openssl/patches/openssl-0.9.7m-fix-manpages.patch

diff -Naur openssl-0.9.7m/crypto/rand/md_rand.c openssl-0.9.7m-man-fixed/crypto/rand/md_rand.c
--- openssl-0.9.7m/crypto/rand/md_rand.c	2007-01-21 17:02:21.000000000 +0100
+++ openssl-0.9.7m-man-fixed/crypto/rand/md_rand.c	2007-03-22 22:24:37.000000000 +0100
@@ -197,7 +197,7 @@
 	int do_not_lock;
 
 	/*
-	 * (Based on the rand(3) manpage)
+	 * (Based on the openssl_rand(3) manpage)
 	 *
 	 * The input is chopped up into units of 20 bytes (or less for
 	 * the last block).  Each of these blocks is run through the hash
@@ -360,7 +360,7 @@
 	num_ceil = (1 + (num-1)/(MD_DIGEST_LENGTH/2)) * (MD_DIGEST_LENGTH/2);
 
 	/*
-	 * (Based on the rand(3) manpage:)
+	 * (Based on the openssl_rand(3) manpage)
 	 *
 	 * For each group of 10 bytes (or less), we do the following:
 	 *
diff -Naur openssl-0.9.7m/doc/apps/openssl-passwd.pod openssl-0.9.7m-man-fixed/doc/apps/openssl-passwd.pod
--- openssl-0.9.7m/doc/apps/openssl-passwd.pod	1970-01-01 01:00:00.000000000 +0100
+++ openssl-0.9.7m-man-fixed/doc/apps/openssl-passwd.pod	2007-03-22 22:24:37.000000000 +0100
@@ -0,0 +1,82 @@
+=pod
+
+=head1 NAME
+
+openssl-passwd - compute password hashes
+
+=head1 SYNOPSIS
+
+B<openssl passwd>
+[B<-crypt>]
+[B<-1>]
+[B<-apr1>]
+[B<-salt> I<string>]
+[B<-in> I<file>]
+[B<-stdin>]
+[B<-noverify>]
+[B<-quiet>]
+[B<-table>]
+{I<password>}
+
+=head1 DESCRIPTION
+
+The B<passwd> command computes the hash of a password typed at
+run-time or the hash of each password in a list.  The password list is
+taken from the named file for option B<-in file>, from stdin for
+option B<-stdin>, or from the command line, or from the terminal otherwise.
+The Unix standard algorithm B<crypt> and the MD5-based BSD password
+algorithm B<1> and its Apache variant B<apr1> are available.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-crypt>
+
+Use the B<crypt> algorithm (default).
+
+=item B<-1>
+
+Use the MD5 based BSD password algorithm B<1>.
+
+=item B<-apr1>
+
+Use the B<apr1> algorithm (Apache variant of the BSD algorithm).
+
+=item B<-salt> I<string>
+
+Use the specified salt.
+When reading a password from the terminal, this implies B<-noverify>.
+
+=item B<-in> I<file>
+
+Read passwords from I<file>.
+
+=item B<-stdin>
+
+Read passwords from B<stdin>.
+
+=item B<-noverify>
+
+Don't verify when reading a password from the terminal.
+
+=item B<-quiet>
+
+Don't output warnings when passwords given at the command line are truncated.
+
+=item B<-table>
+
+In the output list, prepend the cleartext password and a TAB character
+to each password hash.
+
+=back
+
+=head1 EXAMPLES
+
+B<openssl passwd -crypt -salt xx password> prints B<xxj31ZMTZzkVA>.
+
+B<openssl passwd -1 -salt xxxxxxxx password> prints B<$1$xxxxxxxx$UYCIxa628.9qXjpQCjM4a.>.
+
+B<openssl passwd -apr1 -salt xxxxxxxx password> prints B<$apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0>.
+
+=cut
diff -Naur openssl-0.9.7m/doc/apps/openssl.pod openssl-0.9.7m-man-fixed/doc/apps/openssl.pod
--- openssl-0.9.7m/doc/apps/openssl.pod	2004-01-04 20:03:51.000000000 +0100
+++ openssl-0.9.7m-man-fixed/doc/apps/openssl.pod	2007-03-22 22:24:37.000000000 +0100
@@ -125,7 +125,7 @@
 
 Online Certificate Status Protocol utility.
 
-=item L<B<passwd>|passwd(1)>
+=item L<B<passwd>|openssl-passwd(1)>
 
 Generation of hashed passwords.
 
@@ -325,7 +325,7 @@
 L<dhparam(1)|dhparam(1)>, L<dsa(1)|dsa(1)>, L<dsaparam(1)|dsaparam(1)>,
 L<enc(1)|enc(1)>, L<gendsa(1)|gendsa(1)>,
 L<genrsa(1)|genrsa(1)>, L<nseq(1)|nseq(1)>, L<openssl(1)|openssl(1)>,
-L<passwd(1)|passwd(1)>,
+L<openssl-passwd(1)|openssl-passwd(1)>,
 L<pkcs12(1)|pkcs12(1)>, L<pkcs7(1)|pkcs7(1)>, L<pkcs8(1)|pkcs8(1)>,
 L<rand(1)|rand(1)>, L<req(1)|req(1)>, L<rsa(1)|rsa(1)>,
 L<rsautl(1)|rsautl(1)>, L<s_client(1)|s_client(1)>,
diff -Naur openssl-0.9.7m/doc/apps/passwd.pod openssl-0.9.7m-man-fixed/doc/apps/passwd.pod
--- openssl-0.9.7m/doc/apps/passwd.pod	2002-10-04 02:03:37.000000000 +0200
+++ openssl-0.9.7m-man-fixed/doc/apps/passwd.pod	1970-01-01 01:00:00.000000000 +0100
@@ -1,82 +0,0 @@
-=pod
-
-=head1 NAME
-
-passwd - compute password hashes
-
-=head1 SYNOPSIS
-
-B<openssl passwd>
-[B<-crypt>]
-[B<-1>]
-[B<-apr1>]
-[B<-salt> I<string>]
-[B<-in> I<file>]
-[B<-stdin>]
-[B<-noverify>]
-[B<-quiet>]
-[B<-table>]
-{I<password>}
-
-=head1 DESCRIPTION
-
-The B<passwd> command computes the hash of a password typed at
-run-time or the hash of each password in a list.  The password list is
-taken from the named file for option B<-in file>, from stdin for
-option B<-stdin>, or from the command line, or from the terminal otherwise.
-The Unix standard algorithm B<crypt> and the MD5-based BSD password
-algorithm B<1> and its Apache variant B<apr1> are available.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-crypt>
-
-Use the B<crypt> algorithm (default).
-
-=item B<-1>
-
-Use the MD5 based BSD password algorithm B<1>.
-
-=item B<-apr1>
-
-Use the B<apr1> algorithm (Apache variant of the BSD algorithm).
-
-=item B<-salt> I<string>
-
-Use the specified salt.
-When reading a password from the terminal, this implies B<-noverify>.
-
-=item B<-in> I<file>
-
-Read passwords from I<file>.
-
-=item B<-stdin>
-
-Read passwords from B<stdin>.
-
-=item B<-noverify>
-
-Don't verify when reading a password from the terminal.
-
-=item B<-quiet>
-
-Don't output warnings when passwords given at the command line are truncated.
-
-=item B<-table>
-
-In the output list, prepend the cleartext password and a TAB character
-to each password hash.
-
-=back
-
-=head1 EXAMPLES
-
-B<openssl passwd -crypt -salt xx password> prints B<xxj31ZMTZzkVA>.
-
-B<openssl passwd -1 -salt xxxxxxxx password> prints B<$1$xxxxxxxx$UYCIxa628.9qXjpQCjM4a.>.
-
-B<openssl passwd -apr1 -salt xxxxxxxx password> prints B<$apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0>.
-
-=cut
diff -Naur openssl-0.9.7m/doc/crypto/BN_generate_prime.pod openssl-0.9.7m-man-fixed/doc/crypto/BN_generate_prime.pod
--- openssl-0.9.7m/doc/crypto/BN_generate_prime.pod	2003-01-13 14:16:46.000000000 +0100
+++ openssl-0.9.7m-man-fixed/doc/crypto/BN_generate_prime.pod	2007-03-22 22:24:37.000000000 +0100
@@ -90,7 +90,7 @@
 
 =head1 SEE ALSO
 
-L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>
+L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>
 
 =head1 HISTORY
 
diff -Naur openssl-0.9.7m/doc/crypto/bn.pod openssl-0.9.7m-man-fixed/doc/crypto/bn.pod
--- openssl-0.9.7m/doc/crypto/bn.pod	2001-09-03 14:58:16.000000000 +0200
+++ openssl-0.9.7m-man-fixed/doc/crypto/bn.pod	2007-03-22 22:24:37.000000000 +0100
@@ -145,7 +145,7 @@
 =head1 SEE ALSO
 
 L<bn_internal(3)|bn_internal(3)>,
-L<dh(3)|dh(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>,
+L<dh(3)|dh(3)>, L<openssl_err(3)|openssl_err(3)>, L<openssl_rand(3)|openssl_rand(3)>, L<rsa(3)|rsa(3)>,
 L<BN_new(3)|BN_new(3)>, L<BN_CTX_new(3)|BN_CTX_new(3)>,
 L<BN_copy(3)|BN_copy(3)>, L<BN_swap(3)|BN_swap(3)>, L<BN_num_bytes(3)|BN_num_bytes(3)>,
 L<BN_add(3)|BN_add(3)>, L<BN_add_word(3)|BN_add_word(3)>,
diff -Naur openssl-0.9.7m/doc/crypto/BN_rand.pod openssl-0.9.7m-man-fixed/doc/crypto/BN_rand.pod
--- openssl-0.9.7m/doc/crypto/BN_rand.pod	2002-09-25 15:34:35.000000000 +0200
+++ openssl-0.9.7m-man-fixed/doc/crypto/BN_rand.pod	2007-03-22 22:24:37.000000000 +0100
@@ -45,7 +45,7 @@
 
 =head1 SEE ALSO
 
-L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
+L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>,
 L<RAND_add(3)|RAND_add(3)>, L<RAND_bytes(3)|RAND_bytes(3)>
 
 =head1 HISTORY
diff -Naur openssl-0.9.7m/doc/crypto/CONF_modules_free.pod openssl-0.9.7m-man-fixed/doc/crypto/CONF_modules_free.pod
--- openssl-0.9.7m/doc/crypto/CONF_modules_free.pod	2004-03-02 13:46:09.000000000 +0100
+++ openssl-0.9.7m-man-fixed/doc/crypto/CONF_modules_free.pod	2007-03-22 22:24:37.000000000 +0100
@@ -37,7 +37,7 @@
 =head1 SEE ALSO
 
 L<conf(5)|conf(5)>, L<OPENSSL_config(3)|OPENSSL_config(3)>,
-L<CONF_modules_load_file(3), CONF_modules_load_file(3)>
+L<CONF_modules_load_file(3)|CONF_modules_load_file(3)>
 
 =head1 HISTORY
 
diff -Naur openssl-0.9.7m/doc/crypto/CONF_modules_load_file.pod openssl-0.9.7m-man-fixed/doc/crypto/CONF_modules_load_file.pod
--- openssl-0.9.7m/doc/crypto/CONF_modules_load_file.pod	2004-03-02 13:46:09.000000000 +0100
+++ openssl-0.9.7m-man-fixed/doc/crypto/CONF_modules_load_file.pod	2007-03-22 22:24:37.000000000 +0100
@@ -51,7 +51,7 @@
 =head1 SEE ALSO
 
 L<conf(5)|conf(5)>, L<OPENSSL_config(3)|OPENSSL_config(3)>,
-L<CONF_free(3), CONF_free(3)>, L<err(3),err(3)>
+L<CONF_free(3)|CONF_free(3)>, L<openssl_err(3)|openssl_err(3)>
 
 =head1 HISTORY
 
diff -Naur openssl-0.9.7m/doc/crypto/crypto.pod openssl-0.9.7m-man-fixed/doc/crypto/crypto.pod
--- openssl-0.9.7m/doc/crypto/crypto.pod	2002-10-09 19:14:40.000000000 +0200
+++ openssl-0.9.7m-man-fixed/doc/crypto/crypto.pod	2007-03-22 22:24:37.000000000 +0100
@@ -46,7 +46,7 @@
 
 =item AUXILIARY FUNCTIONS
 
-L<err(3)|err(3)>, L<threads(3)|threads(3)>, L<rand(3)|rand(3)>,
+L<openssl_err(3)|openssl_err(3)>, L<openssl_threads(3)|openssl_threads(3)>, L<openssl_rand(3)|openssl_rand(3)>,
 L<OPENSSL_VERSION_NUMBER(3)|OPENSSL_VERSION_NUMBER(3)>
 
 =item INPUT/OUTPUT, DATA ENCODING
diff -Naur openssl-0.9.7m/doc/crypto/des.pod openssl-0.9.7m-man-fixed/doc/crypto/des.pod
--- openssl-0.9.7m/doc/crypto/des.pod	2003-10-01 17:02:48.000000000 +0200
+++ openssl-0.9.7m-man-fixed/doc/crypto/des.pod	2007-03-22 22:24:37.000000000 +0100
@@ -115,7 +115,7 @@
 the key; it is used to speed the encryption process.
 
 DES_random_key() generates a random key.  The PRNG must be seeded
-prior to using this function (see L<rand(3)|rand(3)>).  If the PRNG
+prior to using this function (see L<openssl_rand(3)|openssl_rand(3)>).  If the PRNG
 could not generate a secure key, 0 is returned.
 
 Before a DES key can be used, it must be converted into the
@@ -317,7 +317,7 @@
 
 =head1 SEE ALSO
 
-crypt(3), L<des_modes(7)|des_modes(7)>, L<evp(3)|evp(3)>, L<rand(3)|rand(3)>
+crypt(3), L<des_modes(7)|des_modes(7)>, L<evp(3)|evp(3)>, L<openssl_rand(3)|openssl_rand(3)>
 
 =head1 HISTORY
 
diff -Naur openssl-0.9.7m/doc/crypto/DH_generate_key.pod openssl-0.9.7m-man-fixed/doc/crypto/DH_generate_key.pod
--- openssl-0.9.7m/doc/crypto/DH_generate_key.pod	2002-09-25 15:34:35.000000000 +0200
+++ openssl-0.9.7m-man-fixed/doc/crypto/DH_generate_key.pod	2007-03-22 22:24:37.000000000 +0100
@@ -40,7 +40,7 @@
 
 =head1 SEE ALSO
 
-L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<DH_size(3)|DH_size(3)>
+L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>, L<DH_size(3)|DH_size(3)>
 
 =head1 HISTORY
 
diff -Naur openssl-0.9.7m/doc/crypto/DH_generate_parameters.pod openssl-0.9.7m-man-fixed/doc/crypto/DH_generate_parameters.pod
--- openssl-0.9.7m/doc/crypto/DH_generate_parameters.pod	2002-09-25 15:34:35.000000000 +0200
+++ openssl-0.9.7m-man-fixed/doc/crypto/DH_generate_parameters.pod	2007-03-22 22:24:37.000000000 +0100
@@ -59,7 +59,7 @@
 
 =head1 SEE ALSO
 
-L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
+L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>,
 L<DH_free(3)|DH_free(3)>
 
 =head1 HISTORY
diff -Naur openssl-0.9.7m/doc/crypto/dh.pod openssl-0.9.7m-man-fixed/doc/crypto/dh.pod
--- openssl-0.9.7m/doc/crypto/dh.pod	2002-08-05 18:28:58.000000000 +0200
+++ openssl-0.9.7m-man-fixed/doc/crypto/dh.pod	2007-03-22 22:24:37.000000000 +0100
@@ -67,8 +67,8 @@
 
 =head1 SEE ALSO
 
-L<dhparam(1)|dhparam(1)>, L<bn(3)|bn(3)>, L<dsa(3)|dsa(3)>, L<err(3)|err(3)>,
-L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<engine(3)|engine(3)>,
+L<dhparam(1)|dhparam(1)>, L<bn(3)|bn(3)>, L<dsa(3)|dsa(3)>, L<openssl_err(3)|openssl_err(3)>,
+L<openssl_rand(3)|openssl_rand(3)>, L<rsa(3)|rsa(3)>, L<engine(3)|engine(3)>,
 L<DH_set_method(3)|DH_set_method(3)>, L<DH_new(3)|DH_new(3)>,
 L<DH_get_ex_new_index(3)|DH_get_ex_new_index(3)>,
 L<DH_generate_parameters(3)|DH_generate_parameters(3)>,
diff -Naur openssl-0.9.7m/doc/crypto/DSA_do_sign.pod openssl-0.9.7m-man-fixed/doc/crypto/DSA_do_sign.pod
--- openssl-0.9.7m/doc/crypto/DSA_do_sign.pod	2002-09-25 15:34:35.000000000 +0200
+++ openssl-0.9.7m-man-fixed/doc/crypto/DSA_do_sign.pod	2007-03-22 22:24:37.000000000 +0100
@@ -36,7 +36,7 @@
 
 =head1 SEE ALSO
 
-L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
+L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>,
 L<DSA_SIG_new(3)|DSA_SIG_new(3)>,
 L<DSA_sign(3)|DSA_sign(3)>
 
diff -Naur openssl-0.9.7m/doc/crypto/DSA_generate_key.pod openssl-0.9.7m-man-fixed/doc/crypto/DSA_generate_key.pod
--- openssl-0.9.7m/doc/crypto/DSA_generate_key.pod	2002-09-25 15:34:35.000000000 +0200
+++ openssl-0.9.7m-man-fixed/doc/crypto/DSA_generate_key.pod	2007-03-22 22:24:37.000000000 +0100
@@ -24,7 +24,7 @@
 
 =head1 SEE ALSO
 
-L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
+L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>,
 L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>
 
 =head1 HISTORY
diff -Naur openssl-0.9.7m/doc/crypto/DSA_generate_parameters.pod openssl-0.9.7m-man-fixed/doc/crypto/DSA_generate_parameters.pod
--- openssl-0.9.7m/doc/crypto/DSA_generate_parameters.pod	2002-09-25 15:34:36.000000000 +0200
+++ openssl-0.9.7m-man-fixed/doc/crypto/DSA_generate_parameters.pod	2007-03-22 22:24:37.000000000 +0100
@@ -90,7 +90,7 @@
 
 =head1 SEE ALSO
 
-L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
+L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>,
 L<DSA_free(3)|DSA_free(3)>
 
 =head1 HISTORY
diff -Naur openssl-0.9.7m/doc/crypto/dsa.pod openssl-0.9.7m-man-fixed/doc/crypto/dsa.pod
--- openssl-0.9.7m/doc/crypto/dsa.pod	2002-08-05 18:28:58.000000000 +0200
+++ openssl-0.9.7m-man-fixed/doc/crypto/dsa.pod	2007-03-22 22:24:37.000000000 +0100
@@ -100,7 +100,7 @@
 
 =head1 SEE ALSO
 
-L<bn(3)|bn(3)>, L<dh(3)|dh(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>,
+L<bn(3)|bn(3)>, L<dh(3)|dh(3)>, L<openssl_err(3)|openssl_err(3)>, L<openssl_rand(3)|openssl_rand(3)>,
 L<rsa(3)|rsa(3)>, L<sha(3)|sha(3)>, L<engine(3)|engine(3)>,
 L<DSA_new(3)|DSA_new(3)>,
 L<DSA_size(3)|DSA_size(3)>,
diff -Naur openssl-0.9.7m/doc/crypto/DSA_sign.pod openssl-0.9.7m-man-fixed/doc/crypto/DSA_sign.pod
--- openssl-0.9.7m/doc/crypto/DSA_sign.pod	2002-09-25 15:34:36.000000000 +0200
+++ openssl-0.9.7m-man-fixed/doc/crypto/DSA_sign.pod	2007-03-22 22:24:37.000000000 +0100
@@ -55,7 +55,7 @@
 
 =head1 SEE ALSO
 
-L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
+L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>,
 L<DSA_do_sign(3)|DSA_do_sign(3)>
 
 =head1 HISTORY
diff -Naur openssl-0.9.7m/doc/crypto/engine.pod openssl-0.9.7m-man-fixed/doc/crypto/engine.pod
--- openssl-0.9.7m/doc/crypto/engine.pod	2002-12-15 22:20:25.000000000 +0100
+++ openssl-0.9.7m-man-fixed/doc/crypto/engine.pod	2007-03-22 22:24:37.000000000 +0100
@@ -615,7 +615,7 @@
 
 =head1 SEE ALSO
 
-L<rsa(3)|rsa(3)>, L<dsa(3)|dsa(3)>, L<dh(3)|dh(3)>, L<rand(3)|rand(3)>,
+L<rsa(3)|rsa(3)>, L<dsa(3)|dsa(3)>, L<dh(3)|dh(3)>, L<openssl_rand(3)|openssl_rand(3)>,
 L<RSA_new_method(3)|RSA_new_method(3)>
 
 =cut
diff -Naur openssl-0.9.7m/doc/crypto/ERR_clear_error.pod openssl-0.9.7m-man-fixed/doc/crypto/ERR_clear_error.pod
--- openssl-0.9.7m/doc/crypto/ERR_clear_error.pod	2000-02-01 02:36:58.000000000 +0100
+++ openssl-0.9.7m-man-fixed/doc/crypto/ERR_clear_error.pod	2007-03-22 22:24:37.000000000 +0100
@@ -20,7 +20,7 @@
 
 =head1 SEE ALSO
 
-L<err(3)|err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
+L<openssl_err(3)|openssl_err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
 
 =head1 HISTORY
 
diff -Naur openssl-0.9.7m/doc/crypto/ERR_error_string.pod openssl-0.9.7m-man-fixed/doc/crypto/ERR_error_string.pod
--- openssl-0.9.7m/doc/crypto/ERR_error_string.pod	2004-11-14 16:11:16.000000000 +0100
+++ openssl-0.9.7m-man-fixed/doc/crypto/ERR_error_string.pod	2007-03-22 22:24:37.000000000 +0100
@@ -60,7 +60,7 @@
 
 =head1 SEE ALSO
 
-L<err(3)|err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
+L<openssl_err(3)|openssl_err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
 L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
 L<SSL_load_error_strings(3)|SSL_load_error_strings(3)>
 L<ERR_print_errors(3)|ERR_print_errors(3)>
diff -Naur openssl-0.9.7m/doc/crypto/ERR_get_error.pod openssl-0.9.7m-man-fixed/doc/crypto/ERR_get_error.pod
--- openssl-0.9.7m/doc/crypto/ERR_get_error.pod	2002-11-29 15:22:04.000000000 +0100
+++ openssl-0.9.7m-man-fixed/doc/crypto/ERR_get_error.pod	2007-03-22 22:24:37.000000000 +0100
@@ -61,7 +61,7 @@
 
 =head1 SEE ALSO
 
-L<err(3)|err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>,
+L<openssl_err(3)|openssl_err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>,
 L<ERR_GET_LIB(3)|ERR_GET_LIB(3)>
 
 =head1 HISTORY
diff -Naur openssl-0.9.7m/doc/crypto/ERR_GET_LIB.pod openssl-0.9.7m-man-fixed/doc/crypto/ERR_GET_LIB.pod
--- openssl-0.9.7m/doc/crypto/ERR_GET_LIB.pod	2000-02-01 02:36:58.000000000 +0100
+++ openssl-0.9.7m-man-fixed/doc/crypto/ERR_GET_LIB.pod	2007-03-22 22:24:37.000000000 +0100
@@ -41,7 +41,7 @@
 
 =head1 SEE ALSO
 
-L<err(3)|err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
+L<openssl_err(3)|openssl_err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
 
 =head1 HISTORY
 
diff -Naur openssl-0.9.7m/doc/crypto/ERR_load_crypto_strings.pod openssl-0.9.7m-man-fixed/doc/crypto/ERR_load_crypto_strings.pod
--- openssl-0.9.7m/doc/crypto/ERR_load_crypto_strings.pod	2000-02-24 12:55:08.000000000 +0100
+++ openssl-0.9.7m-man-fixed/doc/crypto/ERR_load_crypto_strings.pod	2007-03-22 22:24:37.000000000 +0100
@@ -35,7 +35,7 @@
 
 =head1 SEE ALSO
 
-L<err(3)|err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>
+L<openssl_err(3)|openssl_err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>
 
 =head1 HISTORY
 
diff -Naur openssl-0.9.7m/doc/crypto/ERR_load_strings.pod openssl-0.9.7m-man-fixed/doc/crypto/ERR_load_strings.pod
--- openssl-0.9.7m/doc/crypto/ERR_load_strings.pod	2000-02-24 12:55:08.000000000 +0100
+++ openssl-0.9.7m-man-fixed/doc/crypto/ERR_load_strings.pod	2007-03-22 22:24:37.000000000 +0100
@@ -43,7 +43,7 @@
 
 =head1 SEE ALSO
 
-L<err(3)|err(3)>, L<ERR_load_strings(3)|ERR_load_strings(3)>
+L<openssl_err(3)|openssl_err(3)>, L<ERR_load_strings(3)|ERR_load_strings(3)>
 
 =head1 HISTORY
 
diff -Naur openssl-0.9.7m/doc/crypto/err.pod openssl-0.9.7m-man-fixed/doc/crypto/err.pod
--- openssl-0.9.7m/doc/crypto/err.pod	2002-07-10 21:34:38.000000000 +0200
+++ openssl-0.9.7m-man-fixed/doc/crypto/err.pod	1970-01-01 01:00:00.000000000 +0100
@@ -1,187 +0,0 @@
-=pod
-
-=head1 NAME
-
-err - error codes
-
-=head1 SYNOPSIS
-
- #include <openssl/err.h>
-
- unsigned long ERR_get_error(void);
- unsigned long ERR_peek_error(void);
- unsigned long ERR_get_error_line(const char **file, int *line);
- unsigned long ERR_peek_error_line(const char **file, int *line);
- unsigned long ERR_get_error_line_data(const char **file, int *line,
-         const char **data, int *flags);
- unsigned long ERR_peek_error_line_data(const char **file, int *line,
-         const char **data, int *flags);
-
- int ERR_GET_LIB(unsigned long e);
- int ERR_GET_FUNC(unsigned long e);
- int ERR_GET_REASON(unsigned long e);
-
- void ERR_clear_error(void);
-
- char *ERR_error_string(unsigned long e, char *buf);
- const char *ERR_lib_error_string(unsigned long e);
- const char *ERR_func_error_string(unsigned long e);
- const char *ERR_reason_error_string(unsigned long e);
-
- void ERR_print_errors(BIO *bp);
- void ERR_print_errors_fp(FILE *fp);
-
- void ERR_load_crypto_strings(void);
- void ERR_free_strings(void);
-
- void ERR_remove_state(unsigned long pid);
-
- void ERR_put_error(int lib, int func, int reason, const char *file,
-         int line);
- void ERR_add_error_data(int num, ...);
-
- void ERR_load_strings(int lib,ERR_STRING_DATA str[]);
- unsigned long ERR_PACK(int lib, int func, int reason);
- int ERR_get_next_error_library(void);
-
-=head1 DESCRIPTION
-
-When a call to the OpenSSL library fails, this is usually signalled
-by the return value, and an error code is stored in an error queue
-associated with the current thread. The B<err> library provides
-functions to obtain these error codes and textual error messages.
-
-The L<ERR_get_error(3)|ERR_get_error(3)> manpage describes how to
-access error codes.
-
-Error codes contain information about where the error occurred, and
-what went wrong. L<ERR_GET_LIB(3)|ERR_GET_LIB(3)> describes how to
-extract this information. A method to obtain human-readable error
-messages is described in L<ERR_error_string(3)|ERR_error_string(3)>.
-
-L<ERR_clear_error(3)|ERR_clear_error(3)> can be used to clear the
-error queue.
-
-Note that L<ERR_remove_state(3)|ERR_remove_state(3)> should be used to
-avoid memory leaks when threads are terminated.
-
-=head1 ADDING NEW ERROR CODES TO OPENSSL
-
-See L<ERR_put_error(3)> if you want to record error codes in the
-OpenSSL error system from within your application.
-
-The remainder of this section is of interest only if you want to add
-new error codes to OpenSSL or add error codes from external libraries.
-
-=head2 Reporting errors
-
-Each sub-library has a specific macro XXXerr() that is used to report
-errors. Its first argument is a function code B<XXX_F_...>, the second
-argument is a reason code B<XXX_R_...>. Function codes are derived
-from the function names; reason codes consist of textual error
-descriptions. For example, the function ssl23_read() reports a
-"handshake failure" as follows:
-
- SSLerr(SSL_F_SSL23_READ, SSL_R_SSL_HANDSHAKE_FAILURE);
-
-Function and reason codes should consist of upper case characters,
-numbers and underscores only. The error file generation script translates
-function codes into function names by looking in the header files
-for an appropriate function name, if none is found it just uses
-the capitalized form such as "SSL23_READ" in the above example.
-
-The trailing section of a reason code (after the "_R_") is translated
-into lower case and underscores changed to spaces.
-
-When you are using new function or reason codes, run B<make errors>.
-The necessary B<#define>s will then automatically be added to the
-sub-library's header file.
-
-Although a library will normally report errors using its own specific
-XXXerr macro, another library's macro can be used. This is normally
-only done when a library wants to include ASN1 code which must use
-the ASN1err() macro.
-
-=head2 Adding new libraries
-
-When adding a new sub-library to OpenSSL, assign it a library number
-B<ERR_LIB_XXX>, define a macro XXXerr() (both in B<err.h>), add its
-name to B<ERR_str_libraries[]> (in B<crypto/err/err.c>), and add
-C<ERR_load_XXX_strings()> to the ERR_load_crypto_strings() function
-(in B<crypto/err/err_all.c>). Finally, add an entry
-
- L	XXX	xxx.h	xxx_err.c
-
-to B<crypto/err/openssl.ec>, and add B<xxx_err.c> to the Makefile.
-Running B<make errors> will then generate a file B<xxx_err.c>, and
-add all error codes used in the library to B<xxx.h>.
-
-Additionally the library include file must have a certain form.
-Typically it will initially look like this:
-
- #ifndef HEADER_XXX_H
- #define HEADER_XXX_H
-
- #ifdef __cplusplus
- extern "C" {
- #endif
-
- /* Include files */
-
- #include <openssl/bio.h>
- #include <openssl/x509.h>
-
- /* Macros, structures and function prototypes */
-
-
- /* BEGIN ERROR CODES */
-
-The B<BEGIN ERROR CODES> sequence is used by the error code
-generation script as the point to place new error codes, any text
-after this point will be overwritten when B<make errors> is run.
-The closing #endif etc will be automatically added by the script.
-
-The generated C error code file B<xxx_err.c> will load the header
-files B<stdio.h>, B<openssl/err.h> and B<openssl/xxx.h> so the
-header file must load any additional header files containing any
-definitions it uses.
-
-=head1 USING ERROR CODES IN EXTERNAL LIBRARIES
-
-It is also possible to use OpenSSL's error code scheme in external
-libraries. The library needs to load its own codes and call the OpenSSL
-error code insertion script B<mkerr.pl> explicitly to add codes to
-the header file and generate the C error code file. This will normally
-be done if the external library needs to generate new ASN1 structures
-but it can also be used to add more general purpose error code handling.
-
-TBA more details
-
-=head1 INTERNALS
-
-The error queues are stored in a hash table with one B<ERR_STATE>
-entry for each pid. ERR_get_state() returns the current thread's
-B<ERR_STATE>. An B<ERR_STATE> can hold up to B<ERR_NUM_ERRORS> error
-codes. When more error codes are added, the old ones are overwritten,
-on the assumption that the most recent errors are most important.
-
-Error strings are also stored in hash table. The hash tables can
-be obtained by calling ERR_get_err_state_table(void) and
-ERR_get_string_table(void) respectively.
-
-=head1 SEE ALSO
-
-L<CRYPTO_set_id_callback(3)|CRYPTO_set_id_callback(3)>,
-L<CRYPTO_set_locking_callback(3)|CRYPTO_set_locking_callback(3)>,
-L<ERR_get_error(3)|ERR_get_error(3)>,
-L<ERR_GET_LIB(3)|ERR_GET_LIB(3)>,
-L<ERR_clear_error(3)|ERR_clear_error(3)>,
-L<ERR_error_string(3)|ERR_error_string(3)>,
-L<ERR_print_errors(3)|ERR_print_errors(3)>,
-L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
-L<ERR_remove_state(3)|ERR_remove_state(3)>,
-L<ERR_put_error(3)|ERR_put_error(3)>,
-L<ERR_load_strings(3)|ERR_load_strings(3)>,
-L<SSL_get_error(3)|SSL_get_error(3)>
-
-=cut
diff -Naur openssl-0.9.7m/doc/crypto/ERR_print_errors.pod openssl-0.9.7m-man-fixed/doc/crypto/ERR_print_errors.pod
--- openssl-0.9.7m/doc/crypto/ERR_print_errors.pod	2000-02-01 02:36:59.000000000 +0100
+++ openssl-0.9.7m-man-fixed/doc/crypto/ERR_print_errors.pod	2007-03-22 22:24:37.000000000 +0100
@@ -38,7 +38,7 @@
 
 =head1 SEE ALSO
 
-L<err(3)|err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>,
+L<openssl_err(3)|openssl_err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>,
 L<ERR_get_error(3)|ERR_get_error(3)>,
 L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
 L<SSL_load_error_strings(3)|SSL_load_error_strings(3)>
diff -Naur openssl-0.9.7m/doc/crypto/ERR_put_error.pod openssl-0.9.7m-man-fixed/doc/crypto/ERR_put_error.pod
--- openssl-0.9.7m/doc/crypto/ERR_put_error.pod	2000-02-24 12:55:08.000000000 +0100
+++ openssl-0.9.7m-man-fixed/doc/crypto/ERR_put_error.pod	2007-03-22 22:24:37.000000000 +0100
@@ -34,7 +34,7 @@
 
 =head1 SEE ALSO
 
-L<err(3)|err(3)>, L<ERR_load_strings(3)|ERR_load_strings(3)>
+L<openssl_err(3)|openssl_err(3)>, L<ERR_load_strings(3)|ERR_load_strings(3)>
 
 =head1 HISTORY
 
diff -Naur openssl-0.9.7m/doc/crypto/ERR_remove_state.pod openssl-0.9.7m-man-fixed/doc/crypto/ERR_remove_state.pod
--- openssl-0.9.7m/doc/crypto/ERR_remove_state.pod	2000-05-19 09:54:42.000000000 +0200
+++ openssl-0.9.7m-man-fixed/doc/crypto/ERR_remove_state.pod	2007-03-22 22:24:37.000000000 +0100
@@ -25,7 +25,7 @@
 
 =head1 SEE ALSO
 
-L<err(3)|err(3)>
+L<openssl_err(3)|openssl_err(3)>
 
 =head1 HISTORY
 
diff -Naur openssl-0.9.7m/doc/crypto/EVP_BytesToKey.pod openssl-0.9.7m-man-fixed/doc/crypto/EVP_BytesToKey.pod
--- openssl-0.9.7m/doc/crypto/EVP_BytesToKey.pod	2003-09-30 19:22:21.000000000 +0200
+++ openssl-0.9.7m-man-fixed/doc/crypto/EVP_BytesToKey.pod	2007-03-22 22:24:37.000000000 +0100
@@ -59,7 +59,7 @@
 
 =head1 SEE ALSO
 
-L<evp(3)|evp(3)>, L<rand(3)|rand(3)>,
+L<evp(3)|evp(3)>, L<openssl_rand(3)|openssl_rand(3)>,
 L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>,
 
 =head1 HISTORY
diff -Naur openssl-0.9.7m/doc/crypto/EVP_OpenInit.pod openssl-0.9.7m-man-fixed/doc/crypto/EVP_OpenInit.pod
--- openssl-0.9.7m/doc/crypto/EVP_OpenInit.pod	2000-09-23 09:16:14.000000000 +0200
+++ openssl-0.9.7m-man-fixed/doc/crypto/EVP_OpenInit.pod	2007-03-22 22:24:37.000000000 +0100
@@ -54,7 +54,7 @@
 
 =head1 SEE ALSO
 
-L<evp(3)|evp(3)>, L<rand(3)|rand(3)>,
+L<evp(3)|evp(3)>, L<openssl_rand(3)|openssl_rand(3)>,
 L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>,
 L<EVP_SealInit(3)|EVP_SealInit(3)>
 
diff -Naur openssl-0.9.7m/doc/crypto/EVP_SealInit.pod openssl-0.9.7m-man-fixed/doc/crypto/EVP_SealInit.pod
--- openssl-0.9.7m/doc/crypto/EVP_SealInit.pod	2005-03-29 19:48:34.000000000 +0200
+++ openssl-0.9.7m-man-fixed/doc/crypto/EVP_SealInit.pod	2007-03-22 22:24:37.000000000 +0100
@@ -74,7 +74,7 @@
 
 =head1 SEE ALSO
 
-L<evp(3)|evp(3)>, L<rand(3)|rand(3)>,
+L<evp(3)|evp(3)>, L<openssl_rand(3)|openssl_rand(3)>,
 L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>,
 L<EVP_OpenInit(3)|EVP_OpenInit(3)>
 
diff -Naur openssl-0.9.7m/doc/crypto/EVP_SealInit.pod.orig openssl-0.9.7m-man-fixed/doc/crypto/EVP_SealInit.pod.orig
--- openssl-0.9.7m/doc/crypto/EVP_SealInit.pod.orig	1970-01-01 01:00:00.000000000 +0100
+++ openssl-0.9.7m-man-fixed/doc/crypto/EVP_SealInit.pod.orig	2005-03-29 19:48:34.000000000 +0200
@@ -0,0 +1,85 @@
+=pod
+
+=head1 NAME
+
+EVP_SealInit, EVP_SealUpdate, EVP_SealFinal - EVP envelope encryption
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, 
+		unsigned char **ek, int *ekl, unsigned char *iv,
+		EVP_PKEY **pubk, int npubk);
+ int EVP_SealUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+         int *outl, unsigned char *in, int inl);
+ int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out,
+         int *outl);
+
+=head1 DESCRIPTION
+
+The EVP envelope routines are a high level interface to envelope
+encryption. They generate a random key and IV (if required) then
+"envelope" it by using public key encryption. Data can then be
+encrypted using this key.
+
+EVP_SealInit() initializes a cipher context B<ctx> for encryption
+with cipher B<type> using a random secret key and IV. B<type> is normally
+supplied by a function such as EVP_des_cbc(). The secret key is encrypted
+using one or more public keys, this allows the same encrypted data to be
+decrypted using any of the corresponding private keys. B<ek> is an array of
+buffers where the public key encrypted secret key will be written, each buffer
+must contain enough room for the corresponding encrypted key: that is
+B<ek[i]> must have room for B<EVP_PKEY_size(pubk[i])> bytes. The actual
+size of each encrypted secret key is written to the array B<ekl>. B<pubk> is
+an array of B<npubk> public keys.
+
+The B<iv> parameter is a buffer where the generated IV is written to. It must
+contain enough room for the corresponding cipher's IV, as determined by (for
+example) EVP_CIPHER_iv_length(type).
+
+If the cipher does not require an IV then the B<iv> parameter is ignored
+and can be B<NULL>.
+
+EVP_SealUpdate() and EVP_SealFinal() have exactly the same properties
+as the EVP_EncryptUpdate() and EVP_EncryptFinal() routines, as 
+documented on the L<EVP_EncryptInit(3)|EVP_EncryptInit(3)> manual
+page. 
+
+=head1 RETURN VALUES
+
+EVP_SealInit() returns 0 on error or B<npubk> if successful.
+
+EVP_SealUpdate() and EVP_SealFinal() return 1 for success and 0 for
+failure.
+
+=head1 NOTES
+
+Because a random secret key is generated the random number generator
+must be seeded before calling EVP_SealInit().
+
+The public key must be RSA because it is the only OpenSSL public key
+algorithm that supports key transport.
+
+Envelope encryption is the usual method of using public key encryption
+on large amounts of data, this is because public key encryption is slow
+but symmetric encryption is fast. So symmetric encryption is used for
+bulk encryption and the small random symmetric key used is transferred
+using public key encryption.
+
+It is possible to call EVP_SealInit() twice in the same way as
+EVP_EncryptInit(). The first call should have B<npubk> set to 0
+and (after setting any cipher parameters) it should be called again
+with B<type> set to NULL.
+
+=head1 SEE ALSO
+
+L<evp(3)|evp(3)>, L<rand(3)|rand(3)>,
+L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>,
+L<EVP_OpenInit(3)|EVP_OpenInit(3)>
+
+=head1 HISTORY
+
+EVP_SealFinal() did not return a value before OpenSSL 0.9.7.
+
+=cut
diff -Naur openssl-0.9.7m/doc/crypto/EVP_SignInit.pod openssl-0.9.7m-man-fixed/doc/crypto/EVP_SignInit.pod
--- openssl-0.9.7m/doc/crypto/EVP_SignInit.pod	2005-03-22 18:57:43.000000000 +0100
+++ openssl-0.9.7m-man-fixed/doc/crypto/EVP_SignInit.pod	2007-03-22 22:24:37.000000000 +0100
@@ -80,7 +80,7 @@
 =head1 SEE ALSO
 
 L<EVP_VerifyInit(3)|EVP_VerifyInit(3)>,
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
+L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<openssl_err(3)|openssl_err(3)>,
 L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
 L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
 L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
diff -Naur openssl-0.9.7m/doc/crypto/EVP_SignInit.pod.orig openssl-0.9.7m-man-fixed/doc/crypto/EVP_SignInit.pod.orig
--- openssl-0.9.7m/doc/crypto/EVP_SignInit.pod.orig	1970-01-01 01:00:00.000000000 +0100
+++ openssl-0.9.7m-man-fixed/doc/crypto/EVP_SignInit.pod.orig	2005-03-22 18:57:43.000000000 +0100
@@ -0,0 +1,95 @@
+=pod
+
+=head1 NAME
+
+EVP_SignInit, EVP_SignUpdate, EVP_SignFinal - EVP signing functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_SignInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_SignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
+ int EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *sig,unsigned int *s, EVP_PKEY *pkey);
+
+ void EVP_SignInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+
+ int EVP_PKEY_size(EVP_PKEY *pkey);
+
+=head1 DESCRIPTION
+
+The EVP signature routines are a high level interface to digital
+signatures.
+
+EVP_SignInit_ex() sets up signing context B<ctx> to use digest
+B<type> from ENGINE B<impl>. B<ctx> must be initialized with
+EVP_MD_CTX_init() before calling this function.
+
+EVP_SignUpdate() hashes B<cnt> bytes of data at B<d> into the
+signature context B<ctx>. This function can be called several times on the
+same B<ctx> to include additional data.
+
+EVP_SignFinal() signs the data in B<ctx> using the private key B<pkey> and
+places the signature in B<sig>. The number of bytes of data written (i.e. the
+length of the signature) will be written to the integer at B<s>, at most
+EVP_PKEY_size(pkey) bytes will be written. 
+
+EVP_SignInit() initializes a signing context B<ctx> to use the default
+implementation of digest B<type>.
+
+EVP_PKEY_size() returns the maximum size of a signature in bytes. The actual
+signature returned by EVP_SignFinal() may be smaller.
+
+=head1 RETURN VALUES
+
+EVP_SignInit_ex(), EVP_SignUpdate() and EVP_SignFinal() return 1
+for success and 0 for failure.
+
+EVP_PKEY_size() returns the maximum size of a signature in bytes.
+
+The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 NOTES
+
+The B<EVP> interface to digital signatures should almost always be used in
+preference to the low level interfaces. This is because the code then becomes
+transparent to the algorithm used and much more flexible.
+
+Due to the link between message digests and public key algorithms the correct
+digest algorithm must be used with the correct public key type. A list of
+algorithms and associated public key algorithms appears in 
+L<EVP_DigestInit(3)|EVP_DigestInit(3)>.
+
+When signing with DSA private keys the random number generator must be seeded
+or the operation will fail. The random number generator does not need to be
+seeded for RSA signatures.
+
+The call to EVP_SignFinal() internally finalizes a copy of the digest context.
+This means that calls to EVP_SignUpdate() and EVP_SignFinal() can be called
+later to digest and sign additional data.
+
+Since only a copy of the digest context is ever finalized the context must
+be cleaned up after use by calling EVP_MD_CTX_cleanup() or a memory leak
+will occur.
+
+=head1 BUGS
+
+Older versions of this documentation wrongly stated that calls to 
+EVP_SignUpdate() could not be made after calling EVP_SignFinal().
+
+=head1 SEE ALSO
+
+L<EVP_VerifyInit(3)|EVP_VerifyInit(3)>,
+L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
+L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
+L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
+L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
+
+=head1 HISTORY
+
+EVP_SignInit(), EVP_SignUpdate() and EVP_SignFinal() are
+available in all versions of SSLeay and OpenSSL.
+
+EVP_SignInit_ex() was added in OpenSSL 0.9.7.
+
+=cut
diff -Naur openssl-0.9.7m/doc/crypto/EVP_VerifyInit.pod openssl-0.9.7m-man-fixed/doc/crypto/EVP_VerifyInit.pod
--- openssl-0.9.7m/doc/crypto/EVP_VerifyInit.pod	2002-07-10 21:34:38.000000000 +0200
+++ openssl-0.9.7m-man-fixed/doc/crypto/EVP_VerifyInit.pod	2007-03-22 22:24:37.000000000 +0100
@@ -71,7 +71,7 @@
 
 L<evp(3)|evp(3)>,
 L<EVP_SignInit(3)|EVP_SignInit(3)>,
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
+L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<openssl_err(3)|openssl_err(3)>,
 L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
 L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
 L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
diff -Naur openssl-0.9.7m/doc/crypto/OPENSSL_config.pod openssl-0.9.7m-man-fixed/doc/crypto/OPENSSL_config.pod
--- openssl-0.9.7m/doc/crypto/OPENSSL_config.pod	2005-06-03 01:16:33.000000000 +0200
+++ openssl-0.9.7m-man-fixed/doc/crypto/OPENSSL_config.pod	2007-03-22 22:24:37.000000000 +0100
@@ -73,7 +73,7 @@
 =head1 SEE ALSO
 
 L<conf(5)|conf(5)>, L<CONF_load_modules_file(3)|CONF_load_modules_file(3)>,
-L<CONF_modules_free(3),CONF_modules_free(3)>
+L<CONF_modules_free(3)|CONF_modules_free(3)>
 
 =head1 HISTORY
 
diff -Naur openssl-0.9.7m/doc/crypto/openssl_err.pod openssl-0.9.7m-man-fixed/doc/crypto/openssl_err.pod
--- openssl-0.9.7m/doc/crypto/openssl_err.pod	1970-01-01 01:00:00.000000000 +0100
+++ openssl-0.9.7m-man-fixed/doc/crypto/openssl_err.pod	2007-03-22 22:24:37.000000000 +0100
@@ -0,0 +1,187 @@
+=pod
+
+=head1 NAME
+
+openssl_err - error codes
+
+=head1 SYNOPSIS
+
+ #include <openssl/err.h>
+
+ unsigned long ERR_get_error(void);
+ unsigned long ERR_peek_error(void);
+ unsigned long ERR_get_error_line(const char **file, int *line);
+ unsigned long ERR_peek_error_line(const char **file, int *line);
+ unsigned long ERR_get_error_line_data(const char **file, int *line,
+         const char **data, int *flags);
+ unsigned long ERR_peek_error_line_data(const char **file, int *line,
+         const char **data, int *flags);
+
+ int ERR_GET_LIB(unsigned long e);
+ int ERR_GET_FUNC(unsigned long e);
+ int ERR_GET_REASON(unsigned long e);
+
+ void ERR_clear_error(void);
+
+ char *ERR_error_string(unsigned long e, char *buf);
+ const char *ERR_lib_error_string(unsigned long e);
+ const char *ERR_func_error_string(unsigned long e);
+ const char *ERR_reason_error_string(unsigned long e);
+
+ void ERR_print_errors(BIO *bp);
+ void ERR_print_errors_fp(FILE *fp);
+
+ void ERR_load_crypto_strings(void);
+ void ERR_free_strings(void);
+
+ void ERR_remove_state(unsigned long pid);
+
+ void ERR_put_error(int lib, int func, int reason, const char *file,
+         int line);
+ void ERR_add_error_data(int num, ...);
+
+ void ERR_load_strings(int lib,ERR_STRING_DATA str[]);
+ unsigned long ERR_PACK(int lib, int func, int reason);
+ int ERR_get_next_error_library(void);
+
+=head1 DESCRIPTION
+
+When a call to the OpenSSL library fails, this is usually signalled
+by the return value, and an error code is stored in an error queue
+associated with the current thread. The B<err> library provides
+functions to obtain these error codes and textual error messages.
+
+The L<ERR_get_error(3)|ERR_get_error(3)> manpage describes how to
+access error codes.
+
+Error codes contain information about where the error occurred, and
+what went wrong. L<ERR_GET_LIB(3)|ERR_GET_LIB(3)> describes how to
+extract this information. A method to obtain human-readable error
+messages is described in L<ERR_error_string(3)|ERR_error_string(3)>.
+
+L<ERR_clear_error(3)|ERR_clear_error(3)> can be used to clear the
+error queue.
+
+Note that L<ERR_remove_state(3)|ERR_remove_state(3)> should be used to
+avoid memory leaks when threads are terminated.
+
+=head1 ADDING NEW ERROR CODES TO OPENSSL
+
+See L<ERR_put_error(3)> if you want to record error codes in the
+OpenSSL error system from within your application.
+
+The remainder of this section is of interest only if you want to add
+new error codes to OpenSSL or add error codes from external libraries.
+
+=head2 Reporting errors
+
+Each sub-library has a specific macro XXXerr() that is used to report
+errors. Its first argument is a function code B<XXX_F_...>, the second
+argument is a reason code B<XXX_R_...>. Function codes are derived
+from the function names; reason codes consist of textual error
+descriptions. For example, the function ssl23_read() reports a
+"handshake failure" as follows:
+
+ SSLerr(SSL_F_SSL23_READ, SSL_R_SSL_HANDSHAKE_FAILURE);
+
+Function and reason codes should consist of upper case characters,
+numbers and underscores only. The error file generation script translates
+function codes into function names by looking in the header files
+for an appropriate function name, if none is found it just uses
+the capitalized form such as "SSL23_READ" in the above example.
+
+The trailing section of a reason code (after the "_R_") is translated
+into lower case and underscores changed to spaces.
+
+When you are using new function or reason codes, run B<make errors>.
+The necessary B<#define>s will then automatically be added to the
+sub-library's header file.
+
+Although a library will normally report errors using its own specific
+XXXerr macro, another library's macro can be used. This is normally
+only done when a library wants to include ASN1 code which must use
+the ASN1err() macro.
+
+=head2 Adding new libraries
+
+When adding a new sub-library to OpenSSL, assign it a library number
+B<ERR_LIB_XXX>, define a macro XXXerr() (both in B<err.h>), add its
+name to B<ERR_str_libraries[]> (in B<crypto/err/err.c>), and add
+C<ERR_load_XXX_strings()> to the ERR_load_crypto_strings() function
+(in B<crypto/err/err_all.c>). Finally, add an entry
+
+ L	XXX	xxx.h	xxx_err.c
+
+to B<crypto/err/openssl.ec>, and add B<xxx_err.c> to the Makefile.
+Running B<make errors> will then generate a file B<xxx_err.c>, and
+add all error codes used in the library to B<xxx.h>.
+
+Additionally the library include file must have a certain form.
+Typically it will initially look like this:
+
+ #ifndef HEADER_XXX_H
+ #define HEADER_XXX_H
+
+ #ifdef __cplusplus
+ extern "C" {
+ #endif
+
+ /* Include files */
+
+ #include <openssl/bio.h>
+ #include <openssl/x509.h>
+
+ /* Macros, structures and function prototypes */
+
+
+ /* BEGIN ERROR CODES */
+
+The B<BEGIN ERROR CODES> sequence is used by the error code
+generation script as the point to place new error codes, any text
+after this point will be overwritten when B<make errors> is run.
+The closing #endif etc will be automatically added by the script.
+
+The generated C error code file B<xxx_err.c> will load the header
+files B<stdio.h>, B<openssl/err.h> and B<openssl/xxx.h> so the
+header file must load any additional header files containing any
+definitions it uses.
+
+=head1 USING ERROR CODES IN EXTERNAL LIBRARIES
+
+It is also possible to use OpenSSL's error code scheme in external
+libraries. The library needs to load its own codes and call the OpenSSL
+error code insertion script B<mkerr.pl> explicitly to add codes to
+the header file and generate the C error code file. This will normally
+be done if the external library needs to generate new ASN1 structures
+but it can also be used to add more general purpose error code handling.
+
+TBA more details
+
+=head1 INTERNALS
+
+The error queues are stored in a hash table with one B<ERR_STATE>
+entry for each pid. ERR_get_state() returns the current thread's
+B<ERR_STATE>. An B<ERR_STATE> can hold up to B<ERR_NUM_ERRORS> error
+codes. When more error codes are added, the old ones are overwritten,
+on the assumption that the most recent errors are most important.
+
+Error strings are also stored in hash table. The hash tables can
+be obtained by calling ERR_get_err_state_table(void) and
+ERR_get_string_table(void) respectively.
+
+=head1 SEE ALSO
+
+L<CRYPTO_set_id_callback(3)|CRYPTO_set_id_callback(3)>,
+L<CRYPTO_set_locking_callback(3)|CRYPTO_set_locking_callback(3)>,
+L<ERR_get_error(3)|ERR_get_error(3)>,
+L<ERR_GET_LIB(3)|ERR_GET_LIB(3)>,
+L<ERR_clear_error(3)|ERR_clear_error(3)>,
+L<ERR_error_string(3)|ERR_error_string(3)>,
+L<ERR_print_errors(3)|ERR_print_errors(3)>,
+L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
+L<ERR_remove_state(3)|ERR_remove_state(3)>,
+L<ERR_put_error(3)|ERR_put_error(3)>,
+L<ERR_load_strings(3)|ERR_load_strings(3)>,
+L<SSL_get_error(3)|SSL_get_error(3)>
+
+=cut
diff -Naur openssl-0.9.7m/doc/crypto/openssl_rand.pod openssl-0.9.7m-man-fixed/doc/crypto/openssl_rand.pod
--- openssl-0.9.7m/doc/crypto/openssl_rand.pod	1970-01-01 01:00:00.000000000 +0100
+++ openssl-0.9.7m-man-fixed/doc/crypto/openssl_rand.pod	2007-03-22 22:24:37.000000000 +0100
@@ -0,0 +1,175 @@
+=pod
+
+=head1 NAME
+
+openssl_rand - pseudo-random number generator
+
+=head1 SYNOPSIS
+
+ #include <openssl/rand.h>
+
+ int  RAND_set_rand_engine(ENGINE *engine);
+
+ int  RAND_bytes(unsigned char *buf, int num);
+ int  RAND_pseudo_bytes(unsigned char *buf, int num);
+
+ void RAND_seed(const void *buf, int num);
+ void RAND_add(const void *buf, int num, int entropy);
+ int  RAND_status(void);
+
+ int  RAND_load_file(const char *file, long max_bytes);
+ int  RAND_write_file(const char *file);
+ const char *RAND_file_name(char *file, size_t num);
+
+ int  RAND_egd(const char *path);
+
+ void RAND_set_rand_method(const RAND_METHOD *meth);
+ const RAND_METHOD *RAND_get_rand_method(void);
+ RAND_METHOD *RAND_SSLeay(void);
+
+ void RAND_cleanup(void);
+
+ /* For Win32 only */
+ void RAND_screen(void);
+ int RAND_event(UINT, WPARAM, LPARAM);
+
+=head1 DESCRIPTION
+
+Since the introduction of the ENGINE API, the recommended way of controlling
+default implementations is by using the ENGINE API functions. The default
+B<RAND_METHOD>, as set by RAND_set_rand_method() and returned by
+RAND_get_rand_method(), is only used if no ENGINE has been set as the default
+"rand" implementation. Hence, these two functions are no longer the recommened
+way to control defaults.
+
+If an alternative B<RAND_METHOD> implementation is being used (either set
+directly or as provided by an ENGINE module), then it is entirely responsible
+for the generation and management of a cryptographically secure PRNG stream. The
+mechanisms described below relate solely to the software PRNG implementation
+built in to OpenSSL and used by default.
+
+These functions implement a cryptographically secure pseudo-random
+number generator (PRNG). It is used by other library functions for
+example to generate random keys, and applications can use it when they
+need randomness.
+
+A cryptographic PRNG must be seeded with unpredictable data such as
+mouse movements or keys pressed at random by the user. This is
+described in L<RAND_add(3)|RAND_add(3)>. Its state can be saved in a seed file
+(see L<RAND_load_file(3)|RAND_load_file(3)>) to avoid having to go through the
+seeding process whenever the application is started.
+
+L<RAND_bytes(3)|RAND_bytes(3)> describes how to obtain random data from the
+PRNG. 
+
+=head1 INTERNALS
+
+The RAND_SSLeay() method implements a PRNG based on a cryptographic
+hash function.
+
+The following description of its design is based on the SSLeay
+documentation:
+
+First up I will state the things I believe I need for a good RNG.
+
+=over 4
+
+=item 1
+
+A good hashing algorithm to mix things up and to convert the RNG 'state'
+to random numbers.
+
+=item 2
+
+An initial source of random 'state'.
+
+=item 3
+
+The state should be very large.  If the RNG is being used to generate
+4096 bit RSA keys, 2 2048 bit random strings are required (at a minimum).
+If your RNG state only has 128 bits, you are obviously limiting the
+search space to 128 bits, not 2048.  I'm probably getting a little
+carried away on this last point but it does indicate that it may not be
+a bad idea to keep quite a lot of RNG state.  It should be easier to
+break a cipher than guess the RNG seed data.
+
+=item 4
+
+Any RNG seed data should influence all subsequent random numbers
+generated.  This implies that any random seed data entered will have
+an influence on all subsequent random numbers generated.
+
+=item 5
+
+When using data to seed the RNG state, the data used should not be
+extractable from the RNG state.  I believe this should be a
+requirement because one possible source of 'secret' semi random
+data would be a private key or a password.  This data must
+not be disclosed by either subsequent random numbers or a
+'core' dump left by a program crash.
+
+=item 6
+
+Given the same initial 'state', 2 systems should deviate in their RNG state
+(and hence the random numbers generated) over time if at all possible.
+
+=item 7
+
+Given the random number output stream, it should not be possible to determine
+the RNG state or the next random number.
+
+=back
+
+The algorithm is as follows.
+
+There is global state made up of a 1023 byte buffer (the 'state'), a
+working hash value ('md'), and a counter ('count').
+
+Whenever seed data is added, it is inserted into the 'state' as
+follows.
+
+The input is chopped up into units of 20 bytes (or less for
+the last block).  Each of these blocks is run through the hash
+function as follows:  The data passed to the hash function
+is the current 'md', the same number of bytes from the 'state'
+(the location determined by in incremented looping index) as
+the current 'block', the new key data 'block', and 'count'
+(which is incremented after each use).
+The result of this is kept in 'md' and also xored into the
+'state' at the same locations that were used as input into the
+hash function. I
+believe this system addresses points 1 (hash function; currently
+SHA-1), 3 (the 'state'), 4 (via the 'md'), 5 (by the use of a hash
+function and xor).
+
+When bytes are extracted from the RNG, the following process is used.
+For each group of 10 bytes (or less), we do the following:
+
+Input into the hash function the local 'md' (which is initialized from
+the global 'md' before any bytes are generated), the bytes that are to
+be overwritten by the random bytes, and bytes from the 'state'
+(incrementing looping index). From this digest output (which is kept
+in 'md'), the top (up to) 10 bytes are returned to the caller and the
+bottom 10 bytes are xored into the 'state'.
+
+Finally, after we have finished 'num' random bytes for the caller,
+'count' (which is incremented) and the local and global 'md' are fed
+into the hash function and the results are kept in the global 'md'.
+
+I believe the above addressed points 1 (use of SHA-1), 6 (by hashing
+into the 'state' the 'old' data from the caller that is about to be
+overwritten) and 7 (by not using the 10 bytes given to the caller to
+update the 'state', but they are used to update 'md').
+
+So of the points raised, only 2 is not addressed (but see
+L<RAND_add(3)|RAND_add(3)>).
+
+=head1 SEE ALSO
+
+L<BN_rand(3)|BN_rand(3)>, L<RAND_add(3)|RAND_add(3)>,
+L<RAND_load_file(3)|RAND_load_file(3)>, L<RAND_egd(3)|RAND_egd(3)>,
+L<RAND_bytes(3)|RAND_bytes(3)>,
+L<RAND_set_rand_method(3)|RAND_set_rand_method(3)>,
+L<RAND_cleanup(3)|RAND_cleanup(3)> 
+
+=cut
diff -Naur openssl-0.9.7m/doc/crypto/openssl_threads.pod openssl-0.9.7m-man-fixed/doc/crypto/openssl_threads.pod
--- openssl-0.9.7m/doc/crypto/openssl_threads.pod	1970-01-01 01:00:00.000000000 +0100
+++ openssl-0.9.7m-man-fixed/doc/crypto/openssl_threads.pod	2007-03-22 22:24:37.000000000 +0100
@@ -0,0 +1,175 @@
+=pod
+
+=head1 NAME
+
+CRYPTO_set_locking_callback, CRYPTO_set_id_callback, CRYPTO_num_locks,
+CRYPTO_set_dynlock_create_callback, CRYPTO_set_dynlock_lock_callback,
+CRYPTO_set_dynlock_destroy_callback, CRYPTO_get_new_dynlockid,
+CRYPTO_destroy_dynlockid, CRYPTO_lock - OpenSSL thread support
+
+=head1 SYNOPSIS
+
+ #include <openssl/crypto.h>
+
+ void CRYPTO_set_locking_callback(void (*locking_function)(int mode,
+        int n, const char *file, int line));
+
+ void CRYPTO_set_id_callback(unsigned long (*id_function)(void));
+
+ int CRYPTO_num_locks(void);
+
+
+ /* struct CRYPTO_dynlock_value needs to be defined by the user */
+ struct CRYPTO_dynlock_value;
+
+ void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *
+	(*dyn_create_function)(char *file, int line));
+ void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function)
+	(int mode, struct CRYPTO_dynlock_value *l,
+	const char *file, int line));
+ void CRYPTO_set_dynlock_destroy_callback(void (*dyn_destroy_function)
+	(struct CRYPTO_dynlock_value *l, const char *file, int line));
+
+ int CRYPTO_get_new_dynlockid(void);
+
+ void CRYPTO_destroy_dynlockid(int i);
+
+ void CRYPTO_lock(int mode, int n, const char *file, int line);
+
+ #define CRYPTO_w_lock(type)	\
+	CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
+ #define CRYPTO_w_unlock(type)	\
+	CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
+ #define CRYPTO_r_lock(type)	\
+	CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__)
+ #define CRYPTO_r_unlock(type)	\
+	CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__)
+ #define CRYPTO_add(addr,amount,type)	\
+	CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__)
+
+=head1 DESCRIPTION
+
+OpenSSL can safely be used in multi-threaded applications provided
+that at least two callback functions are set.
+
+locking_function(int mode, int n, const char *file, int line) is
+needed to perform locking on shared data structures. 
+(Note that OpenSSL uses a number of global data structures that
+will be implicitly shared whenever multiple threads use OpenSSL.)
+Multi-threaded applications will crash at random if it is not set.
+
+locking_function() must be able to handle up to CRYPTO_num_locks()
+different mutex locks. It sets the B<n>-th lock if B<mode> &
+B<CRYPTO_LOCK>, and releases it otherwise.
+
+B<file> and B<line> are the file number of the function setting the
+lock. They can be useful for debugging.
+
+id_function(void) is a function that returns a thread ID, for example
+pthread_self() if it returns an integer (see NOTES below).  It isn't
+needed on Windows nor on platforms where getpid() returns a different
+ID for each thread (see NOTES below).
+
+Additionally, OpenSSL supports dynamic locks, and sometimes, some parts
+of OpenSSL need it for better performance.  To enable this, the following
+is required:
+
+=over 4
+
+=item *
+Three additional callback function, dyn_create_function, dyn_lock_function
+and dyn_destroy_function.
+
+=item *
+A structure defined with the data that each lock needs to handle.
+
+=back
+
+struct CRYPTO_dynlock_value has to be defined to contain whatever structure
+is needed to handle locks.
+
+dyn_create_function(const char *file, int line) is needed to create a
+lock.  Multi-threaded applications might crash at random if it is not set.
+
+dyn_lock_function(int mode, CRYPTO_dynlock *l, const char *file, int line)
+is needed to perform locking off dynamic lock numbered n. Multi-threaded
+applications might crash at random if it is not set.
+
+dyn_destroy_function(CRYPTO_dynlock *l, const char *file, int line) is
+needed to destroy the lock l. Multi-threaded applications might crash at
+random if it is not set.
+
+CRYPTO_get_new_dynlockid() is used to create locks.  It will call
+dyn_create_function for the actual creation.
+
+CRYPTO_destroy_dynlockid() is used to destroy locks.  It will call
+dyn_destroy_function for the actual destruction.
+
+CRYPTO_lock() is used to lock and unlock the locks.  mode is a bitfield
+describing what should be done with the lock.  n is the number of the
+lock as returned from CRYPTO_get_new_dynlockid().  mode can be combined
+from the following values.  These values are pairwise exclusive, with
+undefined behaviour if misused (for example, CRYPTO_READ and CRYPTO_WRITE
+should not be used together):
+
+	CRYPTO_LOCK	0x01
+	CRYPTO_UNLOCK	0x02
+	CRYPTO_READ	0x04
+	CRYPTO_WRITE	0x08
+
+=head1 RETURN VALUES
+
+CRYPTO_num_locks() returns the required number of locks.
+
+CRYPTO_get_new_dynlockid() returns the index to the newly created lock.
+
+The other functions return no values.
+
+=head1 NOTES
+
+You can find out if OpenSSL was configured with thread support:
+
+ #define OPENSSL_THREAD_DEFINES
+ #include <openssl/opensslconf.h>
+ #if defined(OPENSSL_THREADS)
+   // thread support enabled
+ #else
+   // no thread support
+ #endif
+
+Also, dynamic locks are currently not used internally by OpenSSL, but
+may do so in the future.
+
+Defining id_function(void) has it's own issues.  Generally speaking,
+pthread_self() should be used, even on platforms where getpid() gives
+different answers in each thread, since that may depend on the machine
+the program is run on, not the machine where the program is being
+compiled.  For instance, Red Hat 8 Linux and earlier used
+LinuxThreads, whose getpid() returns a different value for each
+thread.  Red Hat 9 Linux and later use NPTL, which is
+Posix-conformant, and has a getpid() that returns the same value for
+all threads in a process.  A program compiled on Red Hat 8 and run on
+Red Hat 9 will therefore see getpid() returning the same value for
+all threads.
+
+There is still the issue of platforms where pthread_self() returns
+something other than an integer.  This is a bit unusual, and this
+manual has no cookbook solution for that case.
+
+=head1 EXAMPLES
+
+B<crypto/threads/mttest.c> shows examples of the callback functions on
+Solaris, Irix and Win32.
+
+=head1 HISTORY
+
+CRYPTO_set_locking_callback() and CRYPTO_set_id_callback() are
+available in all versions of SSLeay and OpenSSL.
+CRYPTO_num_locks() was added in OpenSSL 0.9.4.
+All functions dealing with dynamic locks were added in OpenSSL 0.9.5b-dev.
+
+=head1 SEE ALSO
+
+L<crypto(3)|crypto(3)>
+
+=cut
diff -Naur openssl-0.9.7m/doc/crypto/RAND_add.pod openssl-0.9.7m-man-fixed/doc/crypto/RAND_add.pod
--- openssl-0.9.7m/doc/crypto/RAND_add.pod	2000-03-22 16:30:03.000000000 +0100
+++ openssl-0.9.7m-man-fixed/doc/crypto/RAND_add.pod	2007-03-22 22:24:37.000000000 +0100
@@ -65,7 +65,7 @@
 
 =head1 SEE ALSO
 
-L<rand(3)|rand(3)>, L<RAND_egd(3)|RAND_egd(3)>,
+L<openssl_rand(3)|openssl_rand(3)>, L<RAND_egd(3)|RAND_egd(3)>,
 L<RAND_load_file(3)|RAND_load_file(3)>, L<RAND_cleanup(3)|RAND_cleanup(3)>
 
 =head1 HISTORY
diff -Naur openssl-0.9.7m/doc/crypto/RAND_bytes.pod openssl-0.9.7m-man-fixed/doc/crypto/RAND_bytes.pod
--- openssl-0.9.7m/doc/crypto/RAND_bytes.pod	2002-09-25 15:34:36.000000000 +0200
+++ openssl-0.9.7m-man-fixed/doc/crypto/RAND_bytes.pod	2007-03-22 22:24:37.000000000 +0100
@@ -35,7 +35,7 @@
 
 =head1 SEE ALSO
 
-L<rand(3)|rand(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
+L<openssl_rand(3)|openssl_rand(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
 L<RAND_add(3)|RAND_add(3)>
 
 =head1 HISTORY
diff -Naur openssl-0.9.7m/doc/crypto/RAND_cleanup.pod openssl-0.9.7m-man-fixed/doc/crypto/RAND_cleanup.pod
--- openssl-0.9.7m/doc/crypto/RAND_cleanup.pod	2000-01-27 02:25:06.000000000 +0100
+++ openssl-0.9.7m-man-fixed/doc/crypto/RAND_cleanup.pod	2007-03-22 22:24:37.000000000 +0100
@@ -20,7 +20,7 @@
 
 =head1 SEE ALSO
 
-L<rand(3)|rand(3)>
+L<openssl_rand(3)|openssl_rand(3)>
 
 =head1 HISTORY
 
diff -Naur openssl-0.9.7m/doc/crypto/RAND_egd.pod openssl-0.9.7m-man-fixed/doc/crypto/RAND_egd.pod
--- openssl-0.9.7m/doc/crypto/RAND_egd.pod	2007-01-12 19:48:00.000000000 +0100
+++ openssl-0.9.7m-man-fixed/doc/crypto/RAND_egd.pod	2007-03-22 22:24:37.000000000 +0100
@@ -69,7 +69,7 @@
 
 =head1 SEE ALSO
 
-L<rand(3)|rand(3)>, L<RAND_add(3)|RAND_add(3)>,
+L<openssl_rand(3)|openssl_rand(3)>, L<RAND_add(3)|RAND_add(3)>,
 L<RAND_cleanup(3)|RAND_cleanup(3)>
 
 =head1 HISTORY
diff -Naur openssl-0.9.7m/doc/crypto/RAND_load_file.pod openssl-0.9.7m-man-fixed/doc/crypto/RAND_load_file.pod
--- openssl-0.9.7m/doc/crypto/RAND_load_file.pod	2001-03-21 16:25:56.000000000 +0100
+++ openssl-0.9.7m-man-fixed/doc/crypto/RAND_load_file.pod	2007-03-22 22:24:37.000000000 +0100
@@ -43,7 +43,7 @@
 
 =head1 SEE ALSO
 
-L<rand(3)|rand(3)>, L<RAND_add(3)|RAND_add(3)>, L<RAND_cleanup(3)|RAND_cleanup(3)>
+L<openssl_rand(3)|openssl_rand(3)>, L<RAND_add(3)|RAND_add(3)>, L<RAND_cleanup(3)|RAND_cleanup(3)>
 
 =head1 HISTORY
 
diff -Naur openssl-0.9.7m/doc/crypto/rand.pod openssl-0.9.7m-man-fixed/doc/crypto/rand.pod
--- openssl-0.9.7m/doc/crypto/rand.pod	2002-08-05 18:28:59.000000000 +0200
+++ openssl-0.9.7m-man-fixed/doc/crypto/rand.pod	1970-01-01 01:00:00.000000000 +0100
@@ -1,175 +0,0 @@
-=pod
-
-=head1 NAME
-
-rand - pseudo-random number generator
-
-=head1 SYNOPSIS
-
- #include <openssl/rand.h>
-
- int  RAND_set_rand_engine(ENGINE *engine);
-
- int  RAND_bytes(unsigned char *buf, int num);
- int  RAND_pseudo_bytes(unsigned char *buf, int num);
-
- void RAND_seed(const void *buf, int num);
- void RAND_add(const void *buf, int num, int entropy);
- int  RAND_status(void);
-
- int  RAND_load_file(const char *file, long max_bytes);
- int  RAND_write_file(const char *file);
- const char *RAND_file_name(char *file, size_t num);
-
- int  RAND_egd(const char *path);
-
- void RAND_set_rand_method(const RAND_METHOD *meth);
- const RAND_METHOD *RAND_get_rand_method(void);
- RAND_METHOD *RAND_SSLeay(void);
-
- void RAND_cleanup(void);
-
- /* For Win32 only */
- void RAND_screen(void);
- int RAND_event(UINT, WPARAM, LPARAM);
-
-=head1 DESCRIPTION
-
-Since the introduction of the ENGINE API, the recommended way of controlling
-default implementations is by using the ENGINE API functions. The default
-B<RAND_METHOD>, as set by RAND_set_rand_method() and returned by
-RAND_get_rand_method(), is only used if no ENGINE has been set as the default
-"rand" implementation. Hence, these two functions are no longer the recommened
-way to control defaults.
-
-If an alternative B<RAND_METHOD> implementation is being used (either set
-directly or as provided by an ENGINE module), then it is entirely responsible
-for the generation and management of a cryptographically secure PRNG stream. The
-mechanisms described below relate solely to the software PRNG implementation
-built in to OpenSSL and used by default.
-
-These functions implement a cryptographically secure pseudo-random
-number generator (PRNG). It is used by other library functions for
-example to generate random keys, and applications can use it when they
-need randomness.
-
-A cryptographic PRNG must be seeded with unpredictable data such as
-mouse movements or keys pressed at random by the user. This is
-described in L<RAND_add(3)|RAND_add(3)>. Its state can be saved in a seed file
-(see L<RAND_load_file(3)|RAND_load_file(3)>) to avoid having to go through the
-seeding process whenever the application is started.
-
-L<RAND_bytes(3)|RAND_bytes(3)> describes how to obtain random data from the
-PRNG. 
-
-=head1 INTERNALS
-
-The RAND_SSLeay() method implements a PRNG based on a cryptographic
-hash function.
-
-The following description of its design is based on the SSLeay
-documentation:
-
-First up I will state the things I believe I need for a good RNG.
-
-=over 4
-
-=item 1
-
-A good hashing algorithm to mix things up and to convert the RNG 'state'
-to random numbers.
-
-=item 2
-
-An initial source of random 'state'.
-
-=item 3
-
-The state should be very large.  If the RNG is being used to generate
-4096 bit RSA keys, 2 2048 bit random strings are required (at a minimum).
-If your RNG state only has 128 bits, you are obviously limiting the
-search space to 128 bits, not 2048.  I'm probably getting a little
-carried away on this last point but it does indicate that it may not be
-a bad idea to keep quite a lot of RNG state.  It should be easier to
-break a cipher than guess the RNG seed data.
-
-=item 4
-
-Any RNG seed data should influence all subsequent random numbers
-generated.  This implies that any random seed data entered will have
-an influence on all subsequent random numbers generated.
-
-=item 5
-
-When using data to seed the RNG state, the data used should not be
-extractable from the RNG state.  I believe this should be a
-requirement because one possible source of 'secret' semi random
-data would be a private key or a password.  This data must
-not be disclosed by either subsequent random numbers or a
-'core' dump left by a program crash.
-
-=item 6
-
-Given the same initial 'state', 2 systems should deviate in their RNG state
-(and hence the random numbers generated) over time if at all possible.
-
-=item 7
-
-Given the random number output stream, it should not be possible to determine
-the RNG state or the next random number.
-
-=back
-
-The algorithm is as follows.
-
-There is global state made up of a 1023 byte buffer (the 'state'), a
-working hash value ('md'), and a counter ('count').
-
-Whenever seed data is added, it is inserted into the 'state' as
-follows.
-
-The input is chopped up into units of 20 bytes (or less for
-the last block).  Each of these blocks is run through the hash
-function as follows:  The data passed to the hash function
-is the current 'md', the same number of bytes from the 'state'
-(the location determined by in incremented looping index) as
-the current 'block', the new key data 'block', and 'count'
-(which is incremented after each use).
-The result of this is kept in 'md' and also xored into the
-'state' at the same locations that were used as input into the
-hash function. I
-believe this system addresses points 1 (hash function; currently
-SHA-1), 3 (the 'state'), 4 (via the 'md'), 5 (by the use of a hash
-function and xor).
-
-When bytes are extracted from the RNG, the following process is used.
-For each group of 10 bytes (or less), we do the following:
-
-Input into the hash function the local 'md' (which is initialized from
-the global 'md' before any bytes are generated), the bytes that are to
-be overwritten by the random bytes, and bytes from the 'state'
-(incrementing looping index). From this digest output (which is kept
-in 'md'), the top (up to) 10 bytes are returned to the caller and the
-bottom 10 bytes are xored into the 'state'.
-
-Finally, after we have finished 'num' random bytes for the caller,
-'count' (which is incremented) and the local and global 'md' are fed
-into the hash function and the results are kept in the global 'md'.
-
-I believe the above addressed points 1 (use of SHA-1), 6 (by hashing
-into the 'state' the 'old' data from the caller that is about to be
-overwritten) and 7 (by not using the 10 bytes given to the caller to
-update the 'state', but they are used to update 'md').
-
-So of the points raised, only 2 is not addressed (but see
-L<RAND_add(3)|RAND_add(3)>).
-
-=head1 SEE ALSO
-
-L<BN_rand(3)|BN_rand(3)>, L<RAND_add(3)|RAND_add(3)>,
-L<RAND_load_file(3)|RAND_load_file(3)>, L<RAND_egd(3)|RAND_egd(3)>,
-L<RAND_bytes(3)|RAND_bytes(3)>,
-L<RAND_set_rand_method(3)|RAND_set_rand_method(3)>,
-L<RAND_cleanup(3)|RAND_cleanup(3)> 
-
-=cut
diff -Naur openssl-0.9.7m/doc/crypto/RAND_set_rand_method.pod openssl-0.9.7m-man-fixed/doc/crypto/RAND_set_rand_method.pod
--- openssl-0.9.7m/doc/crypto/RAND_set_rand_method.pod	2002-08-05 18:28:58.000000000 +0200
+++ openssl-0.9.7m-man-fixed/doc/crypto/RAND_set_rand_method.pod	2007-03-22 22:24:37.000000000 +0100
@@ -67,7 +67,7 @@
 
 =head1 SEE ALSO
 
-L<rand(3)|rand(3)>, L<engine(3)|engine(3)>
+L<openssl_rand(3)|openssl_rand(3)>, L<engine(3)|engine(3)>
 
 =head1 HISTORY
 
diff -Naur openssl-0.9.7m/doc/crypto/RSA_blinding_on.pod openssl-0.9.7m-man-fixed/doc/crypto/RSA_blinding_on.pod
--- openssl-0.9.7m/doc/crypto/RSA_blinding_on.pod	2000-02-24 12:55:10.000000000 +0100
+++ openssl-0.9.7m-man-fixed/doc/crypto/RSA_blinding_on.pod	2007-03-22 22:24:37.000000000 +0100
@@ -34,7 +34,7 @@
 
 =head1 SEE ALSO
 
-L<rsa(3)|rsa(3)>, L<rand(3)|rand(3)>
+L<rsa(3)|rsa(3)>, L<openssl_rand(3)|openssl_rand(3)>
 
 =head1 HISTORY
 
diff -Naur openssl-0.9.7m/doc/crypto/RSA_generate_key.pod openssl-0.9.7m-man-fixed/doc/crypto/RSA_generate_key.pod
--- openssl-0.9.7m/doc/crypto/RSA_generate_key.pod	2002-09-25 15:34:36.000000000 +0200
+++ openssl-0.9.7m-man-fixed/doc/crypto/RSA_generate_key.pod	2007-03-22 22:24:37.000000000 +0100
@@ -59,7 +59,7 @@
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>,
+L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>, L<rsa(3)|rsa(3)>,
 L<RSA_free(3)|RSA_free(3)>
 
 =head1 HISTORY
diff -Naur openssl-0.9.7m/doc/crypto/rsa.pod openssl-0.9.7m-man-fixed/doc/crypto/rsa.pod
--- openssl-0.9.7m/doc/crypto/rsa.pod	2002-08-04 23:10:05.000000000 +0200
+++ openssl-0.9.7m-man-fixed/doc/crypto/rsa.pod	2007-03-22 22:24:37.000000000 +0100
@@ -108,7 +108,7 @@
 =head1 SEE ALSO
 
 L<rsa(1)|rsa(1)>, L<bn(3)|bn(3)>, L<dsa(3)|dsa(3)>, L<dh(3)|dh(3)>,
-L<rand(3)|rand(3)>, L<engine(3)|engine(3)>, L<RSA_new(3)|RSA_new(3)>,
+L<openssl_rand(3)|openssl_rand(3)>, L<engine(3)|engine(3)>, L<RSA_new(3)|RSA_new(3)>,
 L<RSA_public_encrypt(3)|RSA_public_encrypt(3)>,
 L<RSA_sign(3)|RSA_sign(3)>, L<RSA_size(3)|RSA_size(3)>,
 L<RSA_generate_key(3)|RSA_generate_key(3)>,
diff -Naur openssl-0.9.7m/doc/crypto/RSA_public_encrypt.pod openssl-0.9.7m-man-fixed/doc/crypto/RSA_public_encrypt.pod
--- openssl-0.9.7m/doc/crypto/RSA_public_encrypt.pod	2004-03-23 22:01:42.000000000 +0100
+++ openssl-0.9.7m-man-fixed/doc/crypto/RSA_public_encrypt.pod	2007-03-22 22:24:37.000000000 +0100
@@ -73,7 +73,7 @@
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>,
+L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>, L<rsa(3)|rsa(3)>,
 L<RSA_size(3)|RSA_size(3)>
 
 =head1 HISTORY
diff -Naur openssl-0.9.7m/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod openssl-0.9.7m-man-fixed/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod
--- openssl-0.9.7m/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod	2002-09-25 15:34:37.000000000 +0200
+++ openssl-0.9.7m-man-fixed/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod	2007-03-22 22:24:37.000000000 +0100
@@ -48,7 +48,7 @@
 =head1 SEE ALSO
 
 L<ERR_get_error(3)|ERR_get_error(3)>, L<objects(3)|objects(3)>,
-L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<RSA_sign(3)|RSA_sign(3)>,
+L<openssl_rand(3)|openssl_rand(3)>, L<rsa(3)|rsa(3)>, L<RSA_sign(3)|RSA_sign(3)>,
 L<RSA_verify(3)|RSA_verify(3)>
 
 =head1 HISTORY
diff -Naur openssl-0.9.7m/doc/crypto/threads.pod openssl-0.9.7m-man-fixed/doc/crypto/threads.pod
--- openssl-0.9.7m/doc/crypto/threads.pod	2005-06-18 07:52:20.000000000 +0200
+++ openssl-0.9.7m-man-fixed/doc/crypto/threads.pod	1970-01-01 01:00:00.000000000 +0100
@@ -1,175 +0,0 @@
-=pod
-
-=head1 NAME
-
-CRYPTO_set_locking_callback, CRYPTO_set_id_callback, CRYPTO_num_locks,
-CRYPTO_set_dynlock_create_callback, CRYPTO_set_dynlock_lock_callback,
-CRYPTO_set_dynlock_destroy_callback, CRYPTO_get_new_dynlockid,
-CRYPTO_destroy_dynlockid, CRYPTO_lock - OpenSSL thread support
-
-=head1 SYNOPSIS
-
- #include <openssl/crypto.h>
-
- void CRYPTO_set_locking_callback(void (*locking_function)(int mode,
-        int n, const char *file, int line));
-
- void CRYPTO_set_id_callback(unsigned long (*id_function)(void));
-
- int CRYPTO_num_locks(void);
-
-
- /* struct CRYPTO_dynlock_value needs to be defined by the user */
- struct CRYPTO_dynlock_value;
-
- void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *
-	(*dyn_create_function)(char *file, int line));
- void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function)
-	(int mode, struct CRYPTO_dynlock_value *l,
-	const char *file, int line));
- void CRYPTO_set_dynlock_destroy_callback(void (*dyn_destroy_function)
-	(struct CRYPTO_dynlock_value *l, const char *file, int line));
-
- int CRYPTO_get_new_dynlockid(void);
-
- void CRYPTO_destroy_dynlockid(int i);
-
- void CRYPTO_lock(int mode, int n, const char *file, int line);
-
- #define CRYPTO_w_lock(type)	\
-	CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
- #define CRYPTO_w_unlock(type)	\
-	CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
- #define CRYPTO_r_lock(type)	\
-	CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__)
- #define CRYPTO_r_unlock(type)	\
-	CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__)
- #define CRYPTO_add(addr,amount,type)	\
-	CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__)
-
-=head1 DESCRIPTION
-
-OpenSSL can safely be used in multi-threaded applications provided
-that at least two callback functions are set.
-
-locking_function(int mode, int n, const char *file, int line) is
-needed to perform locking on shared data structures. 
-(Note that OpenSSL uses a number of global data structures that
-will be implicitly shared whenever multiple threads use OpenSSL.)
-Multi-threaded applications will crash at random if it is not set.
-
-locking_function() must be able to handle up to CRYPTO_num_locks()
-different mutex locks. It sets the B<n>-th lock if B<mode> &
-B<CRYPTO_LOCK>, and releases it otherwise.
-
-B<file> and B<line> are the file number of the function setting the
-lock. They can be useful for debugging.
-
-id_function(void) is a function that returns a thread ID, for example
-pthread_self() if it returns an integer (see NOTES below).  It isn't
-needed on Windows nor on platforms where getpid() returns a different
-ID for each thread (see NOTES below).
-
-Additionally, OpenSSL supports dynamic locks, and sometimes, some parts
-of OpenSSL need it for better performance.  To enable this, the following
-is required:
-
-=over 4
-
-=item *
-Three additional callback function, dyn_create_function, dyn_lock_function
-and dyn_destroy_function.
-
-=item *
-A structure defined with the data that each lock needs to handle.
-
-=back
-
-struct CRYPTO_dynlock_value has to be defined to contain whatever structure
-is needed to handle locks.
-
-dyn_create_function(const char *file, int line) is needed to create a
-lock.  Multi-threaded applications might crash at random if it is not set.
-
-dyn_lock_function(int mode, CRYPTO_dynlock *l, const char *file, int line)
-is needed to perform locking off dynamic lock numbered n. Multi-threaded
-applications might crash at random if it is not set.
-
-dyn_destroy_function(CRYPTO_dynlock *l, const char *file, int line) is
-needed to destroy the lock l. Multi-threaded applications might crash at
-random if it is not set.
-
-CRYPTO_get_new_dynlockid() is used to create locks.  It will call
-dyn_create_function for the actual creation.
-
-CRYPTO_destroy_dynlockid() is used to destroy locks.  It will call
-dyn_destroy_function for the actual destruction.
-
-CRYPTO_lock() is used to lock and unlock the locks.  mode is a bitfield
-describing what should be done with the lock.  n is the number of the
-lock as returned from CRYPTO_get_new_dynlockid().  mode can be combined
-from the following values.  These values are pairwise exclusive, with
-undefined behaviour if misused (for example, CRYPTO_READ and CRYPTO_WRITE
-should not be used together):
-
-	CRYPTO_LOCK	0x01
-	CRYPTO_UNLOCK	0x02
-	CRYPTO_READ	0x04
-	CRYPTO_WRITE	0x08
-
-=head1 RETURN VALUES
-
-CRYPTO_num_locks() returns the required number of locks.
-
-CRYPTO_get_new_dynlockid() returns the index to the newly created lock.
-
-The other functions return no values.
-
-=head1 NOTES
-
-You can find out if OpenSSL was configured with thread support:
-
- #define OPENSSL_THREAD_DEFINES
- #include <openssl/opensslconf.h>
- #if defined(OPENSSL_THREADS)
-   // thread support enabled
- #else
-   // no thread support
- #endif
-
-Also, dynamic locks are currently not used internally by OpenSSL, but
-may do so in the future.
-
-Defining id_function(void) has it's own issues.  Generally speaking,
-pthread_self() should be used, even on platforms where getpid() gives
-different answers in each thread, since that may depend on the machine
-the program is run on, not the machine where the program is being
-compiled.  For instance, Red Hat 8 Linux and earlier used
-LinuxThreads, whose getpid() returns a different value for each
-thread.  Red Hat 9 Linux and later use NPTL, which is
-Posix-conformant, and has a getpid() that returns the same value for
-all threads in a process.  A program compiled on Red Hat 8 and run on
-Red Hat 9 will therefore see getpid() returning the same value for
-all threads.
-
-There is still the issue of platforms where pthread_self() returns
-something other than an integer.  This is a bit unusual, and this
-manual has no cookbook solution for that case.
-
-=head1 EXAMPLES
-
-B<crypto/threads/mttest.c> shows examples of the callback functions on
-Solaris, Irix and Win32.
-
-=head1 HISTORY
-
-CRYPTO_set_locking_callback() and CRYPTO_set_id_callback() are
-available in all versions of SSLeay and OpenSSL.
-CRYPTO_num_locks() was added in OpenSSL 0.9.4.
-All functions dealing with dynamic locks were added in OpenSSL 0.9.5b-dev.
-
-=head1 SEE ALSO
-
-L<crypto(3)|crypto(3)>
-
-=cut
diff -Naur openssl-0.9.7m/doc/crypto/X509_NAME_ENTRY_get_object.pod openssl-0.9.7m-man-fixed/doc/crypto/X509_NAME_ENTRY_get_object.pod
--- openssl-0.9.7m/doc/crypto/X509_NAME_ENTRY_get_object.pod	2005-03-30 11:47:11.000000000 +0200
+++ openssl-0.9.7m-man-fixed/doc/crypto/X509_NAME_ENTRY_get_object.pod	2007-03-22 22:24:37.000000000 +0100
@@ -63,7 +63,7 @@
 =head1 SEE ALSO
 
 L<ERR_get_error(3)|ERR_get_error(3)>, L<d2i_X509_NAME(3)|d2i_X509_NAME(3)>,
-L<OBJ_nid2obj(3),OBJ_nid2obj(3)>
+L<OBJ_nid2obj(3)|OBJ_nid2obj(3)>
 
 =head1 HISTORY
 
diff -Naur openssl-0.9.7m/doc/ssl/SSL_get_error.pod openssl-0.9.7m-man-fixed/doc/ssl/SSL_get_error.pod
--- openssl-0.9.7m/doc/ssl/SSL_get_error.pod	2005-03-30 11:47:12.000000000 +0200
+++ openssl-0.9.7m-man-fixed/doc/ssl/SSL_get_error.pod	2007-03-22 22:24:37.000000000 +0100
@@ -105,7 +105,7 @@
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<err(3)|err(3)>
+L<ssl(3)|ssl(3)>, L<openssl_err(3)|openssl_err(3)>
 
 =head1 HISTORY
 
diff -Naur openssl-0.9.7m/doc/ssl/SSL_want.pod openssl-0.9.7m-man-fixed/doc/ssl/SSL_want.pod
--- openssl-0.9.7m/doc/ssl/SSL_want.pod	2005-03-30 11:47:12.000000000 +0200
+++ openssl-0.9.7m-man-fixed/doc/ssl/SSL_want.pod	2007-03-22 22:24:37.000000000 +0100
@@ -72,6 +72,6 @@
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<err(3)|err(3)>, L<SSL_get_error(3)|SSL_get_error(3)>
+L<ssl(3)|ssl(3)>, L<openssl_err(3)|openssl_err(3)>, L<SSL_get_error(3)|SSL_get_error(3)>
 
 =cut
diff -Naur openssl-0.9.7m/FAQ openssl-0.9.7m-man-fixed/FAQ
--- openssl-0.9.7m/FAQ	2007-02-23 13:07:19.000000000 +0100
+++ openssl-0.9.7m-man-fixed/FAQ	2007-03-22 22:25:48.000000000 +0100
@@ -609,7 +609,7 @@
 
 Multi-threaded applications must provide two callback functions to
 OpenSSL by calling CRYPTO_set_locking_callback() and
-CRYPTO_set_id_callback().  This is described in the threads(3)
+CRYPTO_set_id_callback().  This is described in the openssl_threads(3)
 manpage.
 
 * I've compiled a program under Windows and it crashes: why?