BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
in CRYPTO_realloc_clean.

Thanks to Tavis Ormandy, Google Security Team, for discovering this
issue and to Adam Langley <agl@chromium.org> for fixing it. (CVE-2012-2110)

PR: 2793

PR: 2792

(TLS 1.2 clients could end up negotiating these with an OpenSSL server
with TLS 1.2 disabled, which is problematic.)

Submitted by: Adam Langley

If OPENSSL_MAX_TLS1_2_CIPHER_LENGTH is set then limit the size of client
ciphersuites to this value. A value of 50 should be sufficient.

Document workarounds in CHANGES.

Some servers hang when presented with a client hello record length exceeding
255 bytes but will work with longer client hellos if the TLS record version
in client hello does not exceed TLS v1.0. Unfortunately this doesn't fix all
cases...

PR: 2791
Submitted by: Ben Noordhuis

PR: 2790
Submitted by: Alexei Khlebnikov

PR: 2538

countermeasure [from HEAD].

PR: 2778

PR: 2778

PR: 2775

Submitted by: John Fitzgibbon <john_fitzgibbon@yahoo.com>

Time is always encoded as 4 bytes, not sizeof(Time).

PR: 2780

PR: 2775

PR: 2761
Submitted by: Corinna Vinschen

If OPENSSL_NO_TLS1_2_CLIENT is set then TLS v1.2 is disabled for clients
only.

PR: 2776

Fix memory leaks in 'goto err' cases.

the old code came from SSLeay days before TLS was even supported.