of the intel RDRAND instruction.  Consensus was RDRAND should probably
only be used as an additional source of entropy in a mixer.
Guess which library bends over backwards to provide easy access to
RDRAND?  Yep.  Guess which applications are using this support?  Not
even one... but still, this is being placed as a trap for someone.
Send this support straight to the abyss.
ok kettenis

From Fritjof Bornebusch.

opensslconf.h is just a dummy, we're lightyears away from working userspace.
ok deraadt@

ok landry@ ajacoutot@

ok deraadt@ millert@

ok beck

freed chunk is actually freeable immediately. catch more errors.
hints/ok otto

While there, sort headers.
ok tedu@

ok miod

more #ifdefs and a new source file that contains a single function.
Nuke the #if 0 code that is now a macro and move the single function in
evp_acnf.c to c_all.c, which is where the other code lives. While here,
tidy evp.h slightly, remove an unnecessary #ifdef __OpenBSD__ and nuke
a comment that is now a lie.
ok miod@

Langley's Chromium OpenSSL patches.
ok miod@

implementations. This largely pulls in Adam Langley's AEAD patches from
Chromium's OpenSSL.
ok miod@

required. try to document this fact and some of the history.
with feedback from deraadt guenther millert

implementation.
ok miod@

probably more 32-bit platforms).
Problem noticed by tobiasu@; ok tobiasu@ dtucker@ sthen@ benno@

of 64-bit data, and only used by DTLS, to libssl where it belongs.
Remove pqueue_print() which is a debugging interface and serves no useful
purpose, except for the regress test, which grows its own pqueue_print()
routine.
Bump libcrypto major and libssl minor.
WARNING: do not update your tree right now, more changes are coming, which
will ride the libcrypto major bump.

while changing things, add a crypt_checkpass wrapper that handles most of
the edge cases. (not quite ready for production, though.)
ok deraadt

It's not a standard interface, so it doesn't belong in libc.
I hate duplicating the code in client programs, so do beck@, kettenis@,
schwarze@, millert@, miod@... and they agree with libutil.

(mostly use a calloc function to avoid potential integer overflow)

deterministic behavior. four selected because it's more than three, less
than five. i.e., no particular reason.

can avoid reinventing the wheel
ok guenther schwarze

ok crickets@

the only useful option here is to specify an alternative config path,
which must be used for these operations as well as for startup.

beauty sleep.  He's probably having a nightmare about this right now....
ok tedu

these files similar in layout to the other md Makefile.inc; no functional
change.

wherever it decides it would like them. first step. ok deraadt dlg djm

uses the `umul' and `udiv' instructions directly, which are not supported
on v7 processors.