digest aliases (as found in OpenSSL_add_all_digests).

version at compile time.

from PEM callbacks which are not null terminated.

unicode strings. Certain PKCS#12 files contain these
in BMPStrings and it used to crash on them.

structures and setting rsa->_method_mod_{n,p,q}.

Submitted by: "Reddie, Steven" <Steven.Reddie@ca.com>

s->s2->escape is never set when sending data because the escape
bit is just reserved for future use in SSL 2.0)

Eric Day <eday@concentric.net> to openssl-dev@openssl.org,
Message-ID: <20001218013437.A5526@concentric.net>

The main thing to verify about these changes is that nothing at all
has changed, as far as behaviour is concerned (except that some
SSLerr() invocations now have a different function code): SSL_read
(ssl2_read, ssl3_read) behaves exactly as before, and SSL_peek refuses
to do any work exactly as before.  But now the functions actually
doing the work have a 'peek' flag, so it should be easy to change them
to behave accordingly.

'OpenSSL_0_9_6-stable'.

given.  That also allows the arguments to come in any order (-new
last, for example).

to dermine what the expression should look like.
Apparently CVS does not like lines longer than about 2^10 characters.

DECLARE/IMPLEMENT macros now exist to create type (and prototype) safe
wrapper functions that avoid the use of function pointer casting yet retain
type-safety for type-specific callbacks. However, most of the usage within
OpenSSL itself doesn't really require the extra function because the hash
and compare callbacks are internal functions declared only for use by the
hash table. So this change catches all those cases and reimplements the
functions using the base-level LHASH prototypes and does per-variable
casting inside those functions to convert to the appropriate item type.

The exception so far is in ssl_lib.c where the hash and compare callbacks
are not static - they're exposed in ssl.h so their prototypes should not be
changed. In this last case, the IMPLEMENT_LHASH_*** macros have been left
intact.

Merge from the ASN1 branch of new ASN1 code
to main trunk.

Lets see if the makes it to openssl-cvs :-)

One problem that looked like a problem in bn_recp.c at first turned
out to be a BN_mul bug.  An example is given in bn_recp.c; finding
the bug responsible for this is left as an exercise.

BN_mod_exp_mont does not work properly yet if modulus m
is negative (we want computations to be carried out
modulo |m|).