Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

DTLS listen bug fix,

The functions ENGINE_ctrl(), OPENSSL_isservice(),
CMS_get1_RecipientRequest() and RAND_bytes() can return <=0 on error fix
so the return code is checked correctly.

Submitted by: James Beckett <jmb.openssl@nospam.hackery.net>, steve
Approved by: steve@openssl.org

Fix documentation errors in d2i_X509 manual pages.

Submitted by: Tomas Mraz <tmraz@redhat.com>
Approved by: steve@openssl.org

Constify SSL_CIPHER_description

Submitted by: steve@openssl.org

Allow use of trusted certificates in SSL_CTX_use_chain_file()

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

DTLS listen support.

in devteam warnings into other configurations.

possible PRNG state duplication.

Submitted by: steve@openssl.org

Fix to make DHparams_dup() et al work in C++.

For 0.9.8, we just change the macro to avoid making incompatible changes to
the API.

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Fix DTLS cookie management bugs.

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Fix DTLS record header length bug.

Submitted by: "Alexei Khlebnikov" <alexei.khlebnikov@opera.com>
Approved by: steve@openssl.org

Avoid memory leak and fix error reporting in d2i_SSL_SESSION(). NB: although
the ticket mentions buffer overruns this isn't a security issue because
the SSL_SESSION structure is generated internally and it should never be
possible to supply its contents from an untrusted application (this would
among other things destroy session cache security).

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Do not use multiple DTLS records for a single user message

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Define LIBDIR properly.

Put it back where it was and place an inclusion of e_os2.h to get platform
macros defined...

Make sure _XOPEN_SOURCE_EXTENDED is defined in opensslconf.h

Submitted by Zoltan Arpadffy <zoli@polarhome.com>

Don't have separate installation directory variables for VAX and AXP.

Submitted by Zoltan Arpadffy <zoli@polarhome.com>

Define EXE_DIR earlier.
Make sure S_SOCKET also gets compiled with _POSIX_C_SOURCE defined.

Submitted by Zoltan Arpadffy <zoli@polarhome.com>

to be properly defined.

Submitted by Zoltan Arpadffy <arpadffy@polarhome.com>

Parse file types in a more secure manner.

Submitted by sms@antinode.info (Steven M. Schweda)

Submitted by Arpadffy Zoltan <Zoltan.Arpadffy@scientificgames.se>

Submitted by Arpadffy Zoltan <Zoltan.Arpadffy@scientificgames.se>

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

DTLS timeout handling fix.

Submitted by: "Bayram Kurumahmut" <kbayram@ubicom.com>
Approved by: steve@openssl.org

Don't use HAVE_FORK in apps/speed.c it can conflict with configured version.

Make it possible to install OpenSSL in directories with name other
than "lib" for example "lib64". Based on patch from Jeremy Utley.