checking added, SHA256 PRF support added.
At present only RSA key exchange ciphersuites work with TLS v1.2 as the
new signature format is not yet implemented.
OPENSSL_NO_SSL_INTERN all ssl related structures are opaque
and internals cannot be directly accessed. Many applications
will need some modification to support this and most likely some
additional functions added to OpenSSL.
The advantage of this option is that any application supporting
it will still be binary compatible if SSL structures change.
different options:
"64" The build system will choose /POINTER_SIZE=64=ARGV if
the compiler supports it, otherwise /POINTER_SIZE=64.
"64=" The build system will force /POINTER_SIZE=64.
"64=ARGV" The build system will force /POINTER_SIZE=64=ARGV.
This meant alarger renumbering in util/libeay.num due to symbols
appearing in 1.0.0-stable and 1.0.1-stable. However, since there's
been no release on this branch yet, it should be harmless.
with turning trapping back on.
* test/maketests.com: Do the same check for /POINTER_SIZE=64=ARGV
here.
* test/clean-test.com: A new script for cleaning up.
directly in main(). 'if needed' also includes when argv is a 32 bit
pointer in an otherwise 64 bit environment.
* apps/makeapps.com: When using /POINTER_SIZE=64, try to use the additional
=ARGV, but only if it's supported. Fortunately, DCL is very helpful
telling us in this case.
Submitted by: Damien Miller <djm@mindrot.org>
Reviewed by: steve
Stop pkeyutl crashing if some arguments are missing. Also make str2fmt
tolerate NULL parameter.
SSL_[CTX_]set_not_resumable_session_callback.
Submitted by: Emilia Kasper (Google)
[A part of this change affecting ssl/s3_lib.c was accidentally commited
separately, together with a compilation fix for that file;
see s3_lib.c CVS revision 1.133 (http://cvs.openssl.org/chngview?cn=19855).]
PR#1999 broke fork detection by assuming HAVE_FORK was set for all platforms.
Include original HAVE_FORK detection logic while allowing it to be
overridden on specific platforms with -DHAVE_FORK=1 or -DHAVE_FORK=0
