details (performance numbers and accompanying discussions:-). Note that
the code is not engaged in ./Configure yet. I'll add it later this week
along with updates for .spec file.

Submitted by:
Reviewed by:
PR:

passwords that were given to the key loading functions were completely
ignored, at least in the ncipher code, and then we made the assumption
that the callback wanted a prompt as user argument.

All that is now changed, and the application author is forced to give
a callback function of type pem_callback_cb and possibly an argument
for it, just as for all other functions that want to generate password
prompting.

NOTE: this change creates binary and source incompatibilities with
previous versions of OpenSSL [engine].  It's worth it this time, to
get it right (or at least better and with a chance that it'll work).

Add missing variable length cipher flag for Blowfish.

Only use trust settings if either trust or reject settings
are present, otherwise use compatibility mode. This stops
root CAs being rejected if they have alias of keyid set.

For some unknown reason fopen("con", "w") is the
only way to make this work. Using "r+" and "w+"
causes the fopen call to fail and the fallback
(using stdin) doesn't work because writing to stdin
fails.

environment were a part of a Unix operating systems, but these days
you see an increasing number of installations that do not necessarely
have these crucial parts by default, so it's needs mentioning.

as gmtime_r() on the systems where that is defined.

DEC C only have them declared that way (it doesn't really matter,
since the linker is case-insensitive by default)

characters.

compilers will complain against the check for less than zero.

symbols.

mistake.

reachable.

It's completely untested for now.  To be done in the next few days.

is compiled.

Make rewrites the default, since it works, and people get confused if
changed information doesn't get rewritten automagically.

section.

Add ui_compat.h for inclusion by those who want the old functions and
provide all of them, not just the higher-level ones, in ui_compat.c.

redefined variables.

#if 0 out deleted (?) functions to stop Win32 DLL
build falling over.

Fix OPENSSL_IMPLEMENT_GLOBAL.

Allow Win32 to use EXPORT_VAR_AS_FN in mkdef.pl

make update.

Under VC++ _DLL is set to indicate that the application
will be linked against the DLL runtime library. It is
automatically set when /MD is used.

As a result OpenSSL shouldn't use _DLL to determine if
it should set OPENSSL_OPT_WINDLL because this will
cause linkage conflicts with static builds which do
include the /MD compiler switch.