#
7e09c5ea |
| 29-Sep-2018 |
Richard Levitte |
Small cleanup (util/mkdef.pl, crypto/bio/bss_log.c, include/openssl/ocsp.h) BIO_s_log() is declared for everyone, so should return NULL when not actually implemented. Also, it had expli
Small cleanup (util/mkdef.pl, crypto/bio/bss_log.c, include/openssl/ocsp.h) BIO_s_log() is declared for everyone, so should return NULL when not actually implemented. Also, it had explicit platform limitations in util/mkdef.pl that didn't correspond to what was actually in code. While at it, a few other hard coded things that have lost their relevance were removed. include/openssl/ocsp.h had a few duplicate declarations. Reviewed-by: Paul Yang <yang.yang@baishancloud.com> (Merged from https://github.com/openssl/openssl/pull/7331)
show more ...
|
#
d3c72e39 |
| 12-Sep-2018 |
Richard Levitte |
util/mkdef.pl, util/add-depends.pl: don't lowercase file names It turns out to be detrimental on some file systems that may or may not be case sensitive (such as NTFS, which has a case s
util/mkdef.pl, util/add-depends.pl: don't lowercase file names It turns out to be detrimental on some file systems that may or may not be case sensitive (such as NTFS, which has a case sensitive mode). Fixes #7172 Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7172)
show more ...
|
Revision tags: OpenSSL_1_1_1, OpenSSL_1_1_1-pre9, OpenSSL_1_0_2p, OpenSSL_1_1_0i, OpenSSL_1_1_1-pre8 |
|
#
d3273ef6 |
| 11-Jun-2018 |
Andy Polyakov |
Configurations/10-main.conf: replace -bexpall with explicit list on AIX. [omit even -b:SRE, as it's implied by -G flag.] Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from
Configurations/10-main.conf: replace -bexpall with explicit list on AIX. [omit even -b:SRE, as it's implied by -G flag.] Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6453)
show more ...
|
#
2285c0f6 |
| 11-Jun-2018 |
Richard Levitte |
VMS: have mkdef.pl parse lettered versions properly Fixes #6449 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6450)
VMS: have mkdef.pl parse lettered versions properly Fixes #6449 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6450) (cherry picked from commit 9a236d5a7158d38b933656cacc31dfd4ff4fcc08)
show more ...
|
Revision tags: OpenSSL_1_1_1-pre7, OpenSSL_1_1_1-pre6, OpenSSL_1_1_1-pre5, OpenSSL_1_1_1-pre4 |
|
#
d8f031e8 |
| 30-Mar-2018 |
Matt Caswell |
Move the loading of the ssl_conf module to libcrypto The GOST engine needs to be loaded before we initialise libssl. Otherwise the GOST ciphersuites are not enabled. However the SSL conf
Move the loading of the ssl_conf module to libcrypto The GOST engine needs to be loaded before we initialise libssl. Otherwise the GOST ciphersuites are not enabled. However the SSL conf module must be loaded before we initialise libcrypto. Otherwise we will fail to read the SSL config from a config file properly. Another problem is that an application may make use of both libcrypto and libssl. If it performs libcrypto stuff first and OPENSSL_init_crypto() is called and loads a config file it will fail if that config file has any libssl stuff in it. This commit separates out the loading of the SSL conf module from the interpretation of its contents. The loading piece doesn't know anything about SSL so this can be moved to libcrypto. The interpretation of what it means remains in libssl. This means we can load the SSL conf data before libssl is there and interpret it when it later becomes available. Fixes #5809 Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5818)
show more ...
|
Revision tags: OpenSSL_1_0_2o, OpenSSL_1_1_0h, OpenSSL_1_1_1-pre3 |
|
#
6decf943 |
| 05-Mar-2018 |
Dr. Matthias St. Pierre |
Publish the RAND_DRBG API Fixes #4403 This commit moves the internal header file "internal/rand.h" to <openssl/rand_drbg.h>, making the RAND_DRBG API public. The RAND_POOL A
Publish the RAND_DRBG API Fixes #4403 This commit moves the internal header file "internal/rand.h" to <openssl/rand_drbg.h>, making the RAND_DRBG API public. The RAND_POOL API remains private, its function prototypes were moved to "internal/rand_int.h" and converted to lowercase. Documentation for the new API is work in progress on GitHub #5461. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5462)
show more ...
|
Revision tags: OpenSSL_1_1_1-pre2, OpenSSL_1_1_1-pre1 |
|
#
b53fdad0 |
| 08-Feb-2018 |
Richard Levitte |
util/mkdef.pl: use better array in search of 'DEPRECATEDIN_' %disabled_algorithms isn't necessarily initialised with the "algos" 'DEPRECATEDIN_1_1_0' etc. However, we know that @known_a
util/mkdef.pl: use better array in search of 'DEPRECATEDIN_' %disabled_algorithms isn't necessarily initialised with the "algos" 'DEPRECATEDIN_1_1_0' etc. However, we know that @known_algorithms has them all, so use that to find them instead. Fixes #5157 (where this was reported) Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5282)
show more ...
|
#
54f3b7d2 |
| 24-Jan-2018 |
Richard Levitte |
util/mkdef.pl: Trust configdata.pm This script kept its own database of disablable algorithms, which is a maintenance problem, as it's not always perfectly in sync with what Configur
util/mkdef.pl: Trust configdata.pm This script kept its own database of disablable algorithms, which is a maintenance problem, as it's not always perfectly in sync with what Configure does. However, we do have all the data in configdata.pm, produced by Configure, so let's use that instead. Also, make sure to parse the *err.h header files, as they contain function declarations that might not be present elsewhere. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5157)
show more ...
|
#
3c7d0945 |
| 09-Jan-2018 |
Richard Levitte |
Update copyright years on all files merged since Jan 1st 2018 Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5038)
|
#
ab307dc6 |
| 08-Jan-2018 |
David von Oheimb |
Various small build improvements on mkdef.pl, progs.pl, crypto/init.c, crypto/mem.c Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
Various small build improvements on mkdef.pl, progs.pl, crypto/init.c, crypto/mem.c Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4994)
show more ...
|
Revision tags: OpenSSL_1_0_2n |
|
#
81183680 |
| 04-Dec-2017 |
Richard Levitte |
Build file templates: Replace the use of Makefile.shared Because this also includes handling all sorts of non-object files when linking a program, shared library or DSO, this also includ
Build file templates: Replace the use of Makefile.shared Because this also includes handling all sorts of non-object files when linking a program, shared library or DSO, this also includes allowing general recognition of files such as .res files (compiled from .rc files), or .def / .map / .opt files (for export and possibly versioning of public symbols only). This does mean that there's a tangible change for all build file templates: they must now recognise and handle the `.o` extension, which is used internally to recognise object files internally. This extension was removed by common.tmpl before this change, but would mean that the platform specific templates wouldn't know if "foo.map" was originally "foo.map.o" (i.e. an object file in its own right) or "foo.map" (an export definition file that should be treated as such, not as an object file). For the sake of simplifying things, we also modify util/mkdef.pl to produce .def (Windows) and .opt (VMS) files that don't need additional hackery. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4840)
show more ...
|
#
822b5e26 |
| 21-Nov-2017 |
Viktor Dukhovni |
Make possible variant SONAMEs and symbol versions This small change in the Unix template and shared library build scripts enables building "variant" shared libraries. A "variant" sh
Make possible variant SONAMEs and symbol versions This small change in the Unix template and shared library build scripts enables building "variant" shared libraries. A "variant" shared library has a non-default SONAME, and non default symbol versions. This makes it possible to build (say) an OpenSSL 1.1.0 library that can coexist without conflict in the same process address space as the system's default OpenSSL library which may be OpenSSL 1.0.2. Such "variant" shared libraries make it possible to link applications against a custom OpenSSL library installed in /opt/openssl/1.1 or similar location, and not risk conflict with an indirectly loaded OpenSSL runtime that is required by some other dependency. Variant shared libraries have been fully tested under Linux, and build successfully on MacOS/X producing variant DYLD names. MacOS/X Darwin has no symbol versioning, but has a non-flat library namespace. Variant libraries may therefore support multiple OpenSSL libraries in the same address space also with MacOS/X, despite lack of symbol versions, but this has not been verified. Variant shared libraries are optional and off by default. Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
#
46f4e1be |
| 12-Nov-2017 |
Josh Soref |
Many spelling fixes/typo's corrected. Around 138 distinct errors found and fixed; thanks! Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Tim Hudson <tjh@openssl.org>
Many spelling fixes/typo's corrected. Around 138 distinct errors found and fixed; thanks! Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3459)
show more ...
|
Revision tags: OpenSSL_1_0_2m, OpenSSL_1_1_0g |
|
#
a0c3e4fa |
| 25-Oct-2017 |
Jack Lloyd |
SM3: Add SM3 hash function SM3 is a secure hash function which is part of the Chinese "Commercial Cryptography" suite of algorithms which use is required for certain commercial appli
SM3: Add SM3 hash function SM3 is a secure hash function which is part of the Chinese "Commercial Cryptography" suite of algorithms which use is required for certain commercial applications in China. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4616)
show more ...
|
#
f19a5ff9 |
| 31-Oct-2017 |
Ronald Tse |
SM4: Add SM4 block cipher to EVP Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull
SM4: Add SM4 block cipher to EVP Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4552)
show more ...
|
#
e66b62b8 |
| 31-Aug-2017 |
Richard Levitte |
util/mkdef.pl: handle line terminators correctly When parsing the header files, mkdef.pl didn't clear the line terminator properly. In most cases, this didn't matter, but there were
util/mkdef.pl: handle line terminators correctly When parsing the header files, mkdef.pl didn't clear the line terminator properly. In most cases, this didn't matter, but there were moments when this caused parsing errors (such as CRLFs in certain cases). Fixes #4267 Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4304)
show more ...
|
#
a303e9a6 |
| 16-Aug-2017 |
FdaSilvaYY |
fix some typos Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4172)
|
#
8d2214c0 |
| 01-Aug-2017 |
Richard Levitte |
File::Glob option ':bsd_glob' doesn't work everywhere, replace w/ a wrapper Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4069)
|
#
102c9e12 |
| 28-Jul-2017 |
Richard Levitte |
Perl: Use File::Glob::bsd_glob rather than File::Glob::glob File::Glob::glob is deprecated, it's use generates this kind of message: File::Glob::glob() will disappear in per
Perl: Use File::Glob::bsd_glob rather than File::Glob::glob File::Glob::glob is deprecated, it's use generates this kind of message: File::Glob::glob() will disappear in perl 5.30. Use File::Glob::bsd_glob() instead. at ../master/Configure line 277. So instead, use a construction that makes the caller glob() use File::Glob::bsd_glob(). Note that we're still excluding VMS, as it's directory specs use '[' and ']', which have a different meaning with bsd_glob and would need some extra quoting. This might change, but later. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4040)
show more ...
|
#
12fb8c3d |
| 27-Jun-2017 |
Rich Salz |
Add DRBG random method Ported from the last FIPS release, with DUAL_EC and SHA1 and the self-tests removed. Since only AES-CTR is supported, other code simplifications were done. R
Add DRBG random method Ported from the last FIPS release, with DUAL_EC and SHA1 and the self-tests removed. Since only AES-CTR is supported, other code simplifications were done. Removed the "entropy blocklen" concept. Moved internal functions to new include/internal/rand.h. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/3789)
show more ...
|
#
48feaceb |
| 01-Jul-2017 |
Richard Levitte |
Remove the possibility to disable the UI module entirely Instead, make it possible to disable the console reader that's part of the UI module. This makes it possible to use the UI API a
Remove the possibility to disable the UI module entirely Instead, make it possible to disable the console reader that's part of the UI module. This makes it possible to use the UI API and other UI methods in environments where the console reader isn't useful. To disable the console reader, configure with 'no-ui-console' / 'disable-ui-console'. 'no-ui' / 'disable-ui' is now an alias for 'no-ui-console' / 'disable-ui-console'. Fixes #3806 Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3820)
show more ...
|
#
0e288c2a |
| 29-Jun-2017 |
Richard Levitte |
util/mkdef.pl: Make symbol version processing Linux only For Windows, we care which way it is, the resulting file is just a pile of symbols. For VMS, we really need to care about the nu
util/mkdef.pl: Make symbol version processing Linux only For Windows, we care which way it is, the resulting file is just a pile of symbols. For VMS, we really need to care about the numeric ordering, and getting the symbols sorted by symbol version too didn't agree with that. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3804)
show more ...
|
#
9c06cf04 |
| 29-Jun-2017 |
Richard Levitte |
util/mkdef.pl: Add UNIX as a platform This allows us to guard Unix specific functions with #ifndef / #ifdef OPENSSL_SYS_UNIX Reviewed-by: Rich Salz <rsalz@openssl.org> (Merg
util/mkdef.pl: Add UNIX as a platform This allows us to guard Unix specific functions with #ifndef / #ifdef OPENSSL_SYS_UNIX Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3804)
show more ...
|
#
52df25cf |
| 07-Jun-2017 |
Rich Salz |
make error tables const and separate header file Run perltidy on util/mkerr Change some mkerr flags, write some doc comments Make generated tables "const" when genearting lib-interna
make error tables const and separate header file Run perltidy on util/mkerr Change some mkerr flags, write some doc comments Make generated tables "const" when genearting lib-internal ones. Add "state" file for mkerr Renerate error tables and headers Rationalize declaration of ERR_load_XXX_strings Fix out-of-tree build Add -static; sort flags/vars for options. Also tweak code output Moved engines/afalg to engines (from master) Use -static flag Standard engine #include's of errors Don't linewrap err string tables unless necessary Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3392)
show more ...
|
Revision tags: OpenSSL_1_0_2l, OpenSSL_1_1_0f, OpenSSL-fips-2_0_16 |
|
#
f120fa1e |
| 06-Apr-2017 |
Richard Levitte |
Fix util/mkdef.pl The deprecation checking code here didn't work the same way as in Configure, and used $config{options} to find an --api= option that was never there. This is repla
Fix util/mkdef.pl The deprecation checking code here didn't work the same way as in Configure, and used $config{options} to find an --api= option that was never there. This is replaced with checking $config{api}, which is the controlling variable for deprecation. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3126)
show more ...
|