openssl.c and ts.c assign the value of opt_num_rest() to argc, but then
only use the value once.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Also correct the return value from the the "prime" application
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Various instances of variables being written to, but then never read.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

The Unix build was the last to retain the classic build scheme.  The
new unified scheme has matured enough, even though some details may
need polishing.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Link errors were occurring on Windows because the header files were not
correctly guarding some functions with OPENSSL_NO_SOCK
Reviewed-by: NRich Salz <rsalz@openssl.org>

Windows "select" only works for sockets so don't use it to wait for async.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Add copyright to most .pl files
This does NOT cover any .pl file that has other copyright in it.
Most of those are Andy's but some are public domain.
Fix typo's in some existing files.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Give the API new names, document it.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Make OBJ_name_cmp internal
Rename idea_xxx to IDEA_xxx
Rename get_rfc_xxx to BN_get_rfc_xxx
Rename v3_addr and v3_asid functions to X509v3_...
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NMatt Caswell <matt@openssl.org>

Make X509_OBJECT, X509_STORE_CTX, X509_STORE, X509_LOOKUP,
and X509_LOOKUP_METHOD opaque.
Remove unused X509_CERT_FILE_CTX
Reviewed-by: NRichard Levitte <levitte@openssl.org>
Reviewed-by: NDr. Stephen Henson <steve@openssl.org>

no-stdio does not work with the apps. Since the tests also need the apps
it doesn't support that either. Therefore we disable building of both.

no-autoalginit is not compatible with the apps because it requires explicit
loading of the algorithms, and the apps don't do that. Therefore we disable
building the apps for this option. Similarly the tests depend on the apps
so we also disable the tests. Finally the whole point about no-autoalginit
is to avoid excessive executable sizes when doing static linking. Therefore
we disable "shared" if this option is selected.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

no-hmac is no longer an option so remove OPENSSL_NO_HMAC guards.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

no-sha is no longer an option so remove OPENSSL_NO_SHA guards.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

no-aes is no longer a Configure option and therefore the OPENSSL_NO_AES
guards can be removed.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

When compressing, the output / input is a binary format, not a text
format like BASE64.  This is important on Windows, where a ^Z in a
text file is seen as EOF, and there could be a ^Z somewhere in a
compressed file, cutting it short as input.
Reviewed-by: NMatt Caswell <matt@openssl.org>

OBJ_cleanup() should not be called expicitly - we should leave
auto-deinit to clean this up instead.
Reviewed-by: NTim Hudson <tjh@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>

RAND_cleanup() should not be called expicitly - we should leave
auto-deinit to clean this up instead.
Reviewed-by: NTim Hudson <tjh@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>

The conditional compile logic wasn't quite right in speed.c for when
both OPENSSL_NO_DSA and OPENSSL_NO_EC are defined.
Reviewed-by: NTim Hudson <tjh@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Setting the debug callback on the in and out BIOs were done too early.
No debug callback was set on the zlib filter BIO.
Reviewed-by: NTim Hudson <tjh@openssl.org>

Misc fixes to get no-nextprotoneg config option working again.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Move the dh_st structure into an internal header file and provide
relevant accessors for the internal fields.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Suppress CT callbacks with aNULL or PSK ciphersuites that involve
no certificates.  Ditto when the certificate chain is validated via
DANE-TA(2) or DANE-EE(3) TLSA records.  Also skip SCT processing
when the chain is fails verification.

Move and consolidate CT callbacks from libcrypto to libssl.  We
also simplify the interface to SSL_{,CTX_}_enable_ct() which can
specify either a permissive mode that just collects information or
a strict mode that requires at least one valid SCT or else asks to
abort the connection.

Simplified SCT processing and options in s_client(1) which now has
just a simple pair of "-noct" vs. "-ct" options, the latter enables
the permissive callback so that we can complete the handshake and
report all relevant information.  When printing SCTs, print the
validation status if set and not valid.
Signed-off-by: NRob Percival <robpercival@google.com>
Reviewed-by: NEmilia Käsper <emilia@openssl.org>

Move rsa_st away from public headers.
Add accessor/writer functions for the public RSA data.
Adapt all other source to use the accessors and writers.
Reviewed-by: NMatt Caswell <matt@openssl.org>

Misc fixes for no-ocsp
Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NKurt Roeckx <kurt@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

... comes from c5137473.
Fix Travis builds.
Reviewed-by: NRichard Levitte <levitte@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>

This reverts commit 620d540b.
It wasn't reviewed.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NStephen Henson <steve@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NStephen Henson <steve@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NDr. Stephen Henson <steve@openssl.org>