- 29 6月, 2020 17 次提交
-
-
由 Rich Salz 提交于
Change default FIPS HMAC KEY from all-zero's Use default FIPSKEY if not given on command line. Make all -macopt in fipsinstall optional Make all tests, except fipsinstall, use the default -macopt and -mac_name flags. Define and use FIPSDIR variable on VMS/MMS. Also use SRCDIR/BLDDIR in SRCTOP/BLDTOP. Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12235)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NNicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/12232)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NNicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/12232)
-
由 Richard Levitte 提交于
Remove code in help_main() that duplicates the case when 'openssl' is called with no arguments, which is now handled in main(). Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/12295)
-
由 Richard Levitte 提交于
Some configuration targets pretend to be for a specific compiler, but are more widely usable, and should reflect that. [work in progress] Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11230)
-
由 Richard Levitte 提交于
'config' is now a mere wrapper for backward compatibility. All documentation is changed accordingly. Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11230)
-
由 Richard Levitte 提交于
These options were coded in util/perl/OpenSSL/config.pm, but that got removed when the OpenSSL::config::main() function was removed. We're not putting them back, but in 'Configure'. Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11230)
-
由 Richard Levitte 提交于
There's no reason to have two different tables, when we can simply detect if the tuple elements are code or scalar. Furthermore, order is important in some cases, and that order is harder not to say impossible when maintaining two tables. Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11230)
-
由 Richard Levitte 提交于
The strings we expand contain other variable references than just ${MACHINE}. Instead of having to remember what to expand, we simply evaluate the string as a, well, string. Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11230)
-
由 Richard Levitte 提交于
Now that Configure called config.pm's functions directly, the 'config' script doesn't have much else to do than to pass arguments. Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11230)
-
由 Richard Levitte 提交于
map_guess() is now table driven, just like get_system(). Additionally, it now takes a config hash table and returns one of its own. This way, 'Configure' can pass whatever it has already found to OpenSSL::config::get_platform(), and easily merge the returned hash table into its %config. This also gets rid of variables that we no longer need. That includes $PERL and all the $__CNF_ environment variables. Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11230)
-
由 Richard Levitte 提交于
Previously, ./config would check if "$target-$CC", then "$target" exists and choose the one that does. This is now moved to Configure. Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11230)
-
由 Richard Levitte 提交于
determine_compiler_settings() has been refactored to: - find a compiler if none has been given by the user - allow platform specific overrides, but only when the user didn't already specify a desired compiler - figure out the compiler vendor and version, making sure that the version number is deterministic - gather platform specific compiler information Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11230)
-
由 Richard Levitte 提交于
This also remove all option parsing. We leave that to Configure. Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11230)
-
由 Richard Levitte 提交于
POSIX::uname() has the advantage to work on non-POSIX systems as well, such as the Windows command prompt and VMS. Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11230)
-
由 Richard Levitte 提交于
This is much better handled in Configure. [There's another PR moving this to Configure, so this commit should eventually disappear because rebase] Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11230)
-
由 Rich Salz 提交于
- Use $^X; to find perl. - Big re-ordering: Put all variables at the top, move most inline code into functions. The heart of the script now basically just calls functions to do its work. - Unify warning text, add -w option - Don't use needless (subshells) - Ensure Windows gets a VC-xxx option - Make config a perl module - Top-level "config" command-line is a dummy that just calls the module. Added module stuff so that it can be called from Configure. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11230)
-
- 28 6月, 2020 6 次提交
-
-
由 Matt Caswell 提交于
Even if a fibre changes the default libctx - or the main application code changes it, the "current" default libctx should remain consistent. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12228)
-
由 Matt Caswell 提交于
Since the default libctx is now stored in a thread local variable swapping in and out of fibres in the ASYNC code could mean that the "current" default libctx can get confused. Therefore we ensure that everytime we call async_fibre_swapcontext() we always restore the default libctx to whatever it was the last time the fibre ran. Similarly when async_fibre_swapcontext() returns we need to restore the current thread's default libctx. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12228)
-
由 Richard Levitte 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12228)
-
由 Richard Levitte 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12228)
-
由 Richard Levitte 提交于
NEWS and CHANGES hasn't mentioned OPENSSL_CTX before, so adding entries now. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12228)
-
由 Richard Levitte 提交于
Applications may want to set their own default library context, possibly per-thread. OPENSSL_CTX_set0_default() does that. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12228)
-
- 27 6月, 2020 4 次提交
-
-
由 Richard Levitte 提交于
We have a notational convention in INSTALL.md, which says this among others: > Any line starting with a dollar sign is a command line. > > $ command > > The dollar sign indicates the shell prompt and is not to be entered as > part of the command. That notation exists to make it clear what is a command line and what's output from that command line. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/12257)
-
由 Attila Szakacs 提交于
BASE_unix sets ex_libs to `-lz` based the on zlib linking. AIX platforms overwrote this instead of adding to it. CLA: Trivial Signed-off-by: NAttila Szakacs <attila.szakacs@oneidentity.com> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12271)
-
由 Kurt Roeckx 提交于
This has as effect that SHA1 and MD5+SHA1 are no longer supported at security level 1, and that TLS < 1.2 is no longer supported at the default security level of 1, and that you need to set the security level to 0 to use TLS < 1.2. Reviewed-by: NTim Hudson <tjh@openssl.org> GH: #10787
-
由 Kurt Roeckx 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org> GH: #10787
-
- 26 6月, 2020 3 次提交
-
-
由 Richard Levitte 提交于
There currently do not support 'ec_param_enc:explicit' with provider side key generation. Reflect that by encoding the expected failure with a Test::More TODO section for those particular tests. Because the tests in this recipe are data driven, we implement this mechanism with two functions, one for stuff that's supported and one for stuff that isn't. Reviewed-by: NNicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/12080)
-
由 Nicola Tuveri 提交于
This commit adds a new recipe to test EC key generation with the `genpkey` CLI app. For each built-in curve, it tests key generation with text output, in PEM and in DER format, using `explicit` and `named_curve` for parameters encoding. The list of built-in curves is static at the moment, as this allows to differentiate between prime curves and binary curves to avoid failing when ec2m is disabled. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12080)
-
由 pedro martelletto 提交于
HMAC() and HMAC_Update() take size_t for 'n' and 'len' respectively. CLA: trivial Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12264)
-
- 25 6月, 2020 9 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
-
由 Matt Caswell 提交于
Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
-
由 Matt Caswell 提交于
Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/12273)
-
由 Dr. David von Oheimb 提交于
CID 1463570: (USE_AFTER_FREE) CID 1463570: (USE_AFTER_FREE) Passing freed pointer "e" as an argument to "release_engine". Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12231)
-
由 Dr. David von Oheimb 提交于
CID 1463578: Resource leaks (RESOURCE_LEAK) CID 1463575: Resource leaks (RESOURCE_LEAK) Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12231)
-
由 Dr. Matthias St. Pierre 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12222)
-
由 Dr. Matthias St. Pierre 提交于
The new naming scheme consistently usese the `OSSL_FUNC_` prefix for all functions which are dispatched between the core and providers. This change includes in particular all up- and downcalls, i.e., the dispatched functions passed from core to provider and vice versa. - OSSL_core_ -> OSSL_FUNC_core_ - OSSL_provider_ -> OSSL_FUNC_core_ For operations and their function dispatch tables, the following convention is used: Type | Name (evp_generic_fetch(3)) | ---------------------|-----------------------------------| operation | OSSL_OP_FOO | function id | OSSL_FUNC_FOO_FUNCTION_NAME | function "name" | OSSL_FUNC_foo_function_name | function typedef | OSSL_FUNC_foo_function_name_fn | function ptr getter | OSSL_FUNC_foo_function_name | Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12222)
-
由 Dr. Matthias St. Pierre 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12222)
-
由 Pauli 提交于
NULL terminate the built in "help" argv array to avoid reading beyond the end. Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/12258)
-
- 24 6月, 2020 1 次提交
-
-
由 Matt Caswell 提交于
A few miscellaneous man page typos reported by Hal Murray on openssl-users. Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/12185)
-