Submitted by: Douglas Stebila <douglas@stebila.ca>

Fix wap OIDs.

ctrl is incorrectly implemented (e.g. some versions of Apache). As a workaround
call both BIO_CTRL_INFO and BIO_CTRL_WPENDING if it returns zero. This should
both address the original bug and retain compatibility with the old behaviour.

server attempts to renegotiate with an unpatched client.

PR: 2094,2095

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Better fix for PR#2144

don't suffer from the problem after Win64 SEH support was added.
PR: 2075
Submitted by: Peter Klotz

Submitted by: steve@openssl.org

Fix DTLS connection so new_session is reset if we read second client hello:
new_session is used to detect renegotiation.

Submitted by: steve@openssl.org

Add missing DTLS state strings.

Submitted by: steve@openssl.org

Fix bug in 0.9.8-stable time handling in ca.c . NB: this only handles cases
where times are not being checked or printed properly. Issues relating to
time_t becoming negative or wrapping around are *NOT* addressed. OpenSSL
1.0.0 and later does fix these issues by using its own time routines.

Although it will be many years before TLS v2.0 or later appears old versions
of servers have a habit of hanging around for a considerable time so best
if we handle this properly now.

stops applications that call CRYPTO_free_all_ex_data() prematurely leaking
memory.

1. Send SCSV is not renegotiating, never empty RI.
2. Send RI if renegotiating.

[from HEAD].
PR: 2094,2095

PR: 2086

1. Add provisional SCSV value.
2. Don't send SCSV and RI at same time.
3. Fatal error is SCSV received when renegotiating.

Submitted by: steve

Fix bundled pod2man.pl to handle alternative comment formats.

MCSV is now called SCSV.

Don't send SCSV if renegotiating.

Also note if RI is empty in debug messages.

Add Triple DES CFB1 and CFB8 to algorithm list and NID translation.

RI.