of OPENSSL_NO_FP_API on existence of OPENSSL_SYS_MSDOS to e_os2.h.

and changes to mkdef.pl so it recognises them.

Use these in policyMappings extension.

enable it automatically for the built-in engine

PR: 542

PR: 540

PR: 538

replace mode.
PR: 528

PR: 520

PR: 517

PR: 516

an X509_INFO structure can contain more than one object,
for example a certififcate and a CRL.

Add table order test to end of a_strnid.c

applications if they were passing a bogus 'flags' parameter yet having
things work as they wanted anyway.

dsa_mod_exp() and bn_mod_exp() handlers from dsa_do_verify() and
dsa_sign_setup(). When another DSA_METHOD implementation does not define
these lower-level handlers, it becomes impossible to do a fallback to
software on errors using a simple DSA_OpenSSL()->fn(key).

This change allows the default DSA_METHOD to function in such circumstances
by only using dsa_mod_exp() and bn_mod_exp() handlers if they exist,
otherwise using BIGNUM implementations directly (which is what those
handlers did before this change). There should be no noticable difference
for the software case, or indeed any custom case that didn't already
segfault, except perhaps that there is now one less level of indirection in
all cases.

PR: 507

- bugfix: in ECDH_compute_key, pad x coordinate with leading zeros if necessary

PR: 343

Two fixes:

1. If BIO_write() fails inside enc_write() it should return the
   total number of bytes successfully written.

2. If BIO_write() fails during BIO_flush() it should return immediately
   with the error code: previously it would fall through to the final
   encrypt, corrupting the buffer.

the buffer pointer.

Rename PKCS7_PARTSIGN to PKCS7_STREAM.

Guess what that's for :-)