Backwards-compatibility subject to OPENSSL_API_COMPAT

 Changes between 1.0.2e and 1.1.0  [xx XXX xxxx]

  *) Revert default OPENSSL_NO_DEPRECATED setting.  Instead OpenSSL

     continues to support deprecated interfaces in default builds.

     However, applications are strongly advised to compile their

     source files with -DOPENSSL_API_COMPAT=0x10100000L, which hides

     the declarations of all interfaces deprecated in 0.9.8, 1.0.0

     or the 1.1.0 releases.

     In environments in which all applications have been ported to

     not use any deprecated interfaces OpenSSL's Configure script

     should be used with the --api=1.1.0 option to entirely remove

     support for the deprecated features from the library and

     unconditionally disable them in the installed headers.

     Essentially the same effect can be achieved with the "no-deprecated"

     argument to Configure, except that this will always restrict

     the build to just the latest API, rather than a fixed API

     version.

     As applications are ported to future revisions of the API,

     they should update their compile-time OPENSSL_API_COMPAT define

     accordingly, but in most cases should be able to continue to

     compile with later releases.

     The OPENSSL_API_COMPAT versions for 1.0.0, and 0.9.8 are

     0x10000000L and 0x00908000L, respectively.  However those

     versions did not support the OPENSSL_API_COMPAT feature, and

     so applications are not typically tested for explicit support

     of just the undeprecated features of either release.

     [Viktor Dukhovni]

  *) Add support for setting the minimum and maximum supported protocol.

     It can bet set via the SSL_set_min_proto_version() and

     SSL_set_max_proto_version(), or via the SSL_CONF's MinProtocol and

#

# --cross-compile-prefix Add specified prefix to binutils components.

#

# --api         One of 0.9.8, 1.0.0 or 1.1.0.  Do not compile support for

#               interfaces deprecated as of the specified OpenSSL version.

#

# no-hw-xxx     do not compile support for specific crypto hardware.

#               Generic OpenSSL-style methods relating to this support

#               are always compiled but return NULL if the hardware

# seems to be sufficient?

my $BSDthreads="-pthread -D_THREAD_SAFE -D_REENTRANT";

#

# API compability name to version number mapping.

#

my $maxapi = "1.1.0";           # API for "no-deprecated" builds

my $apitable = {

    "1.1.0" => "0x10100000L",

    "1.0.0" => "0x10000000L",

    "0.9.8" => "0x00908000L",

};

# table of known configurations, read in from files

#

# The content of each entry can take one of two forms:

# All of the following is disabled by default (RC5 was enabled before 0.9.8):

my %disabled = ( # "what"         => "comment" [or special keyword "experimental"]

		 "deprecated" => "default",

		 "ec_nistp_64_gcc_128" => "default",

		 "jpake"          => "experimental",

		 "md2"            => "default",

my $libs;

my $target;

my $options;

my $api;

my $make_depend=0;

my %withargs=();

my $build_prefix = "release_";

				{

				$prefix=$1;

				}

			elsif (/^--api=(.*)$/)

				{

				$api=$1;

				}

			elsif (/^--libdir=(.*)$/)

				{

				$libdir=$1;

			}

		}

        if (defined($api) && !exists $apitable->{$api}) {

		die "***** Unsupported api compatibility level: $api\n",

        }

	if (keys %unsupported_options)

		{

		die "***** Unsupported options: ",

		}

	}

#Build the library with OPENSSL_USE_DEPRECATED if deprecation is not disabled

if(!defined($disabled{"deprecated"}))

	{

	$cflags = "-DOPENSSL_USE_DEPRECATED $cflags";

# With "deprecated" disable all deprecated features.

if (defined($disabled{"deprecated"})) {

        $api = $maxapi;

}

# You will find shlib_mark1 and shlib_mark2 explained in Makefile.org

while (<IN>)

	{

	$version=$1 if /OPENSSL.VERSION.TEXT.*OpenSSL (\S+) /;

	$version_num=$1 if /OPENSSL.VERSION.NUMBER.*0x(\S+)/;

	$version_num=$1 if /OPENSSL.VERSION.NUMBER.*(0x\S+)/;

	$shlib_version_number=$1 if /SHLIB_VERSION_NUMBER *"([^"]+)"/;

	$shlib_version_history=$1 if /SHLIB_VERSION_HISTORY *"([^"]*)"/;

	}

	$shlib_minor=$2;

	}

if (defined($api)) {

    my $apiflag = sprintf("-DOPENSSL_API_COMPAT=%s", $apitable->{$api});

    $default_depflags .= " $apiflag";

    $cflags .= " $apiflag";

}

my $ecc = $cc;

$ecc = "clang" if `$cc --version 2>&1` =~ /clang/;

print OUT "extern \"C\" {\n";

print OUT "#endif\n";

print OUT "/* OpenSSL was configured with the following options: */\n";

my $openssl_api_defines = "";

if (defined($api)) {

    $openssl_api_defines = sprintf "#define OPENSSL_MIN_API %s\n", $apitable->{$api};

}

my $openssl_algorithm_defines_trans = $openssl_algorithm_defines;

$openssl_experimental_defines =~ s/^\s*#\s*define\s+OPENSSL_NO_(.*)/#ifndef OPENSSL_EXPERIMENTAL_$1\n# ifndef OPENSSL_NO_$1\n#  define OPENSSL_NO_$1\n# endif\n#endif/mg;

$openssl_algorithm_defines_trans =~ s/^\s*#\s*define\s+OPENSSL_(.*)/# if defined(OPENSSL_$1) \&\& !defined($1)\n#  define $1\n# endif/mg;

$openssl_thread_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg;

$openssl_sys_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg;

$openssl_other_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg;

print OUT $openssl_sys_defines;

print OUT "#ifndef OPENSSL_DOING_MAKEDEPEND\n\n";

print OUT $openssl_experimental_defines;

print OUT $openssl_api_defines;

print OUT "\n";

print OUT $openssl_algorithm_defines;

print OUT "\n#endif /* OPENSSL_DOING_MAKEDEPEND */\n\n";

# create the ms/version32.rc file if needed

if ($IsMK1MF && ($target !~ /^netware/)) {

	my ($v1, $v2, $v3, $v4);

	if ($version_num =~ /(^[0-9a-f]{1})([0-9a-f]{2})([0-9a-f]{2})([0-9a-f]{2})/i) {

	if ($version_num =~ /^0x([0-9a-f]{1})([0-9a-f]{2})([0-9a-f]{2})([0-9a-f]{2})L$/i) {

		$v1=hex $1;

		$v2=hex $2;

		$v3=hex $3;

      o EC revision: now operations use new EC_KEY_METHOD.

      o Support for OCB mode added to libcrypto

      o Support for asynchronous crypto operations added to libcrypto and libssl

      o Deprecated interfaces can now be disabled at build time either

        relative to the latest relate via the "no-deprecated" Configure

        argument, or via the "--api=1.1.0|1.0.0|0.9.8" option.

      o Application software can be compiled with -DOPENSSL_API_COMPAT=version

        to ensure that features deprecated before that version are not exposed.

  Major changes between OpenSSL 1.0.2d and OpenSSL 1.0.2e [3 Dec 2015]

 * [including the GNU Public Licence.]

 */

#include <openssl/opensslconf.h>

#include "internal/cryptlib.h"

#include "bn_lcl.h"

    BIGNUM *Ai;

    BIGNUM *e;

    BIGNUM *mod;                /* just a reference */

#ifndef OPENSSL_NO_DEPRECATED

#if OPENSSL_API_COMPAT < 0x10000000L

    unsigned long thread_id;    /* added in OpenSSL 0.9.6j and 0.9.7b; used

                                 * only by crypto/rsa/rsa_eay.c, rsa_lib.c */

#endif

    return (ret);

}

#ifndef OPENSSL_NO_DEPRECATED

#if OPENSSL_API_COMPAT < 0x10000000L

unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *b)

{

    return b->thread_id;

#include <time.h>

#include "internal/cryptlib.h"

#include "bn_lcl.h"

#include <openssl/opensslconf.h>

#include <openssl/rand.h>

static void *dummy = &dummy;

#ifndef OPENSSL_NO_DEPRECATED

#if OPENSSL_API_COMPAT < 0x00908000L

BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe,

                          const BIGNUM *add, const BIGNUM *rem,

                          void (*callback) (int, int, void *), void *cb_arg)