OPENSSL_ia32cap.pod discusses possibility to disable operations on
XMM register bank. This formally means that this flag has to be checked
in combination with other flags. But it customarily isn't. But instead
of chasing all the cases we can flip more bits together with FXSR one.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4303)
This is actually not all warnings, only return values.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4297)
Move struct timeval includes into e_os.h (where the Windows ones were).
Enaure that the include is guarded canonically.
Refer #4271
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4312)
The program will fail to run if it doesn't exist anyway, no need to
check its existence here.
Fixes#4306
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4309)
When parsing the header files, mkdef.pl didn't clear the line
terminator properly. In most cases, this didn't matter, but there
were moments when this caused parsing errors (such as CRLFs in certain
cases).
Fixes#4267
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4304)
SNI and ALPN must be set to be consistent with the PSK. Otherwise this is
an error.
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3926)
If there is no SNI in the session then s_client no longer sends the SNI
extension. Update the tests to take account of that
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3926)
If we have not decided on an SNI value yet, but we are attempting to reuse
a session, and SNI is set in that, then we should use that value by
default.
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3926)
The returned ID matches with what IANA specifies (or goes on the
wire anyway, IANA notwithstanding).
Doc is added.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4107)
This is yet another 'code health' commit to respond to this round of code health
Tuesday
[skip ci]
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4107)
The commit subject is a bit misleading in sense that decisions affect
only gcc and gcc-alikes, like clang, recent icc...
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4281)
cryptilib.h is the second.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4188)
Removed e_os.h from all bar three headers (apps/apps.h crypto/bio/bio_lcl.h and
ssl/ssl_locl.h).
Added e_os.h into the files that need it now.
Directly reference internal/nelem.h when required.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4188)
The one creating the DRBG should instantiate it, it's there that we
know which parameters we should use to instantiate it.
This splits the rand init in two parts to avoid a deadlock
because when the global drbg is created it wands to call
rand_add on the global rand method.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
GH: #4268
The DRBG callbacks 'get_entropy()' and 'cleanup_entropy()' are designed
in such a way that the randomness buffer does not have to be allocated
by the calling function. It receives the address of a dynamically
allocated buffer from get_entropy() and returns this address to
cleanup_entropy(), where it is freed. If these two calls are properly
paired, the address can be stored in a stack local variable of the
calling function, so there is no need for having a 'randomness' member
(and a 'filled' member) in 'RAND_DRBG'.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4266)
With the introduction of RAND_poll_ex(), the `RAND_add()` calls were
replaced by meaningless cb(...). This commit changes the 'cb(...)'
calls back to 'rand_add(...)' calls by changing the signature as follows:
-int RAND_poll_ex(RAND_poll_fn cb, void *arg);
+int RAND_poll_ex(RAND_poll_cb rand_add, void *arg);
Changed the function typedef name to 'RAND_poll_cb' to emphasize the fact
that the function type represents a callback function.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4266)