Update for OPENSSL_cpu_caps() now being machine independent.

Fix golden numbers after beck broke it months ago
(why is it always me who gets to clean up this shit?)

Remove GOST and STREEBOG support from libssl.

This version of GOST is old and not anywhere close to compliant with
modern GOST standards. It is also very intrusive in libssl and
makes a mess everywh

Remove GOST and STREEBOG support from libssl.

This version of GOST is old and not anywhere close to compliant with
modern GOST standards. It is also very intrusive in libssl and
makes a mess everywhere. Efforts to entice a suitably minded anyone
to care about it have been unsuccessful.

At this point it is probably best to remove this, and if someone
ever showed up who truly needed a working version, it should be
a clean implementation from scratch, and have it use something
closer to the typical API in libcrypto so it would integrate less
painfully here.

This removes it from libssl in preparation for it's removal from
libcrypto with a future major bump

ok tb@

show more ...

Fix last bit of the clienttest, needs ssl_pkt.c r1.66

Fix most of the clienttest. With this only test cases 9 and 13 fail.

Fix the client test and the tlsext test to work with randomized
TLS extensions (this involves unrandomizing the extension order
for the tests that rely on golden numbers.

zap trailing spaces

Regenerate golden numbers due to RC4-MD5 now being disabled by default.

More %i vs %d cleanup

Use BIO_up_ref() instead of adjusting refcounts manually

Revert accidental commit

link verify regress tests to build

Add test coverage for TLSv1.3 client hellos.

This is a little bit clunky due to the number of things that vary (largely
thanks to middlebox compatibility mode, along with the versions and key
share

Add test coverage for TLSv1.3 client hellos.

This is a little bit clunky due to the number of things that vary (largely
thanks to middlebox compatibility mode, along with the versions and key
share extensions), however it works and can be improved at a later date.

show more ...

Add test coverage for DTLSv1.2 client hellos.

Teach hexdump() how to identify differing bytes.

This allows differences between the received data and the test data to be
more readily identified.

More appropriately set cipher_list_len when AES acceleration is available.

Tweak some data types and sprinkle some const.

Update DTLS client hello due to ECC changes.

Avoid NULL deref on BIO_new{_mem_buf,}() failure.

$OpenBSD$

I accidentally zeored out a few bytes of the TLSv1.0 session ID.
Restore them to their previous values.

Update golden values to match P-521 being enabled by default in the client.

Diff from tb@

Minor code improvements.

Add tests that cover TLSv1.2 and disable those that trigger TLSv1.3.

This allows the test to pass again.

Zero the client random field in the TLSv1.2 golden value.