to adhere to are listed.  It should be regarded as a complement to
whatever is out on the web, including the docs in http://www.openssl.org/

Submitted by: Zeroknowledge

This is superfluous now that we don't have to avoid creating
multiple versions of the file on VMS (because older versions
are now deleted).

decided to provide an alternative...

Add a couple of FAQs.

when PEM_read_bio_X509_REQ fails.

"Jan Mikkelsen" <janm@transactionsite.com> correctly states that the
OpenSSL header files have #include's and extern "C"'s in an incorrect
order.  Thusly fixed.

Also, make the memory debugging routines defined and declared with
prototypes, and use void* instead of char* for memory blobs.

And last of all, redo the ugly callback construct for elegance and
better definition (with prototypes).

"Jan Mikkelsen" <janm@transactionsite.com> correctly states that the
OpenSSL header files have #include's and extern "C"'s in an incorrect
order.  Thusly fixed.

"Jan Mikkelsen" <janm@transactionsite.com> correctly states that the
OpenSSL header files have #include's and extern "C"'s in an incorrect
order.  Thusly fixed.

for it).

Submitted by:
Reviewed by:
PR:

Submitted by:
Reviewed by:
PR:

is not constant.

the password prompt.

if a DSO_load(NULL,...) operation fails, it will have to call DSO_free() on
the DSO structure it created and that will filter through to this "unload"
call.

If the stack size is "< 1", then the library never actually loaded. To keep
things clean higher up, I'll treat this as a vacuous case without an error.
It makes the error stack easier to follow real world cases, and the error
this ignores was only useful for catching bugs in internal code, not
mismatched calls from applications (which should be handled in the generic
DSO layer).

with RSA_METHOD (the **_get_default_methods do set the default value if
it's not set). However, the code had some duplication and was a bit
conter-intuitive.

initialised, at which point an appropriate default was chosen. This meant a
call to RSA_get_default_method might have returned FALSE.

This change fixes that; now any called to RSA_new(), RSA_new_method(NULL), or
RSA_get_default_method() will ensure that a default is chosen if it wasn't
already.

technique used is far from perfect and alternatives are welcome.
Basically if the translation flag is set, the string is not too
long, and there appears to be no path information in the string,
then it is converted to whatever the standard should be for the
DSO_METHOD in question, eg;
    blah --> libblah.so   on *nix, and
    blah --> blah.dll     on win32.

This change also introduces the DSO_ctrl() function that is used
by the name translation stuff.