apps/progs.pl counted on the caller to provide the exact command
files.  The unified build doesn't have that knowledge, and the easier
and more flexible thing to do is to feed it all the apps/*.c files and
let it figure out the command names by looking inside (looking for
/int ([a-z0-9][a-z0-9_]*)_main\(int argc,/).

Also, add it to the generate command, since it's a versioned file.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NViktor Dukhovni <viktor@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Once upon a time, there was chop, which somply chopped off the last
character of $_ or a given variable, and it was used to take off the
EOL character (\n) of strings.

... but then, you had to check for the presence of such character.

So came chomp, the better chop which checks for \n before chopping it
off.  And this worked well, as long as Perl made internally sure that
all EOLs were converted to \n.

These days, though, there seems to be a mixture of perls, so lines
from files in the "wrong" environment might have \r\n as EOL, or just
\r (Mac OS, unless I'm misinformed).

So it's time we went for the more generic variant and use s|\R$||, the
better chomp which recognises all kinds of known EOLs and chops them
off.

A few chops were left alone, as they are use as surgical tools to
remove one last slash or one last comma.

NOTE: \R came with perl 5.10.0.  It means that from now on, our
scripts will fail with any older version.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NViktor Dukhovni <viktor@openssl.org>

Remove support for static ECDH ciphersuites. They require ECDH keys
in certificates and don't support forward secrecy.
Reviewed-by: NViktor Dukhovni <viktor@openssl.org>

RT#3885
Reviewed-by: NRich Salz <rsalz@openssl.org>

Trouble is that LINK variable assignment in make-file interferes with
LINK environment variable, which can be used to modify Microsoft's
LINK.EXE behaviour.

RT#4289
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NViktor Dukhovni <viktor@openssl.org>

Reviewed-by: NTim Hudson <tjh@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Commit 7823d792 added DEFINE_LHASH_OF
to a C source file.  DEFINE_LHASH_OF() and DEFINE_STACK_OF() must
be used only in header files to avoid clang warnings for unused
static-inline functions.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

To enable heartbeats for DTLS, configure with enable-heartbeats.
Heartbeats for TLS have been completely removed.

This addresses RT 3647
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Add utility macros REF_ASSERT_NOT and REF_PRINT_COUNT
This is also RT 4181
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Updated for 1.1 by Rich Salz
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Valgrind complains about using unitialized memory.  So call
OPENSSL_zalloc, not malloc.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

With this, Cygwin and Mingw builds stand a much better chance to be
able to build outside of the source tree with the unified build.
Reviewed-by: NRich Salz <rsalz@openssl.org>

On Windows POSIX layers, two files are produced for a shared library,
there's {shlibname}.dll and there's the import library {libname}.dll.a

On some/most Unix platforms, a {shlibname}.{sover}.so and a symlink
{shlibname}.so are produced.

For each of them, unix-Makefile.tmpl was entirely consistent on which
to have as a target when building a shared library or which to use as
dependency.

This change clears this up and makes it consistent, we use the
simplest form possible, {lib}.dll.a on Windows POSIX layers and
{shlibname}.so on Unix platforms.  No exception.
Reviewed-by: NRich Salz <rsalz@openssl.org>

PR#4246 and PR#4266
Reviewed-by: NRich Salz <rsalz@openssl.org>

Some keys are attached to the full RSA CSP which doesn't support SHA2
algorithms: uses the AES CSP if present.
Reviewed-by: NTim Hudson <tjh@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

If someone runs a mixed unixmake / unified environment (the unified
build tree would obviously be out of the source tree), the unified
build will pick up on the unixmake crypto/buildinf.h because of
assumptions made around this sort of declaration (found in
crypto/build.info):

    DEPENDS[cversion.o]=buildinf.h

The assumption was that if such a header could be found in the source
tree, that was the one to depend on, otherwise it would assume it
should be in the build tree.

This change makes sure that sort of mix-up won't happen again.
Reviewed-by: NRich Salz <rsalz@openssl.org>

It's not necessary for a pristine source, and a developer that makes
changes usually knows what to do.

Also, there was this mechanism that would do a "make depend"
automatically which hasn't been used for so many years.  Removed as
well.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

clean up and apply patches from RT-2275
Signed-off-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Noticed by Claus Assmann <ca+ssl-dev@esmtp.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Make OPENSSL_INIT_SETTINGS an opaque structure.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Some files in crypto/bn depend on internal/bn_conf.h, and so does
test/bntest.  Therefore, we add another inclusion directory.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NKurt Roeckx <kurt@openssl.org>

As noted already, some platforms don't fill in ai_protocol as
expected.  To circumvent that, we have BIO_ADDRINFO_protocol() to
compute a sensible answer in that case.
Reviewed-by: NKurt Roeckx <kurt@openssl.org>

Error codes are printed in hex, and previous OpenSSL versions expected
the error codes to be provided to errstr in hex. In 1.1.0, for some
reason, it was expecting them to be decimal.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

If asn1parse doesn't like a structure print out the content octets
for diagnostic purposes.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

The functions that have been deprecated by the auto init changes are
now guarded with deprecation checks, so it's fairly easy to see if
they can be used.

In test/dtlsv1listentest, we simply remove all init and cleanup code,
as they are call automatically when needed.
Reviewed-by: NMatt Caswell <matt@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>