Notified by Bernd Matthes <bernd.matthes@gemplus.com>

Notified by Lorinczy Zsigmond <lzsiga@mail.ahiv.hu>

(the bug was introduced with message callback support)

Fix length checks in ssl3_get_client_hello().

Use s->s3->in_read_app_data differently to fix ssl3_read_internal().

Initialize cipher context in KRB5
("D. Russell" <russelld@aol.net>)

Allow HMAC functions to use an alternative ENGINE.

BIO_nwrite0/BIO_nwrite (the previous code was OK for BIO pairs but not
in general)

Undo previous patch: avoid warnings by #undef'ing
duplicate definitions.

Suggested by "Kenneth R. Robinette" <support@securenetterm.com>

Fix Kerberos warnings with VC++.

Fix ASN1 additions for KRB5

Fix various warnings when compiling with KRB5 code.

Increase internal security when using strncpy, by making sure the resulting string is NUL-terminated

Submitted by: D. K. Smetters <smetters@parc.xerox.com>
Reviewed by: Bodo Moeller

Fix for AIX.

Submitted by Dawn Whiteside <dwhitesi@tiercel.uwaterloo.ca>

Submitted by: Nils Larsch <nla@trustcenter.de>

to indicate that a real handshake is taking place (the value will be
lost during multiple invocations). Set s->new_session to 2 instead.

the SSL_R_LENGTH_MISMATCH error is detected.

Submitted by: D P Chang <dpc@qualys.com>
Reviewed by: Bodo

calls.  This patch allows compilation either way.

Submitted by: Jeffrey Altman <jaltman@columbia.edu>

values really are unsigned

call ssl2_part_read again to parse error message

Important SSL 2.0 bugfixes (bugs found while implementing msg_callback).