crypto/compat/timingsafe_bcmp.c \
	crypto/compat/recallocarray.c \
	crypto/compat/arc4random_uniform.c \
	crypto/compat/bsd-asprintf.c \
	crypto/compat/explicit_bzero.c \
	crypto/compat/freezero.c \
	crypto/compat/timegm.c \
	crypto/compat/getprogname_linux.c \
	crypto/err/err_all.c \
	crypto/err/err.c \
	crypto/err/err_prn.c \
	crypto/rand/rand_err.c \
	crypto/rand/rand_lib.c \
	crypto/rand/randfile.c \
	crypto/sha/sha1dgst.c \

The portable bits of the project are largely maintained out-of-tree, and their
history is also available from Git.

	https://github.com/libressl-portable/portable

LibreSSL Portable Release Notes:

2.9.2 - Bug fixes

	* Fixed portable builds with older versions of MacOS,
	  Android targets < API 21, and Solaris 10

	* Fixed SRTP profile advertisement for DTLS servers.

2.9.1 - Stable release

	* Added support for XChaCha20 and XChaCha20-Poly1305.

	* Added support for AES key wrap constructions via the EVP interface.

	* Partial port of the OpenSSL EC_KEY_METHOD API for use by OpenSSH.

2.9.2

check_function_exists(strtonum HAVE_STRTONUM)
if(HAVE_STRTONUM)
	add_definitions(-DHAVE_STRTONUM)
else()
	set(OPENSSL_SRC ${OPENSSL_SRC} compat/strtonum.c)
endif()

if(CMAKE_SYSTEM_NAME MATCHES "Darwin")
        check_function_exists(clock_gettime HAVE_CLOCK_GETTIME)
        if(NOT HAVE_CLOCK_GETTIME)
                set(OPENSSL_SRC ${OPENSSL_SRC} compat/clock_gettime_osx.c)
        endif()
endif()

add_executable(openssl ${OPENSSL_SRC})
target_include_directories(openssl PRIVATE . ../../include/compat)
target_link_libraries(openssl ${OPENSSL_LIBS})

if(ENABLE_LIBRESSL_INSTALL)
	install(TARGETS openssl DESTINATION ${CMAKE_INSTALL_BINDIR})

#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
# Generated by GNU Autoconf 2.69 for libressl 2.9.2.
#
#
# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc.
#
#
# This configure script is free software; the Free Software Foundation
# gives unlimited permission to copy, distribute and modify it.

subdirs=
MFLAGS=
MAKEFLAGS=

# Identity of this package.
PACKAGE_NAME='libressl'
PACKAGE_TARNAME='libressl'
PACKAGE_VERSION='2.9.2'
PACKAGE_STRING='libressl 2.9.2'
PACKAGE_BUGREPORT=''
PACKAGE_URL=''

# Factoring default headers for most tests.
ac_includes_default="\
#include <stdio.h>
#ifdef HAVE_SYS_TYPES_H

#
# Report the --help message.
#
if test "$ac_init_help" = "long"; then
  # Omit some internal or obsolete options to make the list less imposing.
  # This message is too long to be a string in the A/UX 3.1 sh.
  cat <<_ACEOF
\`configure' configures libressl 2.9.2 to adapt to many kinds of systems.

Usage: $0 [OPTION]... [VAR=VALUE]...

To assign environment variables (e.g., CC, CFLAGS...), specify them as
VAR=VALUE.  See below for descriptions of some of the useful variables.

Defaults for the options are specified in brackets.

  --build=BUILD     configure for building on BUILD [guessed]
  --host=HOST       cross-compile to build programs to run on HOST [BUILD]
_ACEOF
fi

if test -n "$ac_init_help"; then
  case $ac_init_help in
     short | recursive ) echo "Configuration of libressl 2.9.2:";;
   esac
  cat <<\_ACEOF

Optional Features:
  --disable-option-checking  ignore unrecognized --enable/--with options
  --disable-FEATURE       do not include FEATURE (same as --enable-FEATURE=no)
  --enable-FEATURE[=ARG]  include FEATURE [ARG=yes]

    cd "$ac_pwd" || { ac_status=$?; break; }
  done
fi

test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
  cat <<\_ACEOF
libressl configure 2.9.2
generated by GNU Autoconf 2.69

Copyright (C) 2012 Free Software Foundation, Inc.
This configure script is free software; the Free Software Foundation
gives unlimited permission to copy, distribute and modify it.
_ACEOF
  exit

  as_fn_set_status $ac_retval

} # ac_fn_c_compute_int
cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.

It was created by libressl $as_me 2.9.2, which was
generated by GNU Autoconf 2.69.  Invocation command line was

  $ $0 $@

_ACEOF
exec 5>>config.log
{

    CYGPATH_W=echo
  fi
fi


# Define the identity of the package.
 PACKAGE='libressl'
 VERSION='2.9.2'


cat >>confdefs.h <<_ACEOF
#define PACKAGE "$PACKAGE"
_ACEOF

		PLATFORM_LDADD='-lws2_32'

		;;
	*solaris*)
		HOST_OS=solaris
		HOST_ABI=elf
		CPPFLAGS="$CPPFLAGS -D__EXTENSIONS__ -D_XOPEN_SOURCE=600 -DBSD_COMP"
		PLATFORM_LDADD='-ldl -lnsl -lsocket'

		;;
	*) ;;
esac

# Check whether --enable-nc was given.
if test "${enable_nc+set}" = set; then :

test $as_write_fail = 0 && chmod +x $CONFIG_STATUS || ac_write_fail=1

cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
# Save the log message, to keep $0 and so on meaningful, and to
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
This file was extended by libressl $as_me 2.9.2, which was
generated by GNU Autoconf 2.69.  Invocation command line was

  CONFIG_FILES    = $CONFIG_FILES
  CONFIG_HEADERS  = $CONFIG_HEADERS
  CONFIG_LINKS    = $CONFIG_LINKS
  CONFIG_COMMANDS = $CONFIG_COMMANDS
  $ $0 $@

Report bugs to the package provider."

_ACEOF
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
libressl config.status 2.9.2
configured by $0, generated by GNU Autoconf 2.69,
  with options \\"\$ac_cs_config\\"

Copyright (C) 2012 Free Software Foundation, Inc.
This config.status script is free software; the Free Software Foundation
gives unlimited permission to copy, distribute and modify it."

#include <stdlib.h>

#include <errno.h>

const char *
getprogname(void)
{
	/*
	 * Android added getprogname with API 21 [0]. We should not end up here
	 * with APIs bigger than 21. Still write a precise check.
	 *
	 * Since Android is using portions of OpenBSD libc, it should have
	 * a symbol called __progname [1].
	 *
	 * Regarding program_invocation_short_name, it is a GNU libc ext [2] and
	 * so make it conditional to __GLIBC__ [3].
	 *
	 * .. [0] https://github.com/aosp-mirror/platform_bionic/blob/1eb6d3/libc/include/stdlib.h#L160
	 *
	 * .. [1] https://github.com/aosp-mirror/platform_bionic/commit/692207
	 *
	 * .. [2] https://linux.die.net/man/3/program_invocation_short_name
	 *
	 * .. [3] https://android.googlesource.com/platform/system/core/+/2819c0/base/logging.cpp#65
	 */
#if defined(__ANDROID_API__) && __ANDROID_API__ < 21
	extern const char *__progname;
	return __progname;
#elif defined(__GLIBC__)
	return program_invocation_short_name;
#else
#error "Cannot emulate getprogname"
#endif
}

/* $OpenBSD: opensslv.h,v 1.51.2.1 2019/05/13 12:05:04 bcook Exp $ */
#ifndef HEADER_OPENSSLV_H
#define HEADER_OPENSSLV_H

/* These will change with each release of LibreSSL-portable */
#define LIBRESSL_VERSION_NUMBER 0x2090200fL
/*                                    ^ Patch starts here   */
#define LIBRESSL_VERSION_TEXT   "LibreSSL 2.9.2"

/* These will never change */
#define OPENSSL_VERSION_NUMBER	0x20000000L
#define OPENSSL_VERSION_TEXT	LIBRESSL_VERSION_TEXT
#define OPENSSL_VERSION_PTEXT	" part of " OPENSSL_VERSION_TEXT

#define SHLIB_VERSION_HISTORY ""

		CPPFLAGS="$CPPFLAGS -DOPENSSL_NO_SPEED"
		AC_SUBST([PLATFORM_LDADD], ['-lws2_32'])
		;;
	*solaris*)
		HOST_OS=solaris
		HOST_ABI=elf
		CPPFLAGS="$CPPFLAGS -D__EXTENSIONS__ -D_XOPEN_SOURCE=600 -DBSD_COMP"
		AC_SUBST([PLATFORM_LDADD], ['-ldl -lnsl -lsocket'])
		;;
	*) ;;
esac

AC_ARG_ENABLE([nc],
	AS_HELP_STRING([--enable-nc], [Enable installing TLS-enabled nc(1)]))
AM_CONDITIONAL([ENABLE_NC], [test "x$enable_nc" = xyes])

/* $OpenBSD: ssl_tlsext.c,v 1.44.2.1 2019/05/15 19:25:15 tb Exp $ */
/*
 * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org>
 * Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
 * Copyright (c) 2018-2019 Bob Beck <beck@openbsd.org>
 *
 * Permission to use, copy, modify, and distribute this software for any
 * purpose with or without fee is hereby granted, provided that the above

			.build = tlsext_cookie_server_build,
			.parse = tlsext_cookie_client_parse,
		},
	},
#ifndef OPENSSL_NO_SRTP
	{
		.type = TLSEXT_TYPE_use_srtp,
		.messages = SSL_TLSEXT_MSG_CH | SSL_TLSEXT_MSG_SH /* XXX */ |
		    SSL_TLSEXT_MSG_EE,
		.client = {
			.needs = tlsext_srtp_client_needs,
			.build = tlsext_srtp_client_build,
			.parse = tlsext_srtp_server_parse,
		},
		.server = {
			.needs = tlsext_srtp_server_needs,