kmx git

Commit	Date	Message
419fbd6f	2023-05-26T21:51:56	fix asm on x86_64 macos
94763de5	2023-04-25T11:47:02	Disable assembly on macos for now
73d924f6	2023-03-23T06:07:31	fix mips/mips64 builds
531f9970	2023-02-25T20:56:44	enable ASM on aarch64, disable on i386
a498c6a7	2023-02-23T08:31:31	only disable asm on aarch64 for now, enable for other archs
a64adc58	2023-02-21T09:37:47	disable asm for autoconf tests as well
4bcb537a	2023-02-21T01:13:29	generally disable asm for now
20fb2bdb	2023-02-14T02:52:10	add CPU checks, include initial bn_arch.h headers
5427234a	2023-02-11T06:32:04	disable asm by default
56bf8d4f	2022-02-27T06:05:41	update autotool macro deprecations fix latest round of autotool complaints
921c0675	2021-04-05T02:32:35	Add '--enable-libtls-only' build option
fe42a801	2020-08-20T09:30:21	Configure libtls and nc(1) to statically link to libcrypto/ssl An issue that Reyk Floeter noted while building a Debian package for LibreSSL is that installing libtls along with OpenSSL causes linker issues since it will often pick up the wrong libcrypto/libssl. This change makes libtls statically link the object files it needs rather than relying on the shared libraries, effectively making libtls self-contained and able to be packaged independently. This should make it possible for other projects that also use libtls to be able to package support without requiring the target OS to ship libcrypto / libssl from LibreSSL. https://salsa.debian.org/reyk-guest/libressl/-/commit/678278df55ce866f2f363998ca690442fa786c66
7bf5edc4	2020-07-22T21:32:34	Add architecture define for s390/s390x and remove redundant sparc check
74235827	2020-07-15T01:25:34	Get __STRICT_ALIGNMENT from machine/endian.h
1553d87c	2020-05-02T15:13:13	improved default help value
84af4092	2020-05-02T14:35:34	missing change of variable
0542dd27	2020-05-01T21:03:06	enable tests by default
1980c68e	2020-05-01T16:15:14	enable tests by default
65d07eec	2020-05-01T13:07:11	Add configure option to disable tests
87308034	2019-01-20T19:59:46	enable asm for mingw64
26c8896c	2019-01-20T15:08:05	check for cc before gcc
8f32297d	2018-11-11T02:08:55	add arm asm support via autoconf/make
787d8d24	2018-05-19T17:31:42	__warn_references: tweak assembly for "gnu.warning" section On some targets ';' (like hppa) is treated as a comment in assembly files. This occasionally causes the following assembly failures: ``` Error: can't resolve `.gnu.warning.EVP_DecryptFinal' {.gnu.warning.EVP_DecryptFinal section} - `.Ltext0' {.text section} ``` Note how branch (or other reference) attempts to cross the boundary across two section types: '.text' and '.gnu.warning'. Tobias Ulmer notes that openbsd already uses newlines for similar macro: https://github.com/openbsd/src/blob/master/sys/arch/hppa/include/cdefs.h This change switches from ';' to newline as well. Tested on hppa2.0 and x86_64. Reported-by: Jeroen Roovers Bug: https://bugs.gentoo.org/656104 Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
13b704d4	2018-05-02T22:30:34	fix extra comma in amd64 normalization
7dc68c82	2017-08-14T12:15:00	set SMALL_TIME_T when sizeof time_t == 4
9b88fa46	2017-07-08T17:46:16	generate the crypto export symbol list at build time we currently do it at configure time, which makes this a generated source, but generated sources should be cleaned up, which breaks 'make clean; make'
3b4d3d75	2017-02-18T22:17:59	Remove "exit 1" (added by mistake)
b2b47a7d	2017-02-15T23:04:04	Document 32-bit time_t problem on minw-w64 toolchain and how to avoid it
93754dc5	2017-01-24T06:06:07	initial ocspcheck integration
1d934cd2	2017-01-15T18:09:13	Fix to use -export-symbols for libcrypto - generating platform specific crypto/crypto_portable.sym from crypto.sym
4db1ad67	2015-12-07T08:24:41	installing nc(1) should imply building, even if not whitelisted
28aaab43	2015-12-07T08:14:51	allow optionally installing nc(1) with '--enable-nc'
c8c23ad8	2015-10-18T10:36:31	make it clear that we skipped 64-bit time_t tests
c8918dd0	2015-10-17T23:32:21	include warnings about small time_t
a45e38e9	2015-10-17T22:57:59	disable some tests with 32-bit time_t systems Also disable use of _mkgmtime, it does not produce correct results.
442cc6f1	2015-10-07T08:55:05	add tame(2) check
a7f031ba	2015-10-01T07:40:26	add b64_ntop checking and fallback for nc(1)
3ac78a55	2015-09-16T01:45:42	normalize amd64 to x86_64 This allows asm to be enabled on platforms that use amd64 in the host tuple.
8c90be2a	2015-09-13T11:56:41	allow nc to build on linux and os x
854f4f69	2015-09-12T07:48:06	add 'nc' to the distribution as an example of libtls client and server
a1a0f2c6	2015-07-17T16:54:23	implement compatibility shim for __warn_references This will allow us to warn about deprecated function references at link-time.
db974c34	2015-07-15T20:00:21	fixup how OPENSSLDIR is derived and expanded As per http://www.gnu.org/software/autoconf/manual/autoconf-2.69/html_node/Installation-Directory-Variables.html we should not try to expand variables like sysconfdir in the configure script, but rather derive the correct value in the Makefiles instead. This fixes missing expansions as the preprocessor define.
bda20bd1	2015-07-11T14:23:44	Improve automatic handling of OPENSSLDIR Install a default cert.pem, openssl.cnf, x509v3.cnf in OPENSSLDIR, which is derived by default from sysconfdir and the prefix setting.
83d07710	2015-07-08T09:02:12	remove unused --with-enginesdir configuration parameter
407c7cd1	2015-06-13T22:31:26	set 'foreign' flag in automake Avoid warnings about following GNU standards, since this is not a GNU project. Thanks to Doug Hogan for pointing this out.
d3771a41	2015-05-01T07:18:12	refactor configure into separate m4 macros this allows for some reusability with libtls
7de7605b	2015-05-14T15:32:27	adding support for bitrig
91f01629	2015-04-27T08:25:54	use the same gcc test for AIX as HP-UX
97c910ec	2015-04-27T21:20:20	modify for HP-UX build, choose correct CFLAGS for gcc.
7dbc4ed3	2015-04-19T15:14:52	remove unneeded check for sys/sysctl.h
dcb97d12	2015-04-19T14:55:25	use alternate cflags on AIX and HP-UX vendor compilers
2753f5ca	2015-04-14T22:12:52	Revert configure-time checks for -Wall/-std=gnu99 There is a problem with these on some compilers, revert while a solution is found.
5cf05de1	2015-04-14T08:43:52	make compiler checks for -Wall and -std=gnu99 Yes, there are compilers that do not understand or need these.
3096ab0e	2015-04-14T07:55:23	remove issetuigid wrappers, now that all getenv calls are gone. From deraadt@ upstream: Remove all getenv() calls, especially those wrapped by issetugid(). getenv()'s wrapped by issetugid() are safe, but issetugid() is ... difficult to impliment on many operating systems. By accident, a grand experiment was run over the last year, where issetugid() returned 1 (the safe value) on a few operating systems. Noone noticed & complained that certain environment variables were not working.......
fe3f7fc6	2015-02-10T23:49:31	Add experimental AIX support. This includes a WIP failsafe issetugid for now, while research continues on the proper way to do this in a race-free fashion in AIX.
34bf96ce	2015-03-22T08:14:27	move define to CPPFLAGS
569177ea	2015-03-22T08:11:53	Merged support for using _OPENBSD_SOURCE on NetBSD 8.x
ad2a38ab	2015-03-22T06:18:18	rework CFLAGS/CPPFLAGS settings during configuration Move define adjustments to CPPFLAGS. Adjust user CFLAGS directly, do not override during configuration. USER_CFLAGS is not necessary to build libcompat_noopt correctly.
4106a08d	2015-03-22T06:03:43	check for build tools earlier in configuration
809fcf4e	2015-03-22T06:05:49	move clang flags adjustment next to the check, fix typo
dcf31221	2015-03-21T19:08:04	Merge native cygwin support
45065de1	2015-03-21T19:04:54	rework tests Makefile.am There are so many test exceptions that need handling that it is easier to simply edit it directly rather than doing autogeneration anymore. This also puts biotest and pidwraptest behind a new --enable-extratests option, so they are easy to run but are not enabled by default.
dd646a33	2015-03-18T19:12:42	enable libtls by default The API/ABI for the LibreSSL 2.1.x series is now fixed, so we can safely enable libtls it by default. This is useful for new OpenNTPD and OpenSMTPD releases as well. ok deraadt@ beck@ sthen@
73329d43	2015-03-08T19:56:03	update __STRICT_ALIGNMENT check
031f0aaa	2015-03-07T12:04:29	specify -static-libgcc for mingw builds Avoid external external dependencies on 32-bit windows builds.
bbf021e1	2015-03-08T01:35:20	Reuse _OPENBSD_SOURCE namespace on NetBSD (>=8.x)
213eb946	2015-03-07T12:02:57	avoid doubling user-specified cflags
9cad5993	2015-03-03T18:39:31	Drop test for adding -lssp again, not required with latest libtool Signed-off-by: Corinna Vinschen <github@cygwin.de>
98902539	2015-03-03T16:37:23	Add preliminary Cygwin support Signed-off-by: Corinna Vinschen <github@cygwin.de>
933820a0	2015-03-01T16:30:23	separate the BSWAP check from the action checks need to be unconditional with autoconf
8695b506	2015-03-01T15:57:21	check if the BSWAP assembly for ARM works before building
ab0d3e54	2015-02-24T19:39:16	add windows-specific hardening options This enables DEP and ALSR capabilities. Stack protection is enabled optionally, there are some extra linking steps required that make it difficult to enable by default.
347c03d3	2015-02-23T09:48:04	remove openat requirement for building certhash
49d80f0e	2015-02-19T21:16:55	add missing line continuation
a859b93f	2015-02-16T22:22:29	disable system issetugid on OS X since it is not fork-safe Noticed while testing similar code for AIX. ok beck@
ad7ac48d	2015-02-14T20:03:39	add strsep fallback for libtls
28311d43	2015-02-14T18:51:44	conditionally build certhash into openssl(1) For now, look for openat and symlink. We may switch to just needing symlink later.
a2233651	2015-01-21T06:14:24	add NetBSD shims for arc4random The current NetBSD release, 6.1.5, fails to reseed arc4random fork. Work around it by providing arc4random/getentropy shims. Revisit when NetBSD 7 is available.
f2d68c7d	2015-01-06T14:16:51	remove bash-style comparisons from tests
0308b63c	2014-12-08T11:08:45	Add support for HP-UX tested on: HP-UX 11.31 ia64, gcc 4.7.1(HP AllianceOne version) gcc 4.2.3(http://hpux.connect.org.uk) HP C/aC++ HP-UX defaults to use LP32 and it treats long as 32 bit (= 4 bytes). This build forces LP64 for treating long as 64 bit.
ec81c282	2015-01-06T17:45:14	catch GCC versions that only warn on unused flags Noticed while building with GCC 4.2 with HP-UX. Switching the ERROR to a WARN for a first release while we continue to survey the field.
4b7e7815	2015-01-05T21:21:23	quoting and ensure old_*flags are restored before the 'else'
872ecfd8	2015-01-05T20:31:34	preserve CFLAGS between hardening checks, enable mingw Allow hardening CFLAGS for mingw that do not cause link-time failures. Add proper quoting on flags for commas Check LDFLAGS for linker-only flags.
303b972d	2015-01-05T20:14:54	simplify hardening check logic, disable for mingw Rather than doing separate linker/compiler checks, just build a non-empty program with each so that the compiler will actually try to use the hardening features. Reduce redundancy in the macro calls by just setting the flag that was just tested. Also, disable hardening for mingw, since its trying to use a libssp-0.dll file that I can't find right now. The detected hardening flags break mingw builds currently.
813e7bda	2015-01-01T15:03:03	Change comments to remark on script not being needed for clang >= 5.1
701204bf	2014-12-31T07:06:49	Fix typo causing output of clang test to read "CLANG" instead of yes/no
2dc0a6ac	2014-12-30T15:13:19	Merge recent upstream changes with compiler hardening Conflicts: configure.ac
23c90228	2014-12-27T16:34:02	enable __STRICT_ALIGNMENT on sparc
a6c07234	2014-12-23T05:24:24	configure.ac: use executable hardening where available Where available, enable stack smashing protection, fortify source, no-strict-overflow, and read only relocations. Many Linux distributions automatically enable most of these options. They are no brainers. The difference introduced here is in asking for a few more aggressive options. An option to disable the more aggressive options is provided (--disable-hardening). When set, configure will fall back to the default CFLAGS on the system - in many cases that will still be hardened. There is no point in going further than that. Options enabled are: -fstack-protector-strong is a relatively new GCC-4.9 feature that is supposed to give a better balance between performance and protection. -all is considered too aggressive, but was used in Chromium and other security critical systems until -strong became available. Follow their lead and use -strong when possible. clang 6.0 supports -all but not -strong. _FORTIFY_SOURCE replaces certain unsafe C str* and mem* functions with more robust equivalents when the compiler can determine the length of the buffers involved. -fno-strict-overflow instructs GCC to not make optimizations based on the assumption that signed arithmetic will wrap around on overflow (e.g. (short)0x7FFF + 1 == 0). This prevents the optimizer from doing some unexpected things. Further improvements should trap signed overflows and reduce the use of signed to refer to naturally unsigned quantities. I did not set -fPIE (position independent executables). The critical function of Open/LibreSSL is as a library, not an executable. Tested on Ubuntu Linux 14.04.1 LTS, OS X 10.10.1 with "make check". Signed-off-by: Jim Barlow <jim@purplerock.ca>
164f684e	2014-12-23T04:38:43	configure.ac: Modify clang check to save result to a variable ...and leave a note that -Qunused-arguments is being applied to CFLAGS not LDFLAGS, probably in error.
04158cd4	2014-12-21T23:14:02	do not mark GNU_STACK WX in ELFs generated from assembly When generating ELF objects from assembly, gcc and clang mark the GNU_STACK program headers as RWX by default. This is a security issue, so we make sure it is marked only RW. This modifies Anthony G. Basile's original patch for Linux to set .note.GNU-stack whenever the assembler supports it. It is surprising that any modern toolchain would enable an executable stack without an explicit request. The number of programs that need an executable stack is surely much smaller than the number of programs that include assembly.
d2342f36	2014-12-14T16:42:47	allow Windows DLLs to be built based on a patch from Jan Engelhardt
03cd45e2	2014-12-06T18:43:58	Enable optimized crypto operations for x86_64 This adds initial support for assembly crypto acceleration on x86_64 for ELF (Linux, *BSD, Solaris) and Mach-O (OS-X) systems. The build method is a little different than OpenSSL and OpenBSD. All the .s files are generated ahead of time when the tarball is generated, so there are no complicated makefile rules at configure/build time. This also means the builds are faster and perl is not required on the build system. Thanks to Wouter Clarie for providing the initial cleanup and patch that this is based on.
976f64d9	2014-12-06T18:59:25	read all library versions directly from files This makes building and testing easier because the library Makefile.am files are use directly rather than as templates. Thanks to Wouter Clarie for the idea.
b3270494	2014-12-04T22:37:22	add support for building libtls Use './configure --enable-libtls' to build the library and install the associated manpages. Note that the API and ABI of this library may change still, though feedback is welcome. ok deraadt@ jsing@ tedu@
1bbde19a	2014-11-20T00:24:20	add minimal poll(2) implementation for Windows This provides sufficient functionality to run openssl(1) from a Windows console. This is based on the original select-based version from from songdongsheng@live.cn. Changes: * use nfds_t directly for iterating the fds. * add WSAGetLastError -> errno mappings * handle POLLHUP and the OOB data cases for revents * handle sparse arrays of fds correctly * KNF style updates * teach poll how to handle file handles as well as sockets This handles the socket/non-socket issue by alternating a loop between WaitForMultipleObjects for non-sockets and and select for sockets. One would think this would be terrible for performance, but as of this writing, poll consumes about 6% of the time doing a bulk transfer between a Linux box and 'openssl.exe s_server'. I tried to implement this all in terms of WaitForMultipleObjects with a select 'poll' at the end to get extra specific socket status. However, the cost of setting up an event handle for each socket, setting the WSAEventSelect attributes, and cleaning them up reliably was pretty high. Since the event handle associated with a socket is also global, creating a new one cancels the previous one or can be disabled externally. In addition, the 'FD_WRITE' status of a socket event handle does not behave in an expected fashion, being triggered by an edge on a write event rather than being level triggered. Another fun horror story is how stdin in windows might be a console, it might be a pipe, it might be something else. If these all worked in the same way, it would be great. But, since a console-stdin can also signal on a mouse or window event, it means we can easily get stuck in a blocking read (you can't make stdin non-blocking) if the non-character events are not filtered out. So, poll does that too. See here for various additional horror stories: http://www.postgresql.org/message-id/4351.1336927207@sss.pgh.pa.us
7f0646f6	2014-11-19T06:26:38	Update win32 build defines
d84aa5cb	2014-11-03T21:06:40	Quiet clang warnings about unused arguments in general. Check if we are using clang, rather than simply if we are on OS X. Note: recent LLVM releases do not seem to need this anyway.
94ec2b6b	2014-11-03T21:05:47	make 'autoreconf' work from dist tarball We need to include VERSION for it to run.
0aeb93b9	2014-10-27T19:22:03	override native arc4random_buf on FreeBSD The FreeBSD-native arc4random_buf implementation falls back to weak sources of entropy if the sysctl fails. Remove these dangerous fallbacks by overriding locally. Unfortunately, pthread_atfork() is broken on FreeBSD (at least 9 and 10) if a program does not link to -lthr. Callbacks registered with pthread_atfork() simply fail silently. So, it is not always possible to detect a PID wraparound. I wish we could do better. This improves arc4random_buf's safety compared to the native FreeBSD implementation. Tested on FreeBSD 9 and 10. ok beck@ deraadt@

419fbd6f

2023-05-26T21:51:56

fix asm on x86_64 macos

94763de5

2023-04-25T11:47:02

Disable assembly on macos for now

73d924f6

2023-03-23T06:07:31

fix mips/mips64 builds

531f9970

2023-02-25T20:56:44

enable ASM on aarch64, disable on i386

a498c6a7

2023-02-23T08:31:31

only disable asm on aarch64 for now, enable for other archs

a64adc58

2023-02-21T09:37:47

disable asm for autoconf tests as well

4bcb537a

2023-02-21T01:13:29

generally disable asm for now

20fb2bdb

2023-02-14T02:52:10

add CPU checks, include initial bn_arch.h headers

5427234a

2023-02-11T06:32:04

disable asm by default

56bf8d4f

2022-02-27T06:05:41

update autotool macro deprecations fix latest round of autotool complaints

921c0675

2021-04-05T02:32:35

Add '--enable-libtls-only' build option

fe42a801

2020-08-20T09:30:21

Configure libtls and nc(1) to statically link to libcrypto/ssl An issue that Reyk Floeter noted while building a Debian package for LibreSSL is that installing libtls along with OpenSSL causes linker issues since it will often pick up the wrong libcrypto/libssl. This change makes libtls statically link the object files it needs rather than relying on the shared libraries, effectively making libtls self-contained and able to be packaged independently. This should make it possible for other projects that also use libtls to be able to package support without requiring the target OS to ship libcrypto / libssl from LibreSSL. https://salsa.debian.org/reyk-guest/libressl/-/commit/678278df55ce866f2f363998ca690442fa786c66

7bf5edc4

2020-07-22T21:32:34

Add architecture define for s390/s390x and remove redundant sparc check

74235827

2020-07-15T01:25:34

Get __STRICT_ALIGNMENT from machine/endian.h

1553d87c

2020-05-02T15:13:13

improved default help value

84af4092

2020-05-02T14:35:34

missing change of variable

0542dd27

2020-05-01T21:03:06

enable tests by default

1980c68e

2020-05-01T16:15:14

enable tests by default

65d07eec

2020-05-01T13:07:11

Add configure option to disable tests

87308034

2019-01-20T19:59:46

enable asm for mingw64

26c8896c

2019-01-20T15:08:05

check for cc before gcc

8f32297d

2018-11-11T02:08:55

add arm asm support via autoconf/make

787d8d24

2018-05-19T17:31:42

__warn_references: tweak assembly for "gnu.warning" section On some targets ';' (like hppa) is treated as a comment in assembly files. This occasionally causes the following assembly failures: ``` Error: can't resolve `.gnu.warning.EVP_DecryptFinal' {.gnu.warning.EVP_DecryptFinal section} - `.Ltext0' {.text section} ``` Note how branch (or other reference) attempts to cross the boundary across two section types: '.text' and '.gnu.warning'. Tobias Ulmer notes that openbsd already uses newlines for similar macro: https://github.com/openbsd/src/blob/master/sys/arch/hppa/include/cdefs.h This change switches from ';' to newline as well. Tested on hppa2.0 and x86_64. Reported-by: Jeroen Roovers Bug: https://bugs.gentoo.org/656104 Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>

13b704d4

2018-05-02T22:30:34

fix extra comma in amd64 normalization

7dc68c82

2017-08-14T12:15:00

set SMALL_TIME_T when sizeof time_t == 4

9b88fa46

2017-07-08T17:46:16

generate the crypto export symbol list at build time we currently do it at configure time, which makes this a generated source, but generated sources should be cleaned up, which breaks 'make clean; make'

3b4d3d75

2017-02-18T22:17:59

Remove "exit 1" (added by mistake)

b2b47a7d

2017-02-15T23:04:04

Document 32-bit time_t problem on minw-w64 toolchain and how to avoid it

93754dc5

2017-01-24T06:06:07

initial ocspcheck integration

1d934cd2

2017-01-15T18:09:13

Fix to use -export-symbols for libcrypto - generating platform specific crypto/crypto_portable.sym from crypto.sym

4db1ad67

2015-12-07T08:24:41

installing nc(1) should imply building, even if not whitelisted

28aaab43

2015-12-07T08:14:51

allow optionally installing nc(1) with '--enable-nc'

c8c23ad8

2015-10-18T10:36:31

make it clear that we skipped 64-bit time_t tests

c8918dd0

2015-10-17T23:32:21

include warnings about small time_t

a45e38e9

2015-10-17T22:57:59

disable some tests with 32-bit time_t systems Also disable use of _mkgmtime, it does not produce correct results.

442cc6f1

2015-10-07T08:55:05

add tame(2) check

a7f031ba

2015-10-01T07:40:26

add b64_ntop checking and fallback for nc(1)

3ac78a55

2015-09-16T01:45:42

normalize amd64 to x86_64 This allows asm to be enabled on platforms that use amd64 in the host tuple.

8c90be2a

2015-09-13T11:56:41

allow nc to build on linux and os x

854f4f69

2015-09-12T07:48:06

add 'nc' to the distribution as an example of libtls client and server

a1a0f2c6

2015-07-17T16:54:23

implement compatibility shim for __warn_references This will allow us to warn about deprecated function references at link-time.

db974c34

2015-07-15T20:00:21

fixup how OPENSSLDIR is derived and expanded As per http://www.gnu.org/software/autoconf/manual/autoconf-2.69/html_node/Installation-Directory-Variables.html we should not try to expand variables like sysconfdir in the configure script, but rather derive the correct value in the Makefiles instead. This fixes missing expansions as the preprocessor define.

bda20bd1

2015-07-11T14:23:44

Improve automatic handling of OPENSSLDIR Install a default cert.pem, openssl.cnf, x509v3.cnf in OPENSSLDIR, which is derived by default from sysconfdir and the prefix setting.

83d07710

2015-07-08T09:02:12

remove unused --with-enginesdir configuration parameter

407c7cd1

2015-06-13T22:31:26

set 'foreign' flag in automake Avoid warnings about following GNU standards, since this is not a GNU project. Thanks to Doug Hogan for pointing this out.

d3771a41

2015-05-01T07:18:12

refactor configure into separate m4 macros this allows for some reusability with libtls

7de7605b

2015-05-14T15:32:27

adding support for bitrig

91f01629

2015-04-27T08:25:54

use the same gcc test for AIX as HP-UX

97c910ec

2015-04-27T21:20:20

modify for HP-UX build, choose correct CFLAGS for gcc.

7dbc4ed3

2015-04-19T15:14:52

remove unneeded check for sys/sysctl.h

dcb97d12

2015-04-19T14:55:25

use alternate cflags on AIX and HP-UX vendor compilers

2753f5ca

2015-04-14T22:12:52

Revert configure-time checks for -Wall/-std=gnu99 There is a problem with these on some compilers, revert while a solution is found.

5cf05de1

2015-04-14T08:43:52

make compiler checks for -Wall and -std=gnu99 Yes, there are compilers that do not understand or need these.

3096ab0e

2015-04-14T07:55:23

remove issetuigid wrappers, now that all getenv calls are gone. From deraadt@ upstream: Remove all getenv() calls, especially those wrapped by issetugid(). getenv()'s wrapped by issetugid() are safe, but issetugid() is ... difficult to impliment on many operating systems. By accident, a grand experiment was run over the last year, where issetugid() returned 1 (the safe value) on a few operating systems. Noone noticed & complained that certain environment variables were not working.......

fe3f7fc6

2015-02-10T23:49:31

Add experimental AIX support. This includes a WIP failsafe issetugid for now, while research continues on the proper way to do this in a race-free fashion in AIX.

34bf96ce

2015-03-22T08:14:27

move define to CPPFLAGS

569177ea

2015-03-22T08:11:53

Merged support for using _OPENBSD_SOURCE on NetBSD 8.x

ad2a38ab

2015-03-22T06:18:18

rework CFLAGS/CPPFLAGS settings during configuration Move define adjustments to CPPFLAGS. Adjust user CFLAGS directly, do not override during configuration. USER_CFLAGS is not necessary to build libcompat_noopt correctly.

4106a08d

2015-03-22T06:03:43

check for build tools earlier in configuration

809fcf4e

2015-03-22T06:05:49

move clang flags adjustment next to the check, fix typo

dcf31221

2015-03-21T19:08:04

Merge native cygwin support

45065de1

2015-03-21T19:04:54

rework tests Makefile.am There are so many test exceptions that need handling that it is easier to simply edit it directly rather than doing autogeneration anymore. This also puts biotest and pidwraptest behind a new --enable-extratests option, so they are easy to run but are not enabled by default.

dd646a33

2015-03-18T19:12:42

enable libtls by default The API/ABI for the LibreSSL 2.1.x series is now fixed, so we can safely enable libtls it by default. This is useful for new OpenNTPD and OpenSMTPD releases as well. ok deraadt@ beck@ sthen@

73329d43

2015-03-08T19:56:03

update __STRICT_ALIGNMENT check

031f0aaa

2015-03-07T12:04:29

specify -static-libgcc for mingw builds Avoid external external dependencies on 32-bit windows builds.

bbf021e1

2015-03-08T01:35:20

Reuse _OPENBSD_SOURCE namespace on NetBSD (>=8.x)

213eb946

2015-03-07T12:02:57

avoid doubling user-specified cflags

9cad5993

2015-03-03T18:39:31

Drop test for adding -lssp again, not required with latest libtool Signed-off-by: Corinna Vinschen <github@cygwin.de>

98902539

2015-03-03T16:37:23

Add preliminary Cygwin support Signed-off-by: Corinna Vinschen <github@cygwin.de>

933820a0

2015-03-01T16:30:23

separate the BSWAP check from the action checks need to be unconditional with autoconf

8695b506

2015-03-01T15:57:21

check if the BSWAP assembly for ARM works before building

ab0d3e54

2015-02-24T19:39:16

add windows-specific hardening options This enables DEP and ALSR capabilities. Stack protection is enabled optionally, there are some extra linking steps required that make it difficult to enable by default.

347c03d3

2015-02-23T09:48:04

remove openat requirement for building certhash

49d80f0e

2015-02-19T21:16:55

add missing line continuation

a859b93f

2015-02-16T22:22:29

disable system issetugid on OS X since it is not fork-safe Noticed while testing similar code for AIX. ok beck@

ad7ac48d

2015-02-14T20:03:39

add strsep fallback for libtls

28311d43

2015-02-14T18:51:44

conditionally build certhash into openssl(1) For now, look for openat and symlink. We may switch to just needing symlink later.

a2233651

2015-01-21T06:14:24

add NetBSD shims for arc4random The current NetBSD release, 6.1.5, fails to reseed arc4random fork. Work around it by providing arc4random/getentropy shims. Revisit when NetBSD 7 is available.

f2d68c7d

2015-01-06T14:16:51

remove bash-style comparisons from tests

0308b63c

2014-12-08T11:08:45

Add support for HP-UX tested on: HP-UX 11.31 ia64, gcc 4.7.1(HP AllianceOne version) gcc 4.2.3(http://hpux.connect.org.uk) HP C/aC++ HP-UX defaults to use LP32 and it treats long as 32 bit (= 4 bytes). This build forces LP64 for treating long as 64 bit.

ec81c282

2015-01-06T17:45:14

catch GCC versions that only warn on unused flags Noticed while building with GCC 4.2 with HP-UX. Switching the ERROR to a WARN for a first release while we continue to survey the field.

4b7e7815

2015-01-05T21:21:23

quoting and ensure old_*flags are restored before the 'else'

872ecfd8

2015-01-05T20:31:34

preserve CFLAGS between hardening checks, enable mingw Allow hardening CFLAGS for mingw that do not cause link-time failures. Add proper quoting on flags for commas Check LDFLAGS for linker-only flags.

303b972d

2015-01-05T20:14:54

simplify hardening check logic, disable for mingw Rather than doing separate linker/compiler checks, just build a non-empty program with each so that the compiler will actually try to use the hardening features. Reduce redundancy in the macro calls by just setting the flag that was just tested. Also, disable hardening for mingw, since its trying to use a libssp-0.dll file that I can't find right now. The detected hardening flags break mingw builds currently.

813e7bda

2015-01-01T15:03:03

Change comments to remark on script not being needed for clang >= 5.1

701204bf

2014-12-31T07:06:49

Fix typo causing output of clang test to read "CLANG" instead of yes/no

2dc0a6ac

2014-12-30T15:13:19

Merge recent upstream changes with compiler hardening Conflicts: configure.ac

23c90228

2014-12-27T16:34:02

enable __STRICT_ALIGNMENT on sparc

a6c07234

2014-12-23T05:24:24

configure.ac: use executable hardening where available Where available, enable stack smashing protection, fortify source, no-strict-overflow, and read only relocations. Many Linux distributions automatically enable most of these options. They are no brainers. The difference introduced here is in asking for a few more aggressive options. An option to disable the more aggressive options is provided (--disable-hardening). When set, configure will fall back to the default CFLAGS on the system - in many cases that will still be hardened. There is no point in going further than that. Options enabled are: -fstack-protector-strong is a relatively new GCC-4.9 feature that is supposed to give a better balance between performance and protection. -all is considered too aggressive, but was used in Chromium and other security critical systems until -strong became available. Follow their lead and use -strong when possible. clang 6.0 supports -all but not -strong. _FORTIFY_SOURCE replaces certain unsafe C str* and mem* functions with more robust equivalents when the compiler can determine the length of the buffers involved. -fno-strict-overflow instructs GCC to not make optimizations based on the assumption that signed arithmetic will wrap around on overflow (e.g. (short)0x7FFF + 1 == 0). This prevents the optimizer from doing some unexpected things. Further improvements should trap signed overflows and reduce the use of signed to refer to naturally unsigned quantities. I did not set -fPIE (position independent executables). The critical function of Open/LibreSSL is as a library, not an executable. Tested on Ubuntu Linux 14.04.1 LTS, OS X 10.10.1 with "make check". Signed-off-by: Jim Barlow <jim@purplerock.ca>

164f684e

2014-12-23T04:38:43

configure.ac: Modify clang check to save result to a variable ...and leave a note that -Qunused-arguments is being applied to CFLAGS not LDFLAGS, probably in error.

04158cd4

2014-12-21T23:14:02

do not mark GNU_STACK WX in ELFs generated from assembly When generating ELF objects from assembly, gcc and clang mark the GNU_STACK program headers as RWX by default. This is a security issue, so we make sure it is marked only RW. This modifies Anthony G. Basile's original patch for Linux to set .note.GNU-stack whenever the assembler supports it. It is surprising that any modern toolchain would enable an executable stack without an explicit request. The number of programs that need an executable stack is surely much smaller than the number of programs that include assembly.

d2342f36

2014-12-14T16:42:47

allow Windows DLLs to be built based on a patch from Jan Engelhardt

03cd45e2

2014-12-06T18:43:58

Enable optimized crypto operations for x86_64 This adds initial support for assembly crypto acceleration on x86_64 for ELF (Linux, *BSD, Solaris) and Mach-O (OS-X) systems. The build method is a little different than OpenSSL and OpenBSD. All the .s files are generated ahead of time when the tarball is generated, so there are no complicated makefile rules at configure/build time. This also means the builds are faster and perl is not required on the build system. Thanks to Wouter Clarie for providing the initial cleanup and patch that this is based on.

976f64d9

2014-12-06T18:59:25

read all library versions directly from files This makes building and testing easier because the library Makefile.am files are use directly rather than as templates. Thanks to Wouter Clarie for the idea.

b3270494

2014-12-04T22:37:22

add support for building libtls Use './configure --enable-libtls' to build the library and install the associated manpages. Note that the API and ABI of this library may change still, though feedback is welcome. ok deraadt@ jsing@ tedu@

1bbde19a

2014-11-20T00:24:20

add minimal poll(2) implementation for Windows This provides sufficient functionality to run openssl(1) from a Windows console. This is based on the original select-based version from from songdongsheng@live.cn. Changes: * use nfds_t directly for iterating the fds. * add WSAGetLastError -> errno mappings * handle POLLHUP and the OOB data cases for revents * handle sparse arrays of fds correctly * KNF style updates * teach poll how to handle file handles as well as sockets This handles the socket/non-socket issue by alternating a loop between WaitForMultipleObjects for non-sockets and and select for sockets. One would think this would be terrible for performance, but as of this writing, poll consumes about 6% of the time doing a bulk transfer between a Linux box and 'openssl.exe s_server'. I tried to implement this all in terms of WaitForMultipleObjects with a select 'poll' at the end to get extra specific socket status. However, the cost of setting up an event handle for each socket, setting the WSAEventSelect attributes, and cleaning them up reliably was pretty high. Since the event handle associated with a socket is also global, creating a new one cancels the previous one or can be disabled externally. In addition, the 'FD_WRITE' status of a socket event handle does not behave in an expected fashion, being triggered by an edge on a write event rather than being level triggered. Another fun horror story is how stdin in windows might be a console, it might be a pipe, it might be something else. If these all worked in the same way, it would be great. But, since a console-stdin can also signal on a mouse or window event, it means we can easily get stuck in a blocking read (you can't make stdin non-blocking) if the non-character events are not filtered out. So, poll does that too. See here for various additional horror stories: http://www.postgresql.org/message-id/4351.1336927207@sss.pgh.pa.us

7f0646f6

2014-11-19T06:26:38

Update win32 build defines

d84aa5cb

2014-11-03T21:06:40

Quiet clang warnings about unused arguments in general. Check if we are using clang, rather than simply if we are on OS X. Note: recent LLVM releases do not seem to need this anyway.

94ec2b6b

2014-11-03T21:05:47

make 'autoreconf' work from dist tarball We need to include VERSION for it to run.

0aeb93b9

2014-10-27T19:22:03

override native arc4random_buf on FreeBSD The FreeBSD-native arc4random_buf implementation falls back to weak sources of entropy if the sysctl fails. Remove these dangerous fallbacks by overriding locally. Unfortunately, pthread_atfork() is broken on FreeBSD (at least 9 and 10) if a program does not link to -lthr. Callbacks registered with pthread_atfork() simply fail silently. So, it is not always possible to detect a PID wraparound. I wish we could do better. This improves arc4random_buf's safety compared to the native FreeBSD implementation. Tested on FreeBSD 9 and 10. ok beck@ deraadt@

kc3-lang/libressl/configure.ac

configure.ac

Log