(cherry picked from commit c97ec5631bb08a2171a125008d2f0d2a75687aaa)

Test EVP_CIPHER_CTX_copy in evp_test. This will catch any
problems with copying in underlying ciphers.

Internal pointers in CCM, GCM and XTS contexts should either be
NULL or set to point to the appropriate key schedule. This needs
to be adjusted when copying contexts.

We can't unfortunately print the CMAC cipher used without extending the API.

PR#2579

IN parameter.

Under the old docs, the only thing stated was "at most
EVP_PKEY_size(pkey) bytes will be written". It was kind of misleading
since it appears EVP_PKEY_size(pkey) WILL be written regardless of the
signature's buffer size.

PR#3272

PR#3412

PR#2531

PR#3173

If CSR verify fails in ca utility print out error messages.
Otherwise some errors give misleading output: for example
if the key size exceeds the library limit.

PR#2875

Update protocols supported and note that SSLv2 is effectively disabled
by default.

PR#3184

Tolerate BER length encoding which may include leading zeroes.

PR#2746

PR#3107

Some state strings were erronously not compiled when no-ssl2
was set.

PR#3295

PR#3141

PR#3174

In EVP_PBE_alg_add don't use the underlying NID for the cipher
as it may have a non-standard key size.

PR#3206

PR#3014

PR#2800

PR#2783

PR#3374

Document that the certificate passed to SSL_CTX_add_extra_chain_cert()
should not be freed by the application.

PR#3409

OIDs with one component don't have an encoding.

PR#2556 (Bug#1)

PR#3403

PR#3410

This ensures high performance is situations when assembler supports
AVX2, but not AD*X.