as a shared library without RSA.  Use #ifndef NO_SSL2 instead of
NO_RSA in ssl/s2*.c.

Submitted by: Kris Kennaway <kris@hub.freebsd.org>
Modified by Ulf Möller

are not guaranteed to be unpredictable.

returns int (1 = ok, 0 = not seeded). New function RAND_add() is the
same as RAND_seed() but takes an estimate of the entropy as an additional
argument.

Primes p where (p-1)/2 is prime too are called "safe", not "strong".

Suggested by Bodo.

called with max > n when extend is set.

Remove references to 'TXT' in -inform and -outform switches.

Add short state string for MS SGC.

that can automatically determine the type of a DER encoded
"traditional" format private key and change some of the
d2i functions to use it instead of requiring the application
to work out the key type.

except when following the specs is bound to fail.

they can sometimes be different memory structures.

the middle of the OID table so the diff is rather large :-(

represent everything by OIDs.

more utilities.

(which was allowed by old ASCII definitions but is not compatible
with ISO 8859-1, ISO 10646 etc.).

Submitted by: Roy Woods <roy@centricsystems.ca>
Reviewed by: Andy Polyakov

 - Made CRYPTO_MDEBUG even less used in crypto.h, giving
   MemCheck_start() and MemCheck_stop() only one possible definition.
 - Made the values of the debug function pointers in mem.c dependent
   on the existence of the CRYPTO_MDEBUG macro, and made the rest of
   the code understand the NULL case.

That's it.  With this code, the old behvior of the debug functionality
is restored, but you can still opt to have it on, even when the
library wasn't compiled with a defined CRYPTO_MDEBUG.

 - Moved the handling of compile-time defaults from crypto.h to
   mem_dbg.c, since it doesn't make sense for the library users to try
   to affect this without recompiling libcrypto.
 - Made sure V_CRYPTO_MDEBUG_TIME and V_CRYPTO_MDEBUG_THREAD had clear
   and constant definitions.
 - Aesthetic correction.

With this change, the following is provided and present at all times
(meaning CRYPTO_MDEBUG is no longer required to get this functionality):

  - hooks to provide your own allocation and deallocation routines.
    They have to have the same interface as malloc(), realloc() and
    free().  They are registered by calling CRYPTO_set_mem_functions()
    with the function pointers.

  - hooks to provide your own memory debugging routines.  The have to
    have the same interface as as the CRYPTO_dbg_*() routines.  They
    are registered by calling CRYPTO_set_mem_debug_functions() with
    the function pointers.

I moved everything that was already built into OpenSSL and did memory
debugging to a separate file (mem_dbg.c), to make it clear what is
what.

With this, the relevance of the CRYPTO_MDEBUG has changed.  The only
thing in crypto/crypto.h that it affects is the definition of the
MemCheck_start and MemCheck_stop macros.

Also fix a memory leak in PKCS#7 routines.

Never use des_set_key (it depends on the global variable des_check_key),
but usually des_set_key_unchecked.
Only destest.c bothered to look at the return values of des_set_key,
but it did not set des_check_key -- if it had done so,
most checks would have failed because of wrong parity and
because of weak keys.

either and has a static and dynamic mix.