Initialize cipher context in KRB5
("D. Russell" <russelld@aol.net>)

Allow HMAC functions to use an alternative ENGINE.

BIO_nwrite0/BIO_nwrite (the previous code was OK for BIO pairs but not
in general)

Undo previous patch: avoid warnings by #undef'ing
duplicate definitions.

Suggested by "Kenneth R. Robinette" <support@securenetterm.com>

Fix Kerberos warnings with VC++.

Fix ASN1 additions for KRB5

Fix various warnings when compiling with KRB5 code.

Increase internal security when using strncpy, by making sure the resulting string is NUL-terminated

Submitted by: D. K. Smetters <smetters@parc.xerox.com>
Reviewed by: Bodo Moeller

Fix for AIX.

Submitted by Dawn Whiteside <dwhitesi@tiercel.uwaterloo.ca>

Submitted by: Nils Larsch <nla@trustcenter.de>

to indicate that a real handshake is taking place (the value will be
lost during multiple invocations). Set s->new_session to 2 instead.

the SSL_R_LENGTH_MISMATCH error is detected.

Submitted by: D P Chang <dpc@qualys.com>
Reviewed by: Bodo

calls.  This patch allows compilation either way.

Submitted by: Jeffrey Altman <jaltman@columbia.edu>

values really are unsigned

call ssl2_part_read again to parse error message

Important SSL 2.0 bugfixes (bugs found while implementing msg_callback).

sooner and the programs get built against the shared libraries.

This requires a bit more work.  Things like -rpath and the possibility
to still link the programs statically should be included.  Some
cleanup is also needed.  This will be worked on.

Addapt VMS scripts to the newer disk layout system ODS-5, which allows more than one period and mixed size characters in file names

change)

never resets s->method to s->ctx->method when called from within
one of the SSL handshake functions.

be called multiple times

New macros SSL[_CTX]_set_msg_callback_arg().

Message callback imlementation for SSL 3.0/TLS 1.0 (no SSL 2.0 yet).

New '-msg' option for 'openssl s_client' and 'openssl s_server'
that enable a message callback that displays all protocol messages.


In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert if
client_version is smaller than the protocol version in use.
Also change ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0
if the client demanded SSL 3.0 but only TLS 1.0 is enabled; then the
client will at least see that alert.

Fix SSL[_CTX]_ctrl prototype (void * instead of char * for generic
pointer).

Add/update some OpenSSL copyright notices.

variable name occured just in a function *prototype* -- so rename it

it to NULL.

to digests to retain compatibility.