Submitted by: Peter Sylvester

Submitted by: Peter Sylvester

 - fix indentation
 - rename some functions and macros
 - fix up confusion between SSL_ERROR_... and SSL_AD_... values

Submitted by: Peter Sylvester

Submitted by: Douglas Stebila

maximum send fragment size. Allocate I/O buffers accordingly.

pointer and make the SSL_METHOD parameter in SSL_CTX_new,
SSL_CTX_set_ssl_version and SSL_set_ssl_method const.

for locking code. The CRYPTO_LOCK_SSL_METHOD lock is now no longer used.

    	./configure no-deprecated [no-dsa] [no-dh] [no-ec] [no-rsa]
    	make depend all test
work again

PR: 1159

- hide the EC_KEY structure definition in ec_lcl.c + add
  some functions to use/access the EC_KEY fields
- change the way how method specific data (ecdsa/ecdh) is
  attached to a EC_KEY
- add ECDSA_sign_ex and ECDSA_do_sign_ex functions with
  additional parameters for pre-computed values
- rebuild libeay.num from 0.9.7

with the SSL_OP_NO_SSLv2 option.

EC_GROUP_new_by_nid -> EC_GROUP_new_by_curve_name

("perl util/ck_errf.pl */*.c */*/*.c" still reports many more.)

client random values.

remove some unnecessary includes from the internal header ssl_locl.h. This
then requires adding includes for bn.h in four C files.

tree. This further reduces header interdependencies, and makes some
associated cleanups.

functions and macros.

This change has associated tags: LEVITTE_before_const and
LEVITTE_after_const.  Those will be removed when this change has been
properly reviewed.

Check if IDEA is being built or not.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>

compared it to the amount of bits required...
PR: 770
Submitted by: c zhang <czhang2005@hotmail.com>

I have tried to convert 'len' type variable declarations to unsigned as a
means to address these warnings when appropriate, but when in doubt I have
used casts in the comparisons instead. The better solution (that would get
us all lynched by API users) would be to go through and convert all the
function prototypes and structure definitions to use unsigned variables
except when signed is necessary. The proliferation of (signed) "int" for
strictly non-negative uses is unfortunate.

PR: 679

Submitted by: Douglas Stebila
Reviewed by: Bodo Moeller

- bugfix: in ECDH_compute_key, pad x coordinate with leading zeros if necessary

(I wonder why s2_connect() handles the initial buffer allocation slightly
differently...)
PR: 416

I've covered all the memset()s I felt safe modifying, but may have missed some.

caching (#288): now internal caching failed (#351):
Make sure, that cipher_id is set before comparing.
Submitted by:
Reviewed by:
PR: 288 (and 351)

from external cache (using d2i_SSL_SESSION). Perform comparison based on
the cipher's id instead.
Submitted by: Steve Haslam <araqnid@innocent.com>
Reviewed by:
PR: 288

Submitted by: Sheueling Chang <Sheueling.Chang@Sun.COM>

Submitted by: "Patrick McCormick" <patrick@tellme.com>

PR: 262
PR: 291

PR: 262

PR: 274

PR: 262

Submitted by: Douglas Stebila