Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS sequence number bug

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS HelloVerifyRequest Timer bug

Reported by: Daniel Marschall <daniel-marschall@viathinksoft.de>
Reviewed by: steve

Fix OID routines.

Check on encoding leading zero rejection should start at beginning of
encoding.

Allow for initial digit when testing when to use BIGNUMs which can increase
first value by 2 * 40.

[from HEAD].

PR: 2557

Submitted by: Jim Morrison

from HEAD yet, more will be back-ported later.

such operation can be considered as breaking binary compatibility. However!
OPNESSL_ia32cap_P is accessed by application through pointer returned by
OPENSSL_ia32cap_loc() and such change of *internal* OPENSSL_ia32cap_P
declaration is possible specifically on little-endian platforms, such as
x86[_64] ones in question. In addition, if 32-bit application calls
OPENSSL_ia32cap_loc(), it clears upper half of capability vector maintaining
the illusion that it's still 32 bits wide.

Submitted by: Corinna Vinschen <vinschen@redhat.com>
Reviewed by: steve

Don't call ERR_remove_state from DllMain.

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Correctly handle errors in DTLSv1_handle_timeout()

Submitted by: emmanuel.azencot@bull.net
Reviewed by: steve

Prevent infinite loop in BN_GF2m_mod_inv().

the FIPS library to fail. Applications that want to set the FIPS rand
method can do so explicitly and presumably they know what they are doing...

can switch between modes.

we should list "Changes between 1.0.0e and 1.0.1",
not "between 1.0.0d and 1.0.1".

Only build ssltest with fipsld.

Include FIPS mode test for ssltest.