Reviewed-by: Emilia Käsper <emilia@openssl.org>

Reviewed-by: Emilia Käsper <emilia@openssl.org>

Reviewed-by: Emilia Käsper <emilia@openssl.org>

Inspired by BoringSSL commit 517073cd4b by Eric Roman <eroman@chromium.org>

CVE-2015-0209

Reviewed-by: Emilia Käsper <emilia@openssl.org>

called evp_test.c, so I have called this one evp_extra_test.c

Reviewed-by: Emilia Käsper <emilia@openssl.org>

Conflicts:
	crypto/evp/Makefile
	test/Makefile

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 384dee51)

Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 775b669d)

The typo doesn't affect supported configuration, only unsupported masm.

Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 3372c4ff)

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(cherry picked from commit 15b5d658)

Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit bcfa19a8)

Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit edac5dc2)

Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 1549a265)

The previous defaulting to TERMIOS took away -DTERMIOS / -DTERMIO a
bit too enthusiastically.  Windows/DOSish platforms of all sorts get
identified as OPENSSL_SYS_MSDOS, and they get a different treatment
altogether UNLESS -DTERMIO or -DTERMIOS is explicitely given with the
configuration.  The answer is to restore those macro definitions for
the affected configuration targets.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit ba4bdee7)

Conflicts:
	Configure

The rationale for this move is that TERMIOS is default, supported by
POSIX-1.2001, and most definitely on Linux.  For a few other systems,
TERMIO may still be the termnial interface of preference, so we keep
-DTERMIO on those in Configure.

crypto/ui/ui_openssl.c is simplified in this regard, and will define
TERMIOS for all systems except a select few exceptions.
Reviewed-by: Matt Caswell <matt@openssl.org>

(cherry picked from commit 64e6bf64)

Conflicts:
	Configure
	crypto/ui/ui_openssl.c

manually picked from e7b85bc4


Reviewed-by: Stephen Henson <steve@openssl.org>

(cherry picked from commit 774ccae6)

Reviewed-by: Andy Polyakov <appro@openssl.org>

Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit b0333e69)

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit 1d2932de)

Specifically, an ASN.1 NumericString in the certificate CN will fail UTF-8 conversion
and result in a negative return value, which the "x509 -checkhost" command-line option
incorrectly interpreted as success.

Also update X509_check_host docs to reflect reality.

Thanks to Sean Burford (Google) for reporting this issue.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit 0923e7df)

obj_xref.h was erroneously restored to pre-reformat state.

Reviewed-by: Matt Caswell <matt@openssl.org>

Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 84903716)

Free up bio_err after memory leak data has been printed to it.

In int_free_ex_data if ex_data is NULL there is nothing to free up
so return immediately and don't reallocate it.
Reviewed-by: Tim Hudson <tjh@openssl.org>

(cherry picked from commit 9c7a780b)

Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 7ce38623)

Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit ae632974)

Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit 7e35f06e)

Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 6922ddee)

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit a724e79e)

PR:3683
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 52e028b9)

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 5da05a26)

on affected platforms (PowerPC and AArch64).

For reference, minimalistic #ifdef GHASH is sufficient, because
it's never defined with OPENSSL_SMALL_FOOTPRINT and ctx->ghash
is never referred.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit b2991c08)

Making a specific variable $failure_code and a bit of commenting in the
VMS section should help clear things up.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit e00ab250)

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit be7b1097)

functions.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit 85074745)

use read_ahead with DTLS because it doesn't work. Therefore read_ahead needs
to be the default.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit f4002412)

is ignored for DTLS.

RT#3657

Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit 8dd4ad0f)

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit 3d0cf918)

Reviewed-by: Andy Polyakov <appro@openssl.org>

Per discussion: should not exit. Should not print to stderr.
Errors are ignored.  Updated doc to reflect that, and the fact
that this function is to be avoided.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(cherry picked from commit abdd6771)

Reviewed-by: Tim Hudson <tjh@openssl.org>

PR#3673

Reviewed-by: Tim Hudson <tjh@openssl.org>