Commit graph

902 commits

Author SHA1 Message Date
Richard Levitte
ccf73257f6 Adjust $default_depflags to changes in Configure
We use $default_depflags to check if a 'make depend' is needed after
configuring, so it needs to be kept up to date.

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-01-11 11:06:28 +01:00
Viktor Dukhovni
c2e27310c7 Enable/disable crypto-mdebug just like other features
Also always abort() on leak failure.

Reviewed-by: Stephen Henson <steve@openssl.org>
2016-01-11 02:41:16 +00:00
Mat
3e45d39347 Adds crypto-mdebug as a valid option
Adds crypto-mdebug as a valid option. Fixes https://github.com/openssl/openssl/issues/537

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-01-09 19:02:41 -05:00
Mat
85d7bdf036 Fix build failure on Windows
Fixes https://github.com/openssl/openssl/issues/530

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-01-09 18:11:07 -05:00
Viktor Dukhovni
98186eb4e4 Backwards-compatibility subject to OPENSSL_API_COMPAT
Provide backwards-compatiblity for functions, macros and include
files if OPENSSL_API_COMPAT is either not defined or defined less
than the version number of the release in which the feature was
deprecated.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-07 20:53:18 -05:00
Rich Salz
bbd86bf542 mem functions cleanup
Only two macros CRYPTO_MDEBUG and CRYPTO_MDEBUG_ABORT to control this.
If CRYPTO_MDEBUG is not set, #ifdef out the whole debug machinery.
        (Thanks to Jakob Bohm for the suggestion!)
Make the "change wrapper functions" be the only paradigm.
Wrote documentation!
Format the 'set func' functions so their paramlists are legible.
Format some multi-line comments.
Remove ability to get/set the "memory debug" functions at runtme.
Remove MemCheck_* and CRYPTO_malloc_debug_init macros.
Add CRYPTO_mem_debug(int flag) function.
Add test/memleaktest.
Rename CRYPTO_malloc_init to OPENSSL_malloc_init; remove needless calls.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-07 15:14:18 -05:00
Andy Polyakov
91cf7551a1 Configure: refine 'reconf' logic.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-22 10:32:08 +01:00
Rich Salz
2503af2684 Fix typo.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-12-16 17:58:32 -05:00
Rich Salz
2e31ef0366 Provide better "make depend" warning.
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-12-16 17:43:41 -05:00
Ben Laurie
a7a14a23a9 Fix no-dgram.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-12-16 21:31:56 +00:00
Rich Salz
2ab9687479 Remove GMP engine.
Reviewed-by: Ben Laurie <ben@openssl.org>
2015-12-15 07:59:56 -05:00
Andy Polyakov
22c2e80f89 Configure: add framework for ChaCha and Poly1305 assembly.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-13 20:56:50 +01:00
Andy Polyakov
0c14d44254 Configure: 'reconf' to respect CROSS_COMPILE and CC.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-13 20:54:22 +01:00
Kurt Roeckx
a5ecdc6af8 Use OPENSSL_NO_DTLS instead of OPENSSL_NO_DTLS1
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-12 12:07:14 +01:00
Andy Polyakov
48f1484555 Configure: make no-chacha and no-poly1305 work.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-10 12:05:50 +01:00
Ben Laurie
28cbe2ab4a Link library for backtrace() on BSD...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-09 13:37:30 +00:00
Richard Levitte
16b6081e0d Fix ./Configure reconf
'./Configure reconf' hasn't been working for a while, because a perl
lable needs to be immediately followed by a block.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-12-02 19:39:36 +01:00
Richard Levitte
a1d3f3d1d0 Move the backtrace memleak options to a separate variable
The contents of this variable ($memleak_devteam_backtrace) is added to
$cflags unless we build for a platform we know doesn't support gcc's
-rdynamic och backtrace() and friends.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-12-02 19:20:45 +01:00
Richard Levitte
012c540850 Add backtrace to memory leak output
This is an option for builds with gcc and --strict-warnings.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-02 16:49:08 +01:00
Richard Levitte
de17db915e Drop the old perl start magic and replace it with a normal shebang
perlrun(1) leads the way.

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-11-24 14:06:45 +01:00
Jacob Bandes-Storch
f4d8f03755 Add perl modeline to Configure scripts
Encourages GitHub to perform proper syntax highlighting.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-11-24 13:12:57 +01:00
Richard Levitte
6703c4ea87 Make the match for previous cflags a bit more strict
./Configure [target] --strict-warnings -Wno-pedantic-ms-format
would not add '-pedantic' because it matches '-Wno-pedantic-ms-format',
which was added first.

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-11-09 09:50:56 +01:00
Richard Levitte
489eb74090 Make Configure die when unsupported options are given
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-10-22 17:37:10 +02:00
Richard Levitte
8b527be2db Add an explicit list of options that can be disabled, enabled, ...
Configure has, so far, had no control at all of which 'no-' options it
can be given.  This means that, for example, someone could configure
with something absurd like 'no-stack' and then watch the build crumble
to dust...  or file a bug report.

This introduces some sanity into the possible choices.

The added list comes from looking for the explicit ones used in
Configure, and from grepping after OPENSSL_NO_ in all source files.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-10-22 17:37:10 +02:00
Emilia Kasper
58dd1ce91a make depend: prefer clang over makedepend
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-10-14 17:10:20 +02:00
Alessandro Ghedini
f386742cfb GH429: Add clang to travis
Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-10-13 14:04:53 -04:00
David Woodhouse
984d6c6052 Fix no-stdio build
Much related/similar work also done by
Ivan Nestlerode <ivan.nestlerode@sonos.com>

   +Replace FILE BIO's with dummy ops that fail.
   +Include <stdio.h> for sscanf() even with no-stdio (since the declaration
    is there). We rely on sscanf() to parse the OPENSSL_ia32cap environment
    variable, since it can be larger than a 'long'. And we don't rely on the
    availability of strtoull().
   +Remove OPENSSL_stderr(); not used.
   +Make OPENSSL_showfatal() do nothing (currently without stdio there's
    nothing we can do).
   +Remove file-based functionality from ssl/. The function
    prototypes were already gone, but not the functions themselves.
   +Remove unviable conf functionality via SYS_UEFI
   +Add fallback definition of BUFSIZ.
   +Remove functions taking FILE * from header files.
   +Add missing DECLARE_PEM_write_fp_const
   +Disable X509_LOOKUP_hash_dir(). X509_LOOKUP_file() was already compiled out,
    so remove its prototype.
   +Use OPENSSL_showfatal() in CRYPTO_destroy_dynlockid().
   +Eliminate SRP_VBASE_init() and supporting functions. Users will need to
    build the verifier manually instead.
   +Eliminate compiler warning for unused do_pk8pkey_fp().
   +Disable TEST_ENG_OPENSSL_PKEY.
   +Disable GOST engine as is uses [f]printf all over the place.
   +Eliminate compiler warning for unused send_fp_chars().

Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-09-29 21:59:19 -04:00
Andy Polyakov
51cbee3516 Update year in Windows builds.
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-09-28 15:32:38 +02:00
Ben Laurie
df2ee0e27d Enable -Wmissing-variable-declarations and
-Wincompatible-pointer-types-discards-qualifiers (the latter did not require
any code changes).

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-11 04:51:55 +01:00
Richard Levitte
fd9ad2300b Adapt mk1mf.pl and helpers to the new testing framework.
With the new testing framework, building a test target with mk1mf.pl
becomes a very simple thing.  And especially, no more need to do the
amount of hackery in unix.pl we did.

Also, some tests need a working apps/CA.pl as well as rehashed certs
in certs/demo.  So, move the code creating those files so it gets done
regardless, not just in non-mk1mf environments.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-07 16:10:58 +02:00
David Woodhouse
47bbaa5b60 Revert "OPENSSL_NO_xxx cleanup: RFC3779"
This reverts the non-cleanup parts of commit c73ad69017. We do actually
have a reasonable use case for OPENSSL_NO_RFC3779 in the EDK2 UEFI
build, since we don't have a strspn() function in our runtime environment
and we don't want the RFC3779 functionality anyway.

In addition, it changes the default behaviour of the Configure script so
that RFC3779 support isn't disabled by default. It was always disabled
from when it was first added in 2006, right up until the point where
OPENSSL_NO_RFC3779 was turned into a no-op, and the code in the
Configure script was left *trying* to disable it, but not actually
working.

Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-09-03 16:31:09 -04:00
Ben Laurie
480405e4a9 Add -Wconditional-uninitialized to clang strict warnings.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-08-02 02:45:44 +01:00
Ben Laurie
d237a2739c Build with --strict-warnings on FreeBSD.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-08-02 02:21:46 +01:00
Matt Caswell
e481f9b90b Remove support for OPENSSL_NO_TLSEXT
Given the pervasive nature of TLS extensions it is inadvisable to run
OpenSSL without support for them. It also means that maintaining
the OPENSSL_NO_TLSEXT option within the code is very invasive (and probably
not well tested). Therefore it is being removed.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-22 23:10:51 +01:00
Matt Caswell
e36827f6d1 Remove remaining Kerberos references
Following on from the removal of libcrypto and libssl support for Kerberos
this commit removes all remaining references to Kerberos.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-13 15:08:10 +01:00
Ben Laurie
190c8c60c1 Fix build on MacOS.
Reviewed-by: Andy Polyakov
2015-05-01 17:46:17 +01:00
Andy Polyakov
c3b9bd11f9 Engage ec/asm/ecp_nistz256-sparcv9 module.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-04-21 09:39:52 +02:00
Andy Polyakov
cc98b998b8 Configure: Engage ecp_nistz256-armv8 module.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-20 14:58:01 +02:00
Andy Polyakov
2c6343bfa3 Configure: engage ARMv8 Montgomery multiplication module.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-04-20 14:41:10 +02:00
Emilia Kasper
13efe9d17e Use -Wall -Wextra with clang
The disabled set of -Weverything is hard to maintain across versions.
Use -Wall -Wextra but also document other useful warnings that currently trigger.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-04-17 18:17:50 +02:00
Dr. Stephen Henson
c954448f2c Add -Wtype-limits to strict warnings.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-04-15 13:57:51 +01:00
Richard Levitte
04958e84d8 Appease clang -Wgnu-statement-expression
We use GNU statement expressions in crypto/md32_common.h, surrounded
by checks that GNU C is indeed used to compile.  It seems that clang,
at least on Linux, pretends to be GNU C, therefore finds the statement
expressions and then warns about them.

The solution is to have clang be quiet about it.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-04-04 17:06:35 +02:00
Richard Levitte
dee502be89 Stop symlinking, move files to intended directory
Rather than making include/openssl/foo.h a symlink to
crypto/foo/foo.h, this change moves the file to include/openssl/foo.h
once and for all.

Likewise, move crypto/foo/footest.c to test/footest.c, instead of
symlinking it there.

Originally-by: Geoff Thorpe <geoff@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-31 20:16:01 +02:00
Andy Polyakov
33b188a8e8 Engage vpaes-armv8 module.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-28 15:42:12 +01:00
Andy Polyakov
1818572d83 Configure: remove unused variables.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-28 15:36:40 +01:00
Matt Caswell
913f1042b3 Add -DDEBUG_UNUSED to --strict-warnings
In order to receive warnings on unused function return values the flag
-DDEBUG_UNUSED must be passed to the compiler. This change adds that for the
--strict-warnings Configure option.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-23 15:22:36 +00:00
Richard Levitte
9b956beccd Refer to $table{$target} rather than $table{$t}.
Using $t is an artifact from the earlier changes in Configure and was
unfortunately forgotten as is.

Reviewed-by: Stephen Henson <steve@openssl.org>
2015-03-22 00:57:09 +01:00
Richard Levitte
21ab123770 If the target is an old style debug- target, it will not have debugging [cl]flags
Reviewed-by: Stephen Henson <steve@openssl.org>
2015-03-19 22:49:51 +01:00
Andy Polyakov
7ead0c8918 Configure: fold related configurations more aggressively and clean-up.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-18 16:27:00 +01:00
Richard Levitte
9e43c6b5c2 Correct the request of debug builds
./config would translate -d into having the target get a 'debug-'
prefix, and then run './Configure LIST' to find out if such a
debugging target exists or not.

With the recent changes, the separate 'debug-foo' targets are
disappearing, and we're giving the normal targets debugging
capabilities instead.  Unfortunately, './config' wasn't changed to
match this new behavior.

This change introduces the arguments '--debug' and '--release' - the
latter just for orthogonality - to ./Configure, and ./config now
treats -d by adding '--debug' to the options for ./Configure.

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-17 17:01:31 +01:00