Add EVP_PKEY algorithm for TLS1 PRF.
Reviewed-by: NMatt Caswell <matt@openssl.org>

Remove lint, tags, dclean, tests.
This is prep for a new makedepend scheme.
This is temporary pending unified makefile, and might help it.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Create Makefile's from Makefile.in
Rename Makefile.org to Makefile.in
Rename Makefiles to Makefile.in
Address review feedback from Viktor and Richard
Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Make LHASH_OF use static inline functions.

Add new lh_get_down_load and lh_set_down_load functions and their
typesafe inline equivalents.

Make lh_error a function instead of a macro.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Only two macros CRYPTO_MDEBUG and CRYPTO_MDEBUG_ABORT to control this.
If CRYPTO_MDEBUG is not set, #ifdef out the whole debug machinery.
        (Thanks to Jakob Bohm for the suggestion!)
Make the "change wrapper functions" be the only paradigm.
Wrote documentation!
Format the 'set func' functions so their paramlists are legible.
Format some multi-line comments.
Remove ability to get/set the "memory debug" functions at runtme.
Remove MemCheck_* and CRYPTO_malloc_debug_init macros.
Add CRYPTO_mem_debug(int flag) function.
Add test/memleaktest.
Rename CRYPTO_malloc_init to OPENSSL_malloc_init; remove needless calls.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Don't define stacks in C source files: it causes warnings
about unused functions in some compilers.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Applications wishing to include their own stacks now just need to include

DEFINE_STACK_OF(foo)

in a header file.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Rename BUF_{strdup,strlcat,strlcpy,memdup,strndup,strnlen}
to OPENSSL_{strdup,strlcat,strlcpy,memdup,strndup,strnlen}
Add #define's for the old names.
Add CRYPTO_{memdup,strndup}, called by OPENSSL_{memdup,strndup} macros.
Reviewed-by: NTim Hudson <tjh@openssl.org>

Signed-off-by: NKurt Roeckx <kurt@roeckx.be>
Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NDr. Stephen Henson <steve@openssl.org>

GH: #495, MR: #1435

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Continuing from previous commit ensure our style is consistent for malloc
return checks.
Reviewed-by: NKurt Roeckx <kurt@openssl.org>

Rebuild error source files: the new mkerr.pl functionality will now
pick up and translate static function names properly.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

This change introduces short names and NIDs for Russian GOST ciphers
according to GOST R 34.13-2015
Reviewed-by: NRichard Levitte <levitte@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>

After openssl_zalloc, cleanup more "set to 0/NULL" assignments.
Many are from github feedback.
Reviewed-by: NTim Hudson <tjh@openssl.org>

Add new OIDs for latest GOST updates
Reviewed-by: NRichard Levitte <levitte@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NTim Hudson <tjh@openssl.org>

objects.pl only looked for a space to see if the name could be
used as a C identifier.  Improve the test to match the real C
rules.
Signed-off-by: NRich Salz <rsalz@akamai.com>
Reviewed-by: NMatt Caswell <matt@openssl.org>

We had updates of certain header files in both Makefile.org and the
Makefile in the directory the header file lived in.  This is error
prone and also sometimes generates slightly different results (usually
just a comment that differs) depending on which way the update was
done.

This removes the file update targets from the top level Makefile, adds
an update: target in all Makefiles and has it depend on the depend: or
local_depend: targets, whichever is appropriate, so we don't get a
double run through the whole file tree.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

There are header files in crypto/ that are used by a number of crypto/
submodules.  Move those to crypto/include/internal and adapt the
affected source code and Makefiles.

The header files that got moved are:

crypto/cryptolib.h
crypto/md32_common.h
Reviewed-by: NRich Salz <rsalz@openssl.org>

The function obj_cmp() (file crypto/objects/obj_dat.c) can in some
situations call memcmp() with a null pointer and a zero length.

This is invalid behaviour. When compiling openssl with undefined
behaviour sanitizer (add -fsanitize=undefined to compile flags) this
can be seen. One example that triggers this behaviour is the pkcs7
command (but there are others, e.g. I've seen it with the timestamp
function):
apps/openssl pkcs7 -in test/testp7.pem

What happens is that obj_cmp takes objects of the type ASN1_OBJECT and
passes their ->data pointer to memcmp. Zero-sized ASN1_OBJECT
structures can have a null pointer as data.

RT#3816
Signed-off-by: NMatt Caswell <matt@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>

Original 'sizeof(ADDED_OBJ)' was replaced with 'sizeof(*ao)'. However,
they return different sizes. Therefore as the result heap gets corrupted
and at some point later debug version of malloc() detects the corruption.

On x86 we can observe that as follows:

sizeof(*ao) == 4
sizeof(*ao[0]) == sizeof(ADDED_OBJ) == 8

Issue reproduces with either enabling CRT debug heap or Application
Verifier's full-page heap.

Basic debugging data from the moment the corruption is first detected:

0:000:x86> |
.  0    id: 283c        create  name: openssl.exe
0:000:x86> kcn
 #
00 MSVCR120D!_heap_alloc_dbg_impl
01 MSVCR120D!_nh_malloc_dbg_impl
02 MSVCR120D!_nh_malloc_dbg
03 MSVCR120D!malloc
04 LIBEAY32!default_malloc_ex
05 LIBEAY32!CRYPTO_malloc
06 LIBEAY32!lh_insert
07 LIBEAY32!OBJ_add_object
08 LIBEAY32!OBJ_create
09 openssl!add_oid_section
0a openssl!req_main
0b openssl!do_cmd
0c openssl!main
0d openssl!__tmainCRTStartup
0e openssl!mainCRTStartup
0f KERNEL32!BaseThreadInitThunk
10 ntdll_77d60000!__RtlUserThreadStart
11 ntdll_77d60000!_RtlUserThreadStart
Signed-off-by: NMatt Caswell <matt@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NTim Hudson <tjh@openssl.org>

Reviewed-by: NTim Hudson <tjh@openssl.org>

What could be better than to refer to the RFC that defines it?
Reviewed-by: NStephen Henson <steve@openssl.org>

Reviewed-by: NMatt Caswell <matt@openssl.org>

Reviewed-by: NMatt Caswell <matt@openssl.org>

For a local variable:
        TYPE *p;
Allocations like this are "risky":
        p = OPENSSL_malloc(sizeof(TYPE));
if the type of p changes, and the malloc call isn't updated, you
could get memory corruption.  Instead do this:
        p = OPENSSL_malloc(sizeof(*p));
Also fixed a few memset() calls that I noticed while doing this.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

 https://github.com/openssl/openssl/pull/176 (CHANGES)
 https://rt.openssl.org/Ticket/Display.html?id=3545 (objects.txt)
 https://rt.openssl.org/Ticket/Display.html?id=3796 (verify.pod)
Reviewed-by: NTim Hudson <tjh@openssl.org>

Add OSSL_NELEM macro to e_os.h to determine the number of elements in an
array.
Reviewed-by: NTim Hudson <tjh@openssl.org>

Don't check for NULL before calling free functions. This gets:
        ERR_STATE_free
        ENGINE_free
        DSO_free
        CMAC_CTX_free
        COMP_CTX_free
        CONF_free
        NCONF_free NCONF_free_data _CONF_free_data
        A sk_free use within OBJ_sigid_free
        TS_TST_INFO_free (rest of TS_ API was okay)
        Doc update for UI_free (all uses were fine)
        X509V3_conf_free
        X509V3_section_free
        X509V3_string_free
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Don't check for NULL before calling OPENSSL_free
Reviewed-by: NRichard Levitte <levitte@openssl.org>

This gets BN_.*free:
    BN_BLINDING_free BN_CTX_free BN_FLG_FREE BN_GENCB_free
    BN_MONT_CTX_free BN_RECP_CTX_free BN_clear_free BN_free BUF_MEM_free

Also fix a call to DSA_SIG_free to ccgost engine and remove some #ifdef'd
dead code in engines/e_ubsec.
Reviewed-by: NRichard Levitte <levitte@openssl.org>