functions in ui_compat.  This gave reason to rework that part more
thoroughly, so here are the changes made:

1. Add DES_read_password() and DES_read_2passwords() with the same
   functionality as the corresponding old des_ functions, as a
   convenience to the users.
2. Add UI_UTIL_read_pw_string() and UI_UTIL_read_pw() with the
   functionality from des_read_pw_string() and des_read_pw(), again as
   a concenience to the users.
3. Rename des_read_password(), des_read_2passwords(),
   des_read_pw_string() and des_read_pw() by changing des_ to
   _ossl_old_des_, and add the usual mapping macros.
4. Move the implementation of des_read_password() and
   des_read_2passwords() to the des directory, since they are tightly
   tied to DES anyway.

This change was inspired by a patch from Assar Westerlund <assar@sics.se>:

There are some functions that didn't get the kick-away-old-des-and-
replace-des-with-DES action.  Here's a patch that adds DES_ and des_
(in des_old.h) versions of des_read_pw_string et al.  This patch
includes some of the first des_old.h semi-colon macro fixes that I've
already sent.

The following patch makes sure that string2key does not use weak DES
keys (then making them non-weak by xor:ing with 0xF0).

This patch makes the macros in des_old.h actually pretend to be
functions.

There's no reason not to define _ossl_old_crypt when using
PERL5/FreeBSD/darwin/Next, since it makes using crypt and including
des.h break.  Here's a trivial patch.

This patch fixes some of the typos used in macro names in des_old.h
and the number of arguments for some of them.

wincrypt.h is included.

* When linking against shared libraries, the absolute path is remembered.
  - When linking against -L.., '..' is remembered inside the executable,
    so it will fail after "make install" or when not called from inside the
    "apps/" subdirectory of the build tree.
  - When using the "+cdp" option of "ld", the ".." information can be
    exchanged against $(INSTALL_TOP)/lib. In this case the executable
    will however refuse to work before "make install" has been called.
    This makes testing the 'openssl' executable a problem.
* Solution 1:
  Relink the "openssl" executable, when "make install" is called.
  This would however require significant changes to the toplevel Makefile
  and the apps/ Makefile.
* Solution 2:
  Statically link against libssl and libcrypto, so that the "openssl"
  executable is no longer dependant on the openssl shared libraries.

Select option 2 for HP-UX 32bit, as this requires the smallest change.

[See
     Message-ID: <3BB07999.30432AD2@celocom.com>
     Date: Tue, 25 Sep 2001 13:33:29 +0100
     From: Dr S N Henson <drh@celocom.com>
     To: openssl-dev@openssl.org
     Subject: Re: Error in v3_purp.c
]

alpha-cc, alpha-cc-rpath, alpha-gcc, alpha164-cc and alphaold-cc.

Therefore, I've added a sanity checker.

Note that it can be combined with almost any other argument (the other
arguments will be completely ignored), with "reconf" as the blatant
exception, since it also has the behavior of ignoring all following
command line arguments.  If --test-sanity and reconf are both used on
the command line, the first one wins.

libraries with debug-linux-elf.

makes things more compilable with VC++.

non-existant aestest.c.

making X509_check_issued() properly match an issuer that's found in a
Authority Key Identifier.

make it possible to produce shared libraries on ReliantUNIX.

OpenSSL.  Adding '_ossl' in the name seems to be a good way to do
this.

* make openssl rsa work with -engine chil
* misc changes, including debug-linux-ppro Configure target
  and FORMAT_NETSCAPE-aware load_{,pub}key()

This completes the application of his changes.

* Fix a crashbug and a logic bug in hwcrhk_load_pubkey()

AES algorithm.

required as well as a default implementation (when no ENGINE provides a
replacement implementation). This change makes sure the correct
implementation's "init()" handler is used rather than assuming 'type'.

    ERR_peek_last_error
    ERR_peek_last_error_line
    ERR_peek_last_error_line_data
(supersedes ERR_peek_top_error).

Rename OPENSSL_NO_OLD_DES_SUPPORT into OPENSSL_DISABLE_OLD_DES_SUPPORT
because OPENSSL_NO_... indicates disabled algorithms (according to
mkdef.pl).

syntactically.

libeay.num got tweaked so the old des symbols would retain their
positions.