counts in DH, DSA, and RSA structures. Instead they use the new "***_up()"
functions that handle this.

problems with leaks and uninitialised structures.

sourcecode (including fgrep)

(Latin for "comments", anyone?)

OpenBSD /dev/crypto (this will be revamped later when the appropriate machinery
is available).

for encrypt?).

Worth around 5% for encrypt. Slows down decrypt slightly, but I expect to
regain that later.

Change all calls to low level digest routines in the library and
applications to use EVP. Add missing calls to HMAC_cleanup() and
don't assume HMAC_CTX can be copied using memcpy().

Note: this is almost identical to the patch submitted to openssl-dev
by Verdon Walker <VWalker@novell.com> except some redundant
EVP_add_digest_()/EVP_cleanup() calls were removed and some changes
made to avoid compiler warnings.

Add missing variable length cipher flag for Blowfish.

Only use trust settings if either trust or reject settings
are present, otherwise use compatibility mode. This stops
root CAs being rejected if they have alias of keyid set.

like des_read_password and friends (backward compatibility functions
using this new API are provided).  The purpose is to remove prompting
functions from the DES code section as well as provide for prompting
through dialog boxes in a window system and the like.

Spotted by Harald Koch <chk@pobox.com>

errors can be tolerated, hide the error from 'make'.
This gives shorter output both if ranlib fails and if
it works.

Change the EVP_somecipher() and EVP_somedigest()
functions to return constant EVP_MD and EVP_CIPHER
pointers.

Update docs.

Make EVP_Digest*() routines return a value.

TODO: update docs, and make soe other routines
which use EVP_Digest*() check return codes.