allow status of POST to be monitored and/or failures induced.

now use an internal RAND_METHOD. All dependencies to OpenSSL standard
PRNG are now removed: it is the applications resposibility to setup
the FIPS PRNG and initalise it.

Initial OpenSSL RAND_init_fips() function that will setup the DRBG
for the "FIPS capable OpenSSL".

used by applications directly and the X9.31 PRNG is deprecated by new
FIPS140-2 rules anyway.

Fix warnings.

Instantiate DRBGs at maximum strength.

not working, incomplete and unused SP800-90 DRBGs for CTR and Hash modes.

Did I say this was untested?

Fixups under fips/ to make symbol renaming work.

of algorithm test program.

associated utilities. This functionality will be used by the validated
tarball.

(CVE-2011-0014 OCSP stapling fix has been applied to HEAD as well.)

broken and subject to change.

the NULL value for the input buffer is sufficient to notice this case.

cipher handles all cipher symantics itself.

must escape the escape character itself (backslash).

Submitted by: Mounir IDRASSI <mounir.idrassi@idrix.net>
Reviewed by: steve

Fix for double free bug in ssl/s3_clnt.c CVE-2010-2939

this means that some implementations will be used automatically, e.g. aesni,
we do this for cryptodev anyway.

Setup cpuid in ENGINE_load_builtin_engines() too as some ENGINEs use it.

SSL_[CTX_]set_not_resumable_session_callback.

Submitted by: Emilia Kasper (Google)

[A part of this change affecting ssl/s3_lib.c was accidentally commited
separately, together with a compilation fix for that file;
see s3_lib.c CVS revision 1.133 (http://cvs.openssl.org/chngview?cn=19855).]

This will only be compiled in if explicitly requested
(#ifdef EC_NISTP224_64_GCC_128).

Submitted by: Emilia Kasper (Google)

Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Support for abbreviated handshakes when renegotiating.

Submitted by: Emilia Kasper (Google)