Correct the typo PUKEY...

Submitted by: Witold Filipczyk <witekfl@poczta.gazeta.pl>

PR: #513

ty to allocate anything at all.  This will allow eNULL to still work.

PR: 751
Notified by: Lutz Jaenicke

PR: 751
Notified by: meder@mcs.anl.gov
Reviewed by: Lutz Jaenicke, Richard Levitte

if the give size is 0.

This is a thought that came up in PR 751.

PR: #735
Submitted by: Tim Rice <tim@multitalents.net>

PR: 755
Notified by: Jakub Bogusz <qboosh@pld-linux.org>

Therefore, change all instances of the symbol 'list' to something else.

PR: 758
Submitted by: Frédéric Giudicelli <groups@newpki.org>

compared it to the amount of bits required...
PR: 770
Submitted by: c zhang <czhang2005@hotmail.com>

PR: 771
Submitted by: c zhang <czhang2005@hotmail.com>

PR: 732
Submitted by: Ilya Zakharevich <nospam-abuse@ilyaz.org>

Submitter's comment:

This patch:

a) Introduces a new file os2/backwardify.pl.

b) Introduces a new mk1mf.pl variable $preamble.  As you can see, it may
   be used also to move some OS-specific code to VC-CE too (the the
   first chunk of the patch);

c) The DESCRIPTION specifier of the .def file is made more informative:
   now it contains the version number too.  On OS/2 it is made conformant
   to OS/2 conventions; in particular, when one runs the standard command
	BLDLEVEL this.DLL
   one can see:

   Vendor:      www.openssl.org/
   Revision:    0.9.7c
   Description: OpenSSL: implementation of Secure Socket Layer; DLL for library crypto.  Build for EMX -Zmtd

   [I did not make Win32 descriptions as informative as this - I'm afraid to
    break something.  Be welcome to fix this.]

d) On OS/2 the generated DLL was hardly usable (it had a shared initialized
   data segment).

e) On OS/2 the generated DLLs had names like ssl.dll.  However, DLL names on
   OS/2 are "global data".  It is hard to have several DLLs with the same
   name on the system.  Thus this precluded coexistence of OpenSSL with DLLs
   for other SLL implementations - or other name clashes.  I transparently
   changed the names of the DLLs to open_ssl.dll and cryptssl.dll.

f) The file added in (a) is used to create "forwarder" DLLs, so the
   applications expecting the "old" DLL names may use the new DLLs
   transparently.  (A presence of these DLLs on the system nullifies (e),
   but makes old applications work.  This is a stopgap measure until the
   old applications are relinked.  Systems with no old applications do not
   need these DLLs, so may enjoy all the benefits of (e).)

   The new DLLs are placed in os2/ and os2/noname subdirectories.

g) The makefiles created with os2/OS2-EMX.cmd did not work (some mysterious
   meaningless failures).  The change to util/pl/OS2-EMX.pl uses the
   variable introduced in (b) to switch the Makefiles to SHELL=sh syntax.
   All these backslashes are removed, and the generated Makefiles started to
   work.

h) Running os2/OS2-EMX.cmd now prints out what to do next.

PR: 777
Submitted by: Michael Shields <mshields@sunblocksystems.com>

of libcrypto, then it is possible that when they are loaded they will share
the same static data as the loading application/library. This means it will
be too late to set memory/ERR/ex_data/[etc] callbacks, but entirely
unnecessary to try.

This change (and a great part of this comment) was implemented in
0.9.8-dev a long time ago, but slightly differently.  In 0.9.8-dev, a
specific function that just returns a pointer to some static object is
used. For 0.9.7x, we couldn't do that, since the way we handle feature
freezes is, among other, to not add any more non-static functions.
Instead, we use the function ERR_get_implementation() and compare the
returned value with fns->err_fns, a member of fns that already is
there, and which therefore can safely be used in this manner.

What happens is that if the loaded ENGINE's return value from this
function matches the loading application/library's return value - they
share static data. If they don't match, the loaded ENGINE has its own
copy of libcrypto's static data and so the callbacks need to be set.

PR: #778
Submitted by: George Mitchell <george@m5p.com>

Spotted by Markus Friedl.

Max req -x509 use V1 if extensions section absent.

as this is already included by x509.h anyway.

Submitted by: Kirill Kochetkov <kochet@ixbt.com>

PR: #748

Submitted by: Goetz Babin-Ebell <babin-ebell@trustcenter.de>

PR: #766

Submitted by: Tim Rice <tim@multitalents.net>

PR: #735, #765

be the same.  Therefore, the removed memcpy()s need to be restored.

a multiple of AES_BLOCK_SIZE.
Optimize decryption of all complete blocks in AES-CBC by removing an
unnecessary memcpy().

The error was notified by James Fernandes <jf210032@exchange.DAYTONOH.NCR.com>.
The unnecessary memcpy() was found as an effect of investigating that error.

type is "other".

allocated.
Notified by Daniel Lucq <daniel@lucq.org>

Notified by Andrew Marlow <AMARLOW1@bloomberg.net>

platforms that don't have it.

calling X509_verify_cert() in x509.c the cert should
not be added to the trusted store.