1. 22 1月, 2016 3 次提交
    • R
      Refactor config - @MK1MF_Builds out, general build scheme in · 88087414
      Richard Levitte 提交于
      Time to get rid of @MK1MF_Builds and introduce a more flexible
      'build_scheme' configuration key.  Its value may be a string or an
      array of strings, meaning we need to teach resolve_config how to
      handle ARRAY referenses.
      
      The build scheme is a word that selects a function to create the
      appropriate result files for a certain configuration.  Currently valid
      build schemes aer "mk1mf" and "unixmake", the plan is however to add
      at least one other for a more universal build scheme.
      
      Incidently, this also adds the functions 'add' and 'add_before', which
      can be used in a configuration, so instead of having to repeatedly
      write a sub like this:
      
      	key1 => sub { join(" ", @_, "myvalues"); },
      	key2 => sub { join(" ", "myvalues", @_); },
      
      one could write this:
      
      	key1 => add(" ", "myvalues"),
      	key2 => add_before(" ", "myvalues"),
      
      The good point with 'add' and 'add_before' is that they handle
      inheritances where the values are a misture of scalars and ARRAYs.  If
      there are any ARRAY to be found, the resulting value will be an ARRAY,
      otherwise it will be a scalar with all the incoming valued joined
      together with the separator given as first argument to add/add_before.
      Reviewed-by: NRich Salz <rsalz@openssl.org>
      88087414
    • R
      Refactor config - move templates and template docs to Configurations · 9e0724a1
      Richard Levitte 提交于
      Move the documentation of the target configuration form to
      Configurations/README.
      
      Move initial assembler object templates to
      Configurations/00-BASE-templates.conf.
      
      Furthermore, remove all variables containing the names of the
      non-assembler object files and make a BASE template of them instead.
      The  values from this templates are used as defaults as is.  The
      remaining manipulation of data when assembler modules are used is done
      only when $no_asm is false.
      
      While doing this, clean out some other related variables that aren't
      used anywhere.
      
      Also, we had to move the resolution of the chosen target a bit, or the
      function 'asm' would never catch a true $no_asm...  this hasn't
      mattered before we've moved it all to the BASE template, but now it
      does.
      
      At the same time, add the default for the 'unistd' key to the BASE
      template.
      Reviewed-by: NRich Salz <rsalz@openssl.org>
      9e0724a1
    • R
      Refresh the thinking of --prefix and --openssldir · d74dfafd
      Richard Levitte 提交于
      --prefix is now exclusively used for software and manual installation.
      --openssldir is not exclusively used as a default location for certs,
      keys and the default openssl.cnf.
      
      This change is made to bring clarity, to have the two less
      intertwined, and to be more compatible with the usual ways of software
      installation.
      
      Please change your habits and scripts to use --prefix rather than
      --openssldir for installation location now.
      Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
      d74dfafd
  2. 21 1月, 2016 6 次提交
    • R
    • R
      Refactor config - consolidate handling of disabled stuff · c569e206
      Richard Levitte 提交于
      It's time to refactor the handling of %disabled so that all
      information of value is in the same place.  We have so far had a few
      cascading disable rules in form of code, far away from %disabled.
      Instead, bring that information to the array @disable_cascade, which
      is a list of pairs of the form 'test => descendents'.  The test part
      can be a string, and it's simply checked if that string is a key in
      %disabled, or it can be a CODEref to do a more complex test.  If the
      test comes true, then all descendents are disabled.  This check is
      performed until there are no more things that need to be disabled.
      
      Also, $default_depflags is constructed from the information in
      %disabled instead of being a separate string.  While a string of its
      own is visually appealing, it's much too easy to forget to update it
      when something is changed in %disabled.
      Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
      c569e206
    • R
      Refactor config - rewrite handling of "reconf" · fe05264e
      Richard Levitte 提交于
      The way the "reconf"/"reconfigure" argument is handled is overly
      complicated.  Just grep for it first, and if it is there in the
      current arguments, get the old command line arguments from Makefile.
      
      While we're at it, make the Makefile variable CONFIGURE_ARGS hold the
      value as a perl list of strings.  This makes things much safer in case
      one of the arguments would contain a space.  Since CONFIGURE_ARGS is
      used for nothing else, there's no harm in this.
      Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
      fe05264e
    • R
      Refactor config - split read_config into read_config and resolve_config · bd5192b1
      Richard Levitte 提交于
      Split the read_config function into read_config that ONLY reads the
      configuration files but doesn't try to resolve any of the
      inheritances, and resolve_config which resolves the inheritance chain
      of a given target.  Move them to the bottom of Configure, with the
      rest of the helpers.
      
      Have a new small hash table, %target, which will hold the values for
      the target the user requested.  This also means that all access to the
      current target data can be reduced from '$table{$target}->{key}' to a
      mere '$target{key}'.
      
      While we're at it, the old string formatted configurations are getting
      obsolete, so they may as well get deprecated entirely.
      Reviewed-by: NRich Salz <rsalz@openssl.org>
      bd5192b1
    • R
      Refactor config - throw away '--test-sanity' · bb56561a
      Richard Levitte 提交于
      Get rid of the --test-sanity option.  Since we no longer have string
      based configurations, we don't have the problem with miscounting
      colons any more.
      Reviewed-by: NRich Salz <rsalz@openssl.org>
      bb56561a
    • R
      Refactor config - a small cosmetic touchup of Configure · 76ffb43d
      Richard Levitte 提交于
      Start simple, removed some unused variables and change all '<<EOF' to
      '<<"EOF"'.  The latter is because some code colorizers (notably, in
      emacs) cannot recognise the here document end marker unless it's
      quoted and therefore assume the rest of the file is part of the here
      document.
      Reviewed-by: NRich Salz <rsalz@openssl.org>
      76ffb43d
  3. 20 1月, 2016 2 次提交
  4. 19 1月, 2016 1 次提交
    • V
      Support disabling any or all TLS or DTLS versions · 6b01bed2
      Viktor Dukhovni 提交于
      Some users want to disable SSL 3.0/TLS 1.0/TLS 1.1, and enable just
      TLS 1.2.  In the future they might want to disable TLS 1.2 and
      enable just TLS 1.3, ...
      
      This commit makes it possible to disable any or all of the TLS or
      DTLS protocols.  It also considerably simplifies the SSL/TLS tests,
      by auto-generating the min/max version tests based on the set of
      supported protocols (425 explicitly written out tests got replaced
      by two loops that generate all 425 tests if all protocols are
      enabled, fewer otherwise).
      Reviewed-by: NRichard Levitte <levitte@openssl.org>
      6b01bed2
  5. 15 1月, 2016 3 次提交
  6. 14 1月, 2016 1 次提交
    • V
      Fix DES_LONG breakage · bdb1d0c2
      Viktor Dukhovni 提交于
      For some strange reason opensslconf.h was only defining DES_LONG
      when included via des.h, but that's exceedingly fragile (as a
      result of include guards the include via des.h might not actually
      process the content again).
      
      Ripped out the nesting constraint, now always define OSSL_DES_LONG
      if not already defined.  Note, this could just be DES_LONG, but
      trying to avoid exposing DES_LONG in places where it has never been
      seen before, so it is up to des.h to actually define DES_LONG as
      OSSL_DES_LONG.
      Reviewed-by: NRich Salz <rsalz@openssl.org>
      bdb1d0c2
  7. 13 1月, 2016 2 次提交
  8. 11 1月, 2016 2 次提交
  9. 10 1月, 2016 2 次提交
  10. 08 1月, 2016 2 次提交
    • V
      Backwards-compatibility subject to OPENSSL_API_COMPAT · 98186eb4
      Viktor Dukhovni 提交于
      Provide backwards-compatiblity for functions, macros and include
      files if OPENSSL_API_COMPAT is either not defined or defined less
      than the version number of the release in which the feature was
      deprecated.
      Reviewed-by: NRichard Levitte <levitte@openssl.org>
      98186eb4
    • R
      mem functions cleanup · bbd86bf5
      Rich Salz 提交于
      Only two macros CRYPTO_MDEBUG and CRYPTO_MDEBUG_ABORT to control this.
      If CRYPTO_MDEBUG is not set, #ifdef out the whole debug machinery.
              (Thanks to Jakob Bohm for the suggestion!)
      Make the "change wrapper functions" be the only paradigm.
      Wrote documentation!
      Format the 'set func' functions so their paramlists are legible.
      Format some multi-line comments.
      Remove ability to get/set the "memory debug" functions at runtme.
      Remove MemCheck_* and CRYPTO_malloc_debug_init macros.
      Add CRYPTO_mem_debug(int flag) function.
      Add test/memleaktest.
      Rename CRYPTO_malloc_init to OPENSSL_malloc_init; remove needless calls.
      Reviewed-by: NRichard Levitte <levitte@openssl.org>
      bbd86bf5
  11. 22 12月, 2015 1 次提交
  12. 17 12月, 2015 3 次提交
  13. 15 12月, 2015 1 次提交
  14. 14 12月, 2015 2 次提交
  15. 12 12月, 2015 1 次提交
  16. 10 12月, 2015 1 次提交
  17. 09 12月, 2015 1 次提交
  18. 03 12月, 2015 2 次提交
  19. 02 12月, 2015 1 次提交
  20. 24 11月, 2015 2 次提交
  21. 09 11月, 2015 1 次提交