- Feb 15, 2016
-
-
Richard Levitte authored
Reviewed-by: Stephen Henson <steve@openssl.org>
-
Richard Levitte authored
Reported in GH#684 Reviewed-by: Matt Caswell <matt@openssl.org>
-
Rich Salz authored
Combination of heartbeats and unit-tests. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Richard Levitte authored
That variable isn't for us, it's for any user, distributor or package builder that wants one after the section number. "ssl" seems to be popular... Reviewed-by: Matt Caswell <matt@openssl.org>
-
Ben Laurie authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Ben Laurie authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
- Feb 14, 2016
-
-
Rich Salz authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Richard Levitte authored
mk1mf was wondering about the options no-heartbeats and no-crypto-mdebug-backtrace, so we add option hooks them. They only need to become OPENSSL_NO_ macros in opensslconf.h, so nothing additional needs to be done. Also, add "-DOPENSSL_PIC" when shared libraries are produced. Reviewed-by: Andy Polyakov <appro@openssl.org>
-
Rich Salz authored
Reviewed-by: Andy Polyakov <appro@openssl.org>
-
Viktor Dukhovni authored
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Andy Polyakov authored
RT#4305 Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Andy Polyakov authored
Thanks to: David Benjamin of Chromuim. RT#4305 Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
Reviewed-by: Andy Polyakov <appro@openssl.org>
-
Richard Levitte authored
Three header files from crypto/include/internal were used by util/mkdef.pl. This should never be needed. Some test program used these, which made it a valid reason at the time to make the some internal symbols public in the shared libraries, but that's not the case any more. However, to be able to link libssl.so, some symbols found in include/internal headers still need to be made public. Reviewed-by: Andy Polyakov <appro@openssl.org>
-
Richard Levitte authored
On some platforms, the implementation is such that a signed char triggers a warning when used with is*() functions. On others, the behavior is outright buggy when presented with a char that happens to get promoted to a negative integer. The safest thing is to cast the char that's used to an unsigned char. Reviewed-by: Andy Polyakov <appro@openssl.org>
-
Richard Levitte authored
To force it on anyone using --strict-warnings was the wrong move, as this is an option best left to those who know what they're doing. Use with care! Reviewed-by: Andy Polyakov <appro@openssl.org>
-
Richard Levitte authored
DllMain is a symbol that needs to be global, but no one needs to know. However, some compilers will warn if there isn't a declaration before the function is defined. Just add a declaration before the function definition. Reviewed-by: Kurt Roeckx <kurt@openssl.org>
-
Ben Laurie authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Richard Levitte authored
Most of the times, it seems that socklen_t is unsigned. Unfortunately, this isn't always the case, and it doesn't compare with a size_t without warning. A cast resolves the issue. Reviewed-by: Kurt Roeckx <kurt@openssl.org>
-
Richard Levitte authored
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
-
Richard Levitte authored
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
-
Richard Levitte authored
While IO::Socket::IP is a core perl module (since Perl v5.19.8, or so says corelist), IO::Socket::INET6 has been around longer, is said to be more widely deployed, and most importantly, seems to have less bugs hitting us. We therefore prefer IO::Socket::INET6, and only fall back to IO::Socket::IP if the former doesn't exist on the local system. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
-
- Feb 13, 2016
-
-
Andy Polyakov authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Rainer Jung authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Viktor Szakats authored
Signed-off-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Richard Levitte authored
It seems that on some platforms, the perlasm scripts call the C compiler for certain checks. These scripts need the environment variable CC to have the C compiler command. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Rich Salz authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Richard Levitte authored
Test programs are now only built when running "make test" or "make build_tests". Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
unix-Makefile.tmpl was lagging behind on this point. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Richard Levitte authored
Also remove a spurious extra $(LDFLAGS) Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Viktor Szakats authored
Silencing this: crypto/async/arch/async_win.c: In function 'async_fibre_init_dispatcher': crypto/async/arch/async_win.c:112:12: warning: unused variable 'dispatcher' [-Wunused-variable] LPVOID dispatcher; ^ Signed-off-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Richard Levitte authored
The installation of man files and html files alike didn't properly check that file names with different casing could be the same on case-insensitive file systems. This change fixes that. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Benjamin Kaduk authored
The ocsp utility is something of a jack-of-all-trades; most anything related to the OCSP can be done with it. In particular, the manual page calls out that it can be used as either a client or a server of the protocol, but there are also a few things that it can do which do not quite fit into either role, such as encoding an OCSP request but not sending it, printing out a text form of an OCSP response (or request) from a file akin to the asn1parse utility, or performing a lookup into the server-side revocation database without actually sending a request or response. All three of these are documented as examples in the manual page, but the documentation prior to this commit is somewhat misleading, in that when printing the text form of an OCSP response, the code also attempts to verify the response, displaying an error message and returning failure if the response does not verify. (It is possible that the response would be able to verify with the given example, since the default trust roots are used for that verification, but OCSP responses frequently have alternate certification authorities that would require passing -CAfile or -CApath for verification.) Tidy up the documentation by passing -noverify for the case of converting from binary to textual representation, and also change a few instances of -respin to -reqin as appropriate, note that the -url option provides the same functionality as the -host and -path options, clarify that the example that saves an OCSP response to a file will also perform verification on that response, and fix a couple grammar nits in the manual page. Also remove an always-true conditional for rdb != NULL -- there are no codepaths in which it could be initialized at the time of this check. Signed-off-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Kurt Roeckx <kurt@openssl.org>
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Dmitry-Me authored
Signed-off-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Kurt Roeckx <kurt@openssl.org>
-
Dr. Stephen Henson authored
PR#4303 Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
-
Richard Levitte authored
The previous method had some unfortunate consequences with --strict-warnings. To counteract, revert part of the previous change and move down the block of code that adds the user cflags and defines. Reviewed-by: Rich Salz <rsalz@openssl.org>
-