Reviewed-by: NEmilia Käsper <emilia@openssl.org>

Reviewed-by: NEmilia Käsper <emilia@openssl.org>

Some platforms claim to be POSIX but their getcontext() implementation
does not work. Therefore we update the ASYNC_is_capable() function to test
for this.

RT#4366
Reviewed-by: NRichard Levitte <levitte@openssl.org>

util/mkdef.pl assumes it knows what the resulting library name will
be.  Really, it shouldn't, but changing it will break classic native
Windows builds, so we leave it for now and change the LIBRARY line
externally when needed instead.
Reviewed-by: NMatt Caswell <matt@openssl.org>

When building the DLLs, we depend on the correct default C RTL info.
Reviewed-by: NMatt Caswell <matt@openssl.org>

Reviewed-by: NMatt Caswell <matt@openssl.org>

- Remove duplicate entry
- Add author for SSL_CIPHER query functions
- Note HKDF support in CHANGES and NEWS

[ci skip]
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Normally we always refer to source files relative to $SRCDIR in Makefiles.
However the reference to unix-Makefile.tmpl was using a fully expanded
absolute path. This can cause problems for Mingw.
Reviewed-by: NTim Hudson <tjh@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>

We don't currently support cross-compiling of the afalg engine. However
we were failing to explicitly mark it as disabled during Configure leading
to a failed build.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

TLSProxy starts s_server and specifies the number of client connects
it should expect. After that s_server is supposed to close down
automatically. However, if another test is then run then TLSProxy
will start a new instance of s_server. If the previous instance
hasn't closed down yet then the new instance can fail to bind to
the socket.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NAndy Polyakov <appro@openssl.org>

Reviewed-by: NAndy Polyakov <appro@openssl.org>

Make doesn't always treat multiline quoted strings as nicely as one
would wish.
Reviewed-by: NAndy Polyakov <appro@openssl.org>

In unix-Makefile.tmpl, this construction has been used a few times

	if ! something; then ...

It seems, though, that some shells do not understand !, so these need
to be changed.
Reviewed-by: NRich Salz <rsalz@openssl.org>

This commit adds the general verify options of ocsp, verify,
cms, etc. to the openssl timestamping app as suggested by
Stephen N. Henson in [openssl.org #4287]. The conflicting
"-policy" option of "openssl ts" has been renamed to
"-tspolicy". Documentation and tests have been updated.

CAVE: This will break code, which currently uses the "-policy"
option.
Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NMatt Caswell <matt@openssl.org>

OPENSSL_INIT_ONCE and OPENSSL_INIT_ONCE_STATIC_INIT are really
CRYPTO_ONCE and CRYPTO_ONCE_STATIC_INIT.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Also make it possible to disable afalg separately.

we still need to update config again
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NStephen Henson <steve@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

but not if there is reference to empty variable.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

There are internal dependencies between the various cleanup functions.
This re-orders things to try and get that right.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

OBJ_cleanup() doesn't always get called from EVP_cleanup() so needs to be
explicitly called in de-init. Also BIO_sock_cleanup() also needs to be
called.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

With bash and zsh, the trap on the 5 second read does respond, but
doesn't break out of the read.  What's worse is that it takes away the
5 second timer, and therefore has the read hang indefinitely and
(almost) unbreakable.

Having the trap do 'exit 0' after reseting the tty params has it break
out of read and continue with the configuration.

Other shells do not appear to have the issue described here, but
neither does the extra 'exit 0' appear to harm them.
Reviewed-by: NAndy Polyakov <appro@openssl.org>

Reviewed-by: NAndy Polyakov <appro@openssl.org>

Reviewed-by: NAndy Polyakov <appro@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NViktor Dukhovni <viktor@openssl.org>

Document EVP_PKEY_id() and EVP_PKEY_base_id().
Reviewed-by: NViktor Dukhovni <viktor@openssl.org>

Reviewed-by: NKurt Roeckx <kurt@openssl.org>

A couple of '$(PERLASM_SCHEM' had sneaked in.
Reviewed-by: NTim Hudson <tjh@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

The reason to do so is that some of the generators detect PIC flags
like -fPIC and -KPIC, and those are normally delivered in LD_CFLAGS.
Reviewed-by: NRich Salz <rsalz@openssl.org>