Configure - neater looking add() and add_before()

They now default to " " as separator, but that can be overridden by
having a hash with parameters as last argument. The only currently

Configure - neater looking add() and add_before()

They now default to " " as separator, but that can be overridden by
having a hash with parameters as last argument. The only currently
recognised parameter is `separator'.

The special separator `undef' will force the result to become a list
rather than a concatenated string.

Reviewed-by: Andy Polyakov <appro@openssl.org>

show more ...

Add OPENSSL_PIC back

In the earlier change, where static libraries get built with position
independent code, OPENSSL_PIC was removed by mistake. This adds it
back.

Reviewed

Add OPENSSL_PIC back

In the earlier change, where static libraries get built with position
independent code, OPENSSL_PIC was removed by mistake. This adds it
back.

Reviewed-by: Tim Hudson <tjh@openssl.org>

show more ...

Remove unused parameters from internal functions

Reviewed-by: Richard Levitte <levitte@openssl.org>

The build files use %disabled, make sure to pass it to them

Reviewed-by: Rich Salz <rsalz@openssl.org>

Partial revert of 1288f26 and fix for no-async

The commit 1288f26 says that it fixes no-async, but instead seems to break
it. Therefore revert that change and fix no-async.

Revi

Partial revert of 1288f26 and fix for no-async

The commit 1288f26 says that it fixes no-async, but instead seems to break
it. Therefore revert that change and fix no-async.

Reviewed-by: Rich Salz <rsalz@openssl.org>

show more ...

Clean away $no_dso since with have $disabled{dso}

Reviewed-by: Rich Salz <rsalz@openssl.org>

Clean away $no_asm since with have $disabled{asm}

Reviewed-by: Rich Salz <rsalz@openssl.org>

Clean away $no_rfc3779 since we don't appear to use it at all

Reviewed-by: Rich Salz <rsalz@openssl.org>

Clean away $zlib since with have $disabled{zlib}

Reviewed-by: Rich Salz <rsalz@openssl.org>

Clean away $no_threads since we have $disabled{threads}

Reviewed-by: Rich Salz <rsalz@openssl.org>

Clean away $config{no_shared} since we have $disabled{shared}

Reviewed-by: Rich Salz <rsalz@openssl.org>

Expose %disables to the perl fragments in build.info files.

This way, we can use them as conditions instead of relying to more or
less obscure aliases in %config or variables directly in

Expose %disables to the perl fragments in build.info files.

This way, we can use them as conditions instead of relying to more or
less obscure aliases in %config or variables directly in Configure.

Reviewed-by: Rich Salz <rsalz@openssl.org>

show more ...

Fix a few typos

Reviewed-by: Rich Salz <rsalz@openssl.org>

Get back "ssl2" as a deprecated disablable option

Preserved for now for those who have scripts with the option
"no-ssl2". We warn that it's deprecated, and ignore it otherwise.

Get back "ssl2" as a deprecated disablable option

Preserved for now for those who have scripts with the option
"no-ssl2". We warn that it's deprecated, and ignore it otherwise.

In response to RT#4330

Reviewed-by: Rich Salz <rsalz@openssl.org>

show more ...

Introduce the "pic" / "no-pic" config option

Building shared libraries or not is not the same as building position
independent code or not. It's true that if you don't build PIC, you

Introduce the "pic" / "no-pic" config option

Building shared libraries or not is not the same as building position
independent code or not. It's true that if you don't build PIC, you
can't build shared libraries. However, you may very well want to
build only static libraries but still want PIC code.

Therefore, we introduce a new configuration option "pic", which is
enabled by default or explicitely with "enable-pic", or disabled with
"no-pic" or "disable-pic". Of course, if "pic" is disabled, "shared"
and "dynamic-engine" are automatically disabled as well.

Reviewed-by: Rich Salz <rsalz@openssl.org>

show more ...

Use $disabled{"dynamic-engine"} internally

We were kinda sorta using a mix of $disabled{"static-engine" and
$disabled{"dynamic-engine"} in Configure. Let's avoid confusion,
choose o

Use $disabled{"dynamic-engine"} internally

We were kinda sorta using a mix of $disabled{"static-engine" and
$disabled{"dynamic-engine"} in Configure. Let's avoid confusion,
choose one of them and stick to it.

Reviewed-by: Rich Salz <rsalz@openssl.org>

show more ...

Build dynamic engines even if configured "no-shared"

Until now, the engines in engines/ were only built as dynamicaly
loadable ones if shared libraries were built.

We not dissoc

Build dynamic engines even if configured "no-shared"

Until now, the engines in engines/ were only built as dynamicaly
loadable ones if shared libraries were built.

We not dissociate the two and can build dynamicaly loadable engines
even if we only build static libcrypto and libssl. This is controlled
with the option (enable|disable|no)-static-engine, defaulting to
no-static-engine.

Note that the engines in crypto/engine/ (dynamic and cryptodev) will
always be built into libcrypto.

Reviewed-by: Rich Salz <rsalz@openssl.org>

show more ...

Always build library object files with shared library cflags

This takes us away from the idea that we know exactly how our static
libraries are going to get used. Instead, we make them

Always build library object files with shared library cflags

This takes us away from the idea that we know exactly how our static
libraries are going to get used. Instead, we make them available to
build shareable things with, be it other shared libraries or DSOs.

On the other hand, we also have greater control of when the shared
library cflags. They will never be used with object files meant got
binaries, such as apps/openssl or test/test*.

With unified, we take this a bit further and prepare for having to
deal with extra cflags specifically to be used with DSOs (dynamic
engines), libraries and binaries (applications).

Reviewed-by: Rich Salz <rsalz@openssl.org>

show more ...

Misc small fixes.

Better libclean that removes the exact files that have been built,
nothing more and nothing less.

Corrected typo

A couple of editorial changes.

Misc small fixes.

Better libclean that removes the exact files that have been built,
nothing more and nothing less.

Corrected typo

A couple of editorial changes.

Reviewed-by: Andy Polyakov <appro@openssl.org>

show more ...

Let Configure figure out the diverse shared library and DSO extensions

Then it can pass around the information where it belongs. The
Makefile templates pick it up along with other targe

Let Configure figure out the diverse shared library and DSO extensions

Then it can pass around the information where it belongs. The
Makefile templates pick it up along with other target data, the
DSO module gets to pick up the information through
crypto/include/internal/dso_conf.h

Reviewed-by: Andy Polyakov <appro@openssl.org>

show more ...

Rethink the uplink / applink story

Adding uplink and applink to some builds was done by "magic", the
configuration for "mingw" only had a macro definition, the Configure
would react

Rethink the uplink / applink story

Adding uplink and applink to some builds was done by "magic", the
configuration for "mingw" only had a macro definition, the Configure
would react to its presence by adding the uplink source files to
cpuid_asm_src, and crypto/build.info inherited dance to get it
compiled, and Makefile.shared made sure applink.o would be
appropriately linked in. That was a lot under the hood.

To replace this, we create a few template configurations in
Configurations/00-base-templates.conf, inherit one of them in the
"mingw" configuration, the rest is just about refering to the
$target{apps_aux_src} / $target{apps_obj} in the right places.

Reviewed-by: Andy Polyakov <appro@openssl.org>

show more ...

Remove all special make depend flags, as well as OPENSSL_DOING_MAKEDEPEND

All those flags existed because we had all the dependencies versioned
in the repository, and wanted to have it b

Remove all special make depend flags, as well as OPENSSL_DOING_MAKEDEPEND

All those flags existed because we had all the dependencies versioned
in the repository, and wanted to have it be consistent, no matter what
the local configuration was. Now that the dependencies are gone from
the versioned Makefile.ins, it makes much more sense to use the exact
same flags as when compiling the object files.

Reviewed-by: Rich Salz <rsalz@openssl.org>

show more ...

Remove outdated DEBUG flags.

Add -DBIO_DEBUG to --strict-warnings.
Remove comments about outdated debugging ifdef guards.
Remove md_rand ifdef guarding an assert; it doesn't seem use

Remove outdated DEBUG flags.

Add -DBIO_DEBUG to --strict-warnings.
Remove comments about outdated debugging ifdef guards.
Remove md_rand ifdef guarding an assert; it doesn't seem used.
Remove the conf guards in conf_api since we use OPENSSL_assert, not assert.
For pkcs12 stuff put OPENSSL_ in front of the macro name.
Merge TLS_DEBUG into SSL_DEBUG.
Various things just turned on/off asserts, mainly for checking non-NULL
arguments, which is now removed: camellia, bn_ctx, crypto/modes.
Remove some old debug code, that basically just printed things to stderr:
DEBUG_PRINT_UNKNOWN_CIPHERSUITES, DEBUG_ZLIB, OPENSSL_RI_DEBUG,
RL_DEBUG, RSA_DEBUG, SCRYPT_DEBUG.
Remove OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL.

Reviewed-by: Richard Levitte <levitte@openssl.org>

show more ...

Remove "experimental" in code and comments, too.

Thanks to Viktor for additional review.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Get conditional priorities right

"or" has lower priority than "||" and works better to have Perl less
confused.

Reviewed-by: Rich Salz <rsalz@openssl.org>