Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct i2b_PVK_bio error handling in rsa.c, dsa.c

Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct BN_rand error handling in bntest.c

Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct EVP_SealInit error handling in pem_seal.c

Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct BIO_wirte error handling in asn1_par.c

Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct BIO_ctrl error handling in s2_srvr.c

Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct BIO_ctrl error handling

Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct BIO_write error handling in ocsp_prn.c

Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct BIO_write, BIO_printf, i2a_ASN1_INTEGER and i2a_ASN1_OBJECT
error handling in OCSP print routines.

Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct EVP_DigestVerifyFinal error handling.

Submitted by: steve@openssl.org

Add support for custom headers in OCSP requests.

Submitted by: Michael Tuexen <tuexen@fh-muenster.de>
Approved by: steve@openssl.org

Fix handling of ENOTCONN and EMSGSIZE for dgram BIOs.

Submitted by: David Lee <live4thee@gmail.com>, steve@openssl.org
Approved by: steve@openssl.org

Fix for IPv6 handling in BIO_get_accept_socket().

Submitted by: john blair <mailtome200420032002@yahoo.com>
Approved by: steve@openssl.org

Add version info in VC-WIN64A too.

PR: 2035

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

DTLS listen bug fix,

The functions ENGINE_ctrl(), OPENSSL_isservice(), EVP_PKEY_sign(),
CMS_get1_RecipientRequest() and RAND_bytes() can return <=0 on error fix
so the return code is checked correctly.

Submitted by: James Beckett <jmb.openssl@nospam.hackery.net>, steve
Approved by: steve@openssl.org

Fix documentation errors in d2i_X509 manual pages.

Submitted by: Tomas Mraz <tmraz@redhat.com>
Approved by: steve@openssl.org

Constify SSL_CIPHER_description

Submitted by: steve@openssl.org

Allow use of trusted certificates in SSL_CTX_use_chain_file()

Submitted by: Artem Chuprina <ran@cryptocom.ru>
Approved by: steve@openssl.org

Avoid double call to BIO_free().

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

DTLS listen support.

in devteam warnings into other configurations.

possible PRNG state duplication.

Submitted by: steve@openssl.org

Tolerate application/timestamp-response which some servers send out.

Submitted by: steve@openssl.org

Fix to make DHparams_dup() et al work in C++.

For 1.0 fix the final argument to ASN1_dup() so it is void *. Replace some
*_dup macros with functions.

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Fix DTLS cookie management bugs.

Submitted by: Keith Beckman <kbeckman@mcg.edu>,  Tomas Mraz <tmraz@redhat.com>
Checked by: steve@openssl.org

Fix improperly capitalized references to WWW::Curl::Easy.

Submitted by: Tomas Mraz <tmraz@redhat.com>
Checked by: steve@openssl.org

Fix so that the legacy digest EVP_dss1() still works.

Submitted by: steve@openssl.org

Include a flag ASN1_STRING_FLAG_MSTRING when a multi string type is created.
This makes it possible to tell if the underlying type is UTCTime,
GeneralizedTime or Time when the structure is reused and X509_time_adj_ex()
can handle each case in an appropriate manner.

Add error checking to CRL generation in ca utility when nextUpdate is being
set.

Submitted by: "Alexei Khlebnikov" <alexei.khlebnikov@opera.com>
Approved by: steve@openssl.org

Avoid memory leak and fix error reporting in d2i_SSL_SESSION(). NB: although
the ticket mentions buffer overruns this isn't a security issue because
the SSL_SESSION structure is generated internally and it should never be
possible to supply its contents from an untrusted application (this would
among other things destroy session cache security).