The |item| variable, in both of these cases, may contain a pointer to a
|pitem| structure within |s->d1->buffered_messages|. It was being freed
in the error case while still being in |buffered_messages|. When the
error later caused the |SSL*| to be destroyed, the item would be double
freed.

Thanks to Wah-Teh Chang for spotting that the fix in 1632ef74 was
inconsistent with the other error paths (but correct).

Fixes CVE-2014-3505

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>

(If a change is already present in 1.0.1f or 1.0.1h,
don't list it again under changes between 1.0.1h and 1.0.2.)

(which didn't always handle value 0 correctly).

Reviewed-by:  <emilia@openssl.org>

Don't call internal functions directly call them through
SSL_test_functions(). This also makes unit testing work on
Windows and platforms that don't export internal functions
from shared libraries.

By default unit testing is not enabled: it requires the compile
time option "enable-unit-test".
Reviewed-by: Geoff Thorpe <geoff@openssl.org>

The call to setenv in gost2814789t.c is not portable and may
not reflect the location of the GOST ENGINE on all platforms anyway.
Instead set OPENSSL_ENGINES in test/Makefile
Reviewed-by: Geoff Thorpe <geoff@openssl.org>

This has been unmaintained for a long time. If it's still of interest
to anyone, it can be obtained easily enough by reverting this commit.
(It could join other demo code in some other repository, perhaps.) In
any case we don't want it taking up space in the baseline source
package, so <snip>.

Signed-off-by: Geoff Thorpe <geoff@openssl.org>

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

PR#2569

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

and improve performance by 10% on POWER[78].

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

statement of opinion rather than a fact.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Tim Hudson <tjh@openssl.org>

[and split ppccap.c to ppccap.c and ppc_arch.h]

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>

Reviewed-by: Tim Hudson <tjh@openssl.org>

Add cmac.h to mkdef.pl
Remove ENGINE_load_rsax from engine.h: no longer built.
Update ordinals
Reviewed-by: Tim Hudson <tjh@openssl.org>

PR#1675
Reviewed-by: Matt Caswell <matt@openssl.org>

Reviewed-by: Tim Hudson <tjh@openssl.org>

ssl/ssl_locl.h now comes first to ensure that it will compile standalone.
test/testutil.h is considered to be in the same directory as the test file,
since the test file will be linked into test/ and built there.

Reviewed-by: Tim Hudson <tjh@openssl.org>

Reviewed-by: Tim Hudson <tjh@openssl.org>

These help standardize the structure of main() and result reporting.

Reviewed-by: Tim Hudson <tjh@openssl.org>

Add support for RFC5649 key wrapping with padding.

Add RFC5649 tests to evptests.txt

Based on PR#3434 contribution by Petr Spacek <pspacek@redhat.com>.

EVP support and minor changes added by Stephen Henson.

Doxygen comment block updates by Tim Hudson.

Reviewed-by: Tim Hudson <tjh@openssl.org>

Reviewed-by: Tim Hudson <tjh@openssl.org>

Reviewed-by: Tim Hudson <tjh@openssl.org>

PR#3456
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

PR#3442

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>

This reverts commit 927f2e5d.

This reverts commit 14aaf883.

Reviewed-by: Tim Hudson <tjh@openssl.org>

PR#3452

Use same logic when determining when to expect a client
certificate for both TLS and DTLS.

PR#3452

The options which emulate a web server don't make sense when doing DTLS.
Exit with an error if an attempt is made to use them.

PR#3453

PR#3445

Add description of the option to advertise support of
Next Protocol Negotiation extension (-nextprotoneg) to
man pages of s_client and s_server.

PR#3444