Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

This is an important move if scripts want to refer to the loaded
module without having perl think it needs to be loaded (again).

Reviewed-by: Rich Salz <rsalz@openssl.org>

Add no-async option to Configure that forces ASYNC_NULL.
Related to RT1979
An embedded system or replacement C library (e.g. musl or uClibc)
may not support the *context APIs that are needed for async operation.

Compiles with musl. Ran unit tests, async tests skipped as expected.

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

Both getaddrinfo() and getnameinfo() have to be preceeded with a call
to BIO_sock_init().

Also, make sure to give gai_strerror() the actual error code.

Reviewed-by: Stephen Henson <steve@openssl.org>

Reviewed-by: Andy Polyakov <appro@openssl.org>

Reviewed-by: Andy Polyakov <appro@openssl.org>

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Windows doesn't have h_error or hstrerror()

Reviewed-by: Richard Levitte <levitte@openssl.org>

MR: #1848

Reviewed-by: Richard Levitte <levitte@openssl.org>

RT: #4288, MR: #1831

Reviewed-by: Matt Caswell <matt@openssl.org>

Reviewed-by: Matt Caswell <matt@openssl.org>

Reviewed-by: Matt Caswell <matt@openssl.org>

Those even order that do not play nicely with Montgomery arithmetic

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>

In HMAC_Init_ex, NULL key signals reuse, but in single-shot HMAC,
we can allow it to signal an empty key for convenience.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

Reviewed-by: Richard Levitte <levitte@openssl.org>

MR: #1841

Reviewed-by: Ben Laurie <ben@openssl.org>

The test program clienthello checks TLS extensions, so there's no
point running it when no TLS protocol is available.

Reviewed-by: Ben Laurie <ben@openssl.org>

Otherwise, it could typically always return an empty list, since it's
often called first if at all.

Reviewed-by: Ben Laurie <ben@openssl.org>

And some others found in the Internet.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

When connecting to "localhost" the Proxy's choice of client address
family may not match the server's choice address family.  Without
MultiHomed => 1, the proxy may try the wrong address family first,
and give up without trying the other.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Richard Levitte <levitte@openssl.org>

Some platforms do not have the latter.

Reviewed-by: Matt Caswell <matt@openssl.org>

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

This makes use of TLSProxy, which was expanded to use IO::Socket::IP
(which is a core perl module) or IO::Socket::INET6 (which is said to
be more popular) instead IO::Socket::INET if one of them is installed.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

s_socket.c gets brutally cleaned out and now consists of only two
functions, one for client and the other for server.  They both handle
AF_INET, AF_INET6 and additionally AF_UNIX where supported.  The rest
is just easy adaptation.

Both s_client and s_server get the new flags -4 and -6 to force the
use of IPv4 or IPv6 only.

Also, the default host "localhost" in s_client is removed.  It's not
certain that this host is set up for both IPv4 and IPv6.  For example,
Debian has "ip6-localhost" as the default hostname for [::1].  The
better way is to default |host| to NULL and rely on BIO_lookup() to
return a BIO_ADDRINFO with the appropriate loopback address for IPv4
or IPv6 as indicated by the |family| parameter.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

The control commands that previously took a struct sockaddr * have
been changed to take a BIO_ADDR * instead.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

This adds a couple of simple tests to see that SSL traffic using the
reimplemented BIO_s_accept() and BIO_s_connect() works as expected,
both on IPv4 and on IPv6.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Future commits will change our use to newer functions and the pragmas
will go away at that time.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Added functions:

BIO_socket
BIO_connect
BIO_listen
BIO_accept_ex
BIO_closesocket
BIO_sock_info

These get deprecated:

BIO_gethostbyname
BIO_get_port
BIO_get_host_ip
BIO_get_accept_socket
BIO_accept

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Reviewed-by: Kurt Roeckx <kurt@openssl.org>