kmx git

Commit	Date	Message
40974784	2016-05-02T22:46:25	add constant_time_locl.h
bda62f7f	2016-04-11T12:59:23	add cmake build options - add cmake build options as configure provides * -DENABLE_ASM (default ON) * -DENABLE_EXTRATESTS (default OFF) * -DENABLE_NC (default OFF) * -DOPENSSLDIR (default ${CMAKE_INSTALL_PREFIX}/etc/ssl) - add biotest and pidwraptest if ENABLE_EXTRATESTS is ON - add compiler flag `-fno-common` if CMAKE_SYSTEM_NAME is Darwin to prevent link error Undefined symbols "_OPENSSL_ia32cap_P"
752ad82d	2016-04-09T12:08:26	Land #188, add ASM support for cmake builds
2510a5e6	2016-04-07T15:08:12	modify cmake to build nc - modify structure of CMakeLists.txt under apps/ * move apps/CMakeLists.txt to apps/openssl/ since this is for openssl build * create new apps/nc/CMakeLists.txt for nc build * modify apps/CMakeLists.txt just add_subdirectory() - add checking and compile of arc4random_uniform() - add installing man files, openssl.1 and nc.1
e1f8a1e1	2016-04-08T15:09:07	modify cmake to build ASM - add functionality compiling ASM with cmake - to enable ASM, `cmake -DENABLE_ASM=on ..`
3207606f	2016-04-04T11:28:46	fix cmake on HP-UX - CMakeLists.txt * add OS specific compiler flags and library * add checking size of time_t * add checking memmem() - tests/CMakeLists.txt * add if(HAVE_MEMMEM) for explicit_bzero * add checking SMALL_TIME_T for rfc5280time - crypto/CMakeLists.txt * add getentropy_hpux.c - tls/CMakeLists.txt * fix checking strsep
3af1387b	2015-12-11T09:22:12	Revert back to GetStdHandle, since it works fine with pipes. Also include the formerly-missing NULL check, since this can fail in two ways.
bd8fe586	2015-12-11T09:21:43	include stdint.h uint*_t
5727d327	2015-12-11T16:29:50	Replace STDIN_FILENO with _fileno Replace STDIN_FILENO with _fileno as STDIN_FILENO results in compile errors with Visual Studio 2015 (using CMake).
905e2a3b	2015-12-06T23:32:18	refresh nc(1) support
afcc027d	2015-12-05T22:14:42	only set the console mode if stdin is a console (not a pipe) This allows piping commands and running from a cygwin console.
75ef5bb1	2015-12-05T13:58:37	wrap gets on Windows, replacing '\r\n' with '\n'
9574b6c8	2015-11-22T17:23:21	do not link libcompatnoopt if it is unneeded/built from andy-js on github, fix #158
9be90557	2015-10-21T22:19:09	remove a_gen/utctm.c for cmake
3f79a49d	2015-10-21T22:17:13	check bounds before casting (long long) to time_t
959241fe	2015-10-21T21:39:59	remove a_gen/utctm.c
0197a589	2015-10-18T09:28:10	Windows compatibility fixes VS2013 has trouble with relative include paths for apps/openssl, so move certhash_win/apps_win.c back to apps/openssl. gmtime_r on mingw64 fails with negative time_t, override gmtime_s fails all of the time unit tests, override SHUT_RD/WR are defined in newer mingw64 headers, check before overriding
a45e38e9	2015-10-17T22:57:59	disable some tests with 32-bit time_t systems Also disable use of _mkgmtime, it does not produce correct results.
dadeeb0a	2015-10-15T14:32:16	check for timegm in cmake builds
cac089b5	2015-10-15T14:32:02	make internal functions static
c0243664	2015-10-15T14:26:24	use timegm from musl
4298ac93	2015-10-14T23:53:52	include timegm fallback
448645d4	2015-10-11T16:46:55	Use bundled headers instead of installed headers when building The build system incorrectly set include directives in AM_CFLAGS which causes them to be placed after the configured CPPFLAGS. Thus, if a user or packaging system sets CPPFLAGS to a location that has libressl or openssl headers installed, they will be used instead of the bundled versions. This corrects that issue by setting up the variables correctly. https://github.com/libressl-portable/portable/issues/150 Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
047926e0	2015-10-06T06:18:15	updates for ASN.1 time handling
4ce5342e	2015-09-17T05:39:20	remove SHA-0 from cmake builds
f05cb999	2015-09-17T05:25:22	final bit of SHA-0 removal
9c55d0b8	2015-09-17T05:15:23	remove SHA-0
2cb6d19e	2015-09-13T19:08:12	remove ecdh/ech_ossl.c
eeb286af	2015-09-13T09:30:26	fix spelling of OPENSSL_cleanse
4bb70680	2015-09-13T09:03:04	ech_ossl.h is gone
adfb2bf7	2015-09-09T05:15:06	Do not build lib-objects targets if we are just building static libs. This confuses some cmake targets.
9903a266	2015-09-07T01:28:29	distribute strcasecmp.c
ca56c332	2015-09-07T01:05:33	disable shared CMake builds for OS X / Windows for now
5461dea7	2015-08-18T13:20:19	Add install targets and shared libraries to CMake
13d910c1	2015-08-03T07:37:24	disable explicit_bzero optimizations with CMake builds
c66d80a4	2015-08-03T06:56:59	add win32-specific explicit_bzero implementation
6527c320	2015-08-01T05:33:19	initial Linux cmake suppport tested on Ubuntu 14.04
1828bcb9	2015-07-21T20:00:42	don't build eng_rsax.c anymore
9d5eb631	2015-07-21T12:52:29	move sleep shim to posix_win.c
63161e85	2015-07-21T12:52:14	add initial build for arc4random/getentropy fallbacks
5d8a1cf7	2014-07-10T22:06:10	add initial CMake and Visual Studio build support This moves the compatibility include files from include to include/compat so we can use the awful MS C compiler <../include/> trick to emulate the GNU #include_next extension. This also removes a few old compat files we do not need anymore.
792a5acb	2015-07-20T01:08:01	eng_rsax is gone
ddeb7404	2015-07-16T10:23:57	win32 openssl CLI: preserve original echo state Mirror the patch to ui_openssl.c, also fix the broken conditional that made it not actually turn off echo in the first place. ok guenther@
db974c34	2015-07-15T20:00:21	fixup how OPENSSLDIR is derived and expanded As per http://www.gnu.org/software/autoconf/manual/autoconf-2.69/html_node/Installation-Directory-Variables.html we should not try to expand variables like sysconfdir in the configure script, but rather derive the correct value in the Makefiles instead. This fixes missing expansions as the preprocessor define.
4cffda19	2015-07-15T19:17:27	build libcrypto with -DLIBRESSL_INTERNAL Since libcrypto defines its own CPPFLAGS, we need to set this for libcrypto specifically.
54545427	2015-06-29T22:51:40	add check for inet_pton, nudge minimum win32 compat to 0x0501
b9f1b83a	2015-06-20T10:40:04	update for mdc2 removal
bc7b9347	2015-06-13T21:43:55	add a missing header and fix typo in windows posix layer
b4a6a615	2015-06-05T04:31:56	refactor win32 shims into posix_win.c this also adds a rename shim that allows overwrites
8dedbb4b	2015-05-02T01:58:21	add Makefile.am.arc4random
769d58e4	2015-05-02T01:40:33	further refactoring, working libtls-standalone
3096ab0e	2015-04-14T07:55:23	remove issetuigid wrappers, now that all getenv calls are gone. From deraadt@ upstream: Remove all getenv() calls, especially those wrapped by issetugid(). getenv()'s wrapped by issetugid() are safe, but issetugid() is ... difficult to impliment on many operating systems. By accident, a grand experiment was run over the last year, where issetugid() returned 1 (the safe value) on a few operating systems. Noone noticed & complained that certain environment variables were not working.......
fe3f7fc6	2015-02-10T23:49:31	Add experimental AIX support. This includes a WIP failsafe issetugid for now, while research continues on the proper way to do this in a race-free fashion in AIX.
ad2a38ab	2015-03-22T06:18:18	rework CFLAGS/CPPFLAGS settings during configuration Move define adjustments to CPPFLAGS. Adjust user CFLAGS directly, do not override during configuration. USER_CFLAGS is not necessary to build libcompat_noopt correctly.
a859b93f	2015-02-16T22:22:29	disable system issetugid on OS X since it is not fork-safe Noticed while testing similar code for AIX. ok beck@
adc416e9	2015-02-16T22:19:01	remove getuid/getgid fallbacks from hp-ux issetugid emulation Fail closed if we cannot obtain the process flags. Noticed while looking at a similar function for AIX.
9de5b8a9	2015-02-08T19:39:36	c_all* have merged into c_all.c
d88e90de	2015-01-26T10:20:26	add by_mem.c for X509_STORE_load_mem
a2233651	2015-01-21T06:14:24	add NetBSD shims for arc4random The current NetBSD release, 6.1.5, fails to reseed arc4random fork. Work around it by providing arc4random/getentropy shims. Revisit when NetBSD 7 is available.
0308b63c	2014-12-08T11:08:45	Add support for HP-UX tested on: HP-UX 11.31 ia64, gcc 4.7.1(HP AllianceOne version) gcc 4.2.3(http://hpux.connect.org.uk) HP C/aC++ HP-UX defaults to use LP32 and it treats long as 32 bit (= 4 bytes). This build forces LP64 for treating long as 64 bit.
d2342f36	2014-12-14T16:42:47	allow Windows DLLs to be built based on a patch from Jan Engelhardt
9c685415	2014-12-07T17:42:37	disable inline assembly on Windows for now There are issues building with inline assembly on Windows 64-bit.
03cd45e2	2014-12-06T18:43:58	Enable optimized crypto operations for x86_64 This adds initial support for assembly crypto acceleration on x86_64 for ELF (Linux, *BSD, Solaris) and Mach-O (OS-X) systems. The build method is a little different than OpenSSL and OpenBSD. All the .s files are generated ahead of time when the tarball is generated, so there are no complicated makefile rules at configure/build time. This also means the builds are faster and perl is not required on the build system. Thanks to Wouter Clarie for providing the initial cleanup and patch that this is based on.
976f64d9	2014-12-06T18:59:25	read all library versions directly from files This makes building and testing easier because the library Makefile.am files are use directly rather than as templates. Thanks to Wouter Clarie for the idea.
29804a73	2014-12-06T17:11:59	simplify packaging for libcrypto. Remove a lot of complex shell code. Upstream churn has slowed down, so it is now easier to maintain this directly as automake files. This is also needed to start integrating CPU-specific acceleration support. Since we are deriving the copy list from the Makefile.am files, we can now get rid of copy_src/copy_crypto.
58fcd3c3	2014-11-20T00:26:55	Add conditional compilation for windows and posix functions. This adds a Windows-specific versions of several symbols from libcrypto and openssl(1).
2103690c	2014-11-19T22:02:17	improve readability of generated Makefile.am files
648e9136	2014-11-05T20:52:00	Use _WIN32 instead of __WIN32. ok bcook@
0aeb93b9	2014-10-27T19:22:03	override native arc4random_buf on FreeBSD The FreeBSD-native arc4random_buf implementation falls back to weak sources of entropy if the sysctl fails. Remove these dangerous fallbacks by overriding locally. Unfortunately, pthread_atfork() is broken on FreeBSD (at least 9 and 10) if a program does not link to -lthr. Callbacks registered with pthread_atfork() simply fail silently. So, it is not always possible to detect a PID wraparound. I wish we could do better. This improves arc4random_buf's safety compared to the native FreeBSD implementation. Tested on FreeBSD 9 and 10. ok beck@ deraadt@
a2373f70	2014-10-30T10:52:29	wrap arc4random header ok @doug
a4cc9539	2014-10-29T15:44:36	Improve and simplify function and header detection logic. Simplify autoconf checks by using AC_CHECK_FUNCS/HEADERS. Clarify some ambiguous dependencies around strnlen/strndup. Unconditionally enable pidwraptest for all arc4random implementations. Remove HAVE_VASPRINTF conditional, since asprintf requires vasprintf. ok @doug
00b51d5c	2014-08-02T21:43:56	conditionally build strnlen if needed. it is only used by strndup prodded by Sortie@
b9ff0728	2014-07-30T06:53:02	harmonize asprintf with OpenSSH * use the original name for the file from OpenSSH (remove duplicate version) * add va_copy/__va_copy checks to configure * incorporate proposed fixes to openssh version: + include more system headers directly for various definitions + limit the scope of va_copy/va_end to their affected vsnprintf calls + simplify error handling, removing a dead assignment
a07e3370	2014-07-29T18:21:58	include comment on windows services
983103b0	2014-07-28T21:06:37	stub win32 issetugid implementation ok deraadt@ beck@
d328203f	2014-07-28T20:57:43	produce a error if platform has no arc4random hook ok deraadt@ beck@
35e2d8d0	2014-07-28T19:26:15	add asprintf / vasprintf from OpenSSH portable ok deraadt@ beck@
0a74a4d4	2014-07-27T06:11:56	add strndup/strnlen compat functions from OpenBSD
6383a072	2014-07-27T06:09:51	remove thread_private.h, no longer needed
f425f564	2014-07-21T07:50:32	test for and use system explicit_bzero if it exists ok beck@ guenther@
edebb7a6	2014-07-19T10:49:08	remove thread_private.h defines, moved to arc4random_*.h
1b1bce16	2014-07-17T23:58:46	update to newly-refactored arc4random compatibility shims the thread-private bits can move next ok beck@
d697fdb4	2014-07-17T21:20:34	initial underpinnings for mingw/cross compilation support Use canonical host rather than target so that this works: CC=i686-w64-mingw32-gcc ./configure --host=i686-w64-mingw32 Conditionally compile Linux issetugid compatibility function ok beck@
32d9eeee	2014-07-15T14:50:05	register the atfork handler from arc4random From kettenis@ People have suggested using pthread_atfork(3) before, but discarded the idea because it involves linking with -lpthread, which has other undesirable consequences. However: * Most systems actually have pthread_atfork(3) in libc. I verified this on OS X and Solaris. I believe this is the case on Linux systems that use musl as well. * On Linux systems that use glibc, this isn't the case. However, those systems have __register_atfork(3), which is fully documented in the "Linux Standard Base Core Specification". ok kettenis@ deraadt@ beck@
c1f7374d	2014-07-12T09:15:11	We're probably gonna need this for solaris 10
65944782	2014-07-12T03:34:08	add platform libraries to libcompat's LIBADD list ok beck@
8b125f31	2014-07-11T04:47:03	build strtonum directly into apps/openssl it is not needed as a library export ok beck@
abe7bee3	2014-07-10T08:36:47	Make things build again - add some missing headers ok bcook@
2b6dbc39	2014-07-10T06:21:51	initial top-level import of subdirectories

40974784

2016-05-02T22:46:25

add constant_time_locl.h

bda62f7f

2016-04-11T12:59:23

add cmake build options - add cmake build options as configure provides * -DENABLE_ASM (default ON) * -DENABLE_EXTRATESTS (default OFF) * -DENABLE_NC (default OFF) * -DOPENSSLDIR (default ${CMAKE_INSTALL_PREFIX}/etc/ssl) - add biotest and pidwraptest if ENABLE_EXTRATESTS is ON - add compiler flag `-fno-common` if CMAKE_SYSTEM_NAME is Darwin to prevent link error Undefined symbols "_OPENSSL_ia32cap_P"

752ad82d

2016-04-09T12:08:26

Land #188, add ASM support for cmake builds

2510a5e6

2016-04-07T15:08:12

modify cmake to build nc - modify structure of CMakeLists.txt under apps/ * move apps/CMakeLists.txt to apps/openssl/ since this is for openssl build * create new apps/nc/CMakeLists.txt for nc build * modify apps/CMakeLists.txt just add_subdirectory() - add checking and compile of arc4random_uniform() - add installing man files, openssl.1 and nc.1

e1f8a1e1

2016-04-08T15:09:07

modify cmake to build ASM - add functionality compiling ASM with cmake - to enable ASM, `cmake -DENABLE_ASM=on ..`

3207606f

2016-04-04T11:28:46

fix cmake on HP-UX - CMakeLists.txt * add OS specific compiler flags and library * add checking size of time_t * add checking memmem() - tests/CMakeLists.txt * add if(HAVE_MEMMEM) for explicit_bzero * add checking SMALL_TIME_T for rfc5280time - crypto/CMakeLists.txt * add getentropy_hpux.c - tls/CMakeLists.txt * fix checking strsep

3af1387b

2015-12-11T09:22:12

Revert back to GetStdHandle, since it works fine with pipes. Also include the formerly-missing NULL check, since this can fail in two ways.

bd8fe586

2015-12-11T09:21:43

include stdint.h uint*_t

5727d327

2015-12-11T16:29:50

Replace STDIN_FILENO with _fileno Replace STDIN_FILENO with _fileno as STDIN_FILENO results in compile errors with Visual Studio 2015 (using CMake).

905e2a3b

2015-12-06T23:32:18

refresh nc(1) support

afcc027d

2015-12-05T22:14:42

only set the console mode if stdin is a console (not a pipe) This allows piping commands and running from a cygwin console.

75ef5bb1

2015-12-05T13:58:37

wrap gets on Windows, replacing '\r\n' with '\n'

9574b6c8

2015-11-22T17:23:21

do not link libcompatnoopt if it is unneeded/built from andy-js on github, fix #158

9be90557

2015-10-21T22:19:09

remove a_gen/utctm.c for cmake

3f79a49d

2015-10-21T22:17:13

check bounds before casting (long long) to time_t

959241fe

2015-10-21T21:39:59

remove a_gen/utctm.c

0197a589

2015-10-18T09:28:10

Windows compatibility fixes VS2013 has trouble with relative include paths for apps/openssl, so move certhash_win/apps_win.c back to apps/openssl. gmtime_r on mingw64 fails with negative time_t, override gmtime_s fails all of the time unit tests, override SHUT_RD/WR are defined in newer mingw64 headers, check before overriding

a45e38e9

2015-10-17T22:57:59

disable some tests with 32-bit time_t systems Also disable use of _mkgmtime, it does not produce correct results.

dadeeb0a

2015-10-15T14:32:16

check for timegm in cmake builds

cac089b5

2015-10-15T14:32:02

make internal functions static

c0243664

2015-10-15T14:26:24

use timegm from musl

4298ac93

2015-10-14T23:53:52

include timegm fallback

448645d4

2015-10-11T16:46:55

Use bundled headers instead of installed headers when building The build system incorrectly set include directives in AM_CFLAGS which causes them to be placed after the configured CPPFLAGS. Thus, if a user or packaging system sets CPPFLAGS to a location that has libressl or openssl headers installed, they will be used instead of the bundled versions. This corrects that issue by setting up the variables correctly. https://github.com/libressl-portable/portable/issues/150 Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>

047926e0

2015-10-06T06:18:15

updates for ASN.1 time handling

4ce5342e

2015-09-17T05:39:20

remove SHA-0 from cmake builds

f05cb999

2015-09-17T05:25:22

final bit of SHA-0 removal

9c55d0b8

2015-09-17T05:15:23

remove SHA-0

2cb6d19e

2015-09-13T19:08:12

remove ecdh/ech_ossl.c

eeb286af

2015-09-13T09:30:26

fix spelling of OPENSSL_cleanse

4bb70680

2015-09-13T09:03:04

ech_ossl.h is gone

adfb2bf7

2015-09-09T05:15:06

Do not build lib-objects targets if we are just building static libs. This confuses some cmake targets.

9903a266

2015-09-07T01:28:29

distribute strcasecmp.c

ca56c332

2015-09-07T01:05:33

disable shared CMake builds for OS X / Windows for now

5461dea7

2015-08-18T13:20:19

Add install targets and shared libraries to CMake

13d910c1

2015-08-03T07:37:24

disable explicit_bzero optimizations with CMake builds

c66d80a4

2015-08-03T06:56:59

add win32-specific explicit_bzero implementation

6527c320

2015-08-01T05:33:19

initial Linux cmake suppport tested on Ubuntu 14.04

1828bcb9

2015-07-21T20:00:42

don't build eng_rsax.c anymore

9d5eb631

2015-07-21T12:52:29

move sleep shim to posix_win.c

63161e85

2015-07-21T12:52:14

add initial build for arc4random/getentropy fallbacks

5d8a1cf7

2014-07-10T22:06:10

add initial CMake and Visual Studio build support This moves the compatibility include files from include to include/compat so we can use the awful MS C compiler <../include/> trick to emulate the GNU #include_next extension. This also removes a few old compat files we do not need anymore.

792a5acb

2015-07-20T01:08:01

eng_rsax is gone

ddeb7404

2015-07-16T10:23:57

win32 openssl CLI: preserve original echo state Mirror the patch to ui_openssl.c, also fix the broken conditional that made it not actually turn off echo in the first place. ok guenther@

db974c34

2015-07-15T20:00:21

fixup how OPENSSLDIR is derived and expanded As per http://www.gnu.org/software/autoconf/manual/autoconf-2.69/html_node/Installation-Directory-Variables.html we should not try to expand variables like sysconfdir in the configure script, but rather derive the correct value in the Makefiles instead. This fixes missing expansions as the preprocessor define.

4cffda19

2015-07-15T19:17:27

build libcrypto with -DLIBRESSL_INTERNAL Since libcrypto defines its own CPPFLAGS, we need to set this for libcrypto specifically.

54545427

2015-06-29T22:51:40

add check for inet_pton, nudge minimum win32 compat to 0x0501

b9f1b83a

2015-06-20T10:40:04

update for mdc2 removal

bc7b9347

2015-06-13T21:43:55

add a missing header and fix typo in windows posix layer

b4a6a615

2015-06-05T04:31:56

refactor win32 shims into posix_win.c this also adds a rename shim that allows overwrites

8dedbb4b

2015-05-02T01:58:21

add Makefile.am.arc4random

769d58e4

2015-05-02T01:40:33

further refactoring, working libtls-standalone

3096ab0e

2015-04-14T07:55:23

remove issetuigid wrappers, now that all getenv calls are gone. From deraadt@ upstream: Remove all getenv() calls, especially those wrapped by issetugid(). getenv()'s wrapped by issetugid() are safe, but issetugid() is ... difficult to impliment on many operating systems. By accident, a grand experiment was run over the last year, where issetugid() returned 1 (the safe value) on a few operating systems. Noone noticed & complained that certain environment variables were not working.......

fe3f7fc6

2015-02-10T23:49:31

Add experimental AIX support. This includes a WIP failsafe issetugid for now, while research continues on the proper way to do this in a race-free fashion in AIX.

ad2a38ab

2015-03-22T06:18:18

rework CFLAGS/CPPFLAGS settings during configuration Move define adjustments to CPPFLAGS. Adjust user CFLAGS directly, do not override during configuration. USER_CFLAGS is not necessary to build libcompat_noopt correctly.

a859b93f

2015-02-16T22:22:29

disable system issetugid on OS X since it is not fork-safe Noticed while testing similar code for AIX. ok beck@

adc416e9

2015-02-16T22:19:01

remove getuid/getgid fallbacks from hp-ux issetugid emulation Fail closed if we cannot obtain the process flags. Noticed while looking at a similar function for AIX.

9de5b8a9

2015-02-08T19:39:36

c_all* have merged into c_all.c

d88e90de

2015-01-26T10:20:26

add by_mem.c for X509_STORE_load_mem

a2233651

2015-01-21T06:14:24

add NetBSD shims for arc4random The current NetBSD release, 6.1.5, fails to reseed arc4random fork. Work around it by providing arc4random/getentropy shims. Revisit when NetBSD 7 is available.

0308b63c

2014-12-08T11:08:45

Add support for HP-UX tested on: HP-UX 11.31 ia64, gcc 4.7.1(HP AllianceOne version) gcc 4.2.3(http://hpux.connect.org.uk) HP C/aC++ HP-UX defaults to use LP32 and it treats long as 32 bit (= 4 bytes). This build forces LP64 for treating long as 64 bit.

d2342f36

2014-12-14T16:42:47

allow Windows DLLs to be built based on a patch from Jan Engelhardt

9c685415

2014-12-07T17:42:37

disable inline assembly on Windows for now There are issues building with inline assembly on Windows 64-bit.

03cd45e2

2014-12-06T18:43:58

Enable optimized crypto operations for x86_64 This adds initial support for assembly crypto acceleration on x86_64 for ELF (Linux, *BSD, Solaris) and Mach-O (OS-X) systems. The build method is a little different than OpenSSL and OpenBSD. All the .s files are generated ahead of time when the tarball is generated, so there are no complicated makefile rules at configure/build time. This also means the builds are faster and perl is not required on the build system. Thanks to Wouter Clarie for providing the initial cleanup and patch that this is based on.

976f64d9

2014-12-06T18:59:25

read all library versions directly from files This makes building and testing easier because the library Makefile.am files are use directly rather than as templates. Thanks to Wouter Clarie for the idea.

29804a73

2014-12-06T17:11:59

simplify packaging for libcrypto. Remove a lot of complex shell code. Upstream churn has slowed down, so it is now easier to maintain this directly as automake files. This is also needed to start integrating CPU-specific acceleration support. Since we are deriving the copy list from the Makefile.am files, we can now get rid of copy_src/copy_crypto.

58fcd3c3

2014-11-20T00:26:55

Add conditional compilation for windows and posix functions. This adds a Windows-specific versions of several symbols from libcrypto and openssl(1).

2103690c

2014-11-19T22:02:17

improve readability of generated Makefile.am files

648e9136

2014-11-05T20:52:00

Use _WIN32 instead of __WIN32. ok bcook@

0aeb93b9

2014-10-27T19:22:03

override native arc4random_buf on FreeBSD The FreeBSD-native arc4random_buf implementation falls back to weak sources of entropy if the sysctl fails. Remove these dangerous fallbacks by overriding locally. Unfortunately, pthread_atfork() is broken on FreeBSD (at least 9 and 10) if a program does not link to -lthr. Callbacks registered with pthread_atfork() simply fail silently. So, it is not always possible to detect a PID wraparound. I wish we could do better. This improves arc4random_buf's safety compared to the native FreeBSD implementation. Tested on FreeBSD 9 and 10. ok beck@ deraadt@

a2373f70

2014-10-30T10:52:29

wrap arc4random header ok @doug

a4cc9539

2014-10-29T15:44:36

Improve and simplify function and header detection logic. Simplify autoconf checks by using AC_CHECK_FUNCS/HEADERS. Clarify some ambiguous dependencies around strnlen/strndup. Unconditionally enable pidwraptest for all arc4random implementations. Remove HAVE_VASPRINTF conditional, since asprintf requires vasprintf. ok @doug

00b51d5c

2014-08-02T21:43:56

conditionally build strnlen if needed. it is only used by strndup prodded by Sortie@

b9ff0728

2014-07-30T06:53:02

harmonize asprintf with OpenSSH * use the original name for the file from OpenSSH (remove duplicate version) * add va_copy/__va_copy checks to configure * incorporate proposed fixes to openssh version: + include more system headers directly for various definitions + limit the scope of va_copy/va_end to their affected vsnprintf calls + simplify error handling, removing a dead assignment

a07e3370

2014-07-29T18:21:58

include comment on windows services

983103b0

2014-07-28T21:06:37

stub win32 issetugid implementation ok deraadt@ beck@

d328203f

2014-07-28T20:57:43

produce a error if platform has no arc4random hook ok deraadt@ beck@

35e2d8d0

2014-07-28T19:26:15

add asprintf / vasprintf from OpenSSH portable ok deraadt@ beck@

0a74a4d4

2014-07-27T06:11:56

add strndup/strnlen compat functions from OpenBSD

6383a072

2014-07-27T06:09:51

remove thread_private.h, no longer needed

f425f564

2014-07-21T07:50:32

test for and use system explicit_bzero if it exists ok beck@ guenther@

edebb7a6

2014-07-19T10:49:08

remove thread_private.h defines, moved to arc4random_*.h

1b1bce16

2014-07-17T23:58:46

update to newly-refactored arc4random compatibility shims the thread-private bits can move next ok beck@

d697fdb4

2014-07-17T21:20:34

initial underpinnings for mingw/cross compilation support Use canonical host rather than target so that this works: CC=i686-w64-mingw32-gcc ./configure --host=i686-w64-mingw32 Conditionally compile Linux issetugid compatibility function ok beck@

32d9eeee

2014-07-15T14:50:05

register the atfork handler from arc4random From kettenis@ People have suggested using pthread_atfork(3) before, but discarded the idea because it involves linking with -lpthread, which has other undesirable consequences. However: * Most systems actually have pthread_atfork(3) in libc. I verified this on OS X and Solaris. I believe this is the case on Linux systems that use musl as well. * On Linux systems that use glibc, this isn't the case. However, those systems have __register_atfork(3), which is fully documented in the "Linux Standard Base Core Specification". ok kettenis@ deraadt@ beck@

c1f7374d

2014-07-12T09:15:11

We're probably gonna need this for solaris 10

65944782

2014-07-12T03:34:08

add platform libraries to libcompat's LIBADD list ok beck@

8b125f31

2014-07-11T04:47:03

build strtonum directly into apps/openssl it is not needed as a library export ok beck@

abe7bee3

2014-07-10T08:36:47

Make things build again - add some missing headers ok bcook@

2b6dbc39

2014-07-10T06:21:51

initial top-level import of subdirectories

kc3-lang/libressl/crypto

crypto

Log