In HMAC_Init_ex, NULL key signals reuse, but in single-shot HMAC,
we can allow it to signal an empty key for convenience.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

Reviewed-by: Richard Levitte <levitte@openssl.org>

MR: #1841

Reviewed-by: Ben Laurie <ben@openssl.org>

The test program clienthello checks TLS extensions, so there's no
point running it when no TLS protocol is available.

Reviewed-by: Ben Laurie <ben@openssl.org>

Otherwise, it could typically always return an empty list, since it's
often called first if at all.

Reviewed-by: Ben Laurie <ben@openssl.org>

And some others found in the Internet.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

When connecting to "localhost" the Proxy's choice of client address
family may not match the server's choice address family.  Without
MultiHomed => 1, the proxy may try the wrong address family first,
and give up without trying the other.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Richard Levitte <levitte@openssl.org>

Some platforms do not have the latter.

Reviewed-by: Matt Caswell <matt@openssl.org>

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

This makes use of TLSProxy, which was expanded to use IO::Socket::IP
(which is a core perl module) or IO::Socket::INET6 (which is said to
be more popular) instead IO::Socket::INET if one of them is installed.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

s_socket.c gets brutally cleaned out and now consists of only two
functions, one for client and the other for server.  They both handle
AF_INET, AF_INET6 and additionally AF_UNIX where supported.  The rest
is just easy adaptation.

Both s_client and s_server get the new flags -4 and -6 to force the
use of IPv4 or IPv6 only.

Also, the default host "localhost" in s_client is removed.  It's not
certain that this host is set up for both IPv4 and IPv6.  For example,
Debian has "ip6-localhost" as the default hostname for [::1].  The
better way is to default |host| to NULL and rely on BIO_lookup() to
return a BIO_ADDRINFO with the appropriate loopback address for IPv4
or IPv6 as indicated by the |family| parameter.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

The control commands that previously took a struct sockaddr * have
been changed to take a BIO_ADDR * instead.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

This adds a couple of simple tests to see that SSL traffic using the
reimplemented BIO_s_accept() and BIO_s_connect() works as expected,
both on IPv4 and on IPv6.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Future commits will change our use to newer functions and the pragmas
will go away at that time.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Added functions:

BIO_socket
BIO_connect
BIO_listen
BIO_accept_ex
BIO_closesocket
BIO_sock_info

These get deprecated:

BIO_gethostbyname
BIO_get_port
BIO_get_host_ip
BIO_get_accept_socket
BIO_accept

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Because of the way bio_lcl.h is organised, we must not include
internal/cryptlib.h before it.  As a matter of fact, bio_lcl.h
includes internal/cryptlib.h on its own.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Because different platforms have different levels of support for IPv6,
different kinds of sockaddr variants, and some have getaddrinfo et al
while others don't, we could end up with a mess if ifdefs, duplicate
code and other maintainance nightmares.

Instead, we're introducing wrappers around the common form for socket
communication:
BIO_ADDR, closely related to struct sockaddr and some of its variants.
BIO_ADDRINFO, closely related to struct addrinfo.

With that comes support routines, both convenient creators and
accessors, plus a few utility functions:

BIO_parse_hostserv, takes a string of the form host:service and
splits it into host and service.  It checks for * in both parts, and
converts any [ipv6-address] syntax to ust the IPv6 address.

BIO_lookup, looks up information on a host.

All routines handle IPv4 (AF_INET) and IPv6 (AF_INET6) addresses, and
there is support for local sockets (AF_UNIX) as well.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Accept leading 0-byte in PKCS1 type 1 padding. Internally, the byte is
stripped by BN_bn2bin but external callers may have other expectations.

Reviewed-by: Kurt <Roeckx&lt;kurt@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

CRIME protection: disable compression by default, even if OpenSSL is
compiled with zlib enabled. Applications can still enable compression by
calling SSL_CTX_clear_options(ctx, SSL_OP_NO_COMPRESSION), or by using
the SSL_CONF library to configure compression. SSL_CONF continues to
work as before:

SSL_CONF_cmd(ctx, "Options", "Compression") enables compression.

SSL_CONF_cmd(ctx, "Options", "-Compression") disables compression (now
no-op by default).

The command-line switch has changed from -no_comp to -comp.

Reviewed-by: Rich Salz <rsalz@openssl.org>

Also fix option processing in pkeyutl to allow use of (formerly)
"out-of-order" switches that were needless implementation limitations.

Handle documented "ENGINE" form with -keyform and -peerform.

Better handling of OPENSSL_NO_ENGINE and OPENSSL_NO_RSA.

RT2018

Reviewed-by: Rich Salz <rsalz@openssl.org>

... related to engine_ref_debug macro.

Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

It turns out that the combination splitpath() could return an empty
string for the directory part.  This doesn't play well with catdir().

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>

Add new function BN_bn2binpad() which checks the length of the output
buffer and pads the result with zeroes if necessary.

New functions BN_bn2lebinpad() and BN_lebin2bn() which use little endian
format.

Reviewed-by: Rich Salz <rsalz@openssl.org>

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>

Remove ancient unused configuration file in crypto/conf.

Reviewed-by: Rich Salz <rsalz@openssl.org>