- 14 10月, 2015 1 次提交
-
-
由 Alessandro Ghedini 提交于
Signed-off-by: NRich Salz <rsalz@akamai.com> Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
- 30 9月, 2015 1 次提交
-
-
由 David Woodhouse 提交于
Much related/similar work also done by Ivan Nestlerode <ivan.nestlerode@sonos.com> +Replace FILE BIO's with dummy ops that fail. +Include <stdio.h> for sscanf() even with no-stdio (since the declaration is there). We rely on sscanf() to parse the OPENSSL_ia32cap environment variable, since it can be larger than a 'long'. And we don't rely on the availability of strtoull(). +Remove OPENSSL_stderr(); not used. +Make OPENSSL_showfatal() do nothing (currently without stdio there's nothing we can do). +Remove file-based functionality from ssl/. The function prototypes were already gone, but not the functions themselves. +Remove unviable conf functionality via SYS_UEFI +Add fallback definition of BUFSIZ. +Remove functions taking FILE * from header files. +Add missing DECLARE_PEM_write_fp_const +Disable X509_LOOKUP_hash_dir(). X509_LOOKUP_file() was already compiled out, so remove its prototype. +Use OPENSSL_showfatal() in CRYPTO_destroy_dynlockid(). +Eliminate SRP_VBASE_init() and supporting functions. Users will need to build the verifier manually instead. +Eliminate compiler warning for unused do_pk8pkey_fp(). +Disable TEST_ENG_OPENSSL_PKEY. +Disable GOST engine as is uses [f]printf all over the place. +Eliminate compiler warning for unused send_fp_chars(). Signed-off-by: NRich Salz <rsalz@akamai.com> Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 28 9月, 2015 1 次提交
-
-
由 Andy Polyakov 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 11 9月, 2015 1 次提交
-
-
由 Ben Laurie 提交于
-Wincompatible-pointer-types-discards-qualifiers (the latter did not require any code changes). Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 07 9月, 2015 1 次提交
-
-
由 Richard Levitte 提交于
With the new testing framework, building a test target with mk1mf.pl becomes a very simple thing. And especially, no more need to do the amount of hackery in unix.pl we did. Also, some tests need a working apps/CA.pl as well as rehashed certs in certs/demo. So, move the code creating those files so it gets done regardless, not just in non-mk1mf environments. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 04 9月, 2015 1 次提交
-
-
由 David Woodhouse 提交于
This reverts the non-cleanup parts of commit c73ad690. We do actually have a reasonable use case for OPENSSL_NO_RFC3779 in the EDK2 UEFI build, since we don't have a strspn() function in our runtime environment and we don't want the RFC3779 functionality anyway. In addition, it changes the default behaviour of the Configure script so that RFC3779 support isn't disabled by default. It was always disabled from when it was first added in 2006, right up until the point where OPENSSL_NO_RFC3779 was turned into a no-op, and the code in the Configure script was left *trying* to disable it, but not actually working. Signed-off-by: NRich Salz <rsalz@akamai.com> Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 02 8月, 2015 2 次提交
-
-
由 Ben Laurie 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Ben Laurie 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 23 5月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
Given the pervasive nature of TLS extensions it is inadvisable to run OpenSSL without support for them. It also means that maintaining the OPENSSL_NO_TLSEXT option within the code is very invasive (and probably not well tested). Therefore it is being removed. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 13 5月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
Following on from the removal of libcrypto and libssl support for Kerberos this commit removes all remaining references to Kerberos. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 02 5月, 2015 1 次提交
-
-
由 Ben Laurie 提交于
Reviewed-by: Andy Polyakov
-
- 21 4月, 2015 1 次提交
-
-
由 Andy Polyakov 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 20 4月, 2015 2 次提交
-
-
由 Andy Polyakov 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 18 4月, 2015 1 次提交
-
-
由 Emilia Kasper 提交于
The disabled set of -Weverything is hard to maintain across versions. Use -Wall -Wextra but also document other useful warnings that currently trigger. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 15 4月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 04 4月, 2015 1 次提交
-
-
由 Richard Levitte 提交于
We use GNU statement expressions in crypto/md32_common.h, surrounded by checks that GNU C is indeed used to compile. It seems that clang, at least on Linux, pretends to be GNU C, therefore finds the statement expressions and then warns about them. The solution is to have clang be quiet about it. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 01 4月, 2015 1 次提交
-
-
由 Richard Levitte 提交于
Rather than making include/openssl/foo.h a symlink to crypto/foo/foo.h, this change moves the file to include/openssl/foo.h once and for all. Likewise, move crypto/foo/footest.c to test/footest.c, instead of symlinking it there. Originally-by: NGeoff Thorpe <geoff@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 28 3月, 2015 2 次提交
-
-
由 Andy Polyakov 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 23 3月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
In order to receive warnings on unused function return values the flag -DDEBUG_UNUSED must be passed to the compiler. This change adds that for the --strict-warnings Configure option. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 22 3月, 2015 1 次提交
-
-
由 Richard Levitte 提交于
Using $t is an artifact from the earlier changes in Configure and was unfortunately forgotten as is. Reviewed-by: NStephen Henson <steve@openssl.org>
-
- 20 3月, 2015 1 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NStephen Henson <steve@openssl.org>
-
- 18 3月, 2015 2 次提交
-
-
由 Andy Polyakov 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Richard Levitte 提交于
./config would translate -d into having the target get a 'debug-' prefix, and then run './Configure LIST' to find out if such a debugging target exists or not. With the recent changes, the separate 'debug-foo' targets are disappearing, and we're giving the normal targets debugging capabilities instead. Unfortunately, './config' wasn't changed to match this new behavior. This change introduces the arguments '--debug' and '--release' - the latter just for orthogonality - to ./Configure, and ./config now treats -d by adding '--debug' to the options for ./Configure. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 17 3月, 2015 5 次提交
-
-
由 Richard Levitte 提交于
As part of this, remove some levitte examples that never were relevant. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Richard Levitte 提交于
Because base templates express inheritance of values, the attribute is renamed to 'inherit_from', and texts about this talk about 'inheritance(s)' rather than base templates. As they were previously implemented, base templates that were listed together would override one another, the first one acting as defaults for the next and so on. However, it was pointed out that a strength of inheritance would be to base configurations on several templates - for example one for CPU, one for operating system and one for compiler - and that requires a different way of combining those templates. With this change, inherited values from several inheritances are concatenated by default (keep on reading). Also, in-string templates with the double-curly syntax are removed, replaced with the possibility to have a configuration value be a coderef (i.e. a 'sub { /* your code goes here */ }') that gets the list of values from all inheritances as the list @_. The result of executing such a coderef on a list of values is assumed to become a string. ANY OTHER FORM OF VALUE WILL CURRENTLY BREAK. As a matter of fact, an attribute in the current config with no value is assumed to have this coderef as value: sub { join(' ', @_) } While we're at it, rename debug-[cl]flags to debug_[cl]flags and nodebug-[cl]flags to release_[cl]flags. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Richard Levitte 提交于
Base templates are templates that are used to inherit from. They can loosely be compared with parent class inheritance in object orientation. They can be used for the same purpose as the variables with multi-field strings are used in old-style string configurations. Base templates are declared with the base_templates configuration attribute, like so: "example_target" => { base_templates => [ "x86_asm", ... ] ... } Note: The value of base_templates MUST be an array reference (an array enclosed in square brackets). Any configuration target can be used as a base template by another. It is also possible to have a target that's a pure template and not meant to be used directly as a configuration target. Such a target is marked with the template configuration attribute, like so: "example_template" => { template => 1, cc => "mycc", ... }, As part of this commit, all variables with multi-field strings have been translated to pure templates. The variables currently remain since we can't expect people to shift to hash table configurations immediately. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Richard Levitte 提交于
Template references are words with double brackets, and refer to the same field in the target pointed at the the double bracketed word. For example, if a target's configuration has the following entry: 'cflags' => '-DFOO {{x86_debug}}' ... then {{x86_debug}} will be replaced with the 'cflags' value from target 'x86_debug'. Note: template references are resolved recursively, and circular references are not allowed Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Richard Levitte 提交于
The reasoning is that configuration strings are hard to read and error prone, and that a better way would be for them to be key => value hashes. Configure is made to be able to handle target configuration values as a string as well as a hash. It also does the best it can to combine a "debug-foo" target with a "foo" target, given that they are similar except for the cflags and lflags values. The latter are spliced into options that are common for "debug-foo" and "foo", options that exist only with "debug-foo" and options that exist only with "foo", and make them into combinable attributes that holds common cflags, extra cflags for debuggin and extra cflags for non-debugging configurations. The next step is to make it possible to have template configurations. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
- 11 3月, 2015 1 次提交
-
-
由 Richard Levitte 提交于
Configure would load the glob "Configurations*". The problem with this is that it also loads all kinds of backups of those configurations that some editors do, like emacs' classic 'Configurations~'. The solution is to give them an extension, such as '.conf', and make sure to end the glob with that. Also, because 'Configurations.conf' makes for a silly name, and because a possibly large number of configurations will become clutter, move them to a subdirectory 'Configurations/', and rename them to something more expressive, as well as something that sets up some form of sorting order. Thus: Configurations -> Configurations/10-main.conf Configurations.team -> Configurations/90-team.conf Finally, make sure that Configure sorts the list of files that 'glob' produces, and adapt Makefile.org. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 25 2月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Move the build configuration table into separate files. The Configurations file is standard configs, and Configurations.team is for openssl-team members. Any other file, Configurations*, found in the same directory as the Configure script, is loaded. To add another file, use --config=FILE flags (which should probably be an absolute path). Written by Stefen Eissing <stefan.eissing@greenbytes.de> and Rich Salz <rsalz@openssl.org>, contributed by Akamai Technologies. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 22 2月, 2015 2 次提交
-
-
由 Richard Levitte 提交于
The previous defaulting to TERMIOS took away -DTERMIOS / -DTERMIO a bit too enthusiastically. Windows/DOSish platforms of all sorts get identified as OPENSSL_SYS_MSDOS, and they get a different treatment altogether UNLESS -DTERMIO or -DTERMIOS is explicitely given with the configuration. The answer is to restore those macro definitions for the affected configuration targets. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Richard Levitte 提交于
The rationale for this move is that TERMIOS is default, supported by POSIX-1.2001, and most definitely on Linux. For a few other systems, TERMIO may still be the termnial interface of preference, so we keep -DTERMIO on those in Configure. crypto/ui/ui_openssl.c is simplified in this regard, and will define TERMIOS for all systems except a select few exceptions. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 12 2月, 2015 1 次提交
-
-
由 Andy Polyakov 提交于
Reviewed-by: NEmilia Käsper <emilia@openssl.org>
-
- 11 2月, 2015 1 次提交
-
-
由 Andy Polyakov 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 10 2月, 2015 2 次提交
-
-
由 Matt Caswell 提交于
In master OPENSSL_NO_DEPRECATED is the default anyway. By including it in --strict-warnings as well this means you cannot combine enable-deprecated with --strict-warnings. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NEmilia Käsper <emilia@openssl.org>
-
- 05 2月, 2015 2 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Dr. Stephen Henson 提交于
Remove fips_algvs.c Remove unused fips module build code from Configure and Makefile.org Reviewed-by: NTim Hudson <tjh@openssl.org>
-