- Feb 13, 2016
-
-
Richard Levitte authored
unix-Makefile.tmpl was lagging behind on this point. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Richard Levitte authored
Also remove a spurious extra $(LDFLAGS) Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Viktor Szakats authored
Silencing this: crypto/async/arch/async_win.c: In function 'async_fibre_init_dispatcher': crypto/async/arch/async_win.c:112:12: warning: unused variable 'dispatcher' [-Wunused-variable] LPVOID dispatcher; ^ Signed-off-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Richard Levitte authored
The installation of man files and html files alike didn't properly check that file names with different casing could be the same on case-insensitive file systems. This change fixes that. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Benjamin Kaduk authored
The ocsp utility is something of a jack-of-all-trades; most anything related to the OCSP can be done with it. In particular, the manual page calls out that it can be used as either a client or a server of the protocol, but there are also a few things that it can do which do not quite fit into either role, such as encoding an OCSP request but not sending it, printing out a text form of an OCSP response (or request) from a file akin to the asn1parse utility, or performing a lookup into the server-side revocation database without actually sending a request or response. All three of these are documented as examples in the manual page, but the documentation prior to this commit is somewhat misleading, in that when printing the text form of an OCSP response, the code also attempts to verify the response, displaying an error message and returning failure if the response does not verify. (It is possible that the response would be able to verify with the given example, since the default trust roots are used for that verification, but OCSP responses frequently have alternate certification authorities that would require passing -CAfile or -CApath for verification.) Tidy up the documentation by passing -noverify for the case of converting from binary to textual representation, and also change a few instances of -respin to -reqin as appropriate, note that the -url option provides the same functionality as the -host and -path options, clarify that the example that saves an OCSP response to a file will also perform verification on that response, and fix a couple grammar nits in the manual page. Also remove an always-true conditional for rdb != NULL -- there are no codepaths in which it could be initialized at the time of this check. Signed-off-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Kurt Roeckx <kurt@openssl.org>
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Dmitry-Me authored
Signed-off-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Kurt Roeckx <kurt@openssl.org>
-
Dr. Stephen Henson authored
PR#4303 Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
-
Richard Levitte authored
The previous method had some unfortunate consequences with --strict-warnings. To counteract, revert part of the previous change and move down the block of code that adds the user cflags and defines. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
In the early stages of creating the new test framework, 00-test_checkexes was a temporary check to ensure we had a recipe for every test program in test/. By now, this test has fulfilled its purpose, and we've learned how to make recipes properly. It's time for this check to go away. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
Otherwise, there will be an unbalance. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Andy Polyakov authored
RT#4230 Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Rob Percival authored
Removes SSIZE_MAX definition from bss_bio.c and changes that file to use OSSL_SSIZE_MAX. No need to account for OPENSSL_SYS_VXWORKS, since that never actually gets defined anywhere. It must be a historical artifact. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Ben Laurie <ben@openssl.org>
-
Viktor Dukhovni authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
-
- Feb 12, 2016
-
-
Richard Levitte authored
We really needs a better util/shlib_wrap.sh, but will have to do for now. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
There was a catch 22, where 'make depend' directly after configuring in an otherwise pristine build tree would fail because buildinf.h didn't exist yet. This change has the depend building targets depend on the same other targets as the object file building targets, so the generation of buildinf.h and similar files would kick in during 'make depend'. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Viktor Dukhovni authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Andy Polyakov authored
RT#4210 Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Andy Polyakov authored
It's never problem if CRYPTO_ctr128_encrypt is called from EVP, because buffer in question is always aligned within EVP_CIPHER_CTX structure. RT#4218 Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Richard Levitte authored
INSTALL_PREFIX is a confusing name, as there's also --prefix. Instead, tag along with the rest of the open source world and adopt the Makefile variable DESTDIR to designate the desired staging directory. The Configure option --install_prefix is removed, the only way to designate a staging directory is with the Makefile variable (this is also implemented for VMS' descrip.mms et al). Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Andy Polyakov authored
Not all git versions understand **/Makefile, but all recognize that filename without any path applies to all directories. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Andy Polyakov authored
Contemporary Xcode gcc is a front-end to clang, so that explicit gcc build is actually redundant on MacOS X. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Rich Salz authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Andy Polyakov authored
RT#4237 Reviewed-by: Matt Caswell <matt@openssl.org>
-
Richard Levitte authored
It's nearly impossible to determine what goes wrong in the tests running there without this. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
If the environment variable HARNESS_ACTIVE isn't defined or HARNESS_VERBOSE is defined, it's probable that lots of output is desired. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
The logging that was performed in OpenSSL::Test was initially set up as a means not to let messages that test programs write to STDERR get displayed when a test isn't running in verbose mode. However, the way it was implemented, it meant that those messages were never displayed, and you had to look in a test log. This also meant that output to STDERR and output to STDOUT got broken apart, which isn't optimal. So, we remove the whole test log file implementation, and instead, we're sending STDERR to the null device unless one of these conditions apply: - the test recipe already redirects stderr. Just let it. - the environment variable HARNESS_ACTIVE is undefined, meaning the recipe is run directly as a perl script instead of being harnessed by Test::Harness - the environment variable HARNESS_VERBOSE is set. Getting a full log of the tests now becomes as simple as this: HARNESS_VERBOSE=yes make test 2>&1 | tee tests.log Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
The actual bug with current getnameinfo() on VMS is not that it puts gibberish in the service buffer, but that it doesn't touch it at all. The gibberish we dealt with before was simply stuff that happened to be on the stack. It's better to initialise the service buffer properly (with the empty string) and check if it's still an empty string after the getnameinfo() call, and fill it with the direct numerical translation of the raw port if that's the case. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
On VMS, periods in directory names weren't allowed. To counter that, unpackers such as VMSTAR convert periods in directory names to underscores. We need to count that in and add an alternative library path for Text::Template. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Emilia Kasper authored
Change the default keysize to 2048 bits, and the minimum to 512 bits. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
In the previous commit to change all chomp to a more flexible regexp, Configure was forgotten. This completes the change. Reviewed-by: Andy Polyakov <appro@openssl.org>
-
Matt Caswell authored
The recent removal of static ECDH broke the enable-ssl-trace compilation. Reviewed-by: Richard Levitte <levitte@openssl.org>
-