[openssl-commits] [openssl] OpenSSL_1_1_1-pre1 create

Matt Caswell matt at openssl.org
Thu Feb 15 23:26:26 UTC 2018

The annotated tag OpenSSL_1_1_1-pre1 has been created
        at  5b6db3d6cb4cb4c5680ac57876ad997f473577da (tag)
   tagging  dcfa88bb29686f485dbd0e3e3800a7f79b462546 (commit)
  replaces  OpenSSL_1_1_0-pre6
 tagged by  Matt Caswell
        on  Thu Feb 15 23:22:33 2018 +0000

- Log -----------------------------------------------------------------
OpenSSL 1.1.1-pre1 release tag


Aashil Patel (1):
      Remove unnecessary if condition from apps.c

Adam Langley (6):
      Fix test of first of 255 CBC padding bytes.
      Fix copy-pasteism in CFI directives.
      perlasm/x86_64-xlate.pl: typo fix in comment.
      sha/asm/sha1-x86_64.pl: add CFI annotations.
      Small primes are primes too.
      nistp521: add a comment to the P+P exceptional case in point_add.

Adrian Vollmer (1):
      Adjust the default value of the private key size

Alessandro Ghedini (1):
      Use switch instead of multiple ifs

Alex Gaynor (9):
      GH1537: Avoid double-free in the EVP_PKEY API
      Annotate ASN.1 attributes of the jurisdictionCountryName NID
      Fixed #3020 -- set entry type on SCTs from X.509 and OCSP extensions
      Don't use a for-loop decleration
      This is an int
      Style fixes and use the source parameter so the OCSP path works
      Update the test to assert that the SCT is from an X.509 extension
      Fixed merge nonsense

AlexDenisov (1):
      [packettest] Fix misplaced parentheses

Alexey Komnin (1):
      Fix tls1_generate_master_secret

Alfred E. Heggestad (1):
      add callback handler for setting DTLS timer interval

Andrea Grandi (6):
      Add missing .pod extension to EVP_PKEY_CTX_set_tls1_prf_md
      Fix broken link to ASYNC_get_wait_ctx and rewrap the paragraph
      Improve PRF documentation
      Add test to show wrong behavior of ASYNC_WAIT_CTX
      Remove fd from the list when the engine clears the wait context before pause
      Further improvements to ASYNC_WAIT_CTX_clear_fd

Andrew Siplas (1):
      Fixes #4459 "issuserAltName" documentation typo.

Andy (1):
      Code health: ssl/ssl_locl.h unused macros

Andy Grundman (1):
      Remove -xtarget=ultra from solaris(64)-sparcv9-cc builds.

Andy Polyakov (301):
      sha/asm/sha1-x86_64.pl: fix crash in SHAEXT code on Windows.
      crypto/sparcv9cap.c: fix overstep in getisax.
      crypto/ui/ui_openssl.c: let new-line through after query in Windows path.
      crypto/sparcv9cap.c: add missing declaration.
      test/ssl_test.tmpl: make it work with elderly perl.
      Configure: recognize -static as link option and disable incompatible options.
      ARMv8 assembly pack: add Samsung Mongoose results.
      ecp_nistz256.c: get is_one on 32-bit platforms right.
      evp/bio_enc.c: refine non-overlapping logic.
      Add test/bio_enc_test.c.
      crypto/pkcs12: add UTF8 support.
      Add PKCS#12 UTF-8 interoperability test.
      crypto/pkcs12: default to UTF-8.
      crypto/pkcs12: facilitate accessing data with non-interoperable password.
      bn/asm/x86[_64]-mont*.pl: implement slightly alternative page-walking.
      80-test_pkcs12.t: skip the test on Windows with non-Greek locale.
      evp/bio_enc.c: stop using pointer arithmetic for error detection.
      ec/asm/ecp_nistz256-x86_64.pl: addition to perform stricter reduction.
      ec/asm/ecp_nistz256-*.pl: addition to perform stricter reduction.
      ec/ecp_nistz256: harmonize is_infinity with ec_GFp_simple_is_at_infinity.
      ec/ecp_nistz256: harmonize is_infinity with ec_GFp_simple_is_at_infinity.
      ec/asm/ecp_nistz256-x86_64.pl: /cmovb/cmovc/ as nasm doesn't recognize cmovb.
      Configurations/10-main.conf: fix solaris64-*-cc link problems.
      Don't switch password formats using global state.
      Windows: UTF-8 opt-in for command-line arguments and console input.
      CHANGES: mention Windows UTF-8 opt-in option.
      bn/asm/ppc.pl: harmonize .size directive in bn_mul_words.
      perlasm/ppc-xlate.pl: recognize .type directive.
      Add ecp_nistz256-ppc64 module.
      crypto/bn/*: x86[_64] division instruction doesn't handle constants, change constraint from 'g' to 'r'.
      Configurations/10-main.conf: remove solaris-x86-cc target.
      Configurations/10-main.conf: fix omittions in commentary.
      Configurations/10-main.conf: add android64-x86_64 target.
      MIPS assembly pack: adapt it for MIPS[32|64]R6.
      Configurations/10-main.conf: add android64-mips64 target.
      Configure: clarify and refine -static.
      modes/asm/ghash-armv4.pl: improve interoperability with Android NDK.
      chacha/asm/chacha-ppc.pl: add missing .text directive.
      Configurations/10-main.cf: AIX "facelift".
      engines/afalg: make it compile with backward compatibility headers.
      Configure: impose ^X on whole build procedure.
      bn/bn_lcl.h: improve interoperability with clang and Android NDK.
      Configure: detect gcc's dependency generation capability more accurately.
      rand/randfile.c: restore fallback to $HOME for non-setuid programs.
      rand/randfile.c: rationalize __OpenBSD__ code path.
      rand/randfile.c: treat empty string in RAND_file_name as error.
      .travis.yml: install wine on demand.
      .travis.yml: minor optimizations:
      doc/crypto/OPENSSL_ia32cap.pod: update assembler requirements.
      crypto/sha: add Keccak1600 primitives to build SHA-3 upon.
      sha/keccak1600.c: add known answer and verify result with memcmp.
      x86_64 assembly pack: add Goldmont performance results.
      sha/asm/sha512-armv8.pl: adapt for kernel use.
      bn/asm/ppc-mont.pl: prepare for extension.
      bn/asm/ppc-mont.pl: add optimized multiplication and squaring subroutines.
      ppccap.c: engage new multipplication and squaring subroutines.
      sha/keccak1600.c: add couple of soft asserts.
      test/bntest.c: regression test for CVE-2016-7055.
      bn/asm/x86_64-mont.pl: fix for CVE-2016-7055 (Low severity).
      aes/asm/aesp8-ppc.pl: improve [backward] portability.
      test: add TLS application data corruption test.
      test/evptests.txt: add negative tests for AEAD ciphers.
      PPC assembler pack: add some PPC970/G5 performance data.
      chacha/asm/chacha-x86.pl: improve [backward] portability.
      sha/keccak1600.c: add some optimized implementations.
      sha/asm/sha512-armv8.pl: add NEON version of SHA256.
      Configurations/10-main.conf: document GCC for Solaris config constraint.
      Configurations/10-main.conf: remove obsolete flag from solaris-x86-gcc.
      sha/asm/sha512-armv8.pl: fix big-endian support in __KERNEL__ case.
      bn/asm/ppc-mont.pl: signal no-op in 32-bit bit build.
      test/evptests.txt: add regression test for false carry in ctr128.c.
      modes/ctr128.c: fix false carry in counter increment procedure.
      INSTALL: clarify 386 and no-sse2 options.
      poly1305/poly1305_base2_44.c: add reference base 2^44 implementation.
      x86_64 assembly pack: add AVX512 ChaCha20 and Poly1305 code paths.
      perlasm/x86_64-xlate.pl: refine sign extension in ea package.
      man3/OPENSSL_ia32cap.pod: clarify AVX512 support in clang context.
      perlasm/x86_64-xlate.pl: add support for AVX512 OPMASK-ing.
      poly1305/asm/poly1305-x86_64.pl: allow nasm to assemble AVX512 code.     chacha/asm/chacha-x86_64.pl: refine nasm version detection logic.
      x86 assembly pack: update performance results.
      chacha/asm/chacha-x86_64.pl: add AVX512 path optimized for shorter inputs.
      ec/asm/ecp_nistz256-ppc64.pl: minor POWER8-specific optimization.
      poly1305/poly1305_base2_44.c: clarify shift boundary condition.
      Replace div-spoiler hack with simpler code
      crypto/evp: harden RC4_MD5 cipher.
      crypto/evp: harden AEAD ciphers.
      test/bntest.c: regression test for carry bug in bn_sqr8x_internal.
      bn/asm/x86_64-mont5.pl: fix carry bug in bn_sqr8x_internal.
      crypto/x86_64cpuid.pl: detect if kernel preserves %zmm registers.
      perlasm/x86_64-xlate.pl: clarify SEH coding guidelines.
      x86_64 assembly pack: Win64 SEH face-lift.
      Rename 90-test_fuzz.t to 99-test_fuzz.t to ensure that it's executed last.
      bn/asm/rsaz-avx2.pl: refine Win64 SE handler.
      perlasm/x86_64-xlate.pl: minor readability updates.
      perlasm/x86_64-xlate.pl: remove obsolete .picmeup synthetic directive.
      perlasm/x86_64-xlate.pl: recognize DWARF CFI directives.
      bn/asm/x86_64*: add DWARF CFI directives.
      perlasm/x86_64-xlate.pl: fix pair of typo-bugs in the new cfi_directive.
      modes/asm/*-x86_64.pl: add CFI annotations.
      {md5,rc4}/asm/*-x86_64.pl: add CFI annotations.
      ec/asm/ecp_nistz256-x86_64.pl: fix typo-bug in Win64 SE handler.
      ec/asm/ecp_nistz256-x86_64.pl: add CFI directives.
      perlasm/x86_64-xlate.pl: recognize even offset(%reg) in cfa_expression.
      aes/asm/*-x86_64.pl: add CFI annotations.
      sha/asm/*-x86_64.pl: add CFI annotations.
      ARMv4 assembly pack: harmonize Thumb-ification of iOS build.
      crypto/armcap.c: short-circuit processor capability probe in iOS builds.
      test/README: clarify last test number group
      .travis.yml: remove osx from build matrix.
      appveyor.yml: engage VC-WIN64A-masm.
      .travis.yml: make package pulls conditional.
      .travis.yml: introduce concept of "extended tests"
      poly1305/asm/poly1305-x86_64.pl: optimize AVX512 code path.
      poly1305/asm/poly1305-x86_64.pl: switch to vpermdd in table expansion.
      poly1305/asm/poly1305-x86_64.pl: add VPMADD52 code path.
      chacha/asm/chacha-x86_64.pl: add CFI annotations.
      poly1305/asm/poly1305-x86_64.pl: add CFI annotations.
      camellia/asm/cmll-x86_64.pl: add CFI annotations.
      whrlpool/asm/wp-x86_64.pl: add CFI annotations.
      crypto/x86_64cpuid.pl: add CFI annotations.
      poly1305/asm/poly1305-x86_64.pl: minor AVX512 optimization.
      crypto/des: remove unreferenced rcp_enc.c module.
      Configurations/50-masm.conf: add /nologo to ml64 command line.
      appveyor.yml: streamline pull requests.
      des/des_locl.h: clean up unused/irrelevant macros.
      bn/asm: clean up unused PA-RISC modules.
      CHANGES: mention CFI annotations.
      evp/e_aes_cbc_hmac_{sha1|sha256}.c: tag reference code.
      aes/aes_x86core.c: clarify reference implementation status.
      bio/b_addr.c: omit private hstrerror.
      Configurations/10-main.conf: omit redundant -lresolv from Solaris configs.
      apps/s_client.c: harden ldap_ExtendedResponse_parse.
      appveyor.yml: call upon cmd to redirect stderr.
      test: add chacha_internal_test.
      crypto/x86_64cpuid.pl: move extended feature detection upwards.
      crypto/x86*cpuid.pl: move extended feature detection.
      poly1305/asm/poly1305-armv8.pl: ilp32-specific poly1305_init fix.
      poly1305/asm/poly1305-x86_64.pl: add poly1305_blocks_vpmadd52_4x.
      .travis.yml: make git submodule update conditional.
      test/recipes/03-test_internal_*: call setup() first.
      NOTES.WIN: mention Strawberry Perl as option.
      x86_64 assembly pack: add some Ryzen performance results.
      poly1305/asm/poly1305-x86_64.pl: add poly1305_blocks_vpmadd52_8x.
      aes/asm/aesni-sha*-x86_64.pl: fix IV handling in SHAEXT paths.
      modes/ocb128.c: fix misaligned access in ILP32 builds on 64-bit processors.
      bn/asm/sparcv9-mont.pl: fix squaring code path.
      engines/e_capi.c: formatting and styling fixes.
      aes/asm/bsaes-armv7.pl: relax stack alignment requirement.
      apps/passwd.c: 32 bits are sufficient to hold ROUNDS_MAX.
      engine/e_capi.c: more formatting and styling fixes.
      engines/e_capi.c: adhere to CryptAcquireContextW unconditionally.
      engines/e_capi.c: slip in PROV_RSA_AES for interchangable CSP only.
      bio/b_print.c: fix %z failure in 32-bit build.
      bio/b_print.c: recognize even 'j' format modifier.
      apps/*.c: switch to platform-neutral format modifiers in BIO_print calls.
      e_os.h: drop now-redundant PRIu64 [and fix OSSLzu].
      bio/b_print.c: switch to int64_t as "greatest-width integer type".
      e_afalg.[ch]: fix --strict-warnings with gcc 4.x and 32-bit build.
      Configure: use 5.10.0, don't require...
      crypto/ppccap.c: SIGILL-free processor capabilities detection on MacOS X.
      Configure: recognize -framework as linker option [on Apple OSes].
      Configurations/README: reword bn_ops description.
      appveyor.yml: split {build,test}_scripts to avoid exit code masking.
      asn1/x_long.c: remove conditions in inner loops and dependency on BN.
      rand/rand_lib.c: keep fixing no-engine configuration.
      testlib/OpenSSL/Test.pm: keep default input private.
      asn1/a_int.c: remove code duplicate and optimize branches,
      asn1/a_int.c: simplify asn1_put_uint64.
      asn1/a_int.c: don't write result if returning error.
      asn1/a_int.c: clean up asn1_get_int64.
      test: don't make it more complicated than necessary.
      fuzz/{client,server}.c: omit _time64 "overload method".
      asn1/a_int.c: fix "next negative minimum" corner case in c2i_ibuf.
      test/asn1_encode_test.c: test "next negative minimum" corner case.
      perlasm/x86_64-xlate.pl: work around problem with hex constants in masm.
      sha/sha512.c: fix formatting.
      test/test_test.c: fix wrong BN test [and rearrange tests a little bit].
      test/run_tests.pl: don't mask test failures.
      test/secmemtest.c: clarify limitations for huge secure memory arena test.
      aria/aria.c: address undefined behaviour warning in small-footprint path.
      modes/ocb128.c: address undefined behaviour warning.
      test/evp_test.c: improve output in case of errors.
      sha/keccak1600.c: implement bit interleaving optimization.
      sha/keccak1600.c: implement lane complementing transform
      ec/asm/ecp_nistz256-x86_64.pl: minor sqr_montx cleanup.
      sha/keccak1600.c: add ARM-specific "reference" tweaks.
      sha/keccak1600.c: add another 1x variant.
      sha/keccak1600.c: reduce temporary storage utilization even futher.
      sha/keccak1600.c: add #ifdef KECCAK1600_ASM.
      Add sha/asm/keccak1600-armv4.pl.
      sha/asm/keccak1600-armv4.pl: optimization based on profiler feedback.
      sha/asm/keccak1600-armv4.pl: add SHA3_absorb and SHA3_squeeze.
      sha/asm/keccak1600-armv4.pl: add NEON code path.
      sha/keccak1600.c: switch to more efficient bit interleaving algorithm.
      sha/asm/keccak1600-armv4.pl: switch to more efficient bit interleaving algorithm.
      perlasm/ppc-xlate.pl: add PowerISA 3.0B instructions.
      Add sha/asm/keccak1600-armv8.pl.
      Add sha/asm/keccak1600-c64x.pl
      Add Keccak-1600 modules for PPC64 and POWER8.
      sha/asm/sha512p8-ppc.pl: add POWER8 performance data.
      Add sha/asm/keccak1600-mmx.pl, x86 MMX module.
      sha/asm/keccak1600-mmx.pl: optimize for Atom and add comparison data.
      Add sha/asm/keccak1600-x86_64.pl.
      sha/asm/keccak1600-x86_64.pl: remove redundant moves.
      sha/asm/keccak1600-x86_64.pl: optimize by re-ordering instructions.
      sha/asm/keccak1600-x86_64.pl: add CFI directives.
      Add sha/asm/keccak1600-s390x.pl.
      x86_64 assembly pack: fill some blanks in Ryzen results.
      sha/asm/keccak1600-s390x.pl: typo and readability, minor size optimization.
      sha/asm/keccak1600-x86_64.pl: close gap with Keccak Code Package.
      sha/keccak1600.c: internalize KeccakF1600 and simplify SHA3_absorb.
      objects/objects.txt: add SHA3 OIDs.
      'make update' after objects/objects.txt update.
      Add sha/asm/keccak1600-avx512.pl.
      Add sha/asm/keccak1600-avx2.pl.
      Optimize sha/asm/keccak1600-avx2.pl.
      sha/asm/keccak1600-avx2.pl: remodel register usage.
      sha/asm/keccak1600-avx2.pl: optimized remodelled version.
      x86_64 assembly pack: "optimize" for Knights Landing, add AVX-512 results.
      sha/asm/keccak1600-avx512.pl: absorb bug-fix and minor optimization.
      sha/asm/keccak1600-avx512.pl: improve performance by 17%.
      evp/e_aes_cbc_hmac_sha256.c: give SHAEXT right priority.
      aes/asm/aesni-sha*-x86_64.pl: add SHAEXT performance results.
      crypto/x86_64cpuid.pl: fix typo in Knights Landing detection.
      sha/keccak1600.c: build and make it work with strict warnings.
      Add evp/m_sha3.c.
      Wire SHA3 EVPs and add tests.
      bn/bn_lcl.h: improve inline assembly coverage on PPC64.
      bn/bn_lcl.h: use __int128 whenever possible, not only on MIPS.
      bn/bn_lcl.h: restore formatting.
      asn1/a_time.c: make handling of 'fractional point' formally correct.
      sha/keccak1600.c: choose more sensible default parameters.
      sha/asm/keccak1600-armv4.pl: improve non-NEON performance by ~10%.
      recipes/80-test_ca.t: make it work with spaces in pathnames.
      Add EVP_DigestFinalXOF, interface to extendable-output functions, XOFs.
      Wire SHAKE to EVP.
      sha/asm/keccak1600-avx512.pl: fix buglet in SHA3_squeeze tail.
      sha/asm/keccak1600-armv4.pl: optimize for Thumb-2.
      err/err.c: fix "wraparound" bug in ERR_set_error_data.
      err/err.c: improve readability.
      Revert "Allow --strict-warnings with the icc compiler as well"
      Configure: base compiler-specific decisions on pre-defines.
      ssl/statem/*.c: address "enum mixed with another type" warnings.
      ssl/statem/extensions_clnt.c: fix return code buglet.
      crypto/cryptlib.c: mask more capability bits upon FXSR bit flip.
      test/run_tests.pl: don't use Module::Load::Conditional.
      config: get "stty technique" working again on MacOS X.
      sha/asm/keccak1600-armv8.pl: fix return value buglet and ...
      objects/objects.txt: fix RSA-SHA3-284 typo.
      objects/obj_xref.txt: cross-reference SHA3 and rsaEncryption.
      evp/m_sha3.c: wire SHA3 to rsaEncryption.
      rsa/rsa_pmeth.c: recognize SHA3 as supported RSA digest.
      Configure: unify clang's -Qunused-arguments option treatment.
      Configure: add -Wmisleading-indentation to strict warnings flags.
      stack/stack.c: various cleanups.
      crypto/x509v3/v3_utl.c, ssl/ssl_cert.c: fix Coverity problems.
      modes/gcm128.c: harmonize GCM_MUL macro with GHASH.
      x509v3/v3_utl.c: avoid double-free.
      bn/asm/x86_64-mont5.pl: fix carry bug in bn_sqrx8x_internal.
      test/bntest.c: add bn_sqrx8x_internal regression test.
      aes/asm/{aes-armv4|bsaes-armv7}.pl: make it work with binutils-2.29.
      OPENSSL_ia32cap: reserve for new extensions.
      Configurations/unix-Makefile.tmpl: fix HP-UX build.
      00-base-templates.conf: fix ia64 builds.
      util/copy.pl: work around glob quirk in some of earlier 5.1x Perl versions.
      asn1/a_strex.c: fix flags truncation in do_esc_char.
      evp/pbe_scrypt.c: add boundary condition for implicit cast.
      ssl/ssl_asn1.c: resolve warnings in VC-WIN32 build, which allows to add /WX.
      Resolve warnings in VC-WIN32 build, which allows to add /WX.
      Configurations/10-main.conf: add back /WX to VC-WIN32.
      ARMv8 assembly pack: add Qualcomm Kryo results.
      bn/bn_add.c: address performance regression.
      bn/bn_exp.c: harmonize BN_mod_exp_mont_consttime with negative input.
      Iron out /WX errors in VC-WIN32.
      crypto/x86_64cpuid.pl: fix AVX512 capability masking.
      rsa/rsa_gen.c: ensure backward compatibility with external rsa->meth.
      poly1305/asm/poly1305-x86_64.pl: switch to pure AVX512F.
      chacha/asm/chacha-x86_64.pl: fix sporadic crash in AVX512 code path.
      rsa/rsa_lib.c: make RSA_security_bits multi-prime aware.
      rsa/rsa_gen.c: harmonize keygen's ability with RSA_security_bits.
      modes/asm/ghashv8-armx.pl: implement 4x aggregate factor.
      modes/asm/ghashv8-armx.pl: modulo-schedule loop.
      modes/asm/ghashv8-armx.pl: optimize modulo-scheduled loop.
      modes/asm/ghashv8-armx.pl: handle lengths not divisible by 4x.
      bn/asm/rsaz-avx2.pl: fix digit correction bug in rsaz_1024_mul_avx2.
      test/bntest.c: add rsaz_1024_mul_avx2 regression test.
      crypto/x86_64cpuid.pl: suppress AVX512F flag on Skylake-X.
      chacha/asm/chacha-x86_64.pl: add AVX512VL code path.
      Add sha/asm/keccak1600-avx512vl.pl.
      poly1305/asm/poly1305-x86_64.pl: add Knights Landing AVX512 result.
      ec/ecp_nistp*.c: sanitize for undefined/implmentation-specific behaviour.
      ec/curve25519.c: "double" ecdhx25519 performance on 64-bit platforms.
      ec/ecp_nistz256.c: improve ECDSA sign by 30-40%.
      ec/asm/ecp_nistz256-x86_64.pl: add .cfi and SEH handlers to new functions.
      ec/asm/ecp_nistz256-armv8.pl: add optimized inversion.
      ec/ecp_nistz256.c: switch to faster addition chain in scalar inversion.
      ec/curve25519.c: avoid 2^51 radix on SPARC.
      poly1305/poly1305_ieee754.c: add support for MIPS.
      test/asn1_time_test.c: fix pre-C90 warning.
      crypto/armcap.c: detect hardware-assisted SHA512 support.
      sha/asm/sha512-armv8.pl: add hardware-assisted SHA512 subroutine.

Azat Khuzhin (1):
      Remove ENGINE_load_dasync() (no OPENSSL_INIT_ENGINE_DASYNC already)

Balaji Marisetti (1):
      Addressed build failure because of missing #ifdef AF_UNIX guard     CLA: trivial

Baptiste Jonglez (2):
      afalg: Use eventfd2 syscall instead of eventfd
      afalg: Fix kernel version check

Beat Bolli (11):
      Update the location of the pod files
      Use consistent variable names in example
      doc/man3: use the documented coding style in the example code
      doc/man3: remove a duplicate BIO_do_accept() call
      ERR_put_error.pod: fix the name of function ERR_add_error_vdata()
      doc/man3: reformat the function prototypes in the synopses
      doc/man3: unindent a few unintended code blocks
      SSL_CTX_set_verify.pod: move a typedef in front of its first usage
      doc/man3: fix SSL_SESSSION typos
      doc: use /* ... */ comments in code examples
      doc/man3: use the documented coding style in the example code

Ben Kaduk (2):
      make update
      Fix more OCSP_resp_get0_signer() nits

Ben Laurie (5):
      Don't use DES when disabled.
      Make dependencies if Makefile is new.
      Remove untrue comment.
      Remove annoying and pointless pause.
      Remove unused variable.

Benjamin Kaduk (115):
      Remove some unused options from 10-main.conf
      Sort %disabled in Configure
      Wordsmith INSTALL
      Try to unify BIO read/write parameter names
      Fix grammar-o in CONTRIBUTING
      Restore the ERR_FATAL_ERROR() macro
      Do not overallocate for tmp.ciphers_raw
      Use _WIN32 over WIN32 for preprocessor conditional
      output number of exts from tls_collect_extensions()
      Store the number of extensions in CLIENTHELLO_MSG
      Move CLIENTHELLO_MSG up in the header
      Add more first-class support for SCSVS
      Let ssl_get_cipher_by_char yield not-valid ciphers
      Export SSL_bytes_to_cipher_list()
      Refactor SSL_bytes_to_cipher_list()
      Tests for SSL_bytes_to_cipher_list()
      Prepare for WORK_MORE_C
      Add SSL_CTX early callback
      Tests for SSL early callback
      Adopt test to changed behavior
      Use correct variable in test diagnostic
      Let test handshakes stop on certain errors
      Add an sslapitest for early callback
      Add test corpus for PEM reading
      Add AGL's "beer mug" PEM file as another test input
      Don't free in cleanup routine
      Remove OPENSSL_indirect_call()
      Fix some -Wshadow warnings
      Fix a -Wsign-compare warning
      Clear alpn_selected_len for clients, too
      Tighten up client status_request processing
      Remove dead code
      Remove some unused PEM structures
      Remove unused typedefs from indent config
      Remove documentation of deleted function
      Further de-obfuscation
      Allow an ALPN callback to pretend to not exist
      Add -Wextra to gcc devteam warnings
      Address some -Wold-style-declaration warnings
      Remove duplicates from clang_devteam_warnings
      Add PEM_read_bio_ex
      Add PEM_bytes_read_bio_secmem()
      Make PEM_read_{,bio_}PrivateKey use secmem
      Add unit test for PEM_FLAG_ONLY_B64
      Remove stale note from s_server.pod
      Fix memory leaks in CTLOG_new_from_base64
      drop some no-longer-relevant TODO(TLS1.3) entries
      TLS 1.3 client sigalgs test no longer needs TLS 1.2
      Add SSL_early_get1_extensions_present()
      Add sslapitest for SSL_early_get1_extensions_present()
      Fix no-ec
      Disallow DSA/SHA1/etc. for pure TLS 1.3 ClientHellos
      Add constants for TLS 1.3 SignatureScheme values
      Fix no-dsa build
      Add tests for deprecated sigalgs with TLS 1.3 ClientHellos
      Fix no-dsa build again
      Fix return-value checks in OCSP_resp_get1_id()
      Improve BN_CTX documentation
      Error out when forcing an unsupported TLS version
      Remove trailing whitespace from drbgtest.c
      typedef's for RAND_DRBG methods
      Fix out-of-bounds read in ctr_XOR
      Define a value for SYS_F_FCNTL
      Fixups for STORE commit
      Catch up to the removal of OSSL_STORE_open_file()
      Improve style
      Remove trailing whitespace from store-related man pages
      Fix memory leak in session cache test
      Don't modify resumed session objects
      Move ALPN handling from finalizer to delayed call
      Add SSL_get_pending_cipher()
      Tighten up SSL_get1_supported_ciphers() docs
      Fixup include path in ossl_shim test after e_os.h work
      Fix long SNI lengths in test/handshake_helper.c
      Restore historical behavior for absent ServerHello extensions
      Fix test_client_hello with no-tls1_2_method
      Fix typo in comment
      Fix no-ec no-dh build
      Reenable s_server -dhparam option
      Move supportedgroup ext-block fields out of NO_EC
      Appease -Werror=maybe-uninitialized
      Fix memory leak in DH_get_nid()
      Add missing RAND_DRBG locking
      Fix a couple nits in DEFINE_STACK_OF.pod
      Use atomics for SSL_CTX statistics
      Normalize on session_ctx for stats where possible
      Provide SSL_CTX.stats.sess_accept for switched ctxs
      Fix memory leak in crltest error case
      Prevent NULL dereference in async clear-fd code
      Conditionalize fuzz tests on feature macros
      Add an API to get the signer of an OCSP response
      Add OCSP API test executable
      Fix no-ec
      Fix coverity-reported errors in ocspapitest
      Fix coverity nit in handshake_helper.c
      Wrap more of ocspapitest.c in OPENSSL_NO_OCSP
      Fix test_tls13messages with no-ocsp
      Fix typo in comment
      Permit the "supported_groups" extension in ServerHellos
      Test that supported_groups is permitted in ServerHello
      enc(1): document that AEAD is not and will not be supported
      Fix no-ec --strict-warnings builds
      Bump TLS1_3_VERSION_DRAFT for draft-23
      Renumber TLSEXT_TYPE_key_share for draft-23
      Add TLS 1.3 draft-23 PSS signature algorithms
      Propagate TLS 1.3 sigalgs through tls1_set_sigalgs()
      Update documentation for SSL_set1_sigalgs()
      Add support for the TLS 1.3 signature_algorithms_cert extension
      Add TLSProxy tests for signature_algorithms_cert
      Fix uninitialized read in sigalg parsing code
      Fix ssl-trace with TLS 1.3 draft-23 PSS sigalgs
      Catch some more old sigalg names in comments
      Revert the crypto "global lock" implementation
      Restore clearing of init_lock after free

Bernard Spil (1):
      openssl enc: Don't unbuffer stdin

Bernd Edlinger (85):
      Fix a memory leak in RSA_padding_add_PKCS1_OAEP_mgf1
      Check the exit code from the server process
      fix a memory leak in ssl3_generate_key_block fix the error handling in ssl3_change_cipher_state
      Fix a ssl session leak due to OOM in lh_SSL_SESSION_insert
      Fix error handling in compute_key, BN_CTX_get can return NULL
      remove test/.rnd on make clean
      Combined patch against master branch for the following issues:
      Fix a crash with malformed user notice policy numbers
      Fix a crash in EVP_CIPHER_CTX_cleanup due to cipher_data may be NULL     or EVP_CTRL_INIT/EVP_CTRL_COPY was not called or failed.     If that happens in EVP_CipherInit_ex/EVP_CIPHER_CTX_copy set cipher = NULL,     aes_gcm_cleanup should check that gctx != NULL before calling OPENSSL_cleanse.
      Use TLSEXT_KEYNAME_LENGTH in tls_decrypt_ticket.
      Rework error handling of custom_ext_meth_add towards strong exception safety.
      Fix a slightly confusing if condition in a2i_ASN1_INTEGER.
      Fix a few memleaks in TXT_DB.
      Fix some more memory leaks with TXT_DB_insert.
      Fix i2d_SSL_SESSION pp output parameter should point to end of asn1 data.
      Add some more consistency checks in tls_decrypt_ticket.
      Remove -Wno-parentheses-equality from gcc --strict-warnings options.     There has never been any gcc option of that kind.
      Add -Wundef to --strict-warnings options.
      Remove unnecessary memset after PR #2583 avoids accessing     the uninitialized session_id now.
      Check that async_jobs is not negative and not too high.
      Reset executable bits on files where not needed.
      Fixup previous merge.
      Avoid questionable use of the value of a pointer
      Fix a crash or unbounded allocation in RSA_padding_add_PKCS1_PSS_mgf1     and RSA_verify_PKCS1_PSS_mgf1 with 512-bit RSA vs. sha-512.
      Added a test case for RSA_padding_add_PKCS1_PSS_mgf1.
      Fixed a crash in print_notice.
      Fix the error handling in CRYPTO_dup_ex_data.     Fix a strict aliasing issue in ui_dup_method_data.     Add test coverage for CRYPTO_dup_ex_data, use OPENSSL_assert.
      Don't access memory before checking the correct length in aesni_cbc_hmac_sha256_ctrl in case EVP_CTRL_AEAD_TLS1_AAD.
      Remove unnecessary loop in pkey_rsa_decrypt.
      Add parentheses on public macros where appropriate.     Fixes #3063.
      Fix a pedantic gcc-7 warning.
      Fix gcc-7 warnings.     - Mostly missing fall thru comments     - And uninitialized value used in sslapitest.c
      Fix memleak in EVP_DigestSignFinal/VerifyFinal.
      Fix a memleak in tls13_generate_secret.
      Fix a memleak in ec_copy_parameters.
      Fix a possible crash in the error handling.
      Fix crash in ecdh_simple_compute_key.
      Fix a possible crash in dsa_builtin_paramgen2.
      Fix another possible crash in rsa_ossl_mod_exp.
      Fix possible crash in X931 code.
      Fix the comment about default OPENSSLDIR in windows.
      Add a missing break in test/shlibloadtest.c
      Remove a pointless "#if 0" block from BN_mul.
      Fix the error handling in ERR_get_state:     - Ignoring the return code of ossl_init_thread_start created a memory leak.
      Fix the fall-out in 04-test_bioprint.t
      Add parentheses around macro argument of OSSL_NELEM.
      Fix a crash in tls_construct_client_certificate.
      Fix potential crash in tls_construct_finished.
      Fix crash in BUF_MEM_grow_clean.
      Fix error handling in get_header_and_data.
      Fix bogus use of BIO_sock_should_retry.
      Clean password buffer on stack for PEM_read_bio_PrivateKey     and d2i_PKCS8PrivateKey_bio before it goes out of scope.
      Add some test coverage for PEM_read_bio_PrivateKey
      Implement the CRYPTO_secure_clear_free function
      Use OPENSSL_secure_clear_free for secure mem BIOs and X25519 private keys
      Document OPENSSL_secure_clear_free
      Use OPENSSL_secure_clear_free in PEM_read_bio_PrivateKey and PEM_read_bio_ex
      Use OPENSSL_secure_clear_free in STORE file_load
      Add some test coverage for OPENSSL_secure_clear_free
      Fix an information leak in the RSA padding check code.     The memory blocks contain secret data and must be     cleared before returning to the system heap.
      Avoid surpising password dialog in X509 file lookup.
      Clear outputs in PKCS12_parse error handling.
      Clear secret stack values after use in curve25519.c
      Clear secret stack values after use in the ED25519-functions
      Fix the return type of felem_is_zero_int which should be int.     Change argument type of xxxelem_is_zero_int to const void*     to avoid the need of type casts.
      Fix error handling in SSL_new
      Add missing range checks on number of multi primes in rsa_ossl_mod_exp
      Minor cleanup of the rsa mp limits code
      Remove test-runs dir, adjust .gitignore
      Fix invalid function type casts.     Rename bio_info_cb to BIO_info_cb.
      Fix a typo in comment
      Alternate fix for ../test/recipes/80-test_ssl_old.t with no-ec
      Stop using unimplemented cipher classes.     Add comments to no longer usable ciphers.
      Fix error handling in X509_REQ_print_ex
      Catch SIGPIPE in TLSProxy::Proxy::clientstart
      Explicitly shut the socket down in s_client
      Use constant value 1 instead of SHUT_WR in do_server
      Set OPENSSL_ENGINES for Windows
      Add a configure option to opt-out secure memory
      Fix setting of IPV6_V6ONLY on Windows
      Make the s_server command listen on IPv6 only when requested
      Fix some style nits in commit eee8a40
      Swap the check in ssl3_write_pending to avoid using     the possibly indeterminate pointer value in wpend_buf.
      Remove code that prints "<SPACES/NULS>" in hexdumps     when the data block ends with SPACEs or NULs.

Camille Guérin (1):
      Fixed typo in X509_STORE_CTX_new description

Christian Heimes (3):
      Provide getters for min/max proto version
      Document SSL_OP_NO_RENEGOTIATION as new in 1.1.1
      Fix signature of min/max proto getter

Claus Assmann (1):
      Fix grammar error in SSL_CTX_set_min_proto_version

Cory Benfield (7):
      Add support for key logging callbacks.
      Add tests for the key logging callbacks.
      Add documentation for the key logging callbacks
      Limit the length of the encrypted premaster key.
      Add support for logging out TLSv1.3 secrets
      Test logging TLSv1.3 secrets.
      s_client accepts host/port as positional argument.

Cristian Stoica (5):
      speed.c: use size_t instead of int to match function signatures
      speed.c: simplify aggregation of rsa --multi results
      speed.c: simplify aggregation of dsa --multi results
      speed.c: simplify aggregation of ecdsa --multi results
      speed.c: simplify aggregation of ecdh --multi results

DK (1):
      Fixed deadlock in CRYPTO_THREAD_run_once for Windows

Daniel Bevenius (9):
      Fix minor typo in comment in rsa_st
      Correct minor typo in ssl_locl.h comment
      Make BIO_METHOD struct definitions consistent
      Minor improvements to ssl.pod
      Fix minor typo in bio.pod
      Add comments to NULL func ptrs in bio_method_st
      Remove extra `the` in SSL_SESSION_set1_id.pod
      Suggestion for improvements to x509.pod
      Fix minor 'the the' typos

Daniel Kahn Gillmor (1):
      Avoid failing s_server when client's psk_identity is unexpected

Daniël van Eeden (1):
      Fix include in manpage of X509_check_host

Darren Tucker (1):
      DES keys are not 7 days long.

David Benjamin (32):
      Fix math in BN_bn2dec comment.
      Add a basic test for BN_bn2dec.
      Test CBC mode padding.
      Don't test quite so many of them.
      Address review comments.
      Switch back to assuming TLS 1.2.
      Add missing parameter.
      Remove trailing whitespace from some files.
      Fix up bn_prime.pl formatting.
      Implement RSASSA-PKCS1-v1_5 as specified.
      Make RSA_sign.pod less confusing.
      Improve RSA test coverage.
      Don't read uninitialised data for short session IDs.
      Fix typo in x86_64-mont5.pl CFI directives
      Remove duplicate X509_OBJECT free function.
      Numbers greater than 1 are usually non-negative.
      Remove filename argument to x86 asm_init.
      Fix the names of ChaCha20-Poly1305 cipher suites in t1_trce.c.
      Fix comment typo.
      Fix the names of older ciphers.
      Fix some documentation typos.
      Rename SSL_CTX_set_early_cb to SSL_CTX_set_client_hello_cb.
      Fix test documentation.
      Introduce named constants for the ClientHello callback.
      Fix overflow in c2i_ASN1_BIT_STRING.
      Guard against DoS in name constraints handling.
      Allow DH_set0_key with only private key.
      Pretty-print large INTEGERs and ENUMERATEDs in hex.
      Fix chacha-armv4.pl with clang -fno-integrated-as.
      Make BN_num_bits_word constant-time.
      Don't leak the exponent bit width in BN_mod_exp_mont_consttime.
      Fix timing leak in BN_from_montgomery_word.

David Cooper (5):
      Add -rsigopt option to ocsp command
      Make editorial changes suggested by Rich Salz and add the -rsigopt option to the man page for the ocsp command.
      Make editorial changes suggested by Matt Caswell and fixed Travis failures.
      Add documentation for the OCSP_basic_sign() and OCSP_basic_sign_ctx() functions.
      Added "B" tag to all variables.

David Woodhouse (21):
      Fix SSL_export_keying_material() for DTLS1_BAD_VER
      Fix ossl_statem_client_max_message_size() for DTLS1_BAD_VER
      Fix DTLS_VERSION_xx() comparison macros for DTLS1_BAD_VER
      Fix cipher support for DTLS1_BAD_VER
      Make DTLS1_BAD_VER work with DTLS_client_method()
      Fix ubsan 'left shift of negative value -1' error in satsub64be()
      Add basic test for Cisco DTLS1_BAD_VER and record replay handling
      Fix clienthellotest to use PACKET functions
      Kill PACKET_starts() from bad_dtls_test
      Fix satsub64be() to unconditionally use 64-bit integers
      Avoid EVP_PKEY_cmp() crash on EC keys without public component
      Add enginesdir to libcrypto.pc pkg-config file
      Restore '-keyform engine' support for s_client
      Call ENGINE_init() before trying to use keys from engine
      Fix encrypt-then-mac implementation for DTLS
      Add DTLS_get_data_mtu() function
      Add unit test for ssl_cipher_get_overhead()
      Add test cases for DTLS_get_data_mtu()
      Add documentation for DTLS_get_data_mtu()
      Document that PKCS#12 functions assume UTF-8 for passwords

David von Oheimb (3):
      Fix minor type warnings and risk of memory leak in testutil/driver.c
      Fix OCSP_basic_verify() cert chain construction in case bs->certs is NULL
      Various small build improvements on mkdef.pl, progs.pl, crypto/init.c, crypto/mem.c

Davide Galassi (1):
      Avoid the call to OPENSSL_malloc with a negative value (then casted to unsigned)

Diego Santa Cruz (4):
      Fix endless loop on srp app when listing users
      Fix srp app missing NULL termination with password callback
      Make SRP_CTX.info ownership and lifetime be the same as SRP_CTX.login.
      Use memset to clear SRP_CTX instead of NULL and zero assignments

Dmitry Belyavskiy (6):
      Typo fixed
      Added '-nameopt' option to the verify command.
      Provided support for the -nameopt flag in s_client, s_server and s_time     commands.
      Fix memory leak in pkcs12 -export
      Switch command-line utils to new nameopt API.
      NUMERICSTRING support

Dmitry Belyavsky (1):
      Avoid KCI attack for GOST

Dmitry Kostjuchenko (4):
      Compile fix on platforms with missing pthread_rwlock_t.
      Corrections according the review comments.
      Removed tab spaces.     Reviewed-by: Rich Salz <rsalz at openssl.org>     Reviewed-by: Richard Levitte <levitte at openssl.org>     (Merged from https://github.com/openssl/openssl/pull/1981)
      Grouped data declarations [skip ci]     Reviewed-by: Rich Salz <rsalz at openssl.org>     Reviewed-by: Richard Levitte <levitte at openssl.org>     (Merged from https://github.com/openssl/openssl/pull/1981)

Dr. Matthias St. Pierre (24):
      DRBG: clarify difference between entropy counts and buffer lengths
      RAND: Rename the RAND_poll_ex() callback and its typedef
      DRBG: Remove 'randomness' buffer from 'RAND_DRBG'
      Cleanup whitespace in ssl_lib.c (tabs to spaces)
      Fix reseeding issues of the public RAND_DRBG
      Remove unnecessary DRBG_RESEED state
      testutil.h: Remove duplicate test macros
      Add master DRBG for reseeding
      Implement automatic reseeding of DRBG after a specified time interval
      Allocate the three shared DRBGs on the secure heap
      Make DRBG uninstantiate() and instantiate() methods inverse to each other
      crypto/rand: rename drbg_rand.c to drbg_ctr.c
      crypto/rand: restore the generic DRBG implementation
      Improve readability of evp.pod
      Add util/openssl-update-copyright shell script
      Enhance util/openssl-update-copyright shell script
      Fix memory leak in do_rand_drbg_init()
      crypto/rand/rand_lib.c: fix undefined reference to `clock_gettime'
      drbg_bytes: remove check for DRBG_UNINITIALIZED state
      Fix size limitation of RAND_DRBG_bytes()
      Use RAND_DRBG_bytes() for RAND_bytes() and RAND_priv_bytes()
      CRYPTO_THREAD_run_once.pod: fix typo and punktuation
      Document new random generator in NEWS and CHANGES
      Fix whitespace issues in CHANGES and NEWS

Dr. Stephen Henson (374):
      Limit status message sisze in ts_get_status_check
      Free buffer in a2i_ASN1_INTEGER() on error path.
      Sanity check input length in OPENSSL_uni2asc().
      Update documentation for DSA_SIG and ECDSA_SIG.
      Use OIDs from draft-ietf-curdle-pkix-02
      Fix type of ptr field.
      X25519 public key methods
      make errors
      add to build.info
      Add X25519 methods to internal tables
      Update X25519 key format in evptests.txt
      Add point ctrls to X25519
      make update
      Add encoded points to other EC curves too.
      Modify TLS support for new X25519 API.
      Remove old EC based X25519 code.
      Print out names of other temp key algorithms.
      add documentation
      update CHANGES
      Fix no-ec
      Check for errors in BN_bn2dec()
      Check for errors in a2d_ASN1_OBJECT()
      Limit reads in do_b2i_bio()
      Add ASN1_STRING_get0_data(), deprecate ASN1_STRING_data().
      make update
      Corrupt signature earlier.
      Constify ASN1_item_unpack().
      constify X509_ALGOR_get0()
      Constify private key decode.
      Corrupt signature in place.
      Convert X509* functions to use const getters
      Constify X509_get0_signature()
      Constify X509_certificate_type()
      Constify ssl_cert_type()
      Constify X509_SIG.
      make update
      Constify i2a*
      constify i2o_ECPublicKey
      constify X509_REQ_get0_signature()
      Add X509_get0_serialNumber() and constify OCSP_cert_to_id()
      make update
      make update
      Avoid duplicated code.
      Set certificate times in one function.
      Constify certificate and CRL time routines.
      rename ordinals
      make update
      fix warning about trailing comma
      Add X509_getm_notBefore, X509_getm_notAfter
      update ordinals
      Sanity check ticket length.
      Avoid overflow in MDC2_Update()
      Support broken PKCS#12 key generation.
      Add ASN1_ITEM lookup and enumerate functions.
      Add -item option to asn1parse
      ASN1_ITEM should use type name not structure name.
      add item list support to d2i_test
      Print <ABSENT> if a STACK is NULL.
      make update
      SRP code tidy.
      Add SRP test vectors from RFC5054
      fix memory leak
      fix memory leak
      Fix X509_NAME decode for malloc failures.
      Add memory leak detection to d2i_test
      Fix embedded string handling.
      Don't set choice selector on parse failure.
      add test for CVE-2016-7053
      Simplify PKCS#12 PBE algorithm.
      Fix MSBLOB format with RSA.
      Make MSBLOB format work with dsa utility.
      Add conversion test for MSBLOB format.
      Support MSBLOB format if RC4 is disabled
      Add test to check EVP_PKEY method ordering.
      Fix ctrl operation for SHA1/MD5SHA1.
      add CMS SHA1 signing test
      Check input length to pkey_rsa_verify()
      Add RSA PSS tests
      Additional error tests in evp_test.c
      Add function and reason checking to evp_test
      evptests.txt is not a shell script
      Add RSA decrypt and OAEP tests.
      Remove BIO_seek/BIO_tell from evp_test.c
      Cache maskHash parameter
      Add pss field to RSA structure and free it.
      add EVP_PKEY_RSA_PSS
      PSS ASN.1 method
      Use method key type instead of EVP_PKEY_RSA
      Split PSS parameter creation.
      PSS parameter encode and decode.
      RSA-PSS key printing.
      PSS EVP_PKEY method
      Support RSA operations in PSS.
      Digest string helper function.
      Set PSS padding mode for PSS keys.
      Key gen param support.
      Support pad mode get/set for PSS keys.
      Add macros to determine if key or ctx is PSS.
      Don't allow PKCS#7/CMS encrypt with PSS.
      Add rsa_pss_get_param.
      Initial parameter restrictions.
      Add PSS parameter restrictions.
      Return errors PKCS#7/CMS enveloped data ctrls and PSS
      Decode parameters properly.
      Only allow PSS padding for PSS keys.
      Set EVP_PKEY_CTX in SignerInfo
      add parameter error
      make errors
      print errors in pkey utility
      add PSS key tests
      document RSA-PSS algorithm options
      add test for invalid key parameters
      make update
      fix various style issues
      clarify comment
      free str on error
      style issues
      Use more desciptive macro name rsa_pss_restricted()
      Add documentation for PSS control operations.
      fix typo and remove duplicate macro
      Remove unnecessary frees and style fixes.
      Documentation clarification and fixes.
      fix a few more style issues
      Add new ssl_test option.
      Add server temp key type checks
      Add options to check certificate types.
      add ECDSA test server certificate
      Add certificate selection tests.
      Add client cert type tests
      Add support for -1, -2 salt lengths for PSS only keys.
      additional PSS tests for -1 and invalid salt length
      Defines and strings for special salt length values, add tests
      Add options to check TLS signing hashes
      Add signing hash tests
      Use correct signature algorithm list when sending or checking.
      Add server signature algorithm bug test.
      use RSA_PSS_SALTLEN_DIGEST constant
      Use uint16_t for signature scheme.
      More complete PSS support.
      Store peer signature type.
      Add SSL_get_peer_signature_type_nid() function.
      Use shared signature algorithm list to find type.
      Extend TLS 1.3 signature table.
      Support TLS 1.3 signature scheme names.
      make update
      Update documentation
      Add test support for TLS signature types.
      Add tests for client and server signature type
      Use PSS for simple test so TLS 1.3 handhake is successful.
      Fix TLS 1.2 and no sigalgs.
      fix style issues
      Update macros.
      Store table entry to peer signature algorithm.
      Only allow PSS signatures with RSA keys and TLS 1.3
      Add TLS 1.3 signing curve check
      Don't check certificate type against ciphersuite for TLS 1.3
      Add digest and key indices to table.
      Simplify sigalgs code.
      Remove peer_md and use peer_sigalg instead.
      Tidy up Suite B logic
      Cosmetic change
      Add function tls_choose_sigalg().
      Set signature algorithm when choosing cipher
      make errors
      For TLS 1.3 retrieve previously set certificate index
      Remove special case for TLS 1.3.
      Update cipher definition
      Don't filter TLS 1.3 ciphersuites by signing or key exchange algorithm
      Add TLS 1.3 certificate selection tests.
      Add missing MinProtocol/MaxProtocol
      Add SSL_kANY and SSL_aANY
      Add NID_auth_any and NID_kx_any NIDs.
      Add constants to CCM and TLS.
      Add CCM mode support for TLS 1.3
      Use contants for Chacha/Poly, redo algorithm expressions.
      Make EVP_*Final work for CCM ciphers
      Call EVP_CipherFinal in CCM mode for tests.
      Add remaining TLS1.3 ciphersuites
      update test
      Update documentation
      Check index >= 0 as 0 is a valid index.
      Make -xcert work again.
      add ssl_has_cert
      Change tls_choose_sigalg so it can set errors and alerts.
      Add sigalg for earlier TLS versions
      Use cert_index and sigalg
      Simplify tls_construct_server_key_exchange
      Use CERT_PKEY pointer instead of index
      Skip curve check if sigalg doesn't specify a curve.
      Set current certificate to selected certificate.
      Fix warning
      Add client side support to tls_choose_sigalg.
      Use tls_choose_sigalg for client auth.
      Add ECDSA client certificates
      Add client auth TLS 1.3 certificate selection tests
      Add and use function test_pem to work out test filenames.
      Add DSA support to mkcert.sh
      Add DH parameters, DSA cert and key
      add DSA cert tests
      Explicitly disallow DSA for TLS 1.3
      remove md array: it is not used any more.
      Set default validity flags.
      Add no siglags test for ECDSA certificate
      Check validity, not just signing for all certificates
      Tidy up certificate type handling.
      Add P-384 root and P-384, P-256 EE certificates.
      Add Suite B tests
      Add SuiteB support to tls_choose_sigalg()
      EC certificate with compression point
      Reject compressed point format with TLS 1.3
      For TLS 1.3 reject SHA1 TLS signatures
      Add tests for SHA1 and EC point compression
      Print signature type to out, not bio_err
      Add trace entries for remaining TLS 1.3 ciphersuites
      Add entry for PSK extension
      Print numerical value of named roups
      Add ffdhe groups to trace output
      print out alpn extension
      TLS 1.3 support for ssl_print_ticket()
      Add missing blank lines and cosmetic improvements
      Initial incomplete TLS 1.3 certificate request support.
      Trace support for TLS 1.3 certificate request message
      Remove ancient demoCA directory
      Remove wp_test.c: exactly the same tests are in evptests.txt
      Remove more redundant tests: md4, md5, rmd, rc4, p5_crpt2
      Revert rc4test removal, it performs additional tests not in evptests.txt
      Don't allow DSA for TLS 1.3
      Disallow zero length signature algorithms
      Signature algorithm enhancement.
      Set specific error is we have no valid signature algorithms set
      Update and add test
      Add additional RSA-PSS and RSA-OAEP tests.
      Remove obsolete version test when returning CA names.
      Add ExpectedClientCANames
      Add Client CA names tests
      Move parsing and construction of CA names to separate functions
      Allow signature algorithms in TLS 1.3 certificate request extensions.
      Support draft-19 TLS certificate request format
      Implement certificate_authorities extension
      fix typo
      Add X25519 doc
      update README
      New certificate_authorities functions
      SSL_CONF support for certificate_authorities
      Add extensions to debug list
      Add requestCAfile option
      Don't use client specific functions to retrieve CA list
      Print CA names in s_server, add -requestCAfile to s_client
      Constify SSL_dup_CA_list()
      Add ExpectedServerCANames
      Add certificate_authorities tests client to server.
      Document new ssl(3) functions and options.
      update ordinals
      Add support for custom signature parameters
      Use X509_get_signature_info() when checking security levels.
      Add custom sig_info setting for RSA-PSS
      Add certificates with PSS signatures
      Add PSS certificate signature tests
      Update documentation
      make update
      Fix no-ec
      Add EVP_DigestSign and EVP_DigesVerify
      make update
      Add support for multiple update calls in evp_test
      Add tests
      remove duplicate tests
      Add tests in evp_test for EVP_Digest{Sign,Verify}{Init,Update,Final}
      Add test support for "oneshot" versions EVP_DigestSign, EVP_DigestVerify.
      Add test data for EVP_DigestSign/EVP_DigestVerify tests.
      move comments to same line as fields
      Don't use one shot API for SSLv3.
      Add support for custom digestsign/digestverify methods.
      Allow NULL md for custom signing methods
      make errors
      Add Ed25519 algorithm.
      Make Ed25519 consistent with X25519
      Add EdDSA algorithm OIDs from draft-ietf-curdle-pkix-04
      Add ED25519 ASN.1 method
      add method
      ED25519 public key method.
      make errors
      Add RFC8032 tests and additional cases
      Add ED25519 as signature OID
      Add custom ASN.1 sign and verify
      make errors
      Add custom sig_info_set for ED25519
      Add Ed25519 verify test.
      no-ec fix
      Add Ed25519 documentation
      Clear sensitive data in ED25519_sign
      Fix define to match documentation
      Move and update RSA-PSS documentation.
      Recognise Ed25519 in X509_certificate_type
      Use X509_get_signature_info to get signature strength.
      Add index for ED25519
      Add Ed25519 to signature algorithm table
      Add Ed25519 signature algorithm
      Handle signature algorithms with no associated digest
      Add Ed25519 to trace output
      Print Ed25519 in s_client/s_server
      Convert key exchange to one shot call
      Allow Ed25519 in TLS 1.2
      Ed25519 support for mkcert.sh
      Add Ed25519 EE certificates
      Add Ed25519 TLS 1.3 and 1.2 tests
      Update test config file
      Use EVP_PKEY_X25519, EVP_PKEY_ED25519 instead of NIDs where appropriate.
      Fix build with no-threads no-ec
      Add certificate properties table.
      Add SSL_aCERT: this is used for any ciphersuite with a certificate.
      Replace tls12_get_pkey_idx
      Use certificate tables instead of ssl_cipher_get_cert_index.
      Use certificate tables instead of ssl_cert_type
      Use cert tables instead of X509_certificate_type
      make errors
      Use cert tables in ssl_set_sig_mask
      Add additional ECDSA/Ed25519 selection tests.
      Move certificate table to header file so it can be tested.
      Add sanity test for certificate table
      Set maskHash when creating parameters.
      Typo: should check mgf1md
      Add keygen test to evp_test
      Add keygen test data
      Add public key method enumeration function.
      Add list -public-key-methods
      make update
      Allow use of long name for KDFs
      Set randomness buffer pointer in get_entropy calls.
      Add entropy sanity check
      Use passed drbg, not global one
      Add predicatable RAND_METHOD to test ENGINE
      Support CMS decrypt without a certificate for all key types
      Add test for ECDH CMS key only
      Fix no-ec
      Add alternative CMS P-256 cert
      no-ec2m fixes
      Correct GCM docs.
      Add RSA-PSS key certificate type.
      Allow RSA certificates to be used for RSA-PSS
      Allow use of RSA-PSS certificates in TLS 1.2
      Add RSA-PSS test certificates
      Add RSA-PSS certificate type TLS tests
      Store groups as uint16_t
      Remove dhparam from SSL_CONF list.
      Return correct Suite B curve, fix comment.
      Return group id in tls1_shared_group
      Rename tls_curve_info to TLS_GROUP_INFO, move to ssl_locl.h
      Replace tls1_ec_curve_id2nid.
      New function ssl_generate_param_group
      Rewrite compression and group checks.
      Rename tls1_get_curvelist.
      Use tls1_group_id_lookup in tls1_curve_allowed
      Add and use function tls1_in_list to avoid code duplication.
      Use separate functions for supported and peer groups lists
      Change curves to groups where relevant
      Merge tls1_check_curve into tls1_check_group_id
      Don't ignore passed ENGINE.
      Fix memory leak on lookup failure
      Add EVP_PKEY_set1_engine() function.
      make update
      Add EVP_PKEY_METHOD redirection test
      Document EVP_PKEY_set1_engine()
      Support constant BN for DH parameters
      Add primes from RFC7919
      DH named parameter support
      Add objects for RFC7919 parameters
      Add RFC7919 support to EVP
      Don't assume shared key length matches expected length
      Add pad support
      Add RFC7919 tests.
      Add RFC7919 documentation.
      make update

Dániel Bakai (1):
      Added appropriate OPENSSL_NO_STDIO to PKCS12 header

EasySec (8):
      dtl_mtu_test doesn't follow BIO_* conventions and make Windows build fail
      When no SRP identity is found, no error was reported server side
      Replace the 'SSL' broken link with SSL_CTX_set_security_level which seems not being referenced from elsewhere
      Update s_client and s_server documentation about some missing arguments
      Fix list -disabled for blake2 alg
      set_hex() behaviour change
      Cleaning secret data after use
      fix compile error 'intrinsic function not declared'

Emeric Brun (1):
      Fix async engine pause dead lock in error case.

Emilia Kasper (42):
      Add a coverage target
      Add --gcov-options '\-lp' to coverage
      Reorganize SSL test structures
      Fix ALPN tests when NPN is off
      NPN and ALPN: test resumption
      SSL test ctx: fix tests
      CT: fix documentation
      SSL tests: port CT tests, add a few more
      Add TEST_check
      Gracefully free a NULL HANDSHAKE_RESULT
      Don't attempt to load the CT log list with no-ec
      SSL tests: send some application data
      Port multi-buffer tests
      Test that the peers send at most one fatal alert
      Indent ssl/
      Add more details on how to add a new SSL test
      TEST_check macro: don't end with semi
      testutil: always print errors on failure
      Don't create fixtures for simple tests
      Simplify tests part 2
      Add main() test methods to reduce test boilerplate.
      Run BoringSSL tests on Travis
      Test mac-then-encrypt
      X509 time: tighten validation per RFC 5280
      Remove methtest.c
      Remove dead code in crypto/pkcs7
      Remove debugging leftovers in apps/opt.c
      Remove BN_DEBUG_TRIX
      Clean up references to FIPS
      More Configure cleanup. Remove     - util/incore     - util/fipslink.pl     - the unused "baseaddr" configure switch
      Remove support for HMAC_TEST_PRIVATE_KEY_FORMAT
      Remove memcpy unrolling in bn_lib.c
      Remove some obsolete/obscure internal define switches:
      Port SRP tests to the new test framework
      Port remaining old DTLS tests
      Update master Travis to Trusty
      Add documentation for X509 time functions
      X509_cmp_time.pod: fix doc nits
      asynctest: don't depend on apps
      cipherbytes_test: remove unused includes
      Remove resolved TODO
      RSA_padding_check_PKCS1_type_2 is not constant time.

Erwann Abalea (1):
      Add some OID's from X.520

FdaSilvaYY (84):
      Constify ASN1_INTEGER_get, ASN1_ENUMERATED_get
      Constify two internal methods     - append_ia5     - old_entry_print
      Constify input buffer
      Constify inputs of two X509_LOOKUP_METHOD methods
      Constify some ASN1_OBJECT *obj input parameters
      Pack globals variables used to control apps/verify_callback()
      Fix doc and help about ca -valid option
      two typo fixes
      Relocalise some globals variables
      Improve error message
      Simplify and add help about OPT_PVK* options
      Constify char* input parameters in apps code
      Small nits and cleanups
      Allow to run all speed test when async_jobs active
      Duplicate includes
      Fix loopargs_t object duplication into ASYNC context
      Closing output file from inside the loop who open it
      Constify ASN1_PCTX_*
      Constify some inputs buffers
      Constify some input parameters.
      Constify some X509_NAME, ASN1 printing code
      Constify a bit X509_NAME_get_entry
      Fix some magic values about revocation info type...
      Remove an useless definition.
      Constify code about X509_VERIFY_PARAM
      Update INSTALL about no-md5 removal
      Fix various missing option help messages ...
      Remove an option related to a deprecated flag
      Add some missing types to indent.pro
      Fix copy-paste test labels
      Constify command options
      Fix style issue
      Fix not-c code
      Add error checking, small nit on ouput
      Allow null in  X509_CRL_METHOD_free
      Missing BN_RECP_CTX field init.
      Simplify and clean X509_VERIFY_PARAM new/free code.
      Simplify and fix usage of three string array variable...
      Introduce PATH_MAX and NAME_MAX
      Missing free item on push failure
      Raise an error on memory alloc failure.
      Clean one unused variable, plus an useless one.
      Clean dead macros and defines
      Fix use before assignment
      Fix some extra or missing whitespaces...
      Few nit's
      Fix some style and indent issue     simplify some code.
      Fix a few misspellings.
      Typo, fix a comment
      Fix a few double ;
      Fix a few typos     [skip ci]
      Simplify code around next_proto.len by changing 'len' data type.
      Fix a few more typos
      Spelling fixes
      Refomat a few comments on 80 cols
      Fix 0 -> NULL, indentation
      More typo fixes
      Add a 'max_send_frag' option to configure maximum size of send fragments
      Output prog name within error message
      Add checks on return code when applying some settings.     Remove hardcoded bound checkings.
      Declare a new x509v3 extension: x509ExtAdmission
      Fix some Typos and indents
      Fix some typo and comments     [skip ci]
      Fix overzealous cleanup command
      [Win] Fix some test method signatures ...
      Fix two MSVC warnings in apps.c
      fix some typos
      SSL Trace improvements
      Postpone allocation of STACK internal storage ... until a first push(),     insert() or an explicit call to OPENSSL_sk_reserve
      Use more pre-allocation
      Some cleanups to apps/ca.c
      Implement Maximum Fragment Length TLS extension.
      style : fix some if(...
      Various typo
      Fix possible leaks on sk_X509_EXTENSION_push() failure ...
      remove magic number
      Factorise duplicated code.
      Fix AppVeyor/VC build failure
      Fix docs for EVP_EncryptUpdate and EVP_DecryptUpdate
      Fix an incoherent test.
      Address some code-analysis issues.
      Useless conf != NULL test
      Small simplification in mkerr.pl

Finn Hakansson (1):
      Fix typo.

Frank Morgner (1):
      Added error checking for OBJ_create

Gaétan Njinang (1):
      'openssl passwd' command can now compute AIX MD5-based passwords hashes.

Geoff Thorpe (3):
      bn: fix BN_DEBUG + BN_DEBUG_RAND support
      bn: catch negative zero as an error
      bn: fix occurances of negative zero

Gergely Nagy (2):
      Fix compilation when using MASM on x86
      PBKDF2 computation speedup (15-40%)

Graham Edgecombe (1):
      Return success in custom_ext_parse_old_cb_wrap if parse_cb is NULL

Greg Zaverucha (1):
      Fix sample code

Guido Vranken (4):
      Prevent overflows in stack API
      Prevent allocations of size 0 in sh_init, which are not possible with the default OPENSSL_zalloc, but are possible if the user has installed their own allocator using CRYPTO_set_mem_functions. If the 0-allocations succeeds, the secure heap code will later access (at least) the first byte of that space, which is technically an OOB access. This could lead to problems with some custom allocators that only return a valid pointer for subsequent free()-ing, and do not expect that the pointer is actually dereferenced.
      Prevents that OPENSSL_gmtime incorrectly signals success if gmtime_r fails, and that struct* tm result's possibly uninitialized content is used
      Remove obsolete comment

Hannes Magnusson (1):
      Remove redundant decl of 509_STORE_set_flags

Hikar (1):
      Removed ugly size_t less than zero check.

HorimotoYasuhiro (1):
      CLA: trivial

Hubert Kario (8):
      fix OSSL_STORE man pages
      pkcs12.c better formatting for unsupported params
      more info about PKCS#12 structure MAC
      make scrypt ASN.1 parameter functions public
      nicer formatting for MAC info
      handle scrypt PBKDF in PKCS#12 files info
      add basic references to the new methods in documentation
      doc: note that the BN_new() initialises the BIGNUM

Ian Spence (1):
      Fix function documentation

Iaroslav Gridin (7):
      Add AES-ECB and 3DES-ECB to cryptodev
      Remove non-functional CRYPTO_AES_CTR ifdef disabling AES-CTR in cryptodev
      Remove unused ret variable
      Style the code
      Remove commented-out HMAC code
      fix for BSD cryptodev
      use EVP_CIPHER_CTX_ functions instead of accessing EVP_CIPHER_CTX internals

Jack Lloyd (1):
      SM3: Add SM3 hash function

Jacob Hoffman-Andrews (1):
      Clarify error for unrecognized arguments.

Jakub Jelen (2):
      ECDSA_* is deprecated. EC_KEY_* is used instead
      doc: Bad prototypes of EVP_PKEY_CTX_new()

Jakub Zelenka (1):
      Never return -1 from BN_exp

JimC (3):
      Ignore windows generated manifests
      Documented BIO_set_accept_port()/BIO_get_accept_port()

JitendraLulla (4):
      extending afalg with aes-cbc-192/256, afalgtest.c also updated accordingly. comments from matt, Stephen considered
      fix  --strict-warnings
      make get_cipher_handle static
      putting the missing static

Johannes Bauer (15):
      Fix const correctness of EC_KEY_METHOD_get_*
      Set error when HKDF used without parameters
      More error handling to HKDF and one more case in TLS1-PRF
      Changed use of EVP_PKEY_CTX_md() and more specific error codes
      Added differentiation between missing secret and missing seed
      Fix indentation
      Fix typo in HKDF example documentation
      Small typo in manpage of x509(1)
      Add interface to the scrypt KDF by means of PKEY_METHOD
      Add PKEY_METHOD macro tests
      Add documentation for the scrypt PKEY_METHOD
      Fix building without scrypt
      Clarify CLI OCSP documentation
      Fix coding style of EVP_PKEY_CTX_ctrl_uint64
      Add PKEY_CTX setter tests for TLS1-PRF

Jon Spillett (27):
      Check for zero records and return immediately
      Exit the loop on failure
      Add Python Cryptography.io external test suite
      Add documentation for SSL version methods
      Add documentation for SSL_*_ex_data() functions
      Typo in SSL_CONF_CTX_set_flags.pod
      Typo in SSL_CONF_CTX_set1_prefix.pod - change SSL_CTX_cmd to SSL_CONF_cmd
      Typo in SSL_CONF_cmd_argv.pod
      SSL_CTX_use_PrivateKey_file uses private key, not certificate
      Tidy up the SSL options in SSL_CTX_set_options.pod
      Typo in SSL_CTX_sess_number.pod - started
      Add documentation for SNI APIs
      Add SSL_dup description
      Fix for #2730. Add CRLDP extension to list of supported extensions
      Convert exdata tests to new test framework
      Convert RSA tests to new framework
      Updates after code review
      Remove seed completely...
      Convert blowfish tests to new framework
      Code review. Split tests up
      Remove unused variable. Thanks @pauli-oracle
      Change 64-bit time type for windows
      Converted the bio_enc tests to use new test framework.
      Update pyca-cryptography to latest commit
      [extended tests] Add steps to update an external test suite
      Fix potential null pointer dereference in ARIA implementation
      Implement Aria GCM/CCM Modes and TLS cipher suites

Jonathan Protzenko (1):
      Fix speed command for alternation of ciphers and digests.

Joseph Birr-Pixton (3):
      TLS1.3: Correct intermediate secret derivation
      Update test vectors in tls13secretstest
      Improve testing of elliptic curve validation

Josh Soref (5):
      Fix spelling errors in CMS.
      mark V_ASN1_PRIMATIVE_TAG as compat
      Fix spelling errors in manpages
      improve comment: use "optimization" for clarity     The previous word was a misspelling of nicety
      Many spelling fixes/typo's corrected.

KaoruToda (5):
      Since return is inconsistent, I removed unnecessary parentheses and     unified them.     - return (0); -> return 0;     - return (1); -> return 1;     - return (-1); -> return -1;
      Remove parentheses of return.
      Various clean-ups
      Remove duplicate assignment.
      apps/s_client.c: add missing null check     apps/s_server.c: remove unnecessary null check

Kazuki Yamaguchi (8):
      Fix overflow check in BN_bn2dec()
      Expose alloc functions for EC{PK,}PARAMETERS
      Fix a memory leak in EC_GROUP_get_ecparameters()
      Add missing flags for EVP_chacha20()
      Properly zero cipher_data for ChaCha20-Poly1305 on cleanup
      Fix a typo in the SSL_get_max_early_data() declarations
      Fix BN_print()
      Do not lookup zero-length session ID

Keigo Tanaka (1):
      Added mysql as starttls protocol.

Ken Goldman (1):
      RSA_get0_ functions permit NULL parameters

Keshav Kini (1):
      Fix typos

Konstantin Shemyak (1):
      Corrected 'cms' exit status when key or certificate cannot be opened

Kurt Roeckx (80):
      Fix spelling of error code
      Fix off by 1 in ASN1_STRING_set()
      Test the support curves in tls
      Update fuzz corpora
      Update fuzz corpora
      Add a github pull request template
      conf fuzzer: also check for an empty file
      Cast to an unsigned type before negating
      Update fuzz corpora
      Add support for reference counting using C11 atomics
      Fix name of "locked" variable
      Make SSL_read and SSL_write return the old behaviour and document it.
      Add missing -zdelete for some linux arches
      coveralls: Use gcov-5 since we build it using gcc-5
      Fix formatting of fuzzers
      FuzzerInitialize always exists
      Add a FuzzerClean() function
      asn1parse: create the out bio during init, free it during cleanup
      bignum fuzzer: move new and free calls to the init and cleanup function.
      bndiv fuzzer: move new and free calls to the init and cleanup function.
      Use 8bit-counters when using libfuzzer
      Make the random number generator predictable when fuzzing.
      CMS fuzzer: also use id2
      Move libfuzzer sanitizer options to README
      Make the fuzzers more reproducible
      travis: Use no-shared for the FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION targets
      Also set the CXXFLAG to the user supplied flags
      Make asn1 fuzzer more reproducible
      Make the predictable numbers start from 1
      And client fuzzer
      Fuzz corpora update
      Only call memcpy when the length is larger than 0.
      Update client fuzzer corpus
      Update client fuzz corpus
      Don't call memcpy with NULL as source
      Enable TLS1.3 and PEDANTIC in the coverage target
      Document the recommended parameters for fuzzing
      Make client and server fuzzer support all ciphers
      Fix memory leak in tls_parse_stoc_key_share
      Update fuzz corpora
      server fuzzer: add support for DSA and ECDSA
      Make rand_add predictable when fuzzing
      Update fuzz documentation
      Make the bignum fuzzer reproducible
      Make client and server fuzzer reproducible
      Update fuzz corpora
      Print the X509 version signed, and convert to unsigned for the hex version.
      Fix undefined behaviour when printing the X509 serial
      Fix VC warnings about unary minus to an unsigned type.
      Fix undefined behaviour when printing the X509 and CRL version
      Add missing braces.
      Update client and server corpus
      Use memcmp() instead of CRYPTO_memcmp() when fuzzing
      Revert "Use memcmp() instead of CRYPTO_memcmp() when fuzzing"
      Update client, server and x509 fuzz corpus
      Implement SSL_read_ex() and SSL_write_ex() as documented.
      Fix duplicate error codes
      Fix double free in cookie generation.
      Make the CRYPTO_memcmp() prototype match memcmp()
      Use memcmp() instead of CRYPTO_memcmp() when fuzzing
      Switch libfuzzer to use trace-pc-guard
      Make x509 and asn1 fuzzer reproducible
      Document how to update the corpus.
      Use a fixed time when fuzzing.
      Optionally check for early data
      Add missing commas in pod files
      Update fuzz corpora
      Don't auto-instantiate a DRBG when trying to use it and it's not
      Make the global DRBGs static
      Use curve_id not the nid
      Use size of entries, not size of the pointer.
      Only reset the ctx when a cipher is given
      Update location of the libfuzzer repository
      Don't turn b2 negative
      ASN1 fuzzer: Use d2i_TYPE / i2d_TYPE functions
      Update asn1 and x509 corpora
      Create a prototype for OPENSSL_rdtsc
      Fix comment about undefined behavior of constant_time_msb
      Add RAND_DRBG_bytes

Lingmo Zhu (2):
      Remove the obsolete misleading comment and code related to it.
      remove horrible pragma macro and remove __owur from SSL_CTX_add_session() declaration

Long Qin (1):
      lhash.c: Replace Unicode EN DASH with the ASCII char '-'.

Lukasz Pawelczyk (1):
      Restore EVP_CIPH_FLAG_LENGTH_BITS working properly

Luke Faraone (1):
      Add support for using engine-backed keys in spkac

Marek Klein (3):
      explicitText encoding
      Added support for ESSCertIDv2
      fixing incorrect OID of signingCertificateV2     Reviewed-by: Kurt Roeckx <kurt at openssl.org>     Reviewed-by: Rich Salz <rsalz at openssl.org>     (Merged from https://github.com/openssl/openssl/pull/3538)

Markus Sauermann (1):
      Adjusted Argument Indices     CLA: trivial

Markus Triska (4):
      Fix reference to SSL_set_max_proto_version.
      replace "will lookup up" by "will look up"
      Correct reference to SSL_get_peer_cert_chain().
      correct 3 mistakes

Martin Peylo (1):
      Adding NID_hmac_sha1 and _md5 to builtin_pbe[]

Mat (1):
      Do not set load_crypto_strings_inited when OPENSSL_NO_ERR is defined

Matt Caswell (1054):
      Prepare for 1.1.0-pre7-dev
      Address feedback on SSLv2 ClientHello processing
      Send an alert if we get a non-initial record with the wrong version
      Add some SSLv2 ClientHello tests
      Address feedback on SSLv2 ClientHello processing
      Remove a stray unneeded line in 70-test_sslrecords.t
      Ensure we unpad in constant time for read pipelining
      Provide compat macros for SSL_CTX_set_ecdh_auto() and SSL_set_ecdh_auto()
      Convert TS_STATUS_INFO* functions to use const getters
      Convert PKCS8* functions to use const getters
      Convert SSL_SESSION* functions to use const getters
      Convert OCSP* functions to use const getters
      Make X509_NAME_get0_der() conform to OpenSSL style
      Convert X509_CRL* functions to use const getters
      Convert X509_REVOKED* functions to use const getters
      Add a (D)TLS dumper BIO
      Add a DTLS packet mem BIO
      Split create_ssl_connection()
      Add a DTLS unprocesed records test
      Fix DTLS unprocessed records bug
      Add DTLS replay protection test
      Fix DTLS replay protection
      Fix some clang warnings
      Update function error code
      Convert PKCS12* functions to use const getters
      Fix enable-zlib
      Fix DTLS buffered message DoS attack
      Prevent DTLS Finished message injection
      Choose a ciphersuite for testing that won't be affected by "no-*" options
      Fix no-des
      Fix leak on error in tls_construct_cke_gost
      Ensure CT_POLICY_EVAL_CTX_free behaves properly with a NULL arg
      Ensure the mime_hdr_free function can handle NULLs
      Fix mem leak on error path
      Fix mem leak on error path
      Fix mem leak on error path
      Check for malloc error in bn_x931p.c
      Check for error return from ASN1_object_size
      Sanity check an ASN1_object_size result
      Remove some dead code
      Add some sanity checks when checking CRL scores
      Fix bio_enc_test
      Fix no-sock
      Fix some resource leaks in the apps
      Remove useless assignment
      Remove some dead code from rec_layer_s3.c
      Fix no-ec2m
      Clarify the error messages in 08f6ae5b28
      Fix an uninitialised read on an error path
      Fix uninit read in sslapitest
      Remove note from CHANGES about EC DRBG
      Ensure the CertStatus message adds a DTLS message header where needed
      Add some CertStatus tests
      Ensure trace recognises X25519
      Fix mem leaks during auto-deinit
      util/shlib_wrap.sh is now auto-generated so tell git to ignore it
      First pass at writing a writeable packets API
      Convert tls_construct_client_hello() to use PACKETW
      Rename PACKETW to WPACKET
      Move from explicit sub-packets to implicit ones
      Add WPACKET_sub_memcpy() function
      Various bug fixes and tweaks to WPACKET implementation
      Ensure the WPACKET gets cleaned up in the event of an error
      Add tests for the WPACKET implementation
      Move the WPACKET documentation comments to packet_locl.h
      Simplify the overflow checks in WPACKET_allocate_bytes()
      Address WPACKET review comments
      Add some soft asserts where applicable
      Pull out some common packet code into a function
      Remove else after a return in packet code
      Fix a few style nits in the wpacket code
      Abort on unrecognised warning alerts
      Convert CKE construction to use the WPACKET API
      Add a WPACKET_sub_allocate_bytes() function
      Make wpackettest conform to style rules
      Encourage use of the macros for the various "sub" functions
      Add some sanity checks around usage of t_fromb64()
      Fix OCSP_RESPID processing bug introduced by WPACKET changes
      Revert "Abort on unrecognised warning alerts"
      Convert num_alloc to a size_t in stack.c and tweak style
      Convert ClientVerify Construction to WPACKET
      Convert Certificate message construction to WPACKET
      Convert NextProto message construction to WPACKET
      Style tweaks following review feedback
      Convert Finished construction to WPACKET
      Convert CCS construction to WPACKET
      Convert WPACKET_put_bytes to use convenience macros
      Fix a missing NULL check in dsa_builtin_paramgen
      make update and fix some associated mis-matched error codes
      Don't allow too many consecutive warning alerts
      Don't leak on an OPENSSL_realloc() failure
      Excessive allocation of memory in tls_get_message_header()
      Excessive allocation of memory in dtls1_preprocess_fragment()
      Fix OCSP Status Request extension unbounded memory growth
      Add the ability to set OCSP_RESPID fields
      Add OCSP_RESPID_match()
      Add some more OCSP testing
      Fix a mem leak in NPN handling
      Fix a hang with SSL_peek()
      Updates CHANGES and NEWS for new release
      Add warning about a potential pitfall with WPACKET_allocate_bytes()
      Convert HelloVerifyRequest construction to WPACKET
      Add a test for large messages
      Fix a WPACKET bug
      Fix Use After Free for large message sizes
      Updates CHANGES and NEWS for new release
      Fix HelloVerifyRequest construction
      Fix some mem leaks in sslapitest
      Convert HelloRequest construction to WPACKET
      Fix a bug in Renegotiation extension construction
      Add support for testing renegotiation
      Update README.ssltest.md
      Extend the renegotiation tests
      Add DTLS renegotiation tests
      Fix no-dtls
      Fix an Uninit read in DTLS
      Convert ServerHello construction to WPACKET
      Delete some unneeded code
      Fix heartbeat compilation error
      Fix a bug in the construction of the ClienHello SRTP extension
      Address style feedback comments
      Convert CertificateRequest construction to WPACKET
      Remove tls12_copy_sigalgs_old()
      Add the WPACKET_reserve_bytes() function
      Convert ServerKeyExchange construction to WPACKET
      Fix a bug in CKE construction for PSK
      Address style feedback comments
      Add an example of usage to the WPACKET_reserve_bytes() documentation
      Fix an mis-matched function code so that "make update" doesn't fail
      Fix missing NULL checks in NewSessionTicket construction
      Convert SeverDone construction to WPACKET
      Fix mis-named macro in packet_locl.h
      Convert CertStatus message construction to WPACKET
      Fix an error in packet_locl.h
      Convert NewSessionTicket construction to WPACKET
      Remove the tls12_get_sigandhash_old() function
      Remove ssl_set_handshake_header()
      Rename ssl_set_handshake_header2()
      Move init of the WPACKET into write_state_machine()
      Don't set the handshake header in every message
      Harmonise setting the header and closing construction
      Remove the special case processing for finished construction
      Move setting of the handshake header up one more level
      Add a typedef for the construction function
      Fix linebreaks in the tls_construct_client_certificate function
      Use clang++ for C++ for the linux-x86_64-clang target
      Ensure we handle len == 0 in ERR_err_string_n
      Allow older versions in the *.num files
      Provide a cross-platform format specifier (OSSLzu) for printing size_t
      A zero return from BIO_read()/BIO_write() could be retryable
      Add a test for BIO_read() returning 0 in SSL_read() (and also for write)
      Fix a double free in ca command line
      Create BIO_read_ex() which handles size_t arguments
      Create BIO_write_ex() which handles size_t arguments
      Ensure all BIO functions call the new style callback
      Document the new BIO functions introduced as part of the size_t work
      Fix some bogus uninit variable warnings
      Fix a shadowed variable declaration warning
      Read up to INT_MAX when calling legacy BIO_read() implementations
      Ensure that BIO_read_ex() and BIO_write_ex() only return 0 or 1
      Tweaks based on review feedback of BIO size_t work
      More parameter naming of BIO_read*/BIO_write* related functions
      Add some sanity checks for BIO_read* and BIO_gets
      Fix some feedback issues for BIO size_t-ify
      Fix more shadowed variable warnings
      Fix stdio build following BIO size_t work
      Add the SSL_METHOD for TLSv1.3 and all other base changes required
      Use ciphersuite id when matching if we've got one
      Update Configure to know about tls1_3
      Convert a big "if" into a "switch"
      Make sure ossltest engine works with TLS1.3
      Enable TLSProxy to talk TLS1.3
      Fix some style issues in ossltest
      Fix read_ahead
      Add a read_ahead test
      Fail if an unrecognised record type is received
      Add a test for unrecognised record types
      Add a CHANGES entry for the unrecognised record type change
      Partial revert of 3d8b2ec42 to add back DSO_pathbyaddr
      Add a DSO_dsobyaddr() function
      Ensure that libcrypto and libssl do not unload until the process exits
      Add a test to dynamically load and unload the libraries
      Link using -znodelete
      Implement GET_MODULE_HANDLE_EX_FLAG_PIN for windows
      Integrate BoringSSL shim
      Add a test to call the BoringSSL test suite
      Rebase shim against latest boringssl code
      Add ossl_shim to .gitignore
      Add a shim config file
      Control building of ossl_shim through Configure
      Add a comment to 90-test_external.t to explain why we need filter_run
      Fix some unused variable warnings in ossl_shim
      Add -std=c++11 to CXXFLAGS
      Add documentation on the BoringSSL test suite integration
      Remove test/ossl_shim/Makefile
      Fix argument order in documentation
      Remove some #if 0'd out code
      Remove some unreferenced fields from TestState
      Remove unused BoringSSL specific flags
      Use the -allow-unimplemented feature of the BoringSSL runner
      Remove some flags that are unused in the shim
      Removed scoped_types.h
      Remove some #if 0'd out code
      Fix a code inconsistency
      Update the BoringSSL suppressions file based on the latest shim
      Add missing bn.h include
      Swap header copyrights to standard OpenSSL
      Add a wildcard exception for TLS13 tests
      Remove an unused field in ossl_shim
      Convert record layer to use size_t
      Further libssl size_t-ify of reading
      Convert libssl writing for size_t
      Convert SSL3_RECORD_clear() and SSL3_RECORD_release() to size_t
      Convert some misc record layer functions for size_t
      Convert ssl3_cbc_digest_record for size_t
      Convert various mac_secret_size usage to size_t
      Convert master_secret_size code to size_t
      Convert session_id_length and sid_ctx_len to size_t
      Update numerous misc libssl fields to be size_t
      Update cookie_len for size_t
      Convert some libssl local functions to size_t
      Update misc function params in libssl for size_t
      Resolve some outstanding size_t related TODOs
      Fix some missed size_t updates
      Convert SSL BIO to use SSL_write_ex().
      Add some PACKET functions for size_t
      Fix some ssl3_record code witch converstion to/from size_t
      Convert the mac functions to just return 1 for success and 0 for failure
      Fix misc size_t issues causing Windows warnings in 64 bit
      Now that we can use size_t in PACKET lets use it
      Ensure HMAC_size() handles errors correctly
      Provide some constant time functions for dealing with size_t values
      Remove a stray TODO that has already been fixed
      Document the newly added SSL functions
      Fix some clashing symbol numbers due to merge conflict
      Fix some bogus warnings about uninitialised variables
      Fix style issues in HMAC_size()
      Updates various man pages based on review feedback received.
      Clarify the return values for the peek functions
      Ensure SSL_DEBUG works following size_t changes
      Test the size_t constant time functions
      Document the HMAC_size() function
      Fix a shadowed variable declaration warning picked up by Travis
      Clarify the return values for SSL_read_ex()/SSL_write_ex()
      Rename all "read" variables with "readbytes"
      Tweak the SSL_read()/SSL_write() text based on feedback received.
      Fix some style issues from libssl size_tify review
      Fix a missed size_t variable declaration
      Always ensure that init_msg is initialised for a CCS
      Correct the Id for the TLS1.3 ciphersuite
      test_sslcbcpadding only makes sense <TLS1.3
      Ignore the record version in TLS1.3
      Add a test for the wrong version number in a record
      Partial revert of "Fix client verify mode to check SSL_VERIFY_PEER"
      Fix zlib BIO_METHOD for latest BIO_METHOD structure changes
      Refactor ClientHello processing so that extensions get parsed earlier
      Handle compression methods correctly with SSLv2 compat ClientHello
      Fix a memory leak in the ClientHello extension parsing
      Use an explicit name for the struct for definition of RAW_EXTENSION
      Fix various style issues in the extension parsing refactor
      Improve some comment documentation following the extensions refactor
      Fix make update following extensions refactor
      Add some function documentation and update some existing comments
      Fix some minor style issues
      Rename clienthello.version to clienthello.legacy_version
      Load the sessionid directly in SSLv2 compat ClientHello
      Move setting the session_id_len until after we filled the session_id
      Swap back to using SSL3_RANDOM_SIZE instead of sizeof(clienthello.random)
      Update a comment
      Make some CLIENTHELLO_MSG function arguments const
      Update HKDF to support separte Extract and Expand steps
      Following the changes to HKDF to accept a mode, add some tests for this
      Add some documentation for the new HKDF modes
      Add support for initialising WPACKETs from a static buffer
      Add support for TLS1.3 secret generation
      Add a test for the TLS1.3 secret generation
      Ensure the key and iv labels are declared as static
      Add the ability to send the supported_versions extension
      Ensure that the -trace option can interpret the supported_versions extension
      Add server side support for supported_versions extension
      Update TLS1.3 draft version numbers for latest draft
      Add a test for the supported_versions extension
      Address some review feedback comments for supported_versions
      Ensure that vent->smeth != NULL before we call vent->smeth()
      Look at the supported_versions extension even if the server <TLS1.3
      A style tweak based on feedback received
      Add some more version tests
      Add a TODO(TLS1.3) about renegotation
      Give the test with only TLS1.1 and TLS1.0 a better name
      Fix some missing checks for TLS1_3_VERSION_DRAFT
      Remove some redundant trace code
      Address some supported_versions review comments
      Fix the no-tls option
      Update CHANGES and NEWS
      Rename the Elliptic Curves extension to supported_groups
      Fix test_sslcorrupt when using TLSv1.3
      Revert "Fixed deadlock in CRYPTO_THREAD_run_once for Windows"
      Generate the key_shares extension on the client side
      Add the key_share processing to the server side
      Update the trace code to know about the key_share extension
      Add key_share info to the ServerHello
      Add processing of the key_share received in the ServerHello
      Add a TLS version consistency check during session resumption
      Start using the key_share data to derive the PMS
      Validate that the provided key_share is in supported_groups
      Ensure the whole key_share extension is well formatted
      Check key_exchange data length is not 0
      Add some tests for the key_share extension
      Fixed various style issues in the key_share code
      Move getting the curvelist for client and server out of the loop
      Fix a typo in a comment
      Add SSL_peek() and SSL_peek_ex() to NAME section
      Remove a hack from ssl_test_old
      Fix a "defined but not used" warning when enabling ssl-trace
      Fix missing SSL_IS_TLS13(s) usage
      Fix EXTMS error introduced by commit 94ed2c6
      Remove old style NewSessionTicket from TLSv1.3
      Implement tls13_change_cipher_state()
      Update state machine to be closer to TLS1.3
      Create the Finished message payload
      Fix the tests following the state machine changes for TLSv1.3
      Ensure the end of first server flight processing is done
      Ensure unexpected messages are handled consistently
      Fix some TLSProxy warnings
      Add a test for the TLSv1.3 state machine
      Add an s_server capability to read an OCSP Response from a file
      Extend test_tls13messages
      Fix SSL_IS_TLS13(s)
      Fix some style issues identified during review
      Fix some style issues with TLSv1.3 state machine PR
      Update tls13secretstest to use the new simpler test framework
      Fix an uninit variable usage
      Fix a double ;; causing a travis failure
      Fix some defines in ossl_shim
      Use ClientHello.legacy_version for the RSA pre-master no matter what
      Fix missing NULL checks in CKE processing
      Fix missing NULL checks in key_share processing
      Fix a missing function prototype in AFALG engine
      Fix a warning about an uninit var
      Fix a bogus uninit var warning
      Ensure we are in accept state in DTLSv1_listen
      Fix mac-then-encrypt test with enable-tls1_3
      Use the TLSv1.3 nonce construction
      Add a test for TLSv1.3 encryption using the new nonce construction
      Fix a travis compilation error
      Fix a double free in tls13encryptiontest
      Fix some style issues in the TLSv1.3 nonce construction code
      Convert tls13encryptiontest so that we pass around a pointer not an index
      Make refdata in tls13encryptest static
      Fix a typo in bio_read_intern
      Add an ability to find out the current write location from a WPACKET
      Convert TLS record construction to use WPACKET
      Convert TLS Record receipt to use PACKET
      Update the record layer to use TLSv1.3 style record construction
      Add more TLS1.3 record tests
      Add a TLS1.3 TODO for the msg callback
      Ensure compressdata is always initialised
      Change various repeated rr[someindex] references to a pointer
      Various style fixes from the TLSv1.3 record changes review
      Change various repeated wr[someindex]/pkt[someindex] references to a pointer
      Send and Receive a TLSv1.3 format ServerHello
      Add EncryptedExtensions message
      Move tls_collect_extensions() into a separate file
      Add some missing extensions to SSL_extension_supported()
      Verify that extensions are used in the correct context
      Refactor ClientHello extension parsing
      Continue the extensions refactor
      Add extensions construction support
      Split extensions code into core extensions and server extensions code
      Move ServerHello extension construction into the new extensions framework
      Rename some functions
      Move client parsing of ServerHello extensions into new framework
      Move client construction of ClientHello extensions into new framework
      Add an extension initilisation and finalisation capability
      Provide server side extension init and finalisation functions
      Move ALPN processing into an extension finalisation function
      Simplify ClientHello extension parsing
      Avoid repeatedly scanning the list of extensions
      Move ServerHello extension parsing into the new extension framework
      Split ServerHello extensions
      Add tests for new extension code
      Support renegotiation in TLSProxy
      Add a test to check messsages sent are the ones we expect
      Fix a bug in TLSProxy where zero length messages were not being recorded
      Enable status_request test in test_sslmessages
      Add extension tests in test_sslmessages
      Merge common code between test_tls13messages and test_sslmessages
      Add more extension tests to test_sslmessages
      Add a renegotiation test
      Remove some spurious whitespace
      Add some extra key_share tests
      Fix a memory leak
      Correct imports for checkhandshake module
      Suppress some BoringSSL test failures
      Fix travis mixed declarations and code error
      Various style updates following extensions refactor
      Change TLSEXT_IDX_* values into an enum
      Introduce TLSEXT_STATUSTYPE_nothing constant
      Fix more style issues following extensions refactor feedback
      Fix make update issues
      Move the checkhandshake.pm module into test/testlib
      Fix various indentation
      Fix a travis failure
      Fix the declaration of tls_parse_extension in statem_locl.h
      Fix a leak in SSL_clear()
      Fix the EC point formats extension
      Add a test to check the EC point formats extension appears when we expect
      Fix extension for various no- options
      Fix compilation with no-ec
      Fix CT test_sslmessages hangs
      Fix the SSL_set1_sigalgs() macro
      Provide some tests for the sig algs API
      Don't run the sigalgs tests over a TLSv1.3 connection
      Extend tls_construct_extensions() to enable passing of a certificate
      Extends extension parsing to take the Certificate
      Create Certificate messages in TLS1.3 format
      Implement TLSv1.3 style CertificateStatus
      Update SSL_trace to understand TLSv1.3 Certificates
      Initialise the al variable
      Fix a double blank line style issue
      Rename the chain variable to chainidx
      Fix various style issues following feedback
      Mark a HelloRequest record as read if we ignore it
      Add a TODO(TLS1.3) around certificate selection
      Move Certificate Verify construction and processing into statem_lib.c
      Make CertificateVerify TLS1.3 aware
      Sign CertificateVerify messages using PSS padding
      Convert Sigalgs processing to use ints
      Remove a redundant function
      Use NIDs instead of the old TLSv1.2 sigalgs hash and sig ids
      Remove some unneeded functions
      Ensure the record sequence number gets incremented
      Use the correct size for TLSv1.3 finished keys
      Temporarily ignore NewSessionTickets for TLS1.3
      Fix client application traffic secret
      Verify that the sig algs extension has been sent for TLSv1.3
      Ignore PKCS1 based sig algs in TLSv1.3
      Add some sig algs tests
      Add a TLS1.3 TODO for setting of sig algs
      Always use TLSv1.0 for record layer version in TLSv1.3
      Fix test_sslversions to know that TLSv1.3 sets record version to TLSv1.0
      Extend PSS signature support to TLSv1.2
      Add a sigalg test to check we only allow sigalgs we sent
      Teach SSL_trace about the new sigalgs
      Teach TLSProxy about the CertificateVerify message
      Extend ServerKeyExchange parsing to work with a signature
      Teach TLSProxy how to re-encrypt a TLSv1.3 message after changes
      Add some signature tests
      Fix a Travis failure
      Fix an uninit read picked up by Travis
      Add some missing sigalgs
      Fix tls1_set_sigalgs() length calculation
      Fix no-ec following sigalgs refactor
      Fix compilation with no-nextprotoneg
      Fix no-dh builds
      Stop client from sending Certificate message when not requested
      Stop server from expecting Certificate message when not requested
      Extend the test_ssl_new renegotiation tests to include client auth
      Fix SSL_get0_raw_cipherlist()
      Fix memory leaks in the Certificate extensions code
      Don't use magic numbers in aes_ocb_cipher()
      Properly handle a partial block in OCB mode
      Update evp_test to make sure passing partial block to "Update" is ok
      Fix the overlapping check for fragmented "Update" operations
      Adjust in and in_len instead of donelen
      Remove assert from is_partially_overlapping()
      Fix a merge error
      Update CHANGES and NEWS for new release
      ChangeCipherSpec is not allowed in TLSv1.3
      Remove use of the SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS flag
      Move state machine knowledge out of the record layer
      Disable requests for renegotiation in TLSv1.3
      Move TLSv1.3 Session Ticket processing into the state machine
      Add support for the psk_key_exchange_modes extension
      Create the NewSessionTicket message in TLSv1.3
      Process incoming NewSessionTicket messages on the client side
      Add a TODO around handling of SSL_get_session() and SSL_get1_session()
      Never send a session id in TLS1.3
      Update the s_client -sess_out feature to work for TLSv1.3
      Provide a new WPACKET function for filling in all the lengths
      Construct the client side psk extension for TLSv1.3
      Add support for the age_add field
      Add support for client side parsing of the PSK extension
      Provide a key_share extension finaliser
      Make sure we also cleanse the finished key
      Implement Server side of PSK extension parsing
      Implement server side of PSK extension construction
      Set the kex modes on the client too.
      Move session version consistency check
      Use the correct session resumption mechanism
      Tweak a comment
      Always ensure that session->cipher is set
      Re-enable ALPN resumption tests where we are using TLSv1.3
      Update create_ssl_connection() to make sure its gets a session
      Re-enable TLSv1.3 session resumption related tests in sslapitest
      Remove a TLS1.3 TODO that is now completed
      Re-enable test_ssl_new resumption tests for TLSv1.3
      Add a capability for TLSProxy to wait for a session before killing s_client
      Add testing of TLSv1.3 resumption in test_tls13messages
      Re-enable resumption for TLS1.3 CT tests
      Ensure the age_add variable is properly initialised
      Ensure the al variable is properly ininitialised in all code paths
      Miscellaneous style tweaks based on feedback received
      Make the "ticket" function return codes clearer
      Make calls to SSL_renegotiate() error out for TLSv1.3
      Enable wpacket test on shared builds
      Add a test for WPACKET_fill_lengths()
      Fix <= TLS1.2 break
      If we have no suitable PSK kex modes then don't attempt to resume
      Add a test for the PSK kex modes extension
      Move the SSL3_CK_CIPHERSUITE_FLAG out of public header
      Use for loop in WPACKET_fill_lengths instead of do...while
      Remove unneccessary comments
      Various style fixes following review feedback
      Add a TODO around validating the ticket age
      Expand comment in tls_process_hello_req()
      Make sure we free and cleanse the pms value in all code paths
      Free up the memory for the NewSessionTicket extensions
      Fix crash in tls13_enc
      Fix a typo in the X509_get0_subject_key_id() documentation
      Make the context available to the extensions parse and construction funcs
      Add server side support for creating the Hello Retry Request message
      Add client side support for parsing Hello Retry Request
      Implement support for resumption with a HelloRetryRequest
      Add trace support for HelloRetryRequest
      Update the key_share tests for HelloRetryRequest
      Update test counting in checkhandshake.pm
      Update TLSProxy to know about HelloRetryRequest messages
      Update the kex modes tests to check various HRR scenarios
      Update the tls13messages test to add some HRR scenarios
      Various style fixes following review feedback
      Add a bytestogroup macro
      Fix a bogus uninit variable warning
      Remove a double call to ssl3_send_alert()
      Fix no-ec compilation
      Fix merge issue
      Provide a test for the Encrypt-Then-Mac renegotiation crash
      Don't change the state of the ETM flags until CCS processing
      Remove an OPENSSL_assert() and replace with a soft assert and check
      Update CHANGES and NEWS for new release
      Fix a mem leak in ssl_test_ctx.c
      Provide a function to send a KeyUpdate message
      Add a capability to s_server to send KeyUpdate messages
      Add SSL_trace() support for KeyUpdate messages
      Add the ability for a client to receive a KeyUpdate message
      Add the ability for a client to send a KeyUpdate message
      Add a SSL_get_key_update_type() function
      Add the ability for s_client to send a KeyUpdate message
      Add the ability for a server to receive a KeyUpdate message
      If we receive an "update_requested" KeyUpdate then respond with a KeyUpdate
      Actually update the keys when a KeyUpdate message is sent or received
      Limit the number of KeyUpdate messages we can process
      Updates following review feedback
      Fix a shadowed global variable warning
      Add documentation for SSL_key_update() and SSL_get_key_update_type()
      Add some KeyUpdate tests
      Don't use an enum in the return type for a public API function
      Updates following review feedback
      Fix a merge error
      Remove some dead code from libssl
      Remove dead code in bn
      Remove the file r160test.c
      Remove bf_cbc.c
      Remove a pointless "#ifndef" from bf_enc.c
      Remove some commented out code in the apps
      Remove some commented out code in libcrypto
      Remove some commented out code in libssl
      Remove some commented out code in the tests
      Fix sslapitest when compiled with no-tls1_2
      Fix test_ssl_new when compiled with no-tls1_2 or no-dtls1_2
      Ensure that we never select compression in TLSv1.3
      Fix a compression bug
      Add compression tests
      Use the built in boolean type for CompressionExpected
      Construct the ticket_early_data_info extension
      Add a -max_early_data option to s_server
      Teach SSL_trace() about the early_data_info extension
      Parse the ticket_early_data_info extension
      Provide functions to write early data
      Construct the early_data extension
      Parse the early_data extension
      Add an option to s_client to send early_data
      Implement the early data changes required in tls13_change_cipher_state()
      Change the cipher state when sending early data
      Provide an SSL_read_early() function for reading early data
      Construct the server side early_data extension
      Fix changing of the cipher state when dealing with early data
      Add a "-early_data" option to s_server
      Implement client side parsing of the early_data extension
      Get s_client to report on whether early data was accepted or not
      Fix seg fault when sending early_data using CCM ciphersuites
      Disallow handshake messages in the middle of early_data
      Make sure we reset the read sequence when skipping records
      Check max_early_data against the amount of early data we actually receive
      Provide a default value for max_early_data
      Ensure the max_early_data option to s_server can be 0
      Validate the ticket age for resumed sessions
      Remove some TLSv1.3 TODOs that are no longer relevant
      Add extra validation parsing the server-to-client early_data extension
      Don't accept early_data if we are going to issue a HelloRetryRequest
      Skip early_data if appropriate after a HelloRetryRequest
      Only accept early_data if the negotiated ALPN is the same
      Don't attempt to write more early_data than we know the server will accept
      Add a SSL_SESSION_get_max_early_data() function
      Make SSL_get_max_early_data() and SSL_CTX_get_max_early_data() take a const
      Make SSL_get_early_data_status() take a const
      Add documentation for the early data functions
      Tighten sanity checks when calling early data functions
      Add documentation for the new s_client and s_server early_data options
      Improve the early data sanity check in SSL_do_handshake()
      Introduce a new early_data state in the state machine
      Enable the client to call SSL_read() without stopping the ability to call SSL_write_early()
      Enable the server to call SSL_write() without stopping the ability to call SSL_read_early()
      Various fixes required to allow SSL_write/SSL_read during early data
      Add early_data tests
      Make SSL_write_early_finish() an internal only function
      Updates to s_server and s_client for the latest early_data API changes
      Updates to the early data documentation
      Rename SSL_read_early() to SSL_read_early_data()
      Rename SSL_write_early() to SSL_write_early_data()
      Update early data API for writing to unauthenticated clients
      Update the API documentation for the latest early data changes
      More early data documentation updates following feedback
      Silence some clang warnings
      Silence some more clang warnings
      Ensure we don't call memcpy with a NULL pointer
      Fix a memory leak on an error path
      Add basic TLSv1.3 cookie support
      Add a test for TLSv1.3 cookies
      Don't call memcmp with a NULL pointer
      Fix no-psk
      Fix a test failure with no-tls1_1
      Fix no-ec
      Tweak the TLSv1.3 record overflow limits
      Add a test to check that we correctly handle record overflows
      Provide a function to test whether we have unread records pending
      Check TLSv1.3 ServerHello, Finished and KeyUpdates are on record boundary
      Add a test for records not on the record boundary
      Fix the number of tests to skip if TLSv1.3 is disabled
      Fix no-comp
      Check that the PSK extension is last
      Add a test to check that if a PSK extension is not last then we fail
      Use the new TLSv1.3 certificate_required alert where appropriate
      Fix some RSA documentation
      Fix out-of-memory condition in conf
      Make the Boring tests pass
      Update ossl_config.json for later BoringSSL commit
      Fix 12 Boring tests involving NULL-SHA ciphersuites
      Ensure we set the session id context in ossl_shim
      SSL_get_peer_cert_chain() does not work after a resumption
      Re-enable some BoringSSL tests
      Fix a hang in tests that use sessionfile
      Update the TLSv1.3 version indicator for draft-19
      Update secret generation for draft-19
      Update the TLSv1.3 secrets test vectors for draft-19
      Update end of early data processing for draft-19
      Merge early_data_info extension into early_data
      Check ClientHello boundary as per draft-19
      HelloRetryRequest updates for draft-19
      Ensure after an HRR any PSKs have the right hash
      Fix ciphersuite handling during an HRR
      Add some more PSK tests
      Add some HRR tests
      Updates following review feedback
      Fix the Padding extension
      Add tests for the padding extension
      Handle TLSv1.3 being disabled in clienthello test
      Fix some undefined behaviour in stack test
      Fix no-dtls builds
      Fix resumption after HRR
      Add a test for resumption after HRR
      Add server side support for TLSv1.3 downgrade mechanism
      Add client side support for TLSv1.3 downgrade mechanism
      Make the TLSv1.3 downgrade mechanism a configurable option
      Add a test for the TLSv1.3 downgrade mechanism
      Move the downgrade sentinel declarations to a header file
      Provide documentation for missing SSL_SESSION_* functions
      Provide documentation for some state machine related functions
      Fix bug with SSL_read_early_data()
      Add a test for the bug fixed in the previous commit
      Fix early data bug with pause between EoED and CF
      Provide a test for pause between EoED and CF
      Fix s_client early data indicator
      Update SSL_extension_supported()
      Don't handle handshake messages when writing early data on server
      Update early data test for an even later arrival of CF
      Add a test for the problem fixed by the previous commit
      Tweak a style issue
      Fix calls to SSL_get_server_tmp_key() in TLSv1.3
      Add documentation for SSL_get_server_tmp_key()
      Add missing macros for DHxparams
      Ensure dhparams can handle X9.42 params in DER
      Fix a possible integer overflow in long_c2i
      Move ssl/t1_ext.c to ssl/statem/extensions_cust.c
      Move the extensions context codes into the public API
      Implement a new custom extensions API
      Add some tests for the new custom extensions API
      Add documentation for the new custom extensions API
      Various style tweaks based on feedback
      Prefix custom extension API callback types with SSL_
      Create an ENDPOINT enum type for use internally
      Remove an out of date TODO
      Fix a test failure when configured without TLSv1.3
      Reject decoding of an INT64 with a value >INT64_MAX
      Convert bad_dtls_test for the new test framework
      Convert asynciotest for the new test framework
      Convert clienthellotest for the new test framework
      Don't fail the connection in SSLv3 if server selects ECDHE
      Add a BIO_lookup_ex() function
      Add a -sctp option to s_server
      Add a -sctp option to s_client
      Add better error logging if SCTP AUTH chunks are not enabled
      Ask libssl if we should retry not the socket
      Remove special case code for SCTP reneg handling
      Don't attempt to send fragments > max_send_fragment in DTLS
      Fix problem with SCTP close_notify alerts
      Add support to test_ssl_new for testing with DTLS over SCTP
      Add SCTP testing to 16-dtls-certstatus.conf
      Add SCTP testing to 18-dtls-renegotiate.conf
      Add SCTP testing to 07-dtls-protocol-version.conf
      Add SCTP testing for 11-dtls_resumption.conf
      Add SCTP testing for 04-client_auth.conf
      Fix some variable references in init_client
      Document BIO_lookup_ex()
      Fix issue in 18-dtls-renegotiate.conf.in
      Address review feedback for the SCTP changes
      Fix doc-nits issue
      Add documentation for the -sctp option in command line apps
      Don't overwrite the alert value if there is no alert to send
      Add a ciphersuite config sanity check for clients
      Add a ciphersuite config sanity check for servers
      Add tests for version/ciphersuite sanity checks
      Remove TLS1.3 TODO around testing for session id length
      Add support for SSL_SESSION_is_resumable()
      Documentation updates for TLSv1.3 sessions
      Always duplicate the session on NewSessionTicket in TLSv1.3
      Tweak SSL_get_session.pod wording
      More SSL_SESSION documentation tweaks based on feedback
      Clarify that SSL_CTX_remove_session() marks a session as non-resumable
      Ensure s_client sends an SNI extension by default
      Fix comment around safari fingerprint check
      Fix some error path logic in i2v_AUTHORITY_INFO_ACCESS and i2v_GENERAL_NAME
      Extend the SERVERINFO file format to include an extensions context
      Only send custom extensions where we have received one in the ClientHello
      Add a SERVERINFOV2 format test file
      Add a test for CT in TLSv1.3
      Add an SSL_ prefix to SERVERINFOV2 and SERVERINFOV1
      Document the new SSL_CTX_use_serverinfo_ex() function
      Clarify serverinfo usage with Certificate messages
      Update serverinfo documentation based on feedback received
      Add the -groups option to s_server/s_client
      Update the documentation for "Groups" and "Curves"
      Update the HKDF labels for draft-20
      Update the TLSv1.3 version indicator for draft-20
      Update tls13secretstest test vectors for TLSv1.3 draft-20
      Fix an uninit read in igetest
      Don't leave stale errors on queue if DSO_dsobyaddr() fails
      Revert "Fix clang compile time error"
      Fix SSL_CTX_use_serverinfo_ex() et al to properly handle V1 data
      Add a test for loading serverinfo data from memory
      Updates to serverinfo fix based on review feedback
      Remove some out of date text inadvertently left behind
      Send the supported_groups extension in EE where applicable
      Add a test for supported_groups in the EE message
      Updates to supported_groups following review feedback
      Remove support for OPENSSL_SSL_TRACE_CRYPTO
      Add support to SSL_trace() for inner content types
      Update the message callback documentation
      Fix an s_server infinite loop
      Verify that only NULL compression is sent in TLSv1.3 ClientHello
      Add some badly formatted compression methods tests
      Fix some copy&paste errors and update following review feedback
      Don't do the final key_share checks if we are in an HRR
      Fix HRR bug
      More TLSv1.3 cookie tests
      Verify that if we have an HRR then something will change
      Add test for no change following an HRR
      Copy custom extension flags in a call to SSL_set_SSL_CTX()
      Add a test for SNI in conjunction with custom extensions
      Reject unknown warning alerts in TLSv1.3
      Fix some alert codes
      Verify that there is no trailing data after the extensions block
      Fix more alert codes
      Ensure we fail with a decode error alert if the server sends and empty Cert
      Send an illegal parameter alert if the update type in a KeyUpdate is wrong
      Check that a TLSv1.3 encrypted message has an app data content type
      TLSv1.3 alerts cannot be fragmented and only one per record
      TLSv1.3 alert and handshake messages can never be 0 length
      Send a missing_extension alert if key_share/supported groups not present
      Add some checks for trailing data after extension blocks
      Add some extra comments following alert changes
      Don't allow fragmented alerts
      Fail if we receive a response to an extension that we didn't request
      Add tests for unsolicited extensions
      Add a new unsolicited extension error code and add enum tag
      Allow a missing sig algs extension if resuming
      Add a test for a missing sig algs extension
      Fix EXT_RETURN usage for add_key_share()
      Try to be more consistent about the alerts we send
      Make SSL_is_server() accept a const SSL
      Fix ASN1_TIME_to_generalizedtime to take a const ASN1_TIME
      Fix return code in tls1_mac
      Add a macro for testing assertion in both debug and production builds
      Replace instances of OPENSSL_assert() with soft asserts in libssl
      Fix some style issues in returns
      Convert existing usage of assert() to ossl_assert() in libssl
      Add an error to the stack on failure in dtls1_write_bytes()
      Updates CHANGES and NEWS for new release
      Document that HMAC() with a NULL md is not thread safe
      Fix BoringSSL alert related test failures
      Update the pyca-cryptography version
      Fix a Proxy race condition
      Wait longer for the server in TLSProxy to start
      Left shift of a negative number is undefined behaviour
      Work around Travis "virtual memory exhausted" error
      Add back support for SHA224 based sig algs
      Clean up s_server documentation
      Allow the server to change the ciphersuite on resume
      Add a test for a server changing the ciphersuite
      Move ciphersuite selection before session resumption in TLSv1.3
      Fix an uninitialised variable warning
      Add comments to test_ciphersuite_change()
      Tweak the check that a ciphersuite has not changed since the HRR
      Add TLSv1.3 server side external PSK support
      Add TLSv1.3 client side external PSK support
      Add public API functions for setting TLSv1.3 PSK callbacks
      Add a function to get the handshake digest for an SSL_CIPHER
      Add the ability to use a client side TLSv1.3 external PSK in s_client
      Add the ability to use a server side TLSv1.3 external PSK in s_server
      Add SSL_SESSION_set1_master_key()
      Add SSL_SESSION_set_cipher()
      Add SSL_SESSION_set_protocol_version()
      Add the ability to set a TLSv1.3 PSK via just the key bytes
      Fix no-psk
      Add documentation for SSL_SESSION_set_cipher()
      Document SSL_SESSION_set1_master_key()
      Document SSL_SESSION_set_protocol_version()
      Document SSL_CIPHER_get_handshake_digest()
      Add documentation for SSL_CTX_set_psk_use_session_callback()
      Tweak the client side PSK callback
      Document SSL_set_psk_use_session_callback() and SSL_CTX equivalent
      Document SSL_set_psk_find_session_callback() and SSL_CTX equivalent
      Make the input parameters for SSL_SESSION_set1_master_key const
      Fix some bugs in the TLSv1.3 PSK code
      Add some tests for the new TLSv1.3 PSK code
      Use constants rather than macros for the cipher bytes in the apps
      PSK related tweaks based on review feedback
      Fix DTLS failure when used in a build which has SCTP enabled
      Add documentation for the SSL_export_keying_material() function
      Fix OBJ_create() to tolerate a NULL sn and ln
      Fix the constant time 64 test
      Treat all failures from EVP_DigestVerify() as a bad signature
      Fix another EVP_DigestVerify() instance
      Fix travis clang-3.9 builds
      Fix a memory leak in the new TAP filter BIO
      Update SSL_export_keying_material() for TLSv1.3
      Add an SSL_export_keying_material() test
      Update the SSL_export_keying_material() documentation for TLSv1.3
      Updates following review of SSL_export_key_material() changes
      Drop support for OPENSSL_NO_TLS1_3_METHOD
      Fix TLSv1.3 exporter
      Fix memory leak when using PSK session files
      Update the version number for TLSv1.3 draft 21
      Send and receive the ticket_nonce field in a NewSessionTicket
      The correct key length for a TLSv1.3 SHA384 ciphersuite is 48
      Update tls13_hkdf_expand() to take the length of the data
      Update the test/session.pem to have a tick_nonce value
      Update the early_secret generation to use the new ticket_nonce field
      Update SSL_trace() to know about ticket_nonce
      Updates following review feedback of TLSv1.3 draft-21 code
      Do not allow non-dhe kex_modes by default
      Update the documentation for the new SSL_OP_ALLOW_NO_DHE_KEX option
      Choose a safer value for SSL_OP_ALLOW_NO_DHE_KEX
      Some SSL_OP_ values can't be used in 1.1.x
      Fix s_client crash where the hostname is provided as a positional arg
      Fix early_data with an HRR
      Add a test for early_data when an HRR occurs
      Tolerate a zero length ticket nonce
      Fix SSL_clear() in TLSv1.3
      Add a test for SSL_clear()
      Remove session checks from SSL_clear()
      Add some performance notes about early data
      Fix undefined behaviour in e_aes_cbc_hmac_sha256.c and e_aes_cbc_hmac_sha1.c
      Remove some dead code
      Fix new_session_cb calls in TLSv1.3
      Add a test to check we get a new session even if s->hit is true in TLSv1.3
      Move ossl_assert
      Add an SSL_SESSION_dup() function
      Test server side session caching
      Copy dlls into fuzz directory
      Remove OPENSSL_assert() from crypto/asn1/bio_asn1.c
      Remove OPENSSL_assert() from various crypto/bio files
      Remove OPENSSL_assert() usage from crypto/bn
      Remove OPENSSL_assert() from conf_api.c
      Remove OPENSSL_assert() from crypto/ec
      Remove OPENSSL_assert() from crypto/hmac
      Remove OPENSSL_assert() from crypto/kdf
      Remove OPENSSL_assert() from crypto/pem
      Remove OPENSSL_assert() from crypto/threads_none.c
      Remove OPENSSL_assert() from crypto/x509
      Remove OPENSSL_assert() from crypto/x509v3
      Updates following feedback on OPENSSL_assert() removal
      More updates following review feedback
      Add documentation for SRTP functions
      Fix enable-sctp
      Don't run a CT specifc test if CT is disabled
      Ensure we exchange cookies in s_server even if SCTP is disabled
      Fix no-chacha and no-poly1305
      Clarify the meaning of no-stdio in INSTALL
      Fix description of how to report a bug in INSTALL
      Fix no-scrypt
      Fix no-tls and no-tls1_2
      Enable the ability to use an external PSK for sending early_data
      Add SSL_SESSION_set_max_early_data()
      Add some PSK early_data tests
      Add documentation for SSL_SESSION_set_max_early_data()
      Add HISTORY and SEE ALSO sections for the new TLSv1.3 PSK functions
      Make sure we use the correct cipher when using the early_secret
      If no SNI has been explicitly set use the one from the session
      Update the tests for SNI changes
      Show the error stack if there was an error writing early data in s_client
      Add functions for getting/setting SNI/ALPN info in SSL_SESSION
      Complain if we are writing early data but SNI or ALPN is incorrect
      Make sure we save ALPN data in the session
      Add server side sanity checks of SNI/ALPN for use with early_data
      Add PSK early_data tests
      Add some fixes for Travis failures
      Client side sanity check of ALPN after server has accepted early_data
      Test for late client side detection of ALPN inconsistenties
      Various review fixes for PSK early_data support
      Fix Proxy where a timeout occurs waiting for both client and server
      Don't attempt to add a zero length padding extension
      Don't use ciphersuites for inflating the ClientHello in clienthellotest
      Allow an endpoint to read the alert data before closing the socket
      Remove an incorrect comment
      Remove some commented out code
      Remove an unused file
      Ensure we test all parameters for BN_FLG_CONSTTIME
      Fix bug where early_data does not work if no SNI callback is present
      Add a test for setting initial SNI in CH but not using it with early_data
      Don't do version neg on an HRR
      Sanity check the HRR version field
      Tweak the comment regarding record version check with respect to TLSv1.3
      Correct value for BN_security_bits()
      Don't make any changes to the lhash structure if we are going to fail
      Don't use strcasecmp and strncasecmp for IA5 strings
      Update CHANGES and NEWS for new release
      Remove 4 broken macros from ocsp.h
      Fix race condition in TLSProxy
      Mark a zero length record as read
      Fix an s_client memory leak
      Ignore the session when setting SNI in s_client
      Allow a client to send early_data with SNI if the session has no SNI
      Provide a more information early_data message in s_server
      If a server is not acknowledging SNI then don't reject early_data
      Fix SSL_state_string() and SSL_state_string_long()
      Fix lshift tests
      Provide an SSLfatal() macro
      Replace some usage of SSLerr with SSLfatal()
      Convert the state machine code to use SSLfatal()
      Convert remaining functions in statem_clnt.c to use SSLfatal()
      Convert remaining functions in statem_srvr.c to use SSLfatal()
      Convert more functions in ssl/statem/statem.c to use SSLfatal()
      Convert more functions in ssl/statem/statem_dtls.c to use SSLfatal()
      Fix up a few places in the state machine that got missed with SSLfatal()
      Add some sanity checks for the fatal error condition
      Assert that SSLfatal() only gets called once
      Add some more cleanups
      Fix the Boring tests following the SSLfatal() changes
      Update an error reason code to be ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED
      Remove spurious whitespace
      Fix some formatting nits
      Fix bug in TLSv1.3 PSK processing
      Fix the check_fatal macro
      Add a test for CVE-2017-3737
      Update CHANGES and NEWS for new release
      Fix the buffer sizing in the fatalerrtest
      Update ssl3_get_record() to use SSLfatal()
      Convert ssl3_read_bytes() to use SSLfatal()
      More record layer conversions to use SSLfatal()
      Convert dlts1_write_bytes() to use SSLfatal()
      Convert the remaining functions in the record layer to use SSLfatal()
      Fix ssl_test_new with no-tls1_2
      Fix no-tls1_1
      Replace tabs with spaces in 25-cipher.conf.in
      Don't expect a POLY1305 ciphersuite when using no-poly1305
      Fix no-chacha
      Update the TLSv1.3 draft version indicators to draft 22
      Update ServerHello to new draft-22 format
      Implement session id TLSv1.3 middlebox compatibility mode
      Send TLSv1.2 as the record version when using TLSv1.3
      Drop CCS messages received in the TLSv1.3 handshake
      Remove TLSv1.3 specific write transition for ClientHello
      Send a CCS from the client in a non-early_data handshake
      Send a CCS from a client in an early_data handshake
      Send a CCS after ServerHello in TLSv1.3 if using middlebox compat mode
      Merge HRR into ServerHello
      Fix an HRR bug
      Update state machine to send CCS based on whether we did an HRR
      Update TLSProxy to know about new HRR style
      Make sure supported_versions appears in an HRR too
      Send supported_versions in an HRR
      Ensure CCS sent before early_data has the correct record version
      Delay flush until after CCS with early_data
      Fix server side HRR flushing
      Issue a CCS from the client if we received an HRR
      Make sure we treat records written after HRR as TLSv1.3
      Add some TLSv1.3 CCS tests
      Don't run the TLSv1.3 CCS tests if TLSv1.3 is not enabled
      Fix some clang compilation errors
      Don't flush the ClientHello if we're going to send early data
      Disable partial writes for early data
      Update the documentation for SSL_write_early_data()
      Fix trace of TLSv1.3 Certificate Request message
      Tolerate DTLS alerts with an incorrect version number
      Revert BN_copy() flag copy semantics change
      Extend timeout for TLSProxy
      Don't allow an empty Subject when creating a Certificate
      Don't crash on a missing Subject in index.txt
      Don't attempt to use X25519 for ECDSA in speed
      Add support for sending TLSv1.3 cookies
      Enable the cookie callbacks to work even in TLS in the apps
      Add the SSL_stateless() function
      Fix logic around when to send an HRR based on cookies
      Add some tests for the SSL_stateless() capability
      Fix interaction between SSL_stateless() and SSL_clear()
      Fix the SSL_stateless() return code
      Fix the cookie/key_share extensions for use with SSL_stateless()
      Add documentation for SSL_stateless()
      Don't send unexpected_message if we receive CCS while stateless
      Add the ability for s_server to operate statelessly
      Add a timestamp to the cookie
      Updates following review of SSL_stateless() code
      Move decisions about whether to accept reneg into the state machine
      Fix some instances of the wrong alert type being sent
      Add MiddleboxCompat option to SSL_CONF_cmd man page
      Enable TLSv1.3 by default
      Fix clienthellotest with TLSv1.3
      Fix some undefined behaviour in ossltest engine
      Don't run tls13encryptiontest on a shared Windows build
      Fix no-chacha and no-poly1305
      Don't calculate the Finished MAC twice
      Fixes for no-tls1_2 and no-tls1_2-method
      Don't overestimate the ticket age
      The function ssl_get_min_max_version() can fail
      Some minor tweaks following TLSv1.3 becoming default
      Update NEWS file for new release
      Update last release letter for CHANGES and NEWS
      OpenSSL 1.1.1 is now in pre release
      Update copyright year
      Prepare for 1.1.1-pre1 release

Matthias Kraft (1):
      Solution proposal for issue #1647.

Meena Vyas (3):
      Added a new Makefile in demos/evp directory     Fixed compilation warning in file aesgcm.c
      passed TARFILE="$(TARFILE)" NAME="$(NAME)" to tar target
      Allow --strict-warnings with the icc compiler as well

MerQGh (1):
      Update eng_fat.c

Michael Richardson (2):
      added cmcCA and cmcRA as per rfc6402, capitalized per RFC7030 author

Mike Aizatsky (1):
      [fuzzers] do not fail fuzzers with empty input

Mouse (1):
      Code hygiene; initialize some pointers.

Nick Mathewson (4):
      Remove redundant declarations of ERR_load_*_strings()
      Improve #include structure of pem{,2}.h
      In err_all.c, include the *err.h headers.
      Run "make update"

Nicola Tuveri (19):
      Use EVP interface for ECDH in apps/speed.c
      Fix coding style and remove some stale code/comments
      Handle EVP_PKEY_derive errors and fix coding style issues
      bugfix: calculate outlen for each curve
      Run util/openssl-format-source against apps/speed.c
      More coding style fixes
      Remove ECDH_EVP_derive_key wrapper function
      Reintroduce preliminary sanity check in ECDH speed and remove further checks in the benchmark loop.
      Use CRYPTO_memcmp for comparing derived secrets
      Remove leftover KDF pointer
      Do not handle R_EC_X25519 as a special case
      Handle "int_ctx_new:unsupported algorithm" error
      ecdhtest.c: move NAMED CURVES TESTS to evptests.txt
      Remove stale code in ecdhtest.c
      ecdhtest.c: move KATs to evptests.txt
      Remove more stale code in ecdhtest.c
      ecdhtest.c: move co-factor ECDH KATs to evptests
      Remove ecdhtest.c
      Reformat evptests.txt

Nikos Mavrogiannopoulos (2):
      cryptodev: Fix issue with signature generation
      cryptodev: allow copying EVP contexts

Noah Robbin (2):
      Use size of server key when selecting signature algorithm.
      Use the index that matches the key type (either SSL_PKEY_RSA_PSS_SIGN or SSL_PKEY_RSA).

Patrick Schlangen (1):
      Make data argument const in SSL_dane_tlsa_add

Patrick Steuer (26):
      Fix strict-warnings build
      Fix strict-warnings build
      Fix strict-warnings build
      Fix strict-warnings build
      apps/speed.c: fix ccm performance measurements.
      EVP_EncryptInit.pod: EVP_CIPHER_mode and EVP_CIPHER_CTX_mode update
      apps/speed.c: add 'rand' algo to enable DRBG performance measurements.
      crypto/aes/asm/aes-s390x.pl: fix $softonly=1 code path.
      s390x assembly pack: remove capability double-checking.
      e_os.h: add prandom and hwrng to the list of random devices on s390x.
      s390x assembly pack: extend s390x capability vector.
      apps/speed.c: add -seconds and -bytes options
      apps/speed.c: use 32 byte key material as default
      key_A and key_B had 3 references, only 2 were freed.
      apps/speed.c: detect evp cipher 32-bit ctr overflow and reset iv
      doc/man3/EVP_EncryptInit.pod: add EVP_CIPHER_CTX_rand_key
      apps/speed.c: generate evp_cipher keys implicitly
      apps/speed.c: initialize buffers
      crypto/bio/bss_dgram.c: annotate fallthrough (-Wimplicit-fallthrough)
      s390x assembly pack: add KMA code path for aes-ctr.
      crypto/aes/asm/aes-s390x.pl: replace decrypt flag by macro.
      s390x assembly pack: add KMA code path for aes-gcm.
      crypto/engine/eng_list.c: compare getenv rv to NULL instead of 0
      Document OPENSSL_ENGINES environment variable
      s390x assembly pack: add KMAC code path for aes-ccm
      crypto/evp/e_aes.c: add comments to s390x aes gcm implementation

Paul Hovey (2):
      fix undoes errors introduced by https://github.com/openssl/openssl/commit/fc6076ca272f74eb1364c29e6974ad5da5ef9777?diff=split#diff-1014acebaa2c13d44ca196b9a433ef2eR184
      updated macro spacing for styling purposes

Paul Yang (63):
      Fix typo in ASYNC_WAIT_CTX_new.pod doc
      Fix typo in INSTALL file
      Fix typo in doc/man3/EVP_EncrypInit.pod
      Fix coding style in apps/passwd file
      Document X509_check_private_key and relative
      Add test cases for X509_check_private_key
      Set local variable to 0 to avoid build error
      Fix doc nits in X509_check_private_key.pod
      Fix coding style
      Fix a bundle of trailing spaces in several files
      Fix possible usage of NULL pointers in apps/spkac.c
      Refactor functions in testdsa.h
      Clean up a bundle of codingstyle stuff in apps directory
      Make SNI behavior more clear in s_client doc & help
      Forbid to specify -nextprotoneg if -tls1_3 is enabled
      Remove non-accurate description in Configure script
      Make clear error message if opt_<number> fails
      Avoid compiler complaining
      Fix inaccurate comments in bn_prime.c
      Fix return value checking for BIO_sock_init
      Change to check last return value of BN_CTX_get
      Support converting cipher name to RFC name and vice versa
      Update doc/ca.pod to clarify description for dates
      Update documentation for SSL_is_server()
      Add asn1_time_to_tm function and check days in month
      Add test cases and docs for ASN1_STRING_TABLE_* functions
      Fix a reference nit in doc
      Fix coding style nits in crypto/asn1/a_strnid.c
      Make SSL_set_tlsext_host_name no effect from server side
      Fix rsa -check option
      Update ASN1_TIME_to_tm's documentation
      Refactor ASN1_TIME_print functions
      Add '-ext' option to display extensions in 'x509'
      Add EC key generation paragraph in doc/HOWTO/keys.txt
      Add test case for ASN1_TIME_print
      Add XXX_security_bits documentation
      Fix trivial nits in documentaion
      Use new setup_tests in code of rsa_test
      Document missing EVP_PKEY_method_* items
      Remove useless macros in apps/speed.c
      Fix coding style in crypto/rsa directory
      This part fixes braces around if-else.
      Add two missing SSL_CIPHER_* functions
      Introduce SSL_CIPHER_get_protocol_id
      Support key check in EVP interface
      Support EVP_PKEY_meth_remove and pmeth internal cleanup
      Fix doc nits
      Fix reading heap overflow in a test case
      Fix a bug in ALPN comparation code of a test case
      Make '-name' option of the 's_client' more generic
      Add sk_TYPE_new_reserve() function
      Fix mismatch of function prototype and document
      Fix doc-nits in doc/man3/DEFINE_STACK_OF.pod
      Simplify the stack reservation
      Support public key and param check in EVP interface
      Support multi-prime RSA (RFC 8017)
      Fix some issues in apps/req
      Leave a message in doc to indicate 0 is not acceptable
      Remove spaces at end of line in ssl/statem
      Remove outdated comments
      Add missing 'RETURN VALUES' sections in doc
      Enforce return values section check
      Update all affected files' copyright year to 2018

Pauli (155):
      Remove unused variable
      Implementation of the ARIA cipher as described in RFC 5794.
      fix spelling of Camellia in comment
      Ensure minsize >= sizeof(SH_LIST)
      Add a test case that tests more of the cipher modes.
      Increase the size of the stack buffer to prevent an overflow.
      Avoid buffer underflow in evp_test.
      Update the cipher(1) documentation to explicitly state that the RSA cipher     string means the same a kRSA.
      Increase the password buffer size to APP_PASS_LEN.
      Remove doc reference to non-existant GCM example
      Limit the output of the enc -ciphers command to just the ciphers enc can     process.  This means no AEAD ciphers and no XTS mode.
      Make the output of enc -ciphers identical even if run several times in a session.
      Use the callbacks from the SSL object instead of the SSL_CTX object
      Add the presence of ARIA to the change log.
      Unit tests for crypto/stack.
      Rewrite the documentation for sk_TYPE_find() and sk_TYPE_find_ex() to better     describe the vagaries in their behaviour.
      Rename the test_stack recipe file name to be consistent with the rest of the     tests.
      Add unit tests for the lhash functionality.
      Add enable-aria where rc5 and md2 are built.
      Test infrastructure additions.
      Documentation clean up for man1/list.pod
      Documentation cleanup for man1/nseq.pod
      Documentation cleanup for man1/enc.pod
      Documentation updates
      Make test marcos for true/false checks reliable for all integral types.
      Update rc2test to use the test infrastructure
      Update md2test to use the test infrastructure
      Update dtlstest to use the test infrastructure
      Update sha256t and sha512t to use the test infrastructure
      Update sha1test to use the test infrastructure
      Update mdc2test to use the test infrastructure
      Update rc5test to use the test infrastructure
      Update rc4test to use the test infrastructure
      Update d2i_test to use the test infrastructure
      Update secmemtest and memeleaktest to use the test infrastructure.
      Update gmdifftime to use the test infrastructure
      Update ideatest to use the test infrastructure
      Update sanitytest to use the test infrastructure
      Update the internal chacha test to use the framework     Reviewed-by: Richard Levitte <levitte at openssl.org>     Reviewed-by: Matt Caswell <matt at openssl.org>     (Merged from https://github.com/openssl/openssl/pull/3195)
      Update threadstest to use the test framework
      Remove fprintfs from the poly1305 internal test but keep the test number     information.
      Update destest to use the test infrastructure
      Split the CAST tests up.
      Update the internal siphash tests to use the framework's output.
      Guarantee single argument evaluation for test macros.     Add test case that checks some of them.
      Refactor crltest.c to separate the test cases into individual functions.
      Update igetest to use the test framework.
      Test framework output improvement.
      Conversion of the EC tests to use the framework.     Some refactoring done as well.
      Add BN support to the test infrastructure.
      Add test_test tests for bignums.     Add relative tests for bignums.
      Add a descriptive header to diff output from failed tests.
      Remove dead code.
      Randomise the ordering of the C unit tests.
      Update one CI test to use randomised ordering.
      Reformat the output of BIGNUMS where test cases fail.
      Integration build a small memory image
      Bring the memory output inline with the suggestions in #3465.
      Reformat the string output to be more in line with the decisions made in #3465
      Correct Oracle copyrights & clarify.
      Add output routines to allow consistent formatting of memory, strings     and bignums.  These have been refactored into their own file, along with     their error displays.  The formatting follows the output format used     on error, except that bignums of sixty four bits or less are displayed     in a more compact one line form.
      Fix preprocessor indentation.     Rework main() to be in the style of the other conditional tests.
      Update tests to avoid printf to stdout/stderr when running as test cases.
      Put error output back.
      Address double error and OSSLzu comments.
      Address style issues.     Refactor count -> c which makes the for loop more readable.
      Remove OSSLzu macros and use %zu in the test framework (via BIO_printf).
      Remove duplicate see also reference to BIO_s_mem.
      TAP line filter BIO.
      Remove uses of the TEST_check macro.
      Fix copyright date for the ARIA evp file.
      Use the return value from write(2)     This prevents a warning when building with crypto-mdebug.
      Remove the TEST_check macro.
      Fix compiler warnings
      Avoid buffer overruns in the req command line utility.
      Rework the append_buf function
      Bounds check string functions in apps.     This includes strcat, strcpy and sprintf.
      Memory bounds checking in asn1 code.
      BIO range checking.
      Rearrange link line so the libraries come after the source.     Some linkers like it this way.
      change return (x) to return x
      Address potential buffer overflows.
      Trivial bounds checking.
      Demo style fixes and modernisation.
      Fix some issues raise by coverity in the tests.
      Avoid having an unsigned integer decrement below zero.
      Change return (x) to return x
      Test cleaning and modernisation
      Remove trailing blanks.
      Address Coverity issues.
      Fix some pedantic warnings.
      Improve struct tm population
      Fix potential use-after-free and memory leak
      Update the test framework so that the need for test_main is removed.  Everything     that needed test_main now works using the same infrastructure as tests that used     register_tests.
      Fix the two new tests since approval.
      Fix trivial coding style nits in a_time/a_tm files     Clean up some true/false returns
      OPENSSL_NO_ENGINE defined causes build failures
      Formatting & declaration cleanse.
      Simplify some of the sslapitest code.
      Test fixtures changed to pointers.
      Change SETUP_TEST_FIXTURE so that the fixture structure is passed by     reference not by value.  This allows an error return from the setup function.
      Determine the number of output columns for the list and help commands using     the command names rather than hard coding it (conditionally).
      Remove tests dependence on e_os.h
      Fix windows build after too aggressive e_os.h removal
      Remove double error messages
      Fix ctype arguments.
      This has been added to avoid the situation where some host ctype.h functions     return true for characters > 127.  I.e. they are allowing extended ASCII     characters through which then cause problems.  E.g. marking superscript '2' as     a number then causes the common (ch - '0') conversion to number to fail     miserably.  Likewise letters with diacritical marks can also cause problems.
      Dead code elimination.
      Avoid a self-assignment.
      Improvement the formatting in bn_print.c     Movely removal of unnecessary brackets but some could be bugs addressed too.
      Check for EOF in ASCII conversions.
      Check range of test values using isascii before diving into the full     range of ctype functions.
      e_os.h removal from other headers and source files.
      Move the REF_PRINT support from e_os.h to internal/refcount.h.
      Remove the X_OK define, it is unused.
      Move e_os.h to be the very first include.     cryptilib.h is the second.
      Move OPENSSL_CONF from e_os.h to cryptlib.h
      Add ARIA as an alias for all ARIA based modes.
      Add documentation for ARIA GCM modes.
      Fix potential null problem.
      struct timeval include guards
      Fix an include location problem in the extrended tests.     [extended tests]
      Revert "GH614: Use memcpy()/strdup() when possible"
      Revert "Reuse strndup(), simplify code"
      Manually revert "Ensure allocation size fits into size_t"
      Ensure that the requested memory size cannot exceed the limit imposed by a     size_t variable.
      Remote unrequited casts     Also use strndup instead of a malloc/memcpy pair.
      Add explanatory comment about fitting into a size_t.
      Avoid signed vs unsigned comparison error.     Introduced by #4372
      Null pointer used.     Address coverity report of null pointer being dereferenced.
      Stack sorting safety
      Add a reserve call to the stack data structure.
      Add stack space reservations.
      Use safestack.h exclusively internally.     Remove all stack headers from some includes that don't use them.
      Remove unnecessary #include <openssl/lhash.h> directives.
      Put back the #include <openssl/safestack.h> lines in public headers.     the latter includes the former.
      Document that lhash isn't thread safe under any circumstances and     indicate the level of locking required for various operations.
      Add a CRYPTO_atomic_read call which allows an int variable to be read     in an atomic fashion.
      Add atomic write call
      Return a value from atomic read on Windows.     Use a read lock when reading using pthreads.
      Address a timing side channel whereby it is possible to determine some
      Address a timing side channel whereby it is possible to determine some
      Disabled list doesn't contain SM3 and SM4.
      use size_t tests instead of int ones
      Test support for time_t comparisons.
      A missing semicolon prevents compilation with ENGINE_REF_COUNT_DEBUG enabled.
      Enable the ARIA ciphers by default.
      Change the name of the SEC typedef to openssl_speed_sec_t.
      SHA512/224 and SHA512/256
      Make the OPENSSL_CPUID_OBJ define internal.     Patch by @levitte.
      Make OPENSSL_rdtsc universally available.
      Unify timer code
      Fix glibc specific conditional for Mac OS/X
      Fix glibc version detection.     Simplify Posix timer detection.

Pavel Kopyl (3):
      Fix error handling in i2d* functions.
      Add error handling in dsa_main and ASN1_i2d_bio.
      Check return value of OBJ_nid2obj in dsa_pub_encode.

Peter Meerwald-Stadler (1):
      Configure: Fix configdata.pm shorthand for --dump, should be -d     INSTALL: Mention 'aria' algorithm for no-<alg>

Peter Wu (3):
      apps: Add support for writing a keylog file
      SSL_get_shared_sigalgs: handle negative idx parameter
      doc: fix -keylogfile option

Pichulin Dmitrii (2):
      fix check of broken implementations of GOST ciphersuites
      Fix 'key' option in s_server can be in ENGINE keyform

Piotr Czajka (1):
      Typo fix

Péter Budai (1):
      Fixed PKCS5_PBKDF2_HMAC() to adhere to the documentation.

Qin Long (3):
      Cleaning UEFI Build with additional OPENSSL_SYS_UEFI flags
      Fix the build warning under OPENSSL_NO_GOST
      e_os2.h: Refine OSSL_SSIZE definition under UEFI environment

Rainer Jung (1):
      Fix use of "can_load()" in run_tests.pl.

Remi Gacogne (1):
      Add missing session id and tlsext_status accessors

Rich Salz (284):
      Remove "lockit" from internal error-hash function
      Remove get_hash completely
      Fix output text to avoid gratuitious git diff
      Make update, etc.
      GH1383: Add casts to ERR_PACK
      Add some const casts
      Add #defines for magic numbers in API.
      Change callers to use the new constants.
      Check for bad filename in evp_test
      GH1446: Add SSL_SESSION_get0_cipher
      Fix some doc nits.
      RT3940: For now, just document the issue.
      Add BIO_get_new_index()
      Move BIO index lock creation
      RT2676: Reject RSA eponent if even or 1
      To avoid SWEET32 attack, move 3DES to weak
      Put DES into "not default" category.
      Remove trailing zeros
      Use uppercase name for PCT_ enum
      Remove comment tags from structs (coding style)
      Code cleanup UI
      Misc BN fixes
      Add missing debug strings.
      Trim config output
      Add --missing-help to list command
      Add -h and -help for c_rehash script and app
      GH1536: Install empty CT log list
      Make reference to other manpage more explicit
      RT3669: dgst can only sign/verify one file.
      Revert "Constify code about X509_VERIFY_PARAM"
      GH1555: Don't bump size on realloc failure
      Dcoument -alpn flag
      Add -Wswitch-enum
      Revert "Call ENGINE_init() before trying to use keys from engine"
      RT is put out to pasture
      GH1546: Fix old names in cryptodev code.
      Add NPN to an SSL3 build
      Fix typo (reported by Matthias St. Pierre)
      Move manpages to man[1357] structure.
      Disable MDC2 by default.
      Revert "Disable MDC2 by default."
      Update CRYPTO_set_mem_debug() doc
      Missed a mention of RT
      Zero stack variable with DSA nonce
      Check return value of some BN functions.
      Merge find-undoc-api into find-doc-nits
      Make bntest be (mostly) file-based.
      Fix various doc nits.
      Add X509_VERIFY_PARAM inheritance flag set/get
      CRL critical extension bugfix
      Doc nits: callback function typedefs
      Rename "verify_cb" to SSL_verify_cb
      Move extension data into sub-structs
      Use typedefs for PSK, NPN, ALPN callback functions
      Review comments
      Fix typo in Blake2 function names
      Review comments; fail build if nits found
      GH2176: Add X509_VERIFY_PARAM_get_time
      Add "random malloc failure" tooling
      Add documentation
      Rename file so "ls" works on 80 columns
      Make X509_Digest,others public
      Fix "failure rate" bugs
      If client doesn't send curves list, don't assume all.
      Skip ECDH tests for SSLv3
      Avoid over-long strings.  Fix a mem leak.
      Don't need the checkbox; the hook does it
      Add -Wno-parentheses-equality to dev-warnings.
      Doc fix
      Fix parsing of serial# in req
      Centralize documentation about config file location
      Add no-ec build
      Don't call memcpy if len is zero.
      Prevent OOB in SRP base64 code.
      Iterate over EC_GROUP's poly array in a safe way
      Update year, wording tweak
      Remove GENCB_TEST compile flag
      Exdata test was never enabled.
      Remove ref to err(7), update copyright.
      sh_malloc & sh_free prototype change to match POSIX
      Fix an endless loop in rsa_builtin_keygen.
      Remove some duplicate manpage entries
      Get pointer type right in BIO_ssl_shutdown()
      Fix many doc L<> errors
      Handle find-doc-nits script rename
      Fix some doc nits
      Add test for -nameout output
      Document BIO_printf family
      Look for comma before - in POD pages
      Move PRIu64, OSSLzu to e_os.h
      Remove duplicate doc
      Make default_method mostly compile-time
      Make default_method mostly compile-time (cont'd)
      Check for L<foo|foo>
      Add missing =back
      Standardize on =over 4 and check for it.
      Use 'over 2' for bullet lists.
      Additional check to handle BAD SSL_write retry
      Convert x509aux, cipherlist, casttest
      Address review feedback (to be squashed)
      WIP: Convert ui,v3ext,verify_extra_test
      Add -f -r flags to find-unused-errs
      Catch EC_R_UNKNOWN_GROUP in check_unsupported()
      Convert afalgtest
      [squash]Build works with/out NO_ENGINE and NO_AFALG
      Convert more tests
      Convert more tests to framework
      Update more tests
      Convert more tests
      Convert dhtest, dsatest, cipherbytes_test
      Document Next Protocol Negotiation APIs
      fix dh_test.
      Convert hmactest to new test framework
      Ignore dups in X509_STORE_add_*
      if log fails, avoid pms getting double free
      check length sanity before correcting in EVP_CTRL_AEAD_TLS1_AAD
      Fix typo in OPENSSL_LH_new compat API
      evp_test.c: Add PrivPubKeyPair tests
      Convert modular exponentiation tests to new framework
      Fix unit-tests when no-srp configured
      Convert dtls_mtu_test, dtlsv1listentest
      Convert bntest to TEST_ framework
      Convert sslapitest to test framework
      Fix ISO C function/object pointer issue
      Remove (broken) diagnostic print
      Ensure blank lines between tests.
      Check fflush on BIO_ctrl call
      Fix a stack smash
      Convert danetest, ssl_test_ctx_test
      Add some man page cross-references
      Fix URL links in comment
      Convert uses of snprintf to BIO_snprintf
      Remove some unused scripts
      Perltidy ck_errf
      Run perltidy, use strict+warnings on mkrc.pl
      Fix curly braces on util/mkrc.pl
      Fix tests of TEST tests, as it were
      Fix pathname errors in errcode file
      Remove outdated and unsupported CHIL engine
      Ignore MSVC warnings (via Gisle Vanem)
      Convert of evp_test to framework
      Address some feedback
      Use compare_mem wrapper
      Split test/evptests.txt into separate files.
      Rename evptests.txt to evppkey.txt
      Use scalar, not length; fixes test_evp
      Add "Title" directive to evp_test
      Convert shlibloadtest to new framework
      Review feedback; use single main, #ifdef ADD_TEST
      Use BIO not FILE for test file
      Move engines/afalg to engines
      -inkey can be an identifier, not just a file
      Revert "Integration build a small memory image"
      Fix line numbering for errors.
      Add titles to groups of EVP tests
      Revise evp_test parser; make like bn_test
      Fix va_arg all in test_error_c90
      Add stricter checking in NAME section
      Only release thread-local key if we created it.
      Add -p (public only) flag to find-doc-nits
      Add text pointing to full change list.
      Use common STANZA for bn and exp tests
      Document default client -psk_identity
      Add a lock around the OBJ_NAME table
      make error tables const and separate header file
      Fix possible memory over-read in apps/s_client.c
      Remove doc of non-existent functions
      Fix a read off the end of the input buffer
      List undocumented macros
      Remove needless type casting.
      If-guard to avoid null ptr deref in statem_srvr.c
      Introduce ASN1_TIME_set_string_X509 API
      Remove leading space-before-tab
      Put message strings in state files
      Update copyright on progs.h
      Remove OLD_STR_TO_KEY compile option
      Standardize Levitte's dual-license
      Remove bsd_cryptodev engine
      Add RAND_UNIMPLEMENTED error code
      Fix typo (note by oneton at users.github)
      Modify Sun copyright to follow OpenSSL style
      Ensure a space after colon in enc -v
      Reformat progs.pl; add ARIA support
      Merge Nokia copyright notice into standard
      Add constant-time 64
      Add ecstress test
      Rename static global "lock" to "obj_lock"
      Use randomness not entropy
      Add fork handlers, based on pthread_atfork
      Add ECHO to makefiles for real silence
      Merge Intel copyright notice into standard
      Fix atfork flag.  Avoid double-negatives :)
      Cleanup some copyright stuff
      Various doc fixes
      BN_pseudo_rand is really BN_rand
      Add echo for end of each build phase
      Undo commit d420ac2
      Undo commit 0755217
      Undo commit de02ec2
      Undo commit 40720ce
      Undo commit cd359b2
      Undo commit dc00fb9
      Fix crash
      Add two trivial fixes from old commits
      Cleanup RAND_load_file,RAND_write_file
      Remove some now-unneeded VMS controls
      Update various RAND podpages
      Rewrite RAND_egd
      Fix bug in err_string_data_cmp
      Start to overhaul RAND API
      Don't use "version" in "OpenSSL Version 1.1.0" etc
      Standardize apps use of -rand, etc.
      Fix use-after-free
      Add DRBG random method
      Add range-checking to RAND_DRBG_set_reseed_interval
      Rename internal rand.h file
      Add --with-rand-seed
      Install custom RAND_METHOD for fuzzing
      Switch from ossl_rand to DRBG rand
      Add a DRBG to each SSL object
      Add RAND_priv_bytes() for private keys
      Add missing include of cryptlib.h
      Make RAND_DRBG fork-safe
      Various RAND improvements
      Add -d flag to list -u details (now normally off)
      Move FuzzerSetRand to separate file.
      Instantiate when RAND_status() checks
      Doc fixes
      Add some casts for %j
      Revert "Add some casts for %j"
      Print pathnames for 'version -r'
      Put thread-fork-init inside a run-once guard
      Check # of arguments for remaining commands.
      Safely display SNI (just in case)
      Add random serial# support.
      Use "" not <> for internal/ includes
      Remove custom base64 code.
      Use "" not <> on e_os.h include
      (Re)move some things from e_os.h
      Move randomness to allocated buffer
      Tweak wording to be more clear.
      Use strcpy instead of sprintf %s
      Remove NO_DIRENT; it isn't used anywhere
      MSC_VER <= 1200 isn't supported; remove dead code
      Avoid out-of-bounds read
      Avoid possible uninitialized variable.
      Add CRYPTO_thread_glock_new
      Address feedback
      Less documentation for deprecated API
      Fix doc-nits from previous commit
      Add checks for alloc failing.
      Fix error handling/cleanup
      Always use $ as shell prompt in example
      Fix function name in ECerr call
      Replace malloc+strcpy with strdup
      Rewrite some code
      Anchor the regexp match
      Fix doc for i2d/d2i private/public key
      Add CRYPTO_get_alloc_counts.
      Remove email addresses from source code.
      Update RAND_load_file return value.
      Additional name for all commands
      Whitespace and indent fixes
      Warn if -days without -x509
      Removre comment with user's name
      Don't NULL check before calling DSO_free.
      Fix typo that cause find-doc-nits failure
      Revert "Add padding spaces before printing algo."
      Fix SOURCE_DATE_EPOCH bug; use UTC
      Check for malloc failure
      Add "friendly name" extractor
      Add link for more SECLEVEL info
      Consistent formatting for sizeof(foo)
      Rewrite RT3513.
      Remove old config that used non-exist util script
      Add fingerprint text, remove MD5
      Remove remaining NETWARE ifdef's
      Fix IPv6 define
      Add accessors for AdmissionSyntax
      Move fprintf after assignment to avoid crash.
      Improve some BN documentation.
      Shorten output by a line
      Remove unused file
      Copy name string in BIO_meth_new

Richard Levitte (658):
      Travis: When testing installation, build in separate dir, otherwise in checkout
      VSI submisson: make better use of item lists in o_time.c
      VSI submission: make the VMS version of RAND_poll() faster and more secure
      Have 'openssl engine' exit with non-zero when some engine fails to load
      VMS: have the IVP verify that a well known engine loads properly
      When tr gets bracketed arguments, they need to be quoted
      VMS: Fix building of bad_dtls_test
      openssl-format-source: no dash marker on *INDENT-(ON|OFF)* comments
      indent: add a couple of types we use in apps
      Move the building of test/buildtest_*. to be done unconditionally
      Travis: add a build with no-stdio
      util/mkdef.pl: mark certain PEM function declarations with STDIO
      make update
      Remove OPENSSL_NO_STDIO guards around certain SSL cert/key functions
      The capi engine uses stdio, so don't build it when configuring 'no-stdio'
      openssl-format-source: A few more (DECLARE|IMPLEMENT) variants to care for
      Add a note about a perl issue on VMS and how to work around it
      Skip the SRP tests in 80-test_ssl_old.t if no TLS versions is enabled
      Make "make" less verbose in Travis, except for the build only case
      Add a "config" for verbosity and use it with Travis
      Remove duplicate ordinals
      VMS: no ENDIF on one line IF statements, in config.com
      dasync is an internal testing engine, so don't install it
      Don't try to init dasync internally
      Simplify indentation of DECLARE_ and IMPLEMENT_ lines
      MEMPACKET is typedef'd in ssltestlib.h, don't do so again in ssltestlib.c
      VMS: Use strict refdef extern model when building library object files
      ssltestlib: Tell compiler we don't care about the value when we don't
      Make 'openssl req -x509' more equivalent to 'openssl req -new'
      Avoid more compiler warnings for use of uninitialised variables
      Configure: Properly cache the configured compiler command
      Trust RSA_check_key() to return correct values
      Check for __GNUC__ to use GNU C atomic buildins
      CRYPTO_atomic_add(): use acquire release memory order rather than relaxed
      CRYPTO_atomic_add(): check that the object is lock free
      NEWS: add a number of the types that were made opaque
      Update CHANGES, NEWS, README and opensslv.h on master
      Improve the definition of STITCHED_CALL in e_rc4_hmac_md5.c
      VMS: honor --openssldir setting
      Make it possible for the user to specify a different default build file
      Configure: clean away temporary section of code
      Configure: Redo the logic for finding build file templates
      Configure: save away the value of OPENSSL_LOCAL_CONFIG_DIR for reconf
      The Perl interpreter might be in a path with spaces, so maybe quote it
      Make it possible to disable fuzz testing
      Configure's print_table_entry printed incorrect information
      Have Configure's HASH or TABLE produce complete lists
      INSTALL: add information on the environment variable BUILDFILE
      INSTALL: add information on option no-fuzz-test
      Add a more versatile test chooser
      Revert "Make it possible to disable fuzz testing"
      Revert "INSTALL: add information on option no-fuzz-test"
      Document the enhanced tests specification
      Move 05-test_fuzz.t to 90-test_fuzz.t
      Unix build: have the makedepend and cc actions in one recipe
      Correct detection of group end in map file when testing symbol presence
      Configure: Reorganise the checking of disabled options
      Allow asan, msan and ubsan to be configured with shared libraries
      Travis: Do asan and msan with shared libraries
      If errno is ENXIO in BSS_new_file(), set BIO_R_NO_SUCH_FILE
      Build file templates: additional information to build file template functions
      VMS: Use different C flags for programs that aren't to be installed
      VMS: be less picky when loading DSOs
      VMS: Don't force symbol mixed case when building DSOs
      Fix 'openssl passwd' with arguments -1 or -apr1
      Add a test for 'openssl passwd'
      Add SHA256 and SHA512 based output for 'openssl passwd'
      Document the new SHA256 and SHA512 password generation options
      Test the new SHA256 and SHA512 based password generation options
      Rather than one variable for each passwd type, use one enum variable
      VMS: Really don't force symbol mixed case when building DSOs
      VSI submission: redirect terminal input through socket
      Add copyright and license on apps/vms_term_sock.[ch]
      Reformat to fit OpenSSL source code standards
      Refactor to avoid unnecessary preprocessor logic
      Finally, make sure vms_term_sock.c is built on VMS
      Register the name of the config file each config target was found in
      Use the registered conf file names as dependencies to build configdata.pm
      Rearrange the storage of build file template names in %config
      Simplify the dependencies for remaking configdata.pm
      Simplify configudata.pm dependency generation
      Have the configuration options 'no-err' and 'no-async' work again
      Fix no-ocsp
      Fixup BIO demos for OpenSSL 1.1.x
      Fixup BIO demos for OpenSSL 1.1.x
      Fixup BIO demos for OpenSSL 1.1.x
      Don't ignore Makefiles in demos/
      Crude Makefile for demos/bio/
      Crude VMS build files for demos/bio/
      Documentation fixup; no more ECDHParameters
      apps/apps.c: include sys/socket.h to declare recv()
      Quiet compiler warning about uninitialised variable
      util/dofile.pl: report if a template couldn't be loaded
      descrip.mms.tmpl: in obj2bin, make sure an empty @deps means no empty lines
      VMS: add [.util]shlib_wrap.exe and its build instructions
      test/x509aux.c: Fix argv loop
      Fix error message typo, wrong function code
      apps/apps.c: initialize and de-initialize engine around key loading
      Add support for C++ in Configure
      Add support for C++ in Configurations/unix-Makefile.tmpl
      Add C++ settings in the Linux config targets
      Remove automatic RPATH
      Remove automatic RPATH - add user rpath support
      Remove automatic RPATH - adapt shlib_wrap.sh
      Remove automatic RPATH - Add a CHANGES entry
      Fix C++ support: set $target{cxx} correctly
      Fix config option 'no-deprecated'
      Make OpenSSL::Test a bit more flexible
      Add documentation of internal OpenSSL::Test functions
      appveyor: make tests verbose
      OpenSSL::Test cleanup - no forward declarations needed
      OpenSSL::Test - small fixup
      If an engine comes up explicitely, it must also come down explicitely
      apps: instead of varying implementation, make setup_engine a function always
      apps: remove some #ifndef clutter
      Correct installation test in appveyor
      Efence is antiquated, remove all traces of using it
      Add some notes on shared library names on different platforms
      Backdated note in CHANGES about shared library names
      VMS: tell the C compiler to use the ISO C94 standard
      Mark VC templates correctly.
      Unix Makefile: Some sed implementation truncate long lines.  Use perl instead.
      HPUX: Add the forgotten $(DSTDIR) when linking DSOs
      Secure our notification email.
      Test recipes: remove duplicate OpenSSL::Test usage
      test/build.info: typo, $ missing
      Convert poly1305 selftest into internal test
      Allow indented comments in build.info
      Explain the deal with internal test programs
      VMS: ignore multiply defined symbols when linking programs
      Convert asn1 selftests (a_strnid and ameth_lib) into internal test
      Convert modes selftests (cts128 and gcm128) to internal test
      Add a HEADER_MODES_H guard in include/openssl/modes.h
      Convert x509 selftests to internal test
      Convert mdc2 test print to internal test
      Finally, add a test recipe for the internal tests
      Clean away remaining 'selftest' code
      Clang doesn't like -znodelete, make it a linker flag instead
      test/shlibloadtest: small fixes
      Enable memory debugging while testing
      Don't assume to know the shared library extension
      Integrate ossl_shim into the build
      Convert 90-test_external.t to using "executable" rather than "system"
      Travis: add a strict build
      VMS: correct the logic around linking executables
      VMS: update the list of files that need some extra treatment
      Correct internal tests sources
      VMS build file template: assign 'arch' to local symbol table
      constant time test: include our internal/numbers.h rather than limits.h
      VMS: pretend to use -znodelete
      Fix the LIBZ macro on VC config targets
      Windows: use default ZLIB1 unless --with-zlib-lib is set
      INSTALL: small typo
      Unix Makefile: Make sure to use $(PERL) when running ./Configure
      Move algorithm specific ppccap code from crypto/ppccap.c
      Fix no-dso (shlibloadtest)
      Fix the evp_test Ctrl keyword processing
      chacha20/poly1305: make sure to clear the buffer at correct position
      Fix no-cms (CVE-2016-7053)
      descrip.mms.tmpl: Simplify fiddling of logical names record and statem
      Fix no-ct in test/ct_test.c
      Building: make it possible to force linking with static OpenSSL libs
      Document how to force linking with static libraries
      Link internal tests with static OpenSSL libraries when needed
      Revert "Move algorithm specific ppccap code from crypto/ppccap.c"
      Small fixups of util/process_docs.pl
      Fix the effect of no-dso in crypto/init.c
      Add util/check-doc-links.pl, to be used to check referenses in manuals
      Fix referenses in section 3 manuals
      Fix referenses in section 1 manuals
      Fix referenses in section 7 manuals
      Fix typo in util/process_docs.pl
      Remove heartbeat support
      Stop init loops
      Add a warning stipulating how things should be coded in ossl_init_base
      Remove heartbeats completely
      Revert "Remove heartbeats completely"
      Make it possible to disable building and running tests
      Only build the body of e_padlock when there are lower level routines
      Add a modern linux-x86 config target
      On x86 machines where the compiler supports -m32, use 'linux-x86'
      Clarify what X509_NAME_online does with the given buffer and size
      UI_process() didn't generate errors
      Add a test for the UI API
      Make sure that password_callback exercises UI
      In UI_OpenSSL's open(), generate an error on unknown errno
      UI_OpenSSL()'s session opener fails on MacOS X
      UI code style cleanup
      Remove extra bang
      Test framework: Add the possibility to have a test specific data dir
      VMS UI_OpenSSL: if the TT device isn't a tty, flag instead of error
      VMS UI_OpenSSL: generate OpenSSL errors when things go wrong.
      HP-UX doesn't have hstrerror(), so make our own for that platform
      evp_test: when function and reason strings aren't available, just skip
      e_afalg: Don't warn about kernel version when pedantic
      Fix no-ct, skip tests recipes that try to test CT
      test/ssl_test: give up if both client and server wait on read
      Fix erroneous goto lable
      Add bwrite_conv and bread_conv values to methods_dgramp_sctp
      M_check_autoarg: sanity check the key
      Reformat M_check_autoarg to match our coding style
      Travis: The TLS 1.3 code isn't interoperable yet, move it to its own build
      70-test_sslmessages.t: Don't check EXT_SIG_ALGS if TLS 1.2 is disabled
      70-test_sslvertol.t: Make sure to check a max TLS version that matches configuration
      80-test_ssl_new.t: Make 19-mac-then-encrypt.conf work without TLSv1.2
      70-test_sslvertol.t: skip test 1 and 2 if too few protocols are enabled
      Don't run NPN tests when NPN is disabled
      Don't test SRP when it's disabled
      Don't build OCSP stuff when OCSP is disabled
      Don't run OCSP tests when OCSP is disabled
      Don't run MSBLOB conversion tests when RSA or DSA are disabled
      Fix build issues with no-dh, no-dsa and no-ec
      Small fixes of cryptodev engine
      Only enable CRYPTO_3DES_ECB if that name is an existing macro
      Enable apps to get a UI_METHOD for the default prompter
      Constify the input parameter to UI_method_get_*
      Add an application data field in the UI_METHOD
      Add a UI utility function with which to wrap pem_callback_cb in a UI_METHOD
      make update
      Document the UI utility functions
      Add a few documentation lines about UI_OpenSSL()
      Add a test "uitest"
      UI: fix uitest for no-ui configuration
      UI: fix uitest for VMS
      UI documentation fixup
      Run find-doc-nits in travis
      UI: Ensure there will be no race condition when getting the UI_METHOD ex_data
      UI: Use RUN_ONCE differently
      Fix no-ocsp
      Clarify what RUN_ONCE returns
      Fix DSA parameter generation control error
      Fix no-tls1_2
      s_client: Better response success check for CONNECT
      Fix small typo
      Better check of DH parameters in TLS data
      Document DH_check_params()
      Correct pointer to be freed
      X509_CRL_digest() - ensure precomputed sha1 hash before returning it
      Document what EXFLAG_SET is for in x509v3.h
      Add a couple of test to check CRL fingerprint
      test/evp_test.c: If no algorithm was specified, don't try to check for DES
      Fix faulty free
      bntest: make sure that equalBN takes note of negative zero
      bntest: make sure file_rshift tests BN_rshift1 as well when appropriate
      bntest: do not stop on first fautl encountered
      bntests.txt: add a couple of checks of possibly negative zero
      bn: fix occurance of negative zero in BN_rshift1()
      Initialise alg_k and alg_a
      Fix "no-ec"
      Because our test sid file contains EC, don't try it when configured no-ec
      Add needed module in 25-test_sid.t
      test_rehash does nothing, have it do something
      test/README: clarify test number groups
      Add a test of the X509_STORE / X509_LOOKUP API
      Fix symbol shadow
      Fix test_x509_store
      If all versions of a proto are disabled, disabled the proto as well
      Fix no-dh and no-dsa
      VMS fix of test/recipes/80-test_ssl_new.t
      Correct the no-dh and no-dsa fix
      Have the directory reader use the Unix API on VMS
      Make "openssl rehash" work on VMS 8.3 and up
      Fix typo, missing ||
      Fix typo, should be && rather than &
      Let the output from 'openssl enc -ciphers' go to stdout
      On VMS, massage the fetch file names to remove the generation number
      In apps/rehash.c, decorate the inclusion of internal/o_dir.h for VMS
      Check for the presence of _WIN32 rather than its value.
      Add a null UI method
      Renumber to avoid a error code clash
      Code cleanup: remove the VMS specific reimplementation of gmtime
      Move the CHIL engine to demos/engines
      Code health: Remove obvious VAX C fixups
      Code health: Stop using timeb.h / ftime() (VMS only)
      Code health: Remove unused VAX transfer vector for engines
      Code health: Remove VAX exceptions in util/mkdef.pl
      Code health: make update
      Code health: Remove another VAX C-ism, globaldef and globalref
      Code health: With the VAX C-ism gone, OPENSSL_GLOBAL can be removed too
      Code health: Quick note in changes and the OPENSSL_GLOBAL et al changes
      Code health: Remove base address setting for mingw
      Don't use deprecated EVP_CIPHER_CTX_cleanup() internally
      VMS: compensate for gmtime_r() parameter pointer size
      Add NOTES.UNIX, with a description on how to deal with runpaths
      Fix the skip numbers in 80-test_ca.t
      -precert doesn't work when configured no-ct, don't try to test it then
      Add a platform specific configuration checker
      Add documentation on platform specific checks
      util/process_docs.pl: make it possible to add a suffix to man docs
      Unix Makefile: Have manual generation use the same perl script as Windows and VMS
      Make it possible to select or deselect test groups by number
      Document how to select / deselect test group numbers
      Split test/recipes/03_test_internal.t into individual tests
      Encourage having external tests in multiple test recipes
      Document UI_METHOD and UI_STRING, both useful for UI_METHOD creators
      Fix UI_get0_action_string()
      UI docs: Rephrase the UI method function return value description
      Recognise mingw64 in config script
      Document in CHANGES that config now recognises 64-bit mingw
      Better way to recognise mingw64 in config script
      Rather use -out parameter than redirect stdout
      VMS: Change debug linking method to generate a separate Debug Symbol File
      VMS: throw away [.util]shareable_image_wrap.c.in and add replacement scripts
      VMS: don't use /DSF, turn off CALL_DEBUG instead
      Add EC_KEY_get0_engine()
      VMS: turning off CALL_DEBUG isn't possible on Alpha
      Forgotten 'make update'
      Improve testing of elliptic curve validation
      Fix a few internals tests
      Fix docs for X509_CRL_get0_by_serial() and X509_CRL_get0_by_cert()
      Fix decoding of ASN.1 LONG and ZLONG items
      Rework how protocol specific ciphers in 80-test_ssl_old.t are picked out
      OpenSSL::Test: add a statusvar option for run with capture => 1
      Adapt 80-test_ssl_old.t to use statusvar
      Adapt 20-test_enc.t and 20-test_enc_more.t to use statusvar
      95-test_external_pyca_data/cryptography.py: only install for testing
      Travis: make a separate job for external tests
      Refuse to run the PYCA external test if configured 'no-shared'
      Change exit_checker comment on returned status
      Fix 80-test_ssl_old.t: only count the ciphers if there are any.
      Fix find-doc-nits: { is significant in regexps
      In err_cleanup(), cleanup the thread local storage too
      Add z modifier parsing to the BIO_printf et all format string
      Use the z modifier instead of OSSLzu with BIO_printf
      Add a simple test for the z modifier
      Fixup the github pull request template
      Remind people to have 'Fixes #XXXX' in the commit message
      Disable 15-test_ecparam.t when configured no-ec2m
      Implement internal ASN.1 types INT32, UINT32, INT64, UINT64
      make update
      Convert SSL_SESSION_ASN1 to use size specific integers
      Add a test of encoding and decoding LONG, INT32, UINT32, INT64 and UINT64
      Fix faulty check of padding in x_long.c
      Fix test/asn1_encode_test.c, ASN1_LONG_DATA used inappropriately
      In rand_cleanup_int(), don't go creating a default method
      Make getting and setting the RAND default method thread safe
      Don't try to clean up RAND from ENGINE
      Fix rand_lib.c for no-engine configuration
      Publish our INT32, UINT32, INT64, UINT64 ASN.1 types and Z variants
      Discourage the use of LONG and ZLONG, and deprecate it in the future
      Act on deprecation of LONG and ZLONG, step 1
      Act on deprecation of LONG and ZLONG, step 2
      Act on deprecation of LONG and ZLONG, step 3
      Add a note in CHANGES
      Fix util/mkdef.pl
      Fix int64 test of t_4bytes_4_neg
      Fix x_int64.c
      In asn1_encode_test.c, add custom DER encoding checks
      Fix definition of i2d_fn in asn1_encode_test.c
      Add tests of custom negative 1
      test/testutil.c: Flush stdout when running tests
      OpenSSL::Test: supported filtered command output
      Correct travis.yml to only build extended tests when explicitely asked to
      Test printing of ASN.1 types INTxx et al
      ASN.1: extend the possibilities to embed data instead of pointers
      ASN.1: change INTxx, UINTxx and Z variants to be embedable
      ASN.1: adapt our use of INTxx et al by making them explicitely embedded
      VMS: Fix the passing of cflags for things not being installed
      VMS: Fix internals test programs
      VMS: Copy DECC inclusion epi- and prologues to internals
      VMS: remove name mangling guards around inclusion of internals
      Fix test/recipes/95-test_external_krb5.t
      Port Ben's parallell Makefile hack to Windows
      Port Ben's parallell Makefile hack to VMS
      Typo fix in Configurations/descrip.mms.tmpl
      Make it possible to build static-only libraries
      Add CRYPTO_mem_leaks_cb
      Refactor the test framework testutil
      VMS: Make sure to include MAIN from static libraries if needed
      Adapt all test programs
      Avoid using BIO streams in bioprinttest.c
      TAPify testutil
      Add guards around one of use of IPPROTO_SCTP where it was missing
      Correct some badly formated preprocessor lines
      Ignore all .a files, not just the top ones
      Add include path '..' for libtestutil
      Tapify libtestutil a bit better
      TLSProxy: When in debug mode, show the exact subprocess commands
      testutil: Move printing function declarations to "internal" header
      testutil: make subtest_level() internal
      testutil: Add commodity printing functions test_printf_std{out,err}
      testutil: Add OpenSSL error stack printing wrapper TEST_openssl_errors
      testutil: Remove test_puts_std{out,err}, they are superfluous
      Update the pyca-cryptography submodule to version 1.8.1
      test/exptest.c: stop marking progress with a period
      Rearrange test/recipes/95-test_*.t to use skip_all
      test/recipes/95-test_*.t : correct skip_all syntax
      Prefer TAP::Harness over Test::Harness
      Fix 'no-ec'
      Clarify that a test failed
      Unclash clashing reason codes in ssl.h
      testutil: add the possibility to set the current test title
      evp_test: use the test file name as the test title
      testutil: Fix non-standard subtest output
      Cleanup - use e_os2.h rather than stdint.h
      Clean away needless VMS check
      INSTALL: clarify a bit more how Configure treats "unknown" options
      INSTALL: Remind people to read more if they added configuration options
      Remove notification settings from appveyor.yml
      Clarify what character encoding is used in the returned UI strings
      Add internal functions to fetch a refcount
      Correct small typo in CRYPTO_GET_REF
      Revert "Add internal functions to fetch a refcount"
      Add UI functionality to duplicate the user data
      Windows: rearrange programs cleanup
      Add -module option to util/mkerr.pl
      Rework writing crypto/err/openssl.txt
      .travis.yml: Detect if 'make update' updated something
      Move bn and evp test programs input data to their respective data dir
      Build apps/progs.h dynamically
      Add the target 'build_all_generated'
      Reorder Configure output
      Fix va_list processing in test_note()
      Configure: give config targets the possibility to enable or disable features
      tsget.in: remove call of WWW::Curl::Easy::global_cleanup
      util/mkerr.pl: allow module names prefixed with OSSL_ or OPENSSL_
      util/mkerr.pl: avoid getting an annoying warning about negative count
      Add the common error ERR_R_OPERATION_FAIL
      Add new /dev/crypto engine
      Adapt for BSD cryptodev.h differences
      Comment on the lack of documentation for asymmetric ciphers
      Document the added devcrypto engine in CHANGES
      UI_UTIL_wrap_read_pem_callback: make sure to terminate the string received
      test/uitest.c's pem_password_cb returned 1 instead of the password length
      Add dependency on apps/progs.h for test/uitest.o
      crypto/mem.c: on Windows, use rand() instead of random()
      Make it possible to refer to ERR_R_UI_LIB
      Add the STORE module
      Make asn1_d2i_read_bio accessible from STORE
      Make it possible to peek at BIO data through BIO_f_buffer()
      Add a STORE loader for the "file" scheme
      Add a simple store utility command
      Add a test that checks the store utility
      STORE 'file' scheme loader: add support for containers
      STORE 'file' scheme loader: add support for the PKCS#12 container
      STORE tests: add PKCS#12 tests
      STORE: Add a OSSL_STORE_INFO type to help support file handler restarts
      STORE 'file' scheme loader: refactor file_load to support decoding restart
      STORE 'file' scheme loader: Add handler for encrypted PKCS#8 data
      STORE 'file' scheme loader: Add directory listing capability
      Test that storeutl with a directory path works as expected
      STORE: add ENGINE information to loaders
      engine app: print out information on STORE loaders and STORE FILE handlers
      Add documentation for STORE functions
      Add documentation for the storeutl app
      STORE test recipe: Remove comment refering to OpenConnect
      STORE: Add an entry in NEWS and CHANGES
      STORE 'file' scheme loader: refactor the treatment of matches
      Make it possible to tell the file loader to use secure memory
      Add internal functions to fetch PEM data from an opened BIO
      util/mkdef.pl: Add UNIX as a platform
      util/mkdef.pl: Make symbol version processing Linux only
      STORE: simplify store_loader_cmp()
      STORE: Make sure the loader to be registered is complete
      When apps_startup() fails, exit with a failure code and a message
      STORE 'file' scheme loader: DNS name in URI is case insensitive
      Make sure OSSL_STORE_load() isn't caught in an endless loop
      Remove the possibility to disable the UI module entirely
      Correct documentation for UI_get0_result_string
      STORE: fix possible memory leak
      Avoid possible memleak in X509_policy_check()
      Fix small UI issues
      STORE 'file' scheme loader: fix try_decode_params() to check ambiguity
      VMS: When running a sub-MMS, make sure to give it the main MMS' qualifiers
      test/recipes/90-test_shlibload.t: Make sure to handle library renames
      test/run_tests.pl: Make sure to exit with a code that's understood universally
      Fix cipher_compare
      Fix style in crypto/store/loader_file.c
      For Windows, use _stat rather than stat
      test/recipes/90-test_store.t: Rename some functions
      test/recipes/90-test_store.t: Test absolute files
      OSSL_STORE: spell error reason correctly
      OSSL_STORE: Treat URIs as files first (with exceptions), then as full URIs
      test/recipes/90-test_store.t: Add a few cases with files starting with 'file:'
      OSSL_STORE "file" scheme loader: check for absolute path in URI later
      OSSL_STORE "file" scheme loader: check that a DOS device is correctly named
      testutil: stanza files are text files, open them as such
      Fix faulty include
      Simplify Makefile.shared
      test/recipes/80-test_tsa.t: Don't trust 'OPENSSL_CONF'
      Makefile.shared: Make link_shlib.linux-shared less verbose again
      Simplify the handling of shared library version numbers
      Perl: Use File::Glob::bsd_glob rather than File::Glob::glob
      Consolidate the locations where we have our internal perl modules
      File::Glob option ':bsd_glob' doesn't work everywhere, replace w/ a wrapper
      Rename crypto/evp/scrypt.c to crypto/evp/pbe_scrypt.c
      Add ERR_clear_last_mark()
      Clear error stack on successful OSSL_STORE_open()
      STORE: Add info on the expected post_process callback behavior
      STORE: Add documentation on the expectations for returned names
      When building a tarball, avoid trying to copy submodules
      test/asn1_time_test.c: Better check of signed time_t
      Turn on error sensitivity in the "tar" target
      Prepare tarball in dist directory
      Add a comment on expectations in the "tar" target
      Fix ui_write in apps/apps.c
      Fix the lack of isblank() with VMS C
      Don't try to test ctype functions for values < 0 or > 255
      Don't try to compare the ctype functions on values > 127
      apps/passwd.c: Don't disable MD5 and SHA when CHARSET_EBCDIC is defined
      apps/passwd.c: Fix code layout
      apps/passwd.c: Make MD5 and SHA password making EBCDIC aware
      NO_SYS_TYPES_H isn't defined anywhere, stop using it as a guard
      Move more socket stuff
      Fix guarding macro in include/internal/sockets.h
      If 'tests' is disabled, then so should 'external-tests'
      util/mkdef.pl: handle line terminators correctly
      OpenSSL::Test::__fixup_prg: don't check program existence
      Fix OpenSSL::Test::Utils::config to actualy load the config data
      OSSL_STORE: Avoid testing with URIs on the mingw command line
      Fix 90-test_store.t: using config() requires OpenSSL::Test::Utils
      Fix OSSL_STORE's 'file' loader: make sure peekbuf is initialised
      Add UI functions to set result with explicit length and to retrieve the length
      Disable the EGD seeding meachanism when stdio is disabled
      Add a recursive option to 'openssl storeutl'
      Document the recursive option
      Make sure that a cert with extensions gets version number 2 (v3)
      Configurations/windows-makefile.tmpl: canonicalise configured paths
      doc/man1/openssl.pod: Add missing commands and links
      Correct some typedef documentation
      Fix util/find-doc-nits to correctly parse function signature typedefs
      Fix util/perl/OpenSSL/Test.pm input variable overwrite
      Use the possibility to have test results in a different directory
      Reduce the things we ignore in test/
      Add branch coverage to coveralls statistics
      asn1_item_embed_new(): don't free an embedded item
      asn1_item_embed_new(): don't free an embedded item
      asn1_item_embed_new(): if locking failed, don't call asn1_item_embed_free()
      doc/man3/d2i_X509.pod: add {d2i,i2d}_DSA_PUBKEY in NAME section
      EVP_PKEY_ASN1_METHOD: add functions to set siginf_set and pkey_check methods
      Document EVP_PKEY_ASN1_METHOD and associated functions
      EVP_PKEY_asn1_add0(): Check that this method isn't already registered
      make update
      Fix EVP_PKEY_ASN1_METHOD manual
      Generate a dictionary of OIDs for fuzzers
      make update
      Fix small but important regression
      Travis: if "make update" created a diff, please show it
      Configure: cleanup @disable_cascade
      Modify expected output of a certificate to match the changed printout
      Add padding spaces before printing signature algorithm for CRLs output
      Modify expected output of a CRL to match the changed printout
      Avoid unnecessary MSYS2 conversion of some arguments
      Correct EVP_CIPHER_meth_new.pod and EVP_MD_meth_new.pod
      Fix EVP_MD_meth_new.pod
      Save away the environment variables we rely on
      Make it possible to add env var assignments as Configure options
      Document the possibility for command line argument env assignments
      Have all relevant config targets use the env() function rather than $ENV
      Make sure ./config passes options to ./Configure correctly
      Configure: die if there are other arguments with 'reconf'
      Document how the configuration option 'reconf' works
      Remove unicode characters from source
      In OPENSSL_init_ssl(), run the base ssl init before OPENSSL_init_crypto()
      In apps_startup(), call OPENSSL_init_ssl() rather than OPENSSL_init_crypto()
      Configure: move the processing of predefined macros to a function
      Configure: Add read_eval_file, a general purpose perl file reader/evaluator
      Configure: Read in extra information to help create shared libraries
      Configure: Recognise .rc and .def / .map / .opt as source files
      Build file templates: Replace the use of Makefile.shared
      build.info: adapt to the new handling of .rc / .def / .map / .opt files
      Configure et al: cleanups
      Remove Makefile.shared, as it's now entirely unused
      Note the removal of Makefile.shared in CHANGES
      Restore makedepend capabilities for Windows and VMS
      VMS build file template: adapt for when someone disabled 'makedepend'
      Fix leak in ERR_get_state() when OPENSSL_init_crypto() isn't called yet
      Fix VMS use of util/mkdef.pl in top build.info
      Restore the use of LDCMD when linking applications
      VMS build.info: uppercase args to perl modules must be quoted
      VMS fix: link shared libs from objects files instead of from static libs
      Add 'openssl req' option to specify extension values on command line
      Ignore ORDINALS in build.info files, and remove its documentation
      apps: make sure prog_init only calculates once
      Add the possibility to do 'openssl help [command]'
      CHANGES: Document the removal of OS390-Unix
      Clean up uClinux targets
      Separate general linking flags from extra libraries
      Update copyright years on all files merged since Jan 1st 2018
      Configure: try to make sure every config target name is unique
      Fix intermittent Cygwin failures in s_client
      Fix Windows build file template to recognise .res files
      Fix intermittent Windows and Cygwin failures in s_server
      TLSProxy::Proxy:  If we don't support IPv6, force IPv4
      TLSProxy::Proxy: don't waste time redirecting STDOUT and STDERR
      TLSProxy::Proxy: Don't use ReuseAddr on Windows
      Cygwin is POSIX, don't say it isn't
      Simplify Cygwin checks, part 1
      The Cygwin gcc doesn't define _WIN32, don't pretend it does
      Only implement secure malloc if _POSIX_VERSION allows
      Create one permanent proxy socket per TLSProxy::Proxy instance
      Copyright update of more files that have changed this year
      Enable TLSProxy tests on Windows
      Update the license end year
      Reduce the use of e_os.h in test programs
      test/ossl_shim/packeted_bio.h: don't include e_os.h
      When building shared libraries, only ln -s when simple and full name differ
      Add anything specifying a threads library to ex_libs
      Don't add $(EX_LIBS) to libssl.pc's Libs.private
      Revert "EVP_PKEY_asn1_add0(): Check that this method isn't already registered"
      Have EVP_PKEY_asn1_find_str() work more like EVP_PKEY_asn1_find()
      Configure: let INCLUDEs set on binaries "trickle down" to the objects
      Configure: ensure that a DEPEND generates the correct inclusion directory
      Small cleanup of some build.info files
      Processing GNU-style "make variables" - separate CPP flags from C flags
      Processing GNU-style "make variables" - implementation
      Stop having Unix defaults in Configure (partial)
      We need Unixly defaults for config targets that don't inherit a BASE
      Make sure all our config targets inherit a BASE template
      Add a note on Configure variable processing in NEWS and CHANGES
      VMS config.com: better handling of arguments
      Fix WinCE config target
      Treat C++ flags more like C flags, and only if C++ compiler specified
      Get rid of a warning about unused results
      Don't break testing when runnins as root
      Fix recent typo.  -DL_ENDIAN / -DB_ENDIAN, not -DL_DEBIAN / -DB_DEBIAN
      Remove $no_sse2, as it's just a 'copy' of $disabled{sse2}
      Don't define OPENSSL_NO_ERR for the command line
      Make configdata.pm runnable and move all display of information there
      Have the build files use the executable configdata.pm
      Move the display of disabled features to configdata.pm as well.
      Document the use of configdata.pm as a script
      Make Travis and Appveyor display the configuration data dump
      To make it less surprising and confusing, leave a message on configdata.pm
      Fix typo in Windows makefile template: quotify, not quotiry
      Restore perl variables for ENGINESDIR and OPENSSLDIR
      Add a 'reconfigure' make target
      Configure: add configure command line C flags after the configured C flags
      Configure: when checking user input, check both %user and %useradd
      Fix small typo (parenthesis missing)
      BIO: at the end of BIO_new, declare the BIO inited if no create method present
      Remove "dummy" BIO create and destroy functions
      apps: Don't include progs.h in apps.h
      Apps: divide the modules in direct command modules, support library and init
      Make test/uitest depend on the private apps support library
      Add missing \n in some testutil output
      Add an apps internal BIO filter for prefixing output lines
      Make sure that apps/openssl prefixes its output with '# ' during tests
      ocsp.c doesn't free the whole output chain, maybe causing a memory leak
      VMS: MMS wants a space before the target / dependecies separator
      Fix of prefix bio filter (bf_prefix.c): rely on the given length
      Have configdata.pm also display the contents of %target
      util/mkdef.pl: Trust configdata.pm
      Code cleanup: remove benchmark code from internal tests
      Modify test/afalgtest to fail if the afalg engine couldn't be loaded
      test/recipes/30-test_afalg.t: set OPENSSL_ENGINES correctly
      Make all private functions in e_afalg.c static
      mkerr.pl: When writing internal FOOerr.h, pay attention to disablable modules
      make update ERROR_REBUILD=-rebuild
      Revert "Modify test/afalgtest to fail if the afalg engine couldn't be loaded"
      With nmake, invoking $(MAKE) needs /$(MAKEFLAGS)
      util/mkdef.pl: use better array in search of 'DEPRECATEDIN_'
      Revert ".travis.yml: remove osx from build matrix."
      Fix check of cpuid_asm_src config attribute
      VMS: take care of includes
      Turn off printf format checking for BIO_printf et al on Mac OS/X
      Configuration: move the handling of zlib_include to config files

Rob Percival (57):
      Removes CTLOG_new_null from the CT public API
      Mkae CT_log_new_from_base64 always return 0 on failure
      Improves CTLOG_STORE setters
      Make CT_POLICY_EVAL_CTX_set1_{cert,issuer} into boolean functions
      Replaces CT_POLICY_EVAL_CTX_set0 entries with new setters in libcrypto.num
      Internalizes SCT_verify and removes SCT_verify_v1
      Prevent double-free of CTLOG public key
      Removes {i2o,o2i}_SCT_signature from the CT public API
      Document that o2i_SCT_signature can leave the SCT in an inconsistent state
      SCT_set_source resets validation_status
      First draft of CT documentation
      Fix comment about return value of ct_extract_tls_extension_scts
      Add SSL_get0_peer_scts to ssl.pod
      Fix comment about what SCT_LIST_validate does.
      Add comment about calling CT_POLICY_EVAL_CTX_free
      Remove unnecessary bold tags in CT pods
      Add enum definitions to CT pods
      Adds missing function names to NAME section of PODs
      Adds newline after =cut in PODs
      Adds copyright section to ct.pod
      Renames CT_POLICY_EVAL_CTX.pod to CT_POLICY_EVAL_CTX_new.pod
      Fixes final issue in CT PODs highlighted by util/find-doc-nits.pl
      Adds history section to CT PODs
      Refer to OPENSSLDIR rather than "the OpenSSL install directory"
      Clarifies the format of a log's public key in the CONF file
      Document that SCT_set_source returns 0 on failure.
      Removes d2i_SCT_LIST.pod
      Document the i2o and o2i SCT functions
      Documents the CTLOG functions
      Removes {o2i,i2o}_SCT_signature from PODs
      Documents the SCT validation functions
      Removes the SCT_verify* POD
      Correct documentation about SCT setters resetting validation status
      Updates the CT_POLICY_EVAL_CTX POD
      Typo fixes
      Check that SCT timestamps are not in the future
      Remove obsolete error constant CT_F_CTLOG_NEW_NULL
      Reword documentation for {SCT_CTX/CT_POLICY_EVAL_CTX}_set_time
      Default CT_POLICY_EVAL_CTX.epoch_time_in_ms to time()
      Don't check for time() failing in CT_POLICY_EVAL_CTX_new
      By default, allow SCT timestamps to be up to 5 minutes in the future
      Cast time_t to uint64_t before converting to milliseconds in ct_policy.c
      Convert C++ comments to C-style comments
      Add test for CT_POLICY_EVAL_CTX default time
      Construct SCT from base64 in ct_test
      Subtract padding from outlen in ct_base64_decode
      Pass a temporary pointer to o2i_SCT_signature from SCT_new_from_base64
      Use valid signature in test_decode_tls_sct()
      Make sure things get deleted when test setup fails in ct_test.c
      Move SCT_LIST_free definition into a more logical place
      Adds a "-precert" flag to "openssl req" for creating pre-certificates
      Basic test for "openssl req -precert" via apps/CA.pl
      Documentation for the -precert flag for "openssl req"
      Change CA.pl flag from --newprecert to --precert
      apps/req.c: flag "-new" is implied by "-precert"
      Add SSL tests for certificates with embedded SCTs
      CT_POLICY_EVAL_CTX_set_time expects milliseconds, but given seconds

Robbie Harwood (4):
      Add external krb5 test support
      Update external test README for running krb5
      Fix formatting of PYCA external test instructions
      [extended tests] Enable krb5 tests in Travis

Robert Scheck (7):
      Add LMTP support (RFC 2033) to s_client ("-starttls lmtp")
      Shift inside of switch back one level (code style change, as requested by Rich Salz)
      Avoid warnings like unused enum value (as suggested by Rich Salz)
      Add NNTP support (RFC 4642) to s_client ("-starttls nntp")
      Add Sieve support (RFC 5804) to s_client ("-starttls sieve")
      Handle negative reply for NNTP STARTTLS in s_client
      Add LDAP support (RFC 4511) to s_client ("-starttls ldap")

Robert Swiecki (1):
      Add to fuzz corpora for CVE-2016-6309

Roberto Guimaraes (1):
      this change will prevent undefined behavior when src and dst are equal (memcpy), effectively allowing setting length only in both functions.

Roelof duToit (2):
      Retry SSL_read on ERROR_WANT_READ.     This resolves the retry issue in general, but also the specific case where a TLS 1.3 server sends a post-handshake NewSessionTicket message prior to appdata.
      Update PR#3925

Ronald Tse (6):
      CHANGES: remove empty whitespaces
      SM4: Add SM4 block cipher to EVP
      EVP digest list: one hash algorithm per file, synchronize EVP list, overall cleanup.
      Synchronize man3 EVP cipher list with existing implementations, adding:     * ARIA, SEED, Camellia     * AES-XTS, OCB, CTR     * Key wrap for 3DES, AES     * RC4-MD5 AD     * CFB modes with 1-bit and 8-bit shifts
      SM3: restructure to EVP internal and update doc to right location
      Add SM3/SM4 to openssl command-line tool

Saagar Jha (1):
      Update comments to match function parameter names

Samuel Weiser (3):
      Fixed error in propagating BN_FLG_CONSTTIME flag through BN_MONT_CTX_set, which could lead to information disclosure on RSA primes p and q.
      BN_copy now propagates BN_FLG_CONSTTIME
      Added const-time flag to DSA key decoding to avoid potential leak of privkey

Sascha Steinbiss (1):
      Add OCSP_resp_get1_id() accessor

Sebastian Andrzej Siewior (2):
      dsa/dsa_gen: add error message for seed_len < 0
      rsa: Do not allow less than 512 bit RSA keys

Sergey Bronnikov (1):
      Fix link to LibFuzzer

Steffan Karger (1):
      Fix SSL_CTX_get_{min,max}_proto_version integer conversion warning

Steve Linsell (1):
      Update copyright year in mkerr.pl

Steven Collison (2):
      doc: Add missing options in s_{server,client}
      doc: Add stitched ciphers to EVP_EncryptInit.pod

Steven Danneman (1):
      Fix double array increment in s_client mysql connect

Steven Fackler (1):
      Fix signatures of EVP_Digest{Sign,Verify}Update

Tatsuhiro Tsujikawa (9):
      Restore s->early_data_state with the original value
      Call init and finalization functions per extension message
      Break before && operator
      Don't treat PACKET_remaining() as boolean
      Fix TLSv1.3 exporter secret
      Don't change client random in Client Hello in its second flight
      Generate exporter_master_secret after server Finished
      Remove generation of exporter master secret on client application traffic
      Make sure that exporting keying material is allowed

Thiago Arrais (1):
      update docs because depth refers only to intermediate certs

Thijs Wenker (1):
      Fix certificate version number in test

Tim Hudson (1):
      Fix EC_KEY_print so it prints out private key information     even when the public key is not present in an EC_KEY

Todd Short (53):
      Add SSL_CTX_set1_cert_store()
      Skipping tests in evp_test leaks memory
      Fix EVP_MD_meth_get_flags
      Add support for Poly1305 in EVP_PKEY
      Cleanup EVP_CIPH/EP_CTRL duplicate defines
      Majority rules, use session_ctx vs initial_ctx
      Add support for parameterized SipHash
      Internal siphash tests are not run.
      Fix potential memory leak in ASN1_TIME_to_generalizedtime()
      Remove some #if 0 code in ssl, crypto/bio
      Add some TLS13 values to s_client/s_server
      Add HelloRetryRequest text to s_client/s_server
      Add TLSv1.3 draft-19 messages to trace
      Add support for MLOCK_ONFAULT to secure arena
      Remove ECDH(E) ciphers from SSLv3
      OCSP Updates: error codes and multiple certificates
      Fix unit tests when no-bf configured
      Fix minor compiler issues.
      Fix s_client when no-dtls
      Fix time offset calculation.
      TLS1.3 Padding
      Limit padded record to max plaintext
      Fix clang compile time error
      Fix infinite loops in secure memory allocation.
      Clean up SSL_OP_* a bit
      Fix compile error/warning in packettest.c
      Tweak sec_mem tests
      Fix the mem_sec "small arena"
      Fix inconsistent check of UNSAFE_LEGACY_RENEGOTIATION
      Fix ex_data and session_dup issues
      Handle the server refusing to reneg in a reneg_setup
      Always flush the BIO when we send any alert
      Fix #2400 Add NO_RENEGOTIATE option
      Fix #340: Parse ASN1_TIME to struct tm
      Add apps/progs.h to gitignore
      ssl_session_dup() missing ext.alpn_session
      Fix #946 Add -preserve_dates to x509 app
      Add support to free/allocate SSL buffers
      Fix SSL_set_tlsext_debug_callback/-tlsextdebug
      Consolidate to a single asn1_time_from_tm() function
      Reorder extensions to put SigAlgs last
      Fix return value of ASN1_TIME_compare
      Session resume broken switching contexts
      Use ChaCha only if prioritized by clnt
      Add sk_new_reserve support
      Fix 'make update'
      Fix --strict-warnings with C90
      Fix error-path memory leak in asn_mime.c
      Remove bad comments
      Add TLSv1.3 post-handshake authentication (PHA)
      Free pha_dgst in SSL_clear()
      Fix doc nits
      Fix some minor code nits

Tomas Mraz (12):
      Fix irregularities in GENERAL_NAME_print().
      Fix af_alg engine failure on 32 bit architectures.
      Add a comment for the added cast with explanation.
      Avoid truncating the pointer on x32 platform.
      Engine afalg: properly set operation type also on big endian.
      Fix regression in openssl req -x509 behaviour.
      Do not eat trailing '\n' in BIO_gets for fd BIO.
      Document that BIO_gets() preserves '\n'.
      Document the history of BIO_gets() on BIO_fd().
      Ignore -named_curve auto value to improve backwards compatibility
      Add missing documentation of the default format for commands.
      Avoid only exact duplicates when creating the accepted CA names list

Valentin Vidic (1):
      Add Postgres support to -starttls

Viktor Dukhovni (8):
      Fix missing dane_tlsa_rrdata option error message
      Add -dane_ee_no_namechecks s_client(1) option
      Un-delete still documented X509_STORE_CTX_set_verify
      Restore last-resort expired untrusted intermediate issuers
      Make possible variant SONAMEs and symbol versions
      Document the X509_V_FLAG_PARTIAL_CHAIN flag
      Add x509(1) reference
      Avoid leaking peername data via accept BIOs

Viktor Szakats (2):
      s_client: avoid warning on Windows/MS-DOS systems
      bio.h: fix number of arguments passed to BIO_ptr_ctrl()     Reviewed-by: Matt Caswell <matt at openssl.org>     Reviewed-by: Rich Salz <rsalz at openssl.org>     (Merged from https://github.com/openssl/openssl/pull/1520)

Vitezslav Cizek (1):
      Configure: remove superfluous 0x

Xiangyu Bu (1):
      Fix memory leak in GENERAL_NAME_set0_othername.

Xiaoyin Liu (15):
      Fix typo
      Remove unused function prototypes
      schlock global variable needs to be volatile
      Various doc fixes.
      Remove redundant declarations in record_locl.h
      Remove redundant declarations in ssl_locl.h
      Update copyright header
      Fix typos in files in ssl directory
      Fix typo in ASN1_TIME_set.pod
      Fix typo in sha1-thumb.pl
      app_isdir() cleanup
      Fix errors in SSL_state_string_long
      Fix typo in documents
      Fix typo in files in crypto folder
      Add missing HTML tag in www_body in s_server.c

Yuchi (1):
      mem leak on error path and error propagation fix

Yutian Li (2):
      Add padding spaces before printing algo.
      Add padding spaces before printing algo.

Zack Williams (1):
      "any" instead of "and"

Zhu Qun-Ying (1):
      Fixed address family test error for AF_UNIX in BIO_ADDR_make

choury (1):
      fix invalid use of incomplete type X509_STORE_CTX

daurnimator (1):
      Fix incorrect function name in BN_bn2bin manpage

edelangh (1):
      use OSSLzu instead of lu format for size_t display

enkore (1):
      EVP docs: chacha20, chacha20-poly1305

ganesh (3):
      Fixed the return code of RAND_query_egd_bytes when connect fails.
      Fixed the return code for RAND_egd_bytes.
      RAND_egd_bytes: No need to check RAND_status on connection error.

gbrl (1):
      bndiv fuzzer: limit the size of the input to avoid timeout

hongliang (1):
      coding style: remove extra whitespace charactor

jamercee (2):
      Adapt BIO_new_accept() to call BIO_set_accept_name()
      Fixed typo

jrmarino (1):
      Fix support for DragonFly BSD

klemens (2):
      spelling fixes, just comments and readme.
      fixing too optimistic typo-fix

komainu8 (1):
      Modify type of variable in OPENSSL_cpuid_setup function

letrhee-nsr (1):
      Add ARIA 32-bit implementation

lolyonok (1):
      Fix nid assignment in ASN1_STRING_TABLE_add

lrns (1):
      Change req_check_len error message, it also accepts 20 bytes, but states 'less than' in the error message

marko asplund (1):
      Allow CA.pl script user to pass extra arguments to openssl command

multics (1):
      Update rsautl.pod for typo

nickthetait (1):
      Create troubleshooting subsection in INSTALL file

pass86 (1):
      Fix spelling: adroideabi -> androideabi

xemdetia (2):
      Fix man3 reference to CRYPTO_secure_used
      Document default section and library configuration


More information about the openssl-commits mailing list