[Ttssh2-commit] [8316] - TTSSHとTTProxyを OpenSSL 1.1.1 に対応した。

scmno****@osdn***** scmno****@osdn*****
2019年 10月 16日 (水) 22:19:25 JST


Revision: 8316
          https://osdn.net/projects/ttssh2/scm/svn/commits/8316
Author:   yutakapon
Date:     2019-10-16 22:19:25 +0900 (Wed, 16 Oct 2019)
Log Message:
-----------
- TTSSHとTTProxyを OpenSSL 1.1.1 に対応した。
  ※OpenSSL 1.0.2ではビルドできません
- Win32 APIのWindows依存チェックツール(installer/checksymbol)を追加した。

branches/openssl_1_1_1_v3からリビジョン8258をマージ:
/branches/openssl_1_1_1_v2 ブランチの r7785 - r8256 をマージした。


........

Revision Links:
--------------
    https://osdn.net/projects/ttssh2/scm/svn/commits/7785
    https://osdn.net/projects/ttssh2/scm/svn/commits/8256

Modified Paths:
--------------
    trunk/TTProxy/SSLLIB.h
    trunk/TTProxy/SSLSocket.h
    trunk/TTProxy/TTProxy.v10.vcxproj
    trunk/TTProxy/TTProxy.v11.vcxproj
    trunk/TTProxy/TTProxy.v12.vcxproj
    trunk/TTProxy/TTProxy.v14.vcxproj
    trunk/TTProxy/TTProxy.v15.vcxproj
    trunk/TTProxy/TTProxy.v16.vcxproj
    trunk/TTProxy/TTProxy.v9.vcproj
    trunk/TTProxy/TTProxy.vcproj
    trunk/doc/en/html/reference/develop.txt
    trunk/doc/ja/html/reference/develop.txt
    trunk/libs/buildall.bat
    trunk/libs/buildopenssl11.bat
    trunk/ttssh2/ttxssh/cipher-ctr.c
    trunk/ttssh2/ttxssh/cipher.h
    trunk/ttssh2/ttxssh/crypt.c
    trunk/ttssh2/ttxssh/hosts.c
    trunk/ttssh2/ttxssh/kex.c
    trunk/ttssh2/ttxssh/key.c
    trunk/ttssh2/ttxssh/keyfiles.c
    trunk/ttssh2/ttxssh/ssh.c
    trunk/ttssh2/ttxssh/ttxssh.c
    trunk/ttssh2/ttxssh/ttxssh.h
    trunk/ttssh2/ttxssh/ttxssh.v10.vcxproj
    trunk/ttssh2/ttxssh/ttxssh.v11.vcxproj
    trunk/ttssh2/ttxssh/ttxssh.v12.vcxproj
    trunk/ttssh2/ttxssh/ttxssh.v14.vcxproj
    trunk/ttssh2/ttxssh/ttxssh.v15.vcxproj
    trunk/ttssh2/ttxssh/ttxssh.v16.vcxproj
    trunk/ttssh2/ttxssh/ttxssh.v9.vcproj
    trunk/ttssh2/ttxssh/ttxssh.vcproj

Added Paths:
-----------
    trunk/installer/checksymbol/
    trunk/libs/buildopenssl30.bat
    trunk/libs/openssl_patch/

Property Changed:
----------------
    trunk/
    trunk/TTProxy/
    trunk/teraterm/

-------------- next part --------------
Index: trunk
===================================================================
--- trunk	2019-10-16 12:06:58 UTC (rev 8315)
+++ trunk	2019-10-16 13:19:25 UTC (rev 8316)

Property changes on: trunk
___________________________________________________________________
Modified: svn:mergeinfo
## -1,6 +1,7 ##
 /branches/drag_and_drop:7130,7139,7141,7143-7147
 /branches/flowctrl_dsrdtr:7825-7827
-/branches/openssl_1_1_1_v2:7888
+/branches/openssl_1_1_1_v2:7785-7786,7788-7808,7811-7812,7814-7815,7819-7822,7829,7832-7834,7838-7843,7846-7847,7855-7856,7858,7861-7863,7873-7877,7880-7881,7884-7888,7890-7892,7894-7895,7898,7900,7902-7903,7909,7924,7934,7954-7957,7959,7973,7975,7979-7980,8019,8208,8256
+/branches/openssl_1_1_1_v3:8258
 /branches/portfwd_memleak:7732,7736-7737,7764
 /branches/serial_port_improved:8119,8140-8141,8144,8150,8158-8160,8163,8170-8172,8183,8185,8204,8209,8212-8215
 /branches/ssh_ed25519:5495-5544
Index: trunk/TTProxy
===================================================================
--- trunk/TTProxy	2019-10-16 12:06:58 UTC (rev 8315)
+++ trunk/TTProxy	2019-10-16 13:19:25 UTC (rev 8316)

Property changes on: trunk/TTProxy
___________________________________________________________________
Modified: svn:mergeinfo
## -1,3 +1,5 ##
+/branches/openssl_1_1_1_v2/TTProxy:7785-7786,7788-7808,7861-7863,7898,7900,7902-7903,7909,7924,7934,7954-7957,7959,7973,7975,7979-7980
+/branches/openssl_1_1_1_v3/TTProxy:8258
 /branches/ttproxy_improved/TTProxy:8041,8055-8056
 /branches/ttssh_improved/TTProxy:8040
 /branches/vs2015_warn/TTProxy:6194-6285
\ No newline at end of property
Modified: trunk/TTProxy/SSLLIB.h
===================================================================
--- trunk/TTProxy/SSLLIB.h	2019-10-16 12:06:58 UTC (rev 8315)
+++ trunk/TTProxy/SSLLIB.h	2019-10-16 13:19:25 UTC (rev 8316)
@@ -1,11 +1,16 @@
 #ifndef _SSLLIB_h_
 #define _SSLLIB_h_
 
+#ifdef OPENSSL_VERSION_MAJOR
+// OpenSSL 3.0.0\x82ł\xCDOPENSSL_VERSION_MAJOR, OPENSSL_VERSION_MINOR, 
+// OPENSSL_VERSION_PATCH \x82\xAA\x83f\x83t\x83H\x83\x8B\x83g\x82Œ\xE8\x8B`\x82\xB3\x82\xEA\x82\xE9\x81B
+#else
 #define OPENSSL_VERSION_MAJOR    (OPENSSL_VERSION_NUMBER & 0xf0000000L) >> 28
 #define OPENSSL_VERSION_MINOR    (OPENSSL_VERSION_NUMBER & 0x0ff00000L) >> 20
 #define OPENSSL_VERSION_FIX      (OPENSSL_VERSION_NUMBER & 0x000ff000L) >> 12
 #define OPENSSL_VERSION_PATCH    (OPENSSL_VERSION_NUMBER & 0x00000ff0L) >> 4
 #define OPENSSL_VERSION_STATUS   (OPENSSL_VERSION_NUMBER & 0x0000000fL)
+#endif
 
 #define DECLARE_MODULE_API(module, rettype, apiname, arglist, args) \
 rettype apiname arglist {                                     \
@@ -61,7 +66,6 @@
 DECLARE_SSLEAY32_API_v(SSL_free, (SSL *ssl), (ssl))
 DECLARE_SSLEAY32_API(int, SSL_get_error, (const SSL *s,int ret_code), (s,ret_code))
 DECLARE_SSLEAY32_API(X509 *, SSL_get_peer_certificate, (const SSL *s), (s))
-DECLARE_SSLEAY32_API_v(SSL_load_error_strings, (void ), ())
 DECLARE_SSLEAY32_API(SSL *, SSL_new, (SSL_CTX *ctx), (ctx))
 DECLARE_SSLEAY32_API(int, SSL_read, (SSL *ssl,void *buf,int num), (ssl, buf, num))
 DECLARE_SSLEAY32_API(int, SSL_set_fd, (SSL *s, int fd), (s, fd))
@@ -74,6 +78,6 @@
 #endif
 DECLARE_SSLEAY32_API(int, SSL_CTX_load_verify_locations, (SSL_CTX *ctx, const char *CAfile, const char *CApath), (ctx, CAfile, CApath))
 DECLARE_SSLEAY32_API(long, SSL_get_verify_result, (const SSL *ssl), (ssl))
-DECLARE_SSLEAY32_API(int, SSL_library_init, (void), ())
+DECLARE_SSLEAY32_API(int, OPENSSL_init_ssl, (uint64_t opts, const OPENSSL_INIT_SETTINGS *settings), (opts, settings))
 
 #endif//_SSLLIB_h_
\ No newline at end of file

Modified: trunk/TTProxy/SSLSocket.h
===================================================================
--- trunk/TTProxy/SSLSocket.h	2019-10-16 12:06:58 UTC (rev 8315)
+++ trunk/TTProxy/SSLSocket.h	2019-10-16 13:19:25 UTC (rev 8316)
@@ -54,8 +54,12 @@
 
     private:
         SSLContext():ctx(NULL) {
-            SSL_library_init(); 
-            SSL_load_error_strings();
+			// SSL_library_init\x8A֐\x94\x82\xCDOpenSSL 1.1.0\x82\xC5deprecated\x82ƂȂ\xE8\x81A
+			// OPENSSL_init_ssl\x8A֐\x94\x82ɒu\x82\xAB\x8A\xB7\x82\xED\x82\xC1\x82\xBD\x81B
+			OPENSSL_init_ssl(0, NULL);
+
+            // SSL_load_error_strings\x8A֐\x94\x82\xCDOpenSSL 1.1.0\x82\xC5deprecated\x82ƂȂ\xE8\x81A
+			// \x8CĂяo\x82\xB5\x95s\x97v\x82ƂȂ\xC1\x82\xBD\x82\xBD\x82߁A\x8D폜\x82\xB5\x82\xBD\x81B
             ctx = SSL_CTX_new(SSLv23_client_method());
             SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
         }

Modified: trunk/TTProxy/TTProxy.v10.vcxproj
===================================================================
--- trunk/TTProxy/TTProxy.v10.vcxproj	2019-10-16 12:06:58 UTC (rev 8315)
+++ trunk/TTProxy/TTProxy.v10.vcxproj	2019-10-16 13:19:25 UTC (rev 8316)
@@ -62,7 +62,7 @@
     <ClCompile>
       <Optimization>MaxSpeed</Optimization>
       <InlineFunctionExpansion>OnlyExplicitInline</InlineFunctionExpansion>
-      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\teraterm\common;YCL\include;$(SolutionDir)..\libs\openssl\inc32;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\teraterm\common;YCL\include;$(SolutionDir)..\libs\openssl\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
       <PreprocessorDefinitions>WIN32;NDEBUG;_WINDOWS;_USRDLL;TTX_EXPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <StringPooling>true</StringPooling>
       <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
@@ -103,7 +103,7 @@
     </Midl>
     <ClCompile>
       <Optimization>Disabled</Optimization>
-      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\teraterm\common;YCL\include;$(SolutionDir)..\libs\openssl\inc32;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\teraterm\common;YCL\include;$(SolutionDir)..\libs\openssl\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
       <PreprocessorDefinitions>WIN32;_DEBUG;_WINDOWS;_USRDLL;TTX_EXPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <MinimalRebuild>true</MinimalRebuild>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>

Modified: trunk/TTProxy/TTProxy.v11.vcxproj
===================================================================
--- trunk/TTProxy/TTProxy.v11.vcxproj	2019-10-16 12:06:58 UTC (rev 8315)
+++ trunk/TTProxy/TTProxy.v11.vcxproj	2019-10-16 13:19:25 UTC (rev 8316)
@@ -67,7 +67,7 @@
     <ClCompile>
       <Optimization>MaxSpeed</Optimization>
       <InlineFunctionExpansion>OnlyExplicitInline</InlineFunctionExpansion>
-      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\teraterm\common;YCL\include;$(SolutionDir)..\libs\openssl\inc32;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\teraterm\common;YCL\include;$(SolutionDir)..\libs\openssl\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
       <PreprocessorDefinitions>WIN32;NDEBUG;_WINDOWS;_USRDLL;TTX_EXPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <StringPooling>true</StringPooling>
       <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
@@ -108,7 +108,7 @@
     </Midl>
     <ClCompile>
       <Optimization>Disabled</Optimization>
-      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\teraterm\common;YCL\include;$(SolutionDir)..\libs\openssl\inc32;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\teraterm\common;YCL\include;$(SolutionDir)..\libs\openssl\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
       <PreprocessorDefinitions>WIN32;_DEBUG;_WINDOWS;_USRDLL;TTX_EXPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <MinimalRebuild>true</MinimalRebuild>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>

Modified: trunk/TTProxy/TTProxy.v12.vcxproj
===================================================================
--- trunk/TTProxy/TTProxy.v12.vcxproj	2019-10-16 12:06:58 UTC (rev 8315)
+++ trunk/TTProxy/TTProxy.v12.vcxproj	2019-10-16 13:19:25 UTC (rev 8316)
@@ -67,7 +67,7 @@
     <ClCompile>
       <Optimization>MaxSpeed</Optimization>
       <InlineFunctionExpansion>OnlyExplicitInline</InlineFunctionExpansion>
-      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\teraterm\common;YCL\include;$(SolutionDir)..\libs\openssl\inc32;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\teraterm\common;YCL\include;$(SolutionDir)..\libs\openssl\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
       <PreprocessorDefinitions>WIN32;NDEBUG;_WINDOWS;_USRDLL;TTX_EXPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <StringPooling>true</StringPooling>
       <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
@@ -108,7 +108,7 @@
     </Midl>
     <ClCompile>
       <Optimization>Disabled</Optimization>
-      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\teraterm\common;YCL\include;$(SolutionDir)..\libs\openssl\inc32;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\teraterm\common;YCL\include;$(SolutionDir)..\libs\openssl\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
       <PreprocessorDefinitions>WIN32;_DEBUG;_WINDOWS;_USRDLL;TTX_EXPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <MinimalRebuild>true</MinimalRebuild>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>

Modified: trunk/TTProxy/TTProxy.v14.vcxproj
===================================================================
--- trunk/TTProxy/TTProxy.v14.vcxproj	2019-10-16 12:06:58 UTC (rev 8315)
+++ trunk/TTProxy/TTProxy.v14.vcxproj	2019-10-16 13:19:25 UTC (rev 8316)
@@ -67,7 +67,7 @@
     <ClCompile>
       <Optimization>MaxSpeed</Optimization>
       <InlineFunctionExpansion>OnlyExplicitInline</InlineFunctionExpansion>
-      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\teraterm\common;YCL\include;$(SolutionDir)..\libs\openssl\inc32;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\teraterm\common;YCL\include;$(SolutionDir)..\libs\openssl\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
       <PreprocessorDefinitions>WIN32;NDEBUG;_WINDOWS;_USRDLL;TTX_EXPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <StringPooling>true</StringPooling>
       <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
@@ -107,7 +107,7 @@
     </Midl>
     <ClCompile>
       <Optimization>Disabled</Optimization>
-      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\teraterm\common;YCL\include;$(SolutionDir)..\libs\openssl\inc32;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\teraterm\common;YCL\include;$(SolutionDir)..\libs\openssl\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
       <PreprocessorDefinitions>WIN32;_DEBUG;_WINDOWS;_USRDLL;TTX_EXPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <MinimalRebuild>true</MinimalRebuild>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>

Modified: trunk/TTProxy/TTProxy.v15.vcxproj
===================================================================
--- trunk/TTProxy/TTProxy.v15.vcxproj	2019-10-16 12:06:58 UTC (rev 8315)
+++ trunk/TTProxy/TTProxy.v15.vcxproj	2019-10-16 13:19:25 UTC (rev 8316)
@@ -68,7 +68,7 @@
     <ClCompile>
       <Optimization>MaxSpeed</Optimization>
       <InlineFunctionExpansion>OnlyExplicitInline</InlineFunctionExpansion>
-      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\teraterm\common;YCL\include;$(SolutionDir)..\libs\openssl\inc32;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\teraterm\common;YCL\include;$(SolutionDir)..\libs\openssl\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
       <PreprocessorDefinitions>WIN32;NDEBUG;_WINDOWS;_USRDLL;TTX_EXPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <StringPooling>true</StringPooling>
       <RuntimeLibrary>MultiThreaded</RuntimeLibrary>

Modified: trunk/TTProxy/TTProxy.v16.vcxproj
===================================================================
--- trunk/TTProxy/TTProxy.v16.vcxproj	2019-10-16 12:06:58 UTC (rev 8315)
+++ trunk/TTProxy/TTProxy.v16.vcxproj	2019-10-16 13:19:25 UTC (rev 8316)
@@ -68,7 +68,7 @@
     <ClCompile>
       <Optimization>MaxSpeed</Optimization>
       <InlineFunctionExpansion>OnlyExplicitInline</InlineFunctionExpansion>
-      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\teraterm\common;YCL\include;$(SolutionDir)..\libs\openssl\inc32;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\teraterm\common;YCL\include;$(SolutionDir)..\libs\openssl\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
       <PreprocessorDefinitions>WIN32;NDEBUG;_WINDOWS;_USRDLL;TTX_EXPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <StringPooling>true</StringPooling>
       <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
@@ -108,7 +108,7 @@
     </Midl>
     <ClCompile>
       <Optimization>Disabled</Optimization>
-      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\teraterm\common;YCL\include;$(SolutionDir)..\libs\openssl\inc32;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\teraterm\common;YCL\include;$(SolutionDir)..\libs\openssl\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
       <PreprocessorDefinitions>WIN32;_DEBUG;_WINDOWS;_USRDLL;TTX_EXPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <MinimalRebuild>true</MinimalRebuild>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>

Modified: trunk/TTProxy/TTProxy.v9.vcproj
===================================================================
--- trunk/TTProxy/TTProxy.v9.vcproj	2019-10-16 12:06:58 UTC (rev 8315)
+++ trunk/TTProxy/TTProxy.v9.vcproj	2019-10-16 13:19:25 UTC (rev 8316)
@@ -50,7 +50,7 @@
 				AdditionalOptions="/D"_CRT_SECURE_NO_DEPRECATE""
 				Optimization="2"
 				InlineFunctionExpansion="1"
-				AdditionalIncludeDirectories="$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\teraterm\common;YCL\include;$(SolutionDir)..\libs\openssl\inc32"
+				AdditionalIncludeDirectories="$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\teraterm\common;YCL\include;$(SolutionDir)..\libs\openssl\include"
 				PreprocessorDefinitions="WIN32;NDEBUG;_WINDOWS;_USRDLL;TTX_EXPORTS"
 				StringPooling="true"
 				RuntimeLibrary="0"
@@ -145,7 +145,7 @@
 				Name="VCCLCompilerTool"
 				AdditionalOptions="/D"_CRT_SECURE_NO_DEPRECATE""
 				Optimization="0"
-				AdditionalIncludeDirectories="$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\teraterm\common;YCL\include;$(SolutionDir)..\libs\openssl\inc32"
+				AdditionalIncludeDirectories="$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\teraterm\common;YCL\include;$(SolutionDir)..\libs\openssl\include"
 				PreprocessorDefinitions="WIN32;_DEBUG;_WINDOWS;_USRDLL;TTX_EXPORTS"
 				MinimalRebuild="true"
 				BasicRuntimeChecks="3"

Modified: trunk/TTProxy/TTProxy.vcproj
===================================================================
--- trunk/TTProxy/TTProxy.vcproj	2019-10-16 12:06:58 UTC (rev 8315)
+++ trunk/TTProxy/TTProxy.vcproj	2019-10-16 13:19:25 UTC (rev 8316)
@@ -49,7 +49,7 @@
 				AdditionalOptions="/D"_CRT_SECURE_NO_DEPRECATE""
 				Optimization="2"
 				InlineFunctionExpansion="1"
-				AdditionalIncludeDirectories="$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\teraterm\common;YCL\include;$(SolutionDir)..\libs\openssl\inc32"
+				AdditionalIncludeDirectories="$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\teraterm\common;YCL\include;$(SolutionDir)..\libs\openssl\include"
 				PreprocessorDefinitions="WIN32;NDEBUG;_WINDOWS;_USRDLL;TTX_EXPORTS"
 				StringPooling="true"
 				RuntimeLibrary="0"
@@ -145,7 +145,7 @@
 				Name="VCCLCompilerTool"
 				AdditionalOptions="/D"_CRT_SECURE_NO_DEPRECATE""
 				Optimization="0"
-				AdditionalIncludeDirectories="$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\teraterm\common;YCL\include;$(SolutionDir)..\libs\openssl\inc32"
+				AdditionalIncludeDirectories="$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\teraterm\common;YCL\include;$(SolutionDir)..\libs\openssl\include"
 				PreprocessorDefinitions="WIN32;_DEBUG;_WINDOWS;_USRDLL;TTX_EXPORTS"
 				MinimalRebuild="true"
 				BasicRuntimeChecks="3"

Modified: trunk/doc/en/html/reference/develop.txt
===================================================================
--- trunk/doc/en/html/reference/develop.txt	2019-10-16 12:06:58 UTC (rev 8315)
+++ trunk/doc/en/html/reference/develop.txt	2019-10-16 13:19:25 UTC (rev 8316)
@@ -42,7 +42,7 @@
   ISTool 5.3.0.1 (https://sourceforge.net/projects/istool/)
 - others
   Cygwin 1.5.x (1.7.x doesn't support Windows 9x)
-  ActivePerl 5.8 or later version
+  ActivePerl 5.10 or later version
     converts character-code and return-code of documents for building OpenSSL.
   Subversion for Windows (http://sourceforge.net/projects/win32svn/)
     Use the compatible version for check-outed svn version.

Modified: trunk/doc/ja/html/reference/develop.txt
===================================================================
--- trunk/doc/ja/html/reference/develop.txt	2019-10-16 12:06:58 UTC (rev 8315)
+++ trunk/doc/ja/html/reference/develop.txt	2019-10-16 13:19:25 UTC (rev 8316)
@@ -46,7 +46,7 @@
   ISTool 5.3.0.1 (https://sourceforge.net/projects/istool/)
 - \x82\xBB\x82̑\xBC
   Cygwin 1.5.x (1.7.x \x82\xCD Windows 9x \x82\xF0\x83T\x83|\x81[\x83g\x82\xB5\x82Ă\xA2\x82Ȃ\xA2\x82̂ŕs\x89\xC2)
-  ActivePerl 5.8 \x88ȏ\xE3
+  ActivePerl 5.10 \x88ȏ\xE3
     OpenSSL \x82̃R\x83\x93\x83p\x83C\x83\x8B\x81A\x83h\x83L\x83\x85\x83\x81\x83\x93\x83g\x83t\x83@\x83C\x83\x8B\x82̕\xB6\x8E\x9A\x83R\x81[\x83h\x81E\x89\xFC\x8Ds\x83R\x81[\x83h\x95ϊ\xB7\x82ɕK\x97v\x82ł\xB7\x81B
   Subversion for Windows (http://sourceforge.net/projects/win32svn/)
     \x83\\x81[\x83X\x82̃`\x83F\x83b\x83N\x83A\x83E\x83g\x82Ɏg\x82\xC1\x82\xBD svn \x82ƌ݊\xB7\x90\xAB\x82̂\xA0\x82\xE9\x83o\x81[\x83W\x83\x87\x83\x93\x81B

Modified: trunk/libs/buildall.bat
===================================================================
--- trunk/libs/buildall.bat	2019-10-16 12:06:58 UTC (rev 8315)
+++ trunk/libs/buildall.bat	2019-10-16 13:19:25 UTC (rev 8316)
@@ -1,4 +1,4 @@
 CALL buildoniguruma6.bat
 CALL buildzlib.bat
-CALL buildopenssl.bat
+CALL buildopenssl11.bat
 CALL buildSFMT.bat

Modified: trunk/libs/buildopenssl11.bat
===================================================================
--- trunk/libs/buildopenssl11.bat	2019-10-16 12:06:58 UTC (rev 8315)
+++ trunk/libs/buildopenssl11.bat	2019-10-16 13:19:25 UTC (rev 8316)
@@ -1,7 +1,32 @@
-cd openssl-1.1.0
 
+rem OpenSSL\x82̃r\x83\x8B\x83h\x82ֈڍs
+
+cd openssl
+
 if exist "out32.dbg\libcrypto.lib" goto build_dbg_end
-perl Configure no-asm no-async VC-WIN32 --debug
+
+rem \x83p\x83b\x83`\x93K\x97p\x83`\x83F\x83b\x83N
+pushd ..\openssl_patch
+call check_patch.bat
+popd
+
+
+rem \x90ݒ\xE8\x83t\x83@\x83C\x83\x8B\x82̃o\x83b\x83N\x83A\x83b\x83v\x82\xF0\x8E\xE6\x82\xE9
+copy /y Configurations\10-main.conf Configurations\10-main.conf.orig
+
+rem VS2005\x82\xBE\x82ƌx\x8D\x90\x83G\x83\x89\x81[\x82ŃR\x83\x93\x83p\x83C\x83\x8B\x82\xAA\x8E~\x82܂\xE9\x96\xE2\x91\xE8\x82ւ̏\x88\x92u
+perl -e "open(IN,'Configurations/10-main.conf');binmode(STDOUT);while(<IN>){s|/W3|/W1|;s|/WX||;print $_;}close(IN);" > conf.tmp
+move conf.tmp Configurations/10-main.conf
+
+rem GetModuleHandleExW API(WindowsXP\x88ȍ~)\x88ˑ\xB6\x8F\x9C\x8B\x8E\x82̂\xBD\x82\xDF
+perl -e "open(IN,'Configurations/10-main.conf');binmode(STDOUT);while(<IN>){s|(dso_scheme(.+)"win32")|#$1|;print $_;}close(IN);" > conf.tmp
+move conf.tmp Configurations/10-main.conf
+
+rem Debug build\x82\xCCwarning LNK4099\x91΍\xF4(Workaround)
+perl -e "open(IN,'Configurations/10-main.conf');binmode(STDOUT);while(<IN>){s|/Zi|/Z7|;s|/WX||;print $_;}close(IN);" > conf.tmp
+move conf.tmp Configurations/10-main.conf
+
+perl Configure no-asm no-async no-shared no-capieng no-dso no-engine VC-WIN32 -D_WIN32_WINNT=0x0501 --debug
 perl -e "open(IN,'makefile');while(<IN>){s| /MDd| /MTd|;print $_;}close(IN);" > makefile.tmp
 if exist "makefile.dbg" del makefile.dbg
 ren makefile.tmp makefile.dbg
@@ -8,12 +33,13 @@
 nmake -f makefile.dbg clean
 nmake -f makefile.dbg
 mkdir out32.dbg
-move libcrypto.lib out32.dbg
-move libssl.lib out32.dbg
+move libcrypto* out32.dbg
+move libssl* out32.dbg
+move apps\openssl.exe out32.dbg
 :build_dbg_end
 
 if exist "out32\libcrypto.lib" goto build_end
-perl Configure no-asm no-async VC-WIN32
+perl Configure no-asm no-async no-shared no-capieng no-dso no-engine VC-WIN32 -D_WIN32_WINNT=0x0501
 perl -e "open(IN,'makefile');while(<IN>){s| /MD| /MT|;print $_;}close(IN);" > makefile.tmp
 if exist "makefile" del makefile
 ren makefile.tmp makefile
@@ -20,8 +46,9 @@
 nmake clean
 nmake
 mkdir out32
-move libcrypto.lib out32
-move libssl.lib out32
+move libcrypto* out32
+move libssl* out32
+move apps\openssl.exe out32
 :build_end
 
 cd ..

Copied: trunk/libs/buildopenssl30.bat (from rev 8258, branches/openssl_1_1_1_v3/libs/buildopenssl30.bat)
===================================================================
--- trunk/libs/buildopenssl30.bat	                        (rev 0)
+++ trunk/libs/buildopenssl30.bat	2019-10-16 13:19:25 UTC (rev 8316)
@@ -0,0 +1,53 @@
+
+rem \x83p\x83b\x83`\x93K\x97p\x83`\x83F\x83b\x83N
+rem pushd openssl_patch
+rem call check_patch.bat
+rem popd
+
+rem OpenSSL\x82̃r\x83\x8B\x83h\x82ֈڍs
+
+cd openssl
+
+if exist "out32.dbg\libcrypto.lib" goto build_dbg_end
+
+rem \x90ݒ\xE8\x83t\x83@\x83C\x83\x8B\x82̃o\x83b\x83N\x83A\x83b\x83v\x82\xF0\x8E\xE6\x82\xE9
+copy /y Configurations\10-main.conf Configurations\10-main.conf.orig
+
+rem VS2005\x82\xBE\x82ƌx\x8D\x90\x83G\x83\x89\x81[\x82ŃR\x83\x93\x83p\x83C\x83\x8B\x82\xAA\x8E~\x82܂\xE9\x96\xE2\x91\xE8\x82ւ̏\x88\x92u
+perl -e "open(IN,'Configurations/10-main.conf');binmode(STDOUT);while(<IN>){s|/W3|/W1|;s|/WX||;print $_;}close(IN);" > conf.tmp
+move conf.tmp Configurations/10-main.conf
+
+rem GetModuleHandleExW API\x88ˑ\xB6\x8F\x9C\x8B\x8E\x82̂\xBD\x82\xDF
+perl -e "open(IN,'Configurations/10-main.conf');binmode(STDOUT);while(<IN>){s|(dso_scheme(.+)"win32")|#$1|;print $_;}close(IN);" > conf.tmp
+move conf.tmp Configurations/10-main.conf
+
+rem Debug build\x82\xCCwarning LNK4099\x91΍\xF4(Workaround)
+perl -e "open(IN,'Configurations/10-main.conf');binmode(STDOUT);while(<IN>){s|/Zi|/Z7|;s|/WX||;print $_;}close(IN);" > conf.tmp
+move conf.tmp Configurations/10-main.conf
+
+perl Configure no-asm no-async no-shared no-capieng no-dso no-engine VC-WIN32 -D_WIN32_WINNT=0x0501 --debug
+perl -e "open(IN,'makefile');while(<IN>){s| /MDd| /MTd|;print $_;}close(IN);" > makefile.tmp
+if exist "makefile.dbg" del makefile.dbg
+ren makefile.tmp makefile.dbg
+nmake -f makefile.dbg clean
+nmake -f makefile.dbg
+mkdir out32.dbg
+move libcrypto* out32.dbg
+move libssl* out32.dbg
+move apps\openssl.exe out32.dbg
+:build_dbg_end
+
+if exist "out32\libcrypto.lib" goto build_end
+perl Configure no-asm no-async no-shared no-capieng no-dso no-engine VC-WIN32 -D_WIN32_WINNT=0x0501
+perl -e "open(IN,'makefile');while(<IN>){s| /MD| /MT|;print $_;}close(IN);" > makefile.tmp
+if exist "makefile" del makefile
+ren makefile.tmp makefile
+nmake clean
+nmake
+mkdir out32
+move libcrypto* out32
+move libssl* out32
+move apps\openssl.exe out32
+:build_end
+
+cd ..

Index: trunk/teraterm
===================================================================
--- trunk/teraterm	2019-10-16 12:06:58 UTC (rev 8315)
+++ trunk/teraterm	2019-10-16 13:19:25 UTC (rev 8316)

Property changes on: trunk/teraterm
___________________________________________________________________
Modified: svn:mergeinfo
## -1,4 +1,6 ##
 /branches/drag_and_drop/teraterm:7130,7139,7141,7143-7147
 /branches/flowctrl_dsrdtr/teraterm:7825-7827
+/branches/openssl_1_1_1_v2/teraterm:7819-7822,7829,7832-7834,7838-7843,7846-7847,7855-7856,7858,7861-7863,7979-7980
+/branches/openssl_1_1_1_v3/teraterm:8258
 /branches/serial_port_improved/teraterm:8119,8140-8141,8144,8150,8158-8160,8163,8170,8172,8183,8185,8204,8209,8212-8215
 /branches/vs2015_warn/teraterm:6194-6285
\ No newline at end of property
Modified: trunk/ttssh2/ttxssh/cipher-ctr.c
===================================================================
--- trunk/ttssh2/ttxssh/cipher-ctr.c	2019-10-16 12:06:58 UTC (rev 8315)
+++ trunk/ttssh2/ttxssh/cipher-ctr.c	2019-10-16 13:19:25 UTC (rev 8316)
@@ -133,20 +133,20 @@
 const EVP_CIPHER *
 evp_aes_128_ctr(void)
 {
-	static EVP_CIPHER aes_ctr;
+	static EVP_CIPHER *p = NULL;
 
-	memset(&aes_ctr, 0, sizeof(EVP_CIPHER));
-	aes_ctr.nid = NID_undef;
-	aes_ctr.block_size = AES_BLOCK_SIZE;
-	aes_ctr.iv_len = AES_BLOCK_SIZE;
-	aes_ctr.key_len = 16;
-	aes_ctr.init = ssh_aes_ctr_init;
-	aes_ctr.cleanup = ssh_aes_ctr_cleanup;
-	aes_ctr.do_cipher = ssh_aes_ctr;
-#ifndef SSH_OLD_EVP
-	aes_ctr.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV;
-#endif
-	return (&aes_ctr);
+	if (p == NULL) {
+		p = EVP_CIPHER_meth_new(NID_undef, /*block_size*/AES_BLOCK_SIZE, /*key_len*/16);
+		/*** TODO: OPENSSL1.1.1 ERROR CHECK(ticket#39335\x82ŏ\x88\x92u\x97\\x92\xE8) ***/
+	}
+	if (p) {
+		EVP_CIPHER_meth_set_iv_length(p, AES_BLOCK_SIZE);
+		EVP_CIPHER_meth_set_init(p, ssh_aes_ctr_init);
+		EVP_CIPHER_meth_set_cleanup(p, ssh_aes_ctr_cleanup);
+		EVP_CIPHER_meth_set_do_cipher(p, ssh_aes_ctr);
+		EVP_CIPHER_meth_set_flags(p, EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV);
+	}
+	return (p);
 }
 
 //============================================================================
@@ -212,20 +212,20 @@
 const EVP_CIPHER *
 evp_des3_ctr(void)
 {
-	static EVP_CIPHER des3_ctr;
+	static EVP_CIPHER *p = NULL;
 
-	memset(&des3_ctr, 0, sizeof(EVP_CIPHER));
-	des3_ctr.nid = NID_undef;
-	des3_ctr.block_size = DES_BLOCK_SIZE;
-	des3_ctr.iv_len = DES_BLOCK_SIZE;
-	des3_ctr.key_len = 24;
-	des3_ctr.init = ssh_des3_ctr_init;
-	des3_ctr.cleanup = ssh_des3_ctr_cleanup;
-	des3_ctr.do_cipher = ssh_des3_ctr;
-#ifndef SSH_OLD_EVP
-	des3_ctr.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV;
-#endif
-	return (&des3_ctr);
+	if (p == NULL) {
+		p = EVP_CIPHER_meth_new(NID_undef, /*block_size*/DES_BLOCK_SIZE, /*key_len*/24);
+		/*** TODO: OPENSSL1.1.1 ERROR CHECK(ticket#39335\x82ŏ\x88\x92u\x97\\x92\xE8) ***/
+	}
+	if (p) {
+		EVP_CIPHER_meth_set_iv_length(p, DES_BLOCK_SIZE);
+		EVP_CIPHER_meth_set_init(p, ssh_des3_ctr_init);
+		EVP_CIPHER_meth_set_cleanup(p, ssh_des3_ctr_cleanup);
+		EVP_CIPHER_meth_set_do_cipher(p, ssh_des3_ctr);
+		EVP_CIPHER_meth_set_flags(p, EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV);
+	}
+	return (p);
 }
 
 //============================================================================
@@ -306,20 +306,20 @@
 const EVP_CIPHER *
 evp_bf_ctr(void)
 {
-	static EVP_CIPHER blowfish_ctr;
+	static EVP_CIPHER *p = NULL;
 
-	memset(&blowfish_ctr, 0, sizeof(EVP_CIPHER));
-	blowfish_ctr.nid = NID_undef;
-	blowfish_ctr.block_size = BF_BLOCK;
-	blowfish_ctr.iv_len = BF_BLOCK;
-	blowfish_ctr.key_len = 16;
-	blowfish_ctr.init = ssh_bf_ctr_init;
-	blowfish_ctr.cleanup = ssh_bf_ctr_cleanup;
-	blowfish_ctr.do_cipher = ssh_bf_ctr;
-#ifndef SSH_OLD_EVP
-	blowfish_ctr.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV;
-#endif
-	return (&blowfish_ctr);
+	if (p == NULL) {
+		p = EVP_CIPHER_meth_new(NID_undef, /*block_size*/BF_BLOCK, /*key_len*/16);
+		/*** TODO: OPENSSL1.1.1 ERROR CHECK(ticket#39335\x82ŏ\x88\x92u\x97\\x92\xE8) ***/
+	}
+	if (p) {
+		EVP_CIPHER_meth_set_iv_length(p, BF_BLOCK);
+		EVP_CIPHER_meth_set_init(p, ssh_bf_ctr_init);
+		EVP_CIPHER_meth_set_cleanup(p, ssh_bf_ctr_cleanup);
+		EVP_CIPHER_meth_set_do_cipher(p, ssh_bf_ctr);
+		EVP_CIPHER_meth_set_flags(p, EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV);
+	}
+	return (p);
 }
 
 //============================================================================
@@ -400,20 +400,20 @@
 const EVP_CIPHER *
 evp_cast5_ctr(void)
 {
-	static EVP_CIPHER cast5_ctr;
+	static EVP_CIPHER *p = NULL;
 
-	memset(&cast5_ctr, 0, sizeof(EVP_CIPHER));
-	cast5_ctr.nid = NID_undef;
-	cast5_ctr.block_size = CAST_BLOCK;
-	cast5_ctr.iv_len = CAST_BLOCK;
-	cast5_ctr.key_len = 16;
-	cast5_ctr.init = ssh_cast5_ctr_init;
-	cast5_ctr.cleanup = ssh_cast5_ctr_cleanup;
-	cast5_ctr.do_cipher = ssh_cast5_ctr;
-#ifndef SSH_OLD_EVP
-	cast5_ctr.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV;
-#endif
-	return (&cast5_ctr);
+	if (p == NULL) {
+		p = EVP_CIPHER_meth_new(NID_undef, /*block_size*/CAST_BLOCK, /*key_len*/16);
+		/*** TODO: OPENSSL1.1.1 ERROR CHECK(ticket#39335\x82ŏ\x88\x92u\x97\\x92\xE8) ***/
+	}
+	if (p) {
+		EVP_CIPHER_meth_set_iv_length(p, CAST_BLOCK);
+		EVP_CIPHER_meth_set_init(p, ssh_cast5_ctr_init);
+		EVP_CIPHER_meth_set_cleanup(p, ssh_cast5_ctr_cleanup);
+		EVP_CIPHER_meth_set_do_cipher(p, ssh_cast5_ctr);
+		EVP_CIPHER_meth_set_flags(p, EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV);
+	}
+	return (p);
 }
 
 //============================================================================
@@ -486,18 +486,19 @@
 const EVP_CIPHER *
 evp_camellia_128_ctr(void)
 {
-	static EVP_CIPHER camellia_ctr;
 
-	memset(&camellia_ctr, 0, sizeof(EVP_CIPHER));
-	camellia_ctr.nid = NID_undef;
-	camellia_ctr.block_size = CAMELLIA_BLOCK_SIZE;
-	camellia_ctr.iv_len = CAMELLIA_BLOCK_SIZE;
-	camellia_ctr.key_len = 16;
-	camellia_ctr.init = ssh_camellia_ctr_init;
-	camellia_ctr.cleanup = ssh_camellia_ctr_cleanup;
-	camellia_ctr.do_cipher = ssh_camellia_ctr;
-#ifndef SSH_OLD_EVP
-	camellia_ctr.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV;
-#endif
-	return (&camellia_ctr);
+	static EVP_CIPHER *p = NULL;
+
+	if (p == NULL) {
+		p = EVP_CIPHER_meth_new(NID_undef, /*block_size*/CAMELLIA_BLOCK_SIZE, /*key_len*/16);
+		/*** TODO: OPENSSL1.1.1 ERROR CHECK(ticket#39335\x82ŏ\x88\x92u\x97\\x92\xE8) ***/
+	}
+	if (p) {
+		EVP_CIPHER_meth_set_iv_length(p, CAMELLIA_BLOCK_SIZE);
+		EVP_CIPHER_meth_set_init(p, ssh_camellia_ctr_init);
+		EVP_CIPHER_meth_set_cleanup(p, ssh_camellia_ctr_cleanup);
+		EVP_CIPHER_meth_set_do_cipher(p, ssh_camellia_ctr);
+		EVP_CIPHER_meth_set_flags(p, EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV);
+	}
+	return (p);
 }

Modified: trunk/ttssh2/ttxssh/cipher.h
===================================================================
--- trunk/ttssh2/ttxssh/cipher.h	2019-10-16 12:06:58 UTC (rev 8315)
+++ trunk/ttssh2/ttxssh/cipher.h	2019-10-16 13:19:25 UTC (rev 8316)
@@ -63,7 +63,7 @@
 struct Cipher;
 struct CipherContext {
 	int	plaintext;
-	EVP_CIPHER_CTX evp;
+	EVP_CIPHER_CTX *evp;
 	Cipher *cipher;
 };
 

Modified: trunk/ttssh2/ttxssh/crypt.c
===================================================================
--- trunk/ttssh2/ttxssh/crypt.c	2019-10-16 12:06:58 UTC (rev 8315)
+++ trunk/ttssh2/ttxssh/crypt.c	2019-10-16 13:19:25 UTC (rev 8316)
@@ -206,7 +206,7 @@
 	unsigned int block_size = pvar->ssh2_keys[MODE_OUT].enc.block_size;
 	unsigned char lastiv[1];
 	char tmp[80];
-	EVP_CIPHER_CTX *evp = &pvar->evpcip[MODE_OUT];
+	EVP_CIPHER_CTX *evp = pvar->evpcip[MODE_OUT];
 
 	if (bytes == 0)
 		return TRUE;
@@ -260,7 +260,7 @@
 	unsigned int block_size = pvar->ssh2_keys[MODE_IN].enc.block_size;
 	unsigned char lastiv[1];
 	char tmp[80];
-	EVP_CIPHER_CTX *evp = &pvar->evpcip[MODE_IN];
+	EVP_CIPHER_CTX *evp = pvar->evpcip[MODE_IN];
 
 	if (bytes == 0)
 		return TRUE;
@@ -338,7 +338,7 @@
 		encbufflen = bytes;
 	}
 
-	if (EVP_Cipher(&pvar->evpcip[MODE_OUT], encbuff, buf, bytes) == 0) {
+	if (EVP_Cipher(pvar->evpcip[MODE_OUT], encbuff, buf, bytes) == 0) {
 		UTIL_get_lang_msg("MSG_ENCRYPT_ERROR2", pvar, "%s encrypt error(2)");
 		_snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
 		            get_cipher_name(pvar->crypt_state.sender_cipher));
@@ -374,7 +374,7 @@
 		encbufflen = bytes;
 	}
 
-	if (EVP_Cipher(&pvar->evpcip[MODE_IN], encbuff, buf, bytes) == 0) {
+	if (EVP_Cipher(pvar->evpcip[MODE_IN], encbuff, buf, bytes) == 0) {
 		UTIL_get_lang_msg("MSG_DECRYPT_ERROR2", pvar, "%s decrypt error(2)");
 		_snprintf_s(tmp, sizeof(tmp), _TRUNCATE, pvar->ts->UIMsg,
 		            get_cipher_name(pvar->crypt_state.receiver_cipher));
@@ -463,7 +463,14 @@
 
 void CRYPT_set_random_data(PTInstVar pvar, unsigned char *buf, unsigned int bytes)
 {
-	RAND_bytes(buf, bytes);
+	int ret;
+
+	// OpenSSL 1.1.1\x82\xF0\x8Eg\x82\xC1\x82\xBD\x8Fꍇ\x81AWindowsMe\x82ł\xCD RAND_bytes() \x82̌Ăяo\x82\xB5\x82ŗ\x8E\x82\xBF\x82\xE9\x81B
+	logprintf(LOG_LEVEL_VERBOSE, "%s: RAND_bytes call", __FUNCTION__);
+	ret = RAND_bytes(buf, bytes);
+	if (ret < 0) {
+		logprintf(LOG_LEVEL_ERROR, "%s: RAND_bytes error(%d)", __FUNCTION__, ret);
+	}
 }
 
 void CRYPT_initialize_random_numbers(PTInstVar pvar)
@@ -486,23 +493,27 @@
                   unsigned char *mod)
 {
 	RSA *key = RSA_new();
+	BIGNUM *e = NULL, *n = NULL;
 
 	if (key != NULL) {
-		key->e = get_bignum(exp);
-		key->n = get_bignum(mod);
+		// OpenSSL 1.1.0\x82ł\xCDRSA\x8D\\x91\xA2\x91̂̃\x81\x83\x93\x83o\x81[\x82ɒ\xBC\x90ڃA\x83N\x83Z\x83X\x82ł\xAB\x82Ȃ\xA2\x82\xBD\x82߁A
+		// RSA_set0_key\x8A֐\x94\x82Őݒ肷\x82\xE9\x95K\x97v\x82\xAA\x82\xA0\x82\xE9\x81B
+		e = get_bignum(exp);
+		n = get_bignum(mod);
+		RSA_set0_key(key, n, e, NULL);
 	}
 
-	if (key == NULL || key->e == NULL || key->n == NULL) {
+	if (key == NULL || e == NULL || n == NULL) {
 		UTIL_get_lang_msg("MSG_RSAKEY_SETUP_ERROR", pvar,
 		                  "Error setting up RSA keys");
 		notify_fatal_error(pvar, pvar->ts->UIMsg, TRUE);
 
 		if (key != NULL) {
-			if (key->e != NULL) {
-				BN_free(key->e);
+			if (e != NULL) {
+				BN_free(e);
 			}
-			if (key->n != NULL) {
-				BN_free(key->n);
+			if (n != NULL) {
+				BN_free(n);
 			}
 			RSA_free(key);
 		}
@@ -656,7 +667,7 @@
 BOOL CRYPT_verify_receiver_MAC(PTInstVar pvar, uint32 sequence_number,
 	char *data, int len, char *MAC)
 {
-	HMAC_CTX c;
+	HMAC_CTX *c = NULL;
 	unsigned char m[EVP_MAX_MD_SIZE];
 	unsigned char b[4];
 	struct Mac *mac;
@@ -678,12 +689,16 @@
 		goto error;
 	}
 
-	HMAC_Init(&c, mac->key, mac->key_len, mac->md);
+	c = HMAC_CTX_new();
+	if (c == NULL)
+		goto error;
+
+	HMAC_Init(c, mac->key, mac->key_len, mac->md);
 	set_uint32_MSBfirst(b, sequence_number);
-	HMAC_Update(&c, b, sizeof(b));
-	HMAC_Update(&c, data, len);
-	HMAC_Final(&c, m, NULL);
-	HMAC_cleanup(&c);
+	HMAC_Update(c, b, sizeof(b));
+	HMAC_Update(c, data, len);
+	HMAC_Final(c, m, NULL);
+	// HMAC_cleanup()\x82\xCDOpenSSL 1.1.0\x82ō폜\x82\xB3\x82\xEA\x81AHMAC_CTX_free()\x82ɏW\x96񂳂ꂽ\x81B
 
 	if (memcmp(m, MAC, mac->mac_len)) {
 		logprintf(LOG_LEVEL_VERBOSE, "HMAC key is not matched(seq %lu len %d)", sequence_number, len);
@@ -692,9 +707,14 @@
 		goto error;
 	}
 
+	HMAC_CTX_free(c);
+
 	return TRUE;
 
 error:
+	if (c) 
+		HMAC_CTX_free(c);
+
 	return FALSE;
 }
 
@@ -717,7 +737,7 @@
 BOOL CRYPT_build_sender_MAC(PTInstVar pvar, uint32 sequence_number,
                             char *data, int len, char *MAC)
 {
-	HMAC_CTX c;
+	HMAC_CTX *c = NULL;
 	static u_char m[EVP_MAX_MD_SIZE];
 	u_char b[4];
 	struct Mac *mac;
@@ -727,17 +747,23 @@
 		if (mac == NULL || mac->enabled == 0) 
 			return FALSE;
 
-		HMAC_Init(&c, mac->key, mac->key_len, mac->md);
+		c = HMAC_CTX_new();
+		if (c == NULL)
+			return FALSE;
+
+		HMAC_Init(c, mac->key, mac->key_len, mac->md);
 		set_uint32_MSBfirst(b, sequence_number);
-		HMAC_Update(&c, b, sizeof(b));
-		HMAC_Update(&c, data, len);
-		HMAC_Final(&c, m, NULL);
-		HMAC_cleanup(&c);
+		HMAC_Update(c, b, sizeof(b));
+		HMAC_Update(c, data, len);
+		HMAC_Final(c, m, NULL);
+		// HMAC_cleanup()\x82\xCDOpenSSL 1.1.0\x82ō폜\x82\xB3\x82\xEA\x81AHMAC_CTX_free()\x82ɏW\x96񂳂ꂽ\x81B
 
 		// 20\x83o\x83C\x83g\x95\xAA\x82\xBE\x82\xAF\x83R\x83s\x81[
 		memcpy(MAC, m, pvar->ssh2_keys[MODE_OUT].mac.mac_len);
 	//	memcpy(MAC, m, sizeof(m));
 
+		HMAC_CTX_free(c);
+
 		return TRUE;
 	}
 
@@ -802,12 +828,23 @@
 
 unsigned int CRYPT_get_encrypted_session_key_len(PTInstVar pvar)
 {
-	int server_key_bits =
-		BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
-	int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
-	int server_key_bytes = (server_key_bits + 7) / 8;
-	int host_key_bytes = (host_key_bits + 7) / 8;
+	int server_key_bits;
+	int host_key_bits;
+	int server_key_bytes;
+	int host_key_bytes;
+	BIGNUM *n;
 
+	// OpenSSL 1.1.0\x82ł\xCDRSA\x8D\\x91\xA2\x91̂̃\x81\x83\x93\x83o\x81[\x82ɒ\xBC\x90ڃA\x83N\x83Z\x83X\x82ł\xAB\x82Ȃ\xA2\x82\xBD\x82߁A
+	// RSA_get0_key\x8A֐\x94\x82Ŏ擾\x82\xB7\x82\xE9\x95K\x97v\x82\xAA\x82\xA0\x82\xE9\x81B
+	RSA_get0_key(pvar->crypt_state.server_key.RSA_key, &n, NULL, NULL);
+	server_key_bits = BN_num_bits(n);
+
+	RSA_get0_key(pvar->crypt_state.host_key.RSA_key, &n, NULL, NULL);
+	host_key_bits = BN_num_bits(n);
+
+	server_key_bytes = (server_key_bits + 7) / 8;
+	host_key_bytes = (host_key_bits + 7) / 8;
+
 	if (server_key_bits < host_key_bits) {
 		return host_key_bytes;
 	} else {
@@ -818,14 +855,25 @@
 int CRYPT_choose_session_key(PTInstVar pvar,
                              unsigned char *encrypted_key_buf)
 {
-	int server_key_bits =
-		BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
-	int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
-	int server_key_bytes = (server_key_bits + 7) / 8;
-	int host_key_bytes = (host_key_bits + 7) / 8;
+	int server_key_bits;
+	int host_key_bits;
+	int server_key_bytes;
+	int host_key_bytes;
 	int encrypted_key_bytes;
 	int bit_delta;
+	BIGNUM *server_n, *host_n;
 
+	// OpenSSL 1.1.0\x82ł\xCDRSA\x8D\\x91\xA2\x91̂̃\x81\x83\x93\x83o\x81[\x82ɒ\xBC\x90ڃA\x83N\x83Z\x83X\x82ł\xAB\x82Ȃ\xA2\x82\xBD\x82߁A
+	// RSA_get0_key\x8A֐\x94\x82Ŏ擾\x82\xB7\x82\xE9\x95K\x97v\x82\xAA\x82\xA0\x82\xE9\x81B
+	RSA_get0_key(pvar->crypt_state.server_key.RSA_key, &server_n, NULL, NULL);
+	server_key_bits = BN_num_bits(server_n);
+
+	RSA_get0_key(pvar->crypt_state.host_key.RSA_key, &host_n, NULL, NULL);
+	host_key_bits = BN_num_bits(host_n);
+
+	server_key_bytes = (server_key_bits + 7) / 8;
+	host_key_bytes = (host_key_bits + 7) / 8;
+
 	if (server_key_bits < host_key_bits) {
 		encrypted_key_bytes = host_key_bytes;
 		bit_delta = host_key_bits - server_key_bits;
@@ -847,8 +895,8 @@
 		char session_id[16];
 		int i;
 
-		BN_bn2bin(pvar->crypt_state.host_key.RSA_key->n, session_buf);
-		BN_bn2bin(pvar->crypt_state.server_key.RSA_key->n,
+		BN_bn2bin(host_n, session_buf);
+		BN_bn2bin(server_n,
 		          session_buf + host_key_bytes);
 		memcpy(session_buf + server_key_bytes + host_key_bytes,
 		       pvar->crypt_state.server_cookie, 8);
@@ -918,16 +966,29 @@
                                           int challenge_len,
                                           unsigned char *response)
 {
-	int server_key_bits =
-		BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
-	int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
-	int server_key_bytes = (server_key_bits + 7) / 8;
-	int host_key_bytes = (host_key_bits + 7) / 8;
-	int session_buf_len = server_key_bytes + host_key_bytes + 8;
-	char *session_buf = (char *) malloc(session_buf_len);
+	int server_key_bits;
+	int host_key_bits;
+	int server_key_bytes;
+	int host_key_bytes;
+	int session_buf_len;
+	char *session_buf;
 	char decrypted_challenge[48];
 	int decrypted_challenge_len;
+	BIGNUM *server_n, *host_n;
 
+	// OpenSSL 1.1.0\x82ł\xCDRSA\x8D\\x91\xA2\x91̂̃\x81\x83\x93\x83o\x81[\x82ɒ\xBC\x90ڃA\x83N\x83Z\x83X\x82ł\xAB\x82Ȃ\xA2\x82\xBD\x82߁A
+	// RSA_get0_key\x8A֐\x94\x82Ŏ擾\x82\xB7\x82\xE9\x95K\x97v\x82\xAA\x82\xA0\x82\xE9\x81B
+	RSA_get0_key(pvar->crypt_state.server_key.RSA_key, &server_n, NULL, NULL);
+	server_key_bits = BN_num_bits(server_n);
+
+	RSA_get0_key(pvar->crypt_state.host_key.RSA_key, &host_n, NULL, NULL);
+	host_key_bits = BN_num_bits(host_n);
+
+	server_key_bytes = (server_key_bits + 7) / 8;
+	host_key_bytes = (host_key_bits + 7) / 8;
+	session_buf_len = server_key_bytes + host_key_bytes + 8;
+	session_buf = (char FAR *) malloc(session_buf_len);
+
 	decrypted_challenge_len =
 		RSA_private_decrypt(challenge_len, challenge, challenge,
 		                    AUTH_get_cur_cred(pvar)->key_pair->rsa,
@@ -948,8 +1009,8 @@
 		       decrypted_challenge_len);
 	}
 
-	BN_bn2bin(pvar->crypt_state.host_key.RSA_key->n, session_buf);
-	BN_bn2bin(pvar->crypt_state.server_key.RSA_key->n,
+	BN_bn2bin(host_n, session_buf);
+	BN_bn2bin(server_n,
 	          session_buf + host_key_bytes);
 	memcpy(session_buf + server_key_bytes + host_key_bytes,
 	       pvar->crypt_state.server_cookie, 8);
@@ -1110,7 +1171,7 @@
 			cipher = pvar->ciphers[MODE_OUT];
 			if (cipher) {
 				enc = &pvar->ssh2_keys[MODE_OUT].enc;
-				cipher_init_SSH2(&pvar->evpcip[MODE_OUT],
+				cipher_init_SSH2(pvar->evpcip[MODE_OUT],
 				                 enc->key, get_cipher_key_len(cipher),
 				                 enc->iv, get_cipher_iv_len(cipher),
 				                 CIPHER_ENCRYPT,
@@ -1158,7 +1219,7 @@
 			cipher = pvar->ciphers[MODE_IN];
 			if (cipher) {
 				enc = &pvar->ssh2_keys[MODE_IN].enc;
-				cipher_init_SSH2(&pvar->evpcip[MODE_IN],
+				cipher_init_SSH2(pvar->evpcip[MODE_IN],
 				                 enc->key, get_cipher_key_len(cipher),
 				                 enc->iv, get_cipher_iv_len(cipher),
 				                 CIPHER_DECRYPT,
@@ -1277,6 +1338,11 @@
 
 void CRYPT_get_server_key_info(PTInstVar pvar, char *dest, int len)
 {
+	BIGNUM *server_n, *host_n;
+
+	// OpenSSL 1.1.0\x82ł\xCDRSA\x8D\\x91\xA2\x91̂̃\x81\x83\x93\x83o\x81[\x82ɒ\xBC\x90ڃA\x83N\x83Z\x83X\x82ł\xAB\x82Ȃ\xA2\x82\xBD\x82߁A
+	// RSA_get0_key\x8A֐\x94\x82Ŏ擾\x82\xB7\x82\xE9\x95K\x97v\x82\xAA\x82\xA0\x82\xE9\x81B
+
 	if (SSHv1(pvar)) {
 		if (pvar->crypt_state.server_key.RSA_key == NULL
 		 || pvar->crypt_state.host_key.RSA_key == NULL) {
@@ -1283,11 +1349,14 @@
 			UTIL_get_lang_msg("DLG_ABOUT_KEY_NONE", pvar, "None");
 			strncpy_s(dest, len, pvar->ts->UIMsg, _TRUNCATE);
 		} else {
+			RSA_get0_key(pvar->crypt_state.server_key.RSA_key, &server_n, NULL, NULL);
+			RSA_get0_key(pvar->crypt_state.host_key.RSA_key, &host_n, NULL, NULL);
+
 			UTIL_get_lang_msg("DLG_ABOUT_KEY_INFO", pvar,
 			                  "%d-bit server key, %d-bit host key");
 			_snprintf_s(dest, len, _TRUNCATE, pvar->ts->UIMsg,
-			            BN_num_bits(pvar->crypt_state.server_key.RSA_key->n),
-			            BN_num_bits(pvar->crypt_state.host_key.RSA_key->n));
+			            BN_num_bits(server_n),
+			            BN_num_bits(host_n));
 		}
 	} else { // SSH2
 			UTIL_get_lang_msg("DLG_ABOUT_KEY_INFO2", pvar,

Modified: trunk/ttssh2/ttxssh/hosts.c
===================================================================
--- trunk/ttssh2/ttxssh/hosts.c	2019-10-16 12:06:58 UTC (rev 8315)
+++ trunk/ttssh2/ttxssh/hosts.c	2019-10-16 13:19:25 UTC (rev 8316)
@@ -328,7 +328,8 @@
 	int ch;
 	int leftover_digits = 1;
 
-	BN_CTX_init(ctx);
+	// BN_CTX_init\x8A֐\x94\x82\xCD OpenSSL 1.1.0 \x82ō폜\x82\xB3\x82ꂽ\x81B
+	// OpenSSL 1.0.2\x82̎\x9E\x93_\x82ł\xB7\x82ł\xC9 deprecated \x88\xB5\x82\xA2\x82\xBE\x82\xC1\x82\xBD\x81B
 	BN_set_word(num, 0);
 	BN_set_word(billion, 1000000000L);
 
@@ -878,6 +879,10 @@
 	const EC_GROUP *group;
 	const EC_POINT *pa, *pb;
 	Key *a, *b;
+	BIGNUM *e = NULL, *n = NULL;
+	BIGNUM *se = NULL, *sn = NULL;
+	BIGNUM *p, *q, *g, *pub_key;
+	BIGNUM *sp, *sq, *sg, *spub_key;
 
 	if (src->type != key->type) {
 		return -1;
@@ -898,16 +903,22 @@
 		*/
 
 	case KEY_RSA: // SSH2 RSA host public key
+		RSA_get0_key(key->rsa, &n, &e, NULL);
+		RSA_get0_key(src->rsa, &sn, &se, NULL);
 		return key->rsa != NULL && src->rsa != NULL &&
-			BN_cmp(key->rsa->e, src->rsa->e) == 0 &&
-			BN_cmp(key->rsa->n, src->rsa->n) == 0;
+			BN_cmp(e, se) == 0 &&
+			BN_cmp(n, sn) == 0;
 
 	case KEY_DSA: // SSH2 DSA host public key
+		DSA_get0_pqg(key->dsa, &p, &q, &g);
+		DSA_get0_pqg(src->dsa, &sp, &sq, &sg);
+		DSA_get0_key(key->dsa, &pub_key, NULL);
+		DSA_get0_key(src->dsa, &spub_key, NULL);
 		return key->dsa != NULL && src->dsa &&
-			BN_cmp(key->dsa->p, src->dsa->p) == 0 &&
-			BN_cmp(key->dsa->q, src->dsa->q) == 0 &&
-			BN_cmp(key->dsa->g, src->dsa->g) == 0 &&
-			BN_cmp(key->dsa->pub_key, src->dsa->pub_key) == 0;
+			BN_cmp(p, sp) == 0 &&
+			BN_cmp(q, sq) == 0 &&
+			BN_cmp(g, sg) == 0 &&
+			BN_cmp(pub_key, spub_key) == 0;
 
 	case KEY_ECDSA256:
 	case KEY_ECDSA384:

Modified: trunk/ttssh2/ttxssh/kex.c
===================================================================
--- trunk/ttssh2/ttxssh/kex.c	2019-10-16 12:06:58 UTC (rev 8315)
+++ trunk/ttssh2/ttxssh/kex.c	2019-10-16 13:19:25 UTC (rev 8316)
@@ -34,6 +34,7 @@
 static DH *dh_new_group_asc(const char *gen, const char *modulus)
 {
 	DH *dh = NULL;
+	BIGNUM *p = NULL, *g = NULL;
 
 	if ((dh = DH_new()) == NULL) {
 		printf("dh_new_group_asc: DH_new");
@@ -41,19 +42,24 @@
 	}
 
 	// P\x82\xC6G\x82͌\xF6\x8AJ\x82\xB5\x82Ă\xE0\x82悢\x91f\x90\x94\x82̑g\x82ݍ\x87\x82킹
-	if (BN_hex2bn(&dh->p, modulus) == 0) {
+	if (BN_hex2bn(&p, modulus) == 0) {
 		printf("BN_hex2bn p");
 		goto error;
 	}
 
-	if (BN_hex2bn(&dh->g, gen) == 0) {
+	if (BN_hex2bn(&g, gen) == 0) {
 		printf("BN_hex2bn g");
 		goto error;
 	}
 
+	// BN_hex2bn()\x82ŕϊ\xB7\x82\xB5\x82\xBD\x83|\x83C\x83\x93\x83^\x82\xF0DH\x8D\\x91\xA2\x91̂ɃZ\x83b\x83g\x82\xB7\x82\xE9\x81B
+	DH_set0_pqg(dh, p, NULL, g);
+
 	return (dh);
 
 error:
+    BN_free(g);
+    BN_free(p);
 	DH_free(dh);
 	return (NULL);
 }
@@ -231,22 +237,26 @@
 void dh_gen_key(PTInstVar pvar, DH *dh, int we_need /* bytes */ )
 {
 	int i;
+	BIGNUM *pub_key;
+	BIGNUM *priv_key;
 
-	dh->priv_key = NULL;
+	priv_key = NULL;
 
 	// \x94閧\x82ɂ\xB7\x82ׂ\xAB\x97\x90\x90\x94(X)\x82𐶐\xAC
 	for (i = 0 ; i < 10 ; i++) { // retry counter
-		if (dh->priv_key != NULL) {
-			BN_clear_free(dh->priv_key);
+		if (priv_key != NULL) {
+			BN_clear_free(priv_key);
 		}
-		dh->priv_key = BN_new();
-		if (dh->priv_key == NULL)
+		priv_key = BN_new();
+		DH_set0_key(dh, NULL, priv_key);
+		if (priv_key == NULL)
 			goto error;
-		if (BN_rand(dh->priv_key, 2*(we_need*8), 0, 0) == 0)
+		if (BN_rand(priv_key, 2*(we_need*8), 0, 0) == 0)
 			goto error;
 		if (DH_generate_key(dh) == 0)
 			goto error;
-		if (dh_pub_is_valid(dh, dh->pub_key))
+		DH_get0_key(dh, &pub_key, NULL);
+		if (dh_pub_is_valid(dh, pub_key))
 			break;
 	}
 	if (i >= 10) {
@@ -286,8 +296,12 @@
 {
 	buffer_t *b;
 	static unsigned char digest[EVP_MAX_MD_SIZE];
-	EVP_MD_CTX md;
+	EVP_MD_CTX *md = NULL;
 
+	md = EVP_MD_CTX_new();
+	if (md == NULL)
+		goto error;
+
 	b = buffer_init();
 	buffer_put_string(b, client_version_string, strlen(client_version_string));
 	buffer_put_string(b, server_version_string, strlen(server_version_string));
@@ -308,9 +322,9 @@
 	// yutaka
 	//debug_print(38, buffer_ptr(b), buffer_len(b));
 
-	EVP_DigestInit(&md, evp_md);
-	EVP_DigestUpdate(&md, buffer_ptr(b), buffer_len(b));
-	EVP_DigestFinal(&md, digest, NULL);
+	EVP_DigestInit(md, evp_md);
+	EVP_DigestUpdate(md, buffer_ptr(b), buffer_len(b));
+	EVP_DigestFinal(md, digest, NULL);
 
 	buffer_free(b);
 
@@ -318,6 +332,10 @@
 
 	*hashlen = EVP_MD_size(evp_md);
 
+error:
+	if (md)
+		EVP_MD_CTX_free(md);
+
 	return digest;
 }
 
@@ -341,8 +359,12 @@
 {
 	buffer_t *b;
 	static unsigned char digest[EVP_MAX_MD_SIZE];
-	EVP_MD_CTX md;
+	EVP_MD_CTX *md = NULL;
 
+	md = EVP_MD_CTX_new();
+	if (md == NULL)
+		goto error;
+
 	b = buffer_init();
 	buffer_put_string(b, client_version_string, strlen(client_version_string));
 	buffer_put_string(b, server_version_string, strlen(server_version_string));
@@ -373,9 +395,9 @@
 	// yutaka
 	//debug_print(38, buffer_ptr(b), buffer_len(b));
 
-	EVP_DigestInit(&md, evp_md);
-	EVP_DigestUpdate(&md, buffer_ptr(b), buffer_len(b));
-	EVP_DigestFinal(&md, digest, NULL);
+	EVP_DigestInit(md, evp_md);
+	EVP_DigestUpdate(md, buffer_ptr(b), buffer_len(b));
+	EVP_DigestFinal(md, digest, NULL);
 
 	buffer_free(b);
 
@@ -383,6 +405,10 @@
 
 	*hashlen = EVP_MD_size(evp_md);
 
+error:
+	if (md)
+		EVP_MD_CTX_free(md);
+
 	return digest;
 }
 
@@ -401,8 +427,12 @@
 {
 	buffer_t *b;
 	static unsigned char digest[EVP_MAX_MD_SIZE];
-	EVP_MD_CTX md;
+	EVP_MD_CTX *md = NULL;
 
+	md = EVP_MD_CTX_new();
+	if (md == NULL)
+		goto error;
+
 	b = buffer_init();
 	buffer_put_string(b, client_version_string, strlen(client_version_string));
 	buffer_put_string(b, server_version_string, strlen(server_version_string));
@@ -424,9 +454,9 @@
 	// yutaka
 	//debug_print(38, buffer_ptr(b), buffer_len(b));
 
-	EVP_DigestInit(&md, evp_md);
-	EVP_DigestUpdate(&md, buffer_ptr(b), buffer_len(b));
-	EVP_DigestFinal(&md, digest, NULL);
+	EVP_DigestInit(md, evp_md);
+	EVP_DigestUpdate(md, buffer_ptr(b), buffer_len(b));
+	EVP_DigestFinal(md, digest, NULL);
 
 	buffer_free(b);
 
@@ -434,6 +464,10 @@
 
 	*hashlen = EVP_MD_size(evp_md);
 
+error:
+	if (md)
+		EVP_MD_CTX_free(md);
+
 	return digest;
 }
 
@@ -443,8 +477,12 @@
 	int i;
 	int n = BN_num_bits(dh_pub);
 	int bits_set = 0;
+	const BIGNUM *p;
 
-	if (dh_pub->neg) {
+	// OpenSSL 1.1.0\x82ŁABIGNUM\x8D\\x91\xA2\x91̂\xCCneg\x83\x81\x83\x93\x83o\x81[\x82ɒ\xBC\x90ڃA\x83N\x83Z\x83X\x82ł\xAB\x82Ȃ\xAD\x82Ȃ\xC1\x82\xBD\x82\xBD\x82߁A
+	// BN_is_negative\x8A֐\x94\x82ɒu\x8A\xB7\x82\xB7\x82\xE9\x81BOpenSSL 1.0.2\x82ł̓}\x83N\x83\x8D\x92\xE8\x8B`\x82\xB3\x82\xEA\x82Ă\xA2\x82\xE9\x82̂ŁA
+	// OpenSSL 1.0.2\x82ł\xE0\x81A\x82\xB1\x82̏\x91\x82\xAB\x95\xFB\x82ł悢\x81B
+	if (BN_is_negative(dh_pub)) {
 		//logit("invalid public DH value: negativ");
 		return 0;
 	}
@@ -454,7 +492,8 @@
 	//debug2("bits set: %d/%d", bits_set, BN_num_bits(dh->p));
 
 	/* if g==2 and bits_set==1 then computing log_g(dh_pub) is trivial */
-	if (bits_set > 1 && (BN_cmp(dh_pub, dh->p) == -1))
+	DH_get0_pqg(dh, &p, NULL, NULL);
+	if (bits_set > 1 && (BN_cmp(dh_pub, p) == -1))
 		return 1;
 	//logit("invalid public DH value (%d/%d)", bits_set, BN_num_bits(dh->p));
 	return 0;
@@ -466,12 +505,16 @@
                           const EVP_MD *evp_md)
 {
 	buffer_t *b;
-	EVP_MD_CTX md;
+	EVP_MD_CTX *md = NULL;
 	char c = id;
 	int have;
 	int mdsz = EVP_MD_size(evp_md);
 	u_char *digest = malloc(roundup(need, mdsz));
 
+	md = EVP_MD_CTX_new();
+	if (md == NULL)
+		goto skip;
+
 	if (digest == NULL)
 		goto skip;
 
@@ -482,12 +525,12 @@
 	buffer_put_bignum2(b, shared_secret);
 
 	/* K1 = HASH(K || H || "A" || session_id) */
-	EVP_DigestInit(&md, evp_md);
-	EVP_DigestUpdate(&md, buffer_ptr(b), buffer_len(b));
-	EVP_DigestUpdate(&md, hash, mdsz);
-	EVP_DigestUpdate(&md, &c, 1);
-	EVP_DigestUpdate(&md, session_id, session_id_len);
-	EVP_DigestFinal(&md, digest, NULL);
+	EVP_DigestInit(md, evp_md);
+	EVP_DigestUpdate(md, buffer_ptr(b), buffer_len(b));
+	EVP_DigestUpdate(md, hash, mdsz);
+	EVP_DigestUpdate(md, &c, 1);
+	EVP_DigestUpdate(md, session_id, session_id_len);
+	EVP_DigestFinal(md, digest, NULL);
 
 	/*
 	 * expand key:
@@ -495,15 +538,18 @@
 	 * Key = K1 || K2 || ... || Kn
 	 */
 	for (have = mdsz; need > have; have += mdsz) {
-		EVP_DigestInit(&md, evp_md);
-		EVP_DigestUpdate(&md, buffer_ptr(b), buffer_len(b));
-		EVP_DigestUpdate(&md, hash, mdsz);
-		EVP_DigestUpdate(&md, digest, have);
-		EVP_DigestFinal(&md, digest + have, NULL);
+		EVP_DigestInit(md, evp_md);
+		EVP_DigestUpdate(md, buffer_ptr(b), buffer_len(b));
+		EVP_DigestUpdate(md, hash, mdsz);
+		EVP_DigestUpdate(md, digest, have);
+		EVP_DigestFinal(md, digest + have, NULL);
 	}
 	buffer_free(b);
 
 skip:;
+	if (md)
+		EVP_MD_CTX_free(md);
+
 	return digest;
 }
 

Modified: trunk/ttssh2/ttxssh/key.c
===================================================================
--- trunk/ttssh2/ttxssh/key.c	2019-10-16 12:06:58 UTC (rev 8315)
+++ trunk/ttssh2/ttxssh/key.c	2019-10-16 13:19:25 UTC (rev 8316)
@@ -87,16 +87,24 @@
 {
 	DSA_SIG *sig;
 	const EVP_MD *evp_md = EVP_sha1();
-	EVP_MD_CTX md;
+	EVP_MD_CTX *md = NULL;
 	unsigned char digest[EVP_MAX_MD_SIZE], *sigblob;
 	unsigned int len, dlen;
-	int ret;
+	int ret = -1;
 	char *ptr;
+	BIGNUM *r, *s;
 
+	md = EVP_MD_CTX_new();
+	if (md == NULL) {
+		ret = -1;
+		goto error;
+	}
+
 	OpenSSL_add_all_digests();
 
 	if (key == NULL) {
-		return -2;
+		ret = -2;
+		goto error;
 	}
 
 	ptr = signature;
@@ -110,7 +118,8 @@
 		len = get_uint32_MSBfirst(ptr);
 		ptr += 4;
 		if (strncmp("ssh-dss", ptr, len) != 0) {
-			return -3;
+			ret = -3;
+			goto error;
 		}
 		ptr += len;
 	}
@@ -122,23 +131,31 @@
 	ptr += len;
 
 	if (len != SIGBLOB_LEN) {
-		return -4;
+		ret = -4;
+		goto error;
 	}
 
 	/* parse signature */
-	if ((sig = DSA_SIG_new()) == NULL)
-		return -5;
-	if ((sig->r = BN_new()) == NULL)
-		return -6;
-	if ((sig->s = BN_new()) == NULL)
-		return -7;
-	BN_bin2bn(sigblob, INTBLOB_LEN, sig->r);
-	BN_bin2bn(sigblob+ INTBLOB_LEN, INTBLOB_LEN, sig->s);
+	if ((sig = DSA_SIG_new()) == NULL) {
+		ret = -5;
+		goto error;
+	}
+	if ((r = BN_new()) == NULL) {
+		ret = -6;
+		goto error;
+	}
+	if ((s = BN_new()) == NULL) {
+		ret = -7;
+		goto error;
+	}
+	DSA_SIG_set0(sig, r, s);
+	BN_bin2bn(sigblob, INTBLOB_LEN, r);
+	BN_bin2bn(sigblob+ INTBLOB_LEN, INTBLOB_LEN, s);
 
 	/* sha1 the data */
-	EVP_DigestInit(&md, evp_md);
-	EVP_DigestUpdate(&md, data, datalen);
-	EVP_DigestFinal(&md, digest, &dlen);
+	EVP_DigestInit(md, evp_md);
+	EVP_DigestUpdate(md, data, datalen);
+	EVP_DigestFinal(md, digest, &dlen);
 
 	ret = DSA_do_verify(digest, dlen, sig, key);
 	SecureZeroMemory(digest, sizeof(digest));
@@ -145,6 +162,10 @@
 
 	DSA_SIG_free(sig);
 
+error:
+	if (md)
+		EVP_MD_CTX_free(md);
+
 	return ret;
 }
 
@@ -250,21 +271,32 @@
                    u_char *data, u_int datalen)
 {
 	const EVP_MD *evp_md;
-	EVP_MD_CTX md;
+	EVP_MD_CTX *md = NULL;
 	//	char *ktype;
 	u_char digest[EVP_MAX_MD_SIZE], *sigblob;
 	u_int len, dlen, modlen;
 //	int rlen, ret, nid;
-	int ret, nid;
+	int ret = -1, nid;
 	char *ptr;
+	BIGNUM *n;
 
+	md = EVP_MD_CTX_new();
+	if (md == NULL) {
+		ret = -1;
+		goto error;
+	}
+
 	OpenSSL_add_all_digests();
 
 	if (key == NULL) {
-		return -2;
+		ret = -2;
+		goto error;
 	}
-	if (BN_num_bits(key->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) {
-		return -3;
+
+	RSA_get0_key(key, &n, NULL, NULL);
+	if (BN_num_bits(n) < SSH_RSA_MINIMUM_MODULUS_SIZE) {
+		ret = -3;
+		goto error;
 	}
 	//debug_print(41, signature, signaturelen);
 	ptr = signature;
@@ -273,7 +305,8 @@
 	len = get_uint32_MSBfirst(ptr);
 	ptr += 4;
 	if (strncmp("ssh-rsa", ptr, len) != 0) {
-		return -4;
+		ret = -4;
+		goto error;
 	}
 	ptr += len;
 
@@ -292,7 +325,8 @@
 	/* RSA_verify expects a signature of RSA_size */
 	modlen = RSA_size(key);
 	if (len > modlen) {
-		return -5;
+		ret = -5;
+		goto error;
 
 	} else if (len < modlen) {
 		u_int diff = modlen - len;
@@ -307,11 +341,12 @@
 	nid = NID_sha1;
 	if ((evp_md = EVP_get_digestbynid(nid)) == NULL) {
 		//error("ssh_rsa_verify: EVP_get_digestbynid %d failed", nid);
-		return -6;
+		ret = -6;
+		goto error;
 	}
-	EVP_DigestInit(&md, evp_md);
-	EVP_DigestUpdate(&md, data, datalen);
-	EVP_DigestFinal(&md, digest, &dlen);
+	EVP_DigestInit(md, evp_md);
+	EVP_DigestUpdate(md, data, datalen);
+	EVP_DigestFinal(md, digest, &dlen);
 
 	ret = openssh_RSA_verify(nid, digest, dlen, sigblob, len, key);
 
@@ -320,6 +355,10 @@
 	//free(sigblob);
 	//debug("ssh_rsa_verify: signature %scorrect", (ret==0) ? "in" : "");
 
+error:
+	if (md)
+		EVP_MD_CTX_free(md);
+
 	return ret;
 }
 
@@ -329,16 +368,24 @@
 {
 	ECDSA_SIG *sig;
 	const EVP_MD *evp_md;
-	EVP_MD_CTX md;
+	EVP_MD_CTX *md = NULL;
 	unsigned char digest[EVP_MAX_MD_SIZE], *sigblob;
 	unsigned int len, dlen;
-	int ret, nid = NID_undef;
+	int ret = -1, nid = NID_undef;
 	char *ptr;
+	BIGNUM *r, *s;
 
+	md = EVP_MD_CTX_new();
+	if (md == NULL) {
+		ret = -1;
+		goto error;
+	}
+
 	OpenSSL_add_all_digests();
 
 	if (key == NULL) {
-		return -2;
+		ret = -2;
+		goto error;
 	}
 
 	ptr = signature;
@@ -346,7 +393,8 @@
 	len = get_uint32_MSBfirst(ptr);
 	ptr += 4;
 	if (strncmp(get_ssh_keytype_name(keytype), ptr, len) != 0) {
-		return -3;
+		ret = -3;
+		goto error;
 	}
 	ptr += len;
 
@@ -356,27 +404,36 @@
 	ptr += len;
 
 	/* parse signature */
-	if ((sig = ECDSA_SIG_new()) == NULL)
-		return -4;
-	if ((sig->r = BN_new()) == NULL)
-		return -5;
-	if ((sig->s = BN_new()) == NULL)
-		return -6;
+	if ((sig = ECDSA_SIG_new()) == NULL) {
+		ret = -4;
+		goto error;
+	}
+	if ((r = BN_new()) == NULL) {
+		ret = -5;
+		goto error;
+	}
+	if ((s = BN_new()) == NULL) {
+		ret = -6;
+		goto error;
+	}
 
-	buffer_get_bignum2(&sigblob, sig->r);
-	buffer_get_bignum2(&sigblob, sig->s);
+	ECDSA_SIG_set0(sig, r, s);
+	buffer_get_bignum2(&sigblob, r);
+	buffer_get_bignum2(&sigblob, s);
 	if (sigblob != ptr) {
-		return -7;
+		ret = -7;
+		goto error;
 	}
 
 	/* hash the data */
 	nid = keytype_to_hash_nid(keytype);
 	if ((evp_md = EVP_get_digestbynid(nid)) == NULL) {
-		return -8;
+		ret = -8;
+		goto error;
 	}
-	EVP_DigestInit(&md, evp_md);
-	EVP_DigestUpdate(&md, data, datalen);
-	EVP_DigestFinal(&md, digest, &dlen);
+	EVP_DigestInit(md, evp_md);
+	EVP_DigestUpdate(md, data, datalen);
+	EVP_DigestFinal(md, digest, &dlen);
 
 	ret = ECDSA_do_verify(digest, dlen, sig, key);
 	SecureZeroMemory(digest, sizeof(digest));
@@ -383,6 +440,10 @@
 
 	ECDSA_SIG_free(sig);
 
+error:
+	if (md)
+		EVP_MD_CTX_free(md);
+
 	return ret;
 }
 
@@ -503,20 +564,25 @@
 RSA *duplicate_RSA(RSA *src)
 {
 	RSA *rsa = NULL;
+	BIGNUM *e = NULL, *n = NULL;
+	BIGNUM *se = NULL, *sn = NULL;
 
 	rsa = RSA_new();
 	if (rsa == NULL)
 		goto error;
-	rsa->n = BN_new();
-	rsa->e = BN_new();
-	if (rsa->n == NULL || rsa->e == NULL) {
+	n = BN_new();
+	e = BN_new();
+	RSA_set0_key(rsa, n, e, NULL);
+	if (n == NULL || e == NULL) {
 		RSA_free(rsa);
 		goto error;
 	}
 
+	RSA_get0_key(src, &sn, &se, NULL);
+
 	// \x90[\x82\xA2\x83R\x83s\x81[(deep copy)\x82\xF0\x8Ds\x82\xA4\x81B\x90󂢃R\x83s\x81[(shallow copy)\x82\xCDNG\x81B
-	BN_copy(rsa->n, src->n);
-	BN_copy(rsa->e, src->e);
+	BN_copy(n, sn);
+	BN_copy(e, se);
 
 error:
 	return (rsa);
@@ -529,27 +595,36 @@
 DSA *duplicate_DSA(DSA *src)
 {
 	DSA *dsa = NULL;
+	BIGNUM *p, *q, *g, *pub_key;
+	BIGNUM *sp, *sq, *sg, *spub_key;
 
 	dsa = DSA_new();
 	if (dsa == NULL)
 		goto error;
-	dsa->p = BN_new();
-	dsa->q = BN_new();
-	dsa->g = BN_new();
-	dsa->pub_key = BN_new();
-	if (dsa->p == NULL ||
-	    dsa->q == NULL ||
-	    dsa->g == NULL ||
-	    dsa->pub_key == NULL) {
+	p = BN_new();
+	q = BN_new();
+	g = BN_new();
+	pub_key = BN_new();
+	DSA_set0_pqg(dsa, p, q, g);
+	DSA_set0_key(dsa, pub_key, NULL);
+	if (p == NULL ||
+	    q == NULL ||
+	    g == NULL ||
+	    pub_key == NULL) {
 		DSA_free(dsa);
+		// \x83\x81\x83\x82\x83\x8A\x82\xF0\x89\xF0\x95\xFA\x82\xB5\x82Ă\xA2\x82\xE9\x82̂\xC5NULL\x82\xF0\x95Ԃ\xB7\x82悤\x82ɂ\xB7\x82\xE9\x81B
+		// \x8CĂь\xB3\x82ł̃`\x83F\x83b\x83N\x82\xCDticket#39335\x82ŏ\x88\x92u\x97\\x92\xE8\x81B
+		dsa = NULL;
 		goto error;
 	}
 
 	// \x90[\x82\xA2\x83R\x83s\x81[(deep copy)\x82\xF0\x8Ds\x82\xA4\x81B\x90󂢃R\x83s\x81[(shallow copy)\x82\xCDNG\x81B
-	BN_copy(dsa->p, src->p);
-	BN_copy(dsa->q, src->q);
-	BN_copy(dsa->g, src->g);
-	BN_copy(dsa->pub_key, src->pub_key);
+	DSA_get0_pqg(src, &sp, &sq, &sg);
+	DSA_get0_key(src, &spub_key, NULL);
+	BN_copy(p, sp);
+	BN_copy(q, sq);
+	BN_copy(g, sg);
+	BN_copy(pub_key, spub_key);
 
 error:
 	return (dsa);
@@ -603,13 +678,19 @@
 char* key_fingerprint_raw(Key *k, digest_algorithm dgst_alg, int *dgst_raw_length)
 {
 	const EVP_MD *md = NULL;
-	EVP_MD_CTX ctx;
+	EVP_MD_CTX *ctx = NULL;
 	char *blob = NULL;
 	char *retval = NULL;
 	int len = 0;
 	int nlen, elen;
 	RSA *rsa;
+	BIGNUM *e = NULL, *n = NULL;
 
+	ctx = EVP_MD_CTX_new();
+	if (ctx == NULL) {
+		goto error;
+	}
+
 	*dgst_raw_length = 0;
 
 	switch (dgst_alg) {
@@ -629,15 +710,16 @@
 	switch (k->type) {
 	case KEY_RSA1:
 		rsa = make_key(NULL, k->bits, k->exp, k->mod);
-		nlen = BN_num_bytes(rsa->n);
-		elen = BN_num_bytes(rsa->e);
+		RSA_get0_key(rsa, &n, &e, NULL);
+		nlen = BN_num_bytes(n);
+		elen = BN_num_bytes(e);
 		len = nlen + elen;
 		blob = malloc(len);
 		if (blob == NULL) {
 			// TODO:
 		}
-		BN_bn2bin(rsa->n, blob);
-		BN_bn2bin(rsa->e, blob + nlen);
+		BN_bn2bin(n, blob);
+		BN_bn2bin(e, blob + nlen);
 		RSA_free(rsa);
 		break;
 
@@ -664,14 +746,19 @@
 		if (retval == NULL) {
 			// TODO:
 		}
-		EVP_DigestInit(&ctx, md);
-		EVP_DigestUpdate(&ctx, blob, len);
-		EVP_DigestFinal(&ctx, retval, dgst_raw_length);
+		EVP_DigestInit(ctx, md);
+		EVP_DigestUpdate(ctx, blob, len);
+		EVP_DigestFinal(ctx, retval, dgst_raw_length);
 		SecureZeroMemory(blob, len);
 		free(blob);
 	} else {
 		//fatal("key_fingerprint_raw: blob is null");
 	}
+
+error:
+	if (ctx)
+		EVP_MD_CTX_free(ctx);
+
 	return retval;
 }
 
@@ -699,14 +786,19 @@
 unsigned int
 key_size(const Key *k)
 {
+	BIGNUM *n = NULL;
+	BIGNUM *p = NULL;
+
 	switch (k->type) {
 	case KEY_RSA1:
 		// SSH1\x82̏ꍇ\x82\xCD key->rsa \x82\xC6 key->dsa \x82\xCD NULL \x82ł\xA0\x82\xE9\x82̂ŁA\x8Eg\x82\xED\x82Ȃ\xA2\x81B
 		return k->bits;
 	case KEY_RSA:
-		return BN_num_bits(k->rsa->n);
+		RSA_get0_key(k->rsa, &n, NULL, NULL);
+		return BN_num_bits(n);
 	case KEY_DSA:
-		return BN_num_bits(k->dsa->p);
+		DSA_get0_pqg(k->dsa, &p, NULL, NULL);
+		return BN_num_bits(p);
 	case KEY_ECDSA256:
 		return 256;
 	case KEY_ECDSA384:
@@ -923,23 +1015,35 @@
 //
 static void key_add_private(Key *k)
 {
+	BIGNUM *d, *iqmp, *q, *p, *dmq1, *dmp1;
+	BIGNUM *priv_key = NULL;
+
+	d = iqmp = q = p = dmq1 = dmp1 = NULL;
+
 	switch (k->type) {
 		case KEY_RSA1:
 		case KEY_RSA:
-			k->rsa->d = BN_new();
-			k->rsa->iqmp = BN_new();
-			k->rsa->q = BN_new();
-			k->rsa->p = BN_new();
-			k->rsa->dmq1 = BN_new();
-			k->rsa->dmp1 = BN_new();
-			if (k->rsa->d == NULL || k->rsa->iqmp == NULL || k->rsa->q == NULL ||
-				k->rsa->p == NULL || k->rsa->dmq1 == NULL || k->rsa->dmp1 == NULL)
+			d = BN_new();
+			RSA_set0_key(k->rsa, NULL, NULL, d);
+
+			iqmp = BN_new();
+			q = BN_new();
+			p = BN_new();
+			RSA_set0_factors(k->rsa, p, q);
+
+			dmq1 = BN_new();
+			dmp1 = BN_new();
+			RSA_set0_crt_params(k->rsa, dmp1, dmq1, iqmp);
+
+			if (d == NULL || iqmp == NULL || q == NULL ||
+				p == NULL || dmq1 == NULL || dmp1 == NULL)
 				goto error;
 			break;
 
 		case KEY_DSA:
-			k->dsa->priv_key = BN_new();
-			if (k->dsa->priv_key == NULL)
+			priv_key = BN_new();
+			DSA_set0_key(k->dsa, NULL, priv_key);
+			if (priv_key == NULL)
 				goto error;
 			break;
 
@@ -963,35 +1067,30 @@
 	return;
 
 error:
-	if (k->rsa->d) {
-		BN_free(k->rsa->d);
-		k->rsa->d = NULL;
+	if (d) {
+		BN_free(d);
+		// k->rsa->d\x82\xC9 NULL \x82\xF0\x83Z\x83b\x83g\x82\xB7\x82邱\x82Ƃ͂ł\xAB\x82Ȃ\xA2\x81B
+		// RSA_set0_key()\x82ł\xCD NULL \x82\xF0\x93n\x82\xB5\x82Ă\xE0\x89\xBD\x82\xE0\x82\xB5\x82Ȃ\xA2\x81B
 	}
-	if (k->rsa->iqmp) {
-		BN_free(k->rsa->iqmp);
-		k->rsa->iqmp = NULL;
+	if (iqmp) {
+		BN_free(iqmp);
 	}
-	if (k->rsa->q) {
-		BN_free(k->rsa->q);
-		k->rsa->q = NULL;
+	if (q) {
+		BN_free(q);
 	}
-	if (k->rsa->p) {
-		BN_free(k->rsa->p);
-		k->rsa->p = NULL;
+	if (p) {
+		BN_free(p);
 	}
-	if (k->rsa->dmq1) {
-		BN_free(k->rsa->dmq1);
-		k->rsa->dmq1 = NULL;
+	if (dmq1) {
+		BN_free(dmq1);
 	}
-	if (k->rsa->dmp1) {
-		BN_free(k->rsa->dmp1);
-		k->rsa->dmp1 = NULL;
+	if (dmp1) {
+		BN_free(dmp1);
 	}
 
 
-	if (k->dsa->priv_key == NULL) {
-		BN_free(k->dsa->priv_key);
-		k->dsa->priv_key = NULL;
+	if (priv_key == NULL) {
+		BN_free(priv_key);
 	}
 
 }
@@ -1011,6 +1110,8 @@
 	Key *k = NULL;
 	RSA *rsa;
 	DSA *dsa;
+	BIGNUM *e = NULL, *n = NULL;
+	BIGNUM *p, *q, *g, *pub_key;
 
 	k = calloc(1, sizeof(Key));
 	if (k == NULL)
@@ -1028,9 +1129,10 @@
 			rsa = RSA_new();
 			if (rsa == NULL)
 				goto error;
-			rsa->n = BN_new();
-			rsa->e = BN_new();
-			if (rsa->n == NULL || rsa->e == NULL)
+			n = BN_new();
+			e = BN_new();
+			RSA_set0_key(rsa, n, e, NULL);
+			if (n == NULL || e == NULL)
 				goto error;
 			k->rsa = rsa;
 			break;
@@ -1039,11 +1141,13 @@
 			dsa = DSA_new();
 			if (dsa == NULL)
 				goto error;
-			dsa->p = BN_new();
-			dsa->q = BN_new();
-			dsa->g = BN_new();
-			dsa->pub_key = BN_new();
-			if (dsa->p == NULL || dsa->q == NULL || dsa->g == NULL || dsa->pub_key == NULL)
+			p = BN_new();
+			q = BN_new();
+			g = BN_new();
+			DSA_set0_pqg(dsa, p, q, g);
+			pub_key = BN_new();
+			DSA_set0_key(dsa, pub_key, NULL);
+			if (p == NULL || q == NULL || g == NULL || pub_key == NULL)
 				goto error;
 			k->dsa = dsa;
 			break;
@@ -1210,6 +1314,8 @@
 	char *sshname, *tmp;
 	int len;
 	int ret = 1;  // success
+	BIGNUM *e = NULL, *n = NULL;
+	BIGNUM *p, *q, *g, *pub_key;
 
 	b = buffer_init();
 	sshname = get_sshname_from_key(key);
@@ -1216,16 +1322,19 @@
 
 	switch (key->type) {
 	case KEY_RSA:
+		RSA_get0_key(key->rsa, &n, &e, NULL);
 		buffer_put_string(b, sshname, strlen(sshname));
-		buffer_put_bignum2(b, key->rsa->e);
-		buffer_put_bignum2(b, key->rsa->n);
+		buffer_put_bignum2(b, e);
+		buffer_put_bignum2(b, n);
 		break;
 	case KEY_DSA:
+		DSA_get0_pqg(key->dsa, &p, &q, &g);
+		DSA_get0_key(key->dsa, &pub_key, NULL);
 		buffer_put_string(b, sshname, strlen(sshname));
-		buffer_put_bignum2(b, key->dsa->p);
-		buffer_put_bignum2(b, key->dsa->q);
-		buffer_put_bignum2(b, key->dsa->g);
-		buffer_put_bignum2(b, key->dsa->pub_key);
+		buffer_put_bignum2(b, p);
+		buffer_put_bignum2(b, q);
+		buffer_put_bignum2(b, g);
+		buffer_put_bignum2(b, pub_key);
 		break;
 	case KEY_ECDSA256:
 	case KEY_ECDSA384:
@@ -1281,6 +1390,8 @@
 	Key *hostkey = NULL;  // hostkey
 	ssh_keytype type;
 	unsigned char *pk = NULL;
+	BIGNUM *e = NULL, *n = NULL;
+	BIGNUM *p, *dsa_q, *g, *pub_key;
 
 	if (data == NULL)
 		goto error;
@@ -1308,14 +1419,15 @@
 		if (rsa == NULL) {
 			goto error;
 		}
-		rsa->n = BN_new();
-		rsa->e = BN_new();
-		if (rsa->n == NULL || rsa->e == NULL) {
+		n = BN_new();
+		e = BN_new();
+		RSA_set0_key(rsa, n, e, NULL);
+		if (n == NULL || e == NULL) {
 			goto error;
 		}
 
-		buffer_get_bignum2(&data, rsa->e);
-		buffer_get_bignum2(&data, rsa->n);
+		buffer_get_bignum2(&data, e);
+		buffer_get_bignum2(&data, n);
 
 		hostkey->type = type;
 		hostkey->rsa = rsa;
@@ -1326,21 +1438,23 @@
 		if (dsa == NULL) {
 			goto error;
 		}
-		dsa->p = BN_new();
-		dsa->q = BN_new();
-		dsa->g = BN_new();
-		dsa->pub_key = BN_new();
-		if (dsa->p == NULL ||
-		    dsa->q == NULL ||
-		    dsa->g == NULL ||
-		    dsa->pub_key == NULL) {
+		p = BN_new();
+		dsa_q = BN_new();
+		g = BN_new();
+		pub_key = BN_new();
+		DSA_set0_pqg(dsa, p, dsa_q, g);
+		DSA_set0_key(dsa, pub_key, NULL);
+		if (p == NULL ||
+		    dsa_q == NULL ||
+		    g == NULL ||
+		    pub_key == NULL) {
 			goto error;
 		}
 
-		buffer_get_bignum2(&data, dsa->p);
-		buffer_get_bignum2(&data, dsa->q);
-		buffer_get_bignum2(&data, dsa->g);
-		buffer_get_bignum2(&data, dsa->pub_key);
+		buffer_get_bignum2(&data, p);
+		buffer_get_bignum2(&data, dsa_q);
+		buffer_get_bignum2(&data, g);
+		buffer_get_bignum2(&data, pub_key);
 
 		hostkey->type = type;
 		hostkey->dsa = dsa;
@@ -1461,16 +1575,22 @@
 	case KEY_RSA: // RSA
 	{
 		const EVP_MD *evp_md = EVP_sha1();
-		EVP_MD_CTX md;
+		EVP_MD_CTX *md = NULL;
 		u_char digest[EVP_MAX_MD_SIZE], *sig;
 		u_int slen, dlen, len;
 		int ok, nid = NID_sha1;
 
+		md = EVP_MD_CTX_new();
+		if (md == NULL)
+			goto error;
+
 		// \x83_\x83C\x83W\x83F\x83X\x83g\x92l\x82̌v\x8EZ
-		EVP_DigestInit(&md, evp_md);
-		EVP_DigestUpdate(&md, data, datalen);
-		EVP_DigestFinal(&md, digest, &dlen);
+		EVP_DigestInit(md, evp_md);
+		EVP_DigestUpdate(md, data, datalen);
+		EVP_DigestFinal(md, digest, &dlen);
 
+		EVP_MD_CTX_free(md);
+
 		slen = RSA_size(keypair->rsa);
 		sig = malloc(slen);
 		if (sig == NULL)
@@ -1519,15 +1639,22 @@
 	{
 		DSA_SIG *sig;
 		const EVP_MD *evp_md = EVP_sha1();
-		EVP_MD_CTX md;
+		EVP_MD_CTX *md = NULL;
 		u_char digest[EVP_MAX_MD_SIZE], sigblob[SIGBLOB_LEN];
 		u_int rlen, slen, len, dlen;
+		BIGNUM *bignum_r, *bignum_s;
 
+		md = EVP_MD_CTX_new();
+		if (md == NULL)
+			goto error;
+
 		// \x83_\x83C\x83W\x83F\x83X\x83g\x82̌v\x8EZ
-		EVP_DigestInit(&md, evp_md);
-		EVP_DigestUpdate(&md, data, datalen);
-		EVP_DigestFinal(&md, digest, &dlen);
+		EVP_DigestInit(md, evp_md);
+		EVP_DigestUpdate(md, data, datalen);
+		EVP_DigestFinal(md, digest, &dlen);
 
+		EVP_MD_CTX_free(md);
+
 		// DSA\x93d\x8Eq\x8F\x90\x96\xBC\x82\xF0\x8Cv\x8EZ
 		sig = DSA_do_sign(digest, dlen, keypair->dsa);
 		SecureZeroMemory(digest, sizeof(digest));
@@ -1536,15 +1663,16 @@
 		}
 
 		// BIGNUM\x82\xA9\x82\xE7\x83o\x83C\x83i\x83\x8A\x92l\x82ւ̕ϊ\xB7
-		rlen = BN_num_bytes(sig->r);
-		slen = BN_num_bytes(sig->s);
+		DSA_SIG_get0(sig, &bignum_r, &bignum_s);
+		rlen = BN_num_bytes(bignum_r);
+		slen = BN_num_bytes(bignum_s);
 		if (rlen > INTBLOB_LEN || slen > INTBLOB_LEN) {
 			DSA_SIG_free(sig);
 			goto error;
 		}
 		memset(sigblob, 0, SIGBLOB_LEN);
-		BN_bn2bin(sig->r, sigblob+ SIGBLOB_LEN - INTBLOB_LEN - rlen);
-		BN_bn2bin(sig->s, sigblob+ SIGBLOB_LEN - slen);
+		BN_bn2bin(bignum_r, sigblob+ SIGBLOB_LEN - INTBLOB_LEN - rlen);
+		BN_bn2bin(bignum_s, sigblob+ SIGBLOB_LEN - slen);
 		DSA_SIG_free(sig);
 
 		// setting
@@ -1569,19 +1697,27 @@
 	{
 		ECDSA_SIG *sig;
 		const EVP_MD *evp_md;
-		EVP_MD_CTX md;
+		EVP_MD_CTX *md = NULL;
 		u_char digest[EVP_MAX_MD_SIZE];
 		u_int len, dlen, nid;
 		buffer_t *buf2 = NULL;
+		BIGNUM *br, *bs;
 
 		nid = keytype_to_hash_nid(keypair->type);
 		if ((evp_md = EVP_get_digestbynid(nid)) == NULL) {
 			goto error;
 		}
-		EVP_DigestInit(&md, evp_md);
-		EVP_DigestUpdate(&md, data, datalen);
-		EVP_DigestFinal(&md, digest, &dlen);
 
+		md = EVP_MD_CTX_new();
+		if (md == NULL)
+			goto error;
+
+		EVP_DigestInit(md, evp_md);
+		EVP_DigestUpdate(md, data, datalen);
+		EVP_DigestFinal(md, digest, &dlen);
+
+		EVP_MD_CTX_free(md);
+
 		sig = ECDSA_do_sign(digest, dlen, keypair->ecdsa);
 		SecureZeroMemory(digest, sizeof(digest));
 
@@ -1594,8 +1730,9 @@
 			// TODO: error check
 			goto error;
 		}
-		buffer_put_bignum2(buf2, sig->r);
-		buffer_put_bignum2(buf2, sig->s);
+		ECDSA_SIG_get0(sig, &br, &bs);
+		buffer_put_bignum2(buf2, br);
+		buffer_put_bignum2(buf2, bs);
 		ECDSA_SIG_free(sig);
 
 		s = get_sshname_from_key(keypair);
@@ -1641,6 +1778,8 @@
 	buffer_t *msg = NULL;
 	Key *keypair;
 	char *s, *tmp;
+	BIGNUM *e = NULL, *n = NULL;
+	BIGNUM *p, *q, *g, *pub_key;
 
 	msg = buffer_init();
 	if (msg == NULL) {
@@ -1653,17 +1792,20 @@
 	switch (keypair->type) {
 	case KEY_RSA: // RSA
 		s = get_sshname_from_key(keypair);
+		RSA_get0_key(keypair->rsa, &n, &e, NULL);
 		buffer_put_string(msg, s, strlen(s));
-		buffer_put_bignum2(msg, keypair->rsa->e); // \x8C\xF6\x8AJ\x8Ew\x90\x94
-		buffer_put_bignum2(msg, keypair->rsa->n); // p\x81~q
+		buffer_put_bignum2(msg, e); // \x8C\xF6\x8AJ\x8Ew\x90\x94
+		buffer_put_bignum2(msg, n); // p\x81~q
 		break;
 	case KEY_DSA: // DSA
+		DSA_get0_pqg(keypair->dsa, &p, &q, &g);
+		DSA_get0_key(keypair->dsa, &pub_key, NULL);
 		s = get_sshname_from_key(keypair);
 		buffer_put_string(msg, s, strlen(s));
-		buffer_put_bignum2(msg, keypair->dsa->p); // \x91f\x90\x94
-		buffer_put_bignum2(msg, keypair->dsa->q); // (p-1)\x82̑f\x88\xF6\x90\x94
-		buffer_put_bignum2(msg, keypair->dsa->g); // \x90\xAE\x90\x94
-		buffer_put_bignum2(msg, keypair->dsa->pub_key); // \x8C\xF6\x8AJ\x8C\xAE
+		buffer_put_bignum2(msg, p); // \x91f\x90\x94
+		buffer_put_bignum2(msg, q); // (p-1)\x82̑f\x88\xF6\x90\x94
+		buffer_put_bignum2(msg, g); // \x90\xAE\x90\x94
+		buffer_put_bignum2(msg, pub_key); // \x8C\xF6\x8AJ\x8C\xAE
 		break;
 	case KEY_ECDSA256: // ECDSA
 	case KEY_ECDSA384:
@@ -1745,6 +1887,8 @@
 void key_private_serialize(Key *key, buffer_t *b)
 {
 	char *s;
+	BIGNUM *e, *n, *d, *iqmp, *p, *q;
+	BIGNUM *g, *pub_key, *priv_key;
 	
 	s = get_sshname_from_key(key);
 	buffer_put_cstring(b, s);
@@ -1751,20 +1895,26 @@
 
 	switch (key->type) {
 		case KEY_RSA:
-			buffer_put_bignum2(b, key->rsa->n);
-			buffer_put_bignum2(b, key->rsa->e);
-			buffer_put_bignum2(b, key->rsa->d);
-			buffer_put_bignum2(b, key->rsa->iqmp);
-			buffer_put_bignum2(b, key->rsa->p);
-			buffer_put_bignum2(b, key->rsa->q);
+			RSA_get0_key(key->rsa, &n, &e, &d);
+			RSA_get0_factors(key->rsa, &p, &q);
+			RSA_get0_crt_params(key->rsa, NULL, NULL, &iqmp);
+
+			buffer_put_bignum2(b, n);
+			buffer_put_bignum2(b, e);
+			buffer_put_bignum2(b, d);
+			buffer_put_bignum2(b, iqmp);
+			buffer_put_bignum2(b, p);
+			buffer_put_bignum2(b, q);
 			break;
 
 		case KEY_DSA:
-			buffer_put_bignum2(b, key->dsa->p);
-			buffer_put_bignum2(b, key->dsa->q);
-			buffer_put_bignum2(b, key->dsa->g);
-			buffer_put_bignum2(b, key->dsa->pub_key);
-			buffer_put_bignum2(b, key->dsa->priv_key);
+			DSA_get0_pqg(key->dsa, &p, &q, &g);
+			DSA_get0_key(key->dsa, &pub_key, &priv_key);
+			buffer_put_bignum2(b, p);
+			buffer_put_bignum2(b, q);
+			buffer_put_bignum2(b, g);
+			buffer_put_bignum2(b, pub_key);
+			buffer_put_bignum2(b, priv_key);
 			break;
 
 		case KEY_ECDSA256:
@@ -1791,6 +1941,7 @@
 {
 	BIGNUM *aux = NULL;
 	BN_CTX *ctx = NULL;
+	BIGNUM *e, *n, *d, *dmp1, *dmq1, *iqmp, *p, *q;
 
 	if ((aux = BN_new()) == NULL)
 		goto error;
@@ -1797,10 +1948,14 @@
 	if ((ctx = BN_CTX_new()) == NULL)
 		goto error;
 
-	if ((BN_sub(aux, rsa->q, BN_value_one()) == 0) ||
-	    (BN_mod(rsa->dmq1, rsa->d, aux, ctx) == 0) ||
-	    (BN_sub(aux, rsa->p, BN_value_one()) == 0) ||
-	    (BN_mod(rsa->dmp1, rsa->d, aux, ctx) == 0))
+	RSA_get0_key(rsa, &n, &e, &d);
+	RSA_get0_factors(rsa, &p, &q);
+	RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp);
+
+	if ((BN_sub(aux, q, BN_value_one()) == 0) ||
+	    (BN_mod(dmq1, d, aux, ctx) == 0) ||
+	    (BN_sub(aux, p, BN_value_one()) == 0) ||
+	    (BN_mod(dmp1, d, aux, ctx) == 0))
 		goto error;
 
 error:
@@ -1817,6 +1972,8 @@
 	Key *k = NULL;
 	unsigned int pklen, sklen;
 	int type;
+	BIGNUM *e, *n, *d, *dmp1, *dmq1, *iqmp, *p, *q;
+	BIGNUM *g, *pub_key, *priv_key;
 
 	type_name = buffer_get_string_msg(blob, NULL);
 	if (type_name == NULL)
@@ -1827,23 +1984,29 @@
 
 	switch (type) {
 		case KEY_RSA:
-			buffer_get_bignum2_msg(blob, k->rsa->n);
-			buffer_get_bignum2_msg(blob, k->rsa->e);
-			buffer_get_bignum2_msg(blob, k->rsa->d);
-			buffer_get_bignum2_msg(blob, k->rsa->iqmp);
-			buffer_get_bignum2_msg(blob, k->rsa->p);
-			buffer_get_bignum2_msg(blob, k->rsa->q);
+			RSA_get0_key(k->rsa, &n, &e, &d);
+			RSA_get0_factors(k->rsa, &p, &q);
+			RSA_get0_crt_params(k->rsa, &dmp1, &dmq1, &iqmp);
 
+			buffer_get_bignum2_msg(blob, n);
+			buffer_get_bignum2_msg(blob, e);
+			buffer_get_bignum2_msg(blob, d);
+			buffer_get_bignum2_msg(blob, iqmp);
+			buffer_get_bignum2_msg(blob, p);
+			buffer_get_bignum2_msg(blob, q);
+
 			/* Generate additional parameters */
 			rsa_generate_additional_parameters(k->rsa);
 			break;
 
 		case KEY_DSA:
-			buffer_get_bignum2_msg(blob, k->dsa->p);
-			buffer_get_bignum2_msg(blob, k->dsa->q);
-			buffer_get_bignum2_msg(blob, k->dsa->g);
-			buffer_get_bignum2_msg(blob, k->dsa->pub_key);
-			buffer_get_bignum2_msg(blob, k->dsa->priv_key);
+			DSA_get0_pqg(k->dsa, &p, &q, &g);
+			DSA_get0_key(k->dsa, &pub_key, &priv_key);
+			buffer_get_bignum2_msg(blob, p);
+			buffer_get_bignum2_msg(blob, q);
+			buffer_get_bignum2_msg(blob, g);
+			buffer_get_bignum2_msg(blob, pub_key);
+			buffer_get_bignum2_msg(blob, priv_key);
 			break;
 
 		case KEY_ECDSA256:

Modified: trunk/ttssh2/ttxssh/keyfiles.c
===================================================================
--- trunk/ttssh2/ttxssh/keyfiles.c	2019-10-16 12:06:58 UTC (rev 8315)
+++ trunk/ttssh2/ttxssh/keyfiles.c	2019-10-16 13:19:25 UTC (rev 8316)
@@ -69,24 +69,29 @@
 	BOOL OK = FALSE;
 	BIGNUM *r = BN_new();
 	BN_CTX *ctx = BN_CTX_new();
+	BIGNUM *e, *n, *d, *dmp1, *dmq1, *iqmp, *p, *q;
 
-	if (BN_cmp(key->p, key->q) < 0) {
-		BIGNUM *tmp = key->p;
+	e = n = d = dmp1 = dmq1 = iqmp = p = q = NULL;
 
-		key->p = key->q;
-		key->q = tmp;
+	RSA_get0_key(key, &n, &e, &d);
+	RSA_get0_factors(key, &p, &q);
+	RSA_get0_crt_params(key, &dmp1, &dmq1, &iqmp);
+
+	if (BN_cmp(p, q) < 0) {
+		BN_swap(p, q);
 	}
 
 	if (r != NULL && ctx != NULL) {
-		key->dmp1 = BN_new();
-		key->dmq1 = BN_new();
-		key->iqmp = BN_mod_inverse(NULL, key->q, key->p, ctx);
+		dmp1 = BN_new();
+		dmq1 = BN_new();
+		iqmp = BN_mod_inverse(NULL, q, p, ctx);
+		RSA_set0_crt_params(key, dmp1, dmq1, iqmp);
 
-		if (key->dmp1 != NULL && key->dmq1 != NULL && key->iqmp != NULL) {
-			OK = BN_sub(r, key->p, BN_value_one())
-			  && BN_mod(key->dmp1, key->d, r, ctx)
-			  && BN_sub(r, key->q, BN_value_one())
-			  && BN_mod(key->dmq1, key->d, r, ctx);
+		if (dmp1 != NULL && dmq1 != NULL && iqmp != NULL) {
+			OK = BN_sub(r, p, BN_value_one())
+			  && BN_mod(dmp1, d, r, ctx)
+			  && BN_sub(r, q, BN_value_one())
+			  && BN_mod(dmq1, d, r, ctx);
 		}
 	}
 
@@ -110,6 +115,7 @@
 	int cipher;
 	RSA *key;
 	unsigned int E_index, N_index, D_index, U_index, P_index, Q_index = 0;
+	BIGNUM *e, *n, *d, *p, *q;
 
 	*invalid_passphrase = FALSE;
 
@@ -294,11 +300,13 @@
 	}
 
 	key = RSA_new();
-	key->n = get_bignum(keyfile_data + N_index);
-	key->e = get_bignum(keyfile_data + E_index);
-	key->d = get_bignum(keyfile_data + D_index);
-	key->p = get_bignum(keyfile_data + P_index);
-	key->q = get_bignum(keyfile_data + Q_index);
+	n = get_bignum(keyfile_data + N_index);
+	e = get_bignum(keyfile_data + E_index);
+	d = get_bignum(keyfile_data + D_index);
+	RSA_set0_key(key, n, e, d);
+	p = get_bignum(keyfile_data + P_index);
+	q = get_bignum(keyfile_data + Q_index);
+	RSA_set0_factors(key, p, q);
 
 	if (!normalize_key(key)) {
 		UTIL_get_lang_msg("MSG_KEYFILES_CRYPTOLIB_ERROR", pvar,
@@ -373,7 +381,8 @@
 	int dlen, i;
 	SSH2Cipher *cipher;
 	size_t authlen;
-	EVP_CIPHER_CTX cipher_ctx;
+	EVP_CIPHER_CTX *cipher_ctx = NULL;
+	int ret;
 
 	blob = buffer_init();
 	b = buffer_init();
@@ -380,7 +389,9 @@
 	kdf = buffer_init();
 	encoded = buffer_init();
 	copy_consumed = buffer_init();
-	if (blob == NULL || b == NULL || kdf == NULL || encoded == NULL || copy_consumed == NULL)
+	cipher_ctx = EVP_CIPHER_CTX_new();
+
+	if (blob == NULL || b == NULL || kdf == NULL || encoded == NULL || copy_consumed == NULL || cipher_ctx == NULL)
 		goto error;
 
 	// \x83t\x83@\x83C\x83\x8B\x82\xF0\x82\xB7\x82ׂēǂݍ\x9E\x82\xDE
@@ -541,13 +552,14 @@
 
 	// \x95\x9C\x8D\x86\x89\xBB
 	cp = buffer_append_space(b, len);
-	cipher_init_SSH2(&cipher_ctx, key, keylen, key + keylen, ivlen, CIPHER_DECRYPT, 
+	cipher_init_SSH2(cipher_ctx, key, keylen, key + keylen, ivlen, CIPHER_DECRYPT, 
 		get_cipher_EVP_CIPHER(cipher), 0, 0, pvar);
-	if (EVP_Cipher(&cipher_ctx, cp, buffer_tail_ptr(copy_consumed), len) == 0) {
-		cipher_cleanup_SSH2(&cipher_ctx);
+	ret = EVP_Cipher(cipher_ctx, cp, buffer_tail_ptr(copy_consumed), len);
+	if (ret == 0) {
+		cipher_cleanup_SSH2(cipher_ctx);
 		goto error;
 	}
-	cipher_cleanup_SSH2(&cipher_ctx);
+	cipher_cleanup_SSH2(cipher_ctx);
 	buffer_consume(copy_consumed, len);
 
 	if (buffer_remain_len(copy_consumed) != 0) {
@@ -603,6 +615,10 @@
 	free(salt);
 	free(comment);
 
+	if (cipher_ctx) {
+		EVP_CIPHER_CTX_free(cipher_ctx);
+	}
+
 	// KDF \x82ł͂Ȃ\xA9\x82\xC1\x82\xBD
 	if (keyfmt == NULL) {
 		fseek(fp, 0, SEEK_SET);
@@ -628,6 +644,7 @@
 	Key *result = NULL;
 	EVP_PKEY *pk = NULL;
 	unsigned long err = 0;
+	int pk_type;
 
 	OpenSSL_add_all_algorithms();
 	ERR_load_crypto_strings();
@@ -649,7 +666,8 @@
 		goto error;
 	}
 
-	switch (pk->type) {
+	pk_type = EVP_PKEY_id(pk);
+	switch (pk_type) {
 	case EVP_PKEY_RSA: // RSA key
 		result->type = KEY_RSA;
 		result->rsa = EVP_PKEY_get1_RSA(pk);
@@ -913,37 +931,54 @@
 	// decrypt prikey with aes256-cbc
 	if (strcmp(encname, "aes256-cbc") == 0) {
 		const EVP_MD *md = EVP_sha1();
-		EVP_MD_CTX ctx;
+		EVP_MD_CTX *ctx = NULL;
 		unsigned char key[40], iv[32];
-		EVP_CIPHER_CTX cipher_ctx;
+		EVP_CIPHER_CTX *cipher_ctx = NULL;
 		char *decrypted = NULL;
+		int ret;
 
-		EVP_DigestInit(&ctx, md);
-		EVP_DigestUpdate(&ctx, "\0\0\0\0", 4);
-		EVP_DigestUpdate(&ctx, passphrase, strlen(passphrase));
-		EVP_DigestFinal(&ctx, key, &len);
+		ctx = EVP_MD_CTX_new();
+		if (ctx == NULL) {
+			goto error;
+		}
 
-		EVP_DigestInit(&ctx, md);
-		EVP_DigestUpdate(&ctx, "\0\0\0\1", 4);
-		EVP_DigestUpdate(&ctx, passphrase, strlen(passphrase));
-		EVP_DigestFinal(&ctx, key + 20, &len);
+		cipher_ctx = EVP_CIPHER_CTX_new();
+		if (ctx == NULL) {
+			EVP_MD_CTX_free(ctx);
+			goto error;
+		}
 
+		EVP_DigestInit(ctx, md);
+		EVP_DigestUpdate(ctx, "\0\0\0\0", 4);
+		EVP_DigestUpdate(ctx, passphrase, strlen(passphrase));
+		EVP_DigestFinal(ctx, key, &len);
+
+		EVP_DigestInit(ctx, md);
+		EVP_DigestUpdate(ctx, "\0\0\0\1", 4);
+		EVP_DigestUpdate(ctx, passphrase, strlen(passphrase));
+		EVP_DigestFinal(ctx, key + 20, &len);
+
+		EVP_MD_CTX_free(ctx);
+
 		memset(iv, 0, sizeof(iv));
 
 		// decrypt
-		cipher_init_SSH2(&cipher_ctx, key, 32, iv, 16, CIPHER_DECRYPT, EVP_aes_256_cbc(), 0, 0, pvar);
+		cipher_init_SSH2(cipher_ctx, key, 32, iv, 16, CIPHER_DECRYPT, EVP_aes_256_cbc(), 0, 0, pvar);
 		len = buffer_len(prikey);
 		decrypted = (char *)malloc(len);
-		if (EVP_Cipher(&cipher_ctx, decrypted, prikey->buf, len) == 0) {
+		ret = EVP_Cipher(cipher_ctx, decrypted, prikey->buf, len);
+		if (ret == 0) {
 			strncpy_s(errmsg, errmsg_len, "Key decrypt error", _TRUNCATE);
 			free(decrypted);
-			cipher_cleanup_SSH2(&cipher_ctx);
+			cipher_cleanup_SSH2(cipher_ctx);
+			EVP_CIPHER_CTX_free(cipher_ctx);
 			goto error;
 		}
 		buffer_clear(prikey);
 		buffer_append(prikey, decrypted, len);
 		free(decrypted);
-		cipher_cleanup_SSH2(&cipher_ctx);
+		cipher_cleanup_SSH2(cipher_ctx);
+		EVP_CIPHER_CTX_free(cipher_ctx);
 	}
 
 	// verity MAC
@@ -972,44 +1007,63 @@
 		unsigned char mackey[20];
 		char header[] = "putty-private-key-file-mac-key";
 		const EVP_MD *md = EVP_sha1();
-		EVP_MD_CTX ctx;
+		EVP_MD_CTX *ctx = NULL;
 
-		EVP_DigestInit(&ctx, md);
-		EVP_DigestUpdate(&ctx, header, sizeof(header)-1);
+		ctx = EVP_MD_CTX_new();
+		if (ctx == NULL) {
+			goto error;
+		}
+
+		EVP_DigestInit(ctx, md);
+		EVP_DigestUpdate(ctx, header, sizeof(header)-1);
 		len = strlen(passphrase);
 		if (strcmp(encname, "aes256-cbc") == 0 && len > 0) {
-			EVP_DigestUpdate(&ctx, passphrase, len);
+			EVP_DigestUpdate(ctx, passphrase, len);
 		}
-		EVP_DigestFinal(&ctx, mackey, &len);
+		EVP_DigestFinal(ctx, mackey, &len);
+		EVP_MD_CTX_free(ctx);
 
 		//hmac_sha1_simple(mackey, sizeof(mackey), macdata->buf, macdata->len, binary);
 		{
-		EVP_MD_CTX ctx[2];
+		EVP_MD_CTX *ctx[2] = {0, 0};
 		unsigned char intermediate[20];
 		unsigned char foo[64];
 		int i;
 
+		ctx[0] = EVP_MD_CTX_new();
+		if (ctx[0] == NULL) {
+			goto error;
+		}
+		ctx[1] = EVP_MD_CTX_new();
+		if (ctx[1] == NULL) {
+			EVP_MD_CTX_free(ctx[0]);
+			goto error;
+		}
+
 		memset(foo, 0x36, sizeof(foo));
 		for (i = 0; i < sizeof(mackey) && i < sizeof(foo); i++) {
 			foo[i] ^= mackey[i];
 		}
-		EVP_DigestInit(&ctx[0], md);
-		EVP_DigestUpdate(&ctx[0], foo, sizeof(foo));
+		EVP_DigestInit(ctx[0], md);
+		EVP_DigestUpdate(ctx[0], foo, sizeof(foo));
 
 		memset(foo, 0x5C, sizeof(foo));
 		for (i = 0; i < sizeof(mackey) && i < sizeof(foo); i++) {
 			foo[i] ^= mackey[i];
 		}
-		EVP_DigestInit(&ctx[1], md);
-		EVP_DigestUpdate(&ctx[1], foo, sizeof(foo));
+		EVP_DigestInit(ctx[1], md);
+		EVP_DigestUpdate(ctx[1], foo, sizeof(foo));
 
 		memset(foo, 0, sizeof(foo));
 
-		EVP_DigestUpdate(&ctx[0], macdata->buf, macdata->len);
-		EVP_DigestFinal(&ctx[0], intermediate, &len);
+		EVP_DigestUpdate(ctx[0], macdata->buf, macdata->len);
+		EVP_DigestFinal(ctx[0], intermediate, &len);
 
-		EVP_DigestUpdate(&ctx[1], intermediate, sizeof(intermediate));
-		EVP_DigestFinal(&ctx[1], binary, &len);
+		EVP_DigestUpdate(ctx[1], intermediate, sizeof(intermediate));
+		EVP_DigestFinal(ctx[1], binary, &len);
+
+		EVP_MD_CTX_free(ctx[0]);
+		EVP_MD_CTX_free(ctx[1]);
 		}
 
 		memset(mackey, 0, sizeof(mackey));
@@ -1044,6 +1098,8 @@
 	case KEY_RSA:
 	{
 		char *pubkey_type, *pub, *pri;
+		BIGNUM *e, *n, *d, *iqmp, *p, *q;
+
 		pub = pubkey->buf;
 		pri = prikey->buf;
 		pubkey_type = buffer_get_string(&pub, NULL);
@@ -1059,29 +1115,32 @@
 			strncpy_s(errmsg, errmsg_len, "key init error", _TRUNCATE);
 			goto error;
 		}
-		result->rsa->e = BN_new();
-		result->rsa->n = BN_new();
-		result->rsa->d = BN_new();
-		result->rsa->p = BN_new();
-		result->rsa->q = BN_new();
-		result->rsa->iqmp = BN_new();
-		if (result->rsa->e == NULL ||
-		    result->rsa->n == NULL ||
-		    result->rsa->d == NULL ||
-		    result->rsa->p == NULL ||
-		    result->rsa->q == NULL ||
-		    result->rsa->iqmp == NULL) {
+		e = BN_new();
+		n = BN_new();
+		d = BN_new();
+		RSA_set0_key(result->rsa, n, e, d);
+		p = BN_new();
+		q = BN_new();
+		RSA_set0_factors(result->rsa, p, q);
+		iqmp = BN_new();
+		RSA_set0_crt_params(result->rsa, NULL, NULL, iqmp);
+		if (e == NULL ||
+		    n == NULL ||
+		    d == NULL ||
+		    p == NULL ||
+		    q == NULL ||
+		    iqmp == NULL) {
 			strncpy_s(errmsg, errmsg_len, "key init error", _TRUNCATE);
 			goto error;
 		}
 
-		buffer_get_bignum2(&pub, result->rsa->e);
-		buffer_get_bignum2(&pub, result->rsa->n);
+		buffer_get_bignum2(&pub, e);
+		buffer_get_bignum2(&pub, n);
 
-		buffer_get_bignum2(&pri, result->rsa->d);
-		buffer_get_bignum2(&pri, result->rsa->p);
-		buffer_get_bignum2(&pri, result->rsa->q);
-		buffer_get_bignum2(&pri, result->rsa->iqmp);
+		buffer_get_bignum2(&pri, d);
+		buffer_get_bignum2(&pri, p);
+		buffer_get_bignum2(&pri, q);
+		buffer_get_bignum2(&pri, iqmp);
 
 		break;
 	}
@@ -1088,6 +1147,8 @@
 	case KEY_DSA:
 	{
 		char *pubkey_type, *pub, *pri;
+		BIGNUM *p, *q, *g, *pub_key, *priv_key;
+
 		pub = pubkey->buf;
 		pri = prikey->buf;
 		pubkey_type = buffer_get_string(&pub, NULL);
@@ -1103,26 +1164,28 @@
 			strncpy_s(errmsg, errmsg_len, "key init error", _TRUNCATE);
 			goto error;
 		}
-		result->dsa->p = BN_new();
-		result->dsa->q = BN_new();
-		result->dsa->g = BN_new();
-		result->dsa->pub_key = BN_new();
-		result->dsa->priv_key = BN_new();
-		if (result->dsa->p == NULL ||
-		    result->dsa->q == NULL ||
-		    result->dsa->g == NULL ||
-		    result->dsa->pub_key == NULL ||
-		    result->dsa->priv_key == NULL) {
+		p = BN_new();
+		q = BN_new();
+		g = BN_new();
+		DSA_set0_pqg(result->dsa, p, q, g);
+		pub_key = BN_new();
+		priv_key = BN_new();
+		DSA_set0_key(result->dsa, pub_key, priv_key);
+		if (p == NULL ||
+		    q == NULL ||
+		    g == NULL ||
+		    pub_key == NULL ||
+		    priv_key == NULL) {
 			strncpy_s(errmsg, errmsg_len, "key init error", _TRUNCATE);
 			goto error;
 		}
 
-		buffer_get_bignum2(&pub, result->dsa->p);
-		buffer_get_bignum2(&pub, result->dsa->q);
-		buffer_get_bignum2(&pub, result->dsa->g);
-		buffer_get_bignum2(&pub, result->dsa->pub_key);
+		buffer_get_bignum2(&pub, p);
+		buffer_get_bignum2(&pub, q);
+		buffer_get_bignum2(&pub, g);
+		buffer_get_bignum2(&pub, pub_key);
 
-		buffer_get_bignum2(&pri, result->dsa->priv_key);
+		buffer_get_bignum2(&pri, priv_key);
 
 		break;
 	}
@@ -1451,9 +1514,16 @@
 	if (strcmp(encname, "3des-cbc") == 0) {
 		MD5_CTX md;
 		unsigned char key[32], iv[16];
-		EVP_CIPHER_CTX cipher_ctx;
+		EVP_CIPHER_CTX *cipher_ctx = NULL;
 		char *decrypted = NULL;
+		int ret;
 
+		cipher_ctx = EVP_CIPHER_CTX_new();
+		if (cipher_ctx == NULL) {
+			strncpy_s(errmsg, errmsg_len, "Out of memory: EVP_CIPHER_CTX_new()", _TRUNCATE);
+			goto error;
+		}
+
 		MD5_Init(&md);
 		MD5_Update(&md, passphrase, strlen(passphrase));
 		MD5_Final(key, &md);
@@ -1466,16 +1536,19 @@
 		memset(iv, 0, sizeof(iv));
 
 		// decrypt
-		cipher_init_SSH2(&cipher_ctx, key, 24, iv, 8, CIPHER_DECRYPT, EVP_des_ede3_cbc(), 0, 0, pvar);
+		cipher_init_SSH2(cipher_ctx, key, 24, iv, 8, CIPHER_DECRYPT, EVP_des_ede3_cbc(), 0, 0, pvar);
 		decrypted = (char *)malloc(len);
-		if (EVP_Cipher(&cipher_ctx, decrypted, blob->buf + blob->offset, len) == 0) {
+		ret = EVP_Cipher(cipher_ctx, decrypted, blob->buf + blob->offset, len);
+		if (ret == 0) {
 			strncpy_s(errmsg, errmsg_len, "Key decrypt error", _TRUNCATE);
-			cipher_cleanup_SSH2(&cipher_ctx);
+			cipher_cleanup_SSH2(cipher_ctx);
+			EVP_CIPHER_CTX_free(cipher_ctx);
 			goto error;
 		}
 		buffer_append(blob2, decrypted, len);
 		free(decrypted);
-		cipher_cleanup_SSH2(&cipher_ctx);
+		cipher_cleanup_SSH2(cipher_ctx);
+		EVP_CIPHER_CTX_free(cipher_ctx);
 
 		*invalid_passphrase = TRUE;
 	}
@@ -1493,33 +1566,38 @@
 	switch (result->type) {
 	case KEY_RSA:
 	{
+		BIGNUM *e, *n, *d, *iqmp, *p, *q;
+
 		result->rsa = RSA_new();
 		if (result->rsa == NULL) {
 			strncpy_s(errmsg, errmsg_len, "key init error", _TRUNCATE);
 			goto error;
 		}
-		result->rsa->e = BN_new();
-		result->rsa->n = BN_new();
-		result->rsa->d = BN_new();
-		result->rsa->p = BN_new();
-		result->rsa->q = BN_new();
-		result->rsa->iqmp = BN_new();
-		if (result->rsa->e == NULL ||
-		    result->rsa->n == NULL ||
-		    result->rsa->d == NULL ||
-		    result->rsa->p == NULL ||
-		    result->rsa->q == NULL ||
-		    result->rsa->iqmp == NULL) {
+		e = BN_new();
+		n = BN_new();
+		d = BN_new();
+		RSA_set0_key(result->rsa, n, e, d);
+		p = BN_new();
+		q = BN_new();
+		RSA_set0_factors(result->rsa, p, q);
+		iqmp = BN_new();
+		RSA_set0_crt_params(result->rsa, NULL, NULL, iqmp);
+		if (e == NULL ||
+		    n == NULL ||
+		    d == NULL ||
+		    p == NULL ||
+		    q == NULL ||
+		    iqmp == NULL) {
 			strncpy_s(errmsg, errmsg_len, "key init error", _TRUNCATE);
 			goto error;
 		}
 
-		buffer_get_bignum_SECSH(blob2, result->rsa->e);
-		buffer_get_bignum_SECSH(blob2, result->rsa->d);
-		buffer_get_bignum_SECSH(blob2, result->rsa->n);
-		buffer_get_bignum_SECSH(blob2, result->rsa->iqmp);
-		buffer_get_bignum_SECSH(blob2, result->rsa->p);
-		buffer_get_bignum_SECSH(blob2, result->rsa->q);
+		buffer_get_bignum_SECSH(blob2, e);
+		buffer_get_bignum_SECSH(blob2, d);
+		buffer_get_bignum_SECSH(blob2, n);
+		buffer_get_bignum_SECSH(blob2, iqmp);
+		buffer_get_bignum_SECSH(blob2, p);
+		buffer_get_bignum_SECSH(blob2, q);
 
 		break;
 	}
@@ -1526,6 +1604,7 @@
 	case KEY_DSA:
 	{
 		int param;
+		BIGNUM *p, *q, *g, *pub_key, *priv_key;
 
 		result->dsa = DSA_new();
 		if (result->dsa == NULL) {
@@ -1532,16 +1611,18 @@
 			strncpy_s(errmsg, errmsg_len, "key init error", _TRUNCATE);
 			goto error;
 		}
-		result->dsa->p = BN_new();
-		result->dsa->q = BN_new();
-		result->dsa->g = BN_new();
-		result->dsa->pub_key = BN_new();
-		result->dsa->priv_key = BN_new();
-		if (result->dsa->p == NULL ||
-		    result->dsa->q == NULL ||
-		    result->dsa->g == NULL ||
-		    result->dsa->pub_key == NULL ||
-		    result->dsa->priv_key == NULL) {
+		p = BN_new();
+		q = BN_new();
+		g = BN_new();
+		DSA_set0_pqg(result->dsa, p, q, g);
+		pub_key = BN_new();
+		priv_key = BN_new();
+		DSA_set0_key(result->dsa, pub_key, priv_key);
+		if (p == NULL ||
+		    q == NULL ||
+		    g == NULL ||
+		    pub_key == NULL ||
+		    priv_key == NULL) {
 			strncpy_s(errmsg, errmsg_len, "key init error", _TRUNCATE);
 			goto error;
 		}
@@ -1551,11 +1632,11 @@
 			strncpy_s(errmsg, errmsg_len, "predefined DSA parameters not supported", _TRUNCATE);
 			goto error;
 		}
-		buffer_get_bignum_SECSH(blob2, result->dsa->p);
-		buffer_get_bignum_SECSH(blob2, result->dsa->g);
-		buffer_get_bignum_SECSH(blob2, result->dsa->q);
-		buffer_get_bignum_SECSH(blob2, result->dsa->pub_key);
-		buffer_get_bignum_SECSH(blob2, result->dsa->priv_key);
+		buffer_get_bignum_SECSH(blob2, p);
+		buffer_get_bignum_SECSH(blob2, g);
+		buffer_get_bignum_SECSH(blob2, q);
+		buffer_get_bignum_SECSH(blob2, pub_key);
+		buffer_get_bignum_SECSH(blob2, priv_key);
 
 		break;
 	}

Modified: trunk/ttssh2/ttxssh/ssh.c
===================================================================
--- trunk/ttssh2/ttxssh/ssh.c	2019-10-16 12:06:58 UTC (rev 8315)
+++ trunk/ttssh2/ttxssh/ssh.c	2019-10-16 13:19:25 UTC (rev 8316)
@@ -2584,23 +2584,33 @@
 			}
 		}
 		else if (pvar->auth_state.cur_cred.method == SSH_AUTH_PAGEANT) {
-			int server_key_bits = BN_num_bits(pvar->crypt_state.server_key.RSA_key->n);
-			int host_key_bits = BN_num_bits(pvar->crypt_state.host_key.RSA_key->n);
-			int server_key_bytes = (server_key_bits + 7) / 8;
-			int host_key_bytes = (host_key_bits + 7) / 8;
-			int session_buf_len = server_key_bytes + host_key_bytes + 8;
-			char *session_buf = (char *) malloc(session_buf_len);
+			int server_key_bits;
+			int host_key_bits;
+			int server_key_bytes;
+			int host_key_bytes;
+			int session_buf_len;
+			char *session_buf;
 			unsigned char session_id[16];
 
 			unsigned char *hash;
 			int pubkeylen, hashlen;
+			BIGNUM *server_n, *host_n;
 
+			RSA_get0_key(pvar->crypt_state.server_key.RSA_key, &server_n, NULL, NULL);
+			RSA_get0_key(pvar->crypt_state.host_key.RSA_key, &host_n, NULL, NULL);
+			server_key_bits = BN_num_bits(server_n);
+			host_key_bits = BN_num_bits(host_n);
+			server_key_bytes = (server_key_bits + 7) / 8;
+			host_key_bytes = (host_key_bits + 7) / 8;
+			session_buf_len = server_key_bytes + host_key_bytes + 8;
+			session_buf = (char FAR *) malloc(session_buf_len);
+
 			/* Pageant \x82Ƀn\x83b\x83V\x83\x85\x82\xF0\x8Cv\x8EZ\x82\xB5\x82Ă\xE0\x82炤 */
 			// \x8C\xF6\x8AJ\x8C\xAE\x82̒\xB7\x82\xB3
 			pubkeylen = putty_get_ssh1_keylen(pvar->pageant_curkey, pvar->pageant_keylistlen);
 			// \x83Z\x83b\x83V\x83\x87\x83\x93ID\x82\xF0\x8D쐬
-			BN_bn2bin(pvar->crypt_state.host_key.RSA_key->n, session_buf);
-			BN_bn2bin(pvar->crypt_state.server_key.RSA_key->n, session_buf + host_key_bytes);
+			BN_bn2bin(host_n, session_buf);
+			BN_bn2bin(server_n, session_buf + host_key_bytes);
 			memcpy(session_buf + server_key_bytes + host_key_bytes, pvar->crypt_state.server_cookie, 8);
 			MD5(session_buf, session_buf_len, session_id);
 			// \x83n\x83b\x83V\x83\x85\x82\xF0\x8E󂯎\xE6\x82\xE9
@@ -2626,6 +2636,8 @@
 
 static void try_send_credentials(PTInstVar pvar)
 {
+	BIGNUM *e, *n;
+
 	if ((pvar->ssh_state.status_flags & STATUS_DONT_SEND_CREDENTIALS) == 0) {
 		AUTHCred *cred = AUTH_get_cur_cred(pvar);
 		static const int RSA_msgs[] =
@@ -2676,27 +2688,35 @@
 				break;
 			}
 		case SSH_AUTH_RSA:{
-				int len = BN_num_bytes(cred->key_pair->rsa->n);
-				unsigned char *outmsg =
-					begin_send_packet(pvar, SSH_CMSG_AUTH_RSA, 2 + len);
+				int len;
+				unsigned char *outmsg;
 
+				RSA_get0_key(cred->key_pair->rsa, &n, NULL, NULL);
+				len = BN_num_bytes(n);
+				outmsg = begin_send_packet(pvar, SSH_CMSG_AUTH_RSA, 2 + len);
+
 				logputs(LOG_LEVEL_VERBOSE, "Trying RSA authentication...");
 
 				set_ushort16_MSBfirst(outmsg, len * 8);
-				BN_bn2bin(cred->key_pair->rsa->n, outmsg + 2);
+				BN_bn2bin(n, outmsg + 2);
 				/* don't destroy the current credentials yet */
 				enque_handlers(pvar, 2, RSA_msgs, RSA_handlers);
 				break;
 			}
 		case SSH_AUTH_RHOSTS_RSA:{
-				int mod_len = BN_num_bytes(cred->key_pair->rsa->n);
-				int name_len = strlen(cred->rhosts_client_user);
-				int exp_len = BN_num_bytes(cred->key_pair->rsa->e);
+				int mod_len;
+				int name_len;
+				int exp_len;
 				int index;
-				unsigned char *outmsg =
-					begin_send_packet(pvar, SSH_CMSG_AUTH_RHOSTS_RSA,
-					                  12 + mod_len + name_len + exp_len);
+				unsigned char *outmsg;
 
+				RSA_get0_key(cred->key_pair->rsa, &n, &e, NULL);
+				mod_len = BN_num_bytes(n);
+				name_len = strlen(cred->rhosts_client_user);
+				exp_len = BN_num_bytes(e);
+				outmsg = begin_send_packet(pvar, SSH_CMSG_AUTH_RHOSTS_RSA,
+					                       12 + mod_len + name_len + exp_len);
+
 				logputs(LOG_LEVEL_VERBOSE, "Trying RHOSTS+RSA authentication...");
 
 				set_uint32(outmsg, name_len);
@@ -2705,11 +2725,11 @@
 
 				set_uint32(outmsg + index, 8 * mod_len);
 				set_ushort16_MSBfirst(outmsg + index + 4, 8 * exp_len);
-				BN_bn2bin(cred->key_pair->rsa->e, outmsg + index + 6);
+				BN_bn2bin(e, outmsg + index + 6);
 				index += 6 + exp_len;
 
 				set_ushort16_MSBfirst(outmsg + index, 8 * mod_len);
-				BN_bn2bin(cred->key_pair->rsa->n, outmsg + index + 2);
+				BN_bn2bin(n, outmsg + index + 2);
 				/* don't destroy the current credentials yet */
 				enque_handlers(pvar, 2, RSA_msgs, RSA_handlers);
 				break;
@@ -5407,6 +5427,7 @@
 	buffer_t *msg = NULL;
 	unsigned char *outmsg;
 	int len;
+	BIGNUM *pub_key;
 
 	// Diffie-Hellman key agreement
 	switch (pvar->kex_type) {
@@ -5437,7 +5458,8 @@
 		return;
 	}
 
-	buffer_put_bignum2(msg, dh->pub_key);
+	DH_get0_key(dh, &pub_key, NULL);
+	buffer_put_bignum2(msg, pub_key);
 
 	len = buffer_len(msg);
 	outmsg = begin_send_packet(pvar, SSH2_MSG_KEXDH_INIT, len);
@@ -5579,6 +5601,7 @@
 	buffer_t *msg = NULL;
 	unsigned char *outmsg;
 	char tmpbuf[256];
+	BIGNUM *pub_key;
 
 	logputs(LOG_LEVEL_VERBOSE, "SSH2_MSG_KEX_DH_GEX_GROUP was received.");
 
@@ -5653,8 +5676,7 @@
 	dh = DH_new();
 	if (dh == NULL)
 		goto error;
-	dh->p = p;
-	dh->g = g;
+	DH_set0_pqg(dh, p, NULL, g);
 
 	// \x94閧\x82ɂ\xB7\x82ׂ\xAB\x97\x90\x90\x94(X)\x82𐶐\xAC
 	dh_gen_key(pvar, dh, pvar->we_need);
@@ -5664,7 +5686,8 @@
 	if (msg == NULL) {
 		goto error;
 	}
-	buffer_put_bignum2(msg, dh->pub_key);
+	DH_get0_key(dh, &pub_key, NULL);
+	buffer_put_bignum2(msg, pub_key);
 	len = buffer_len(msg);
 	outmsg = begin_send_packet(pvar, SSH2_MSG_KEX_DH_GEX_INIT, len);
 	memcpy(outmsg, buffer_ptr(msg), len);
@@ -5679,9 +5702,14 @@
 	pvar->kexdh = dh;
 
 	{
-		push_bignum_memdump("DH_GEX_GROUP", "p", dh->p);
-		push_bignum_memdump("DH_GEX_GROUP", "g", dh->g);
-		push_bignum_memdump("DH_GEX_GROUP", "pub_key", dh->pub_key);
+		BIGNUM *p, *q, *pub_key;
+
+		DH_get0_pqg(dh, &p, &q, NULL);
+		DH_get0_key(dh, &pub_key, NULL);
+
+		push_bignum_memdump("DH_GEX_GROUP", "p", p);
+		push_bignum_memdump("DH_GEX_GROUP", "g", g);
+		push_bignum_memdump("DH_GEX_GROUP", "pub_key", pub_key);
 	}
 
 	SSH2_dispatch_init(2);
@@ -5710,17 +5738,22 @@
 	const EC_GROUP *group;
 	buffer_t *msg = NULL;
 	unsigned char *outmsg;
-	int len;
+	int len, ret;
+	char buf[128];
 
 	client_key = EC_KEY_new();
 	if (client_key == NULL) {
+		_snprintf_s(buf, sizeof(buf), _TRUNCATE, "%s: EC_KEY_new was failed", __FUNCTION__);
 		goto error;
 	}
 	client_key = EC_KEY_new_by_curve_name(kextype_to_cipher_nid(pvar->kex_type));
 	if (client_key == NULL) {
+		_snprintf_s(buf, sizeof(buf), _TRUNCATE, "%s: EC_KEY_new_by_curve_name was failed", __FUNCTION__);
 		goto error;
 	}
-	if (EC_KEY_generate_key(client_key) != 1) {
+	ret = EC_KEY_generate_key(client_key);
+	if (ret != 1) {
+		_snprintf_s(buf, sizeof(buf), _TRUNCATE, "%s: EC_KEY_generate_key was failed(ret %d)", __FUNCTION__, ret);
 		goto error;
 	}
 	group = EC_KEY_get0_group(client_key);
@@ -5728,9 +5761,9 @@
 
 	msg = buffer_init();
 	if (msg == NULL) {
-		// TODO: error check
 		logprintf(LOG_LEVEL_ERROR, "%s: buffer_init returns NULL.", __FUNCTION__);
-		return;
+		_snprintf_s(buf, sizeof(buf), _TRUNCATE, "%s: buffer_init was failed", __FUNCTION__);
+		goto error;
 	}
 
 	buffer_put_ecpoint(msg, group, EC_KEY_get0_public_key(client_key));
@@ -5759,7 +5792,7 @@
 	EC_KEY_free(client_key);
 	buffer_free(msg);
 
-	notify_fatal_error(pvar, "error occurred @ SSH2_ecdh_kex_init()", TRUE);
+	notify_fatal_error(pvar, buf, TRUE);
 }
 
 
@@ -5805,9 +5838,11 @@
 	if ((ret = key_verify(hostkey, signature, siglen, hash, hashlen)) != 1) {
 		if (ret == -3 && hostkey->type == KEY_RSA) {
 			if (!pvar->settings.EnableRsaShortKeyServer) {
+				BIGNUM *n;
+				RSA_get0_key(hostkey->rsa, &n, NULL, NULL);
 				_snprintf_s(emsg, sizeof(emsg), _TRUNCATE,
 					"%s: key verify error. remote rsa key length is too short (%d-bit)", __FUNCTION__,
-					BN_num_bits(hostkey->rsa->n));
+					BN_num_bits(n));
 			}
 			else {
 				goto cont;
@@ -6025,6 +6060,7 @@
 	int hashlen;
 	Key *hostkey = NULL;  // hostkey
 	BOOL result = FALSE;
+	BIGNUM *pub_key;
 
 	logputs(LOG_LEVEL_VERBOSE, "SSH2_MSG_KEXDH_REPLY is continued after known_hosts.");
 
@@ -6103,6 +6139,7 @@
 
 	// \x83n\x83b\x83V\x83\x85\x82̌v\x8EZ
 	/* calc and verify H */
+	DH_get0_key(pvar->kexdh, &pub_key, NULL);
 	hash = kex_dh_hash(
 		get_kex_algorithm_EVP_MD(pvar->kex_type),
 		pvar->client_version_string,
@@ -6110,7 +6147,7 @@
 		buffer_ptr(pvar->my_kex), buffer_len(pvar->my_kex),
 		buffer_ptr(pvar->peer_kex), buffer_len(pvar->peer_kex),
 		server_host_key_blob, bloblen,
-		pvar->kexdh->pub_key,
+		pub_key,
 		server_public,
 		share_key,
 		&hashlen);
@@ -6126,7 +6163,8 @@
 	}
 
 	// TTSSH\x83o\x81[\x83W\x83\x87\x83\x93\x8F\xEE\x95\xF1\x82ɕ\\x8E\xA6\x82\xB7\x82\xE9\x83L\x81[\x83r\x83b\x83g\x90\x94\x82\xF0\x8B\x81\x82߂Ă\xA8\x82\xAD
-	pvar->client_key_bits = BN_num_bits(pvar->kexdh->pub_key);
+	DH_get0_key(pvar->kexdh, &pub_key, NULL);
+	pvar->client_key_bits = BN_num_bits(pub_key);
 	pvar->server_key_bits = BN_num_bits(server_public);
 
 	result = ssh2_kex_finish(pvar, hash, hashlen, share_key, hostkey, signature, siglen);
@@ -6180,7 +6218,7 @@
 	Key *hostkey = NULL;  // hostkey
 	BOOL result = FALSE;
 	int ret;
-
+	
 	logputs(LOG_LEVEL_VERBOSE, "SSH2_MSG_KEX_DH_GEX_REPLY was received.");
 
 	memset(&hostkey, 0, sizeof(hostkey));
@@ -6287,6 +6325,8 @@
 	int hashlen;
 	Key *hostkey = NULL;  // hostkey
 	BOOL result = FALSE;
+	BIGNUM *p, *g;
+	BIGNUM *pub_key;
 
 	logputs(LOG_LEVEL_VERBOSE, "SSH2_MSG_KEX_DH_GEX_REPLY is continued after known_hosts.");
 
@@ -6371,6 +6411,8 @@
 
 	// \x83n\x83b\x83V\x83\x85\x82̌v\x8EZ
 	/* calc and verify H */
+	DH_get0_pqg(pvar->kexdh, &p, NULL, &g);
+	DH_get0_key(pvar->kexdh, &pub_key, NULL);
 	hash = kex_dh_gex_hash(
 		get_kex_algorithm_EVP_MD(pvar->kex_type),
 		pvar->client_version_string,
@@ -6381,9 +6423,9 @@
 		pvar->kexgex_min,
 		pvar->kexgex_bits,
 		pvar->kexgex_max,
-		pvar->kexdh->p,
-		pvar->kexdh->g,
-		pvar->kexdh->pub_key,
+		p,
+		g,
+		pub_key,
 		server_public,
 		share_key,
 		&hashlen);
@@ -6399,7 +6441,8 @@
 	}
 
 	// TTSSH\x83o\x81[\x83W\x83\x87\x83\x93\x8F\xEE\x95\xF1\x82ɕ\\x8E\xA6\x82\xB7\x82\xE9\x83L\x81[\x83r\x83b\x83g\x90\x94\x82\xF0\x8B\x81\x82߂Ă\xA8\x82\xAD
-	pvar->client_key_bits = BN_num_bits(pvar->kexdh->pub_key);
+	DH_get0_key(pvar->kexdh, &pub_key, NULL);
+	pvar->client_key_bits = BN_num_bits(pub_key);
 	pvar->server_key_bits = BN_num_bits(server_public);
 
 	result = ssh2_kex_finish(pvar, hash, hashlen, share_key, hostkey, signature, siglen);

Modified: trunk/ttssh2/ttxssh/ttxssh.c
===================================================================
--- trunk/ttssh2/ttxssh/ttxssh.c	2019-10-16 12:06:58 UTC (rev 8315)
+++ trunk/ttssh2/ttxssh/ttxssh.c	2019-10-16 13:19:25 UTC (rev 8316)
@@ -153,6 +153,10 @@
 	FWDUI_init(pvar);
 
 	ssh_heartbeat_lock_initialize();
+
+	pvar->evpcip[MODE_IN] = EVP_CIPHER_CTX_new();
+	pvar->evpcip[MODE_OUT] = EVP_CIPHER_CTX_new();
+	/*** TODO: OPENSSL1.1.1 ERROR CHECK(ticket#39335\x82ŏ\x88\x92u\x97\\x92\xE8) ***/
 }
 
 static void uninit_TTSSH(PTInstVar pvar)
@@ -184,6 +188,9 @@
 	}
 
 	ssh_heartbeat_lock_finalize();
+
+	EVP_CIPHER_CTX_free(pvar->evpcip[MODE_IN]);
+	EVP_CIPHER_CTX_free(pvar->evpcip[MODE_OUT]);
 }
 
 static void PASCAL TTXInit(PTTSet ts, PComVar cv)
@@ -3381,6 +3388,7 @@
 
 static BOOL generate_ssh_key(ssh_keytype type, int bits, void (*cbfunc)(int, int, void *), void *cbarg)
 {
+
 	// if SSH key already is generated, should free the resource.
 	free_ssh_key();
 
@@ -3390,6 +3398,8 @@
 	{
 		RSA *priv = NULL;
 		RSA *pub = NULL;
+		BIGNUM *e, *n;
+		BIGNUM *p_e, *p_n;
 
 		// private key
 		priv =  RSA_generate_key(bits, 35, cbfunc, cbarg);
@@ -3399,15 +3409,18 @@
 
 		// public key
 		pub = RSA_new();
-		pub->n = BN_new();
-		pub->e = BN_new();
-		if (pub->n == NULL || pub->e == NULL) {
+		n = BN_new();
+		e = BN_new();
+		RSA_set0_key(pub, n, e, NULL);
+		if (n == NULL || e == NULL) {
 			RSA_free(pub);
 			goto error;
 		}
 
-		BN_copy(pub->n, priv->n);
-		BN_copy(pub->e, priv->e);
+		RSA_get0_key(priv, &p_n, &p_e, NULL);
+
+		BN_copy(n, p_n);
+		BN_copy(e, p_e);
 		public_key.rsa = pub;
 		break;
 	}
@@ -3416,6 +3429,8 @@
 	{
 		DSA *priv = NULL;
 		DSA *pub = NULL;
+		BIGNUM *p, *q, *g, *pub_key;
+		BIGNUM *sp, *sq, *sg, *spub_key;
 
 		// private key
 		priv = DSA_generate_parameters(bits, NULL, 0, NULL, NULL, cbfunc, cbarg);
@@ -3431,19 +3446,24 @@
 		pub = DSA_new();
 		if (pub == NULL)
 			goto error;
-		pub->p = BN_new();
-		pub->q = BN_new();
-		pub->g = BN_new();
-		pub->pub_key = BN_new();
-		if (pub->p == NULL || pub->q == NULL || pub->g == NULL || pub->pub_key == NULL) {
+		p = BN_new();
+		q = BN_new();
+		g = BN_new();
+		DSA_set0_pqg(pub, p, q, g);
+		pub_key = BN_new();
+		DSA_set0_key(pub, pub_key, NULL);
+		if (p == NULL || q == NULL || g == NULL || pub_key == NULL) {
 			DSA_free(pub);
 			goto error;
 		}
 
-		BN_copy(pub->p, priv->p);
-		BN_copy(pub->q, priv->q);
-		BN_copy(pub->g, priv->g);
-		BN_copy(pub->pub_key, priv->pub_key);
+		DSA_get0_pqg(priv, &sp, &sq, &sg);
+		DSA_get0_key(priv, &spub_key, NULL);
+
+		BN_copy(p, sp);
+		BN_copy(q, sq);
+		BN_copy(g, sg);
+		BN_copy(pub_key, spub_key);
 		public_key.dsa = pub;
 		break;
 	}
@@ -3535,7 +3555,7 @@
  */
 struct ssh1_3des_ctx
 {
-	EVP_CIPHER_CTX  k1, k2, k3;
+	EVP_CIPHER_CTX  *k1, *k2, *k3;
 };
 
 static int ssh1_3des_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv, int enc)
@@ -3545,12 +3565,16 @@
 
 	if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL) {
 		c = malloc(sizeof(*c));
+		c->k1 = EVP_CIPHER_CTX_new();
+		c->k2 = EVP_CIPHER_CTX_new();
+		c->k3 = EVP_CIPHER_CTX_new();
+		/*** TODO: OPENSSL1.1.1 ERROR CHECK(ticket#39335\x82ŏ\x88\x92u\x97\\x92\xE8) ***/
 		EVP_CIPHER_CTX_set_app_data(ctx, c);
 	}
 	if (key == NULL)
 		return (1);
 	if (enc == -1)
-		enc = ctx->encrypt;
+		enc = EVP_CIPHER_CTX_encrypting(ctx); // ctx->encrypt
 	k1 = k2 = k3 = (u_char *) key;
 	k2 += 8;
 	if (EVP_CIPHER_CTX_key_length(ctx) >= 16+8) {
@@ -3559,12 +3583,15 @@
 		else
 			k1 += 16;
 	}
-	EVP_CIPHER_CTX_init(&c->k1);
-	EVP_CIPHER_CTX_init(&c->k2);
-	EVP_CIPHER_CTX_init(&c->k3);
-	if (EVP_CipherInit(&c->k1, EVP_des_cbc(), k1, NULL, enc) == 0 ||
-		EVP_CipherInit(&c->k2, EVP_des_cbc(), k2, NULL, !enc) == 0 ||
-		EVP_CipherInit(&c->k3, EVP_des_cbc(), k3, NULL, enc) == 0) {
+	EVP_CIPHER_CTX_init(c->k1);
+	EVP_CIPHER_CTX_init(c->k2);
+	EVP_CIPHER_CTX_init(c->k3);
+	if (EVP_CipherInit(c->k1, EVP_des_cbc(), k1, NULL, enc) == 0 ||
+		EVP_CipherInit(c->k2, EVP_des_cbc(), k2, NULL, !enc) == 0 ||
+		EVP_CipherInit(c->k3, EVP_des_cbc(), k3, NULL, enc) == 0) {
+			EVP_CIPHER_CTX_free(c->k1);
+			EVP_CIPHER_CTX_free(c->k2);
+			EVP_CIPHER_CTX_free(c->k3);
 			SecureZeroMemory(c, sizeof(*c));
 			free(c);
 			EVP_CIPHER_CTX_set_app_data(ctx, NULL);
@@ -3581,9 +3608,9 @@
 		//error("ssh1_3des_cbc: no context");
 		return (0);
 	}
-	if (EVP_Cipher(&c->k1, dest, (u_char *)src, len) == 0 ||
-		EVP_Cipher(&c->k2, dest, dest, len) == 0 ||
-		EVP_Cipher(&c->k3, dest, dest, len) == 0)
+	if (EVP_Cipher(c->k1, dest, (u_char *)src, len) == 0 ||
+		EVP_Cipher(c->k2, dest, dest, len) == 0 ||
+		EVP_Cipher(c->k3, dest, dest, len) == 0)
 		return (0);
 	return (1);
 }
@@ -3593,9 +3620,9 @@
 	struct ssh1_3des_ctx *c;
 
 	if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) != NULL) {
-		EVP_CIPHER_CTX_cleanup(&c->k1);
-		EVP_CIPHER_CTX_cleanup(&c->k2);
-		EVP_CIPHER_CTX_cleanup(&c->k3);
+		EVP_CIPHER_CTX_cleanup(c->k1);
+		EVP_CIPHER_CTX_cleanup(c->k2);
+		EVP_CIPHER_CTX_cleanup(c->k3);
 		SecureZeroMemory(c, sizeof(*c));
 		free(c);
 		EVP_CIPHER_CTX_set_app_data(ctx, NULL);
@@ -3603,6 +3630,7 @@
 	return (1);
 }
 
+// \x89\xBA\x8BL\x8A֐\x94\x82͖\xA2\x8Eg\x97p\x81B
 void ssh1_3des_iv(EVP_CIPHER_CTX *evp, int doset, u_char *iv, int len)
 {
 	struct ssh1_3des_ctx *c;
@@ -3617,31 +3645,33 @@
 
 	if (doset) {
 		//debug3("%s: Installed 3DES IV", __func__);
-		memcpy(c->k1.iv, iv, 8);
-		memcpy(c->k2.iv, iv + 8, 8);
-		memcpy(c->k3.iv, iv + 16, 8);
+		memcpy(EVP_CIPHER_CTX_iv_noconst(c->k1), iv, 8);
+		memcpy(EVP_CIPHER_CTX_iv_noconst(c->k2), iv + 8, 8);
+		memcpy(EVP_CIPHER_CTX_iv_noconst(c->k3), iv + 16, 8);
 	} else {
 		//debug3("%s: Copying 3DES IV", __func__);
-		memcpy(iv, c->k1.iv, 8);
-		memcpy(iv + 8, c->k2.iv, 8);
-		memcpy(iv + 16, c->k3.iv, 8);
+		memcpy(iv, EVP_CIPHER_CTX_iv(c->k1), 8);
+		memcpy(iv + 8, EVP_CIPHER_CTX_iv(c->k2), 8);
+		memcpy(iv + 16, EVP_CIPHER_CTX_iv(c->k3), 8);
 	}
 }
 
 const EVP_CIPHER *evp_ssh1_3des(void)
 {
-	static EVP_CIPHER ssh1_3des;
+	static EVP_CIPHER *p = NULL;
 
-	memset(&ssh1_3des, 0, sizeof(EVP_CIPHER));
-	ssh1_3des.nid = NID_undef;
-	ssh1_3des.block_size = 8;
-	ssh1_3des.iv_len = 0;
-	ssh1_3des.key_len = 16;
-	ssh1_3des.init = ssh1_3des_init;
-	ssh1_3des.cleanup = ssh1_3des_cleanup;
-	ssh1_3des.do_cipher = ssh1_3des_cbc;
-	ssh1_3des.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH;
-	return (&ssh1_3des);
+	if (p == NULL) {
+		p = EVP_CIPHER_meth_new(NID_undef, /*block_size*/8, /*key_len*/16);
+		/*** TODO: OPENSSL1.1.1 ERROR CHECK(ticket#39335\x82ŏ\x88\x92u\x97\\x92\xE8) ***/
+	}
+	if (p) {
+		EVP_CIPHER_meth_set_iv_length(p, 0);
+		EVP_CIPHER_meth_set_init(p, ssh1_3des_init);
+		EVP_CIPHER_meth_set_cleanup(p, ssh1_3des_cleanup);
+		EVP_CIPHER_meth_set_do_cipher(p, ssh1_3des_cbc);
+		EVP_CIPHER_meth_set_flags(p, EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH);
+	}
+	return (p);
 }
 
 static void ssh_make_comment(char *comment, int maxlen)
@@ -4007,7 +4037,7 @@
 	int blocksize, keylen, ivlen, authlen, i, n; 
 	unsigned char *key = NULL, salt[SALT_LEN];
 	char *kdfname = KDFNAME;
-	EVP_CIPHER_CTX cipher_ctx;
+	EVP_CIPHER_CTX *cipher_ctx = NULL;
 	Key keyblob;
 	unsigned char *cp = NULL;
 	unsigned int len, check;
@@ -4018,7 +4048,8 @@
 	kdf = buffer_init();
 	encoded = buffer_init();
 	blob = buffer_init();
-	if (b == NULL || kdf == NULL || encoded == NULL || blob == NULL)
+	cipher_ctx = EVP_CIPHER_CTX_new();
+	if (b == NULL || kdf == NULL || encoded == NULL || blob == NULL || cipher_ctx == NULL)
 		goto ed25519_error;
 
 	if (passphrase == NULL || !strlen(passphrase)) {
@@ -4045,7 +4076,7 @@
 	// \x88Í\x86\x89\xBB\x82̏\x80\x94\xF5
 	// TODO: OpenSSH 6.5\x82ł\xCD -Z \x83I\x83v\x83V\x83\x87\x83\x93\x82ŁA\x88Í\x86\x89\xBB\x83A\x83\x8B\x83S\x83\x8A\x83Y\x83\x80\x82\xF0\x8Ew\x92\xE8\x89”\\x82\xBE\x82\xAA\x81A
 	// \x82\xB1\x82\xB1\x82ł\xCD"AES256-CBC"\x82ɌŒ\xE8\x82Ƃ\xB7\x82\xE9\x81B
-	cipher_init_SSH2(&cipher_ctx, key, keylen, key + keylen, ivlen, CIPHER_ENCRYPT, 
+	cipher_init_SSH2(cipher_ctx, key, keylen, key + keylen, ivlen, CIPHER_ENCRYPT, 
 		get_cipher_EVP_CIPHER(cipher), 0, 0, pvar);
 	SecureZeroMemory(key, keylen + ivlen);
 	free(key);
@@ -4089,12 +4120,12 @@
 
 	/* encrypt */
 	cp = buffer_append_space(encoded, buffer_len(b) + authlen);
-	if (EVP_Cipher(&cipher_ctx, cp, buffer_ptr(b), buffer_len(b)) == 0) {
+	if (EVP_Cipher(cipher_ctx, cp, buffer_ptr(b), buffer_len(b)) == 0) {
 		//strncpy_s(errmsg, errmsg_len, "Key decrypt error", _TRUNCATE);
 		//free(decrypted);
 		//goto error;
 	}
-	cipher_cleanup_SSH2(&cipher_ctx);
+	cipher_cleanup_SSH2(cipher_ctx);
 
 	len = 2 * buffer_len(encoded);
 	cp = malloc(len);
@@ -4144,6 +4175,10 @@
 	buffer_free(kdf);
 	buffer_free(encoded);
 	buffer_free(blob);
+
+	if (cipher_ctx) {
+		EVP_CIPHER_CTX_free(cipher_ctx);
+	}
 }
 
 static INT_PTR CALLBACK TTXKeyGenerator(HWND dlg, UINT msg, WPARAM wParam,
@@ -4323,6 +4358,13 @@
 
 				// set focus to passphrase edit control (2007.1.27 maya)
 				SetFocus(GetDlgItem(dlg, IDC_KEY_EDIT));
+
+			} else {
+				// generate_ssh_key()\x82\xAA\x8E\xB8\x94s\x82\xB5\x82\xBD\x8Fꍇ\x82ɂ\xA8\x82\xA2\x82Ă\xE0\x81A\x83_\x83C\x83A\x83\x8D\x83O\x82\xF0
+				// \x83N\x83\x8D\x81[\x83Y\x82ł\xAB\x82\xE9\x82悤\x82ɂ\xB5\x82Ă\xA8\x82\xAD\x81B
+				EnableWindow(GetDlgItem(dlg, IDOK), TRUE);
+				EnableWindow(GetDlgItem(dlg, IDCANCEL), TRUE);
+
 			}
 			return TRUE;
 			}
@@ -4532,15 +4574,18 @@
 				RSA *rsa = public_key.rsa;
 				int bits;
 				char *buf;
+				BIGNUM *e, *n;
 
-				bits = BN_num_bits(rsa->n);
+				RSA_get0_key(rsa, &n, &e, NULL);
+
+				bits = BN_num_bits(n);
 				fprintf(fp, "%u", bits);
 
-				buf = BN_bn2dec(rsa->e);
+				buf = BN_bn2dec(e);
 				fprintf(fp, " %s", buf);
 				OPENSSL_free(buf);
 
-				buf = BN_bn2dec(rsa->n);
+				buf = BN_bn2dec(n);
 				fprintf(fp, " %s", buf);
 				OPENSSL_free(buf);
 
@@ -4554,6 +4599,8 @@
 				char *blob;
 				char *uuenc; // uuencode data
 				int uulen;
+				BIGNUM *e, *n;
+				BIGNUM *p, *q, *g, *pub_key;
 
 				b = buffer_init();
 				if (b == NULL)
@@ -4561,19 +4608,23 @@
 
 				switch (public_key.type) {
 				case KEY_DSA: // DSA
+					DSA_get0_pqg(dsa, &p, &q, &g);
+					DSA_get0_key(dsa, &pub_key, NULL);
+
 					keyname = "ssh-dss";
 					buffer_put_string(b, keyname, strlen(keyname));
-					buffer_put_bignum2(b, dsa->p);
-					buffer_put_bignum2(b, dsa->q);
-					buffer_put_bignum2(b, dsa->g);
-					buffer_put_bignum2(b, dsa->pub_key);
+					buffer_put_bignum2(b, p);
+					buffer_put_bignum2(b, q);
+					buffer_put_bignum2(b, g);
+					buffer_put_bignum2(b, pub_key);
 					break;
 
 				case KEY_RSA: // RSA
+					RSA_get0_key(rsa, &n, &e, NULL);
 					keyname = "ssh-rsa";
 					buffer_put_string(b, keyname, strlen(keyname));
-					buffer_put_bignum2(b, rsa->e);
-					buffer_put_bignum2(b, rsa->n);
+					buffer_put_bignum2(b, e);
+					buffer_put_bignum2(b, n);
 					break;
 
 				case KEY_ECDSA256: // ECDSA
@@ -4744,9 +4795,10 @@
 				MD5_CTX md;
 				unsigned char digest[16];
 				char *passphrase = buf;
-				EVP_CIPHER_CTX cipher_ctx;
+				EVP_CIPHER_CTX *cipher_ctx = NULL;
 				FILE *fp;
 				char wrapped[4096];
+				BIGNUM *e, *n, *d, *dmp1, *dmq1, *iqmp, *p, *q;
 
 				if (passphrase[0] == '\0') { // passphrase is empty
 					cipher_num = SSH_CIPHER_NONE;
@@ -4763,6 +4815,9 @@
 					break;
 				}
 
+				cipher_ctx = EVP_CIPHER_CTX_new();
+				/*** TODO: OPENSSL1.1.1 ERROR CHECK(ticket#39335\x82ŏ\x88\x92u\x97\\x92\xE8) ***/
+
 				// set random value
 				rnd = arc4random();
 				tmp[0] = rnd & 0xff;
@@ -4773,10 +4828,13 @@
 
 				// set private key
 				rsa = private_key.rsa;
-				buffer_put_bignum(b, rsa->d);
-				buffer_put_bignum(b, rsa->iqmp);
-				buffer_put_bignum(b, rsa->q);
-				buffer_put_bignum(b, rsa->p);
+				RSA_get0_key(rsa, &n, &e, &d);
+				RSA_get0_factors(rsa, &p, &q);
+				RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp);
+				buffer_put_bignum(b, d);
+				buffer_put_bignum(b, iqmp);
+				buffer_put_bignum(b, q);
+				buffer_put_bignum(b, p);
 
 				// padding with 8byte align
 				while (buffer_len(b) % 8) {
@@ -4799,9 +4857,9 @@
 				buffer_put_int(enc, 0);  // type is 'int'!! (For future extension)
 
 				/* Store public key.  This will be in plain text. */
-				buffer_put_int(enc, BN_num_bits(rsa->n));
-				buffer_put_bignum(enc, rsa->n);
-				buffer_put_bignum(enc, rsa->e);
+				buffer_put_int(enc, BN_num_bits(n));
+				buffer_put_bignum(enc, n);
+				buffer_put_bignum(enc, e);
 				buffer_put_string(enc, comment, strlen(comment));
 
 				// setup the MD5ed passphrase to cipher encryption key
@@ -4809,9 +4867,9 @@
 				MD5_Update(&md, (const unsigned char *)passphrase, strlen(passphrase));
 				MD5_Final(digest, &md);
 				if (cipher_num == SSH_CIPHER_NONE) {
-					cipher_init_SSH2(&cipher_ctx, digest, 16, NULL, 0, CIPHER_ENCRYPT, EVP_enc_null(), 0, 0, pvar);
+					cipher_init_SSH2(cipher_ctx, digest, 16, NULL, 0, CIPHER_ENCRYPT, EVP_enc_null(), 0, 0, pvar);
 				} else {
-					cipher_init_SSH2(&cipher_ctx, digest, 16, NULL, 0, CIPHER_ENCRYPT, evp_ssh1_3des(), 0, 0, pvar);
+					cipher_init_SSH2(cipher_ctx, digest, 16, NULL, 0, CIPHER_ENCRYPT, evp_ssh1_3des(), 0, 0, pvar);
 				}
 				len = buffer_len(b);
 				if (len % 8) { // fatal error
@@ -4823,10 +4881,10 @@
 					goto error;
 				}
 
-				if (EVP_Cipher(&cipher_ctx, wrapped, buffer_ptr(b), len) == 0) {
+				if (EVP_Cipher(cipher_ctx, wrapped, buffer_ptr(b), len) == 0) {
 					goto error;
 				}
-				if (EVP_CIPHER_CTX_cleanup(&cipher_ctx) == 0) {
+				if (EVP_CIPHER_CTX_cleanup(cipher_ctx) == 0) {
 					goto error;
 				}
 
@@ -4849,6 +4907,9 @@
 error:;
 				buffer_free(b);
 				buffer_free(enc);
+				if (cipher_ctx) {
+					EVP_CIPHER_CTX_free(cipher_ctx);
+				}
 
 			} else if (private_key.type == KEY_ED25519) { // SSH2 ED25519 
 				save_bcrypt_private_key(buf, filename, comment, dlg, pvar, rounds);

Modified: trunk/ttssh2/ttxssh/ttxssh.h
===================================================================
--- trunk/ttssh2/ttxssh/ttxssh.h	2019-10-16 12:06:58 UTC (rev 8315)
+++ trunk/ttssh2/ttxssh/ttxssh.h	2019-10-16 13:19:25 UTC (rev 8316)
@@ -278,7 +278,7 @@
 	char *session_id;
 	int session_id_len;
 	SSHKeys ssh2_keys[MODE_MAX];
-	EVP_CIPHER_CTX evpcip[MODE_MAX];
+	EVP_CIPHER_CTX *evpcip[MODE_MAX];
 	int userauth_success;
 	int shell_id;
 	/*int remote_id;*/

Modified: trunk/ttssh2/ttxssh/ttxssh.v10.vcxproj
===================================================================
--- trunk/ttssh2/ttxssh/ttxssh.v10.vcxproj	2019-10-16 12:06:58 UTC (rev 8315)
+++ trunk/ttssh2/ttxssh/ttxssh.v10.vcxproj	2019-10-16 13:19:25 UTC (rev 8316)
@@ -59,7 +59,7 @@
     <ClCompile>
       <AdditionalOptions>/D"_CRT_SECURE_NO_DEPRECATE" %(AdditionalOptions)</AdditionalOptions>
       <Optimization>Disabled</Optimization>
-      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\common;$(SolutionDir)..\libs\openssl\inc32;$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\libs\zlib;$(SolutionDir)matcher;$(SolutionDir)putty;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\common;$(SolutionDir)..\libs\openssl\include;$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\libs\zlib;$(SolutionDir)matcher;$(SolutionDir)putty;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
       <PreprocessorDefinitions>WIN32;_DEBUG;_WINDOWS;_CRTDBG_MAP_ALLOC;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary>
       <FunctionLevelLinking>true</FunctionLevelLinking>
@@ -76,7 +76,7 @@
       <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\common;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
     </ResourceCompile>
     <Link>
-      <AdditionalDependencies>odbc32.lib;odbccp32.lib;ws2_32.lib;libeay32.lib;zlibd.lib;ttpcmn.lib;dnsapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>odbc32.lib;odbccp32.lib;ws2_32.lib;libcrypto.lib;zlibd.lib;ttpcmn.lib;dnsapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
       <SuppressStartupBanner>true</SuppressStartupBanner>
       <AdditionalLibraryDirectories>$(SolutionDir)..\libs\openssl\out32.dbg;$(SolutionDir)..\libs\zlib;$(SolutionDir)..\teraterm\$(Configuration);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
       <ModuleDefinitionFile>$(ProjectName).def</ModuleDefinitionFile>
@@ -106,7 +106,7 @@
       <AdditionalOptions>/D"_CRT_SECURE_NO_DEPRECATE" %(AdditionalOptions)</AdditionalOptions>
       <Optimization>MaxSpeed</Optimization>
       <InlineFunctionExpansion>AnySuitable</InlineFunctionExpansion>
-      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\common;$(SolutionDir)..\libs\openssl\inc32;$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\libs\zlib;$(SolutionDir)matcher;$(SolutionDir)putty;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\common;$(SolutionDir)..\libs\openssl\include;$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\libs\zlib;$(SolutionDir)matcher;$(SolutionDir)putty;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
       <PreprocessorDefinitions>WIN32;NDEBUG;_WINDOWS;_CRT_SECURE_NO_DEPRECATE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <StringPooling>true</StringPooling>
       <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
@@ -122,7 +122,7 @@
       <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\common;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
     </ResourceCompile>
     <Link>
-      <AdditionalDependencies>odbc32.lib;odbccp32.lib;ws2_32.lib;libeay32.lib;zlib.lib;ttpcmn.lib;dnsapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>odbc32.lib;odbccp32.lib;ws2_32.lib;libcrypto.lib;zlib.lib;ttpcmn.lib;dnsapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
       <SuppressStartupBanner>true</SuppressStartupBanner>
       <AdditionalLibraryDirectories>$(SolutionDir)..\libs\openssl\out32;$(SolutionDir)..\libs\zlib;$(SolutionDir)..\teraterm\$(Configuration);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
       <ModuleDefinitionFile>$(ProjectName).def</ModuleDefinitionFile>

Modified: trunk/ttssh2/ttxssh/ttxssh.v11.vcxproj
===================================================================
--- trunk/ttssh2/ttxssh/ttxssh.v11.vcxproj	2019-10-16 12:06:58 UTC (rev 8315)
+++ trunk/ttssh2/ttxssh/ttxssh.v11.vcxproj	2019-10-16 13:19:25 UTC (rev 8316)
@@ -64,7 +64,7 @@
     <ClCompile>
       <AdditionalOptions>/D"_CRT_SECURE_NO_DEPRECATE" %(AdditionalOptions)</AdditionalOptions>
       <Optimization>Disabled</Optimization>
-      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\common;$(SolutionDir)..\libs\openssl\inc32;$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\libs\zlib;$(SolutionDir)matcher;$(SolutionDir)putty;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\common;$(SolutionDir)..\libs\openssl\include;$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\libs\zlib;$(SolutionDir)matcher;$(SolutionDir)putty;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
       <PreprocessorDefinitions>WIN32;_DEBUG;_WINDOWS;_CRTDBG_MAP_ALLOC;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary>
       <FunctionLevelLinking>true</FunctionLevelLinking>
@@ -81,7 +81,7 @@
       <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\common;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
     </ResourceCompile>
     <Link>
-      <AdditionalDependencies>odbc32.lib;odbccp32.lib;ws2_32.lib;libeay32.lib;zlibd.lib;ttpcmn.lib;dnsapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>odbc32.lib;odbccp32.lib;ws2_32.lib;libcrypto.lib;zlibd.lib;ttpcmn.lib;dnsapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
       <SuppressStartupBanner>true</SuppressStartupBanner>
       <AdditionalLibraryDirectories>$(SolutionDir)..\libs\openssl\out32.dbg;$(SolutionDir)..\libs\zlib;$(SolutionDir)..\teraterm\$(Configuration);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
       <ModuleDefinitionFile>$(ProjectName).def</ModuleDefinitionFile>
@@ -111,7 +111,7 @@
       <AdditionalOptions>/D"_CRT_SECURE_NO_DEPRECATE" %(AdditionalOptions)</AdditionalOptions>
       <Optimization>MaxSpeed</Optimization>
       <InlineFunctionExpansion>AnySuitable</InlineFunctionExpansion>
-      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\common;$(SolutionDir)..\libs\openssl\inc32;$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\libs\zlib;$(SolutionDir)matcher;$(SolutionDir)putty;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\common;$(SolutionDir)..\libs\openssl\include;$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\libs\zlib;$(SolutionDir)matcher;$(SolutionDir)putty;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
       <PreprocessorDefinitions>WIN32;NDEBUG;_WINDOWS;_CRT_SECURE_NO_DEPRECATE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <StringPooling>true</StringPooling>
       <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
@@ -127,7 +127,7 @@
       <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\common;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
     </ResourceCompile>
     <Link>
-      <AdditionalDependencies>odbc32.lib;odbccp32.lib;ws2_32.lib;libeay32.lib;zlib.lib;ttpcmn.lib;dnsapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>odbc32.lib;odbccp32.lib;ws2_32.lib;libcrypto.lib;zlib.lib;ttpcmn.lib;dnsapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
       <SuppressStartupBanner>true</SuppressStartupBanner>
       <AdditionalLibraryDirectories>$(SolutionDir)..\libs\openssl\out32;$(SolutionDir)..\libs\zlib;$(SolutionDir)..\teraterm\$(Configuration);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
       <ModuleDefinitionFile>$(ProjectName).def</ModuleDefinitionFile>

Modified: trunk/ttssh2/ttxssh/ttxssh.v12.vcxproj
===================================================================
--- trunk/ttssh2/ttxssh/ttxssh.v12.vcxproj	2019-10-16 12:06:58 UTC (rev 8315)
+++ trunk/ttssh2/ttxssh/ttxssh.v12.vcxproj	2019-10-16 13:19:25 UTC (rev 8316)
@@ -64,7 +64,7 @@
     <ClCompile>
       <AdditionalOptions>/D"_CRT_SECURE_NO_DEPRECATE" %(AdditionalOptions)</AdditionalOptions>
       <Optimization>Disabled</Optimization>
-      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\common;$(SolutionDir)..\libs\openssl\inc32;$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\libs\zlib;$(SolutionDir)matcher;$(SolutionDir)putty;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\common;$(SolutionDir)..\libs\openssl\include;$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\libs\zlib;$(SolutionDir)matcher;$(SolutionDir)putty;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
       <PreprocessorDefinitions>WIN32;_DEBUG;_WINDOWS;_CRTDBG_MAP_ALLOC;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary>
       <FunctionLevelLinking>true</FunctionLevelLinking>
@@ -81,7 +81,7 @@
       <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\common;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
     </ResourceCompile>
     <Link>
-      <AdditionalDependencies>odbc32.lib;odbccp32.lib;ws2_32.lib;libeay32.lib;zlibd.lib;ttpcmn.lib;dnsapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>odbc32.lib;odbccp32.lib;ws2_32.lib;libcrypto.lib;zlibd.lib;ttpcmn.lib;dnsapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
       <SuppressStartupBanner>true</SuppressStartupBanner>
       <AdditionalLibraryDirectories>$(SolutionDir)..\libs\openssl\out32.dbg;$(SolutionDir)..\libs\zlib;$(SolutionDir)..\teraterm\$(Configuration);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
       <ModuleDefinitionFile>$(ProjectName).def</ModuleDefinitionFile>
@@ -111,7 +111,7 @@
       <AdditionalOptions>/D"_CRT_SECURE_NO_DEPRECATE" %(AdditionalOptions)</AdditionalOptions>
       <Optimization>MaxSpeed</Optimization>
       <InlineFunctionExpansion>AnySuitable</InlineFunctionExpansion>
-      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\common;$(SolutionDir)..\libs\openssl\inc32;$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\libs\zlib;$(SolutionDir)matcher;$(SolutionDir)putty;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\common;$(SolutionDir)..\libs\openssl\include;$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\libs\zlib;$(SolutionDir)matcher;$(SolutionDir)putty;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
       <PreprocessorDefinitions>WIN32;NDEBUG;_WINDOWS;_CRT_SECURE_NO_DEPRECATE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <StringPooling>true</StringPooling>
       <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
@@ -127,7 +127,7 @@
       <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\common;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
     </ResourceCompile>
     <Link>
-      <AdditionalDependencies>odbc32.lib;odbccp32.lib;ws2_32.lib;libeay32.lib;zlib.lib;ttpcmn.lib;dnsapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>odbc32.lib;odbccp32.lib;ws2_32.lib;libcrypto.lib;zlib.lib;ttpcmn.lib;dnsapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
       <SuppressStartupBanner>true</SuppressStartupBanner>
       <AdditionalLibraryDirectories>$(SolutionDir)..\libs\openssl\out32;$(SolutionDir)..\libs\zlib;$(SolutionDir)..\teraterm\$(Configuration);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
       <ModuleDefinitionFile>$(ProjectName).def</ModuleDefinitionFile>

Modified: trunk/ttssh2/ttxssh/ttxssh.v14.vcxproj
===================================================================
--- trunk/ttssh2/ttxssh/ttxssh.v14.vcxproj	2019-10-16 12:06:58 UTC (rev 8315)
+++ trunk/ttssh2/ttxssh/ttxssh.v14.vcxproj	2019-10-16 13:19:25 UTC (rev 8316)
@@ -64,7 +64,7 @@
     <ClCompile>
       <AdditionalOptions>/D"_CRT_SECURE_NO_DEPRECATE" %(AdditionalOptions)</AdditionalOptions>
       <Optimization>Disabled</Optimization>
-      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\common;$(SolutionDir)..\libs\openssl\inc32;$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\libs\zlib;$(SolutionDir)matcher;$(SolutionDir)putty;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\common;$(SolutionDir)..\libs\openssl\include;$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\libs\zlib;$(SolutionDir)matcher;$(SolutionDir)putty;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
       <PreprocessorDefinitions>WIN32;_DEBUG;_WINDOWS;_CRTDBG_MAP_ALLOC;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary>
       <FunctionLevelLinking>true</FunctionLevelLinking>
@@ -81,7 +81,7 @@
       <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\common;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
     </ResourceCompile>
     <Link>
-      <AdditionalDependencies>odbc32.lib;odbccp32.lib;ws2_32.lib;libeay32.lib;zlibd.lib;ttpcmn.lib;dnsapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>odbc32.lib;odbccp32.lib;ws2_32.lib;libcrypto.lib;zlibd.lib;ttpcmn.lib;dnsapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
       <SuppressStartupBanner>true</SuppressStartupBanner>
       <AdditionalLibraryDirectories>$(SolutionDir)..\libs\openssl\out32.dbg;$(SolutionDir)..\libs\zlib;$(SolutionDir)..\teraterm\$(Configuration);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
       <ModuleDefinitionFile>$(ProjectName).def</ModuleDefinitionFile>
@@ -111,7 +111,7 @@
       <AdditionalOptions>/D"_CRT_SECURE_NO_DEPRECATE" %(AdditionalOptions)</AdditionalOptions>
       <Optimization>MaxSpeed</Optimization>
       <InlineFunctionExpansion>AnySuitable</InlineFunctionExpansion>
-      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\common;$(SolutionDir)..\libs\openssl\inc32;$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\libs\zlib;$(SolutionDir)matcher;$(SolutionDir)putty;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\common;$(SolutionDir)..\libs\openssl\include;$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\libs\zlib;$(SolutionDir)matcher;$(SolutionDir)putty;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
       <PreprocessorDefinitions>WIN32;NDEBUG;_WINDOWS;_CRT_SECURE_NO_DEPRECATE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <StringPooling>true</StringPooling>
       <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
@@ -127,7 +127,7 @@
       <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\common;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
     </ResourceCompile>
     <Link>
-      <AdditionalDependencies>odbc32.lib;odbccp32.lib;ws2_32.lib;libeay32.lib;zlib.lib;ttpcmn.lib;dnsapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>odbc32.lib;odbccp32.lib;ws2_32.lib;libcrypto.lib;zlib.lib;ttpcmn.lib;dnsapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
       <SuppressStartupBanner>true</SuppressStartupBanner>
       <AdditionalLibraryDirectories>$(SolutionDir)..\libs\openssl\out32;$(SolutionDir)..\libs\zlib;$(SolutionDir)..\teraterm\$(Configuration);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
       <ModuleDefinitionFile>$(ProjectName).def</ModuleDefinitionFile>

Modified: trunk/ttssh2/ttxssh/ttxssh.v15.vcxproj
===================================================================
--- trunk/ttssh2/ttxssh/ttxssh.v15.vcxproj	2019-10-16 12:06:58 UTC (rev 8315)
+++ trunk/ttssh2/ttxssh/ttxssh.v15.vcxproj	2019-10-16 13:19:25 UTC (rev 8316)
@@ -65,7 +65,7 @@
     <ClCompile>
       <AdditionalOptions>/D"_CRT_SECURE_NO_DEPRECATE" %(AdditionalOptions)</AdditionalOptions>
       <Optimization>Disabled</Optimization>
-      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\common;$(SolutionDir)..\libs\openssl\inc32;$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\libs\zlib;$(SolutionDir)matcher;$(SolutionDir)putty;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\common;$(SolutionDir)..\libs\openssl\include;$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\libs\zlib;$(SolutionDir)matcher;$(SolutionDir)putty;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
       <PreprocessorDefinitions>WIN32;_DEBUG;_WINDOWS;_CRTDBG_MAP_ALLOC;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary>
       <FunctionLevelLinking>true</FunctionLevelLinking>
@@ -82,7 +82,7 @@
       <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\common;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
     </ResourceCompile>
     <Link>
-      <AdditionalDependencies>odbc32.lib;odbccp32.lib;ws2_32.lib;libeay32.lib;zlibd.lib;ttpcmn.lib;dnsapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>odbc32.lib;odbccp32.lib;ws2_32.lib;libcrypto.lib;zlibd.lib;ttpcmn.lib;dnsapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
       <SuppressStartupBanner>true</SuppressStartupBanner>
       <AdditionalLibraryDirectories>$(SolutionDir)..\libs\openssl\out32.dbg;$(SolutionDir)..\libs\zlib;$(SolutionDir)..\teraterm\$(Configuration);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
       <ModuleDefinitionFile>$(ProjectName).def</ModuleDefinitionFile>
@@ -112,7 +112,7 @@
       <AdditionalOptions>/D"_CRT_SECURE_NO_DEPRECATE" %(AdditionalOptions)</AdditionalOptions>
       <Optimization>MaxSpeed</Optimization>
       <InlineFunctionExpansion>AnySuitable</InlineFunctionExpansion>
-      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\common;$(SolutionDir)..\libs\openssl\inc32;$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\libs\zlib;$(SolutionDir)matcher;$(SolutionDir)putty;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\common;$(SolutionDir)..\libs\openssl\include;$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\libs\zlib;$(SolutionDir)matcher;$(SolutionDir)putty;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
       <PreprocessorDefinitions>WIN32;NDEBUG;_WINDOWS;_CRT_SECURE_NO_DEPRECATE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <StringPooling>true</StringPooling>
       <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
@@ -128,7 +128,7 @@
       <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\common;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
     </ResourceCompile>
     <Link>
-      <AdditionalDependencies>odbc32.lib;odbccp32.lib;ws2_32.lib;libeay32.lib;zlib.lib;ttpcmn.lib;dnsapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>odbc32.lib;odbccp32.lib;ws2_32.lib;libcrypto.lib;zlib.lib;ttpcmn.lib;dnsapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
       <SuppressStartupBanner>true</SuppressStartupBanner>
       <AdditionalLibraryDirectories>$(SolutionDir)..\libs\openssl\out32;$(SolutionDir)..\libs\zlib;$(SolutionDir)..\teraterm\$(Configuration);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
       <ModuleDefinitionFile>$(ProjectName).def</ModuleDefinitionFile>

Modified: trunk/ttssh2/ttxssh/ttxssh.v16.vcxproj
===================================================================
--- trunk/ttssh2/ttxssh/ttxssh.v16.vcxproj	2019-10-16 12:06:58 UTC (rev 8315)
+++ trunk/ttssh2/ttxssh/ttxssh.v16.vcxproj	2019-10-16 13:19:25 UTC (rev 8316)
@@ -65,7 +65,7 @@
     <ClCompile>
       <AdditionalOptions>/D"_CRT_SECURE_NO_DEPRECATE" %(AdditionalOptions)</AdditionalOptions>
       <Optimization>Disabled</Optimization>
-      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\common;$(SolutionDir)..\libs\openssl\inc32;$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\libs\zlib;$(SolutionDir)matcher;$(SolutionDir)putty;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\common;$(SolutionDir)..\libs\openssl\include;$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\libs\zlib;$(SolutionDir)matcher;$(SolutionDir)putty;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
       <PreprocessorDefinitions>WIN32;_DEBUG;_WINDOWS;_CRTDBG_MAP_ALLOC;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary>
       <FunctionLevelLinking>true</FunctionLevelLinking>
@@ -82,7 +82,7 @@
       <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\common;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
     </ResourceCompile>
     <Link>
-      <AdditionalDependencies>odbc32.lib;odbccp32.lib;ws2_32.lib;libeay32.lib;zlibd.lib;ttpcmn.lib;dnsapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>odbc32.lib;odbccp32.lib;ws2_32.lib;libcrypto.lib;zlibd.lib;ttpcmn.lib;dnsapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
       <SuppressStartupBanner>true</SuppressStartupBanner>
       <AdditionalLibraryDirectories>$(SolutionDir)..\libs\openssl\out32.dbg;$(SolutionDir)..\libs\zlib;$(SolutionDir)..\teraterm\$(Configuration);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
       <ModuleDefinitionFile>$(ProjectName).def</ModuleDefinitionFile>
@@ -112,7 +112,7 @@
       <AdditionalOptions>/D"_CRT_SECURE_NO_DEPRECATE" %(AdditionalOptions)</AdditionalOptions>
       <Optimization>MaxSpeed</Optimization>
       <InlineFunctionExpansion>AnySuitable</InlineFunctionExpansion>
-      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\common;$(SolutionDir)..\libs\openssl\inc32;$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\libs\zlib;$(SolutionDir)matcher;$(SolutionDir)putty;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\common;$(SolutionDir)..\libs\openssl\include;$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\libs\zlib;$(SolutionDir)matcher;$(SolutionDir)putty;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
       <PreprocessorDefinitions>WIN32;NDEBUG;_WINDOWS;_CRT_SECURE_NO_DEPRECATE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <StringPooling>true</StringPooling>
       <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
@@ -128,7 +128,7 @@
       <AdditionalIncludeDirectories>$(SolutionDir)..\teraterm\common;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
     </ResourceCompile>
     <Link>
-      <AdditionalDependencies>odbc32.lib;odbccp32.lib;ws2_32.lib;libeay32.lib;zlib.lib;ttpcmn.lib;dnsapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>odbc32.lib;odbccp32.lib;ws2_32.lib;libcrypto.lib;zlib.lib;ttpcmn.lib;dnsapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
       <SuppressStartupBanner>true</SuppressStartupBanner>
       <AdditionalLibraryDirectories>$(SolutionDir)..\libs\openssl\out32;$(SolutionDir)..\libs\zlib;$(SolutionDir)..\teraterm\$(Configuration);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
       <ModuleDefinitionFile>$(ProjectName).def</ModuleDefinitionFile>

Modified: trunk/ttssh2/ttxssh/ttxssh.v9.vcproj
===================================================================
--- trunk/ttssh2/ttxssh/ttxssh.v9.vcproj	2019-10-16 12:06:58 UTC (rev 8315)
+++ trunk/ttssh2/ttxssh/ttxssh.v9.vcproj	2019-10-16 13:19:25 UTC (rev 8316)
@@ -49,7 +49,7 @@
 				Name="VCCLCompilerTool"
 				AdditionalOptions="/D"_CRT_SECURE_NO_DEPRECATE""
 				Optimization="0"
-				AdditionalIncludeDirectories="$(SolutionDir)..\teraterm\common;$(SolutionDir)..\libs\openssl\inc32;$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\libs\zlib;$(SolutionDir)matcher;$(SolutionDir)putty"
+				AdditionalIncludeDirectories="$(SolutionDir)..\teraterm\common;$(SolutionDir)..\libs\openssl\include;$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\libs\zlib;$(SolutionDir)matcher;$(SolutionDir)putty"
 				PreprocessorDefinitions="WIN32;_DEBUG;_WINDOWS;_CRTDBG_MAP_ALLOC"
 				RuntimeLibrary="1"
 				EnableFunctionLevelLinking="true"
@@ -74,7 +74,7 @@
 			/>
 			<Tool
 				Name="VCLinkerTool"
-				AdditionalDependencies="odbc32.lib odbccp32.lib ws2_32.lib libeay32.lib zlibd.lib ttpcmn.lib dnsapi.lib"
+				AdditionalDependencies="odbc32.lib odbccp32.lib ws2_32.lib libcrypto.lib zlibd.lib ttpcmn.lib dnsapi.lib"
 				LinkIncremental="2"
 				SuppressStartupBanner="true"
 				AdditionalLibraryDirectories="$(SolutionDir)..\libs\openssl\out32.dbg;$(SolutionDir)..\libs\zlib;$(SolutionDir)..\teraterm\$(ConfigurationName)"
@@ -146,7 +146,7 @@
 				AdditionalOptions="/D"_CRT_SECURE_NO_DEPRECATE""
 				Optimization="2"
 				InlineFunctionExpansion="2"
-				AdditionalIncludeDirectories="$(SolutionDir)..\teraterm\common;$(SolutionDir)..\libs\openssl\inc32;$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\libs\zlib;$(SolutionDir)matcher;$(SolutionDir)putty"
+				AdditionalIncludeDirectories="$(SolutionDir)..\teraterm\common;$(SolutionDir)..\libs\openssl\include;$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\libs\zlib;$(SolutionDir)matcher;$(SolutionDir)putty"
 				PreprocessorDefinitions="WIN32;NDEBUG;_WINDOWS;_CRT_SECURE_NO_DEPRECATE"
 				StringPooling="true"
 				RuntimeLibrary="0"
@@ -170,7 +170,7 @@
 			/>
 			<Tool
 				Name="VCLinkerTool"
-				AdditionalDependencies="odbc32.lib odbccp32.lib ws2_32.lib libeay32.lib zlib.lib ttpcmn.lib dnsapi.lib"
+				AdditionalDependencies="odbc32.lib odbccp32.lib ws2_32.lib libcrypto.lib zlib.lib ttpcmn.lib dnsapi.lib"
 				LinkIncremental="1"
 				SuppressStartupBanner="true"
 				AdditionalLibraryDirectories="$(SolutionDir)..\libs\openssl\out32;$(SolutionDir)..\libs\zlib;$(SolutionDir)..\teraterm\$(ConfigurationName)"

Modified: trunk/ttssh2/ttxssh/ttxssh.vcproj
===================================================================
--- trunk/ttssh2/ttxssh/ttxssh.vcproj	2019-10-16 12:06:58 UTC (rev 8315)
+++ trunk/ttssh2/ttxssh/ttxssh.vcproj	2019-10-16 13:19:25 UTC (rev 8316)
@@ -48,7 +48,7 @@
 				Name="VCCLCompilerTool"
 				AdditionalOptions="/D"_CRT_SECURE_NO_DEPRECATE""
 				Optimization="0"
-				AdditionalIncludeDirectories="$(SolutionDir)..\teraterm\common;$(SolutionDir)..\libs\openssl\inc32;$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\libs\zlib;$(SolutionDir)matcher;$(SolutionDir)putty"
+				AdditionalIncludeDirectories="$(SolutionDir)..\teraterm\common;$(SolutionDir)..\libs\openssl\include;$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\libs\zlib;$(SolutionDir)matcher;$(SolutionDir)putty"
 				PreprocessorDefinitions="WIN32;_DEBUG;_WINDOWS;_CRTDBG_MAP_ALLOC"
 				RuntimeLibrary="1"
 				EnableFunctionLevelLinking="true"
@@ -73,7 +73,7 @@
 			/>
 			<Tool
 				Name="VCLinkerTool"
-				AdditionalDependencies="odbc32.lib odbccp32.lib ws2_32.lib libeay32.lib zlibd.lib ttpcmn.lib dnsapi.lib user32.lib gdi32.lib SHELL32.lib comdlg32.lib advapi32.lib ole32.lib"
+				AdditionalDependencies="odbc32.lib odbccp32.lib ws2_32.lib libcrypto.lib zlibd.lib ttpcmn.lib dnsapi.lib user32.lib gdi32.lib SHELL32.lib comdlg32.lib advapi32.lib ole32.lib"
 				LinkIncremental="2"
 				SuppressStartupBanner="true"
 				AdditionalLibraryDirectories="$(SolutionDir)..\libs\openssl\out32.dbg;$(SolutionDir)..\libs\zlib;$(SolutionDir)..\teraterm\$(ConfigurationName)"
@@ -146,7 +146,7 @@
 				AdditionalOptions="/D"_CRT_SECURE_NO_DEPRECATE""
 				Optimization="2"
 				InlineFunctionExpansion="2"
-				AdditionalIncludeDirectories="$(SolutionDir)..\teraterm\common;$(SolutionDir)..\libs\openssl\inc32;$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\libs\zlib;$(SolutionDir)matcher;$(SolutionDir)putty"
+				AdditionalIncludeDirectories="$(SolutionDir)..\teraterm\common;$(SolutionDir)..\libs\openssl\include;$(SolutionDir)..\teraterm\teraterm;$(SolutionDir)..\libs\zlib;$(SolutionDir)matcher;$(SolutionDir)putty"
 				PreprocessorDefinitions="WIN32;NDEBUG;_WINDOWS;_CRT_SECURE_NO_DEPRECATE"
 				StringPooling="true"
 				RuntimeLibrary="0"
@@ -170,7 +170,7 @@
 			/>
 			<Tool
 				Name="VCLinkerTool"
-				AdditionalDependencies="odbc32.lib odbccp32.lib ws2_32.lib libeay32.lib zlib.lib ttpcmn.lib dnsapi.lib user32.lib gdi32.lib SHELL32.lib comdlg32.lib advapi32.lib ole32.lib"
+				AdditionalDependencies="odbc32.lib odbccp32.lib ws2_32.lib libcrypto.lib zlib.lib ttpcmn.lib dnsapi.lib user32.lib gdi32.lib SHELL32.lib comdlg32.lib advapi32.lib ole32.lib"
 				LinkIncremental="1"
 				SuppressStartupBanner="true"
 				AdditionalLibraryDirectories="$(SolutionDir)..\libs\openssl\out32;$(SolutionDir)..\libs\zlib;$(SolutionDir)..\teraterm\$(ConfigurationName)"


Ttssh2-commit メーリングリストの案内