Merge some common functionality in the apps, delete
the encryption option in the pkcs7 utility (they never
did anything) and add a couple more options to pkcs7.

pages.

Update docs, change 'ca' to use the new callback parameter. Now moved key_callback
into app.c because some other utilities will use it soon.

of the openssl utility commands...

plain not working :-(

Also fix some memory leaks in the new X509_NAME code.

Fix so new app_rand code doesn't crash 'x509' and move #include so it compiles
under Win32.

certificate: currently this includes trust settings
and a "friendly name".

problem was that one of the replacement routines had not been working since
SSLeay releases.  For now the offending routine has been replaced with
non-optimised assembler.  Even so, this now gives around 95% performance
improvement for 1024 bit RSA signs.

Add a bunch of functions to simplify the creation of X509_NAME structures.

Change the X509_NAME_entry_add stuff in req/ca so it no longer uses
X509_NAME_entry_count(): passing -1 has the same effect.

don't try to detect fork()s by looking at getpid().
The reason is that threads sharing the same memory can have different
PIDs; it's inefficient to run RAND_seed each time a different thread
calls RAND_bytes.

applications.

some utilities that should have used RANDFILE did not,
and -rand handling was broken except in genrsa.

when X509_LOOKUP_load_file or X509_LOOKUP_add_dir failed.

Submitted by: Janez Jere <jj@void.si>

Submitted by: Lennart Bång, Bodo Möller

(needed for RSAREF builds)

Functions to get keys from EVP_PKEY structures.

this will be used to clear up the horrible DN mess.

tolerated in certificates.

between SSLeay 0.8.1b and 0.9.0b with no apparent reason).
If we *want* an error when DEVRANDOM is not defined (it always is with
the current e_os.h) we should use #error.

ultimately lead to certificate chain verification. It is
VERY EXPERIMENTAL at present though.

Fix a bug in the X509_get_d2i() functions which didn't check if crit was NULL.