summaryrefslogtreecommitdiffstats
path: root/os-dep (unfollow)
Commit message (Collapse)AuthorFilesLines
2020-06-28Configure: pick up options from older 'config'Richard Levitte1-1/+24
These options were coded in util/perl/OpenSSL/config.pm, but that got removed when the OpenSSL::config::main() function was removed. We're not putting them back, but in 'Configure'. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11230)
2020-06-28util/perl/OpenSSL/config.pm: refactor guess_system()Richard Levitte1-105/+103
There's no reason to have two different tables, when we can simply detect if the tuple elements are code or scalar. Furthermore, order is important in some cases, and that order is harder not to say impossible when maintaining two tables. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11230)
2020-06-28util/perl/OpenSSL/config.pm: remove expand() and use evalRichard Levitte1-10/+3
The strings we expand contain other variable references than just ${MACHINE}. Instead of having to remember what to expand, we simply evaluate the string as a, well, string. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11230)
2020-06-28config: Turn into a simple wrapperRichard Levitte1-5/+3
Now that Configure called config.pm's functions directly, the 'config' script doesn't have much else to do than to pass arguments. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11230)
2020-06-28util/perl/OpenSSL/config.pm: refactor map_guess()Richard Levitte2-384/+418
map_guess() is now table driven, just like get_system(). Additionally, it now takes a config hash table and returns one of its own. This way, 'Configure' can pass whatever it has already found to OpenSSL::config::get_platform(), and easily merge the returned hash table into its %config. This also gets rid of variables that we no longer need. That includes $PERL and all the $__CNF_ environment variables. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11230)
2020-06-28util/perl/OpenSSL/config.pm, Configure: move check of target with compilerRichard Levitte2-19/+18
Previously, ./config would check if "$target-$CC", then "$target" exists and choose the one that does. This is now moved to Configure. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11230)
2020-06-28util/perl/OpenSSL/config.pm: Rework determining compiler informationRichard Levitte1-70/+183
determine_compiler_settings() has been refactored to: - find a compiler if none has been given by the user - allow platform specific overrides, but only when the user didn't already specify a desired compiler - figure out the compiler vendor and version, making sure that the version number is deterministic - gather platform specific compiler information Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11230)
2020-06-28Remove OpenSSL::config::main(), it's not necessaryRichard Levitte1-81/+0
This also remove all option parsing. We leave that to Configure. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11230)
2020-06-28util/perl/OpenSSL/config.pm: Prefer POSIX::uname() over piping the commandRichard Levitte1-20/+17
POSIX::uname() has the advantage to work on non-POSIX systems as well, such as the Windows command prompt and VMS. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11230)
2020-06-28util/perl/OpenSSL/config.pm: Don't detect removed directories inRichard Levitte1-13/+0
This is much better handled in Configure. [There's another PR moving this to Configure, so this commit should eventually disappear because rebase] Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11230)
2020-06-28Initial rewrite of config as a Perl moduleRich Salz2-920/+928
- Use $^X; to find perl. - Big re-ordering: Put all variables at the top, move most inline code into functions. The heart of the script now basically just calls functions to do its work. - Unify warning text, add -w option - Don't use needless (subshells) - Ensure Windows gets a VC-xxx option - Make config a perl module - Top-level "config" command-line is a dummy that just calls the module. Added module stuff so that it can be called from Configure. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11230)
2020-06-28Add a test to make sure ASYNC aware code gets the right default libctxMatt Caswell1-1/+109
Even if a fibre changes the default libctx - or the main application code changes it, the "current" default libctx should remain consistent. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12228)
2020-06-28Make the ASYNC code default libctx awareMatt Caswell3-0/+27
Since the default libctx is now stored in a thread local variable swapping in and out of fibres in the ASYNC code could mean that the "current" default libctx can get confused. Therefore we ensure that everytime we call async_fibre_swapcontext() we always restore the default libctx to whatever it was the last time the fibre ran. Similarly when async_fibre_swapcontext() returns we need to restore the current thread's default libctx. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12228)
2020-06-28CORE: Add an internal function to distinguish the global default contextRichard Levitte3-6/+23
Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12228)
2020-06-28TEST: Add test to exercise OPENSSL_CTX_set0_default()Richard Levitte1-7/+45
Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12228)
2020-06-28Update NEWS and CHANGESRichard Levitte2-0/+23
NEWS and CHANGES hasn't mentioned OPENSSL_CTX before, so adding entries now. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12228)
2020-06-28CORE: Add OPENSSL_CTX_set0_default(), to set a default library contextRichard Levitte4-33/+77
Applications may want to set their own default library context, possibly per-thread. OPENSSL_CTX_set0_default() does that. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12228)
2020-06-27INSTALL.md: Restore $ as command prompt indicatorRichard Levitte1-22/+22
We have a notational convention in INSTALL.md, which says this among others: > Any line starting with a dollar sign is a command line. > > $ command > > The dollar sign indicates the shell prompt and is not to be entered as > part of the command. That notation exists to make it clear what is a command line and what's output from that command line. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/12257)
2020-06-27Configuration: do not overwrite BASE_unix ex_libs in AIXAttila Szakacs1-4/+4
BASE_unix sets ex_libs to `-lz` based the on zlib linking. AIX platforms overwrote this instead of adding to it. CLA: Trivial Signed-off-by: Attila Szakacs <attila.szakacs@oneidentity.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12271)
2020-06-27Reduce the security bits for MD5 and SHA1 based signatures in TLSKurt Roeckx21-1822/+1915
This has as effect that SHA1 and MD5+SHA1 are no longer supported at security level 1, and that TLS < 1.2 is no longer supported at the default security level of 1, and that you need to set the security level to 0 to use TLS < 1.2. Reviewed-by: Tim Hudson <tjh@openssl.org> GH: #10787
2020-06-27Fix syntax of cipher stringKurt Roeckx1-6/+6
Reviewed-by: Tim Hudson <tjh@openssl.org> GH: #10787
2020-06-26TEST: Add TODO segments in test/recipes/15-test_genec.tRichard Levitte1-17/+47
There currently do not support 'ec_param_enc:explicit' with provider side key generation. Reflect that by encoding the expected failure with a Test::More TODO section for those particular tests. Because the tests in this recipe are data driven, we implement this mechanism with two functions, one for stuff that's supported and one for stuff that isn't. Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/12080)