(oops) Apologies all, that last header-cleanup commit was from the wrong

tree. This further reduces header interdependencies, and makes some
associated cleanups.

crypto/asn1/t_req.c

@@ -63,6 +63,8 @@
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 #include <openssl/x509v3.h>
+#include <openssl/rsa.h>
+#include <openssl/dsa.h>
 
 #ifndef OPENSSL_NO_FP_API
 int X509_REQ_print_fp(FILE *fp, X509_REQ *x)

crypto/asn1/t_spki.c

@@ -60,6 +60,8 @@
 #include "cryptlib.h"
 #include <openssl/x509.h>
 #include <openssl/asn1.h>
+#include <openssl/rsa.h>
+#include <openssl/dsa.h>
 
 /* Print out an SPKI */
 

crypto/asn1/x_pubkey.c

@@ -60,6 +60,8 @@
 #include "cryptlib.h"
 #include <openssl/asn1t.h>
 #include <openssl/x509.h>
+#include <openssl/rsa.h>
+#include <openssl/dsa.h>
 
 /* Minor tweak to operation: free up EVP_PKEY */
 static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)

crypto/cryptlib.c

@@ -114,10 +114,7 @@
  * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
  */
 
-#include <stdio.h>
-#include <string.h>
 #include "cryptlib.h"
-#include <openssl/crypto.h>
 #include <openssl/safestack.h>
 
 #if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16)

crypto/cversion.c

@@ -56,10 +56,7 @@
  * [including the GNU Public Licence.]
  */
 
-#include <stdio.h>
-#include <string.h>
 #include "cryptlib.h"
-#include <openssl/crypto.h>
 
 #ifndef NO_WINDOWS_BRAINDEATH
 #include "buildinf.h"

crypto/dsa/dsa.h

@@ -77,9 +77,12 @@
 #include <openssl/bn.h>
 #include <openssl/crypto.h>
 #include <openssl/ossl_typ.h>
+
+#ifndef OPENSSL_NO_DEPRECATED
 #ifndef OPENSSL_NO_DH
 # include <openssl/dh.h>
 #endif
+#endif
 
 #define DSA_FLAG_CACHE_MONT_P	0x01
 

crypto/dsa/dsa_lib.c

@@ -66,6 +66,7 @@
 #ifndef OPENSSL_NO_ENGINE
 #include <openssl/engine.h>
 #endif
+#include <openssl/dh.h>
 
 const char *DSA_version="DSA" OPENSSL_VERSION_PTEXT;
 

crypto/ec/ectest.c

@@ -92,6 +92,7 @@ int main(int argc, char * argv[]) { puts("Elliptic curves are disabled."); retur
 #include <openssl/err.h>
 #include <openssl/obj_mac.h>
 #include <openssl/objects.h>
+#include <openssl/rand.h>
 
 #define ABORT do { \
 	fflush(stdout); \

crypto/ecdh/ech_lib.c

@@ -70,6 +70,7 @@
 #include "ecdh.h"
 #include <string.h>
 #include <openssl/engine.h>
+#include <openssl/err.h>
 
 const char *ECDH_version="ECDH" OPENSSL_VERSION_PTEXT;
 

crypto/ecdsa/ecs_lib.c

@@ -56,6 +56,7 @@
 #include <string.h>
 #include "ecdsa.h"
 #include <openssl/engine.h>
+#include <openssl/err.h>
 
 const char *ECDSA_version="ECDSA" OPENSSL_VERSION_PTEXT;
 

crypto/engine/eng_all.c

@@ -56,8 +56,7 @@
  *
  */
 
-#include <openssl/err.h>
-#include <openssl/engine.h>
+#include "cryptlib.h"
 #include "eng_int.h"
 
 void ENGINE_load_builtin_engines(void)

crypto/engine/eng_cnf.c

@@ -56,11 +56,8 @@
  *
  */
 
-#include <stdio.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
+#include "eng_int.h"
 #include <openssl/conf.h>
-#include <openssl/engine.h>
 
 /* #define ENGINE_CONF_DEBUG */
 

crypto/engine/eng_ctrl.c

@@ -53,10 +53,7 @@
  *
  */
 
-#include <openssl/crypto.h>
-#include "cryptlib.h"
 #include "eng_int.h"
-#include <openssl/engine.h>
 
 /* When querying a ENGINE-specific control command's 'description', this string
  * is used if the ENGINE_CMD_DEFN has cmd_desc set to NULL. */

crypto/engine/eng_dyn.c

@@ -57,11 +57,7 @@
  */
 
 
-#include <stdio.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
 #include "eng_int.h"
-#include <openssl/engine.h>
 #include <openssl/dso.h>
 
 /* Shared libraries implementing ENGINEs for use by the "dynamic" ENGINE loader

crypto/engine/eng_fat.c

@@ -58,10 +58,7 @@
  * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
  */
 
-#include <openssl/crypto.h>
-#include "cryptlib.h"
 #include "eng_int.h"
-#include <openssl/engine.h>
 #include <openssl/conf.h>
 
 int ENGINE_set_default(ENGINE *e, unsigned int flags)

crypto/engine/eng_init.c

@@ -53,10 +53,7 @@
  *
  */
 
-#include <openssl/crypto.h>
-#include "cryptlib.h"
 #include "eng_int.h"
-#include <openssl/engine.h>
 
 /* Initialise a engine type for use (or up its functional reference count
  * if it's already in use). This version is only used internally. */

crypto/engine/eng_int.h

@@ -64,6 +64,7 @@
 #ifndef HEADER_ENGINE_INT_H
 #define HEADER_ENGINE_INT_H
 
+#include "cryptlib.h"
 /* Take public definitions from engine.h */
 #include <openssl/engine.h>
 

crypto/engine/eng_lib.c

@@ -56,11 +56,8 @@
  *
  */
 
-#include <openssl/crypto.h>
-#include "cryptlib.h"
 #include "eng_int.h"
-#include <openssl/rand.h> /* FIXME: This shouldn't be needed */
-#include <openssl/engine.h>
+#include <openssl/rand.h>
 
 /* The "new"/"free" stuff first */
 

crypto/engine/eng_list.c

@@ -61,10 +61,7 @@
  * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
  */
 
-#include <openssl/crypto.h>
-#include "cryptlib.h"
 #include "eng_int.h"
-#include <openssl/engine.h>
 
 /* The linked-list of pointers to engine types. engine_list_head
  * incorporates an implicit structural reference but engine_list_tail

crypto/engine/eng_pkey.c

@@ -53,10 +53,7 @@
  *
  */
 
-#include <openssl/crypto.h>
-#include "cryptlib.h"
 #include "eng_int.h"
-#include <openssl/engine.h>
 
 /* Basic get/set stuff */
 

crypto/engine/tb_cipher.c

@@ -52,8 +52,6 @@
  *
  */
 
-#include <openssl/evp.h>
-#include <openssl/engine.h>
 #include "eng_int.h"
 
 /* If this symbol is defined then ENGINE_get_cipher_engine(), the function that

crypto/engine/tb_dh.c

@@ -52,8 +52,6 @@
  *
  */
 
-#include <openssl/evp.h>
-#include <openssl/engine.h>
 #include "eng_int.h"
 
 /* If this symbol is defined then ENGINE_get_default_DH(), the function that is

crypto/engine/tb_digest.c

@@ -52,8 +52,6 @@
  *
  */
 
-#include <openssl/evp.h>
-#include <openssl/engine.h>
 #include "eng_int.h"
 
 /* If this symbol is defined then ENGINE_get_digest_engine(), the function that

crypto/engine/tb_dsa.c

@@ -52,8 +52,6 @@
  *
  */
 
-#include <openssl/evp.h>
-#include <openssl/engine.h>
 #include "eng_int.h"
 
 /* If this symbol is defined then ENGINE_get_default_DSA(), the function that is

crypto/engine/tb_ecdh.c

@@ -67,8 +67,6 @@
  *
  */
 
-#include <openssl/evp.h>
-#include <openssl/engine.h>
 #include "eng_int.h"
 
 /* If this symbol is defined then ENGINE_get_default_ECDH(), the function that is

crypto/engine/tb_ecdsa.c

@@ -52,8 +52,6 @@
  *
  */
 
-#include <openssl/evp.h>
-#include <openssl/engine.h>
 #include "eng_int.h"
 
 /* If this symbol is defined then ENGINE_get_default_ECDSA(), the function that is

crypto/engine/tb_rand.c

@@ -52,8 +52,6 @@
  *
  */
 
-#include <openssl/evp.h>
-#include <openssl/engine.h>
 #include "eng_int.h"
 
 /* If this symbol is defined then ENGINE_get_default_RAND(), the function that is

crypto/engine/tb_rsa.c

@@ -52,8 +52,6 @@
  *
  */
 
-#include <openssl/evp.h>
-#include <openssl/engine.h>
 #include "eng_int.h"
 
 /* If this symbol is defined then ENGINE_get_default_RSA(), the function that is

crypto/engine/tb_store.c

@@ -52,8 +52,6 @@
  *
  */
 
-#include <openssl/evp.h>
-#include <openssl/engine.h>
 #include "eng_int.h"
 
 /* If this symbol is defined then ENGINE_get_default_STORE(), the function that is

crypto/evp/evp_pkey.c

@@ -61,6 +61,8 @@
 #include "cryptlib.h"
 #include <openssl/x509.h>
 #include <openssl/rand.h>
+#include <openssl/rsa.h>
+#include <openssl/dsa.h>
 
 #ifndef OPENSSL_NO_DSA
 static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey);

crypto/evp/m_dss.c

@@ -61,6 +61,7 @@
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include <openssl/x509.h>
+#include <openssl/dsa.h>
 
 #ifndef OPENSSL_NO_SHA
 static int init(EVP_MD_CTX *ctx)

crypto/evp/m_dss1.c

@@ -64,6 +64,7 @@
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include <openssl/x509.h>
+#include <openssl/dsa.h>
 
 static int init(EVP_MD_CTX *ctx)
 	{ return SHA1_Init(ctx->md_data); }

crypto/evp/m_md2.c

@@ -65,6 +65,7 @@
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 #include <openssl/md2.h>
+#include <openssl/rsa.h>
 
 static int init(EVP_MD_CTX *ctx)
 	{ return MD2_Init(ctx->md_data); }

crypto/evp/m_md4.c

@@ -65,6 +65,7 @@
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 #include <openssl/md4.h>
+#include <openssl/rsa.h>
 
 static int init(EVP_MD_CTX *ctx)
 	{ return MD4_Init(ctx->md_data); }

crypto/evp/m_md5.c

@@ -65,6 +65,7 @@
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 #include <openssl/md5.h>
+#include <openssl/rsa.h>
 
 static int init(EVP_MD_CTX *ctx)
 	{ return MD5_Init(ctx->md_data); }

crypto/evp/m_mdc2.c

@@ -65,6 +65,7 @@
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 #include <openssl/mdc2.h>
+#include <openssl/rsa.h>
 
 static int init(EVP_MD_CTX *ctx)
 	{ return MDC2_Init(ctx->md_data); }

crypto/evp/m_ripemd.c

@@ -65,6 +65,7 @@
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include <openssl/x509.h>
+#include <openssl/rsa.h>
 
 static int init(EVP_MD_CTX *ctx)
 	{ return RIPEMD160_Init(ctx->md_data); }

crypto/evp/m_sha.c

@@ -64,6 +64,7 @@
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include <openssl/x509.h>
+#include <openssl/rsa.h>
 
 static int init(EVP_MD_CTX *ctx)
 	{ return SHA_Init(ctx->md_data); }

crypto/evp/m_sha1.c

@@ -64,6 +64,7 @@
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include <openssl/x509.h>
+#include <openssl/rsa.h>
 
 static int init(EVP_MD_CTX *ctx)
 	{ return SHA1_Init(ctx->md_data); }

crypto/evp/p_lib.c

@@ -64,6 +64,9 @@
 #include <openssl/evp.h>
 #include <openssl/asn1_mac.h>
 #include <openssl/x509.h>
+#include <openssl/rsa.h>
+#include <openssl/dsa.h>
+#include <openssl/dh.h>
 
 static void EVP_PKEY_free_it(EVP_PKEY *x);
 

crypto/evp/p_open.c

@@ -64,6 +64,7 @@
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include <openssl/x509.h>
+#include <openssl/rsa.h>
 
 int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
 	const unsigned char *ek, int ekl, const unsigned char *iv,

crypto/ex_data.c

@@ -138,12 +138,8 @@
  *
  */
 
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/buffer.h>
-#include <openssl/bio.h>
-#include <openssl/lhash.h>
 #include "cryptlib.h"
+#include <openssl/lhash.h>
 
 /* What an "implementation of ex_data functionality" looks like */
 struct st_CRYPTO_EX_DATA_IMPL

crypto/pem/pem_all.c

@@ -117,6 +117,9 @@
 #include <openssl/x509.h>
 #include <openssl/pkcs7.h>
 #include <openssl/pem.h>
+#include <openssl/rsa.h>
+#include <openssl/dsa.h>
+#include <openssl/dh.h>
 
 #ifndef OPENSSL_NO_RSA
 static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa);

crypto/pem/pem_info.c

@@ -63,6 +63,8 @@
 #include <openssl/evp.h>
 #include <openssl/x509.h>
 #include <openssl/pem.h>
+#include <openssl/rsa.h>
+#include <openssl/dsa.h>
 
 #ifndef OPENSSL_NO_FP_API
 STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u)

crypto/pem/pem_seal.c

@@ -64,6 +64,7 @@
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 #include <openssl/pem.h>
+#include <openssl/rsa.h>
 
 int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type,
 	     unsigned char **ek, int *ekl, unsigned char *iv, EVP_PKEY **pubk,

crypto/x509/x509.h

@@ -79,14 +79,6 @@
 #include <openssl/asn1.h>
 #include <openssl/safestack.h>
 
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-
 #ifndef OPENSSL_NO_EC
 #include <openssl/ec.h>
 #endif
@@ -99,9 +91,18 @@
 #include <openssl/ecdh.h>
 #endif
 
+#ifndef OPENSSL_NO_DEPRECATED
+#ifndef OPENSSL_NO_RSA
+#include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
+#include <openssl/dsa.h>
+#endif
 #ifndef OPENSSL_NO_DH
 #include <openssl/dh.h>
 #endif
+#endif
+
 #ifndef OPENSSL_NO_SHA
 #include <openssl/sha.h>
 #endif

crypto/x509/x_all.c

@@ -64,6 +64,8 @@
 #include <openssl/asn1.h>
 #include <openssl/evp.h>
 #include <openssl/x509.h>
+#include <openssl/rsa.h>
+#include <openssl/dsa.h>
 
 int X509_verify(X509 *a, EVP_PKEY *r)
 	{

ssl/s2_lib.c

@@ -59,7 +59,6 @@
 #include "ssl_locl.h"
 #ifndef OPENSSL_NO_SSL2
 #include <stdio.h>
-#include <openssl/rsa.h>
 #include <openssl/objects.h>
 #include <openssl/evp.h>
 #include <openssl/md5.h>

ssl/s3_clnt.c

@@ -130,6 +130,7 @@
 #include <openssl/objects.h>
 #include <openssl/evp.h>
 #include <openssl/md5.h>
+#include <openssl/dh.h>
 
 static SSL_METHOD *ssl3_get_client_method(int ver);
 static int ssl3_client_hello(SSL *s);

ssl/s3_lib.c

@@ -127,6 +127,7 @@
 #include "ssl_locl.h"
 #include "kssl_lcl.h"
 #include <openssl/md5.h>
+#include <openssl/dh.h>
 
 const char *ssl3_version_str="SSLv3" OPENSSL_VERSION_PTEXT;
 

ssl/s3_srvr.c

@@ -133,6 +133,7 @@
 #include <openssl/objects.h>
 #include <openssl/evp.h>
 #include <openssl/x509.h>
+#include <openssl/dh.h>
 #ifndef OPENSSL_NO_KRB5
 #include <openssl/krb5_asn.h>
 #endif

ssl/ssl_cert.c

@@ -133,6 +133,7 @@
 #include <openssl/bio.h>
 #include <openssl/pem.h>
 #include <openssl/x509v3.h>
+#include <openssl/dh.h>
 #include "ssl_locl.h"
 
 int SSL_get_ex_data_X509_STORE_CTX_idx(void)

ssl/ssl_lib.c

@@ -125,6 +125,7 @@
 #include <openssl/objects.h>
 #include <openssl/lhash.h>
 #include <openssl/x509v3.h>
+#include <openssl/dh.h>
 
 const char *SSL_version_str=OPENSSL_VERSION_TEXT;
 

ssl/ssl_locl.h

@@ -130,6 +130,8 @@
 #include <openssl/evp.h>
 #include <openssl/stack.h>
 #include <openssl/x509.h>
+#include <openssl/rsa.h>
+#include <openssl/dsa.h>
 #include <openssl/err.h>
 #include <openssl/ssl.h>
 #include <openssl/symhacks.h>

ssl/ssltest.c

@@ -138,6 +138,9 @@
 #endif
 #include <openssl/err.h>
 #include <openssl/rand.h>
+#include <openssl/rsa.h>
+#include <openssl/dsa.h>
+#include <openssl/dh.h>
 
 #define _XOPEN_SOURCE_EXTENDED	1 /* Or gethostname won't be declared properly
 				     on Compaq platforms (at least with DEC C).