Following on from the previous commit, add a test to ensure that
DH_compute_key correctly fails if passed a bad y such that:

y^q (mod p) != 1

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

Historically OpenSSL only ever generated DH parameters based on "safe"
primes. More recently (in version 1.0.2) support was provided for
generating X9.42 style parameter files such as those required for RFC
5114 support. The primes used in such files may not be "safe". Where an
application is using DH configured with parameters based on primes that
are not "safe" then an attacker could use this fact to find a peer's
private DH exponent. This attack requires that the attacker complete
multiple handshakes in which the peer uses the same DH exponent.

A simple mitigation is to ensure that y^q (mod p) == 1

CVE-2016-0701

Issue reported by Antonio Sanso.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

Reviewed-by: Matt Caswell <matt@openssl.org>

This fixes clang compilation problem with size_t NUMPRIMES and int
loop counters.

Reviewed-by: Rich Salz <rsalz@openssl.org>

Also turn B<foo> into foo() in the pod page.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>

Also cleaned up bn_prime.pl to current coding style.

Reviewed-by: Andy Polyakov <appro@openssl.org>

Many options for supporting optimizations for legacy crypto on legacy
platforms have been removed.  This simplifies the source code and
does not really penalize anyone.
        DES_PTR (always on)
        DES_RISC1, DES_RISC2 (always off)
        DES_INT (always 'unsigned int')
        DES_UNROLL (always on)
        BF_PTR (always on) BF_PTR2 (removed)
        MD2_CHAR, MD2_LONG (always 'unsigned char')
        IDEA_SHORT, IDEA_LONG (always 'unsigned int')
        RC2_SHORT, RC2_LONG (always 'unsigned int')
        RC4_LONG (only int and char (for assembler) are supported)
        RC4_CHUNK (always long), RC_CHUNK_LL (removed)
        RC4_INDEX (always on)
And also make D_ENCRYPT macro more clear (@appro)

This is done in consultation with Andy.

Reviewed-by: Andy Polyakov <appro@openssl.org>

A mistake was made and the setting of this config variable got
reverted to an older behavior.  This restores the latest.

Reviewed-by: Emilia Käsper <emilia@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

Some files that are automatically generated still had those comments
added by the generating scripts.

Reviewed-by: Rich Salz <rsalz@openssl.org>

It seems that Test::More doesn't like 0 tests, a line like this raises
an error and stops the recipe entirely:

    plan tests => 0;

So we need to check for 0 tests beforehand and skip the subtest
explicitely in that case.

Reviewed-by: Rich Salz <rsalz@openssl.org>

cryptograpic => cryptographic

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

$EXE_SHELL should only be used with out own programs, not with
surrounding programs such as the perl interpreter.

Reviewed-by: Matt Caswell <matt@openssl.org>

RT4264, RT4268

Reviewed-by: Tim Hudson <tjh@openssl.org>

Reviewed-by: Richard Levitte <levitte@openssl.org>

This was done by the following
        find . -name '*.[ch]' | /tmp/pl
where /tmp/pl is the following three-line script:
        print unless $. == 1 && m@/\* .*\.[ch] \*/@;
        close ARGV if eof; # Close file to reset $.

And then some hand-editing of other files.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>

Also removes the make variable SHARED_LIBS_LINK_EXTS, only used by
the clean-shared target.

When shared library linking was moved to the separate Makefile.shared
in commit 30afcc07

, this target was
skipped.  Prior to that commit, clean-shared was invoked as a
dependency of build-shared, but afterward it was no longer referenced
anywhere in the tree.

Instead of porting the functionality over to Makefile.shared, just
remove it entirely, as it appears to be unused.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

Missing SKIP: block in SSL unit tests for DTLS and TLS version tests.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

Reviewed-by: Matt Caswell <matt@openssl.org>

Since we're building some of our perl scripts and the result might not
end up in apps/ (*), we may need to treat them like the compile
programs we use for testing.

This introduces perlapp() and perltest(), which behave like app() and
test(), but will add the perl executable in the command line.

-----

(*) For example, with a mk1mf build, the result will end up in $(BIN_D)

Reviewed-by: Matt Caswell <matt@openssl.org>

The SSL and SSL_CTX structures are reference counted. However since libssl
was made opaque there is no way for users of the library to manipulate the
reference counts. This adds functions to enable that.

Reviewed-by: Stephen Henson <steve@openssl.org>

Recent changes have removed some directories which is causing mkfiles.pl
to fail.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

Enhances the routines in OpenSSL::Test::Utils for checking disabled
stuff to get their information directly from Configure instead of
'openssl list -disabled'.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Richard Levitte <levitte@openssl.org>

engines_obj changed name to padlock_obj in Configure.  We need to do
the corresponding ENGINES_ASM_OBJ -> PADLOCK_ASM_OBJ in appropriate
Makefile.ins.

Reviewed-by: Rich Salz <rsalz@openssl.org>

- Small rearrangement of the TABLE and HASH printouts, and adding
  printout of the "build_scheme" item
- Renamed "engines_obj" to "padlock_obj"
- Moved the runs of dofile down...  it didn't quite make sense to have
  that in the middle of a printout

Reviewed-by: Rich Salz <rsalz@openssl.org>

Now that we're using templates, we should warn people not to edit the
resulting file.  We do it through util/dofile.pl, which is enhanced
with an option to tell what file it was called from.  We also change
the calls so the template files are on the command line instead of
being redirected through standard input.  That way, we can display
something like this (example taken from include/openssl/opensslconf.h):

    /* WARNING: do not edit! */
    /* Generated by Configure from include/openssl/opensslconf.h.in */

Reviewed-by: Rich Salz <rsalz@openssl.org>

The goal is Makefile, not Makefile.new
Remove the second generation of opensslconf.h

Reviewed-by: Rich Salz <rsalz@openssl.org>

There are two versions of print_table_entry() in Configure.  Remove
the older.

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

The config for the removed GOST engine reappeared by mistake.  Now
removed again.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

It is time for Makefile.org to fold into the new regime and have a run
through util/dofile.pl.  This forces some information out of there and
into Configure, which isn't a bad thing, it makes Configure
increasingly the center of build information, which is as it should
be.

A few extra defaults were needed in the BASE template to get rid of
warnings about missing values.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>