Linux for example doesn't exhibit this behaviour, but I add "exit 0" to all
potentially affected rules, just to be on the safe side.

is not expanded if prepended with a $-sign.

Don't define macros in terms of asm() when __STRICT_ANSI is defined.

the one to be used to denote local labels in single function scope.
Problem is that SHA uses same label set across functions, therefore I
have to switch back to $ prefix.

warnings.

Reported by: Bernhard Simon.

shared libraries shared.

callbacks) before attempting to lock.

pushed item.  The index is the number of items - 1.  And if a NULL item was
found, actually use it.
Finally, provide a little bit of safety in CRYPTO_lock() by asserting the a
requested dynamic lock really must exist, instead of just being silent about it

were defined.

were defined.

(before SSLeay, maybe?), it's better to have that macro protect
the compatibility header des_old.h.  In the new des.h, let's use
a slightly different protecting macro.

The rationale is that there are application that might include (via
other header files, perhaps) both an old libdes des.h and OpenSSL's
des.h.  Whichever comes first would overshadow the other because of
the clash in protecting macro.  This fix solves that problem.

PR: 393

  - a patch to fix a memory leak in rsa_gen.c
  - a note about compiler warnings with unions
  - a note about improving structure element names

This applies his patch and implements a solution to the notes.

key-generation and prime-checking functions. Rather than explicitly passing
callback functions and caller-defined context data for the callbacks, a new
structure BN_GENCB is defined that encapsulates this; a pointer to the
structure is passed to all such functions instead.

This wrapper structure allows the encapsulation of "old" and "new" style
callbacks - "new" callbacks return a boolean result on the understanding
that returning FALSE should terminate keygen/primality processing.  The
BN_GENCB abstraction will allow future callback modifications without
needing to break binary compatibility nor change the API function
prototypes. The new API functions have been given names ending in "_ex" and
the old functions are implemented as wrappers to the new ones.  The
OPENSSL_NO_DEPRECATED symbol has been introduced so that, if defined,
declaration of the older functions will be skipped. NB: Some
openssl-internal code will stick with the older callbacks for now, so
appropriate "#undef" logic will be put in place - this is in case the user
is *building* openssl (rather than *including* its headers) with this
symbol defined.

There is another change in the new _ex functions; the key-generation
functions do not return key structures but operate on structures passed by
the caller, the return value is a boolean. This will allow for a smoother
transition to having key-generation as "virtual function" in the various
***_METHOD tables.

stateless variant is kept, but isn't used anywhere.

Submitted by: <appro>
Reviewed by:
PR:

anything.

a first alternative to try

PR: 376

PR: 381

rule for SHA stuff.
PR: 381

(length of the order of the group, not length of the actual key, which
will be shorter in some cases).

Submitted by: Nils Larsch

Include X9.62 signature examples.

Submitted by: Nils Larsch

Make ASN1_TYPE_get() work for V_ASN1_NULL type.

return the requested number of bytes when reading
content.