summaryrefslogtreecommitdiff
path: root/apps (unfollow)
Commit message (Collapse)AuthorFilesLines
2014-12-08update libtls URLBrent Cook1-1/+1
thanks to gschutijser from github for pointing it out
2014-12-07update and rework changelog for readabilityBrent Cook1-10/+30
2014-12-07use the new $MV macro to generate assembly filesBrent Cook1-19/+27
Avoid spurious rebuilds running update.sh by generating a temp file and comparing the result to the existing one.
2014-12-07use 'make distcheck' for the release build scriptBrent Cook1-1/+1
2014-12-07tests/Makefile.am.tpl: remove generated files on distcleanDmitry Eremin-Solenikov1-0/+1
Add pidwraptest.txt to DISTCLEANFILES to let it be removed on distclean. Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
2014-12-07update.sh: remove linked manpages on uninstallDmitry Eremin-Solenikov1-0/+12
Add additional code to remove linked manpages on uninstall. Since we do linking manually, automake will not remove them for us. Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
2014-12-07update.sh: add MV-like function preserving file timestampsDmitry Eremin-Solenikov1-2/+11
Add a do_mv()/$MV wrappers to be called instead of just mv. This function will preserve the target file if it does not differ from the source file. This helps to remove unnecessary compilator calls after calling update.sh w/o source changes. Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
2014-12-07update.sh: call $CP instead of cp to ease rebuildsDmitry Eremin-Solenikov1-5/+5
In several additional places call $CP instead of just cp to ease and speed up rebuilds after update.sh execution. Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
2014-12-07Update .gitignoreDmitry Eremin-Solenikov1-0/+2
Add gost test suite and camellia cipher dir to .gitignore. Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
2014-12-07update.sh: include gost test suiteDmitry Eremin-Solenikov1-1/+2
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
2014-12-07disable inline assembly on Windows for nowBrent Cook1-0/+4
There are issues building with inline assembly on Windows 64-bit.
2014-12-07Enable optimized crypto operations for x86_64Brent Cook6-25/+168
This adds initial support for assembly crypto acceleration on x86_64 for ELF (Linux, *BSD, Solaris) and Mach-O (OS-X) systems. The build method is a little different than OpenSSL and OpenBSD. All the .s files are generated ahead of time when the tarball is generated, so there are no complicated makefile rules at configure/build time. This also means the builds are faster and perl is not required on the build system. Thanks to Wouter Clarie for providing the initial cleanup and patch that this is based on.
2014-12-07sync man links from upstreamBrent Cook1-4/+0
I really need write something to automate this.
2014-12-06read all library versions directly from filesBrent Cook6-10/+18
This makes building and testing easier because the library Makefile.am files are use directly rather than as templates. Thanks to Wouter Clarie for the idea.
2014-12-06split long manpage makefile lines.Brent Cook1-2/+4
2014-12-06simplify packaging for libcrypto.Brent Cook2-245/+731
Remove a lot of complex shell code. Upstream churn has slowed down, so it is now easier to maintain this directly as automake files. This is also needed to start integrating CPU-specific acceleration support. Since we are deriving the copy list from the Makefile.am files, we can now get rid of copy_src/copy_crypto.
2014-12-06remove obsolete defineBrent Cook1-1/+0
2014-12-06simplify packaging for libssl.Brent Cook2-46/+74
Follow libtls and derive the file list from the Makefile.am template itself.
2014-12-06simplify building the apps MakefileBrent Cook5-58/+97
Remove extra machinery in favor of a plain-old Makefile.am. Tighten up what files are copied on build, package a simple openssl.cnf.
2014-12-06simplify packaging for libtls.Brent Cook3-16/+12
Derive the file list from the Makefile.am template itself (DRY), ensure manpage is packaged with the final tarball.
2014-12-06update changelog for libtlsBrent Cook1-0/+3
2014-12-06add support for building libtlsBrent Cook9-12/+118
Use './configure --enable-libtls' to build the library and install the associated manpages. Note that the API and ABI of this library may change still, though feedback is welcome. ok deraadt@ jsing@ tedu@
2014-12-03update changelog for 2.1.2Brent Cook1-0/+12
2014-12-03better cleanup biotest.cBrent Cook1-6/+1
2014-12-03monkey patch more POSIX-like behavior out of winsock 2Brent Cook3-8/+176
Windows sockets functions look on the outside like they behave similarly to POSIX functions, but there are many subtle and glaring differences, including errors reported via WSAGetLastError, read, write, and close do not work on sockets, setsockopt takes a (char *) rather than (void *), etc. This header implements wrappers that coerce more POSIX-like behavior from these functions, making portable code easier to develop. BENEFITS: One does not necessarily need to sprinkle #ifdefs around code to handle the Windows and non-Windows behavior when porting code. CAVEATS: There may be performance implications with the 'mother-may-I' approach to determining if a descriptor is a socket or a file. The errno mappings are not 100% what one might expect compared to POSIX since there were not always good 1:1 equivalents from the WSA errors.
2014-12-03add minimal winsock->BSD networking header shimsBrent Cook20-2/+205
also add license header to existing shims
2014-12-03add minimal poll(2) implementation for WindowsBrent Cook5-2/+398
This provides sufficient functionality to run openssl(1) from a Windows console. This is based on the original select-based version from from songdongsheng@live.cn. Changes: * use nfds_t directly for iterating the fds. * add WSAGetLastError -> errno mappings * handle POLLHUP and the OOB data cases for revents * handle sparse arrays of fds correctly * KNF style updates * teach poll how to handle file handles as well as sockets This handles the socket/non-socket issue by alternating a loop between WaitForMultipleObjects for non-sockets and and select for sockets. One would think this would be terrible for performance, but as of this writing, poll consumes about 6% of the time doing a bulk transfer between a Linux box and 'openssl.exe s_server'. I tried to implement this all in terms of WaitForMultipleObjects with a select 'poll' at the end to get extra specific socket status. However, the cost of setting up an event handle for each socket, setting the WSAEventSelect attributes, and cleaning them up reliably was pretty high. Since the event handle associated with a socket is also global, creating a new one cancels the previous one or can be disabled externally. In addition, the 'FD_WRITE' status of a socket event handle does not behave in an expected fashion, being triggered by an edge on a write event rather than being level triggered. Another fun horror story is how stdin in windows might be a console, it might be a pipe, it might be something else. If these all worked in the same way, it would be great. But, since a console-stdin can also signal on a mouse or window event, it means we can easily get stuck in a blocking read (you can't make stdin non-blocking) if the non-character events are not filtered out. So, poll does that too. See here for various additional horror stories: http://www.postgresql.org/message-id/4351.1336927207@sss.pgh.pa.us
2014-12-03update and mask unit tests when running on win32Brent Cook5-11/+57
Update pq_test to ignore changes in whitespace. Update for new testssl params, specify absolute paths to test binaries. Fork-based tests do not make sense on Windows. Disable building biotest, since it is too specific to OpenBSD's behavior to be useful on other platforms.
2014-12-03Add conditional compilation for windows and posix functions.Brent Cook4-7/+492
This adds a Windows-specific versions of several symbols from libcrypto and openssl(1).
2014-12-03Update win32 build definesBrent Cook1-1/+2
2014-12-03don't ignore a non-existent fileBrent Cook1-1/+0
2014-11-23improve readability of generated Makefile.am filesBrent Cook5-4/+10
2014-11-18ignore gost and camellia dirsBrent Cook1-0/+2
2014-11-18Enable GOST in libcrypto and libssl, contributed by Dmitry Eremin-SolenikovBrent Cook1-3/+10
Ensure the public camellia.h header is installed along with gost.h
2014-11-18Use _WIN32 instead of __WIN32.宋冬生2-2/+2
ok bcook@
2014-11-17Add the Cammelia cipher to libcrypto.Brent Cook1-1/+5
from miod@: There used to be a strong reluctance to provide this cipher in LibreSSL in the past, because the licence terms under which Cammelia was released by NTT were free-but-not-in-the-corners, by restricting the right to modify the source code, as well retaining the right to enforce their patents against anyone in the future. However, as stated in http://www.ntt.co.jp/news/news06e/0604/060413a.html , NTT changed its mind and made this code truly free. We only wish there had been more visibility of this, for we could have had enabled Cammelia earlier (-: Licence change noticed by deraadt@. General agreement from the usual LibreSSL suspects. Crank libcrypto.so minor version due to the added symbols.
2014-11-03Quiet clang warnings about unused arguments in general.Brent Cook1-1/+13
Check if we are using clang, rather than simply if we are on OS X. Note: recent LLVM releases do not seem to need this anyway.
2014-11-03make 'autoreconf' work from dist tarballBrent Cook2-1/+3
We need to include VERSION for it to run.
2014-11-03override native arc4random_buf on FreeBSDBrent Cook5-4/+19
The FreeBSD-native arc4random_buf implementation falls back to weak sources of entropy if the sysctl fails. Remove these dangerous fallbacks by overriding locally. Unfortunately, pthread_atfork() is broken on FreeBSD (at least 9 and 10) if a program does not link to -lthr. Callbacks registered with pthread_atfork() simply fail silently. So, it is not always possible to detect a PID wraparound. I wish we could do better. This improves arc4random_buf's safety compared to the native FreeBSD implementation. Tested on FreeBSD 9 and 10. ok beck@ deraadt@
2014-11-03override native arc4random_buf on OS XBrent Cook1-0/+4
While the native OS X implementation is fork-safe, it does not seed safely, as of the latest released OS X libc sources, version 997.90.3. It only uses weak sources of entropy if accessing /dev/urandom fails. ok beck@ deraadt@
2014-11-03update README to reflect current porting approachBrent Cook1-10/+6
ok beck@ deraadt@