The man page says "Compatibility des_ functions are provided for a short
while" and indeed even the original commit message says "The compatibility
functions will be removed in some future release, at the latest in
version 1.0." So here we are, a short while later.
Now I've only been an OpenBSD developer for 11 years, one year less than
this header has existed, but in that brief time, I've learned a thing or
two about deleting obsolete code. It doesn't delete itself. And worse,
people will continue using it until you force them onto a better path.

next few moments, don't rush your update.
Requested by deraadt@

obsolete (and mostly internal) routines to be compiled out.
We don't expect any reasonable software to stick to these interfaces, so better
clean up the view and unifdef -DNO_ASN1_OLD.
The astute reader will notice the existence of NO_OLD_ASN1 which serves a
similar purpose, but is more entangled. Its time will come, soon.

library expands until it has its own dlfcn wrapper, and libcrypto is no
exception.
Remove the non-dlfcn DSO methods.
This causes public DSO_METHOD_{beos,dl,vms,win32} to disappear (major bump
coming soon). Note that portable software ought to use DSO_METHOD_openssl
instead of picking the backend directly (which makes one wonder why the
backends are exposed, as it is unlikely that more than one can work on
your system).
ok beck@ deraadt@

meets their needs, but dumping it in here only penalizes the rest of us.
ok beck deraadt

with the bearded ones...
some API's that nobody should be using will dissapear with this commit.

as a build time option...
ok deraadt@ miod@

existing RAND interfaces unchanged.
All interfaces allowing external feed or seed of the RNG (either from a file
or a local entropy gathering daemon) are kept for ABI compatibility, but are
no longer do anything.
While the OpenSSL PRNG was required 15+ years ago when many systems lacked
proper entropy collection, things have evolved and one can reasonably assume
it is better to use the kernel (system global) entropy pool rather than trying
to build one's own and having to compensate for thread scheduling...
<RANT>
Whoever thought that RAND_screen(), feeding the PRNG with the contents of the
local workstation's display, under Win32, was a smart idea, ought to be banned
from security programming.
</RANT>
ok beck@ deraadt@ tedu@

(breaks ssh ecdsa keys)

#if OPENSSL_SYS_NOTYOURS
<whole file>
#endif

by anything in userland.

so that libssl no longer need to access the non-external headers of libcrypto
to build.
No library bump, riding upon the recent update.

and libssl major (ssl_check_clienthello_tlsext split into two functions)

as configuration files; split manpages and .pc files between libcrypto and
libssl.
No functional change, only there to make engineering easier, and libcrypto
sources are still found in libssl/src/crypto at the moment.
ok reyk@, also discussed with deraadt@ beck@ and the usual crypto suspects.

of the stride. don't overwrite past the end of the buffer, and also save
that amount for later so the array is completely filled. ok deraadt djm
reported by Dmitry Chestnykh (dchest)

For inet(3), go the other way, remove some bogus symlinks.
Found while testing the new makewhatis(8).
ok jmc@

in the install media. Reported by Donovan Watteau

This is merely a by-product of figuring out the amount of phk@ code
contained herein; i'm not planning to hack on this file.

this license change. We will remember that we all still like beer.

ok millert

executable and will not serve any purpose with smtpd by default
ok jmc@ tedu@

ok deraadt millert

Include tweaks suggested by mpi@
ok deraadt@

removing gets means removing it from libstdc++ and guenther tells me
that will require changing version numbers.

ok florian@ jung@ sthen@

opens the log before chrooting, but this handles the case where syslogd is
restarted during Unbound's runtime.

"A collision attack published in 2007 can find collisions for full
MD4 in less than two hash operations."
ok deraadt@, man pages ok jmc@

use better constant for salt size.
always copy ":" to gerror, in case somebody is dumb enough to overwrite it
timingsafe_bcmp before somebody whines about strcmp

add some friendlier functions.
move the classic static data api into wrapper functions.
a few more changes to come...