Don't copy private key to X509 etc public key structures.
Fix for warning.

See http://www.pdc.kth.se/kth-krb/

Their solution for CRAY is somewhat awkward.
I'll assume that a "short" is 32 bits on CRAY to avoid the
#ifdef _CRAY
    typedef struct {
        unsigned int a:32;
        unsigned int b:32;
    } XXX;
#else
    typedef DES_LONG XXX;
#endif

"openssl list-standard-commands".

in SSL_new.
If SSL_OP_SINGLE_DH_USE is set, don't waste time in SSL_[CTX_]set_tmp_dh
on computing a DH key that will be ignored anyway.

ssltest -dhe1024dsa (w/ 160-bit sub-prime) had an unfair performance
advantage over -dhe1024 (safe prime): SSL_OP_SINGLE_DH_USE was
effectively always enabled because SSL_new ignored the DH key set in
the SSL_CTX.  Now -dhe1024 takes the server only about twice as long
as -dhe1024dsa instead of three times as long (for 1024 bit RSA
with 1024 bit DH).

broken formats worked but the valid didn't :-(

the third argument: the second was being used
already.

Submitted by: Rolf Haberrecker <rolf@suse.de>

by Lutz Behnke and by Lutz Jaenicke.

Hopefully we'll have a unified way of handling shared libraries when
we move to autoconf...

about renamed header files.

because it added them manually and as part of SMIME_crlf_copy().
Removed the manual add.

Add info about where to get MASM.

Rebuild error files.

where the new functions are mentioned.

with a failure.

Fix typos in some error codes.

Allow ADH to be used but not present in the default cipher
list.

Allow CERTIFICATE to be used in PEM headers for PKCS#7 structures:
some CAs do this.