--- Net_SSLeay.pm-1.25.orig/SSLeay.xs	2003-08-19 08:21:08.000000000 +1000
+++ Net_SSLeay.pm-1.25/SSLeay.xs	2005-12-13 15:23:59.323704596 +1000
@@ -42,6 +42,17 @@
  * 18.2.2003, RAND patch from Toni Andjelkovic <toni@soth._at>
  * 13.6.2003, applied SSL_X509_LOOKUP patch by Marian Jancar <mjancar@suse._cz>
  * 18.8.2003, fixed some const char pointer warnings --Sampo
+ * 11.11.2004 fixed a thread safety problem with SvSetSV that could cause crashes
+ *            if SSL_CTX_set_default_passwd_cb and friends were called multiple
+ *            times in different threads.
+ *            --mikem@open.com_.au
+ * 20.6.2005  Reintroduced X509_STORE_set_flags, also added
+ *	      X509_STORE_set_purpose and X509_STORE_set_trust
+ *            --mikem@open.com_.au
+ * 24.11.2005 Added X509_get_subjectAltNames
+ *            --mikem@open.com_.au
+ * 13.12.2005 Backed out the fix from 11.11.2004 due to memory leaks.
+ *            --mikem@open.com_.au
  *
  * $Id: SSLeay.xs,v 1.14 2003/06/13 21:14:40 sampo Exp $
  * 
@@ -90,6 +101,9 @@
 #include <openssl/ssl.h>
 #include <openssl/comp.h>    /* openssl-0.9.6a forgets to include this */
 #include <openssl/md5.h>     /* openssl-SNAP-20020227 does not automatically include this */
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+
 /* Debugging output */
 
 #if 0
@@ -2485,6 +2499,44 @@
      X509_STORE_CTX * x509_store_ctx
      int idx
 
+void
+X509_get_subjectAltNames(cert)
+     X509 *      cert
+     PPCODE:
+     int                    i, j = 0;
+     X509_EXTENSION         *subjAltNameExt = NULL;
+     STACK_OF(GENERAL_NAME) *subjAltNameDNs = NULL;
+     GENERAL_NAME           *subjAltNameDN  = NULL;
+     int                    num_gnames;
+     if (  (i = X509_get_ext_by_NID(cert, NID_subject_alt_name, -1))
+         && (subjAltNameExt = X509_get_ext(cert, i))
+	 && (subjAltNameDNs = X509V3_EXT_d2i(subjAltNameExt)))
+     {
+         num_gnames = sk_GENERAL_NAME_num(subjAltNameDNs);
+	 for (j = 0; j < num_gnames; j++) 
+	 {
+	    subjAltNameDN = sk_GENERAL_NAME_value(subjAltNameDNs, j);
+	    XPUSHs(sv_2mortal(newSViv(subjAltNameDN->type)));
+	    XPUSHs(sv_2mortal(newSVpv(ASN1_STRING_data(subjAltNameDN->d.ia5), ASN1_STRING_length(subjAltNameDN->d.ia5))));
+	 }
+     }
+     XSRETURN(j*2);
+
+int
+X509_get_ext_by_NID(x,nid,loc)
+	X509* x
+	int nid
+	int loc
+
+X509_EXTENSION *
+X509_get_ext(x,loc)
+	X509* x
+	int loc
+	
+void *
+X509V3_EXT_d2i(ext)
+	X509_EXTENSION *ext
+
 int
 X509_STORE_CTX_get_error(x509_store_ctx)
      X509_STORE_CTX * 	x509_store_ctx
@@ -2524,6 +2576,21 @@
     X509_STORE_CTX *ctx
     long flags
 
+void 
+X509_STORE_set_flags(ctx, flags)
+    X509_STORE *ctx
+    long flags
+
+void 
+X509_STORE_set_purpose(ctx, purpose)
+    X509_STORE *ctx
+    int purpose
+
+void 
+X509_STORE_set_trust(ctx, trust)
+    X509_STORE *ctx
+    int trust
+
 int 
 X509_load_cert_file(ctx, file, type)
     X509_LOOKUP *ctx
@@ -2542,6 +2609,10 @@
     char *file
     int type
 
+const char *
+X509_verify_cert_error_string(n)
+    long n   
+
 
 ASN1_UTCTIME *
 X509_get_notBefore(cert)
--- Net_SSLeay.pm-1.25.orig/typemap	2003-08-17 17:12:54.000000000 +1000
+++ Net_SSLeay.pm-1.25/typemap	2005-11-23 12:00:06.000000000 +1000
@@ -9,6 +9,7 @@
 X509_CRL *	T_IV
 X509_LOOKUP *	T_IV
 X509_NAME *	T_IV
+X509_EXTENSION *	T_IV
 BIO *           T_IV
 BIO_METHOD *    T_IV
 EVP_PKEY *      T_IV
@@ -17,6 +18,7 @@
 struct cert_st * T_IV
 X509_STORE_CTX * T_IV
 ASN1_UTCTIME *   T_IV
+ASN1_OCTET_STRING *   T_IV
 EVP_PKEY *       T_IV
 const char *	 T_PV
 const unsigned char * T_PV