Changes between 0.9.6 and 0.9.7  [xx XXX 2000]

  *) Fix to avoid calling the underlying ASN1 print routine when

     an extension cannot be parsed. Correct a typo in the

     OCSP_SERVICELOC extension. Tidy up print OCSP format.

     [Steve Henson]

  *) Increase s2->wbuf allocation by one byte in ssl2_new (ssl/s2_lib.c).

     Otherwise do_ssl_write (ssl/s2_pkt.c) will write beyond buffer limits

     when writing a 32767 byte record.

  *) Make mkdef.pl parse some of the ASN1 macros and add apropriate

     entries for variables.

     [Steve Henson]

  *) Add functionality to apps/openssl.c for detecting locking

     problems: As the program is single-threaded, all we have

     [Steve Henson]

  *) Merge in replacement ASN1 code from the ASN1 branch. This almost

     completely replaces the old ASN1 functionality.

     completely replaces the old ASN1 functionality with a table driven

     encoder and decoder which interprets an ASN1_ITEM structure describing

     the ASN1 module. Compatibility with the existing ASN1 API (i2d,d2i) is

     largely maintained. Almost all of the old asn1_mac.h macro based ASN1

     has also been converted to the new form.

     [Steve Henson]

  *) Change BN_mod_exp_recp so that negative moduli are tolerated

ASN1_SEQUENCE(OCSP_SERVICELOC) = {

	ASN1_SIMPLE(OCSP_SERVICELOC, issuer, X509_NAME),

	ASN1_SEQUENCE_OF(OCSP_SERVICELOC, locator, ACCESS_DESCRIPTION)

	ASN1_SEQUENCE_OF_OPT(OCSP_SERVICELOC, locator, ACCESS_DESCRIPTION)

} ASN1_SEQUENCE_END(OCSP_SERVICELOC);

IMPLEMENT_ASN1_FUNCTIONS(OCSP_SERVICELOC)

		cid = one->reqCert;

		ocsp_certid_print(bp, cid, 8);

		if (!X509V3_extensions_print(bp,

					"OCSP Request Single Extensions",

					one->singleRequestExtensions, flags, 4))

					"Request Single Extensions",

					one->singleRequestExtensions, flags, 8))

							goto err;

		}

	if (!X509V3_extensions_print(bp, "OCSP Request Extensions",

	if (!X509V3_extensions_print(bp, "Request Extensions",

			inf->requestExtensions, flags, 4))

							goto err;

	if (sig)

	        {

		X509_signature_print(bp, sig->signatureAlgorithm, sig->signature);

		}

		for (i=0; i<sk_X509_num(sig->certs); i++)

		if (sk_X509_value(sig->certs,i) != NULL) {

			{

			X509_print(bp, sk_X509_value(sig->certs,i));

			PEM_write_bio_X509(bp,sk_X509_value(sig->certs,i));

			}

		}

	return 1;

err:

	return 0;

			}

		if (!BIO_write(bp,"\n",1)) goto err;

		if (!X509V3_extensions_print(bp,

					"OCSP Basic Response Single Extensions",

					single->singleExtensions, flags, 4))

					"Response Single Extensions",

					single->singleExtensions, flags, 8))

							goto err;

		}

	if (!X509V3_extensions_print(bp, "OCSP Basic Response Extensions",

	if (!X509V3_extensions_print(bp, "Response Extensions",

					rd->responseExtensions, flags, 4))

	if(X509_signature_print(bp, br->signatureAlgorithm, br->signature) <= 0)

							goto err;

	for (i=0; i<sk_X509_num(br->certs); i++)

		if (sk_X509_value(br->certs,i) != NULL) {

		{

		X509_print(bp, sk_X509_value(br->certs,i));

		PEM_write_bio_X509(bp,sk_X509_value(br->certs,i));

		}

	OCSP_SERVICELOC *a = in;

	ACCESS_DESCRIPTION *ad;

        if (BIO_printf(bp, "%*ssIissuer: ", ind, "") <= 0) goto err;

        if (BIO_printf(bp, "%*sIssuer: ", ind, "") <= 0) goto err;

        if (X509_NAME_print_ex(bp, a->issuer, 0, XN_FLAG_ONELINE) <= 0) goto err;

	for (i = 0; i < sk_ACCESS_DESCRIPTION_num(a->locator); i++)

	        {

	if(method->it) ext_str = ASN1_item_d2i(NULL, &p, ext->value->length, method->it);

	else ext_str = method->d2i(NULL, &p, ext->value->length);

	if(!ext_str) unknown_ext_print(out, ext, flag, indent, 1);

	if(!ext_str) return unknown_ext_print(out, ext, flag, indent, 1);

	if(method->i2s) {

		if(!(value = method->i2s(method, ext_str))) {