Add missing variable length cipher flag for Blowfish.

Only use trust settings if either trust or reject settings
are present, otherwise use compatibility mode. This stops
root CAs being rejected if they have alias of keyid set.

Fix OPENSSL_IMPLEMENT_GLOBAL.

Allow Win32 to use EXPORT_VAR_AS_FN in mkdef.pl

make update.

Purpose and trust setting functions for X509_STORE.

Tidy existing code.

inherited from X509_STORE.

Add CRL checking options to other applications.

Initial CRL based revocation checking.

like des_read_password and friends (backward compatibility functions
using this new API are provided).  The purpose is to remove prompting
functions from the DES code section as well as provide for prompting
through dialog boxes in a window system and the like.

Fix ASN1 bug when decoding OTHER type.

Various S/MIME DSA related fixes.

verified by looking at 'diff -u ../openssl-0.9.6a/CHANGES CHANGES')

Ultra-Sparcs (both 32-bit and 64-bit compilations)

also 'test' appears to be available as '[' only in 'if' conditions.

(provided by Stephen)

combine in CHOICE options.

This was causing d2i_DSAPublicKey() to misbehave.

FreeBSD's /bin/sh.

des_encrypt() and des_encrypt() defined on some systems (Solaris and
Unixware and maybe others), we rename des_encrypt() to des_encrypt1().
This should have very little impact on external software unless
someone has written a mode of DES, since that's all des_encrypt() is
meant for.

the trunk to keep diffs small.

It now looks along $PATH for a working bc and returns the absolute
path to one that does work.

Overhaul the display of certificate details in
the 'ca' utility. This can now be extensively
customised in the configuration file and handles
multibyte strings and extensions properly.

This is required when extensions copying from
certificate requests is supported: the user
must be able to view the extensions before
allowing a certificate to be issued.