Reviewed-by: NMatt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11400)

SSL_shutdown can fail if called during initialization, and in such case, it'll
add an error to the error queue. This adds SSL_shutdown to the list of functions
that should preceed the call to SSL_get_error.

CLA: trivial
Reviewed-by: NMatt Caswell <matt@openssl.org>
Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/7465)

(cherry picked from commit df9fd168ceb1f187365d24fef829d6d48b1077a9)

Reviewed-by: NMatt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9034)

Follow on from CVE-2019-1559
Reviewed-by: NRichard Levitte <levitte@openssl.org>

While stereotyped repetitions are frowned upon in literature, they
serve a useful purpose in manual pages, because it is easier for
the user to find certain information if it is always presented in
the same way. For that reason, this commit harmonizes the varying
formulations in the HISTORY section about which functions, flags,
etc. were added in which OpenSSL version.

It also attempts to make the pod files more grep friendly by
avoiding to insert line breaks between the symbol names and the
corresponding version number in which they were introduced
(wherever possible). Some punctuation and typographical errors
were fixed on the way.
Reviewed-by: NTim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7854)

Reviewed-by: NBen Kaduk <kaduk@mit.edu>
GH: #7188
(cherry picked from commit 8e593f0a0dbcb3193548ced3c2e78fbbd201b2db)

Reviewed-by: NMatt Caswell <matt@openssl.org>
GH: #6240

Reviewed-by: NRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5851)

Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de>
GH: #5823

"Early callback" is a little ambiguous now that early data exists.
Perhaps "ClientHello callback"?
Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NBen Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4349)

Reviewed-by: NRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2825)

Provide a callback interface that gives the application the ability
to adjust the nascent SSL object at the earliest stage of ClientHello
processing, immediately after extensions have been collected but
before they have been processed.

This is akin to BoringSSL's "select_certificate_cb" (though it is not
API compatible), and as the name indicates, one major use is to examine
the supplied server name indication and select what certificate to
present to the client.  However, it can also be used to make more
sweeping configuration changes to the SSL object according to the
selected server identity and configuration.  That may include adjusting
the permitted TLS versions, swapping out the SSL_CTX object (as is
traditionally done in a tlsext_servername_callback), changing the
server's cipher list, and more.

We also wish to allow an early callback to indicate that it needs to perform
additional work asynchronously and resume processing later.  To that effect,
refactor the second half of tls_process_client_hello() into a subroutine to be
called at the post-processing stage (including the early callback itself), to
allow the callback to result in remaining in the same work stage for a later
call to succeed.  This requires allocating for and storing the CLIENTHELLO_MSG
in the SSL object to be preserved across such calls, but the storage is
reclaimed after ClientHello processing finishes.

Information about the CliehtHello is available to the callback by means of
accessor functions that can only be used from the early callback.  This allows
extensions to make use of the existing internal parsing machinery without
exposing structure internals (e.g., of PACKET), so that applications do not
have to write fragile parsing code.

Applications are encouraged to utilize an early callback and not use
a servername_callback, in order to avoid unexpected behavior that
occurs due to the relative order of processing between things like
session resumption and the historical servername callback.

Also tidy up nearby style by removing unnecessary braces around one-line
conditional bodies.
Reviewed-by: NMatt Caswell <matt@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2279)

This reverts commit 4880672a.

Fixes: #1903
Reviewed-by: NMatt Caswell <matt@openssl.org>

GH: #1931

Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1900)

Improvements to style, grammar etc.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Also document SSL_peek() which was missing from the docs.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Move manpages to manX directories
Add Windows/VMS install fix from Richard Levitte
Update README
Fix typo's
Remove some duplicates
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Fix some code examples, trailing whitespace
Fix TBA sections in verify, remove others.
Remove empty sections
Use Mixed Case not ALL CAPS in head2
Enhance doc-nits script.
Remove extra =cut line
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

SSL_get_async_wait_fd() was replaced by SSL_get_all_async_fds() and
SSL_get_changed_async_fds().
Reviewed-by: NRichard Levitte <levitte@openssl.org>

If the application has limited the size of the async pool using
ASYNC_init_thread() then we could run out of jobs while trying to start a
libssl io operation. However libssl was failing to handle this and treating
it like a fatal error. It should not be fatal...we just need to retry when
there are jobs available again.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Add some clarifications to the async documentation. Also changed
ASYNC_pause_job() so that it returns success if you are not within the
context of a job. This is so that engines can be used either asynchronously
or synchronously and can treat an error from ASYNC_pause_job() as a real
error.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Document the libssl and command line application aspects of async.
Reviewed-by: NRich Salz <rsalz@openssl.org>

If something was "present in all versions" of SSLeay, or if it was
added to a version of SSLeay (and therefore predates OpenSSL),
remove mention of it.  Documentation history now starts with OpenSSL.

Remove mention of all history before OpenSSL 0.9.8, inclusive.

Remove all AUTHOR sections.
Reviewed-by: NTim Hudson <tjh@openssl.org>

L<foo|foo> is sub-optimal  If the xref is the same as the title,
which is what we do, then you only need L<foo>.  This fixes all
1457 occurrences in 349 files.  Approximately.  (And pod used to
need both.)
Reviewed-by: NRichard Levitte <levitte@openssl.org>