gitignore: add .DS_Store

macOS creates .DS_Store files all over the place while browsing
directories. Add it to the list of ignored files.

Signed-off-by: Georgi Valkov <gvalkov@

gitignore: add .DS_Store

macOS creates .DS_Store files all over the place while browsing
directories. Add it to the list of ignored files.

Signed-off-by: Georgi Valkov <gvalkov@gmail.com>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/24942)

show more ...

Add comp.h to gitignore

Signed-off-by: Todd Short <todd.short@me.com>

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: T

Add comp.h to gitignore

Signed-off-by: Todd Short <todd.short@me.com>

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24676)

show more ...

gitignore: ignore newly generated header

Ignore generated include/openssl/x509_acert.h introduced in
https://github.com/openssl/openssl/pull/15857

Signed-off-by: Dimitri John Le

gitignore: ignore newly generated header

Ignore generated include/openssl/x509_acert.h introduced in
https://github.com/openssl/openssl/pull/15857

Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@surgut.co.uk>

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24287)

show more ...

Add exporters for CMake

CMake's older package finder, FindOpenSSL.cmake, does a best guess effort
and doesn't always get it right.

By CMake's own documentation, that's what such

Add exporters for CMake

CMake's older package finder, FindOpenSSL.cmake, does a best guess effort
and doesn't always get it right.

By CMake's own documentation, that's what such modules are (best effort
attempts), and package producers are (strongly) encouraged to help out by
producing and installing <PackageName>Config.cmake files to get a more
deterministic configuration.

The resulting OpenSSLConfig.cmake tries to mimic the result from CMake's
FindOpenSSL.cmake, by using the same variable and imported target names.
It also adds a few extra variables of its own, such as:

OPENSSL_MODULES_DIR Indicates the default installation directory
for OpenSSL loadable modules, such as providers.
OPENSSL_RUNTIME_DIR Indicates the default runtime directory, where
for example the openssl program is located.
OPENSSL_PROGRAM Is the full directory-and-filename of the
openssl program.

The imported targets OpenSSL::Crypto and OpenSSL::SSL are as precisely
specified as possible, so for example, they are specified with the both the
import library and the DLL on Windows, which should make life easier on that
platform.

For the moment, one of the following must be done in your CMake project for
this CMake configuration to take priority over CMake's FindOpenSSL.cmake:

- The variable CMAKE_FIND_PACKAGE_PREFER_CONFIG must be set to true prior
to the 'find_package(OpenSSL)' call.
- The 'find_package' call itself must use the "Full Signature". If you
don't know any better, simply add the 'CONFIG' option, i.e. from this
example:

find_package(OpenSSL 3.0 REQUIRED)

to this:

find_package(OpenSSL 3.0 REQUIRED CONFIG)

Just as with the 'pkg-config' exporters, two variants of the .cmake files
are produced:

- Those in 'exporters/' are installed in the location that 'pkg-config'
itself prefers for installed packages.
- Those in the top directory are to be used when it's desirable to build
directly against an OpenSSL build tree.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20878)

show more ...

Clean up exporters, specifically those we have for pkg-config

The pkg-config exporters were a special hack, all in
Configurations/unix-Makefile.tmpl, and this was well and good as long

Clean up exporters, specifically those we have for pkg-config

The pkg-config exporters were a special hack, all in
Configurations/unix-Makefile.tmpl, and this was well and good as long
as that was the only main package interface configuration system that we
cared about.

Things have changed, though, so we move the pkg-config production to be
templatable in a more flexible manner. Additional templates for other
interface configuration systems can then be added fairly easily.

Two variants of the .pc files are produced:

- Those in 'exporters/' are installed in the location that 'pkg-config'
itself prefers for installed packages.
- Those in the top directory are to be used when it's desirable to build
directly against an OpenSSL build tree.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20878)

show more ...

Update .gitignore with LSP files

This does not provide files for LSP support, but ignores them so they
aren't accidentally checked in by developers.

LSP (Language Server Protoco

Update .gitignore with LSP files

This does not provide files for LSP support, but ignores them so they
aren't accidentally checked in by developers.

LSP (Language Server Protocol) is a tools that can be used with various
editors to make navigating source code easier. It is more advanced than
`cscope` and supports completion, for example.

A common LSP for C/C++ is `clangd`, and it creates a `.cache` directory
within the project to store data.

The tool `bear` can be used with `make` to assist `clangd` in
determining where the source code is (specifically headers). This is
critical as OpenSSL uses the `<>` form of `#include` rather than the
`""` form. The `<>` form will cause `clangd` to look in e.g.
`/usr/include` for header files, rather than `include/openssl`. The
`bear` tool will create `compile_commands.json` that `clangd` can use
to find include files.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21338)

show more ...

Add a test quicserver utility

This QUIC server utility is intended for test purposes only and is expected
to be replaced in a future version of OpenSSL by s_server. At that point
it

Add a test quicserver utility

This QUIC server utility is intended for test purposes only and is expected
to be replaced in a future version of OpenSSL by s_server. At that point
it will be removed.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21204)

show more ...

Update .gitignore

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20935)

util/ctags.sh: a script for generating tags file with expanding macros

This script requires Universal Ctags 6.0.0 or newer.

Usage:

./util/ctags.sh [...options passe

util/ctags.sh: a script for generating tags file with expanding macros

This script requires Universal Ctags 6.0.0 or newer.

Usage:

./util/ctags.sh [...options passed to ctags...]

Fixing #10251

Running the script in "tags" make target is suggested by
Dmitry Belyavskiy <beldmit@gmail.com>.

The falling back action for running older ctags if u-ctags 6 is not
available is suggested
by Dr. Matthias St. Pierre <matthias.st.pierre@ncp-e.com>.

Signed-off-by: Masatake YAMATO <yamato@redhat.com>

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20960)

show more ...

Update gitignore

Add test/timing_load_creds

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.or

Update gitignore

Add test/timing_load_creds

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19021)

show more ...

Update .gitignore

add /test/evp_pkey_ctx_new_from_name

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli

Update .gitignore

add /test/evp_pkey_ctx_new_from_name

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18251)

show more ...

Add wrap.pl to .gitignore

This file is now auto-generated from a template (wrap.pl.in). Therefore
it should be ignored by git.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Me

Add wrap.pl to .gitignore

This file is now auto-generated from a template (wrap.pl.in). Therefore
it should be ignored by git.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15895)

show more ...

Ignore the threadstest_fips executable

Add a new executable that isn't caught by existing .gitignore rules

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github

Ignore the threadstest_fips executable

Add a new executable that isn't caught by existing .gitignore rules

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15453)

show more ...

Rework how a build file (Makefile, ...) is produced

The memory footprint of how we produced the Makefile was quite...
important, because we have all the processing in one perl snippet, a

Rework how a build file (Makefile, ...) is produced

The memory footprint of how we produced the Makefile was quite...
important, because we have all the processing in one perl snippet, and
generate the details of the build file by appending to the "magic"
variable $OUT. The result is that this variable gets to hold the
majority of the build file text, and depending on memory reallocation
strategies for strings, the heap may hold multiple (possibly not just
a few) copies of this string, almost all of them "freed" but still
taking up space. This has resulted in memory exhaustion.

We therefore change strategy, and generate the build file in two
phases, where the first phase generates the full template using small
perl snippets for each detail, and the second phase processes this
template. This is much kinder to process memory.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15310)

show more ...

Resurrect and modernize C++Builder config

Similar configuration to what was deleted in 8e56a422, updated for the
unified build scheme. Use the [Clang-based `bcc32c.exe`][1] to avoid a

Resurrect and modernize C++Builder config

Similar configuration to what was deleted in 8e56a422, updated for the
unified build scheme. Use the [Clang-based `bcc32c.exe`][1] to avoid a
[bug][2] with the old one, and increase the `tlib.exe` page size to 256.
Also avoid MSVC-specific C runtime library functions.

[1]: http://docwiki.embarcadero.com/RADStudio/Sydney/en/Win32_Clang-enhanced_Compilers
[2]: https://quality.embarcadero.com/browse/RSP-31630

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/13540)

show more ...

Fix some missed usage of DEFINE_LHASH_OF()

PR#12860 fixed issues with the Lhash code. It replaced usage of
DEFINE_LHASH_OF() in the public headers. Unfortunately it missed a couple
o

Fix some missed usage of DEFINE_LHASH_OF()

PR#12860 fixed issues with the Lhash code. It replaced usage of
DEFINE_LHASH_OF() in the public headers. Unfortunately it missed a couple
of instances.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13274)

show more ...

Add auto-gen SM2 der files into .gitignore

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/ope

Add auto-gen SM2 der files into .gitignore

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12536)

show more ...

Teach EdDSA signature algorithms about AlgorithmIdentifiers

The other signature algorithms know how to create their own
AlgorithmIdentifiers, but the EdDSA algorithms missed this.

Teach EdDSA signature algorithms about AlgorithmIdentifiers

The other signature algorithms know how to create their own
AlgorithmIdentifiers, but the EdDSA algorithms missed this.

Fixes #11875

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12884)

show more ...

Update err.h to use the new lhash generation code

Generate the lhash macros for the ERR_STRING_DATA type

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://

Update err.h to use the new lhash generation code

Generate the lhash macros for the ERR_STRING_DATA type

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12860)

show more ...

Fix safestack issues in ui.h

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/127

Fix safestack issues in ui.h

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12781)

show more ...

Fix safestack issues in pkcs12.h

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull

Fix safestack issues in pkcs12.h

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12781)

show more ...

Fix safestack issues in crypto.h

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull

Fix safestack issues in crypto.h

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12781)

show more ...

Fix safestack issues in conf.h

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/1

Fix safestack issues in conf.h

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12781)

show more ...

Fix safestack issues in bio.h

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12

Fix safestack issues in bio.h

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12781)

show more ...

Fix safestack issues in ess.h

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12

Fix safestack issues in ess.h

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12781)

show more ...