The CMS test uses some RC2 keys which should be skipped if the RC2 is
disabled.

Reviewed-by: Richard Levitte <levitte@openssl.org>

OCB is AEAD capable but was not marked as such with the
EVP_CIPH_FLAG_AEAD_CIPHER flag.

Reviewed-by: Andy Polyakov <appro@openssl.org>

If a call to EVP_DecryptUpdate fails then a memory leak could occur.
Ensure that the memory is freed appropriately.

Issue reported by Guido Vranken.

Reviewed-by: Richard Levitte <levitte@openssl.org>

There is a potential double free in EVP_DigestInit_ex. This is believed
to be reached only as a result of programmer error - but we should fix it
anyway.

Issue reported by Guido Vranken.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

Add note about when EVP_CIPHER_CTX_set_padding should be called.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

Don't refer to INSTALL files that don't exist any more.
Make it clear that the libssl and libcrypto libraries may be named
differently on different platforms.

Reviewed-by: Rich Salz <rsalz@openssl.org>

Document them as well

Reviewed-by: Andy Polyakov <appro@openssl.org>

Reviewed-by: Richard Levitte <levitte@openssl.org>

With all the config changes, mk1mf is broken on Windows.

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Andy Polyakov <appro@openssl.org>

On Windows, we set INSTALLTOP to default as follows:

  VC-WIN32:

    PREFIX:     %ProgramFiles(x86)%\OpenSSL
    OPENSSLDIR: %CommonProgramFiles(x86)%\SSL

  VC-WIN64*:

    PREFIX:     %ProgramW6432%\OpenSSL
    OPENSSLDIR: %CommonProgramW6432%\SSL

Should those environment variables be missing, the following is used
as fallback:

    PREFIX:     %ProgramFiles%\OpenSSL
    OPENSSLDIR: %CommonProgramFiles%\SSL

Reviewed-by: Andy Polyakov <appro@openssl.org>

The TLSv1.0 form is retained for reporting the first protocol version
that supports a given cupher.

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Richard Levitte <levitte@openssl.org>

Borland C++ 4.5 is very old and our "support" for it is already
non-existent, we might as well remove it.

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Richard Levitte <levitte@openssl.org>

This is a living document, everyone is encouraged to add to it.
Implementation details as well as broader implementation philosophy
has a place here.

I'm starting with documentation of the how conditions in build.info
files are treated.

Reviewed-by: Rich Salz <rsalz@openssl.org>

This is only enabled when the environment variable
CONFIGURE_DEBUG_BUILDINFO is defined.  This will cause every line in
every build.info file to be displayed, along with the content of the
skip stack before and after parsing.  This can be a very powerful tool
to see that all conditions are working as expected.

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Tim Hudson <tjh@openssl.org>

In most builds, we can assume that engines live in the build tree
subdirectory "engines".  This was hard coded into the tests that use
the engine ossltest.

However, that hard coding is tedious, it would need to be done in
every test recipe, and it's an incorrect assumption in some cases.

This change has us play it safe and let the build files tell the
testing framework where the engines are.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reduces #ifdef complexity.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

There was one spot that had hard-coded 'perl'

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Emilia Käsper <emilia@openssl.org>

Reviewed-by: Emilia Käsper <emilia@openssl.org>

Some platforms claim to be POSIX but their getcontext() implementation
does not work. Therefore we update the ASYNC_is_capable() function to test
for this.

RT#4366

Reviewed-by: Richard Levitte <levitte@openssl.org>

util/mkdef.pl assumes it knows what the resulting library name will
be.  Really, it shouldn't, but changing it will break classic native
Windows builds, so we leave it for now and change the LIBRARY line
externally when needed instead.

Reviewed-by: Matt Caswell <matt@openssl.org>

When building the DLLs, we depend on the correct default C RTL info.

Reviewed-by: Matt Caswell <matt@openssl.org>

Reviewed-by: Matt Caswell <matt@openssl.org>

- Remove duplicate entry
- Add author for SSL_CIPHER query functions
- Note HKDF support in CHANGES and NEWS

[ci skip]

Reviewed-by: Richard Levitte <levitte@openssl.org>

Normally we always refer to source files relative to $SRCDIR in Makefiles.
However the reference to unix-Makefile.tmpl was using a fully expanded
absolute path. This can cause problems for Mingw.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

We don't currently support cross-compiling of the afalg engine. However
we were failing to explicitly mark it as disabled during Configure leading
to a failed build.

Reviewed-by: Richard Levitte <levitte@openssl.org>

TLSProxy starts s_server and specifies the number of client connects
it should expect. After that s_server is supposed to close down
automatically. However, if another test is then run then TLSProxy
will start a new instance of s_server. If the previous instance
hasn't closed down yet then the new instance can fail to bind to
the socket.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Reviewed-by: Richard Levitte <levitte@openssl.org>

Reviewed-by: Andy Polyakov <appro@openssl.org>

Reviewed-by: Andy Polyakov <appro@openssl.org>

Make doesn't always treat multiline quoted strings as nicely as one
would wish.

Reviewed-by: Andy Polyakov <appro@openssl.org>

In unix-Makefile.tmpl, this construction has been used a few times

	if ! something; then ...

It seems, though, that some shells do not understand !, so these need
to be changed.

Reviewed-by: Rich Salz <rsalz@openssl.org>