Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4431)

Reviewed-by: NRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2208)

Reviewed-by: NRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2079)

Split x509_verify_param_zero code to the right place
Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>

This reverts commit 81f9ce1e.
Reviewed-by: NMatt Caswell <matt@openssl.org>

Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1594)

Reviewed-by: NRichard Levitte <levitte@openssl.org>

This change also avoids calling strlen twice when srclen is 0
Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

A new X509_VERIFY_PARAM_set_auth_level() function sets the
authentication security level.  For verification of SSL peers, this
is automatically set from the SSL security level.  Otherwise, for
now, the authentication security level remains at (effectively) 0
by default.

The new "-auth_level" verify(1) option is available in all the
command-line tools that support the standard verify(1) options.

New verify(1) tests added to check enforcement of chain signature
and public key security levels.  Also added new tests of enforcement
of the verify_depth limit.

Updated documentation.
Reviewed-by: NDr. Stephen Henson <steve@openssl.org>

This includes basic constraints, key usages, issuer EKUs and auxiliary
trust OIDs (given a trust suitably related to the intended purpose).

Added tests and updated documentation.
Reviewed-by: NDr. Stephen Henson <steve@openssl.org>

This was done by the following
        find . -name '*.[ch]' | /tmp/pl
where /tmp/pl is the following three-line script:
        print unless $. == 1 && m@/\* .*\.[ch] \*/@;
        close ARGV if eof; # Close file to reset $.

And then some hand-editing of other files.
Reviewed-by: NViktor Dukhovni <viktor@openssl.org>

While empty inputs to SSL_set1_host() clear the reference identifier
list.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Also tweak some of the code in demos/bio, to enable interactive
testing of BIO_s_accept's use of SSL_dup.  Changed the sconnect
client to authenticate the server, which now exercises the new
SSL_set1_host() function.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Rename BUF_{strdup,strlcat,strlcpy,memdup,strndup,strnlen}
to OPENSSL_{strdup,strlcat,strlcpy,memdup,strndup,strnlen}
Add #define's for the old names.
Add CRYPTO_{memdup,strndup}, called by OPENSSL_{memdup,strndup} macros.
Reviewed-by: NTim Hudson <tjh@openssl.org>

Now that X509_VERIFY_PARAM is opaque X509_VERIFY_PARAM_ID is no longer
needed.
Reviewed-by: NTim Hudson <tjh@openssl.org>

Continuing from previous commit ensure our style is consistent for malloc
return checks.
Reviewed-by: NKurt Roeckx <kurt@openssl.org>

There are many places (nearly 50) where we malloc and then memset.
Add an OPENSSL_zalloc routine to encapsulate that.
(Missed one conversion; thanks Richard)
Also fixes GH328
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Initialize pointers in param id by the book (explicit NULL assignment,
rather than just memset 0).

In x509_verify_param_zero() set peername to NULL after freeing it.

In x509_vfy.c's internal check_hosts(), avoid potential leak of
possibly already non-NULL peername.  This is only set when a check
succeeds, so don't need to do this repeatedly in the loop.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

There are header files in crypto/ that are used by a number of crypto/
submodules.  Move those to crypto/include/internal and adapt the
affected source code and Makefiles.

The header files that got moved are:

crypto/cryptolib.h
crypto/md32_common.h
Reviewed-by: NRich Salz <rsalz@openssl.org>

For a local variable:
        TYPE *p;
Allocations like this are "risky":
        p = OPENSSL_malloc(sizeof(TYPE));
if the type of p changes, and the malloc call isn't updated, you
could get memory corruption.  Instead do this:
        p = OPENSSL_malloc(sizeof(*p));
Also fixed a few memset() calls that I noticed while doing this.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Was memset with wrong sizeof.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Add OSSL_NELEM macro to e_os.h to determine the number of elements in an
array.
Reviewed-by: NTim Hudson <tjh@openssl.org>

Use sizeof *foo parameter, to avoid these errors.
Reviewed-by: NViktor Dukhovni <viktor@openssl.org>

After the finale, the "real" final part. :)  Do a recursive grep with
"-B1 -w [a-zA-Z0-9_]*_free" to see if any of the preceeding lines are
an "if NULL" check that can be removed.
Reviewed-by: NTim Hudson <tjh@openssl.org>

Don't check for NULL before calling OPENSSL_free
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Don't check for NULL before calling a free routine.  This gets X509_.*free:
    x509_name_ex_free X509_policy_tree_free X509_VERIFY_PARAM_free
    X509_STORE_free X509_STORE_CTX_free X509_PKEY_free
    X509_OBJECT_free_contents X509_LOOKUP_free X509_INFO_free
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Do not check for NULL before calling a free routine.  This addresses:
    ASN1_BIT_STRING_free ASN1_GENERALIZEDTIME_free ASN1_INTEGER_free
    ASN1_OBJECT_free ASN1_OCTET_STRING_free ASN1_PCTX_free ASN1_SCTX_free
    ASN1_STRING_clear_free ASN1_STRING_free ASN1_TYPE_free
    ASN1_UTCTIME_free M_ASN1_free_of
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NViktor Dukhovni <openssl-users@dukhovni.org>

Reviewed-by: NTim Hudson <tjh@openssl.org>

indent will not alter them when reformatting comments
Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>

Reduces number of silly casts in OpenSSL code and likely most
applications.  Consistent with (char *) for "peername" value from
X509_check_host() and X509_VERIFY_PARAM_get0_peername().

Declaration, memory management, accessor and documentation.

Implemented as STACK_OF(OPENSSL_STRING).

Just store NUL-terminated strings.  This works better when we add
support for multiple hostnames.

Fixes to host checking wild card support and add support for
setting host checking flags when verifying a certificate
chain.

Move the IP, email and host checking fields from the public
X509_VERIFY_PARAM structure into an opaque X509_VERIFY_PARAM_ID
structure. By doing this the structure can be modified in future
without risk of breaking any applications.
(cherry picked from commit adc6bd73e3bd10ce6e76867482e8d137071298d7)

Conflicts:

	crypto/x509/x509_vpm.c

Add new verify options to set checks.

Remove previous -check* commands from s_client and s_server.