wolfSSL Compatibility support for OpenVPN

* Adds compatibility API's for:
	* `sk_ASN1_OBJECT_free`
	* `sk_ASN1_OBJECT_num`
	* `sk_ASN1_OBJECT_value`
	* `sk_X509_OBJECT_num`
	* `sk_X509_OBJECT_value`
	* `sk_X509_OBJECT_delete`
	* `sk_X509_NAME_find`
	* `sk_X509_INFO_free`
	* `BIO_get_len`
	* `BIO_set_ssl`
	* `BIO_should_retry` (stub)
	* `X509_OBJECT_free`
	* `X509_NAME_get_index_by_OBJ`
	* `X509_INFO_free`
	* `X509_STORE_get0_objects`
	* `X509_check_purpose` (stub)
	* `PEM_read_bio_X509_CRL`
	* `PEM_X509_INFO_read_bio`
	* `ASN1_BIT_STRING_new`
	* `ASN1_BIT_STRING_free`
	* `ASN1_BIT_STRING_get_bit`
	* `ASN1_BIT_STRING_set_bit`
	* `DES_check_key_parity`
	* `EC_GROUP_order_bits`
	* `EC_get_builtin_curves`
	* `EVP_CIPHER_CTX_cipher`
	* `EVP_PKEY_get0_EC_KEY`
	* `EVP_PKEY_get0_RSA`
	* `EVP_PKEY_get0_DSA` (stub)
	* `HMAC_CTX_new`
	* `HMAC_CTX_free`
	* `HMAC_CTX_reset`
	* `HMAC_size`
	* `OBJ_txt2obj`
	* `RSA_meth_new`
	* `RSA_meth_free`
	* `RSA_meth_set_pub_enc`
	* `RSA_meth_set_pub_dec`
	* `RSA_meth_set_priv_enc`
	* `RSA_meth_set_priv_dec`
	* `RSA_meth_set_init`
	* `RSA_meth_set_finish`
	* `RSA_meth_set0_app_data`
	* `RSA_get_method_data`
	* `RSA_set_method`
	* `RSA_get0_key`
	* `RSA_set0_key`
	* `RSA_flags`
	* `RSA_set_flags`
	* `RSA_bits`
	* `SSL_CTX_set_ciphersuites`
	* `SSL_CTX_set_security_level` (stub)
	* `SSL_export_keying_material` (stub)
	* `DSA_bits` (stub)
* Changes to support password callback trial and NO_PASSWORD. Replaces PR #2505.
* Renamed `wolfSSL_SSL_CTX_get_client_CA_list` to `wolfSSL_CTX_get_client_CA_list`.
* Cleanup of "sk" compatibility.

certs/client-cert-ext.pem

@@ -0,0 +1,93 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number:
+            7e:ff:c6:42:4f:83:8b:1f:1a:9d:4e:2f:ba:27:9f:97:d7:e2:ea:ab
+        Signature Algorithm: sha256WithRSAEncryption
+        Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = Programming-2048, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+        Validity
+            Not Before: Sep 20 14:13:15 2019 GMT
+            Not After : Jun 16 14:13:15 2022 GMT
+        Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = Programming-2048, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                RSA Public-Key: (2048 bit)
+                Modulus:
+                    00:c3:03:d1:2b:fe:39:a4:32:45:3b:53:c8:84:2b:
+                    2a:7c:74:9a:bd:aa:2a:52:07:47:d6:a6:36:b2:07:
+                    32:8e:d0:ba:69:7b:c6:c3:44:9e:d4:81:48:fd:2d:
+                    68:a2:8b:67:bb:a1:75:c8:36:2c:4a:d2:1b:f7:8b:
+                    ba:cf:0d:f9:ef:ec:f1:81:1e:7b:9b:03:47:9a:bf:
+                    65:cc:7f:65:24:69:a6:e8:14:89:5b:e4:34:f7:c5:
+                    b0:14:93:f5:67:7b:3a:7a:78:e1:01:56:56:91:a6:
+                    13:42:8d:d2:3c:40:9c:4c:ef:d1:86:df:37:51:1b:
+                    0c:a1:3b:f5:f1:a3:4a:35:e4:e1:ce:96:df:1b:7e:
+                    bf:4e:97:d0:10:e8:a8:08:30:81:af:20:0b:43:14:
+                    c5:74:67:b4:32:82:6f:8d:86:c2:88:40:99:36:83:
+                    ba:1e:40:72:22:17:d7:52:65:24:73:b0:ce:ef:19:
+                    cd:ae:ff:78:6c:7b:c0:12:03:d4:4e:72:0d:50:6d:
+                    3b:a3:3b:a3:99:5e:9d:c8:d9:0c:85:b3:d9:8a:d9:
+                    54:26:db:6d:fa:ac:bb:ff:25:4c:c4:d1:79:f4:71:
+                    d3:86:40:18:13:b0:63:b5:72:4e:30:c4:97:84:86:
+                    2d:56:2f:d7:15:f7:7f:c0:ae:f5:fc:5b:e5:fb:a1:
+                    ba:d3
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Subject Key Identifier: 
+                33:D8:45:66:D7:68:87:18:7E:54:0D:70:27:91:C7:26:D7:85:65:C0
+            X509v3 Authority Key Identifier: 
+                keyid:33:D8:45:66:D7:68:87:18:7E:54:0D:70:27:91:C7:26:D7:85:65:C0
+                DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_2048/OU=Programming-2048/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+                serial:7E:FF:C6:42:4F:83:8B:1F:1A:9D:4E:2F:BA:27:9F:97:D7:E2:EA:AB
+
+            X509v3 Basic Constraints: 
+                CA:TRUE
+            X509v3 Subject Alternative Name: 
+                DNS:example.com
+            X509v3 Key Usage: critical
+                Digital Signature, Certificate Sign, CRL Sign
+    Signature Algorithm: sha256WithRSAEncryption
+         46:c2:a5:a6:32:84:b0:68:03:41:de:37:da:c3:b8:46:71:3a:
+         31:aa:1a:f0:81:28:c3:07:37:61:17:7d:10:45:ee:ef:cd:c0:
+         19:2f:9e:95:01:5d:d6:09:13:8e:19:ea:da:27:75:66:21:e1:
+         bd:f8:97:a0:b5:8b:9e:71:13:26:75:50:34:f5:ac:8e:f8:d3:
+         89:d7:52:0a:f2:5f:3e:07:c2:02:e0:36:73:75:30:a9:5a:ba:
+         24:ef:fb:28:08:0d:31:53:84:3d:fd:1d:92:f9:15:da:01:7c:
+         20:70:d5:b6:0d:ea:3a:f1:85:90:b1:c3:b7:71:20:cb:03:22:
+         f3:8f:e5:02:4f:b1:77:1c:97:17:2c:3b:e9:41:1a:18:7c:89:
+         d9:8e:5f:34:6c:66:9c:61:79:f5:bd:df:68:2e:14:cc:11:d7:
+         e5:ce:9f:8a:0d:86:94:15:86:fa:32:0f:90:18:d1:2d:df:16:
+         56:58:09:25:91:21:c2:d3:f6:7e:c8:49:aa:00:d7:61:c7:9d:
+         d2:23:b1:7f:96:b0:79:6e:8b:09:38:2f:13:e1:48:9e:9a:28:
+         d4:08:44:73:29:52:49:eb:9d:fb:a6:f8:1f:2e:c5:d3:31:52:
+         86:ea:18:99:1d:73:ab:4b:f3:7c:6f:f5:84:c3:96:fb:02:36:
+         d9:13:64:8b
+-----BEGIN CERTIFICATE-----
+MIIFCDCCA/CgAwIBAgIUfv/GQk+Dix8anU4vuiefl9fi6qswDQYJKoZIhvcNAQEL
+BQAwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
+b3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzIwNDgxGTAXBgNVBAsMEFByb2dyYW1t
+aW5nLTIwNDgxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJ
+ARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0xOTA5MjAxNDEzMTVaFw0yMjA2MTYxNDEz
+MTVaMIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH
+Qm96ZW1hbjEVMBMGA1UECgwMd29sZlNTTF8yMDQ4MRkwFwYDVQQLDBBQcm9ncmFt
+bWluZy0yMDQ4MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0B
+CQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQDDA9Er/jmkMkU7U8iEKyp8dJq9qipSB0fWpjayBzKO0Lppe8bDRJ7UgUj9
+LWiii2e7oXXINixK0hv3i7rPDfnv7PGBHnubA0eav2XMf2UkaaboFIlb5DT3xbAU
+k/Vnezp6eOEBVlaRphNCjdI8QJxM79GG3zdRGwyhO/Xxo0o15OHOlt8bfr9Ol9AQ
+6KgIMIGvIAtDFMV0Z7Qygm+NhsKIQJk2g7oeQHIiF9dSZSRzsM7vGc2u/3hse8AS
+A9ROcg1QbTujO6OZXp3I2QyFs9mK2VQm2236rLv/JUzE0Xn0cdOGQBgTsGO1ck4w
+xJeEhi1WL9cV93/ArvX8W+X7obrTAgMBAAGjggE6MIIBNjAdBgNVHQ4EFgQUM9hF
+Ztdohxh+VA1wJ5HHJteFZcAwgd4GA1UdIwSB1jCB04AUM9hFZtdohxh+VA1wJ5HH
+JteFZcChgaSkgaEwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAw
+DgYDVQQHDAdCb3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzIwNDgxGTAXBgNVBAsM
+EFByb2dyYW1taW5nLTIwNDgxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0G
+CSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUfv/GQk+Dix8anU4vuiefl9fi
+6qswDAYDVR0TBAUwAwEB/zAWBgNVHREEDzANggtleGFtcGxlLmNvbTAOBgNVHQ8B
+Af8EBAMCAYYwDQYJKoZIhvcNAQELBQADggEBAEbCpaYyhLBoA0HeN9rDuEZxOjGq
+GvCBKMMHN2EXfRBF7u/NwBkvnpUBXdYJE44Z6tondWYh4b34l6C1i55xEyZ1UDT1
+rI7404nXUgryXz4HwgLgNnN1MKlauiTv+ygIDTFThD39HZL5FdoBfCBw1bYN6jrx
+hZCxw7dxIMsDIvOP5QJPsXcclxcsO+lBGhh8idmOXzRsZpxhefW932guFMwR1+XO
+n4oNhpQVhvoyD5AY0S3fFlZYCSWRIcLT9n7ISaoA12HHndIjsX+WsHluiwk4LxPh
+SJ6aKNQIRHMpUknrnfum+B8uxdMxUobqGJkdc6tL83xv9YTDlvsCNtkTZIs=
+-----END CERTIFICATE-----

certs/include.am

@@ -51,7 +51,9 @@ EXTRA_DIST += \
 	     certs/ecc-privOnlyCert.pem \
 	     certs/dh3072.pem \
 	     certs/client-cert-3072.pem \
-	     certs/client-key-3072.pem
+	     certs/client-key-3072.pem \
+	     certs/client-cert-ext.pem
+
 EXTRA_DIST += \
 	     certs/ca-key.der \
 	     certs/ca-cert.der \
@@ -75,7 +77,8 @@ EXTRA_DIST += \
 	     certs/server-ecc.der \
 	     certs/server-ecc-self.der \
 	     certs/server-ecc-rsa.der \
-	     certs/server-cert-chain.der
+	     certs/server-cert-chain.der \
+	     certs/client-cert-ext.der
 
 # ECC CA prime256v1
 EXTRA_DIST += \

certs/renewcerts/wolfssl.cnf

@@ -124,6 +124,7 @@ authorityKeyIdentifier=keyid,issuer
 subjectKeyIdentifier=hash
 authorityKeyIdentifier=keyid:always,issuer:always
 basicConstraints=CA:true
+subjectAltName=DNS:example.com
 
 #wolfssl extensions for intermediate CAs
 [wolfssl_opts_ICA]