| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\ |
|
| | |
| |
| |
| | |
- To avoid ld warning on Solaris, use abs_top_builddir in Makefile.am
|
| |/
|
|
|
|
|
|
|
|
|
|
|
| |
- add cmake build options as configure provides
* -DENABLE_ASM (default ON)
* -DENABLE_EXTRATESTS (default OFF)
* -DENABLE_NC (default OFF)
* -DOPENSSLDIR (default ${CMAKE_INSTALL_PREFIX}/etc/ssl)
- add biotest and pidwraptest if ENABLE_EXTRATESTS is ON
- add compiler flag `-fno-common` if CMAKE_SYSTEM_NAME is Darwin
to prevent link error Undefined symbols "_OPENSSL_ia32cap_P"
|
| |
|
|
|
|
|
|
|
|
|
| |
- modify structure of CMakeLists.txt under apps/
* move apps/CMakeLists.txt to apps/openssl/ since this is for openssl build
* create new apps/nc/CMakeLists.txt for nc build
* modify apps/CMakeLists.txt just add_subdirectory()
- add checking and compile of arc4random_uniform()
- add installing man files, openssl.1 and nc.1
|
| | |
|
| |
|
|
| |
this also fixes the formatting of help for nc(1)
|
| |
|
|
|
| |
Some implementations, e.g. cygwin, use a table lookup that can cast
a char to a negative array offset.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
VS2013 has trouble with relative include paths for apps/openssl, so move
certhash_win/apps_win.c back to apps/openssl.
gmtime_r on mingw64 fails with negative time_t, override
gmtime_s fails all of the time unit tests, override
SHUT_RD/WR are defined in newer mingw64 headers, check before overriding
|
| |
|
|
|
|
| |
CPPFLAGS should just be set by the user at configure time
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
This moves the compatibility include files from include to
include/compat so we can use the awful MS C compiler
<../include/> trick to emulate the GNU #include_next extension.
This also removes a few old compat files we do not need anymore.
|
| |
|
|
|
|
|
|
| |
As per
http://www.gnu.org/software/autoconf/manual/autoconf-2.69/html_node/Installation-Directory-Variables.html
we should not try to expand variables like sysconfdir in the
configure script, but rather derive the correct value in the Makefiles
instead. This fixes missing expansions as the preprocessor define.
|
| |
|
|
|
| |
Install a default cert.pem, openssl.cnf, x509v3.cnf in OPENSSLDIR, which
is derived by default from sysconfdir and the prefix setting.
|
| |
|
|
|
|
| |
Move define adjustments to CPPFLAGS.
Adjust user CFLAGS directly, do not override during configuration.
USER_CFLAGS is not necessary to build libcompat_noopt correctly.
|
| | |
|
| |
|
|
|
| |
For now, look for openat and symlink. We may switch to just needing
symlink later.
|
| | |
|
| |
|
|
|
| |
Remove extra machinery in favor of a plain-old Makefile.am.
Tighten up what files are copied on build, package a simple openssl.cnf.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This provides sufficient functionality to run openssl(1) from a Windows
console. This is based on the original select-based version from from
songdongsheng@live.cn. Changes:
* use nfds_t directly for iterating the fds.
* add WSAGetLastError -> errno mappings
* handle POLLHUP and the OOB data cases for revents
* handle sparse arrays of fds correctly
* KNF style updates
* teach poll how to handle file handles as well as sockets
This handles the socket/non-socket issue by alternating a loop between
WaitForMultipleObjects for non-sockets and and select for sockets. One
would think this would be terrible for performance, but as of this
writing, poll consumes about 6% of the time doing a bulk transfer
between a Linux box and 'openssl.exe s_server'.
I tried to implement this all in terms of WaitForMultipleObjects with a
select 'poll' at the end to get extra specific socket status. However,
the cost of setting up an event handle for each socket, setting the
WSAEventSelect attributes, and cleaning them up reliably was pretty
high. Since the event handle associated with a socket is also global,
creating a new one cancels the previous one or can be disabled
externally.
In addition, the 'FD_WRITE' status of a socket event handle does not
behave in an expected fashion, being triggered by an edge on a write
event rather than being level triggered.
Another fun horror story is how stdin in windows might be a console, it
might be a pipe, it might be something else. If these all worked in the
same way, it would be great. But, since a console-stdin can also signal
on a mouse or window event, it means we can easily get stuck in a
blocking read (you can't make stdin non-blocking) if the non-character
events are not filtered out. So, poll does that too.
See here for various additional horror stories:
http://www.postgresql.org/message-id/4351.1336927207@sss.pgh.pa.us
|
| |
|
|
|
| |
This adds a Windows-specific versions of several symbols from libcrypto
and openssl(1).
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The FreeBSD-native arc4random_buf implementation falls back to weak
sources of entropy if the sysctl fails. Remove these dangerous fallbacks
by overriding locally.
Unfortunately, pthread_atfork() is broken on FreeBSD (at least 9 and 10)
if a program does not link to -lthr. Callbacks registered with
pthread_atfork() simply fail silently. So, it is not always possible to
detect a PID wraparound. I wish we could do better.
This improves arc4random_buf's safety compared to the native FreeBSD
implementation. Tested on FreeBSD 9 and 10.
ok beck@ deraadt@
|
| |
|
|
|
|
|
|
|
| |
Simplify autoconf checks by using AC_CHECK_FUNCS/HEADERS.
Clarify some ambiguous dependencies around strnlen/strndup.
Unconditionally enable pidwraptest for all arc4random implementations.
Remove HAVE_VASPRINTF conditional, since asprintf requires vasprintf.
ok @doug
|
| |
|
|
| |
ok beck@ guenther@
|
| |
|
|
|
|
| |
it is not needed as a library export
ok beck@
|
| |
|
