BN_hex2bn() and BN_dec2bn() return the number's length in
-hexadecimal or decimal digits, and 0 on error.
+on error. BN_hex2bn() and BN_dec2bn() return the number of characters
+used in parsing, or 0 on error, in which
+case no new B<BIGNUM> will be created.
 
 BN_print_fp() and BN_print() return 1 on success, 0 on write errors.
 
diff --git a/doc/crypto/BN_new.pod b/doc/crypto/BN_new.pod
index ab7a105e..d4466031 100644
--- a/doc/crypto/BN_new.pod
+++ b/doc/crypto/BN_new.pod
@@ -30,10 +30,12 @@ to the value 0.
 BN_free() frees the components of the B<BIGNUM>, and if it was created
 by BN_new(), also the structure itself. BN_clear_free() additionally
 overwrites the data before the memory is returned to the system.
+If B<a> is NULL, nothing is done.
 
 =head1 RETURN VALUES
 
-BN_new() returns a pointer to the B<BIGNUM>. If the allocation fails,
+BN_new() returns a pointer to the B<BIGNUM> initialised to the value 0.
+If the allocation fails,
 it returns B<NULL> and sets an error code that can be obtained
 by L<ERR_get_error(3)|ERR_get_error(3)>.
 
diff --git a/doc/crypto/BN_zero.pod b/doc/crypto/BN_zero.pod
index b555ec39..8aa9c142 100644
--- a/doc/crypto/BN_zero.pod
+++ b/doc/crypto/BN_zero.pod
@@ -14,34 +14,37 @@ operations
 
  const BIGNUM *BN_value_one(void);
 
- int BN_set_word(BIGNUM *a, unsigned long w);
- unsigned long BN_get_word(BIGNUM *a);
+ int BN_set_word(BIGNUM *a, BN_ULONG w);
+ BN_ULONG BN_get_word(BIGNUM *a);
 
 =head1 DESCRIPTION
 
+B<BN_ULONG> is a macro that will be an unsigned integral type optimied
+for the most efficient implementation on the local platform.
+
 BN_zero(), BN_one() and BN_set_word() set B<a> to the values 0, 1 and
 B<w> respectively.  BN_zero() and BN_one() are macros.
 
 BN_value_one() returns a B<BIGNUM> constant of value 1. This constant
 is useful for use in comparisons and assignment.
 
-BN_get_word() returns B<a>, if it can be represented as an unsigned
-long.
+BN_get_word() returns B<a>, if it can be represented as a B<BN_ULONG>.
 
 =head1 RETURN VALUES
 
-BN_get_word() returns the value B<a>, and 0xffffffffL if B<a> cannot
-be represented as an unsigned long.
+BN_get_word() returns the value B<a>, or all-bits-set if B<a> cannot
+be represented as a B<BN_ULONG>.
 
 BN_zero(), BN_one() and BN_set_word() return 1 on success, 0 otherwise.
 BN_value_one() returns the constant.
 
 =head1 BUGS
 
-Someone might change the constant.
+If a B<BIGNUM> is equal to the value of all-bits-set, it will collide
+with the error condition returned by BN_get_word() which uses that
+as an error value.
 
-If a B<BIGNUM> is equal to 0xffffffffL it can be represented as an
-unsigned long but this value is also returned on error.
+B<BN_ULONG> should probably be a typedef.
 
 =head1 SEE ALSO
 
diff --git a/doc/crypto/EVP_EncryptInit.pod b/doc/crypto/EVP_EncryptInit.pod
index d9513338..4973f0a2 100644
--- a/doc/crypto/EVP_EncryptInit.pod
+++ b/doc/crypto/EVP_EncryptInit.pod
@@ -19,14 +19,17 @@ EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param,
 EVP_CIPHER_CTX_set_padding,  EVP_enc_null, EVP_des_cbc, EVP_des_ecb,
 EVP_des_cfb, EVP_des_ofb, EVP_des_ede_cbc, EVP_des_ede, EVP_des_ede_ofb,
 EVP_des_ede_cfb, EVP_des_ede3_cbc, EVP_des_ede3, EVP_des_ede3_ofb,
-EVP_des_ede3_cfb, EVP_desx_cbc, EVP_rc4, EVP_rc4_40, EVP_idea_cbc,
-EVP_idea_ecb, EVP_idea_cfb, EVP_idea_ofb, EVP_idea_cbc, EVP_rc2_cbc,
+EVP_des_ede3_cfb, EVP_desx_cbc, EVP_rc4, EVP_rc4_40, EVP_rc4_hmac_md5,
+EVP_idea_cbc, EVP_idea_ecb, EVP_idea_cfb, EVP_idea_ofb, EVP_rc2_cbc,
 EVP_rc2_ecb, EVP_rc2_cfb, EVP_rc2_ofb, EVP_rc2_40_cbc, EVP_rc2_64_cbc,
 EVP_bf_cbc, EVP_bf_ecb, EVP_bf_cfb, EVP_bf_ofb, EVP_cast5_cbc,
 EVP_cast5_ecb, EVP_cast5_cfb, EVP_cast5_ofb, EVP_rc5_32_12_16_cbc,
 EVP_rc5_32_12_16_ecb, EVP_rc5_32_12_16_cfb, EVP_rc5_32_12_16_ofb, 
 EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ccm,
-EVP_aes_192_ccm, EVP_aes_256_ccm - EVP cipher routines
+EVP_aes_192_ccm, EVP_aes_256_ccm,
+EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1,
+EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256
+- EVP cipher routines
 
 =head1 SYNOPSIS
 
@@ -35,38 +38,38 @@ EVP_aes_192_ccm, EVP_aes_256_ccm - EVP cipher routines
  void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);
 
  int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
-	 ENGINE *impl, unsigned char *key, unsigned char *iv);
+         ENGINE *impl, const unsigned char *key, const unsigned char *iv);
  int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
-         int *outl, unsigned char *in, int inl);
+         int *outl, const unsigned char *in, int inl);
  int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out,
          int *outl);
 
  int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
-	 ENGINE *impl, unsigned char *key, unsigned char *iv);
+         ENGINE *impl, const unsigned char *key, const unsigned char *iv);
  int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
-         int *outl, unsigned char *in, int inl);
+         int *outl, const unsigned char *in, int inl);
  int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm,
          int *outl);
 
  int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
-         ENGINE *impl, unsigned char *key, unsigned char *iv, int enc);
+         ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
  int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
-         int *outl, unsigned char *in, int inl);
+         int *outl, const unsigned char *in, int inl);
  int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm,
          int *outl);
 
  int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
-         unsigned char *key, unsigned char *iv);
+         const unsigned char *key, const unsigned char *iv);
  int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out,
          int *outl);
 
  int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
-         unsigned char *key, unsigned char *iv);
+         const unsigned char *key, const unsigned char *iv);
  int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm,
          int *outl);
 
  int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
-         unsigned char *key, unsigned char *iv, int enc);
+         const unsigned char *key, const unsigned char *iv, int enc);
  int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm,
          int *outl);
 
@@ -392,10 +395,7 @@ processed (e.g. after an EVP_EncryptFinal() call).
  EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, taglen, tag);
 
 Sets the expected tag to B<taglen> bytes from B<tag>. This call is only legal
-when decrypting data and must be made B<before> any data is processed (e.g.
-before any EVP_DecryptUpdate() call). 
-
-See L<EXAMPLES> below for an example of the use of GCM mode.
+when decrypting data.
 
 =head1 CCM Mode
 
diff --git a/doc/crypto/EVP_PKEY_meth_new.pod b/doc/crypto/EVP_PKEY_meth_new.pod
new file mode 100644
index 00000000..041492a8
--- /dev/null
+++ b/doc/crypto/EVP_PKEY_meth_new.pod
@@ -0,0 +1,376 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find,
+EVP_PKEY_meth_add0, EVP_PKEY_METHOD,
+EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup,
+EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign,
+EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx,
+EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt,
+EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl,
+EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup,
+EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign,
+EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx,
+EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt,
+EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl
+- manipulating EVP_PKEY_METHOD structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+
+ void EVP_PKEY_meth_get_init(EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+
+=head1 DESCRIPTION
+
+B<EVP_PKEY_METHOD> is a structure which holds a set of methods for a
+specific public key cryptographic algorithm. Those methods are usually
+used to perform different jobs, such as generating a key, signing or
+verifying, encrypting or decrypting, etc.
+
+There are two places where the B<EVP_PKEY_METHOD> objects are stored: one
+is a built-in static array representing the standard methods for different
+algorithms, and the other one is a stack of user-defined application-specific
+methods, which can be manipulated by using L<EVP_PKEY_meth_add0(3)>.
+
+The B<EVP_PKEY_METHOD> objects are usually referenced by B<EVP_PKEY_CTX>
+objects.
+
+=head2 Methods
+
+The methods are the underlying implementations of a particular public key
+algorithm present by the B<EVP_PKEY_CTX> object.
+
+ int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);
+
+The init() method is called to initialize algorithm-specific data when a new
+B<EVP_PKEY_CTX> is created. As opposed to init(), the cleanup() method is called
+when an B<EVP_PKEY_CTX> is freed. The copy() method is called when an B<EVP_PKEY_CTX>
+is being duplicated. Refer to L<EVP_PKEY_CTX_new(3)>, L<EVP_PKEY_CTX_new_id(3)>,
+L<EVP_PKEY_CTX_free(3)> and L<EVP_PKEY_CTX_dup(3)>.
+
+ int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
+
+The paramgen_init() and paramgen() methods deal with key parameter generation.
+They are called by L<EVP_PKEY_paramgen_init(3)> and L<EVP_PKEY_paramgen(3)> to
+handle the parameter generation process.
+
+ int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
+
+The keygen_init() and keygen() methods are used to generate the actual key for
+the specified algorithm. They are called by L<EVP_PKEY_keygen_init(3)> and
+L<EVP_PKEY_keygen(3)>.
+
+ int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);
+
+The sign_init() and sign() methods are used to generate the signature of a
+piece of data using a private key. They are called by L<EVP_PKEY_sign_init(3)>
+and L<EVP_PKEY_sign(3)>.
+
+ int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);
+
+The verify_init() and verify() methods are used to verify whether a signature is
+valid. They are called by L<EVP_PKEY_verify_init(3)> and L<EVP_PKEY_verify(3)>.
+
+ int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);
+
+The verify_recover_init() and verify_recover() methods are used to verify a
+signature and then recover the digest from the signature (for instance, a
+signature that was generated by RSA signing algorithm). They are called by
+L<EVP_PKEY_verify_recover_init(3)> and L<EVP_PKEY_verify_recover(3)>.
+
+ int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);
+
+The signctx_init() and signctx() methods are used to sign a digest present by
+a B<EVP_MD_CTX> object. They are called by the EVP_DigestSign functions. See
+L<EVP_DigestSignInit(3)> for detail.
+
+ int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);
+
+The verifyctx_init() and verifyctx() methods are used to verify a signature
+against the data in a B<EVP_MD_CTX> object. They are called by the various
+EVP_DigestVerify functions. See L<EVP_DigestVerifyInit(3)> for detail.
+
+ int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);
+
+The encrypt_init() and encrypt() methods are used to encrypt a piece of data.
+They are called by L<EVP_PKEY_encrypt_init(3)> and L<EVP_PKEY_encrypt(3)>.
+
+ int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);
+
+The decrypt_init() and decrypt() methods are used to decrypt a piece of data.
+They are called by L<EVP_PKEY_decrypt_init(3)> and L<EVP_PKEY_decrypt(3)>.
+
+ int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
+
+The derive_init() and derive() methods are used to derive the shared secret
+from a public key algorithm (for instance, the DH algorithm). They are called by
+L<EVP_PKEY_derive_init(3)> and L<EVP_PKEY_derive(3)>.
+
+ int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);
+
+The ctrl() and ctrl_str() methods are used to adjust algorithm-specific
+settings. See L<EVP_PKEY_CTX_ctrl(3)> and related functions for detail.
+
+ int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);
+
+The digestsign() and digestverify() methods are used to generate or verify
+a signature in a one-shot mode. They could be called by L<EVP_DigetSign(3)>
+and L<EVP_DigestVerify(3)>.
+
+=head2 Functions
+
+EVP_PKEY_meth_new() creates and returns a new B<EVP_PKEY_METHOD> object,
+and associates the given B<id> and B<flags>. The following flags are
+supported:
+
+ EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM
+
+If an B<EVP_PKEY_METHOD> is set with the B<EVP_PKEY_FLAG_AUTOARGLEN> flag, the
+maximum size of the output buffer will be automatically calculated or checked
+in corresponding EVP methods by the EVP framework. Thus the implementations of
+these methods don't need to care about handling the case of returning output
+buffer size by themselves. For details on the output buffer size, refer to
+L<EVP_PKEY_sign(3)>.
+
+The B<EVP_PKEY_FLAG_SIGCTX_CUSTOM> is used to indicate the signctx() method
+of an B<EVP_PKEY_METHOD> is always called by the EVP framework while doing a
+digest signing operation by calling L<EVP_DigestSignFinal(3)>.
+
+EVP_PKEY_meth_free() frees an existing B<EVP_PKEY_METHOD> pointed by
+B<pmeth>.
+
+EVP_PKEY_meth_copy() copies an B<EVP_PKEY_METHOD> object from B<src>
+to B<dst>.
+
+EVP_PKEY_meth_find() finds an B<EVP_PKEY_METHOD> object with the B<id>.
+This function first searches through the user-defined method objects and
+then the built-in objects.
+
+EVP_PKEY_meth_add0() adds B<pmeth> to the user defined stack of methods.
+
+The EVP_PKEY_meth_set functions set the corresponding fields of
+B<EVP_PKEY_METHOD> structure with the arguments passed.
+
+The EVP_PKEY_meth_get functions get the corresponding fields of
+B<EVP_PKEY_METHOD> structure to the arguments provided.
+
+=head1 RETURN VALUES
+
+EVP_PKEY_meth_new() returns a pointer to a new B<EVP_PKEY_METHOD>
+object or returns NULL on error.
+
+EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.
+
+EVP_PKEY_meth_find() returns a pointer to the found B<EVP_PKEY_METHOD>
+object or returns NULL if not found.
+
+EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0
+if an error occurred.
+
+All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return
+values. For the 'get' functions, function pointers are returned by
+arguments.
+
+=head1 COPYRIGHT
+
+Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the OpenSSL license (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/crypto/RSA_padding_add_PKCS1_type_1.pod b/doc/crypto/RSA_padding_add_PKCS1_type_1.pod
index b8f678fe..f20f815d 100644
--- a/doc/crypto/RSA_padding_add_PKCS1_type_1.pod
+++ b/doc/crypto/RSA_padding_add_PKCS1_type_1.pod
@@ -104,6 +104,13 @@ The RSA_padding_check_xxx() functions return the length of the
 recovered data, -1 on error. Error codes can be obtained by calling
 L<ERR_get_error(3)|ERR_get_error(3)>.
 
+=head1 WARNING
+
+The RSA_padding_check_PKCS1_type_2() padding check leaks timing
+information which can potentially be used to mount a Bleichenbacher
+padding oracle attack. This is an inherent weakness in the PKCS #1
+v1.5 padding design. Prefer PKCS1_OAEP padding.
+
 =head1 SEE ALSO
 
 L<RSA_public_encrypt(3)|RSA_public_encrypt(3)>,
diff --git a/doc/crypto/RSA_private_encrypt.pod b/doc/crypto/RSA_private_encrypt.pod
index 746a80c7..3e1f895c 100644
--- a/doc/crypto/RSA_private_encrypt.pod
+++ b/doc/crypto/RSA_private_encrypt.pod
@@ -8,10 +8,10 @@ RSA_private_encrypt, RSA_public_decrypt - low level signature operations
 
  #include <openssl/rsa.h>
 
- int RSA_private_encrypt(int flen, unsigned char *from,
+ int RSA_private_encrypt(int flen, const unsigned char *from,
     unsigned char *to, RSA *rsa, int padding);
 
- int RSA_public_decrypt(int flen, unsigned char *from, 
+ int RSA_public_decrypt(int flen, const unsigned char *from,
     unsigned char *to, RSA *rsa, int padding);
 
 =head1 DESCRIPTION
diff --git a/doc/crypto/RSA_public_encrypt.pod b/doc/crypto/RSA_public_encrypt.pod
index ab0fe3b2..4d7c1f2c 100644
--- a/doc/crypto/RSA_public_encrypt.pod
+++ b/doc/crypto/RSA_public_encrypt.pod
@@ -8,10 +8,10 @@ RSA_public_encrypt, RSA_private_decrypt - RSA public key cryptography
 
  #include <openssl/rsa.h>
 
- int RSA_public_encrypt(int flen, unsigned char *from,
+ int RSA_public_encrypt(int flen, const unsigned char *from,
     unsigned char *to, RSA *rsa, int padding);
 
- int RSA_private_decrypt(int flen, unsigned char *from,
+ int RSA_private_decrypt(int flen, const unsigned char *from,
      unsigned char *to, RSA *rsa, int padding);
 
 =head1 DESCRIPTION
@@ -67,6 +67,13 @@ recovered plaintext.
 On error, -1 is returned; the error codes can be
 obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
 
+=head1 WARNING
+
+Decryption failures in the RSA_PKCS1_PADDING mode leak information
+which can potentially be used to mount a Bleichenbacher padding oracle
+attack. This is an inherent weakness in the PKCS #1 v1.5 padding
+design. Prefer RSA_PKCS1_OAEP_PADDING.
+
 =head1 CONFORMING TO
 
 SSL, PKCS #1 v2.0
diff --git a/doc/crypto/X509_STORE_CTX_new.pod b/doc/crypto/X509_STORE_CTX_new.pod
index eb38b0a1..1aee1172 100644
--- a/doc/crypto/X509_STORE_CTX_new.pod
+++ b/doc/crypto/X509_STORE_CTX_new.pod
@@ -41,7 +41,7 @@ is no longer valid.
 X509_STORE_CTX_init() sets up B<ctx> for a subsequent verification operation.
 It must be called before each call to X509_verify_cert(), i.e. a B<ctx> is only
 good for one call to X509_verify_cert(); if you want to verify a second
-certificate with the same B<ctx> then you must call X509_XTORE_CTX_cleanup()
+certificate with the same B<ctx> then you must call X509_STORE_CTX_cleanup()
 and then X509_STORE_CTX_init() again before the second call to
 X509_verify_cert(). The trusted certificate store is set to B<store>, the end
 entity certificate to be verified is set to B<x509> and a set of additional
diff --git a/doc/crypto/X509_VERIFY_PARAM_set_flags.pod b/doc/crypto/X509_VERIFY_PARAM_set_flags.pod
index 44792f91..10399ecb 100644
--- a/doc/crypto/X509_VERIFY_PARAM_set_flags.pod
+++ b/doc/crypto/X509_VERIFY_PARAM_set_flags.pod
@@ -203,6 +203,27 @@ chain found is not trusted, then OpenSSL will continue to check to see if an
 alternative chain can be found that is trusted. With this flag set the behaviour
 will match that of OpenSSL versions prior to 1.0.2b.
 
+The B<X509_V_FLAG_TRUSTED_FIRST> flag causes chain construction to look for
+issuers in the trust store before looking at the untrusted certificates
+provided as part of the the peer chain.
+Though it is not on by default in OpenSSL 1.0.2, applications should generally
+set this flag.
+Local issuer certificates are often more likely to satisfy local security
+requirements and lead to a locally trusted root.
+This is especially important When some certificates in the trust store have
+explicit trust settings (see "TRUST SETTINGS" in L<x509(1)>).
+
+The B<X509_V_FLAG_PARTIAL_CHAIN> flag causes intermediate certificates in the
+trust store to be treated as trust-anchors, in the same way as the self-signed
+root CA certificates.
+This makes it possible to trust certificates issued by an intermediate CA
+without having to trust its ancestor root CA.
+With OpenSSL 1.0.2, chain construction continues as long as there are
+additional trusted issuers in the trust store, and the last trusted issuer
+becomes the trust-anchor.
+Thus, even when an intermediate certificate is found in the trust store, the
+verified chain passed to callbacks may still be anchored by a root CA.
+
 =head1 NOTES
 
 The above functions should be used to manipulate verification parameters
@@ -235,7 +256,8 @@ connections associated with an B<SSL_CTX> structure B<ctx>:
 L<X509_verify_cert(3)|X509_verify_cert(3)>,
 L<X509_check_host(3)|X509_check_host(3)>,
 L<X509_check_email(3)|X509_check_email(3)>,
-L<X509_check_ip(3)|X509_check_ip(3)>
+L<X509_check_ip(3)|X509_check_ip(3)>,
+L<x509(1)|x509(1)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/X509_check_private_key.pod b/doc/crypto/X509_check_private_key.pod
new file mode 100644
index 00000000..a1fb07b1
--- /dev/null
+++ b/doc/crypto/X509_check_private_key.pod
@@ -0,0 +1,54 @@
+=pod
+
+=head1 NAME
+
+X509_check_private_key, X509_REQ_check_private_key - check the consistency
+of a private key with the public key in an X509 certificate or certificate
+request
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509.h>
+
+ int X509_check_private_key(X509 *x, EVP_PKEY *k);
+
+ int X509_REQ_check_private_key(X509_REQ *x, EVP_PKEY *k);
+
+=head1 DESCRIPTION
+
+X509_check_private_key() function checks the consistency of private
+key B<k> with the public key in B<x>.
+
+X509_REQ_check_private_key() is equivalent to X509_check_private_key()
+except that B<x> represents a certificate request of structure B<X509_REQ>.
+
+=head1 RETURN VALUE
+
+X509_check_private_key() and X509_REQ_check_private_key() return 1 if
+the keys match each other, and 0 if not.
+
+If the key is invalid or an error occurred, the reason code can be
+obtained using L<ERR_get_error(3)>.
+
+=head1 BUGS
+
+The B<check_private_key> functions don't check if B<k> itself is indeed
+a private key or not. It merely compares the public materials (e.g. exponent
+and modulus of an RSA key) and/or key parameters (e.g. EC params of an EC key)
+of a key pair. So if you pass a public key to these functions in B<k>, it will
+return success.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)>
+
+=head1 COPYRIGHT
+
+Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the OpenSSL license (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/crypto/des.pod b/doc/crypto/des.pod
index e1add56b..339617aa 100644
--- a/doc/crypto/des.pod
+++ b/doc/crypto/des.pod
@@ -123,7 +123,7 @@ architecture dependent I<DES_key_schedule> via the
 DES_set_key_checked() or DES_set_key_unchecked() function.
 
 DES_set_key_checked() will check that the key passed is of odd parity
-and is not a week or semi-weak key.  If the parity is wrong, then -1
+and is not a weak or semi-weak key.  If the parity is wrong, then -1
 is returned.  If the key is a weak key, then -2 is returned.  If an
 error is returned, the key schedule is not generated.
 
diff --git a/doc/crypto/hmac.pod b/doc/crypto/hmac.pod
index 2c8f20a2..ca9798af 100644
--- a/doc/crypto/hmac.pod
+++ b/doc/crypto/hmac.pod
@@ -38,7 +38,8 @@ B<key_len> bytes long.
 It places the result in B<md> (which must have space for the output of
 the hash function, which is no more than B<EVP_MAX_MD_SIZE> bytes).
 If B<md> is NULL, the digest is placed in a static array.  The size of
-the output is placed in B<md_len>, unless it is B<NULL>.
+the output is placed in B<md_len>, unless it is B<NULL>. Note: passing a NULL
+value for B<md>  to use the static array is not thread safe.
 
 B<evp_md> can be EVP_sha1(), EVP_ripemd160() etc.
 
diff --git a/doc/crypto/threads.pod b/doc/crypto/threads.pod
index dc0e9391..30c19b81 100644
--- a/doc/crypto/threads.pod
+++ b/doc/crypto/threads.pod
@@ -63,9 +63,13 @@ CRYPTO_destroy_dynlockid, CRYPTO_lock - OpenSSL thread support
 
 =head1 DESCRIPTION
 
-OpenSSL can safely be used in multi-threaded applications provided
-that at least two callback functions are set, locking_function and
+OpenSSL can generally be used safely in multi-threaded applications provided
+that at least two callback functions are set, the locking_function and
 threadid_func.
+Note that OpenSSL is not completely thread-safe, and unfortunately not all
+global resources have the necessary locks.
+Further, the thread-safety does not extend to things like multiple threads
+using the same B<SSL> object at the same time.
 
 locking_function(int mode, int n, const char *file, int line) is
 needed to perform locking on shared data structures. 
diff --git a/doc/ssl/SSL_CTX_set_tlsext_servername_callback.pod b/doc/ssl/SSL_CTX_set_tlsext_servername_callback.pod
new file mode 100644
index 00000000..3b0a5095
--- /dev/null
+++ b/doc/ssl/SSL_CTX_set_tlsext_servername_callback.pod
@@ -0,0 +1,62 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_set_tlsext_servername_callback, SSL_CTX_set_tlsext_servername_arg,
+SSL_get_servername_type, SSL_get_servername - handle server name indication
+(SNI)
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ long SSL_CTX_set_tlsext_servername_callback(SSL_CTX *ctx,
+                                   int (*cb)(SSL *, int *, void *));
+ long SSL_CTX_set_tlsext_servername_arg(SSL_CTX *ctx, void *arg);
+
+ const char *SSL_get_servername(const SSL *s, const int type);
+ int SSL_get_servername_type(const SSL *s);
+
+=head1 DESCRIPTION
+
+SSL_CTX_set_tlsext_servername_callback() sets the application callback B<cb>
+used by a server to perform any actions or configuration required based on
+the servername extension received in the incoming connection. When B<cb>
+is NULL, SNI is not used. The B<arg> value is a pointer which is passed to
+the application callback.
+
+SSL_CTX_set_tlsext_servername_arg() sets a context-specific argument to be
+passed into the callback for this B<SSL_CTX>.
+
+SSL_get_servername() returns a servername extension value of the specified
+type if provided in the Client Hello or NULL.
+
+SSL_get_servername_type() returns the servername type or -1 if no servername
+is present. Currently the only supported type (defined in RFC3546) is
+B<TLSEXT_NAMETYPE_host_name>.
+
+=head1 NOTES
+
+The ALPN and SNI callbacks are both executed during Client Hello processing.
+The servername callback is executed first, followed by the ALPN callback.
+
+=head1 RETURN VALUES
+
+SSL_CTX_set_tlsext_servername_callback() and
+SSL_CTX_set_tlsext_servername_arg() both always return 1 indicating success.
+
+=head1 SEE ALSO
+
+L<ssl(7)>, L<SSL_CTX_set_alpn_select_cb(3)>,
+L<SSL_get0_alpn_selected(3)>
+
+=head1 COPYRIGHT
+
+Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the OpenSSL license (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/ssl/SSL_export_keying_material.pod b/doc/ssl/SSL_export_keying_material.pod
new file mode 100644
index 00000000..ccb99ec9
--- /dev/null
+++ b/doc/ssl/SSL_export_keying_material.pod
@@ -0,0 +1,61 @@
+=pod
+
+=head1 NAME
+
+SSL_export_keying_material - obtain keying material for application use
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
+                                const char *label, size_t llen,
+                                const unsigned char *context,
+                                size_t contextlen, int use_context);
+
+=head1 DESCRIPTION
+
+During the creation of a TLS or DTLS connection shared keying material is
+established between the two endpoints. The function SSL_export_keying_material()
+enables an application to use some of this keying material for its own purposes
+in accordance with RFC5705.
+
+An application may need to securely establish the context within which this
+keying material will be used. For example this may include identifiers for the
+application session, application algorithms or parameters, or the lifetime of
+the context. The context value is left to the application but must be the same
+on both sides of the communication.
+
+For a given SSL connection B<s>, B<olen> bytes of data will be written to
+B<out>. The application specific context should be supplied in the location
+pointed to by B<context> and should be B<contextlen> bytes long. Provision of
+a context is optional. If the context should be omitted entirely then
+B<use_context> should be set to 0. Otherwise it should be any other value. If
+B<use_context> is 0 then the values of B<context> and B<contextlen> are ignored.
+Note that a zero length context is treated differently to no context at all, and
+will result in different keying material being returned.
+
+An application specific label should be provided in the location pointed to by
+B<label> and should be B<llen> bytes long. Typically this will be a value from
+the IANA Exporter Label Registry
+(L<https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#exporter-labels>).
+Alternatively labels beginning with "EXPERIMENTAL" are permitted by the standard
+to be used without registration.
+
+Note that this function is only defined for TLSv1.0 and above, and DTLSv1.0 and
+above. Attempting to use it in SSLv3 will result in an error.
+
+=head1 RETURN VALUES
+
+SSL_export_keying_material() returns 0 or -1 on failure or 1 on success.
+
+=head1 COPYRIGHT
+
+Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the OpenSSL license (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/ssl/SSL_set_connect_state.pod b/doc/ssl/SSL_set_connect_state.pod
index d88a057d..14facc6a 100644
--- a/doc/ssl/SSL_set_connect_state.pod
+++ b/doc/ssl/SSL_set_connect_state.pod
@@ -25,7 +25,7 @@ it was either assigned a dedicated client method, a dedicated server
 method, or a generic method, that can be used for both client and
 server connections. (The method might have been changed with
 L<SSL_CTX_set_ssl_version(3)|SSL_CTX_set_ssl_version(3)> or
-SSL_set_ssl_method().)
+SSL_set_ssl_method(3).)
 
 When beginning a new handshake, the SSL engine must know whether it must
 call the connect (client) or accept (server) routines. Even though it may
diff --git a/engines/ccgost/README.gost b/engines/ccgost/README.gost
index c96cccc7..80f7900d 100644
--- a/engines/ccgost/README.gost
+++ b/engines/ccgost/README.gost
@@ -193,7 +193,7 @@ Russian clients and RSA/DSA ciphersuites for foreign clients.
 
  openssl dgst -mac gost-mac -macopt key:<32 bytes of key> datafile
 
- Note absense of an option that specifies digest algorithm. gost-mac
+ Note absence of an option that specifies digest algorithm. gost-mac
  algorithm supports only one digest (which is actually part of
  implementation of this mac) and OpenSSL is clever enough to find out
  this.
@@ -216,8 +216,8 @@ openssl pksc12 -export -inkey gost.pem -in gost_cert.pem -keypbe gost89\
 7. Testing speed of symmetric ciphers.
    
 To test performance of GOST symmetric ciphers you should use -evp switch
-of the openssl speed command. Engine-provided ciphers couldn't be
-accessed by cipher-specific functions, only via generic evp interface
+of the openssl speed command. Engine-provided ciphers can be accessed only via
+generic evp interface and not by cipher-specific functions.
 
  openssl speed -evp gost89
  openssl speed -evp gost89-cnt
@@ -225,7 +225,7 @@ accessed by cipher-specific functions, only via generic evp interface
 
 PROGRAMMING INTERFACES DETAILS
 
-Applications never should access engine directly. They only use provided
+Applications should never access engine directly. They should only use provided
 EVP_PKEY API. But there are some details, which should be taken into
 account.
 
@@ -281,12 +281,11 @@ If UKM is not set by this control command, encrypt operation would
 generate random UKM.
 
 
-This sources include implementation of GOST 28147-89 and GOST R 34.11-94
-which are completely indepentent from OpenSSL and can be used separately
-(files gost89.c, gost89.h, gosthash.c, gosthash.h) Utility gostsum (file
-gostsum.c) is provided as example of such separate usage. This is
-program, simular to md5sum and sha1sum utilities, but calculates GOST R
-34.11-94 hash.
+These sources include implementation of GOST 28147-89 and GOST R 34.11-94
+which are completely independent from OpenSSL and can be used separately
+(files gost89.c, gost89.h, gosthash.c, gosthash.h). Utility gostsum (file
+gostsum.c) is provided as an example of such separate usage. This program is
+similar to md5sum and sha1sum utilities, but calculates GOST R 34.11-94 hash.
 
 Makefile doesn't include rule for compiling gostsum.
 Use command
diff --git a/engines/ccgost/gost_eng.c b/engines/ccgost/gost_eng.c
index 5924791b..ea52c4db 100644
--- a/engines/ccgost/gost_eng.c
+++ b/engines/ccgost/gost_eng.c
@@ -157,10 +157,6 @@ static int bind_gost(ENGINE *e, const char *id)
     return ret;
 }
 
-#ifndef OPENSSL_NO_DYNAMIC_ENGINE
-IMPLEMENT_DYNAMIC_BIND_FN(bind_gost)
-    IMPLEMENT_DYNAMIC_CHECK_FN()
-#endif                          /* ndef OPENSSL_NO_DYNAMIC_ENGINE */
 static int gost_digests(ENGINE *e, const EVP_MD **digest,
                         const int **nids, int nid)
 {
@@ -278,4 +274,7 @@ void ENGINE_load_gost(void)
     ENGINE_free(toadd);
     ERR_clear_error();
 }
+#else
+IMPLEMENT_DYNAMIC_BIND_FN(bind_gost)
+IMPLEMENT_DYNAMIC_CHECK_FN()
 #endif
diff --git a/engines/e_atalla.c b/engines/e_atalla.c
index 6a324e67..7d136fff 100644
--- a/engines/e_atalla.c
+++ b/engines/e_atalla.c
@@ -494,7 +494,7 @@ static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
         goto err;
     }
     /* Prepare the key-data */
-    memset(&keydata, 0, sizeof keydata);
+    memset(&keydata, 0, sizeof(keydata));
     numbytes = BN_num_bytes(m);
     memset(exponent->d, 0, numbytes);
     memset(modulus->d, 0, numbytes);
diff --git a/include32/openssl/asn1.h b/include32/openssl/asn1.h
index 68e791fc..35a2b2aa 100644
--- a/include32/openssl/asn1.h
+++ b/include32/openssl/asn1.h
@@ -1365,6 +1365,7 @@ void ERR_load_ASN1_strings(void);
 # define ASN1_R_MSTRING_NOT_UNIVERSAL                     139
 # define ASN1_R_MSTRING_WRONG_TAG                         140
 # define ASN1_R_NESTED_ASN1_STRING                        197
+# define ASN1_R_NESTED_TOO_DEEP                           219
 # define ASN1_R_NON_HEX_CHARACTERS                        141
 # define ASN1_R_NOT_ASCII_FORMAT                          190
 # define ASN1_R_NOT_ENOUGH_DATA                           142
diff --git a/include32/openssl/conf.h b/include32/openssl/conf.h
index 8d926d5d..fe491130 100644
--- a/include32/openssl/conf.h
+++ b/include32/openssl/conf.h
@@ -259,6 +259,7 @@ void ERR_load_CONF_strings(void);
 # define CONF_R_NO_VALUE                                  108
 # define CONF_R_UNABLE_TO_CREATE_NEW_SECTION              103
 # define CONF_R_UNKNOWN_MODULE_NAME                       113
+# define CONF_R_VARIABLE_EXPANSION_TOO_LONG               116
 # define CONF_R_VARIABLE_HAS_NO_VALUE                     104
 
 #ifdef  __cplusplus
diff --git a/include32/openssl/dh.h b/include32/openssl/dh.h
index a5bd9016..80b28fb3 100644
--- a/include32/openssl/dh.h
+++ b/include32/openssl/dh.h
@@ -182,12 +182,29 @@ struct dh_st {
  */
 # define DH_CHECK_P_NOT_STRONG_PRIME     DH_CHECK_P_NOT_SAFE_PRIME
 
-# define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
-                (char *(*)())d2i_DHparams,(fp),(unsigned char **)(x))
-# define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \
-                (unsigned char *)(x))
-# define d2i_DHparams_bio(bp,x) ASN1_d2i_bio_of(DH,DH_new,d2i_DHparams,bp,x)
-# define i2d_DHparams_bio(bp,x) ASN1_i2d_bio_of_const(DH,i2d_DHparams,bp,x)
+# define d2i_DHparams_fp(fp,x) \
+    (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
+                      (char *(*)())d2i_DHparams, \
+                      (fp), \
+                      (unsigned char **)(x))
+# define i2d_DHparams_fp(fp,x) \
+    ASN1_i2d_fp(i2d_DHparams,(fp), (unsigned char *)(x))
+# define d2i_DHparams_bio(bp,x) \
+    ASN1_d2i_bio_of(DH, DH_new, d2i_DHparams, bp, x)
+# define i2d_DHparams_bio(bp,x) \
+    ASN1_i2d_bio_of_const(DH,i2d_DHparams,bp,x)
+
+# define d2i_DHxparams_fp(fp,x) \
+    (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
+                      (char *(*)())d2i_DHxparams, \
+                      (fp), \
+                      (unsigned char **)(x))
+# define i2d_DHxparams_fp(fp,x) \
+    ASN1_i2d_fp(i2d_DHxparams,(fp), (unsigned char *)(x))
+# define d2i_DHxparams_bio(bp,x) \
+    ASN1_d2i_bio_of(DH, DH_new, d2i_DHxparams, bp, x)
+# define i2d_DHxparams_bio(bp,x) \
+    ASN1_i2d_bio_of_const(DH, i2d_DHxparams, bp, x)
 
 DH *DHparams_dup(DH *);
 
@@ -240,11 +257,13 @@ DH *DH_get_1024_160(void);
 DH *DH_get_2048_224(void);
 DH *DH_get_2048_256(void);
 
+# ifndef OPENSSL_NO_CMS
 /* RFC2631 KDF */
 int DH_KDF_X9_42(unsigned char *out, size_t outlen,
                  const unsigned char *Z, size_t Zlen,
                  ASN1_OBJECT *key_oid,
                  const unsigned char *ukm, size_t ukmlen, const EVP_MD *md);
+# endif
 
 # define EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len) \
         EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
diff --git a/include32/openssl/err.h b/include32/openssl/err.h
index 585aa8ba..f4236562 100644
--- a/include32/openssl/err.h
+++ b/include32/openssl/err.h
@@ -258,6 +258,7 @@ typedef struct err_state_st {
 # define SYS_F_WSASTARTUP        9/* Winsock stuff */
 # define SYS_F_OPENDIR           10
 # define SYS_F_FREAD             11
+# define SYS_F_FFLUSH            18
 
 /* reasons */
 # define ERR_R_SYS_LIB   ERR_LIB_SYS/* 2 */
diff --git a/include32/openssl/evp.h b/include32/openssl/evp.h
index d258ef87..cf1de15e 100644
--- a/include32/openssl/evp.h
+++ b/include32/openssl/evp.h
@@ -1363,6 +1363,98 @@ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
                                              const char *type,
                                              const char *value));
 
+void EVP_PKEY_meth_get_init(EVP_PKEY_METHOD *pmeth,
+                            int (**pinit) (EVP_PKEY_CTX *ctx));
+
+void EVP_PKEY_meth_get_copy(EVP_PKEY_METHOD *pmeth,
+                            int (**pcopy) (EVP_PKEY_CTX *dst,
+                                           EVP_PKEY_CTX *src));
+
+void EVP_PKEY_meth_get_cleanup(EVP_PKEY_METHOD *pmeth,
+                               void (**pcleanup) (EVP_PKEY_CTX *ctx));
+
+void EVP_PKEY_meth_get_paramgen(EVP_PKEY_METHOD *pmeth,
+                                int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                   EVP_PKEY *pkey));
+
+void EVP_PKEY_meth_get_keygen(EVP_PKEY_METHOD *pmeth,
+                              int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                              int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                               EVP_PKEY *pkey));
+
+void EVP_PKEY_meth_get_sign(EVP_PKEY_METHOD *pmeth,
+                            int (**psign_init) (EVP_PKEY_CTX *ctx),
+                            int (**psign) (EVP_PKEY_CTX *ctx,
+                                           unsigned char *sig, size_t *siglen,
+                                           const unsigned char *tbs,
+                                           size_t tbslen));
+
+void EVP_PKEY_meth_get_verify(EVP_PKEY_METHOD *pmeth,
+                              int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                              int (**pverify) (EVP_PKEY_CTX *ctx,
+                                               const unsigned char *sig,
+                                               size_t siglen,
+                                               const unsigned char *tbs,
+                                               size_t tbslen));
+
+void EVP_PKEY_meth_get_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                      int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                    *ctx),
+                                      int (**pverify_recover) (EVP_PKEY_CTX
+                                                               *ctx,
+                                                               unsigned char
+                                                               *sig,
+                                                               size_t *siglen,
+                                                               const unsigned
+                                                               char *tbs,
+                                                               size_t tbslen));
+
+void EVP_PKEY_meth_get_signctx(EVP_PKEY_METHOD *pmeth,
+                               int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                      EVP_MD_CTX *mctx),
+                               int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                 unsigned char *sig,
+                                                 size_t *siglen,
+                                                 EVP_MD_CTX *mctx));
+
+void EVP_PKEY_meth_get_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                 int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                          EVP_MD_CTX *mctx),
+                                 int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                     const unsigned char *sig,
+                                                     int siglen,
+                                                     EVP_MD_CTX *mctx));
+
+void EVP_PKEY_meth_get_encrypt(EVP_PKEY_METHOD *pmeth,
+                               int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                               int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                   unsigned char *out,
+                                                   size_t *outlen,
+                                                   const unsigned char *in,
+                                                   size_t inlen));
+
+void EVP_PKEY_meth_get_decrypt(EVP_PKEY_METHOD *pmeth,
+                               int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                               int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                 unsigned char *out,
+                                                 size_t *outlen,
+                                                 const unsigned char *in,
+                                                 size_t inlen));
+
+void EVP_PKEY_meth_get_derive(EVP_PKEY_METHOD *pmeth,
+                              int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                              int (**pderive) (EVP_PKEY_CTX *ctx,
+                                               unsigned char *key,
+                                               size_t *keylen));
+
+void EVP_PKEY_meth_get_ctrl(EVP_PKEY_METHOD *pmeth,
+                            int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                           void *p2),
+                            int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                               const char *type,
+                                               const char *value));
+
 void EVP_add_alg_module(void);
 
 /* BEGIN ERROR CODES */
diff --git a/include32/openssl/opensslv.h b/include32/openssl/opensslv.h
index 645dd079..77f124e2 100644
--- a/include32/openssl/opensslv.h
+++ b/include32/openssl/opensslv.h
@@ -30,11 +30,11 @@ extern "C" {
  * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
  *  major minor fix final patch/beta)
  */
-# define OPENSSL_VERSION_NUMBER  0x100020bfL
+# define OPENSSL_VERSION_NUMBER  0x100020ffL
 # ifdef OPENSSL_FIPS
-#  define OPENSSL_VERSION_TEXT    "OpenSSL 1.0.2k-fips  26 Jan 2017"
+#  define OPENSSL_VERSION_TEXT    "OpenSSL 1.0.2o-fips  27 Mar 2018"
 # else
-#  define OPENSSL_VERSION_TEXT    "OpenSSL 1.0.2k  26 Jan 2017"
+#  define OPENSSL_VERSION_TEXT    "OpenSSL 1.0.2o  27 Mar 2018"
 # endif
 # define OPENSSL_VERSION_PTEXT   " part of " OPENSSL_VERSION_TEXT
 
diff --git a/include32/openssl/ssl.h b/include32/openssl/ssl.h
index 90aeb0ce..3cf96a23 100644
--- a/include32/openssl/ssl.h
+++ b/include32/openssl/ssl.h
@@ -1727,7 +1727,7 @@ extern "C" {
 # define SSL_ST_BEFORE                   0x4000
 # define SSL_ST_OK                       0x03
 # define SSL_ST_RENEGOTIATE              (0x04|SSL_ST_INIT)
-# define SSL_ST_ERR                      0x05
+# define SSL_ST_ERR                      (0x05|SSL_ST_INIT)
 
 # define SSL_CB_LOOP                     0x01
 # define SSL_CB_EXIT                     0x02
diff --git a/include32/openssl/symhacks.h b/include32/openssl/symhacks.h
index 239fa4fb..30019579 100644
--- a/include32/openssl/symhacks.h
+++ b/include32/openssl/symhacks.h
@@ -280,6 +280,8 @@
 #  define OPENSSL_add_all_algorithms_conf         OPENSSL_add_all_algo_conf
 #  undef EVP_PKEY_meth_set_verify_recover
 #  define EVP_PKEY_meth_set_verify_recover        EVP_PKEY_meth_set_vrfy_recover
+#  undef EVP_PKEY_meth_get_verify_recover
+#  define EVP_PKEY_meth_get_verify_recover        EVP_PKEY_meth_get_vrfy_recover
 
 /* Hack some long EC names */
 #  undef EC_GROUP_set_point_conversion_form
diff --git a/include32/openssl/tls1.h b/include32/openssl/tls1.h
index 7e237d06..dd1d8c10 100644
--- a/include32/openssl/tls1.h
+++ b/include32/openssl/tls1.h
@@ -317,7 +317,7 @@ int SSL_get_servername_type(const SSL *s);
  */
 int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
                                const char *label, size_t llen,
-                               const unsigned char *p, size_t plen,
+                               const unsigned char *context, size_t contextlen,
                                int use_context);
 
 int SSL_get_sigalgs(SSL *s, int idx,
diff --git a/include64/openssl/asn1.h b/include64/openssl/asn1.h
index 68e791fc..35a2b2aa 100644
--- a/include64/openssl/asn1.h
+++ b/include64/openssl/asn1.h
@@ -1365,6 +1365,7 @@ void ERR_load_ASN1_strings(void);
 # define ASN1_R_MSTRING_NOT_UNIVERSAL                     139
 # define ASN1_R_MSTRING_WRONG_TAG                         140
 # define ASN1_R_NESTED_ASN1_STRING                        197
+# define ASN1_R_NESTED_TOO_DEEP                           219
 # define ASN1_R_NON_HEX_CHARACTERS                        141
 # define ASN1_R_NOT_ASCII_FORMAT                          190
 # define ASN1_R_NOT_ENOUGH_DATA                           142
diff --git a/include64/openssl/conf.h b/include64/openssl/conf.h
index 8d926d5d..fe491130 100644
--- a/include64/openssl/conf.h
+++ b/include64/openssl/conf.h
@@ -259,6 +259,7 @@ void ERR_load_CONF_strings(void);
 # define CONF_R_NO_VALUE                                  108
 # define CONF_R_UNABLE_TO_CREATE_NEW_SECTION              103
 # define CONF_R_UNKNOWN_MODULE_NAME                       113
+# define CONF_R_VARIABLE_EXPANSION_TOO_LONG               116
 # define CONF_R_VARIABLE_HAS_NO_VALUE                     104
 
 #ifdef  __cplusplus
diff --git a/include64/openssl/dh.h b/include64/openssl/dh.h
index a5bd9016..80b28fb3 100644
--- a/include64/openssl/dh.h
+++ b/include64/openssl/dh.h
@@ -182,12 +182,29 @@ struct dh_st {
  */
 # define DH_CHECK_P_NOT_STRONG_PRIME     DH_CHECK_P_NOT_SAFE_PRIME
 
-# define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
-                (char *(*)())d2i_DHparams,(fp),(unsigned char **)(x))
-# define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \
-                (unsigned char *)(x))
-# define d2i_DHparams_bio(bp,x) ASN1_d2i_bio_of(DH,DH_new,d2i_DHparams,bp,x)
-# define i2d_DHparams_bio(bp,x) ASN1_i2d_bio_of_const(DH,i2d_DHparams,bp,x)
+# define d2i_DHparams_fp(fp,x) \
+    (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
+                      (char *(*)())d2i_DHparams, \
+                      (fp), \
+                      (unsigned char **)(x))
+# define i2d_DHparams_fp(fp,x) \
+    ASN1_i2d_fp(i2d_DHparams,(fp), (unsigned char *)(x))
+# define d2i_DHparams_bio(bp,x) \
+    ASN1_d2i_bio_of(DH, DH_new, d2i_DHparams, bp, x)
+# define i2d_DHparams_bio(bp,x) \
+    ASN1_i2d_bio_of_const(DH,i2d_DHparams,bp,x)
+
+# define d2i_DHxparams_fp(fp,x) \
+    (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
+                      (char *(*)())d2i_DHxparams, \
+                      (fp), \
+                      (unsigned char **)(x))
+# define i2d_DHxparams_fp(fp,x) \
+    ASN1_i2d_fp(i2d_DHxparams,(fp), (unsigned char *)(x))
+# define d2i_DHxparams_bio(bp,x) \
+    ASN1_d2i_bio_of(DH, DH_new, d2i_DHxparams, bp, x)
+# define i2d_DHxparams_bio(bp,x) \
+    ASN1_i2d_bio_of_const(DH, i2d_DHxparams, bp, x)
 
 DH *DHparams_dup(DH *);
 
@@ -240,11 +257,13 @@ DH *DH_get_1024_160(void);
 DH *DH_get_2048_224(void);
 DH *DH_get_2048_256(void);
 
+# ifndef OPENSSL_NO_CMS
 /* RFC2631 KDF */
 int DH_KDF_X9_42(unsigned char *out, size_t outlen,
                  const unsigned char *Z, size_t Zlen,
                  ASN1_OBJECT *key_oid,
                  const unsigned char *ukm, size_t ukmlen, const EVP_MD *md);
+# endif
 
 # define EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len) \
         EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
diff --git a/include64/openssl/err.h b/include64/openssl/err.h
index 585aa8ba..f4236562 100644
--- a/include64/openssl/err.h
+++ b/include64/openssl/err.h
@@ -258,6 +258,7 @@ typedef struct err_state_st {
 # define SYS_F_WSASTARTUP        9/* Winsock stuff */
 # define SYS_F_OPENDIR           10
 # define SYS_F_FREAD             11
+# define SYS_F_FFLUSH            18
 
 /* reasons */
 # define ERR_R_SYS_LIB   ERR_LIB_SYS/* 2 */
diff --git a/include64/openssl/evp.h b/include64/openssl/evp.h
index d258ef87..cf1de15e 100644
--- a/include64/openssl/evp.h
+++ b/include64/openssl/evp.h
@@ -1363,6 +1363,98 @@ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
                                              const char *type,
                                              const char *value));
 
+void EVP_PKEY_meth_get_init(EVP_PKEY_METHOD *pmeth,
+                            int (**pinit) (EVP_PKEY_CTX *ctx));
+
+void EVP_PKEY_meth_get_copy(EVP_PKEY_METHOD *pmeth,
+                            int (**pcopy) (EVP_PKEY_CTX *dst,
+                                           EVP_PKEY_CTX *src));
+
+void EVP_PKEY_meth_get_cleanup(EVP_PKEY_METHOD *pmeth,
+                               void (**pcleanup) (EVP_PKEY_CTX *ctx));
+
+void EVP_PKEY_meth_get_paramgen(EVP_PKEY_METHOD *pmeth,
+                                int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                   EVP_PKEY *pkey));
+
+void EVP_PKEY_meth_get_keygen(EVP_PKEY_METHOD *pmeth,
+                              int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                              int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                               EVP_PKEY *pkey));
+
+void EVP_PKEY_meth_get_sign(EVP_PKEY_METHOD *pmeth,
+                            int (**psign_init) (EVP_PKEY_CTX *ctx),
+                            int (**psign) (EVP_PKEY_CTX *ctx,
+                                           unsigned char *sig, size_t *siglen,
+                                           const unsigned char *tbs,
+                                           size_t tbslen));
+
+void EVP_PKEY_meth_get_verify(EVP_PKEY_METHOD *pmeth,
+                              int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                              int (**pverify) (EVP_PKEY_CTX *ctx,
+                                               const unsigned char *sig,
+                                               size_t siglen,
+                                               const unsigned char *tbs,
+                                               size_t tbslen));
+
+void EVP_PKEY_meth_get_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                      int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                    *ctx),
+                                      int (**pverify_recover) (EVP_PKEY_CTX
+                                                               *ctx,
+                                                               unsigned char
+                                                               *sig,
+                                                               size_t *siglen,
+                                                               const unsigned
+                                                               char *tbs,
+                                                               size_t tbslen));
+
+void EVP_PKEY_meth_get_signctx(EVP_PKEY_METHOD *pmeth,
+                               int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                      EVP_MD_CTX *mctx),
+                               int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                 unsigned char *sig,
+                                                 size_t *siglen,
+                                                 EVP_MD_CTX *mctx));
+
+void EVP_PKEY_meth_get_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                 int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                          EVP_MD_CTX *mctx),
+                                 int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                     const unsigned char *sig,
+                                                     int siglen,
+                                                     EVP_MD_CTX *mctx));
+
+void EVP_PKEY_meth_get_encrypt(EVP_PKEY_METHOD *pmeth,
+                               int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                               int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                   unsigned char *out,
+                                                   size_t *outlen,
+                                                   const unsigned char *in,
+                                                   size_t inlen));
+
+void EVP_PKEY_meth_get_decrypt(EVP_PKEY_METHOD *pmeth,
+                               int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                               int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                 unsigned char *out,
+                                                 size_t *outlen,
+                                                 const unsigned char *in,
+                                                 size_t inlen));
+
+void EVP_PKEY_meth_get_derive(EVP_PKEY_METHOD *pmeth,
+                              int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                              int (**pderive) (EVP_PKEY_CTX *ctx,
+                                               unsigned char *key,
+                                               size_t *keylen));
+
+void EVP_PKEY_meth_get_ctrl(EVP_PKEY_METHOD *pmeth,
+                            int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                           void *p2),
+                            int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                               const char *type,
+                                               const char *value));
+
 void EVP_add_alg_module(void);
 
 /* BEGIN ERROR CODES */
diff --git a/include64/openssl/opensslv.h b/include64/openssl/opensslv.h
index 645dd079..77f124e2 100644
--- a/include64/openssl/opensslv.h
+++ b/include64/openssl/opensslv.h
@@ -30,11 +30,11 @@ extern "C" {
  * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
  *  major minor fix final patch/beta)
  */
-# define OPENSSL_VERSION_NUMBER  0x100020bfL
+# define OPENSSL_VERSION_NUMBER  0x100020ffL
 # ifdef OPENSSL_FIPS
-#  define OPENSSL_VERSION_TEXT    "OpenSSL 1.0.2k-fips  26 Jan 2017"
+#  define OPENSSL_VERSION_TEXT    "OpenSSL 1.0.2o-fips  27 Mar 2018"
 # else
-#  define OPENSSL_VERSION_TEXT    "OpenSSL 1.0.2k  26 Jan 2017"
+#  define OPENSSL_VERSION_TEXT    "OpenSSL 1.0.2o  27 Mar 2018"
 # endif
 # define OPENSSL_VERSION_PTEXT   " part of " OPENSSL_VERSION_TEXT
 
diff --git a/include64/openssl/ssl.h b/include64/openssl/ssl.h
index 90aeb0ce..3cf96a23 100644
--- a/include64/openssl/ssl.h
+++ b/include64/openssl/ssl.h
@@ -1727,7 +1727,7 @@ extern "C" {
 # define SSL_ST_BEFORE                   0x4000
 # define SSL_ST_OK                       0x03
 # define SSL_ST_RENEGOTIATE              (0x04|SSL_ST_INIT)
-# define SSL_ST_ERR                      0x05
+# define SSL_ST_ERR                      (0x05|SSL_ST_INIT)
 
 # define SSL_CB_LOOP                     0x01
 # define SSL_CB_EXIT                     0x02
diff --git a/include64/openssl/symhacks.h b/include64/openssl/symhacks.h
index 239fa4fb..30019579 100644
--- a/include64/openssl/symhacks.h
+++ b/include64/openssl/symhacks.h
@@ -280,6 +280,8 @@
 #  define OPENSSL_add_all_algorithms_conf         OPENSSL_add_all_algo_conf
 #  undef EVP_PKEY_meth_set_verify_recover
 #  define EVP_PKEY_meth_set_verify_recover        EVP_PKEY_meth_set_vrfy_recover
+#  undef EVP_PKEY_meth_get_verify_recover
+#  define EVP_PKEY_meth_get_verify_recover        EVP_PKEY_meth_get_vrfy_recover
 
 /* Hack some long EC names */
 #  undef EC_GROUP_set_point_conversion_form
diff --git a/include64/openssl/tls1.h b/include64/openssl/tls1.h
index 7e237d06..dd1d8c10 100644
--- a/include64/openssl/tls1.h
+++ b/include64/openssl/tls1.h
@@ -317,7 +317,7 @@ int SSL_get_servername_type(const SSL *s);
  */
 int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
                                const char *label, size_t llen,
-                               const unsigned char *p, size_t plen,
+                               const unsigned char *context, size_t contextlen,
                                int use_context);
 
 int SSL_get_sigalgs(SSL *s, int idx,
diff --git a/ms/bcb.mak b/ms/bcb.mak
index 122739fc..132a5d46 100644
--- a/ms/bcb.mak
+++ b/ms/bcb.mak
@@ -174,8 +174,8 @@ T_OBJ=$(OBJ_D)\constant_time_test.obj \
 	$(OBJ_D)\verify_extra_test.obj $(OBJ_D)\v3nametest.obj $(OBJ_D)\enginetest.obj \
 	$(OBJ_D)\wp_test.obj $(OBJ_D)\srptest.obj $(OBJ_D)\ssltest.obj \
 	$(OBJ_D)\heartbeat_test.obj $(OBJ_D)\clienthellotest.obj $(OBJ_D)\sslv2conftest.obj \
-	$(OBJ_D)\dtlstest.obj $(OBJ_D)\bad_dtls_test.obj $(OBJ_D)\igetest.obj \
-	$(OBJ_D)\.obj $(OBJ_D)\ssltestlib.obj 
+	$(OBJ_D)\dtlstest.obj $(OBJ_D)\bad_dtls_test.obj $(OBJ_D)\fatalerrtest.obj \
+	$(OBJ_D)\igetest.obj $(OBJ_D)\.obj $(OBJ_D)\ssltestlib.obj 
 
 E_OBJ=$(OBJ_D)\verify.obj \
 	$(OBJ_D)\asn1pars.obj $(OBJ_D)\req.obj $(OBJ_D)\dgst.obj \
@@ -196,25 +196,6 @@ E_OBJ=$(OBJ_D)\verify.obj \
 	$(OBJ_D)\ocsp.obj $(OBJ_D)\prime.obj $(OBJ_D)\ts.obj \
 	$(OBJ_D)\srp.obj $(OBJ_D)\openssl.obj 
 
-SSLOBJ=$(OBJ_D)\s2_meth.obj \
-	$(OBJ_D)\s2_srvr.obj $(OBJ_D)\s2_clnt.obj $(OBJ_D)\s2_lib.obj \
-	$(OBJ_D)\s2_enc.obj $(OBJ_D)\s2_pkt.obj $(OBJ_D)\s3_meth.obj \
-	$(OBJ_D)\s3_srvr.obj $(OBJ_D)\s3_clnt.obj $(OBJ_D)\s3_lib.obj \
-	$(OBJ_D)\s3_enc.obj $(OBJ_D)\s3_pkt.obj $(OBJ_D)\s3_both.obj \
-	$(OBJ_D)\s3_cbc.obj $(OBJ_D)\s23_meth.obj $(OBJ_D)\s23_srvr.obj \
-	$(OBJ_D)\s23_clnt.obj $(OBJ_D)\s23_lib.obj $(OBJ_D)\s23_pkt.obj \
-	$(OBJ_D)\t1_meth.obj $(OBJ_D)\t1_srvr.obj $(OBJ_D)\t1_clnt.obj \
-	$(OBJ_D)\t1_lib.obj $(OBJ_D)\t1_enc.obj $(OBJ_D)\t1_ext.obj \
-	$(OBJ_D)\d1_meth.obj $(OBJ_D)\d1_srvr.obj $(OBJ_D)\d1_clnt.obj \
-	$(OBJ_D)\d1_lib.obj $(OBJ_D)\d1_pkt.obj $(OBJ_D)\d1_both.obj \
-	$(OBJ_D)\d1_srtp.obj $(OBJ_D)\ssl_lib.obj $(OBJ_D)\ssl_err2.obj \
-	$(OBJ_D)\ssl_cert.obj $(OBJ_D)\ssl_sess.obj $(OBJ_D)\ssl_ciph.obj \
-	$(OBJ_D)\ssl_stat.obj $(OBJ_D)\ssl_rsa.obj $(OBJ_D)\ssl_asn1.obj \
-	$(OBJ_D)\ssl_txt.obj $(OBJ_D)\ssl_algs.obj $(OBJ_D)\ssl_conf.obj \
-	$(OBJ_D)\bio_ssl.obj $(OBJ_D)\ssl_err.obj $(OBJ_D)\kssl.obj \
-	$(OBJ_D)\t1_reneg.obj $(OBJ_D)\tls_srp.obj $(OBJ_D)\t1_trce.obj \
-	$(OBJ_D)\ssl_utst.obj 
-
 CRYPTOOBJ=$(OBJ_D)\cryptlib.obj \
 	$(OBJ_D)\mem.obj $(OBJ_D)\mem_dbg.obj $(OBJ_D)\cversion.obj \
 	$(OBJ_D)\ex_data.obj $(OBJ_D)\cpt_err.obj $(OBJ_D)\ebcdic.obj \
@@ -422,6 +403,25 @@ CRYPTOOBJ=$(OBJ_D)\cryptlib.obj \
 	$(OBJ_D)\gost_md.obj $(OBJ_D)\gost_params.obj $(OBJ_D)\gost_pmeth.obj \
 	$(OBJ_D)\gost_sign.obj 
 
+SSLOBJ=$(OBJ_D)\s2_meth.obj \
+	$(OBJ_D)\s2_srvr.obj $(OBJ_D)\s2_clnt.obj $(OBJ_D)\s2_lib.obj \
+	$(OBJ_D)\s2_enc.obj $(OBJ_D)\s2_pkt.obj $(OBJ_D)\s3_meth.obj \
+	$(OBJ_D)\s3_srvr.obj $(OBJ_D)\s3_clnt.obj $(OBJ_D)\s3_lib.obj \
+	$(OBJ_D)\s3_enc.obj $(OBJ_D)\s3_pkt.obj $(OBJ_D)\s3_both.obj \
+	$(OBJ_D)\s3_cbc.obj $(OBJ_D)\s23_meth.obj $(OBJ_D)\s23_srvr.obj \
+	$(OBJ_D)\s23_clnt.obj $(OBJ_D)\s23_lib.obj $(OBJ_D)\s23_pkt.obj \
+	$(OBJ_D)\t1_meth.obj $(OBJ_D)\t1_srvr.obj $(OBJ_D)\t1_clnt.obj \
+	$(OBJ_D)\t1_lib.obj $(OBJ_D)\t1_enc.obj $(OBJ_D)\t1_ext.obj \
+	$(OBJ_D)\d1_meth.obj $(OBJ_D)\d1_srvr.obj $(OBJ_D)\d1_clnt.obj \
+	$(OBJ_D)\d1_lib.obj $(OBJ_D)\d1_pkt.obj $(OBJ_D)\d1_both.obj \
+	$(OBJ_D)\d1_srtp.obj $(OBJ_D)\ssl_lib.obj $(OBJ_D)\ssl_err2.obj \
+	$(OBJ_D)\ssl_cert.obj $(OBJ_D)\ssl_sess.obj $(OBJ_D)\ssl_ciph.obj \
+	$(OBJ_D)\ssl_stat.obj $(OBJ_D)\ssl_rsa.obj $(OBJ_D)\ssl_asn1.obj \
+	$(OBJ_D)\ssl_txt.obj $(OBJ_D)\ssl_algs.obj $(OBJ_D)\ssl_conf.obj \
+	$(OBJ_D)\bio_ssl.obj $(OBJ_D)\ssl_err.obj $(OBJ_D)\kssl.obj \
+	$(OBJ_D)\t1_reneg.obj $(OBJ_D)\tls_srp.obj $(OBJ_D)\t1_trce.obj \
+	$(OBJ_D)\ssl_utst.obj 
+
 T_EXE=$(TEST_D)\constant_time_test.exe \
 	$(TEST_D)\md4test.exe $(TEST_D)\md5test.exe $(TEST_D)\shatest.exe \
 	$(TEST_D)\sha1test.exe $(TEST_D)\sha256t.exe $(TEST_D)\sha512t.exe \
@@ -434,7 +434,8 @@ T_EXE=$(TEST_D)\constant_time_test.exe \
 	$(TEST_D)\verify_extra_test.exe $(TEST_D)\v3nametest.exe $(TEST_D)\enginetest.exe \
 	$(TEST_D)\wp_test.exe $(TEST_D)\srptest.exe $(TEST_D)\ssltest.exe \
 	$(TEST_D)\heartbeat_test.exe $(TEST_D)\clienthellotest.exe $(TEST_D)\sslv2conftest.exe \
-	$(TEST_D)\dtlstest.exe $(TEST_D)\bad_dtls_test.exe $(TEST_D)\igetest.exe 
+	$(TEST_D)\dtlstest.exe $(TEST_D)\bad_dtls_test.exe $(TEST_D)\fatalerrtest.exe \
+	$(TEST_D)\igetest.exe 
 
 E_SHLIB=
 
@@ -480,7 +481,7 @@ install: all
 	$(MKDIR) "$(INSTALLTOP)\include\openssl"
 	$(MKDIR) "$(INSTALLTOP)\lib"
 	$(CP) "$(INCO_D)\*.[ch]" "$(INSTALLTOP)\include\openssl"
-	$(CP) "$(BIN_D)\$(E_EXE).exe $(INSTALLTOP)\bin"
+	$(CP) "$(BIN_D)\$(E_EXE).exe" "$(INSTALLTOP)\bin"
 	$(MKDIR) "$(OPENSSLDIR)"
 	$(CP) apps\openssl.cnf "$(OPENSSLDIR)"
 	$(CP) "$(O_SSL)" "$(INSTALLTOP)\lib"
@@ -1051,6 +1052,9 @@ $(OBJ_D)\dtlstest.obj: $(SRC_D)\ssl\dtlstest.c
 $(OBJ_D)\bad_dtls_test.obj: $(SRC_D)\ssl\bad_dtls_test.c
 	$(CC) -o$(OBJ_D)\bad_dtls_test.obj $(APP_CFLAGS) -c $(SRC_D)\ssl\bad_dtls_test.c
 
+$(OBJ_D)\fatalerrtest.obj: $(SRC_D)\ssl\fatalerrtest.c
+	$(CC) -o$(OBJ_D)\fatalerrtest.obj $(APP_CFLAGS) -c $(SRC_D)\ssl\fatalerrtest.c
+
 $(OBJ_D)\igetest.obj: $(SRC_D)\test\igetest.c
 	$(CC) -o$(OBJ_D)\igetest.obj $(APP_CFLAGS) -c $(SRC_D)\test\igetest.c
 
@@ -1210,156 +1214,6 @@ $(OBJ_D)\srp.obj: $(SRC_D)\apps\srp.c
 $(OBJ_D)\openssl.obj: $(SRC_D)\apps\openssl.c
 	$(CC) -o$(OBJ_D)\openssl.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\openssl.c
 
-$(OBJ_D)\s2_meth.obj: $(SRC_D)\ssl\s2_meth.c
-	$(CC) -o$(OBJ_D)\s2_meth.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_meth.c
-
-$(OBJ_D)\s2_srvr.obj: $(SRC_D)\ssl\s2_srvr.c
-	$(CC) -o$(OBJ_D)\s2_srvr.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_srvr.c
-
-$(OBJ_D)\s2_clnt.obj: $(SRC_D)\ssl\s2_clnt.c
-	$(CC) -o$(OBJ_D)\s2_clnt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_clnt.c
-
-$(OBJ_D)\s2_lib.obj: $(SRC_D)\ssl\s2_lib.c
-	$(CC) -o$(OBJ_D)\s2_lib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_lib.c
-
-$(OBJ_D)\s2_enc.obj: $(SRC_D)\ssl\s2_enc.c
-	$(CC) -o$(OBJ_D)\s2_enc.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_enc.c
-
-$(OBJ_D)\s2_pkt.obj: $(SRC_D)\ssl\s2_pkt.c
-	$(CC) -o$(OBJ_D)\s2_pkt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_pkt.c
-
-$(OBJ_D)\s3_meth.obj: $(SRC_D)\ssl\s3_meth.c
-	$(CC) -o$(OBJ_D)\s3_meth.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_meth.c
-
-$(OBJ_D)\s3_srvr.obj: $(SRC_D)\ssl\s3_srvr.c
-	$(CC) -o$(OBJ_D)\s3_srvr.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_srvr.c
-
-$(OBJ_D)\s3_clnt.obj: $(SRC_D)\ssl\s3_clnt.c
-	$(CC) -o$(OBJ_D)\s3_clnt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_clnt.c
-
-$(OBJ_D)\s3_lib.obj: $(SRC_D)\ssl\s3_lib.c
-	$(CC) -o$(OBJ_D)\s3_lib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_lib.c
-
-$(OBJ_D)\s3_enc.obj: $(SRC_D)\ssl\s3_enc.c
-	$(CC) -o$(OBJ_D)\s3_enc.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_enc.c
-
-$(OBJ_D)\s3_pkt.obj: $(SRC_D)\ssl\s3_pkt.c
-	$(CC) -o$(OBJ_D)\s3_pkt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_pkt.c
-
-$(OBJ_D)\s3_both.obj: $(SRC_D)\ssl\s3_both.c
-	$(CC) -o$(OBJ_D)\s3_both.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_both.c
-
-$(OBJ_D)\s3_cbc.obj: $(SRC_D)\ssl\s3_cbc.c
-	$(CC) -o$(OBJ_D)\s3_cbc.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_cbc.c
-
-$(OBJ_D)\s23_meth.obj: $(SRC_D)\ssl\s23_meth.c
-	$(CC) -o$(OBJ_D)\s23_meth.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_meth.c
-
-$(OBJ_D)\s23_srvr.obj: $(SRC_D)\ssl\s23_srvr.c
-	$(CC) -o$(OBJ_D)\s23_srvr.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_srvr.c
-
-$(OBJ_D)\s23_clnt.obj: $(SRC_D)\ssl\s23_clnt.c
-	$(CC) -o$(OBJ_D)\s23_clnt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_clnt.c
-
-$(OBJ_D)\s23_lib.obj: $(SRC_D)\ssl\s23_lib.c
-	$(CC) -o$(OBJ_D)\s23_lib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_lib.c
-
-$(OBJ_D)\s23_pkt.obj: $(SRC_D)\ssl\s23_pkt.c
-	$(CC) -o$(OBJ_D)\s23_pkt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_pkt.c
-
-$(OBJ_D)\t1_meth.obj: $(SRC_D)\ssl\t1_meth.c
-	$(CC) -o$(OBJ_D)\t1_meth.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_meth.c
-
-$(OBJ_D)\t1_srvr.obj: $(SRC_D)\ssl\t1_srvr.c
-	$(CC) -o$(OBJ_D)\t1_srvr.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_srvr.c
-
-$(OBJ_D)\t1_clnt.obj: $(SRC_D)\ssl\t1_clnt.c
-	$(CC) -o$(OBJ_D)\t1_clnt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_clnt.c
-
-$(OBJ_D)\t1_lib.obj: $(SRC_D)\ssl\t1_lib.c
-	$(CC) -o$(OBJ_D)\t1_lib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_lib.c
-
-$(OBJ_D)\t1_enc.obj: $(SRC_D)\ssl\t1_enc.c
-	$(CC) -o$(OBJ_D)\t1_enc.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_enc.c
-
-$(OBJ_D)\t1_ext.obj: $(SRC_D)\ssl\t1_ext.c
-	$(CC) -o$(OBJ_D)\t1_ext.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_ext.c
-
-$(OBJ_D)\d1_meth.obj: $(SRC_D)\ssl\d1_meth.c
-	$(CC) -o$(OBJ_D)\d1_meth.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_meth.c
-
-$(OBJ_D)\d1_srvr.obj: $(SRC_D)\ssl\d1_srvr.c
-	$(CC) -o$(OBJ_D)\d1_srvr.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_srvr.c
-
-$(OBJ_D)\d1_clnt.obj: $(SRC_D)\ssl\d1_clnt.c
-	$(CC) -o$(OBJ_D)\d1_clnt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_clnt.c
-
-$(OBJ_D)\d1_lib.obj: $(SRC_D)\ssl\d1_lib.c
-	$(CC) -o$(OBJ_D)\d1_lib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_lib.c
-
-$(OBJ_D)\d1_pkt.obj: $(SRC_D)\ssl\d1_pkt.c
-	$(CC) -o$(OBJ_D)\d1_pkt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_pkt.c
-
-$(OBJ_D)\d1_both.obj: $(SRC_D)\ssl\d1_both.c
-	$(CC) -o$(OBJ_D)\d1_both.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_both.c
-
-$(OBJ_D)\d1_srtp.obj: $(SRC_D)\ssl\d1_srtp.c
-	$(CC) -o$(OBJ_D)\d1_srtp.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_srtp.c
-
-$(OBJ_D)\ssl_lib.obj: $(SRC_D)\ssl\ssl_lib.c
-	$(CC) -o$(OBJ_D)\ssl_lib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_lib.c
-
-$(OBJ_D)\ssl_err2.obj: $(SRC_D)\ssl\ssl_err2.c
-	$(CC) -o$(OBJ_D)\ssl_err2.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_err2.c
-
-$(OBJ_D)\ssl_cert.obj: $(SRC_D)\ssl\ssl_cert.c
-	$(CC) -o$(OBJ_D)\ssl_cert.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_cert.c
-
-$(OBJ_D)\ssl_sess.obj: $(SRC_D)\ssl\ssl_sess.c
-	$(CC) -o$(OBJ_D)\ssl_sess.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_sess.c
-
-$(OBJ_D)\ssl_ciph.obj: $(SRC_D)\ssl\ssl_ciph.c
-	$(CC) -o$(OBJ_D)\ssl_ciph.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_ciph.c
-
-$(OBJ_D)\ssl_stat.obj: $(SRC_D)\ssl\ssl_stat.c
-	$(CC) -o$(OBJ_D)\ssl_stat.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_stat.c
-
-$(OBJ_D)\ssl_rsa.obj: $(SRC_D)\ssl\ssl_rsa.c
-	$(CC) -o$(OBJ_D)\ssl_rsa.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_rsa.c
-
-$(OBJ_D)\ssl_asn1.obj: $(SRC_D)\ssl\ssl_asn1.c
-	$(CC) -o$(OBJ_D)\ssl_asn1.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_asn1.c
-
-$(OBJ_D)\ssl_txt.obj: $(SRC_D)\ssl\ssl_txt.c
-	$(CC) -o$(OBJ_D)\ssl_txt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_txt.c
-
-$(OBJ_D)\ssl_algs.obj: $(SRC_D)\ssl\ssl_algs.c
-	$(CC) -o$(OBJ_D)\ssl_algs.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_algs.c
-
-$(OBJ_D)\ssl_conf.obj: $(SRC_D)\ssl\ssl_conf.c
-	$(CC) -o$(OBJ_D)\ssl_conf.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_conf.c
-
-$(OBJ_D)\bio_ssl.obj: $(SRC_D)\ssl\bio_ssl.c
-	$(CC) -o$(OBJ_D)\bio_ssl.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\bio_ssl.c
-
-$(OBJ_D)\ssl_err.obj: $(SRC_D)\ssl\ssl_err.c
-	$(CC) -o$(OBJ_D)\ssl_err.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_err.c
-
-$(OBJ_D)\kssl.obj: $(SRC_D)\ssl\kssl.c
-	$(CC) -o$(OBJ_D)\kssl.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\kssl.c
-
-$(OBJ_D)\t1_reneg.obj: $(SRC_D)\ssl\t1_reneg.c
-	$(CC) -o$(OBJ_D)\t1_reneg.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_reneg.c
-
-$(OBJ_D)\tls_srp.obj: $(SRC_D)\ssl\tls_srp.c
-	$(CC) -o$(OBJ_D)\tls_srp.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\tls_srp.c
-
-$(OBJ_D)\t1_trce.obj: $(SRC_D)\ssl\t1_trce.c
-	$(CC) -o$(OBJ_D)\t1_trce.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_trce.c
-
-$(OBJ_D)\ssl_utst.obj: $(SRC_D)\ssl\ssl_utst.c
-	$(CC) -o$(OBJ_D)\ssl_utst.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_utst.c
-
 $(OBJ_D)\cryptlib.obj: $(SRC_D)\crypto\cryptlib.c
 	$(CC) -o$(OBJ_D)\cryptlib.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\cryptlib.c
 
@@ -3265,6 +3119,156 @@ $(OBJ_D)\gost_pmeth.obj: $(SRC_D)\engines\ccgost\gost_pmeth.c
 $(OBJ_D)\gost_sign.obj: $(SRC_D)\engines\ccgost\gost_sign.c
 	$(CC) -o$(OBJ_D)\gost_sign.obj  $(LIB_CFLAGS) -c $(SRC_D)\engines\ccgost\gost_sign.c
 
+$(OBJ_D)\s2_meth.obj: $(SRC_D)\ssl\s2_meth.c
+	$(CC) -o$(OBJ_D)\s2_meth.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_meth.c
+
+$(OBJ_D)\s2_srvr.obj: $(SRC_D)\ssl\s2_srvr.c
+	$(CC) -o$(OBJ_D)\s2_srvr.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_srvr.c
+
+$(OBJ_D)\s2_clnt.obj: $(SRC_D)\ssl\s2_clnt.c
+	$(CC) -o$(OBJ_D)\s2_clnt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_clnt.c
+
+$(OBJ_D)\s2_lib.obj: $(SRC_D)\ssl\s2_lib.c
+	$(CC) -o$(OBJ_D)\s2_lib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_lib.c
+
+$(OBJ_D)\s2_enc.obj: $(SRC_D)\ssl\s2_enc.c
+	$(CC) -o$(OBJ_D)\s2_enc.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_enc.c
+
+$(OBJ_D)\s2_pkt.obj: $(SRC_D)\ssl\s2_pkt.c
+	$(CC) -o$(OBJ_D)\s2_pkt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_pkt.c
+
+$(OBJ_D)\s3_meth.obj: $(SRC_D)\ssl\s3_meth.c
+	$(CC) -o$(OBJ_D)\s3_meth.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_meth.c
+
+$(OBJ_D)\s3_srvr.obj: $(SRC_D)\ssl\s3_srvr.c
+	$(CC) -o$(OBJ_D)\s3_srvr.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_srvr.c
+
+$(OBJ_D)\s3_clnt.obj: $(SRC_D)\ssl\s3_clnt.c
+	$(CC) -o$(OBJ_D)\s3_clnt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_clnt.c
+
+$(OBJ_D)\s3_lib.obj: $(SRC_D)\ssl\s3_lib.c
+	$(CC) -o$(OBJ_D)\s3_lib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_lib.c
+
+$(OBJ_D)\s3_enc.obj: $(SRC_D)\ssl\s3_enc.c
+	$(CC) -o$(OBJ_D)\s3_enc.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_enc.c
+
+$(OBJ_D)\s3_pkt.obj: $(SRC_D)\ssl\s3_pkt.c
+	$(CC) -o$(OBJ_D)\s3_pkt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_pkt.c
+
+$(OBJ_D)\s3_both.obj: $(SRC_D)\ssl\s3_both.c
+	$(CC) -o$(OBJ_D)\s3_both.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_both.c
+
+$(OBJ_D)\s3_cbc.obj: $(SRC_D)\ssl\s3_cbc.c
+	$(CC) -o$(OBJ_D)\s3_cbc.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_cbc.c
+
+$(OBJ_D)\s23_meth.obj: $(SRC_D)\ssl\s23_meth.c
+	$(CC) -o$(OBJ_D)\s23_meth.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_meth.c
+
+$(OBJ_D)\s23_srvr.obj: $(SRC_D)\ssl\s23_srvr.c
+	$(CC) -o$(OBJ_D)\s23_srvr.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_srvr.c
+
+$(OBJ_D)\s23_clnt.obj: $(SRC_D)\ssl\s23_clnt.c
+	$(CC) -o$(OBJ_D)\s23_clnt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_clnt.c
+
+$(OBJ_D)\s23_lib.obj: $(SRC_D)\ssl\s23_lib.c
+	$(CC) -o$(OBJ_D)\s23_lib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_lib.c
+
+$(OBJ_D)\s23_pkt.obj: $(SRC_D)\ssl\s23_pkt.c
+	$(CC) -o$(OBJ_D)\s23_pkt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_pkt.c
+
+$(OBJ_D)\t1_meth.obj: $(SRC_D)\ssl\t1_meth.c
+	$(CC) -o$(OBJ_D)\t1_meth.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_meth.c
+
+$(OBJ_D)\t1_srvr.obj: $(SRC_D)\ssl\t1_srvr.c
+	$(CC) -o$(OBJ_D)\t1_srvr.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_srvr.c
+
+$(OBJ_D)\t1_clnt.obj: $(SRC_D)\ssl\t1_clnt.c
+	$(CC) -o$(OBJ_D)\t1_clnt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_clnt.c
+
+$(OBJ_D)\t1_lib.obj: $(SRC_D)\ssl\t1_lib.c
+	$(CC) -o$(OBJ_D)\t1_lib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_lib.c
+
+$(OBJ_D)\t1_enc.obj: $(SRC_D)\ssl\t1_enc.c
+	$(CC) -o$(OBJ_D)\t1_enc.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_enc.c
+
+$(OBJ_D)\t1_ext.obj: $(SRC_D)\ssl\t1_ext.c
+	$(CC) -o$(OBJ_D)\t1_ext.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_ext.c
+
+$(OBJ_D)\d1_meth.obj: $(SRC_D)\ssl\d1_meth.c
+	$(CC) -o$(OBJ_D)\d1_meth.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_meth.c
+
+$(OBJ_D)\d1_srvr.obj: $(SRC_D)\ssl\d1_srvr.c
+	$(CC) -o$(OBJ_D)\d1_srvr.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_srvr.c
+
+$(OBJ_D)\d1_clnt.obj: $(SRC_D)\ssl\d1_clnt.c
+	$(CC) -o$(OBJ_D)\d1_clnt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_clnt.c
+
+$(OBJ_D)\d1_lib.obj: $(SRC_D)\ssl\d1_lib.c
+	$(CC) -o$(OBJ_D)\d1_lib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_lib.c
+
+$(OBJ_D)\d1_pkt.obj: $(SRC_D)\ssl\d1_pkt.c
+	$(CC) -o$(OBJ_D)\d1_pkt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_pkt.c
+
+$(OBJ_D)\d1_both.obj: $(SRC_D)\ssl\d1_both.c
+	$(CC) -o$(OBJ_D)\d1_both.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_both.c
+
+$(OBJ_D)\d1_srtp.obj: $(SRC_D)\ssl\d1_srtp.c
+	$(CC) -o$(OBJ_D)\d1_srtp.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_srtp.c
+
+$(OBJ_D)\ssl_lib.obj: $(SRC_D)\ssl\ssl_lib.c
+	$(CC) -o$(OBJ_D)\ssl_lib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_lib.c
+
+$(OBJ_D)\ssl_err2.obj: $(SRC_D)\ssl\ssl_err2.c
+	$(CC) -o$(OBJ_D)\ssl_err2.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_err2.c
+
+$(OBJ_D)\ssl_cert.obj: $(SRC_D)\ssl\ssl_cert.c
+	$(CC) -o$(OBJ_D)\ssl_cert.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_cert.c
+
+$(OBJ_D)\ssl_sess.obj: $(SRC_D)\ssl\ssl_sess.c
+	$(CC) -o$(OBJ_D)\ssl_sess.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_sess.c
+
+$(OBJ_D)\ssl_ciph.obj: $(SRC_D)\ssl\ssl_ciph.c
+	$(CC) -o$(OBJ_D)\ssl_ciph.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_ciph.c
+
+$(OBJ_D)\ssl_stat.obj: $(SRC_D)\ssl\ssl_stat.c
+	$(CC) -o$(OBJ_D)\ssl_stat.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_stat.c
+
+$(OBJ_D)\ssl_rsa.obj: $(SRC_D)\ssl\ssl_rsa.c
+	$(CC) -o$(OBJ_D)\ssl_rsa.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_rsa.c
+
+$(OBJ_D)\ssl_asn1.obj: $(SRC_D)\ssl\ssl_asn1.c
+	$(CC) -o$(OBJ_D)\ssl_asn1.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_asn1.c
+
+$(OBJ_D)\ssl_txt.obj: $(SRC_D)\ssl\ssl_txt.c
+	$(CC) -o$(OBJ_D)\ssl_txt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_txt.c
+
+$(OBJ_D)\ssl_algs.obj: $(SRC_D)\ssl\ssl_algs.c
+	$(CC) -o$(OBJ_D)\ssl_algs.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_algs.c
+
+$(OBJ_D)\ssl_conf.obj: $(SRC_D)\ssl\ssl_conf.c
+	$(CC) -o$(OBJ_D)\ssl_conf.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_conf.c
+
+$(OBJ_D)\bio_ssl.obj: $(SRC_D)\ssl\bio_ssl.c
+	$(CC) -o$(OBJ_D)\bio_ssl.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\bio_ssl.c
+
+$(OBJ_D)\ssl_err.obj: $(SRC_D)\ssl\ssl_err.c
+	$(CC) -o$(OBJ_D)\ssl_err.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_err.c
+
+$(OBJ_D)\kssl.obj: $(SRC_D)\ssl\kssl.c
+	$(CC) -o$(OBJ_D)\kssl.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\kssl.c
+
+$(OBJ_D)\t1_reneg.obj: $(SRC_D)\ssl\t1_reneg.c
+	$(CC) -o$(OBJ_D)\t1_reneg.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_reneg.c
+
+$(OBJ_D)\tls_srp.obj: $(SRC_D)\ssl\tls_srp.c
+	$(CC) -o$(OBJ_D)\tls_srp.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\tls_srp.c
+
+$(OBJ_D)\t1_trce.obj: $(SRC_D)\ssl\t1_trce.c
+	$(CC) -o$(OBJ_D)\t1_trce.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_trce.c
+
+$(OBJ_D)\ssl_utst.obj: $(SRC_D)\ssl\ssl_utst.c
+	$(CC) -o$(OBJ_D)\ssl_utst.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_utst.c
+
 $(TEST_D)\constant_time_test.exe: $(OBJ_D)\constant_time_test.obj $(LIBS_DEP)
 	$(LINK_CMD) $(LFLAGS) $(OBJ_D)\constant_time_test.obj $(APP_EX_OBJ), $(TEST_D)\constant_time_test.exe,, $(L_LIBS) $(EX_LIBS)
 
@@ -3373,6 +3377,9 @@ $(TEST_D)\dtlstest.exe: $(OBJ_D)\dtlstest.obj $(OBJ_D)\ssltestlib.obj $(LIBS_DEP
 $(TEST_D)\bad_dtls_test.exe: $(OBJ_D)\bad_dtls_test.obj $(LIBS_DEP)
 	$(LINK_CMD) $(LFLAGS) $(OBJ_D)\bad_dtls_test.obj $(APP_EX_OBJ), $(TEST_D)\bad_dtls_test.exe,, $(L_LIBS) $(EX_LIBS)
 
+$(TEST_D)\fatalerrtest.exe: $(OBJ_D)\fatalerrtest.obj $(OBJ_D)\ssltestlib.obj $(LIBS_DEP)
+	$(LINK_CMD) $(LFLAGS) $(OBJ_D)\fatalerrtest.obj $(OBJ_D)\ssltestlib.obj $(APP_EX_OBJ), $(TEST_D)\fatalerrtest.exe,, $(L_LIBS) $(EX_LIBS)
+
 $(TEST_D)\igetest.exe: $(OBJ_D)\igetest.obj $(LIBS_DEP)
 	$(LINK_CMD) $(LFLAGS) $(OBJ_D)\igetest.obj $(APP_EX_OBJ), $(TEST_D)\igetest.exe,, $(L_LIBS) $(EX_LIBS)
 
diff --git a/ms/libeay32.def b/ms/libeay32.def
index 5d670f60..af39f311 100644
--- a/ms/libeay32.def
+++ b/ms/libeay32.def
@@ -1466,6 +1466,20 @@ EXPORTS
     EVP_PKEY_meth_find                      @4469
     EVP_PKEY_meth_free                      @4460
     EVP_PKEY_meth_get0_info                 @4587
+    EVP_PKEY_meth_get_cleanup               @4786
+    EVP_PKEY_meth_get_copy                  @4788
+    EVP_PKEY_meth_get_ctrl                  @4784
+    EVP_PKEY_meth_get_decrypt               @4785
+    EVP_PKEY_meth_get_derive                @4778
+    EVP_PKEY_meth_get_encrypt               @4787
+    EVP_PKEY_meth_get_init                  @4775
+    EVP_PKEY_meth_get_keygen                @4777
+    EVP_PKEY_meth_get_paramgen              @4780
+    EVP_PKEY_meth_get_sign                  @4782
+    EVP_PKEY_meth_get_signctx               @4783
+    EVP_PKEY_meth_get_verify                @4781
+    EVP_PKEY_meth_get_verify_recover        @4776
+    EVP_PKEY_meth_get_verifyctx             @4779
     EVP_PKEY_meth_new                       @4448
     EVP_PKEY_meth_set_cleanup               @4502
     EVP_PKEY_meth_set_copy                  @4527
diff --git a/ms/nt32.asm.mak b/ms/nt32.asm.mak
index 3a7883b1..43f7a75f 100644
--- a/ms/nt32.asm.mak
+++ b/ms/nt32.asm.mak
@@ -18,7 +18,7 @@ OPENSSLDIR=\usr\local\ssl
 # Set your compiler options
 PLATFORM=VC-WIN32
 CC=cl
-CFLAG= /MT /Ox /O2 /Ob2 -DOPENSSL_THREADS  -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DOPENSSL_NO_IDEA -DOPENSSL_NO_RC5 -DOPENSSL_NO_MD2 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_SSL2 -DOPENSSL_NO_KRB5 -DOPENSSL_NO_JPAKE -DOPENSSL_NO_WEAK_SSL_CIPHERS -DOPENSSL_NO_DYNAMIC_ENGINE    
+CFLAG= /MT /Ox /O2 /Ob2 -DOPENSSL_THREADS  -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DOPENSSL_NO_IDEA -DOPENSSL_NO_RC5 -DOPENSSL_NO_MD2 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_SSL2 -DOPENSSL_NO_KRB5 -DOPENSSL_NO_JPAKE -DOPENSSL_NO_WEAK_SSL_CIPHERS -DOPENSSL_NO_DYNAMIC_ENGINE    
 APP_CFLAG= /Zi /Fd$(TMP_D)/app
 LIB_CFLAG=/Zl /Zi /Fd$(TMP_D)/lib
 SHLIB_CFLAG=
@@ -174,8 +174,8 @@ T_OBJ=$(OBJ_D)\constant_time_test.obj \
 	$(OBJ_D)\verify_extra_test.obj $(OBJ_D)\v3nametest.obj $(OBJ_D)\enginetest.obj \
 	$(OBJ_D)\wp_test.obj $(OBJ_D)\srptest.obj $(OBJ_D)\ssltest.obj \
 	$(OBJ_D)\heartbeat_test.obj $(OBJ_D)\clienthellotest.obj $(OBJ_D)\sslv2conftest.obj \
-	$(OBJ_D)\dtlstest.obj $(OBJ_D)\bad_dtls_test.obj $(OBJ_D)\igetest.obj \
-	$(OBJ_D)\.obj $(OBJ_D)\ssltestlib.obj 
+	$(OBJ_D)\dtlstest.obj $(OBJ_D)\bad_dtls_test.obj $(OBJ_D)\fatalerrtest.obj \
+	$(OBJ_D)\igetest.obj $(OBJ_D)\.obj $(OBJ_D)\ssltestlib.obj 
 
 E_OBJ=$(OBJ_D)\verify.obj \
 	$(OBJ_D)\asn1pars.obj $(OBJ_D)\req.obj $(OBJ_D)\dgst.obj \
@@ -196,6 +196,25 @@ E_OBJ=$(OBJ_D)\verify.obj \
 	$(OBJ_D)\ocsp.obj $(OBJ_D)\prime.obj $(OBJ_D)\ts.obj \
 	$(OBJ_D)\srp.obj $(OBJ_D)\openssl.obj 
 
+SSLOBJ=$(OBJ_D)\s2_meth.obj \
+	$(OBJ_D)\s2_srvr.obj $(OBJ_D)\s2_clnt.obj $(OBJ_D)\s2_lib.obj \
+	$(OBJ_D)\s2_enc.obj $(OBJ_D)\s2_pkt.obj $(OBJ_D)\s3_meth.obj \
+	$(OBJ_D)\s3_srvr.obj $(OBJ_D)\s3_clnt.obj $(OBJ_D)\s3_lib.obj \
+	$(OBJ_D)\s3_enc.obj $(OBJ_D)\s3_pkt.obj $(OBJ_D)\s3_both.obj \
+	$(OBJ_D)\s3_cbc.obj $(OBJ_D)\s23_meth.obj $(OBJ_D)\s23_srvr.obj \
+	$(OBJ_D)\s23_clnt.obj $(OBJ_D)\s23_lib.obj $(OBJ_D)\s23_pkt.obj \
+	$(OBJ_D)\t1_meth.obj $(OBJ_D)\t1_srvr.obj $(OBJ_D)\t1_clnt.obj \
+	$(OBJ_D)\t1_lib.obj $(OBJ_D)\t1_enc.obj $(OBJ_D)\t1_ext.obj \
+	$(OBJ_D)\d1_meth.obj $(OBJ_D)\d1_srvr.obj $(OBJ_D)\d1_clnt.obj \
+	$(OBJ_D)\d1_lib.obj $(OBJ_D)\d1_pkt.obj $(OBJ_D)\d1_both.obj \
+	$(OBJ_D)\d1_srtp.obj $(OBJ_D)\ssl_lib.obj $(OBJ_D)\ssl_err2.obj \
+	$(OBJ_D)\ssl_cert.obj $(OBJ_D)\ssl_sess.obj $(OBJ_D)\ssl_ciph.obj \
+	$(OBJ_D)\ssl_stat.obj $(OBJ_D)\ssl_rsa.obj $(OBJ_D)\ssl_asn1.obj \
+	$(OBJ_D)\ssl_txt.obj $(OBJ_D)\ssl_algs.obj $(OBJ_D)\ssl_conf.obj \
+	$(OBJ_D)\bio_ssl.obj $(OBJ_D)\ssl_err.obj $(OBJ_D)\kssl.obj \
+	$(OBJ_D)\t1_reneg.obj $(OBJ_D)\tls_srp.obj $(OBJ_D)\t1_trce.obj \
+	$(OBJ_D)\ssl_utst.obj 
+
 CRYPTOOBJ=$(OBJ_D)\cryptlib.obj \
 	$(OBJ_D)\mem.obj $(OBJ_D)\mem_dbg.obj $(OBJ_D)\cversion.obj \
 	$(OBJ_D)\ex_data.obj $(OBJ_D)\cpt_err.obj $(OBJ_D)\ebcdic.obj \
@@ -403,25 +422,6 @@ CRYPTOOBJ=$(OBJ_D)\cryptlib.obj \
 	$(OBJ_D)\gost_md.obj $(OBJ_D)\gost_params.obj $(OBJ_D)\gost_pmeth.obj \
 	$(OBJ_D)\gost_sign.obj 
 
-SSLOBJ=$(OBJ_D)\s2_meth.obj \
-	$(OBJ_D)\s2_srvr.obj $(OBJ_D)\s2_clnt.obj $(OBJ_D)\s2_lib.obj \
-	$(OBJ_D)\s2_enc.obj $(OBJ_D)\s2_pkt.obj $(OBJ_D)\s3_meth.obj \
-	$(OBJ_D)\s3_srvr.obj $(OBJ_D)\s3_clnt.obj $(OBJ_D)\s3_lib.obj \
-	$(OBJ_D)\s3_enc.obj $(OBJ_D)\s3_pkt.obj $(OBJ_D)\s3_both.obj \
-	$(OBJ_D)\s3_cbc.obj $(OBJ_D)\s23_meth.obj $(OBJ_D)\s23_srvr.obj \
-	$(OBJ_D)\s23_clnt.obj $(OBJ_D)\s23_lib.obj $(OBJ_D)\s23_pkt.obj \
-	$(OBJ_D)\t1_meth.obj $(OBJ_D)\t1_srvr.obj $(OBJ_D)\t1_clnt.obj \
-	$(OBJ_D)\t1_lib.obj $(OBJ_D)\t1_enc.obj $(OBJ_D)\t1_ext.obj \
-	$(OBJ_D)\d1_meth.obj $(OBJ_D)\d1_srvr.obj $(OBJ_D)\d1_clnt.obj \
-	$(OBJ_D)\d1_lib.obj $(OBJ_D)\d1_pkt.obj $(OBJ_D)\d1_both.obj \
-	$(OBJ_D)\d1_srtp.obj $(OBJ_D)\ssl_lib.obj $(OBJ_D)\ssl_err2.obj \
-	$(OBJ_D)\ssl_cert.obj $(OBJ_D)\ssl_sess.obj $(OBJ_D)\ssl_ciph.obj \
-	$(OBJ_D)\ssl_stat.obj $(OBJ_D)\ssl_rsa.obj $(OBJ_D)\ssl_asn1.obj \
-	$(OBJ_D)\ssl_txt.obj $(OBJ_D)\ssl_algs.obj $(OBJ_D)\ssl_conf.obj \
-	$(OBJ_D)\bio_ssl.obj $(OBJ_D)\ssl_err.obj $(OBJ_D)\kssl.obj \
-	$(OBJ_D)\t1_reneg.obj $(OBJ_D)\tls_srp.obj $(OBJ_D)\t1_trce.obj \
-	$(OBJ_D)\ssl_utst.obj 
-
 T_EXE=$(TEST_D)\constant_time_test.exe \
 	$(TEST_D)\md4test.exe $(TEST_D)\md5test.exe $(TEST_D)\shatest.exe \
 	$(TEST_D)\sha1test.exe $(TEST_D)\sha256t.exe $(TEST_D)\sha512t.exe \
@@ -434,7 +434,8 @@ T_EXE=$(TEST_D)\constant_time_test.exe \
 	$(TEST_D)\verify_extra_test.exe $(TEST_D)\v3nametest.exe $(TEST_D)\enginetest.exe \
 	$(TEST_D)\wp_test.exe $(TEST_D)\srptest.exe $(TEST_D)\ssltest.exe \
 	$(TEST_D)\heartbeat_test.exe $(TEST_D)\clienthellotest.exe $(TEST_D)\sslv2conftest.exe \
-	$(TEST_D)\dtlstest.exe $(TEST_D)\bad_dtls_test.exe $(TEST_D)\igetest.exe 
+	$(TEST_D)\dtlstest.exe $(TEST_D)\bad_dtls_test.exe $(TEST_D)\fatalerrtest.exe \
+	$(TEST_D)\igetest.exe 
 
 E_SHLIB=
 
diff --git a/ms/nt32.mak b/ms/nt32.mak
index 3bde7364..fa187e94 100644
--- a/ms/nt32.mak
+++ b/ms/nt32.mak
@@ -18,7 +18,7 @@ OPENSSLDIR=\usr\local\ssl
 # Set your compiler options
 PLATFORM=VC-WIN32
 CC=cl
-CFLAG= /MT /Ox /O2 /Ob2 -DOPENSSL_THREADS  -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DOPENSSL_NO_IDEA -DOPENSSL_NO_RC5 -DOPENSSL_NO_MD2 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_SSL2 -DOPENSSL_NO_KRB5 -DOPENSSL_NO_JPAKE -DOPENSSL_NO_WEAK_SSL_CIPHERS -DOPENSSL_NO_DYNAMIC_ENGINE    
+CFLAG= /MT /Ox /O2 /Ob2 -DOPENSSL_THREADS  -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DOPENSSL_NO_IDEA -DOPENSSL_NO_RC5 -DOPENSSL_NO_MD2 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_SSL2 -DOPENSSL_NO_KRB5 -DOPENSSL_NO_JPAKE -DOPENSSL_NO_WEAK_SSL_CIPHERS -DOPENSSL_NO_DYNAMIC_ENGINE    
 APP_CFLAG= /Zi /Fd$(TMP_D)/app
 LIB_CFLAG=/Zl /Zi /Fd$(TMP_D)/lib
 SHLIB_CFLAG=
@@ -174,8 +174,8 @@ T_OBJ=$(OBJ_D)\constant_time_test.obj \
 	$(OBJ_D)\verify_extra_test.obj $(OBJ_D)\v3nametest.obj $(OBJ_D)\enginetest.obj \
 	$(OBJ_D)\wp_test.obj $(OBJ_D)\srptest.obj $(OBJ_D)\ssltest.obj \
 	$(OBJ_D)\heartbeat_test.obj $(OBJ_D)\clienthellotest.obj $(OBJ_D)\sslv2conftest.obj \
-	$(OBJ_D)\dtlstest.obj $(OBJ_D)\bad_dtls_test.obj $(OBJ_D)\igetest.obj \
-	$(OBJ_D)\.obj $(OBJ_D)\ssltestlib.obj 
+	$(OBJ_D)\dtlstest.obj $(OBJ_D)\bad_dtls_test.obj $(OBJ_D)\fatalerrtest.obj \
+	$(OBJ_D)\igetest.obj $(OBJ_D)\.obj $(OBJ_D)\ssltestlib.obj 
 
 E_OBJ=$(OBJ_D)\verify.obj \
 	$(OBJ_D)\asn1pars.obj $(OBJ_D)\req.obj $(OBJ_D)\dgst.obj \
@@ -196,6 +196,25 @@ E_OBJ=$(OBJ_D)\verify.obj \
 	$(OBJ_D)\ocsp.obj $(OBJ_D)\prime.obj $(OBJ_D)\ts.obj \
 	$(OBJ_D)\srp.obj $(OBJ_D)\openssl.obj 
 
+SSLOBJ=$(OBJ_D)\s2_meth.obj \
+	$(OBJ_D)\s2_srvr.obj $(OBJ_D)\s2_clnt.obj $(OBJ_D)\s2_lib.obj \
+	$(OBJ_D)\s2_enc.obj $(OBJ_D)\s2_pkt.obj $(OBJ_D)\s3_meth.obj \
+	$(OBJ_D)\s3_srvr.obj $(OBJ_D)\s3_clnt.obj $(OBJ_D)\s3_lib.obj \
+	$(OBJ_D)\s3_enc.obj $(OBJ_D)\s3_pkt.obj $(OBJ_D)\s3_both.obj \
+	$(OBJ_D)\s3_cbc.obj $(OBJ_D)\s23_meth.obj $(OBJ_D)\s23_srvr.obj \
+	$(OBJ_D)\s23_clnt.obj $(OBJ_D)\s23_lib.obj $(OBJ_D)\s23_pkt.obj \
+	$(OBJ_D)\t1_meth.obj $(OBJ_D)\t1_srvr.obj $(OBJ_D)\t1_clnt.obj \
+	$(OBJ_D)\t1_lib.obj $(OBJ_D)\t1_enc.obj $(OBJ_D)\t1_ext.obj \
+	$(OBJ_D)\d1_meth.obj $(OBJ_D)\d1_srvr.obj $(OBJ_D)\d1_clnt.obj \
+	$(OBJ_D)\d1_lib.obj $(OBJ_D)\d1_pkt.obj $(OBJ_D)\d1_both.obj \
+	$(OBJ_D)\d1_srtp.obj $(OBJ_D)\ssl_lib.obj $(OBJ_D)\ssl_err2.obj \
+	$(OBJ_D)\ssl_cert.obj $(OBJ_D)\ssl_sess.obj $(OBJ_D)\ssl_ciph.obj \
+	$(OBJ_D)\ssl_stat.obj $(OBJ_D)\ssl_rsa.obj $(OBJ_D)\ssl_asn1.obj \
+	$(OBJ_D)\ssl_txt.obj $(OBJ_D)\ssl_algs.obj $(OBJ_D)\ssl_conf.obj \
+	$(OBJ_D)\bio_ssl.obj $(OBJ_D)\ssl_err.obj $(OBJ_D)\kssl.obj \
+	$(OBJ_D)\t1_reneg.obj $(OBJ_D)\tls_srp.obj $(OBJ_D)\t1_trce.obj \
+	$(OBJ_D)\ssl_utst.obj 
+
 CRYPTOOBJ=$(OBJ_D)\cryptlib.obj \
 	$(OBJ_D)\mem.obj $(OBJ_D)\mem_dbg.obj $(OBJ_D)\cversion.obj \
 	$(OBJ_D)\ex_data.obj $(OBJ_D)\cpt_err.obj $(OBJ_D)\ebcdic.obj \
@@ -403,25 +422,6 @@ CRYPTOOBJ=$(OBJ_D)\cryptlib.obj \
 	$(OBJ_D)\gost_md.obj $(OBJ_D)\gost_params.obj $(OBJ_D)\gost_pmeth.obj \
 	$(OBJ_D)\gost_sign.obj 
 
-SSLOBJ=$(OBJ_D)\s2_meth.obj \
-	$(OBJ_D)\s2_srvr.obj $(OBJ_D)\s2_clnt.obj $(OBJ_D)\s2_lib.obj \
-	$(OBJ_D)\s2_enc.obj $(OBJ_D)\s2_pkt.obj $(OBJ_D)\s3_meth.obj \
-	$(OBJ_D)\s3_srvr.obj $(OBJ_D)\s3_clnt.obj $(OBJ_D)\s3_lib.obj \
-	$(OBJ_D)\s3_enc.obj $(OBJ_D)\s3_pkt.obj $(OBJ_D)\s3_both.obj \
-	$(OBJ_D)\s3_cbc.obj $(OBJ_D)\s23_meth.obj $(OBJ_D)\s23_srvr.obj \
-	$(OBJ_D)\s23_clnt.obj $(OBJ_D)\s23_lib.obj $(OBJ_D)\s23_pkt.obj \
-	$(OBJ_D)\t1_meth.obj $(OBJ_D)\t1_srvr.obj $(OBJ_D)\t1_clnt.obj \
-	$(OBJ_D)\t1_lib.obj $(OBJ_D)\t1_enc.obj $(OBJ_D)\t1_ext.obj \
-	$(OBJ_D)\d1_meth.obj $(OBJ_D)\d1_srvr.obj $(OBJ_D)\d1_clnt.obj \
-	$(OBJ_D)\d1_lib.obj $(OBJ_D)\d1_pkt.obj $(OBJ_D)\d1_both.obj \
-	$(OBJ_D)\d1_srtp.obj $(OBJ_D)\ssl_lib.obj $(OBJ_D)\ssl_err2.obj \
-	$(OBJ_D)\ssl_cert.obj $(OBJ_D)\ssl_sess.obj $(OBJ_D)\ssl_ciph.obj \
-	$(OBJ_D)\ssl_stat.obj $(OBJ_D)\ssl_rsa.obj $(OBJ_D)\ssl_asn1.obj \
-	$(OBJ_D)\ssl_txt.obj $(OBJ_D)\ssl_algs.obj $(OBJ_D)\ssl_conf.obj \
-	$(OBJ_D)\bio_ssl.obj $(OBJ_D)\ssl_err.obj $(OBJ_D)\kssl.obj \
-	$(OBJ_D)\t1_reneg.obj $(OBJ_D)\tls_srp.obj $(OBJ_D)\t1_trce.obj \
-	$(OBJ_D)\ssl_utst.obj 
-
 T_EXE=$(TEST_D)\constant_time_test.exe \
 	$(TEST_D)\md4test.exe $(TEST_D)\md5test.exe $(TEST_D)\shatest.exe \
 	$(TEST_D)\sha1test.exe $(TEST_D)\sha256t.exe $(TEST_D)\sha512t.exe \
@@ -434,7 +434,8 @@ T_EXE=$(TEST_D)\constant_time_test.exe \
 	$(TEST_D)\verify_extra_test.exe $(TEST_D)\v3nametest.exe $(TEST_D)\enginetest.exe \
 	$(TEST_D)\wp_test.exe $(TEST_D)\srptest.exe $(TEST_D)\ssltest.exe \
 	$(TEST_D)\heartbeat_test.exe $(TEST_D)\clienthellotest.exe $(TEST_D)\sslv2conftest.exe \
-	$(TEST_D)\dtlstest.exe $(TEST_D)\bad_dtls_test.exe $(TEST_D)\igetest.exe 
+	$(TEST_D)\dtlstest.exe $(TEST_D)\bad_dtls_test.exe $(TEST_D)\fatalerrtest.exe \
+	$(TEST_D)\igetest.exe 
 
 E_SHLIB=
 
@@ -480,7 +481,7 @@ install: all
 	$(MKDIR) "$(INSTALLTOP)\include\openssl"
 	$(MKDIR) "$(INSTALLTOP)\lib"
 	$(CP) "$(INCO_D)\*.[ch]" "$(INSTALLTOP)\include\openssl"
-	$(CP) "$(BIN_D)\$(E_EXE).exe $(INSTALLTOP)\bin"
+	$(CP) "$(BIN_D)\$(E_EXE).exe" "$(INSTALLTOP)\bin"
 	$(MKDIR) "$(OPENSSLDIR)"
 	$(CP) apps\openssl.cnf "$(OPENSSLDIR)"
 	$(CP) "$(O_SSL)" "$(INSTALLTOP)\lib"
@@ -1051,6 +1052,9 @@ $(OBJ_D)\dtlstest.obj: $(SRC_D)\ssl\dtlstest.c
 $(OBJ_D)\bad_dtls_test.obj: $(SRC_D)\ssl\bad_dtls_test.c
 	$(CC) /Fo$(OBJ_D)\bad_dtls_test.obj $(APP_CFLAGS) -c $(SRC_D)\ssl\bad_dtls_test.c
 
+$(OBJ_D)\fatalerrtest.obj: $(SRC_D)\ssl\fatalerrtest.c
+	$(CC) /Fo$(OBJ_D)\fatalerrtest.obj $(APP_CFLAGS) -c $(SRC_D)\ssl\fatalerrtest.c
+
 $(OBJ_D)\igetest.obj: $(SRC_D)\test\igetest.c
 	$(CC) /Fo$(OBJ_D)\igetest.obj $(APP_CFLAGS) -c $(SRC_D)\test\igetest.c
 
@@ -1210,6 +1214,156 @@ $(OBJ_D)\srp.obj: $(SRC_D)\apps\srp.c
 $(OBJ_D)\openssl.obj: $(SRC_D)\apps\openssl.c
 	$(CC) /Fo$(OBJ_D)\openssl.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\openssl.c
 
+$(OBJ_D)\s2_meth.obj: $(SRC_D)\ssl\s2_meth.c
+	$(CC) /Fo$(OBJ_D)\s2_meth.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_meth.c
+
+$(OBJ_D)\s2_srvr.obj: $(SRC_D)\ssl\s2_srvr.c
+	$(CC) /Fo$(OBJ_D)\s2_srvr.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_srvr.c
+
+$(OBJ_D)\s2_clnt.obj: $(SRC_D)\ssl\s2_clnt.c
+	$(CC) /Fo$(OBJ_D)\s2_clnt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_clnt.c
+
+$(OBJ_D)\s2_lib.obj: $(SRC_D)\ssl\s2_lib.c
+	$(CC) /Fo$(OBJ_D)\s2_lib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_lib.c
+
+$(OBJ_D)\s2_enc.obj: $(SRC_D)\ssl\s2_enc.c
+	$(CC) /Fo$(OBJ_D)\s2_enc.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_enc.c
+
+$(OBJ_D)\s2_pkt.obj: $(SRC_D)\ssl\s2_pkt.c
+	$(CC) /Fo$(OBJ_D)\s2_pkt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_pkt.c
+
+$(OBJ_D)\s3_meth.obj: $(SRC_D)\ssl\s3_meth.c
+	$(CC) /Fo$(OBJ_D)\s3_meth.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_meth.c
+
+$(OBJ_D)\s3_srvr.obj: $(SRC_D)\ssl\s3_srvr.c
+	$(CC) /Fo$(OBJ_D)\s3_srvr.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_srvr.c
+
+$(OBJ_D)\s3_clnt.obj: $(SRC_D)\ssl\s3_clnt.c
+	$(CC) /Fo$(OBJ_D)\s3_clnt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_clnt.c
+
+$(OBJ_D)\s3_lib.obj: $(SRC_D)\ssl\s3_lib.c
+	$(CC) /Fo$(OBJ_D)\s3_lib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_lib.c
+
+$(OBJ_D)\s3_enc.obj: $(SRC_D)\ssl\s3_enc.c
+	$(CC) /Fo$(OBJ_D)\s3_enc.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_enc.c
+
+$(OBJ_D)\s3_pkt.obj: $(SRC_D)\ssl\s3_pkt.c
+	$(CC) /Fo$(OBJ_D)\s3_pkt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_pkt.c
+
+$(OBJ_D)\s3_both.obj: $(SRC_D)\ssl\s3_both.c
+	$(CC) /Fo$(OBJ_D)\s3_both.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_both.c
+
+$(OBJ_D)\s3_cbc.obj: $(SRC_D)\ssl\s3_cbc.c
+	$(CC) /Fo$(OBJ_D)\s3_cbc.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_cbc.c
+
+$(OBJ_D)\s23_meth.obj: $(SRC_D)\ssl\s23_meth.c
+	$(CC) /Fo$(OBJ_D)\s23_meth.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_meth.c
+
+$(OBJ_D)\s23_srvr.obj: $(SRC_D)\ssl\s23_srvr.c
+	$(CC) /Fo$(OBJ_D)\s23_srvr.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_srvr.c
+
+$(OBJ_D)\s23_clnt.obj: $(SRC_D)\ssl\s23_clnt.c
+	$(CC) /Fo$(OBJ_D)\s23_clnt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_clnt.c
+
+$(OBJ_D)\s23_lib.obj: $(SRC_D)\ssl\s23_lib.c
+	$(CC) /Fo$(OBJ_D)\s23_lib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_lib.c
+
+$(OBJ_D)\s23_pkt.obj: $(SRC_D)\ssl\s23_pkt.c
+	$(CC) /Fo$(OBJ_D)\s23_pkt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_pkt.c
+
+$(OBJ_D)\t1_meth.obj: $(SRC_D)\ssl\t1_meth.c
+	$(CC) /Fo$(OBJ_D)\t1_meth.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_meth.c
+
+$(OBJ_D)\t1_srvr.obj: $(SRC_D)\ssl\t1_srvr.c
+	$(CC) /Fo$(OBJ_D)\t1_srvr.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_srvr.c
+
+$(OBJ_D)\t1_clnt.obj: $(SRC_D)\ssl\t1_clnt.c
+	$(CC) /Fo$(OBJ_D)\t1_clnt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_clnt.c
+
+$(OBJ_D)\t1_lib.obj: $(SRC_D)\ssl\t1_lib.c
+	$(CC) /Fo$(OBJ_D)\t1_lib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_lib.c
+
+$(OBJ_D)\t1_enc.obj: $(SRC_D)\ssl\t1_enc.c
+	$(CC) /Fo$(OBJ_D)\t1_enc.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_enc.c
+
+$(OBJ_D)\t1_ext.obj: $(SRC_D)\ssl\t1_ext.c
+	$(CC) /Fo$(OBJ_D)\t1_ext.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_ext.c
+
+$(OBJ_D)\d1_meth.obj: $(SRC_D)\ssl\d1_meth.c
+	$(CC) /Fo$(OBJ_D)\d1_meth.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_meth.c
+
+$(OBJ_D)\d1_srvr.obj: $(SRC_D)\ssl\d1_srvr.c
+	$(CC) /Fo$(OBJ_D)\d1_srvr.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_srvr.c
+
+$(OBJ_D)\d1_clnt.obj: $(SRC_D)\ssl\d1_clnt.c
+	$(CC) /Fo$(OBJ_D)\d1_clnt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_clnt.c
+
+$(OBJ_D)\d1_lib.obj: $(SRC_D)\ssl\d1_lib.c
+	$(CC) /Fo$(OBJ_D)\d1_lib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_lib.c
+
+$(OBJ_D)\d1_pkt.obj: $(SRC_D)\ssl\d1_pkt.c
+	$(CC) /Fo$(OBJ_D)\d1_pkt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_pkt.c
+
+$(OBJ_D)\d1_both.obj: $(SRC_D)\ssl\d1_both.c
+	$(CC) /Fo$(OBJ_D)\d1_both.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_both.c
+
+$(OBJ_D)\d1_srtp.obj: $(SRC_D)\ssl\d1_srtp.c
+	$(CC) /Fo$(OBJ_D)\d1_srtp.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_srtp.c
+
+$(OBJ_D)\ssl_lib.obj: $(SRC_D)\ssl\ssl_lib.c
+	$(CC) /Fo$(OBJ_D)\ssl_lib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_lib.c
+
+$(OBJ_D)\ssl_err2.obj: $(SRC_D)\ssl\ssl_err2.c
+	$(CC) /Fo$(OBJ_D)\ssl_err2.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_err2.c
+
+$(OBJ_D)\ssl_cert.obj: $(SRC_D)\ssl\ssl_cert.c
+	$(CC) /Fo$(OBJ_D)\ssl_cert.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_cert.c
+
+$(OBJ_D)\ssl_sess.obj: $(SRC_D)\ssl\ssl_sess.c
+	$(CC) /Fo$(OBJ_D)\ssl_sess.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_sess.c
+
+$(OBJ_D)\ssl_ciph.obj: $(SRC_D)\ssl\ssl_ciph.c
+	$(CC) /Fo$(OBJ_D)\ssl_ciph.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_ciph.c
+
+$(OBJ_D)\ssl_stat.obj: $(SRC_D)\ssl\ssl_stat.c
+	$(CC) /Fo$(OBJ_D)\ssl_stat.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_stat.c
+
+$(OBJ_D)\ssl_rsa.obj: $(SRC_D)\ssl\ssl_rsa.c
+	$(CC) /Fo$(OBJ_D)\ssl_rsa.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_rsa.c
+
+$(OBJ_D)\ssl_asn1.obj: $(SRC_D)\ssl\ssl_asn1.c
+	$(CC) /Fo$(OBJ_D)\ssl_asn1.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_asn1.c
+
+$(OBJ_D)\ssl_txt.obj: $(SRC_D)\ssl\ssl_txt.c
+	$(CC) /Fo$(OBJ_D)\ssl_txt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_txt.c
+
+$(OBJ_D)\ssl_algs.obj: $(SRC_D)\ssl\ssl_algs.c
+	$(CC) /Fo$(OBJ_D)\ssl_algs.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_algs.c
+
+$(OBJ_D)\ssl_conf.obj: $(SRC_D)\ssl\ssl_conf.c
+	$(CC) /Fo$(OBJ_D)\ssl_conf.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_conf.c
+
+$(OBJ_D)\bio_ssl.obj: $(SRC_D)\ssl\bio_ssl.c
+	$(CC) /Fo$(OBJ_D)\bio_ssl.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\bio_ssl.c
+
+$(OBJ_D)\ssl_err.obj: $(SRC_D)\ssl\ssl_err.c
+	$(CC) /Fo$(OBJ_D)\ssl_err.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_err.c
+
+$(OBJ_D)\kssl.obj: $(SRC_D)\ssl\kssl.c
+	$(CC) /Fo$(OBJ_D)\kssl.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\kssl.c
+
+$(OBJ_D)\t1_reneg.obj: $(SRC_D)\ssl\t1_reneg.c
+	$(CC) /Fo$(OBJ_D)\t1_reneg.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_reneg.c
+
+$(OBJ_D)\tls_srp.obj: $(SRC_D)\ssl\tls_srp.c
+	$(CC) /Fo$(OBJ_D)\tls_srp.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\tls_srp.c
+
+$(OBJ_D)\t1_trce.obj: $(SRC_D)\ssl\t1_trce.c
+	$(CC) /Fo$(OBJ_D)\t1_trce.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_trce.c
+
+$(OBJ_D)\ssl_utst.obj: $(SRC_D)\ssl\ssl_utst.c
+	$(CC) /Fo$(OBJ_D)\ssl_utst.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_utst.c
+
 $(OBJ_D)\cryptlib.obj: $(SRC_D)\crypto\cryptlib.c
 	$(CC) /Fo$(OBJ_D)\cryptlib.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\cryptlib.c
 
@@ -3115,156 +3269,6 @@ $(OBJ_D)\gost_pmeth.obj: $(SRC_D)\engines\ccgost\gost_pmeth.c
 $(OBJ_D)\gost_sign.obj: $(SRC_D)\engines\ccgost\gost_sign.c
 	$(CC) /Fo$(OBJ_D)\gost_sign.obj  $(LIB_CFLAGS) -c $(SRC_D)\engines\ccgost\gost_sign.c
 
-$(OBJ_D)\s2_meth.obj: $(SRC_D)\ssl\s2_meth.c
-	$(CC) /Fo$(OBJ_D)\s2_meth.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_meth.c
-
-$(OBJ_D)\s2_srvr.obj: $(SRC_D)\ssl\s2_srvr.c
-	$(CC) /Fo$(OBJ_D)\s2_srvr.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_srvr.c
-
-$(OBJ_D)\s2_clnt.obj: $(SRC_D)\ssl\s2_clnt.c
-	$(CC) /Fo$(OBJ_D)\s2_clnt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_clnt.c
-
-$(OBJ_D)\s2_lib.obj: $(SRC_D)\ssl\s2_lib.c
-	$(CC) /Fo$(OBJ_D)\s2_lib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_lib.c
-
-$(OBJ_D)\s2_enc.obj: $(SRC_D)\ssl\s2_enc.c
-	$(CC) /Fo$(OBJ_D)\s2_enc.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_enc.c
-
-$(OBJ_D)\s2_pkt.obj: $(SRC_D)\ssl\s2_pkt.c
-	$(CC) /Fo$(OBJ_D)\s2_pkt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_pkt.c
-
-$(OBJ_D)\s3_meth.obj: $(SRC_D)\ssl\s3_meth.c
-	$(CC) /Fo$(OBJ_D)\s3_meth.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_meth.c
-
-$(OBJ_D)\s3_srvr.obj: $(SRC_D)\ssl\s3_srvr.c
-	$(CC) /Fo$(OBJ_D)\s3_srvr.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_srvr.c
-
-$(OBJ_D)\s3_clnt.obj: $(SRC_D)\ssl\s3_clnt.c
-	$(CC) /Fo$(OBJ_D)\s3_clnt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_clnt.c
-
-$(OBJ_D)\s3_lib.obj: $(SRC_D)\ssl\s3_lib.c
-	$(CC) /Fo$(OBJ_D)\s3_lib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_lib.c
-
-$(OBJ_D)\s3_enc.obj: $(SRC_D)\ssl\s3_enc.c
-	$(CC) /Fo$(OBJ_D)\s3_enc.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_enc.c
-
-$(OBJ_D)\s3_pkt.obj: $(SRC_D)\ssl\s3_pkt.c
-	$(CC) /Fo$(OBJ_D)\s3_pkt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_pkt.c
-
-$(OBJ_D)\s3_both.obj: $(SRC_D)\ssl\s3_both.c
-	$(CC) /Fo$(OBJ_D)\s3_both.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_both.c
-
-$(OBJ_D)\s3_cbc.obj: $(SRC_D)\ssl\s3_cbc.c
-	$(CC) /Fo$(OBJ_D)\s3_cbc.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_cbc.c
-
-$(OBJ_D)\s23_meth.obj: $(SRC_D)\ssl\s23_meth.c
-	$(CC) /Fo$(OBJ_D)\s23_meth.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_meth.c
-
-$(OBJ_D)\s23_srvr.obj: $(SRC_D)\ssl\s23_srvr.c
-	$(CC) /Fo$(OBJ_D)\s23_srvr.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_srvr.c
-
-$(OBJ_D)\s23_clnt.obj: $(SRC_D)\ssl\s23_clnt.c
-	$(CC) /Fo$(OBJ_D)\s23_clnt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_clnt.c
-
-$(OBJ_D)\s23_lib.obj: $(SRC_D)\ssl\s23_lib.c
-	$(CC) /Fo$(OBJ_D)\s23_lib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_lib.c
-
-$(OBJ_D)\s23_pkt.obj: $(SRC_D)\ssl\s23_pkt.c
-	$(CC) /Fo$(OBJ_D)\s23_pkt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_pkt.c
-
-$(OBJ_D)\t1_meth.obj: $(SRC_D)\ssl\t1_meth.c
-	$(CC) /Fo$(OBJ_D)\t1_meth.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_meth.c
-
-$(OBJ_D)\t1_srvr.obj: $(SRC_D)\ssl\t1_srvr.c
-	$(CC) /Fo$(OBJ_D)\t1_srvr.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_srvr.c
-
-$(OBJ_D)\t1_clnt.obj: $(SRC_D)\ssl\t1_clnt.c
-	$(CC) /Fo$(OBJ_D)\t1_clnt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_clnt.c
-
-$(OBJ_D)\t1_lib.obj: $(SRC_D)\ssl\t1_lib.c
-	$(CC) /Fo$(OBJ_D)\t1_lib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_lib.c
-
-$(OBJ_D)\t1_enc.obj: $(SRC_D)\ssl\t1_enc.c
-	$(CC) /Fo$(OBJ_D)\t1_enc.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_enc.c
-
-$(OBJ_D)\t1_ext.obj: $(SRC_D)\ssl\t1_ext.c
-	$(CC) /Fo$(OBJ_D)\t1_ext.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_ext.c
-
-$(OBJ_D)\d1_meth.obj: $(SRC_D)\ssl\d1_meth.c
-	$(CC) /Fo$(OBJ_D)\d1_meth.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_meth.c
-
-$(OBJ_D)\d1_srvr.obj: $(SRC_D)\ssl\d1_srvr.c
-	$(CC) /Fo$(OBJ_D)\d1_srvr.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_srvr.c
-
-$(OBJ_D)\d1_clnt.obj: $(SRC_D)\ssl\d1_clnt.c
-	$(CC) /Fo$(OBJ_D)\d1_clnt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_clnt.c
-
-$(OBJ_D)\d1_lib.obj: $(SRC_D)\ssl\d1_lib.c
-	$(CC) /Fo$(OBJ_D)\d1_lib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_lib.c
-
-$(OBJ_D)\d1_pkt.obj: $(SRC_D)\ssl\d1_pkt.c
-	$(CC) /Fo$(OBJ_D)\d1_pkt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_pkt.c
-
-$(OBJ_D)\d1_both.obj: $(SRC_D)\ssl\d1_both.c
-	$(CC) /Fo$(OBJ_D)\d1_both.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_both.c
-
-$(OBJ_D)\d1_srtp.obj: $(SRC_D)\ssl\d1_srtp.c
-	$(CC) /Fo$(OBJ_D)\d1_srtp.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_srtp.c
-
-$(OBJ_D)\ssl_lib.obj: $(SRC_D)\ssl\ssl_lib.c
-	$(CC) /Fo$(OBJ_D)\ssl_lib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_lib.c
-
-$(OBJ_D)\ssl_err2.obj: $(SRC_D)\ssl\ssl_err2.c
-	$(CC) /Fo$(OBJ_D)\ssl_err2.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_err2.c
-
-$(OBJ_D)\ssl_cert.obj: $(SRC_D)\ssl\ssl_cert.c
-	$(CC) /Fo$(OBJ_D)\ssl_cert.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_cert.c
-
-$(OBJ_D)\ssl_sess.obj: $(SRC_D)\ssl\ssl_sess.c
-	$(CC) /Fo$(OBJ_D)\ssl_sess.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_sess.c
-
-$(OBJ_D)\ssl_ciph.obj: $(SRC_D)\ssl\ssl_ciph.c
-	$(CC) /Fo$(OBJ_D)\ssl_ciph.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_ciph.c
-
-$(OBJ_D)\ssl_stat.obj: $(SRC_D)\ssl\ssl_stat.c
-	$(CC) /Fo$(OBJ_D)\ssl_stat.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_stat.c
-
-$(OBJ_D)\ssl_rsa.obj: $(SRC_D)\ssl\ssl_rsa.c
-	$(CC) /Fo$(OBJ_D)\ssl_rsa.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_rsa.c
-
-$(OBJ_D)\ssl_asn1.obj: $(SRC_D)\ssl\ssl_asn1.c
-	$(CC) /Fo$(OBJ_D)\ssl_asn1.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_asn1.c
-
-$(OBJ_D)\ssl_txt.obj: $(SRC_D)\ssl\ssl_txt.c
-	$(CC) /Fo$(OBJ_D)\ssl_txt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_txt.c
-
-$(OBJ_D)\ssl_algs.obj: $(SRC_D)\ssl\ssl_algs.c
-	$(CC) /Fo$(OBJ_D)\ssl_algs.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_algs.c
-
-$(OBJ_D)\ssl_conf.obj: $(SRC_D)\ssl\ssl_conf.c
-	$(CC) /Fo$(OBJ_D)\ssl_conf.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_conf.c
-
-$(OBJ_D)\bio_ssl.obj: $(SRC_D)\ssl\bio_ssl.c
-	$(CC) /Fo$(OBJ_D)\bio_ssl.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\bio_ssl.c
-
-$(OBJ_D)\ssl_err.obj: $(SRC_D)\ssl\ssl_err.c
-	$(CC) /Fo$(OBJ_D)\ssl_err.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_err.c
-
-$(OBJ_D)\kssl.obj: $(SRC_D)\ssl\kssl.c
-	$(CC) /Fo$(OBJ_D)\kssl.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\kssl.c
-
-$(OBJ_D)\t1_reneg.obj: $(SRC_D)\ssl\t1_reneg.c
-	$(CC) /Fo$(OBJ_D)\t1_reneg.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_reneg.c
-
-$(OBJ_D)\tls_srp.obj: $(SRC_D)\ssl\tls_srp.c
-	$(CC) /Fo$(OBJ_D)\tls_srp.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\tls_srp.c
-
-$(OBJ_D)\t1_trce.obj: $(SRC_D)\ssl\t1_trce.c
-	$(CC) /Fo$(OBJ_D)\t1_trce.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_trce.c
-
-$(OBJ_D)\ssl_utst.obj: $(SRC_D)\ssl\ssl_utst.c
-	$(CC) /Fo$(OBJ_D)\ssl_utst.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_utst.c
-
 $(OBJ_D)\$(CRYPTO).res: ms\version32.rc
 	$(RSC) /fo"$(OBJ_D)\$(CRYPTO).res" /d CRYPTO ms\version32.rc
 
@@ -3487,6 +3491,12 @@ $(TEST_D)\bad_dtls_test.exe: $(OBJ_D)\bad_dtls_test.obj $(LIBS_DEP)
 <<
 	IF EXIST $@.manifest mt -nologo -manifest $@.manifest -outputresource:$@;1
 
+$(TEST_D)\fatalerrtest.exe: $(OBJ_D)\fatalerrtest.obj $(OBJ_D)\ssltestlib.obj $(LIBS_DEP)
+	$(LINK_CMD) $(LFLAGS) /out:$(TEST_D)\fatalerrtest.exe @<<
+	$(APP_EX_OBJ) $(OBJ_D)\fatalerrtest.obj $(OBJ_D)\ssltestlib.obj $(L_LIBS) $(EX_LIBS)
+<<
+	IF EXIST $@.manifest mt -nologo -manifest $@.manifest -outputresource:$@;1
+
 $(TEST_D)\igetest.exe: $(OBJ_D)\igetest.obj $(LIBS_DEP)
 	$(LINK_CMD) $(LFLAGS) /out:$(TEST_D)\igetest.exe @<<
 	$(APP_EX_OBJ) $(OBJ_D)\igetest.obj $(L_LIBS) $(EX_LIBS)
diff --git a/ms/nt64.asm.mak b/ms/nt64.asm.mak
index 771fcb38..8dc6bf02 100644
--- a/ms/nt64.asm.mak
+++ b/ms/nt64.asm.mak
@@ -174,8 +174,8 @@ T_OBJ=$(OBJ_D)\constant_time_test.obj \
 	$(OBJ_D)\verify_extra_test.obj $(OBJ_D)\v3nametest.obj $(OBJ_D)\enginetest.obj \
 	$(OBJ_D)\wp_test.obj $(OBJ_D)\srptest.obj $(OBJ_D)\ssltest.obj \
 	$(OBJ_D)\heartbeat_test.obj $(OBJ_D)\clienthellotest.obj $(OBJ_D)\sslv2conftest.obj \
-	$(OBJ_D)\dtlstest.obj $(OBJ_D)\bad_dtls_test.obj $(OBJ_D)\igetest.obj \
-	$(OBJ_D)\.obj $(OBJ_D)\ssltestlib.obj 
+	$(OBJ_D)\dtlstest.obj $(OBJ_D)\bad_dtls_test.obj $(OBJ_D)\fatalerrtest.obj \
+	$(OBJ_D)\igetest.obj $(OBJ_D)\.obj $(OBJ_D)\ssltestlib.obj 
 
 E_OBJ=$(OBJ_D)\verify.obj \
 	$(OBJ_D)\asn1pars.obj $(OBJ_D)\req.obj $(OBJ_D)\dgst.obj \
@@ -196,6 +196,25 @@ E_OBJ=$(OBJ_D)\verify.obj \
 	$(OBJ_D)\ocsp.obj $(OBJ_D)\prime.obj $(OBJ_D)\ts.obj \
 	$(OBJ_D)\srp.obj $(OBJ_D)\openssl.obj 
 
+SSLOBJ=$(OBJ_D)\s2_meth.obj \
+	$(OBJ_D)\s2_srvr.obj $(OBJ_D)\s2_clnt.obj $(OBJ_D)\s2_lib.obj \
+	$(OBJ_D)\s2_enc.obj $(OBJ_D)\s2_pkt.obj $(OBJ_D)\s3_meth.obj \
+	$(OBJ_D)\s3_srvr.obj $(OBJ_D)\s3_clnt.obj $(OBJ_D)\s3_lib.obj \
+	$(OBJ_D)\s3_enc.obj $(OBJ_D)\s3_pkt.obj $(OBJ_D)\s3_both.obj \
+	$(OBJ_D)\s3_cbc.obj $(OBJ_D)\s23_meth.obj $(OBJ_D)\s23_srvr.obj \
+	$(OBJ_D)\s23_clnt.obj $(OBJ_D)\s23_lib.obj $(OBJ_D)\s23_pkt.obj \
+	$(OBJ_D)\t1_meth.obj $(OBJ_D)\t1_srvr.obj $(OBJ_D)\t1_clnt.obj \
+	$(OBJ_D)\t1_lib.obj $(OBJ_D)\t1_enc.obj $(OBJ_D)\t1_ext.obj \
+	$(OBJ_D)\d1_meth.obj $(OBJ_D)\d1_srvr.obj $(OBJ_D)\d1_clnt.obj \
+	$(OBJ_D)\d1_lib.obj $(OBJ_D)\d1_pkt.obj $(OBJ_D)\d1_both.obj \
+	$(OBJ_D)\d1_srtp.obj $(OBJ_D)\ssl_lib.obj $(OBJ_D)\ssl_err2.obj \
+	$(OBJ_D)\ssl_cert.obj $(OBJ_D)\ssl_sess.obj $(OBJ_D)\ssl_ciph.obj \
+	$(OBJ_D)\ssl_stat.obj $(OBJ_D)\ssl_rsa.obj $(OBJ_D)\ssl_asn1.obj \
+	$(OBJ_D)\ssl_txt.obj $(OBJ_D)\ssl_algs.obj $(OBJ_D)\ssl_conf.obj \
+	$(OBJ_D)\bio_ssl.obj $(OBJ_D)\ssl_err.obj $(OBJ_D)\kssl.obj \
+	$(OBJ_D)\t1_reneg.obj $(OBJ_D)\tls_srp.obj $(OBJ_D)\t1_trce.obj \
+	$(OBJ_D)\ssl_utst.obj 
+
 CRYPTOOBJ=$(OBJ_D)\cryptlib.obj \
 	$(OBJ_D)\mem.obj $(OBJ_D)\mem_dbg.obj $(OBJ_D)\cversion.obj \
 	$(OBJ_D)\ex_data.obj $(OBJ_D)\cpt_err.obj $(OBJ_D)\ebcdic.obj \
@@ -407,25 +426,6 @@ CRYPTOOBJ=$(OBJ_D)\cryptlib.obj \
 	$(OBJ_D)\gost_md.obj $(OBJ_D)\gost_params.obj $(OBJ_D)\gost_pmeth.obj \
 	$(OBJ_D)\gost_sign.obj 
 
-SSLOBJ=$(OBJ_D)\s2_meth.obj \
-	$(OBJ_D)\s2_srvr.obj $(OBJ_D)\s2_clnt.obj $(OBJ_D)\s2_lib.obj \
-	$(OBJ_D)\s2_enc.obj $(OBJ_D)\s2_pkt.obj $(OBJ_D)\s3_meth.obj \
-	$(OBJ_D)\s3_srvr.obj $(OBJ_D)\s3_clnt.obj $(OBJ_D)\s3_lib.obj \
-	$(OBJ_D)\s3_enc.obj $(OBJ_D)\s3_pkt.obj $(OBJ_D)\s3_both.obj \
-	$(OBJ_D)\s3_cbc.obj $(OBJ_D)\s23_meth.obj $(OBJ_D)\s23_srvr.obj \
-	$(OBJ_D)\s23_clnt.obj $(OBJ_D)\s23_lib.obj $(OBJ_D)\s23_pkt.obj \
-	$(OBJ_D)\t1_meth.obj $(OBJ_D)\t1_srvr.obj $(OBJ_D)\t1_clnt.obj \
-	$(OBJ_D)\t1_lib.obj $(OBJ_D)\t1_enc.obj $(OBJ_D)\t1_ext.obj \
-	$(OBJ_D)\d1_meth.obj $(OBJ_D)\d1_srvr.obj $(OBJ_D)\d1_clnt.obj \
-	$(OBJ_D)\d1_lib.obj $(OBJ_D)\d1_pkt.obj $(OBJ_D)\d1_both.obj \
-	$(OBJ_D)\d1_srtp.obj $(OBJ_D)\ssl_lib.obj $(OBJ_D)\ssl_err2.obj \
-	$(OBJ_D)\ssl_cert.obj $(OBJ_D)\ssl_sess.obj $(OBJ_D)\ssl_ciph.obj \
-	$(OBJ_D)\ssl_stat.obj $(OBJ_D)\ssl_rsa.obj $(OBJ_D)\ssl_asn1.obj \
-	$(OBJ_D)\ssl_txt.obj $(OBJ_D)\ssl_algs.obj $(OBJ_D)\ssl_conf.obj \
-	$(OBJ_D)\bio_ssl.obj $(OBJ_D)\ssl_err.obj $(OBJ_D)\kssl.obj \
-	$(OBJ_D)\t1_reneg.obj $(OBJ_D)\tls_srp.obj $(OBJ_D)\t1_trce.obj \
-	$(OBJ_D)\ssl_utst.obj 
-
 T_EXE=$(TEST_D)\constant_time_test.exe \
 	$(TEST_D)\md4test.exe $(TEST_D)\md5test.exe $(TEST_D)\shatest.exe \
 	$(TEST_D)\sha1test.exe $(TEST_D)\sha256t.exe $(TEST_D)\sha512t.exe \
@@ -438,7 +438,8 @@ T_EXE=$(TEST_D)\constant_time_test.exe \
 	$(TEST_D)\verify_extra_test.exe $(TEST_D)\v3nametest.exe $(TEST_D)\enginetest.exe \
 	$(TEST_D)\wp_test.exe $(TEST_D)\srptest.exe $(TEST_D)\ssltest.exe \
 	$(TEST_D)\heartbeat_test.exe $(TEST_D)\clienthellotest.exe $(TEST_D)\sslv2conftest.exe \
-	$(TEST_D)\dtlstest.exe $(TEST_D)\bad_dtls_test.exe $(TEST_D)\igetest.exe 
+	$(TEST_D)\dtlstest.exe $(TEST_D)\bad_dtls_test.exe $(TEST_D)\fatalerrtest.exe \
+	$(TEST_D)\igetest.exe 
 
 E_SHLIB=
 
diff --git a/ms/nt64.mak b/ms/nt64.mak
index 7c1590b6..123e2581 100644
--- a/ms/nt64.mak
+++ b/ms/nt64.mak
@@ -174,8 +174,8 @@ T_OBJ=$(OBJ_D)\constant_time_test.obj \
 	$(OBJ_D)\verify_extra_test.obj $(OBJ_D)\v3nametest.obj $(OBJ_D)\enginetest.obj \
 	$(OBJ_D)\wp_test.obj $(OBJ_D)\srptest.obj $(OBJ_D)\ssltest.obj \
 	$(OBJ_D)\heartbeat_test.obj $(OBJ_D)\clienthellotest.obj $(OBJ_D)\sslv2conftest.obj \
-	$(OBJ_D)\dtlstest.obj $(OBJ_D)\bad_dtls_test.obj $(OBJ_D)\igetest.obj \
-	$(OBJ_D)\.obj $(OBJ_D)\ssltestlib.obj 
+	$(OBJ_D)\dtlstest.obj $(OBJ_D)\bad_dtls_test.obj $(OBJ_D)\fatalerrtest.obj \
+	$(OBJ_D)\igetest.obj $(OBJ_D)\.obj $(OBJ_D)\ssltestlib.obj 
 
 E_OBJ=$(OBJ_D)\verify.obj \
 	$(OBJ_D)\asn1pars.obj $(OBJ_D)\req.obj $(OBJ_D)\dgst.obj \
@@ -196,6 +196,25 @@ E_OBJ=$(OBJ_D)\verify.obj \
 	$(OBJ_D)\ocsp.obj $(OBJ_D)\prime.obj $(OBJ_D)\ts.obj \
 	$(OBJ_D)\srp.obj $(OBJ_D)\openssl.obj 
 
+SSLOBJ=$(OBJ_D)\s2_meth.obj \
+	$(OBJ_D)\s2_srvr.obj $(OBJ_D)\s2_clnt.obj $(OBJ_D)\s2_lib.obj \
+	$(OBJ_D)\s2_enc.obj $(OBJ_D)\s2_pkt.obj $(OBJ_D)\s3_meth.obj \
+	$(OBJ_D)\s3_srvr.obj $(OBJ_D)\s3_clnt.obj $(OBJ_D)\s3_lib.obj \
+	$(OBJ_D)\s3_enc.obj $(OBJ_D)\s3_pkt.obj $(OBJ_D)\s3_both.obj \
+	$(OBJ_D)\s3_cbc.obj $(OBJ_D)\s23_meth.obj $(OBJ_D)\s23_srvr.obj \
+	$(OBJ_D)\s23_clnt.obj $(OBJ_D)\s23_lib.obj $(OBJ_D)\s23_pkt.obj \
+	$(OBJ_D)\t1_meth.obj $(OBJ_D)\t1_srvr.obj $(OBJ_D)\t1_clnt.obj \
+	$(OBJ_D)\t1_lib.obj $(OBJ_D)\t1_enc.obj $(OBJ_D)\t1_ext.obj \
+	$(OBJ_D)\d1_meth.obj $(OBJ_D)\d1_srvr.obj $(OBJ_D)\d1_clnt.obj \
+	$(OBJ_D)\d1_lib.obj $(OBJ_D)\d1_pkt.obj $(OBJ_D)\d1_both.obj \
+	$(OBJ_D)\d1_srtp.obj $(OBJ_D)\ssl_lib.obj $(OBJ_D)\ssl_err2.obj \
+	$(OBJ_D)\ssl_cert.obj $(OBJ_D)\ssl_sess.obj $(OBJ_D)\ssl_ciph.obj \
+	$(OBJ_D)\ssl_stat.obj $(OBJ_D)\ssl_rsa.obj $(OBJ_D)\ssl_asn1.obj \
+	$(OBJ_D)\ssl_txt.obj $(OBJ_D)\ssl_algs.obj $(OBJ_D)\ssl_conf.obj \
+	$(OBJ_D)\bio_ssl.obj $(OBJ_D)\ssl_err.obj $(OBJ_D)\kssl.obj \
+	$(OBJ_D)\t1_reneg.obj $(OBJ_D)\tls_srp.obj $(OBJ_D)\t1_trce.obj \
+	$(OBJ_D)\ssl_utst.obj 
+
 CRYPTOOBJ=$(OBJ_D)\cryptlib.obj \
 	$(OBJ_D)\mem.obj $(OBJ_D)\mem_dbg.obj $(OBJ_D)\cversion.obj \
 	$(OBJ_D)\ex_data.obj $(OBJ_D)\cpt_err.obj $(OBJ_D)\ebcdic.obj \
@@ -407,25 +426,6 @@ CRYPTOOBJ=$(OBJ_D)\cryptlib.obj \
 	$(OBJ_D)\gost_md.obj $(OBJ_D)\gost_params.obj $(OBJ_D)\gost_pmeth.obj \
 	$(OBJ_D)\gost_sign.obj 
 
-SSLOBJ=$(OBJ_D)\s2_meth.obj \
-	$(OBJ_D)\s2_srvr.obj $(OBJ_D)\s2_clnt.obj $(OBJ_D)\s2_lib.obj \
-	$(OBJ_D)\s2_enc.obj $(OBJ_D)\s2_pkt.obj $(OBJ_D)\s3_meth.obj \
-	$(OBJ_D)\s3_srvr.obj $(OBJ_D)\s3_clnt.obj $(OBJ_D)\s3_lib.obj \
-	$(OBJ_D)\s3_enc.obj $(OBJ_D)\s3_pkt.obj $(OBJ_D)\s3_both.obj \
-	$(OBJ_D)\s3_cbc.obj $(OBJ_D)\s23_meth.obj $(OBJ_D)\s23_srvr.obj \
-	$(OBJ_D)\s23_clnt.obj $(OBJ_D)\s23_lib.obj $(OBJ_D)\s23_pkt.obj \
-	$(OBJ_D)\t1_meth.obj $(OBJ_D)\t1_srvr.obj $(OBJ_D)\t1_clnt.obj \
-	$(OBJ_D)\t1_lib.obj $(OBJ_D)\t1_enc.obj $(OBJ_D)\t1_ext.obj \
-	$(OBJ_D)\d1_meth.obj $(OBJ_D)\d1_srvr.obj $(OBJ_D)\d1_clnt.obj \
-	$(OBJ_D)\d1_lib.obj $(OBJ_D)\d1_pkt.obj $(OBJ_D)\d1_both.obj \
-	$(OBJ_D)\d1_srtp.obj $(OBJ_D)\ssl_lib.obj $(OBJ_D)\ssl_err2.obj \
-	$(OBJ_D)\ssl_cert.obj $(OBJ_D)\ssl_sess.obj $(OBJ_D)\ssl_ciph.obj \
-	$(OBJ_D)\ssl_stat.obj $(OBJ_D)\ssl_rsa.obj $(OBJ_D)\ssl_asn1.obj \
-	$(OBJ_D)\ssl_txt.obj $(OBJ_D)\ssl_algs.obj $(OBJ_D)\ssl_conf.obj \
-	$(OBJ_D)\bio_ssl.obj $(OBJ_D)\ssl_err.obj $(OBJ_D)\kssl.obj \
-	$(OBJ_D)\t1_reneg.obj $(OBJ_D)\tls_srp.obj $(OBJ_D)\t1_trce.obj \
-	$(OBJ_D)\ssl_utst.obj 
-
 T_EXE=$(TEST_D)\constant_time_test.exe \
 	$(TEST_D)\md4test.exe $(TEST_D)\md5test.exe $(TEST_D)\shatest.exe \
 	$(TEST_D)\sha1test.exe $(TEST_D)\sha256t.exe $(TEST_D)\sha512t.exe \
@@ -438,7 +438,8 @@ T_EXE=$(TEST_D)\constant_time_test.exe \
 	$(TEST_D)\verify_extra_test.exe $(TEST_D)\v3nametest.exe $(TEST_D)\enginetest.exe \
 	$(TEST_D)\wp_test.exe $(TEST_D)\srptest.exe $(TEST_D)\ssltest.exe \
 	$(TEST_D)\heartbeat_test.exe $(TEST_D)\clienthellotest.exe $(TEST_D)\sslv2conftest.exe \
-	$(TEST_D)\dtlstest.exe $(TEST_D)\bad_dtls_test.exe $(TEST_D)\igetest.exe 
+	$(TEST_D)\dtlstest.exe $(TEST_D)\bad_dtls_test.exe $(TEST_D)\fatalerrtest.exe \
+	$(TEST_D)\igetest.exe 
 
 E_SHLIB=
 
@@ -484,7 +485,7 @@ install: all
 	$(MKDIR) "$(INSTALLTOP)\include\openssl"
 	$(MKDIR) "$(INSTALLTOP)\lib"
 	$(CP) "$(INCO_D)\*.[ch]" "$(INSTALLTOP)\include\openssl"
-	$(CP) "$(BIN_D)\$(E_EXE).exe $(INSTALLTOP)\bin"
+	$(CP) "$(BIN_D)\$(E_EXE).exe" "$(INSTALLTOP)\bin"
 	$(MKDIR) "$(OPENSSLDIR)"
 	$(CP) apps\openssl.cnf "$(OPENSSLDIR)"
 	$(CP) "$(O_SSL)" "$(INSTALLTOP)\lib"
@@ -1055,6 +1056,9 @@ $(OBJ_D)\dtlstest.obj: $(SRC_D)\ssl\dtlstest.c
 $(OBJ_D)\bad_dtls_test.obj: $(SRC_D)\ssl\bad_dtls_test.c
 	$(CC) /Fo$(OBJ_D)\bad_dtls_test.obj $(APP_CFLAGS) -c $(SRC_D)\ssl\bad_dtls_test.c
 
+$(OBJ_D)\fatalerrtest.obj: $(SRC_D)\ssl\fatalerrtest.c
+	$(CC) /Fo$(OBJ_D)\fatalerrtest.obj $(APP_CFLAGS) -c $(SRC_D)\ssl\fatalerrtest.c
+
 $(OBJ_D)\igetest.obj: $(SRC_D)\test\igetest.c
 	$(CC) /Fo$(OBJ_D)\igetest.obj $(APP_CFLAGS) -c $(SRC_D)\test\igetest.c
 
@@ -1214,6 +1218,156 @@ $(OBJ_D)\srp.obj: $(SRC_D)\apps\srp.c
 $(OBJ_D)\openssl.obj: $(SRC_D)\apps\openssl.c
 	$(CC) /Fo$(OBJ_D)\openssl.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\openssl.c
 
+$(OBJ_D)\s2_meth.obj: $(SRC_D)\ssl\s2_meth.c
+	$(CC) /Fo$(OBJ_D)\s2_meth.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_meth.c
+
+$(OBJ_D)\s2_srvr.obj: $(SRC_D)\ssl\s2_srvr.c
+	$(CC) /Fo$(OBJ_D)\s2_srvr.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_srvr.c
+
+$(OBJ_D)\s2_clnt.obj: $(SRC_D)\ssl\s2_clnt.c
+	$(CC) /Fo$(OBJ_D)\s2_clnt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_clnt.c
+
+$(OBJ_D)\s2_lib.obj: $(SRC_D)\ssl\s2_lib.c
+	$(CC) /Fo$(OBJ_D)\s2_lib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_lib.c
+
+$(OBJ_D)\s2_enc.obj: $(SRC_D)\ssl\s2_enc.c
+	$(CC) /Fo$(OBJ_D)\s2_enc.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_enc.c
+
+$(OBJ_D)\s2_pkt.obj: $(SRC_D)\ssl\s2_pkt.c
+	$(CC) /Fo$(OBJ_D)\s2_pkt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_pkt.c
+
+$(OBJ_D)\s3_meth.obj: $(SRC_D)\ssl\s3_meth.c
+	$(CC) /Fo$(OBJ_D)\s3_meth.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_meth.c
+
+$(OBJ_D)\s3_srvr.obj: $(SRC_D)\ssl\s3_srvr.c
+	$(CC) /Fo$(OBJ_D)\s3_srvr.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_srvr.c
+
+$(OBJ_D)\s3_clnt.obj: $(SRC_D)\ssl\s3_clnt.c
+	$(CC) /Fo$(OBJ_D)\s3_clnt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_clnt.c
+
+$(OBJ_D)\s3_lib.obj: $(SRC_D)\ssl\s3_lib.c
+	$(CC) /Fo$(OBJ_D)\s3_lib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_lib.c
+
+$(OBJ_D)\s3_enc.obj: $(SRC_D)\ssl\s3_enc.c
+	$(CC) /Fo$(OBJ_D)\s3_enc.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_enc.c
+
+$(OBJ_D)\s3_pkt.obj: $(SRC_D)\ssl\s3_pkt.c
+	$(CC) /Fo$(OBJ_D)\s3_pkt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_pkt.c
+
+$(OBJ_D)\s3_both.obj: $(SRC_D)\ssl\s3_both.c
+	$(CC) /Fo$(OBJ_D)\s3_both.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_both.c
+
+$(OBJ_D)\s3_cbc.obj: $(SRC_D)\ssl\s3_cbc.c
+	$(CC) /Fo$(OBJ_D)\s3_cbc.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_cbc.c
+
+$(OBJ_D)\s23_meth.obj: $(SRC_D)\ssl\s23_meth.c
+	$(CC) /Fo$(OBJ_D)\s23_meth.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_meth.c
+
+$(OBJ_D)\s23_srvr.obj: $(SRC_D)\ssl\s23_srvr.c
+	$(CC) /Fo$(OBJ_D)\s23_srvr.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_srvr.c
+
+$(OBJ_D)\s23_clnt.obj: $(SRC_D)\ssl\s23_clnt.c
+	$(CC) /Fo$(OBJ_D)\s23_clnt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_clnt.c
+
+$(OBJ_D)\s23_lib.obj: $(SRC_D)\ssl\s23_lib.c
+	$(CC) /Fo$(OBJ_D)\s23_lib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_lib.c
+
+$(OBJ_D)\s23_pkt.obj: $(SRC_D)\ssl\s23_pkt.c
+	$(CC) /Fo$(OBJ_D)\s23_pkt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_pkt.c
+
+$(OBJ_D)\t1_meth.obj: $(SRC_D)\ssl\t1_meth.c
+	$(CC) /Fo$(OBJ_D)\t1_meth.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_meth.c
+
+$(OBJ_D)\t1_srvr.obj: $(SRC_D)\ssl\t1_srvr.c
+	$(CC) /Fo$(OBJ_D)\t1_srvr.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_srvr.c
+
+$(OBJ_D)\t1_clnt.obj: $(SRC_D)\ssl\t1_clnt.c
+	$(CC) /Fo$(OBJ_D)\t1_clnt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_clnt.c
+
+$(OBJ_D)\t1_lib.obj: $(SRC_D)\ssl\t1_lib.c
+	$(CC) /Fo$(OBJ_D)\t1_lib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_lib.c
+
+$(OBJ_D)\t1_enc.obj: $(SRC_D)\ssl\t1_enc.c
+	$(CC) /Fo$(OBJ_D)\t1_enc.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_enc.c
+
+$(OBJ_D)\t1_ext.obj: $(SRC_D)\ssl\t1_ext.c
+	$(CC) /Fo$(OBJ_D)\t1_ext.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_ext.c
+
+$(OBJ_D)\d1_meth.obj: $(SRC_D)\ssl\d1_meth.c
+	$(CC) /Fo$(OBJ_D)\d1_meth.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_meth.c
+
+$(OBJ_D)\d1_srvr.obj: $(SRC_D)\ssl\d1_srvr.c
+	$(CC) /Fo$(OBJ_D)\d1_srvr.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_srvr.c
+
+$(OBJ_D)\d1_clnt.obj: $(SRC_D)\ssl\d1_clnt.c
+	$(CC) /Fo$(OBJ_D)\d1_clnt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_clnt.c
+
+$(OBJ_D)\d1_lib.obj: $(SRC_D)\ssl\d1_lib.c
+	$(CC) /Fo$(OBJ_D)\d1_lib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_lib.c
+
+$(OBJ_D)\d1_pkt.obj: $(SRC_D)\ssl\d1_pkt.c
+	$(CC) /Fo$(OBJ_D)\d1_pkt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_pkt.c
+
+$(OBJ_D)\d1_both.obj: $(SRC_D)\ssl\d1_both.c
+	$(CC) /Fo$(OBJ_D)\d1_both.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_both.c
+
+$(OBJ_D)\d1_srtp.obj: $(SRC_D)\ssl\d1_srtp.c
+	$(CC) /Fo$(OBJ_D)\d1_srtp.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_srtp.c
+
+$(OBJ_D)\ssl_lib.obj: $(SRC_D)\ssl\ssl_lib.c
+	$(CC) /Fo$(OBJ_D)\ssl_lib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_lib.c
+
+$(OBJ_D)\ssl_err2.obj: $(SRC_D)\ssl\ssl_err2.c
+	$(CC) /Fo$(OBJ_D)\ssl_err2.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_err2.c
+
+$(OBJ_D)\ssl_cert.obj: $(SRC_D)\ssl\ssl_cert.c
+	$(CC) /Fo$(OBJ_D)\ssl_cert.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_cert.c
+
+$(OBJ_D)\ssl_sess.obj: $(SRC_D)\ssl\ssl_sess.c
+	$(CC) /Fo$(OBJ_D)\ssl_sess.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_sess.c
+
+$(OBJ_D)\ssl_ciph.obj: $(SRC_D)\ssl\ssl_ciph.c
+	$(CC) /Fo$(OBJ_D)\ssl_ciph.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_ciph.c
+
+$(OBJ_D)\ssl_stat.obj: $(SRC_D)\ssl\ssl_stat.c
+	$(CC) /Fo$(OBJ_D)\ssl_stat.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_stat.c
+
+$(OBJ_D)\ssl_rsa.obj: $(SRC_D)\ssl\ssl_rsa.c
+	$(CC) /Fo$(OBJ_D)\ssl_rsa.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_rsa.c
+
+$(OBJ_D)\ssl_asn1.obj: $(SRC_D)\ssl\ssl_asn1.c
+	$(CC) /Fo$(OBJ_D)\ssl_asn1.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_asn1.c
+
+$(OBJ_D)\ssl_txt.obj: $(SRC_D)\ssl\ssl_txt.c
+	$(CC) /Fo$(OBJ_D)\ssl_txt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_txt.c
+
+$(OBJ_D)\ssl_algs.obj: $(SRC_D)\ssl\ssl_algs.c
+	$(CC) /Fo$(OBJ_D)\ssl_algs.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_algs.c
+
+$(OBJ_D)\ssl_conf.obj: $(SRC_D)\ssl\ssl_conf.c
+	$(CC) /Fo$(OBJ_D)\ssl_conf.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_conf.c
+
+$(OBJ_D)\bio_ssl.obj: $(SRC_D)\ssl\bio_ssl.c
+	$(CC) /Fo$(OBJ_D)\bio_ssl.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\bio_ssl.c
+
+$(OBJ_D)\ssl_err.obj: $(SRC_D)\ssl\ssl_err.c
+	$(CC) /Fo$(OBJ_D)\ssl_err.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_err.c
+
+$(OBJ_D)\kssl.obj: $(SRC_D)\ssl\kssl.c
+	$(CC) /Fo$(OBJ_D)\kssl.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\kssl.c
+
+$(OBJ_D)\t1_reneg.obj: $(SRC_D)\ssl\t1_reneg.c
+	$(CC) /Fo$(OBJ_D)\t1_reneg.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_reneg.c
+
+$(OBJ_D)\tls_srp.obj: $(SRC_D)\ssl\tls_srp.c
+	$(CC) /Fo$(OBJ_D)\tls_srp.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\tls_srp.c
+
+$(OBJ_D)\t1_trce.obj: $(SRC_D)\ssl\t1_trce.c
+	$(CC) /Fo$(OBJ_D)\t1_trce.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_trce.c
+
+$(OBJ_D)\ssl_utst.obj: $(SRC_D)\ssl\ssl_utst.c
+	$(CC) /Fo$(OBJ_D)\ssl_utst.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_utst.c
+
 $(OBJ_D)\cryptlib.obj: $(SRC_D)\crypto\cryptlib.c
 	$(CC) /Fo$(OBJ_D)\cryptlib.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\cryptlib.c
 
@@ -3196,156 +3350,6 @@ $(OBJ_D)\gost_pmeth.obj: $(SRC_D)\engines\ccgost\gost_pmeth.c
 $(OBJ_D)\gost_sign.obj: $(SRC_D)\engines\ccgost\gost_sign.c
 	$(CC) /Fo$(OBJ_D)\gost_sign.obj  $(LIB_CFLAGS) -c $(SRC_D)\engines\ccgost\gost_sign.c
 
-$(OBJ_D)\s2_meth.obj: $(SRC_D)\ssl\s2_meth.c
-	$(CC) /Fo$(OBJ_D)\s2_meth.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_meth.c
-
-$(OBJ_D)\s2_srvr.obj: $(SRC_D)\ssl\s2_srvr.c
-	$(CC) /Fo$(OBJ_D)\s2_srvr.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_srvr.c
-
-$(OBJ_D)\s2_clnt.obj: $(SRC_D)\ssl\s2_clnt.c
-	$(CC) /Fo$(OBJ_D)\s2_clnt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_clnt.c
-
-$(OBJ_D)\s2_lib.obj: $(SRC_D)\ssl\s2_lib.c
-	$(CC) /Fo$(OBJ_D)\s2_lib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_lib.c
-
-$(OBJ_D)\s2_enc.obj: $(SRC_D)\ssl\s2_enc.c
-	$(CC) /Fo$(OBJ_D)\s2_enc.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_enc.c
-
-$(OBJ_D)\s2_pkt.obj: $(SRC_D)\ssl\s2_pkt.c
-	$(CC) /Fo$(OBJ_D)\s2_pkt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_pkt.c
-
-$(OBJ_D)\s3_meth.obj: $(SRC_D)\ssl\s3_meth.c
-	$(CC) /Fo$(OBJ_D)\s3_meth.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_meth.c
-
-$(OBJ_D)\s3_srvr.obj: $(SRC_D)\ssl\s3_srvr.c
-	$(CC) /Fo$(OBJ_D)\s3_srvr.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_srvr.c
-
-$(OBJ_D)\s3_clnt.obj: $(SRC_D)\ssl\s3_clnt.c
-	$(CC) /Fo$(OBJ_D)\s3_clnt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_clnt.c
-
-$(OBJ_D)\s3_lib.obj: $(SRC_D)\ssl\s3_lib.c
-	$(CC) /Fo$(OBJ_D)\s3_lib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_lib.c
-
-$(OBJ_D)\s3_enc.obj: $(SRC_D)\ssl\s3_enc.c
-	$(CC) /Fo$(OBJ_D)\s3_enc.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_enc.c
-
-$(OBJ_D)\s3_pkt.obj: $(SRC_D)\ssl\s3_pkt.c
-	$(CC) /Fo$(OBJ_D)\s3_pkt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_pkt.c
-
-$(OBJ_D)\s3_both.obj: $(SRC_D)\ssl\s3_both.c
-	$(CC) /Fo$(OBJ_D)\s3_both.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_both.c
-
-$(OBJ_D)\s3_cbc.obj: $(SRC_D)\ssl\s3_cbc.c
-	$(CC) /Fo$(OBJ_D)\s3_cbc.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_cbc.c
-
-$(OBJ_D)\s23_meth.obj: $(SRC_D)\ssl\s23_meth.c
-	$(CC) /Fo$(OBJ_D)\s23_meth.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_meth.c
-
-$(OBJ_D)\s23_srvr.obj: $(SRC_D)\ssl\s23_srvr.c
-	$(CC) /Fo$(OBJ_D)\s23_srvr.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_srvr.c
-
-$(OBJ_D)\s23_clnt.obj: $(SRC_D)\ssl\s23_clnt.c
-	$(CC) /Fo$(OBJ_D)\s23_clnt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_clnt.c
-
-$(OBJ_D)\s23_lib.obj: $(SRC_D)\ssl\s23_lib.c
-	$(CC) /Fo$(OBJ_D)\s23_lib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_lib.c
-
-$(OBJ_D)\s23_pkt.obj: $(SRC_D)\ssl\s23_pkt.c
-	$(CC) /Fo$(OBJ_D)\s23_pkt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_pkt.c
-
-$(OBJ_D)\t1_meth.obj: $(SRC_D)\ssl\t1_meth.c
-	$(CC) /Fo$(OBJ_D)\t1_meth.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_meth.c
-
-$(OBJ_D)\t1_srvr.obj: $(SRC_D)\ssl\t1_srvr.c
-	$(CC) /Fo$(OBJ_D)\t1_srvr.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_srvr.c
-
-$(OBJ_D)\t1_clnt.obj: $(SRC_D)\ssl\t1_clnt.c
-	$(CC) /Fo$(OBJ_D)\t1_clnt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_clnt.c
-
-$(OBJ_D)\t1_lib.obj: $(SRC_D)\ssl\t1_lib.c
-	$(CC) /Fo$(OBJ_D)\t1_lib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_lib.c
-
-$(OBJ_D)\t1_enc.obj: $(SRC_D)\ssl\t1_enc.c
-	$(CC) /Fo$(OBJ_D)\t1_enc.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_enc.c
-
-$(OBJ_D)\t1_ext.obj: $(SRC_D)\ssl\t1_ext.c
-	$(CC) /Fo$(OBJ_D)\t1_ext.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_ext.c
-
-$(OBJ_D)\d1_meth.obj: $(SRC_D)\ssl\d1_meth.c
-	$(CC) /Fo$(OBJ_D)\d1_meth.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_meth.c
-
-$(OBJ_D)\d1_srvr.obj: $(SRC_D)\ssl\d1_srvr.c
-	$(CC) /Fo$(OBJ_D)\d1_srvr.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_srvr.c
-
-$(OBJ_D)\d1_clnt.obj: $(SRC_D)\ssl\d1_clnt.c
-	$(CC) /Fo$(OBJ_D)\d1_clnt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_clnt.c
-
-$(OBJ_D)\d1_lib.obj: $(SRC_D)\ssl\d1_lib.c
-	$(CC) /Fo$(OBJ_D)\d1_lib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_lib.c
-
-$(OBJ_D)\d1_pkt.obj: $(SRC_D)\ssl\d1_pkt.c
-	$(CC) /Fo$(OBJ_D)\d1_pkt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_pkt.c
-
-$(OBJ_D)\d1_both.obj: $(SRC_D)\ssl\d1_both.c
-	$(CC) /Fo$(OBJ_D)\d1_both.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_both.c
-
-$(OBJ_D)\d1_srtp.obj: $(SRC_D)\ssl\d1_srtp.c
-	$(CC) /Fo$(OBJ_D)\d1_srtp.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\d1_srtp.c
-
-$(OBJ_D)\ssl_lib.obj: $(SRC_D)\ssl\ssl_lib.c
-	$(CC) /Fo$(OBJ_D)\ssl_lib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_lib.c
-
-$(OBJ_D)\ssl_err2.obj: $(SRC_D)\ssl\ssl_err2.c
-	$(CC) /Fo$(OBJ_D)\ssl_err2.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_err2.c
-
-$(OBJ_D)\ssl_cert.obj: $(SRC_D)\ssl\ssl_cert.c
-	$(CC) /Fo$(OBJ_D)\ssl_cert.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_cert.c
-
-$(OBJ_D)\ssl_sess.obj: $(SRC_D)\ssl\ssl_sess.c
-	$(CC) /Fo$(OBJ_D)\ssl_sess.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_sess.c
-
-$(OBJ_D)\ssl_ciph.obj: $(SRC_D)\ssl\ssl_ciph.c
-	$(CC) /Fo$(OBJ_D)\ssl_ciph.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_ciph.c
-
-$(OBJ_D)\ssl_stat.obj: $(SRC_D)\ssl\ssl_stat.c
-	$(CC) /Fo$(OBJ_D)\ssl_stat.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_stat.c
-
-$(OBJ_D)\ssl_rsa.obj: $(SRC_D)\ssl\ssl_rsa.c
-	$(CC) /Fo$(OBJ_D)\ssl_rsa.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_rsa.c
-
-$(OBJ_D)\ssl_asn1.obj: $(SRC_D)\ssl\ssl_asn1.c
-	$(CC) /Fo$(OBJ_D)\ssl_asn1.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_asn1.c
-
-$(OBJ_D)\ssl_txt.obj: $(SRC_D)\ssl\ssl_txt.c
-	$(CC) /Fo$(OBJ_D)\ssl_txt.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_txt.c
-
-$(OBJ_D)\ssl_algs.obj: $(SRC_D)\ssl\ssl_algs.c
-	$(CC) /Fo$(OBJ_D)\ssl_algs.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_algs.c
-
-$(OBJ_D)\ssl_conf.obj: $(SRC_D)\ssl\ssl_conf.c
-	$(CC) /Fo$(OBJ_D)\ssl_conf.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_conf.c
-
-$(OBJ_D)\bio_ssl.obj: $(SRC_D)\ssl\bio_ssl.c
-	$(CC) /Fo$(OBJ_D)\bio_ssl.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\bio_ssl.c
-
-$(OBJ_D)\ssl_err.obj: $(SRC_D)\ssl\ssl_err.c
-	$(CC) /Fo$(OBJ_D)\ssl_err.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_err.c
-
-$(OBJ_D)\kssl.obj: $(SRC_D)\ssl\kssl.c
-	$(CC) /Fo$(OBJ_D)\kssl.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\kssl.c
-
-$(OBJ_D)\t1_reneg.obj: $(SRC_D)\ssl\t1_reneg.c
-	$(CC) /Fo$(OBJ_D)\t1_reneg.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_reneg.c
-
-$(OBJ_D)\tls_srp.obj: $(SRC_D)\ssl\tls_srp.c
-	$(CC) /Fo$(OBJ_D)\tls_srp.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\tls_srp.c
-
-$(OBJ_D)\t1_trce.obj: $(SRC_D)\ssl\t1_trce.c
-	$(CC) /Fo$(OBJ_D)\t1_trce.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\t1_trce.c
-
-$(OBJ_D)\ssl_utst.obj: $(SRC_D)\ssl\ssl_utst.c
-	$(CC) /Fo$(OBJ_D)\ssl_utst.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_utst.c
-
 $(OBJ_D)\$(CRYPTO).res: ms\version32.rc
 	$(RSC) /fo"$(OBJ_D)\$(CRYPTO).res" /d CRYPTO ms\version32.rc
 
@@ -3568,6 +3572,12 @@ $(TEST_D)\bad_dtls_test.exe: $(OBJ_D)\bad_dtls_test.obj $(LIBS_DEP)
 <<
 	IF EXIST $@.manifest mt -nologo -manifest $@.manifest -outputresource:$@;1
 
+$(TEST_D)\fatalerrtest.exe: $(OBJ_D)\fatalerrtest.obj $(OBJ_D)\ssltestlib.obj $(LIBS_DEP)
+	$(LINK_CMD) $(LFLAGS) /out:$(TEST_D)\fatalerrtest.exe @<<
+	$(APP_EX_OBJ) $(OBJ_D)\fatalerrtest.obj $(OBJ_D)\ssltestlib.obj $(L_LIBS) $(EX_LIBS)
+<<
+	IF EXIST $@.manifest mt -nologo -manifest $@.manifest -outputresource:$@;1
+
 $(TEST_D)\igetest.exe: $(OBJ_D)\igetest.obj $(LIBS_DEP)
 	$(LINK_CMD) $(LFLAGS) /out:$(TEST_D)\igetest.exe @<<
 	$(APP_EX_OBJ) $(OBJ_D)\igetest.obj $(L_LIBS) $(EX_LIBS)
diff --git a/ms/ntdll.mak b/ms/ntdll.mak
index a658f6c4..c307a3ed 100644
--- a/ms/ntdll.mak
+++ b/ms/ntdll.mak
@@ -18,7 +18,7 @@ OPENSSLDIR=\usr\local\ssl
 # Set your compiler options
 PLATFORM=VC-WIN32
 CC=cl
-CFLAG= /MD /Ox /O2 /Ob2 -DOPENSSL_THREADS  -DDSO_WIN32 -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DOPENSSL_USE_APPLINK -I. -DOPENSSL_NO_IDEA -DOPENSSL_NO_RC5 -DOPENSSL_NO_MD2 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_SSL2 -DOPENSSL_NO_KRB5 -DOPENSSL_NO_JPAKE -DOPENSSL_NO_WEAK_SSL_CIPHERS -DOPENSSL_NO_STATIC_ENGINE    
+CFLAG= /MD /Ox /O2 /Ob2 -DOPENSSL_THREADS  -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DOPENSSL_USE_APPLINK -I. -DOPENSSL_NO_IDEA -DOPENSSL_NO_RC5 -DOPENSSL_NO_MD2 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_SSL2 -DOPENSSL_NO_KRB5 -DOPENSSL_NO_JPAKE -DOPENSSL_NO_WEAK_SSL_CIPHERS -DOPENSSL_NO_STATIC_ENGINE    
 APP_CFLAG= /Zi /Fd$(TMP_D)/app
 LIB_CFLAG= /Zi /Fd$(TMP_D)/lib -D_WINDLL
 SHLIB_CFLAG=
@@ -174,8 +174,8 @@ T_OBJ=$(OBJ_D)\constant_time_test.obj \
 	$(OBJ_D)\verify_extra_test.obj $(OBJ_D)\v3nametest.obj $(OBJ_D)\enginetest.obj \
 	$(OBJ_D)\wp_test.obj $(OBJ_D)\srptest.obj $(OBJ_D)\ssltest.obj \
 	$(OBJ_D)\heartbeat_test.obj $(OBJ_D)\clienthellotest.obj $(OBJ_D)\sslv2conftest.obj \
-	$(OBJ_D)\dtlstest.obj $(OBJ_D)\bad_dtls_test.obj $(OBJ_D)\igetest.obj \
-	$(OBJ_D)\.obj $(OBJ_D)\ssltestlib.obj 
+	$(OBJ_D)\dtlstest.obj $(OBJ_D)\bad_dtls_test.obj $(OBJ_D)\fatalerrtest.obj \
+	$(OBJ_D)\igetest.obj $(OBJ_D)\.obj $(OBJ_D)\ssltestlib.obj 
 
 E_OBJ=$(OBJ_D)\verify.obj \
 	$(OBJ_D)\asn1pars.obj $(OBJ_D)\req.obj $(OBJ_D)\dgst.obj \
@@ -196,6 +196,13 @@ E_OBJ=$(OBJ_D)\verify.obj \
 	$(OBJ_D)\ocsp.obj $(OBJ_D)\prime.obj $(OBJ_D)\ts.obj \
 	$(OBJ_D)\srp.obj $(OBJ_D)\openssl.obj 
 
+GOSTOBJ=$(OBJ_D)\e_gost_err.obj \
+	$(OBJ_D)\gost2001_keyx.obj $(OBJ_D)\gost2001.obj $(OBJ_D)\gost89.obj \
+	$(OBJ_D)\gost94_keyx.obj $(OBJ_D)\gost_ameth.obj $(OBJ_D)\gost_asn1.obj \
+	$(OBJ_D)\gost_crypt.obj $(OBJ_D)\gost_ctl.obj $(OBJ_D)\gost_eng.obj \
+	$(OBJ_D)\gosthash.obj $(OBJ_D)\gost_keywrap.obj $(OBJ_D)\gost_md.obj \
+	$(OBJ_D)\gost_params.obj $(OBJ_D)\gost_pmeth.obj $(OBJ_D)\gost_sign.obj 
+
 SSLOBJ=$(OBJ_D)\s2_meth.obj \
 	$(OBJ_D)\s2_srvr.obj $(OBJ_D)\s2_clnt.obj $(OBJ_D)\s2_lib.obj \
 	$(OBJ_D)\s2_enc.obj $(OBJ_D)\s2_pkt.obj $(OBJ_D)\s3_meth.obj \
@@ -215,13 +222,6 @@ SSLOBJ=$(OBJ_D)\s2_meth.obj \
 	$(OBJ_D)\t1_reneg.obj $(OBJ_D)\tls_srp.obj $(OBJ_D)\t1_trce.obj \
 	$(OBJ_D)\ssl_utst.obj $(OBJ_D)\$(SSL).res 
 
-GOSTOBJ=$(OBJ_D)\e_gost_err.obj \
-	$(OBJ_D)\gost2001_keyx.obj $(OBJ_D)\gost2001.obj $(OBJ_D)\gost89.obj \
-	$(OBJ_D)\gost94_keyx.obj $(OBJ_D)\gost_ameth.obj $(OBJ_D)\gost_asn1.obj \
-	$(OBJ_D)\gost_crypt.obj $(OBJ_D)\gost_ctl.obj $(OBJ_D)\gost_eng.obj \
-	$(OBJ_D)\gosthash.obj $(OBJ_D)\gost_keywrap.obj $(OBJ_D)\gost_md.obj \
-	$(OBJ_D)\gost_params.obj $(OBJ_D)\gost_pmeth.obj $(OBJ_D)\gost_sign.obj 
-
 CRYPTOOBJ=$(OBJ_D)\cryptlib.obj \
 	$(OBJ_D)\mem.obj $(OBJ_D)\mem_dbg.obj $(OBJ_D)\cversion.obj \
 	$(OBJ_D)\ex_data.obj $(OBJ_D)\cpt_err.obj $(OBJ_D)\ebcdic.obj \
@@ -432,7 +432,8 @@ T_EXE=$(TEST_D)\constant_time_test.exe \
 	$(TEST_D)\verify_extra_test.exe $(TEST_D)\v3nametest.exe $(TEST_D)\enginetest.exe \
 	$(TEST_D)\wp_test.exe $(TEST_D)\srptest.exe $(TEST_D)\ssltest.exe \
 	$(TEST_D)\heartbeat_test.exe $(TEST_D)\clienthellotest.exe $(TEST_D)\sslv2conftest.exe \
-	$(TEST_D)\dtlstest.exe $(TEST_D)\bad_dtls_test.exe $(TEST_D)\igetest.exe 
+	$(TEST_D)\dtlstest.exe $(TEST_D)\bad_dtls_test.exe $(TEST_D)\fatalerrtest.exe \
+	$(TEST_D)\igetest.exe 
 
 E_SHLIB=$(ENG_D)\4758cca.dll \
 	$(ENG_D)\aep.dll $(ENG_D)\atalla.dll $(ENG_D)\cswift.dll \
@@ -495,7 +496,7 @@ install: all
 	$(MKDIR) "$(INSTALLTOP)\include\openssl"
 	$(MKDIR) "$(INSTALLTOP)\lib"
 	$(CP) "$(INCO_D)\*.[ch]" "$(INSTALLTOP)\include\openssl"
-	$(CP) "$(BIN_D)\$(E_EXE).exe $(INSTALLTOP)\bin"
+	$(CP) "$(BIN_D)\$(E_EXE).exe" "$(INSTALLTOP)\bin"
 	$(MKDIR) "$(OPENSSLDIR)"
 	$(CP) apps\openssl.cnf "$(OPENSSLDIR)"
 	$(CP) "$(O_SSL)" "$(INSTALLTOP)\bin"
@@ -503,7 +504,7 @@ install: all
 	$(CP) "$(L_SSL)" "$(INSTALLTOP)\lib"
 	$(CP) "$(L_CRYPTO)" "$(INSTALLTOP)\lib"
 	$(MKDIR) "$(INSTALLTOP)\lib\engines"
-	$(CP) "$(E_SHLIB)" "$(INSTALLTOP)\lib\engines"
+	$(CP) $(E_SHLIB) "$(INSTALLTOP)\lib\engines"
 
 
 clean:
@@ -1070,6 +1071,9 @@ $(OBJ_D)\dtlstest.obj: $(SRC_D)\ssl\dtlstest.c
 $(OBJ_D)\bad_dtls_test.obj: $(SRC_D)\ssl\bad_dtls_test.c
 	$(CC) /Fo$(OBJ_D)\bad_dtls_test.obj $(APP_CFLAGS) -c $(SRC_D)\ssl\bad_dtls_test.c
 
+$(OBJ_D)\fatalerrtest.obj: $(SRC_D)\ssl\fatalerrtest.c
+	$(CC) /Fo$(OBJ_D)\fatalerrtest.obj $(APP_CFLAGS) -c $(SRC_D)\ssl\fatalerrtest.c
+
 $(OBJ_D)\igetest.obj: $(SRC_D)\test\igetest.c
 	$(CC) /Fo$(OBJ_D)\igetest.obj $(APP_CFLAGS) -c $(SRC_D)\test\igetest.c
 
@@ -1229,6 +1233,54 @@ $(OBJ_D)\srp.obj: $(SRC_D)\apps\srp.c
 $(OBJ_D)\openssl.obj: $(SRC_D)\apps\openssl.c
 	$(CC) /Fo$(OBJ_D)\openssl.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\openssl.c
 
+$(OBJ_D)\e_gost_err.obj: $(SRC_D)\engines\ccgost\e_gost_err.c
+	$(CC) /Fo$(OBJ_D)\e_gost_err.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\engines\ccgost\e_gost_err.c
+
+$(OBJ_D)\gost2001_keyx.obj: $(SRC_D)\engines\ccgost\gost2001_keyx.c
+	$(CC) /Fo$(OBJ_D)\gost2001_keyx.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\engines\ccgost\gost2001_keyx.c
+
+$(OBJ_D)\gost2001.obj: $(SRC_D)\engines\ccgost\gost2001.c
+	$(CC) /Fo$(OBJ_D)\gost2001.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\engines\ccgost\gost2001.c
+
+$(OBJ_D)\gost89.obj: $(SRC_D)\engines\ccgost\gost89.c
+	$(CC) /Fo$(OBJ_D)\gost89.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\engines\ccgost\gost89.c
+
+$(OBJ_D)\gost94_keyx.obj: $(SRC_D)\engines\ccgost\gost94_keyx.c
+	$(CC) /Fo$(OBJ_D)\gost94_keyx.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\engines\ccgost\gost94_keyx.c
+
+$(OBJ_D)\gost_ameth.obj: $(SRC_D)\engines\ccgost\gost_ameth.c
+	$(CC) /Fo$(OBJ_D)\gost_ameth.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\engines\ccgost\gost_ameth.c
+
+$(OBJ_D)\gost_asn1.obj: $(SRC_D)\engines\ccgost\gost_asn1.c
+	$(CC) /Fo$(OBJ_D)\gost_asn1.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\engines\ccgost\gost_asn1.c
+
+$(OBJ_D)\gost_crypt.obj: $(SRC_D)\engines\ccgost\gost_crypt.c
+	$(CC) /Fo$(OBJ_D)\gost_crypt.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\engines\ccgost\gost_crypt.c
+
+$(OBJ_D)\gost_ctl.obj: $(SRC_D)\engines\ccgost\gost_ctl.c
+	$(CC) /Fo$(OBJ_D)\gost_ctl.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\engines\ccgost\gost_ctl.c
+
+$(OBJ_D)\gost_eng.obj: $(SRC_D)\engines\ccgost\gost_eng.c
+	$(CC) /Fo$(OBJ_D)\gost_eng.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\engines\ccgost\gost_eng.c
+
+$(OBJ_D)\gosthash.obj: $(SRC_D)\engines\ccgost\gosthash.c
+	$(CC) /Fo$(OBJ_D)\gosthash.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\engines\ccgost\gosthash.c
+
+$(OBJ_D)\gost_keywrap.obj: $(SRC_D)\engines\ccgost\gost_keywrap.c
+	$(CC) /Fo$(OBJ_D)\gost_keywrap.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\engines\ccgost\gost_keywrap.c
+
+$(OBJ_D)\gost_md.obj: $(SRC_D)\engines\ccgost\gost_md.c
+	$(CC) /Fo$(OBJ_D)\gost_md.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\engines\ccgost\gost_md.c
+
+$(OBJ_D)\gost_params.obj: $(SRC_D)\engines\ccgost\gost_params.c
+	$(CC) /Fo$(OBJ_D)\gost_params.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\engines\ccgost\gost_params.c
+
+$(OBJ_D)\gost_pmeth.obj: $(SRC_D)\engines\ccgost\gost_pmeth.c
+	$(CC) /Fo$(OBJ_D)\gost_pmeth.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\engines\ccgost\gost_pmeth.c
+
+$(OBJ_D)\gost_sign.obj: $(SRC_D)\engines\ccgost\gost_sign.c
+	$(CC) /Fo$(OBJ_D)\gost_sign.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\engines\ccgost\gost_sign.c
+
 $(OBJ_D)\s2_meth.obj: $(SRC_D)\ssl\s2_meth.c
 	$(CC) /Fo$(OBJ_D)\s2_meth.obj  $(SHLIB_CFLAGS) -DOPENSSL_BUILD_SHLIBSSL -c $(SRC_D)\ssl\s2_meth.c
 
@@ -1379,54 +1431,6 @@ $(OBJ_D)\t1_trce.obj: $(SRC_D)\ssl\t1_trce.c
 $(OBJ_D)\ssl_utst.obj: $(SRC_D)\ssl\ssl_utst.c
 	$(CC) /Fo$(OBJ_D)\ssl_utst.obj  $(SHLIB_CFLAGS) -DOPENSSL_BUILD_SHLIBSSL -c $(SRC_D)\ssl\ssl_utst.c
 
-$(OBJ_D)\e_gost_err.obj: $(SRC_D)\engines\ccgost\e_gost_err.c
-	$(CC) /Fo$(OBJ_D)\e_gost_err.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\engines\ccgost\e_gost_err.c
-
-$(OBJ_D)\gost2001_keyx.obj: $(SRC_D)\engines\ccgost\gost2001_keyx.c
-	$(CC) /Fo$(OBJ_D)\gost2001_keyx.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\engines\ccgost\gost2001_keyx.c
-
-$(OBJ_D)\gost2001.obj: $(SRC_D)\engines\ccgost\gost2001.c
-	$(CC) /Fo$(OBJ_D)\gost2001.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\engines\ccgost\gost2001.c
-
-$(OBJ_D)\gost89.obj: $(SRC_D)\engines\ccgost\gost89.c
-	$(CC) /Fo$(OBJ_D)\gost89.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\engines\ccgost\gost89.c
-
-$(OBJ_D)\gost94_keyx.obj: $(SRC_D)\engines\ccgost\gost94_keyx.c
-	$(CC) /Fo$(OBJ_D)\gost94_keyx.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\engines\ccgost\gost94_keyx.c
-
-$(OBJ_D)\gost_ameth.obj: $(SRC_D)\engines\ccgost\gost_ameth.c
-	$(CC) /Fo$(OBJ_D)\gost_ameth.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\engines\ccgost\gost_ameth.c
-
-$(OBJ_D)\gost_asn1.obj: $(SRC_D)\engines\ccgost\gost_asn1.c
-	$(CC) /Fo$(OBJ_D)\gost_asn1.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\engines\ccgost\gost_asn1.c
-
-$(OBJ_D)\gost_crypt.obj: $(SRC_D)\engines\ccgost\gost_crypt.c
-	$(CC) /Fo$(OBJ_D)\gost_crypt.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\engines\ccgost\gost_crypt.c
-
-$(OBJ_D)\gost_ctl.obj: $(SRC_D)\engines\ccgost\gost_ctl.c
-	$(CC) /Fo$(OBJ_D)\gost_ctl.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\engines\ccgost\gost_ctl.c
-
-$(OBJ_D)\gost_eng.obj: $(SRC_D)\engines\ccgost\gost_eng.c
-	$(CC) /Fo$(OBJ_D)\gost_eng.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\engines\ccgost\gost_eng.c
-
-$(OBJ_D)\gosthash.obj: $(SRC_D)\engines\ccgost\gosthash.c
-	$(CC) /Fo$(OBJ_D)\gosthash.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\engines\ccgost\gosthash.c
-
-$(OBJ_D)\gost_keywrap.obj: $(SRC_D)\engines\ccgost\gost_keywrap.c
-	$(CC) /Fo$(OBJ_D)\gost_keywrap.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\engines\ccgost\gost_keywrap.c
-
-$(OBJ_D)\gost_md.obj: $(SRC_D)\engines\ccgost\gost_md.c
-	$(CC) /Fo$(OBJ_D)\gost_md.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\engines\ccgost\gost_md.c
-
-$(OBJ_D)\gost_params.obj: $(SRC_D)\engines\ccgost\gost_params.c
-	$(CC) /Fo$(OBJ_D)\gost_params.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\engines\ccgost\gost_params.c
-
-$(OBJ_D)\gost_pmeth.obj: $(SRC_D)\engines\ccgost\gost_pmeth.c
-	$(CC) /Fo$(OBJ_D)\gost_pmeth.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\engines\ccgost\gost_pmeth.c
-
-$(OBJ_D)\gost_sign.obj: $(SRC_D)\engines\ccgost\gost_sign.c
-	$(CC) /Fo$(OBJ_D)\gost_sign.obj  $(SHLIB_CFLAGS) -c $(SRC_D)\engines\ccgost\gost_sign.c
-
 $(OBJ_D)\cryptlib.obj: $(SRC_D)\crypto\cryptlib.c
 	$(CC) /Fo$(OBJ_D)\cryptlib.obj  $(SHLIB_CFLAGS) -DOPENSSL_BUILD_SHLIBCRYPTO -c $(SRC_D)\crypto\cryptlib.c
 
@@ -3473,6 +3477,12 @@ $(TEST_D)\bad_dtls_test.exe: $(OBJ_D)\bad_dtls_test.obj $(LIBS_DEP)
 <<
 	IF EXIST $@.manifest mt -nologo -manifest $@.manifest -outputresource:$@;1
 
+$(TEST_D)\fatalerrtest.exe: $(OBJ_D)\fatalerrtest.obj $(OBJ_D)\ssltestlib.obj $(LIBS_DEP)
+	$(LINK_CMD) $(LFLAGS) /out:$(TEST_D)\fatalerrtest.exe @<<
+	$(APP_EX_OBJ) $(OBJ_D)\fatalerrtest.obj $(OBJ_D)\ssltestlib.obj $(L_LIBS) $(EX_LIBS)
+<<
+	IF EXIST $@.manifest mt -nologo -manifest $@.manifest -outputresource:$@;1
+
 $(TEST_D)\igetest.exe: $(OBJ_D)\igetest.obj $(LIBS_DEP)
 	$(LINK_CMD) $(LFLAGS) /out:$(TEST_D)\igetest.exe @<<
 	$(APP_EX_OBJ) $(OBJ_D)\igetest.obj $(L_LIBS) $(EX_LIBS)
diff --git a/ms/uptable.obj b/ms/uptable.obj
index 4eab5441..9ae48611 100644
Binary files a/ms/uptable.obj and b/ms/uptable.obj differ
diff --git a/ms/version32.rc b/ms/version32.rc
index e6a8009b..ebf2c673 100644
--- a/ms/version32.rc
+++ b/ms/version32.rc
@@ -3,8 +3,8 @@
 LANGUAGE 0x09,0x01
 
 1 VERSIONINFO
-  FILEVERSION 1,0,2,11
-  PRODUCTVERSION 1,0,2,11
+  FILEVERSION 1,0,2,15
+  PRODUCTVERSION 1,0,2,15
   FILEFLAGSMASK 0x3fL
 #ifdef _DEBUG
   FILEFLAGS 0x01L
@@ -22,7 +22,7 @@ BEGIN
 	    // Required:	    
 	    VALUE "CompanyName", "The OpenSSL Project, http://www.openssl.org/\0"
 	    VALUE "FileDescription", "OpenSSL Shared Library\0"
-	    VALUE "FileVersion", "1.0.2k\0"
+	    VALUE "FileVersion", "1.0.2o\0"
 #if defined(CRYPTO)
 	    VALUE "InternalName", "libeay32\0"
 	    VALUE "OriginalFilename", "libeay32.dll\0"
@@ -31,7 +31,7 @@ BEGIN
 	    VALUE "OriginalFilename", "ssleay32.dll\0"
 #endif
 	    VALUE "ProductName", "The OpenSSL Toolkit\0"
-	    VALUE "ProductVersion", "1.0.2k\0"
+	    VALUE "ProductVersion", "1.0.2o\0"
 	    // Optional:
 	    //VALUE "Comments", "\0"
 	    VALUE "LegalCopyright", "Copyright  © 1998-2005 The OpenSSL Project. Copyright © 1995-1998 Eric A. Young, Tim J. Hudson. All rights reserved.\0"
diff --git a/openssl.spec b/openssl.spec
index 7bbcdf69..7130564c 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -7,7 +7,7 @@ Release: 1
 
 Summary: Secure Sockets Layer and cryptography libraries and tools
 Name: openssl
-Version: 1.0.2k
+Version: 1.0.2o
 Source0: ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz
 License: OpenSSL
 Group: System Environment/Libraries
diff --git a/ssl/Makefile b/ssl/Makefile
index dd129622..b0a4ee85 100644
--- a/ssl/Makefile
+++ b/ssl/Makefile
@@ -15,7 +15,8 @@ KRB5_INCLUDES=
 CFLAGS= $(INCLUDES) $(CFLAG)
 
 GENERAL=Makefile README ssl-lib.com install.com
-TEST=ssltest.c heartbeat_test.c clienthellotest.c sslv2conftest.c dtlstest.c bad_dtls_test.c
+TEST=ssltest.c heartbeat_test.c clienthellotest.c sslv2conftest.c dtlstest.c \
+	bad_dtls_test.c fatalerrtest.c
 APPS=
 
 LIB=$(TOP)/libssl.a
@@ -268,7 +269,7 @@ d1_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
 d1_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
 d1_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_srvr.c
 d1_srvr.o: ssl_locl.h
-kssl.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+kssl.o: ../crypto/o_time.h ../include/openssl/asn1.h ../include/openssl/bio.h
 kssl.o: ../include/openssl/buffer.h ../include/openssl/comp.h
 kssl.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
 kssl.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
diff --git a/ssl/bad_dtls_test.c b/ssl/bad_dtls_test.c
index 70d8578b..ff754e1e 100644
--- a/ssl/bad_dtls_test.c
+++ b/ssl/bad_dtls_test.c
@@ -19,7 +19,7 @@
  * Note that unlike other SSL tests, we don't test against our own SSL
  * server method. Firstly because we don't have one; we *only* support
  * DTLS1_BAD_VER as a client. And secondly because even if that were
- * fixed up it's the wrong thing to test against — because if changes
+ * fixed up it's the wrong thing to test against - because if changes
  * are made in generic DTLS code which don't take DTLS1_BAD_VER into
  * account, there's plenty of scope for making those changes such that
  * they break *both* the client and the server in the same way.
@@ -590,13 +590,13 @@ static int send_record(BIO *rbio, unsigned char type, unsigned long seqnr,
     unsigned char *enc;
 
 #ifdef SIXTY_FOUR_BIT_LONG
-    seq[0] = (seqnr >> 40) & 0xff;
-    seq[1] = (seqnr >> 32) & 0xff;
+    seq[0] = (unsigned char)(seqnr >> 40);
+    seq[1] = (unsigned char)(seqnr >> 32);
 #endif
-    seq[2] = (seqnr >> 24) & 0xff;
-    seq[3] = (seqnr >> 16) & 0xff;
-    seq[4] = (seqnr >> 8) & 0xff;
-    seq[5] = seqnr & 0xff;
+    seq[2] = (unsigned char)(seqnr >> 24);
+    seq[3] = (unsigned char)(seqnr >> 16);
+    seq[4] = (unsigned char)(seqnr >> 8);
+    seq[5] = (unsigned char)(seqnr);
 
     pad = 15 - ((len + SHA_DIGEST_LENGTH) % 16);
     enc = OPENSSL_malloc(len + SHA_DIGEST_LENGTH + 1 + pad);
@@ -612,8 +612,8 @@ static int send_record(BIO *rbio, unsigned char type, unsigned long seqnr,
     HMAC_Update(&ctx, seq, 6);
     HMAC_Update(&ctx, &type, 1);
     HMAC_Update(&ctx, ver, 2); /* Version */
-    lenbytes[0] = len >> 8;
-    lenbytes[1] = len & 0xff;
+    lenbytes[0] = (unsigned char)(len >> 8);
+    lenbytes[1] = (unsigned char)(len);
     HMAC_Update(&ctx, lenbytes, 2); /* Length */
     HMAC_Update(&ctx, enc, len); /* Finally the data itself */
     HMAC_Final(&ctx, enc + len, NULL);
@@ -637,8 +637,8 @@ static int send_record(BIO *rbio, unsigned char type, unsigned long seqnr,
     BIO_write(rbio, ver, 2);
     BIO_write(rbio, epoch, 2);
     BIO_write(rbio, seq, 6);
-    lenbytes[0] = (len + sizeof(iv)) >> 8;
-    lenbytes[1] = (len + sizeof(iv)) & 0xff;
+    lenbytes[0] = (unsigned char)((len + sizeof(iv)) >> 8);
+    lenbytes[1] = (unsigned char)(len + sizeof(iv));
     BIO_write(rbio, lenbytes, 2);
 
     BIO_write(rbio, iv, sizeof(iv));
diff --git a/ssl/d1_both.c b/ssl/d1_both.c
index 9bc61536..e6bc761e 100644
--- a/ssl/d1_both.c
+++ b/ssl/d1_both.c
@@ -517,6 +517,17 @@ long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
         return i;
     }
 
+    /*
+     * Don't change the *message* read sequence number while listening. For
+     * the *record* write sequence we reflect the ClientHello sequence number
+     * when listening.
+     */
+    if (s->d1->listen)
+        memcpy(s->s3->write_sequence, s->s3->read_sequence,
+               sizeof(s->s3->write_sequence));
+    else
+        s->d1->handshake_read_seq++;
+
     if (mt >= 0 && s->s3->tmp.message_type != mt) {
         al = SSL_AD_UNEXPECTED_MESSAGE;
         SSLerr(SSL_F_DTLS1_GET_MESSAGE, SSL_R_UNEXPECTED_MESSAGE);
@@ -544,10 +555,6 @@ long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
 
     memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
 
-    /* Don't change sequence numbers while listening */
-    if (!s->d1->listen)
-        s->d1->handshake_read_seq++;
-
     s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
     return s->init_num;
 
@@ -1068,7 +1075,9 @@ int dtls1_send_change_cipher_spec(SSL *s, int a, int b)
 int dtls1_read_failed(SSL *s, int code)
 {
     if (code > 0) {
+#ifdef TLS_DEBUG
         fprintf(stderr, "invalid state reached %s:%d", __FILE__, __LINE__);
+#endif
         return 1;
     }
 
@@ -1140,7 +1149,9 @@ int dtls1_retransmit_buffered_messages(SSL *s)
                                      (frag->msg_header.seq,
                                       frag->msg_header.is_ccs), 0,
                                      &found) <= 0 && found) {
+#ifdef TLS_DEBUG
             fprintf(stderr, "dtls1_retransmit_message() failed\n");
+#endif
             return -1;
         }
     }
@@ -1240,7 +1251,9 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
 
     item = pqueue_find(s->d1->sent_messages, seq64be);
     if (item == NULL) {
+#ifdef TLS_DEBUG
         fprintf(stderr, "retransmit:  message %d non-existant\n", seq);
+#endif
         *found = 0;
         return 0;
     }
diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c
index 7e2f5c28..76451a34 100644
--- a/ssl/d1_clnt.c
+++ b/ssl/d1_clnt.c
@@ -320,8 +320,13 @@ int dtls1_connect(SSL *s)
             s->shutdown = 0;
 
             /* every DTLS ClientHello resets Finished MAC */
-            ssl3_init_finished_mac(s);
+            if (!ssl3_init_finished_mac(s)) {
+                ret = -1;
+                s->state = SSL_ST_ERR;
+                goto end;
+            }
 
+            /* fall thru */
         case SSL3_ST_CW_CLNT_HELLO_B:
             dtls1_start_timer(s);
             ret = ssl3_client_hello(s);
diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c
index debd4fd5..95b5033d 100644
--- a/ssl/d1_lib.c
+++ b/ssl/d1_lib.c
@@ -126,9 +126,9 @@ int dtls1_new(SSL *s)
 
     if (!ssl3_new(s))
         return (0);
-    if ((d1 = OPENSSL_malloc(sizeof *d1)) == NULL)
+    if ((d1 = OPENSSL_malloc(sizeof(*d1))) == NULL)
         return (0);
-    memset(d1, 0, sizeof *d1);
+    memset(d1, 0, sizeof(*d1));
 
     /* d1->handshake_epoch=0; */
 
diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c
index 7a02459f..f5deddf7 100644
--- a/ssl/d1_pkt.c
+++ b/ssl/d1_pkt.c
@@ -4,7 +4,7 @@
  * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
  */
 /* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2018 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -706,8 +706,11 @@ int dtls1_get_record(SSL *s)
 
         n2s(p, rr->length);
 
-        /* Lets check version */
-        if (!s->first_packet) {
+        /*
+         * Lets check the version. We tolerate alerts that don't have the exact
+         * version number (e.g. because of protocol version errors)
+         */
+        if (!s->first_packet && rr->type != SSL3_RT_ALERT) {
             if (version != s->version) {
                 /* unexpected version, silently discard */
                 rr->length = 0;
@@ -1061,7 +1064,7 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
         unsigned int *dest_len = NULL;
 
         if (rr->type == SSL3_RT_HANDSHAKE) {
-            dest_maxlen = sizeof s->d1->handshake_fragment;
+            dest_maxlen = sizeof(s->d1->handshake_fragment);
             dest = s->d1->handshake_fragment;
             dest_len = &s->d1->handshake_fragment_len;
         } else if (rr->type == SSL3_RT_ALERT) {
@@ -1202,6 +1205,24 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
         goto start;
     }
 
+    /*
+     * If we are a server and get a client hello when renegotiation isn't
+     * allowed send back a no renegotiation alert and carry on.
+     */
+    if (s->server
+            && SSL_is_init_finished(s)
+            && !s->s3->send_connection_binding
+            && s->d1->handshake_fragment_len >= DTLS1_HM_HEADER_LENGTH
+            && s->d1->handshake_fragment[0] == SSL3_MT_CLIENT_HELLO
+            && s->s3->previous_client_finished_len != 0
+            && (s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION) == 0) {
+        s->d1->handshake_fragment_len = 0;
+        rr->length = 0;
+        ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_NO_RENEGOTIATION);
+        goto start;
+    }
+
+
     if (s->d1->alert_fragment_len >= DTLS1_AL_HEADER_LENGTH) {
         int alert_level = s->d1->alert_fragment[0];
         int alert_descr = s->d1->alert_fragment[1];
@@ -1286,7 +1307,7 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
             s->s3->fatal_alert = alert_descr;
             SSLerr(SSL_F_DTLS1_READ_BYTES,
                    SSL_AD_REASON_OFFSET + alert_descr);
-            BIO_snprintf(tmp, sizeof tmp, "%d", alert_descr);
+            BIO_snprintf(tmp, sizeof(tmp), "%d", alert_descr);
             ERR_add_error_data(2, "SSL alert number ", tmp);
             s->shutdown |= SSL_RECEIVED_SHUTDOWN;
             SSL_CTX_remove_session(s->session_ctx, s->session);
@@ -1323,9 +1344,9 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
         /* XDTLS: check that epoch is consistent */
         if ((rr->length != ccs_hdr_len) ||
             (rr->off != 0) || (rr->data[0] != SSL3_MT_CCS)) {
-            i = SSL_AD_ILLEGAL_PARAMETER;
+            al = SSL_AD_ILLEGAL_PARAMETER;
             SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_BAD_CHANGE_CIPHER_SPEC);
-            goto err;
+            goto f_err;
         }
 
         rr->length = 0;
diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c
index bc875b53..8502b242 100644
--- a/ssl/d1_srvr.c
+++ b/ssl/d1_srvr.c
@@ -282,7 +282,12 @@ int dtls1_accept(SSL *s)
                         goto end;
                     }
 
-                ssl3_init_finished_mac(s);
+                if (!ssl3_init_finished_mac(s)) {
+                    ret = -1;
+                    s->state = SSL_ST_ERR;
+                    goto end;
+                }
+
                 s->state = SSL3_ST_SR_CLNT_HELLO_A;
                 s->ctx->stats.sess_accept++;
             } else if (!s->s3->send_connection_binding &&
@@ -322,7 +327,11 @@ int dtls1_accept(SSL *s)
             s->state = SSL3_ST_SW_FLUSH;
             s->init_num = 0;
 
-            ssl3_init_finished_mac(s);
+            if (!ssl3_init_finished_mac(s)) {
+                ret = -1;
+                s->state = SSL_ST_ERR;
+                goto end;
+            }
             break;
 
         case SSL3_ST_SW_HELLO_REQ_C:
@@ -346,15 +355,6 @@ int dtls1_accept(SSL *s)
 
             s->init_num = 0;
 
-            /*
-             * Reflect ClientHello sequence to remain stateless while
-             * listening
-             */
-            if (listen) {
-                memcpy(s->s3->write_sequence, s->s3->read_sequence,
-                       sizeof(s->s3->write_sequence));
-            }
-
             /* If we're just listening, stop here */
             if (listen && s->state == SSL3_ST_SW_SRVR_HELLO_A) {
                 ret = 2;
@@ -381,7 +381,11 @@ int dtls1_accept(SSL *s)
 
             /* HelloVerifyRequest resets Finished MAC */
             if (s->version != DTLS1_BAD_VER)
-                ssl3_init_finished_mac(s);
+                if (!ssl3_init_finished_mac(s)) {
+                    ret = -1;
+                    s->state = SSL_ST_ERR;
+                    goto end;
+                }
             break;
 
 #ifndef OPENSSL_NO_SCTP
diff --git a/ssl/fatalerrtest.c b/ssl/fatalerrtest.c
new file mode 100644
index 00000000..f9d66e27
--- /dev/null
+++ b/ssl/fatalerrtest.c
@@ -0,0 +1,109 @@
+/*
+ * Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+#include "ssltestlib.h"
+
+int main(int argc, char *argv[])
+{
+    SSL_CTX *sctx = NULL, *cctx = NULL;
+    SSL *sssl = NULL, *cssl = NULL;
+    const char *msg = "Dummy";
+    BIO *err = NULL, *wbio = NULL;
+    int ret = 1, len;
+    char buf[80];
+    unsigned char dummyrec[] = {
+        0x17, 0x03, 0x03, 0x00, 0x05, 'D', 'u', 'm', 'm', 'y'
+    };
+
+    if (argc != 3) {
+        printf("Incorrect number of parameters\n");
+        return 1;
+    }
+
+    SSL_library_init();
+    SSL_load_error_strings();
+    err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+    CRYPTO_malloc_debug_init();
+    CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
+    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+    if (!create_ssl_ctx_pair(SSLv23_method(), SSLv23_method(), &sctx, &cctx,
+                             argv[1], argv[2])) {
+        printf("Failed to create SSL_CTX pair\n");
+        goto err;
+    }
+
+    /*
+     * Deliberately set the cipher lists for client and server to be different
+     * to force a handshake failure.
+     */
+    if (!SSL_CTX_set_cipher_list(sctx, "AES128-SHA")
+            || !SSL_CTX_set_cipher_list(cctx, "AES256-SHA")) {
+        printf("Failed to set cipher lists\n");
+        goto err;
+    }
+
+    if (!create_ssl_objects(sctx, cctx, &sssl, &cssl, NULL, NULL)) {
+        printf("Failed to create SSL objectx\n");
+        goto err;
+    }
+
+    wbio = SSL_get_wbio(cssl);
+    if (wbio == NULL) {
+        printf("Unexpected NULL bio received\n");
+        goto err;
+    }
+
+    if (create_ssl_connection(sssl, cssl)) {
+        printf("Unexpected success creating a connection\n");
+        goto err;
+    }
+
+    ERR_clear_error();
+
+    /* Inject a plaintext record from client to server */
+    if (BIO_write(wbio, dummyrec, sizeof(dummyrec)) <= 0) {
+        printf("Unexpected failure injecting dummy record\n");
+        goto err;
+    }
+
+    /* SSL_read()/SSL_write should fail because of a previous fatal error */
+    if ((len = SSL_read(sssl, buf, sizeof(buf) - 1)) > 0) {
+        buf[len] = '\0';
+        printf("Unexpected success reading data: %s\n", buf);
+        goto err;
+    }
+    if (SSL_write(sssl, msg, strlen(msg)) > 0) {
+        printf("Unexpected success writing data\n");
+        goto err;
+    }
+
+    ret = 0;
+ err:
+    SSL_free(sssl);
+    SSL_free(cssl);
+    SSL_CTX_free(sctx);
+    SSL_CTX_free(cctx);
+    ERR_print_errors_fp(stderr);
+
+    if (ret) {
+        printf("Fatal err test: FAILED\n");
+    }
+
+    ERR_free_strings();
+    ERR_remove_thread_state(NULL);
+    EVP_cleanup();
+    CRYPTO_cleanup_all_ex_data();
+    CRYPTO_mem_leaks(err);
+    BIO_free(err);
+
+    return ret;
+}
diff --git a/ssl/kssl.c b/ssl/kssl.c
index f2839bdc..18e5f1dc 100644
--- a/ssl/kssl.c
+++ b/ssl/kssl.c
@@ -4,7 +4,7 @@
  * 2000.
  */
 /* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 2000-2018 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -78,6 +78,7 @@
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include <openssl/krb5_asn.h>
+#include "o_time.h"
 #include "kssl_lcl.h"
 
 #ifndef OPENSSL_NO_KRB5
@@ -2026,6 +2027,8 @@ krb5_error_code kssl_check_authent(
     int outl, unencbufsize;
     struct tm tm_time, *tm_l, *tm_g;
     time_t now, tl, tg, tr, tz_offset;
+    struct tm gmt_result = {0};
+    struct tm lt_result = {0};
 
     EVP_CIPHER_CTX_init(&ciph_ctx);
     *atimep = 0;
@@ -2082,7 +2085,7 @@ krb5_error_code kssl_check_authent(
     }
 # endif
     enc = kssl_map_enc(enctype);
-    memset(iv, 0, sizeof iv);   /* per RFC 1510 */
+    memset(iv, 0, sizeof(iv));   /* per RFC 1510 */
 
     if (enc == NULL) {
         /*
@@ -2140,9 +2143,17 @@ krb5_error_code kssl_check_authent(
     if (k_gmtime(auth->ctime, &tm_time) &&
         ((tr = mktime(&tm_time)) != (time_t)(-1))) {
         now = time(&now);
+        tm_g = OPENSSL_gmtime(&now, &gmt_result);
+
+# if defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32) && \
+            !defined(OPENSSL_SYS_OS2) && !defined(OPENSSL_SYS_SUNOS) && \
+            (!defined(OPENSSL_SYS_VMS) || defined(localtime_r))
+        tm_l = localtime_r(&now, &lt_result);
+# else
         tm_l = localtime(&now);
+# endif
+
         tl = mktime(tm_l);
-        tm_g = gmtime(&now);
         tg = mktime(tm_g);
         tz_offset = tg - tl;
 
diff --git a/ssl/s23_clnt.c b/ssl/s23_clnt.c
index 6850dc0c..add8c991 100644
--- a/ssl/s23_clnt.c
+++ b/ssl/s23_clnt.c
@@ -204,7 +204,10 @@ int ssl23_connect(SSL *s)
                 goto end;
             }
 
-            ssl3_init_finished_mac(s);
+            if (!ssl3_init_finished_mac(s)) {
+                ret = -1;
+                goto end;
+            }
 
             s->state = SSL23_ST_CW_CLNT_HELLO_A;
             s->ctx->stats.sess_connect++;
@@ -732,7 +735,37 @@ static int ssl23_get_server_hello(SSL *s)
             s->version = TLS1_2_VERSION;
             s->method = TLSv1_2_client_method();
         } else {
+            /*
+             * Unrecognised version, we'll send a protocol version alert using
+             * our preferred version.
+             */
+            switch(s->client_version) {
+            default:
+                /*
+                 * Shouldn't happen
+                 * Fall through
+                 */
+            case TLS1_2_VERSION:
+                s->version = TLS1_2_VERSION;
+                s->method = TLSv1_2_client_method();
+                break;
+            case TLS1_1_VERSION:
+                s->version = TLS1_1_VERSION;
+                s->method = TLSv1_1_client_method();
+                break;
+            case TLS1_VERSION:
+                s->version = TLS1_VERSION;
+                s->method = TLSv1_client_method();
+                break;
+#ifndef OPENSSL_NO_SSL3
+            case SSL3_VERSION:
+                s->version = SSL3_VERSION;
+                s->method = SSLv3_client_method();
+                break;
+#endif
+            }
             SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
+            ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_PROTOCOL_VERSION);
             goto err;
         }
 
diff --git a/ssl/s23_srvr.c b/ssl/s23_srvr.c
index 470bd3d9..d2017e7c 100644
--- a/ssl/s23_srvr.c
+++ b/ssl/s23_srvr.c
@@ -195,7 +195,10 @@ int ssl23_accept(SSL *s)
                 s->init_buf = buf;
             }
 
-            ssl3_init_finished_mac(s);
+            if (!ssl3_init_finished_mac(s)) {
+                ret = -1;
+                goto end;
+            }
 
             s->state = SSL23_ST_SR_CLNT_HELLO_A;
             s->ctx->stats.sess_accept++;
@@ -265,8 +268,8 @@ int ssl23_get_client_hello(SSL *s)
         if (!ssl3_setup_buffers(s))
             goto err;
 
-        n = ssl23_read_bytes(s, sizeof buf_space);
-        if (n != sizeof buf_space)
+        n = ssl23_read_bytes(s, sizeof(buf_space));
+        if (n != sizeof(buf_space))
             return (n);         /* n == -1 || n == 0 */
 
         p = s->packet;
diff --git a/ssl/s2_clnt.c b/ssl/s2_clnt.c
index 20de1a82..3a8345ba 100644
--- a/ssl/s2_clnt.c
+++ b/ssl/s2_clnt.c
@@ -523,7 +523,7 @@ static int get_server_hello(SSL *s)
     }
 
     s->s2->conn_id_length = s->s2->tmp.conn_id_length;
-    if (s->s2->conn_id_length > sizeof s->s2->conn_id) {
+    if (s->s2->conn_id_length > sizeof(s->s2->conn_id)) {
         ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
         SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_SSL2_CONNECTION_ID_TOO_LONG);
         return -1;
@@ -708,7 +708,7 @@ static int client_finished(SSL *s)
     if (s->state == SSL2_ST_SEND_CLIENT_FINISHED_A) {
         p = (unsigned char *)s->init_buf->data;
         *(p++) = SSL2_MT_CLIENT_FINISHED;
-        if (s->s2->conn_id_length > sizeof s->s2->conn_id) {
+        if (s->s2->conn_id_length > sizeof(s->s2->conn_id)) {
             SSLerr(SSL_F_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR);
             return -1;
         }
@@ -981,7 +981,7 @@ static int get_server_finished(SSL *s)
     } else {
         if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG)) {
             if ((s->session->session_id_length >
-                 sizeof s->session->session_id)
+                 sizeof(s->session->session_id))
                 || (0 !=
                     memcmp(buf + 1, s->session->session_id,
                            (unsigned int)s->session->session_id_length))) {
diff --git a/ssl/s2_enc.c b/ssl/s2_enc.c
index 23eef72a..0115d206 100644
--- a/ssl/s2_enc.c
+++ b/ssl/s2_enc.c
@@ -99,7 +99,7 @@ int ssl2_enc_init(SSL *s, int client)
 
     num = c->key_len;
     s->s2->key_material_length = num * 2;
-    OPENSSL_assert(s->s2->key_material_length <= sizeof s->s2->key_material);
+    OPENSSL_assert(s->s2->key_material_length <= sizeof(s->s2->key_material));
 
     if (ssl2_generate_key_material(s) <= 0)
         return 0;
diff --git a/ssl/s2_lib.c b/ssl/s2_lib.c
index cc136030..f03fe69f 100644
--- a/ssl/s2_lib.c
+++ b/ssl/s2_lib.c
@@ -326,9 +326,9 @@ int ssl2_new(SSL *s)
 {
     SSL2_STATE *s2;
 
-    if ((s2 = OPENSSL_malloc(sizeof *s2)) == NULL)
+    if ((s2 = OPENSSL_malloc(sizeof(*s2))) == NULL)
         goto err;
-    memset(s2, 0, sizeof *s2);
+    memset(s2, 0, sizeof(*s2));
 
 # if SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER + 3 > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2
 #  error "assertion failed"
@@ -371,7 +371,7 @@ void ssl2_free(SSL *s)
         OPENSSL_free(s2->rbuf);
     if (s2->wbuf != NULL)
         OPENSSL_free(s2->wbuf);
-    OPENSSL_cleanse(s2, sizeof *s2);
+    OPENSSL_cleanse(s2, sizeof(*s2));
     OPENSSL_free(s2);
     s->s2 = NULL;
 }
@@ -386,7 +386,7 @@ void ssl2_clear(SSL *s)
     rbuf = s2->rbuf;
     wbuf = s2->wbuf;
 
-    memset(s2, 0, sizeof *s2);
+    memset(s2, 0, sizeof(*s2));
 
     s2->rbuf = rbuf;
     s2->wbuf = wbuf;
diff --git a/ssl/s2_srvr.c b/ssl/s2_srvr.c
index d3b243c2..c3016110 100644
--- a/ssl/s2_srvr.c
+++ b/ssl/s2_srvr.c
@@ -724,7 +724,7 @@ static int get_client_hello(SSL *s)
     p += s->s2->tmp.session_id_length;
 
     /* challenge */
-    if (s->s2->challenge_length > sizeof s->s2->challenge) {
+    if (s->s2->challenge_length > sizeof(s->s2->challenge)) {
         ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
         SSLerr(SSL_F_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
         return -1;
@@ -872,7 +872,7 @@ static int get_client_finished(SSL *s)
     }
 
     /* SSL2_ST_GET_CLIENT_FINISHED_B */
-    if (s->s2->conn_id_length > sizeof s->s2->conn_id) {
+    if (s->s2->conn_id_length > sizeof(s->s2->conn_id)) {
         ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
         SSLerr(SSL_F_GET_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR);
         return -1;
@@ -903,7 +903,7 @@ static int server_verify(SSL *s)
     if (s->state == SSL2_ST_SEND_SERVER_VERIFY_A) {
         p = (unsigned char *)s->init_buf->data;
         *(p++) = SSL2_MT_SERVER_VERIFY;
-        if (s->s2->challenge_length > sizeof s->s2->challenge) {
+        if (s->s2->challenge_length > sizeof(s->s2->challenge)) {
             SSLerr(SSL_F_SERVER_VERIFY, ERR_R_INTERNAL_ERROR);
             return -1;
         }
@@ -925,7 +925,7 @@ static int server_finish(SSL *s)
         p = (unsigned char *)s->init_buf->data;
         *(p++) = SSL2_MT_SERVER_FINISHED;
 
-        if (s->session->session_id_length > sizeof s->session->session_id) {
+        if (s->session->session_id_length > sizeof(s->session->session_id)) {
             SSLerr(SSL_F_SERVER_FINISH, ERR_R_INTERNAL_ERROR);
             return -1;
         }
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 32f2f1ae..bd0929d0 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -263,6 +263,7 @@ int ssl3_connect(SSL *s)
 
             if (!ssl3_setup_buffers(s)) {
                 ret = -1;
+                s->state = SSL_ST_ERR;
                 goto end;
             }
 
@@ -275,7 +276,11 @@ int ssl3_connect(SSL *s)
 
             /* don't push the buffering BIO quite yet */
 
-            ssl3_init_finished_mac(s);
+            if (!ssl3_init_finished_mac(s)) {
+                ret = -1;
+                s->state = SSL_ST_ERR;
+                goto end;
+            }
 
             s->state = SSL3_ST_CW_CLNT_HELLO_A;
             s->ctx->stats.sess_connect++;
@@ -979,7 +984,7 @@ int ssl3_get_server_hello(SSL *s)
     /* get the session-id */
     j = *(p++);
 
-    if ((j > sizeof s->session->session_id) || (j > SSL3_SESSION_ID_SIZE)) {
+    if ((j > sizeof(s->session->session_id)) || (j > SSL3_SESSION_ID_SIZE)) {
         al = SSL_AD_ILLEGAL_PARAMETER;
         SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_SSL3_SESSION_ID_TOO_LONG);
         goto f_err;
@@ -1864,6 +1869,7 @@ int ssl3_get_key_exchange(SSL *s)
             goto err;
         }
         if (EC_KEY_set_group(ecdh, ngroup) == 0) {
+            EC_GROUP_free(ngroup);
             SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_EC_LIB);
             goto err;
         }
@@ -2555,16 +2561,16 @@ int ssl3_send_client_key_exchange(SSL *s)
 
             tmp_buf[0] = s->client_version >> 8;
             tmp_buf[1] = s->client_version & 0xff;
-            if (RAND_bytes(&(tmp_buf[2]), sizeof tmp_buf - 2) <= 0)
+            if (RAND_bytes(&(tmp_buf[2]), sizeof(tmp_buf) - 2) <= 0)
                 goto err;
 
-            s->session->master_key_length = sizeof tmp_buf;
+            s->session->master_key_length = sizeof(tmp_buf);
 
             q = p;
             /* Fix buf for TLS and beyond */
             if (s->version > SSL3_VERSION)
                 p += 2;
-            n = RSA_public_encrypt(sizeof tmp_buf,
+            n = RSA_public_encrypt(sizeof(tmp_buf),
                                    tmp_buf, p, rsa, RSA_PKCS1_PADDING);
 # ifdef PKCS1_CHECK
             if (s->options & SSL_OP_PKCS1_CHECK_1)
@@ -2589,8 +2595,8 @@ int ssl3_send_client_key_exchange(SSL *s)
                                                             s->
                                                             session->master_key,
                                                             tmp_buf,
-                                                            sizeof tmp_buf);
-            OPENSSL_cleanse(tmp_buf, sizeof tmp_buf);
+                                                            sizeof(tmp_buf));
+            OPENSSL_cleanse(tmp_buf, sizeof(tmp_buf));
         }
 #endif
 #ifndef OPENSSL_NO_KRB5
@@ -2682,7 +2688,7 @@ int ssl3_send_client_key_exchange(SSL *s)
 
             tmp_buf[0] = s->client_version >> 8;
             tmp_buf[1] = s->client_version & 0xff;
-            if (RAND_bytes(&(tmp_buf[2]), sizeof tmp_buf - 2) <= 0)
+            if (RAND_bytes(&(tmp_buf[2]), sizeof(tmp_buf) - 2) <= 0)
                 goto err;
 
             /*-
@@ -2693,13 +2699,13 @@ int ssl3_send_client_key_exchange(SSL *s)
              *      EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv);
              */
 
-            memset(iv, 0, sizeof iv); /* per RFC 1510 */
+            memset(iv, 0, sizeof(iv)); /* per RFC 1510 */
             EVP_EncryptInit_ex(&ciph_ctx, enc, NULL, kssl_ctx->key, iv);
             EVP_EncryptUpdate(&ciph_ctx, epms, &outl, tmp_buf,
-                              sizeof tmp_buf);
+                              sizeof(tmp_buf));
             EVP_EncryptFinal_ex(&ciph_ctx, &(epms[outl]), &padl);
             outl += padl;
-            if (outl > (int)sizeof epms) {
+            if (outl > (int)sizeof(epms)) {
                 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
                        ERR_R_INTERNAL_ERROR);
                 goto err;
@@ -2717,9 +2723,9 @@ int ssl3_send_client_key_exchange(SSL *s)
                                                             s->
                                                             session->master_key,
                                                             tmp_buf,
-                                                            sizeof tmp_buf);
+                                                            sizeof(tmp_buf));
 
-            OPENSSL_cleanse(tmp_buf, sizeof tmp_buf);
+            OPENSSL_cleanse(tmp_buf, sizeof(tmp_buf));
             OPENSSL_cleanse(epms, outl);
         }
 #endif
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
index fbc954d4..1eee9d9b 100644
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -177,32 +177,34 @@ static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num)
     EVP_MD_CTX_init(&s1);
     for (i = 0; (int)i < num; i += MD5_DIGEST_LENGTH) {
         k++;
-        if (k > sizeof buf) {
+        if (k > sizeof(buf))
             /* bug: 'buf' is too small for this ciphersuite */
-            SSLerr(SSL_F_SSL3_GENERATE_KEY_BLOCK, ERR_R_INTERNAL_ERROR);
-            return 0;
-        }
+            goto err;
 
         for (j = 0; j < k; j++)
             buf[j] = c;
         c++;
-        EVP_DigestInit_ex(&s1, EVP_sha1(), NULL);
-        EVP_DigestUpdate(&s1, buf, k);
-        EVP_DigestUpdate(&s1, s->session->master_key,
-                         s->session->master_key_length);
-        EVP_DigestUpdate(&s1, s->s3->server_random, SSL3_RANDOM_SIZE);
-        EVP_DigestUpdate(&s1, s->s3->client_random, SSL3_RANDOM_SIZE);
-        EVP_DigestFinal_ex(&s1, smd, NULL);
+        if (!EVP_DigestInit_ex(&s1, EVP_sha1(), NULL) ||
+            !EVP_DigestUpdate(&s1, buf, k) ||
+            !EVP_DigestUpdate(&s1, s->session->master_key,
+                              s->session->master_key_length) ||
+            !EVP_DigestUpdate(&s1, s->s3->server_random, SSL3_RANDOM_SIZE) ||
+            !EVP_DigestUpdate(&s1, s->s3->client_random, SSL3_RANDOM_SIZE) ||
+            !EVP_DigestFinal_ex(&s1, smd, NULL))
+            goto err2;
 
-        EVP_DigestInit_ex(&m5, EVP_md5(), NULL);
-        EVP_DigestUpdate(&m5, s->session->master_key,
-                         s->session->master_key_length);
-        EVP_DigestUpdate(&m5, smd, SHA_DIGEST_LENGTH);
+        if (!EVP_DigestInit_ex(&m5, EVP_md5(), NULL) ||
+            !EVP_DigestUpdate(&m5, s->session->master_key,
+                              s->session->master_key_length) ||
+            !EVP_DigestUpdate(&m5, smd, SHA_DIGEST_LENGTH))
+            goto err2;
         if ((int)(i + MD5_DIGEST_LENGTH) > num) {
-            EVP_DigestFinal_ex(&m5, smd, NULL);
+            if (!EVP_DigestFinal_ex(&m5, smd, NULL))
+                goto err2;
             memcpy(km, smd, (num - i));
         } else
-            EVP_DigestFinal_ex(&m5, km, NULL);
+            if (!EVP_DigestFinal_ex(&m5, km, NULL))
+                goto err2;
 
         km += MD5_DIGEST_LENGTH;
     }
@@ -210,6 +212,12 @@ static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num)
     EVP_MD_CTX_cleanup(&m5);
     EVP_MD_CTX_cleanup(&s1);
     return 1;
+ err:
+    SSLerr(SSL_F_SSL3_GENERATE_KEY_BLOCK, ERR_R_INTERNAL_ERROR);
+ err2:
+    EVP_MD_CTX_cleanup(&m5);
+    EVP_MD_CTX_cleanup(&s1);
+    return 0;
 }
 
 int ssl3_change_cipher_state(SSL *s, int which)
@@ -360,25 +368,33 @@ int ssl3_change_cipher_state(SSL *s, int which)
          * In here I set both the read and write key/iv to the same value
          * since only the correct one will be used :-).
          */
-        EVP_DigestInit_ex(&md, EVP_md5(), NULL);
-        EVP_DigestUpdate(&md, key, j);
-        EVP_DigestUpdate(&md, er1, SSL3_RANDOM_SIZE);
-        EVP_DigestUpdate(&md, er2, SSL3_RANDOM_SIZE);
-        EVP_DigestFinal_ex(&md, &(exp_key[0]), NULL);
+        if (!EVP_DigestInit_ex(&md, EVP_md5(), NULL) ||
+            !EVP_DigestUpdate(&md, key, j) ||
+            !EVP_DigestUpdate(&md, er1, SSL3_RANDOM_SIZE) ||
+            !EVP_DigestUpdate(&md, er2, SSL3_RANDOM_SIZE) ||
+            !EVP_DigestFinal_ex(&md, &(exp_key[0]), NULL)) {
+            EVP_MD_CTX_cleanup(&md);
+            goto err2;
+        }
         key = &(exp_key[0]);
 
         if (k > 0) {
-            EVP_DigestInit_ex(&md, EVP_md5(), NULL);
-            EVP_DigestUpdate(&md, er1, SSL3_RANDOM_SIZE);
-            EVP_DigestUpdate(&md, er2, SSL3_RANDOM_SIZE);
-            EVP_DigestFinal_ex(&md, &(exp_iv[0]), NULL);
+            if (!EVP_DigestInit_ex(&md, EVP_md5(), NULL) ||
+                !EVP_DigestUpdate(&md, er1, SSL3_RANDOM_SIZE) ||
+                !EVP_DigestUpdate(&md, er2, SSL3_RANDOM_SIZE) ||
+                !EVP_DigestFinal_ex(&md, &(exp_iv[0]), NULL)) {
+                EVP_MD_CTX_cleanup(&md);
+                goto err2;
+            }
             iv = &(exp_iv[0]);
         }
     }
+    EVP_MD_CTX_cleanup(&md);
 
     s->session->key_arg_length = 0;
 
-    EVP_CipherInit_ex(dd, c, NULL, key, iv, (which & SSL3_CC_WRITE));
+    if (!EVP_CipherInit_ex(dd, c, NULL, key, iv, (which & SSL3_CC_WRITE)))
+        goto err2;
 
 #ifdef OPENSSL_SSL_TRACE_CRYPTO
     if (s->msg_callback) {
@@ -399,7 +415,6 @@ int ssl3_change_cipher_state(SSL *s, int which)
 
     OPENSSL_cleanse(&(exp_key[0]), sizeof(exp_key));
     OPENSSL_cleanse(&(exp_iv[0]), sizeof(exp_iv));
-    EVP_MD_CTX_cleanup(&md);
     return (1);
  err:
     SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE, ERR_R_MALLOC_FAILURE);
@@ -555,17 +570,20 @@ int ssl3_enc(SSL *s, int send)
         if ((bs != 1) && !send)
             return ssl3_cbc_remove_padding(s, rec, bs, mac_size);
     }
-    return (1);
+    return 1;
 }
 
-void ssl3_init_finished_mac(SSL *s)
+int ssl3_init_finished_mac(SSL *s)
 {
     if (s->s3->handshake_buffer)
         BIO_free(s->s3->handshake_buffer);
     if (s->s3->handshake_dgst)
         ssl3_free_digest_list(s);
     s->s3->handshake_buffer = BIO_new(BIO_s_mem());
+    if (s->s3->handshake_buffer == NULL)
+        return 0;
     (void)BIO_set_close(s->s3->handshake_buffer, BIO_CLOSE);
+    return 1;
 }
 
 void ssl3_free_digest_list(SSL *s)
@@ -622,6 +640,10 @@ int ssl3_digest_cached_records(SSL *s)
     for (i = 0; ssl_get_handshake_digest(i, &mask, &md); i++) {
         if ((mask & ssl_get_algorithm2(s)) && md) {
             s->s3->handshake_dgst[i] = EVP_MD_CTX_create();
+            if (s->s3->handshake_dgst[i] == NULL) {
+                SSLerr(SSL_F_SSL3_DIGEST_CACHED_RECORDS, ERR_R_MALLOC_FAILURE);
+                return 0;
+            }
 #ifdef OPENSSL_FIPS
             if (EVP_MD_nid(md) == NID_md5) {
                 EVP_MD_CTX_set_flags(s->s3->handshake_dgst[i],
@@ -903,7 +925,7 @@ int ssl3_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
                         s, s->msg_callback_arg);
     }
 #endif
-    OPENSSL_cleanse(buf, sizeof buf);
+    OPENSSL_cleanse(buf, sizeof(buf));
     return (ret);
 }
 
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 0385e039..7e27dae3 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3018,9 +3018,9 @@ int ssl3_new(SSL *s)
 {
     SSL3_STATE *s3;
 
-    if ((s3 = OPENSSL_malloc(sizeof *s3)) == NULL)
+    if ((s3 = OPENSSL_malloc(sizeof(*s3))) == NULL)
         goto err;
-    memset(s3, 0, sizeof *s3);
+    memset(s3, 0, sizeof(*s3));
     memset(s3->rrec.seq_num, 0, sizeof(s3->rrec.seq_num));
     memset(s3->wrec.seq_num, 0, sizeof(s3->wrec.seq_num));
 
@@ -3078,7 +3078,7 @@ void ssl3_free(SSL *s)
 #ifndef OPENSSL_NO_SRP
     SSL_SRP_CTX_free(s);
 #endif
-    OPENSSL_cleanse(s->s3, sizeof *s->s3);
+    OPENSSL_cleanse(s->s3, sizeof(*s->s3));
     OPENSSL_free(s->s3);
     s->s3 = NULL;
 }
@@ -3142,7 +3142,7 @@ void ssl3_clear(SSL *s)
         s->s3->alpn_selected = NULL;
     }
 #endif
-    memset(s->s3, 0, sizeof *s->s3);
+    memset(s->s3, 0, sizeof(*s->s3));
     s->s3->rbuf.buf = rp;
     s->s3->wbuf.buf = wp;
     s->s3->rbuf.len = rlen;
@@ -4237,7 +4237,7 @@ int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
         return (int)s->cert->ctype_num;
     }
     /* get configured sigalgs */
-    siglen = tls12_get_psigalgs(s, &sig);
+    siglen = tls12_get_psigalgs(s, 1, &sig);
     if (s->cert->cert_flags & SSL_CERT_FLAGS_CHECK_TLS_STRICT)
         nostrict = 0;
     for (i = 0; i < siglen; i += 2, sig += 2) {
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index 6ece87d0..6527df8c 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2018 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -670,7 +670,7 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len)
      * promptly send beyond the end of the users buffer ... so we trap and
      * report the error in a way the user will notice
      */
-    if (len < tot) {
+    if ((len < tot) || ((wb->left != 0) && (len < (tot + s->s3->wpend_tot)))) {
         SSLerr(SSL_F_SSL3_WRITE_BYTES, SSL_R_BAD_LENGTH);
         return (-1);
     }
@@ -699,6 +699,7 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len)
         len >= 4 * (int)(max_send_fragment = s->max_send_fragment) &&
         s->compress == NULL && s->msg_callback == NULL &&
         SSL_USE_EXPLICIT_IV(s) &&
+        s->enc_write_ctx != NULL &&
         EVP_CIPHER_flags(s->enc_write_ctx->cipher) &
         EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK) {
         unsigned char aad[13];
@@ -1095,10 +1096,9 @@ int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
     int i;
     SSL3_BUFFER *wb = &(s->s3->wbuf);
 
-/* XXXX */
     if ((s->s3->wpend_tot > (int)len)
-        || ((s->s3->wpend_buf != buf) &&
-            !(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER))
+        || (!(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER)
+            && (s->s3->wpend_buf != buf))
         || (s->s3->wpend_type != type)) {
         SSLerr(SSL_F_SSL3_WRITE_PENDING, SSL_R_BAD_WRITE_RETRY);
         return (-1);
@@ -1313,20 +1313,26 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
         unsigned int *dest_len = NULL;
 
         if (rr->type == SSL3_RT_HANDSHAKE) {
-            dest_maxlen = sizeof s->s3->handshake_fragment;
+            dest_maxlen = sizeof(s->s3->handshake_fragment);
             dest = s->s3->handshake_fragment;
             dest_len = &s->s3->handshake_fragment_len;
         } else if (rr->type == SSL3_RT_ALERT) {
-            dest_maxlen = sizeof s->s3->alert_fragment;
+            dest_maxlen = sizeof(s->s3->alert_fragment);
             dest = s->s3->alert_fragment;
             dest_len = &s->s3->alert_fragment_len;
         }
 #ifndef OPENSSL_NO_HEARTBEATS
         else if (rr->type == TLS1_RT_HEARTBEAT) {
-            tls1_process_heartbeat(s);
+            i = tls1_process_heartbeat(s);
+
+            if (i < 0)
+                return i;
+
+            rr->length = 0;
+            if (s->mode & SSL_MODE_AUTO_RETRY)
+                goto start;
 
             /* Exit and notify application to read again */
-            rr->length = 0;
             s->rwstate = SSL_READING;
             BIO_clear_retry_flags(SSL_get_rbio(s));
             BIO_set_retry_read(SSL_get_rbio(s));
@@ -1414,26 +1420,25 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
          */
         goto start;
     }
+
     /*
      * If we are a server and get a client hello when renegotiation isn't
-     * allowed send back a no renegotiation alert and carry on. WARNING:
-     * experimental code, needs reviewing (steve)
+     * allowed send back a no renegotiation alert and carry on.
      */
-    if (s->server &&
-        SSL_is_init_finished(s) &&
-        !s->s3->send_connection_binding &&
-        (s->version > SSL3_VERSION) &&
-        (s->s3->handshake_fragment_len >= 4) &&
-        (s->s3->handshake_fragment[0] == SSL3_MT_CLIENT_HELLO) &&
-        (s->session != NULL) && (s->session->cipher != NULL) &&
-        !(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)) {
-        /*
-         * s->s3->handshake_fragment_len = 0;
-         */
+    if (s->server
+            && SSL_is_init_finished(s)
+            && !s->s3->send_connection_binding
+            && s->version > SSL3_VERSION
+            && s->s3->handshake_fragment_len >= SSL3_HM_HEADER_LENGTH
+            && s->s3->handshake_fragment[0] == SSL3_MT_CLIENT_HELLO
+            && s->s3->previous_client_finished_len != 0
+            && (s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION) == 0) {
+        s->s3->handshake_fragment_len = 0;
         rr->length = 0;
         ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_NO_RENEGOTIATION);
         goto start;
     }
+
     if (s->s3->alert_fragment_len >= 2) {
         int alert_level = s->s3->alert_fragment[0];
         int alert_descr = s->s3->alert_fragment[1];
@@ -1491,7 +1496,7 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
             s->rwstate = SSL_NOTHING;
             s->s3->fatal_alert = alert_descr;
             SSLerr(SSL_F_SSL3_READ_BYTES, SSL_AD_REASON_OFFSET + alert_descr);
-            BIO_snprintf(tmp, sizeof tmp, "%d", alert_descr);
+            BIO_snprintf(tmp, sizeof(tmp), "%d", alert_descr);
             ERR_add_error_data(2, "SSL alert number ", tmp);
             s->shutdown |= SSL_RECEIVED_SHUTDOWN;
             SSL_CTX_remove_session(s->session_ctx, s->session);
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index ea56f9ca..96d973cd 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -311,7 +311,12 @@ int ssl3_accept(SSL *s)
                     goto end;
                 }
 
-                ssl3_init_finished_mac(s);
+                if (!ssl3_init_finished_mac(s)) {
+                    ret = -1;
+                    s->state = SSL_ST_ERR;
+                    goto end;
+                }
+
                 s->state = SSL3_ST_SR_CLNT_HELLO_A;
                 s->ctx->stats.sess_accept++;
             } else if (!s->s3->send_connection_binding &&
@@ -348,7 +353,11 @@ int ssl3_accept(SSL *s)
             s->state = SSL3_ST_SW_FLUSH;
             s->init_num = 0;
 
-            ssl3_init_finished_mac(s);
+            if (!ssl3_init_finished_mac(s)) {
+                ret = -1;
+                s->state = SSL_ST_ERR;
+                goto end;
+            }
             break;
 
         case SSL3_ST_SW_HELLO_REQ_C:
@@ -1704,6 +1713,12 @@ int ssl3_send_server_key_exchange(SSL *s)
         if (type & SSL_kEECDH) {
             const EC_GROUP *group;
 
+            if (s->s3->tmp.ecdh != NULL) {
+                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
+                       ERR_R_INTERNAL_ERROR);
+                goto err;
+            }
+
             ecdhp = cert->ecdh_tmp;
             if (s->cert->ecdh_tmp_auto) {
                 /* Get NID of appropriate shared curve */
@@ -1724,17 +1739,7 @@ int ssl3_send_server_key_exchange(SSL *s)
                 goto f_err;
             }
 
-            if (s->s3->tmp.ecdh != NULL) {
-                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-                       ERR_R_INTERNAL_ERROR);
-                goto err;
-            }
-
             /* Duplicate the ECDH structure. */
-            if (ecdhp == NULL) {
-                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_ECDH_LIB);
-                goto err;
-            }
             if (s->cert->ecdh_tmp_auto)
                 ecdh = ecdhp;
             else if ((ecdh = EC_KEY_dup(ecdhp)) == NULL) {
@@ -2084,7 +2089,7 @@ int ssl3_send_certificate_request(SSL *s)
 
         if (SSL_USE_SIGALGS(s)) {
             const unsigned char *psigs;
-            nl = tls12_get_psigalgs(s, &psigs);
+            nl = tls12_get_psigalgs(s, 1, &psigs);
             s2n(nl, p);
             memcpy(p, psigs, nl);
             p += nl;
@@ -2197,7 +2202,7 @@ int ssl3_get_client_key_exchange(SSL *s)
         unsigned char rand_premaster_secret[SSL_MAX_MASTER_KEY_LENGTH];
         int decrypt_len;
         unsigned char decrypt_good, version_good;
-        size_t j;
+        size_t j, padding_len;
 
         /* FIX THIS UP EAY EAY EAY EAY */
         if (s->s3->tmp.use_rsa_tmp) {
@@ -2265,16 +2270,38 @@ int ssl3_get_client_key_exchange(SSL *s)
         if (RAND_bytes(rand_premaster_secret,
                        sizeof(rand_premaster_secret)) <= 0)
             goto err;
-        decrypt_len =
-            RSA_private_decrypt((int)n, p, p, rsa, RSA_PKCS1_PADDING);
-        ERR_clear_error();
 
         /*
-         * decrypt_len should be SSL_MAX_MASTER_KEY_LENGTH. decrypt_good will
-         * be 0xff if so and zero otherwise.
+         * Decrypt with no padding. PKCS#1 padding will be removed as part of
+         * the timing-sensitive code below.
          */
-        decrypt_good =
-            constant_time_eq_int_8(decrypt_len, SSL_MAX_MASTER_KEY_LENGTH);
+        decrypt_len =
+            RSA_private_decrypt((int)n, p, p, rsa, RSA_NO_PADDING);
+        if (decrypt_len < 0)
+            goto err;
+
+        /* Check the padding. See RFC 3447, section 7.2.2. */
+
+        /*
+         * The smallest padded premaster is 11 bytes of overhead. Small keys
+         * are publicly invalid, so this may return immediately. This ensures
+         * PS is at least 8 bytes.
+         */
+        if (decrypt_len < 11 + SSL_MAX_MASTER_KEY_LENGTH) {
+            al = SSL_AD_DECRYPT_ERROR;
+            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                   SSL_R_DECRYPTION_FAILED);
+            goto f_err;
+        }
+
+        padding_len = decrypt_len - SSL_MAX_MASTER_KEY_LENGTH;
+        decrypt_good = constant_time_eq_int_8(p[0], 0) &
+                       constant_time_eq_int_8(p[1], 2);
+        for (j = 2; j < padding_len - 1; j++) {
+            decrypt_good &= ~constant_time_is_zero_8(p[j]);
+        }
+        decrypt_good &= constant_time_is_zero_8(p[padding_len - 1]);
+        p += padding_len;
 
         /*
          * If the version in the decrypted pre-master secret is correct then
@@ -2483,7 +2510,7 @@ int ssl3_get_client_key_exchange(SSL *s)
         /*
          * Note that the length is checked again below, ** after decryption
          */
-        if (enc_pms.length > sizeof pms) {
+        if (enc_pms.length > sizeof(pms)) {
             SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
                    SSL_R_DATA_LENGTH_TOO_LONG);
             goto err;
@@ -2536,7 +2563,7 @@ int ssl3_get_client_key_exchange(SSL *s)
         if (enc == NULL)
             goto err;
 
-        memset(iv, 0, sizeof iv); /* per RFC 1510 */
+        memset(iv, 0, sizeof(iv)); /* per RFC 1510 */
 
         if (!EVP_DecryptInit_ex(&ciph_ctx, enc, NULL, kssl_ctx->key, iv)) {
             SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
@@ -3018,6 +3045,11 @@ int ssl3_get_cert_verify(SSL *s)
 
     peer = s->session->peer;
     pkey = X509_get_pubkey(peer);
+    if (pkey == NULL) {
+        al = SSL_AD_INTERNAL_ERROR;
+        goto f_err;
+    }
+
     type = X509_certificate_type(peer, pkey);
 
     if (!(type & EVP_PKT_SIGN)) {
@@ -3154,7 +3186,9 @@ int ssl3_get_cert_verify(SSL *s)
             goto f_err;
         }
         if (i != 64) {
+#ifdef SSL_DEBUG
             fprintf(stderr, "GOST signature length is %d", i);
+#endif
         }
         for (idx = 0; idx < 64; idx++) {
             signature[63 - idx] = p[idx];
@@ -3463,8 +3497,22 @@ int ssl3_send_newsession_ticket(SSL *s)
          * all the work otherwise use generated values from parent ctx.
          */
         if (tctx->tlsext_ticket_key_cb) {
-            if (tctx->tlsext_ticket_key_cb(s, key_name, iv, &ctx,
-                                           &hctx, 1) < 0)
+            /* if 0 is returned, write en empty ticket */
+            int ret = tctx->tlsext_ticket_key_cb(s, key_name, iv, &ctx,
+                                                 &hctx, 1);
+
+            if (ret == 0) {
+                l2n(0, p); /* timeout */
+                s2n(0, p); /* length */
+                ssl_set_handshake_header(s, SSL3_MT_NEWSESSION_TICKET,
+                                         p - ssl_handshake_start(s));
+                s->state = SSL3_ST_SW_SESSION_TICKET_B;
+                OPENSSL_free(senc);
+                EVP_CIPHER_CTX_cleanup(&ctx);
+                HMAC_CTX_cleanup(&hctx);
+                return ssl_do_write(s);
+            }
+            if (ret < 0)
                 goto err;
         } else {
             if (RAND_bytes(iv, 16) <= 0)
diff --git a/ssl/ssl.h b/ssl/ssl.h
index 90aeb0ce..3cf96a23 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -1727,7 +1727,7 @@ extern "C" {
 # define SSL_ST_BEFORE                   0x4000
 # define SSL_ST_OK                       0x03
 # define SSL_ST_RENEGOTIATE              (0x04|SSL_ST_INIT)
-# define SSL_ST_ERR                      0x05
+# define SSL_ST_ERR                      (0x05|SSL_ST_INIT)
 
 # define SSL_CB_LOOP                     0x01
 # define SSL_CB_EXIT                     0x02
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index 1be6fb00..363d2b2d 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -412,6 +412,7 @@ CERT *ssl_cert_dup(CERT *cert)
 #endif
 
     ssl_cert_clear_certs(ret);
+    OPENSSL_free(ret);
 
     return NULL;
 }
@@ -635,13 +636,13 @@ SESS_CERT *ssl_sess_cert_new(void)
 {
     SESS_CERT *ret;
 
-    ret = OPENSSL_malloc(sizeof *ret);
+    ret = OPENSSL_malloc(sizeof(*ret));
     if (ret == NULL) {
         SSLerr(SSL_F_SSL_SESS_CERT_NEW, ERR_R_MALLOC_FAILURE);
         return NULL;
     }
 
-    memset(ret, 0, sizeof *ret);
+    memset(ret, 0, sizeof(*ret));
     ret->peer_key = &(ret->peer_pkeys[SSL_PKEY_RSA_ENC]);
     ret->references = 1;
 
@@ -1017,15 +1018,15 @@ int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
         char buf[1024];
         int r;
 
-        if (strlen(dir) + strlen(filename) + 2 > sizeof buf) {
+        if (strlen(dir) + strlen(filename) + 2 > sizeof(buf)) {
             SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,
                    SSL_R_PATH_TOO_LONG);
             goto err;
         }
 #ifdef OPENSSL_SYS_VMS
-        r = BIO_snprintf(buf, sizeof buf, "%s%s", dir, filename);
+        r = BIO_snprintf(buf, sizeof(buf), "%s%s", dir, filename);
 #else
-        r = BIO_snprintf(buf, sizeof buf, "%s/%s", dir, filename);
+        r = BIO_snprintf(buf, sizeof(buf), "%s/%s", dir, filename);
 #endif
         if (r <= 0 || r >= (int)sizeof(buf))
             goto err;
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index 2ad8f439..ccdf00fa 100644
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -1205,7 +1205,7 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
                    ((ch >= '0') && (ch <= '9')) ||
                    ((ch >= 'a') && (ch <= 'z')) || (ch == '-') || (ch == '.'))
 #else
-            while (isalnum(ch) || (ch == '-') || (ch == '.'))
+            while (isalnum((unsigned char)ch) || (ch == '-') || (ch == '.'))
 #endif
             {
                 ch = *(++l);
@@ -2001,7 +2001,7 @@ int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm)
     if (id < 193 || id > 255) {
         SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,
                SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE);
-        return 0;
+        return 1;
     }
 
     MemCheck_off();
@@ -2013,6 +2013,7 @@ int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm)
     }
     comp->id = id;
     comp->method = cm;
+    comp->name = cm->name;
     load_builtin_compressions();
     if (ssl_comp_methods && sk_SSL_COMP_find(ssl_comp_methods, comp) >= 0) {
         OPENSSL_free(comp);
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index f8054dae..3a6c1b14 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -343,7 +343,7 @@ SSL *SSL_new(SSL_CTX *ctx)
     s->verify_depth = ctx->verify_depth;
 #endif
     s->sid_ctx_length = ctx->sid_ctx_length;
-    OPENSSL_assert(s->sid_ctx_length <= sizeof s->sid_ctx);
+    OPENSSL_assert(s->sid_ctx_length <= sizeof(s->sid_ctx));
     memcpy(&s->sid_ctx, &ctx->sid_ctx, sizeof(s->sid_ctx));
     s->verify_callback = ctx->default_verify_callback;
     s->generate_session_id = ctx->generate_session_id;
@@ -437,7 +437,7 @@ SSL *SSL_new(SSL_CTX *ctx)
 int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
                                    unsigned int sid_ctx_len)
 {
-    if (sid_ctx_len > sizeof ctx->sid_ctx) {
+    if (sid_ctx_len > sizeof(ctx->sid_ctx)) {
         SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,
                SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
         return 0;
@@ -490,7 +490,7 @@ int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
      */
     SSL_SESSION r, *p;
 
-    if (id_len > sizeof r.session_id)
+    if (id_len > sizeof(r.session_id))
         return 0;
 
     r.ssl_version = ssl->version;
@@ -1825,26 +1825,34 @@ void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
 
 int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
                                const char *label, size_t llen,
-                               const unsigned char *p, size_t plen,
+                               const unsigned char *context, size_t contextlen,
                                int use_context)
 {
     if (s->version < TLS1_VERSION && s->version != DTLS1_BAD_VER)
         return -1;
 
     return s->method->ssl3_enc->export_keying_material(s, out, olen, label,
-                                                       llen, p, plen,
-                                                       use_context);
+                                                       llen, context,
+                                                       contextlen, use_context);
 }
 
 static unsigned long ssl_session_hash(const SSL_SESSION *a)
 {
+    const unsigned char *session_id = a->session_id;
     unsigned long l;
+    unsigned char tmp_storage[4];
+
+    if (a->session_id_length < sizeof(tmp_storage)) {
+        memset(tmp_storage, 0, sizeof(tmp_storage));
+        memcpy(tmp_storage, a->session_id, a->session_id_length);
+        session_id = tmp_storage;
+    }
 
     l = (unsigned long)
-        ((unsigned int)a->session_id[0]) |
-        ((unsigned int)a->session_id[1] << 8L) |
-        ((unsigned long)a->session_id[2] << 16L) |
-        ((unsigned long)a->session_id[3] << 24L);
+        ((unsigned long)session_id[0]) |
+        ((unsigned long)session_id[1] << 8L) |
+        ((unsigned long)session_id[2] << 16L) |
+        ((unsigned long)session_id[3] << 24L);
     return (l);
 }
 
@@ -3172,6 +3180,7 @@ SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx)
 #endif
     ssl->cert = ssl_cert_dup(ctx->cert);
     if (ocert) {
+        int i;
         /* Preserve any already negotiated parameters */
         if (ssl->server) {
             ssl->cert->peer_sigalgs = ocert->peer_sigalgs;
@@ -3181,11 +3190,17 @@ SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx)
             ssl->cert->ciphers_rawlen = ocert->ciphers_rawlen;
             ocert->ciphers_raw = NULL;
         }
+        for (i = 0; i < SSL_PKEY_NUM; i++) {
+            ssl->cert->pkeys[i].digest = ocert->pkeys[i].digest;
+        }
 #ifndef OPENSSL_NO_TLSEXT
         ssl->cert->alpn_proposed = ocert->alpn_proposed;
         ssl->cert->alpn_proposed_len = ocert->alpn_proposed_len;
         ocert->alpn_proposed = NULL;
         ssl->cert->alpn_sent = ocert->alpn_sent;
+
+        if (!custom_exts_copy_flags(&ssl->cert->srv_ext, &ocert->srv_ext))
+            return NULL;
 #endif
         ssl_cert_free(ocert);
     }
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index d50edd18..aeffc006 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -1158,7 +1158,7 @@ long ssl2_default_timeout(void);
 
 const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p);
 int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
-void ssl3_init_finished_mac(SSL *s);
+int ssl3_init_finished_mac(SSL *s);
 int ssl3_send_server_certificate(SSL *s);
 int ssl3_send_newsession_ticket(SSL *s);
 int ssl3_send_cert_status(SSL *s);
@@ -1430,7 +1430,7 @@ int ssl_parse_clienthello_renegotiate_ext(SSL *s, unsigned char *d, int len,
 long ssl_get_algorithm2(SSL *s);
 int tls1_save_sigalgs(SSL *s, const unsigned char *data, int dsize);
 int tls1_process_sigalgs(SSL *s);
-size_t tls12_get_psigalgs(SSL *s, const unsigned char **psigs);
+size_t tls12_get_psigalgs(SSL *s, int sent, const unsigned char **psigs);
 int tls12_check_peer_sigalg(const EVP_MD **pmd, SSL *s,
                             const unsigned char *sig, EVP_PKEY *pkey);
 void ssl_set_client_disabled(SSL *s);
@@ -1482,6 +1482,8 @@ int custom_ext_add(SSL *s, int server,
                    unsigned char **pret, unsigned char *limit, int *al);
 
 int custom_exts_copy(custom_ext_methods *dst, const custom_ext_methods *src);
+int custom_exts_copy_flags(custom_ext_methods *dst,
+                           const custom_ext_methods *src);
 void custom_exts_free(custom_ext_methods *exts);
 
 # else
diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c
index f679801a..af03d45c 100644
--- a/ssl/ssl_rsa.c
+++ b/ssl/ssl_rsa.c
@@ -964,6 +964,7 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file)
     int ret = 0;
     BIO *bin = NULL;
     size_t num_extensions = 0;
+    unsigned char *new_serverinfo;
 
     if (ctx == NULL || file == NULL) {
         SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE,
@@ -1014,12 +1015,13 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file)
             goto end;
         }
         /* Append the decoded extension to the serverinfo buffer */
-        serverinfo =
+        new_serverinfo =
             OPENSSL_realloc(serverinfo, serverinfo_length + extension_length);
-        if (serverinfo == NULL) {
+        if (new_serverinfo == NULL) {
             SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_MALLOC_FAILURE);
             goto end;
         }
+        serverinfo = new_serverinfo;
         memcpy(serverinfo + serverinfo_length, extension, extension_length);
         serverinfo_length += extension_length;
 
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index c3369a44..6a5ad537 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -261,7 +261,6 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket)
 #ifndef OPENSSL_NO_SRP
     dest->srp_username = NULL;
 #endif
-    memset(&dest->ex_data, 0, sizeof(dest->ex_data));
 
     /* We deliberately don't copy the prev and next pointers */
     dest->prev = NULL;
@@ -275,6 +274,9 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket)
     if (src->peer != NULL)
         CRYPTO_add(&src->peer->references, 1, CRYPTO_LOCK_X509);
 
+    if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, dest, &dest->ex_data))
+        goto err;
+
 #ifndef OPENSSL_NO_PSK
     if (src->psk_identity_hint) {
         dest->psk_identity_hint = BUF_strdup(src->psk_identity_hint);
@@ -325,7 +327,7 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket)
     }
 # endif
 
-    if (ticket != 0) {
+    if (ticket != 0 && src->tlsext_tick != NULL) {
         dest->tlsext_tick = BUF_memdup(src->tlsext_tick, src->tlsext_ticklen);
         if(dest->tlsext_tick == NULL)
             goto err;
@@ -527,7 +529,7 @@ int ssl_get_new_session(SSL *s, int session)
         ss->session_id_length = 0;
     }
 
-    if (s->sid_ctx_length > sizeof ss->sid_ctx) {
+    if (s->sid_ctx_length > sizeof(ss->sid_ctx)) {
         SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_INTERNAL_ERROR);
         SSL_SESSION_free(ss);
         return 0;
@@ -868,9 +870,9 @@ void SSL_SESSION_free(SSL_SESSION *ss)
 
     CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
 
-    OPENSSL_cleanse(ss->key_arg, sizeof ss->key_arg);
-    OPENSSL_cleanse(ss->master_key, sizeof ss->master_key);
-    OPENSSL_cleanse(ss->session_id, sizeof ss->session_id);
+    OPENSSL_cleanse(ss->key_arg, sizeof(ss->key_arg));
+    OPENSSL_cleanse(ss->master_key, sizeof(ss->master_key));
+    OPENSSL_cleanse(ss->session_id, sizeof(ss->session_id));
     if (ss->sess_cert != NULL)
         ssl_sess_cert_free(ss->sess_cert);
     if (ss->peer != NULL)
@@ -1006,7 +1008,8 @@ int SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
         return 0;
     }
     s->sid_ctx_length = sid_ctx_len;
-    memcpy(s->sid_ctx, sid_ctx, sid_ctx_len);
+    if (s->sid_ctx != sid_ctx)
+        memcpy(s->sid_ctx, sid_ctx, sid_ctx_len);
 
     return 1;
 }
diff --git a/ssl/ssltest.c b/ssl/ssltest.c
index 890e4768..b861e495 100644
--- a/ssl/ssltest.c
+++ b/ssl/ssltest.c
@@ -311,6 +311,13 @@ static const char *sn_client;
 static const char *sn_server1;
 static const char *sn_server2;
 static int sn_expect = 0;
+static int s_ticket1 = 0;
+static int s_ticket2 = 0;
+static int c_ticket = 0;
+static int ticket_expect = -1;
+static int sni_in_cert_cb = 0;
+static const char *client_sigalgs = NULL;
+static const char *server_digest_expect = NULL;
 
 static int servername_cb(SSL *s, int *ad, void *arg)
 {
@@ -325,6 +332,9 @@ static int servername_cb(SSL *s, int *ad, void *arg)
             !strcasecmp(servername, sn_server2)) {
             BIO_printf(bio_stdout, "Switching server context.\n");
             SSL_set_SSL_CTX(s, s_ctx2);
+            /* Copy over all the SSL_CTX options */
+            SSL_clear_options(s, 0xFFFFFFFFL);
+            SSL_set_options(s, SSL_CTX_get_options(s_ctx2));
         }
     }
     return SSL_TLSEXT_ERR_OK;
@@ -348,6 +358,40 @@ static int verify_servername(SSL *client, SSL *server)
         BIO_printf(bio_stdout, "Servername: context is unknown\n");
     return -1;
 }
+static int cert_cb(SSL *ssl, void *arg)
+{
+    int unused;
+    return servername_cb(ssl, &unused, NULL) != SSL_TLSEXT_ERR_ALERT_FATAL;
+}
+
+static int verify_ticket(SSL* ssl)
+{
+    if (ticket_expect == -1)
+        return 0;
+    if (ticket_expect == 0 &&
+        (ssl->session->tlsext_tick == NULL ||
+         ssl->session->tlsext_ticklen == 0))
+        return 1;
+    if (ticket_expect == 1 &&
+        (ssl->session->tlsext_tick != NULL &&
+         ssl->session->tlsext_ticklen != 0))
+        return 1;
+    return -1;
+}
+
+static int verify_server_digest(SSL* ssl)
+{
+    int nid = NID_undef;
+
+    if (server_digest_expect == NULL)
+        return 0;
+    SSL_get_peer_signature_nid(ssl, &nid);
+    if (strcmp(server_digest_expect, OBJ_nid2sn(nid)) == 0)
+        return 1;
+    BIO_printf(bio_stdout, "Expected server digest %s, got %s.\n",
+               server_digest_expect, OBJ_nid2sn(nid));
+    return -1;
+}
 
 /*-
  * next_protos_parse parses a comma separated list of strings into a string
@@ -379,13 +423,13 @@ static unsigned char *next_protos_parse(unsigned short *outlen,
                 OPENSSL_free(out);
                 return NULL;
             }
-            out[start] = i - start;
+            out[start] = (unsigned char)(i - start);
             start = i + 1;
         } else
             out[i + 1] = in[i];
     }
 
-    *outlen = len + 1;
+    *outlen = (unsigned char)(len + 1);
     return out;
 }
 
@@ -477,6 +521,43 @@ static int verify_alpn(SSL *client, SSL *server)
     return -1;
 }
 
+#ifndef OPENSSL_NO_TLSEXT
+
+static int cb_ticket0(SSL* s, unsigned char* key_name, unsigned char *iv, EVP_CIPHER_CTX *ctx, HMAC_CTX *hctx, int enc)
+{
+    return 0;
+}
+
+static int cb_ticket1(SSL* s, unsigned char* key_name, unsigned char *iv, EVP_CIPHER_CTX *ctx, HMAC_CTX *hctx, int enc)
+{
+    static unsigned char key[] = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16 };
+    static char name[] = "ticket11ticket11";
+    if (SSL_get_options(s) & SSL_OP_NO_TICKET)
+        return 0;
+    if (enc) {
+        RAND_pseudo_bytes(iv, EVP_MAX_IV_LENGTH);
+        EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
+        HMAC_Init_ex(hctx, key, sizeof(key), EVP_sha1(), NULL);
+        memcpy(key_name, name, 16);
+        return 1;
+    } else {
+        if (memcmp(key_name, name, 16) == 0) {
+            EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
+            HMAC_Init_ex(hctx, key, sizeof(key), EVP_sha1(), NULL);
+            return 1;
+        }
+    }
+    return 0;
+}
+
+static int cb_ticket2(SSL* s, unsigned char* key_name, unsigned char *iv, EVP_CIPHER_CTX *ctx, HMAC_CTX *hctx, int enc)
+{
+    fprintf(stderr, "ticket callback for SNI context should never be called\n");
+    EXIT(1);
+    return 0;
+}
+#endif
+
 #define SCT_EXT_TYPE 18
 
 /*
@@ -773,6 +854,7 @@ static void sv_usage(void)
 #endif
 #ifndef OPENSSL_NO_TLS1
     fprintf(stderr, " -tls1         - use TLSv1\n");
+    fprintf(stderr, " -tls12        - use TLSv1.2\n");
 #endif
 #ifndef OPENSSL_NO_DTLS
     fprintf(stderr, " -dtls1        - use DTLSv1\n");
@@ -820,6 +902,15 @@ static void sv_usage(void)
     fprintf(stderr, " -sn_server2 <string> - have server context 2 respond to this servername\n");
     fprintf(stderr, " -sn_expect1          - expected server 1\n");
     fprintf(stderr, " -sn_expect2          - expected server 2\n");
+#ifndef OPENSSL_NO_TLSEXT
+    fprintf(stderr, " -s_ticket1 <yes|no|broken> - enable/disable session tickets on context 1\n");
+    fprintf(stderr, " -s_ticket2 <yes|no>        - enable/disable session tickets on context 2\n");
+    fprintf(stderr, " -c_ticket <yes|no>         - enable/disable session tickets on the client\n");
+    fprintf(stderr, " -ticket_expect <yes|no>    - indicate that the client should (or should not) have a ticket\n");
+#endif
+    fprintf(stderr, " -sni_in_cert_cb           - have the server handle SNI in the certificate callback\n");
+    fprintf(stderr, " -client_sigalgs arg       - the signature algorithms to configure on the client\n");
+    fprintf(stderr, " -server_digest_expect arg - the expected server signing digest\n");
 }
 
 static void print_details(SSL *c_ssl, const char *prefix)
@@ -946,7 +1037,7 @@ int main(int argc, char *argv[])
     int badop = 0;
     int bio_pair = 0;
     int force = 0;
-    int dtls1 = 0, dtls12 = 0, tls1 = 0, ssl2 = 0, ssl3 = 0, ret = 1;
+    int dtls1 = 0, dtls12 = 0, tls1 = 0, tls12 = 0, ssl2 = 0, ssl3 = 0, ret = 1;
     int client_auth = 0;
     int server_auth = 0, i;
     struct app_verify_arg app_verify_arg =
@@ -1011,7 +1102,7 @@ int main(int argc, char *argv[])
     }
     CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
 
-    RAND_seed(rnd_seed, sizeof rnd_seed);
+    RAND_seed(rnd_seed, sizeof(rnd_seed));
 
     bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE | BIO_FP_TEXT);
 
@@ -1100,6 +1191,11 @@ int main(int argc, char *argv[])
             no_protocol = 1;
 #endif
             tls1 = 1;
+        } else if (strcmp(*argv, "-tls12") == 0) {
+#ifdef OPENSSL_NO_TLS1
+            no_protocol = 1;
+#endif
+            tls12 = 1;
         } else if (strcmp(*argv, "-ssl3") == 0) {
 #ifdef OPENSSL_NO_SSL3_METHOD
             no_protocol = 1;
@@ -1175,13 +1271,21 @@ int main(int argc, char *argv[])
         } else if (strcmp(*argv, "-time") == 0) {
             print_time = 1;
         }
-#ifndef OPENSSL_NO_COMP
         else if (strcmp(*argv, "-zlib") == 0) {
+#ifndef OPENSSL_NO_COMP
             comp = COMP_ZLIB;
-        } else if (strcmp(*argv, "-rle") == 0) {
-            comp = COMP_RLE;
-        }
+#else
+            fprintf(stderr,
+                    "ignoring -zlib, since I'm compiled without COMP\n");
 #endif
+        } else if (strcmp(*argv, "-rle") == 0) {
+#ifndef OPENSSL_NO_COMP
+            comp = COMP_RLE;
+#else
+            fprintf(stderr,
+                    "ignoring -rle, since I'm compiled without COMP\n");
+#endif
+        }
         else if (strcmp(*argv, "-named_curve") == 0) {
             if (--argc < 1)
                 goto bad;
@@ -1241,6 +1345,46 @@ int main(int argc, char *argv[])
             sn_expect = 1;
         } else if (strcmp(*argv, "-sn_expect2") == 0) {
             sn_expect = 2;
+#ifndef OPENSSL_NO_TLSEXT
+        } else if (strcmp(*argv, "-s_ticket1") == 0) {
+            if (--argc < 1)
+                goto bad;
+            argv++;
+            if (strcmp(*argv, "yes") == 0)
+                s_ticket1 = 1;
+            if (strcmp(*argv, "broken") == 0)
+                s_ticket1 = 2;
+        } else if (strcmp(*argv, "-s_ticket2") == 0) {
+            if (--argc < 1)
+                goto bad;
+            argv++;
+            if (strcmp(*argv, "yes") == 0)
+                s_ticket2 = 1;
+        } else if (strcmp(*argv, "-c_ticket") == 0) {
+            if (--argc < 1)
+                goto bad;
+            argv++;
+            if (strcmp(*argv, "yes") == 0)
+                c_ticket = 1;
+        } else if (strcmp(*argv, "-ticket_expect") == 0) {
+            if (--argc < 1)
+                goto bad;
+            argv++;
+            if (strcmp(*argv, "yes") == 0)
+                ticket_expect = 1;
+            else if (strcmp(*argv, "no") == 0)
+                ticket_expect = 0;
+#endif
+        } else if (strcmp(*argv, "-sni_in_cert_cb") == 0) {
+            sni_in_cert_cb = 1;
+        } else if (strcmp(*argv, "-client_sigalgs") == 0) {
+            if (--argc < 1)
+                goto bad;
+            client_sigalgs = *(++argv);
+        } else if (strcmp(*argv, "-server_digest_expect") == 0) {
+            if (--argc < 1)
+                goto bad;
+            server_digest_expect = *(++argv);
         } else {
             fprintf(stderr, "unknown option %s\n", *argv);
             badop = 1;
@@ -1271,9 +1415,9 @@ int main(int argc, char *argv[])
         goto end;
     }
 
-    if (ssl2 + ssl3 + tls1 + dtls1 + dtls12 > 1) {
-        fprintf(stderr, "At most one of -ssl2, -ssl3, -tls1, -dtls1 or -dtls12 should "
-                "be requested.\n");
+    if (ssl2 + ssl3 + tls1 + tls12 + dtls1 + dtls12 > 1) {
+        fprintf(stderr, "At most one of -ssl2, -ssl3, -tls1, -tls12, -dtls1 or "
+                "-dtls12 should be requested.\n");
         EXIT(1);
     }
 
@@ -1289,10 +1433,11 @@ int main(int argc, char *argv[])
         goto end;
     }
 
-    if (!ssl2 && !ssl3 && !tls1 && !dtls1 && !dtls12 && number > 1 && !reuse && !force) {
+    if (!ssl2 && !ssl3 && !tls1 && !tls12 && !dtls1 && !dtls12 && number > 1
+            && !reuse && !force) {
         fprintf(stderr, "This case cannot work.  Use -f to perform "
                 "the test anyway (and\n-d to see what happens), "
-                "or add one of ssl2, -ssl3, -tls1, -dtls1, -dtls12, -reuse\n"
+                "or add one of ssl2, -ssl3, -tls1, -tls12, -dtls1, -dtls12, -reuse\n"
                 "to avoid protocol mismatch.\n");
         EXIT(1);
     }
@@ -1356,7 +1501,7 @@ int main(int argc, char *argv[])
 #endif
 
     /*
-     * At this point, ssl2/ssl3/tls1 is only set if the protocol is
+     * At this point, ssl2/ssl3/tls1/tls12 is only set if the protocol is
      * available. (Otherwise we exit early.) However the compiler doesn't
      * know this, so we ifdef.
      */
@@ -1380,6 +1525,8 @@ int main(int argc, char *argv[])
 #ifndef OPENSSL_NO_TLS1
     if (tls1)
         meth = TLSv1_method();
+    else if (tls12)
+        meth = TLSv1_2_method();
     else
 #endif
         meth = SSLv23_method();
@@ -1526,9 +1673,9 @@ int main(int argc, char *argv[])
     {
         int session_id_context = 0;
         SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context,
-                                       sizeof session_id_context);
+                                       sizeof(session_id_context));
         SSL_CTX_set_session_id_context(s_ctx2, (void *)&session_id_context,
-                                       sizeof session_id_context);
+                                       sizeof(session_id_context));
     }
 
     /* Use PSK only if PSK key is given */
@@ -1676,8 +1823,33 @@ int main(int argc, char *argv[])
         OPENSSL_free(alpn);
     }
 
-    if (sn_server1 || sn_server2)
-        SSL_CTX_set_tlsext_servername_callback(s_ctx, servername_cb);
+    if (sn_server1 || sn_server2) {
+        if (sni_in_cert_cb)
+            SSL_CTX_set_cert_cb(s_ctx, cert_cb, NULL);
+        else
+            SSL_CTX_set_tlsext_servername_callback(s_ctx, servername_cb);
+    }
+
+#ifndef OPENSSL_NO_TLSEXT
+    if (s_ticket1 == 0)
+        SSL_CTX_set_options(s_ctx, SSL_OP_NO_TICKET);
+    /* always set the callback */
+    if (s_ticket1 == 2)
+        SSL_CTX_set_tlsext_ticket_key_cb(s_ctx, cb_ticket0);
+    else
+        SSL_CTX_set_tlsext_ticket_key_cb(s_ctx, cb_ticket1);
+
+    if (!s_ticket2)
+        SSL_CTX_set_options(s_ctx2, SSL_OP_NO_TICKET);
+    /* always set the callback - this should never be called */
+    SSL_CTX_set_tlsext_ticket_key_cb(s_ctx2, cb_ticket2);
+
+    if (!c_ticket)
+        SSL_CTX_set_options(c_ctx, SSL_OP_NO_TICKET);
+#endif
+
+    if (client_sigalgs != NULL)
+        SSL_CTX_set1_sigalgs_list(c_ctx, client_sigalgs);
 
     c_ssl = SSL_new(c_ctx);
     s_ssl = SSL_new(s_ctx);
@@ -1689,9 +1861,9 @@ int main(int argc, char *argv[])
     if (c_ssl && c_ssl->kssl_ctx) {
         char localhost[MAXHOSTNAMELEN + 2];
 
-        if (gethostname(localhost, sizeof localhost - 1) == 0) {
-            localhost[sizeof localhost - 1] = '\0';
-            if (strlen(localhost) == sizeof localhost - 1) {
+        if (gethostname(localhost, sizeof(localhost) - 1) == 0) {
+            localhost[sizeof(localhost) - 1] = '\0';
+            if (strlen(localhost) == sizeof(localhost) - 1) {
                 BIO_printf(bio_err, "localhost name too long\n");
                 goto end;
             }
@@ -1742,6 +1914,10 @@ int main(int argc, char *argv[])
         ret = 1;
     if (verify_servername(c_ssl, s_ssl) < 0)
         ret = 1;
+    if (verify_ticket(c_ssl) < 0)
+        ret = 1;
+    if (verify_server_digest(c_ssl) < 0)
+        ret = 1;
 
     SSL_free(s_ssl);
     SSL_free(c_ssl);
@@ -1865,8 +2041,8 @@ int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
             if (cw_num > 0) {
                 /* Write to server. */
 
-                if (cw_num > (long)sizeof cbuf)
-                    i = sizeof cbuf;
+                if (cw_num > (long)sizeof(cbuf))
+                    i = sizeof(cbuf);
                 else
                     i = (int)cw_num;
                 r = BIO_write(c_ssl_bio, cbuf, i);
@@ -1942,8 +2118,8 @@ int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
             if (sw_num > 0) {
                 /* Write to client. */
 
-                if (sw_num > (long)sizeof sbuf)
-                    i = sizeof sbuf;
+                if (sw_num > (long)sizeof(sbuf))
+                    i = sizeof(sbuf);
                 else
                     i = (int)sw_num;
                 r = BIO_write(s_ssl_bio, sbuf, i);
@@ -2454,7 +2630,7 @@ static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
     char *s, buf[256];
 
     s = X509_NAME_oneline(X509_get_subject_name(ctx->current_cert), buf,
-                          sizeof buf);
+                          sizeof(buf));
     if (s != NULL) {
         if (ok)
             fprintf(stderr, "depth=%d %s\n", ctx->error_depth, buf);
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index b6d1ee95..50491ff6 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -972,7 +972,7 @@ int tls1_final_finish_mac(SSL *s,
             int hashsize = EVP_MD_size(md);
             EVP_MD_CTX *hdgst = s->s3->handshake_dgst[idx];
             if (!hdgst || hashsize < 0
-                || hashsize > (int)(sizeof buf - (size_t)(q - buf))) {
+                || hashsize > (int)(sizeof(buf) - (size_t)(q - buf))) {
                 /*
                  * internal error: 'buf' is too small for this cipersuite!
                  */
@@ -990,7 +990,7 @@ int tls1_final_finish_mac(SSL *s,
     if (!tls1_PRF(ssl_get_algorithm2(s),
                   str, slen, buf, (int)(q - buf), NULL, 0, NULL, 0, NULL, 0,
                   s->session->master_key, s->session->master_key_length,
-                  out, buf2, sizeof buf2))
+                  out, buf2, sizeof(buf2)))
         err = 1;
     EVP_MD_CTX_cleanup(&ctx);
 
@@ -999,7 +999,7 @@ int tls1_final_finish_mac(SSL *s,
     if (err)
         return 0;
     else
-        return sizeof buf2;
+        return sizeof(buf2);
 }
 
 int tls1_mac(SSL *ssl, unsigned char *md, int send)
@@ -1165,8 +1165,8 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
              s->s3->client_random, SSL3_RANDOM_SIZE,
              co, col,
              s->s3->server_random, SSL3_RANDOM_SIZE,
-             so, sol, p, len, s->session->master_key, buff, sizeof buff);
-    OPENSSL_cleanse(buff, sizeof buff);
+             so, sol, p, len, s->session->master_key, buff, sizeof(buff));
+    OPENSSL_cleanse(buff, sizeof(buff));
 #ifdef SSL_DEBUG
     fprintf(stderr, "Premaster Secret:\n");
     BIO_dump_fp(stderr, (char *)p, len);
diff --git a/ssl/t1_ext.c b/ssl/t1_ext.c
index 79ed946a..0f4aba02 100644
--- a/ssl/t1_ext.c
+++ b/ssl/t1_ext.c
@@ -179,6 +179,25 @@ int custom_ext_add(SSL *s, int server,
     return 1;
 }
 
+/* Copy the flags from src to dst for any extensions that exist in both */
+int custom_exts_copy_flags(custom_ext_methods *dst,
+                           const custom_ext_methods *src)
+{
+    size_t i;
+    custom_ext_method *methsrc = src->meths;
+
+    for (i = 0; i < src->meths_count; i++, methsrc++) {
+        custom_ext_method *methdst = custom_ext_find(dst, methsrc->ext_type);
+
+        if (methdst == NULL)
+            continue;
+
+        methdst->ext_flags = methsrc->ext_flags;
+    }
+
+    return 1;
+}
+
 /* Copy table of custom extensions */
 int custom_exts_copy(custom_ext_methods *dst, const custom_ext_methods *src)
 {
@@ -223,16 +242,14 @@ static int custom_ext_meth_add(custom_ext_methods *exts,
     /* Search for duplicate */
     if (custom_ext_find(exts, ext_type))
         return 0;
-    exts->meths = OPENSSL_realloc(exts->meths,
-                                  (exts->meths_count +
-                                   1) * sizeof(custom_ext_method));
-
-    if (!exts->meths) {
-        exts->meths_count = 0;
+    meth = OPENSSL_realloc(exts->meths,
+                           (exts->meths_count + 1)
+                           * sizeof(custom_ext_method));
+    if (meth == NULL)
         return 0;
-    }
 
-    meth = exts->meths + exts->meths_count;
+    exts->meths = meth;
+    meth += exts->meths_count;
     memset(meth, 0, sizeof(custom_ext_method));
     meth->parse_cb = parse_cb;
     meth->add_cb = add_cb;
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index e60c88bd..75c2f415 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2018 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -1035,7 +1035,7 @@ static unsigned char suiteb_sigalgs[] = {
         tlsext_sigalg_ecdsa(TLSEXT_hash_sha384)
 };
 # endif
-size_t tls12_get_psigalgs(SSL *s, const unsigned char **psigs)
+size_t tls12_get_psigalgs(SSL *s, int sent, const unsigned char **psigs)
 {
     /*
      * If Suite B mode use Suite B sigalgs only, ignore any other
@@ -1057,7 +1057,7 @@ size_t tls12_get_psigalgs(SSL *s, const unsigned char **psigs)
     }
 # endif
     /* If server use client authentication sigalgs if not NULL */
-    if (s->server && s->cert->client_sigalgs) {
+    if (s->server == sent && s->cert->client_sigalgs) {
         *psigs = s->cert->client_sigalgs;
         return s->cert->client_sigalgslen;
     } else if (s->cert->conf_sigalgs) {
@@ -1121,7 +1121,7 @@ int tls12_check_peer_sigalg(const EVP_MD **pmd, SSL *s,
 # endif
 
     /* Check signature matches a type we sent */
-    sent_sigslen = tls12_get_psigalgs(s, &sent_sigs);
+    sent_sigslen = tls12_get_psigalgs(s, 1, &sent_sigs);
     for (i = 0; i < sent_sigslen; i += 2, sent_sigs += 2) {
         if (sig[0] == sent_sigs[0] && sig[1] == sent_sigs[1])
             break;
@@ -1169,7 +1169,7 @@ void ssl_set_client_disabled(SSL *s)
      * Now go through all signature algorithms seeing if we support any for
      * RSA, DSA, ECDSA. Do this for all versions not just TLS 1.2.
      */
-    sigalgslen = tls12_get_psigalgs(s, &sigalgs);
+    sigalgslen = tls12_get_psigalgs(s, 1, &sigalgs);
     for (i = 0; i < sigalgslen; i += 2, sigalgs += 2) {
         switch (sigalgs[1]) {
 # ifndef OPENSSL_NO_RSA
@@ -1440,7 +1440,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
     if (SSL_CLIENT_USE_SIGALGS(s)) {
         size_t salglen;
         const unsigned char *salg;
-        salglen = tls12_get_psigalgs(s, &salg);
+        salglen = tls12_get_psigalgs(s, 1, &salg);
 
         /*-
          * check for enough space.
@@ -1769,6 +1769,9 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf,
             return NULL;
         s2n(TLSEXT_TYPE_session_ticket, ret);
         s2n(0, ret);
+    } else {
+        /* if we don't add the above TLSEXT, we can't add a session ticket later */
+        s->tlsext_ticket_expected = 0;
     }
 
     if (s->tlsext_status_expected) {
@@ -1913,7 +1916,7 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf,
         s2n(TLSEXT_TYPE_application_layer_protocol_negotiation, ret);
         s2n(3 + len, ret);
         s2n(1 + len, ret);
-        *ret++ = len;
+        *ret++ = (unsigned char)len;
         memcpy(ret, selected, len);
         ret += len;
     }
@@ -2281,8 +2284,12 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p,
 # ifndef OPENSSL_NO_EC
         else if (type == TLSEXT_TYPE_ec_point_formats) {
             unsigned char *sdata = data;
-            int ecpointformatlist_length = *(sdata++);
+            int ecpointformatlist_length;
 
+            if (size == 0)
+                goto err;
+
+            ecpointformatlist_length = *(sdata++);
             if (ecpointformatlist_length != size - 1 ||
                 ecpointformatlist_length < 1)
                 goto err;
@@ -2708,8 +2715,14 @@ static int ssl_scan_serverhello_tlsext(SSL *s, unsigned char **p,
 # ifndef OPENSSL_NO_EC
         else if (type == TLSEXT_TYPE_ec_point_formats) {
             unsigned char *sdata = data;
-            int ecpointformatlist_length = *(sdata++);
+            int ecpointformatlist_length;
 
+            if (size == 0) {
+                *al = TLS1_AD_DECODE_ERROR;
+                return 0;
+            }
+
+            ecpointformatlist_length = *(sdata++);
             if (ecpointformatlist_length != size - 1) {
                 *al = TLS1_AD_DECODE_ERROR;
                 return 0;
@@ -3502,6 +3515,10 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick,
     EVP_CIPHER_CTX ctx;
     SSL_CTX *tctx = s->initial_ctx;
 
+    /* Need at least keyname + iv */
+    if (eticklen < 16 + EVP_MAX_IV_LENGTH)
+        return 2;
+
     /* Initialize session ticket encryption and HMAC contexts */
     HMAC_CTX_init(&hctx);
     EVP_CIPHER_CTX_init(&ctx);
@@ -3510,9 +3527,12 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick,
         int rv = tctx->tlsext_ticket_key_cb(s, nctick, nctick + 16,
                                             &ctx, &hctx, 0);
         if (rv < 0)
-            return -1;
-        if (rv == 0)
+            goto err;
+        if (rv == 0) {
+            HMAC_CTX_cleanup(&hctx);
+            EVP_CIPHER_CTX_cleanup(&ctx);
             return 2;
+        }
         if (rv == 2)
             renew_ticket = 1;
     } else {
@@ -3574,8 +3594,14 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick,
     p = sdec;
 
     sess = d2i_SSL_SESSION(NULL, &p, slen);
+    slen -= p - sdec;
     OPENSSL_free(sdec);
     if (sess) {
+        /* Some additional consistency checks */
+        if (slen != 0 || sess->session_id_length != 0) {
+            SSL_SESSION_free(sess);
+            return 2;
+        }
         /*
          * The session ID, if non-empty, is used by some clients to detect
          * that the ticket has been accepted. So we copy it to the session
@@ -3803,7 +3829,7 @@ static int tls1_set_shared_sigalgs(SSL *s)
         conf = c->conf_sigalgs;
         conflen = c->conf_sigalgslen;
     } else
-        conflen = tls12_get_psigalgs(s, &conf);
+        conflen = tls12_get_psigalgs(s, 0, &conf);
     if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE || is_suiteb) {
         pref = conf;
         preflen = conflen;
diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c
index c5e21df7..dc62df8f 100644
--- a/ssl/t1_trce.c
+++ b/ssl/t1_trce.c
@@ -1247,13 +1247,15 @@ void SSL_trace(int write_p, int version, int content_type,
         break;
 
     case SSL3_RT_ALERT:
-        if (msglen != 2)
+        if (msglen != 2) {
             BIO_puts(bio, "    Illegal Alert Length\n");
-        else {
+        } else {
             BIO_printf(bio, "    Level=%s(%d), description=%s(%d)\n",
                        SSL_alert_type_string_long(msg[0] << 8),
                        msg[0], SSL_alert_desc_string_long(msg[1]), msg[1]);
         }
+        break;
+
     case TLS1_RT_HEARTBEAT:
         ssl_print_heartbeat(bio, 4, msg, msglen);
         break;
diff --git a/ssl/tls1.h b/ssl/tls1.h
index 7e237d06..dd1d8c10 100644
--- a/ssl/tls1.h
+++ b/ssl/tls1.h
@@ -317,7 +317,7 @@ int SSL_get_servername_type(const SSL *s);
  */
 int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
                                const char *label, size_t llen,
-                               const unsigned char *p, size_t plen,
+                               const unsigned char *context, size_t contextlen,
                                int use_context);
 
 int SSL_get_sigalgs(SSL *s, int idx,
diff --git a/test/Makefile b/test/Makefile
index 8f272ef9..a1f7eeb0 100644
--- a/test/Makefile
+++ b/test/Makefile
@@ -73,6 +73,7 @@ CLIENTHELLOTEST=	clienthellotest
 BADDTLSTEST=	bad_dtls_test
 SSLV2CONFTEST = 	sslv2conftest
 DTLSTEST =	dtlstest
+FATALERRTEST =	fatalerrtest
 
 TESTS=		alltests
 
@@ -87,7 +88,7 @@ EXE=	$(BNTEST)$(EXE_EXT) $(ECTEST)$(EXE_EXT)  $(ECDSATEST)$(EXE_EXT) $(ECDHTEST)
 	$(ASN1TEST)$(EXE_EXT) $(V3NAMETEST)$(EXE_EXT) $(HEARTBEATTEST)$(EXE_EXT) \
 	$(CONSTTIMETEST)$(EXE_EXT) $(VERIFYEXTRATEST)$(EXE_EXT) \
 	$(CLIENTHELLOTEST)$(EXE_EXT) $(SSLV2CONFTEST)$(EXE_EXT) $(DTLSTEST)$(EXE_EXT) \
-	$(BADDTLSTEST)$(EXE_EXT)
+	$(BADDTLSTEST)$(EXE_EXT) $(FATALERRTEST)$(EXE_EXT)
 
 # $(METHTEST)$(EXE_EXT)
 
@@ -102,7 +103,7 @@ OBJ=	$(BNTEST).o $(ECTEST).o  $(ECDSATEST).o $(ECDHTEST).o $(IDEATEST).o \
 	$(EVPTEST).o $(EVPEXTRATEST).o $(IGETEST).o $(JPAKETEST).o $(ASN1TEST).o $(V3NAMETEST).o \
 	$(HEARTBEATTEST).o $(CONSTTIMETEST).o $(VERIFYEXTRATEST).o \
 	$(CLIENTHELLOTEST).o  $(SSLV2CONFTEST).o $(DTLSTEST).o ssltestlib.o \
-	$(BADDTLSTEST).o
+	$(BADDTLSTEST).o $(FATALERRTEST).o
 
 SRC=	$(BNTEST).c $(ECTEST).c  $(ECDSATEST).c $(ECDHTEST).c $(IDEATEST).c \
 	$(MD2TEST).c  $(MD4TEST).c $(MD5TEST).c \
@@ -114,7 +115,7 @@ SRC=	$(BNTEST).c $(ECTEST).c  $(ECDSATEST).c $(ECDHTEST).c $(IDEATEST).c \
 	$(EVPTEST).c $(EVPEXTRATEST).c $(IGETEST).c $(JPAKETEST).c $(SRPTEST).c $(ASN1TEST).c \
 	$(V3NAMETEST).c $(HEARTBEATTEST).c $(CONSTTIMETEST).c $(VERIFYEXTRATEST).c \
 	$(CLIENTHELLOTEST).c  $(SSLV2CONFTEST).c $(DTLSTEST).c ssltestlib.c \
-	$(BADDTLSTEST).c
+	$(BADDTLSTEST).c $(FATALERRTEST).c
 
 EXHEADER= 
 HEADER=	testutil.h ssltestlib.h $(EXHEADER)
@@ -159,7 +160,7 @@ alltests: \
 	test_ss test_ca test_engine test_evp test_evp_extra test_ssl test_tsa test_ige \
 	test_jpake test_srp test_cms test_ocsp test_v3name test_heartbeat \
 	test_constant_time test_verify_extra test_clienthello test_sslv2conftest \
-	test_dtls test_bad_dtls
+	test_dtls test_bad_dtls test_fatalerr
 
 test_evp: $(EVPTEST)$(EXE_EXT) evptests.txt
 	../util/shlib_wrap.sh ./$(EVPTEST) evptests.txt
@@ -307,6 +308,7 @@ test_ssl: keyU.ss certU.ss certCA.ss certP1.ss keyP1.ss certP2.ss keyP2.ss \
 	fi
 	../util/shlib_wrap.sh ./$(SSLTEST) -test_cipherlist
 	@sh ./testssl keyU.ss certU.ss certCA.ss
+	@sh ./testssl keyU.ss certU.ss certCA.ss -rle
 	@sh ./testsslproxy keyP1.ss certP1.ss intP1.ss
 	@sh ./testsslproxy keyP2.ss certP2.ss intP2.ss
 
@@ -372,6 +374,10 @@ test_bad_dtls: $(BADDTLSTEST)$(EXE_EXT)
 	@echo $(START) $@
 	../util/shlib_wrap.sh ./$(BADDTLSTEST)
 
+test_fatalerr: $(FATALERRTEST)$(EXE_EXT)
+	@echo $(START) $@
+	../util/shlib_wrap.sh ./$(FATALERRTEST) ../apps/server.pem ../apps/server.pem
+
 test_sslv2conftest: $(SSLV2CONFTEST)$(EXE_EXT)
 	@echo $(START) $@
 	../util/shlib_wrap.sh ./$(SSLV2CONFTEST)
@@ -560,6 +566,9 @@ $(CLIENTHELLOTEST)$(EXE_EXT): $(CLIENTHELLOTEST).o
 $(BADDTLSTEST)$(EXE_EXT): $(BADDTLSTEST).o
 	@target=$(BADDTLSTEST) $(BUILD_CMD)
 
+$(FATALERRTEST)$(EXE_EXT): $(FATALERRTEST).o ssltestlib.o $(DLIBSSL) $(DLIBCRYPTO)
+	@target=$(FATALERRTEST); exobj=ssltestlib.o; $(BUILD_CMD)
+
 $(SSLV2CONFTEST)$(EXE_EXT): $(SSLV2CONFTEST).o
 	@target=$(SSLV2CONFTEST) $(BUILD_CMD)
 
@@ -775,6 +784,25 @@ exptest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
 exptest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
 exptest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
 exptest.o: ../include/openssl/symhacks.h exptest.c
+fatalerrtest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+fatalerrtest.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+fatalerrtest.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
+fatalerrtest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+fatalerrtest.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+fatalerrtest.o: ../include/openssl/err.h ../include/openssl/evp.h
+fatalerrtest.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+fatalerrtest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+fatalerrtest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+fatalerrtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+fatalerrtest.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+fatalerrtest.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+fatalerrtest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+fatalerrtest.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+fatalerrtest.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+fatalerrtest.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+fatalerrtest.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+fatalerrtest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+fatalerrtest.o: fatalerrtest.c ssltestlib.h
 heartbeat_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
 heartbeat_test.o: ../include/openssl/buffer.h ../include/openssl/comp.h
 heartbeat_test.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
diff --git a/test/igetest.c b/test/igetest.c
index 08f361a0..748685d1 100644
--- a/test/igetest.c
+++ b/test/igetest.c
@@ -200,16 +200,16 @@ static int run_test_vectors(void)
         assert(v->length <= MAX_VECTOR_SIZE);
 
         if (v->encrypt == AES_ENCRYPT)
-            AES_set_encrypt_key(v->key, 8 * sizeof v->key, &key);
+            AES_set_encrypt_key(v->key, 8 * sizeof(v->key), &key);
         else
-            AES_set_decrypt_key(v->key, 8 * sizeof v->key, &key);
-        memcpy(iv, v->iv, sizeof iv);
+            AES_set_decrypt_key(v->key, 8 * sizeof(v->key), &key);
+        memcpy(iv, v->iv, sizeof(iv));
         AES_ige_encrypt(v->in, buf, v->length, &key, iv, v->encrypt);
 
         if (memcmp(v->out, buf, v->length)) {
             printf("IGE test vector %d failed\n", n);
-            hexdump(stdout, "key", v->key, sizeof v->key);
-            hexdump(stdout, "iv", v->iv, sizeof v->iv);
+            hexdump(stdout, "key", v->key, sizeof(v->key));
+            hexdump(stdout, "iv", v->iv, sizeof(v->iv));
             hexdump(stdout, "in", v->in, v->length);
             hexdump(stdout, "expected", v->out, v->length);
             hexdump(stdout, "got", buf, v->length);
@@ -218,14 +218,14 @@ static int run_test_vectors(void)
         }
 
         /* try with in == out */
-        memcpy(iv, v->iv, sizeof iv);
+        memcpy(iv, v->iv, sizeof(iv));
         memcpy(buf, v->in, v->length);
         AES_ige_encrypt(buf, buf, v->length, &key, iv, v->encrypt);
 
         if (memcmp(v->out, buf, v->length)) {
             printf("IGE test vector %d failed (with in == out)\n", n);
-            hexdump(stdout, "key", v->key, sizeof v->key);
-            hexdump(stdout, "iv", v->iv, sizeof v->iv);
+            hexdump(stdout, "key", v->key, sizeof(v->key));
+            hexdump(stdout, "iv", v->iv, sizeof(v->iv));
             hexdump(stdout, "in", v->in, v->length);
             hexdump(stdout, "expected", v->out, v->length);
             hexdump(stdout, "got", buf, v->length);
@@ -257,9 +257,9 @@ static int run_test_vectors(void)
 
         if (memcmp(v->out, buf, v->length)) {
             printf("Bidirectional IGE test vector %d failed\n", n);
-            hexdump(stdout, "key 1", v->key1, sizeof v->key1);
-            hexdump(stdout, "key 2", v->key2, sizeof v->key2);
-            hexdump(stdout, "iv", v->iv, sizeof v->iv);
+            hexdump(stdout, "key 1", v->key1, sizeof(v->key1));
+            hexdump(stdout, "key 2", v->key2, sizeof(v->key2));
+            hexdump(stdout, "iv", v->iv, sizeof(v->iv));
             hexdump(stdout, "in", v->in, v->length);
             hexdump(stdout, "expected", v->out, v->length);
             hexdump(stdout, "got", buf, v->length);
@@ -288,19 +288,19 @@ int main(int argc, char **argv)
 
     assert(BIG_TEST_SIZE >= TEST_SIZE);
 
-    RAND_pseudo_bytes(rkey, sizeof rkey);
-    RAND_pseudo_bytes(plaintext, sizeof plaintext);
-    RAND_pseudo_bytes(iv, sizeof iv);
-    memcpy(saved_iv, iv, sizeof saved_iv);
+    RAND_pseudo_bytes(rkey, sizeof(rkey));
+    RAND_pseudo_bytes(plaintext, sizeof(plaintext));
+    RAND_pseudo_bytes(iv, sizeof(iv));
+    memcpy(saved_iv, iv, sizeof(saved_iv));
 
     /* Forward IGE only... */
 
     /* Straight encrypt/decrypt */
-    AES_set_encrypt_key(rkey, 8 * sizeof rkey, &key);
+    AES_set_encrypt_key(rkey, 8 * sizeof(rkey), &key);
     AES_ige_encrypt(plaintext, ciphertext, TEST_SIZE, &key, iv, AES_ENCRYPT);
 
-    AES_set_decrypt_key(rkey, 8 * sizeof rkey, &key);
-    memcpy(iv, saved_iv, sizeof iv);
+    AES_set_decrypt_key(rkey, 8 * sizeof(rkey), &key);
+    memcpy(iv, saved_iv, sizeof(iv));
     AES_ige_encrypt(ciphertext, checktext, TEST_SIZE, &key, iv, AES_DECRYPT);
 
     if (memcmp(checktext, plaintext, TEST_SIZE)) {
@@ -311,16 +311,16 @@ int main(int argc, char **argv)
     }
 
     /* Now check encrypt chaining works */
-    AES_set_encrypt_key(rkey, 8 * sizeof rkey, &key);
-    memcpy(iv, saved_iv, sizeof iv);
+    AES_set_encrypt_key(rkey, 8 * sizeof(rkey), &key);
+    memcpy(iv, saved_iv, sizeof(iv));
     AES_ige_encrypt(plaintext, ciphertext, TEST_SIZE / 2, &key, iv,
                     AES_ENCRYPT);
     AES_ige_encrypt(plaintext + TEST_SIZE / 2,
                     ciphertext + TEST_SIZE / 2, TEST_SIZE / 2,
                     &key, iv, AES_ENCRYPT);
 
-    AES_set_decrypt_key(rkey, 8 * sizeof rkey, &key);
-    memcpy(iv, saved_iv, sizeof iv);
+    AES_set_decrypt_key(rkey, 8 * sizeof(rkey), &key);
+    memcpy(iv, saved_iv, sizeof(iv));
     AES_ige_encrypt(ciphertext, checktext, TEST_SIZE, &key, iv, AES_DECRYPT);
 
     if (memcmp(checktext, plaintext, TEST_SIZE)) {
@@ -331,16 +331,16 @@ int main(int argc, char **argv)
     }
 
     /* And check decrypt chaining */
-    AES_set_encrypt_key(rkey, 8 * sizeof rkey, &key);
-    memcpy(iv, saved_iv, sizeof iv);
+    AES_set_encrypt_key(rkey, 8 * sizeof(rkey), &key);
+    memcpy(iv, saved_iv, sizeof(iv));
     AES_ige_encrypt(plaintext, ciphertext, TEST_SIZE / 2, &key, iv,
                     AES_ENCRYPT);
     AES_ige_encrypt(plaintext + TEST_SIZE / 2,
                     ciphertext + TEST_SIZE / 2, TEST_SIZE / 2,
                     &key, iv, AES_ENCRYPT);
 
-    AES_set_decrypt_key(rkey, 8 * sizeof rkey, &key);
-    memcpy(iv, saved_iv, sizeof iv);
+    AES_set_decrypt_key(rkey, 8 * sizeof(rkey), &key);
+    memcpy(iv, saved_iv, sizeof(iv));
     AES_ige_encrypt(ciphertext, checktext, TEST_SIZE / 2, &key, iv,
                     AES_DECRYPT);
     AES_ige_encrypt(ciphertext + TEST_SIZE / 2,
@@ -355,29 +355,29 @@ int main(int argc, char **argv)
     }
 
     /* make sure garble extends forwards only */
-    AES_set_encrypt_key(rkey, 8 * sizeof rkey, &key);
-    memcpy(iv, saved_iv, sizeof iv);
-    AES_ige_encrypt(plaintext, ciphertext, sizeof plaintext, &key, iv,
+    AES_set_encrypt_key(rkey, 8 * sizeof(rkey), &key);
+    memcpy(iv, saved_iv, sizeof(iv));
+    AES_ige_encrypt(plaintext, ciphertext, sizeof(plaintext), &key, iv,
                     AES_ENCRYPT);
 
     /* corrupt halfway through */
-    ++ciphertext[sizeof ciphertext / 2];
-    AES_set_decrypt_key(rkey, 8 * sizeof rkey, &key);
-    memcpy(iv, saved_iv, sizeof iv);
-    AES_ige_encrypt(ciphertext, checktext, sizeof checktext, &key, iv,
+    ++ciphertext[sizeof(ciphertext) / 2];
+    AES_set_decrypt_key(rkey, 8 * sizeof(rkey), &key);
+    memcpy(iv, saved_iv, sizeof(iv));
+    AES_ige_encrypt(ciphertext, checktext, sizeof(checktext), &key, iv,
                     AES_DECRYPT);
 
     matches = 0;
-    for (n = 0; n < sizeof checktext; ++n)
+    for (n = 0; n < sizeof(checktext); ++n)
         if (checktext[n] == plaintext[n])
             ++matches;
 
-    if (matches > sizeof checktext / 2 + sizeof checktext / 100) {
+    if (matches > sizeof(checktext) / 2 + sizeof(checktext) / 100) {
         printf("More than 51%% matches after garbling\n");
         ++err;
     }
 
-    if (matches < sizeof checktext / 2) {
+    if (matches < sizeof(checktext) / 2) {
         printf("Garble extends backwards!\n");
         ++err;
     }
@@ -389,16 +389,16 @@ int main(int argc, char **argv)
      */
     /* possible with biIGE, so the IV is not updated. */
 
-    RAND_pseudo_bytes(rkey2, sizeof rkey2);
+    RAND_pseudo_bytes(rkey2, sizeof(rkey2));
 
     /* Straight encrypt/decrypt */
-    AES_set_encrypt_key(rkey, 8 * sizeof rkey, &key);
-    AES_set_encrypt_key(rkey2, 8 * sizeof rkey2, &key2);
+    AES_set_encrypt_key(rkey, 8 * sizeof(rkey), &key);
+    AES_set_encrypt_key(rkey2, 8 * sizeof(rkey2), &key2);
     AES_bi_ige_encrypt(plaintext, ciphertext, TEST_SIZE, &key, &key2, iv,
                        AES_ENCRYPT);
 
-    AES_set_decrypt_key(rkey, 8 * sizeof rkey, &key);
-    AES_set_decrypt_key(rkey2, 8 * sizeof rkey2, &key2);
+    AES_set_decrypt_key(rkey, 8 * sizeof(rkey), &key);
+    AES_set_decrypt_key(rkey2, 8 * sizeof(rkey2), &key2);
     AES_bi_ige_encrypt(ciphertext, checktext, TEST_SIZE, &key, &key2, iv,
                        AES_DECRYPT);
 
@@ -410,70 +410,70 @@ int main(int argc, char **argv)
     }
 
     /* make sure garble extends both ways */
-    AES_set_encrypt_key(rkey, 8 * sizeof rkey, &key);
-    AES_set_encrypt_key(rkey2, 8 * sizeof rkey2, &key2);
-    AES_ige_encrypt(plaintext, ciphertext, sizeof plaintext, &key, iv,
+    AES_set_encrypt_key(rkey, 8 * sizeof(rkey), &key);
+    AES_set_encrypt_key(rkey2, 8 * sizeof(rkey2), &key2);
+    AES_ige_encrypt(plaintext, ciphertext, sizeof(plaintext), &key, iv,
                     AES_ENCRYPT);
 
     /* corrupt halfway through */
-    ++ciphertext[sizeof ciphertext / 2];
-    AES_set_decrypt_key(rkey, 8 * sizeof rkey, &key);
-    AES_set_decrypt_key(rkey2, 8 * sizeof rkey2, &key2);
-    AES_ige_encrypt(ciphertext, checktext, sizeof checktext, &key, iv,
+    ++ciphertext[sizeof(ciphertext) / 2];
+    AES_set_decrypt_key(rkey, 8 * sizeof(rkey), &key);
+    AES_set_decrypt_key(rkey2, 8 * sizeof(rkey2), &key2);
+    AES_ige_encrypt(ciphertext, checktext, sizeof(checktext), &key, iv,
                     AES_DECRYPT);
 
     matches = 0;
-    for (n = 0; n < sizeof checktext; ++n)
+    for (n = 0; n < sizeof(checktext); ++n)
         if (checktext[n] == plaintext[n])
             ++matches;
 
-    if (matches > sizeof checktext / 100) {
+    if (matches > sizeof(checktext) / 100) {
         printf("More than 1%% matches after bidirectional garbling\n");
         ++err;
     }
 
     /* make sure garble extends both ways (2) */
-    AES_set_encrypt_key(rkey, 8 * sizeof rkey, &key);
-    AES_set_encrypt_key(rkey2, 8 * sizeof rkey2, &key2);
-    AES_ige_encrypt(plaintext, ciphertext, sizeof plaintext, &key, iv,
+    AES_set_encrypt_key(rkey, 8 * sizeof(rkey), &key);
+    AES_set_encrypt_key(rkey2, 8 * sizeof(rkey2), &key2);
+    AES_ige_encrypt(plaintext, ciphertext, sizeof(plaintext), &key, iv,
                     AES_ENCRYPT);
 
     /* corrupt right at the end */
-    ++ciphertext[sizeof ciphertext - 1];
-    AES_set_decrypt_key(rkey, 8 * sizeof rkey, &key);
-    AES_set_decrypt_key(rkey2, 8 * sizeof rkey2, &key2);
-    AES_ige_encrypt(ciphertext, checktext, sizeof checktext, &key, iv,
+    ++ciphertext[sizeof(ciphertext) - 1];
+    AES_set_decrypt_key(rkey, 8 * sizeof(rkey), &key);
+    AES_set_decrypt_key(rkey2, 8 * sizeof(rkey2), &key2);
+    AES_ige_encrypt(ciphertext, checktext, sizeof(checktext), &key, iv,
                     AES_DECRYPT);
 
     matches = 0;
-    for (n = 0; n < sizeof checktext; ++n)
+    for (n = 0; n < sizeof(checktext); ++n)
         if (checktext[n] == plaintext[n])
             ++matches;
 
-    if (matches > sizeof checktext / 100) {
+    if (matches > sizeof(checktext) / 100) {
         printf("More than 1%% matches after bidirectional garbling (2)\n");
         ++err;
     }
 
     /* make sure garble extends both ways (3) */
-    AES_set_encrypt_key(rkey, 8 * sizeof rkey, &key);
-    AES_set_encrypt_key(rkey2, 8 * sizeof rkey2, &key2);
-    AES_ige_encrypt(plaintext, ciphertext, sizeof plaintext, &key, iv,
+    AES_set_encrypt_key(rkey, 8 * sizeof(rkey), &key);
+    AES_set_encrypt_key(rkey2, 8 * sizeof(rkey2), &key2);
+    AES_ige_encrypt(plaintext, ciphertext, sizeof(plaintext), &key, iv,
                     AES_ENCRYPT);
 
     /* corrupt right at the start */
     ++ciphertext[0];
-    AES_set_decrypt_key(rkey, 8 * sizeof rkey, &key);
-    AES_set_decrypt_key(rkey2, 8 * sizeof rkey2, &key2);
-    AES_ige_encrypt(ciphertext, checktext, sizeof checktext, &key, iv,
+    AES_set_decrypt_key(rkey, 8 * sizeof(rkey), &key);
+    AES_set_decrypt_key(rkey2, 8 * sizeof(rkey2), &key2);
+    AES_ige_encrypt(ciphertext, checktext, sizeof(checktext), &key, iv,
                     AES_DECRYPT);
 
     matches = 0;
-    for (n = 0; n < sizeof checktext; ++n)
+    for (n = 0; n < sizeof(checktext); ++n)
         if (checktext[n] == plaintext[n])
             ++matches;
 
-    if (matches > sizeof checktext / 100) {
+    if (matches > sizeof(checktext) / 100) {
         printf("More than 1%% matches after bidirectional garbling (3)\n");
         ++err;
     }
diff --git a/test/maketests.com b/test/maketests.com
index 6223659f..f4e418b8 100644
--- a/test/maketests.com
+++ b/test/maketests.com
@@ -150,8 +150,8 @@ $ TEST_FILES = "BNTEST,ECTEST,ECDSATEST,ECDHTEST,IDEATEST,"+ -
 	       "EVP_TEST,EVP_EXTRA_TEST,IGETEST,JPAKETEST,SRPTEST,"+ -
 	       "ASN1TEST,V3NAMETEST,HEARTBEAT_TEST,"+ -
 	       "CONSTANT_TIME_TEST,VERIFY_EXTRA_TEST,"+ -
-               "CLIENTHELLOTEST,SSLV2CONFTEST,DTLSTEST"
-$! Should we add MTTEST,PQ_TEST,LH_TEST,DIVTEST,TABTEST as well?
+               "CLIENTHELLOTEST,SSLV2CONFTEST,DTLSTEST,"+ -
+               "BAD_DTLS_TEST,FATALERRTEST"
 $!
 $! Additional directory information.
 $ T_D_BNTEST     := [-.crypto.bn]
@@ -194,10 +194,13 @@ $ T_D_HEARTBEAT_TEST := [-.ssl]
 $ T_D_CONSTANT_TIME_TEST := [-.crypto]
 $ T_D_VERIFY_EXTRA_TEST := [-.crypto.x509]
 $ T_D_CLIENTHELLOTEST := [-.ssl]
+$ T_D_BAD_DTLS_TEST   := [-.ssl]
 $ T_D_SSLV2CONFTEST := [-.ssl]
 $ T_D_DTLSTEST   := [-.ssl]
+$ T_D_FATALERRTEST := [-.ssl]
 $
 $ EXOBJ_DTLSTEST := SSLTESTLIB
+$ EXOBJ_FATALERRTEST := SSLTESTLIB
 $!
 $ TCPIP_PROGRAMS = ",,"
 $ IF COMPILER .EQS. "VAXC" THEN -
diff --git a/test/tests.com b/test/tests.com
index 59745e14..27b01b66 100644
--- a/test/tests.com
+++ b/test/tests.com
@@ -57,7 +57,8 @@ $	    tests := -
 	test_gen,test_req,test_pkcs7,test_verify,test_dh,test_dsa,-
 	test_ss,test_ca,test_engine,test_evp,test_evp_extra,test_ssl,test_tsa,test_ige,-
 	test_jpake,test_srp,test_cms,test_ocsp,test_v3name,test_heartbeat,-
-	test_constant_time,test_verify_extra,test_clienthello,test_sslv2conftest,test_dtls
+	test_constant_time,test_verify_extra,test_clienthello,test_sslv2conftest,-
+	test_dtls,test_bad_dtls,test_fatalerr
 $	endif
 $	tests = f$edit(tests,"COLLAPSE")
 $
@@ -102,8 +103,10 @@ $	HEARTBEATTEST :=	heartbeat_test
 $	CONSTTIMETEST :=	constant_time_test
 $	VERIFYEXTRATEST :=	verify_extra_test
 $	CLIENTHELLOTEST :=	clienthellotest
+$	BADDTLSTEST :=	bad_dtls_test
 $	SSLV2CONFTEST := 	sslv2conftest
 $	DTLSTEST :=	dtlstest
+$	FATALERRTEST :=	fatalerrtest
 $!
 $	tests_i = 0
 $ loop_tests:
@@ -402,6 +405,16 @@ $ test_clienthello:
 $	write sys$output "''START' test_clienthello"
 $	mcr 'texe_dir''clienthellotest'
 $       return
+$ test_bad_dtls:
+$	write sys$output "''START' test_bad_dtls"
+$	mcr 'texe_dir''baddtlstest'
+$	return
+$
+$ test_fatalerr:
+$	write sys$output "''START' test_fatalerrtest"
+$	mcr 'texe_dir''fatalerrtest' 'ROOT'.APPS]server.pem 'ROOT'.APPS]server.pem
+$	return
+$
 $ test_sslv2conftest:
 $	write sys$output "''START' test_sslv2conftest"
 $	mcr 'texe_dir''sslv2conftest'
diff --git a/test/testssl b/test/testssl
index a6f9fa77..21bc4d81 100644
--- a/test/testssl
+++ b/test/testssl
@@ -292,4 +292,34 @@ if [ -z "$extra" -a `uname -m` = "x86_64" ]; then
   $ssltest -cipher AES128-SHA256 -bytes 8m	|| exit 1
 fi
 
+#############################################################################
+# Signature algorithms + SNI
+
+$ssltest -tls12 -sn_client server1 -sn_server1 server1 -sn_server2 server2 -sn_expect1 -client_sigalgs RSA+SHA256 -server_digest_expect SHA256 || exit 1
+$ssltest -tls12 -sn_client server1 -sn_server1 server1 -sn_server2 server2 -sn_expect1 -client_sigalgs RSA+SHA256 -server_digest_expect SHA256 -sni_in_cert_cb || exit 1
+# Switching SSL_CTX on SNI must not break signature algorithm negotiation.
+$ssltest -tls12 -sn_client server2 -sn_server1 server1 -sn_server2 server2 -sn_expect2 -client_sigalgs RSA+SHA256 -server_digest_expect SHA256 || exit 1
+$ssltest -tls12 -sn_client server2 -sn_server1 server1 -sn_server2 server2 -sn_expect2 -client_sigalgs RSA+SHA256 -server_digest_expect SHA256 -sni_in_cert_cb || exit 1
+
+
+$ssltest -bio_pair -sn_client alice -sn_server1 alice -sn_server2 bob -s_ticket1 no -s_ticket2 no -c_ticket no -ticket_expect no || exit 1
+$ssltest -bio_pair -sn_client alice -sn_server1 alice -sn_server2 bob -s_ticket1 no -s_ticket2 no -c_ticket yes -ticket_expect no || exit 1
+$ssltest -bio_pair -sn_client alice -sn_server1 alice -sn_server2 bob -s_ticket1 no -s_ticket2 yes -c_ticket no -ticket_expect no || exit 1
+$ssltest -bio_pair -sn_client alice -sn_server1 alice -sn_server2 bob -s_ticket1 no -s_ticket2 yes -c_ticket yes -ticket_expect no || exit 1
+$ssltest -bio_pair -sn_client alice -sn_server1 alice -sn_server2 bob -s_ticket1 yes -s_ticket2 no -c_ticket no -ticket_expect no || exit 1
+$ssltest -bio_pair -sn_client alice -sn_server1 alice -sn_server2 bob -s_ticket1 yes -s_ticket2 no -c_ticket yes -ticket_expect yes || exit 1
+$ssltest -bio_pair -sn_client alice -sn_server1 alice -sn_server2 bob -s_ticket1 yes -s_ticket2 yes -c_ticket no -ticket_expect no || exit 1
+$ssltest -bio_pair -sn_client alice -sn_server1 alice -sn_server2 bob -s_ticket1 yes -s_ticket2 yes -c_ticket yes -ticket_expect yes || exit 1
+
+$ssltest -bio_pair -sn_client bob -sn_server1 alice -sn_server2 bob -s_ticket1 no -s_ticket2 no -c_ticket no -ticket_expect no || exit 1
+$ssltest -bio_pair -sn_client bob -sn_server1 alice -sn_server2 bob -s_ticket1 no -s_ticket2 no -c_ticket yes -ticket_expect no || exit 1
+$ssltest -bio_pair -sn_client bob -sn_server1 alice -sn_server2 bob -s_ticket1 no -s_ticket2 yes -c_ticket no -ticket_expect no || exit 1
+$ssltest -bio_pair -sn_client bob -sn_server1 alice -sn_server2 bob -s_ticket1 no -s_ticket2 yes -c_ticket yes -ticket_expect no || exit 1
+$ssltest -bio_pair -sn_client bob -sn_server1 alice -sn_server2 bob -s_ticket1 yes -s_ticket2 no -c_ticket no -ticket_expect no || exit 1
+$ssltest -bio_pair -sn_client bob -sn_server1 alice -sn_server2 bob -s_ticket1 yes -s_ticket2 no -c_ticket yes -ticket_expect no || exit 1
+$ssltest -bio_pair -sn_client bob -sn_server1 alice -sn_server2 bob -s_ticket1 yes -s_ticket2 yes -c_ticket no -ticket_expect no || exit 1
+$ssltest -bio_pair -sn_client bob -sn_server1 alice -sn_server2 bob -s_ticket1 yes -s_ticket2 yes -c_ticket yes -ticket_expect yes || exit 1
+
+$ssltest -bio_pair -s_ticket1 broken -c_ticket yes -ticket_expect no || exit 1
+
 exit 0
diff --git a/test/testutil.h b/test/testutil.h
index 75f0c8ae..e40b37ed 100644
--- a/test/testutil.h
+++ b/test/testutil.h
@@ -103,7 +103,7 @@
  * TEST_CASE_NAME is defined as the name of the test case function where
  * possible; otherwise we get by with the file name and line number.
  */
-# if __STDC_VERSION__ < 199901L
+# if !defined(__STDC_VERSION__) || __STDC_VERSION__ < 199901L
 #  if defined(_MSC_VER)
 #   define TEST_CASE_NAME __FUNCTION__
 #  else
diff --git a/tmp32/x86cpuid.asm b/tmp32/x86cpuid.asm
index fb07f51f..fc639075 100644
--- a/tmp32/x86cpuid.asm
+++ b/tmp32/x86cpuid.asm
@@ -25,10 +25,10 @@ L$_OPENSSL_ia32_cpuid_begin:
 	pop	eax
 	xor	ecx,eax
 	xor	eax,eax
-	bt	ecx,21
-	jnc	NEAR L$000nocpuid
 	mov	esi,DWORD [20+esp]
 	mov	DWORD [8+esi],eax
+	bt	ecx,21
+	jnc	NEAR L$000nocpuid
 	cpuid
 	mov	edi,eax
 	xor	eax,eax
@@ -79,40 +79,32 @@ L$_OPENSSL_ia32_cpuid_begin:
 	and	edx,4026531839
 	jmp	NEAR L$002generic
 L$001intel:
-	cmp	edi,7
-	jb	NEAR L$003cacheinfo
-	mov	esi,DWORD [20+esp]
-	mov	eax,7
-	xor	ecx,ecx
-	cpuid
-	mov	DWORD [8+esi],ebx
-L$003cacheinfo:
 	cmp	edi,4
-	mov	edi,-1
-	jb	NEAR L$004nocacheinfo
+	mov	esi,-1
+	jb	NEAR L$003nocacheinfo
 	mov	eax,4
 	mov	ecx,0
 	cpuid
-	mov	edi,eax
-	shr	edi,14
-	and	edi,4095
-L$004nocacheinfo:
+	mov	esi,eax
+	shr	esi,14
+	and	esi,4095
+L$003nocacheinfo:
 	mov	eax,1
 	xor	ecx,ecx
 	cpuid
 	and	edx,3220176895
 	cmp	ebp,0
-	jne	NEAR L$005notintel
+	jne	NEAR L$004notintel
 	or	edx,1073741824
 	and	ah,15
 	cmp	ah,15
-	jne	NEAR L$005notintel
+	jne	NEAR L$004notintel
 	or	edx,1048576
-L$005notintel:
+L$004notintel:
 	bt	edx,28
 	jnc	NEAR L$002generic
 	and	edx,4026531839
-	cmp	edi,0
+	cmp	esi,0
 	je	NEAR L$002generic
 	or	edx,268435456
 	shr	ebx,16
@@ -124,7 +116,15 @@ L$002generic:
 	and	ecx,4294965247
 	mov	esi,edx
 	or	ebp,ecx
-	bt	ecx,27
+	cmp	edi,7
+	mov	edi,DWORD [20+esp]
+	jb	NEAR L$005no_extended_info
+	mov	eax,7
+	xor	ecx,ecx
+	cpuid
+	mov	DWORD [8+edi],ebx
+L$005no_extended_info:
+	bt	ebp,27
 	jnc	NEAR L$006clear_avx
 	xor	ecx,ecx
 db	15,1,208
@@ -138,7 +138,6 @@ L$008clear_xmm:
 	and	esi,4278190079
 L$006clear_avx:
 	and	ebp,4026525695
-	mov	edi,DWORD [20+esp]
 	and	DWORD [8+edi],4294967263
 L$007done:
 	mov	eax,esi
diff --git a/tmp64/aesni-sha1-x86_64.asm b/tmp64/aesni-sha1-x86_64.asm
index fe9c0449..45fa82e2 100644
--- a/tmp64/aesni-sha1-x86_64.asm
+++ b/tmp64/aesni-sha1-x86_64.asm
@@ -2795,6 +2795,7 @@ $L$prologue_shaext:
 	mov	r11d,DWORD[240+rcx]
 	sub	rsi,rdi
 	movups	xmm15,XMMWORD[rcx]
+	movups	xmm2,XMMWORD[r8]
 	movups	xmm0,XMMWORD[16+rcx]
 	lea	rcx,[112+rcx]
 
diff --git a/tmp64/aesni-sha256-x86_64.asm b/tmp64/aesni-sha256-x86_64.asm
index 9ee17d3d..f148890c 100644
--- a/tmp64/aesni-sha256-x86_64.asm
+++ b/tmp64/aesni-sha256-x86_64.asm
@@ -4147,6 +4147,7 @@ $L$prologue_shaext:
 	mov	r11d,DWORD[240+rcx]
 	sub	rsi,rdi
 	movups	xmm15,XMMWORD[rcx]
+	movups	xmm6,XMMWORD[r8]
 	movups	xmm4,XMMWORD[16+rcx]
 	lea	rcx,[112+rcx]
 
diff --git a/tmp64/ecp_nistz256-x86_64.asm b/tmp64/ecp_nistz256-x86_64.asm
index f2959e33..ab1b3fd3 100644
--- a/tmp64/ecp_nistz256-x86_64.asm
+++ b/tmp64/ecp_nistz256-x86_64.asm
@@ -1132,19 +1132,18 @@ DB	0x67
 	adox	r13,rbp
 DB	0x67,0x67
 	mulx	rax,rcx,rdx
-	mov	rdx,r8
+	mov	rdx,QWORD[(($L$poly+24))]
 	adox	r14,rcx
 	shlx	rcx,r8,rsi
 	adox	r15,rax
 	shrx	rax,r8,rsi
-	mov	rbp,QWORD[(($L$poly+24))]
+	mov	rbp,rdx
 
 
 	add	r9,rcx
 	adc	r10,rax
 
-	mulx	r8,rcx,rbp
-	mov	rdx,r9
+	mulx	r8,rcx,r8
 	adc	r11,rcx
 	shlx	rcx,r9,rsi
 	adc	r8,0
@@ -1154,8 +1153,7 @@ DB	0x67,0x67
 	add	r10,rcx
 	adc	r11,rax
 
-	mulx	r9,rcx,rbp
-	mov	rdx,r10
+	mulx	r9,rcx,r9
 	adc	r8,rcx
 	shlx	rcx,r10,rsi
 	adc	r9,0
@@ -1165,8 +1163,7 @@ DB	0x67,0x67
 	add	r11,rcx
 	adc	r8,rax
 
-	mulx	r10,rcx,rbp
-	mov	rdx,r11
+	mulx	r10,rcx,r10
 	adc	r9,rcx
 	shlx	rcx,r11,rsi
 	adc	r10,0
@@ -1176,12 +1173,12 @@ DB	0x67,0x67
 	add	r8,rcx
 	adc	r9,rax
 
-	mulx	r11,rcx,rbp
+	mulx	r11,rcx,r11
 	adc	r10,rcx
 	adc	r11,0
 
 	xor	rdx,rdx
-	adc	r12,r8
+	add	r12,r8
 	mov	rsi,QWORD[(($L$poly+8))]
 	adc	r13,r9
 	mov	r8,r12
@@ -1190,8 +1187,7 @@ DB	0x67,0x67
 	mov	r9,r13
 	adc	rdx,0
 
-	xor	eax,eax
-	sbb	r12,-1
+	sub	r12,-1
 	mov	r10,r14
 	sbb	r13,rsi
 	sbb	r14,0
diff --git a/tmp64/rsaz-avx2.asm b/tmp64/rsaz-avx2.asm
index 2676fb89..86d26158 100644
--- a/tmp64/rsaz-avx2.asm
+++ b/tmp64/rsaz-avx2.asm
@@ -94,7 +94,7 @@ $L$sqr_1024_no_n_copy:
 	vmovdqu	ymm8,YMMWORD[((256-128))+rsi]
 
 	lea	rbx,[192+rsp]
-	vpbroadcastq	ymm15,QWORD[$L$and_mask]
+	vmovdqu	ymm15,YMMWORD[$L$and_mask]
 	jmp	NEAR $L$OOP_GRANDE_SQR_1024
 
 ALIGN	32
@@ -863,10 +863,10 @@ $L$oop_mul_1024:
 	vpmuludq	ymm12,ymm11,YMMWORD[((192-128))+rcx]
 	vpaddq	ymm6,ymm6,ymm12
 	vpmuludq	ymm13,ymm11,YMMWORD[((224-128))+rcx]
-	vpblendd	ymm9,ymm9,ymm14,3
+	vpblendd	ymm12,ymm9,ymm14,3
 	vpaddq	ymm7,ymm7,ymm13
 	vpmuludq	ymm0,ymm11,YMMWORD[((256-128))+rcx]
-	vpaddq	ymm3,ymm3,ymm9
+	vpaddq	ymm3,ymm3,ymm12
 	vpaddq	ymm8,ymm8,ymm0
 
 	mov	rax,rbx
@@ -879,7 +879,9 @@ $L$oop_mul_1024:
 	vmovdqu	ymm13,YMMWORD[((-8+64-128))+rsi]
 
 	mov	rax,r10
+	vpblendd	ymm9,ymm9,ymm14,0xfc
 	imul	eax,r8d
+	vpaddq	ymm4,ymm4,ymm9
 	and	eax,0x1fffffff
 
 	imul	rbx,QWORD[((16-128))+rsi]
@@ -1108,7 +1110,6 @@ $L$oop_mul_1024:
 
 	dec	r14d
 	jnz	NEAR $L$oop_mul_1024
-	vpermq	ymm15,ymm15,0
 	vpaddq	ymm0,ymm12,YMMWORD[rsp]
 
 	vpsrlq	ymm12,ymm0,29
@@ -1785,7 +1786,7 @@ rsaz_avx2_eligible:
 
 ALIGN	64
 $L$and_mask:
-	DQ	0x1fffffff,0x1fffffff,0x1fffffff,-1
+	DQ	0x1fffffff,0x1fffffff,0x1fffffff,0x1fffffff
 $L$scatter_permd:
 	DD	0,2,4,6,7,7,7,7
 $L$gather_permd:
diff --git a/tmp64/x86_64-mont5.asm b/tmp64/x86_64-mont5.asm
index 7c6dc916..d1290c20 100644
--- a/tmp64/x86_64-mont5.asm
+++ b/tmp64/x86_64-mont5.asm
@@ -3164,11 +3164,19 @@ DB	0x67
 
 ALIGN	32
 $L$sqrx8x_break:
-	sub	r8,QWORD[((16+8))+rsp]
+	xor	rbp,rbp
+	sub	rbx,QWORD[((16+8))+rsp]
+	adcx	r8,rbp
 	mov	rcx,QWORD[((24+8))+rsp]
+	adcx	r9,rbp
 	mov	rdx,QWORD[rsi]
-	xor	ebp,ebp
+	adc	r10,0
 	mov	QWORD[rdi],r8
+	adc	r11,0
+	adc	r12,0
+	adc	r13,0
+	adc	r14,0
+	adc	r15,0
 	cmp	rdi,rcx
 	je	NEAR $L$sqrx8x_outer_loop
 
diff --git a/tmp64/x86_64cpuid.asm b/tmp64/x86_64cpuid.asm
index aab91d9e..1af8748d 100644
--- a/tmp64/x86_64cpuid.asm
+++ b/tmp64/x86_64cpuid.asm
@@ -119,14 +119,6 @@ $L$intel:
 	shr	r10d,14
 	and	r10d,0xfff
 
-	cmp	r11d,7
-	jb	NEAR $L$nocacheinfo
-
-	mov	eax,7
-	xor	ecx,ecx
-	cpuid
-	mov	DWORD[8+rdi],ebx
-
 $L$nocacheinfo:
 	mov	eax,1
 	cpuid
@@ -136,8 +128,19 @@ $L$nocacheinfo:
 	or	edx,0x40000000
 	and	ah,15
 	cmp	ah,15
-	jne	NEAR $L$notintel
+	jne	NEAR $L$notP4
 	or	edx,0x00100000
+$L$notP4:
+	cmp	ah,6
+	jne	NEAR $L$notintel
+	and	eax,0x0fff0ff0
+	cmp	eax,0x00050670
+	je	NEAR $L$knights
+	cmp	eax,0x00080650
+	jne	NEAR $L$notintel
+$L$knights:
+	and	ecx,0xfbffffff
+
 $L$notintel:
 	bt	edx,28
 	jnc	NEAR $L$generic
@@ -156,6 +159,19 @@ $L$generic:
 	or	r9d,ecx
 
 	mov	r10d,edx
+
+	cmp	r11d,7
+	jb	NEAR $L$no_extended_info
+	mov	eax,7
+	xor	ecx,ecx
+	cpuid
+	bt	r9d,26
+	jc	NEAR $L$notknights
+	and	ebx,0xfff7ffff
+$L$notknights:
+	mov	DWORD[8+rdi],ebx
+$L$no_extended_info:
+
 	bt	r9d,27
 	jnc	NEAR $L$clear_avx
 	xor	ecx,ecx
diff --git a/util/copy-if-different.pl b/util/copy-if-different.pl
index ec99e084..5420f3f2 100644
--- a/util/copy-if-different.pl
+++ b/util/copy-if-different.pl
@@ -12,6 +12,7 @@ my @filelist;
 
 foreach my $arg (@ARGV) {
 	$arg =~ s|\\|/|g;	# compensate for bug/feature in cygwin glob...
+	$arg = qq("$arg") if ($arg =~ /\s/);	# compensate for bug in 5.10...
 	foreach (glob $arg)
 		{
 		push @filelist, $_;
diff --git a/util/copy.pl b/util/copy.pl
index eba6d581..9c0e68c4 100644
--- a/util/copy.pl
+++ b/util/copy.pl
@@ -19,6 +19,7 @@ foreach $arg (@ARGV) {
 		next;
 		}
 	$arg =~ s|\\|/|g;	# compensate for bug/feature in cygwin glob...
+	$arg = qq("$arg") if ($arg =~ /\s/);	# compensate for bug in 5.10...
 	foreach (glob $arg)
 		{
 		push @filelist, $_;
diff --git a/util/domd b/util/domd
index bc2a85f7..5a92559c 100644
--- a/util/domd
+++ b/util/domd
@@ -34,11 +34,11 @@ else
     ${PERL} $TOP/util/clean-depend.pl < Makefile > Makefile.new
     RC=$?
 fi
-if ! cmp -s Makefile.save Makefile.new; then
-    mv Makefile.new Makefile
-else
+if cmp -s Makefile.save Makefile.new; then
     mv Makefile.save Makefile
     rm -f Makefile.new
+else
+    mv Makefile.new Makefile
 fi
 # unfake the presence of Kerberos
 rm $TOP/krb5.h
diff --git a/util/libeay.num b/util/libeay.num
index 2094ab36..f5b4f215 100644
--- a/util/libeay.num
+++ b/util/libeay.num
@@ -4370,7 +4370,7 @@ DH_compute_key_padded                   4732	EXIST::FUNCTION:DH
 ECDSA_METHOD_set_sign                   4733	EXIST::FUNCTION:ECDSA
 CMS_RecipientEncryptedKey_cert_cmp      4734	EXIST:!VMS:FUNCTION:CMS
 CMS_RecipEncryptedKey_cert_cmp          4734	EXIST:VMS:FUNCTION:CMS
-DH_KDF_X9_42                            4735	EXIST::FUNCTION:DH
+DH_KDF_X9_42                            4735	EXIST::FUNCTION:CMS,DH
 RSA_OAEP_PARAMS_free                    4736	EXIST::FUNCTION:RSA
 EVP_des_ede3_wrap                       4737	EXIST::FUNCTION:DES
 RSA_OAEP_PARAMS_it                      4738	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RSA
@@ -4416,3 +4416,18 @@ X509_VERIFY_PARAM_add1_host             4771	EXIST::FUNCTION:
 EC_GROUP_get_mont_data                  4772	EXIST::FUNCTION:EC
 i2d_re_X509_tbs                         4773	EXIST::FUNCTION:
 EVP_PKEY_asn1_set_item                  4774	EXIST::FUNCTION:
+EVP_PKEY_meth_get_init                  4775	EXIST::FUNCTION:
+EVP_PKEY_meth_get_verify_recover        4776	EXIST:!VMS:FUNCTION:
+EVP_PKEY_meth_get_vrfy_recover          4776	EXIST:VMS:FUNCTION:
+EVP_PKEY_meth_get_keygen                4777	EXIST::FUNCTION:
+EVP_PKEY_meth_get_derive                4778	EXIST::FUNCTION:
+EVP_PKEY_meth_get_verifyctx             4779	EXIST::FUNCTION:
+EVP_PKEY_meth_get_paramgen              4780	EXIST::FUNCTION:
+EVP_PKEY_meth_get_verify                4781	EXIST::FUNCTION:
+EVP_PKEY_meth_get_sign                  4782	EXIST::FUNCTION:
+EVP_PKEY_meth_get_signctx               4783	EXIST::FUNCTION:
+EVP_PKEY_meth_get_ctrl                  4784	EXIST::FUNCTION:
+EVP_PKEY_meth_get_decrypt               4785	EXIST::FUNCTION:
+EVP_PKEY_meth_get_cleanup               4786	EXIST::FUNCTION:
+EVP_PKEY_meth_get_encrypt               4787	EXIST::FUNCTION:
+EVP_PKEY_meth_get_copy                  4788	EXIST::FUNCTION:
diff --git a/util/mk1mf.pl b/util/mk1mf.pl
index 7a3ae11f..ee14dafe 100644
--- a/util/mk1mf.pl
+++ b/util/mk1mf.pl
@@ -428,7 +428,7 @@ EOF
 		{
 		$extra_install .= <<"EOF"
 	\$(MKDIR) \"\$(INSTALLTOP)${o}lib${o}engines\"
-	\$(CP) \"\$(E_SHLIB)\" \"\$(INSTALLTOP)${o}lib${o}engines\"
+	\$(CP) \$(E_SHLIB) \"\$(INSTALLTOP)${o}lib${o}engines\"
 EOF
 		}
 	}
@@ -608,7 +608,7 @@ install: all
 	\$(MKDIR) \"\$(INSTALLTOP)${o}include${o}openssl\"
 	\$(MKDIR) \"\$(INSTALLTOP)${o}lib\"
 	\$(CP) \"\$(INCO_D)${o}*.\[ch\]\" \"\$(INSTALLTOP)${o}include${o}openssl\"
-	\$(CP) \"\$(BIN_D)$o\$(E_EXE)$exep \$(INSTALLTOP)${o}bin\"
+	\$(CP) \"\$(BIN_D)$o\$(E_EXE)$exep\" \"\$(INSTALLTOP)${o}bin\"
 	\$(MKDIR) \"\$(OPENSSLDIR)\"
 	\$(CP) apps${o}openssl.cnf \"\$(OPENSSLDIR)\"
 $extra_install
@@ -765,7 +765,7 @@ foreach (split(/\s+/,$test))
 	{
 	$t=&bname($_);
 	$tt="\$(OBJ_D)${o}$t${obj}";
-	$tt.=" \$(OBJ_D)${o}ssltestlib${obj}" if $t eq "dtlstest";
+	$tt.=" \$(OBJ_D)${o}ssltestlib${obj}" if $t eq "dtlstest" or $t eq "fatalerrtest";
 	$rules.=&do_link_rule("\$(TEST_D)$o$t$exep",$tt,"\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)");
 	}
 
@@ -1207,6 +1207,7 @@ sub read_options
 		"no-ssl3-method" => 0,
 		"no-tlsext" => \$no_tlsext,
 		"no-tls1" => \$no_tls1,
+		"no-dtls1" => 0,
 		"no-srp" => \$no_srp,
 		"no-cms" => \$no_cms,
 		"no-jpake" => \$no_jpake,