rand_lcl.h

Make req seed the PRNG if signing with
an already existing DSA key.

Document the new smime options.

is easier to grasp.

call the i2c/c2i (they were not using the
content length for the headers).

Fix ASN1 long form tag encoding. This never
worked but it was never tested since it is
only used for tags > 30.

New options to smime program to allow the
PKCS#7 format to be specified and the content
supplied externally.

New ASN1 functions that just deal with
content octets, not tag+length.

limit higher and thereby get through compilation of sha_dgst.c.

could be done automagically, much like the numbering in libeay.num and
ssleay.num.  The solution works as follows:

  - New object identifiers are inserted in objects.txt, following the
    syntax given in objects.README.
  - objects.pl is used to process obj_mac.num and create a new
    obj_mac.h.
  - obj_dat.pl is used to create a new obj_dat.h, using the data in
    obj_mac.h.

This is currently kind of a hack, and the perl code in objects.pl
isn't very elegant, but it works as I intended.  The simplest way to
check that it worked correctly is to look in obj_dat.h and check the
array nid_objs and make sure the objects haven't moved around (this is
important!).  Additions are OK, as well as consistent name changes.

may be disabled by preprocessor symbols)

Submitted by: bowe@chip.ma.certco.com

The message to everyone is "Do not hack OpenSSL when stressed"...

EGD should be used as seeding input, and where the named socket is.

the RANDEGD environment variable.

today.  Time to add extra info so the poor users know where to
go with their troubles.

always in the users $PATH...

Suggested by Randolph Bentson <bentson@grieg.holmsjoen.com>

(Still needs to be tested against the original using sample passwords
of different length.)

just converting some spaces to tabs from his fix. :-)

comment out in the previous commit

and for small 'a' also a couple of calls to
BN_mod_mul_montgomery(r, r, r, ...).

applications.  Also, have it and the certificate and key loading
functions take a BIO argument for error output.

addition to the file given through the RANDFILE option or environment
variable.

the 'INSTALL' file, which means that 9 times of 10, the BlowFish
headers won't get installed.  Avoid this in the same way it's done in
crypto/des/Makefile.ssl, where someone apparently has thought of this...