This ensures that it's zeroed even if the SSL object is reused
(as in ssltest.c). It also ensures that it applies to DTLS, too.
Reviewed-by: NMatt Caswell <matt@openssl.org>

Reviewed-by: NDr. Stephen Henson <steve@openssl.org>

If no keyfile has been specified use the certificate file instead.

Fix typo: we need to check the chain is not NULL, not the chain file.
Reviewed-by: NMatt Caswell <matt@openssl.org>

(cherry picked from commit 786370b1b09b919d9306f27336e13783e4fe3fd0)

When no-ssl3 is set only make SSLv3 disabled by default. Retain -ssl3
options for s_client/s_server/ssltest.

When no-ssl3-method is set SSLv3_*method() is removed and all -ssl3
options.

We should document this somewhere, e.g. wiki, FAQ or manual page.
Reviewed-by: NEmilia Käsper <emilia@openssl.org>

Don't send or parse any extensions other than RI (which is needed
to handle secure renegotation) for SSLv3.
Reviewed-by: NMatt Caswell <matt@openssl.org>

The supported signature algorithms extension needs to be processed before
the certificate to use is decided and before a cipher is selected (as the
set of shared signature algorithms supported may impact the choice).
Reviewed-by: NMatt Caswell <matt@openssl.org>

(cherry picked from commit 56e8dc542bd693b2dccea8828b3d8e5fc6932d0c)

Conflicts:
	ssl/ssl.h
	ssl/ssl_err.c

Reviewed-by: NDr. Stephen Henson <steve@openssl.org>

Reviewed-by: NMatt Caswell <matt@openssl.org>

Reviewed-by: NDr. Stephen Henson <steve@openssl.org>

Reviewed-by: NDr. Stephen Henson <steve@openssl.org>

Don't attempt to access msg structure if recvmsg returns an error.

PR#3483
Reviewed-by: NStephen Henson <steve@openssl.org>
Reviewed-by: NTim Hudson <tjh@openssl.org>

Change-Id: I626d751f19f24df6b967c17498d6189cc0acb96c
Signed-off-by: NMike Bland <mbland@acm.org>
Signed-off-by: NGeoff Thorpe <geoff@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>

This is the only Makefile without SRC defined. This change enables a
standard Makefile include directive to cover crypto/jpake/*.d files.

This was automatically applied by AddSrcVarIfNeeded() in:
https://code.google.com/p/mike-bland/source/browse/openssl/update_makefiles.py

Change-Id: I030204a1bc873b5de5b06c8ddc0b94bb224c6650
Signed-off-by: NMike Bland <mbland@acm.org>
Signed-off-by: NGeoff Thorpe <geoff@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>

These correspond to targets of the same name in test/Makefile that clash when
using the single-makefile build method using GitConfigure and GitMake.

Change-Id: If7e900c75f4341b446608b6916a3d76f202026ea
Signed-off-by: NMike Bland <mbland@acm.org>
Signed-off-by: NGeoff Thorpe <geoff@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Before this change, variables for which a '=' appeared in the assignment would
be parsed as the entire string up until the final '='. For example:

  BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \

would result in the variable name "BUILD_CMD=shlib_target". This doesn't
appear to harm the current generation of MINFO, but creates problems for other
Makefile-related work I'm attempting.

Change-Id: I1f3a606d67fd5464bb459e8f36c23b3e967b77e1
Signed-off-by: NMike Bland <mbland@acm.org>
Signed-off-by: NGeoff Thorpe <geoff@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>

These are based on debug-ben-debug-64-clang and is intended to produce
consistent settings for folks involved in the unit testing effort detailed at:

http://wiki.openssl.org/index.php/Unit_Testing

-fsanitize has been removed from the set of clang flags for now. Apparently
clang 3.1, which ships with FreeBSD 9.1, completely ignores -fsanitize. Clang
3.3, which ships with FreeBSD 9.2, compiles with it, but fails to link due to
the absence of libasan:

http://lists.freebsd.org/pipermail/freebsd-hackers/2013-December/043995.html
https://www.mail-archive.com/cfe-commits@cs.uiuc.edu/msg92260.html
http://reviews.llvm.org/D2644

We need -Wno-error=unused-const-variable because of this error:
.../crypto/ec/ec_lib.c:74:19: error: unused variable 'EC_version' [-Werror,-Wunused-const-variable]
static const char EC_version[] = "EC" OPENSSL_VERSION_PTEXT;

Change-Id: I2cba53537137186114c083049ea1233550a741f9
Signed-off-by: NMike Bland <mbland@acm.org>
Signed-off-by: NGeoff Thorpe <geoff@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>

This fixes the errors when trying to assemble .s files using GitMake on OS X.

Change-Id: I2221f558619302d22e0c57d7203173d634155678
Signed-off-by: NMike Bland <mbland@acm.org>
Signed-off-by: NGeoff Thorpe <geoff@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>

cscope.out is generated by cscope as described in:
http://wiki.openssl.org/index.php/Testing_and_Development_Tools_and_Tips

.d files are compiler-generated Makefile dependency files (e.g. using
'gcc -MMD -MP foo.c').

Change-Id: I2338858a6b6ee0527837d10a8b55cff1689023fd
Signed-off-by: NMike Bland <mbland@acm.org>
Signed-off-by: NGeoff Thorpe <geoff@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Print out more details of the conection in ssltest specifically:
server certificate curve name for EC, server temporary key (if any)
and peer signing digest.
Reviewed-by: NMatt Caswell <matt@openssl.org>

Add command line support for SSL_CONF: server side arguments are
prefixed by -s_ (e.g. -s_no_ssl3) and client side with -c_.
Reviewed-by: NMatt Caswell <matt@openssl.org>

If the hash or public key algorithm is "undef" the signature type
will receive special handling and shouldn't be included in the
cross reference table.
Reviewed-by: NTim Hudson <tjh@openssl.org>

Out is the buffer which needs to contain at least inl + cipher_block_size - 1 bytes. Outl
is just an int*.
Reviewed-by: NEmilia Käsper <emilia@openssl.org>

PR#3535
Reviewed-by: NStephen Henson <steve@openssl.org>

Reviewed-by: NEmilia Käsper <emilia@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

This doesn't really fix the datarace but changes it so it can only happens
once. This isn't really a problem since we always just set it to the same
value. We now just stop writing it after the first time.

PR3584, https://bugs.debian.org/534534Signed-off-by: NKurt Roeckx <kurt@roeckx.be>
Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NMatt Caswell <matt@openssl.org>

PR: 3474
Reviewed-by: NKurt Roeckx <kurt@openssl.org>

The trial division and probable prime with coprime tests are disabled
on WIN32 builds because they use internal functions not exported from
the WIN32 DLLs.
Reviewed-by: NEmilia Käsper <emilia@openssl.org>

Reviewed-by: NTim Hudson <tjh@openssl.org>

Reviewed-by: NStephen Henson <steve@openssl.org>

Signed-off-by: NKurt Roeckx <kurt@roeckx.be>
Reviewed-by: NEmilia Käsper <emilia@openssl.org>

Tighten client-side session ticket handling during renegotiation:
ensure that the client only accepts a session ticket if the server sends
the extension anew in the ServerHello. Previously, a TLS client would
reuse the old extension state and thus accept a session ticket if one was
announced in the initial ServerHello.
Reviewed-by: NBodo Moeller <bodo@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NGeoff Thorpe <geoff@openssl.org>

SSL_set_SSL_CTX is used to change the SSL_CTX for SNI, keep the
supported signature algorithms and raw cipherlist.
Reviewed-by: NTim Hudson <tjh@openssl.org>

Reviewed-by: NTim Hudson <tjh@openssl.org>

Facilitate switch to custom scatter-gather routines. This modification
does not change algorithms, only makes it possible to implement
alternative. This is achieved by a) moving precompute table to assembly
(perlasm parses ecp_nistz256_table.c and is free to rearrange data to
match gathering algorithm); b) adhering to explicit scatter subroutine
(which for now is simply a memcpy). First implementations that will use
this option are 32-bit assembly implementations, ARMv4 and x86, where
equivalent of current read-whole-table-select-single-value algorithm
is too time-consuming. [On side note, switching to scatter-gather on
x86_64 would allow to improve server-side ECDSA performance by ~5%].
Reviewed-by: NBodo Moeller <bodo@openssl.org>

Reviewed-by: NSteve Marquess <marquess@openssl.org>