Fix an s_client memory leak

We were using OPENSSL_strdup() unnecessarily and then failing to free it. There is
no reason to use OPENSSL_strdup() in this scenario - so just remove it.

Fix an s_client memory leak

We were using OPENSSL_strdup() unnecessarily and then failing to free it. There is
no reason to use OPENSSL_strdup() in this scenario - so just remove it.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4699)

show more ...

style : fix some if(...

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4457)

Implement Maximum Fragment Length TLS extension.

Based on patch from Tomasz Moń:
https://groups.google.com/forum/#!topic/mailing.openssl.dev/fQxXvCg1uQY

Reviewed-by: Matt Caswel

Implement Maximum Fragment Length TLS extension.

Based on patch from Tomasz Moń:
https://groups.google.com/forum/#!topic/mailing.openssl.dev/fQxXvCg1uQY

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/1008)

show more ...

apps/s_client.c: add missing null check
apps/s_server.c: remove unnecessary null check

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
(

apps/s_client.c: add missing null check
apps/s_server.c: remove unnecessary null check

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4558)

show more ...

Remove parentheses of return.

Since return is inconsistent, I removed unnecessary parentheses and
unified them.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt

Remove parentheses of return.

Since return is inconsistent, I removed unnecessary parentheses and
unified them.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4541)

show more ...

Make '-name' option of the 's_client' more generic

And also make '-xmpphost' an alias of the '-name' option.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tim

Make '-name' option of the 's_client' more generic

And also make '-xmpphost' an alias of the '-name' option.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4524)

show more ...

Various review fixes for PSK early_data support

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3926)

Show the error stack if there was an error writing early data in s_client

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3926)

If no SNI has been explicitly set use the one from the session

If we have not decided on an SNI value yet, but we are attempting to reuse
a session, and SNI is set in that, then we shoul

If no SNI has been explicitly set use the one from the session

If we have not decided on an SNI value yet, but we are attempting to reuse
a session, and SNI is set in that, then we should use that value by
default.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3926)

show more ...

Enable the ability to use an external PSK for sending early_data

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3926)

Move e_os.h to be the very first include.
cryptilib.h is the second.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged fro

Move e_os.h to be the very first include.
cryptilib.h is the second.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4188)

show more ...

(Re)move some things from e_os.h

Remove GETPID_IS_MEANINGLESS and osslargused.

Move socket-related things to new file internal/sockets.h; this is now
only needed by four(!!!) fi

(Re)move some things from e_os.h

Remove GETPID_IS_MEANINGLESS and osslargused.

Move socket-related things to new file internal/sockets.h; this is now
only needed by four(!!!) files. Compiles should be a bit faster.
Remove USE_SOCKETS ifdef's

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4209)

show more ...

Addressed build failure because of missing #ifdef AF_UNIX guard
CLA: trivial

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from

Addressed build failure because of missing #ifdef AF_UNIX guard
CLA: trivial

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4067)

show more ...

Revert "Add some casts for %j"

This reverts commit c4d2e483a39176a476c56d35879423fe6e33c0cd.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/opens

Revert "Add some casts for %j"

This reverts commit c4d2e483a39176a476c56d35879423fe6e33c0cd.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4160)

show more ...

Add some casts for %j

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4160)

Standardize apps use of -rand, etc.

Standardized the -rand flag and added a new one:
-rand file...
Always reads the specified files
-writerand file

Standardize apps use of -rand, etc.

Standardized the -rand flag and added a new one:
-rand file...
Always reads the specified files
-writerand file
Always writes to the file on exit

For apps that use a config file, the RANDFILE config parameter reads
the file at startup (to seed the RNG) and write to it on exit if
the -writerand flag isn't used.

Ensured that every app that took -rand also took -writerand, and
made sure all of that agreed with all the documentation.

Fix error reporting in write_file and -rand

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/3862)

show more ...

Fix s_client crash where the hostname is provided as a positional arg

If the hostname is provided as a positional arg then s_client crashes.
The crash occurs as s_client exits (after eit

Fix s_client crash where the hostname is provided as a positional arg

If the hostname is provided as a positional arg then s_client crashes.
The crash occurs as s_client exits (after either a successful or
unsuccessful connection attempt).

This issue was introduced by commit 729ef85611.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3881)

show more ...

Fix memory leak when using PSK session files

We were not freeing the session created when loading a PSK session file.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Ber

Fix memory leak when using PSK session files

We were not freeing the session created when loading a PSK session file.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/3855)

show more ...

Fix double array increment in s_client mysql connect

The packet parsing code for the server version string was incrementing
the array index twice on every iteration. This meant that stri

Fix double array increment in s_client mysql connect

The packet parsing code for the server version string was incrementing
the array index twice on every iteration. This meant that strings with
an even number of characters would pass, but strings with an odd number
(ex: 5.7.18-0ubuntu0.16.04.1) would cause the pos variable to get out
of sync.

This would cause a later failure with "MySQL packet is broken."

CLA: trivial

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3799)

show more ...

PSK related tweaks based on review feedback

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3670)

Use constants rather than macros for the cipher bytes in the apps

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3670)

Tweak the client side PSK callback

Ensure that we properly distinguish between successful return (PSK
provided), successful return (no PSK provided) and failure.

Reviewed-by: Ri

Tweak the client side PSK callback

Ensure that we properly distinguish between successful return (PSK
provided), successful return (no PSK provided) and failure.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3670)

show more ...

Fix no-psk

Broken through previous PSK related commits

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3670)

Add the ability to set a TLSv1.3 PSK via just the key bytes

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3670)

Add the ability to use a client side TLSv1.3 external PSK in s_client

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3670)