1. 28 1月, 2016 3 次提交
    • R
      Remove EIGHT_BIT and SIXTEEN_BIT · b4f35e5e
      Rich Salz 提交于
      Also cleaned up bn_prime.pl to current coding style.
      Reviewed-by: NAndy Polyakov <appro@openssl.org>
      b4f35e5e
    • R
      Remove outdated legacy crypto options · 3e9e810f
      Rich Salz 提交于
      Many options for supporting optimizations for legacy crypto on legacy
      platforms have been removed.  This simplifies the source code and
      does not really penalize anyone.
              DES_PTR (always on)
              DES_RISC1, DES_RISC2 (always off)
              DES_INT (always 'unsigned int')
              DES_UNROLL (always on)
              BF_PTR (always on) BF_PTR2 (removed)
              MD2_CHAR, MD2_LONG (always 'unsigned char')
              IDEA_SHORT, IDEA_LONG (always 'unsigned int')
              RC2_SHORT, RC2_LONG (always 'unsigned int')
              RC4_LONG (only int and char (for assembler) are supported)
              RC4_CHUNK (always long), RC_CHUNK_LL (removed)
              RC4_INDEX (always on)
      And also make D_ENCRYPT macro more clear (@appro)
      
      This is done in consultation with Andy.
      Reviewed-by: NAndy Polyakov <appro@openssl.org>
      3e9e810f
    • R
      Fix check of what makedepprog should be · 8ed40b83
      Richard Levitte 提交于
      A mistake was made and the setting of this config variable got
      reverted to an older behavior.  This restores the latest.
      Reviewed-by: NEmilia Käsper <emilia@openssl.org>
      8ed40b83
  2. 27 1月, 2016 1 次提交
  3. 26 1月, 2016 8 次提交
  4. 25 1月, 2016 1 次提交
  5. 24 1月, 2016 1 次提交
  6. 23 1月, 2016 5 次提交
    • B
      Disable jpake if psk is disabled. · b427401c
      Ben Laurie 提交于
      Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
      b427401c
    • R
      Refactor file writing - rewrite crypto/opensslconf.h.in as template · 7d130f68
      Richard Levitte 提交于
      The turn has come to have crypto/opensslconf.h.in get run through
      util/dofile.pl.  The consequence is that a large number of variables
      get moved to the %config table.
      
      Also, the string variables $openssl_*, which were populated with cpp
      lines, all being of the form "#define SOMETHING", were converted into
      ARRAY refs in %config values, containing just the list of macros to be
      defined.
      Reviewed-by: NRich Salz <rsalz@openssl.org>
      7d130f68
    • R
      Refactor file writing - Adapt util/mkdef.pl to use configdata.pm · 3fa04f0d
      Richard Levitte 提交于
      For this adaptation, the variables $options and $version needed to
      move to %config in Configure, and why not move all other variables
      holding diverse version numbers at the same time?
      Reviewed-by: NRich Salz <rsalz@openssl.org>
      Reviewed-by: NRichard Levitte <levitte@openssl.org>
      3fa04f0d
    • R
      Refactor file writing - introduce template driven file writing · 291e94df
      Richard Levitte 提交于
      apps/CA.pl and tools/c_rehash are built from template files.  So far,
      this was done by Configure, which created its own problems as it
      forced everyone to reconfigure just because one of the template files
      had changed.
      Instead, have those files created as part of the normal build in apps/
      and in tools/.
      
      Furthermore, this prepares for a future where Configure may produce
      entirely other build files than Makefile, and the latter can't be
      guaranteed to be the holder of all information for other scripts.
      Instead, configdata.pm (described below) becomes the center of
      configuration information.
      
      This introduces a few new things:
      
      %config         a hash table to hold all kinds of configuration data
                      that can be used by any other script.
      configdata.pm   a perl module that Configure writes.  It currently
                      holds the hash tables %config and %target.
      util/dofile.pl  a script that takes a template on STDIN and outputs
                      the result after applying configuration data on it.
                      It's supposed to be called like this:
      
                              perl -I$(TOP) -Mconfigdata < template > result
      
                      or
      
                              perl -I$(TOP) -Mconfigdata templ1 templ2 ... > result
      
                      Note: util/dofile.pl requires Text::Template.
      
      As part of this changed, remove a number of variables that are really
      just copies of entries in %target, and use %target directly.  The
      exceptions are $target{cflags} and $target{lflags}, they do get copied
      to $cflags and $lflags.  The reason for this is that those variable
      potentially go through a lot of changes and would rather deserve a
      place in %config.  That, however, is for another commit.
      Reviewed-by: NRich Salz <rsalz@openssl.org>
      Reviewed-by: NRichard Levitte <levitte@openssl.org>
      291e94df
    • R
      Refactor config - consolidate and refresh print_table_entry · 00ae96ca
      Richard Levitte 提交于
      It's time for print_table_entry to get a bit of refreshment.  The way it
      was put together, we needed to maintain the list of known configuration
      keys of interest twice, in different shapes.  This is error prone, so
      move the list of strings to a common list for all printing cases, and
      use simple formatting of lines to do the actual printout based on that
      list.
      Reviewed-by: NRich Salz <rsalz@openssl.org>
      00ae96ca
  7. 22 1月, 2016 3 次提交
    • R
      Refactor config - @MK1MF_Builds out, general build scheme in · 88087414
      Richard Levitte 提交于
      Time to get rid of @MK1MF_Builds and introduce a more flexible
      'build_scheme' configuration key.  Its value may be a string or an
      array of strings, meaning we need to teach resolve_config how to
      handle ARRAY referenses.
      
      The build scheme is a word that selects a function to create the
      appropriate result files for a certain configuration.  Currently valid
      build schemes aer "mk1mf" and "unixmake", the plan is however to add
      at least one other for a more universal build scheme.
      
      Incidently, this also adds the functions 'add' and 'add_before', which
      can be used in a configuration, so instead of having to repeatedly
      write a sub like this:
      
      	key1 => sub { join(" ", @_, "myvalues"); },
      	key2 => sub { join(" ", "myvalues", @_); },
      
      one could write this:
      
      	key1 => add(" ", "myvalues"),
      	key2 => add_before(" ", "myvalues"),
      
      The good point with 'add' and 'add_before' is that they handle
      inheritances where the values are a misture of scalars and ARRAYs.  If
      there are any ARRAY to be found, the resulting value will be an ARRAY,
      otherwise it will be a scalar with all the incoming valued joined
      together with the separator given as first argument to add/add_before.
      Reviewed-by: NRich Salz <rsalz@openssl.org>
      88087414
    • R
      Refactor config - move templates and template docs to Configurations · 9e0724a1
      Richard Levitte 提交于
      Move the documentation of the target configuration form to
      Configurations/README.
      
      Move initial assembler object templates to
      Configurations/00-BASE-templates.conf.
      
      Furthermore, remove all variables containing the names of the
      non-assembler object files and make a BASE template of them instead.
      The  values from this templates are used as defaults as is.  The
      remaining manipulation of data when assembler modules are used is done
      only when $no_asm is false.
      
      While doing this, clean out some other related variables that aren't
      used anywhere.
      
      Also, we had to move the resolution of the chosen target a bit, or the
      function 'asm' would never catch a true $no_asm...  this hasn't
      mattered before we've moved it all to the BASE template, but now it
      does.
      
      At the same time, add the default for the 'unistd' key to the BASE
      template.
      Reviewed-by: NRich Salz <rsalz@openssl.org>
      9e0724a1
    • R
      Refresh the thinking of --prefix and --openssldir · d74dfafd
      Richard Levitte 提交于
      --prefix is now exclusively used for software and manual installation.
      --openssldir is not exclusively used as a default location for certs,
      keys and the default openssl.cnf.
      
      This change is made to bring clarity, to have the two less
      intertwined, and to be more compatible with the usual ways of software
      installation.
      
      Please change your habits and scripts to use --prefix rather than
      --openssldir for installation location now.
      Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
      d74dfafd
  8. 21 1月, 2016 6 次提交
    • R
    • R
      Refactor config - consolidate handling of disabled stuff · c569e206
      Richard Levitte 提交于
      It's time to refactor the handling of %disabled so that all
      information of value is in the same place.  We have so far had a few
      cascading disable rules in form of code, far away from %disabled.
      Instead, bring that information to the array @disable_cascade, which
      is a list of pairs of the form 'test => descendents'.  The test part
      can be a string, and it's simply checked if that string is a key in
      %disabled, or it can be a CODEref to do a more complex test.  If the
      test comes true, then all descendents are disabled.  This check is
      performed until there are no more things that need to be disabled.
      
      Also, $default_depflags is constructed from the information in
      %disabled instead of being a separate string.  While a string of its
      own is visually appealing, it's much too easy to forget to update it
      when something is changed in %disabled.
      Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
      c569e206
    • R
      Refactor config - rewrite handling of "reconf" · fe05264e
      Richard Levitte 提交于
      The way the "reconf"/"reconfigure" argument is handled is overly
      complicated.  Just grep for it first, and if it is there in the
      current arguments, get the old command line arguments from Makefile.
      
      While we're at it, make the Makefile variable CONFIGURE_ARGS hold the
      value as a perl list of strings.  This makes things much safer in case
      one of the arguments would contain a space.  Since CONFIGURE_ARGS is
      used for nothing else, there's no harm in this.
      Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
      fe05264e
    • R
      Refactor config - split read_config into read_config and resolve_config · bd5192b1
      Richard Levitte 提交于
      Split the read_config function into read_config that ONLY reads the
      configuration files but doesn't try to resolve any of the
      inheritances, and resolve_config which resolves the inheritance chain
      of a given target.  Move them to the bottom of Configure, with the
      rest of the helpers.
      
      Have a new small hash table, %target, which will hold the values for
      the target the user requested.  This also means that all access to the
      current target data can be reduced from '$table{$target}->{key}' to a
      mere '$target{key}'.
      
      While we're at it, the old string formatted configurations are getting
      obsolete, so they may as well get deprecated entirely.
      Reviewed-by: NRich Salz <rsalz@openssl.org>
      bd5192b1
    • R
      Refactor config - throw away '--test-sanity' · bb56561a
      Richard Levitte 提交于
      Get rid of the --test-sanity option.  Since we no longer have string
      based configurations, we don't have the problem with miscounting
      colons any more.
      Reviewed-by: NRich Salz <rsalz@openssl.org>
      bb56561a
    • R
      Refactor config - a small cosmetic touchup of Configure · 76ffb43d
      Richard Levitte 提交于
      Start simple, removed some unused variables and change all '<<EOF' to
      '<<"EOF"'.  The latter is because some code colorizers (notably, in
      emacs) cannot recognise the here document end marker unless it's
      quoted and therefore assume the rest of the file is part of the here
      document.
      Reviewed-by: NRich Salz <rsalz@openssl.org>
      76ffb43d
  9. 20 1月, 2016 2 次提交
  10. 19 1月, 2016 1 次提交
    • V
      Support disabling any or all TLS or DTLS versions · 6b01bed2
      Viktor Dukhovni 提交于
      Some users want to disable SSL 3.0/TLS 1.0/TLS 1.1, and enable just
      TLS 1.2.  In the future they might want to disable TLS 1.2 and
      enable just TLS 1.3, ...
      
      This commit makes it possible to disable any or all of the TLS or
      DTLS protocols.  It also considerably simplifies the SSL/TLS tests,
      by auto-generating the min/max version tests based on the set of
      supported protocols (425 explicitly written out tests got replaced
      by two loops that generate all 425 tests if all protocols are
      enabled, fewer otherwise).
      Reviewed-by: NRichard Levitte <levitte@openssl.org>
      6b01bed2
  11. 15 1月, 2016 3 次提交
  12. 14 1月, 2016 1 次提交
    • V
      Fix DES_LONG breakage · bdb1d0c2
      Viktor Dukhovni 提交于
      For some strange reason opensslconf.h was only defining DES_LONG
      when included via des.h, but that's exceedingly fragile (as a
      result of include guards the include via des.h might not actually
      process the content again).
      
      Ripped out the nesting constraint, now always define OSSL_DES_LONG
      if not already defined.  Note, this could just be DES_LONG, but
      trying to avoid exposing DES_LONG in places where it has never been
      seen before, so it is up to des.h to actually define DES_LONG as
      OSSL_DES_LONG.
      Reviewed-by: NRich Salz <rsalz@openssl.org>
      bdb1d0c2
  13. 13 1月, 2016 2 次提交
  14. 11 1月, 2016 2 次提交
  15. 10 1月, 2016 1 次提交