perl util/mkerr.pl -recurse -write -rebuild

(by using new BN_pseudo_rand_range function)

Incease the number of BIGNUMs in a BN_CTX.

defined there.

sure they are available in opensslconf.h, by giving them names starting
with "OPENSSL_" to avoid conflicts with other packages and by making
sure e_os2.h will cover all platform-specific cases together with
opensslconf.h.

I've checked fairly well that nothing breaks with this (apart from
external software that will adapt if they have used something like
NO_KRB5), but I can't guarantee it completely, so a review of this
change would be a good thing.

Bleichenbacher's DSA attack.  With this implementation, the expected
number of iterations never exceeds 2.

New semantics for BN_rand_range():
BN_rand_range(r, min, range) now generates r such that
     min <= r < min+range.
(Previously, BN_rand_range(r, min, max) generated r such that
     min <= r < max.
It is more convenient to have the range; also the previous
prototype was misleading because max was larger than
the actual maximum.)

might overflow.

The bn_cmp_part_words bug was only caught in the BN_mod_mul() test,
not in the BN_mul() test, so apparently the choice of parameters in
some cases is bad.

This caused a segmentation fault in calls to malloc, so I cleaned up
bn_lib.c a little so that it is easier to see what is going on.
The bug turned out to be an off-by-one error in BN_bin2bn.

Fix BN_gcd.
Analyze BN_mod_inverse.
Add BN_kronecker.
"make update".

"make update"

declarations of bn_add_part_words() and bn_sub_part_words() since they
do not exist.

two functions that did expansion on in parameters (BN_mul() and
BN_sqr()).  The problem was solved by making bn_dup_expand() which is
a mix of bn_expand2() and BN_dup().

Fix warnings with BIO_dump_indent().

marginally faster BN_mod_exp for 1024 bit exponents.

and initialize too_many because memset(..., 0, ...) is not used here.

algorithm is used.

temporary BIGNUMs. BN_CTX still uses a fixed number of BIGNUMs, but
the BN_CTX implementation could now easily be changed.

(including another problem in the s3_srvr.c state machine).