Skip to content
  1. Nov 16, 2018
  2. Nov 15, 2018
  3. Nov 14, 2018
  4. Nov 13, 2018
  5. Nov 12, 2018
  6. Nov 11, 2018
  7. Nov 10, 2018
  8. Nov 09, 2018
  9. Nov 08, 2018
    • Richard Levitte's avatar
      Have install targets depend on more precise build targets · e8d01a60
      Richard Levitte authored
      
      
      We only had the main 'install' target depend on 'all'.  This changes
      the dependencies so targets like install_dev, install_runtime_libs,
      install_engines and install_programs depend on build targets that are
      correspond to them more specifically.  This increases the parallel
      possibilities.
      
      Fixes #7466
      
      Reviewed-by: default avatarPaul Dale <paul.dale@oracle.com>
      (Merged from https://github.com/openssl/openssl/pull/7583)
      e8d01a60
    • Richard Levitte's avatar
      Allow parallel install · c1123d9f
      Richard Levitte authored
      
      
      When trying 'make -j{n} install', you may occasionally run into
      trouble because to sub-targets (install_dev and install_runtime) try
      to install the same shared libraries.  That makes parallel install
      difficult.
      
      This is solved by dividing install_runtime into two parts, one for
      libraries and one for programs, and have install_dev depend on
      install_runtime_libs instead of installing the shared runtime
      libraries itself.
      
      Fixes #7466
      
      Reviewed-by: default avatarPaul Dale <paul.dale@oracle.com>
      (Merged from https://github.com/openssl/openssl/pull/7583)
      c1123d9f
    • Richard Levitte's avatar
      VMS build: don't add a comma before 'extradefines' · 9c5f2ea6
      Richard Levitte authored
      
      
      The variable extradefines will have the starting comma, if needed.
      
      Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
      (Merged from https://github.com/openssl/openssl/pull/7591)
      9c5f2ea6
    • Dr. Matthias St. Pierre's avatar
      rand_unix.c: open random devices on first use only · 8cfc1971
      Dr. Matthias St. Pierre authored
      Commit c7504aeb
      
       (pr #6432) fixed a regression for applications in
      chroot environments, which compensated the fact that the new OpenSSL CSPRNG
      (based on the NIST DRBG) now reseeds periodically, which the previous
      one didn't. Now the reseeding could fail in the chroot environment if the
      DEVRANDOM devices were not present anymore and no other entropy source
      (e.g. getrandom()) was available.
      
      The solution was to keep the file handles for the DEVRANDOM devices open
      by default. In fact, the fix did more than this, it opened the DEVRANDOM
      devices early and unconditionally in rand_pool_init(), which had the
      unwanted side effect that the devices were opened (and kept open) even
      in cases when they were not used at all, for example when the getrandom()
      system call was available. Due  to a bug (issue #7419) this even happened
      when the feature was disabled by the application.
      
      This commit removes the unconditional opening of all DEVRANDOM devices.
      They will now only be opened (and kept open) on first use. In particular,
      if getrandom() is available, the handles will not be opened unnecessarily.
      
      This change does not introduce a regression for applications compiled for
      libcrypto 1.1.0, because the SSLEAY RNG also seeds on first use. So in the
      above constellation the CSPRNG will only be properly seeded if it is happens
      before the forking and chrooting.
      
      Fixes #7419
      
      Reviewed-by: default avatarPaul Dale <paul.dale@oracle.com>
      (Merged from https://github.com/openssl/openssl/pull/7437)
      8cfc1971