On Windows, we set INSTALLTOP to default as follows:
VC-WIN32:
PREFIX: %ProgramFiles(x86)%\OpenSSL
OPENSSLDIR: %CommonProgramFiles(x86)%\SSL
VC-WIN64*:
PREFIX: %ProgramW6432%\OpenSSL
OPENSSLDIR: %CommonProgramW6432%\SSL
Should those environment variables be missing, the following is used
as fallback:
PREFIX: %ProgramFiles%\OpenSSL
OPENSSLDIR: %CommonProgramFiles%\SSL
Reviewed-by: Andy Polyakov <appro@openssl.org>
This is a living document, everyone is encouraged to add to it.
Implementation details as well as broader implementation philosophy
has a place here.
I'm starting with documentation of the how conditions in build.info
files are treated.
Reviewed-by: Rich Salz <rsalz@openssl.org>
This is only enabled when the environment variable
CONFIGURE_DEBUG_BUILDINFO is defined. This will cause every line in
every build.info file to be displayed, along with the content of the
skip stack before and after parsing. This can be a very powerful tool
to see that all conditions are working as expected.
Reviewed-by: Rich Salz <rsalz@openssl.org>
In most builds, we can assume that engines live in the build tree
subdirectory "engines". This was hard coded into the tests that use
the engine ossltest.
However, that hard coding is tedious, it would need to be done in
every test recipe, and it's an incorrect assumption in some cases.
This change has us play it safe and let the build files tell the
testing framework where the engines are.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Some platforms claim to be POSIX but their getcontext() implementation
does not work. Therefore we update the ASYNC_is_capable() function to test
for this.
RT#4366
Reviewed-by: Richard Levitte <levitte@openssl.org>
util/mkdef.pl assumes it knows what the resulting library name will
be. Really, it shouldn't, but changing it will break classic native
Windows builds, so we leave it for now and change the LIBRARY line
externally when needed instead.
Reviewed-by: Matt Caswell <matt@openssl.org>
- Remove duplicate entry
- Add author for SSL_CIPHER query functions
- Note HKDF support in CHANGES and NEWS
[ci skip]
Reviewed-by: Richard Levitte <levitte@openssl.org>
Normally we always refer to source files relative to $SRCDIR in Makefiles.
However the reference to unix-Makefile.tmpl was using a fully expanded
absolute path. This can cause problems for Mingw.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
We don't currently support cross-compiling of the afalg engine. However
we were failing to explicitly mark it as disabled during Configure leading
to a failed build.
Reviewed-by: Richard Levitte <levitte@openssl.org>
TLSProxy starts s_server and specifies the number of client connects
it should expect. After that s_server is supposed to close down
automatically. However, if another test is then run then TLSProxy
will start a new instance of s_server. If the previous instance
hasn't closed down yet then the new instance can fail to bind to
the socket.
Reviewed-by: Richard Levitte <levitte@openssl.org>
In unix-Makefile.tmpl, this construction has been used a few times
if ! something; then ...
It seems, though, that some shells do not understand !, so these need
to be changed.
Reviewed-by: Rich Salz <rsalz@openssl.org>
This commit adds the general verify options of ocsp, verify,
cms, etc. to the openssl timestamping app as suggested by
Stephen N. Henson in [openssl.org #4287]. The conflicting
"-policy" option of "openssl ts" has been renamed to
"-tspolicy". Documentation and tests have been updated.
CAVE: This will break code, which currently uses the "-policy"
option.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
There are internal dependencies between the various cleanup functions.
This re-orders things to try and get that right.
Reviewed-by: Richard Levitte <levitte@openssl.org>
OBJ_cleanup() doesn't always get called from EVP_cleanup() so needs to be
explicitly called in de-init. Also BIO_sock_cleanup() also needs to be
called.
Reviewed-by: Richard Levitte <levitte@openssl.org>
With bash and zsh, the trap on the 5 second read does respond, but
doesn't break out of the read. What's worse is that it takes away the
5 second timer, and therefore has the read hang indefinitely and
(almost) unbreakable.
Having the trap do 'exit 0' after reseting the tty params has it break
out of read and continue with the configuration.
Other shells do not appear to have the issue described here, but
neither does the extra 'exit 0' appear to harm them.
Reviewed-by: Andy Polyakov <appro@openssl.org>