aboutsummaryrefslogtreecommitdiff
path: root/crypto (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* update for mdc2 removalBrent Cook2015-06-201-5/+0
|
* add a missing header and fix typo in windows posix layerBrent Cook2015-06-131-1/+2
|
* refactor win32 shims into posix_win.cBrent Cook2015-06-052-0/+171
| | | | this also adds a rename shim that allows overwrites
* add Makefile.am.arc4randomBrent Cook2015-05-231-0/+45
|
* further refactoring, working libtls-standaloneBrent Cook2015-05-231-43/+1
|
* remove issetuigid wrappers, now that all getenv calls are gone.Brent Cook2015-04-146-231/+0
| | | | | | | | | | | From deraadt@ upstream: Remove all getenv() calls, especially those wrapped by issetugid(). getenv()'s wrapped by issetugid() are safe, but issetugid() is ... difficult to impliment on many operating systems. By accident, a grand experiment was run over the last year, where issetugid() returned 1 (the safe value) on a few operating systems. Noone noticed & complained that certain environment variables were not working.......
* Add experimental AIX support.Brent Cook2015-03-313-1/+118
| | | | | This includes a WIP failsafe issetugid for now, while research continues on the proper way to do this in a race-free fashion in AIX.
* rework CFLAGS/CPPFLAGS settings during configurationBrent Cook2015-03-223-38/+36
| | | | | | Move define adjustments to CPPFLAGS. Adjust user CFLAGS directly, do not override during configuration. USER_CFLAGS is not necessary to build libcompat_noopt correctly.
* disable system issetugid on OS X since it is not fork-safeBrent Cook2015-02-172-0/+19
| | | | | Noticed while testing similar code for AIX. ok beck@
* remove getuid/getgid fallbacks from hp-ux issetugid emulationBrent Cook2015-02-161-15/+6
| | | | | Fail closed if we cannot obtain the process flags. Noticed while looking at a similar function for AIX.
* c_all* have merged into c_all.cBrent Cook2015-02-081-2/+0
|
* add by_mem.c for X509_STORE_load_memBrent Cook2015-01-261-0/+1
|
* add NetBSD shims for arc4randomBrent Cook2015-01-212-7/+14
| | | | | | The current NetBSD release, 6.1.5, fails to reseed arc4random fork. Work around it by providing arc4random/getentropy shims. Revisit when NetBSD 7 is available.
* Add support for HP-UXkinichiro2015-01-063-0/+36
| | | | | | | | | | tested on: HP-UX 11.31 ia64, gcc 4.7.1(HP AllianceOne version) gcc 4.2.3(http://hpux.connect.org.uk) HP C/aC++ HP-UX defaults to use LP32 and it treats long as 32 bit (= 4 bytes). This build forces LP64 for treating long as 64 bit.
* allow Windows DLLs to be builtBrent Cook2014-12-141-1/+1
| | | | based on a patch from Jan Engelhardt
* disable inline assembly on Windows for nowBrent Cook2014-12-071-0/+4
| | | | There are issues building with inline assembly on Windows 64-bit.
* Enable optimized crypto operations for x86_64Brent Cook2014-12-073-8/+102
| | | | | | | | | | | | | | This adds initial support for assembly crypto acceleration on x86_64 for ELF (Linux, *BSD, Solaris) and Mach-O (OS-X) systems. The build method is a little different than OpenSSL and OpenBSD. All the .s files are generated ahead of time when the tarball is generated, so there are no complicated makefile rules at configure/build time. This also means the builds are faster and perl is not required on the build system. Thanks to Wouter Clarie for providing the initial cleanup and patch that this is based on.
* read all library versions directly from filesBrent Cook2014-12-061-1/+3
| | | | | | This makes building and testing easier because the library Makefile.am files are use directly rather than as templates. Thanks to Wouter Clarie for the idea.
* simplify packaging for libcrypto.Brent Cook2014-12-061-0/+704
| | | | | | | | | Remove a lot of complex shell code. Upstream churn has slowed down, so it is now easier to maintain this directly as automake files. This is also needed to start integrating CPU-specific acceleration support. Since we are deriving the copy list from the Makefile.am files, we can now get rid of copy_src/copy_crypto.
* Add conditional compilation for windows and posix functions.Brent Cook2014-12-032-0/+421
| | | | | This adds a Windows-specific versions of several symbols from libcrypto and openssl(1).
* improve readability of generated Makefile.am filesBrent Cook2014-11-231-1/+3
|
* Use _WIN32 instead of __WIN32.宋冬生2014-11-181-1/+1
| | | | ok bcook@
* override native arc4random_buf on FreeBSDBrent Cook2014-11-032-1/+10
| | | | | | | | | | | | | | | | The FreeBSD-native arc4random_buf implementation falls back to weak sources of entropy if the sysctl fails. Remove these dangerous fallbacks by overriding locally. Unfortunately, pthread_atfork() is broken on FreeBSD (at least 9 and 10) if a program does not link to -lthr. Callbacks registered with pthread_atfork() simply fail silently. So, it is not always possible to detect a PID wraparound. I wish we could do better. This improves arc4random_buf's safety compared to the native FreeBSD implementation. Tested on FreeBSD 9 and 10. ok beck@ deraadt@
* wrap arc4random headerBrent Cook2014-10-301-0/+4
| | | | ok @doug
* Improve and simplify function and header detection logic.Brent Cook2014-10-302-15/+14
| | | | | | | | | Simplify autoconf checks by using AC_CHECK_FUNCS/HEADERS. Clarify some ambiguous dependencies around strnlen/strndup. Unconditionally enable pidwraptest for all arc4random implementations. Remove HAVE_VASPRINTF conditional, since asprintf requires vasprintf. ok @doug
* conditionally build strnlen if needed.Brent Cook2014-08-021-0/+2
| | | | | | it is only used by strndup prodded by Sortie@
* harmonize asprintf with OpenSSHBrent Cook2014-07-303-111/+14
| | | | | | | | | * use the original name for the file from OpenSSH (remove duplicate version) * add va_copy/__va_copy checks to configure * incorporate proposed fixes to openssh version: + include more system headers directly for various definitions + limit the scope of va_copy/va_end to their affected vsnprintf calls + simplify error handling, removing a dead assignment
* include comment on windows servicesBrent Cook2014-07-291-0/+5
|
* stub win32 issetugid implementationBrent Cook2014-07-292-0/+24
| | | | ok deraadt@ beck@
* produce a error if platform has no arc4random hookBrent Cook2014-07-291-7/+8
| | | | ok deraadt@ beck@
* add asprintf / vasprintf from OpenSSH portableBrent Cook2014-07-292-0/+98
| | | | ok deraadt@ beck@
* add strndup/strnlen compat functions from OpenBSDBrent Cook2014-07-281-0/+5
|
* remove thread_private.h, no longer neededBrent Cook2014-07-272-1/+0
|
* test for and use system explicit_bzero if it existsBrent Cook2014-07-211-1/+5
| | | | ok beck@ guenther@
* remove thread_private.h defines, moved to arc4random_*.hBrent Cook2014-07-191-14/+0
|
* update to newly-refactored arc4random compatibility shimsBrent Cook2014-07-182-0/+21
| | | | | | the thread-private bits can move next ok beck@
* initial underpinnings for mingw/cross compilation supportBrent Cook2014-07-181-3/+8
| | | | | | | | | Use canonical host rather than target so that this works: CC=i686-w64-mingw32-gcc ./configure --host=i686-w64-mingw32 Conditionally compile Linux issetugid compatibility function ok beck@
* register the atfork handler from arc4randomBrent Cook2014-07-151-0/+8
| | | | | | | | | | | | | | | | | | From kettenis@ People have suggested using pthread_atfork(3) before, but discarded the idea because it involves linking with -lpthread, which has other undesirable consequences. However: * Most systems actually have pthread_atfork(3) in libc. I verified this on OS X and Solaris. I believe this is the case on Linux systems that use musl as well. * On Linux systems that use glibc, this isn't the case. However, those systems have __register_atfork(3), which is fully documented in the "Linux Standard Base Core Specification". ok kettenis@ deraadt@ beck@
* add platform libraries to libcompat's LIBADD listBrent Cook2014-07-121-0/+1
| | | | ok beck@
* We're probably gonna need this for solaris 10Bob Beck2014-07-121-0/+101
|
* build strtonum directly into apps/opensslBrent Cook2014-07-111-3/+0
| | | | | | it is not needed as a library export ok beck@
* Make things build again - add some missing headersCharlie Root2014-07-101-0/+2
| | | | ok bcook@
* initial top-level import of subdirectoriesBrent Cook2014-07-103-0/+122