from `int' to `unsigned int' because it's a length and initialized by
EVP_DigestFinal() which expects an `unsigned int *'.

Submitted by: Richard Levitte <levitte@stacken.kth.se>
Reviewed by: Ralf S. Engelschall

script. Instead use the usual Shell->Perl transition trick.

descriptions as pointed out by Dave Carman <carman@erols.com>

addition to RSA certificates) to match the behaviour of `openssl dsa -noout
-modulus' as it's already the case for `openssl rsa -noout -modulus'.  For RSA
the -modulus is the real "modulus" while for DSA currently the public key is
printed (a decision which was already done by `openssl dsa -modulus' in the
past) which serves a similar purpose.  Additionally the NO_RSA no longer
completely removes the whole -modulus option; it now only avoids using the RSA
stuff. Same applies to NO_DSA now, too.

the first leading XXX. in the DN.

1. The dsaparam argument is mandatory and not optional
2. Add a little text what this actually is: a filename

without -debug option to mk1mf.pl. Change _export to is_export (_export is
a reserved word under VC++). Add yucky function prototype function pointer
casts. Sanitise the included files in crypto/x509v3.

Also changed ssleay.exe target to openssl.exe

info will come later...

Feel free to reformat and tidy this up...

Submitted by: Ulf Moeller <ulf@fitug.de>

to include email addresses from DN and copy details from issuer certificate.
Include examples in openssl.cnf, update Win32 ordinals.

so we have enough time for final testing and tarball rolling.

Win32 ordinals.

to support CRL extensions.

and really fix the ASN.1 IMPLICIT bug this time :-)

support for assignment in config files.

     [Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]

Fix so that the version number in the master secret, when passed
     via RSA, checks that if TLS was proposed, but we roll back to SSLv3
     (because the server will not accept higher), that the version number
     is 0x03,0x01, not 0x03,0x00
     [Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]

Submitted by:
Reviewed by:
PR:

the first word which broke (at least) the Linux compile. Hopefully this wont
break other platforms.

of an arbitrary extension: e.g. 1.3.4.5=critical,RAW:12:34:56 Using this
technique currently unsupported extensions can be generated if you know their
DER encoding. Even if the extension is supported in future the raw extension
will still work: that is the raw version can always be used even if it is a
supported extension.