https://github.com/openssl/openssl/pull/176 (CHANGES)
 https://rt.openssl.org/Ticket/Display.html?id=3545 (objects.txt)
 https://rt.openssl.org/Ticket/Display.html?id=3796 (verify.pod)
Reviewed-by: NTim Hudson <tjh@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Remove CA.sh script and use CA.pl for testing, etc.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NMatt Caswell <matt@openssl.org>

Reviewed-by: NAndy Polyakov <appro@openssl.org>

the "-hack" option from s_server that set this option.
Reviewed-by: NTim Hudson <tjh@openssl.org>

the X509_V_FLAG_NO_ALT_CHAINS flag.
Reviewed-by: NDr. Stephen Henson <steve@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NMatt Caswell <matt@openssl.org>

Not interested in helping the NSA in the slightest.
And anyway, it was never implemented, #if'd out.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Signed-off-by: NKurt Roeckx <kurt@roeckx.be>
Reviewed-by: NRichard Levitte <levitte@openssl.org>

The only support for SSLv2 left is receiving a SSLv2 compatible client hello.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

PR#3612
Reviewed-by: NDr. Stephen Henson <steve@openssl.org>

Reviewed-by: NMatt Caswell <matt@openssl.org>

handling out of #ifndef OPENSSL_NO_DTLS1 section.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Document the new features
Reviewed-by: NTim Hudson <tjh@openssl.org>

In addition to Matthias's change, I also added -n to
not remove links. And updated the manpage.
Reviewed-by: NTim Hudson <tjh@openssl.org>

RT842, closed back in 2004, changed the default serial number
to be a random number rather than zero.  Finally time to update
the doc
Reviewed-by: NTim Hudson <tjh@openssl.org>

Add .crt/.cer/.crl to the filenames parsed.

I also updated the podpage (since it didn't exist when
this ticket was first created, nor when it was re-created
seven years later).
Reviewed-by: NTim Hudson <tjh@openssl.org>

Re-order algorithm list.
Be consistent in command synopsis.
Add content about signing.
Add EXAMPLE section
Add some missing options: -r, -fips-fingerprint -non-fips-allow
Various other fixes.
Reviewed-by: NAndy Polyakov <appro@openssl.org>

Add the file written by James Westby, graciously contributed
under the terms of the OpenSSL license.
Reviewed-by: NAndy Polyakov <appro@openssl.org>

Also moved some options around so all the "verify" options.
are clumped together.
Reviewed-by: NMatt Caswell <matt@openssl.org>

While RFC6367 focuses on Camellia-GCM cipher suites, it also adds a few
cipher suites that use SHA-2 based HMAC that can be very easily
added.

Tested against gnutls 3.3.5

PR#3443
Reviewed-by: NTim Hudson <tjh@openssl.org>

Update the dgst.pod page to include SHA224...512 algorithms.
Update apps/progs.pl to add them to the digest command table.
Reviewed-by: NTim Hudson <tjh@cryptosoft.com>

The x509_extensions should be req_extensions in the
config example in req.pod

Reviewed-by: tjh@cryptsoft.com

PR#3452

Add description of the option to advertise support of
Next Protocol Negotiation extension (-nextprotoneg) to
man pages of s_client and s_server.

PR#3444

(cherry picked from commit 2cfbec1caea8f9567bdff85d33d22481f2afb40a)

Remove RFC5878 code. It is no longer needed for CT and has numerous bugs

    298 424 656 882 939 1630 1807 2263 2294 2311 2424 2623
    2637 2686 2697 2921 2922 2940 3055 3112 3156 3177 3277

cms, ocsp, s_client, s_server and smime tools also use args_verify()
for parsing options, that makes them most of the same options
verify tool does. Add those options to man pages and reference
their explanation in the verify man page.

just making sure the options are listed in the alphabetical order
both in SYNOPSIS and DESCRIPTION, no text changes

The options related to policy used for verification, verification
of subject names in certificate and certificate chain handling
were missing in the verify(1) man page. This fixes this issue.

-CAfile and -CApath is documented in OPTIONS but is missing
in SYNOPSIS, add them there

Add -trusted_first description to help messages and man pages
of tools that deal with certificate verification.