Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NStephen Henson <steve@openssl.org>

It served a purpose, but not any more.
Reviewed-by: NStephen Henson <steve@openssl.org>

Reviewed-by: NTim Hudson <tjh@openssl.org>

SIZE_MAX is a great macro, and does unfortunately not exist everywhere.
Since we check against half of it, using bitwise shift to calculate the
value of half SIZE_MAX should be safe enough.
Reviewed-by: NTim Hudson <tjh@openssl.org>

Reviewed-by: NTim Hudson <tjh@openssl.org>

If DSA parameters are absent return -1 (for unknown) in DSA_security_bits.

If parameters are absent when a certificate is set in an SSL/SSL_CTX
structure this will reject the certificate by default. This will cause DSA
certificates which omit parameters to be rejected but that is never (?)
done in practice.

Thanks to Brian 'geeknik' Carpenter for reporting this issue.
Reviewed-by: NEmilia Käsper <emilia@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Reuse is deprecated and ReuseAddr is prefered, according to documentation.
Reviewed-by: NViktor Dukhovni <viktor@openssl.org>

Reviewed-by: NKurt Roeckx <kurt@openssl.org>

Reviewed-by: NMatt Caswell <matt@openssl.org>

Reviewed-by: NTim Hudson <tjh@openssl.org>

Previous versions of OpenSSL had the max size limit for a CertificateRequest
message as |s->max_cert_list|. Previously master had it to be
SSL3_RT_MAX_PLAIN_LENGTH. However these messages can get quite long if a
server is configured with a long list of acceptable CA names. Therefore
the size limit has been increased to be consistent with previous versions.

RT#4198
Reviewed-by: NViktor Dukhovni <viktor@openssl.org>

Move all calls of the OCSP callback into one place, rather than repeating it
in two different places.
Reviewed-by: NViktor Dukhovni <viktor@openssl.org>

Describe the usage of the OCSP callback functions on both the client and
the server side.
Reviewed-by: NViktor Dukhovni <viktor@openssl.org>

It makes no sense to call the OCSP status callback if we are resuming a
session because no certificates will be sent.
Reviewed-by: NViktor Dukhovni <viktor@openssl.org>

If a server sends the status_request extension then it may choose
to send the CertificateStatus message. However this is optional.
We were treating it as mandatory and the connection was failing.

Thanks to BoringSSL for reporting this issue.

RT#4120
Reviewed-by: NViktor Dukhovni <viktor@openssl.org>

If the client sends a status_request extension in the ClientHello
and the server responds with a status_request extension in the
ServerHello then normally the server will also later send a
CertificateStatus message. However this message is *optional* even
if the extensions were sent. This adds a test to ensure that if
the extensions are sent then we can still omit the message.
Reviewed-by: NViktor Dukhovni <viktor@openssl.org>

Reviewed-by: NMatt Caswell <matt@openssl.org>

Reviewed-by: NMatt Caswell <matt@openssl.org>

Reviewed-by: NMatt Caswell <matt@openssl.org>

Reviewed-by: NMatt Caswell <matt@openssl.org>

Reviewed-by: NMatt Caswell <matt@openssl.org>

Signed-off-by: NKurt Roeckx <kurt@roeckx.be>
Reviewed-by: NRich Salz <rsalz@openssl.org>

RT: #4192, MR: #1533

Signed-off-by: NKurt Roeckx <kurt@roeckx.be>
Reviewed-by: NRich Salz <rsalz@openssl.org>

MR: #1523

Signed-off-by: NKurt Roeckx <kurt@roeckx.be>
Reviewed-by: NRich Salz <rsalz@openssl.org>

MR: #1522

Signed-off-by: NKurt Roeckx <kurt@roeckx.be>
Reviewed-by: NRich Salz <rsalz@openssl.org>

RT: #4195, MR: #1521

Suggested by David Benjamin
Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NViktor Dukhovni <openssl-users@dukhovni.org>

MR: #1520

When it's the last item that is removed int_thread_hash == hash and we would
still call int_thread_release(&hash) while hash is already freed.  So
int_thread_release would compare that dangling pointer to NULL which is
undefined behaviour.  Instead do already what int_thread_release() would do,
and make the call do nothing instead.
Reviewed-by: NRich Salz <rsalz@openssl.org>

RT: #4155, MR: #1519

When EC is disabled, and an error occurs in ssl_generate_master_secret()
or RAND_bytes(), the error path does not free rsa_decrypt.

RT#4197
Reviewed-by: NRichard Levitte <levitte@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>

DTLS cookie generation and verification were exact copies of each
other save the last few lines.  This refactors them to avoid code
copying.
Reviewed-by: NMatt Caswell <matt@openssl.org>

After the recent change to use ossl_inline, builds were failing on some
platforms due to a missing usage of "inline".
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Add macro ossl_inline for use in public headers where a portable inline
is required. Change existing inline to use ossl_inline
Reviewed-by: NKurt Roeckx <kurt@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NKurt Roeckx <kurt@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>