Enhance OCSP_request_verify() so it finds the signers certificate
properly and supports several flags.

Note that all *_it variables are suddenly non-existant according to
libeay.num.  This is a bug that will be corrected.  Please be patient.

the errant field for more ASN1 error conditions.

Print out OID of unknown signature or public key
algorithms.

key algorithms and leaking if the signature verify
fails.

like to use libtool, but not automake.

Let's investigate that further, or leave the question open for now.

or serial number.

prototype hack. This unfortunately means that
every ASN1_*_END construct cannot have a
trailing ;

change the way ASN1 modules are exported.

Still needs a bit of work for example the hack which a
dummy function prototype to avoid compilers warning about
multiple ;s.

an SSL_CTX's session cache, it is necessary to compare the ssl_version at
the same time (a conflict is defined, courtesy of SSL_SESSION_cmp(), as a
matching id/id_length pair and a matching ssl_version). However, the
SSL_SESSION that will result from the current negotiation does not
necessarily have the same ssl version as the "SSL_METHOD" in use by the
SSL_CTX - part of the work in a handshake is to agree on an ssl version!

This is fixed by having the check function accept an SSL pointer rather
than the SSL_CTX it belongs to.

[Thanks to Lutz for illuminating the full extent of my stupidity]

Define the right macro for Linux and other GNU-based systems to get a correct declaration of strdup()

really see why we need to define these function pointers with MS_FAR
if it's not done cosistently everywhere.

If we decide to support MS_FAR modifiers, it's better to have the
named something more unique for OpenSSL and to define them in e_os2.h.

Define the OPENSSL_NO_* macros as NO_* macros for the sake of applications thathaven't yet been changed

to include (but the OpenSSL_0_9_6-stable branche still has
inconsistencies)

and make all files the depend on it include it without prefixing it
with openssl/.

This means that all Makefiles will have $(TOP) as one of the include
directories.

compared to it has the type size_t.  Included the needed headers to
make that happen.

defined there.

OPENSSL_UNISTD before redefining it, to avoid compiler warnings.

pre-CRYPTO_MEM_LEAK_CB time.

make strcasecmp a macro to _stricmp.

The reason is that some parts are only included when certain other
include files have been included.

Also, it seems that the rest of the OpenSSL code assumes that all
kinds of M$ Windows are MSDOS as well...

there's no point creating an alias for it.

SSL_add_dir_cert_subjects_to_stack is not implemented on WIN32 and
VMS, so declare it the same way.

Rebuild ASN1 error codes to remove unused function and reason codes.

the ID will be padded out to 16 bytes if the callback attempted to generate
a shorter one. The problem is that the uniqueness checking function used in
callbacks may mistakenly think a 9-byte ID is unique when in fact its
padded 16-byte version is not. This makes the checking function detect
SSLv2 cases, and ensures the padded form is checked rather than the shorter
one passed by the callback.

of session IDs. Namely, passing "-id_prefix <text>" will set a
generate_session_id() callback that generates session IDs as random data
with <text> block-copied over the top of the start of the ID. This can be
viewed by watching the session ID s_client's output when it connects.

This is mostly useful for testing any SSL/TLS code (eg. proxies) that wish
to deal with multiple servers, when each of which might be generating a
unique range of session IDs (eg. with a certain prefix).