RT#3885

Reviewed-by: Rich Salz <rsalz@openssl.org>

Trouble is that LINK variable assignment in make-file interferes with
LINK environment variable, which can be used to modify Microsoft's
LINK.EXE behaviour.

RT#4289

Reviewed-by: Richard Levitte <levitte@openssl.org>

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

Reviewed-by: Tim Hudson <tjh@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Richard Levitte <levitte@openssl.org>

Commit 7823d792

 added DEFINE_LHASH_OF
to a C source file.  DEFINE_LHASH_OF() and DEFINE_STACK_OF() must
be used only in header files to avoid clang warnings for unused
static-inline functions.

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Richard Levitte <levitte@openssl.org>

To enable heartbeats for DTLS, configure with enable-heartbeats.
Heartbeats for TLS have been completely removed.

This addresses RT 3647

Reviewed-by: Richard Levitte <levitte@openssl.org>

Add utility macros REF_ASSERT_NOT and REF_PRINT_COUNT
This is also RT 4181

Reviewed-by: Richard Levitte <levitte@openssl.org>

Updated for 1.1 by Rich Salz

Reviewed-by: Richard Levitte <levitte@openssl.org>

Valgrind complains about using unitialized memory.  So call
OPENSSL_zalloc, not malloc.

Reviewed-by: Richard Levitte <levitte@openssl.org>

With this, Cygwin and Mingw builds stand a much better chance to be
able to build outside of the source tree with the unified build.

Reviewed-by: Rich Salz <rsalz@openssl.org>

On Windows POSIX layers, two files are produced for a shared library,
there's {shlibname}.dll and there's the import library {libname}.dll.a

On some/most Unix platforms, a {shlibname}.{sover}.so and a symlink
{shlibname}.so are produced.

For each of them, unix-Makefile.tmpl was entirely consistent on which
to have as a target when building a shared library or which to use as
dependency.

This change clears this up and makes it consistent, we use the
simplest form possible, {lib}.dll.a on Windows POSIX layers and
{shlibname}.so on Unix platforms.  No exception.

Reviewed-by: Rich Salz <rsalz@openssl.org>

PR#4246 and PR#4266

Reviewed-by: Rich Salz <rsalz@openssl.org>

Some keys are attached to the full RSA CSP which doesn't support SHA2
algorithms: uses the AES CSP if present.

Reviewed-by: Tim Hudson <tjh@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>

If someone runs a mixed unixmake / unified environment (the unified
build tree would obviously be out of the source tree), the unified
build will pick up on the unixmake crypto/buildinf.h because of
assumptions made around this sort of declaration (found in
crypto/build.info):

    DEPENDS[cversion.o]=buildinf.h

The assumption was that if such a header could be found in the source
tree, that was the one to depend on, otherwise it would assume it
should be in the build tree.

This change makes sure that sort of mix-up won't happen again.

Reviewed-by: Rich Salz <rsalz@openssl.org>

It's not necessary for a pristine source, and a developer that makes
changes usually knows what to do.

Also, there was this mechanism that would do a "make depend"
automatically which hasn't been used for so many years.  Removed as
well.

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>

clean up and apply patches from RT-2275

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

Noticed by Claus Assmann <ca+ssl-dev@esmtp.org>

Reviewed-by: Richard Levitte <levitte@openssl.org>

Reviewed-by: Richard Levitte <levitte@openssl.org>

Make OPENSSL_INIT_SETTINGS an opaque structure.
Reviewed-by: Richard Levitte <levitte@openssl.org>

Some files in crypto/bn depend on internal/bn_conf.h, and so does
test/bntest.  Therefore, we add another inclusion directory.

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

As noted already, some platforms don't fill in ai_protocol as
expected.  To circumvent that, we have BIO_ADDRINFO_protocol() to
compute a sensible answer in that case.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Error codes are printed in hex, and previous OpenSSL versions expected
the error codes to be provided to errstr in hex. In 1.1.0, for some
reason, it was expecting them to be decimal.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Richard Levitte <levitte@openssl.org>

If asn1parse doesn't like a structure print out the content octets
for diagnostic purposes.

Reviewed-by: Richard Levitte <levitte@openssl.org>

The functions that have been deprecated by the auto init changes are
now guarded with deprecation checks, so it's fairly easy to see if
they can be used.

In test/dtlsv1listentest, we simply remove all init and cleanup code,
as they are call automatically when needed.

Reviewed-by: Matt Caswell <matt@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Matt Caswell <matt@openssl.org>

Reviewed-by: Richard Levitte <levitte@openssl.org>

Because some platforms won't will in any value in ai_protocol, there's
no point using it if we already know what it should be.

Reviewed-by: Rich Salz <rsalz@openssl.org>

It seems that some platforms' getaddrinfo don't fill in the
ai_protocol field properly.  On those, the assertion
'protocol == BIO_ADDRINFO_protocol(res)' will fail.  Best to remove
it.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Update ciphers documentation as well (based on -04 rev of ID).

Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>

RT: #4206, GH: #642

Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>

GH: #630