add various X509V3_CTX helper functions and support for LHASH as the config
database.

Submitted by: Richard Levitte <levitte@stacken.kth.se>

when they cause the destination to expand.

To see how evil this is try this:

#include <pem.h>
main()
{
	BIGNUM *bn = NULL;
        int i;
	bn = BN_new();
	BN_hex2bn(&bn, "FFFFFFFF");
	BN_add_word(bn, 1);
	printf("Value %s\n", BN_bn2hex(bn));
}

This would typically fail before the patch.

It also screws up if you comment out the BN_hex2bn line above or in any
situation where BN_add_word() causes the number of BN_ULONGs in the result
to change (try doubling the number of FFs).

Submitted by:
Reviewed by:
PR:

generator to typesafe stacks.

Submitted by:
Reviewed by:
PR:

Submitted by:Tom Titchener
Reviewed by:
PR:

Submitted by:
Reviewed by:
PR:

Submitted by:
Reviewed by:
PR:

files associated with them. This stuff is all obsoleted by the new X509V3 code.

Submitted by:
Reviewed by:
PR:

Submitted by:
Reviewed by:
PR:

specified in <certfile> by updating the entry in the index.txt file.
This way one no longer has to edit the index.txt file manually for
revoking a certificate. The -revoke option does the gory details now.

Submitted by: Massimiliano Pala <madwolf@openca.org>
Cleaned up and integrated by: Ralf S. Engelschall

option at all and this way the `-noout -text' combination was inconsistent in
`openssl crl' with the friends in `openssl x509|rsa|dsa'.

X509_V_ERR_CERT_REVOKED/23 error number which can occur when a
verify callback function determined that a certificate was revoked.

Submitted by:
Reviewed by:
PR:

Submitted by:
Reviewed by:
PR:

according to the sources.... found by Steffen Dettmer <steffen@tfh-berlin.de>.

have checked SSL_pending() first.
Submitted by:
Reviewed by:
PR:

New functions DSA_do_sign and DSA_do_verify to provide access to
the raw DSA values.

that are available.
Submitted by:
Reviewed by:
PR:

Submitted by:
Reviewed by:
PR: