them for a short period of time (actually, poll them with select(),
then read() whatever is there), which is about 10ms (hard-coded value)
each.

Separate Windows and Unixly code, and start on a VMS variant that
currently just returns 0.

Add set of OCSP client functions. All experimental
and subject to addition, modifcation or deletion.

Add two OCSP nonce utility functions.

Fix typo in status code name.

application needs.

Add OCSP library name to error code.

Set correct type in ASN1_STRING for
INTEGER and ENUMERATED types.

Make ASN1_INTEGER_get() and ASN1_ENUMERATED_get()
return -1 for invalid type rather than 0 (which is
often valid). -1 may also be valid but this is less
likely.

Load OCSP error strings in ERR_load_crypto_strings().

Remove extensions argument from various functions
because it is not needed with the new extension
code.

New function OCSP_cert_to_id() to convert a pair
of certificates into an OCSP_CERTID.

New simple OCSP HTTP function. This is rather primitive
but just about adequate to send OCSP requests and
parse the response.

Fix typo in CRL distribution points extension.

Fix ASN1 code so it adds a final null to constructed
strings.

uses the new ASN1 code.

Make sure those are purged...

I've no idea were the KRB5 header files and libraries are placed on
Win32.  When there's better knowledge, we might be able to process the
other KRB5-related arguments as well...

options.  This is so mk1mf.pl can pick it up from Makefile.

is to have asn1.h include e_os.h and e_os2.h.  Of course, this makes
the unofficial "non-export" status of e_os.h a bit delicate...

Rewrite PKCS#12 code and remove some of the old
horrible macros.

Fix two evil ASN1 bugs. Attempt to use 'ctx' when
NULL if input is indefinite length constructed
in asn1_check_tlen() and invalid pointer to ASN1_TYPE
when reusing existing structure (this took *ages* to
find because the new PKCS#12 code triggered it).

objects) or OPENSSL_BUILD_SHLIBSSL (for files that end up as libssl
objects) is defined, redefine OPENSSL_EXTERN to be OPENSSL_EXPORT.
This is actually only important on Win32, and can safely be ignored in
all other cases, at least for now.

default value OPENSSL_IMPORT.  Explain the use of all those macros.

Add the C macros OPENSSL_BUILD_SHLIBCRYPTO and OPENSSL_BUILD_SHLIBSSL
to the build of the object files as appropriate for each library.

most of the old wrappers. A few of the old versions remain
because they are non standard and the corresponding ASN1
code has not been reimplemented yet.

zap some evil function pointers casts along the way...

* detect "unknown" algorithms (any C macro starting with NO_ that is
  not explicitely mentioned in mkdef.pl as a known algorithm) and
  report.
* add a number of algorithms that can be deselected.
* look in ssl/kssl.h as well.
* accept multiple whitespace (not just one SPC) in preprocessor lines.

something more efficient later...

currently OpenSSL itself wont compile with this set
because some old style stuff remains.

Change old functions X509_sign(), X509_verify() etc
to use new item based functions.

Replace OCSP function declarations with DECLARE macros.

The old function pointer versions will eventually go
away.

functions and signed/unsigned mismatch.

This will of course change if some of the unused functions
suddenly get used...

STACK_OF(X509_EXTENSION) so it should be passed
STACK_OF(X509_EXTENSION) ** in the first argument.

Modify wrappers appropriately.

encoding, replacing and deleting extensions.

Fix X509V3_get_d2i() so it uses takes note of
new critical behaviour.

disabling different SSL/TLS protocol versions.

Win32 but it is getting there...

Update mkdef.pl to handle ASN1_ANY and fix headers.

Stop various VC++ warnings.

Include some fixes from "Peter 'Luna' Runestig"
<peter@runestig.com>

Remove external declaration for des_set_weak_key_flag:
it doesn't exist.

will not support EDH cipher suites). The parameters can either be loaded
from a file (via "-dh_file"), generated by the application on start-up
("-dh_special generate"), or be standard DH parameters (as used in
s_server, etc).