7 files changed, 46 insertions, 28 deletions

diff --git a/crypto/openssl/engines/Makefile b/crypto/openssl/engines/Makefile
index 002d40c..7f13cd9 100644
--- a/crypto/openssl/engines/Makefile
+++ b/crypto/openssl/engines/Makefile
@@ -92,6 +92,7 @@ install:
 	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
 	@if [ -n "$(SHARED_LIBS)" ]; then \
 		set -e; \
+		$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines; \
 		for l in $(LIBNAMES); do \
 			( echo installing $$l; \
 			  if [ "$(PLATFORM)" != "Cygwin" ]; then \
@@ -100,13 +101,13 @@ install:
 				*DSO_DL*)	sfx="sl";;	\
 				*)		sfx="bad";;	\
 				esac; \
-				cp lib$$l.$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.$$sfx.new; \
+				cp lib$$l.$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/lib$$l.$$sfx.new; \
 			  else \
 			  	sfx="so"; \
-				cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.$$sfx.new; \
+				cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/lib$$l.$$sfx.new; \
 			  fi; \
-			  chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.$$sfx.new; \
-			  mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.$$sfx ); \
+			  chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/lib$$l.$$sfx.new; \
+			  mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/lib$$l.$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/lib$$l.$$sfx ); \
 		done; \
 	fi
 
@@ -197,10 +198,10 @@ e_capi.o: ../include/openssl/evp.h ../include/openssl/fips.h
 e_capi.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
 e_capi.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
 e_capi.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-e_capi.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
-e_capi.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-e_capi.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-e_capi.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h e_capi.c
+e_capi.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
+e_capi.o: ../include/openssl/sha.h ../include/openssl/stack.h
+e_capi.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
+e_capi.o: ../include/openssl/x509_vfy.h e_capi.c
 e_chil.o: ../include/openssl/asn1.h ../include/openssl/bio.h
 e_chil.o: ../include/openssl/bn.h ../include/openssl/buffer.h
 e_chil.o: ../include/openssl/crypto.h ../include/openssl/dh.h
diff --git a/crypto/openssl/engines/axp.opt b/crypto/openssl/engines/alpha.opt
index 1dc71bf..1dc71bf 100644
--- a/crypto/openssl/engines/axp.opt
+++ b/crypto/openssl/engines/alpha.opt
diff --git a/crypto/openssl/engines/e_capi.c b/crypto/openssl/engines/e_capi.c
index e98946c..fd7f13c 100644
--- a/crypto/openssl/engines/e_capi.c
+++ b/crypto/openssl/engines/e_capi.c
@@ -56,12 +56,12 @@
 #include <string.h>
 #include <openssl/crypto.h>
 #include <openssl/buffer.h>
-#include <openssl/rsa.h>
 #include <openssl/bn.h>
 
 #ifdef OPENSSL_SYS_WIN32
 #ifndef OPENSSL_NO_CAPIENG
 
+#include <openssl/rsa.h>
 
 #include <windows.h>
 
@@ -152,21 +152,21 @@ struct CAPI_CTX_st {
 	char *debug_file;
 	/* Parameters to use for container lookup */
 	DWORD keytype;
-	LPTSTR cspname;
+	LPSTR cspname;
 	DWORD csptype;
 	/* Certificate store name to use */
-	LPTSTR storename;
-	LPTSTR ssl_client_store;
+	LPSTR storename;
+	LPSTR ssl_client_store;
 	/* System store flags */
 	DWORD store_flags;
 
 /* Lookup string meanings in load_private_key */
 /* Substring of subject: uses "storename" */
-#define CAPI_LU_SUBSTR		0
+#define CAPI_LU_SUBSTR		1
 /* Friendly name: uses storename */
-#define CAPI_LU_FNAME		1
+#define CAPI_LU_FNAME		2
 /* Container name: uses cspname, keytype */
-#define CAPI_LU_CONTNAME	2
+#define CAPI_LU_CONTNAME	3
 	int lookup_method;
 /* Info to dump with dumpcerts option */
 /* Issuer and serial name strings */
@@ -442,7 +442,7 @@ static int capi_init(ENGINE *e)
 #ifdef OPENSSL_CAPIENG_DIALOG
 	{
 	HMODULE cryptui = LoadLibrary(TEXT("CRYPTUI.DLL"));
-	HMODULE kernel = LoadLibrary(TEXT("KERNEL32.DLL"));
+	HMODULE kernel = GetModuleHandle(TEXT("KERNEL32.DLL"));
 	if (cryptui)
 		ctx->certselectdlg = (CERTDLG)GetProcAddress(cryptui, "CryptUIDlgSelectCertificateFromStore");
 	if (kernel)
@@ -823,7 +823,7 @@ int capi_rsa_sign(int dtype, const unsigned char *m, unsigned int m_len,
 
 /* Finally sign it */
 	slen = RSA_size(rsa);
-	if(!CryptSignHash(hash, capi_key->keyspec, NULL, 0, sigret, &slen))
+	if(!CryptSignHashA(hash, capi_key->keyspec, NULL, 0, sigret, &slen))
 		{
 		CAPIerr(CAPI_F_CAPI_RSA_SIGN, CAPI_R_ERROR_SIGNING_HASH);
 		capi_addlasterror();
@@ -961,7 +961,7 @@ static DSA_SIG *capi_dsa_do_sign(const unsigned char *digest, int dlen,
 
 	/* Finally sign it */
 	slen = sizeof(csigbuf);
-	if(!CryptSignHash(hash, capi_key->keyspec, NULL, 0, csigbuf, &slen))
+	if(!CryptSignHashA(hash, capi_key->keyspec, NULL, 0, csigbuf, &slen))
 		{
 		CAPIerr(CAPI_F_CAPI_DSA_DO_SIGN, CAPI_R_ERROR_SIGNING_HASH);
 		capi_addlasterror();
@@ -1036,15 +1036,29 @@ static void capi_adderror(DWORD err)
 static char *wide_to_asc(LPWSTR wstr)
 	{
 	char *str;
+	int len_0,sz;
+
 	if (!wstr)
 		return NULL;
-	str = OPENSSL_malloc(wcslen(wstr) + 1);
+	len_0 = (int)wcslen(wstr)+1;	/* WideCharToMultiByte expects int */
+        sz = WideCharToMultiByte(CP_ACP,0,wstr,len_0,NULL,0,NULL,NULL);
+	if (!sz)
+		{
+		CAPIerr(CAPI_F_WIDE_TO_ASC, CAPI_R_WIN32_ERROR);
+		return NULL;
+		}
+	str = OPENSSL_malloc(sz);
 	if (!str)
 		{
 		CAPIerr(CAPI_F_WIDE_TO_ASC, ERR_R_MALLOC_FAILURE);
 		return NULL;
 		}
-	sprintf(str, "%S", wstr);
+	if (!WideCharToMultiByte(CP_ACP,0,wstr,len_0,str,sz,NULL,NULL))
+		{
+		OPENSSL_free(str);
+		CAPIerr(CAPI_F_WIDE_TO_ASC, CAPI_R_WIN32_ERROR);
+		return NULL;
+		}
 	return str;
 	}
 
@@ -1053,7 +1067,7 @@ static int capi_get_provname(CAPI_CTX *ctx, LPSTR *pname, DWORD *ptype, DWORD id
 	LPSTR name;
 	DWORD len, err;
 	CAPI_trace(ctx, "capi_get_provname, index=%d\n", idx);
-	if (!CryptEnumProviders(idx, NULL, 0, ptype, NULL, &len))
+	if (!CryptEnumProvidersA(idx, NULL, 0, ptype, NULL, &len))
 		{
 		err = GetLastError();
 		if (err == ERROR_NO_MORE_ITEMS)
@@ -1063,7 +1077,7 @@ static int capi_get_provname(CAPI_CTX *ctx, LPSTR *pname, DWORD *ptype, DWORD id
 		return 0;
 		}
 	name = OPENSSL_malloc(len);
-		if (!CryptEnumProviders(idx, NULL, 0, ptype, name, &len))
+	if (!CryptEnumProvidersA(idx, NULL, 0, ptype, name, &len))
 		{
 		err = GetLastError();
 		if (err == ERROR_NO_MORE_ITEMS)
@@ -1082,7 +1096,7 @@ static int capi_list_providers(CAPI_CTX *ctx, BIO *out)
 	{
 	DWORD idx, ptype;
 	int ret;
-	LPTSTR provname = NULL;
+	LPSTR provname = NULL;
 	CAPI_trace(ctx, "capi_list_providers\n");
 	BIO_printf(out, "Available CSPs:\n");
 	for(idx = 0; ; idx++)
@@ -1105,7 +1119,7 @@ static int capi_list_containers(CAPI_CTX *ctx, BIO *out)
 	DWORD err, idx, flags, buflen = 0, clen;
 	LPSTR cname;
 	CAPI_trace(ctx, "Listing containers CSP=%s, type = %d\n", ctx->cspname, ctx->csptype);
-	if (!CryptAcquireContext(&hprov, NULL, ctx->cspname, ctx->csptype, CRYPT_VERIFYCONTEXT))
+	if (!CryptAcquireContextA(&hprov, NULL, ctx->cspname, ctx->csptype, CRYPT_VERIFYCONTEXT))
 		{
 		CAPIerr(CAPI_F_CAPI_LIST_CONTAINERS, CAPI_R_CRYPTACQUIRECONTEXT_ERROR);
 		capi_addlasterror();
@@ -1385,7 +1399,7 @@ static CAPI_KEY *capi_get_key(CAPI_CTX *ctx, const char *contname, char *provnam
 	key = OPENSSL_malloc(sizeof(CAPI_KEY));
 	CAPI_trace(ctx, "capi_get_key, contname=%s, provname=%s, type=%d\n", 
 						contname, provname, ptype);
-	if (!CryptAcquireContext(&key->hprov, contname, provname, ptype, 0))
+	if (!CryptAcquireContextA(&key->hprov, contname, provname, ptype, 0))
 		{
 		CAPIerr(CAPI_F_CAPI_GET_KEY, CAPI_R_CRYPTACQUIRECONTEXT_ERROR);
 		capi_addlasterror();
@@ -1523,7 +1537,7 @@ static int capi_ctx_set_provname(CAPI_CTX *ctx, LPSTR pname, DWORD type, int che
 	if (check)
 		{
 		HCRYPTPROV hprov;
-		if (!CryptAcquireContext(&hprov, NULL, pname, type,
+		if (!CryptAcquireContextA(&hprov, NULL, pname, type,
 						CRYPT_VERIFYCONTEXT))
 			{
 			CAPIerr(CAPI_F_CAPI_CTX_SET_PROVNAME, CAPI_R_CRYPTACQUIRECONTEXT_ERROR);
diff --git a/crypto/openssl/engines/e_capi_err.c b/crypto/openssl/engines/e_capi_err.c
index 73bbaaa..eaaefb2 100644
--- a/crypto/openssl/engines/e_capi_err.c
+++ b/crypto/openssl/engines/e_capi_err.c
@@ -122,6 +122,7 @@ static ERR_STRING_DATA CAPI_str_reasons[]=
 {ERR_REASON(CAPI_R_UNSUPPORTED_ALGORITHM_NID),"unsupported algorithm nid"},
 {ERR_REASON(CAPI_R_UNSUPPORTED_PADDING)  ,"unsupported padding"},
 {ERR_REASON(CAPI_R_UNSUPPORTED_PUBLIC_KEY_ALGORITHM),"unsupported public key algorithm"},
+{ERR_REASON(CAPI_R_WIN32_ERROR)          ,"win32 error"},
 {0,NULL}
 	};
 
diff --git a/crypto/openssl/engines/e_capi_err.h b/crypto/openssl/engines/e_capi_err.h
index efdb751..4c749ec 100644
--- a/crypto/openssl/engines/e_capi_err.h
+++ b/crypto/openssl/engines/e_capi_err.h
@@ -116,6 +116,7 @@ static void ERR_CAPI_error(int function, int reason, char *file, int line);
 #define CAPI_R_UNSUPPORTED_ALGORITHM_NID		 119
 #define CAPI_R_UNSUPPORTED_PADDING			 120
 #define CAPI_R_UNSUPPORTED_PUBLIC_KEY_ALGORITHM		 121
+#define CAPI_R_WIN32_ERROR				 127
 
 #ifdef  __cplusplus
 }
diff --git a/crypto/openssl/engines/e_ubsec.c b/crypto/openssl/engines/e_ubsec.c
index e8389de..a0f320c 100644
--- a/crypto/openssl/engines/e_ubsec.c
+++ b/crypto/openssl/engines/e_ubsec.c
@@ -934,7 +934,7 @@ static int ubsec_dh_generate_key(DH *dh)
                 priv_key = BN_new();
                 if (priv_key == NULL) goto err;
                 priv_key_len = BN_num_bits(dh->p);
-                bn_wexpand(priv_key, dh->p->top);
+                if(bn_wexpand(priv_key, dh->p->top) == NULL) goto err;
                 do
                         if (!BN_rand_range(priv_key, dh->p)) goto err;
                 while (BN_is_zero(priv_key));
@@ -949,7 +949,7 @@ static int ubsec_dh_generate_key(DH *dh)
                 {
                 pub_key = BN_new();
                 pub_key_len = BN_num_bits(dh->p);
-                bn_wexpand(pub_key, dh->p->top);
+                if(bn_wexpand(pub_key, dh->p->top) == NULL) goto err;
                 if(pub_key == NULL) goto err;
                 }
         else
diff --git a/crypto/openssl/engines/ia64.opt b/crypto/openssl/engines/ia64.opt
new file mode 100644
index 0000000..1dc71bf
--- /dev/null
+++ b/crypto/openssl/engines/ia64.opt
@@ -0,0 +1 @@
+SYMBOL_VECTOR=(bind_engine=PROCEDURE,v_check=PROCEDURE)