struct ccs_header_st is not used so it should be removed.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>

Almost two months ago, the warning about non-existing config file was
supressed by setting the environment variable OPENSSL_CONF to /dev/null
everywhere.  Now that this warning is gone, that practice is no longer
needed.
Reviewed-by: NStephen Henson <steve@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>

The module loading feature got broken a while ago, so restore it, but
have it a bit more explicit this time around.
Reviewed-by: NStephen Henson <steve@openssl.org>

Reviewed-by: NTim Hudson <tjh@openssl.org>

RT 3871
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Create app_load_config(), a routine to load config file.  Remove the
"always load config" from the main app.  Change the places that used to
load config to call the new common routine.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Using an enum with -Wswitch means all lookup routines handle
all cases.  Remove X509_LU_PKEY which was never used.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

The new accessors SSL_get_client_random, SSL_get_server_random and
SSL_SESSION_get_master_key should return a size_t to match the type of the
|outlen| parameter.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Change the new SSL_get_client_random(), SSL_get_server_random() and
SSL_SESSION_get_master_key() functions to use size_t for |outlen| instead of
int.
Reviewed-by: NTim Hudson <tjh@openssl.org>

Signed-off-by: NMatt Caswell <matt@openssl.org>
Reviewed-by: NTim Hudson <tjh@openssl.org>

Tor uses these values to implement a low-rent clone of RFC 5705 (which,
in our defense, we came up with before RFC 5705 existed).  But now that
ssl_st is opaque, we need another way to get at them.

Includes documentation, with suitable warnings about not actually
using these functions.
Signed-off-by: NNick Mathewson <nickm@torproject.org>
Signed-off-by: NMatt Caswell <matt@openssl.org>
Reviewed-by: NTim Hudson <tjh@openssl.org>

Signed-off-by: NMatt Caswell <matt@openssl.org>
Reviewed-by: NTim Hudson <tjh@openssl.org>

On the server side, if you want to know which ciphers the client
offered, you had to use session->ciphers.  But that field is no
longer visible, so we need a method to get at it.
Signed-off-by: NNick Mathewson <nickm@torproject.org>
Signed-off-by: NMatt Caswell <matt@openssl.org>
Reviewed-by: NTim Hudson <tjh@openssl.org>

In master, the 'dh' command is gone, so use 'dhparam' instead to
determine if we're compiled with DH.

Also, set "@SECLEVEL=1" for the weak DH test, so that it actually
passes.
Reviewed-by: NDr Stephen Henson <steve@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Add support for PKCS#8 private key encryption using the scrypt algorithm
in the pkcs8 utility. Update documentation.
Reviewed-by: NRich Salz <rsalz@openssl.org>

This adds a new function which will encrypt a private key using PKCS#8
based on an X509_ALGOR structure and reimplements PKCS8_encrypt to use it.

Update pkcs8 utlity to use PKCS8_set0_pbe.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Set a specific error if the parameters are otherwise valid but exceed the
memory limit.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Add support for PKCS#12 and PBKDF2 password based encryption tests. Add
additional test data.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Also add more ciphersuite test coverage, and a negative test for
512-bit DHE.
Reviewed-by: NRich Salz <rsalz@openssl.org>
(cherry picked from commit 1ee85aab75d7c9f20058f781bfe9222323df08eb)

The size of the SRP extension can never be negative (the variable
|size| is unsigned). Therefore don't check if it is less than zero.

RT#3862
Reviewed-by: NRichard Levitte <levitte@openssl.org>

The return value of i2d functions can be negative if an error occurs.
Therefore don't assign the return value to an unsigned type and *then*
check if it is negative.

RT#3862
Reviewed-by: NRichard Levitte <levitte@openssl.org>

The members of struct timeval on OpenVMS are unsigned. The logic for
calculating timeouts needs adjusting to deal with this.

RT#3862
Reviewed-by: NRichard Levitte <levitte@openssl.org>

RT#3860
Reviewed-by: NTim Hudson <tjh@openssl.org>

RT#3858
Reviewed-by: NTim Hudson <tjh@openssl.org>

RT#3859
Reviewed-by: NTim Hudson <tjh@openssl.org>

The "out" variable is used for both key and csr.  Close it after
writing the first one so it can be re-used when writing the other.
Signed-off-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NTim Hudson <tjh@openssl.org>

Thanks to Brian Carpenter <brian.carpenter@gmail.com> for finding this.
Reviewed-by: NTim Hudson <tjh@openssl.org>

If the record received is for a version that we don't support, previously we
were sending an alert back. However if the incoming record already looks
like an alert then probably we shouldn't do that. So suppress an outgoing
alert if it looks like we've got one incoming.
Reviewed-by: NKurt Roeckx <kurt@openssl.org>

The 'http proxy' commit broke s_client default host/port value.
Thanks to Matt for the simplest fix.
Reviewed-by: NMatt Caswell <matt@openssl.org>

Version negotiation was broken (one of the late changes in the review
process broke it). The problem is that TLS clients do not set first_packet,
whereas TLS/DTLS servers and DTLS clients do. The simple fix is to set
first_packet for TLS clients too.
Reviewed-by: NKurt Roeckx <kurt@openssl.org>

bn_get_bits5 was overstepping array boundary by 1 byte. It was exclusively
read overstep and data could not have been used. The only potential problem
would be if array happens to end on the very edge of last accesible page.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

RT#3852
Reviewed-by: NRichard Levitte <levitte@openssl.org>

The update: target in engines/ didn't recurse into engines/ccgost.
The update: and depend: targets in engines/ccgost needed a fixup.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

The certificate masks are used to select which ciphersuite we are going to
use. The variables |emask_k| and |emask_a| relate to export grade key
exchange and authentication respecitively. The variables |mask_k| and
|mask_a| are the equivalent versions for non-export grade. This fixes an
instance where the two usages of export/non-export were mixed up. In
practice it makes little difference since it still works!
Reviewed-by: NRichard Levitte <levitte@openssl.org>