- Feb 12, 2016
-
-
Emilia Kasper authored
Change the default keysize to 2048 bits, and the minimum to 512 bits. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
In the previous commit to change all chomp to a more flexible regexp, Configure was forgotten. This completes the change. Reviewed-by: Andy Polyakov <appro@openssl.org>
-
Matt Caswell authored
The recent removal of static ECDH broke the enable-ssl-trace compilation. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
apps/progs.pl counted on the caller to provide the exact command files. The unified build doesn't have that knowledge, and the easier and more flexible thing to do is to feed it all the apps/*.c files and let it figure out the command names by looking inside (looking for /int ([a-z0-9][a-z0-9_]*)_main\(int argc,/). Also, add it to the generate command, since it's a versioned file. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
- Feb 11, 2016
-
-
Dr. Stephen Henson authored
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
Once upon a time, there was chop, which somply chopped off the last character of $_ or a given variable, and it was used to take off the EOL character (\n) of strings. ... but then, you had to check for the presence of such character. So came chomp, the better chop which checks for \n before chopping it off. And this worked well, as long as Perl made internally sure that all EOLs were converted to \n. These days, though, there seems to be a mixture of perls, so lines from files in the "wrong" environment might have \r\n as EOL, or just \r (Mac OS, unless I'm misinformed). So it's time we went for the more generic variant and use s|\R$||, the better chomp which recognises all kinds of known EOLs and chops them off. A few chops were left alone, as they are use as surgical tools to remove one last slash or one last comma. NOTE: \R came with perl 5.10.0. It means that from now on, our scripts will fail with any older version. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
-
Dr. Stephen Henson authored
Remove support for static ECDH ciphersuites. They require ECDH keys in certificates and don't support forward secrecy. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
-
Andy Polyakov authored
RT#3885 Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Andy Polyakov authored
Trouble is that LINK variable assignment in make-file interferes with LINK environment variable, which can be used to modify Microsoft's LINK.EXE behaviour. RT#4289 Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Viktor Dukhovni authored
Commit 7823d792 added DEFINE_LHASH_OF to a C source file. DEFINE_LHASH_OF() and DEFINE_STACK_OF() must be used only in header files to avoid clang warnings for unused static-inline functions. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Rich Salz authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Rich Salz authored
To enable heartbeats for DTLS, configure with enable-heartbeats. Heartbeats for TLS have been completely removed. This addresses RT 3647 Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Rich Salz authored
Add utility macros REF_ASSERT_NOT and REF_PRINT_COUNT This is also RT 4181 Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Toshikuni Fukaya authored
Updated for 1.1 by Rich Salz Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Rich Salz authored
Valgrind complains about using unitialized memory. So call OPENSSL_zalloc, not malloc. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Richard Levitte authored
With this, Cygwin and Mingw builds stand a much better chance to be able to build outside of the source tree with the unified build. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
On Windows POSIX layers, two files are produced for a shared library, there's {shlibname}.dll and there's the import library {libname}.dll.a On some/most Unix platforms, a {shlibname}.{sover}.so and a symlink {shlibname}.so are produced. For each of them, unix-Makefile.tmpl was entirely consistent on which to have as a target when building a shared library or which to use as dependency. This change clears this up and makes it consistent, we use the simplest form possible, {lib}.dll.a on Windows POSIX layers and {shlibname}.so on Unix platforms. No exception. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Dr. Stephen Henson authored
PR#4246 and PR#4266 Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Dr Stephen Henson authored
Some keys are attached to the full RSA CSP which doesn't support SHA2 algorithms: uses the AES CSP if present. Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
If someone runs a mixed unixmake / unified environment (the unified build tree would obviously be out of the source tree), the unified build will pick up on the unixmake crypto/buildinf.h because of assumptions made around this sort of declaration (found in crypto/build.info): DEPENDS[cversion.o]=buildinf.h The assumption was that if such a header could be found in the source tree, that was the one to depend on, otherwise it would assume it should be in the build tree. This change makes sure that sort of mix-up won't happen again. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
It's not necessary for a pristine source, and a developer that makes changes usually knows what to do. Also, there was this mechanism that would do a "make depend" automatically which hasn't been used for so many years. Removed as well. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Viktor Dukhovni authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Rich Salz authored
clean up and apply patches from RT-2275 Signed-off-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Rich Salz authored
Noticed by Claus Assmann <ca+ssl-dev@esmtp.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Rich Salz authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Rich Salz authored
Make OPENSSL_INIT_SETTINGS an opaque structure. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Richard Levitte authored
Some files in crypto/bn depend on internal/bn_conf.h, and so does test/bntest. Therefore, we add another inclusion directory. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
-
Richard Levitte authored
As noted already, some platforms don't fill in ai_protocol as expected. To circumvent that, we have BIO_ADDRINFO_protocol() to compute a sensible answer in that case. Reviewed-by: Kurt Roeckx <kurt@openssl.org>
-
Matt Caswell authored
Error codes are printed in hex, and previous OpenSSL versions expected the error codes to be provided to errstr in hex. In 1.1.0, for some reason, it was expecting them to be decimal. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-