| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The build system incorrectly set include directives in AM_CFLAGS which
causes them to be placed after the configured CPPFLAGS. Thus, if
a user or packaging system sets CPPFLAGS to a location that has
libressl or openssl headers installed, they will be used instead
of the bundled versions. This corrects that issue by setting up
the variables correctly.
https://github.com/libressl-portable/portable/issues/150
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
|
| |
|
|
| |
This confuses some cmake targets.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
tested on Ubuntu 14.04
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
This moves the compatibility include files from include to
include/compat so we can use the awful MS C compiler
<../include/> trick to emulate the GNU #include_next extension.
This also removes a few old compat files we do not need anymore.
|
| | |
|
| |
|
|
|
|
|
| |
Mirror the patch to ui_openssl.c, also fix the broken conditional that
made it not actually turn off echo in the first place.
ok guenther@
|
| |
|
|
|
|
|
|
| |
As per
http://www.gnu.org/software/autoconf/manual/autoconf-2.69/html_node/Installation-Directory-Variables.html
we should not try to expand variables like sysconfdir in the
configure script, but rather derive the correct value in the Makefiles
instead. This fixes missing expansions as the preprocessor define.
|
| |
|
|
|
| |
Since libcrypto defines its own CPPFLAGS, we need to set this for
libcrypto specifically.
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
this also adds a rename shim that allows overwrites
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
From deraadt@ upstream:
Remove all getenv() calls, especially those wrapped by issetugid().
getenv()'s wrapped by issetugid() are safe, but issetugid() is ...
difficult to impliment on many operating systems. By accident, a grand
experiment was run over the last year, where issetugid() returned 1 (the
safe value) on a few operating systems. Noone noticed & complained that
certain environment variables were not working.......
|
| |
|
|
|
| |
This includes a WIP failsafe issetugid for now, while research continues
on the proper way to do this in a race-free fashion in AIX.
|
| |
|
|
|
|
| |
Move define adjustments to CPPFLAGS.
Adjust user CFLAGS directly, do not override during configuration.
USER_CFLAGS is not necessary to build libcompat_noopt correctly.
|
| |
|
|
|
| |
Noticed while testing similar code for AIX.
ok beck@
|
| |
|
|
|
| |
Fail closed if we cannot obtain the process flags. Noticed while looking
at a similar function for AIX.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
The current NetBSD release, 6.1.5, fails to reseed arc4random fork. Work
around it by providing arc4random/getentropy shims. Revisit when NetBSD
7 is available.
|
| |
|
|
|
|
|
|
|
|
| |
tested on: HP-UX 11.31 ia64,
gcc 4.7.1(HP AllianceOne version)
gcc 4.2.3(http://hpux.connect.org.uk)
HP C/aC++
HP-UX defaults to use LP32 and it treats long as 32 bit (= 4 bytes).
This build forces LP64 for treating long as 64 bit.
|
| |
|
|
| |
based on a patch from Jan Engelhardt
|
| |
|
|
| |
There are issues building with inline assembly on Windows 64-bit.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds initial support for assembly crypto acceleration on x86_64 for
ELF (Linux, *BSD, Solaris) and Mach-O (OS-X) systems.
The build method is a little different than OpenSSL and OpenBSD. All
the .s files are generated ahead of time when the tarball is generated,
so there are no complicated makefile rules at configure/build time. This
also means the builds are faster and perl is not required on the build
system.
Thanks to Wouter Clarie for providing the initial cleanup and patch
that this is based on.
|
| |
|
|
|
|
| |
This makes building and testing easier because the library Makefile.am
files are use directly rather than as templates. Thanks to Wouter Clarie
for the idea.
|
| |
|
|
|
|
|
|
|
| |
Remove a lot of complex shell code. Upstream churn has slowed down, so
it is now easier to maintain this directly as automake files. This is
also needed to start integrating CPU-specific acceleration support.
Since we are deriving the copy list from the Makefile.am files, we can
now get rid of copy_src/copy_crypto.
|
| |
|
|
|
| |
This adds a Windows-specific versions of several symbols from libcrypto
and openssl(1).
|
| | |
|
| |
|
|
| |
ok bcook@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The FreeBSD-native arc4random_buf implementation falls back to weak
sources of entropy if the sysctl fails. Remove these dangerous fallbacks
by overriding locally.
Unfortunately, pthread_atfork() is broken on FreeBSD (at least 9 and 10)
if a program does not link to -lthr. Callbacks registered with
pthread_atfork() simply fail silently. So, it is not always possible to
detect a PID wraparound. I wish we could do better.
This improves arc4random_buf's safety compared to the native FreeBSD
implementation. Tested on FreeBSD 9 and 10.
ok beck@ deraadt@
|
| |
|
|
| |
ok @doug
|
| |
|
|
|
|
|
|
|
| |
Simplify autoconf checks by using AC_CHECK_FUNCS/HEADERS.
Clarify some ambiguous dependencies around strnlen/strndup.
Unconditionally enable pidwraptest for all arc4random implementations.
Remove HAVE_VASPRINTF conditional, since asprintf requires vasprintf.
ok @doug
|
| |
|
|
|
|
| |
it is only used by strndup
prodded by Sortie@
|
| |
|
|
|
|
|
|
|
| |
* use the original name for the file from OpenSSH (remove duplicate version)
* add va_copy/__va_copy checks to configure
* incorporate proposed fixes to openssh version:
+ include more system headers directly for various definitions
+ limit the scope of va_copy/va_end to their affected vsnprintf calls
+ simplify error handling, removing a dead assignment
|
| | |
|
| |
|
|
| |
ok deraadt@ beck@
|
| |
|
|
| |
ok deraadt@ beck@
|
| |
|
|
| |
ok deraadt@ beck@
|
| | |
|
| | |
|
