Reviewed-by: Emilia Käsper <emilia@openssl.org>

Reviewed-by: Emilia Käsper <emilia@openssl.org>

Some platforms claim to be POSIX but their getcontext() implementation
does not work. Therefore we update the ASYNC_is_capable() function to test
for this.

RT#4366

Reviewed-by: Richard Levitte <levitte@openssl.org>

util/mkdef.pl assumes it knows what the resulting library name will
be.  Really, it shouldn't, but changing it will break classic native
Windows builds, so we leave it for now and change the LIBRARY line
externally when needed instead.

Reviewed-by: Matt Caswell <matt@openssl.org>

When building the DLLs, we depend on the correct default C RTL info.

Reviewed-by: Matt Caswell <matt@openssl.org>

Reviewed-by: Matt Caswell <matt@openssl.org>

- Remove duplicate entry
- Add author for SSL_CIPHER query functions
- Note HKDF support in CHANGES and NEWS

[ci skip]

Reviewed-by: Richard Levitte <levitte@openssl.org>

Normally we always refer to source files relative to $SRCDIR in Makefiles.
However the reference to unix-Makefile.tmpl was using a fully expanded
absolute path. This can cause problems for Mingw.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

We don't currently support cross-compiling of the afalg engine. However
we were failing to explicitly mark it as disabled during Configure leading
to a failed build.

Reviewed-by: Richard Levitte <levitte@openssl.org>

TLSProxy starts s_server and specifies the number of client connects
it should expect. After that s_server is supposed to close down
automatically. However, if another test is then run then TLSProxy
will start a new instance of s_server. If the previous instance
hasn't closed down yet then the new instance can fail to bind to
the socket.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Reviewed-by: Richard Levitte <levitte@openssl.org>

Reviewed-by: Andy Polyakov <appro@openssl.org>

Reviewed-by: Andy Polyakov <appro@openssl.org>

Make doesn't always treat multiline quoted strings as nicely as one
would wish.

Reviewed-by: Andy Polyakov <appro@openssl.org>

In unix-Makefile.tmpl, this construction has been used a few times

	if ! something; then ...

It seems, though, that some shells do not understand !, so these need
to be changed.

Reviewed-by: Rich Salz <rsalz@openssl.org>

This commit adds the general verify options of ocsp, verify,
cms, etc. to the openssl timestamping app as suggested by
Stephen N. Henson in [openssl.org #4287]. The conflicting
"-policy" option of "openssl ts" has been renamed to
"-tspolicy". Documentation and tests have been updated.

CAVE: This will break code, which currently uses the "-policy"
option.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

Reviewed-by: Richard Levitte <levitte@openssl.org>

Reviewed-by: Matt Caswell <matt@openssl.org>

OPENSSL_INIT_ONCE and OPENSSL_INIT_ONCE_STATIC_INIT are really
CRYPTO_ONCE and CRYPTO_ONCE_STATIC_INIT.

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Richard Levitte <levitte@openssl.org>

Reviewed-by: Richard Levitte <levitte@openssl.org>

Also make it possible to disable afalg separately.

we still need to update config again

Reviewed-by: Richard Levitte <levitte@openssl.org>

Reviewed-by: Stephen Henson <steve@openssl.org>

Reviewed-by: Richard Levitte <levitte@openssl.org>

Reviewed-by: Richard Levitte <levitte@openssl.org>

Reviewed-by: Richard Levitte <levitte@openssl.org>

Reviewed-by: Richard Levitte <levitte@openssl.org>

but not if there is reference to empty variable.

Reviewed-by: Richard Levitte <levitte@openssl.org>

There are internal dependencies between the various cleanup functions.
This re-orders things to try and get that right.

Reviewed-by: Richard Levitte <levitte@openssl.org>

OBJ_cleanup() doesn't always get called from EVP_cleanup() so needs to be
explicitly called in de-init. Also BIO_sock_cleanup() also needs to be
called.

Reviewed-by: Richard Levitte <levitte@openssl.org>

With bash and zsh, the trap on the 5 second read does respond, but
doesn't break out of the read.  What's worse is that it takes away the
5 second timer, and therefore has the read hang indefinitely and
(almost) unbreakable.

Having the trap do 'exit 0' after reseting the tty params has it break
out of read and continue with the configuration.

Other shells do not appear to have the issue described here, but
neither does the extra 'exit 0' appear to harm them.

Reviewed-by: Andy Polyakov <appro@openssl.org>

Reviewed-by: Andy Polyakov <appro@openssl.org>

Reviewed-by: Andy Polyakov <appro@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

Document EVP_PKEY_id() and EVP_PKEY_base_id().

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

A couple of '$(PERLASM_SCHEM' had sneaked in.

Reviewed-by: Tim Hudson <tjh@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>

The reason to do so is that some of the generators detect PIC flags
like -fPIC and -KPIC, and those are normally delivered in LD_CFLAGS.

Reviewed-by: Rich Salz <rsalz@openssl.org>