Port client auth tests to the new framework, add coverage. The old tests
were only testing success, and only for some protocol versions; the new
tests add all protocol versions and various failure modes.
Reviewed-by: NRich Salz <rsalz@openssl.org>

_ctr32 in function name refers to 32-bit counter, but it was implementing
64-bit one. This didn't pose problem to EVP, but 64-bit counter was just
misleading.

RT#4512
Reviewed-by: NRichard Levitte <levitte@openssl.org>

This is needed to generate stable output names/symlinks.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Include a note in INSTALL that tests must be run from an unprivileged
process.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Numerous test failures were occuring when Configured with enable-ubsan
although they could all be traced back to one issue.
Reviewed-by: NAndy Polyakov <appro@openssl.org>

Also fixes -Wstrict-oveflow warning on this file.

RT#4474 (partial)
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Adapt util/process_docs.pl
Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NMatt Caswell <matt@openssl.org>

The S symbol class wasn't checked.

Notified by Sebastian Andrzej Siewior
Reviewed-by: NTim Hudson <tjh@openssl.org>

checkpoint before release.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

The set_reasons() function in v3_crld.c leaks a STACK_OF(CONF_VALUE)
object on an error path.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

The int X509_PURPOSE_add() function was leaking an X509_PURPOSE object
on error.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

The X509_TRUST_add() function was leaking an X509_TRUST object on error.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

The ASN1_item_pack() function was leaking an ASN1_STRING object on error
paths.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

The ASN1_GENERALIZEDTIME_adj() function leaks an ASN1_GENERALIZEDTIME
object on an error path.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

The v2i_POLICY_MAPPINGS() function leaked ASN1_OBJECT pointers on error
paths.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

The notice_section() function allocates a STACK_OF(CONF_VALUE) but
then fails to free it on an error path.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

The v2i_AUTHORITY_KEYID() function can leak memory under an error
condition.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

The crl2pkcs7 app leaks a stack of OPENSSL_STRINGs in error paths.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

The dsaparam application allocates a temporary buffer but then doesn't
free it.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

The function a2i_ASN1_INTEGER() allocates a buffer |s| but then fails
to free it on error paths.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

The make_receipt_request() function in the cms app can leak memory on
an error condition.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

The ec_wNAF_mul() function allocates some temporary storage that it
doesn't always free on an error condition.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

After this merge, the only things left (from doc-nit-check) is
74 pages without a "RETURN VALUES" section.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Add copyright to missing assembler files.
Add copyrights to missing test/* files.
Add copyrights
Various source and misc files.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

RT2630 -- segfault for int overlow
RT2877 -- check return values in apps/rand
Update CHANGES file for previous "windows rand" changes.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Swap the ordering of some code to avoid a leak in an error path.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Salt must be two ASCII characters.  Add tests to check for that,
and a test to test the checks.
Reviewed-by: NMatt Caswell <matt@openssl.org>

The -text argument to dhparam is broken, because the DHparams_print()
function always returns an error. The problem is that always expects a
public or private key to be present, even though that is never the case
with parameters.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

The -check argument to dhparam should never identify any problems if we
have just generated the parameters. Add a sanity check for this and print
an error and fail if necessary.

Also updates the documentation for the -check argument, and the DH_check()
function.

RT#4244
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Add missing error raise call, as it is done everywhere else.
and as CRYPTO_THREAD_lock_new don't do it internally.
Reviewed-by: NRichard Levitte <levitte@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>

When the "req" command is used to generate a new EC key using the -newkey
option it will incorrectly display:

 Generating a 2048 bit EC private key

This commit fixes the message to not display the bit length for EC keys
because we don't currently support getting that during generation.

GitHub Issue #1068
Reviewed-by: NRichard Levitte <levitte@openssl.org>

On OpenBSD we turn off async capabilities due to no ucontext.h.

RT#4379
Reviewed-by: NRichard Levitte <levitte@openssl.org>