aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
...
* update travis-ci build to check mingw32/64 targetsBrent Cook2015-01-312-1/+55
|
* include 'struct iovec' for WindowsBrent Cook2015-01-312-0/+18
| | | | this is used for in-memory cert loading
* bump versionBrent Cook2015-01-261-1/+1
|
* add by_mem.c for X509_STORE_load_memBrent Cook2015-01-261-0/+1
|
* add 2.1.3 notesv2.1.3Brent Cook2015-01-211-0/+42
|
* add NetBSD shims for arc4randomBrent Cook2015-01-213-8/+22
| | | | | | The current NetBSD release, 6.1.5, fails to reseed arc4random fork. Work around it by providing arc4random/getentropy shims. Revisit when NetBSD 7 is available.
* catch GCC versions that only warn on unused flagsBrent Cook2015-01-061-3/+3
| | | | | Noticed while building with GCC 4.2 with HP-UX. Switching the ERROR to a WARN for a first release while we continue to survey the field.
* remove bash-style comparisons from testsBrent Cook2015-01-061-3/+3
|
* Add support for HP-UXkinichiro2015-01-064-0/+42
| | | | | | | | | | tested on: HP-UX 11.31 ia64, gcc 4.7.1(HP AllianceOne version) gcc 4.2.3(http://hpux.connect.org.uk) HP C/aC++ HP-UX defaults to use LP32 and it treats long as 32 bit (= 4 bytes). This build forces LP64 for treating long as 64 bit.
* quoting and ensure old_*flags are restored before the 'else'Brent Cook2015-01-051-8/+10
|
* preserve CFLAGS between hardening checks, enable mingwBrent Cook2015-01-051-26/+46
| | | | | | Allow hardening CFLAGS for mingw that do not cause link-time failures. Add proper quoting on flags for commas Check LDFLAGS for linker-only flags.
* simplify hardening check logic, disable for mingwBrent Cook2015-01-053-185/+33
| | | | | | | | | | | Rather than doing separate linker/compiler checks, just build a non-empty program with each so that the compiler will actually try to use the hardening features. Reduce redundancy in the macro calls by just setting the flag that was just tested. Also, disable hardening for mingw, since its trying to use a libssp-0.dll file that I can't find right now. The detected hardening flags break mingw builds currently.
* move public domain to top, help automatic toolsBrent Cook2015-01-021-1/+3
|
* Change comments to remark on script not being needed for clang >= 5.1Jim Barlow2015-01-012-4/+8
|
* Fix build failure of "make distcheck" (new scripts/ folder missing)Jim Barlow2014-12-311-1/+1
|
* Fix typo causing output of clang test to read "CLANG" instead of yes/noJim Barlow2014-12-311-1/+1
|
* Merge recent upstream changes with compiler hardeningJim Barlow2014-12-302-4/+29
|\ | | | | | | | | Conflicts: configure.ac
| * Revert "do not double-link libcrypto"Brent Cook2014-12-272-0/+2
| | | | | | | | | | This reverts commit c83d468cfd5d3ca60a499b69c0b7c9d0b159d405. It wasn't as superfluous as I thought on all platforms.
| * do not double-link libcryptoBrent Cook2014-12-272-2/+0
| | | | | | | | libssl already has LIBFLAGS for libcrypto, so adding -lcrypto is superfluous.
| * enable __STRICT_ALIGNMENT on sparcBrent Cook2014-12-271-0/+6
| |
| * do not mark GNU_STACK WX in ELFs generated from assemblyBrent Cook2014-12-222-1/+22
| | | | | | | | | | | | | | | | | | | | | | | | When generating ELF objects from assembly, gcc and clang mark the GNU_STACK program headers as RWX by default. This is a security issue, so we make sure it is marked only RW. This modifies Anthony G. Basile's original patch for Linux to set .note.GNU-stack whenever the assembler supports it. It is surprising that any modern toolchain would enable an executable stack without an explicit request. The number of programs that need an executable stack is surely much smaller than the number of programs that include assembly.
* | configure.ac: use executable hardening where availableJim Barlow2014-12-231-0/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Where available, enable stack smashing protection, fortify source, no-strict-overflow, and read only relocations. Many Linux distributions automatically enable most of these options. They are no brainers. The difference introduced here is in asking for a few more aggressive options. An option to disable the more aggressive options is provided (--disable-hardening). When set, configure will fall back to the default CFLAGS on the system - in many cases that will still be hardened. There is no point in going further than that. Options enabled are: -fstack-protector-strong is a relatively new GCC-4.9 feature that is supposed to give a better balance between performance and protection. -all is considered too aggressive, but was used in Chromium and other security critical systems until -strong became available. Follow their lead and use -strong when possible. clang 6.0 supports -all but not -strong. _FORTIFY_SOURCE replaces certain unsafe C str* and mem* functions with more robust equivalents when the compiler can determine the length of the buffers involved. -fno-strict-overflow instructs GCC to not make optimizations based on the assumption that signed arithmetic will wrap around on overflow (e.g. (short)0x7FFF + 1 == 0). This prevents the optimizer from doing some unexpected things. Further improvements should trap signed overflows and reduce the use of signed to refer to naturally unsigned quantities. I did not set -fPIE (position independent executables). The critical function of Open/LibreSSL is as a library, not an executable. Tested on Ubuntu Linux 14.04.1 LTS, OS X 10.10.1 with "make check". The code added to m4/ is GPLv3 but con Signed-off-by: Jim Barlow <jim@purplerock.ca>
* | configure.ac: use executable hardening where availableJim Barlow2014-12-233-0/+209
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Where available, enable stack smashing protection, fortify source, no-strict-overflow, and read only relocations. Many Linux distributions automatically enable most of these options. They are no brainers. The difference introduced here is in asking for a few more aggressive options. An option to disable the more aggressive options is provided (--disable-hardening). When set, configure will fall back to the default CFLAGS on the system - in many cases that will still be hardened. There is no point in going further than that. Options enabled are: -fstack-protector-strong is a relatively new GCC-4.9 feature that is supposed to give a better balance between performance and protection. -all is considered too aggressive, but was used in Chromium and other security critical systems until -strong became available. Follow their lead and use -strong when possible. clang 6.0 supports -all but not -strong. _FORTIFY_SOURCE replaces certain unsafe C str* and mem* functions with more robust equivalents when the compiler can determine the length of the buffers involved. -fno-strict-overflow instructs GCC to not make optimizations based on the assumption that signed arithmetic will wrap around on overflow (e.g. (short)0x7FFF + 1 == 0). This prevents the optimizer from doing some unexpected things. Further improvements should trap signed overflows and reduce the use of signed to refer to naturally unsigned quantities. I did not set -fPIE (position independent executables). The critical function of Open/LibreSSL is as a library, not an executable. Tested on Ubuntu Linux 14.04.1 LTS, OS X 10.10.1 with "make check". Signed-off-by: Jim Barlow <jim@purplerock.ca>
* | configure.ac: Modify clang check to save result to a variableJim Barlow2014-12-231-10/+14
|/ | | | | ...and leave a note that -Qunused-arguments is being applied to CFLAGS not LDFLAGS, probably in error.
* Add wrapper file "config" to distribution.Technion2014-12-151-1/+1
|
* enable OS X and Linux CI buildsBrent Cook2014-12-141-0/+3
|
* add Travis CI configurationBrent Cook2014-12-141-0/+5
|
* add all LIBADD dependencies for tlsBrent Cook2014-12-141-1/+1
| | | | | The libtool transitive dependency magic does not seem to work for cross-compilation, so explicitly specify them here.
* bump versionBrent Cook2014-12-142-2/+6
| | | | append portable version number to the version string
* allow Windows DLLs to be builtBrent Cook2014-12-144-4/+4
| | | | based on a patch from Jan Engelhardt
* add LIBADD library dependencies to libssl/libtlsBrent Cook2014-12-142-0/+2
| | | | From Jan Engelhardt
* Use the individual library versions in LibreSSL pc filesBrent Cook2014-12-143-3/+3
| | | | | | | | | | | | | | | | | Previously, they were all using the portable package version, rather than the individual library versions. openssl(1)'s pc file represents the LibreSSL-portable release however. $ pkg-config --modversion libtls 1:0:0 $ pkg-config --modversion openssl 2.1.2 $ pkg-config --modversion libssl 30:0:0 $ pkg-config --modversion libcrypto 30:3:0 ok beck@ deraadt@
* don't hardcode a fixed # of jobs for makev2.1.2Brent Cook2014-12-081-1/+1
|
* update libtls URLBrent Cook2014-12-081-1/+1
| | | | thanks to gschutijser from github for pointing it out
* update and rework changelog for readabilityBrent Cook2014-12-071-10/+30
|
* use the new $MV macro to generate assembly filesBrent Cook2014-12-071-19/+27
| | | | | Avoid spurious rebuilds running update.sh by generating a temp file and comparing the result to the existing one.
* use 'make distcheck' for the release build scriptBrent Cook2014-12-071-1/+1
|
* tests/Makefile.am.tpl: remove generated files on distcleanDmitry Eremin-Solenikov2014-12-071-0/+1
| | | | | | Add pidwraptest.txt to DISTCLEANFILES to let it be removed on distclean. Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* update.sh: remove linked manpages on uninstallDmitry Eremin-Solenikov2014-12-071-0/+12
| | | | | | | Add additional code to remove linked manpages on uninstall. Since we do linking manually, automake will not remove them for us. Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* update.sh: add MV-like function preserving file timestampsDmitry Eremin-Solenikov2014-12-071-2/+11
| | | | | | | | | Add a do_mv()/$MV wrappers to be called instead of just mv. This function will preserve the target file if it does not differ from the source file. This helps to remove unnecessary compilator calls after calling update.sh w/o source changes. Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* update.sh: call $CP instead of cp to ease rebuildsDmitry Eremin-Solenikov2014-12-071-5/+5
| | | | | | | In several additional places call $CP instead of just cp to ease and speed up rebuilds after update.sh execution. Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Update .gitignoreDmitry Eremin-Solenikov2014-12-071-0/+2
| | | | | | Add gost test suite and camellia cipher dir to .gitignore. Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* update.sh: include gost test suiteDmitry Eremin-Solenikov2014-12-071-1/+2
| | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* disable inline assembly on Windows for nowBrent Cook2014-12-071-0/+4
| | | | There are issues building with inline assembly on Windows 64-bit.
* Enable optimized crypto operations for x86_64Brent Cook2014-12-076-25/+168
| | | | | | | | | | | | | | This adds initial support for assembly crypto acceleration on x86_64 for ELF (Linux, *BSD, Solaris) and Mach-O (OS-X) systems. The build method is a little different than OpenSSL and OpenBSD. All the .s files are generated ahead of time when the tarball is generated, so there are no complicated makefile rules at configure/build time. This also means the builds are faster and perl is not required on the build system. Thanks to Wouter Clarie for providing the initial cleanup and patch that this is based on.
* sync man links from upstreamBrent Cook2014-12-071-4/+0
| | | | I really need write something to automate this.
* read all library versions directly from filesBrent Cook2014-12-066-10/+18
| | | | | | This makes building and testing easier because the library Makefile.am files are use directly rather than as templates. Thanks to Wouter Clarie for the idea.
* split long manpage makefile lines.Brent Cook2014-12-061-2/+4
|
* simplify packaging for libcrypto.Brent Cook2014-12-062-245/+731
| | | | | | | | | Remove a lot of complex shell code. Upstream churn has slowed down, so it is now easier to maintain this directly as automake files. This is also needed to start integrating CPU-specific acceleration support. Since we are deriving the copy list from the Makefile.am files, we can now get rid of copy_src/copy_crypto.
* remove obsolete defineBrent Cook2014-12-061-1/+0
|