automatically updated, and we should use the one provided instead.
Unfortunately there are a couple of locations where this is not respected.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 00123577)

RT#3592 provides an instance where the OPENSSL_assert that this commit
replaces can be hit. I was able to recreate this issue by forcing the
underlying BIO to misbehave and come back with very small mtu values. This
happens the second time around the while loop after we have detected that the
MTU has been exceeded following the call to dtls1_write_bytes.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit cf75017b)

Reviewed-by: Matt Caswell <matt@openssl.org>

Previously, state variant was not advanced, which resulted in state
being stuck in the st1 variant (usually "_A").

This broke certificate callback retry logic when accepting connections
that were using SSLv2 ClientHello (hence reusing the message), because
their state never advanced to SSL3_ST_SR_CLNT_HELLO_C variant required
for the retry code path.

Reported by Yichun Zhang (agentzh).

Signed-off-by: Piotr Sikora <piotr@cloudflare.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 8123d158)

The current documentation contains a bunch of spelling and grammar mistakes. I also
found it hard to understand some paragraphs, so here is my attempt to improve its
readability.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 03b637a7)

Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit 2db95e09)

Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit 5fc8bb6a)

PR#1767

Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit 244d0955)

PR#3613

Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit fc3968a2)

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit 5e31a40f)

Conflicts:
	apps/ocsp.c

(cherry picked from commit e1645826)

PR#3612

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit de87dd46)
(cherry picked from commit 4d3df37b)

PR#3608

Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 8a35dbb6)

PR#3574

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit 3a076588)

If the hash or public key algorithm is "undef" the signature type
will receive special handling and shouldn't be included in the
cross reference table.
Reviewed-by: Tim Hudson <tjh@openssl.org>

(cherry picked from commit 55f7fb88)

Conflicts:
	crypto/objects/obj_xref.h

Out is the buffer which needs to contain at least inl + cipher_block_size - 1 bytes. Outl
is just an int*.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit 5211e094)

PR#3535

Reviewed-by: Stephen Henson <steve@openssl.org>

Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit e04d426b)

Reviewed-by: Richard Levitte <levitte@openssl.org>

Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Emilia Käsper <emilia@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>

listed after TLS_FALLBACK_SCSV.

RT: 3575
Reviewed-by: Emilia Kasper <emilia@openssl.org>

When we're configured with no-ssl3 and we receive an SSL v3 Client Hello, we set
the method to NULL.  We didn't used to do that, and it breaks things.  This is a
regression introduced in 62f45cc2

.  Keep the old
method since the code is not able to deal with a NULL method at this time.

CVE-2014-3569, PR#3571

Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit 392fa7a9)

Reviewed-by: Geoff Thorpe <geoff@openssl.org>
(cherry picked from commit c882abd5)

Reviewed-by: Dr Stephen Henson <steve@openssl.org>
(cherry picked from commit 55c7a4cf)

Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 40155f40)

Reviewed-by: Ben Laurie <ben@openssl.org>
(cherry picked from commit 87d388c9)

Reviewed-by: Stephen Henson <steve@openssl.org>

Reviewed-by: Stephen Henson <steve@openssl.org>

Reviewed-by: Dr Stephen Henson <steve@openssl.org>

Reviewed-by: Bodo Möller <bodo@openssl.org>

CVE-2014-3568

Reviewed-by: Emilia Kasper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>

CVE-2014-3567

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

Reviewed-by: Tim Hudson <tjh@openssl.org>

so the Win32 compile picks it up correctly.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Reviewed-by: Tim Hudson <tjh@openssl.org>

Conflicts:
	test/maketests.com
	test/tests.com

The different -I compiler parameters will take care of the rest...

Reviewed-by: Tim Hudson <tjh@openssl.org>

Conflicts:
	crypto/evp/evp_enc.c

Spaces were added in some strings for better readability. However, those spaces do not belong in file names, so when picking out the individual parts, remove the spaces

Reviewed-by: Tim Hudson <tjh@openssl.org>

algorithms MD2 and RC5 don't get built.
Also, disable building the test apps in crypto/des and crypto/pkcs7, as
they have no support at all.

Reviewed-by: Tim Hudson <tjh@openssl.org>

Conflicts:
	crypto/crypto-lib.com
	makevms.com
	ssl/ssl-lib.com