Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct BN_rand error handling in bntest.c

Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct EVP_SealInit error handling in pem_seal.c

Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct BIO_wirte error handling in asn1_par.c

Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct BIO_write error handling in ocsp_prn.c

Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct BIO_write, BIO_printf, i2a_ASN1_INTEGER and i2a_ASN1_OBJECT
error handling in OCSP print routines.

Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct EVP_DigestVerifyFinal error handling.

Submitted by: steve@openssl.org

Add support for custom headers in OCSP requests.

ignored.

Submitted by: Michael Tuexen <tuexen@fh-muenster.de>
Approved by: steve@openssl.org

Fix handling of ENOTCONN and EMSGSIZE for dgram BIOs.

Submitted by: David Lee <live4thee@gmail.com>, steve@openssl.org
Approved by: steve@openssl.org

Fix for IPv6 handling in BIO_get_accept_socket().

PR: 2035

The functions ENGINE_ctrl(), OPENSSL_isservice(), EVP_PKEY_sign(),
CMS_get1_RecipientRequest() and RAND_bytes() can return <=0 on error fix
so the return code is checked correctly.

possible PRNG state duplication.

Submitted by: steve@openssl.org

Fix to make DHparams_dup() et al work in C++.

For 1.0 fix the final argument to ASN1_dup() so it is void *. Replace some
*_dup macros with functions.

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Fix DTLS cookie management bugs.

Submitted by: Tomas Mraz <tmraz@redhat.com>
Checked by: steve@openssl.org

Fix so that the legacy digest EVP_dss1() still works.

Submitted by: steve@openssl.org

Include a flag ASN1_STRING_FLAG_MSTRING when a multi string type is created.
This makes it possible to tell if the underlying type is UTCTime,
GeneralizedTime or Time when the structure is reused and X509_time_adj_ex()
can handle each case in an appropriate manner.

Add error checking to CRL generation in ca utility when nextUpdate is being
set.

Submitted by: steve@openssl.org

Some systems have broken IPv6 headers and/or implementations. If
OPENSSL_USE_IPV6 is set to 0 IPv6 is not used, if it is set to 1 it is used
and if undefined an attempt is made to detect at compile time by checking
if AF_INET6 is set and excluding known problem platforms.

Make error name discrepancies a fatal error.
Fix error codes.
make update

Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Approved by: steve@openssl.org

Handle fractional seconds properly in ASN1_GENERALIZEDTIME_print

Submitted by: Tomas Mraz <tmraz@redhat.com>
Approved by: steve@openssl.org

Add patch: http://cvs.openssl.org/chngview?cn=14635 which never made it to
1.0.0, HEAD.