Prefer ReuseAddr over Reuse, with IO::Socket::INET

Reuse is deprecated and ReuseAddr is prefered, according to documentation.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

Fix no-engine.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

RT4202: Update rt URL's.

Reviewed-by: Matt Caswell <matt@openssl.org>

make a "missed make update" update

Reviewed-by: Tim Hudson <tjh@openssl.org>

Increase the max size limit for a CertificateRequest message

Previous versions of OpenSSL had the max size limit for a CertificateRequest
message as |s->max_cert_list|. Previously master had it to be
SSL3_RT_MAX_PLAIN_LENGTH. However these messages can get quite long if a
server is configured with a long list of acceptable CA names. Therefore
the size limit has been increased to be consistent with previous versions.

RT#4198

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

Simplify calling of the OCSP callback

Move all calls of the OCSP callback into one place, rather than repeating it
in two different places.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

Add some documentation for the OCSP callback functions

Describe the usage of the OCSP callback functions on both the client and
the server side.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

Ensure we don't call the OCSP callback if resuming a session

It makes no sense to call the OCSP status callback if we are resuming a
session because no certificates will be sent.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

Fix error when server does not send CertificateStatus message

If a server sends the status_request extension then it may choose
to send the CertificateStatus message. However this is optional.
We were treating it as mandatory and the connection was failing.

Thanks to BoringSSL for reporting this issue.

RT#4120

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

Add test for missing CertificateStatus message

If the client sends a status_request extension in the ClientHello
and the server responds with a status_request extension in the
ServerHello then normally the server will also later send a
CertificateStatus message. However this message is *optional* even
if the extensions were sent. This adds a test to ensure that if
the extensions are sent then we can still omit the message.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

fix no-ec

Reviewed-by: Matt Caswell <matt@openssl.org>

Server side EVP_PKEY DH support

Reviewed-by: Matt Caswell <matt@openssl.org>

utility function

Reviewed-by: Matt Caswell <matt@openssl.org>

EVP_PKEY DH client support.

Reviewed-by: Matt Caswell <matt@openssl.org>

Always generate DH keys for ephemeral DH cipher suites.

Reviewed-by: Matt Caswell <matt@openssl.org>

The functions take a SSL *, not a SSL_CTX *

Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>
RT: #4192, MR: #1533

redundant redeclaration of 'OPENSSL_strlcpy'

Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>
MR: #1523

__STDC_VERSION__ is not defined for c89 compilers

Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>
MR: #1522

remove duplicates in util/libeay.num

Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>
RT: #4195, MR: #1521

Remove SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER and SSL_OP_TLS_D5_BUG support.

Suggested by David Benjamin

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Viktor Dukhovni <openssl-users@dukhovni.org>
MR: #1520

Avoid using a dangling pointer when removing the last item

When it's the last item that is removed int_thread_hash == hash and we would
still call int_thread_release(&hash) while hash is already freed.  So
int_thread_release would compare that dangling pointer to NULL which is
undefined behaviour.  Instead do already what int_thread_release() would do,
and make the call do nothing instead.

Reviewed-by: Rich Salz <rsalz@openssl.org>
RT: #4155, MR: #1519

Memory leak in state machine in error path

When EC is disabled, and an error occurs in ssl_generate_master_secret()
or RAND_bytes(), the error path does not free rsa_decrypt.

RT#4197

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

Refactor DTLS cookie generation and verification

DTLS cookie generation and verification were exact copies of each
other save the last few lines.  This refactors them to avoid code
copying.

Reviewed-by: Matt Caswell <matt@openssl.org>

Fix inline build failure

After the recent change to use ossl_inline, builds were failing on some
platforms due to a missing usage of "inline".

Reviewed-by: Richard Levitte <levitte@openssl.org>

Add ossl_inline

Add macro ossl_inline for use in public headers where a portable inline
is required. Change existing inline to use ossl_inline

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

add -unref option to mkerr.pl

Reviewed-by: Rich Salz <rsalz@openssl.org>

In mkerr.pl look in directories under ssl/

Reviewed-by: Rich Salz <rsalz@openssl.org>

remove unused error code

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>

make update

Reviewed-by: Richard Levitte <levitte@openssl.org>

unload modules in ssltest

Reviewed-by: Richard Levitte <levitte@openssl.org>

make errors

Reviewed-by: Richard Levitte <levitte@openssl.org>

SSL configuration module docs

Reviewed-by: Richard Levitte <levitte@openssl.org>

Demo server using SSL_CTX_config

Reviewed-by: Richard Levitte <levitte@openssl.org>

Add ssl configuration support to s_server and s_client

Reviewed-by: Richard Levitte <levitte@openssl.org>

Load module in SSL_library_init

Reviewed-by: Richard Levitte <levitte@openssl.org>

Add ssl_mcnf.c to Makefile

Reviewed-by: Richard Levitte <levitte@openssl.org>

SSL library configuration module.

This adds support for SSL/TLS configuration using configuration modules.
Sets of command value pairs are store and can be replayed through an
SSL_CTX or SSL structure using SSL_CTX_config or SSL_config.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Cleanup CRYPTO_{push,pop}_info

Rename to OPENSSL_mem_debug_{push,pop}.
Remove simple calls; keep only calls used in recursive functions.
Ensure we always push, to simplify so that we can always pop

Reviewed-by: Richard Levitte <levitte@openssl.org>

Rename *_realloc_clean to *_clear_realloc

Just like *_clear_free routines.  Previously undocumented, used
a half-dozen times within OpenSSL source.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Also change the non-debug versions to use size_t

Reviewed-by: Richard Levitte <levitte@openssl.org>
MR: #1518

Fix memory leak in DSA redo case.

Found by clang scan-build.

Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Richard Levitte <levitte@openssl.org>
RT: #4184, MR: #1496

Configure: refine 'reconf' logic.

Reviewed-by: Rich Salz <rsalz@openssl.org>

bn/asm/bn-c64xplus.asm: update commentary.

Reviewed-by: Rich Salz <rsalz@openssl.org>

sha/asm/sha256-armv4.pl: one of "universal" flags combination didn't compile.
(and unify table address calculation in ARMv8 code path).

Reviewed-by: Tim Hudson <tjh@openssl.org>

Fix URLs mangled by reformat

Some URLs in the source code ended up getting mangled by indent. This fixes
it. Based on a patch supplied by Arnaud Lacombe <al@aerilon.ca>

Reviewed-by: Richard Levitte <levitte@openssl.org>

Fix the etags action line, as etags doesn't take -R

Reviewed-by: Matt Caswell <matt@openssl.org>

Remove fixed DH ciphersuites.

Remove all fixed DH ciphersuites and associated logic.

Reviewed-by: Matt Caswell <matt@openssl.org>

delete unused context

Reviewed-by: Matt Caswell <matt@openssl.org>

Remove some L<asdf|asdf> which crept back in.

Reviewed-by: Tim Hudson <tjh@openssl.org>

Remove err and prime demo's

ERR is not really a public facility; remove the demo.
prime shows how to generate a prime.  See apps.

Reviewed-by: Tim Hudson <tjh@openssl.org>

Remove the "eay" c-file-style indicators

Since we don't use the eay style any more, there's no point tryint to
tell emacs to use it.

Reviewed-by: Matt Caswell <matt@openssl.org>

Add SSL_CIPHER_description() for Chacha20/Poly1305

SSL_CIPHER_description() was returning "unknown" for the encryption
in the new ChaCha20/Poly1305 TLS ciphersuites.

RT#4183

Reviewed-by: Richard Levitte <levitte@openssl.org>

Modify the lower level memory allocation routines to take size_t

We've been using int for the size for a long time, it's about time...

Reviewed-by: Rich Salz <rsalz@openssl.org>

mem-cleanup, cont'd.

Remove LEVITTE_DEBUG_MEM.
Remove {OPENSSL,CRYPTO}_remalloc.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

Rename sec_mem to mem_sec, like other files.

Reviewed-by: Tim Hudson <tjh@openssl.org>

Fix typo.

Reviewed-by: Tim Hudson <tjh@openssl.org>

Provide better "make depend" warning.

Reviewed-by: Matt Caswell <matt@openssl.org>

Fix no-dgram.

Reviewed-by: Tim Hudson <tjh@openssl.org>

Rename some BUF_xxx to OPENSSL_xxx

Rename BUF_{strdup,strlcat,strlcpy,memdup,strndup,strnlen}
to OPENSSL_{strdup,strlcat,strlcpy,memdup,strndup,strnlen}
Add #define's for the old names.
Add CRYPTO_{memdup,strndup}, called by OPENSSL_{memdup,strndup} macros.

Reviewed-by: Tim Hudson <tjh@openssl.org>

fix for no-ec

Reviewed-by: Matt Caswell <matt@openssl.org>

make update

Reviewed-by: Richard Levitte <levitte@openssl.org>

Use EVP_PKEY for client side EC.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Use EVP_PKEY for server EC.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Add ECDH/DH utility functions.

Reviewed-by: Richard Levitte <levitte@openssl.org>

remove unnecessary key copy

Reviewed-by: Richard Levitte <levitte@openssl.org>

Constify EC_KEY in ECDH_compute_key.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Remove ECDH client auth code.

Remove incomplete non-functional ECDH client authentication code.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Remove SSL_OP_SINGLE_ECDH_USE code.

Since auto ecdh is now always used SSL_OP_SINGLE_ECDH_USE is
redundant. Simplify associated code.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Use EC_KEY_key2buf and EC_oct2key in libssl.

Reviewed-by: Richard Levitte <levitte@openssl.org>

New EC functions.

New functions EC_POINT_point2buf and EC_KEY_key2buf which encode
a point and allocate a buffer in one call.

New function EC_KEY_oct2key() which sets public key in an EC_KEY
structure from an encoded point.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Fix build on Solaris

Solaris builds were failing during async compilation because the .o files
created from compiling the corresponding .c files held in async/arch were
ending up in the top level async directory. Consequently the link fails
because it can't find the .o files.

Thanks to Richard Levitte for pointing me in the right direction on this.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Fix updating via mkdef.pl

The previous commit introduced a new file format for ssleay.num and
libeay.num, i.e. the introduction of a version field. Therefore the update
capability in mkdef.pl needs updating to take account of the new format.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Don't export internal symbols

On Linux when creating the .so file we were exporting all symbols. We should
only be exporting public symbols. This commit fixes the issue. It is only
applicable to linux currently although the same technique may work for other
platforms (e.g. Solaris should work the same way).

This also adds symbol version information to our exported symbols.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Better splitting regexp for test_ordinals

Reviewed-by: Matt Caswell <matt@openssl.org>

Remove GMP engine.

Reviewed-by: Ben Laurie <ben@openssl.org>

Fix s_server problem with no-ec

s_server was trying to set the ECDH curve when no-ec was defined. This also
highlighted the fact that the -no_ecdhe option to s_server is broken, and
doesn't make any sense any more (ECDHE is on by default and the only way it
can be disabled is through the cipherstring). Therefore this commit removes
the option.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Fix no-psk compile failure

Reviewed-by: Tim Hudson <tjh@openssl.org>

Fix compile failure with no-srp

Reviewed-by: Tim Hudson <tjh@openssl.org>

Update EVP_PKEY documentation.

Add EVP_PKEY_up_ref() documentation and fix various typos.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

make update

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

New function X509_get0_pubkey

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

Add EVP_PKEY_get0_* functions.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

Extend EVP_PKEY_copy_parameters()

Make EVP_PKEY_copy_parameters() work if the destination has no type
(e.g. if obtained from EVP_PKEY_new()) or the underlying key is NULL.
This is useful where we want to copy the parameters from an existing
key to a new key.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

Fix a ** 0 mod 1 = 0 for real this time.

Commit 2b0180c37fa6ffc48ee40caa831ca398b828e680 attempted to do this but
only hit one of many BN_mod_exp codepaths. Fix remaining variants and add
a test for each method.

Thanks to Hanno Boeck for reporting this issue.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

crpyto/ppccpuid.pl: add FPU probe and fix OPENSSL_rdtsc.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

crypto/ppccap.c: add SIGILL-free processor capability detection code.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

add malloc fail check & fix memory leak

Signed-off-by: Hongze Zhu <hongze.zhu@gmail.com>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

Fix erroneous SO suffix in darwin64-debug-test-64-clang target

Reviewed-by: Richard Levitte <levitte@openssl.org>

Fix typo

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

Fix option value parsing in crl2pkcs7 -certfile

Reviewed-by: Rich Saltz <rsalz@openssl.org>

Avoid erroneous "assert(private)" failures.

When processing a public key input via "-pubin", "private" was
sometimes erroneously set, or else not set and incorrectly asserted.

Reviewed-by: Rich salz <rsalz@openssl.org>

x86_64 assembly pack: tune clang version detection even further.

RT#4171

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Configure: add framework for ChaCha and Poly1305 assembly.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Configure: 'reconf' to respect CROSS_COMPILE and CC.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Don't use EC when no-ec.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Remove no longer existant structure member and direct references to EVP_MD_CTX internals.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Fix (incorrect) uninitialised variable warning.

Reviewed-by: Richard Levitte <levitte@openssl.org>

fix warning

Reviewed-by: Ben Laurie <ben@openssl.org>

remove ancient SSLeay bug workaround

Reviewed-by: Matt Caswell <matt@openssl.org>

Allow ChaCha20-Poly1305 in DTLS

GCM and CCM are modes of operation for block ciphers only. ChaCha20-Poly1305
operates in neither of them but it is AEAD. This change also enables future
AEAD ciphers to be available for use with DTLS.

Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Matt Caswell <matt@openssl.org>