Reviewed-by: NEmilia Käsper <emilia@openssl.org>

Reviewed-by: NTim Hudson <tjh@openssl.org>

Fix a bug in handling of 128 byte long PSK identity in
psk_client_callback.

OpenSSL supports PSK identities of up to (and including) 128 bytes in
length. PSK identity is obtained via the psk_client_callback,
implementors of which are expected to provide a NULL-terminated
identity. However, the callback is invoked with only 128 bytes of
storage thus making it impossible to return a 128 byte long identity and
the required additional NULL byte.

This CL fixes the issue by passing in a 129 byte long buffer into the
psk_client_callback. As a safety precaution, this CL also zeroes out the
buffer before passing it into the callback, uses strnlen for obtaining
the length of the identity returned by the callback, and aborts the
handshake if the identity (without the NULL terminator) is longer than
128 bytes.

(Original patch amended to achieve strnlen in a different way.)
Reviewed-by: NRich Salz <rsalz@openssl.org>

string returns 0 with errno = ENOENT.
Reviewed-by: NAndy Polyakov <appro@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>
Reviewed-by: NAndy Polyakov <appro@openssl.org>

Can't really happen, but the flow of control isn't obvious.
Add an initializer.
Reviewed-by: NMatt Caswell <matt@openssl.org>

"inline" without static is not correct as the compiler may choose to ignore it
and will then either emit an external definition, or expect one.
Reviewed-by: NGeoff Thorpe <geoff@openssl.org>

Reviewed-by: NTim Hudson <tjh@openssl.org>

RT842, closed back in 2004, changed the default serial number
to be a random number rather than zero.  Finally time to update
the doc
Reviewed-by: NTim Hudson <tjh@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Add .crt/.cer/.crl to the filenames parsed.

I also updated the podpage (since it didn't exist when
this ticket was first created, nor when it was re-created
seven years later).
Reviewed-by: NTim Hudson <tjh@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NAndy Polyakov <appro@openssl.org>

Andy pointed out there is also darwin64, so tweak the pattern.
Reviewed-by: NAndy Polyakov <appro@openssl.org>

Re-order algorithm list.
Be consistent in command synopsis.
Add content about signing.
Add EXAMPLE section
Add some missing options: -r, -fips-fingerprint -non-fips-allow
Various other fixes.
Reviewed-by: NAndy Polyakov <appro@openssl.org>

Andy found an additional typo "can be can be".
Now I have that silly "Que sera sera" song stuck in my head.
Reviewed-by: NAndy Polyakov <appro@openssl.org>

Add the file written by James Westby, graciously contributed
under the terms of the OpenSSL license.
Reviewed-by: NAndy Polyakov <appro@openssl.org>

New option allows to perform benchmarks on misaligned data.
Reviewed-by: NRich Salz <rsalz@openssl.org>

The doc says that port can be "*" to mean any port.
That's wrong.
Reviewed-by: NDr. Stephen Henson <steve@openssl.org>

PR2693
Reviewed-by: NTim Hudson <tjh@openssl.org>

Add Darwin to list of case-insensitive filenames when
installing manapges.  When doing this, I noticed that
we weren't setting "filecase" for the HTML doc install.
Reviewed-by: NDr. Stephen Henson <steve@openssl.org>

Make X509_REQ_print_ex do the same thing that
X509_REQ_print does.
Reviewed-by: NMatt Caswell <matt@openssl.org>

RT1665: aes documentation.

Paul Green wrote a nice aes.pod file.
But we now encourage the EVP interface.
So I took his RT item and used it as impetus to add
the AES modes to EVP_EncryptInit.pod
I also noticed that rc4.pod has spurious references to some other
cipher pages, so I removed them.

RT2300: Clean up MD history (merged into RT1665)

Put HISTORY section only in EVP_DigestInit.pod. Also add words
to discourage use of older cipher-specific API, and remove SEE ALSO
links that point to them.

Make sure digest pages have a NOTE that says use EVP_DigestInit.

Review feedback:
More cleanup in EVP_EncryptInit.pod
Fixed SEE ALSO links in ripemd160.pod, sha.pod, mdc2.pod, blowfish.pod,
rc4.d, and des.pod.  Re-order sections in des.pod for consistency
Reviewed-by: NMatt Caswell <matt@openssl.org>

Problem with #ifdef in the BIO_CTRL_DGRAM_MTU_DISCOVER case that
is different from the BIO_CTRL_DGRAM_QUERY_MTU one which seems
correct.
Reviewed-by: NMatt Caswell <matt@openssl.org>

Also moved some options around so all the "verify" options.
are clumped together.
Reviewed-by: NMatt Caswell <matt@openssl.org>

Fix comments in ssltest.c: return value of 0 now means extension is
omitted and add_cb is not called for servers if the corresponding
extension is absent in ClientHello.

Test add_cb is not called if extension is not received.
Reviewed-by: NEmilia Käsper <emilia@openssl.org>

Reviewed-by: NEmilia Käsper <emilia@openssl.org>

Reviewed-by: NEmilia Käsper <emilia@openssl.org>

Instead of SSL_CTX_set_custom_cli_ext and SSL_CTX_set_custom_srv_ext
use SSL_CTX_add_client_custom_ext and SSL_CTX_add_server_custom_ext.
Reviewed-by: NEmilia Käsper <emilia@openssl.org>

Reviewed-by: NEmilia Käsper <emilia@openssl.org>

Support separate parse and add callback arguments.
Add new callback so an application can free extension data.
Change return value for send functions so < 0 is an error 0
omits extension and > 0 includes it. This is more consistent
with the behaviour of other functions in OpenSSL.

Modify parse_cb handling so <= 0 is an error.

Make SSL_CTX_set_custom_cli_ext and SSL_CTX_set_custom_cli_ext argument
order consistent.

NOTE: these changes WILL break existing code.

Remove (now inaccurate) in line documentation.
Reviewed-by: NEmilia Käsper <emilia@openssl.org>

Use "parse" and "add" for function and callback names instead of
"first" and "second".

Change arguments to callback so the extension type is unsigned int
and the buffer length is size_t. Note: this *will* break existing code.
Reviewed-by: NEmilia Käsper <emilia@openssl.org>

Since sanity checks are performed for all custom extensions the
serverinfo checks are no longer needed.
Reviewed-by: NEmilia Käsper <emilia@openssl.org>

Reject attempts to use extensions handled internally.

Add flags to each extension structure to indicate if an extension
has been sent or received. Enforce RFC5246 compliance by rejecting
duplicate extensions and unsolicited extensions and only send a
server extension if we have sent the corresponding client extension.
Reviewed-by: NEmilia Käsper <emilia@openssl.org>

Use the same structure for client and server custom extensions.

Add utility functions in new file t1_ext.c.
Use new utility functions to handle custom server and client extensions
and remove a lot of code duplication.
Reviewed-by: NEmilia Käsper <emilia@openssl.org>

Reviewed-by: NGeoff Thorpe <geoff@openssl.org>

Pull constant-time methods out to a separate header, add tests.
Reviewed-by: NBodo Moeller <bodo@openssl.org>

Reviewed-by: NTim Hudson <tjh@openssl.org>