Makefile.  (The default is never actually used though because
the top Makefile passes its value of PERL down to sub-Makefiles.)

"make tests"

- 0.9.6a is under development
- a couple of illegal includes of <openssl/e_os.h> should be purged
- ex_data sucks

entries are still current or what they are about:

    o  non-blocking socket on AIX
    o  $(PERL) in */Makefile.ssl

So I'll remove them for now.

Add '-d' option for 'openssl version' (included in '-a').

that they match the function definitions (namely, remove file/line
parameters from free_func).

handling routines that need file name and line number information,
I've added a call level to our memory handling routines to allow that
kind of hooking.

unicode strings. Certain PKCS#12 files contain these
in BMPStrings and it used to crash on them.

didn't even give a warning for this yet HPUX cc considered it an error.
Reported by Lutz(@openssl.org).

only queried when the /dev/[u]random devices did not return enough
entropy. Only the amount of entropy missing to reach the required minimum
is queried, as EGD may be drained.
Queried locations are: /etc/entropy, /var/run/egd-pool

on details. :-)

correctly, but RAND_add(..,n) counts the increasing n several times.
Only RAND_add(..,n) once entropy collection is finished.

"doall" functions to using type-safe wrappers. As and where required, this
can be replaced by redeclaring the underlying callbacks to use the
underlying "void"-based prototypes (eg. if performance suffers from an
extra level of function invocation).

to LHASH usage. NB: The callback type used as been suctioned off into
crypto.h as CRYPTO_MEM_LEAK_CB to improve clarity.

around the callbacks required in the LHASH code for the "doall" functions.

Also - fix the evil function pointer casting in the two lh_doall functions
by deferring to a static utility function. Previously lh_doall() was
invoking lh_doall_arg() by casting the callback to the 2-parameter
prototype and passing in a NULL argument. This appears to have been working
thus far but it's not a hot idea. If the extra level of indirection becomes
a performance hit, we can just provide two virtually identical
implementations for each variant later on.

LHASH code, this evil was uncovered. The cast was obscuring the fact that
the function was prototyped to take 2 parameters when in fact it is being
used as a callback that should take only one. Anyway, the function itself
ignores the second parameter (thankfully). A proper cure is on the way but
for now this corrects the inconsistency.

build system...

quick answer, take that one first.

Fix bug in OCSP_find_status().

them for a short period of time (actually, poll them with select(),
then read() whatever is there), which is about 10ms (hard-coded value)
each.

Separate Windows and Unixly code, and start on a VMS variant that
currently just returns 0.

Add set of OCSP client functions. All experimental
and subject to addition, modifcation or deletion.

Add two OCSP nonce utility functions.

Fix typo in status code name.

application needs.

Add OCSP library name to error code.

Set correct type in ASN1_STRING for
INTEGER and ENUMERATED types.

Make ASN1_INTEGER_get() and ASN1_ENUMERATED_get()
return -1 for invalid type rather than 0 (which is
often valid). -1 may also be valid but this is less
likely.

Load OCSP error strings in ERR_load_crypto_strings().

Remove extensions argument from various functions
because it is not needed with the new extension
code.

New function OCSP_cert_to_id() to convert a pair
of certificates into an OCSP_CERTID.

New simple OCSP HTTP function. This is rather primitive
but just about adequate to send OCSP requests and
parse the response.

Fix typo in CRL distribution points extension.

Fix ASN1 code so it adds a final null to constructed
strings.

uses the new ASN1 code.

Make sure those are purged...

I've no idea were the KRB5 header files and libraries are placed on
Win32.  When there's better knowledge, we might be able to process the
other KRB5-related arguments as well...

options.  This is so mk1mf.pl can pick it up from Makefile.

is to have asn1.h include e_os.h and e_os2.h.  Of course, this makes
the unofficial "non-export" status of e_os.h a bit delicate...

Rewrite PKCS#12 code and remove some of the old
horrible macros.

Fix two evil ASN1 bugs. Attempt to use 'ctx' when
NULL if input is indefinite length constructed
in asn1_check_tlen() and invalid pointer to ASN1_TYPE
when reusing existing structure (this took *ages* to
find because the new PKCS#12 code triggered it).