Remove some unused files.
Rename doc-nit-check to be consistent.
Add check for multiple #include in synopsis.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Since one generates files that the other depends on, there's no
real reason to keep them separate.  Since they were both different
aspects of 'openssl req', the merge ends up in 25-test_req.t.

This also makes cleanup easier.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Needed to get size_t on Windows
Reviewed-by: NRich Salz <rsalz@openssl.org>

Needed to get size_t
Reviewed-by: NRich Salz <rsalz@openssl.org>

Needed to get the needed declarations for STACK_OF(X509)
Reviewed-by: NRich Salz <rsalz@openssl.org>

Generate small test programs to check that external programs can be
built with our stuff at a very basic level.

For now, they check that each of our header files can be included
individually without compile failure.
Reviewed-by: NRich Salz <rsalz@openssl.org>

According to the x509 man page in the section discussing -certopt it says
that the ca_default option is the same as that used by the ca utility and
(amongst other things) has the effect of suppressing printing of the
signature - but in fact it doesn't. This error seems to have been present
since the documentation was written back in 2001. It never had this effect.

The default config file sets the certopt value to ca_default. The ca utility
takes that and THEN adds additional options to suppress printing of the
signature. So the ca utility DOES suppress printing of the signature - but
it is not as a result of using the ca_default option.

GitHub Issue #247
Reviewed-by: NRich Salz <rsalz@openssl.org>

If the string to print is exactly 2048 character long (excluding the NULL
terminator) then BIO_printf will chop off the last byte. This is because
it has filled its static buffer but hasn't yet allocated a dynamic buffer.
In cases where we don't have a dynamic buffer we need to truncate but that
is not the case for BIO_printf(). We need to check whether we are able to
have a dynamic buffer buffer deciding to truncate.
Reviewed-by: NRich Salz <rsalz@openssl.org>

zapparams modification based on tip from Matt Caswell

RT#3198
Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>

The ssl3_init_finished_mac() function can fail, in which case we need to
propagate the error up through the stack.

RT#3198
Reviewed-by: NRich Salz <rsalz@openssl.org>

Fill out the INSTALL instructions with more information on Configure
arguments, environment variables and Makefile targets.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Use STATUS_SUCCESS instead of 0.
Renamed USE_BCRYPT to RAND_WINDOWS_USE_BCRYPT to avoid possible collisions with other defines.
Reviewed-by: NMatt Caswell <matt@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1142)

Adds missing casts for 64-bit.
Removed zero initialization of hProvider. hProvider is an "out" parameter of CryptAcquireContextW.
Reviewed-by: NMatt Caswell <matt@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1142)

Define USE_BCRYPT
Removed _WIN32_WINNT define
Reviewed-by: NMatt Caswell <matt@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1142)

When openssl is compiled with MSVC and _WIN32_WINNT>=0x0601 (Windows 7), BCryptGenRandom is used instead of the legacy CryptoAPI.

This change brings the following benefits:
- Removes dependency on CryptoAPI (legacy API) respectively advapi32.dll
- CryptoAPI Cryptographic Service Providers (rsa full) are not dynamically loaded.
- Allows Universal Windows Platform (UWP) apps to use openssl (CryptGenRandom is not available for Windows store apps)
Reviewed-by: NMatt Caswell <matt@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1142)

Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Tweak to the wording on merge commits.
Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Fix some typos and other minor amendments to NOTES.PERL.
Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Make the recommendation for MSYS perl in an MSYS environment more forceful.
Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Fix typos and clarify a few things in the CONTRIBUTING file.
Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>

The README file was a little out of date so needed a refresh
Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>

The problem is the checking in policy_cache_set, there is a race
condition between the null check and obtaining the lock.  The fix is in
policy_cache_new to detect if the creation has happened already.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

RT#4557
Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Port client auth tests to the new framework, add coverage. The old tests
were only testing success, and only for some protocol versions; the new
tests add all protocol versions and various failure modes.
Reviewed-by: NRich Salz <rsalz@openssl.org>

_ctr32 in function name refers to 32-bit counter, but it was implementing
64-bit one. This didn't pose problem to EVP, but 64-bit counter was just
misleading.

RT#4512
Reviewed-by: NRichard Levitte <levitte@openssl.org>

This is needed to generate stable output names/symlinks.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Include a note in INSTALL that tests must be run from an unprivileged
process.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Numerous test failures were occuring when Configured with enable-ubsan
although they could all be traced back to one issue.
Reviewed-by: NAndy Polyakov <appro@openssl.org>

Also fixes -Wstrict-oveflow warning on this file.

RT#4474 (partial)
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Adapt util/process_docs.pl
Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NMatt Caswell <matt@openssl.org>

The S symbol class wasn't checked.

Notified by Sebastian Andrzej Siewior
Reviewed-by: NTim Hudson <tjh@openssl.org>

checkpoint before release.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

The set_reasons() function in v3_crld.c leaks a STACK_OF(CONF_VALUE)
object on an error path.
Reviewed-by: NRichard Levitte <levitte@openssl.org>