Commit Graph

69 Commits

Author SHA1 Message Date
Richard Levitte
c768ccebc7 Add exporters for CMake
CMake's older package finder, FindOpenSSL.cmake, does a best guess effort
and doesn't always get it right.

By CMake's own documentation, that's what such modules are (best effort
attempts), and package producers are (strongly) encouraged to help out by
producing and installing <PackageName>Config.cmake files to get a more
deterministic configuration.

The resulting OpenSSLConfig.cmake tries to mimic the result from CMake's
FindOpenSSL.cmake, by using the same variable and imported target names.
It also adds a few extra variables of its own, such as:

    OPENSSL_MODULES_DIR     Indicates the default installation directory
                            for OpenSSL loadable modules, such as providers.
    OPENSSL_RUNTIME_DIR     Indicates the default runtime directory, where
                            for example the openssl program is located.
    OPENSSL_PROGRAM         Is the full directory-and-filename of the
                            openssl program.

The imported targets OpenSSL::Crypto and OpenSSL::SSL are as precisely
specified as possible, so for example, they are specified with the both the
import library and the DLL on Windows, which should make life easier on that
platform.

For the moment, one of the following must be done in your CMake project for
this CMake configuration to take priority over CMake's FindOpenSSL.cmake:

-   The variable CMAKE_FIND_PACKAGE_PREFER_CONFIG must be set to true prior
    to the 'find_package(OpenSSL)' call.
-   The 'find_package' call itself must use the "Full Signature".  If you
    don't know any better, simply add the 'CONFIG' option, i.e. from this
    example:

        find_package(OpenSSL 3.0 REQUIRED)

    to this:

        find_package(OpenSSL 3.0 REQUIRED CONFIG)

Just as with the 'pkg-config' exporters, two variants of the .cmake files
are produced:

- Those in 'exporters/' are installed in the location that 'pkg-config'
  itself prefers for installed packages.
- Those in the top directory are to be used when it's desirable to build
  directly against an OpenSSL build tree.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20878)
2023-11-15 08:22:29 +01:00
Richard Levitte
2ac569a67b Clean up exporters, specifically those we have for pkg-config
The pkg-config exporters were a special hack, all in
Configurations/unix-Makefile.tmpl, and this was well and good as long
as that was the only main package interface configuration system that we
cared about.

Things have changed, though, so we move the pkg-config production to be
templatable in a more flexible manner.  Additional templates for other
interface configuration systems can then be added fairly easily.

Two variants of the .pc files are produced:

- Those in 'exporters/' are installed in the location that 'pkg-config'
  itself prefers for installed packages.
- Those in the top directory are to be used when it's desirable to build
  directly against an OpenSSL build tree.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20878)
2023-11-15 08:22:29 +01:00
Richard Levitte
b684ee2ce4 build.info: Introduce special syntax for dependencies on script modules
The DEPEND statement, when applied on files generated with GENERATE, may
be used to specify script modules that the template to be generated from
depends on.  In short, this sort of depend:

    DEPEND[generated]=util/perl/OpenSSL/something.pm

... would generate a perl run that has the inclusion directory
'util/perl/OpenSSL' and 'something' as the module to be loaded.  However,
the package name for this module is 'OpenSSL::something', so to load it the
way it's expected, the inclusion directory should be 'util/perl', and the
module to be loaded should be specified as 'OpenSSL/something' (to be
massaged into a proper module name by the build file template).

To allow this, we introduce a file syntax, where a single '|' is used as a
directory separator, to delineate what part should be used as the inclustion
directory, and which part the module name to be loaded should be derived
from:

    DEPEND[generated]=util/perl|OpenSSL/something.pm

Fixes #21112

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21117)
2023-06-08 07:53:10 +02:00
Pauli
b4a1231007 possible workaround
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20935)
2023-06-02 15:13:20 +10:00
Pauli
e84b5fcc1b params: provide a faster TRIE based param lookup.
The separate file is a Perl script that generates the appropriate define
directives for inclusion in core_names.h.  By having this separation it
will be possible to prebuild data structures to give faster access when
looking up parameters by name.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20935)
2023-06-02 15:13:20 +10:00
Richard Levitte
ef8040bce0 Remove include/openssl/configuration.h from mandatory dependencies
Since this file is generated by configdata.pm, there's no need to include it
among the mandatory dependencies (which end up in the `GENERATE_MANDATORY`
Makefile variable).  In fact, it shouldn't be there any more, as that would
also cause it to be removed by `make clean`.

To compensate, we add an explicit removal of that file in the `distclean`
target on all platform families.

Fixes #18396

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18398)
2022-05-25 22:41:06 +02:00
Richard Levitte
4d02d500aa Building: For the FIPS module checksum, keep track of configuration,h
The FIPS module checksum needs to know that configuration.h is
generated from configuration.h.in, so that information is conserved.
To make this possible, it's now possible to have attributes with the
GENERATE keyword, and the attribute "skip" is added to make a keyword
a no-op, which makes it informative only.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/16378)
2022-05-22 17:33:08 +02:00
Richard Levitte
2522889620 Configuration: produce include/openssl/configuration.h when configuring
The goal is to avoid having too much of the OpenSSL source rebuilt
because include/openssl/configuration.h, or even because it was a
Makefile target that was called upon (some make implementations
consider the use of a target as an update of that target, even if it
wasn't really updated).

To resolve this, we move the production of include/openssl/configuration.h
to configdata.pm, and only update it if there were any actual changes.

Fixes #16377

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/16378)
2022-05-22 17:33:08 +02:00
Richard Levitte
773e67ab82 Building: Add necessary dependencies for linker scripts and .rc files
These files depend on the data from configdata.pm, so need a dependency
on that one to always be properly updated.  The same goes for .rc files.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15717)
2021-06-11 17:22:44 +02:00
Tanzinul Islam
6afb36342d Build resource files
We need to compile with [brcc32.exe][1] and link with [ilink32.exe][2].
The latter expects the `.res` files to be given in the final comma-
separated section in the command line (after the `.def` file).

[1]: http://docwiki.embarcadero.com/RADStudio/Sydney/en/BRCC32.EXE,_the_Resource_Compiler
[2]: http://docwiki.embarcadero.com/RADStudio/Sydney/en/Using_ILINK32_and_ILINK64_on_the_Command_Line#Command-Line_Elements

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/13540)
2021-04-19 11:05:54 +02:00
Richard Levitte
e60a748a13 Configuration: ensure that 'no-tests' works correctly
'no-tests' wasn't entirely respected when specifying subdirs in the
top build.info.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14082)
2021-02-09 17:05:06 +10:00
Richard Levitte
b8393eae22 DOCS: Remove the "global" dependency on writing .pod files from .pod.in
The dependency was made in such a way that .pod.in -> .pod generation
would always be done, no matter what.  This changes the procedure so
that the generation is made "on demand", i.e. when the resulting .pod
files are needed.

This turned out to be duplicated dependencies, as the .pod -> .pod.in
dependencies were already in place.  Just removing the duplicate fixes
the situation.

'make build_all_generated' still works, for those who do want to have
all file generations performed.  (as a reminder, this is suitable to
generate the files a fast system and then copy the result to a slower
system, or system where there's no perl)

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14067)
2021-02-05 15:51:31 +01:00
Richard Levitte
0d11846e4b Remove duplicate GENERATE declarations for .pod files
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13824)
2021-01-12 11:25:55 +01:00
Matt Caswell
e82f45982c Fix some missed usage of DEFINE_LHASH_OF()
PR#12860 fixed issues with the Lhash code. It replaced usage of
DEFINE_LHASH_OF() in the public headers. Unfortunately it missed a couple
of instances.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13274)
2020-10-30 14:24:30 +00:00
Matt Caswell
efffd8a6e4 Update err.h to use the new lhash generation code
Generate the lhash macros for the ERR_STRING_DATA type

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12860)
2020-09-18 13:30:44 +01:00
Matt Caswell
9cedfc90ce Fix safestack issues in ui.h
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12781)
2020-09-13 11:11:21 +01:00
Matt Caswell
add3392727 Fix safestack issues in pkcs12.h
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12781)
2020-09-13 11:11:21 +01:00
Matt Caswell
15c3dcfc78 Fix safestack issues in crypto.h
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12781)
2020-09-13 11:11:21 +01:00
Matt Caswell
e74e562f1c Fix safestack issues in conf.h
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12781)
2020-09-13 11:11:20 +01:00
Matt Caswell
dd73147420 Fix safestack issues in bio.h
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12781)
2020-09-13 11:10:41 +01:00
Matt Caswell
1e14bca233 Fix safestack issues in ess.h
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12781)
2020-09-13 11:10:41 +01:00
Matt Caswell
0b28254015 Fix safestack issues in asn1t.h
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12781)
2020-09-13 11:10:41 +01:00
Matt Caswell
9d01ac71a0 Fix safestack issues in ct.h
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12781)
2020-09-13 11:10:41 +01:00
Matt Caswell
98c35dc48d Fix safestack issues in crmf.h
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12781)
2020-09-13 11:10:41 +01:00
Matt Caswell
c5a5581127 Fix safestack issues in x509_vfy.h
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12781)
2020-09-13 11:10:41 +01:00
Matt Caswell
22fbfe6a7d Fix safestack issues in srp.h
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12781)
2020-09-13 11:10:41 +01:00
Matt Caswell
02199cc39d Fix safestack issues in pkcs7.h
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12781)
2020-09-13 11:10:41 +01:00
Matt Caswell
fd3ed85c67 Fix safestack issues in ocsp.h
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12781)
2020-09-13 11:10:41 +01:00
Matt Caswell
904e1f92b3 Fix safestack issues in cms.h
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12781)
2020-09-13 11:10:41 +01:00
Matt Caswell
798f932980 Fix safestack issues in cmp.h
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12781)
2020-09-13 11:10:40 +01:00
Matt Caswell
b4780134df Fix safestack issues in asn1.h
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12781)
2020-09-13 11:10:40 +01:00
Matt Caswell
24c4ea958e Fix stacks of OPENSSL_STRING, OPENSSL_CSTRING and OPENSSL_BLOCK
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12781)
2020-09-13 11:10:39 +01:00
Matt Caswell
e144fd36ce Fix safestack issues in x509v3.h
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12781)
2020-09-13 11:09:45 +01:00
Matt Caswell
e6623cfbff Fix safestack issues in x509.h
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12781)
2020-09-13 11:09:45 +01:00
Matt Caswell
6ac1cd10ba Fix safestack issues in ssl.h
We fix 3 problems with safestack:
- Including an openssl header file without linking against libcrypto
  can cause compilation failures (even if the app does not otherwise need
  to link against libcrypto). See issue #8102
- Recent changes means that applications in no-deprecated builds will need
  to include additional macro calls in the source code for all stacks that
  they need to use - which is an API break. This changes avoids that
  necessity.
- It is not possible to write code using stacks that works in both a
  no-deprecated and a normal build of OpenSSL. See issue #12707.

Fixes #12707
Contains a partial fix for #8102. A similar PR will be needed for hash to
fully fix.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12781)
2020-09-13 11:09:45 +01:00
Pauli
77ae4f6ff7 engines: fixed to work with EVP_*_meth calls deprecated
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11082)
2020-07-22 20:19:01 +10:00
Rich Salz
3121425830 Add --fips-key configuration parameter to fipsinstall application.
Change default FIPS HMAC KEY from all-zero's
Use default FIPSKEY if not given on command line.
Make all -macopt in fipsinstall optional
Make all tests, except fipsinstall, use the default -macopt and
-mac_name flags.
Define and use FIPSDIR variable on VMS/MMS.
Also use SRCDIR/BLDDIR in SRCTOP/BLDTOP.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12235)
2020-06-29 12:20:41 +10:00
Richard Levitte
46994f7163 Add better support for using deprecated symbols internally
OPENSSL_SUPPRESS_DEPRECATED only does half the job, in telling the
deprecation macros not to add the warning attribute.  However, with
'no-deprecated', the symbols are still removed entirely, while we
might still want to use them internally.

The solution is to permit <openssl/opensslconf.h> macros to be
modified internally, such as undefining OPENSSL_NO_DEPRECATED in this
case.

However, with the way <openssl/opensslconf.h> includes
<openssl/macros.h>, that's easier said than done.  That's solved by
generating <openssl/configuration.h> instead, and add a new
<openssl/opensslconf.h> that includes <openssl/configuration.h> as
well as <openssl/macros.h>, thus allowing to replace an inclusion of
<openssl/opensslconf.h> with this:

    #include <openssl/configuration.h>

    #undef OPENSSL_NO_DEPRECATED
    #define OPENSSL_SUPPRESS_DEPRECATED

    #include <openssl/macros.h>

Or simply add the following prior to any other openssl inclusion:

    #include <openssl/configuration.h>

    #undef OPENSSL_NO_DEPRECATED
    #define OPENSSL_SUPPRESS_DEPRECATED

Note that undefining OPENSSL_NO_DEPRECATED must never be done by
applications, since the symbols must still be exported by the
library.  Internal test programs are excempt of this rule, though.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10608)
2019-12-13 10:09:49 +01:00
Richard Levitte
df8f116ecd Add doc/build.info to build the documentation
This build.info is entirely generated when configuring

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6236)
2019-11-29 09:51:17 +01:00
Rich Salz
9fcb9702fb Infrastructure for templated doc in POD files
Use new doc-build capabilities
Add -i flag to dofile.
Add doc/man1 to SUBDIRS for the new templated doc files
Rewrite commit a397aca (merged from PR 10118) to use the doc-template stuff.
Put template references in common place
Template options and text come at the end of command-specific options:
opt_x, opt_trust, opt_r (in that order).
Refactor xchain options.
Do doc-nits after building generated sources.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10159)
2019-10-31 14:19:29 +01:00
Richard Levitte
f3866324f0 Generate include/openssl/opensslv.h
The added benefit is that the result becomes much simple, and easier to
digest for those that still rely on the pre-3.0 opensslv.h contents.

Fixes #10203

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10205)
2019-10-18 12:22:00 +02:00
Richard Levitte
70d9675342 Building: Add modules with DEPENDs to GENERATEd files
For files GENERATEd from templates (.in files), any perl module (.pm
file) that the file depends on will automatically be used.

This means that these two lines:

    GENERATE[foo]=foo.in
    DEPEND[foo]=whatever.pm

will emit this command in a Makefile (or corresponding):

    foo: foo.in whatever.pm configdata.pm
    $(PERL) -I. -Ipathto -Mwhatever -Mconfigdata $(SRCDIR)/util/dofile.pl \\
        foo.in > foo

Note that configdata.pm is automatically added, since util/dofile.pl
itself depends on it.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10162)
2019-10-14 16:58:20 +02:00
Dr. Matthias St. Pierre
25f2138b0a Reorganize private crypto header files
Currently, there are two different directories which contain internal
header files of libcrypto which are meant to be shared internally:

While header files in 'include/internal' are intended to be shared
between libcrypto and libssl, the files in 'crypto/include/internal'
are intended to be shared inside libcrypto only.

To make things complicated, the include search path is set up in such
a way that the directive #include "internal/file.h" could refer to
a file in either of these two directoroes. This makes it necessary
in some cases to add a '_int.h' suffix to some files to resolve this
ambiguity:

  #include "internal/file.h"      # located in 'include/internal'
  #include "internal/file_int.h"  # located in 'crypto/include/internal'

This commit moves the private crypto headers from

  'crypto/include/internal'  to  'include/crypto'

As a result, the include directives become unambiguous

  #include "internal/file.h"       # located in 'include/internal'
  #include "crypto/file.h"         # located in 'include/crypto'

hence the superfluous '_int.h' suffixes can be stripped.

The files 'store_int.h' and 'store.h' need to be treated specially;
they are joined into a single file.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9333)
2019-09-28 20:26:34 +02:00
Matt Caswell
16da72a824 Move where include path for providers/common/include gets specified
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8728)
2019-05-23 11:02:04 +01:00
Matt Caswell
861b8f8747 Add the provider_algs.h internal header file
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8700)
2019-04-19 09:31:54 +01:00
Matt Caswell
8a73348be0 Add a skeleton default provider
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8513)
2019-03-21 09:23:38 +00:00
Richard Levitte
f5fb6f0543 Rework building: Get rid of old %unified_info structures
Now that we have the names of libraries on different systems
established through platform modules, we can remove the old structure
to establish the same thing, i.e. $unified_info{sharednames} and
$unified_info{rename}.  That means removing support for the RENAME and
SHARED_NAME keywords in build.info as well.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7473)
2019-01-21 19:31:32 +01:00
Richard Levitte
3a63dbef15 Switch to MAJOR.MINOR.PATCH versioning and version 3.0.0-dev
We're strictly use version numbers of the form MAJOR.MINOR.PATCH.
Letter releases are things of days past.

The most central change is that we now express the version number with
three macros, one for each part of the version number:

    OPENSSL_VERSION_MAJOR
    OPENSSL_VERSION_MINOR
    OPENSSL_VERSION_PATCH

We also provide two additional macros to express pre-release and build
metadata information (also specified in semantic versioning):

    OPENSSL_VERSION_PRE_RELEASE
    OPENSSL_VERSION_BUILD_METADATA

To get the library's idea of all those values, we introduce the
following functions:

    unsigned int OPENSSL_version_major(void);
    unsigned int OPENSSL_version_minor(void);
    unsigned int OPENSSL_version_patch(void);
    const char *OPENSSL_version_pre_release(void);
    const char *OPENSSL_version_build_metadata(void);

Additionally, for shared library versioning (which is out of scope in
semantic versioning, but that we still need):

    OPENSSL_SHLIB_VERSION

We also provide a macro that contains the release date.  This is not
part of the version number, but is extra information that we want to
be able to display:

    OPENSSL_RELEASE_DATE

Finally, also provide the following convenience functions:

    const char *OPENSSL_version_text(void);
    const char *OPENSSL_version_text_full(void);

The following macros and functions are deprecated, and while currently
existing for backward compatibility, they are expected to disappear:

    OPENSSL_VERSION_NUMBER
    OPENSSL_VERSION_TEXT
    OPENSSL_VERSION
    OpenSSL_version_num()
    OpenSSL_version()

Also, this function is introduced to replace OpenSSL_version() for all
indexes except for OPENSSL_VERSION:

    OPENSSL_info()

For configuration, the option 'newversion-only' is added to disable all
the macros and functions that are mentioned as deprecated above.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7724)
2018-12-06 12:24:47 +01:00
Richard Levitte
547a3320fc Doc: add doc/man7/openssl_user_macros.pod.in
This manual is a start to describe macros that users can use to affect
what symbols are exported by the public header files.

Because the macro OPENSSL_API_COMPAT has a default that's affected by
configuration choices, we must make it a generated manual.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/7742)
2018-12-03 10:00:14 +01:00
Richard Levitte
75d47db49d Simplify the processing of skipped source directories
We kept a number of arrays of directory names to keep track of exactly
which directories to look for build.info.  Some of these had the extra
function to hold the directories to actually build.

With the added SUBDIRS keyword, these arrays are no longer needed.
The logic for skipping certain directories needs to be kept, though.
That is now very much simplified, and is made opportunistic.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7558)
2018-11-05 09:28:37 +01:00