OpenSSL is compiled with NO_RSA, no RSA operations can be used: including
key generation storage and display of RSA keys. Since these operations are
not covered by the RSA patent (my understanding is it only covers encrypt,
decrypt, sign and verify) they can be included: this is an often requested
feature, attempts to use the patented operations return an error code.

This is enabled by setting RSA_NULL. This means that if a particular application
has its own legal US RSA implementation then it can use that instead by setting
it as the default RSA method.

Still experimental and needs some fiddling of the other libraries so they have
some options that don't attempt to use RSA if it isn't allowed.

It's still totally untested ...

on the command line for various utilities.

config file (change RAW to DER).

block.

DSA_METHOD to make it more consistent with RSA_METHOD.

In case of a restart, v[0] and v[1] were incorrectly initialised.
This was interpreted by ssl3_get_client_key_exchange as an RSA decryption
failure (don't ask me why) and caused it to create a _random_ master key
instead (even weirder), which obviously led to incorrect input to
ssl3_generate_master_secret and thus caused "block cipher pad is
wrong" error messages from ssl3_enc for the client's Finished message.
Arrgh.

support for encrypted content type in PKCS7_set_content().

Modify obj_dat.pl to take its files from the command line. Usage is now
perl obj_dat.pl objects.h obj_dat.h
this should avoid redirection shell escape problems under Win32.

used by things like Xenroll. Also include documentation for extendedKeyUsage
extension.

Friends, feel free to start again hacking for 0.9.5... ;)

This should now finally make the RSAref users happy...

Hint from: Andrija Antonijevic <TheAntony2@bigfoot.com>

with some 0.9.4 changes.

while implementing and using it.

recipient.

Using different files caused problems because the dependencies
in the Makefiles produced by mk1mf.pl were for the standard case,
i.e. mentioned buildinf.h and not mk1mfinf.h.

and to lots of PEM_... functions.
Submitted by: Damien Miller <dmiller@ilogic.com.au>

use new file buildinf.h instead.

work as intended, both for SSLv2 and TLS.

and make it the default for some debugging configurations.

passes all the tests. Added documentation in INSTALL.W32.