Add a bunch of functions to simplify the creation of X509_NAME structures.

Change the X509_NAME_entry_add stuff in req/ca so it no longer uses
X509_NAME_entry_count(): passing -1 has the same effect.

don't try to detect fork()s by looking at getpid().
The reason is that threads sharing the same memory can have different
PIDs; it's inefficient to run RAND_seed each time a different thread
calls RAND_bytes.

applications.

some utilities that should have used RANDFILE did not,
and -rand handling was broken except in genrsa.

when X509_LOOKUP_load_file or X509_LOOKUP_add_dir failed.

Submitted by: Janez Jere <jj@void.si>

Submitted by: Lennart Bång, Bodo Möller

(needed for RSAREF builds)

Functions to get keys from EVP_PKEY structures.

this will be used to clear up the horrible DN mess.

tolerated in certificates.

between SSLeay 0.8.1b and 0.9.0b with no apparent reason).
If we *want* an error when DEVRANDOM is not defined (it always is with
the current e_os.h) we should use #error.

ultimately lead to certificate chain verification. It is
VERY EXPERIMENTAL at present though.

Fix a bug in the X509_get_d2i() functions which didn't check if crit was NULL.

platforms. See crypto/rc4/rc4_enc.c for further details.

platforms. See crypto/rc4/rc4_enc.c for further details.

explicitly. Previously it couldn't be changed because it was hard coded as
"server.pem".

new DSA public key functions that were missing.

Also beginning of a cache for X509_EXTENSION structures: this will allow them
to be accessed more quickly for things like certificate chain verification...

Fix for d2i_ASN1_bytes and stop PKCS#7 routines crashing is signed message
contains no certificates.

Also fix typo in RANLIB changes.

rsaref needs ist.

Submitted by: Will Day

Modify the 'speed' application so it now uses RSA_sign and RSA_verify
instead of RSA_private_encrypt and RSA_public_decrypt

Contributed by: Peter Huang <PETER_HUANG@HP-Cupertino-om8.om.hp.com>