Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>

Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>

For further information see "Control-flow Enforcement Technology
Preview" by Intel.

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>

This is useful in Linux kernel context, in cases data happens
to be fragmented and processing can take multiple calls.

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Emilia Käsper <emilia@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>

use strict would have caught a number of historical bugs in the perlasm
code, some in the repository and some found during review. It even found
a fresh masm-only bug (see below).

This required some tweaks. The "single instance is enough" globals got
switched to proper blessed objects rather than relying on symbolic refs.
A few types need $opcode passed in as a result.

The $$line thing is a little bit of a nuisance. There may be a clearer
pattern to use instead.

This even a bug in the masm code.
9b634c9b

 added logic to make labels
global or function-global based on whether something starts with a $,
seemingly intended to capture the $decor setting of '$L$'. However, it
references $ret which is not defined in label::out. label::out is always
called after label::re, so $ret was always the label itself, so the line
always ran.

I've removed the regular expression so as not to change the behavior of
the script. A number of the assembly files now routinely jump across
functions, so this seems to be the desired behavior now.

GH#1165

Signed-off-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>

Just like in the other build file templates

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>

As well as properly generating those that are made from .in files.

Reviewed-by: Rich Salz <rsalz@openssl.org>

This turns these headers into build file generated ones.

Reviewed-by: Rich Salz <rsalz@openssl.org>

'DEPEND[]=file.h' becomes a special way to say that 'file.h' must be
generated before anything else is built.  It's likely that a number
of source files depend on these header files, this provides a simple
way to make sure they are always generated even it the dependency data
hasn't been added to the build file yet.

Reviewed-by: Rich Salz <rsalz@openssl.org>

The selector field could be omitted because it has a DEFAULT value.
In this case *sfld == NULL (sfld can never be NULL). This was not
noticed because this was never used in existing ASN.1 modules.

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>

MR: #2949

ssl_session_hash() always looks at the first 4 bytes, regardless of the length.
A client can send a session id that's shorter, and the callback could also
generate one that's shorter.  So we make sure that the rest of the buffer is
initliazed to 0 so that we always calculate the same hash.

Found by tis-interpreter, also previously reported as RT #2871

Reviewed-by: Rich Salz <rsalz@openssl.org>

MR: #2911

Reviewed-by: Rich Salz <rsalz@openssl.org>

Also changed the code to use "appname" not "filename"

Reviewed-by: Matt Caswell <matt@openssl.org>

The function a2i_ASN1_STRING can encounter an error after already
allocating a buffer. It wasn't always freeing that buffer on error.

Reviewed-by: Richard Levitte <levitte@openssl.org>

The variable |crtflst| could get double freed in an error path.

Reviewed-by: Richard Levitte <levitte@openssl.org>

The -psk option processing was falling through to the -srp option
processing in the ciphers app.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Fix a comment following commit c2c49969

.

RT2388

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>

VMS C doesn't allow symbols longer than 31 characters.  We do the
automatic shortening with the library files, but not otherwise (to
make sure to work the VMS C magic).

For consistency, I shortened other similar symbols in the same manner.

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Richard Levitte <levitte@openssl.org>

Reviewed-by: Andy Polyakov <appro@openssl.org>

Reviewed-by: Tim Hudson <tjh@openssl.org>

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1193)

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1193)

per review comments.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1193)

SSH2 implementations which use DSA_do_verify() and ECDSA_do_verify() are given
the R and S values, and the data to be signed, by the client.  Thus in order
to validate these signatures, SSH2 implementations will digest and sign
the data -- and then pass in properly provisioned DSA_SIG and ECDSA_SIG objects.

Unfortunately, the existing OpenSSL-1.1.0 APIs do not allow for directly setting
those R and S values in these objects, which makes using OpenSSL for such
SSH2 implementations much more difficult.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1193)

Some misc return value checks

Reviewed-by: Rich Salz <rsalz@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>

Update the SSL_set_session() documentation to reflect the fact that old
bad sessions are removed from the cache if necessary.

Reviewed-by: Rich Salz <rsalz@openssl.org>

This commit adds some session API tests, and in particular tests the
modified behaviour of SSL_set_session() introduced in the last commit. To
do this I have factored out some common code from the asynciotest into a
new ssltestlib.c file. I've also renamed getsettest to sslapitest as this
more closely matches what it now is!

Reviewed-by: Rich Salz <rsalz@openssl.org>

SSL_clear() and SSL_free() will remove a session from the cache if it is
considered "bad". However SSL_set_session() does not do this for the session
it is replacing.

SSL_clear() clears an SSL object ready for reuse. It does not clear the
session though. This means that:

  SSL_clear(s)
  SSL_set_session(s, sess);

and
  SSL_set_session(s, sess);
  SSL_clear(s);

do not do the same thing, although logically you would expect that they
would.

The failure of SSL_set_session() to remove bad sessions from the cache
should be considered a bug, so this commit fixes it.

RT#597

Reviewed-by: Rich Salz <rsalz@openssl.org>