Commit Graph

116 Commits

Author SHA1 Message Date
Richard Levitte
f9b3bff6f7 First tentative impementation of Kerberos 5 cryptos and keys for SSL/TLS. Implemented by Vern Staats <staatsvr@asc.hpc.mil>, further hacked and distributed by Jeffrey Altman <jaltnab@columbia.edu> 2000-11-30 22:53:34 +00:00
Lutz Jänicke
89c16ab53e Some platforms (namely HP-UX) require the 'x' bit set for shared libraries.
For performance reasons, it is also recommended to make the (mmap'ed)
shared library 'read-only'.
-> New permissions for installed shared libraries = 555

This doesn't hurt anybody, provided the installation is performed with
'cp -f' :-)
2000-11-14 11:05:10 +00:00
Lutz Jänicke
305db17b5f HP-UX shared libraries do not build any longer, as EX_LIBS contains
"-Wl,+s" instead of +s:
* Hardcoded necessary references to -ldld/-ldl into the build rules and
  removed EX_LIBS.

HP-UX records the pathnames of dependent libraries when the shared libs
are built, so that ./libcrypto.sl... is recorded in libssl.sl..., with
"./" not being resolvable when running an application linked against -lssl:
* Build libssl without explicit reference to libcrypto, applications will
  be linked with "-lssl -lcrypto" anyway.

Document these informations in Makefile.org.
2000-11-13 14:40:07 +00:00
Richard Levitte
f777408fc5 For a long time, I've wanted to be able to easily run one or a few
individual tests.  I finally got myself to implement it...
2000-11-12 20:24:30 +00:00
Richard Levitte
ccb9643f02 Remove references to RSAref. The glue library is but a memory to fade
away now...
2000-11-08 17:51:37 +00:00
Richard Levitte
6b77e6d7f3 Make sure that shared libraries get the internal name engine with the
full version number and not just 0.  This should mark the shared
libraries as not backward compatible.  Of course, this should be
changed again when we can guarantee backward binary compatibility.
2000-11-06 06:52:47 +00:00
Richard Levitte
dcea8e12e2 Add support for shared libraries under Irix.
Submitted by Albert Chin-A-Young <china@thewrittenword.com>
2000-11-01 00:05:04 +00:00
Richard Levitte
26b264795d Rename true64 to the correct tru64.
Suggested by Albert Chin-A-Young <china@thewrittenword.com>
2000-10-31 23:39:08 +00:00
Richard Levitte
eb64730b9c The majority of the OCSP code from CertCo. 2000-10-27 11:05:35 +00:00
Richard Levitte
5270e7025e Merge the engine branch into the main trunk. All conflicts resolved.
At the same time, add VMS support for Rijndael.
2000-10-26 21:07:28 +00:00
Richard Levitte
9dd0463852 When building shared libraries on HP-UX 10.20 and HP-UX 11.00 (32bit),
ld warns that -Fl "may not be supported in future releases".  We know
that, and are doing things in HP-UX 11 (64bit), so turn off that
warning with +vnocompatwarnings.
2000-10-22 21:37:39 +00:00
Richard Levitte
5cb5715f97 It seems like grep isn't as capable as I thought on some Unix systems.
Use egrep instead.
2000-10-22 16:46:47 +00:00
Richard Levitte
0fd44e2ddb Add what's needed to get shared libraries on HP-UX.
N.B.: This has not been tested at all, that's my next step.
2000-10-21 21:24:11 +00:00
Richard Levitte
3ab5651112 The experimental Rijndael code moved to the main trunk.
make update done.
2000-10-14 20:09:54 +00:00
Richard Levitte
a22fb399cb Rework the system to generate shared libraries:
- Make note of the expected extension for the shared libraries and
    if there is a need for symbolic links from for example libcrypto.so.0
    to libcrypto.so.0.9.7.  There is extended info in Configure for
    that.

  - Make as few rebuilds of the shared libraries as possible.

  - Still avoid linking the OpenSSL programs with the shared libraries.

  - When installing, install the shared libraries separately from the
    static ones.
2000-10-13 15:25:06 +00:00
Richard Levitte
7ba839bfe2 Make sure ranlib is only used on .a libraries. 2000-10-09 00:50:04 +00:00
Bodo Möller
2eaad87f36 Verbose output when installing manual pages so that you see that
something is going on (and what).
2000-09-26 12:23:55 +00:00
Richard Levitte
6397710486 I'm using GNU tar... 2000-09-21 07:15:52 +00:00
Richard Levitte
c59cb511f3 Allow reconfiguration. This can be useful if some source update
requires that you configure again, but you don't want to reenter all
those configuration arguments again.
2000-08-17 10:23:45 +00:00
Richard Levitte
3009458e2f MD4 implemented. Assar Westerlund provided the digest code itself and the test utility, I added the bits to get a EVP interface, the command line utility and the speed test 2000-08-14 14:05:53 +00:00
Richard Levitte
bb1c9dcc3b It's probably a good idea to make the shared libraries depend in EX_LIBS. 2000-08-02 03:52:49 +00:00
Richard Levitte
96f3b56c8c A few corrections with the shared library support:
1. make sure libssl.so becomes dependent on libcrypto.so
2. correct a number of silly bugs in the solaris-shared target, and make
   sure lib*.so also depends on libc.so.
2000-08-02 03:03:17 +00:00
Richard Levitte
ccb9aae905 Add support for solaris shared libraries, currently just experimental
(there's no way to get it through configuration yet).
2000-07-24 20:50:21 +00:00
Richard Levitte
f4316c36df Avoid loops, and make sure that it's possible to still build shared
libraries even if the "shared" configuration option wasn't chosen.
2000-07-24 20:36:46 +00:00
Richard Levitte
b436a98257 Redo and enhance the support for building shared libraries. Currently
there's support for building under Linux and True64 (using examples
from the programming manuals), including versioning that is currently
the same as OpenSSL versions but should really be a different series.

With this change, it's up to the users to decide if they want shared
libraries as well as the static ones.  This decision now has to be
done at configuration time (well, not really, those who know what they
do can still do it the same way as before).

The OpenSSL programs (openssl and the test programs) are currently
always linked statically, but this may change in the future in a
configurable manner.  The necessary makefile variables to enable this
are in place.

Also note that I have done absolutely nothing about the Windows target
to get something similar.  On the other hand, DLLs are already the
default there, but without versioning, and I've no idea what the
possibilities for such a thing are there...
2000-07-21 15:08:53 +00:00
Richard Levitte
c2bbf9cf6c I got sick and tired of having to keep track of NIDs when such a thing
could be done automagically, much like the numbering in libeay.num and
ssleay.num.  The solution works as follows:

  - New object identifiers are inserted in objects.txt, following the
    syntax given in objects.README.
  - objects.pl is used to process obj_mac.num and create a new
    obj_mac.h.
  - obj_dat.pl is used to create a new obj_dat.h, using the data in
    obj_mac.h.

This is currently kind of a hack, and the perl code in objects.pl
isn't very elegant, but it works as I intended.  The simplest way to
check that it worked correctly is to look in obj_dat.h and check the
array nid_objs and make sure the objects haven't moved around (this is
important!).  Additions are OK, as well as consistent name changes.
2000-07-05 02:45:36 +00:00
Bodo Möller
3f39e5ae6c Using speaking "variable" names in macros so that e.g. grepping for
sk_whatever_insert and sk_whatever_set immediately reveals the subtle
difference in parameter order.

Change mkstack.pl so that safestack.h is not rewritten when
nothing has changed.
2000-06-17 23:41:44 +00:00
Geoff Thorpe
e41c8d6ad4 This change will cause builds (by default) to not use different STACK
structures and functions for each stack type. The previous behaviour
can be enabled by configuring with the "-DDEBUG_SAFESTACK" option.
This will also cause "make update" (mkdef.pl in particular) to
update the libeay.num and ssleay.num symbol tables with the number of
extra functions DEBUG_SAFESTACK creates.

The way this change works is to accompany each DECLARE_STACK_OF()
macro with a set of "#define"d versions of the sk_##type##_***
functions that ensures all the existing "type-safe" stack calls are
precompiled into the underlying stack calls. The presence or abscence
of the DEBUG_SAFESTACK symbol controls whether this block of
"#define"s or the DECLARE_STACK_OF() macro is taking effect. The
block of "#define"s is in turn generated and maintained by a perl
script (util/mkstack.pl) that encompasses the block with delimiting
C comments. This works in a similar way to the auto-generated error
codes and, like the other such maintenance utilities, is invoked
by the "make update" target.

A long (but mundane) commit will follow this with the results of
"make update" - this will include all the "#define" blocks for
each DECLARE_STACK_OF() statement, along with stripped down
libeay.num and ssleay.num files.
2000-06-01 05:13:52 +00:00
Dr. Stephen Henson
439df5087f Fix c_rehash script, add -fingerprint option to crl. 2000-05-18 00:33:00 +00:00
Geoff Thorpe
9ec0126ed2 This commit ties the new DSO code (crypto/dso/) into the build for a
variety of platforms. A few are missing, and they will be added in
eventually, but as this is new stuff, it was better to not break lots of
platforms in one go that we can't easily test. The changes to "Configure"
should illustrate how to add support to other systems if you feel like
having a go.

NB: I'll add something shortly to allow you to add "dlfcn.h" support on
those platforms that don't have (or need) a dlfcn.h header file. (The
symbol for Configure will probably by "dlfcn_no_h").

Thanks to Richard Levitte, who is responsible for the dso_dl.c support,
understanding the trickier aspects of the build process, and giving great
feedback on everything else.

[Don't use this stuff if you're easily offended by changes to the
interface or behaviour - it's still work in progress.]

PR:
2000-04-04 22:32:19 +00:00
Bodo Möller
98ff3937bb SSL_ALLOW_ADH no longer has a meaning. 2000-03-14 16:05:19 +00:00
Bodo Möller
97025c5fc0 Manual page installation did not work if INSTALL_PREFIX was a relative path. 2000-03-09 15:04:27 +00:00
Ulf Möller
a4709b3d88 Shared library support for Solaris and HPUX
by Lutz Behnke and by Lutz Jaenicke.

Hopefully we'll have a unified way of handling shared libraries when
we move to autoconf...
2000-02-28 19:14:46 +00:00
Bodo Möller
5946ede512 In "make clean", delete files created by "make report". 2000-02-25 14:34:55 +00:00
Richard Levitte
2dbb3ccd5c Make it possible to have differing tar versions. 2000-02-24 01:59:55 +00:00
Ulf Möller
d7f0ab5ff4 New make target "report" to run util/selftest.pl 2000-02-23 23:47:05 +00:00
Ulf Möller
e1c55191cb Install manpages below OPENSSLDIR (I think it was meant to be this way?).
New variable for man directory.
2000-02-15 18:34:46 +00:00
Ulf Möller
02d034cc24 Create the man directories where the manpages will be put. 2000-02-15 18:21:33 +00:00
Richard Levitte
c6ce792fc5 Add a couple of forgotten $(PERL), and make the code to run pod2html a
tad more readable.
2000-02-14 16:55:23 +00:00
Bodo Möller
3ebf0be142 Corrections. 2000-02-11 17:18:50 +00:00
Bodo Möller
e6e7b5f3df Implement MD5-based "apr1" password hash. 2000-02-11 16:25:44 +00:00
Richard Levitte
1e8f28c491 des_modes is a section 7 manual, so let's make sure that's where it ends up 2000-02-07 18:25:26 +00:00
Ulf Möller
9d1a01be8f Source code cleanups: Use void * rather than char * in lhash,
eliminate some of the -Wcast-qual warnings (debug-ben-strict target)
2000-01-30 22:20:28 +00:00
Richard Levitte
3ac60a612e Use the pod2man that comes with OpenSSL. Make it so config(5) really
ends up in section 5.
2000-01-27 20:34:03 +00:00
Ulf Möller
5d82c5b3f4 Move ssl.pod to doc/ssl 2000-01-21 17:46:36 +00:00
Bodo Möller
af5eb82979 doc/man moved to doc/apps 2000-01-21 09:36:47 +00:00
Ulf Möller
4699af98e6 Don't build the testapps automatically because the openssl program now
has s/mime functionality.
2000-01-21 00:02:32 +00:00
Ulf Möller
2186cd8ef1 Document the RSA library. 2000-01-11 22:35:21 +00:00
Bodo Möller
3ea4404fd7 Unify doc/openssl.pod and doc/man/openssl.pod, which were almost the
same and now are identical.
The next step will be to delete doc/openssl.pod, this is just
to see the individual CVS deltas.
2000-01-08 18:08:02 +00:00
Bodo Möller
7328b0a89d Use basename instead of complicated sed line. 2000-01-08 17:45:30 +00:00