Previous changes permanently removed the commented-out old code for where
it was possible to create and use an ENGINE statically, and this code gets
rid of the ENGINE_FLAGS_MALLOCED flag that supported the distinction with
dynamically allocated ENGINEs. It also moves the area for ENGINE_FLAGS_***
values from engine_int.h to engine.h - because it should be possible to
declare ENGINEs just from declarations in exported headers.

* Constify the get/set functions, and add some that functions were missing.

* Add a new 'ENGINE_cpy()' function that will produce a new ENGINE based
  copied from an original (except for the references, ie. the new copy will
  be like an ENGINE returned from 'ENGINE_new()' - a structural reference).

* Removed the "null parameter" checking in the get/set functions - it is
  legitimate to set NULL values as a way of *changing* an ENGINE (ie.
  removing a handler that previously existed). Also, passing a NULL pointer
  for an ENGINE is obviously wrong for these functions, so don't bother
  checking for it. The result is a number of error codes and strings could
  be removed.

to ENGINE_free(). Also, remove "#if 0" code that has no useful future.

(follows from technical discussion with Amit Chopra <amitc@pspl.co.in>).

to subjectAltName when signing a certificate.

extension instead of just copying it.  That makes a certificate comply
even more with PKIX recommendations according to RFC 2459.

verified by looking at 'diff -u ../openssl-0.9.6a/CHANGES CHANGES')

0.9.5 is obsolete, so we don't have to discuss its 'openssl rsa'
seeding bug.

are however still common and are solved by checking config.log.

Ultra-Sparcs (both 32-bit and 64-bit compilations)

also 'test' appears to be available as '[' only in 'if' conditions.

Protect against future mistakes with an assert().

Spotted by Harald Koch <chk@pobox.com>

(we don't have an ASN1_TEMPLATE to complain about at this stage,
so  errtt == NULL  should be OK)

(provided by Stephen)