Reviewed-by: NAndy Polyakov <appro@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NAndy Polyakov <appro@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>

This is needed, because on VMS, select() can only be used on sockets.  being
able to use select() on all kinds of file descriptors is unique to Unix.

So, the solution for VMS is to create a layer that translates input from
standard input to socket communication.
Reviewed-by: NAndy Polyakov <appro@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

RT#4674 issue 2
Reviewed-by: NRich Salz <rsalz@openssl.org>

Resolves GH1515 and GH1509.
Reviewed-by: NMatt Caswell <matt@openssl.org>

RT#4674
Reviewed-by: NRich Salz <rsalz@openssl.org>

Add comments, document -valid option.
Add some const qualifiers.
Reviewed-by: NAndy Polyakov <appro@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1560)

Reviewed-by: NAndy Polyakov <appro@openssl.org>

it appears when using gcc/mingw:
```
apps/s_client.c:815:9: warning: variable 'at_eof' set but not used [-Wunused-but-set-variable]
     int at_eof = 0;
         ^~~~~~
```
Reviewed-by: NMatt Caswell <matt@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1512)

User can make Windows openssl.exe to treat command-line arguments
and console input as UTF-8 By setting OPENSSL_WIN32_UTF8 environment
variable (to any value). This is likely to be required for data
interchangeability with other OSes and PKCS#12 containers generated
with Windows CryptoAPI.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

OpenSSL versions before 1.1.0 didn't convert non-ASCII
UTF8 PKCS#12 passwords to Unicode correctly.

To correctly decrypt older files, if MAC verification fails
with the supplied password attempt to use the broken format
which is compatible with earlier versions of OpenSSL.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Ensure it is clear to the user why there has been an error.
Reviewed-by: NRich Salz <rsalz@openssl.org>

In apps/rsa.c, we were second guessing RSA_check_key() to leave error
codes lying around without returning -1 properly.  However, this also
catches other errors that are lying around and that we should not care
about.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NTim Hudson <tjh@openssl.org>

Signed-off-by: NKurt Roeckx <kurt@roeckx.be>
Reviewed-by: NRich Salz <rsalz@openssl.org>

GH: #1471

Code was relying on an implicit data-sharing through duplication of
loopargs_t pointer-members made by ASYNC_start_job().

Now share structure address instead of structure content.
Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>

Reviewed-by: NAndy Polyakov <appro@openssl.org>

The following would fail, or rather, freeze:

    openssl genrsa -out rsa2048.pem 2048
    openssl req -x509 -key rsa2048.pem -keyform PEM -out cert.pem

In that case, the second command wants to read a certificate request
from stdin, because -x509 wasn't fully flagged as being for creating
something new.  This changes makes it fully flagged.

RT#4655
Reviewed-by: NAndy Polyakov <appro@openssl.org>

Add mutable versions of X509_get0_notBefore and X509_get0_notAfter.

Rename X509_SIG_get0_mutable to X509_SIG_getm.
Reviewed-by: NViktor Dukhovni <viktor@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1475)

Reviewed-by: NRich Salz <rsalz@openssl.org>

Update certificate and CRL time routines to match new standard.
Reviewed-by: NRich Salz <rsalz@openssl.org>

The DANE API supports a DANE_FLAG_NO_DANE_EE_NAMECHECKS option, but
there was no way to exercise/enable it via s_client.  This commit
addresses that gap.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

... without any interruption.
Reviewed-by: NMatt Caswell <matt@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1468)

Reviewed-by: NRichard Levitte <levitte@openssl.org>
Reviewed-by: NStephen Henson <steve@openssl.org>

The error message said "dane_tlsa_rrset" instead of "dane_tlsa_rrdata".
Reviewed-by: NRich Salz <rsalz@openssl.org>

Constify X509_SIG_get0() and order arguments to mactch new standard.

Add X509_SIG_get0_mutable() to support modification or initialisation
of an X509_SIG structure.
Reviewed-by: NMatt Caswell <matt@openssl.org>

using util/openssl-format-source on s_derver, s_client, ca.c, speed.c only...

Fix/merge some #ifndef
Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>
Reviewed-by: NStephen Henson <steve@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
Reviewed-by: NStephen Henson <steve@openssl.org>