addition to RSA certificates) to match the behaviour of `openssl dsa -noout
-modulus' as it's already the case for `openssl rsa -noout -modulus'.  For RSA
the -modulus is the real "modulus" while for DSA currently the public key is
printed (a decision which was already done by `openssl dsa -modulus' in the
past) which serves a similar purpose.  Additionally the NO_RSA no longer
completely removes the whole -modulus option; it now only avoids using the RSA
stuff. Same applies to NO_DSA now, too.

info will come later...

Feel free to reformat and tidy this up...

Submitted by: Ulf Moeller <ulf@fitug.de>

to support CRL extensions.

and really fix the ASN.1 IMPLICIT bug this time :-)

     [Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]

Fix so that the version number in the master secret, when passed
     via RSA, checks that if TLS was proposed, but we roll back to SSLv3
     (because the server will not accept higher), that the version number
     is 0x03,0x01, not 0x03,0x00
     [Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]

Submitted by:
Reviewed by:
PR:

of an arbitrary extension: e.g. 1.3.4.5=critical,RAW:12:34:56 Using this
technique currently unsupported extensions can be generated if you know their
DER encoding. Even if the extension is supported in future the raw extension
will still work: that is the raw version can always be used even if it is a
supported extension.

array code in the crypto/err/err_genc.pl script.

Submitted by: Lars Weber <3weber@informatik.uni-hamburg.de>
Reviewed by: Ralf s. Engelschall

perl script. It failed if the OID had any zeros in it.

wrong keylength with export null ciphers.

also add an 'update' option to automatically append any new functions to the
ssleay.num and libeay.num files.

- ported BN stuff to OpenSSL's different BN library

- made the perl/ source tree CVS-aware

- renamed the package from SSLeay to OpenSSL (the files still contain
  their history because I've copied them in the repository)

- removed obsolete files (the test scripts will be replaced
  by better Test::Harness variants in the future)

name, issuer and authority key id. Change the i2v function parameters
and add an extra 'crl' parameter in the X509V3_CTX structure: guess
what that's for :-) Fix to ASN1 macro which messed up
IMPLICIT tag and add f_enum.c which adds a2i, i2a for ENUMERATED.

code and adds support to ASN1_TYPE and asn1parse.

Submitted by: Eric A Young - from changes to C2Net SSLeay
Reviewed by: Mark Cox
PR:

Submitted by: Alan Batie <batie@aahz.jf.intel.com>

Submitted by: Rainer W. Gerling <gerling@mpg-gv.mpg.de>
Reviewed by: Ralf S. Engelschall

be pulled apart and built.

Also fix typos in the usage messages: "inout" instead of "input".

but the BN code had some problems that would cause failures when
doing certificate verification and some other functions.

Submitted by: Eric A Young from a C2Net version of SSLeay
Reviewed by: Mark J Cox
PR:

openssl.cnf for the new syntax.

so that: openssl req -x509 -new -out cert.pem
will take extensions from openssl.cnf a sample for a CA is included.
Also change the directory order so pem is nearer the end. Otherwise 'make links'
wont work because pem.h can't be built.

the main library, but only with printing at present. To see this try:
openssl x509 -in cert.pem -text
on a certificate with some extensions in it.