Skip to content

O
openssl

btwise / openssl

通知 1
Star 0
Fork 0
O
openssl

体验新版 GitCode,发现更多精彩内容 >>

切换分支/标签
  1. 12 3月, 2021 1 次提交
  3. 13 2月, 2021 2 次提交
    • D
      Unify the markdown links to the NOTES and README files · 4148581e
      Dr. Matthias St. Pierre 提交于 
      In many locations, the files have been converted to markdown
syntactically, but don't utilize the power of markdown yet.
Here, instead of just repeating the file name, the markdown link
now shows the title of the document.

Additionally, the notes are now reference in the same order in both
the README and the INSTALL file.
Reviewed-by: NPaul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14042)
      4148581e
    • D
      Revise some renamings of NOTES and README files · 9f1fe6a9
      Dr. Matthias St. Pierre 提交于 
      Some of the notes and readme files have been converted to markdown
format recently and renamed during this process. While adding the
.md extension was a natural step, switching to mixed cases was not
a change to the better, it gives them a ragged appearance:

     NOTES.ANDROID  => NOTES-Android.md
     NOTES.DJGPP    => NOTES-DJGPP.md
     NOTES.PERL     => NOTES-Perl.md
     NOTES.UNIX     => NOTES-Unix.md
     NOTES.VMS      => NOTES-VMS.md
     NOTES.VALGRIND => NOTES-Valgrind.md
     NOTES.WIN      => NOTES-Windows.txt
     README.ENGINE  => README-Engine.md
     README.FIPS    => README-FIPS.md

Moreover, the NOTES-Windows.txt file is the only file which has been
converted to markdown but has received a .txt file extension.
This doesn't make sense, because the OpenSSL users on Windows will
need to read the other markdown documents as well. Since they are
developers, we can trust them to be able to associate their favorite
editor with the .md extension.

In fact, having a comment at the beginning of the file saying that it
is in markdown format but we didn't dare to add the correct extension
in order not to overwhelm our Windows users can be interpreted either
as unintentionally funny or disrespectful ;-)

This commit suggests the following more consistent renaming:

     NOTES.ANDROID  => NOTES-ANDROID.md
     NOTES.DJGPP    => NOTES-DJGPP.md
     NOTES.PERL     => NOTES-PERL.md
     NOTES.UNIX     => NOTES-UNIX.md
     NOTES.VMS      => NOTES-VMS.md
     NOTES.VALGRIND => NOTES-VALGRIND.md
     NOTES.WIN      => NOTES-WINDOWS.md
     README.ENGINE  => README-ENGINES.md
     README.FIPS    => README-FIPS.md

(note the plural in README-ENGINES, anticipating a README-PROVIDERS)
Reviewed-by: NPaul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14042)
      9f1fe6a9
  5. 12 2月, 2021 2 次提交
  7. 04 12月, 2020 1 次提交
  9. 28 11月, 2020 1 次提交
  11. 18 10月, 2020 1 次提交
  13. 09 10月, 2020 1 次提交
  15. 08 10月, 2020 1 次提交
  17. 18 9月, 2020 1 次提交
  19. 17 7月, 2020 1 次提交
  21. 05 7月, 2020 3 次提交
  23. 03 7月, 2020 1 次提交
  25. 29 6月, 2020 4 次提交
  27. 27 6月, 2020 1 次提交
  29. 23 6月, 2020 1 次提交
  31. 22 6月, 2020 1 次提交
  33. 17 6月, 2020 1 次提交
    • S
      Add ACVP fips module tests · 4f2271d5
      Shane Lontis 提交于 
      For FIPS validation purposes - Automated Cryptographic Validation Protocol (ACVP) tests need to be
performed. (See https://github.com/usnistgov/ACVP). These tests are very similiar to the old CAVS tests.

This PR uses a hardwired subset of these test vectors to perform similiar operations,
to show the usage and prove that the API's are able to perform the required operations.
It may also help with communication with the lab (i.e- The lab could add a test here to show
a unworking use case - which we can then address).

The EVP layer performs these tests instead of calling lower level API's
as was done in the old FOM.
Some of these tests require access to internals that are not normally allowed/required.

The config option 'acvp_tests' (enabled by default) has been added so that this
access may be removed.

The mechanism has been implemented as additional OSSL_PARAM values that can be set and get.
A callback mechanism did not seem to add any additional benefit.
These params will not be added to the gettables lists.
Reviewed-by: NMatt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11572)
      4f2271d5
  35. 16 5月, 2020 1 次提交
  37. 08 5月, 2020 1 次提交
  39. 20 4月, 2020 1 次提交
  41. 17 4月, 2020 1 次提交
  43. 27 2月, 2020 3 次提交
  45. 15 12月, 2019 1 次提交
    • R
      Deprecate most of debug-memory · 742ccab3
      Rich Salz 提交于 
      Fixes #8322

The leak-checking (and backtrace option, on some platforms) provided
by crypto-mdebug and crypto-mdebug-backtrace have been mostly neutered;
only the "make malloc fail" capability remains.  OpenSSL recommends using
the compiler's leak-detection instead.

The OPENSSL_DEBUG_MEMORY environment variable is no longer used.
CRYPTO_mem_ctrl(), CRYPTO_set_mem_debug(), CRYPTO_mem_leaks(),
CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return a failure code.
CRYPTO_mem_debug_{malloc,realloc,free}() have been removed.  All of the
above are now deprecated.

Merge (now really small) mem_dbg.c into mem.c
Reviewed-by: NPaul Dale <paul.dale@oracle.com>
Reviewed-by: NRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10572)
      742ccab3
  47. 13 12月, 2019 1 次提交
    • R
      Add better support for using deprecated symbols internally · 46994f71
      Richard Levitte 提交于 
      OPENSSL_SUPPRESS_DEPRECATED only does half the job, in telling the
deprecation macros not to add the warning attribute.  However, with
'no-deprecated', the symbols are still removed entirely, while we
might still want to use them internally.

The solution is to permit <openssl/opensslconf.h> macros to be
modified internally, such as undefining OPENSSL_NO_DEPRECATED in this
case.

However, with the way <openssl/opensslconf.h> includes
<openssl/macros.h>, that's easier said than done.  That's solved by
generating <openssl/configuration.h> instead, and add a new
<openssl/opensslconf.h> that includes <openssl/configuration.h> as
well as <openssl/macros.h>, thus allowing to replace an inclusion of
<openssl/opensslconf.h> with this:

    #include <openssl/configuration.h>

    #undef OPENSSL_NO_DEPRECATED
    #define OPENSSL_SUPPRESS_DEPRECATED

    #include <openssl/macros.h>

Or simply add the following prior to any other openssl inclusion:

    #include <openssl/configuration.h>

    #undef OPENSSL_NO_DEPRECATED
    #define OPENSSL_SUPPRESS_DEPRECATED

Note that undefining OPENSSL_NO_DEPRECATED must never be done by
applications, since the symbols must still be exported by the
library.  Internal test programs are excempt of this rule, though.
Reviewed-by: NTim Hudson <tjh@openssl.org>
Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: NPaul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10608)
      46994f71
  49. 12 12月, 2019 1 次提交
  51. 29 11月, 2019 1 次提交
  53. 07 11月, 2019 1 次提交
  55. 13 10月, 2019 1 次提交
  57. 17 9月, 2019 1 次提交
  59. 12 9月, 2019 1 次提交
    • R
      Rework test/run_tests.pl to support selective verbosity and TAP copy · e3d9a6b5
      Richard Levitte 提交于 
      This includes a complete rework of how we use TAP::Harness, by adding
a TAP::Parser subclass that allows additional callbacks to be passed
to perform what we need.  The TAP::Parser callbacks we add are:

    ALL         to print all the TAP output to a file (conditionally)
                to collect all the TAP output to an array (conditionally)
    EOF         to print all the collected TAP output (if there is any)
                if any subtest failed

To get TAP output to file, the environment variable HARNESS_TAP_COPY
must be defined, with a file name as value.  That file will be
overwritten unconditionally.

To get TAP output displayed on failure, the make variable VERBOSE_FAILURE
or VF must be defined with a non-emoty value.

Additionally, the output of test recipe names has been changed to only
display its basename.
Reviewed-by: NMatt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9862)
      e3d9a6b5
  61. 15 8月, 2019 1 次提交