the trunk to keep diffs small.

It now looks along $PATH for a working bc and returns the absolute
path to one that does work.

Overhaul the display of certificate details in
the 'ca' utility. This can now be extensively
customised in the configuration file and handles
multibyte strings and extensions properly.

This is required when extensions copying from
certificate requests is supported: the user
must be able to view the extensions before
allowing a certificate to be issued.

The latter does nothing for now, but its existence means
that applications can request precomputation when appropriate.

multiplication of an arbitrary number of points.

HTTP responses.

Add the 'ec' directory to mkdef.pl and mkfiles.pl
so the Windows build can see it.

Fixup mkdef.pl so it doesn't mess up with function
names longer than 39 characters in length.

Change the EVP_somecipher() and EVP_somedigest()
functions to return constant EVP_MD and EVP_CIPHER
pointers.

Update docs.

and an ectest.c that actually tests something.

Incease the number of BIGNUMs in a BN_CTX.

Make EVP_Digest*() routines return a value.

TODO: update docs, and make soe other routines
which use EVP_Digest*() check return codes.

sets the subject name for a new request or supersedes the
subject name in a given request.

Add options '-batch' and '-verbose' to 'openssl req'.

Submitted by: Massimiliano Pala <madwolf@hackmasters.net>
Reviewed by: Bodo Moeller

functions on platform were that's the best way to handle exporting
global variables in shared libraries.  To enable this functionality,
one must configure with "EXPORT_VAR_AS_FN" or defined the C macro
"OPENSSL_EXPORT_VAR_AS_FUNCTION" in crypto/opensslconf.h (the latter
is normally done by Configure or something similar).

To implement a global variable, use the macro OPENSSL_IMPLEMENT_GLOBAL
in the source file (foo.c) like this:

	OPENSSL_IMPLEMENT_GLOBAL(int,foo)=1;
	OPENSSL_IMPLEMENT_GLOBAL(double,bar);

To declare a global variable, use the macros OPENSSL_DECLARE_GLOBAL
and OPENSSL_GLOBAL_REF in the header file (foo.h) like this:

	OPENSSL_DECLARE_GLOBAL(int,foo);
	#define foo OPENSSL_GLOBAL_REF(foo)
	OPENSSL_DECLARE_GLOBAL(double,bar);
	#define bar OPENSSL_GLOBAL_REF(bar)

The #defines are very important, and therefore so is including the
header file everywere where the defined globals are used.

The macro OPENSSL_EXPORT_VAR_AS_FUNCTION also affects the definition
of ASN.1 items, but that structure is a bt different.

The largest change is in util/mkdef.pl which has been enhanced with
better and easier to understand logic to choose which symbols should
go into the Windows .def files as well as a number of fixes and code
cleanup (among others, algorithm keywords are now sorted
lexicographically to avoid constant rewrites).

Fix bug in copy_email() which would not
find emailAddress at start of subject name.

Fix a bug which caused BN_div to produce the
wrong result if rm==num and num < 0.

Enhance OCSP_request_verify() so it finds the signers certificate
properly and supports several flags.

Print out OID of unknown signature or public key
algorithms.

key algorithms and leaking if the signature verify
fails.

or serial number.

form '#if defined(...) || defined(...) || ...' and '#if !defined(...)
&& !defined(...) && ...'.  This also avoids the growing number of
special cases it was previously handling (some of them wrongly).

Mention BN_[pseudo_]rand with top=-1 in CHANGES.

sure they are available in opensslconf.h, by giving them names starting
with "OPENSSL_" to avoid conflicts with other packages and by making
sure e_os2.h will cover all platform-specific cases together with
opensslconf.h.

I've checked fairly well that nothing breaks with this (apart from
external software that will adapt if they have used something like
NO_KRB5), but I can't guarantee it completely, so a review of this
change would be a good thing.

Remove the old broken bio read of serial numbers in the 'ca' index
file. This would choke if a revoked certificate was specified with
a negative serial number.

Fix typo in uid.c