From d5a92c035dc0eb1563dfe5cd6e4006ab21cb0ea10c137ade12d76c6a7a854a07 Mon Sep 17 00:00:00 2001
From: Stephan Kulow <coolo@suse.com>
Date: Wed, 9 Apr 2014 16:17:23 +0000
Subject: [PATCH] Accepting request 229370 from Base:System

- update to 1.0.1g:
  * fix for critical TLS heartbeat read overrun (CVE-2014-0160) (bnc#872299)
  * Fix for Recovering OpenSSL ECDSA Nonces (CVE-2014-0076) (bnc#869945)
  * Workaround for the "TLS hang bug" (see FAQ and PR#2771)
- remove CVE-2014-0076.patch
- openssl.keyring: upstream changed to:
  pub  4096R/FA40E9E2 2005-03-19 Dr Stephen N Henson <steve@openssl.org>
  uid                            Dr Stephen Henson <shenson@drh-consultancy.co.uk>
  uid                            Dr Stephen Henson <shenson@opensslfoundation.com>

OBS-URL: https://build.opensuse.org/request/show/229370
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=110
---
 ...bcrypto-Hide-library-private-symbols.patch | 202 +++---
 ...-libssl-Hide-library-private-symbols.patch |  23 +-
 CVE-2014-0076.patch                           | 150 ----
 bug610223.patch                               |   8 +-
 merge_from_0.9.8k.patch                       |  16 +-
 openssl-1.0.1c-default-paths.patch            |  27 +-
 openssl-1.0.1c-ipv6-apps.patch                |  40 +-
 openssl-1.0.1e-fips-ec.patch                  | 106 +--
 openssl-1.0.1e-fips.patch                     | 674 +++++++++---------
 openssl-1.0.1e-new-fips-reqs.patch            | 157 ++--
 openssl-1.0.1f.tar.gz                         |   3 -
 openssl-1.0.1f.tar.gz.asc                     |  11 -
 openssl-1.0.1g.tar.gz                         |   3 +
 openssl-1.0.1g.tar.gz.asc                     |  17 +
 openssl-fix-pod-syntax.diff                   | 145 ++--
 openssl-ocloexec.patch                        |  30 +-
 openssl-pkgconfig.patch                       |  12 +-
 openssl.changes                               |  14 +
 openssl.keyring                               | 245 ++++---
 openssl.spec                                  |   6 +-
 20 files changed, 910 insertions(+), 979 deletions(-)
 delete mode 100644 CVE-2014-0076.patch
 delete mode 100644 openssl-1.0.1f.tar.gz
 delete mode 100644 openssl-1.0.1f.tar.gz.asc
 create mode 100644 openssl-1.0.1g.tar.gz
 create mode 100644 openssl-1.0.1g.tar.gz.asc

diff --git a/0001-libcrypto-Hide-library-private-symbols.patch b/0001-libcrypto-Hide-library-private-symbols.patch
index 83be9a4..c25529d 100644
--- a/0001-libcrypto-Hide-library-private-symbols.patch
+++ b/0001-libcrypto-Hide-library-private-symbols.patch
@@ -37,10 +37,10 @@ Subject: [PATCH] libcrypto: Hide library-private symbols
  crypto/x509v3/pcy_int.h          |  3 +++
  31 files changed, 85 insertions(+), 17 deletions(-)
 
-Index: openssl-1.0.1e/apps/Makefile
+Index: openssl-1.0.1g/apps/Makefile
 ===================================================================
---- openssl-1.0.1e.orig/apps/Makefile
-+++ openssl-1.0.1e/apps/Makefile
+--- openssl-1.0.1g.orig/apps/Makefile
++++ openssl-1.0.1g/apps/Makefile
 @@ -20,7 +20,7 @@ EXE_EXT=
  
  SHLIB_TARGET=
@@ -50,10 +50,10 @@ Index: openssl-1.0.1e/apps/Makefile
  
  GENERAL=Makefile makeapps.com install.com
  
-Index: openssl-1.0.1e/crypto/asn1/asn1_locl.h
+Index: openssl-1.0.1g/crypto/asn1/asn1_locl.h
 ===================================================================
---- openssl-1.0.1e.orig/crypto/asn1/asn1_locl.h
-+++ openssl-1.0.1e/crypto/asn1/asn1_locl.h
+--- openssl-1.0.1g.orig/crypto/asn1/asn1_locl.h
++++ openssl-1.0.1g/crypto/asn1/asn1_locl.h
 @@ -58,6 +58,8 @@
  
  /* Internal ASN1 structures and functions: not for application use */
@@ -69,10 +69,10 @@ Index: openssl-1.0.1e/crypto/asn1/asn1_locl.h
  	};
 +
 +#pragma GCC visibility pop
-Index: openssl-1.0.1e/crypto/bn/bn_lcl.h
+Index: openssl-1.0.1g/crypto/bn/bn_lcl.h
 ===================================================================
---- openssl-1.0.1e.orig/crypto/bn/bn_lcl.h
-+++ openssl-1.0.1e/crypto/bn/bn_lcl.h
+--- openssl-1.0.1g.orig/crypto/bn/bn_lcl.h
++++ openssl-1.0.1g/crypto/bn/bn_lcl.h
 @@ -483,6 +483,8 @@ extern "C" {
  #undef bn_div_words
  #endif
@@ -91,10 +91,10 @@ Index: openssl-1.0.1e/crypto/bn/bn_lcl.h
  #ifdef  __cplusplus
  }
  #endif
-Index: openssl-1.0.1e/crypto/camellia/cmll_locl.h
+Index: openssl-1.0.1g/crypto/camellia/cmll_locl.h
 ===================================================================
---- openssl-1.0.1e.orig/crypto/camellia/cmll_locl.h
-+++ openssl-1.0.1e/crypto/camellia/cmll_locl.h
+--- openssl-1.0.1g.orig/crypto/camellia/cmll_locl.h
++++ openssl-1.0.1g/crypto/camellia/cmll_locl.h
 @@ -68,6 +68,8 @@
  #ifndef HEADER_CAMELLIA_LOCL_H
  #define HEADER_CAMELLIA_LOCL_H
@@ -110,10 +110,10 @@ Index: openssl-1.0.1e/crypto/camellia/cmll_locl.h
  			     CAMELLIA_KEY *key);
 +#pragma GCC visibility pop
  #endif /* #ifndef HEADER_CAMELLIA_LOCL_H */
-Index: openssl-1.0.1e/crypto/cast/cast_lcl.h
+Index: openssl-1.0.1g/crypto/cast/cast_lcl.h
 ===================================================================
---- openssl-1.0.1e.orig/crypto/cast/cast_lcl.h
-+++ openssl-1.0.1e/crypto/cast/cast_lcl.h
+--- openssl-1.0.1g.orig/crypto/cast/cast_lcl.h
++++ openssl-1.0.1g/crypto/cast/cast_lcl.h
 @@ -217,6 +217,7 @@
  	}
  #endif
@@ -127,10 +127,10 @@ Index: openssl-1.0.1e/crypto/cast/cast_lcl.h
  extern const CAST_LONG CAST_S_table6[256];
  extern const CAST_LONG CAST_S_table7[256];
 +#pragma GCC visibility pop
-Index: openssl-1.0.1e/crypto/cms/cms_lcl.h
+Index: openssl-1.0.1g/crypto/cms/cms_lcl.h
 ===================================================================
---- openssl-1.0.1e.orig/crypto/cms/cms_lcl.h
-+++ openssl-1.0.1e/crypto/cms/cms_lcl.h
+--- openssl-1.0.1g.orig/crypto/cms/cms_lcl.h
++++ openssl-1.0.1g/crypto/cms/cms_lcl.h
 @@ -426,6 +426,8 @@ DECLARE_ASN1_ALLOC_FUNCTIONS(CMS_IssuerA
  #define CMS_RECIPINFO_ISSUER_SERIAL	0
  #define CMS_RECIPINFO_KEYIDENTIFIER	1
@@ -150,10 +150,10 @@ Index: openssl-1.0.1e/crypto/cms/cms_lcl.h
  #ifdef  __cplusplus
  }
  #endif
-Index: openssl-1.0.1e/crypto/des/des_locl.h
+Index: openssl-1.0.1g/crypto/des/des_locl.h
 ===================================================================
---- openssl-1.0.1e.orig/crypto/des/des_locl.h
-+++ openssl-1.0.1e/crypto/des/des_locl.h
+--- openssl-1.0.1g.orig/crypto/des/des_locl.h
++++ openssl-1.0.1g/crypto/des/des_locl.h
 @@ -421,10 +421,12 @@
  	PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \
  	}
@@ -167,20 +167,20 @@ Index: openssl-1.0.1e/crypto/des/des_locl.h
  
  #ifdef OPENSSL_SMALL_FOOTPRINT
  #undef DES_UNROLL
-Index: openssl-1.0.1e/crypto/dsa/dsa_locl.h
+Index: openssl-1.0.1g/crypto/dsa/dsa_locl.h
 ===================================================================
---- openssl-1.0.1e.orig/crypto/dsa/dsa_locl.h
-+++ openssl-1.0.1e/crypto/dsa/dsa_locl.h
+--- openssl-1.0.1g.orig/crypto/dsa/dsa_locl.h
++++ openssl-1.0.1g/crypto/dsa/dsa_locl.h
 @@ -57,4 +57,4 @@
  int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
  	const EVP_MD *evpmd, const unsigned char *seed_in, size_t seed_len,
  	unsigned char *seed_out,
 -	int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
 +	int *counter_ret, unsigned long *h_ret, BN_GENCB *cb) __attribute__ ((visibility ("hidden")));
-Index: openssl-1.0.1e/crypto/ec/ec_lcl.h
+Index: openssl-1.0.1g/crypto/ec/ec_lcl.h
 ===================================================================
---- openssl-1.0.1e.orig/crypto/ec/ec_lcl.h
-+++ openssl-1.0.1e/crypto/ec/ec_lcl.h
+--- openssl-1.0.1g.orig/crypto/ec/ec_lcl.h
++++ openssl-1.0.1g/crypto/ec/ec_lcl.h
 @@ -88,6 +88,8 @@
  /* Structure details are not part of the exported interface,
   * so all this may change in future versions. */
@@ -196,10 +196,10 @@ Index: openssl-1.0.1e/crypto/ec/ec_lcl.h
  #endif
 +
 +#pragma GCC visibility pop
-Index: openssl-1.0.1e/crypto/ecdh/ech_locl.h
+Index: openssl-1.0.1g/crypto/ecdh/ech_locl.h
 ===================================================================
---- openssl-1.0.1e.orig/crypto/ecdh/ech_locl.h
-+++ openssl-1.0.1e/crypto/ecdh/ech_locl.h
+--- openssl-1.0.1g.orig/crypto/ecdh/ech_locl.h
++++ openssl-1.0.1g/crypto/ecdh/ech_locl.h
 @@ -58,6 +58,8 @@
  
  #include <openssl/ecdh.h>
@@ -216,10 +216,10 @@ Index: openssl-1.0.1e/crypto/ecdh/ech_locl.h
 -
 +#pragma GCC visibility pop
  #endif /* HEADER_ECH_LOCL_H */
-Index: openssl-1.0.1e/crypto/ecdsa/ecs_locl.h
+Index: openssl-1.0.1g/crypto/ecdsa/ecs_locl.h
 ===================================================================
---- openssl-1.0.1e.orig/crypto/ecdsa/ecs_locl.h
-+++ openssl-1.0.1e/crypto/ecdsa/ecs_locl.h
+--- openssl-1.0.1g.orig/crypto/ecdsa/ecs_locl.h
++++ openssl-1.0.1g/crypto/ecdsa/ecs_locl.h
 @@ -61,6 +61,8 @@
  
  #include <openssl/ecdsa.h>
@@ -236,10 +236,10 @@ Index: openssl-1.0.1e/crypto/ecdsa/ecs_locl.h
 +#pragma GCC visibility pop
 +
  #endif /* HEADER_ECS_LOCL_H */
-Index: openssl-1.0.1e/crypto/engine/eng_int.h
+Index: openssl-1.0.1g/crypto/engine/eng_int.h
 ===================================================================
---- openssl-1.0.1e.orig/crypto/engine/eng_int.h
-+++ openssl-1.0.1e/crypto/engine/eng_int.h
+--- openssl-1.0.1g.orig/crypto/engine/eng_int.h
++++ openssl-1.0.1g/crypto/engine/eng_int.h
 @@ -68,6 +68,8 @@
  /* Take public definitions from engine.h */
  #include <openssl/engine.h>
@@ -256,10 +256,10 @@ Index: openssl-1.0.1e/crypto/engine/eng_int.h
 -
 +#pragma GCC visibility pop
  #endif /* HEADER_ENGINE_INT_H */
-Index: openssl-1.0.1e/crypto/engine/eng_rsax.c
+Index: openssl-1.0.1g/crypto/engine/eng_rsax.c
 ===================================================================
---- openssl-1.0.1e.orig/crypto/engine/eng_rsax.c
-+++ openssl-1.0.1e/crypto/engine/eng_rsax.c
+--- openssl-1.0.1g.orig/crypto/engine/eng_rsax.c
++++ openssl-1.0.1g/crypto/engine/eng_rsax.c
 @@ -262,7 +262,7 @@ static int mod_exp_pre_compute_data_512(
  void mod_exp_512(UINT64 *result, /* 512 bits, 8 qwords */
  		 UINT64 *g,      /* 512 bits, 8 qwords */
@@ -269,10 +269,10 @@ Index: openssl-1.0.1e/crypto/engine/eng_rsax.c
  
  typedef struct st_e_rsax_mod_ctx
  {
-Index: openssl-1.0.1e/crypto/evp/e_aes.c
+Index: openssl-1.0.1g/crypto/evp/e_aes.c
 ===================================================================
---- openssl-1.0.1e.orig/crypto/evp/e_aes.c
-+++ openssl-1.0.1e/crypto/evp/e_aes.c
+--- openssl-1.0.1g.orig/crypto/evp/e_aes.c
++++ openssl-1.0.1g/crypto/evp/e_aes.c
 @@ -108,6 +108,8 @@ typedef struct
  
  #define MAXBITCHUNK	((size_t)1<<(sizeof(size_t)*8-4))
@@ -318,10 +318,10 @@ Index: openssl-1.0.1e/crypto/evp/e_aes.c
  static int aesni_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
  		   const unsigned char *iv, int enc)
  	{
-Index: openssl-1.0.1e/crypto/evp/e_aes_cbc_hmac_sha1.c
+Index: openssl-1.0.1g/crypto/evp/e_aes_cbc_hmac_sha1.c
 ===================================================================
---- openssl-1.0.1e.orig/crypto/evp/e_aes_cbc_hmac_sha1.c
-+++ openssl-1.0.1e/crypto/evp/e_aes_cbc_hmac_sha1.c
+--- openssl-1.0.1g.orig/crypto/evp/e_aes_cbc_hmac_sha1.c
++++ openssl-1.0.1g/crypto/evp/e_aes_cbc_hmac_sha1.c
 @@ -97,6 +97,8 @@ typedef struct
  extern unsigned int OPENSSL_ia32cap_P[2];
  #define AESNI_CAPABLE   (1<<(57-32))
@@ -340,10 +340,10 @@ Index: openssl-1.0.1e/crypto/evp/e_aes_cbc_hmac_sha1.c
  #define data(ctx) ((EVP_AES_HMAC_SHA1 *)(ctx)->cipher_data)
  
  static int aesni_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx,
-Index: openssl-1.0.1e/crypto/evp/evp_locl.h
+Index: openssl-1.0.1g/crypto/evp/evp_locl.h
 ===================================================================
---- openssl-1.0.1e.orig/crypto/evp/evp_locl.h
-+++ openssl-1.0.1e/crypto/evp/evp_locl.h
+--- openssl-1.0.1g.orig/crypto/evp/evp_locl.h
++++ openssl-1.0.1g/crypto/evp/evp_locl.h
 @@ -263,6 +263,8 @@ const EVP_CIPHER *EVP_##cname##_ecb(void
  			     EVP_CIPHER_get_asn1_iv, \
  			     NULL)
@@ -362,10 +362,10 @@ Index: openssl-1.0.1e/crypto/evp/evp_locl.h
  #ifdef OPENSSL_FIPS
  
  #ifdef OPENSSL_DOING_MAKEDEPEND
-Index: openssl-1.0.1e/crypto/md4/md4_locl.h
+Index: openssl-1.0.1g/crypto/md4/md4_locl.h
 ===================================================================
---- openssl-1.0.1e.orig/crypto/md4/md4_locl.h
-+++ openssl-1.0.1e/crypto/md4/md4_locl.h
+--- openssl-1.0.1g.orig/crypto/md4/md4_locl.h
++++ openssl-1.0.1g/crypto/md4/md4_locl.h
 @@ -65,7 +65,7 @@
  #define MD4_LONG_LOG2 2 /* default to 32 bits */
  #endif
@@ -375,10 +375,10 @@ Index: openssl-1.0.1e/crypto/md4/md4_locl.h
  
  #define DATA_ORDER_IS_LITTLE_ENDIAN
  
-Index: openssl-1.0.1e/crypto/md5/md5_locl.h
+Index: openssl-1.0.1g/crypto/md5/md5_locl.h
 ===================================================================
---- openssl-1.0.1e.orig/crypto/md5/md5_locl.h
-+++ openssl-1.0.1e/crypto/md5/md5_locl.h
+--- openssl-1.0.1g.orig/crypto/md5/md5_locl.h
++++ openssl-1.0.1g/crypto/md5/md5_locl.h
 @@ -74,7 +74,7 @@
  # endif
  #endif
@@ -388,11 +388,11 @@ Index: openssl-1.0.1e/crypto/md5/md5_locl.h
  
  #define DATA_ORDER_IS_LITTLE_ENDIAN
  
-Index: openssl-1.0.1e/crypto/modes/modes_lcl.h
+Index: openssl-1.0.1g/crypto/modes/modes_lcl.h
 ===================================================================
---- openssl-1.0.1e.orig/crypto/modes/modes_lcl.h
-+++ openssl-1.0.1e/crypto/modes/modes_lcl.h
-@@ -86,6 +86,8 @@ typedef unsigned char u8;
+--- openssl-1.0.1g.orig/crypto/modes/modes_lcl.h
++++ openssl-1.0.1g/crypto/modes/modes_lcl.h
+@@ -83,6 +83,8 @@ typedef unsigned char u8;
  #define PUTU32(p,v)	((p)[0]=(u8)((v)>>24),(p)[1]=(u8)((v)>>16),(p)[2]=(u8)((v)>>8),(p)[3]=(u8)(v))
  #endif
  
@@ -401,16 +401,16 @@ Index: openssl-1.0.1e/crypto/modes/modes_lcl.h
  /* GCM definitions */
  
  typedef struct { u64 hi,lo; } u128;
-@@ -128,4 +130,4 @@ struct ccm128_context {
+@@ -125,4 +127,4 @@ struct ccm128_context {
  	block128_f block;
  	void *key;
  };
 -
 +#pragma GCC visibility pop
-Index: openssl-1.0.1e/crypto/o_str.h
+Index: openssl-1.0.1g/crypto/o_str.h
 ===================================================================
---- openssl-1.0.1e.orig/crypto/o_str.h
-+++ openssl-1.0.1e/crypto/o_str.h
+--- openssl-1.0.1g.orig/crypto/o_str.h
++++ openssl-1.0.1g/crypto/o_str.h
 @@ -61,8 +61,12 @@
  
  #include <stddef.h>		/* to get size_t */
@@ -424,10 +424,10 @@ Index: openssl-1.0.1e/crypto/o_str.h
 +#pragma GCC visibility pop
 +
  #endif
-Index: openssl-1.0.1e/crypto/o_time.h
+Index: openssl-1.0.1g/crypto/o_time.h
 ===================================================================
---- openssl-1.0.1e.orig/crypto/o_time.h
-+++ openssl-1.0.1e/crypto/o_time.h
+--- openssl-1.0.1g.orig/crypto/o_time.h
++++ openssl-1.0.1g/crypto/o_time.h
 @@ -61,7 +61,11 @@
  
  #include <time.h>
@@ -440,10 +440,10 @@ Index: openssl-1.0.1e/crypto/o_time.h
 +#pragma GCC visibility pop
 +
  #endif
-Index: openssl-1.0.1e/crypto/ripemd/rmd_locl.h
+Index: openssl-1.0.1g/crypto/ripemd/rmd_locl.h
 ===================================================================
---- openssl-1.0.1e.orig/crypto/ripemd/rmd_locl.h
-+++ openssl-1.0.1e/crypto/ripemd/rmd_locl.h
+--- openssl-1.0.1g.orig/crypto/ripemd/rmd_locl.h
++++ openssl-1.0.1g/crypto/ripemd/rmd_locl.h
 @@ -76,7 +76,7 @@
  # endif
  #endif
@@ -453,20 +453,20 @@ Index: openssl-1.0.1e/crypto/ripemd/rmd_locl.h
  
  #define DATA_ORDER_IS_LITTLE_ENDIAN
  
-Index: openssl-1.0.1e/crypto/rsa/rsa_locl.h
+Index: openssl-1.0.1g/crypto/rsa/rsa_locl.h
 ===================================================================
---- openssl-1.0.1e.orig/crypto/rsa/rsa_locl.h
-+++ openssl-1.0.1e/crypto/rsa/rsa_locl.h
+--- openssl-1.0.1g.orig/crypto/rsa/rsa_locl.h
++++ openssl-1.0.1g/crypto/rsa/rsa_locl.h
 @@ -1,4 +1,4 @@
  extern int int_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len,
  		unsigned char *rm, size_t *prm_len,
  		const unsigned char *sigbuf, size_t siglen,
 -		RSA *rsa);
 +		RSA *rsa) __attribute__ ((visibility ("hidden")));
-Index: openssl-1.0.1e/crypto/sha/sha256.c
+Index: openssl-1.0.1g/crypto/sha/sha256.c
 ===================================================================
---- openssl-1.0.1e.orig/crypto/sha/sha256.c
-+++ openssl-1.0.1e/crypto/sha/sha256.c
+--- openssl-1.0.1g.orig/crypto/sha/sha256.c
++++ openssl-1.0.1g/crypto/sha/sha256.c
 @@ -110,7 +110,7 @@ int SHA224_Final (unsigned char *md, SHA
  #ifndef SHA256_ASM
  static
@@ -476,10 +476,10 @@ Index: openssl-1.0.1e/crypto/sha/sha256.c
  
  #include "md32_common.h"
  
-Index: openssl-1.0.1e/crypto/sha/sha512.c
+Index: openssl-1.0.1g/crypto/sha/sha512.c
 ===================================================================
---- openssl-1.0.1e.orig/crypto/sha/sha512.c
-+++ openssl-1.0.1e/crypto/sha/sha512.c
+--- openssl-1.0.1g.orig/crypto/sha/sha512.c
++++ openssl-1.0.1g/crypto/sha/sha512.c
 @@ -94,7 +94,7 @@ fips_md_init(SHA512)
  #ifndef SHA512_ASM
  static
@@ -489,10 +489,10 @@ Index: openssl-1.0.1e/crypto/sha/sha512.c
  
  int SHA512_Final (unsigned char *md, SHA512_CTX *c)
  	{
-Index: openssl-1.0.1e/crypto/sha/sha_locl.h
+Index: openssl-1.0.1g/crypto/sha/sha_locl.h
 ===================================================================
---- openssl-1.0.1e.orig/crypto/sha/sha_locl.h
-+++ openssl-1.0.1e/crypto/sha/sha_locl.h
+--- openssl-1.0.1g.orig/crypto/sha/sha_locl.h
++++ openssl-1.0.1g/crypto/sha/sha_locl.h
 @@ -108,7 +108,7 @@ static void sha_block_data_order (SHA_CT
  #ifndef SHA1_ASM
  static
@@ -502,10 +502,10 @@ Index: openssl-1.0.1e/crypto/sha/sha_locl.h
  
  #else
  # error "Either SHA_0 or SHA_1 must be defined."
-Index: openssl-1.0.1e/crypto/store/str_locl.h
+Index: openssl-1.0.1g/crypto/store/str_locl.h
 ===================================================================
---- openssl-1.0.1e.orig/crypto/store/str_locl.h
-+++ openssl-1.0.1e/crypto/store/str_locl.h
+--- openssl-1.0.1g.orig/crypto/store/str_locl.h
++++ openssl-1.0.1g/crypto/store/str_locl.h
 @@ -62,6 +62,8 @@
  #include <openssl/crypto.h>
  #include <openssl/store.h>
@@ -522,10 +522,10 @@ Index: openssl-1.0.1e/crypto/store/str_locl.h
 -
 +#pragma GCC visibility pop
  #endif
-Index: openssl-1.0.1e/crypto/ui/ui_locl.h
+Index: openssl-1.0.1g/crypto/ui/ui_locl.h
 ===================================================================
---- openssl-1.0.1e.orig/crypto/ui/ui_locl.h
-+++ openssl-1.0.1e/crypto/ui/ui_locl.h
+--- openssl-1.0.1g.orig/crypto/ui/ui_locl.h
++++ openssl-1.0.1g/crypto/ui/ui_locl.h
 @@ -66,6 +66,8 @@
  #undef _
  #endif
@@ -542,19 +542,19 @@ Index: openssl-1.0.1e/crypto/ui/ui_locl.h
 -
 +#pragma GCC visibility pop
  #endif
-Index: openssl-1.0.1e/crypto/whrlpool/wp_locl.h
+Index: openssl-1.0.1g/crypto/whrlpool/wp_locl.h
 ===================================================================
---- openssl-1.0.1e.orig/crypto/whrlpool/wp_locl.h
-+++ openssl-1.0.1e/crypto/whrlpool/wp_locl.h
+--- openssl-1.0.1g.orig/crypto/whrlpool/wp_locl.h
++++ openssl-1.0.1g/crypto/whrlpool/wp_locl.h
 @@ -1,3 +1,3 @@
  #include <openssl/whrlpool.h>
  
 -void whirlpool_block(WHIRLPOOL_CTX *,const void *,size_t);
 +void whirlpool_block(WHIRLPOOL_CTX *,const void *,size_t) __attribute__ ((visibility ("hidden")));
-Index: openssl-1.0.1e/crypto/x509v3/ext_dat.h
+Index: openssl-1.0.1g/crypto/x509v3/ext_dat.h
 ===================================================================
---- openssl-1.0.1e.orig/crypto/x509v3/ext_dat.h
-+++ openssl-1.0.1e/crypto/x509v3/ext_dat.h
+--- openssl-1.0.1g.orig/crypto/x509v3/ext_dat.h
++++ openssl-1.0.1g/crypto/x509v3/ext_dat.h
 @@ -57,6 +57,8 @@
   */
  /* This file contains a table of "standard" extensions */
@@ -572,10 +572,10 @@ Index: openssl-1.0.1e/crypto/x509v3/ext_dat.h
  /* Number of standard extensions */
  
  #define STANDARD_EXTENSION_COUNT (sizeof(standard_exts)/sizeof(X509V3_EXT_METHOD *))
-Index: openssl-1.0.1e/crypto/x509v3/pcy_int.h
+Index: openssl-1.0.1g/crypto/x509v3/pcy_int.h
 ===================================================================
---- openssl-1.0.1e.orig/crypto/x509v3/pcy_int.h
-+++ openssl-1.0.1e/crypto/x509v3/pcy_int.h
+--- openssl-1.0.1g.orig/crypto/x509v3/pcy_int.h
++++ openssl-1.0.1g/crypto/x509v3/pcy_int.h
 @@ -56,6 +56,7 @@
   *
   */
@@ -590,10 +590,10 @@ Index: openssl-1.0.1e/crypto/x509v3/pcy_int.h
  const X509_POLICY_CACHE *policy_cache_set(X509 *x);
 +
 +#pragma GCC visibility pop
-Index: openssl-1.0.1e/crypto/modes/gcm128.c
+Index: openssl-1.0.1g/crypto/modes/gcm128.c
 ===================================================================
---- openssl-1.0.1e.orig/crypto/modes/gcm128.c
-+++ openssl-1.0.1e/crypto/modes/gcm128.c
+--- openssl-1.0.1g.orig/crypto/modes/gcm128.c
++++ openssl-1.0.1g/crypto/modes/gcm128.c
 @@ -651,9 +651,9 @@ static void gcm_gmult_1bit(u64 Xi[2],con
  #  define GCM_FUNCREF_4BIT
  extern unsigned int OPENSSL_ia32cap_P[2];
@@ -607,10 +607,10 @@ Index: openssl-1.0.1e/crypto/modes/gcm128.c
  
  #  if	defined(__i386) || defined(__i386__) || defined(_M_IX86)
  #   define GHASH_ASM_X86
-Index: openssl-1.0.1e/crypto/evp/e_rc4_hmac_md5.c
+Index: openssl-1.0.1g/crypto/evp/e_rc4_hmac_md5.c
 ===================================================================
---- openssl-1.0.1e.orig/crypto/evp/e_rc4_hmac_md5.c
-+++ openssl-1.0.1e/crypto/evp/e_rc4_hmac_md5.c
+--- openssl-1.0.1g.orig/crypto/evp/e_rc4_hmac_md5.c
++++ openssl-1.0.1g/crypto/evp/e_rc4_hmac_md5.c
 @@ -78,7 +78,7 @@ typedef struct
  #define NO_PAYLOAD_LENGTH	((size_t)-1)
  
diff --git a/0005-libssl-Hide-library-private-symbols.patch b/0005-libssl-Hide-library-private-symbols.patch
index 1920d45..ac7c7e7 100644
--- a/0005-libssl-Hide-library-private-symbols.patch
+++ b/0005-libssl-Hide-library-private-symbols.patch
@@ -13,10 +13,10 @@ API/ABI when GCC 4 or later is used.
  ssl/ssl_locl.h | 8 ++++++++
  2 files changed, 17 insertions(+)
 
-diff --git a/ssl/kssl_lcl.h b/ssl/kssl_lcl.h
-index c039c91..69972b1 100644
---- a/ssl/kssl_lcl.h
-+++ b/ssl/kssl_lcl.h
+Index: openssl-1.0.1g/ssl/kssl_lcl.h
+===================================================================
+--- openssl-1.0.1g.orig/ssl/kssl_lcl.h
++++ openssl-1.0.1g/ssl/kssl_lcl.h
 @@ -61,6 +61,10 @@
  
  #include <openssl/kssl.h>
@@ -28,7 +28,7 @@ index c039c91..69972b1 100644
  #ifndef OPENSSL_NO_KRB5
  
  #ifdef  __cplusplus
-@@ -84,4 +88,9 @@ int kssl_tgt_is_available(KSSL_CTX *kssl_ctx);
+@@ -84,4 +88,9 @@ int kssl_tgt_is_available(KSSL_CTX *kssl
  }
  #endif
  #endif	/* OPENSSL_NO_KRB5	*/
@@ -38,10 +38,10 @@ index c039c91..69972b1 100644
 +#endif
 +
  #endif	/* KSSL_LCL_H 	*/
-diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
-index 56f9b4b..dde4e3e 100644
---- a/ssl/ssl_locl.h
-+++ b/ssl/ssl_locl.h
+Index: openssl-1.0.1g/ssl/ssl_locl.h
+===================================================================
+--- openssl-1.0.1g.orig/ssl/ssl_locl.h
++++ openssl-1.0.1g/ssl/ssl_locl.h
 @@ -165,6 +165,10 @@
  #include <openssl/ssl.h>
  #include <openssl/symhacks.h>
@@ -53,7 +53,7 @@ index 56f9b4b..dde4e3e 100644
  #ifdef OPENSSL_BUILD_SHLIBSSL
  # undef OPENSSL_EXTERN
  # define OPENSSL_EXTERN OPENSSL_EXPORT
-@@ -1357,4 +1361,8 @@ void tls_fips_digest_extra(
+@@ -1174,4 +1178,8 @@ void tls_fips_digest_extra(
  	const EVP_CIPHER_CTX *cipher_ctx, EVP_MD_CTX *mac_ctx,
  	const unsigned char *data, size_t data_len, size_t orig_len);
  
@@ -62,6 +62,3 @@ index 56f9b4b..dde4e3e 100644
 +#endif
 +
  #endif
--- 
-1.8.3.1
-
diff --git a/CVE-2014-0076.patch b/CVE-2014-0076.patch
deleted file mode 100644
index e784626..0000000
--- a/CVE-2014-0076.patch
+++ /dev/null
@@ -1,150 +0,0 @@
-Index: openssl-1.0.1f/crypto/bn/bn.h
-===================================================================
---- openssl-1.0.1f.orig/crypto/bn/bn.h
-+++ openssl-1.0.1f/crypto/bn/bn.h
-@@ -538,6 +538,8 @@ BIGNUM *BN_mod_inverse(BIGNUM *ret,
- BIGNUM *BN_mod_sqrt(BIGNUM *ret,
- 	const BIGNUM *a, const BIGNUM *n,BN_CTX *ctx);
- 
-+void   BN_consttime_swap(BN_ULONG swap, BIGNUM *a, BIGNUM *b, int nwords);
-+
- /* Deprecated versions */
- #ifndef OPENSSL_NO_DEPRECATED
- BIGNUM *BN_generate_prime(BIGNUM *ret,int bits,int safe,
-@@ -774,12 +776,22 @@ int RAND_pseudo_bytes(unsigned char *buf
- 
- #define bn_fix_top(a)		bn_check_top(a)
- 
-+#define bn_check_size(bn, bits) bn_wcheck_size(bn, ((bits+BN_BITS2-1))/BN_BITS2)
-+#define bn_wcheck_size(bn, words) \
-+       do { \
-+               const BIGNUM *_bnum2 = (bn); \
-+               assert(words <= (_bnum2)->dmax && words >= (_bnum2)->top); \
-+       } while(0)
-+
- #else /* !BN_DEBUG */
- 
- #define bn_pollute(a)
- #define bn_check_top(a)
- #define bn_fix_top(a)		bn_correct_top(a)
- 
-+#define bn_check_size(bn, bits)
-+#define bn_wcheck_size(bn, words)
-+
- #endif
- 
- #define bn_correct_top(a) \
-Index: openssl-1.0.1f/crypto/bn/bn_lib.c
-===================================================================
---- openssl-1.0.1f.orig/crypto/bn/bn_lib.c
-+++ openssl-1.0.1f/crypto/bn/bn_lib.c
-@@ -824,3 +824,56 @@ int bn_cmp_part_words(const BN_ULONG *a,
- 		}
- 	return bn_cmp_words(a,b,cl);
- 	}
-+
-+/* 
-+ * Constant-time conditional swap of a and b.  
-+ * a and b are swapped if condition is not 0.  The code assumes that at most one bit of condition is set.
-+ * nwords is the number of words to swap.  The code assumes that at least nwords are allocated in both a and b,
-+ * and that no more than nwords are used by either a or b.
-+ * a and b cannot be the same number
-+ */
-+void BN_consttime_swap(BN_ULONG condition, BIGNUM *a, BIGNUM *b, int nwords)
-+       {
-+       BN_ULONG t;
-+       int i;
-+
-+       bn_wcheck_size(a, nwords);
-+       bn_wcheck_size(b, nwords);
-+
-+       assert(a != b);
-+       assert((condition & (condition - 1)) == 0);
-+       assert(sizeof(BN_ULONG) >= sizeof(int));
-+
-+       condition = ((condition - 1) >> (BN_BITS2 - 1)) - 1;
-+
-+       t = (a->top^b->top) & condition;
-+       a->top ^= t;
-+       b->top ^= t;
-+
-+#define BN_CONSTTIME_SWAP(ind) \
-+       do { \
-+               t = (a->d[ind] ^ b->d[ind]) & condition; \
-+               a->d[ind] ^= t; \
-+               b->d[ind] ^= t; \
-+       } while (0)
-+
-+
-+       switch (nwords) {
-+       default:
-+               for (i = 10; i < nwords; i++) 
-+                       BN_CONSTTIME_SWAP(i);
-+               /* Fallthrough */
-+       case 10: BN_CONSTTIME_SWAP(9); /* Fallthrough */
-+       case 9: BN_CONSTTIME_SWAP(8); /* Fallthrough */
-+       case 8: BN_CONSTTIME_SWAP(7); /* Fallthrough */
-+       case 7: BN_CONSTTIME_SWAP(6); /* Fallthrough */
-+       case 6: BN_CONSTTIME_SWAP(5); /* Fallthrough */
-+       case 5: BN_CONSTTIME_SWAP(4); /* Fallthrough */
-+       case 4: BN_CONSTTIME_SWAP(3); /* Fallthrough */
-+       case 3: BN_CONSTTIME_SWAP(2); /* Fallthrough */
-+       case 2: BN_CONSTTIME_SWAP(1); /* Fallthrough */
-+       case 1: BN_CONSTTIME_SWAP(0);
-+       }
-+#undef BN_CONSTTIME_SWAP
-+}
-+
-Index: openssl-1.0.1f/crypto/ec/ec2_mult.c
-===================================================================
---- openssl-1.0.1f.orig/crypto/ec/ec2_mult.c
-+++ openssl-1.0.1f/crypto/ec/ec2_mult.c
-@@ -210,9 +210,12 @@ static int gf2m_Mxy(const EC_GROUP *grou
- 
- /* Computes scalar*point and stores the result in r.
-  * point can not equal r.
-- * Uses algorithm 2P of
-+ * Uses a modified algorithm 2P of
-  *     Lopez, J. and Dahab, R.  "Fast multiplication on elliptic curves over 
-  *     GF(2^m) without precomputation" (CHES '99, LNCS 1717).
-+ *
-+ * To protect against side-channel attack the function uses constant time swap,
-+ * avoiding conditional branches.
-  */
- static int ec_GF2m_montgomery_point_multiply(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
- 	const EC_POINT *point, BN_CTX *ctx)
-@@ -246,6 +249,11 @@ static int ec_GF2m_montgomery_point_mult
- 	x2 = &r->X;
- 	z2 = &r->Y;
- 
-+       bn_wexpand(x1, group->field.top);
-+       bn_wexpand(z1, group->field.top);
-+       bn_wexpand(x2, group->field.top);
-+       bn_wexpand(z2, group->field.top);
-+
- 	if (!BN_GF2m_mod_arr(x1, &point->X, group->poly)) goto err; /* x1 = x */
- 	if (!BN_one(z1)) goto err; /* z1 = 1 */
- 	if (!group->meth->field_sqr(group, z2, x1, ctx)) goto err; /* z2 = x1^2 = x^2 */
-@@ -270,16 +278,12 @@ static int ec_GF2m_montgomery_point_mult
- 		word = scalar->d[i];
- 		while (mask)
- 			{
--			if (word & mask)
--				{
--				if (!gf2m_Madd(group, &point->X, x1, z1, x2, z2, ctx)) goto err;
--				if (!gf2m_Mdouble(group, x2, z2, ctx)) goto err;
--				}
--			else
--				{
--				if (!gf2m_Madd(group, &point->X, x2, z2, x1, z1, ctx)) goto err;
--				if (!gf2m_Mdouble(group, x1, z1, ctx)) goto err;
--				}
-+                       BN_consttime_swap(word & mask, x1, x2, group->field.top);
-+                       BN_consttime_swap(word & mask, z1, z2, group->field.top);
-+                       if (!gf2m_Madd(group, &point->X, x2, z2, x1, z1, ctx)) goto err;
-+                       if (!gf2m_Mdouble(group, x1, z1, ctx)) goto err;
-+                       BN_consttime_swap(word & mask, x1, x2, group->field.top);
-+                       BN_consttime_swap(word & mask, z1, z2, group->field.top);
- 			mask >>= 1;
- 			}
- 		mask = BN_TBIT;
diff --git a/bug610223.patch b/bug610223.patch
index 957125e..525a8ea 100644
--- a/bug610223.patch
+++ b/bug610223.patch
@@ -1,8 +1,8 @@
-Index: openssl-1.0.0/Configure
+Index: openssl-1.0.1g/Configure
 ===================================================================
---- openssl-1.0.0.orig/Configure
-+++ openssl-1.0.0/Configure
-@@ -1673,7 +1673,8 @@ while (<IN>)
+--- openssl-1.0.1g.orig/Configure
++++ openssl-1.0.1g/Configure
+@@ -1804,7 +1804,8 @@ while (<IN>)
  		}
  	elsif	(/^#define\s+ENGINESDIR/)
  		{
diff --git a/merge_from_0.9.8k.patch b/merge_from_0.9.8k.patch
index 12c168b..f0323ba 100644
--- a/merge_from_0.9.8k.patch
+++ b/merge_from_0.9.8k.patch
@@ -1,6 +1,8 @@
---- openssl-1.0.1c.orig/Configure
-+++ openssl-1.0.1c/Configure
-@@ -931,7 +931,7 @@ PROCESS_ARGS:
+Index: openssl-1.0.1g/Configure
+===================================================================
+--- openssl-1.0.1g.orig/Configure
++++ openssl-1.0.1g/Configure
+@@ -933,7 +933,7 @@ PROCESS_ARGS:
  			}
  		else
  			{
@@ -9,7 +11,7 @@
  			$target=$_;
  			}
  
-@@ -1204,7 +1204,7 @@ if ($target =~ /^mingw/ && `$cc --target
+@@ -1206,7 +1206,7 @@ if ($target =~ /^mingw/ && `$cc --target
  my $no_shared_warn=0;
  my $no_user_cflags=0;
  
@@ -18,8 +20,10 @@
  else			{ $no_user_cflags=1;       }
  
  # Kerberos settings.  The flavor must be provided from outside, either through
---- openssl-1.0.1c.orig/config
-+++ openssl-1.0.1c/config
+Index: openssl-1.0.1g/config
+===================================================================
+--- openssl-1.0.1g.orig/config
++++ openssl-1.0.1g/config
 @@ -573,7 +573,8 @@ case "$GUESSOS" in
  	options="$options -arch%20${MACHINE}"
  	OUT="iphoneos-cross" ;;
diff --git a/openssl-1.0.1c-default-paths.patch b/openssl-1.0.1c-default-paths.patch
index beb9875..a80e5da 100644
--- a/openssl-1.0.1c-default-paths.patch
+++ b/openssl-1.0.1c-default-paths.patch
@@ -1,7 +1,8 @@
-diff -up openssl-1.0.1c/apps/s_client.c.default-paths openssl-1.0.1c/apps/s_client.c
---- openssl-1.0.1c/apps/s_client.c.default-paths	2012-03-18 19:16:05.000000000 +0100
-+++ openssl-1.0.1c/apps/s_client.c	2012-12-06 18:24:06.425933203 +0100
-@@ -1166,12 +1166,19 @@ bad:
+Index: openssl-1.0.1g/apps/s_client.c
+===================================================================
+--- openssl-1.0.1g.orig/apps/s_client.c
++++ openssl-1.0.1g/apps/s_client.c
+@@ -1174,12 +1174,19 @@ bad:
  	if (!set_cert_key_stuff(ctx,cert,key))
  		goto end;
  
@@ -26,10 +27,11 @@ diff -up openssl-1.0.1c/apps/s_client.c.default-paths openssl-1.0.1c/apps/s_clie
  		}
  
  #ifndef OPENSSL_NO_TLSEXT
-diff -up openssl-1.0.1c/apps/s_server.c.default-paths openssl-1.0.1c/apps/s_server.c
---- openssl-1.0.1c/apps/s_server.c.default-paths	2012-03-18 19:16:05.000000000 +0100
-+++ openssl-1.0.1c/apps/s_server.c	2012-12-06 18:25:11.199329611 +0100
-@@ -1565,13 +1565,21 @@ bad:
+Index: openssl-1.0.1g/apps/s_server.c
+===================================================================
+--- openssl-1.0.1g.orig/apps/s_server.c
++++ openssl-1.0.1g/apps/s_server.c
+@@ -1572,13 +1572,21 @@ bad:
  		}
  #endif
  
@@ -56,7 +58,7 @@ diff -up openssl-1.0.1c/apps/s_server.c.default-paths openssl-1.0.1c/apps/s_serv
  	if (vpm)
  		SSL_CTX_set1_param(ctx, vpm);
  
-@@ -1622,8 +1630,11 @@ bad:
+@@ -1629,8 +1637,11 @@ bad:
  		else
  			SSL_CTX_sess_set_cache_size(ctx2,128);
  
@@ -70,9 +72,10 @@ diff -up openssl-1.0.1c/apps/s_server.c.default-paths openssl-1.0.1c/apps/s_serv
  			{
  			ERR_print_errors(bio_err);
  			}
-diff -up openssl-1.0.1c/apps/s_time.c.default-paths openssl-1.0.1c/apps/s_time.c
---- openssl-1.0.1c/apps/s_time.c.default-paths	2006-04-17 14:22:13.000000000 +0200
-+++ openssl-1.0.1c/apps/s_time.c	2012-12-06 18:27:41.694574044 +0100
+Index: openssl-1.0.1g/apps/s_time.c
+===================================================================
+--- openssl-1.0.1g.orig/apps/s_time.c
++++ openssl-1.0.1g/apps/s_time.c
 @@ -373,12 +373,19 @@ int MAIN(int argc, char **argv)
  
  	SSL_load_error_strings();
diff --git a/openssl-1.0.1c-ipv6-apps.patch b/openssl-1.0.1c-ipv6-apps.patch
index 309d61f..db8ff95 100644
--- a/openssl-1.0.1c-ipv6-apps.patch
+++ b/openssl-1.0.1c-ipv6-apps.patch
@@ -1,6 +1,7 @@
-diff -up openssl-1.0.1c/apps/s_apps.h.ipv6-apps openssl-1.0.1c/apps/s_apps.h
---- openssl-1.0.1c/apps/s_apps.h.ipv6-apps	2012-07-11 22:46:02.409221206 +0200
-+++ openssl-1.0.1c/apps/s_apps.h	2012-07-11 22:46:02.451222165 +0200
+Index: openssl-1.0.1g/apps/s_apps.h
+===================================================================
+--- openssl-1.0.1g.orig/apps/s_apps.h
++++ openssl-1.0.1g/apps/s_apps.h
 @@ -148,7 +148,7 @@ typedef fd_mask fd_set;
  #define PORT_STR        "4433"
  #define PROTOCOL        "tcp"
@@ -23,10 +24,11 @@ diff -up openssl-1.0.1c/apps/s_apps.h.ipv6-apps openssl-1.0.1c/apps/s_apps.h
  
  long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
  				   int argi, long argl, long ret);
-diff -up openssl-1.0.1c/apps/s_client.c.ipv6-apps openssl-1.0.1c/apps/s_client.c
---- openssl-1.0.1c/apps/s_client.c.ipv6-apps	2012-07-11 22:46:02.433221754 +0200
-+++ openssl-1.0.1c/apps/s_client.c	2012-07-11 22:46:02.452222187 +0200
-@@ -563,7 +563,7 @@ int MAIN(int argc, char **argv)
+Index: openssl-1.0.1g/apps/s_client.c
+===================================================================
+--- openssl-1.0.1g.orig/apps/s_client.c
++++ openssl-1.0.1g/apps/s_client.c
+@@ -567,7 +567,7 @@ int MAIN(int argc, char **argv)
  	int cbuf_len,cbuf_off;
  	int sbuf_len,sbuf_off;
  	fd_set readfds,writefds;
@@ -35,7 +37,7 @@ diff -up openssl-1.0.1c/apps/s_client.c.ipv6-apps openssl-1.0.1c/apps/s_client.c
  	int full_log=1;
  	char *host=SSL_HOST_NAME;
  	char *cert_file=NULL,*key_file=NULL;
-@@ -664,13 +664,12 @@ int MAIN(int argc, char **argv)
+@@ -668,13 +668,12 @@ int MAIN(int argc, char **argv)
  		else if	(strcmp(*argv,"-port") == 0)
  			{
  			if (--argc < 1) goto bad;
@@ -51,7 +53,7 @@ diff -up openssl-1.0.1c/apps/s_client.c.ipv6-apps openssl-1.0.1c/apps/s_client.c
  				goto bad;
  			}
  		else if	(strcmp(*argv,"-verify") == 0)
-@@ -1253,7 +1252,7 @@ bad:
+@@ -1267,7 +1266,7 @@ bad:
  
  re_start:
  
@@ -60,10 +62,11 @@ diff -up openssl-1.0.1c/apps/s_client.c.ipv6-apps openssl-1.0.1c/apps/s_client.c
  		{
  		BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error());
  		SHUTDOWN(s);
-diff -up openssl-1.0.1c/apps/s_server.c.ipv6-apps openssl-1.0.1c/apps/s_server.c
---- openssl-1.0.1c/apps/s_server.c.ipv6-apps	2012-07-11 22:46:02.434221777 +0200
-+++ openssl-1.0.1c/apps/s_server.c	2012-07-11 22:46:02.453222210 +0200
-@@ -929,7 +929,7 @@ int MAIN(int argc, char *argv[])
+Index: openssl-1.0.1g/apps/s_server.c
+===================================================================
+--- openssl-1.0.1g.orig/apps/s_server.c
++++ openssl-1.0.1g/apps/s_server.c
+@@ -933,7 +933,7 @@ int MAIN(int argc, char *argv[])
  	{
  	X509_VERIFY_PARAM *vpm = NULL;
  	int badarg = 0;
@@ -72,7 +75,7 @@ diff -up openssl-1.0.1c/apps/s_server.c.ipv6-apps openssl-1.0.1c/apps/s_server.c
  	char *CApath=NULL,*CAfile=NULL;
  	unsigned char *context = NULL;
  	char *dhfile = NULL;
-@@ -1000,8 +1000,7 @@ int MAIN(int argc, char *argv[])
+@@ -1004,8 +1004,7 @@ int MAIN(int argc, char *argv[])
  			 (strcmp(*argv,"-accept") == 0))
  			{
  			if (--argc < 1) goto bad;
@@ -82,7 +85,7 @@ diff -up openssl-1.0.1c/apps/s_server.c.ipv6-apps openssl-1.0.1c/apps/s_server.c
  			}
  		else if	(strcmp(*argv,"-verify") == 0)
  			{
-@@ -1878,9 +1877,9 @@ bad:
+@@ -1892,9 +1891,9 @@ bad:
  	BIO_printf(bio_s_out,"ACCEPT\n");
  	(void)BIO_flush(bio_s_out);
  	if (www)
@@ -94,9 +97,10 @@ diff -up openssl-1.0.1c/apps/s_server.c.ipv6-apps openssl-1.0.1c/apps/s_server.c
  	print_stats(bio_s_out,ctx);
  	ret=0;
  end:
-diff -up openssl-1.0.1c/apps/s_socket.c.ipv6-apps openssl-1.0.1c/apps/s_socket.c
---- openssl-1.0.1c/apps/s_socket.c.ipv6-apps	2011-12-02 15:39:40.000000000 +0100
-+++ openssl-1.0.1c/apps/s_socket.c	2012-07-11 22:49:05.411400450 +0200
+Index: openssl-1.0.1g/apps/s_socket.c
+===================================================================
+--- openssl-1.0.1g.orig/apps/s_socket.c
++++ openssl-1.0.1g/apps/s_socket.c
 @@ -102,9 +102,7 @@ static struct hostent *GetHostByName(cha
  static void ssl_sock_cleanup(void);
  #endif
diff --git a/openssl-1.0.1e-fips-ec.patch b/openssl-1.0.1e-fips-ec.patch
index 48c0953..2452736 100644
--- a/openssl-1.0.1e-fips-ec.patch
+++ b/openssl-1.0.1e-fips-ec.patch
@@ -1,7 +1,7 @@
-Index: openssl-1.0.1e/crypto/ecdh/ecdh.h
+Index: openssl-1.0.1g/crypto/ecdh/ecdh.h
 ===================================================================
---- openssl-1.0.1e.orig/crypto/ecdh/ecdh.h
-+++ openssl-1.0.1e/crypto/ecdh/ecdh.h
+--- openssl-1.0.1g.orig/crypto/ecdh/ecdh.h
++++ openssl-1.0.1g/crypto/ecdh/ecdh.h
 @@ -85,6 +85,8 @@
  extern "C" {
  #endif
@@ -11,10 +11,10 @@ Index: openssl-1.0.1e/crypto/ecdh/ecdh.h
  const ECDH_METHOD *ECDH_OpenSSL(void);
  
  void	  ECDH_set_default_method(const ECDH_METHOD *);
-Index: openssl-1.0.1e/crypto/ecdh/ecdhtest.c
+Index: openssl-1.0.1g/crypto/ecdh/ecdhtest.c
 ===================================================================
---- openssl-1.0.1e.orig/crypto/ecdh/ecdhtest.c
-+++ openssl-1.0.1e/crypto/ecdh/ecdhtest.c
+--- openssl-1.0.1g.orig/crypto/ecdh/ecdhtest.c
++++ openssl-1.0.1g/crypto/ecdh/ecdhtest.c
 @@ -323,11 +323,15 @@ int main(int argc, char *argv[])
  	if ((ctx=BN_CTX_new()) == NULL) goto err;
  
@@ -31,10 +31,10 @@ Index: openssl-1.0.1e/crypto/ecdh/ecdhtest.c
  #ifndef OPENSSL_NO_EC2M
  	/* NIST BINARY CURVES TESTS */
  	if (!test_ecdh_curve(NID_sect163k1, "NIST Binary-Curve K-163", ctx, out)) goto err;
-Index: openssl-1.0.1e/crypto/ecdh/ech_lib.c
+Index: openssl-1.0.1g/crypto/ecdh/ech_lib.c
 ===================================================================
---- openssl-1.0.1e.orig/crypto/ecdh/ech_lib.c
-+++ openssl-1.0.1e/crypto/ecdh/ech_lib.c
+--- openssl-1.0.1g.orig/crypto/ecdh/ech_lib.c
++++ openssl-1.0.1g/crypto/ecdh/ech_lib.c
 @@ -94,14 +94,7 @@ const ECDH_METHOD *ECDH_get_default_meth
  	{
  	if(!default_ECDH_method) 
@@ -50,10 +50,10 @@ Index: openssl-1.0.1e/crypto/ecdh/ech_lib.c
  		}
  	return default_ECDH_method;
  	}
-Index: openssl-1.0.1e/crypto/ecdh/ech_ossl.c
+Index: openssl-1.0.1g/crypto/ecdh/ech_ossl.c
 ===================================================================
---- openssl-1.0.1e.orig/crypto/ecdh/ech_ossl.c
-+++ openssl-1.0.1e/crypto/ecdh/ech_ossl.c
+--- openssl-1.0.1g.orig/crypto/ecdh/ech_ossl.c
++++ openssl-1.0.1g/crypto/ecdh/ech_ossl.c
 @@ -79,6 +79,10 @@
  #include <openssl/obj_mac.h>
  #include <openssl/bn.h>
@@ -108,10 +108,10 @@ Index: openssl-1.0.1e/crypto/ecdh/ech_ossl.c
  	if ((tmp=EC_POINT_new(group)) == NULL)
  		{
  		ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE);
-Index: openssl-1.0.1e/crypto/ecdsa/ecdsatest.c
+Index: openssl-1.0.1g/crypto/ecdsa/ecdsatest.c
 ===================================================================
---- openssl-1.0.1e.orig/crypto/ecdsa/ecdsatest.c
-+++ openssl-1.0.1e/crypto/ecdsa/ecdsatest.c
+--- openssl-1.0.1g.orig/crypto/ecdsa/ecdsatest.c
++++ openssl-1.0.1g/crypto/ecdsa/ecdsatest.c
 @@ -138,11 +138,14 @@ int restore_rand(void)
  	}
  
@@ -147,10 +147,10 @@ Index: openssl-1.0.1e/crypto/ecdsa/ecdsatest.c
  	if (!test_builtin(out)) goto err;
  	
  	ret = 0;
-Index: openssl-1.0.1e/crypto/ecdsa/ecs_lib.c
+Index: openssl-1.0.1g/crypto/ecdsa/ecs_lib.c
 ===================================================================
---- openssl-1.0.1e.orig/crypto/ecdsa/ecs_lib.c
-+++ openssl-1.0.1e/crypto/ecdsa/ecs_lib.c
+--- openssl-1.0.1g.orig/crypto/ecdsa/ecs_lib.c
++++ openssl-1.0.1g/crypto/ecdsa/ecs_lib.c
 @@ -81,14 +81,7 @@ const ECDSA_METHOD *ECDSA_get_default_me
  {
  	if(!default_ECDSA_method) 
@@ -166,10 +166,10 @@ Index: openssl-1.0.1e/crypto/ecdsa/ecs_lib.c
  		}
  	return default_ECDSA_method;
  }
-Index: openssl-1.0.1e/crypto/ecdsa/ecs_ossl.c
+Index: openssl-1.0.1g/crypto/ecdsa/ecs_ossl.c
 ===================================================================
---- openssl-1.0.1e.orig/crypto/ecdsa/ecs_ossl.c
-+++ openssl-1.0.1e/crypto/ecdsa/ecs_ossl.c
+--- openssl-1.0.1g.orig/crypto/ecdsa/ecs_ossl.c
++++ openssl-1.0.1g/crypto/ecdsa/ecs_ossl.c
 @@ -60,6 +60,9 @@
  #include <openssl/err.h>
  #include <openssl/obj_mac.h>
@@ -219,10 +219,10 @@ Index: openssl-1.0.1e/crypto/ecdsa/ecs_ossl.c
  	/* check input values */
  	if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL ||
  	    (pub_key = EC_KEY_get0_public_key(eckey)) == NULL || sig == NULL)
-Index: openssl-1.0.1e/crypto/ec/ec_key.c
+Index: openssl-1.0.1g/crypto/ec/ec_key.c
 ===================================================================
---- openssl-1.0.1e.orig/crypto/ec/ec_key.c
-+++ openssl-1.0.1e/crypto/ec/ec_key.c
+--- openssl-1.0.1g.orig/crypto/ec/ec_key.c
++++ openssl-1.0.1g/crypto/ec/ec_key.c
 @@ -64,9 +64,6 @@
  #include <string.h>
  #include "ec_lcl.h"
@@ -319,10 +319,10 @@ Index: openssl-1.0.1e/crypto/ec/ec_key.c
  		{
  		ECerr(EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES,
  			EC_R_COORDINATES_OUT_OF_RANGE);
-Index: openssl-1.0.1e/crypto/ec/ecp_mont.c
+Index: openssl-1.0.1g/crypto/ec/ecp_mont.c
 ===================================================================
---- openssl-1.0.1e.orig/crypto/ec/ecp_mont.c
-+++ openssl-1.0.1e/crypto/ec/ecp_mont.c
+--- openssl-1.0.1g.orig/crypto/ec/ecp_mont.c
++++ openssl-1.0.1g/crypto/ec/ecp_mont.c
 @@ -63,18 +63,11 @@
  
  #include <openssl/err.h>
@@ -350,10 +350,10 @@ Index: openssl-1.0.1e/crypto/ec/ecp_mont.c
  	}
  
  
-Index: openssl-1.0.1e/crypto/ec/ecp_nist.c
+Index: openssl-1.0.1g/crypto/ec/ecp_nist.c
 ===================================================================
---- openssl-1.0.1e.orig/crypto/ec/ecp_nist.c
-+++ openssl-1.0.1e/crypto/ec/ecp_nist.c
+--- openssl-1.0.1g.orig/crypto/ec/ecp_nist.c
++++ openssl-1.0.1g/crypto/ec/ecp_nist.c
 @@ -67,15 +67,8 @@
  #include <openssl/obj_mac.h>
  #include "ec_lcl.h"
@@ -378,10 +378,10 @@ Index: openssl-1.0.1e/crypto/ec/ecp_nist.c
  	}
  
  int ec_GFp_nist_group_copy(EC_GROUP *dest, const EC_GROUP *src)
-Index: openssl-1.0.1e/crypto/ec/ecp_smpl.c
+Index: openssl-1.0.1g/crypto/ec/ecp_smpl.c
 ===================================================================
---- openssl-1.0.1e.orig/crypto/ec/ecp_smpl.c
-+++ openssl-1.0.1e/crypto/ec/ecp_smpl.c
+--- openssl-1.0.1g.orig/crypto/ec/ecp_smpl.c
++++ openssl-1.0.1g/crypto/ec/ecp_smpl.c
 @@ -65,17 +65,10 @@
  #include <openssl/err.h>
  #include <openssl/symhacks.h>
@@ -423,10 +423,10 @@ Index: openssl-1.0.1e/crypto/ec/ecp_smpl.c
  	if (ctx == NULL)
  		{
  		ctx = new_ctx = BN_CTX_new();
-Index: openssl-1.0.1e/crypto/evp/m_ecdsa.c
+Index: openssl-1.0.1g/crypto/evp/m_ecdsa.c
 ===================================================================
---- openssl-1.0.1e.orig/crypto/evp/m_ecdsa.c
-+++ openssl-1.0.1e/crypto/evp/m_ecdsa.c
+--- openssl-1.0.1g.orig/crypto/evp/m_ecdsa.c
++++ openssl-1.0.1g/crypto/evp/m_ecdsa.c
 @@ -116,7 +116,6 @@
  #include <openssl/x509.h>
  
@@ -449,10 +449,10 @@ Index: openssl-1.0.1e/crypto/evp/m_ecdsa.c
  	}
  #endif
 -#endif
-Index: openssl-1.0.1e/crypto/fips/cavs/fips_ecdhvs.c
+Index: openssl-1.0.1g/crypto/fips/cavs/fips_ecdhvs.c
 ===================================================================
 --- /dev/null
-+++ openssl-1.0.1e/crypto/fips/cavs/fips_ecdhvs.c
++++ openssl-1.0.1g/crypto/fips/cavs/fips_ecdhvs.c
 @@ -0,0 +1,496 @@
 +/* fips/ecdh/fips_ecdhvs.c */
 +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
@@ -950,10 +950,10 @@ Index: openssl-1.0.1e/crypto/fips/cavs/fips_ecdhvs.c
 +	}
 +
 +#endif
-Index: openssl-1.0.1e/crypto/fips/cavs/fips_ecdsavs.c
+Index: openssl-1.0.1g/crypto/fips/cavs/fips_ecdsavs.c
 ===================================================================
 --- /dev/null
-+++ openssl-1.0.1e/crypto/fips/cavs/fips_ecdsavs.c
++++ openssl-1.0.1g/crypto/fips/cavs/fips_ecdsavs.c
 @@ -0,0 +1,533 @@
 +/* fips/ecdsa/fips_ecdsavs.c */
 +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
@@ -1488,10 +1488,10 @@ Index: openssl-1.0.1e/crypto/fips/cavs/fips_ecdsavs.c
 +	}
 +
 +#endif
-Index: openssl-1.0.1e/crypto/fips/fips_ecdh_selftest.c
+Index: openssl-1.0.1g/crypto/fips/fips_ecdh_selftest.c
 ===================================================================
 --- /dev/null
-+++ openssl-1.0.1e/crypto/fips/fips_ecdh_selftest.c
++++ openssl-1.0.1g/crypto/fips/fips_ecdh_selftest.c
 @@ -0,0 +1,252 @@
 +/* fips/ecdh/fips_ecdh_selftest.c */
 +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
@@ -1745,10 +1745,10 @@ Index: openssl-1.0.1e/crypto/fips/fips_ecdh_selftest.c
 +	}
 +
 +#endif
-Index: openssl-1.0.1e/crypto/fips/fips_ecdsa_selftest.c
+Index: openssl-1.0.1g/crypto/fips/fips_ecdsa_selftest.c
 ===================================================================
 --- /dev/null
-+++ openssl-1.0.1e/crypto/fips/fips_ecdsa_selftest.c
++++ openssl-1.0.1g/crypto/fips/fips_ecdsa_selftest.c
 @@ -0,0 +1,167 @@
 +/* fips/ecdsa/fips_ecdsa_selftest.c */
 +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
@@ -1917,10 +1917,10 @@ Index: openssl-1.0.1e/crypto/fips/fips_ecdsa_selftest.c
 +	}
 +
 +#endif
-Index: openssl-1.0.1e/crypto/fips/fips.h
+Index: openssl-1.0.1g/crypto/fips/fips.h
 ===================================================================
---- openssl-1.0.1e.orig/crypto/fips/fips.h
-+++ openssl-1.0.1e/crypto/fips/fips.h
+--- openssl-1.0.1g.orig/crypto/fips/fips.h
++++ openssl-1.0.1g/crypto/fips/fips.h
 @@ -93,6 +93,8 @@ int FIPS_selftest_rsa(void);
  void FIPS_corrupt_dsa(void);
  void FIPS_corrupt_dsa_keygen(void);
@@ -1930,10 +1930,10 @@ Index: openssl-1.0.1e/crypto/fips/fips.h
  void FIPS_corrupt_rng(void);
  void FIPS_rng_stick(void);
  void FIPS_x931_stick(int onoff);
-Index: openssl-1.0.1e/crypto/fips/fips_post.c
+Index: openssl-1.0.1g/crypto/fips/fips_post.c
 ===================================================================
---- openssl-1.0.1e.orig/crypto/fips/fips_post.c
-+++ openssl-1.0.1e/crypto/fips/fips_post.c
+--- openssl-1.0.1g.orig/crypto/fips/fips_post.c
++++ openssl-1.0.1g/crypto/fips/fips_post.c
 @@ -95,8 +95,12 @@ int FIPS_selftest(void)
  		rv = 0;
  	if (!FIPS_selftest_rsa())
@@ -1947,10 +1947,10 @@ Index: openssl-1.0.1e/crypto/fips/fips_post.c
  	return rv;
  	}
  
-Index: openssl-1.0.1e/crypto/fips/Makefile
+Index: openssl-1.0.1g/crypto/fips/Makefile
 ===================================================================
---- openssl-1.0.1e.orig/crypto/fips/Makefile
-+++ openssl-1.0.1e/crypto/fips/Makefile
+--- openssl-1.0.1g.orig/crypto/fips/Makefile
++++ openssl-1.0.1g/crypto/fips/Makefile
 @@ -24,13 +24,13 @@ LIBSRC=fips_aes_selftest.c fips_des_self
      fips_rsa_selftest.c fips_sha_selftest.c fips.c fips_dsa_selftest.c  fips_rand.c \
      fips_rsa_x931g.c fips_post.c fips_drbg_ctr.c fips_drbg_hash.c fips_drbg_hmac.c \
diff --git a/openssl-1.0.1e-fips.patch b/openssl-1.0.1e-fips.patch
index a4b3adf..58c7113 100644
--- a/openssl-1.0.1e-fips.patch
+++ b/openssl-1.0.1e-fips.patch
@@ -113,10 +113,10 @@
  ssl/ssl_algs.c                     |   50 
  112 files changed, 18073 insertions(+), 403 deletions(-)
 
-Index: openssl-1.0.1f/Configure
+Index: openssl-1.0.1g/Configure
 ===================================================================
---- openssl-1.0.1f.orig/Configure	2014-01-09 23:16:35.000000000 +0000
-+++ openssl-1.0.1f/Configure	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/Configure
++++ openssl-1.0.1g/Configure
 @@ -990,11 +990,6 @@ if (defined($disabled{"md5"}) || defined
  	$disabled{"ssl2"} = "forced";
  	}
@@ -151,10 +151,10 @@ Index: openssl-1.0.1f/Configure
  	s/^SHLIB_TARGET=.*/SHLIB_TARGET=$shared_target/;
  	s/^SHLIB_MARK=.*/SHLIB_MARK=$shared_mark/;
  	s/^SHARED_LIBS=.*/SHARED_LIBS=\$(SHARED_CRYPTO) \$(SHARED_SSL)/ if (!$no_shared);
-Index: openssl-1.0.1f/Makefile.org
+Index: openssl-1.0.1g/Makefile.org
 ===================================================================
---- openssl-1.0.1f.orig/Makefile.org	2014-01-09 23:16:41.000000000 +0000
-+++ openssl-1.0.1f/Makefile.org	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/Makefile.org
++++ openssl-1.0.1g/Makefile.org
 @@ -135,6 +135,9 @@ FIPSCANLIB=
  
  BASEADDR=
@@ -182,10 +182,10 @@ Index: openssl-1.0.1f/Makefile.org
  		THIS=$${THIS:-$@} MAKEFILE=Makefile MAKEOVERRIDES=
  # MAKEOVERRIDES= effectively "equalizes" GNU-ish and SysV-ish make flavors,
  # which in turn eliminates ambiguities in variable treatment with -e.
-Index: openssl-1.0.1f/apps/pkcs12.c
+Index: openssl-1.0.1g/apps/pkcs12.c
 ===================================================================
---- openssl-1.0.1f.orig/apps/pkcs12.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/apps/pkcs12.c	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/apps/pkcs12.c
++++ openssl-1.0.1g/apps/pkcs12.c
 @@ -67,6 +67,9 @@
  #include <openssl/err.h>
  #include <openssl/pem.h>
@@ -208,10 +208,10 @@ Index: openssl-1.0.1f/apps/pkcs12.c
      enc = EVP_des_ede3_cbc();
      if (bio_err == NULL ) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
  
-Index: openssl-1.0.1f/apps/speed.c
+Index: openssl-1.0.1g/apps/speed.c
 ===================================================================
---- openssl-1.0.1f.orig/apps/speed.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/apps/speed.c	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/apps/speed.c
++++ openssl-1.0.1g/apps/speed.c
 @@ -195,7 +195,6 @@
  #ifdef OPENSSL_DOING_MAKEDEPEND
  #undef AES_set_encrypt_key
@@ -337,10 +337,10 @@ Index: openssl-1.0.1f/apps/speed.c
  		HMAC_Init_ex(&hctx,(unsigned char *)"This is a key...",
  			16,EVP_md5(), NULL);
  
-Index: openssl-1.0.1f/crypto/aes/aes_misc.c
+Index: openssl-1.0.1g/crypto/aes/aes_misc.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/aes/aes_misc.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/aes/aes_misc.c	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/aes/aes_misc.c
++++ openssl-1.0.1g/crypto/aes/aes_misc.c
 @@ -69,17 +69,11 @@ const char *AES_options(void) {
  int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
  			AES_KEY *key)
@@ -359,10 +359,10 @@ Index: openssl-1.0.1f/crypto/aes/aes_misc.c
 -#endif
  	return private_AES_set_decrypt_key(userKey, bits, key);
  	}
-Index: openssl-1.0.1f/crypto/camellia/cmll_locl.h
+Index: openssl-1.0.1g/crypto/camellia/cmll_locl.h
 ===================================================================
---- openssl-1.0.1f.orig/crypto/camellia/cmll_locl.h	2014-01-09 23:16:44.000000000 +0000
-+++ openssl-1.0.1f/crypto/camellia/cmll_locl.h	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/camellia/cmll_locl.h
++++ openssl-1.0.1g/crypto/camellia/cmll_locl.h
 @@ -68,7 +68,8 @@
  #ifndef HEADER_CAMELLIA_LOCL_H
  #define HEADER_CAMELLIA_LOCL_H
@@ -380,10 +380,10 @@ Index: openssl-1.0.1f/crypto/camellia/cmll_locl.h
 -#pragma GCC visibility pop
 +//#pragma GCC visibility pop
  #endif /* #ifndef HEADER_CAMELLIA_LOCL_H */
-Index: openssl-1.0.1f/crypto/cmac/cmac.c
+Index: openssl-1.0.1g/crypto/cmac/cmac.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/cmac/cmac.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/cmac/cmac.c	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/cmac/cmac.c
++++ openssl-1.0.1g/crypto/cmac/cmac.c
 @@ -107,13 +107,6 @@ CMAC_CTX *CMAC_CTX_new(void)
  
  void CMAC_CTX_cleanup(CMAC_CTX *ctx)
@@ -432,10 +432,10 @@ Index: openssl-1.0.1f/crypto/cmac/cmac.c
  	if (ctx->nlast_block == -1)
  		return 0;
  	bl = EVP_CIPHER_CTX_block_size(&ctx->cctx);
-Index: openssl-1.0.1f/crypto/crypto.h
+Index: openssl-1.0.1g/crypto/crypto.h
 ===================================================================
---- openssl-1.0.1f.orig/crypto/crypto.h	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/crypto.h	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/crypto.h
++++ openssl-1.0.1g/crypto/crypto.h
 @@ -553,24 +553,29 @@ int FIPS_mode_set(int r);
  void OPENSSL_init(void);
  
@@ -481,10 +481,10 @@ Index: openssl-1.0.1f/crypto/crypto.h
  /* Error codes for the CRYPTO functions. */
  
  /* Function codes. */
-Index: openssl-1.0.1f/crypto/des/des.h
+Index: openssl-1.0.1g/crypto/des/des.h
 ===================================================================
---- openssl-1.0.1f.orig/crypto/des/des.h	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/des/des.h	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/des/des.h
++++ openssl-1.0.1g/crypto/des/des.h
 @@ -224,9 +224,6 @@ int DES_set_key(const_DES_cblock *key,DE
  int DES_key_sched(const_DES_cblock *key,DES_key_schedule *schedule);
  int DES_set_key_checked(const_DES_cblock *key,DES_key_schedule *schedule);
@@ -495,10 +495,10 @@ Index: openssl-1.0.1f/crypto/des/des.h
  void DES_string_to_key(const char *str,DES_cblock *key);
  void DES_string_to_2keys(const char *str,DES_cblock *key1,DES_cblock *key2);
  void DES_cfb64_encrypt(const unsigned char *in,unsigned char *out,long length,
-Index: openssl-1.0.1f/crypto/des/set_key.c
+Index: openssl-1.0.1g/crypto/des/set_key.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/des/set_key.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/des/set_key.c	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/des/set_key.c
++++ openssl-1.0.1g/crypto/des/set_key.c
 @@ -336,13 +336,6 @@ int DES_set_key_checked(const_DES_cblock
  	}
  
@@ -513,10 +513,10 @@ Index: openssl-1.0.1f/crypto/des/set_key.c
  	{
  	static const int shifts2[16]={0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0};
  	register DES_LONG c,d,t,s,t2;
-Index: openssl-1.0.1f/crypto/dh/dh.h
+Index: openssl-1.0.1g/crypto/dh/dh.h
 ===================================================================
---- openssl-1.0.1f.orig/crypto/dh/dh.h	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/dh/dh.h	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/dh/dh.h
++++ openssl-1.0.1g/crypto/dh/dh.h
 @@ -77,6 +77,8 @@
  # define OPENSSL_DH_MAX_MODULUS_BITS	10000
  #endif
@@ -526,10 +526,10 @@ Index: openssl-1.0.1f/crypto/dh/dh.h
  #define DH_FLAG_CACHE_MONT_P     0x01
  #define DH_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DH
                                         * implementation now uses constant time
-Index: openssl-1.0.1f/crypto/dh/dh_gen.c
+Index: openssl-1.0.1g/crypto/dh/dh_gen.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/dh/dh_gen.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/dh/dh_gen.c	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/dh/dh_gen.c
++++ openssl-1.0.1g/crypto/dh/dh_gen.c
 @@ -84,11 +84,6 @@ int DH_generate_parameters_ex(DH *ret, i
  #endif
  	if(ret->meth->generate_params)
@@ -563,10 +563,10 @@ Index: openssl-1.0.1f/crypto/dh/dh_gen.c
  	ctx=BN_CTX_new();
  	if (ctx == NULL) goto err;
  	BN_CTX_start(ctx);
-Index: openssl-1.0.1f/crypto/dh/dh_key.c
+Index: openssl-1.0.1g/crypto/dh/dh_key.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/dh/dh_key.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/dh/dh_key.c	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/dh/dh_key.c
++++ openssl-1.0.1g/crypto/dh/dh_key.c
 @@ -61,6 +61,9 @@
  #include <openssl/bn.h>
  #include <openssl/rand.h>
@@ -625,10 +625,10 @@ Index: openssl-1.0.1f/crypto/dh/dh_key.c
  	dh->flags |= DH_FLAG_CACHE_MONT_P;
  	return(1);
  	}
-Index: openssl-1.0.1f/crypto/dh/dh_lib.c
+Index: openssl-1.0.1g/crypto/dh/dh_lib.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/dh/dh_lib.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/dh/dh_lib.c	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/dh/dh_lib.c
++++ openssl-1.0.1g/crypto/dh/dh_lib.c
 @@ -81,14 +81,7 @@ const DH_METHOD *DH_get_default_method(v
  	{
  	if(!default_DH_method)
@@ -644,10 +644,10 @@ Index: openssl-1.0.1f/crypto/dh/dh_lib.c
  		}
  	return default_DH_method;
  	}
-Index: openssl-1.0.1f/crypto/dsa/dsa.h
+Index: openssl-1.0.1g/crypto/dsa/dsa.h
 ===================================================================
---- openssl-1.0.1f.orig/crypto/dsa/dsa.h	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/dsa/dsa.h	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/dsa/dsa.h
++++ openssl-1.0.1g/crypto/dsa/dsa.h
 @@ -88,6 +88,8 @@
  # define OPENSSL_DSA_MAX_MODULUS_BITS	10000
  #endif
@@ -708,10 +708,10 @@ Index: openssl-1.0.1f/crypto/dsa/dsa.h
  #define DSA_R_PARAMETER_ENCODING_ERROR			 105
  
  #ifdef  __cplusplus
-Index: openssl-1.0.1f/crypto/dsa/dsa_err.c
+Index: openssl-1.0.1g/crypto/dsa/dsa_err.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/dsa/dsa_err.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/dsa/dsa_err.c	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/dsa/dsa_err.c
++++ openssl-1.0.1g/crypto/dsa/dsa_err.c
 @@ -74,6 +74,8 @@ static ERR_STRING_DATA DSA_str_functs[]=
  {ERR_FUNC(DSA_F_DO_DSA_PRINT),	"DO_DSA_PRINT"},
  {ERR_FUNC(DSA_F_DSAPARAMS_PRINT),	"DSAparams_print"},
@@ -730,10 +730,10 @@ Index: openssl-1.0.1f/crypto/dsa/dsa_err.c
  {ERR_REASON(DSA_R_MISSING_PARAMETERS)    ,"missing parameters"},
  {ERR_REASON(DSA_R_MODULUS_TOO_LARGE)     ,"modulus too large"},
  {ERR_REASON(DSA_R_NEED_NEW_SETUP_VALUES) ,"need new setup values"},
-Index: openssl-1.0.1f/crypto/dsa/dsa_gen.c
+Index: openssl-1.0.1g/crypto/dsa/dsa_gen.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/dsa/dsa_gen.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/dsa/dsa_gen.c	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/dsa/dsa_gen.c
++++ openssl-1.0.1g/crypto/dsa/dsa_gen.c
 @@ -85,6 +85,14 @@
  #include <openssl/fips.h>
  #endif
@@ -1140,10 +1140,10 @@ Index: openssl-1.0.1f/crypto/dsa/dsa_gen.c
  		}
  	if (mont != NULL) BN_MONT_CTX_free(mont);
  	return ok;
-Index: openssl-1.0.1f/crypto/dsa/dsa_key.c
+Index: openssl-1.0.1g/crypto/dsa/dsa_key.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/dsa/dsa_key.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/dsa/dsa_key.c	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/dsa/dsa_key.c
++++ openssl-1.0.1g/crypto/dsa/dsa_key.c
 @@ -66,6 +66,35 @@
  
  #ifdef OPENSSL_FIPS
@@ -1222,10 +1222,10 @@ Index: openssl-1.0.1f/crypto/dsa/dsa_key.c
  	ok=1;
  
  err:
-Index: openssl-1.0.1f/crypto/dsa/dsa_lib.c
+Index: openssl-1.0.1g/crypto/dsa/dsa_lib.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/dsa/dsa_lib.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/dsa/dsa_lib.c	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/dsa/dsa_lib.c
++++ openssl-1.0.1g/crypto/dsa/dsa_lib.c
 @@ -87,14 +87,7 @@ const DSA_METHOD *DSA_get_default_method
  	{
  	if(!default_DSA_method)
@@ -1241,20 +1241,20 @@ Index: openssl-1.0.1f/crypto/dsa/dsa_lib.c
  		}
  	return default_DSA_method;
  	}
-Index: openssl-1.0.1f/crypto/dsa/dsa_locl.h
+Index: openssl-1.0.1g/crypto/dsa/dsa_locl.h
 ===================================================================
---- openssl-1.0.1f.orig/crypto/dsa/dsa_locl.h	2014-01-09 23:16:44.000000000 +0000
-+++ openssl-1.0.1f/crypto/dsa/dsa_locl.h	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/dsa/dsa_locl.h
++++ openssl-1.0.1g/crypto/dsa/dsa_locl.h
 @@ -56,5 +56,4 @@
  
  int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
  	const EVP_MD *evpmd, const unsigned char *seed_in, size_t seed_len,
 -	unsigned char *seed_out,
  	int *counter_ret, unsigned long *h_ret, BN_GENCB *cb) __attribute__ ((visibility ("hidden")));
-Index: openssl-1.0.1f/crypto/dsa/dsa_ossl.c
+Index: openssl-1.0.1g/crypto/dsa/dsa_ossl.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/dsa/dsa_ossl.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/dsa/dsa_ossl.c	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/dsa/dsa_ossl.c
++++ openssl-1.0.1g/crypto/dsa/dsa_ossl.c
 @@ -65,6 +65,9 @@
  #include <openssl/dsa.h>
  #include <openssl/rand.h>
@@ -1328,10 +1328,10 @@ Index: openssl-1.0.1f/crypto/dsa/dsa_ossl.c
  	dsa->flags|=DSA_FLAG_CACHE_MONT_P;
  	return(1);
  }
-Index: openssl-1.0.1f/crypto/dsa/dsa_pmeth.c
+Index: openssl-1.0.1g/crypto/dsa/dsa_pmeth.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/dsa/dsa_pmeth.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/dsa/dsa_pmeth.c	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/dsa/dsa_pmeth.c
++++ openssl-1.0.1g/crypto/dsa/dsa_pmeth.c
 @@ -255,7 +255,7 @@ static int pkey_dsa_paramgen(EVP_PKEY_CT
  	if (!dsa)
  		return 0;
@@ -1341,10 +1341,10 @@ Index: openssl-1.0.1f/crypto/dsa/dsa_pmeth.c
  	if (ret)
  		EVP_PKEY_assign_DSA(pkey, dsa);
  	else
-Index: openssl-1.0.1f/crypto/dsa/dsatest.c
+Index: openssl-1.0.1g/crypto/dsa/dsatest.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/dsa/dsatest.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/dsa/dsatest.c	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/dsa/dsatest.c
++++ openssl-1.0.1g/crypto/dsa/dsatest.c
 @@ -96,36 +96,41 @@ static int MS_CALLBACK dsa_cb(int p, int
  /* seed, out_p, out_q, out_g are taken from the updated Appendix 5 to
   * FIPS PUB 186 and also appear in Appendix 5 to FIPS PIB 186-1 */
@@ -1429,10 +1429,10 @@ Index: openssl-1.0.1f/crypto/dsa/dsatest.c
  		goto end;
  		}
  	if (h != 2)
-Index: openssl-1.0.1f/crypto/engine/eng_all.c
+Index: openssl-1.0.1g/crypto/engine/eng_all.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/engine/eng_all.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/engine/eng_all.c	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/engine/eng_all.c
++++ openssl-1.0.1g/crypto/engine/eng_all.c
 @@ -58,11 +58,25 @@
  
  #include "cryptlib.h"
@@ -1459,10 +1459,10 @@ Index: openssl-1.0.1f/crypto/engine/eng_all.c
  #if 0
  	/* There's no longer any need for an "openssl" ENGINE unless, one day,
  	 * it is the *only* way for standard builtin implementations to be be
-Index: openssl-1.0.1f/crypto/evp/Makefile
+Index: openssl-1.0.1g/crypto/evp/Makefile
 ===================================================================
---- openssl-1.0.1f.orig/crypto/evp/Makefile	2014-01-06 14:36:01.000000000 +0000
-+++ openssl-1.0.1f/crypto/evp/Makefile	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/evp/Makefile
++++ openssl-1.0.1g/crypto/evp/Makefile
 @@ -28,7 +28,7 @@ LIBSRC= encode.c digest.c evp_enc.c evp_
  	bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \
  	c_all.c c_allc.c c_alld.c evp_lib.c bio_ok.c \
@@ -1481,10 +1481,10 @@ Index: openssl-1.0.1f/crypto/evp/Makefile
  	e_aes_cbc_hmac_sha1.o e_rc4_hmac_md5.o
  
  SRC= $(LIBSRC)
-Index: openssl-1.0.1f/crypto/evp/c_allc.c
+Index: openssl-1.0.1g/crypto/evp/c_allc.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/evp/c_allc.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/evp/c_allc.c	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/evp/c_allc.c
++++ openssl-1.0.1g/crypto/evp/c_allc.c
 @@ -65,6 +65,11 @@
  void OpenSSL_add_all_ciphers(void)
  	{
@@ -1558,10 +1558,10 @@ Index: openssl-1.0.1f/crypto/evp/c_allc.c
 +		}
 +#endif
  	}
-Index: openssl-1.0.1f/crypto/evp/c_alld.c
+Index: openssl-1.0.1g/crypto/evp/c_alld.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/evp/c_alld.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/evp/c_alld.c	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/evp/c_alld.c
++++ openssl-1.0.1g/crypto/evp/c_alld.c
 @@ -64,6 +64,11 @@
  
  void OpenSSL_add_all_digests(void)
@@ -1607,10 +1607,10 @@ Index: openssl-1.0.1f/crypto/evp/c_alld.c
 +		}
 +#endif
  	}
-Index: openssl-1.0.1f/crypto/evp/digest.c
+Index: openssl-1.0.1g/crypto/evp/digest.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/evp/digest.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/evp/digest.c	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/evp/digest.c
++++ openssl-1.0.1g/crypto/evp/digest.c
 @@ -142,9 +142,50 @@ int EVP_DigestInit(EVP_MD_CTX *ctx, cons
  	return EVP_DigestInit_ex(ctx, type, NULL);
  	}
@@ -1759,10 +1759,10 @@ Index: openssl-1.0.1f/crypto/evp/digest.c
  	memset(ctx,'\0',sizeof *ctx);
  
  	return 1;
-Index: openssl-1.0.1f/crypto/evp/e_aes.c
+Index: openssl-1.0.1g/crypto/evp/e_aes.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/evp/e_aes.c	2014-01-09 23:16:44.000000000 +0000
-+++ openssl-1.0.1f/crypto/evp/e_aes.c	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/evp/e_aes.c
++++ openssl-1.0.1g/crypto/evp/e_aes.c
 @@ -56,7 +56,6 @@
  #include <assert.h>
  #include <openssl/aes.h>
@@ -1794,10 +1794,10 @@ Index: openssl-1.0.1f/crypto/evp/e_aes.c
  
  #endif
 -#endif
-Index: openssl-1.0.1f/crypto/evp/e_des3.c
+Index: openssl-1.0.1g/crypto/evp/e_des3.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/evp/e_des3.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/evp/e_des3.c	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/evp/e_des3.c
++++ openssl-1.0.1g/crypto/evp/e_des3.c
 @@ -65,8 +65,6 @@
  #include <openssl/des.h>
  #include <openssl/rand.h>
@@ -1856,10 +1856,10 @@ Index: openssl-1.0.1f/crypto/evp/e_des3.c
  }
  #endif
 -#endif
-Index: openssl-1.0.1f/crypto/evp/e_null.c
+Index: openssl-1.0.1g/crypto/evp/e_null.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/evp/e_null.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/evp/e_null.c	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/evp/e_null.c
++++ openssl-1.0.1g/crypto/evp/e_null.c
 @@ -61,8 +61,6 @@
  #include <openssl/evp.h>
  #include <openssl/objects.h>
@@ -1883,10 +1883,10 @@ Index: openssl-1.0.1f/crypto/evp/e_null.c
  	return 1;
  	}
 -#endif
-Index: openssl-1.0.1f/crypto/evp/evp.h
+Index: openssl-1.0.1g/crypto/evp/evp.h
 ===================================================================
---- openssl-1.0.1f.orig/crypto/evp/evp.h	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/evp/evp.h	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/evp/evp.h
++++ openssl-1.0.1g/crypto/evp/evp.h
 @@ -75,6 +75,10 @@
  #include <openssl/bio.h>
  #endif
@@ -1939,10 +1939,10 @@ Index: openssl-1.0.1f/crypto/evp/evp.h
  /* Cipher handles any and all padding logic as well
   * as finalisation.
   */
-Index: openssl-1.0.1f/crypto/evp/evp_enc.c
+Index: openssl-1.0.1g/crypto/evp/evp_enc.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/evp/evp_enc.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/evp/evp_enc.c	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/evp/evp_enc.c
++++ openssl-1.0.1g/crypto/evp/evp_enc.c
 @@ -69,17 +69,58 @@
  #endif
  #include "evp_locl.h"
@@ -2091,10 +2091,10 @@ Index: openssl-1.0.1f/crypto/evp/evp_enc.c
  	memset(c,0,sizeof(EVP_CIPHER_CTX));
  	return 1;
  	}
-Index: openssl-1.0.1f/crypto/evp/evp_lib.c
+Index: openssl-1.0.1g/crypto/evp/evp_lib.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/evp/evp_lib.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/evp/evp_lib.c	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/evp/evp_lib.c
++++ openssl-1.0.1g/crypto/evp/evp_lib.c
 @@ -190,6 +190,9 @@ int EVP_CIPHER_CTX_block_size(const EVP_
  
  int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl)
@@ -2105,10 +2105,10 @@ Index: openssl-1.0.1f/crypto/evp/evp_lib.c
  	return ctx->cipher->do_cipher(ctx,out,in,inl);
  	}
  
-Index: openssl-1.0.1f/crypto/evp/evp_locl.h
+Index: openssl-1.0.1g/crypto/evp/evp_locl.h
 ===================================================================
---- openssl-1.0.1f.orig/crypto/evp/evp_locl.h	2014-01-09 23:16:44.000000000 +0000
-+++ openssl-1.0.1f/crypto/evp/evp_locl.h	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/evp/evp_locl.h
++++ openssl-1.0.1g/crypto/evp/evp_locl.h
 @@ -371,11 +371,6 @@ int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_
  #define MD2_Init	private_MD2_Init
  #define MDC2_Init	private_MDC2_Init
@@ -2129,10 +2129,10 @@ Index: openssl-1.0.1f/crypto/evp/evp_locl.h
  #define Camellia_set_key	private_Camellia_set_key
  
  #endif
-Index: openssl-1.0.1f/crypto/evp/m_dss.c
+Index: openssl-1.0.1g/crypto/evp/m_dss.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/evp/m_dss.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/evp/m_dss.c	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/evp/m_dss.c
++++ openssl-1.0.1g/crypto/evp/m_dss.c
 @@ -66,7 +66,6 @@
  #endif
  
@@ -2155,10 +2155,10 @@ Index: openssl-1.0.1f/crypto/evp/m_dss.c
  	}
  #endif
 -#endif
-Index: openssl-1.0.1f/crypto/evp/m_dss1.c
+Index: openssl-1.0.1g/crypto/evp/m_dss1.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/evp/m_dss1.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/evp/m_dss1.c	2014-01-09 23:16:45.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/evp/m_dss1.c
++++ openssl-1.0.1g/crypto/evp/m_dss1.c
 @@ -68,8 +68,6 @@
  #include <openssl/dsa.h>
  #endif
@@ -2182,10 +2182,10 @@ Index: openssl-1.0.1f/crypto/evp/m_dss1.c
  	}
  #endif
 -#endif
-Index: openssl-1.0.1f/crypto/evp/m_md2.c
+Index: openssl-1.0.1g/crypto/evp/m_md2.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/evp/m_md2.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/evp/m_md2.c	2014-01-09 23:16:46.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/evp/m_md2.c
++++ openssl-1.0.1g/crypto/evp/m_md2.c
 @@ -68,6 +68,7 @@
  #ifndef OPENSSL_NO_RSA
  #include <openssl/rsa.h>
@@ -2194,10 +2194,10 @@ Index: openssl-1.0.1f/crypto/evp/m_md2.c
  
  static int init(EVP_MD_CTX *ctx)
  	{ return MD2_Init(ctx->md_data); }
-Index: openssl-1.0.1f/crypto/evp/m_sha1.c
+Index: openssl-1.0.1g/crypto/evp/m_sha1.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/evp/m_sha1.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/evp/m_sha1.c	2014-01-09 23:16:46.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/evp/m_sha1.c
++++ openssl-1.0.1g/crypto/evp/m_sha1.c
 @@ -59,8 +59,6 @@
  #include <stdio.h>
  #include "cryptlib.h"
@@ -2262,10 +2262,10 @@ Index: openssl-1.0.1f/crypto/evp/m_sha1.c
  #endif	/* ifndef OPENSSL_NO_SHA512 */
  
 -#endif
-Index: openssl-1.0.1f/crypto/evp/p_sign.c
+Index: openssl-1.0.1g/crypto/evp/p_sign.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/evp/p_sign.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/evp/p_sign.c	2014-01-09 23:16:46.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/evp/p_sign.c
++++ openssl-1.0.1g/crypto/evp/p_sign.c
 @@ -61,6 +61,7 @@
  #include <openssl/evp.h>
  #include <openssl/objects.h>
@@ -2297,10 +2297,10 @@ Index: openssl-1.0.1f/crypto/evp/p_sign.c
  		if (EVP_PKEY_sign(pkctx, sigret, &sltmp, m, m_len) <= 0)
  			goto err;
  		*siglen = sltmp;
-Index: openssl-1.0.1f/crypto/evp/p_verify.c
+Index: openssl-1.0.1g/crypto/evp/p_verify.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/evp/p_verify.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/evp/p_verify.c	2014-01-09 23:16:46.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/evp/p_verify.c
++++ openssl-1.0.1g/crypto/evp/p_verify.c
 @@ -61,6 +61,7 @@
  #include <openssl/evp.h>
  #include <openssl/objects.h>
@@ -2332,10 +2332,10 @@ Index: openssl-1.0.1f/crypto/evp/p_verify.c
  		i = EVP_PKEY_verify(pkctx, sigbuf, siglen, m, m_len);
  		err:
  		EVP_PKEY_CTX_free(pkctx);
-Index: openssl-1.0.1f/crypto/fips/Makefile
+Index: openssl-1.0.1g/crypto/fips/Makefile
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/Makefile	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/Makefile
 @@ -0,0 +1,340 @@
 +#
 +# OpenSSL/crypto/fips/Makefile
@@ -2677,10 +2677,10 @@ Index: openssl-1.0.1f/crypto/fips/Makefile
 +fips_sha_selftest.o: ../../include/openssl/safestack.h
 +fips_sha_selftest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 +fips_sha_selftest.o: ../../include/openssl/symhacks.h fips_sha_selftest.c
-Index: openssl-1.0.1f/crypto/fips/cavs/fips_aesavs.c
+Index: openssl-1.0.1g/crypto/fips/cavs/fips_aesavs.c
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/cavs/fips_aesavs.c	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/cavs/fips_aesavs.c
 @@ -0,0 +1,939 @@
 +/* ====================================================================
 + * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
@@ -3621,10 +3621,10 @@ Index: openssl-1.0.1f/crypto/fips/cavs/fips_aesavs.c
 +    }
 +
 +#endif
-Index: openssl-1.0.1f/crypto/fips/cavs/fips_cmactest.c
+Index: openssl-1.0.1g/crypto/fips/cavs/fips_cmactest.c
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/cavs/fips_cmactest.c	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/cavs/fips_cmactest.c
 @@ -0,0 +1,517 @@
 +/* fips_cmactest.c */
 +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
@@ -4143,10 +4143,10 @@ Index: openssl-1.0.1f/crypto/fips/cavs/fips_cmactest.c
 +	}
 +
 +#endif
-Index: openssl-1.0.1f/crypto/fips/cavs/fips_desmovs.c
+Index: openssl-1.0.1g/crypto/fips/cavs/fips_desmovs.c
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/cavs/fips_desmovs.c	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/cavs/fips_desmovs.c
 @@ -0,0 +1,702 @@
 +/* ====================================================================
 + * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
@@ -4850,10 +4850,10 @@ Index: openssl-1.0.1f/crypto/fips/cavs/fips_desmovs.c
 +    }
 +
 +#endif
-Index: openssl-1.0.1f/crypto/fips/cavs/fips_dhvs.c
+Index: openssl-1.0.1g/crypto/fips/cavs/fips_dhvs.c
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/cavs/fips_dhvs.c	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/cavs/fips_dhvs.c
 @@ -0,0 +1,292 @@
 +/* fips/dh/fips_dhvs.c */
 +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
@@ -5147,10 +5147,10 @@ Index: openssl-1.0.1f/crypto/fips/cavs/fips_dhvs.c
 +	}
 +
 +#endif
-Index: openssl-1.0.1f/crypto/fips/cavs/fips_drbgvs.c
+Index: openssl-1.0.1g/crypto/fips/cavs/fips_drbgvs.c
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/cavs/fips_drbgvs.c	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/cavs/fips_drbgvs.c
 @@ -0,0 +1,416 @@
 +/* fips/rand/fips_drbgvs.c */
 +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
@@ -5568,10 +5568,10 @@ Index: openssl-1.0.1f/crypto/fips/cavs/fips_drbgvs.c
 +	}
 +
 +#endif
-Index: openssl-1.0.1f/crypto/fips/cavs/fips_dssvs.c
+Index: openssl-1.0.1g/crypto/fips/cavs/fips_dssvs.c
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/cavs/fips_dssvs.c	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/cavs/fips_dssvs.c
 @@ -0,0 +1,537 @@
 +#include <openssl/opensslconf.h>
 +
@@ -6110,10 +6110,10 @@ Index: openssl-1.0.1f/crypto/fips/cavs/fips_dssvs.c
 +    }
 +
 +#endif
-Index: openssl-1.0.1f/crypto/fips/cavs/fips_gcmtest.c
+Index: openssl-1.0.1g/crypto/fips/cavs/fips_gcmtest.c
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/cavs/fips_gcmtest.c	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/cavs/fips_gcmtest.c
 @@ -0,0 +1,571 @@
 +/* fips/aes/fips_gcmtest.c */
 +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
@@ -6686,10 +6686,10 @@ Index: openssl-1.0.1f/crypto/fips/cavs/fips_gcmtest.c
 +}
 +
 +#endif
-Index: openssl-1.0.1f/crypto/fips/cavs/fips_rngvs.c
+Index: openssl-1.0.1g/crypto/fips/cavs/fips_rngvs.c
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/cavs/fips_rngvs.c	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/cavs/fips_rngvs.c
 @@ -0,0 +1,230 @@
 +/*
 + * Crude test driver for processing the VST and MCT testvector files
@@ -6921,10 +6921,10 @@ Index: openssl-1.0.1f/crypto/fips/cavs/fips_rngvs.c
 +    return 0;
 +    }
 +#endif
-Index: openssl-1.0.1f/crypto/fips/cavs/fips_rsagtest.c
+Index: openssl-1.0.1g/crypto/fips/cavs/fips_rsagtest.c
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/cavs/fips_rsagtest.c	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/cavs/fips_rsagtest.c
 @@ -0,0 +1,390 @@
 +/* fips_rsagtest.c */
 +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
@@ -7316,10 +7316,10 @@ Index: openssl-1.0.1f/crypto/fips/cavs/fips_rsagtest.c
 +	}
 +
 +#endif
-Index: openssl-1.0.1f/crypto/fips/cavs/fips_rsastest.c
+Index: openssl-1.0.1g/crypto/fips/cavs/fips_rsastest.c
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/cavs/fips_rsastest.c	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/cavs/fips_rsastest.c
 @@ -0,0 +1,370 @@
 +/* fips_rsastest.c */
 +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
@@ -7691,10 +7691,10 @@ Index: openssl-1.0.1f/crypto/fips/cavs/fips_rsastest.c
 +	return ret;
 +	}
 +#endif
-Index: openssl-1.0.1f/crypto/fips/cavs/fips_rsavtest.c
+Index: openssl-1.0.1g/crypto/fips/cavs/fips_rsavtest.c
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/cavs/fips_rsavtest.c	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/cavs/fips_rsavtest.c
 @@ -0,0 +1,377 @@
 +/* fips_rsavtest.c */
 +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
@@ -8073,10 +8073,10 @@ Index: openssl-1.0.1f/crypto/fips/cavs/fips_rsavtest.c
 +	return ret;
 +	}
 +#endif
-Index: openssl-1.0.1f/crypto/fips/cavs/fips_shatest.c
+Index: openssl-1.0.1g/crypto/fips/cavs/fips_shatest.c
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/cavs/fips_shatest.c	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/cavs/fips_shatest.c
 @@ -0,0 +1,388 @@
 +/* fips_shatest.c */
 +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
@@ -8466,10 +8466,10 @@ Index: openssl-1.0.1f/crypto/fips/cavs/fips_shatest.c
 +	}
 +
 +#endif
-Index: openssl-1.0.1f/crypto/fips/cavs/fips_utl.h
+Index: openssl-1.0.1g/crypto/fips/cavs/fips_utl.h
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/cavs/fips_utl.h	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/cavs/fips_utl.h
 @@ -0,0 +1,343 @@
 +/* ====================================================================
 + * Copyright (c) 2007 The OpenSSL Project.  All rights reserved.
@@ -8814,10 +8814,10 @@ Index: openssl-1.0.1f/crypto/fips/cavs/fips_utl.h
 +#endif
 +    }
 +
-Index: openssl-1.0.1f/crypto/fips/fips.c
+Index: openssl-1.0.1g/crypto/fips/fips.c
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/fips.c	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/fips.c
 @@ -0,0 +1,489 @@
 +/* ====================================================================
 + * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
@@ -9308,10 +9308,10 @@ Index: openssl-1.0.1f/crypto/fips/fips.c
 +
 +
 +#endif
-Index: openssl-1.0.1f/crypto/fips/fips.h
+Index: openssl-1.0.1g/crypto/fips/fips.h
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/fips.h	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/fips.h
 @@ -0,0 +1,279 @@
 +/* ====================================================================
 + * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
@@ -9592,10 +9592,10 @@ Index: openssl-1.0.1f/crypto/fips/fips.h
 +}
 +#endif
 +#endif
-Index: openssl-1.0.1f/crypto/fips/fips_aes_selftest.c
+Index: openssl-1.0.1g/crypto/fips/fips_aes_selftest.c
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/fips_aes_selftest.c	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/fips_aes_selftest.c
 @@ -0,0 +1,359 @@
 +/* ====================================================================
 + * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
@@ -9956,10 +9956,10 @@ Index: openssl-1.0.1f/crypto/fips/fips_aes_selftest.c
 +	}
 +
 +#endif
-Index: openssl-1.0.1f/crypto/fips/fips_cmac_selftest.c
+Index: openssl-1.0.1g/crypto/fips/fips_cmac_selftest.c
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/fips_cmac_selftest.c	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/fips_cmac_selftest.c
 @@ -0,0 +1,161 @@
 +/* ====================================================================
 + * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
@@ -10122,10 +10122,10 @@ Index: openssl-1.0.1f/crypto/fips/fips_cmac_selftest.c
 +	return rv;
 +	}
 +#endif
-Index: openssl-1.0.1f/crypto/fips/fips_des_selftest.c
+Index: openssl-1.0.1g/crypto/fips/fips_des_selftest.c
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/fips_des_selftest.c	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/fips_des_selftest.c
 @@ -0,0 +1,147 @@
 +/* ====================================================================
 + * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
@@ -10274,10 +10274,10 @@ Index: openssl-1.0.1f/crypto/fips/fips_des_selftest.c
 +    return ret;
 +    }
 +#endif
-Index: openssl-1.0.1f/crypto/fips/fips_drbg_ctr.c
+Index: openssl-1.0.1g/crypto/fips/fips_drbg_ctr.c
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/fips_drbg_ctr.c	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/fips_drbg_ctr.c
 @@ -0,0 +1,436 @@
 +/* fips/rand/fips_drbg_ctr.c */
 +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
@@ -10715,10 +10715,10 @@ Index: openssl-1.0.1f/crypto/fips/fips_drbg_ctr.c
 +
 +	return 1;
 +	}
-Index: openssl-1.0.1f/crypto/fips/fips_drbg_hash.c
+Index: openssl-1.0.1g/crypto/fips/fips_drbg_hash.c
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/fips_drbg_hash.c	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/fips_drbg_hash.c
 @@ -0,0 +1,378 @@
 +/* fips/rand/fips_drbg_hash.c */
 +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
@@ -11098,10 +11098,10 @@ Index: openssl-1.0.1f/crypto/fips/fips_drbg_hash.c
 +
 +	return 1;
 +	}
-Index: openssl-1.0.1f/crypto/fips/fips_drbg_hmac.c
+Index: openssl-1.0.1g/crypto/fips/fips_drbg_hmac.c
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/fips_drbg_hmac.c	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/fips_drbg_hmac.c
 @@ -0,0 +1,281 @@
 +/* fips/rand/fips_drbg_hmac.c */
 +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
@@ -11384,10 +11384,10 @@ Index: openssl-1.0.1f/crypto/fips/fips_drbg_hmac.c
 +
 +	return 1;
 +	}
-Index: openssl-1.0.1f/crypto/fips/fips_drbg_lib.c
+Index: openssl-1.0.1g/crypto/fips/fips_drbg_lib.c
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/fips_drbg_lib.c	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/fips_drbg_lib.c
 @@ -0,0 +1,578 @@
 +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 + * project.
@@ -11967,10 +11967,10 @@ Index: openssl-1.0.1f/crypto/fips/fips_drbg_lib.c
 +	memcpy(dctx->lb, out, dctx->blocklength);
 +	return 1;
 +	}
-Index: openssl-1.0.1f/crypto/fips/fips_drbg_rand.c
+Index: openssl-1.0.1g/crypto/fips/fips_drbg_rand.c
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/fips_drbg_rand.c	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/fips_drbg_rand.c
 @@ -0,0 +1,172 @@
 +/* fips/rand/fips_drbg_rand.c */
 +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
@@ -12144,10 +12144,10 @@ Index: openssl-1.0.1f/crypto/fips/fips_drbg_rand.c
 +	return &rand_drbg_meth;
 +	}
 +
-Index: openssl-1.0.1f/crypto/fips/fips_drbg_selftest.c
+Index: openssl-1.0.1g/crypto/fips/fips_drbg_selftest.c
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/fips_drbg_selftest.c	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/fips_drbg_selftest.c
 @@ -0,0 +1,862 @@
 +/* fips/rand/fips_drbg_selftest.c */
 +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
@@ -13011,10 +13011,10 @@ Index: openssl-1.0.1f/crypto/fips/fips_drbg_selftest.c
 +	return rv;
 +	}
 +
-Index: openssl-1.0.1f/crypto/fips/fips_drbg_selftest.h
+Index: openssl-1.0.1g/crypto/fips/fips_drbg_selftest.h
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/fips_drbg_selftest.h	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/fips_drbg_selftest.h
 @@ -0,0 +1,2335 @@
 +/* ====================================================================
 + * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
@@ -15351,10 +15351,10 @@ Index: openssl-1.0.1f/crypto/fips/fips_drbg_selftest.h
 +	0xc2,0xd6,0xfd,0xa5
 +	};
 +
-Index: openssl-1.0.1f/crypto/fips/fips_dsa_selftest.c
+Index: openssl-1.0.1g/crypto/fips/fips_dsa_selftest.c
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/fips_dsa_selftest.c	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/fips_dsa_selftest.c
 @@ -0,0 +1,193 @@
 +/* ====================================================================
 + * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
@@ -15549,10 +15549,10 @@ Index: openssl-1.0.1f/crypto/fips/fips_dsa_selftest.c
 +	return ret;
 +	}
 +#endif
-Index: openssl-1.0.1f/crypto/fips/fips_enc.c
+Index: openssl-1.0.1g/crypto/fips/fips_enc.c
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/fips_enc.c	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/fips_enc.c
 @@ -0,0 +1,191 @@
 +/* fipe/evp/fips_enc.c */
 +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
@@ -15745,10 +15745,10 @@ Index: openssl-1.0.1f/crypto/fips/fips_enc.c
 +		}
 +	}
 +
-Index: openssl-1.0.1f/crypto/fips/fips_hmac_selftest.c
+Index: openssl-1.0.1g/crypto/fips/fips_hmac_selftest.c
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/fips_hmac_selftest.c	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/fips_hmac_selftest.c
 @@ -0,0 +1,137 @@
 +/* ====================================================================
 + * Copyright (c) 2005 The OpenSSL Project.  All rights reserved.
@@ -15887,10 +15887,10 @@ Index: openssl-1.0.1f/crypto/fips/fips_hmac_selftest.c
 +    return 1;
 +    }
 +#endif
-Index: openssl-1.0.1f/crypto/fips/fips_locl.h
+Index: openssl-1.0.1g/crypto/fips/fips_locl.h
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/fips_locl.h	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/fips_locl.h
 @@ -0,0 +1,71 @@
 +/* ====================================================================
 + * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
@@ -15963,10 +15963,10 @@ Index: openssl-1.0.1f/crypto/fips/fips_locl.h
 +}
 +#endif
 +#endif
-Index: openssl-1.0.1f/crypto/fips/fips_md.c
+Index: openssl-1.0.1g/crypto/fips/fips_md.c
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/fips_md.c	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/fips_md.c
 @@ -0,0 +1,145 @@
 +/* fips/evp/fips_md.c */
 +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
@@ -16113,10 +16113,10 @@ Index: openssl-1.0.1f/crypto/fips/fips_md.c
 +		return NULL;
 +		}
 +	}
-Index: openssl-1.0.1f/crypto/fips/fips_post.c
+Index: openssl-1.0.1g/crypto/fips/fips_post.c
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/fips_post.c	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/fips_post.c
 @@ -0,0 +1,205 @@
 +/* ====================================================================
 + * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
@@ -16323,10 +16323,10 @@ Index: openssl-1.0.1f/crypto/fips/fips_post.c
 +	return 1;
 +	}
 +#endif
-Index: openssl-1.0.1f/crypto/fips/fips_rand.c
+Index: openssl-1.0.1g/crypto/fips/fips_rand.c
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/fips_rand.c	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/fips_rand.c
 @@ -0,0 +1,457 @@
 +/* ====================================================================
 + * Copyright (c) 2007 The OpenSSL Project.  All rights reserved.
@@ -16785,10 +16785,10 @@ Index: openssl-1.0.1f/crypto/fips/fips_rand.c
 +}
 +
 +#endif
-Index: openssl-1.0.1f/crypto/fips/fips_rand.h
+Index: openssl-1.0.1g/crypto/fips/fips_rand.h
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/fips_rand.h	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/fips_rand.h
 @@ -0,0 +1,145 @@
 +/* ====================================================================
 + * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
@@ -16935,10 +16935,10 @@ Index: openssl-1.0.1f/crypto/fips/fips_rand.h
 +#endif
 +#endif
 +#endif
-Index: openssl-1.0.1f/crypto/fips/fips_rand_lcl.h
+Index: openssl-1.0.1g/crypto/fips/fips_rand_lcl.h
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/fips_rand_lcl.h	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/fips_rand_lcl.h
 @@ -0,0 +1,219 @@
 +/* fips/rand/fips_rand_lcl.h */
 +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
@@ -17159,10 +17159,10 @@ Index: openssl-1.0.1f/crypto/fips/fips_rand_lcl.h
 +#define FIPS_digestupdate EVP_DigestUpdate
 +#define FIPS_digestfinal EVP_DigestFinal
 +#define M_EVP_MD_size EVP_MD_size
-Index: openssl-1.0.1f/crypto/fips/fips_rand_lib.c
+Index: openssl-1.0.1g/crypto/fips/fips_rand_lib.c
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/fips_rand_lib.c	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/fips_rand_lib.c
 @@ -0,0 +1,191 @@
 +/* ====================================================================
 + * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
@@ -17355,10 +17355,10 @@ Index: openssl-1.0.1f/crypto/fips/fips_rand_lib.c
 +		}
 +	return 0;
 +	}
-Index: openssl-1.0.1f/crypto/fips/fips_rand_selftest.c
+Index: openssl-1.0.1g/crypto/fips/fips_rand_selftest.c
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/fips_rand_selftest.c	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/fips_rand_selftest.c
 @@ -0,0 +1,183 @@
 +/* ====================================================================
 + * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
@@ -17543,10 +17543,10 @@ Index: openssl-1.0.1f/crypto/fips/fips_rand_selftest.c
 +	}
 +
 +#endif
-Index: openssl-1.0.1f/crypto/fips/fips_randtest.c
+Index: openssl-1.0.1g/crypto/fips/fips_randtest.c
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/fips_randtest.c	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/fips_randtest.c
 @@ -0,0 +1,250 @@
 +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 + * All rights reserved.
@@ -17798,10 +17798,10 @@ Index: openssl-1.0.1f/crypto/fips/fips_randtest.c
 +	}
 +
 +#endif
-Index: openssl-1.0.1f/crypto/fips/fips_rsa_selftest.c
+Index: openssl-1.0.1g/crypto/fips/fips_rsa_selftest.c
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/fips_rsa_selftest.c	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/fips_rsa_selftest.c
 @@ -0,0 +1,444 @@
 +/* ====================================================================
 + * Copyright (c) 2003-2007 The OpenSSL Project.  All rights reserved.
@@ -18247,10 +18247,10 @@ Index: openssl-1.0.1f/crypto/fips/fips_rsa_selftest.c
 +	}
 +
 +#endif /* def OPENSSL_FIPS */
-Index: openssl-1.0.1f/crypto/fips/fips_rsa_x931g.c
+Index: openssl-1.0.1g/crypto/fips/fips_rsa_x931g.c
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/fips_rsa_x931g.c	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/fips_rsa_x931g.c
 @@ -0,0 +1,282 @@
 +/* crypto/rsa/rsa_gen.c */
 +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
@@ -18534,10 +18534,10 @@ Index: openssl-1.0.1f/crypto/fips/fips_rsa_x931g.c
 +	return 0;
 +
 +	}
-Index: openssl-1.0.1f/crypto/fips/fips_sha_selftest.c
+Index: openssl-1.0.1g/crypto/fips/fips_sha_selftest.c
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/fips_sha_selftest.c	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/fips_sha_selftest.c
 @@ -0,0 +1,140 @@
 +/* ====================================================================
 + * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
@@ -18679,10 +18679,10 @@ Index: openssl-1.0.1f/crypto/fips/fips_sha_selftest.c
 +	}
 +
 +#endif
-Index: openssl-1.0.1f/crypto/fips/fips_standalone_hmac.c
+Index: openssl-1.0.1g/crypto/fips/fips_standalone_hmac.c
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/fips_standalone_hmac.c	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/fips_standalone_hmac.c
 @@ -0,0 +1,180 @@
 +/* ====================================================================
 + * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
@@ -18864,10 +18864,10 @@ Index: openssl-1.0.1f/crypto/fips/fips_standalone_hmac.c
 +    }
 +
 +
-Index: openssl-1.0.1f/crypto/fips/fips_test_suite.c
+Index: openssl-1.0.1g/crypto/fips/fips_test_suite.c
 ===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.1f/crypto/fips/fips_test_suite.c	2014-01-09 23:16:46.000000000 +0000
+--- /dev/null
++++ openssl-1.0.1g/crypto/fips/fips_test_suite.c
 @@ -0,0 +1,588 @@
 +/* ====================================================================
 + * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
@@ -19457,10 +19457,10 @@ Index: openssl-1.0.1f/crypto/fips/fips_test_suite.c
 +    }
 +
 +#endif
-Index: openssl-1.0.1f/crypto/hmac/hmac.c
+Index: openssl-1.0.1g/crypto/hmac/hmac.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/hmac/hmac.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/hmac/hmac.c	2014-01-09 23:16:46.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/hmac/hmac.c
++++ openssl-1.0.1g/crypto/hmac/hmac.c
 @@ -81,11 +81,6 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const vo
  			EVPerr(EVP_F_HMAC_INIT_EX, EVP_R_DISABLED_FOR_FIPS);
  			return 0;
@@ -19523,10 +19523,10 @@ Index: openssl-1.0.1f/crypto/hmac/hmac.c
  	EVP_MD_CTX_cleanup(&ctx->i_ctx);
  	EVP_MD_CTX_cleanup(&ctx->o_ctx);
  	EVP_MD_CTX_cleanup(&ctx->md_ctx);
-Index: openssl-1.0.1f/crypto/md2/md2_dgst.c
+Index: openssl-1.0.1g/crypto/md2/md2_dgst.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/md2/md2_dgst.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/md2/md2_dgst.c	2014-01-09 23:16:46.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/md2/md2_dgst.c
++++ openssl-1.0.1g/crypto/md2/md2_dgst.c
 @@ -62,6 +62,11 @@
  #include <openssl/md2.h>
  #include <openssl/opensslv.h>
@@ -19548,10 +19548,10 @@ Index: openssl-1.0.1f/crypto/md2/md2_dgst.c
  	{
  	c->num=0;
  	memset(c->state,0,sizeof c->state);
-Index: openssl-1.0.1f/crypto/md4/md4_dgst.c
+Index: openssl-1.0.1g/crypto/md4/md4_dgst.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/md4/md4_dgst.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/md4/md4_dgst.c	2014-01-09 23:16:46.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/md4/md4_dgst.c
++++ openssl-1.0.1g/crypto/md4/md4_dgst.c
 @@ -71,7 +71,7 @@ const char MD4_version[]="MD4" OPENSSL_V
  #define INIT_DATA_C (unsigned long)0x98badcfeL
  #define INIT_DATA_D (unsigned long)0x10325476L
@@ -19561,10 +19561,10 @@ Index: openssl-1.0.1f/crypto/md4/md4_dgst.c
  	{
  	memset (c,0,sizeof(*c));
  	c->A=INIT_DATA_A;
-Index: openssl-1.0.1f/crypto/md5/md5_dgst.c
+Index: openssl-1.0.1g/crypto/md5/md5_dgst.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/md5/md5_dgst.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/md5/md5_dgst.c	2014-01-09 23:16:46.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/md5/md5_dgst.c
++++ openssl-1.0.1g/crypto/md5/md5_dgst.c
 @@ -71,7 +71,7 @@ const char MD5_version[]="MD5" OPENSSL_V
  #define INIT_DATA_C (unsigned long)0x98badcfeL
  #define INIT_DATA_D (unsigned long)0x10325476L
@@ -19574,10 +19574,10 @@ Index: openssl-1.0.1f/crypto/md5/md5_dgst.c
  	{
  	memset (c,0,sizeof(*c));
  	c->A=INIT_DATA_A;
-Index: openssl-1.0.1f/crypto/mdc2/mdc2dgst.c
+Index: openssl-1.0.1g/crypto/mdc2/mdc2dgst.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/mdc2/mdc2dgst.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/mdc2/mdc2dgst.c	2014-01-09 23:16:46.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/mdc2/mdc2dgst.c
++++ openssl-1.0.1g/crypto/mdc2/mdc2dgst.c
 @@ -76,7 +76,7 @@
  			*((c)++)=(unsigned char)(((l)>>24L)&0xff))
  
@@ -19587,10 +19587,10 @@ Index: openssl-1.0.1f/crypto/mdc2/mdc2dgst.c
  	{
  	c->num=0;
  	c->pad_type=1;
-Index: openssl-1.0.1f/crypto/o_fips.c
+Index: openssl-1.0.1g/crypto/o_fips.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/o_fips.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/o_fips.c	2014-01-09 23:16:46.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/o_fips.c
++++ openssl-1.0.1g/crypto/o_fips.c
 @@ -79,6 +79,8 @@ int FIPS_mode_set(int r)
  #ifndef FIPS_AUTH_USER_PASS
  #define FIPS_AUTH_USER_PASS	"Default FIPS Crypto User Password"
@@ -19600,10 +19600,10 @@ Index: openssl-1.0.1f/crypto/o_fips.c
  	if (!FIPS_module_mode_set(r, FIPS_AUTH_USER_PASS))
  		return 0;
  	if (r)
-Index: openssl-1.0.1f/crypto/o_init.c
+Index: openssl-1.0.1g/crypto/o_init.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/o_init.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/o_init.c	2014-01-09 23:16:46.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/o_init.c
++++ openssl-1.0.1g/crypto/o_init.c
 @@ -55,28 +55,68 @@
  #include <e_os.h>
  #include <openssl/err.h>
@@ -19677,10 +19677,10 @@ Index: openssl-1.0.1f/crypto/o_init.c
 +	{
 +	OPENSSL_init_library();
 +	}
-Index: openssl-1.0.1f/crypto/opensslconf.h
+Index: openssl-1.0.1g/crypto/opensslconf.h
 ===================================================================
---- openssl-1.0.1f.orig/crypto/opensslconf.h	2014-01-06 14:36:07.000000000 +0000
-+++ openssl-1.0.1f/crypto/opensslconf.h	2014-01-09 23:16:46.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/opensslconf.h
++++ openssl-1.0.1g/crypto/opensslconf.h
 @@ -1,6 +1,9 @@
  /* opensslconf.h */
  /* WARNING: Generated automatically from opensslconf.h.in by Configure. */
@@ -19691,10 +19691,10 @@ Index: openssl-1.0.1f/crypto/opensslconf.h
  /* OpenSSL was configured with the following options: */
  #ifndef OPENSSL_DOING_MAKEDEPEND
  
-Index: openssl-1.0.1f/crypto/opensslconf.h.in
+Index: openssl-1.0.1g/crypto/opensslconf.h.in
 ===================================================================
---- openssl-1.0.1f.orig/crypto/opensslconf.h.in	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/opensslconf.h.in	2014-01-09 23:16:46.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/opensslconf.h.in
++++ openssl-1.0.1g/crypto/opensslconf.h.in
 @@ -1,5 +1,20 @@
  /* crypto/opensslconf.h.in */
  
@@ -19716,10 +19716,10 @@ Index: openssl-1.0.1f/crypto/opensslconf.h.in
  /* Generate 80386 code? */
  #undef I386_ONLY
  
-Index: openssl-1.0.1f/crypto/pkcs12/p12_crt.c
+Index: openssl-1.0.1g/crypto/pkcs12/p12_crt.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/pkcs12/p12_crt.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/pkcs12/p12_crt.c	2014-01-09 23:16:46.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/pkcs12/p12_crt.c
++++ openssl-1.0.1g/crypto/pkcs12/p12_crt.c
 @@ -59,6 +59,10 @@
  #include <stdio.h>
  #include "cryptlib.h"
@@ -19731,11 +19731,11 @@ Index: openssl-1.0.1f/crypto/pkcs12/p12_crt.c
  
  
  static int pkcs12_add_bag(STACK_OF(PKCS12_SAFEBAG) **pbags, PKCS12_SAFEBAG *bag);
-Index: openssl-1.0.1f/crypto/rand/md_rand.c
+Index: openssl-1.0.1g/crypto/rand/md_rand.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/rand/md_rand.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/rand/md_rand.c	2014-01-09 23:16:46.000000000 +0000
-@@ -392,7 +392,10 @@ static int ssleay_rand_bytes(unsigned ch
+--- openssl-1.0.1g.orig/crypto/rand/md_rand.c
++++ openssl-1.0.1g/crypto/rand/md_rand.c
+@@ -395,7 +395,10 @@ static int ssleay_rand_bytes(unsigned ch
  	CRYPTO_w_unlock(CRYPTO_LOCK_RAND2);
  	crypto_lock_rand = 1;
  
@@ -19747,10 +19747,10 @@ Index: openssl-1.0.1f/crypto/rand/md_rand.c
  		{
  		RAND_poll();
  		initialized = 1;
-Index: openssl-1.0.1f/crypto/rand/rand.h
+Index: openssl-1.0.1g/crypto/rand/rand.h
 ===================================================================
---- openssl-1.0.1f.orig/crypto/rand/rand.h	2014-01-09 23:20:58.000000000 +0000
-+++ openssl-1.0.1f/crypto/rand/rand.h	2014-01-09 23:21:17.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/rand/rand.h
++++ openssl-1.0.1g/crypto/rand/rand.h
 @@ -133,16 +133,34 @@ void ERR_load_RAND_strings(void);
  /* Error codes for the RAND functions. */
  
@@ -19791,10 +19791,10 @@ Index: openssl-1.0.1f/crypto/rand/rand.h
  
  #ifdef  __cplusplus
  }
-Index: openssl-1.0.1f/crypto/ripemd/rmd_dgst.c
+Index: openssl-1.0.1g/crypto/ripemd/rmd_dgst.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/ripemd/rmd_dgst.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/ripemd/rmd_dgst.c	2014-01-09 23:16:46.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/ripemd/rmd_dgst.c
++++ openssl-1.0.1g/crypto/ripemd/rmd_dgst.c
 @@ -70,7 +70,7 @@ const char RMD160_version[]="RIPE-MD160"
       void ripemd160_block(RIPEMD160_CTX *c, unsigned long *p,size_t num);
  #  endif
@@ -19804,10 +19804,10 @@ Index: openssl-1.0.1f/crypto/ripemd/rmd_dgst.c
  	{
  	memset (c,0,sizeof(*c));
  	c->A=RIPEMD160_A;
-Index: openssl-1.0.1f/crypto/rsa/rsa.h
+Index: openssl-1.0.1g/crypto/rsa/rsa.h
 ===================================================================
---- openssl-1.0.1f.orig/crypto/rsa/rsa.h	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/rsa/rsa.h	2014-01-09 23:16:46.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/rsa/rsa.h
++++ openssl-1.0.1g/crypto/rsa/rsa.h
 @@ -164,6 +164,8 @@ struct rsa_st
  # define OPENSSL_RSA_MAX_MODULUS_BITS	16384
  #endif
@@ -19892,10 +19892,10 @@ Index: openssl-1.0.1f/crypto/rsa/rsa.h
  #define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE	 148
  #define RSA_R_PADDING_CHECK_FAILED			 114
  #define RSA_R_P_NOT_PRIME				 128
-Index: openssl-1.0.1f/crypto/rsa/rsa_crpt.c
+Index: openssl-1.0.1g/crypto/rsa/rsa_crpt.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/rsa/rsa_crpt.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/rsa/rsa_crpt.c	2014-01-09 23:16:46.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/rsa/rsa_crpt.c
++++ openssl-1.0.1g/crypto/rsa/rsa_crpt.c
 @@ -90,10 +90,9 @@ int RSA_private_encrypt(int flen, const
  	     RSA *rsa, int padding)
  	{
@@ -19922,10 +19922,10 @@ Index: openssl-1.0.1f/crypto/rsa/rsa_crpt.c
  		return -1;
  		}
  #endif
-Index: openssl-1.0.1f/crypto/rsa/rsa_eay.c
+Index: openssl-1.0.1g/crypto/rsa/rsa_eay.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/rsa/rsa_eay.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/rsa/rsa_eay.c	2014-01-09 23:16:46.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/rsa/rsa_eay.c
++++ openssl-1.0.1g/crypto/rsa/rsa_eay.c
 @@ -114,6 +114,10 @@
  #include <openssl/bn.h>
  #include <openssl/rsa.h>
@@ -20056,10 +20056,10 @@ Index: openssl-1.0.1f/crypto/rsa/rsa_eay.c
  	rsa->flags|=RSA_FLAG_CACHE_PUBLIC|RSA_FLAG_CACHE_PRIVATE;
  	return(1);
  	}
-Index: openssl-1.0.1f/crypto/rsa/rsa_err.c
+Index: openssl-1.0.1g/crypto/rsa/rsa_err.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/rsa/rsa_err.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/rsa/rsa_err.c	2014-01-09 23:16:46.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/rsa/rsa_err.c
++++ openssl-1.0.1g/crypto/rsa/rsa_err.c
 @@ -121,6 +121,8 @@ static ERR_STRING_DATA RSA_str_functs[]=
  {ERR_FUNC(RSA_F_RSA_PUBLIC_ENCRYPT),	"RSA_public_encrypt"},
  {ERR_FUNC(RSA_F_RSA_PUB_DECODE),	"RSA_PUB_DECODE"},
@@ -20069,10 +20069,10 @@ Index: openssl-1.0.1f/crypto/rsa/rsa_err.c
  {ERR_FUNC(RSA_F_RSA_SIGN),	"RSA_sign"},
  {ERR_FUNC(RSA_F_RSA_SIGN_ASN1_OCTET_STRING),	"RSA_sign_ASN1_OCTET_STRING"},
  {ERR_FUNC(RSA_F_RSA_VERIFY),	"RSA_verify"},
-Index: openssl-1.0.1f/crypto/rsa/rsa_gen.c
+Index: openssl-1.0.1g/crypto/rsa/rsa_gen.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/rsa/rsa_gen.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/rsa/rsa_gen.c	2014-01-09 23:16:46.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/rsa/rsa_gen.c
++++ openssl-1.0.1g/crypto/rsa/rsa_gen.c
 @@ -69,6 +69,78 @@
  #include <openssl/rsa.h>
  #ifdef OPENSSL_FIPS
@@ -20214,10 +20214,10 @@ Index: openssl-1.0.1f/crypto/rsa/rsa_gen.c
  	ok=1;
  err:
  	if (ok == -1)
-Index: openssl-1.0.1f/crypto/rsa/rsa_lib.c
+Index: openssl-1.0.1g/crypto/rsa/rsa_lib.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/rsa/rsa_lib.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/rsa/rsa_lib.c	2014-01-09 23:16:46.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/rsa/rsa_lib.c
++++ openssl-1.0.1g/crypto/rsa/rsa_lib.c
 @@ -84,6 +84,13 @@ RSA *RSA_new(void)
  
  void RSA_set_default_method(const RSA_METHOD *meth)
@@ -20293,10 +20293,10 @@ Index: openssl-1.0.1f/crypto/rsa/rsa_lib.c
  	if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data))
  		{
  #ifndef OPENSSL_NO_ENGINE
-Index: openssl-1.0.1f/crypto/rsa/rsa_pmeth.c
+Index: openssl-1.0.1g/crypto/rsa/rsa_pmeth.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/rsa/rsa_pmeth.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/rsa/rsa_pmeth.c	2014-01-09 23:16:46.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/rsa/rsa_pmeth.c
++++ openssl-1.0.1g/crypto/rsa/rsa_pmeth.c
 @@ -206,22 +206,6 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *c
  					RSA_R_INVALID_DIGEST_LENGTH);
  			return -1;
@@ -20340,10 +20340,10 @@ Index: openssl-1.0.1f/crypto/rsa/rsa_pmeth.c
  		if (rctx->pad_mode == RSA_PKCS1_PADDING)
  			return RSA_verify(EVP_MD_type(rctx->md), tbs, tbslen,
  					sig, siglen, rsa);
-Index: openssl-1.0.1f/crypto/rsa/rsa_sign.c
+Index: openssl-1.0.1g/crypto/rsa/rsa_sign.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/rsa/rsa_sign.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/rsa/rsa_sign.c	2014-01-09 23:16:46.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/rsa/rsa_sign.c
++++ openssl-1.0.1g/crypto/rsa/rsa_sign.c
 @@ -138,7 +138,8 @@ int RSA_sign(int type, const unsigned ch
  		i2d_X509_SIG(&sig,&p);
  		s=tmps;
@@ -20375,10 +20375,10 @@ Index: openssl-1.0.1f/crypto/rsa/rsa_sign.c
  
  	if (i <= 0) goto err;
  	/* Oddball MDC2 case: signature can be OCTET STRING.
-Index: openssl-1.0.1f/crypto/sha/sha.h
+Index: openssl-1.0.1g/crypto/sha/sha.h
 ===================================================================
---- openssl-1.0.1f.orig/crypto/sha/sha.h	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/sha/sha.h	2014-01-09 23:16:46.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/sha/sha.h
++++ openssl-1.0.1g/crypto/sha/sha.h
 @@ -116,9 +116,6 @@ unsigned char *SHA(const unsigned char *
  void SHA_Transform(SHA_CTX *c, const unsigned char *data);
  #endif
@@ -20411,10 +20411,10 @@ Index: openssl-1.0.1f/crypto/sha/sha.h
  int SHA384_Init(SHA512_CTX *c);
  int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
  int SHA384_Final(unsigned char *md, SHA512_CTX *c);
-Index: openssl-1.0.1f/crypto/sha/sha256.c
+Index: openssl-1.0.1g/crypto/sha/sha256.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/sha/sha256.c	2014-01-09 23:16:44.000000000 +0000
-+++ openssl-1.0.1f/crypto/sha/sha256.c	2014-01-09 23:16:46.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/sha/sha256.c
++++ openssl-1.0.1g/crypto/sha/sha256.c
 @@ -12,12 +12,19 @@
  
  #include <openssl/crypto.h>
@@ -20445,10 +20445,10 @@ Index: openssl-1.0.1f/crypto/sha/sha256.c
  	memset (c,0,sizeof(*c));
  	c->h[0]=0x6a09e667UL;	c->h[1]=0xbb67ae85UL;
  	c->h[2]=0x3c6ef372UL;	c->h[3]=0xa54ff53aUL;
-Index: openssl-1.0.1f/crypto/sha/sha512.c
+Index: openssl-1.0.1g/crypto/sha/sha512.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/sha/sha512.c	2014-01-09 23:16:44.000000000 +0000
-+++ openssl-1.0.1f/crypto/sha/sha512.c	2014-01-09 23:16:46.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/sha/sha512.c
++++ openssl-1.0.1g/crypto/sha/sha512.c
 @@ -5,6 +5,10 @@
   * ====================================================================
   */
@@ -20480,10 +20480,10 @@ Index: openssl-1.0.1f/crypto/sha/sha512.c
  	c->h[0]=U64(0x6a09e667f3bcc908);
  	c->h[1]=U64(0xbb67ae8584caa73b);
  	c->h[2]=U64(0x3c6ef372fe94f82b);
-Index: openssl-1.0.1f/crypto/sha/sha_locl.h
+Index: openssl-1.0.1g/crypto/sha/sha_locl.h
 ===================================================================
---- openssl-1.0.1f.orig/crypto/sha/sha_locl.h	2014-01-09 23:16:44.000000000 +0000
-+++ openssl-1.0.1f/crypto/sha/sha_locl.h	2014-01-09 23:16:46.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/sha/sha_locl.h
++++ openssl-1.0.1g/crypto/sha/sha_locl.h
 @@ -123,11 +123,14 @@ void sha1_block_data_order (SHA_CTX *c,
  #define INIT_DATA_h4 0xc3d2e1f0UL
  
@@ -20500,10 +20500,10 @@ Index: openssl-1.0.1f/crypto/sha/sha_locl.h
  	memset (c,0,sizeof(*c));
  	c->h0=INIT_DATA_h0;
  	c->h1=INIT_DATA_h1;
-Index: openssl-1.0.1f/crypto/whrlpool/wp_dgst.c
+Index: openssl-1.0.1g/crypto/whrlpool/wp_dgst.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/whrlpool/wp_dgst.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/crypto/whrlpool/wp_dgst.c	2014-01-09 23:16:46.000000000 +0000
+--- openssl-1.0.1g.orig/crypto/whrlpool/wp_dgst.c
++++ openssl-1.0.1g/crypto/whrlpool/wp_dgst.c
 @@ -55,7 +55,7 @@
  #include <openssl/crypto.h>
  #include <string.h>
@@ -20513,10 +20513,10 @@ Index: openssl-1.0.1f/crypto/whrlpool/wp_dgst.c
  	{
  	memset (c,0,sizeof(*c));
  	return(1);
-Index: openssl-1.0.1f/ssl/d1_srvr.c
+Index: openssl-1.0.1g/ssl/d1_srvr.c
 ===================================================================
---- openssl-1.0.1f.orig/ssl/d1_srvr.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/ssl/d1_srvr.c	2014-01-09 23:16:46.000000000 +0000
+--- openssl-1.0.1g.orig/ssl/d1_srvr.c
++++ openssl-1.0.1g/ssl/d1_srvr.c
 @@ -1383,6 +1383,8 @@ int dtls1_send_server_key_exchange(SSL *
  				j=0;
  				for (num=2; num > 0; num--)
@@ -20526,10 +20526,10 @@ Index: openssl-1.0.1f/ssl/d1_srvr.c
  					EVP_DigestInit_ex(&md_ctx,(num == 2)
  						?s->ctx->md5:s->ctx->sha1, NULL);
  					EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
-Index: openssl-1.0.1f/ssl/ssl_algs.c
+Index: openssl-1.0.1g/ssl/ssl_algs.c
 ===================================================================
---- openssl-1.0.1f.orig/ssl/ssl_algs.c	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/ssl/ssl_algs.c	2014-01-09 23:16:46.000000000 +0000
+--- openssl-1.0.1g.orig/ssl/ssl_algs.c
++++ openssl-1.0.1g/ssl/ssl_algs.c
 @@ -64,6 +64,12 @@
  int SSL_library_init(void)
  	{
diff --git a/openssl-1.0.1e-new-fips-reqs.patch b/openssl-1.0.1e-new-fips-reqs.patch
index ed2955f..fd217e7 100644
--- a/openssl-1.0.1e-new-fips-reqs.patch
+++ b/openssl-1.0.1e-new-fips-reqs.patch
@@ -1,7 +1,7 @@
-Index: openssl-1.0.1f/crypto/bn/bn_rand.c
+Index: openssl-1.0.1g/crypto/bn/bn_rand.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/bn/bn_rand.c
-+++ openssl-1.0.1f/crypto/bn/bn_rand.c
+--- openssl-1.0.1g.orig/crypto/bn/bn_rand.c
++++ openssl-1.0.1g/crypto/bn/bn_rand.c
 @@ -138,9 +138,12 @@ static int bnrand(int pseudorand, BIGNUM
  		goto err;
  		}
@@ -18,10 +18,10 @@ Index: openssl-1.0.1f/crypto/bn/bn_rand.c
  
  	if (pseudorand)
  		{
-Index: openssl-1.0.1f/crypto/dh/dh_gen.c
+Index: openssl-1.0.1g/crypto/dh/dh_gen.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/dh/dh_gen.c
-+++ openssl-1.0.1f/crypto/dh/dh_gen.c
+--- openssl-1.0.1g.orig/crypto/dh/dh_gen.c
++++ openssl-1.0.1g/crypto/dh/dh_gen.c
 @@ -125,7 +125,7 @@ static int dh_builtin_genparams(DH *ret,
  		return 0;
  		}
@@ -31,10 +31,10 @@ Index: openssl-1.0.1f/crypto/dh/dh_gen.c
  		{
  		DHerr(DH_F_DH_BUILTIN_GENPARAMS, DH_R_KEY_SIZE_TOO_SMALL);
  		goto err;
-Index: openssl-1.0.1f/crypto/dh/dh.h
+Index: openssl-1.0.1g/crypto/dh/dh.h
 ===================================================================
---- openssl-1.0.1f.orig/crypto/dh/dh.h
-+++ openssl-1.0.1f/crypto/dh/dh.h
+--- openssl-1.0.1g.orig/crypto/dh/dh.h
++++ openssl-1.0.1g/crypto/dh/dh.h
 @@ -78,6 +78,7 @@
  #endif
  
@@ -43,10 +43,10 @@ Index: openssl-1.0.1f/crypto/dh/dh.h
  
  #define DH_FLAG_CACHE_MONT_P     0x01
  #define DH_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DH
-Index: openssl-1.0.1f/crypto/dh/dh_check.c
+Index: openssl-1.0.1g/crypto/dh/dh_check.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/dh/dh_check.c
-+++ openssl-1.0.1f/crypto/dh/dh_check.c
+--- openssl-1.0.1g.orig/crypto/dh/dh_check.c
++++ openssl-1.0.1g/crypto/dh/dh_check.c
 @@ -134,7 +134,33 @@ int DH_check_pub_key(const DH *dh, const
  	BN_sub_word(q,1);
  	if (BN_cmp(pub_key,q)>=0)
@@ -81,10 +81,10 @@ Index: openssl-1.0.1f/crypto/dh/dh_check.c
  	ok = 1;
  err:
  	if (q != NULL) BN_free(q);
-Index: openssl-1.0.1f/crypto/dsa/dsa_gen.c
+Index: openssl-1.0.1g/crypto/dsa/dsa_gen.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/dsa/dsa_gen.c
-+++ openssl-1.0.1f/crypto/dsa/dsa_gen.c
+--- openssl-1.0.1g.orig/crypto/dsa/dsa_gen.c
++++ openssl-1.0.1g/crypto/dsa/dsa_gen.c
 @@ -159,7 +159,6 @@ int dsa_builtin_paramgen(DSA *ret, size_
  	    }
  
@@ -93,10 +93,10 @@ Index: openssl-1.0.1f/crypto/dsa/dsa_gen.c
  	    (bits != 2048 || qbits != 224) &&
  	    (bits != 2048 || qbits != 256) &&
  	    (bits != 3072 || qbits != 256))
-Index: openssl-1.0.1f/crypto/dsa/dsa.h
+Index: openssl-1.0.1g/crypto/dsa/dsa.h
 ===================================================================
---- openssl-1.0.1f.orig/crypto/dsa/dsa.h
-+++ openssl-1.0.1f/crypto/dsa/dsa.h
+--- openssl-1.0.1g.orig/crypto/dsa/dsa.h
++++ openssl-1.0.1g/crypto/dsa/dsa.h
 @@ -89,6 +89,7 @@
  #endif
  
@@ -118,10 +118,10 @@ Index: openssl-1.0.1f/crypto/dsa/dsa.h
  #define DSA_is_prime(n, callback, cb_arg) \
  	BN_is_prime(n, DSS_prime_checks, callback, NULL, cb_arg)
  
-Index: openssl-1.0.1f/crypto/dsa/dsa_key.c
+Index: openssl-1.0.1g/crypto/dsa/dsa_key.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/dsa/dsa_key.c
-+++ openssl-1.0.1f/crypto/dsa/dsa_key.c
+--- openssl-1.0.1g.orig/crypto/dsa/dsa_key.c
++++ openssl-1.0.1g/crypto/dsa/dsa_key.c
 @@ -122,7 +122,7 @@ static int dsa_builtin_keygen(DSA *dsa)
  
  #ifdef OPENSSL_FIPS
@@ -131,10 +131,10 @@ Index: openssl-1.0.1f/crypto/dsa/dsa_key.c
  		{
  		DSAerr(DSA_F_DSA_BUILTIN_KEYGEN, DSA_R_KEY_SIZE_TOO_SMALL);
  		goto err;
-Index: openssl-1.0.1f/crypto/fips/fips_dh_selftest.c
+Index: openssl-1.0.1g/crypto/fips/fips_dh_selftest.c
 ===================================================================
 --- /dev/null
-+++ openssl-1.0.1f/crypto/fips/fips_dh_selftest.c
++++ openssl-1.0.1g/crypto/fips/fips_dh_selftest.c
 @@ -0,0 +1,162 @@
 +/* ====================================================================
 + * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
@@ -298,10 +298,10 @@ Index: openssl-1.0.1f/crypto/fips/fips_dh_selftest.c
 +	return ret;
 +	}
 +#endif
-Index: openssl-1.0.1f/crypto/fips/fips_drbg_rand.c
+Index: openssl-1.0.1g/crypto/fips/fips_drbg_rand.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/fips/fips_drbg_rand.c
-+++ openssl-1.0.1f/crypto/fips/fips_drbg_rand.c
+--- openssl-1.0.1g.orig/crypto/fips/fips_drbg_rand.c
++++ openssl-1.0.1g/crypto/fips/fips_drbg_rand.c
 @@ -77,7 +77,8 @@ static int fips_drbg_bytes(unsigned char
  	int rv = 0;
  	unsigned char *adin = NULL;
@@ -382,10 +382,10 @@ Index: openssl-1.0.1f/crypto/fips/fips_drbg_rand.c
  	}
  
  static const RAND_METHOD rand_drbg_meth =
-Index: openssl-1.0.1f/crypto/fips/fips.h
+Index: openssl-1.0.1g/crypto/fips/fips.h
 ===================================================================
---- openssl-1.0.1f.orig/crypto/fips/fips.h
-+++ openssl-1.0.1f/crypto/fips/fips.h
+--- openssl-1.0.1g.orig/crypto/fips/fips.h
++++ openssl-1.0.1g/crypto/fips/fips.h
 @@ -96,6 +96,7 @@ void FIPS_corrupt_dsa_keygen(void);
  int FIPS_selftest_dsa(void);
  int FIPS_selftest_ecdsa(void);
@@ -394,10 +394,10 @@ Index: openssl-1.0.1f/crypto/fips/fips.h
  void FIPS_corrupt_rng(void);
  void FIPS_rng_stick(void);
  void FIPS_x931_stick(int onoff);
-Index: openssl-1.0.1f/crypto/fips/fips_post.c
+Index: openssl-1.0.1g/crypto/fips/fips_post.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/fips/fips_post.c
-+++ openssl-1.0.1f/crypto/fips/fips_post.c
+--- openssl-1.0.1g.orig/crypto/fips/fips_post.c
++++ openssl-1.0.1g/crypto/fips/fips_post.c
 @@ -99,6 +99,8 @@ int FIPS_selftest(void)
  		rv = 0;
  	if (!FIPS_selftest_dsa())
@@ -407,10 +407,10 @@ Index: openssl-1.0.1f/crypto/fips/fips_post.c
  	if (!FIPS_selftest_ecdh())
  		rv = 0;
  	return rv;
-Index: openssl-1.0.1f/crypto/fips/fips_rsa_selftest.c
+Index: openssl-1.0.1g/crypto/fips/fips_rsa_selftest.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/fips/fips_rsa_selftest.c
-+++ openssl-1.0.1f/crypto/fips/fips_rsa_selftest.c
+--- openssl-1.0.1g.orig/crypto/fips/fips_rsa_selftest.c
++++ openssl-1.0.1g/crypto/fips/fips_rsa_selftest.c
 @@ -340,6 +340,42 @@ static const unsigned char kat_RSA_X931_
    0x60, 0x83, 0x18, 0x88, 0xA3, 0xF5, 0x59, 0xC3
  };
@@ -480,10 +480,10 @@ Index: openssl-1.0.1f/crypto/fips/fips_rsa_selftest.c
  		RSA_free(key);
  	return ret;
  	}
-Index: openssl-1.0.1f/crypto/fips/Makefile
+Index: openssl-1.0.1g/crypto/fips/Makefile
 ===================================================================
---- openssl-1.0.1f.orig/crypto/fips/Makefile
-+++ openssl-1.0.1f/crypto/fips/Makefile
+--- openssl-1.0.1g.orig/crypto/fips/Makefile
++++ openssl-1.0.1g/crypto/fips/Makefile
 @@ -24,13 +24,15 @@ LIBSRC=fips_aes_selftest.c fips_des_self
      fips_rsa_selftest.c fips_sha_selftest.c fips.c fips_dsa_selftest.c  fips_rand.c \
      fips_rsa_x931g.c fips_post.c fips_drbg_ctr.c fips_drbg_hash.c fips_drbg_hmac.c \
@@ -502,11 +502,11 @@ Index: openssl-1.0.1f/crypto/fips/Makefile
  
  LIBCRYPTO=-L.. -lcrypto
  
-Index: openssl-1.0.1f/crypto/modes/gcm128.c
+Index: openssl-1.0.1g/crypto/modes/gcm128.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/modes/gcm128.c
-+++ openssl-1.0.1f/crypto/modes/gcm128.c
-@@ -898,6 +898,10 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT
+--- openssl-1.0.1g.orig/crypto/modes/gcm128.c
++++ openssl-1.0.1g/crypto/modes/gcm128.c
+@@ -906,6 +906,10 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT
  # endif
  #endif
  
@@ -517,7 +517,7 @@ Index: openssl-1.0.1f/crypto/modes/gcm128.c
  #if 0
  	n = (unsigned int)mlen%16; /* alternative to ctx->mres */
  #endif
-@@ -1213,6 +1217,10 @@ int CRYPTO_gcm128_encrypt_ctr32(GCM128_C
+@@ -1269,6 +1273,10 @@ int CRYPTO_gcm128_encrypt_ctr32(GCM128_C
  # endif
  #endif
  
@@ -528,10 +528,10 @@ Index: openssl-1.0.1f/crypto/modes/gcm128.c
  	mlen += len;
  	if (mlen>((U64(1)<<36)-32) || (sizeof(len)==8 && mlen<len))
  		return -1;
-Index: openssl-1.0.1f/crypto/modes/modes_lcl.h
+Index: openssl-1.0.1g/crypto/modes/modes_lcl.h
 ===================================================================
---- openssl-1.0.1f.orig/crypto/modes/modes_lcl.h
-+++ openssl-1.0.1f/crypto/modes/modes_lcl.h
+--- openssl-1.0.1g.orig/crypto/modes/modes_lcl.h
++++ openssl-1.0.1g/crypto/modes/modes_lcl.h
 @@ -114,6 +114,8 @@ struct gcm128_context {
  	unsigned int mres, ares;
  	block128_f block;
@@ -541,10 +541,10 @@ Index: openssl-1.0.1f/crypto/modes/modes_lcl.h
  };
  
  struct xts128_context {
-Index: openssl-1.0.1f/crypto/rand/md_rand.c
+Index: openssl-1.0.1g/crypto/rand/md_rand.c
 ===================================================================
---- openssl-1.0.1f.orig/crypto/rand/md_rand.c
-+++ openssl-1.0.1f/crypto/rand/md_rand.c
+--- openssl-1.0.1g.orig/crypto/rand/md_rand.c
++++ openssl-1.0.1g/crypto/rand/md_rand.c
 @@ -143,12 +143,6 @@ static long md_count[2]={0,0};
  static double entropy=0;
  static int initialized=0;
@@ -565,9 +565,9 @@ Index: openssl-1.0.1f/crypto/rand/md_rand.c
 -	int do_not_lock;
 +	int locked;
  
- 	/*
- 	 * (Based on the rand(3) manpage)
-@@ -213,19 +207,8 @@ static void ssleay_rand_add(const void *
+ 	if (!num)
+ 		return;
+@@ -216,19 +210,8 @@ static void ssleay_rand_add(const void *
           * hash function.
  	 */
  
@@ -588,7 +588,7 @@ Index: openssl-1.0.1f/crypto/rand/md_rand.c
  	st_idx=state_index;
  
  	/* use our own copies of the counters so that even
-@@ -257,7 +240,8 @@ static void ssleay_rand_add(const void *
+@@ -260,7 +243,8 @@ static void ssleay_rand_add(const void *
  
  	md_count[1] += (num / MD_DIGEST_LENGTH) + (num % MD_DIGEST_LENGTH > 0);
  
@@ -598,7 +598,7 @@ Index: openssl-1.0.1f/crypto/rand/md_rand.c
  
  	EVP_MD_CTX_init(&m);
  	for (i=0; i<num; i+=MD_DIGEST_LENGTH)
-@@ -308,7 +292,7 @@ static void ssleay_rand_add(const void *
+@@ -311,7 +295,7 @@ static void ssleay_rand_add(const void *
  		}
  	EVP_MD_CTX_cleanup(&m);
  
@@ -607,7 +607,7 @@ Index: openssl-1.0.1f/crypto/rand/md_rand.c
  	/* Don't just copy back local_md into md -- this could mean that
  	 * other thread's seeding remains without effect (except for
  	 * the incremented counter).  By XORing it we keep at least as
-@@ -319,7 +303,8 @@ static void ssleay_rand_add(const void *
+@@ -322,7 +306,8 @@ static void ssleay_rand_add(const void *
  		}
  	if (entropy < ENTROPY_NEEDED) /* stop counting when we have enough */
  	    entropy += add;
@@ -617,7 +617,7 @@ Index: openssl-1.0.1f/crypto/rand/md_rand.c
  	
  #if !defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32)
  	assert(md_c[1] == md_count[1]);
-@@ -344,6 +329,7 @@ static int ssleay_rand_bytes(unsigned ch
+@@ -347,6 +332,7 @@ static int ssleay_rand_bytes(unsigned ch
  	pid_t curr_pid = getpid();
  #endif
  	int do_stir_pool = 0;
@@ -625,7 +625,7 @@ Index: openssl-1.0.1f/crypto/rand/md_rand.c
  
  #ifdef PREDICT
  	if (rand_predictable)
-@@ -384,13 +370,8 @@ static int ssleay_rand_bytes(unsigned ch
+@@ -387,13 +373,8 @@ static int ssleay_rand_bytes(unsigned ch
  	/* NB: in FIPS mode we are already under a lock */
  	if (!FIPS_mode())
  #endif
@@ -640,7 +640,7 @@ Index: openssl-1.0.1f/crypto/rand/md_rand.c
  
  	/* always poll for external entropy in FIPS mode, drbg provides the 
  	 * expansion
-@@ -464,12 +445,11 @@ static int ssleay_rand_bytes(unsigned ch
+@@ -467,12 +448,11 @@ static int ssleay_rand_bytes(unsigned ch
  
  	md_count[0] += 1;
  
@@ -655,7 +655,7 @@ Index: openssl-1.0.1f/crypto/rand/md_rand.c
  
  	while (num > 0)
  		{
-@@ -524,13 +504,15 @@ static int ssleay_rand_bytes(unsigned ch
+@@ -527,13 +507,15 @@ static int ssleay_rand_bytes(unsigned ch
  #ifdef OPENSSL_FIPS
  	if (!FIPS_mode())
  #endif
@@ -673,7 +673,7 @@ Index: openssl-1.0.1f/crypto/rand/md_rand.c
  
  	EVP_MD_CTX_cleanup(&m);
  	if (ok)
-@@ -560,32 +542,10 @@ static int ssleay_rand_pseudo_bytes(unsi
+@@ -563,32 +545,10 @@ static int ssleay_rand_pseudo_bytes(unsi
  
  static int ssleay_rand_status(void)
  	{
@@ -708,7 +708,7 @@ Index: openssl-1.0.1f/crypto/rand/md_rand.c
  	
  	if (!initialized)
  		{
-@@ -595,13 +555,8 @@ static int ssleay_rand_status(void)
+@@ -598,13 +558,8 @@ static int ssleay_rand_status(void)
  
  	ret = entropy >= ENTROPY_NEEDED;
  
@@ -724,9 +724,10 @@ Index: openssl-1.0.1f/crypto/rand/md_rand.c
  	
  	return ret;
  	}
-diff -up openssl-1.0.1e/crypto/rand/rand.h.fips-reqs openssl-1.0.1e/crypto/rand/rand.h
---- openssl-1.0.1e/crypto/rand/rand.h.fips-reqs	2013-12-18 12:17:09.764636958 +0100
-+++ openssl-1.0.1e/crypto/rand/rand.h	2013-12-18 12:17:09.800637730 +0100
+Index: openssl-1.0.1g/crypto/rand/rand.h
+===================================================================
+--- openssl-1.0.1g.orig/crypto/rand/rand.h
++++ openssl-1.0.1g/crypto/rand/rand.h
 @@ -124,6 +124,8 @@ void RAND_set_fips_drbg_type(int type, i
  int RAND_init_fips(void);
  #endif
@@ -736,9 +737,10 @@ diff -up openssl-1.0.1e/crypto/rand/rand.h.fips-reqs openssl-1.0.1e/crypto/rand/
  /* BEGIN ERROR CODES */
  /* The following lines are auto generated by the script mkerr.pl. Any changes
   * made after this point may be overwritten when the script is next run.
-diff -up openssl-1.0.1e/crypto/rand/rand_lcl.h.fips-reqs openssl-1.0.1e/crypto/rand/rand_lcl.h
---- openssl-1.0.1e/crypto/rand/rand_lcl.h.fips-reqs	2013-12-18 12:17:09.507631447 +0100
-+++ openssl-1.0.1e/crypto/rand/rand_lcl.h	2013-12-18 12:17:09.800637730 +0100
+Index: openssl-1.0.1g/crypto/rand/rand_lcl.h
+===================================================================
+--- openssl-1.0.1g.orig/crypto/rand/rand_lcl.h
++++ openssl-1.0.1g/crypto/rand/rand_lcl.h
 @@ -112,7 +112,7 @@
  #ifndef HEADER_RAND_LCL_H
  #define HEADER_RAND_LCL_H
@@ -748,9 +750,10 @@ diff -up openssl-1.0.1e/crypto/rand/rand_lcl.h.fips-reqs openssl-1.0.1e/crypto/r
  
  
  #if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND)
-diff -up openssl-1.0.1e/crypto/rand/rand_lib.c.fips-reqs openssl-1.0.1e/crypto/rand/rand_lib.c
---- openssl-1.0.1e/crypto/rand/rand_lib.c.fips-reqs	2013-02-11 16:26:04.000000000 +0100
-+++ openssl-1.0.1e/crypto/rand/rand_lib.c	2013-12-18 18:16:45.625850730 +0100
+Index: openssl-1.0.1g/crypto/rand/rand_lib.c
+===================================================================
+--- openssl-1.0.1g.orig/crypto/rand/rand_lib.c
++++ openssl-1.0.1g/crypto/rand/rand_lib.c
 @@ -181,6 +181,41 @@ int RAND_status(void)
  	return 0;
  	}
@@ -810,9 +813,10 @@ diff -up openssl-1.0.1e/crypto/rand/rand_lib.c.fips-reqs openssl-1.0.1e/crypto/r
  	return 1;
  	}
  
-diff -up openssl-1.0.1e/crypto/rsa/rsa_gen.c.fips-reqs openssl-1.0.1e/crypto/rsa/rsa_gen.c
---- openssl-1.0.1e/crypto/rsa/rsa_gen.c.fips-reqs	2013-12-18 12:17:09.764636958 +0100
-+++ openssl-1.0.1e/crypto/rsa/rsa_gen.c	2013-12-19 17:40:58.483154314 +0100
+Index: openssl-1.0.1g/crypto/rsa/rsa_gen.c
+===================================================================
+--- openssl-1.0.1g.orig/crypto/rsa/rsa_gen.c
++++ openssl-1.0.1g/crypto/rsa/rsa_gen.c
 @@ -1,5 +1,6 @@
  /* crypto/rsa/rsa_gen.c */
  /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
@@ -1080,9 +1084,10 @@ diff -up openssl-1.0.1e/crypto/rsa/rsa_gen.c.fips-reqs openssl-1.0.1e/crypto/rsa
  	ok=1;
  err:
  	if (ok == -1)
-diff -up openssl-1.0.1e/ssl/t1_enc.c.fips-reqs openssl-1.0.1e/ssl/t1_enc.c
---- openssl-1.0.1e/ssl/t1_enc.c.fips-reqs	2013-02-11 16:26:04.000000000 +0100
-+++ openssl-1.0.1e/ssl/t1_enc.c	2013-12-18 12:17:09.801637751 +0100
+Index: openssl-1.0.1g/ssl/t1_enc.c
+===================================================================
+--- openssl-1.0.1g.orig/ssl/t1_enc.c
++++ openssl-1.0.1g/ssl/t1_enc.c
 @@ -291,6 +291,27 @@ static int tls1_PRF(long digest_mask,
  err:
  	return ret;
diff --git a/openssl-1.0.1f.tar.gz b/openssl-1.0.1f.tar.gz
deleted file mode 100644
index 202c4ba..0000000
--- a/openssl-1.0.1f.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:6cc2a80b17d64de6b7bac985745fdaba971d54ffd7d38d3556f998d7c0c9cb5a
-size 4509212
diff --git a/openssl-1.0.1f.tar.gz.asc b/openssl-1.0.1f.tar.gz.asc
deleted file mode 100644
index ecf37ad..0000000
--- a/openssl-1.0.1f.tar.gz.asc
+++ /dev/null
@@ -1,11 +0,0 @@
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1.4.11 (GNU/Linux)
-
-iQEVAwUAUsq/WqLSm3vylcdZAQI63Af8DQSLbopKVXumiTiK0dAtXU+FwGl3FSXE
-KKJgpfMdPPTSn/kdcmh4LXv4rFae5gNn0GEpEMlcLPxJSSauo8CO9xfYzA2Y1POE
-bL9qemk7B/g/i2WZi6gTVP0/38/qRBh/3WyR94iVplZm5P8e+7bXqoHDEBtNMew1
-YcalGMgd/1ajvGo9+Y6qHHSNVu2FfSLQ7vqeurTHgo9c2ZhvDEsw/rQjqn7oQ3c7
-mz2qTYbgJ1+cikue47E0T0mQFv/my9flG6Bu63vhyioNZUxR5QVluuqAoLUAuM7h
-xdJ8fVXMmqbLdr3ZQsCkdHeDQgke/FRVgyvzAdt7ensZoFSshfXcJw==
-=exdx
------END PGP SIGNATURE-----
diff --git a/openssl-1.0.1g.tar.gz b/openssl-1.0.1g.tar.gz
new file mode 100644
index 0000000..8f923b3
--- /dev/null
+++ b/openssl-1.0.1g.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:53cb818c3b90e507a8348f4f5eaedb05d8bfe5358aabb508b7263cc670c3e028
+size 4509047
diff --git a/openssl-1.0.1g.tar.gz.asc b/openssl-1.0.1g.tar.gz.asc
new file mode 100644
index 0000000..7a33be6
--- /dev/null
+++ b/openssl-1.0.1g.tar.gz.asc
@@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.11 (GNU/Linux)
+
+iQIcBAABCAAGBQJTQtiaAAoJENNXdQf6QOniuAkP/2hFMcb2NEG36by4oleDQQA1
+xw/qiE5NryMU7+bwwhjvVdGsyeLnnPxN0K5fFVlsWHFIJCArZ/ERsR3xJfldSoZX
+xz/PgU4JAWT7vkhIR0zW2SInzxdX2hUsonG3dRqVY5JVX3aAMkcIanczpxrv39Cb
+ZeKwStINV5HOXH++Y7O4SWsFF3w2H4cmijyF2QQngrvyGkkS4C1Wy/PH54rAQrSH
+phfsDlULL48/4NPul9LiRK6clgf+6DtOa9eY/NF+enjmEw2B73PRt1DmCaaaabWU
+RwKHyVZUvXGhZYnPnfriz+V09FEq9SMEyyCBg2JeTljESPaPKxPP53ueI7OTo3B8
+cyXcVMq3nckgq3XI1j/Z/BJVTO6Zp/thTlkGv35O/+AgdY/lWiMictFYLLfbHC1Z
+9A9gbwuhO7pc1BrQF0vhIR+NlHAq4fVA81xHrClsIWebs8XjaH4zLRoeYBKqK0+m
+4T2vf78yh+viiSOU2KpQdi4kWOUpCMVBa4CJclyAWdX+jjhnrudWcV5JwCz1KtNK
+Pdaje0WrJ8gqAKpZC88q2vhVZF8FQt2YGhe16sGM5N9aSeg0/GMd1rAbJPUlpQ41
+/b64wg+J3/ZQsRDfNvXwIgaGa1Ur8mUv/hmtAr1ecXK+rOcn6wcoouWwDYcOCQj/
+opNSFe0Slj1X6unB62z2
+=9S5s
+-----END PGP SIGNATURE-----
diff --git a/openssl-fix-pod-syntax.diff b/openssl-fix-pod-syntax.diff
index d4faf2c..776bb1d 100644
--- a/openssl-fix-pod-syntax.diff
+++ b/openssl-fix-pod-syntax.diff
@@ -59,10 +59,10 @@ Content-Length: 12835
  doc/ssl/SSL_write.pod                       |    2 +-
  23 files changed, 59 insertions(+), 55 deletions(-)
 
-Index: openssl-1.0.1f/doc/apps/cms.pod
+Index: openssl-1.0.1g/doc/apps/cms.pod
 ===================================================================
---- openssl-1.0.1f.orig/doc/apps/cms.pod	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/doc/apps/cms.pod	2014-01-09 23:42:30.000000000 +0000
+--- openssl-1.0.1g.orig/doc/apps/cms.pod
++++ openssl-1.0.1g/doc/apps/cms.pod
 @@ -450,28 +450,28 @@ remains DER.
  
  =over 4
@@ -98,10 +98,10 @@ Index: openssl-1.0.1f/doc/apps/cms.pod
  
  the message was verified correctly but an error occurred writing out
  the signers certificates.
-Index: openssl-1.0.1f/doc/apps/smime.pod
+Index: openssl-1.0.1g/doc/apps/smime.pod
 ===================================================================
---- openssl-1.0.1f.orig/doc/apps/smime.pod	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/doc/apps/smime.pod	2014-01-09 23:42:31.000000000 +0000
+--- openssl-1.0.1g.orig/doc/apps/smime.pod
++++ openssl-1.0.1g/doc/apps/smime.pod
 @@ -308,28 +308,28 @@ remains DER.
  
  =over 4
@@ -137,10 +137,10 @@ Index: openssl-1.0.1f/doc/apps/smime.pod
  
  the message was verified correctly but an error occurred writing out
  the signers certificates.
-Index: openssl-1.0.1f/doc/apps/ts.pod
+Index: openssl-1.0.1g/doc/apps/ts.pod
 ===================================================================
---- openssl-1.0.1f.orig/doc/apps/ts.pod	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/doc/apps/ts.pod	2014-01-09 23:45:03.000000000 +0000
+--- openssl-1.0.1g.orig/doc/apps/ts.pod
++++ openssl-1.0.1g/doc/apps/ts.pod
 @@ -58,19 +58,19 @@ time. Here is a brief description of the
  
  =over 4
@@ -164,10 +164,10 @@ Index: openssl-1.0.1f/doc/apps/ts.pod
  
  The TSA client receives the time stamp token and verifies the
  signature on it. It also checks if the token contains the same hash
-Index: openssl-1.0.1f/doc/crypto/OPENSSL_ia32cap.pod
+Index: openssl-1.0.1g/doc/crypto/OPENSSL_ia32cap.pod
 ===================================================================
---- openssl-1.0.1f.orig/doc/crypto/OPENSSL_ia32cap.pod	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/doc/crypto/OPENSSL_ia32cap.pod	2014-01-09 23:42:31.000000000 +0000
+--- openssl-1.0.1g.orig/doc/crypto/OPENSSL_ia32cap.pod
++++ openssl-1.0.1g/doc/crypto/OPENSSL_ia32cap.pod
 @@ -20,6 +20,8 @@ toolkit initialization, but can be manip
  crypto library behaviour. For the moment of this writing six bits are
  significant, namely:
@@ -186,10 +186,10 @@ Index: openssl-1.0.1f/doc/crypto/OPENSSL_ia32cap.pod
  For example, clearing bit #26 at run-time disables high-performance
  SSE2 code present in the crypto library. You might have to do this if
  target OpenSSL application is executed on SSE2 capable CPU, but under
-Index: openssl-1.0.1f/doc/crypto/rand.pod
+Index: openssl-1.0.1g/doc/crypto/rand.pod
 ===================================================================
---- openssl-1.0.1f.orig/doc/crypto/rand.pod	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/doc/crypto/rand.pod	2014-01-09 23:43:46.000000000 +0000
+--- openssl-1.0.1g.orig/doc/crypto/rand.pod
++++ openssl-1.0.1g/doc/crypto/rand.pod
 @@ -74,16 +74,16 @@ First up I will state the things I belie
  
  =over 4
@@ -241,10 +241,10 @@ Index: openssl-1.0.1f/doc/crypto/rand.pod
  
  Given the random number output stream, it should not be possible to determine
  the RNG state or the next random number.
-Index: openssl-1.0.1f/doc/ssl/SSL_COMP_add_compression_method.pod
+Index: openssl-1.0.1g/doc/ssl/SSL_COMP_add_compression_method.pod
 ===================================================================
---- openssl-1.0.1f.orig/doc/ssl/SSL_COMP_add_compression_method.pod	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/doc/ssl/SSL_COMP_add_compression_method.pod	2014-01-09 23:42:31.000000000 +0000
+--- openssl-1.0.1g.orig/doc/ssl/SSL_COMP_add_compression_method.pod
++++ openssl-1.0.1g/doc/ssl/SSL_COMP_add_compression_method.pod
 @@ -53,11 +53,11 @@ SSL_COMP_add_compression_method() may re
  
  =over 4
@@ -259,10 +259,10 @@ Index: openssl-1.0.1f/doc/ssl/SSL_COMP_add_compression_method.pod
  
  The operation failed. Check the error queue to find out the reason.
  
-Index: openssl-1.0.1f/doc/ssl/SSL_CTX_add_session.pod
+Index: openssl-1.0.1g/doc/ssl/SSL_CTX_add_session.pod
 ===================================================================
---- openssl-1.0.1f.orig/doc/ssl/SSL_CTX_add_session.pod	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/doc/ssl/SSL_CTX_add_session.pod	2014-01-09 23:42:31.000000000 +0000
+--- openssl-1.0.1g.orig/doc/ssl/SSL_CTX_add_session.pod
++++ openssl-1.0.1g/doc/ssl/SSL_CTX_add_session.pod
 @@ -52,13 +52,13 @@ The following values are returned by all
  
  =over 4
@@ -279,10 +279,10 @@ Index: openssl-1.0.1f/doc/ssl/SSL_CTX_add_session.pod
   
   The operation succeeded.
  
-Index: openssl-1.0.1f/doc/ssl/SSL_CTX_load_verify_locations.pod
+Index: openssl-1.0.1g/doc/ssl/SSL_CTX_load_verify_locations.pod
 ===================================================================
---- openssl-1.0.1f.orig/doc/ssl/SSL_CTX_load_verify_locations.pod	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/doc/ssl/SSL_CTX_load_verify_locations.pod	2014-01-09 23:42:31.000000000 +0000
+--- openssl-1.0.1g.orig/doc/ssl/SSL_CTX_load_verify_locations.pod
++++ openssl-1.0.1g/doc/ssl/SSL_CTX_load_verify_locations.pod
 @@ -100,13 +100,13 @@ The following return values can occur:
  
  =over 4
@@ -299,10 +299,10 @@ Index: openssl-1.0.1f/doc/ssl/SSL_CTX_load_verify_locations.pod
  
  The operation succeeded.
  
-Index: openssl-1.0.1f/doc/ssl/SSL_CTX_set_client_CA_list.pod
+Index: openssl-1.0.1g/doc/ssl/SSL_CTX_set_client_CA_list.pod
 ===================================================================
---- openssl-1.0.1f.orig/doc/ssl/SSL_CTX_set_client_CA_list.pod	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/doc/ssl/SSL_CTX_set_client_CA_list.pod	2014-01-09 23:42:31.000000000 +0000
+--- openssl-1.0.1g.orig/doc/ssl/SSL_CTX_set_client_CA_list.pod
++++ openssl-1.0.1g/doc/ssl/SSL_CTX_set_client_CA_list.pod
 @@ -66,13 +66,13 @@ values:
  
  =over 4
@@ -319,10 +319,10 @@ Index: openssl-1.0.1f/doc/ssl/SSL_CTX_set_client_CA_list.pod
  
  The operation succeeded.
  
-Index: openssl-1.0.1f/doc/ssl/SSL_CTX_set_session_id_context.pod
+Index: openssl-1.0.1g/doc/ssl/SSL_CTX_set_session_id_context.pod
 ===================================================================
---- openssl-1.0.1f.orig/doc/ssl/SSL_CTX_set_session_id_context.pod	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/doc/ssl/SSL_CTX_set_session_id_context.pod	2014-01-09 23:42:31.000000000 +0000
+--- openssl-1.0.1g.orig/doc/ssl/SSL_CTX_set_session_id_context.pod
++++ openssl-1.0.1g/doc/ssl/SSL_CTX_set_session_id_context.pod
 @@ -64,13 +64,13 @@ return the following values:
  
  =over 4
@@ -339,10 +339,10 @@ Index: openssl-1.0.1f/doc/ssl/SSL_CTX_set_session_id_context.pod
  
  The operation succeeded.
  
-Index: openssl-1.0.1f/doc/ssl/SSL_CTX_set_ssl_version.pod
+Index: openssl-1.0.1g/doc/ssl/SSL_CTX_set_ssl_version.pod
 ===================================================================
---- openssl-1.0.1f.orig/doc/ssl/SSL_CTX_set_ssl_version.pod	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/doc/ssl/SSL_CTX_set_ssl_version.pod	2014-01-09 23:42:31.000000000 +0000
+--- openssl-1.0.1g.orig/doc/ssl/SSL_CTX_set_ssl_version.pod
++++ openssl-1.0.1g/doc/ssl/SSL_CTX_set_ssl_version.pod
 @@ -42,11 +42,11 @@ and SSL_set_ssl_method():
  
  =over 4
@@ -357,10 +357,10 @@ Index: openssl-1.0.1f/doc/ssl/SSL_CTX_set_ssl_version.pod
  
  The operation succeeded.
  
-Index: openssl-1.0.1f/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
+Index: openssl-1.0.1g/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
 ===================================================================
---- openssl-1.0.1f.orig/doc/ssl/SSL_CTX_use_psk_identity_hint.pod	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/doc/ssl/SSL_CTX_use_psk_identity_hint.pod	2014-01-09 23:44:18.000000000 +0000
+--- openssl-1.0.1g.orig/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
++++ openssl-1.0.1g/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
 @@ -96,7 +96,7 @@ data to B<psk> and return the length of
  connection will fail with decryption_error before it will be finished
  completely.
@@ -370,10 +370,10 @@ Index: openssl-1.0.1f/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
  
  PSK identity was not found. An "unknown_psk_identity" alert message
  will be sent and the connection setup fails.
-Index: openssl-1.0.1f/doc/ssl/SSL_accept.pod
+Index: openssl-1.0.1g/doc/ssl/SSL_accept.pod
 ===================================================================
---- openssl-1.0.1f.orig/doc/ssl/SSL_accept.pod	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/doc/ssl/SSL_accept.pod	2014-01-09 23:42:31.000000000 +0000
+--- openssl-1.0.1g.orig/doc/ssl/SSL_accept.pod
++++ openssl-1.0.1g/doc/ssl/SSL_accept.pod
 @@ -44,13 +44,13 @@ The following return values can occur:
  
  =over 4
@@ -390,10 +390,10 @@ Index: openssl-1.0.1f/doc/ssl/SSL_accept.pod
  
  The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
  established.
-Index: openssl-1.0.1f/doc/ssl/SSL_clear.pod
+Index: openssl-1.0.1g/doc/ssl/SSL_clear.pod
 ===================================================================
---- openssl-1.0.1f.orig/doc/ssl/SSL_clear.pod	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/doc/ssl/SSL_clear.pod	2014-01-09 23:42:31.000000000 +0000
+--- openssl-1.0.1g.orig/doc/ssl/SSL_clear.pod
++++ openssl-1.0.1g/doc/ssl/SSL_clear.pod
 @@ -56,12 +56,12 @@ The following return values can occur:
  
  =over 4
@@ -409,10 +409,10 @@ Index: openssl-1.0.1f/doc/ssl/SSL_clear.pod
  
  The SSL_clear() operation was successful.
  
-Index: openssl-1.0.1f/doc/ssl/SSL_connect.pod
+Index: openssl-1.0.1g/doc/ssl/SSL_connect.pod
 ===================================================================
---- openssl-1.0.1f.orig/doc/ssl/SSL_connect.pod	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/doc/ssl/SSL_connect.pod	2014-01-09 23:42:31.000000000 +0000
+--- openssl-1.0.1g.orig/doc/ssl/SSL_connect.pod
++++ openssl-1.0.1g/doc/ssl/SSL_connect.pod
 @@ -41,13 +41,13 @@ The following return values can occur:
  
  =over 4
@@ -429,10 +429,10 @@ Index: openssl-1.0.1f/doc/ssl/SSL_connect.pod
  
  The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
  established.
-Index: openssl-1.0.1f/doc/ssl/SSL_do_handshake.pod
+Index: openssl-1.0.1g/doc/ssl/SSL_do_handshake.pod
 ===================================================================
---- openssl-1.0.1f.orig/doc/ssl/SSL_do_handshake.pod	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/doc/ssl/SSL_do_handshake.pod	2014-01-09 23:42:31.000000000 +0000
+--- openssl-1.0.1g.orig/doc/ssl/SSL_do_handshake.pod
++++ openssl-1.0.1g/doc/ssl/SSL_do_handshake.pod
 @@ -45,13 +45,13 @@ The following return values can occur:
  
  =over 4
@@ -449,10 +449,10 @@ Index: openssl-1.0.1f/doc/ssl/SSL_do_handshake.pod
  
  The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
  established.
-Index: openssl-1.0.1f/doc/ssl/SSL_read.pod
+Index: openssl-1.0.1g/doc/ssl/SSL_read.pod
 ===================================================================
---- openssl-1.0.1f.orig/doc/ssl/SSL_read.pod	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/doc/ssl/SSL_read.pod	2014-01-09 23:42:31.000000000 +0000
+--- openssl-1.0.1g.orig/doc/ssl/SSL_read.pod
++++ openssl-1.0.1g/doc/ssl/SSL_read.pod
 @@ -86,7 +86,7 @@ The following return values can occur:
  The read operation was successful; the return value is the number of
  bytes actually read from the TLS/SSL connection.
@@ -462,10 +462,10 @@ Index: openssl-1.0.1f/doc/ssl/SSL_read.pod
  
  The read operation was not successful. The reason may either be a clean
  shutdown due to a "close notify" alert sent by the peer (in which case
-Index: openssl-1.0.1f/doc/ssl/SSL_session_reused.pod
+Index: openssl-1.0.1g/doc/ssl/SSL_session_reused.pod
 ===================================================================
---- openssl-1.0.1f.orig/doc/ssl/SSL_session_reused.pod	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/doc/ssl/SSL_session_reused.pod	2014-01-09 23:42:31.000000000 +0000
+--- openssl-1.0.1g.orig/doc/ssl/SSL_session_reused.pod
++++ openssl-1.0.1g/doc/ssl/SSL_session_reused.pod
 @@ -27,11 +27,11 @@ The following return values can occur:
  
  =over 4
@@ -480,10 +480,10 @@ Index: openssl-1.0.1f/doc/ssl/SSL_session_reused.pod
  
  A session was reused.
  
-Index: openssl-1.0.1f/doc/ssl/SSL_set_fd.pod
+Index: openssl-1.0.1g/doc/ssl/SSL_set_fd.pod
 ===================================================================
---- openssl-1.0.1f.orig/doc/ssl/SSL_set_fd.pod	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/doc/ssl/SSL_set_fd.pod	2014-01-09 23:42:31.000000000 +0000
+--- openssl-1.0.1g.orig/doc/ssl/SSL_set_fd.pod
++++ openssl-1.0.1g/doc/ssl/SSL_set_fd.pod
 @@ -35,11 +35,11 @@ The following return values can occur:
  
  =over 4
@@ -498,10 +498,10 @@ Index: openssl-1.0.1f/doc/ssl/SSL_set_fd.pod
  
  The operation succeeded.
  
-Index: openssl-1.0.1f/doc/ssl/SSL_set_session.pod
+Index: openssl-1.0.1g/doc/ssl/SSL_set_session.pod
 ===================================================================
---- openssl-1.0.1f.orig/doc/ssl/SSL_set_session.pod	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/doc/ssl/SSL_set_session.pod	2014-01-09 23:42:31.000000000 +0000
+--- openssl-1.0.1g.orig/doc/ssl/SSL_set_session.pod
++++ openssl-1.0.1g/doc/ssl/SSL_set_session.pod
 @@ -37,11 +37,11 @@ The following return values can occur:
  
  =over 4
@@ -516,23 +516,10 @@ Index: openssl-1.0.1f/doc/ssl/SSL_set_session.pod
  
  The operation succeeded.
  
-Index: openssl-1.0.1f/doc/ssl/SSL_set_shutdown.pod
+Index: openssl-1.0.1g/doc/ssl/SSL_shutdown.pod
 ===================================================================
---- openssl-1.0.1f.orig/doc/ssl/SSL_set_shutdown.pod	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/doc/ssl/SSL_set_shutdown.pod	2014-01-09 23:42:31.000000000 +0000
-@@ -24,7 +24,7 @@ The shutdown state of an ssl connection
- 
- =over 4
- 
--=item 0
-+=item Z<>0
- 
- No shutdown setting, yet.
- 
-Index: openssl-1.0.1f/doc/ssl/SSL_shutdown.pod
-===================================================================
---- openssl-1.0.1f.orig/doc/ssl/SSL_shutdown.pod	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/doc/ssl/SSL_shutdown.pod	2014-01-09 23:42:31.000000000 +0000
+--- openssl-1.0.1g.orig/doc/ssl/SSL_shutdown.pod
++++ openssl-1.0.1g/doc/ssl/SSL_shutdown.pod
 @@ -92,19 +92,19 @@ The following return values can occur:
  
  =over 4
@@ -556,10 +543,10 @@ Index: openssl-1.0.1f/doc/ssl/SSL_shutdown.pod
  
  The shutdown was not successful because a fatal error occurred either
  at the protocol level or a connection failure occurred. It can also occur if
-Index: openssl-1.0.1f/doc/ssl/SSL_write.pod
+Index: openssl-1.0.1g/doc/ssl/SSL_write.pod
 ===================================================================
---- openssl-1.0.1f.orig/doc/ssl/SSL_write.pod	2014-01-06 13:47:42.000000000 +0000
-+++ openssl-1.0.1f/doc/ssl/SSL_write.pod	2014-01-09 23:42:31.000000000 +0000
+--- openssl-1.0.1g.orig/doc/ssl/SSL_write.pod
++++ openssl-1.0.1g/doc/ssl/SSL_write.pod
 @@ -79,7 +79,7 @@ The following return values can occur:
  The write operation was successful, the return value is the number of
  bytes actually written to the TLS/SSL connection.
diff --git a/openssl-ocloexec.patch b/openssl-ocloexec.patch
index eeb71ad..a5d975f 100644
--- a/openssl-ocloexec.patch
+++ b/openssl-ocloexec.patch
@@ -1,3 +1,5 @@
+Index: crypto/bio/b_sock.c
+===================================================================
 --- crypto/bio/b_sock.c.orig
 +++ crypto/bio/b_sock.c
 @@ -735,7 +735,7 @@ int BIO_get_accept_socket(char *host, in
@@ -18,6 +20,8 @@
  			if (cs != INVALID_SOCKET)
  				{
  				int ii;
+Index: crypto/bio/bss_conn.c
+===================================================================
 --- crypto/bio/bss_conn.c.orig
 +++ crypto/bio/bss_conn.c
 @@ -209,7 +209,7 @@ static int conn_state(BIO *b, BIO_CONNEC
@@ -29,9 +33,11 @@
  			if (ret == INVALID_SOCKET)
  				{
  				SYSerr(SYS_F_SOCKET,get_last_socket_error());
+Index: crypto/bio/bss_dgram.c
+===================================================================
 --- crypto/bio/bss_dgram.c.orig
 +++ crypto/bio/bss_dgram.c
-@@ -999,7 +999,7 @@ static int dgram_sctp_read(BIO *b, char
+@@ -1032,7 +1032,7 @@ static int dgram_sctp_read(BIO *b, char
  			msg.msg_control = cmsgbuf;
  			msg.msg_controllen = 512;
  			msg.msg_flags = 0;
@@ -40,7 +46,7 @@
  
  			if (msg.msg_controllen > 0)
  				{
-@@ -1560,7 +1560,7 @@ int BIO_dgram_sctp_wait_for_dry(BIO *b)
+@@ -1593,7 +1593,7 @@ int BIO_dgram_sctp_wait_for_dry(BIO *b)
  	msg.msg_controllen = 0;
  	msg.msg_flags = 0;
  
@@ -49,7 +55,7 @@
  	if (n <= 0)
  		{
  		if ((n < 0) && (get_last_socket_error() != EAGAIN) && (get_last_socket_error() != EWOULDBLOCK))
-@@ -1583,7 +1583,7 @@ int BIO_dgram_sctp_wait_for_dry(BIO *b)
+@@ -1616,7 +1616,7 @@ int BIO_dgram_sctp_wait_for_dry(BIO *b)
  		msg.msg_controllen = 0;
  		msg.msg_flags = 0;
  
@@ -58,7 +64,7 @@
  		if (n <= 0)
  			{
  			if ((n < 0) && (get_last_socket_error() != EAGAIN) && (get_last_socket_error() != EWOULDBLOCK))
-@@ -1644,7 +1644,7 @@ int BIO_dgram_sctp_wait_for_dry(BIO *b)
+@@ -1677,7 +1677,7 @@ int BIO_dgram_sctp_wait_for_dry(BIO *b)
  			fcntl(b->num, F_SETFL, O_NONBLOCK);
  			}
  
@@ -67,7 +73,7 @@
  
  		if (is_dry)
  			{
-@@ -1688,7 +1688,7 @@ int BIO_dgram_sctp_msg_waiting(BIO *b)
+@@ -1721,7 +1721,7 @@ int BIO_dgram_sctp_msg_waiting(BIO *b)
  
  		sockflags = fcntl(b->num, F_GETFL, 0);
  		fcntl(b->num, F_SETFL, O_NONBLOCK);
@@ -76,7 +82,7 @@
  		fcntl(b->num, F_SETFL, sockflags);
  
  		/* if notification, process and try again */
-@@ -1709,7 +1709,7 @@ int BIO_dgram_sctp_msg_waiting(BIO *b)
+@@ -1742,7 +1742,7 @@ int BIO_dgram_sctp_msg_waiting(BIO *b)
  			msg.msg_control = NULL;
  			msg.msg_controllen = 0;
  			msg.msg_flags = 0;
@@ -85,6 +91,8 @@
  
  			if (data->handle_notifications != NULL)
  				data->handle_notifications(b, data->notification_context, (void*) &snp);
+Index: crypto/bio/bss_file.c
+===================================================================
 --- crypto/bio/bss_file.c.orig
 +++ crypto/bio/bss_file.c
 @@ -120,6 +120,10 @@ BIO *BIO_new_file(const char *filename,
@@ -125,6 +133,8 @@
  		fp=fopen(ptr,p);
  		if (fp == NULL)
  			{
+Index: crypto/rand/rand_unix.c
+===================================================================
 --- crypto/rand/rand_unix.c.orig
 +++ crypto/rand/rand_unix.c
 @@ -262,7 +262,7 @@ int RAND_poll(void)
@@ -136,9 +146,11 @@
  #ifdef O_NONBLOCK
  			|O_NONBLOCK
  #endif
+Index: crypto/rand/randfile.c
+===================================================================
 --- crypto/rand/randfile.c.orig
 +++ crypto/rand/randfile.c
-@@ -134,7 +134,7 @@ int RAND_load_file(const char *file, lon
+@@ -136,7 +136,7 @@ int RAND_load_file(const char *file, lon
  #ifdef OPENSSL_SYS_VMS
  	in=vms_fopen(file,"rb",VMS_OPEN_ATTRS);
  #else
@@ -147,7 +159,7 @@
  #endif
  	if (in == NULL) goto err;
  #if defined(S_IFBLK) && defined(S_IFCHR) && !defined(OPENSSL_NO_POSIX_IO)
-@@ -207,7 +207,7 @@ int RAND_write_file(const char *file)
+@@ -209,7 +209,7 @@ int RAND_write_file(const char *file)
  #endif
  	/* chmod(..., 0600) is too late to protect the file,
  	 * permissions should be restrictive from the start */
@@ -156,7 +168,7 @@
  	if (fd != -1)
  		out = fdopen(fd, "wb");
  	}
-@@ -238,7 +238,7 @@ int RAND_write_file(const char *file)
+@@ -240,7 +240,7 @@ int RAND_write_file(const char *file)
  		out = vms_fopen(file,"wb",VMS_OPEN_ATTRS);
  #else
  	if (out == NULL)
diff --git a/openssl-pkgconfig.patch b/openssl-pkgconfig.patch
index ca6a819..1b6530d 100644
--- a/openssl-pkgconfig.patch
+++ b/openssl-pkgconfig.patch
@@ -1,6 +1,8 @@
---- openssl-1.0.1e.orig/Makefile.org
-+++ openssl-1.0.1e/Makefile.org
-@@ -366,7 +366,7 @@ libcrypto.pc: Makefile
+Index: openssl-1.0.1g/Makefile.org
+===================================================================
+--- openssl-1.0.1g.orig/Makefile.org
++++ openssl-1.0.1g/Makefile.org
+@@ -367,7 +367,7 @@ libcrypto.pc: Makefile
  	    echo 'Requires: '; \
  	    echo 'Libs: -L$${libdir} -lcrypto'; \
  	    echo 'Libs.private: $(EX_LIBS)'; \
@@ -9,7 +11,7 @@
  
  libssl.pc: Makefile
  	@ ( echo 'prefix=$(INSTALLTOP)'; \
-@@ -380,7 +380,7 @@ libssl.pc: Makefile
+@@ -381,7 +381,7 @@ libssl.pc: Makefile
  	    echo 'Requires: '; \
  	    echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
  	    echo 'Libs.private: $(EX_LIBS)'; \
@@ -18,7 +20,7 @@
  
  openssl.pc: Makefile
  	@ ( echo 'prefix=$(INSTALLTOP)'; \
-@@ -394,7 +394,7 @@ openssl.pc: Makefile
+@@ -395,7 +395,7 @@ openssl.pc: Makefile
  	    echo 'Requires: '; \
  	    echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
  	    echo 'Libs.private: $(EX_LIBS)'; \
diff --git a/openssl.changes b/openssl.changes
index b081e45..63f1b51 100644
--- a/openssl.changes
+++ b/openssl.changes
@@ -1,3 +1,17 @@
+-------------------------------------------------------------------
+Tue Apr  8 08:12:38 UTC 2014 - dmueller@suse.com
+
+- update to 1.0.1g:
+  * fix for critical TLS heartbeat read overrun (CVE-2014-0160) (bnc#872299)
+  * Fix for Recovering OpenSSL ECDSA Nonces (CVE-2014-0076) (bnc#869945)
+  * Workaround for the "TLS hang bug" (see FAQ and PR#2771)
+- remove CVE-2014-0076.patch
+
+- openssl.keyring: upstream changed to:
+  pub  4096R/FA40E9E2 2005-03-19 Dr Stephen N Henson <steve@openssl.org>
+  uid                            Dr Stephen Henson <shenson@drh-consultancy.co.uk>
+  uid                            Dr Stephen Henson <shenson@opensslfoundation.com>
+
 -------------------------------------------------------------------
 Tue Mar 25 08:11:11 UTC 2014 - shchang@suse.com
 
diff --git a/openssl.keyring b/openssl.keyring
index 82ca40c..89c5841 100644
--- a/openssl.keyring
+++ b/openssl.keyring
@@ -1,100 +1,149 @@
-<?xml version="1.0" encoding="utf-8"?>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd" >
-<html xmlns="http://www.w3.org/1999/xhtml">
-<head>
-<title>Public Key Server -- Get ``0xa2d29b7bf295c759 ''</title>
-<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
-<style type="text/css">
-/*<![CDATA[*/
- .uid { color: green; text-decoration: underline; }
- .warn { color: red; font-weight: bold; }
-/*]]>*/
-</style></head><body><h1>Public Key Server -- Get ``0xa2d29b7bf295c759 ''</h1>
-<pre>
 -----BEGIN PGP PUBLIC KEY BLOCK-----
-Version: SKS 1.1.4
-Comment: Hostname: pgp.mit.edu
+Version: GnuPG v2.0.22 (GNU/Linux)
 
-mQENAzZz6nwAAAEIAMo0phUn+IyEMv4v4gN7ANsdksYAwsrN+3XutOrNlJIJ1HSKVxlgzU7N
-6XkYvFH+fSMaHE1+SRREyCO2MVBXWDrSAGCYETcKY+KM2gzSEB2pMxNdewZDFM5ayUHMCVjv
-ROanLr5KfjEcA6uibwLcq+tvKGTq16kba3COgYElM5LR1vHx7EZB3PHAonHfgggM/MmKZw30
-61PG+xfAvJZFyOojVLcGGqa510ctnoqLBhCceRQbQEaEO+1KIxJ+qf3BGyl5i1Ldz04252Wx
-ANVlEyVhqaVLFwY7jAcaeqWK+CxOyK0HjJnQZpygIJgWMaaS2UN1/2nzB0kMotKbe/KVx1kA
-BRG0MURyIFN0ZXBoZW4gSGVuc29uIDxzaGVuc29uQGRyaC1jb25zdWx0YW5jeS5jby51az6I
-RgQQEQIABgUCRFyrXAAKCRCL2C5vMLlLXKlsAKCUWipHE16bE8yRsxiLikjx0fO84wCfTGSi
-DknIYZWFa5bKJ1KY4uIEqhSIRgQQEQIABgUCRsddmgAKCRAQN5GDEzHzW2w6AJ0SqqSEuEGj
-MH31xtwQQDEjVou2tACdHqASE+VZRLdzJHoZN7V0err0zP2JARUDBRNDwVDootKbe/KVx1kB
-AUljB/9ilmpYqqMFIMFrOB3hlIQMao6ZkHPqsrMeePUvAX9oa3p7uXloDm3aQggc9SFeNIoo
-pZPCQpR+5LcP5ybbYJb3NQOR1KuCRaBwt5e/49uBYpH14B74RddOZS/UThUXPSQ5fVY4Bs9I
-zNp4rMydpr3fEIXgW8CGzRussLKUj5f93o7S4pzvucTw8Z5lWhvtUmA6VqvZvK26FklkhVB0
-vPGSMHgE7y6eHPKjAZoGvgiuf7L65YOTceQcTPlW34vqel8YtJpBdIM8Ju7Zdx8hfD/HScVY
-r+RBzEOM6nPzKj3vFCUhFeq6ywj1yCAF3J3bkeU6voJnT9Ad15f88t5w45hMiQIcBBABAgAG
-BQJPtt+IAAoJECx8HnpWTIi8QAIQALBqDaLOJICo3x9bkULIq49Ly1zUbKKbnqXQmv11KCHT
-UsLK4Wj0ztEza8kT99Of6IaB0hLAn4qZQFx9LeiX4QruiXB9ti86LHrLypFR3XgTIvdULcBz
-/kQmAwB6eXW5Zqw/5SJ8F90B/XvtADpBnHnZNOmFOesnJSX7Urho2002Ep3beUR1zvtdJf5l
-F+enFPZ/cOnQvJNPaDbh+WoXfWVRz5aYR4TbNsT0Fetsvi6unO/GWHv04rlWiRCwbpEDem60
-54KiDYxXZR5Gh29ivap6KeX3Sdy8T4aeBnxb1asY66EUAge5GGF3mYJJ5+Jaqro47SYe3NzK
-kbYURUKeTLOCik16tYhI2TgKBDePi69nE8dORRkzm+1S2LVZKX4D/P/zbkB3Fc/Kp0f0nneK
-rfn5bwWF79r71Z6xHh6E8bv51b9eb3ODAObRSGWYv5NNqSSAN+7CXeplVjXXeB8S/e1RE5J4
-TScWVJ+rMSWzodktA72d4rTFkMmLscAht6HCGNG8hQQ6EB5Pgr5JbVu5vv56cwO9wczZttSD
-ZPxCu4Ww+cf9x40s0xrsYr9sDaXsRPiC+UjUe5h3pkJgXFWUNdBqCob5G92Z7RYcQ63IfAzb
-Ufu+xWpDDoyO6Gb/NZzQapMn8cq+1cIftjSbBG4dN+LkErroD58Fby26ODoHFKeztDNEciBT
-IE4gSGVuc29uIDxzaGVuc29uQGRyaC1jb25zdWx0YW5jeS5kZW1vbi5jby51az6IRgQQEQIA
-BgUCQkCrkAAKCRAYWdAfZ3uh7BT0AJ9moE8PhFPA7kFkBO2mLRhBdTzpGACfW5yvlfyaJTnH
-DhXTA4CeHdl+F8CIRgQQEQIABgUCQkCrswAKCRCBwvfr4hO2kkX9AJwMfPm8dq5Bmpeoq26/
-8cqU/j+98gCfYC/nxPtcV2ubDUmMZPJFtL17E72IRgQQEQIABgUCQkCr4QAKCRBrcOzZXcP0
-c6kIAJ90icvg9nDJ+A+jRcY1zO3rH/n7UgCgtKTJsi75aUqGjA3gc+1CnCyNtwyIRgQQEQIA
-BgUCQojbUgAKCRCL2C5vMLlLXEUXAJ9HkA1nXtU2nw2jSHIY0wISde0x/QCgiUz2QjlojUI7
-niTTgV4lQNGmItCIRgQQEQIABgUCRsddqAAKCRAQN5GDEzHzW8Q1AKCknK1tOm4tnWbTX2ry
-+HN7e28SXwCgpIDDVI1+oH3FFmeCbRDY0UO0anyIlQMFE0Grc8DurUz9SaVj2QEBSb8EAJnV
-6oeLEWO/d96dvLRHYHbR9F9efQZjLnTeDMLy4kIkPuMAJk1L7mvnrcIA+DcHl80rNMhQVJUP
-zYZ5Rq77VuBf20C14Az4rLgoOgcAU7pI61C0L7eygX/P8nZQu87JeFf1A/ussXDtqA/1KWSl
-tVRwFX3dCmSgYG1LjzEa2AVxiQEVAwUQNnPqfKLSm3vylcdZAQFBuQgApiGtXIxJPtCvF3zS
-ZYk1HOF1u9Qg05s4AdeGvQG6Gmx0MK4SRRUt4MYX8nvQ0VwZRQnvPIRfWixWnEBzpujC+sC9
-fqgStj7bG+Uy4YQ1JNph5y6I/75TT0/z0pRAC7Jlwet5+PWrYa9m9rKqyaZVCw5IUSrcjkTo
-/gjBLmrxVme+O8e6dF4Te0SIjFrvnNeA3B1TI0tDusxlHkKyJ3jEUf9Mu3Vx+fAukmiWUCTH
-52QXZPcLP2V5Ud9X0mS+N2mTVi3rPK8wVhTiu93cXEqhTHoIEPOlLW0J/1n8x8kngGgX/TiE
-G8Hd13SOh+YembJVaV7JlYAISdEgCj6JdPSsc4kCHAQQAQIABgUCQkCsCwAKCRCq4+bOZqFE
-aO5vEACsZZZeb8TZBeuT4YCopBenHLl+hS1mVqDf4Qy8L5wxXnRwCAugwKf0j8T0KZQodRKI
-iTWI2Oe3dDBUDE5CS1wyyku7QMsi22mUPOwLL3VddITEa8c3JJmU1ec86c5rEB4xIV8Rcgqw
-CCPeyam+nwyoVKRuijbFJyj0pymTbhpqmGi7oQw0IwVsFKMmgVXiSPdC6MpIOD8+wrc9Sfno
-CW+jgfcJLu/k/WEgw7qpj5cOwbFvBRzs7VO4RwU9jzXpZdouRRIZhrNwQYmBKRXC5Aa0o8gd
-aN0hWlS+KQ+S73m/XFabGtCyMPU5HX5g2EtvP61+ovqRYvHseBpKwjTTgWthw40IQxIkRU+Y
-PxiEXM9yMcBvs2F25zDw9g3SGLleFqizhUyLAyvY3T1IJgWCU3BFCXy0XJuguQM5znFNDZZ4
-TZnEAKddhf/v/3AOHg0RFzNgMsA8H7MaJey50vOiqn4mFiy+nXA+ILI8Pz+UaJKihs8KutFG
-YEuXiMPn+9vbKdAK/wYzUmilM1xei30E4/bFPt+nwOHF/4ghuKM4KyaImOCijAnkbOaPUBT+
-9qPua+AO15DfAEVoGLIDOMIx2CNqKaOsYadUq3wnFTs/erc/sz/3a1pFYATz3G1jh4kk163q
-zZpEfewFgAB1mynkXA4vBqKNarwApBTgZ4kR9XYXpIkCHAQQAQIABgUCT7bfiAAKCRAsfB56
-VkyIvBV9EACET5QEw0RdpgU5BVVRBnz4XCWXmPUX7/YSfZUQt2sDzKKHYB+yc0h6DnbMenw6
-9YnIg2l8v7hKguLAIxbg21T6y/rne5CtEAzysEIDncqEnxDSMGXlFdMHzRWBKjASqzfxkD8+
-K2no0VMNr/nK+iScfn64FLuH/D0+NEghrx/Vx1dU7ewYGcY5OybfOmBrrSGNwOKfKnRbxTbo
-avBnREnBeY/6xgadwZt0gwoHLEgLotQzLkchJiSfBZcK54nZ1y+NqKfLg+8etXbBDFhgS/OP
-dBmthi5Gt9gKj4u+t1Tjqvrcni203CdXv5HPL5zBc7ZQX+XzwODnAk2+OE28ql+DR3X5SYru
-o355/fUUZgGNpi043+uL6xjZPFARiDc25vqSuY/KQUjFknMgYSm5aw7a7ZM5WiyLO4AdnvX4
-UhRLcXyWqHbpGCQXJr6itJx26JKyQ7sSABrZ/Vj9MOmc3kjcoEW+wcJTKthOpZ3HfB8xreWJ
-IKj+593sqjlStz9kEDMwTmA66B/QVhRx9jPZrbTkQR1DQJ4dOUcBweJ1XF7oP4+Zk++qVZsV
-ez38JptDYqd8+rdQyw3xFfy4iur32oEA92nUdtcs2eIrgGhR96Fuah9wB090hZwPDsiYB1wR
-+7HeDl/XSdiisIWZk8V75oJuSuzoYqFhWQeWQK/2fUNx7bQ6RHIgU3RlcGhlbiBIZW5zb24g
-PHN0ZXBoZW4uaGVuc29uQG9wZW5uZXR3b3Jrc2VjdXJpdHkuY29tPohGBBARAgAGBQJEXKtf
-AAoJEIvYLm8wuUtcd9UAnjmdDad6Qxwun/i0dbZbLjXE0KTzAJ9b49qIv1RTSled84xjp8LI
-GzaZaohGBBARAgAGBQJGx12oAAoJEBA3kYMTMfNblFkAmwTFV2BtA4bTJgwZzbqP57yt9hJS
-AJ9bVKWTmWRbKGltql/VwUXvTms3TYkBFQMFE0PBUKmi0pt78pXHWQEBa1YH/14MRmPhcl8r
-6nlqhJUuPFB1FOI9Epy1sP+FaIGRmBxq63nN7pLLor6wzTQ7LEMnC4OkXQIaylYYC8uOGW7L
-FCFBGnqLHwVUTxWc9Y0r/fdVYGwKn7f134RVSCFfIzr210ogX/e9CHsX+jhRSNG1IrG7t62l
-uyMz2GIrz5+tDgRJJT3MraEIprW0jiB8ZMHhI41u6a1DGUcmbVFS0oRkFHpCJjeFglcG0ZFo
-Lle6QqFgtOQ742JuB6d+ccHVRadQOGnyxv5jQf2PMGr+USEuJFEU7VUDi8ja/WYdTdJD+g8r
-qrkzYofsmngrU0ZfxfaDG3esnN7qqEXsf1wXE1KfCFSJAhwEEAECAAYFAk+234gACgkQLHwe
-elZMiLxCgQ/+IicQEYoNtf9VgmiGAFtoRKD+bZhQtTP4mrAplqZBXSo+Ro2EM+3Z0nUe52I1
-Ydsd8/ofYY2jhCzOkKpD5asH7+jondeVs7G4PdaiAIsrMwQAbU1S1rgnWB9KrLB+RWvIHsDT
-JNEuJQO/2+etNoYsEBp+xl7Tx0uwQdueHg1TrjCAOMImJjGAwOXDS4wD8DPnpaqJnIkwNMXa
-Kaxsz0Kybqh+eYkIibvj04R3K+Zoh2i1Fr/MFPP8F7UrGWOQZkjtg30m3nSTVgsLwTWTbcZ/
-bRNZu9h5lkeqktH8BDHPSjDh5VzeM1G9zP+5/gBXzH2R9NohzYHjnsM6JyXTMGKiErqhRfPw
-shiteXN9xTglw3P2GCdYzO9cp7y2YA3/BJtKweZV19qtRk5NxRdVnUP+DeYc4Fl7vICQ6wVO
-VMJ765SDkHaGx7fIKHNs9LlMNDC0PHvT+Ta1tCTv1qJl6uYao6rwlXAk+OO2dNndYkV8kIN2
-g7o5xRUx4n2wIOGQFHk3/PQGYaoeIahy1wl2cnq2kjQdhhbex6lUc4s9alMOz8HN9zn4e4cz
-rDK7MEQcEUcjMVk9ATnmf3UKblgQGsod1BvrXo3lpt+CSUdtYO+IrqWaC+cUpYmfoXjxBTZH
-gm838LRUnA/P+cb+taZBysUrxDthEtKNKZNCpZ541EIFvzE=
-=DUIo
------END PGP PUBLIC KEY BLOCK-----
-</pre>
-</body></html>
+mQILBEI8bW8BEAC4MIXcibrtBmTq6mYlLRHhgZnX9b4c5ej4ObLsFVH30Q/PDArT
+jINEiqFCTJegBiuFpzbw207+WkpljmQYC5gTWln3u99lMEpHpxJJn+IWZF4avUAS
+aoDE+kD3vjOAxDmWyNlx22gxjG6XmMi/InpMSJjlcCl2c/G01bD1corNaasx7D3T
+nHljAwkLFSJirrc5Ojb2oMgRvQ5cTygshGGYdGbYCSo66a9ewDW5oxst61rYqJUh
+MYhWs06i7KIHHavkBzUy/Rtmw8AQgTfwYtHj3uC29/u1+AHNM81WfNbjjZUtEAPv
+BfL68DHo/8Y+sehBJSL6jiBBdJrt5lzX9TmoNSHgmr+eyGzioU0rhjqhWK3aTxCx
+cMp3fCmdXnrrhBvxntsXAPVU/JRfOnWy5tCipzX02pDMxTPZSrtGM3qtO1kUtJkW
+gltsJuqZOcEThKpcYu2ozSPDEI+1LMyAzb6H7Hvts6+B4eP8f86cVkfpJ+A4wE9+
+5FCpXDXWEhH4Y/Le6bJX/PdMqsX4qG3o+vLF2SVL0dzX/udO9GscZPqcpbEjd2fV
+SU1uqTfLIchzchgJNHnAySMcz8EP+08iUTw+sI+n5k7gZ3is+baMjQYztVn9oB+/
+o8AO/RAnkJklb/GpzcfoHBPp17OuQI8ZuvxRfbRJISEMqnatHLAFvP9T7QAGKbQn
+RHIgU3RlcGhlbiBOIEhlbnNvbiA8c3RldmVAb3BlbnNzbC5vcmc+iQEcBBABAgAG
+BQJCPG3TAAoJEKLSm3vylcdZAcIIAJEpkP59JmnU8b/tzojGe3YHBR0L9YA54GZz
+7MdSEQgIYaZKb+8uwvZG6nxir/HrJOhtvZKHqbna7qvx6LltJ7K+cqLSHz72Iiv9
+KvR1THLpqJaYaQfS8j0VSPNofLm1T/azKf0AVDfrBDnO1vo5dNhG514U6i96GMHX
+YniRBzOkJqDNtNzh7cyyp+0Lc8vOzODjenYWUtqL2Lfqv9aOk2NV2V6LL/qUTmdt
+r/KQwgSCf1yAgqgc0i5l3NJGDI0+706TIhyA3pSc/cqN2zO1oDkzRpsnyoxXrjOC
+/nO6aLH2DI6TrxLfWoGQphWsjM6QLl7/90MxXCffbjJuA7ETt06JARwEEAEIAAYF
+AlML0wwACgkQotKbe/KVx1nbBwf/Z1RgCusMaGQpkPUOKe3gUiuuX7kJNRxKzJZs
+sXQAIalXrxnoGMmJ0vTMOqRbCYsmm8aIWO7Cj/ZNp2JJ6Z8kZSvkvXrUpbq9E9fL
+OeYUBLsfQr+yR2wCl26ycZoAizZ53Rsp/4pbNEF2qivBEAgxHUQrHYaASmhq6AQd
+IKgppgl+d1Oa/4tpAbv1Zr1Tgq+1s7V+//64lAPyptG7N/sgQv86jk7VAcPWwSdJ
+qfsCm3nbd4WgTtS6AbZ0K5hxD9UmDMwLUeCsBzBb0NxUOA2uYrdChu5MKt+ITZMz
+IyAvufNoT+nrU5WX0dlrmBKP43geOnq2lvPzip3bnOEwXbUNfYkCNQQTAQIAHwUC
+QjxtbwIbAwcLCQgHAwIBAxUCAwMWAgECHgECF4AACgkQ01d1B/pA6eL8Gg/9HDb2
+ccQ8vkPPvihtrWP91yItAnHN2BqziYkH/u63L9xaW90B7KFUjo6xJSF1TqXtb4NX
+vGa79IJ94yit1dHTyeBqi1vsy2JlYuPxQXvwoQpyNiq05OsrAJFy9MTeWcP/OXpO
+R7HwE2F9vqtmJLdwhBmuFiKT4LzhcKutMDTovWm506ow738wKQNJaRToJpd9R+Rn
+UWEIz8oc4y6h1Q8aFtxjIyVMWxD9Ry+SmSLg3ZPpQNxN7UnRfYu/2YaRAWOh56tQ
+vy8O+1UmJuenC2mAN1m4EUN/jibKZgFDPLrQ7H5LdR3vzKx5yB/wCAtOYJBRQIrv
+o2hKOqhY3lk5AEJ1r+zq8jH9sXhy0MapZKEs9mbJq0iS7jaUlIohxXcl/bqSe2bl
+JBfETc800Vxbg96A6dwWN7kn9zuF3UWNbxCeoVDDioILozekndpn2Mvz/tslTrC5
+rU7ai+/D+S3caxYxvCY8eJ741uwy7Po5/Obn1met+qhDb107jxP9p3vYHu2Y8KFd
+Js9idqUyBeg10uxIIITpux1Dq/caCHBZLJ4vMWGmlBh3L1diMNRyilXiTaX58A6J
+OzRjpO5s3dKwaK8j9jI7fnreqR3/nP/IJPrldEIiy3TBIxSF9u8iTDuuOF40h8ai
+QAsVYQ6JlHglvrk4pZneHvMwlZaJIB/abOUjKPOJAjYEEwECACACGwMCHgECF4AF
+AlMLv7YFCwkIBwMEFQoJCAUWAgMBAAAKCRDTV3UH+kDp4n4HD/9hNPUuNVLnA/m7
+ZlR/WNCCDICYNUBUj7g9o0gcVsg+5zp8Dp6wwrn5n1ZG3h/oL6zGdxgp4nQ7rPBc
+xZT7vr2mVqiNppQqD88be52jmRcCI3W06SWRAVayxHXFryslFzXMfoosmAYUtPPR
+hckCNwHLlbkNYXLfAU+e0pTJrAAcmCSDTU2f9KPu43JToJ2PMaIj2gRr+5pALali
+KMBIsW+E9pKDiN4v3l16bHP5esqC/CC7JivUjvv+q2kU/I9+Ep4yritrw0UxMk8l
+hlSnOOsdIeSD2OoVZWP9nFN8jvrPIBAGBEY6Y8uj+WNWCEM3cJhbdilqOBuOmgZJ
+cbpTnEzKGtPWqDNivPcrTpJ3sxRxxnUyicaFK0jOH+L/mj/gY0Zt5RD6C/zw9oPL
+PqYAAjEudGK+v15wRJDp5noitRJwjUs+08ttlTAW7uR+5KU/uRdykprcHvfGr11l
+J3cSOyUMH6FOgH7pvJ35c7lmzL0b34ZEgRLL2xbKSsFyUlzubUM6LE4FEGxLOYFn
+JkX8ZfReGAxvg1B5RtxdcdLjR0OFXff1ERvUmsw+phk0iayyukAzJ6albckotLr8
+V4JtJJpM4s1aldaxTmf7rNoBCvUKB5bJ/xDrUow3omt4oyQN6pAKWHrydeXF0LZZ
+xsfLebHPMjxTIldbb/K9ikMx4Vh4kIkCNwQTAQgAIQUCUwvRVQIbAwULCQgHAwUV
+CgkICwUWAgMBAAIeAQIXgAAKCRDTV3UH+kDp4uObD/4qOhFldhiNSezwC+EiSEwH
+MFMSEneSjllAu9ZHikf7KNYLcgq/8vk3TiobsgzTls9vEdXJYsr7BvKJ3fLUwZoo
+MVwycfyTC4zP0Buu2o4rMlYPvFZ9y5tfftmVQUwGVtTEUo/WQ0NREFyU/C0Q9Og0
+PRRkmuztpRJlhQFImhdPH6KCEU00xrAOsOflz1xJ3XpbWwccrm0R3gwJcA6KGVGa
+9g+1nnkR2VveTqU0j6BBrPlYvdWbgYStabrdCYHTaX1lh7JfEv4fGMtaMAaqklGP
+abVeCSFzm37EOWCz+n7Fs7BHq8IIj6E1jmj1pkJGAdbTF1c/7iLTU7E8EU/D6ii9
+Hu46dKyzIz+6MOlkEw+zPJNSs4Kg5xNMQF1iWjq9E3pwvPPpFWehAkUDUnfmK9Ek
+q1hAq8JuE0RRedxh+xWkJS9b8p5r84S8XpixMeTrTAPmSgY3jROUvTKi6Pa9wNJh
+UOM5coGL6EsBhXwQfFd/+CxyWUnCakfkp11SI4Er7oVxsHm1mvGK2oTHWZnJuxp4
+u3uCTz5f44DRZufIbSiFrzk9dKTbuQGup34gC/SvvPBbHxwz81tYq8ppxYelHQfW
+JJUYKF3TJfPCTiOhLJvF0yf1N2zv7qkiL8v/IgCU8aMFwDmWEXLe92xxlDgT+6cs
+DoyG656zUyzOC7VsoXGhsLQxRHIgU3RlcGhlbiBIZW5zb24gPHNoZW5zb25AZHJo
+LWNvbnN1bHRhbmN5LmNvLnVrPokBHAQQAQgABgUCUwvTDAAKCRCi0pt78pXHWTny
+CAC4niLxJJz4dlbNAlxu0sY4jeYAKVVsYO4Mp443Z/AqdF3O2kCyoLCjbEiRN1mN
+EedpVdd7s/GFAcd1/yXG9MnUjNjKT4sEaGk8/ZiJqQVzkpMwHY6tF9kI9XMwrGrI
+3pcBcBlHknrmledaQarB1e4SeCPADWMdR4dWK0zW/xDcDeHcPe0jr4Cks6lFB3P3
+8b33tI5O4vow+aqAis9klgYebvBNdIHeuAbP9eir5iYeO3zt/36BYdq+qITkiGFK
+v/qqlPqEjXcsZlNGM2gFYclWGrWVE4XECOxqRwvEGYAfJaHIyiWfkf1Bz6t8vdro
+PSwQ+whX/OydLxUBLTNRAeU0iQI3BBMBCAAhBQJTC8zlAhsDBQsJCAcDBRUKCQgL
+BRYCAwEAAh4BAheAAAoJENNXdQf6QOniuKUQAJHU9ikZxaZrInUMKHWSEdQrwgWI
+Dpcf51eun9nBvEYSpduDJ0DbtzxnkS4+Kb/KYBf7QYCuc98Aszit1iR4i+qiRvK/
+/ZDXn9UyHaWFbjNUTiYIjor13DB4wjshiVFV3vE84BJx43jNatMfnRwSuVpOWgVW
+qGRxJ5IAIBeWjOzTQfwumzrrWNCT+c/RL3/yEAc/C+iSZdEAjwFdSQ7yj0ACQg+S
+Z2Eqo4BMFMbBjp6N1urcO4cy+2KMdvHztj+F2siqhBwsPtqnQEkLOywvuotzpMeI
+DhkI++VFX6hE/XRkvktiiq5i5byrQC3jFfuWvJ0LvoMxShBv3U/UbCJqBoqyFwMf
+JVlvMqN21qxsEV1+44cvLcd1VqD8ErR3Pa2h++WGOsuKoIm6rhfWYcM2ewxk0bp6
+QtYrohT8/Ydw2G3TYYcR+8+mIAxRU39+kRsMnr5mt1oNzBqJ3vkXQddaQy9PJR06
+HERhwaaII0Ecrb2B1QdFxhvdYRqU15RaEH7dyWycFhiEEoUX4Vf28pNksH0xblVU
+I9ZJwHV+Z1VgGXQk8dpdc6QQf9wvvFae9nKtKxkmmaolFiQMgZQodXxhNvDj+AjQ
+sc6CZCnSfRly0DKaaHOYioUcqd7LVKnTpzmXlYOQFIASN0+R74ue8M4uFte353Yh
+oWLK2Q2O+HxYtc8MiQI3BBMBCAAhBQJTC9FYAhsDBQsJCAcDBRUKCQgLBRYCAwEA
+Ah4BAheAAAoJENNXdQf6QOnitssP/R9q0rQr3takz0pPAcWfn5g8fDFcEe5SBW7d
+AkWCpJ9mQilDsI8L3TeCUhk3bM3mOxsxkJo6ZTaPGwS/0bR8pAZZ4DwP8CPZr8hf
+X5IcqB0IXVzPuIBYibSyanw1KA7EDJ8qJBZw4+FEXGpYAmlqRvq3PEs4a5cBjtAd
+o4KBePY0nI+kwC8bwuApORtuLz8vbXovGydLZJndRkLxRhLIrftWg3kpn7KNafxK
+irgXciwoZKUajhfVtL/W+bKj0rS6eGoIqw52WkS9sTn0vBnrw20l4UsBHGDixCEw
+TNLU/m45kB4folUvnuoq8WVx18StPrTPLmD3hzNKbWiCAmiIlbbE0/vtmP+9iGns
+/ZsdhFE0dr6XBei58KIlaeTRlx0c3OB5Xq9zqMtK+BUE9vmZIzDw3UXLiV0X9ldx
+9ntn5I/F+uXLEclJd0bX7WvZrKo+upHsu9UfIIvm4qNSyCr3iuVsNTQ7qZjSSlpv
+nOClduFILACuCTvQ7ZTXPN7JJrdEmpm9SFtVGf8GAqYxf2W+PdD6LZ6gPGHBaSCS
+S1/1MMe+khibmyUo5ceanKe+2sKraChhE75/56Zwq6EBNXRBN8v4XZIL9BbkzTpv
+dYN8R55Qrdu9jeoWmGdKLFjPaoYhTPU8gnnP38buvBM/i56gowuebb72oC8wKIOM
+FLpsBMJvtDFEciBTdGVwaGVuIEhlbnNvbiA8c2hlbnNvbkBvcGVuc3NsZm91bmRh
+dGlvbi5jb20+iQEcBBABCAAGBQJTC9OoAAoJEKLSm3vylcdZ2AwH/jPyNrn2uZrq
+1M+UG/6C/znQQDE4dRriveHtGqVlu/adJRDga74hBAWYsym520KUu/x1bGz84Lfe
+aZHPKTbr3FuIA9s873BeMepGTVYuMJ66AAelcFC97AXvYIopSwg5Ru0dbb7AXFB+
+6Cwhdp7BNZRWsYeOrIhmiYD779LpNyef43bSuYU1cIdAKl9gnhWVLm9ykX+zcgim
+FBnOXfAXEyJknghqyfVUoIkzDIBptv1culEWWM+5SHZm1MtSGLJsyFGn6M3mnOEk
+ceMJNbLkcs4Mw7d9dDL7nqbxr4IX4uSxLO5GQ+UnN03jEYJGFH0oHrwfDdgg509F
+vcU6aJm7srGJAjcEEwEIACEFAlMLzRACGwMFCwkIBwMFFQoJCAsFFgIDAQACHgEC
+F4AACgkQ01d1B/pA6eIHwA//TSYOfBe6UVlBuZnBB4RXorMASy3US/RWJgjpIKsy
+Vn+jU8362srXlMtPglmLxfkI9qdyCOjXpDP+a0432m6PZNVY2tmsKEvGnaBZieAX
+SXH6X0Led26qN78YN4DCAskmlRwip2/WTAe7s8eZtfUtuu/fWEYxyC7ZgqdCIJLf
+QzQtxDybM/6i8tJrSKfx4G7x+bl/DT2KUHoTnAvxElVhtl1a62kIv+AYdqYv0d+h
+Aho+6uIpvzd7Niy1ZFJFg+JAUrnqy9PRb4T8FUhvyvWNx9gYuHGuovQ5e2FQNdit
+eEy6EQwP4EyUXhi1HWqCZypogMdCxytHB0VnQBzxxsZSiWCQMcAxvAFvYl+TD90J
+KWRlnU0SMKc+nGTEENHxPPbI7BJil7d6LFDj7gGfNSkyZuqB2uBraB8d2tSy6s8i
+6y/akKg9UYGVETC4IZl+eL6OXnqQcFIPSf29t8GF8J7kZMzcDNEVCkDjUu0dx+mI
+/UWaNpYotAXHUCVHmkQ1KjXvnEMtmChGRJullDGm/L9gjzei8ZKB75Stdynp18T9
+M7YPVMQRT4+FUvjq+374kI8QjSm0BZEZsz/2thkaqlG+i2Sfr1TyiRXFvLNil2aj
+nJ7Oh04xVJDmz4Ln4j3z/M1iiNVsA7PQ6Zz842nm2YD/x7ugZa9C9SmGRtl4KXnx
+rDuJAjcEEwEIACEFAlML03kCGwMFCwkIBwMFFQoJCAsFFgIDAQACHgECF4AACgkQ
+01d1B/pA6eLXtw/9FeV38cRwnPkdTCiqVtwzKh9VaYn6AFX/1X0LoLV+3Mh6Lkzw
+8ZRHJfb21sPjA+NVAA4yo20Dm9tI0R6jy7ikxIgmHUZZH5sH3tUfBYILtqRfTHyX
+qhjFSjPPcOqU7NA3zmsAmGTc9Eu73F+4hPP/kXoF4OmiEJjiDZm+38wQ/q2sZoxy
+aPussddWpmUbIPYJwfCz0Dy3GvsVhLN3deWGjtyMTLrfYYqweKnJpWF1p1ke4ZxC
+YI7DSbDVdqYCkh1BTHWNqpYjMab3p4bRdLgwCDkOvIt1fSf8b/lFCkD0ZHcvL+TQ
+f5h9YsuaTIMJu9M0il73eLlc9z5PlZpMD4R1mbdEMMMs82d7vEbLT9cHYlJ1lZlU
+cNlaRvuIR4cCHdYqJXZ+9fCc0nElXLmrPSWEgauYlEb4XOCCgnHnP3VEMAVycSkY
+rBgucYycfMQ2CXJoz4FPVST/irGCe1vpf3Vqq0SVoiAZdz3yNQ9M8iXhaA+hdrbp
+pgoRgGIPBf2BjUA+Xgz8rB184tA3p9VOcvQ0LrK/N3y5FU1tk9OEemsHTKgEFFQ7
+b7OSIIUChvfl7ugXcOosNtZmD1pdyAuaiqDkeTBO+teD0LjUaUwWxl7uwLjOODjj
+WN5ixjNRjv7us6htnPvv/GhhWb66Fc15XQ1gJdhiMrp426dJ32YP6OG6WWy5AgsE
+Qjxx+AEQANWX4zqswKPWnq5nRhPuLm68QJxUbFiYYL6+ir4+LOV9uwKhuMtZIfZQ
+3do7S3b74QMhubOrdAnNbsvd9glqHrULQzmfSM97bJn6TJNzWOunGbu35OX6aO9J
+mIYCcwZq/6JYqawTYhkL5Pu4jrLSPa9BOJR5wNZ78geqeKhp6VFGAS77lt21PrFr
+uVVCoIXE2iYM2V9Rn8/lW/+ah3Z6Y+ZXgjQ+0npMTdQYwKh+ZdPpq7zkyXGn4LH0
+y0oALEZZaUaZUDn8wCVhcZsQYRXzH+W6KSplb+zq7VEUT5Yf3c1XC8sBzcF5UWfW
++urodROCoWgEpz/DygM98d+Sfpj2Ui4qDrnfe3dJ6etF955/755XZ+LqLij8gu5C
+GB/dWVeRUBY34fUviqUuXAmnA50Sbl66h+6R+kuyQhMQYSLfd4o3u4l06qBNf5eG
+D1hj1RdBmfFN2tiD/XkwLSSl0t813J5fSm8TPwHu5rt1KvxXU8EFiTGhIZcALB1t
+8tROywo253tEOaD1S2VmkJSGTa4xA5dZwe61MzcBA5SN6+lRC7PRK04ov2DMIky7
+vcJ9b3qVXKDNmKyPigGrOnc8MDX1LIQ6F2JC5A0+tiWSghO5BTMptcWzNxVdcp5Z
+ClD8iFdsc0nMtqECT+WTh4MIFMMK/hHw7QkaYglQ+kLb6EwMW4ozAAYpiQIfBBgB
+AgAJBQJCPHH4AhsMAAoJENNXdQf6QOnisnIP/11tnqTaiD6giEijgMFDoXOgd3eC
+ecNw0KkMkY25VK9QGMaGOKHPJUxF8UOoJfzL3rAGs1ezvYfxQb4uYkTPZcsWndZJ
+g0QzKRRu2GSa4p8lJAHThaVMTJ+AbyWwgQIcnskyY3eMEaB7tUEReJKiKf/f2RhS
+VMKbHukqw1Tq5SabRT/o+gIFvVUlH/2m3konlvhxQlevAMPsI8hebTFCnPS5CZbu
+SVxUFlC/HLxNXmSN+TxFCu9WmCIXt1biKWmVYC524dsGu3F5ojTuVGn3ND88bQCc
++GsZnU7wZ1HodEZMgYhdttR53BsVv/VkkwnmuFykq5g9nFEez7GfSm4a3Wg12zG3
+LVWCv997jNmfVIskzTvz6GwkvKS7VjSmOT7hIjI/PZcZ60KNTkXxVyqs8E6Y0h9S
+W4+TRmjSbGgH1j0PpufxVqndxZSH388Nprq7CJZ/tEZkWwv+UvEGeMmSqk4adECc
+J3AoXiAOsYkGin0oTWIAja5X7DKjeNQJfwfwtMjQ46aJnvGEpypWKu7Y4UnkFWGd
+H3j4ZdyzVgCRUnIuIHCzOKR8jrHw7Udxb6Ck6Y9MLJ/pcOzrUCnaALKhMREaNZmY
+G/cu/anS1ekMIWkC/QyX6xbXi7IedakaL56y7nJRBRmPuETKACSAWkGJ5ojm6BxT
+TInCFx1evwVXM3s6
+=eP1B
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/openssl.spec b/openssl.spec
index 57f9061..2bb154b 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -29,7 +29,7 @@ Provides:       ssl
 %ifarch ppc64
 Obsoletes:      openssl-64bit
 %endif
-Version:        1.0.1f
+Version:        1.0.1g
 Release:        0
 Summary:        Secure Sockets and Transport Layer Security
 License:        OpenSSL
@@ -64,7 +64,6 @@ Patch15:        openssl-1.0.1e-fips.patch
 Patch16:        openssl-1.0.1e-fips-ec.patch
 Patch17:        openssl-1.0.1e-fips-ctor.patch
 Patch18:        openssl-1.0.1e-new-fips-reqs.patch
-Patch19:        CVE-2014-0076.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
 %description
@@ -170,7 +169,6 @@ this package's base documentation.
 %patch16 -p1
 %patch17 -p1
 %patch18 -p1
-%patch19 -p1
 
 cp -p %{S:10} .
 cp -p %{S:11} .
@@ -228,7 +226,7 @@ no-ec2m \
 --prefix=%{_prefix} \
 --libdir=%{_lib} \
 --openssldir=%{ssletcdir} \
-$RPM_OPT_FLAGS -std=gnu99 \
+$RPM_OPT_FLAGS -O3 -std=gnu99 \
 -Wa,--noexecstack \
 -fomit-frame-pointer \
 -DTERMIO \