duplicating the certificate that is in the original SSL, remove the
one that SSL_new() provided, if any.
Spotted by: Mike Zeoli <zeoli@roguewave.com>

DECLARE/IMPLEMENT macros now exist to create type (and prototype) safe
wrapper functions that avoid the use of function pointer casting yet retain
type-safety for type-specific callbacks. However, most of the usage within
OpenSSL itself doesn't really require the extra function because the hash
and compare callbacks are internal functions declared only for use by the
hash table. So this change catches all those cases and reimplements the
functions using the base-level LHASH prototypes and does per-variable
casting inside those functions to convert to the appropriate item type.

The exception so far is in ssl_lib.c where the hash and compare callbacks
are not static - they're exposed in ssl.h so their prototypes should not be
changed. In this last case, the IMPLEMENT_LHASH_*** macros have been left
intact.

really undefined.
Spotted by Jeffrey Altman <jaltman@columbia.edu>

cases of function pointer casting in lh_new() calls - and leave only the
lh_doall and lh_doall_arg cases to be finished.

casts) used in the lhash code are about as horrible and evil as they can
be. For starters, the callback prototypes contain empty parameter lists.
Yuck.

This first change defines clearer prototypes - including "typedef"'d
function pointer types to use as "hash" and "compare" callbacks, as well as
the callbacks passed to the lh_doall and lh_doall_arg iteration functions.
Now at least more explicit (and clear) casting is required in all of the
dependant code - and that should be included in this commit.

The next step will be to hunt down and obliterate some of the function
pointer casting being used when it's not necessary - a particularly evil
variant exists in the implementation of lh_doall.

Don't dump core in ssltest.

First tentative impementation of Kerberos 5 cryptos and keys for SSL/TLS.  Implemented by Vern Staats <staatsvr@asc.hpc.mil>, further hacked and distributed by Jeffrey Altman <jaltnab@columbia.edu>

generated errors.  Therefore, print whatever error there may be...

free that, since it's shared by all SSL_CTX's, present and future.

For the server side this was already done one year ago :-(

"make update"

4 times it's size when bn_sqr_recursive() won't look farther than the
original length.  Thereby, constification is no longer a problem.

away now...

pointer to a const double pointe parameter, the pointer must point to
const data as well.

make update done.

accept/connect functions; those should not change the
read_ahead setting of the SSL structure.

Submitted by: Anders Gertz <gertz@epact.se>

acceptable, since all that happens if it fails is a library with
an index, which makes linking slower, but still working correctly.

of complaints from the compiler about data pointers and function
pointers not being compatible with each other.

behaviour that SSL_read may result in SSL_ERROR_WANT_READ.