Signed-off-by: NHJ <huangjun42@huawei.com>

Description:openssl 1.1.1d used bu libhapverify
Team:OTHERS
Feature or Bugfix:Feature
Binary Source:Yes, it is
PrivateCode(Yes/No):No

Change-Id: I8968f9c0f146b587da17a3e603bd04fb7b4c505b
Reviewed-on: http://mgit-tm.rnd.huawei.com/7842784Tested-by: Npublic jenkins <public_jenkins@notesmail.huawei.com>
Reviewed-by: Nhouyuezhou 00386575 <hou@huawei.com>
Reviewed-by: Nlinyibin 00246405 <linyibin@huawei.com>
Reviewed-by: Nweiping 00548480 <ping.wei@huawei.com>

Make the include guards consistent by renaming them systematically according
to the naming conventions below

The public header files (in the 'include/openssl' directory) are not changed
in 1.1.1, because it is a stable release.

For the private header files files, the guard names try to match the path
specified in the include directives, with all letters converted to upper case
and '/' and '.' replaced by '_'. An extra 'OSSL_' is added as prefix.
Reviewed-by: NRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9681)

{make|swap|get|set}context are removed in POSIX.1-2008, but glibc
apparently keeps providing it.
Reviewed-by: NRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7420)

(cherry picked from commit 9d71a24ebf57e7157888af1ca587eafe914bf96f)

Reviewed-by: NPaul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/5110)

Because OPENSSL_SYS_CYGWIN will keep OPENSSL_SYS_UNIX defined, there's
no point having checks of this form:

    #if (defined(OPENSSL_SYS_UNIX) || defined(OPENSSL_SYS_CYGWIN))
Reviewed-by: NAndy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5060)

Removed e_os.h from all bar three headers (apps/apps.h crypto/bio/bio_lcl.h and
ssl/ssl_locl.h).

Added e_os.h into the files that need it now.

Directly reference internal/nelem.h when required.
Reviewed-by: NAndy Polyakov <appro@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4188)

Various fixes to get the following to compile:

./config no-asm -ansi -D_DEFAULT_SOURCE

RT4479
RT4480
Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>

On OpenBSD we turn off async capabilities due to no ucontext.h.

RT#4379
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

The async code uses thread local variables. We should convert to using
the new Thread API for doing this.
Reviewed-by: NRich Salz <rsalz@openssl.org>

This builds on the previous commit to auto initialise/deinitialise
libcrypto.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Add no-async option to Configure that forces ASYNC_NULL.
Related to RT1979
An embedded system or replacement C library (e.g. musl or uClibc)
may not support the *context APIs that are needed for async operation.

Compiles with musl. Ran unit tests, async tests skipped as expected.
Signed-off-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>

This was done by the following
        find . -name '*.[ch]' | /tmp/pl
where /tmp/pl is the following three-line script:
        print unless $. == 1 && m@/\* .*\.[ch] \*/@;
        close ARGV if eof; # Close file to reset $.

And then some hand-editing of other files.
Reviewed-by: NViktor Dukhovni <viktor@openssl.org>

Signed-off-by: NCorinna Vinschen <vinschen@redhat.com>
Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>

In the async code for MacOS/X define _XOPEN_SOURCE (if not already
defined) as early as possible.  We must do this before including
any header files, because on MacOS/X <stlib.h> includes <signal.h>
which includes <ucontext.h>.  If we delay defining _XOPEN_SOURCE
and include <ucontext.h> after various system headers are included,
we are very likely to end up with the wrong (truncated) definition
of ucontext_t.

Also, better error handling and some code cleanup in POSIX fibre
construction and destruction.  We make sure that async_fibre_makecontext()
always initializes the fibre to a state that can be freed.

For all implementations, check for error returns from
async_fibre_makecontext().
Reviewed-by: NMatt Caswell <matt@openssl.org>

In theory the pthreads approach for Thread Local Storage should be more
portable.

This also changes some APIs in order to accommodate this change. In
particular ASYNC_init_pool is renamed ASYNC_init_thread and
ASYNC_free_pool is renamed ASYNC_cleanup_thread. Also introduced ASYNC_init
and ASYNC_cleanup.
Reviewed-by: NRich Salz <rsalz@openssl.org>

A lot of the pool handling code was in the arch specific files, but was
actually boiler plate and the same across the implementations. This commit
moves as much code as possible out of the arch specific files.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Even with _XOPEN_SOURCE defined OS-X still displays warnings that
makecontext and friends are deprecated. This isn't a problem until you
try and build with --strict-warnings, and the build fails. This change
suppresses the warnings. We know they are deprecated but there is no
alternative!
Reviewed-by: NRich Salz <rsalz@openssl.org>

async_fibre_makecontext was initialise the fibre first and then calling
getcontext(). It should be the other way around because the getcontext
call may overwrite some of the things we just initialised. This didn't
cause an issue on Linux and so the problem went unnoticed. On OS-X it
causes a crash.
Reviewed-by: NRich Salz <rsalz@openssl.org>

OS-X complains if we don't have _XOPEN_SOURCE defined.
Reviewed-by: NRich Salz <rsalz@openssl.org>

_longjmp/_setjmp do not manipulate the signal mask whilst
longjmp/setjmp may do. Online sources suggest this could result
in a significant speed up in the context switching.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Tidied up the naming of functions and structures to be consistent
Reviewed-by: NRich Salz <rsalz@openssl.org>

Fix some warnings in the async code when compiling on windows.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Implement the ASYNC_JOB as a local thread pool. Remove the API support
for global pools.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Initial API implemented for notifying applications that an ASYNC_JOB
has completed. Currently only s_server is using this. The Dummy Async
engine "cheats" in that it notifies that it has completed *before* it
pauses the job. A normal async engine would not do that.

Only the posix version of this has been implemented so far, so it will
probably fail to compile on Windows at the moment.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Where we can we should use longjmp and setjmp in preference to swapcontext/
setcontext as they seem to be more performant.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Provides support for running asynchronous jobs. Currently this is completely
stand alone. Future commits will integrate this into libssl and s_server/
s_client. An asynchronous capable engine will be required to see any benefit
from this capability.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Rather than making include/openssl/foo.h a symlink to
crypto/foo/foo.h, this change moves the file to include/openssl/foo.h
once and for all.

Likewise, move crypto/foo/footest.c to test/footest.c, instead of
symlinking it there.
Originally-by: NGeoff Thorpe <geoff@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NTim Hudson <tjh@openssl.org>

PR 71

"Jan Mikkelsen" <janm@transactionsite.com> correctly states that the
OpenSSL header files have #include's and extern "C"'s in an incorrect
order.  Thusly fixed.

GeneralizedTime. At several points PKIX specifies that GeneralizedTime can be
used but OpenSSL doesn't currently support it. This patch adds several files
and a bunch of functions.

Of interest is the ASN1_TIME structure and its related functions. At several
points certificates, CRLs et al specify that a time can be expressed as a
choice of UTCTime and GeneralizedTime. Currently OpenSSL interprets this
(wrongly) as UTCTime because GeneralizedTime isn't supported. The ASN1_TIME
stuff provides this functionality.

Still todo is to trace which cert and CRL points need an ASN1_TIME and modify
the utilities appropriately and of course fix all the bugs.

Note new OpenSSL copyright in the new file a_time.c. I didn't put it in
a_gentm.c because it is a minimally modified form a_utctm.c .

Since this adds new files and error codes you will need to do a 'make errors'
at the top level to add the new codes.