during "make errors" and thus during "make update".

Fix lots of bugs that util/ck_errf.pl can detect automatically.
Various others of these are still left to fix; that's why
"make update" will complain loudly when run now.

  and BN_get_sign
- implement BN_set_negative as a function
- always use "#define BN_is_zero(a) ((a)->top == 0)"

dh.h, dsa.h, ec.h, ecdh.h, ecdsa.h, rsa.h), as the opaque bignum types are
already declared in ossl_typ.h. Add explicit includes for bn.h in those C
files that need access to structure internals or API functions+macros.

functions and macros.

This change has associated tags: LEVITTE_before_const and
LEVITTE_after_const.  Those will be removed when this change has been
properly reviewed.

I have tried to convert 'len' type variable declarations to unsigned as a
means to address these warnings when appropriate, but when in doubt I have
used casts in the comparisons instead. The better solution (that would get
us all lynched by API users) would be to go through and convert all the
function prototypes and structure definitions to use unsigned variables
except when signed is necessary. The proliferation of (signed) "int" for
strictly non-negative uses is unfortunate.

Submitted by: Nils Larsch

PR: 49

Enhance s2i_ASN1_INTEGER().

Set correct type in ASN1_STRING for
INTEGER and ENUMERATED types.

Make ASN1_INTEGER_get() and ASN1_ENUMERATED_get()
return -1 for invalid type rather than 0 (which is
often valid). -1 may also be valid but this is less
likely.

Load OCSP error strings in ERR_load_crypto_strings().

Merge from the ASN1 branch of new ASN1 code
to main trunk.

Lets see if the makes it to openssl-cvs :-)

Fix ASN1_INTEGER_to_BN properly this time...

Fixes to d2i_ASN1_OBJECT, ASN1_INTEGER_to_BN and a_strex.c

didn't recognise NULL to mean 'don't output anything'

call the i2c/c2i (they were not using the
content length for the headers).

Fix ASN1 long form tag encoding. This never
worked but it was never tested since it is
only used for tags > 30.

New options to smime program to allow the
PKCS#7 format to be specified and the content
supplied externally.

New ASN1 functions that just deal with
content octets, not tag+length.

like Malloc, Realloc and especially Free conflict with already existing names
on some operating systems or other packages.  That is reason enough to change
the names of the OpenSSL memory allocation macros to something that has a
better chance of being unique, like prepending them with OPENSSL_.

This change includes all the name changes needed throughout all C files.

Also fix a memory leak in PKCS#7 routines.

tolerated in certificates.

the length of negative integers.

integers was completely broken. Also added a NEG_PUBKEY_BUG compilation option
to compensate for public keys improperly encoded as negative integers.

Submitted by:
Reviewed by:
PR: