aboutsummaryrefslogtreecommitdiff
path: root/crypto (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Use bundled headers instead of installed headers when buildingJeremy Huddleston Sequoia2015-10-151-4/+5
| | | | | | | | | | | | | The build system incorrectly set include directives in AM_CFLAGS which causes them to be placed after the configured CPPFLAGS. Thus, if a user or packaging system sets CPPFLAGS to a location that has libressl or openssl headers installed, they will be used instead of the bundled versions. This corrects that issue by setting up the variables correctly. https://github.com/libressl-portable/portable/issues/150 Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
* Do not build lib-objects targets if we are just building static libs.Brent Cook2015-09-111-8/+8
| | | | This confuses some cmake targets.
* distribute strcasecmp.cBrent Cook2015-09-111-0/+3
|
* disable shared CMake builds for OS X / Windows for nowBrent Cook2015-09-111-4/+8
|
* Add install targets and shared libraries to CMakeJeff Davey2015-08-281-1/+9
|
* disable explicit_bzero optimizations with CMake buildsBrent Cook2015-08-031-0/+1
|
* add win32-specific explicit_bzero implementationBrent Cook2015-08-032-0/+17
|
* initial Linux cmake suppportBrent Cook2015-08-011-0/+2
| | | | tested on Ubuntu 14.04
* don't build eng_rsax.c anymoreBrent Cook2015-07-211-1/+0
|
* move sleep shim to posix_win.cBrent Cook2015-07-211-0/+7
|
* add initial build for arc4random/getentropy fallbacksBrent Cook2015-07-211-3/+18
|
* add initial CMake and Visual Studio build supportBrent Cook2015-07-213-0/+651
| | | | | | | | This moves the compatibility include files from include to include/compat so we can use the awful MS C compiler <../include/> trick to emulate the GNU #include_next extension. This also removes a few old compat files we do not need anymore.
* eng_rsax is goneBrent Cook2015-07-201-1/+0
|
* win32 openssl CLI: preserve original echo stateBrent Cook2015-07-161-9/+9
| | | | | | | Mirror the patch to ui_openssl.c, also fix the broken conditional that made it not actually turn off echo in the first place. ok guenther@
* fixup how OPENSSLDIR is derived and expandedBrent Cook2015-07-151-0/+6
| | | | | | | | As per http://www.gnu.org/software/autoconf/manual/autoconf-2.69/html_node/Installation-Directory-Variables.html we should not try to expand variables like sysconfdir in the configure script, but rather derive the correct value in the Makefiles instead. This fixes missing expansions as the preprocessor define.
* build libcrypto with -DLIBRESSL_INTERNALBrent Cook2015-07-151-1/+2
| | | | | Since libcrypto defines its own CPPFLAGS, we need to set this for libcrypto specifically.
* add check for inet_pton, nudge minimum win32 compat to 0x0501Brent Cook2015-07-022-0/+216
|
* update for mdc2 removalBrent Cook2015-06-201-5/+0
|
* add a missing header and fix typo in windows posix layerBrent Cook2015-06-131-1/+2
|
* refactor win32 shims into posix_win.cBrent Cook2015-06-052-0/+171
| | | | this also adds a rename shim that allows overwrites
* add Makefile.am.arc4randomBrent Cook2015-05-231-0/+45
|
* further refactoring, working libtls-standaloneBrent Cook2015-05-231-43/+1
|
* remove issetuigid wrappers, now that all getenv calls are gone.Brent Cook2015-04-146-231/+0
| | | | | | | | | | | From deraadt@ upstream: Remove all getenv() calls, especially those wrapped by issetugid(). getenv()'s wrapped by issetugid() are safe, but issetugid() is ... difficult to impliment on many operating systems. By accident, a grand experiment was run over the last year, where issetugid() returned 1 (the safe value) on a few operating systems. Noone noticed & complained that certain environment variables were not working.......
* Add experimental AIX support.Brent Cook2015-03-313-1/+118
| | | | | This includes a WIP failsafe issetugid for now, while research continues on the proper way to do this in a race-free fashion in AIX.
* rework CFLAGS/CPPFLAGS settings during configurationBrent Cook2015-03-223-38/+36
| | | | | | Move define adjustments to CPPFLAGS. Adjust user CFLAGS directly, do not override during configuration. USER_CFLAGS is not necessary to build libcompat_noopt correctly.
* disable system issetugid on OS X since it is not fork-safeBrent Cook2015-02-172-0/+19
| | | | | Noticed while testing similar code for AIX. ok beck@
* remove getuid/getgid fallbacks from hp-ux issetugid emulationBrent Cook2015-02-161-15/+6
| | | | | Fail closed if we cannot obtain the process flags. Noticed while looking at a similar function for AIX.
* c_all* have merged into c_all.cBrent Cook2015-02-081-2/+0
|
* add by_mem.c for X509_STORE_load_memBrent Cook2015-01-261-0/+1
|
* add NetBSD shims for arc4randomBrent Cook2015-01-212-7/+14
| | | | | | The current NetBSD release, 6.1.5, fails to reseed arc4random fork. Work around it by providing arc4random/getentropy shims. Revisit when NetBSD 7 is available.
* Add support for HP-UXkinichiro2015-01-063-0/+36
| | | | | | | | | | tested on: HP-UX 11.31 ia64, gcc 4.7.1(HP AllianceOne version) gcc 4.2.3(http://hpux.connect.org.uk) HP C/aC++ HP-UX defaults to use LP32 and it treats long as 32 bit (= 4 bytes). This build forces LP64 for treating long as 64 bit.
* allow Windows DLLs to be builtBrent Cook2014-12-141-1/+1
| | | | based on a patch from Jan Engelhardt
* disable inline assembly on Windows for nowBrent Cook2014-12-071-0/+4
| | | | There are issues building with inline assembly on Windows 64-bit.
* Enable optimized crypto operations for x86_64Brent Cook2014-12-073-8/+102
| | | | | | | | | | | | | | This adds initial support for assembly crypto acceleration on x86_64 for ELF (Linux, *BSD, Solaris) and Mach-O (OS-X) systems. The build method is a little different than OpenSSL and OpenBSD. All the .s files are generated ahead of time when the tarball is generated, so there are no complicated makefile rules at configure/build time. This also means the builds are faster and perl is not required on the build system. Thanks to Wouter Clarie for providing the initial cleanup and patch that this is based on.
* read all library versions directly from filesBrent Cook2014-12-061-1/+3
| | | | | | This makes building and testing easier because the library Makefile.am files are use directly rather than as templates. Thanks to Wouter Clarie for the idea.
* simplify packaging for libcrypto.Brent Cook2014-12-061-0/+704
| | | | | | | | | Remove a lot of complex shell code. Upstream churn has slowed down, so it is now easier to maintain this directly as automake files. This is also needed to start integrating CPU-specific acceleration support. Since we are deriving the copy list from the Makefile.am files, we can now get rid of copy_src/copy_crypto.
* Add conditional compilation for windows and posix functions.Brent Cook2014-12-032-0/+421
| | | | | This adds a Windows-specific versions of several symbols from libcrypto and openssl(1).
* improve readability of generated Makefile.am filesBrent Cook2014-11-231-1/+3
|
* Use _WIN32 instead of __WIN32.宋冬生2014-11-181-1/+1
| | | | ok bcook@
* override native arc4random_buf on FreeBSDBrent Cook2014-11-032-1/+10
| | | | | | | | | | | | | | | | The FreeBSD-native arc4random_buf implementation falls back to weak sources of entropy if the sysctl fails. Remove these dangerous fallbacks by overriding locally. Unfortunately, pthread_atfork() is broken on FreeBSD (at least 9 and 10) if a program does not link to -lthr. Callbacks registered with pthread_atfork() simply fail silently. So, it is not always possible to detect a PID wraparound. I wish we could do better. This improves arc4random_buf's safety compared to the native FreeBSD implementation. Tested on FreeBSD 9 and 10. ok beck@ deraadt@
* wrap arc4random headerBrent Cook2014-10-301-0/+4
| | | | ok @doug
* Improve and simplify function and header detection logic.Brent Cook2014-10-302-15/+14
| | | | | | | | | Simplify autoconf checks by using AC_CHECK_FUNCS/HEADERS. Clarify some ambiguous dependencies around strnlen/strndup. Unconditionally enable pidwraptest for all arc4random implementations. Remove HAVE_VASPRINTF conditional, since asprintf requires vasprintf. ok @doug
* conditionally build strnlen if needed.Brent Cook2014-08-021-0/+2
| | | | | | it is only used by strndup prodded by Sortie@
* harmonize asprintf with OpenSSHBrent Cook2014-07-303-111/+14
| | | | | | | | | * use the original name for the file from OpenSSH (remove duplicate version) * add va_copy/__va_copy checks to configure * incorporate proposed fixes to openssh version: + include more system headers directly for various definitions + limit the scope of va_copy/va_end to their affected vsnprintf calls + simplify error handling, removing a dead assignment
* include comment on windows servicesBrent Cook2014-07-291-0/+5
|
* stub win32 issetugid implementationBrent Cook2014-07-292-0/+24
| | | | ok deraadt@ beck@
* produce a error if platform has no arc4random hookBrent Cook2014-07-291-7/+8
| | | | ok deraadt@ beck@
* add asprintf / vasprintf from OpenSSH portableBrent Cook2014-07-292-0/+98
| | | | ok deraadt@ beck@
* add strndup/strnlen compat functions from OpenBSDBrent Cook2014-07-281-0/+5
|
* remove thread_private.h, no longer neededBrent Cook2014-07-272-1/+0
|