aboutsummaryrefslogtreecommitdiff
path: root/update.sh (follow)
Commit message (Collapse)AuthorAgeFilesLines
* enable libtls by defaultBrent Cook2015-03-191-6/+0
| | | | | | | | The API/ABI for the LibreSSL 2.1.x series is now fixed, so we can safely enable libtls it by default. This is useful for new OpenNTPD and OpenSMTPD releases as well. ok deraadt@ beck@ sthen@
* use correct patch levelv2.1.5Brent Cook2015-03-091-1/+1
|
* initialize winsock earlier in openssl(1)Brent Cook2015-03-081-9/+11
| | | | | This allows commands like ocsp to work properly since we no longer initialize Winsock as a side-effect of doing a BIO_gethostbyname.
* add strsep fallback for libtlsBrent Cook2015-02-141-1/+5
|
* update for new manpage conversions, add linksBrent Cook2015-02-141-0/+5
|
* rc5 is removedBrent Cook2015-02-101-1/+1
|
* disable biotestBrent Cook2015-02-061-0/+3
|
* update with latest, add more testsBrent Cook2015-02-061-15/+5
| | | | this adds the new bytestring apis and new regression tests
* do not mark GNU_STACK WX in ELFs generated from assemblyBrent Cook2014-12-221-0/+10
| | | | | | | | | | | | When generating ELF objects from assembly, gcc and clang mark the GNU_STACK program headers as RWX by default. This is a security issue, so we make sure it is marked only RW. This modifies Anthony G. Basile's original patch for Linux to set .note.GNU-stack whenever the assembler supports it. It is surprising that any modern toolchain would enable an executable stack without an explicit request. The number of programs that need an executable stack is surely much smaller than the number of programs that include assembly.
* bump versionBrent Cook2014-12-141-1/+5
| | | | append portable version number to the version string
* use the new $MV macro to generate assembly filesBrent Cook2014-12-071-19/+27
| | | | | Avoid spurious rebuilds running update.sh by generating a temp file and comparing the result to the existing one.
* update.sh: remove linked manpages on uninstallDmitry Eremin-Solenikov2014-12-071-0/+12
| | | | | | | Add additional code to remove linked manpages on uninstall. Since we do linking manually, automake will not remove them for us. Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* update.sh: add MV-like function preserving file timestampsDmitry Eremin-Solenikov2014-12-071-2/+11
| | | | | | | | | Add a do_mv()/$MV wrappers to be called instead of just mv. This function will preserve the target file if it does not differ from the source file. This helps to remove unnecessary compilator calls after calling update.sh w/o source changes. Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* update.sh: call $CP instead of cp to ease rebuildsDmitry Eremin-Solenikov2014-12-071-5/+5
| | | | | | | In several additional places call $CP instead of just cp to ease and speed up rebuilds after update.sh execution. Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* update.sh: include gost test suiteDmitry Eremin-Solenikov2014-12-071-1/+2
| | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Enable optimized crypto operations for x86_64Brent Cook2014-12-071-1/+33
| | | | | | | | | | | | | | This adds initial support for assembly crypto acceleration on x86_64 for ELF (Linux, *BSD, Solaris) and Mach-O (OS-X) systems. The build method is a little different than OpenSSL and OpenBSD. All the .s files are generated ahead of time when the tarball is generated, so there are no complicated makefile rules at configure/build time. This also means the builds are faster and perl is not required on the build system. Thanks to Wouter Clarie for providing the initial cleanup and patch that this is based on.
* read all library versions directly from filesBrent Cook2014-12-061-4/+3
| | | | | | This makes building and testing easier because the library Makefile.am files are use directly rather than as templates. Thanks to Wouter Clarie for the idea.
* split long manpage makefile lines.Brent Cook2014-12-061-2/+4
|
* simplify packaging for libcrypto.Brent Cook2014-12-061-245/+27
| | | | | | | | | Remove a lot of complex shell code. Upstream churn has slowed down, so it is now easier to maintain this directly as automake files. This is also needed to start integrating CPU-specific acceleration support. Since we are deriving the copy list from the Makefile.am files, we can now get rid of copy_src/copy_crypto.
* simplify packaging for libssl.Brent Cook2014-12-061-44/+31
| | | | | Follow libtls and derive the file list from the Makefile.am template itself.
* simplify building the apps MakefileBrent Cook2014-12-061-34/+11
| | | | | Remove extra machinery in favor of a plain-old Makefile.am. Tighten up what files are copied on build, package a simple openssl.cnf.
* simplify packaging for libtls.Brent Cook2014-12-061-13/+2
| | | | | Derive the file list from the Makefile.am template itself (DRY), ensure manpage is packaged with the final tarball.
* add support for building libtlsBrent Cook2014-12-061-8/+41
| | | | | | | | Use './configure --enable-libtls' to build the library and install the associated manpages. Note that the API and ABI of this library may change still, though feedback is welcome. ok deraadt@ jsing@ tedu@
* better cleanup biotest.cBrent Cook2014-12-031-6/+1
|
* add minimal poll(2) implementation for WindowsBrent Cook2014-12-031-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This provides sufficient functionality to run openssl(1) from a Windows console. This is based on the original select-based version from from songdongsheng@live.cn. Changes: * use nfds_t directly for iterating the fds. * add WSAGetLastError -> errno mappings * handle POLLHUP and the OOB data cases for revents * handle sparse arrays of fds correctly * KNF style updates * teach poll how to handle file handles as well as sockets This handles the socket/non-socket issue by alternating a loop between WaitForMultipleObjects for non-sockets and and select for sockets. One would think this would be terrible for performance, but as of this writing, poll consumes about 6% of the time doing a bulk transfer between a Linux box and 'openssl.exe s_server'. I tried to implement this all in terms of WaitForMultipleObjects with a select 'poll' at the end to get extra specific socket status. However, the cost of setting up an event handle for each socket, setting the WSAEventSelect attributes, and cleaning them up reliably was pretty high. Since the event handle associated with a socket is also global, creating a new one cancels the previous one or can be disabled externally. In addition, the 'FD_WRITE' status of a socket event handle does not behave in an expected fashion, being triggered by an edge on a write event rather than being level triggered. Another fun horror story is how stdin in windows might be a console, it might be a pipe, it might be something else. If these all worked in the same way, it would be great. But, since a console-stdin can also signal on a mouse or window event, it means we can easily get stuck in a blocking read (you can't make stdin non-blocking) if the non-character events are not filtered out. So, poll does that too. See here for various additional horror stories: http://www.postgresql.org/message-id/4351.1336927207@sss.pgh.pa.us
* update and mask unit tests when running on win32Brent Cook2014-12-031-5/+25
| | | | | | | | Update pq_test to ignore changes in whitespace. Update for new testssl params, specify absolute paths to test binaries. Fork-based tests do not make sense on Windows. Disable building biotest, since it is too specific to OpenBSD's behavior to be useful on other platforms.
* Add conditional compilation for windows and posix functions.Brent Cook2014-12-031-7/+42
| | | | | This adds a Windows-specific versions of several symbols from libcrypto and openssl(1).
* improve readability of generated Makefile.am filesBrent Cook2014-11-231-3/+4
|
* Enable GOST in libcrypto and libssl, contributed by Dmitry Eremin-SolenikovBrent Cook2014-11-181-3/+10
| | | | Ensure the public camellia.h header is installed along with gost.h
* Add the Cammelia cipher to libcrypto.Brent Cook2014-11-171-1/+5
| | | | | | | | | | | | | | | | | | | | from miod@: There used to be a strong reluctance to provide this cipher in LibreSSL in the past, because the licence terms under which Cammelia was released by NTT were free-but-not-in-the-corners, by restricting the right to modify the source code, as well retaining the right to enforce their patents against anyone in the future. However, as stated in http://www.ntt.co.jp/news/news06e/0604/060413a.html , NTT changed its mind and made this code truly free. We only wish there had been more visibility of this, for we could have had enabled Cammelia earlier (-: Licence change noticed by deraadt@. General agreement from the usual LibreSSL suspects. Crank libcrypto.so minor version due to the added symbols.
* Improve and simplify function and header detection logic.Brent Cook2014-10-301-2/+1
| | | | | | | | | Simplify autoconf checks by using AC_CHECK_FUNCS/HEADERS. Clarify some ambiguous dependencies around strnlen/strndup. Unconditionally enable pidwraptest for all arc4random implementations. Remove HAVE_VASPRINTF conditional, since asprintf requires vasprintf. ok @doug
* enable -lcrypto -lssl with all test programs directly.Brent Cook2014-10-301-2/+0
| | | | | | This removes the need to specify each one individually. ok doug@
* remove duplicate (and overlapping) .1 manpagesBrent Cook2014-10-261-16/+12
| | | | | | openssl.1 contains all of the information from the other application manpages, and is the only one packaged in OpenBSD. So, remove the other obsolete .1 manpages (and avoid overlapping system pages like passwd.1)
* include a proper check for memmem when configuring unit testsBrent Cook2014-10-221-0/+2
| | | | This allows the proper compatibility header definition to be exposed.
* add extended ChangeLog fileBrent Cook2014-10-141-1/+0
| | | | help people more easily find the code and changes
* update to new converted SSL manpagesBrent Cook2014-10-141-1/+10
|
* update for upstream move of the openssl appBrent Cook2014-08-271-17/+15
|
* remove configure.am.tpl, pull in VERSION directlyBrent Cook2014-08-121-2/+0
| | | | from wouter@
* rebase on pull when updating the openbsd branchBrent Cook2014-08-081-1/+1
| | | | this avoids inadvertent local merges
* tie master libressl branch to openbsd masterBrent Cook2014-07-311-8/+7
| | | | Added OPENBSD_BRANCH to set what branch update.sh should checkout.
* split big lineBrent Cook2014-07-281-1/+2
|
* add strndup/strnlen compat functions from OpenBSDBrent Cook2014-07-281-1/+1
|
* build openbsd memmem implementation for explicit_bzero testBrent Cook2014-07-211-1/+3
| | | | | | memmem is not always available, and not all memmem's work the same way ok beck@ guenther@
* compute absolute paths to sourceBrent Cook2014-07-211-10/+11
| | | | | | removes relative path hackery ok beck@ guenther@
* better handle disabled tests and exclude filesBrent Cook2014-07-211-5/+19
| | | | ok beck@ guenther@
* use correct link order for app and testsBrent Cook2014-07-211-2/+2
| | | | ok beck@ guenther@
* preserve timestamps on copy from upstream checkoutBrent Cook2014-07-211-28/+30
| | | | | | this saves time on rebuilds when testing tarballs ok beck@ guenther@
* Use correct static link order for unit tests.Brent Cook2014-07-201-2/+2
| | | | | | thanks to Jonas 'Sortie' Termansen ok beck@
* update to newly-refactored arc4random compatibility shimsBrent Cook2014-07-181-0/+1
| | | | | | the thread-private bits can move next ok beck@
* added fork_rand test to check for PID wraparoundBrent Cook2014-07-151-2/+2
| | | | ok beck@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-16 14:27:58 +0000