Reviewed-by: NAndy Polyakov <appro@openssl.org>

PR2693
Reviewed-by: NTim Hudson <tjh@openssl.org>

Make X509_REQ_print_ex do the same thing that
X509_REQ_print does.
Reviewed-by: NMatt Caswell <matt@openssl.org>

Problem with #ifdef in the BIO_CTRL_DGRAM_MTU_DISCOVER case that
is different from the BIO_CTRL_DGRAM_QUERY_MTU one which seems
correct.
Reviewed-by: NMatt Caswell <matt@openssl.org>

Reviewed-by: NGeoff Thorpe <geoff@openssl.org>

Pull constant-time methods out to a separate header, add tests.
Reviewed-by: NBodo Moeller <bodo@openssl.org>

Reviewed-by: NTim Hudson <tjh@openssl.org>

Add the wrapper to all public header files (Configure
generates one).  Don't bother for those that are just
lists of #define's that do renaming.
Reviewed-by: NTim Hudson <tjh@openssl.org>

The old code implicitly relies on the ASN.1 code returning a \0-prefixed buffer
when the buffer length is 0. Change this to verify explicitly that the ASN.1 string
has positive length.
Reviewed-by: NDr Stephen Henson <steve@openssl.org>

When d2i_ECPrivateKey reads a private key with a missing (optional) public key,
generate one automatically from the group and private key.
Reviewed-by: NDr Stephen Henson <steve@openssl.org>

This change saves several EC routines from crashing when an EC_KEY is
missing a public key. The public key is optional in the EC private key
format and, without this patch, running the following through `openssl
ec` causes a crash:

-----BEGIN EC PRIVATE KEY-----
MBkCAQEECAECAwQFBgcIoAoGCCqGSM49AwEH
-----END EC PRIVATE KEY-----
Reviewed-by: NDr Stephen Henson <steve@openssl.org>

Add an extra NULL dereference check
Reviewed-by: NViktor Dukhovni <viktor@openssl.org>

Reviewed-by: NAndy Polyakov <appro@openssl.org>

RT: 2835
Reviewed-by: NDr. Stephen Henson <steve@openssl.org>

Reviewed-by: NEmilia Kasper <emilia@openssl.org>

Reviewed-by: NDr. Stephen Henson <steve@openssl.org>

Reviewed-by: NDr. Stephen Henson <steve@openssl.org>

Reviewed-by: NEmilia Kasper <emilia@openssl.org>

I also found a couple of others (padlock and signinit)
and fixed them.
Reviewed-by: NEmilia Kasper <emilia@openssl.org>

Reviewed-by: NDr. Stephen Henson <steve@openssl.org>

Several files #include stdio.h and don't need it.
Also, per tjh, remove BN_COUNT
Reviewed-by: NEmilia Kasper <emilia@openssl.org>

Add a dozen more const declarations where appropriate.
These are from Justin; while adding his patch, I noticed
ASN1_BIT_STRING_check could be fixed, too.
Reviewed-by: NDr. Stephen Henson <steve@openssl.org>

Signed-off-by: NKurt Roeckx <kurt@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>

Signed-off-by: NKurt Roeckx <kurt@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>

Signed-off-by: NKurt Roeckx <kurt@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>

Signed-off-by: NKurt Roeckx <kurt@openssl.org>
Reviewed-by: NDr. Stephen Henson <steve@openssl.org>

Signed-off-by: NKurt Roeckx <kurt@openssl.org>
Reviewed-by: NDr. Stephen Henson <steve@openssl.org>

Signed-off-by: NKurt Roeckx <kurt@openssl.org>
Reviewed-by: NDr. Stephen Henson <steve@openssl.org>

hashbn: check for NULL result when allocating bin and return an error if it fails all (in)direct callers of hashbn: propagate potential error in hashbn
Signed-off-by: NKurt Roeckx <kurt@openssl.org>
Reviewed-by: NDr. Stephen Henson <steve@openssl.org>

Signed-off-by: NKurt Roeckx <kurt@openssl.org>
Reviewed-by: NDr. Stephen Henson <steve@openssl.org>

Signed-off-by: NKurt Roeckx <kurt@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>

Signed-off-by: NKurt Roeckx <kurt@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>

Signed-off-by: NKurt Roeckx <kurt@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>

Signed-off-by: NKurt Roeckx <kurt@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>

Signed-off-by: NKurt Roeckx <kurt@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>

Add a declaration for get_issuer_sk() so that other
functions in x509_vf.c could use it.  (Planned work
around cross-certification chains.)
Reviewed-by: NKurt Roeckx <kurt@openssl.org>

Signed-off-by: NKurt Roeckx <kurt@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>

Signed-off-by: NKurt Roeckx <kurt@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>

Signed-off-by: NKurt Roeckx <kurt@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>