RT: 3304

Newer pod2man considers =item [1-9] part of a numbered list, while =item
0 starts an unnumbered list. Add a zero effect formatting mark to override
this.

doc/apps/smime.pod around line 315: Expected text after =item, not a
number
...

PR#3146

It's not clear whether this inconsistency could lead to an actual
computation error, but it involved a BIGNUM being passed around the
montgomery logic in an inconsistent state. This was found using flags
-DBN_DEBUG -DBN_DEBUG_RAND, and working backwards from this assertion
in 'ectest';

ectest: bn_mul.c:960: BN_mul: Assertion `(_bnum2->top == 0) ||
(_bnum2->d[_bnum2->top - 1] != 0)' failed

Signed-off-by: Geoff Thorpe <geoff@openssl.org>
(cherry picked from commit a5292618)

Gets rid of this;

defined(@array) is deprecated at ../util/mkerr.pl line 792.
        (Maybe you should just omit the defined()?)
defined(@array) is deprecated at ../util/mkerr.pl line 800.
        (Maybe you should just omit the defined()?)

Signed-off-by: Geoff Thorpe <geoff@openssl.org>
(cherry picked from commit 647f360e)

Specify -f is for compilation flags. Add -d to synopsis section.

(cherry picked from commit 006397ea62bbcae22c8664d53c2222b808c4bdd1)

Closes #78.

Fix eckey_priv_encode to return an error on failure of i2d_ECPrivateKey.

(cherry picked from commit 351f0a124bffaa94d2a8abdec2e7dde5ae9c457d)

algorithm suggested in following paper:

Câmara, D.; Gouvêa, C. P. L.; López, J. & Dahab, R.: Fast Software
Polynomial Multiplication on ARM Processors using the NEON Engine.

http://conradoplg.cryptoland.net/files/2010/12/mocrysen13.pdf
(cherry picked from commit f8cee9d0)

(cherry picked from commit 558ff0f0)

Conflicts:
	CHANGES

Fix typo that stopped SSL_CTX_get_{first,next}_certificate from working.
(cherry picked from commit 9330a85e)

(cherry picked from commit 0dd5b94a)

When looking for an extension we need to set the last found
position to -1 to properly search all extensions.

PR#3309.
(cherry picked from commit 300b9f0b)

(cherry picked from commit 5f8e9a47)

(cherry picked from commit 3143a332)

Keep copy of any host, path and port values allocated by
OCSP_parse_url and free as necessary.
(cherry picked from commit 5219d3dd)

(cherry picked from commit a74bee5f)

(cherry picked from commit 55c9e248)

Treat a zero length passed to ssleay_rand_add a no op: the existing logic
zeroes the md value which is very bad. OpenSSL itself never does this
internally and the actual call doesn't make sense as it would be passing
zero bytes of entropy.

Thanks to Marcus Meissner <meissner@suse.de> for reporting this bug.
(cherry picked from commit 5be1ae28)

A missing bounds check in the handling of the TLS heartbeat extension
can be used to reveal up to 64k of memory to a connected client or
server.

Thanks for Neel Mehta of Google Security for discovering this bug and to
Adam Langley <agl@chromium.org> and Bodo Moeller <bmoeller@acm.org> for
preparing the fix (CVE-2014-0160)
(cherry picked from commit 96db9023)

(cherry picked from commit 4e6c12f3)

(cherry picked from commit 997d1aac)

(cherry picked from commit 6eebcf34)

Enable TLS padding extension using official value from:

http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml
(cherry picked from commit cd6bd5ff)

Conflicts:

	CHANGES

Use bufsiz - 1 not BUFSIZ - 1 when prompting for a password in
the openssl utility.

Thanks to Rob Mackinnon, Leviathan Security for reporting this issue.
(cherry picked from commit 7ba08a4d)

(cherry picked from commit 6cc00684)

(cherry picked from commit dbb7654d)

New -hash_old to generate CRL hashes using old
(before OpenSSL 1.0.0) algorithm.
(cherry picked from commit de2d97cd)

A short PEM encoded sequence if passed to the BIO, and the file
had 2 \n following would fail.

PR#3289
(cherry picked from commit 10378fb5)

Add additional check to catch this in ASN1_item_verify too.
(cherry picked from commit 66e8211c)

Don't clear verification errors from the error queue unless
SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR is set.

If errors occur during verification and SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR
is set return 2 so applications can issue warnings.