digest aliases (as found in OpenSSL_add_all_digests).

alias SSLeay_add_all_algorithms

SSL_get_ex_new_index() functionality. Extended verify_callback()
example to show the usage.

Enhance s2i_ASN1_INTEGER().

of status info. Check nonce values. Option to disable
verify. Update usage message.

Rename status to string functions and make them global.

accordance with RFC2560.

Initial OCSP certificate verify. Not complete,
it just supports a "trusted OCSP global root CA".

This allows keeping extensions in a separate configuration file.

Submitted by: Massimiliano Pala <madwolf@comune.modena.it>

* Correct some prototypes and macros with respect to "const"ness.

* Add the extra macros and examples due to the lh_doall[_arg] modifications
  made recently. The existing example is also reworked for consistency.

* Rewrite, tweak, and supplement bits of the existing comments that seemed
  (IMHO) to be a little convoluted and misleading.

* Add a NOTE section that explains the use of macros and avoiding function
  casts (ie. generate a wrapper as with the macros, or prototype any
  callback functions exactly to not require casting). Also, explain the
  "const" approach taken in LHASH for the purposes of API comprehensibility
  and also application code auditing.

non null terminated passwords.

Preliminary ocsp utility documentation.

Fix ocsp usage message.

New OCSP utility. This can generate, parse and print
OCSP requests. It can also query reponders and parse or
print out responses.

Still needs some more work: OCSP response checks and
of course documentation.

Problem reported by "Wolfgang Marczy" <WMarczy@topcall.co.at>
in a message to openssl-dev (19 Dec 2000 13:40:51 +0100).

commands.

Submitted by: Massimiliano Pala <madwolf@comune.modena.it>

invalid format in OCSP request signatures.

Add spaces to OCSP HTTP header.

Change X509_NAME_set() there's no reason
why it should return an error if the
destination points to NULL... though it
should if the destination is NULL.

Move ex_data.c entry from "NEEDS PATCH" to "OPEN ISSUES".

Submitted by: Damien Miller <djm@mindrot.org>

OCSP basic response verify. Very incomplete
but will verify the signatures on a response
and locate the signers certifcate.

Still needs to implement a proper OCSP certificate
verify.

Fix warning in RAND_egd().