svn commit: r348341 - in stable/12: crypto/openssl crypto/openssl/apps crypto/openssl/crypto crypto/openssl/crypto/aes/asm crypto/openssl/crypto/bio crypto/openssl/crypto/blake2 crypto/openssl/cryp...
Jung-uk Kim
jkim at FreeBSD.org
Tue May 28 21:57:03 UTC 2019
Author: jkim
Date: Tue May 28 21:57:01 2019
New Revision: 348341
URL: https://svnweb.freebsd.org/changeset/base/348341
Log:
MFC: r348340
Merge OpenSSL 1.1.1c.
Modified:
stable/12/crypto/openssl/CHANGES
stable/12/crypto/openssl/Configure
stable/12/crypto/openssl/INSTALL
stable/12/crypto/openssl/NEWS
stable/12/crypto/openssl/NOTES.PERL
stable/12/crypto/openssl/README
stable/12/crypto/openssl/apps/asn1pars.c
stable/12/crypto/openssl/apps/cms.c
stable/12/crypto/openssl/apps/enc.c
stable/12/crypto/openssl/apps/ocsp.c
stable/12/crypto/openssl/apps/s_cb.c
stable/12/crypto/openssl/apps/s_client.c
stable/12/crypto/openssl/apps/speed.c
stable/12/crypto/openssl/crypto/aes/asm/aesp8-ppc.pl
stable/12/crypto/openssl/crypto/bio/b_addr.c
stable/12/crypto/openssl/crypto/bio/bss_mem.c
stable/12/crypto/openssl/crypto/blake2/blake2b.c
stable/12/crypto/openssl/crypto/bn/asm/mips.pl
stable/12/crypto/openssl/crypto/bn/asm/ppc.pl
stable/12/crypto/openssl/crypto/bn/bn_ctx.c
stable/12/crypto/openssl/crypto/bn/bn_lib.c
stable/12/crypto/openssl/crypto/bn/bn_prime.c
stable/12/crypto/openssl/crypto/chacha/build.info
stable/12/crypto/openssl/crypto/conf/conf_sap.c
stable/12/crypto/openssl/crypto/dh/dh_check.c
stable/12/crypto/openssl/crypto/dh/dh_gen.c
stable/12/crypto/openssl/crypto/dh/dh_key.c
stable/12/crypto/openssl/crypto/dh/dh_pmeth.c
stable/12/crypto/openssl/crypto/dsa/dsa_gen.c
stable/12/crypto/openssl/crypto/dsa/dsa_ossl.c
stable/12/crypto/openssl/crypto/dsa/dsa_pmeth.c
stable/12/crypto/openssl/crypto/dso/dso_openssl.c
stable/12/crypto/openssl/crypto/ec/curve25519.c
stable/12/crypto/openssl/crypto/ec/curve448/curve448.c
stable/12/crypto/openssl/crypto/ec/curve448/curve448_tables.c
stable/12/crypto/openssl/crypto/ec/curve448/curve448utils.h
stable/12/crypto/openssl/crypto/ec/curve448/f_generic.c
stable/12/crypto/openssl/crypto/ec/curve448/scalar.c
stable/12/crypto/openssl/crypto/ec/ec2_oct.c
stable/12/crypto/openssl/crypto/ec/ec2_smpl.c
stable/12/crypto/openssl/crypto/ec/ec_ameth.c
stable/12/crypto/openssl/crypto/ec/ec_lib.c
stable/12/crypto/openssl/crypto/ec/ec_mult.c
stable/12/crypto/openssl/crypto/ec/ec_pmeth.c
stable/12/crypto/openssl/crypto/ec/ecdh_ossl.c
stable/12/crypto/openssl/crypto/ec/ecp_nistp521.c
stable/12/crypto/openssl/crypto/ec/ecp_nistz256.c
stable/12/crypto/openssl/crypto/ec/ecp_smpl.c
stable/12/crypto/openssl/crypto/err/err.c
stable/12/crypto/openssl/crypto/evp/digest.c
stable/12/crypto/openssl/crypto/evp/e_aes.c
stable/12/crypto/openssl/crypto/evp/e_aria.c
stable/12/crypto/openssl/crypto/evp/e_chacha20_poly1305.c
stable/12/crypto/openssl/crypto/evp/p_lib.c
stable/12/crypto/openssl/crypto/evp/p_open.c
stable/12/crypto/openssl/crypto/hmac/hmac.c
stable/12/crypto/openssl/crypto/include/internal/dso_conf.h
stable/12/crypto/openssl/crypto/include/internal/dso_conf.h.in
stable/12/crypto/openssl/crypto/init.c
stable/12/crypto/openssl/crypto/mips_arch.h
stable/12/crypto/openssl/crypto/modes/asm/ghash-x86_64.pl
stable/12/crypto/openssl/crypto/modes/ccm128.c
stable/12/crypto/openssl/crypto/o_str.c
stable/12/crypto/openssl/crypto/objects/obj_dat.h
stable/12/crypto/openssl/crypto/objects/objects.txt
stable/12/crypto/openssl/crypto/ocsp/ocsp_ext.c
stable/12/crypto/openssl/crypto/ocsp/ocsp_lib.c
stable/12/crypto/openssl/crypto/pem/pem_sign.c
stable/12/crypto/openssl/crypto/poly1305/build.info
stable/12/crypto/openssl/crypto/ppccap.c
stable/12/crypto/openssl/crypto/rand/drbg_lib.c
stable/12/crypto/openssl/crypto/rand/rand_lib.c
stable/12/crypto/openssl/crypto/rand/rand_unix.c
stable/12/crypto/openssl/crypto/rand/randfile.c
stable/12/crypto/openssl/crypto/rc4/build.info
stable/12/crypto/openssl/crypto/rsa/rsa_ameth.c
stable/12/crypto/openssl/crypto/rsa/rsa_gen.c
stable/12/crypto/openssl/crypto/rsa/rsa_oaep.c
stable/12/crypto/openssl/crypto/rsa/rsa_ossl.c
stable/12/crypto/openssl/crypto/rsa/rsa_pk1.c
stable/12/crypto/openssl/crypto/rsa/rsa_pmeth.c
stable/12/crypto/openssl/crypto/rsa/rsa_ssl.c
stable/12/crypto/openssl/crypto/rsa/rsa_x931g.c
stable/12/crypto/openssl/crypto/sha/keccak1600.c
stable/12/crypto/openssl/crypto/x509/x509_lu.c
stable/12/crypto/openssl/crypto/x509v3/v3_genn.c
stable/12/crypto/openssl/doc/man1/genpkey.pod
stable/12/crypto/openssl/doc/man1/pkeyutl.pod
stable/12/crypto/openssl/doc/man1/s_client.pod
stable/12/crypto/openssl/doc/man1/s_server.pod
stable/12/crypto/openssl/doc/man1/s_time.pod
stable/12/crypto/openssl/doc/man1/ts.pod
stable/12/crypto/openssl/doc/man3/ASN1_TIME_set.pod
stable/12/crypto/openssl/doc/man3/ASN1_generate_nconf.pod
stable/12/crypto/openssl/doc/man3/BIO_connect.pod
stable/12/crypto/openssl/doc/man3/BIO_push.pod
stable/12/crypto/openssl/doc/man3/BIO_s_file.pod
stable/12/crypto/openssl/doc/man3/BIO_s_mem.pod
stable/12/crypto/openssl/doc/man3/BN_CTX_start.pod
stable/12/crypto/openssl/doc/man3/BN_new.pod
stable/12/crypto/openssl/doc/man3/BN_rand.pod
stable/12/crypto/openssl/doc/man3/BN_security_bits.pod
stable/12/crypto/openssl/doc/man3/CMS_verify.pod
stable/12/crypto/openssl/doc/man3/CONF_modules_load_file.pod
stable/12/crypto/openssl/doc/man3/DES_random_key.pod
stable/12/crypto/openssl/doc/man3/ECDSA_SIG_new.pod
stable/12/crypto/openssl/doc/man3/EVP_DigestVerifyInit.pod
stable/12/crypto/openssl/doc/man3/EVP_EncryptInit.pod
stable/12/crypto/openssl/doc/man3/EVP_PKEY_meth_new.pod
stable/12/crypto/openssl/doc/man3/EVP_PKEY_set1_RSA.pod
stable/12/crypto/openssl/doc/man3/EVP_chacha20.pod
stable/12/crypto/openssl/doc/man3/HMAC.pod
stable/12/crypto/openssl/doc/man3/OBJ_nid2obj.pod
stable/12/crypto/openssl/doc/man3/OCSP_cert_to_id.pod
stable/12/crypto/openssl/doc/man3/PEM_read_bio_PrivateKey.pod
stable/12/crypto/openssl/doc/man3/RAND_DRBG_generate.pod
stable/12/crypto/openssl/doc/man3/RAND_DRBG_get0_master.pod
stable/12/crypto/openssl/doc/man3/RAND_DRBG_new.pod
stable/12/crypto/openssl/doc/man3/RAND_DRBG_reseed.pod
stable/12/crypto/openssl/doc/man3/RAND_DRBG_set_callbacks.pod
stable/12/crypto/openssl/doc/man3/RAND_add.pod
stable/12/crypto/openssl/doc/man3/RAND_bytes.pod
stable/12/crypto/openssl/doc/man3/RAND_cleanup.pod
stable/12/crypto/openssl/doc/man3/RSA_padding_add_PKCS1_type_1.pod
stable/12/crypto/openssl/doc/man3/RSA_public_encrypt.pod
stable/12/crypto/openssl/doc/man3/SSL_CIPHER_get_name.pod
stable/12/crypto/openssl/doc/man3/SSL_CONF_cmd.pod
stable/12/crypto/openssl/doc/man3/SSL_CTX_load_verify_locations.pod
stable/12/crypto/openssl/doc/man3/SSL_CTX_new.pod
stable/12/crypto/openssl/doc/man3/SSL_CTX_set1_sigalgs.pod
stable/12/crypto/openssl/doc/man3/SSL_CTX_set_client_hello_cb.pod
stable/12/crypto/openssl/doc/man3/SSL_CTX_set_default_passwd_cb.pod
stable/12/crypto/openssl/doc/man3/SSL_CTX_set_generate_session_id.pod
stable/12/crypto/openssl/doc/man3/SSL_CTX_set_min_proto_version.pod
stable/12/crypto/openssl/doc/man3/SSL_CTX_set_read_ahead.pod
stable/12/crypto/openssl/doc/man3/SSL_CTX_set_split_send_fragment.pod
stable/12/crypto/openssl/doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod
stable/12/crypto/openssl/doc/man3/SSL_CTX_set_tmp_dh_callback.pod
stable/12/crypto/openssl/doc/man3/SSL_get_error.pod
stable/12/crypto/openssl/doc/man3/SSL_load_client_CA_file.pod
stable/12/crypto/openssl/doc/man3/SSL_read.pod
stable/12/crypto/openssl/doc/man3/SSL_session_reused.pod
stable/12/crypto/openssl/doc/man3/SSL_shutdown.pod
stable/12/crypto/openssl/doc/man3/SSL_write.pod
stable/12/crypto/openssl/doc/man3/X509_LOOKUP_meth_new.pod
stable/12/crypto/openssl/doc/man3/X509_NAME_add_entry_by_txt.pod
stable/12/crypto/openssl/doc/man3/X509_NAME_get_index_by_NID.pod
stable/12/crypto/openssl/doc/man3/X509_get_subject_name.pod
stable/12/crypto/openssl/doc/man3/d2i_X509.pod
stable/12/crypto/openssl/e_os.h
stable/12/crypto/openssl/engines/e_padlock.c
stable/12/crypto/openssl/include/internal/dsoerr.h
stable/12/crypto/openssl/include/internal/refcount.h
stable/12/crypto/openssl/include/internal/tsan_assist.h
stable/12/crypto/openssl/include/openssl/err.h
stable/12/crypto/openssl/include/openssl/evp.h
stable/12/crypto/openssl/include/openssl/obj_mac.h
stable/12/crypto/openssl/include/openssl/ocsp.h
stable/12/crypto/openssl/include/openssl/opensslv.h
stable/12/crypto/openssl/include/openssl/ssl.h
stable/12/crypto/openssl/include/openssl/x509v3.h
stable/12/crypto/openssl/ssl/ssl_lib.c
stable/12/crypto/openssl/ssl/ssl_locl.h
stable/12/crypto/openssl/ssl/statem/extensions.c
stable/12/crypto/openssl/ssl/statem/extensions_clnt.c
stable/12/crypto/openssl/ssl/statem/extensions_srvr.c
stable/12/crypto/openssl/ssl/statem/statem_clnt.c
stable/12/crypto/openssl/ssl/statem/statem_srvr.c
stable/12/secure/lib/libcrypto/Makefile.inc
stable/12/secure/lib/libcrypto/Makefile.man
stable/12/secure/lib/libcrypto/Version.map
stable/12/secure/lib/libcrypto/man/ADMISSIONS.3
stable/12/secure/lib/libcrypto/man/ASN1_INTEGER_get_int64.3
stable/12/secure/lib/libcrypto/man/ASN1_ITEM_lookup.3
stable/12/secure/lib/libcrypto/man/ASN1_OBJECT_new.3
stable/12/secure/lib/libcrypto/man/ASN1_STRING_TABLE_add.3
stable/12/secure/lib/libcrypto/man/ASN1_STRING_length.3
stable/12/secure/lib/libcrypto/man/ASN1_STRING_new.3
stable/12/secure/lib/libcrypto/man/ASN1_STRING_print_ex.3
stable/12/secure/lib/libcrypto/man/ASN1_TIME_set.3
stable/12/secure/lib/libcrypto/man/ASN1_TYPE_get.3
stable/12/secure/lib/libcrypto/man/ASN1_generate_nconf.3
stable/12/secure/lib/libcrypto/man/ASYNC_WAIT_CTX_new.3
stable/12/secure/lib/libcrypto/man/ASYNC_start_job.3
stable/12/secure/lib/libcrypto/man/BF_encrypt.3
stable/12/secure/lib/libcrypto/man/BIO_ADDR.3
stable/12/secure/lib/libcrypto/man/BIO_ADDRINFO.3
stable/12/secure/lib/libcrypto/man/BIO_connect.3
stable/12/secure/lib/libcrypto/man/BIO_ctrl.3
stable/12/secure/lib/libcrypto/man/BIO_f_base64.3
stable/12/secure/lib/libcrypto/man/BIO_f_buffer.3
stable/12/secure/lib/libcrypto/man/BIO_f_cipher.3
stable/12/secure/lib/libcrypto/man/BIO_f_md.3
stable/12/secure/lib/libcrypto/man/BIO_f_null.3
stable/12/secure/lib/libcrypto/man/BIO_f_ssl.3
stable/12/secure/lib/libcrypto/man/BIO_find_type.3
stable/12/secure/lib/libcrypto/man/BIO_get_data.3
stable/12/secure/lib/libcrypto/man/BIO_get_ex_new_index.3
stable/12/secure/lib/libcrypto/man/BIO_meth_new.3
stable/12/secure/lib/libcrypto/man/BIO_new.3
stable/12/secure/lib/libcrypto/man/BIO_new_CMS.3
stable/12/secure/lib/libcrypto/man/BIO_parse_hostserv.3
stable/12/secure/lib/libcrypto/man/BIO_printf.3
stable/12/secure/lib/libcrypto/man/BIO_push.3
stable/12/secure/lib/libcrypto/man/BIO_read.3
stable/12/secure/lib/libcrypto/man/BIO_s_accept.3
stable/12/secure/lib/libcrypto/man/BIO_s_bio.3
stable/12/secure/lib/libcrypto/man/BIO_s_connect.3
stable/12/secure/lib/libcrypto/man/BIO_s_fd.3
stable/12/secure/lib/libcrypto/man/BIO_s_file.3
stable/12/secure/lib/libcrypto/man/BIO_s_mem.3
stable/12/secure/lib/libcrypto/man/BIO_s_null.3
stable/12/secure/lib/libcrypto/man/BIO_s_socket.3
stable/12/secure/lib/libcrypto/man/BIO_set_callback.3
stable/12/secure/lib/libcrypto/man/BIO_should_retry.3
stable/12/secure/lib/libcrypto/man/BN_BLINDING_new.3
stable/12/secure/lib/libcrypto/man/BN_CTX_new.3
stable/12/secure/lib/libcrypto/man/BN_CTX_start.3
stable/12/secure/lib/libcrypto/man/BN_add.3
stable/12/secure/lib/libcrypto/man/BN_add_word.3
stable/12/secure/lib/libcrypto/man/BN_bn2bin.3
stable/12/secure/lib/libcrypto/man/BN_cmp.3
stable/12/secure/lib/libcrypto/man/BN_copy.3
stable/12/secure/lib/libcrypto/man/BN_generate_prime.3
stable/12/secure/lib/libcrypto/man/BN_mod_inverse.3
stable/12/secure/lib/libcrypto/man/BN_mod_mul_montgomery.3
stable/12/secure/lib/libcrypto/man/BN_mod_mul_reciprocal.3
stable/12/secure/lib/libcrypto/man/BN_new.3
stable/12/secure/lib/libcrypto/man/BN_num_bytes.3
stable/12/secure/lib/libcrypto/man/BN_rand.3
stable/12/secure/lib/libcrypto/man/BN_security_bits.3
stable/12/secure/lib/libcrypto/man/BN_set_bit.3
stable/12/secure/lib/libcrypto/man/BN_swap.3
stable/12/secure/lib/libcrypto/man/BN_zero.3
stable/12/secure/lib/libcrypto/man/BUF_MEM_new.3
stable/12/secure/lib/libcrypto/man/CMS_add0_cert.3
stable/12/secure/lib/libcrypto/man/CMS_add1_recipient_cert.3
stable/12/secure/lib/libcrypto/man/CMS_add1_signer.3
stable/12/secure/lib/libcrypto/man/CMS_compress.3
stable/12/secure/lib/libcrypto/man/CMS_decrypt.3
stable/12/secure/lib/libcrypto/man/CMS_encrypt.3
stable/12/secure/lib/libcrypto/man/CMS_final.3
stable/12/secure/lib/libcrypto/man/CMS_get0_RecipientInfos.3
stable/12/secure/lib/libcrypto/man/CMS_get0_SignerInfos.3
stable/12/secure/lib/libcrypto/man/CMS_get0_type.3
stable/12/secure/lib/libcrypto/man/CMS_get1_ReceiptRequest.3
stable/12/secure/lib/libcrypto/man/CMS_sign.3
stable/12/secure/lib/libcrypto/man/CMS_sign_receipt.3
stable/12/secure/lib/libcrypto/man/CMS_uncompress.3
stable/12/secure/lib/libcrypto/man/CMS_verify.3
stable/12/secure/lib/libcrypto/man/CMS_verify_receipt.3
stable/12/secure/lib/libcrypto/man/CONF_modules_free.3
stable/12/secure/lib/libcrypto/man/CONF_modules_load_file.3
stable/12/secure/lib/libcrypto/man/CRYPTO_THREAD_run_once.3
stable/12/secure/lib/libcrypto/man/CRYPTO_get_ex_new_index.3
stable/12/secure/lib/libcrypto/man/CTLOG_STORE_get0_log_by_id.3
stable/12/secure/lib/libcrypto/man/CTLOG_STORE_new.3
stable/12/secure/lib/libcrypto/man/CTLOG_new.3
stable/12/secure/lib/libcrypto/man/CT_POLICY_EVAL_CTX_new.3
stable/12/secure/lib/libcrypto/man/DEFINE_STACK_OF.3
stable/12/secure/lib/libcrypto/man/DES_random_key.3
stable/12/secure/lib/libcrypto/man/DH_generate_key.3
stable/12/secure/lib/libcrypto/man/DH_generate_parameters.3
stable/12/secure/lib/libcrypto/man/DH_get0_pqg.3
stable/12/secure/lib/libcrypto/man/DH_get_1024_160.3
stable/12/secure/lib/libcrypto/man/DH_meth_new.3
stable/12/secure/lib/libcrypto/man/DH_new.3
stable/12/secure/lib/libcrypto/man/DH_new_by_nid.3
stable/12/secure/lib/libcrypto/man/DH_set_method.3
stable/12/secure/lib/libcrypto/man/DH_size.3
stable/12/secure/lib/libcrypto/man/DSA_SIG_new.3
stable/12/secure/lib/libcrypto/man/DSA_do_sign.3
stable/12/secure/lib/libcrypto/man/DSA_dup_DH.3
stable/12/secure/lib/libcrypto/man/DSA_generate_key.3
stable/12/secure/lib/libcrypto/man/DSA_generate_parameters.3
stable/12/secure/lib/libcrypto/man/DSA_get0_pqg.3
stable/12/secure/lib/libcrypto/man/DSA_meth_new.3
stable/12/secure/lib/libcrypto/man/DSA_new.3
stable/12/secure/lib/libcrypto/man/DSA_set_method.3
stable/12/secure/lib/libcrypto/man/DSA_sign.3
stable/12/secure/lib/libcrypto/man/DSA_size.3
stable/12/secure/lib/libcrypto/man/DTLS_get_data_mtu.3
stable/12/secure/lib/libcrypto/man/DTLS_set_timer_cb.3
stable/12/secure/lib/libcrypto/man/DTLSv1_listen.3
stable/12/secure/lib/libcrypto/man/ECDSA_SIG_new.3
stable/12/secure/lib/libcrypto/man/ECPKParameters_print.3
stable/12/secure/lib/libcrypto/man/EC_GFp_simple_method.3
stable/12/secure/lib/libcrypto/man/EC_GROUP_copy.3
stable/12/secure/lib/libcrypto/man/EC_GROUP_new.3
stable/12/secure/lib/libcrypto/man/EC_KEY_get_enc_flags.3
stable/12/secure/lib/libcrypto/man/EC_KEY_new.3
stable/12/secure/lib/libcrypto/man/EC_POINT_add.3
stable/12/secure/lib/libcrypto/man/EC_POINT_new.3
stable/12/secure/lib/libcrypto/man/ENGINE_add.3
stable/12/secure/lib/libcrypto/man/ERR_GET_LIB.3
stable/12/secure/lib/libcrypto/man/ERR_clear_error.3
stable/12/secure/lib/libcrypto/man/ERR_error_string.3
stable/12/secure/lib/libcrypto/man/ERR_get_error.3
stable/12/secure/lib/libcrypto/man/ERR_load_crypto_strings.3
stable/12/secure/lib/libcrypto/man/ERR_load_strings.3
stable/12/secure/lib/libcrypto/man/ERR_print_errors.3
stable/12/secure/lib/libcrypto/man/ERR_put_error.3
stable/12/secure/lib/libcrypto/man/ERR_remove_state.3
stable/12/secure/lib/libcrypto/man/ERR_set_mark.3
stable/12/secure/lib/libcrypto/man/EVP_BytesToKey.3
stable/12/secure/lib/libcrypto/man/EVP_CIPHER_CTX_get_cipher_data.3
stable/12/secure/lib/libcrypto/man/EVP_CIPHER_meth_new.3
stable/12/secure/lib/libcrypto/man/EVP_DigestInit.3
stable/12/secure/lib/libcrypto/man/EVP_DigestSignInit.3
stable/12/secure/lib/libcrypto/man/EVP_DigestVerifyInit.3
stable/12/secure/lib/libcrypto/man/EVP_EncodeInit.3
stable/12/secure/lib/libcrypto/man/EVP_EncryptInit.3
stable/12/secure/lib/libcrypto/man/EVP_MD_meth_new.3
stable/12/secure/lib/libcrypto/man/EVP_OpenInit.3
stable/12/secure/lib/libcrypto/man/EVP_PKEY_ASN1_METHOD.3
stable/12/secure/lib/libcrypto/man/EVP_PKEY_CTX_ctrl.3
stable/12/secure/lib/libcrypto/man/EVP_PKEY_CTX_new.3
stable/12/secure/lib/libcrypto/man/EVP_PKEY_CTX_set1_pbe_pass.3
stable/12/secure/lib/libcrypto/man/EVP_PKEY_CTX_set_hkdf_md.3
stable/12/secure/lib/libcrypto/man/EVP_PKEY_CTX_set_rsa_pss_keygen_md.3
stable/12/secure/lib/libcrypto/man/EVP_PKEY_CTX_set_scrypt_N.3
stable/12/secure/lib/libcrypto/man/EVP_PKEY_CTX_set_tls1_prf_md.3
stable/12/secure/lib/libcrypto/man/EVP_PKEY_asn1_get_count.3
stable/12/secure/lib/libcrypto/man/EVP_PKEY_cmp.3
stable/12/secure/lib/libcrypto/man/EVP_PKEY_decrypt.3
stable/12/secure/lib/libcrypto/man/EVP_PKEY_derive.3
stable/12/secure/lib/libcrypto/man/EVP_PKEY_encrypt.3
stable/12/secure/lib/libcrypto/man/EVP_PKEY_get_default_digest_nid.3
stable/12/secure/lib/libcrypto/man/EVP_PKEY_keygen.3
stable/12/secure/lib/libcrypto/man/EVP_PKEY_meth_get_count.3
stable/12/secure/lib/libcrypto/man/EVP_PKEY_meth_new.3
stable/12/secure/lib/libcrypto/man/EVP_PKEY_new.3
stable/12/secure/lib/libcrypto/man/EVP_PKEY_print_private.3
stable/12/secure/lib/libcrypto/man/EVP_PKEY_set1_RSA.3
stable/12/secure/lib/libcrypto/man/EVP_PKEY_sign.3
stable/12/secure/lib/libcrypto/man/EVP_PKEY_verify.3
stable/12/secure/lib/libcrypto/man/EVP_PKEY_verify_recover.3
stable/12/secure/lib/libcrypto/man/EVP_SealInit.3
stable/12/secure/lib/libcrypto/man/EVP_SignInit.3
stable/12/secure/lib/libcrypto/man/EVP_VerifyInit.3
stable/12/secure/lib/libcrypto/man/EVP_aes.3
stable/12/secure/lib/libcrypto/man/EVP_aria.3
stable/12/secure/lib/libcrypto/man/EVP_bf_cbc.3
stable/12/secure/lib/libcrypto/man/EVP_blake2b512.3
stable/12/secure/lib/libcrypto/man/EVP_camellia.3
stable/12/secure/lib/libcrypto/man/EVP_cast5_cbc.3
stable/12/secure/lib/libcrypto/man/EVP_chacha20.3
stable/12/secure/lib/libcrypto/man/EVP_des.3
stable/12/secure/lib/libcrypto/man/EVP_desx_cbc.3
stable/12/secure/lib/libcrypto/man/EVP_idea_cbc.3
stable/12/secure/lib/libcrypto/man/EVP_md2.3
stable/12/secure/lib/libcrypto/man/EVP_md4.3
stable/12/secure/lib/libcrypto/man/EVP_md5.3
stable/12/secure/lib/libcrypto/man/EVP_mdc2.3
stable/12/secure/lib/libcrypto/man/EVP_rc2_cbc.3
stable/12/secure/lib/libcrypto/man/EVP_rc4.3
stable/12/secure/lib/libcrypto/man/EVP_rc5_32_12_16_cbc.3
stable/12/secure/lib/libcrypto/man/EVP_ripemd160.3
stable/12/secure/lib/libcrypto/man/EVP_seed_cbc.3
stable/12/secure/lib/libcrypto/man/EVP_sha1.3
stable/12/secure/lib/libcrypto/man/EVP_sha224.3
stable/12/secure/lib/libcrypto/man/EVP_sha3_224.3
stable/12/secure/lib/libcrypto/man/EVP_sm3.3
stable/12/secure/lib/libcrypto/man/EVP_sm4_cbc.3
stable/12/secure/lib/libcrypto/man/EVP_whirlpool.3
stable/12/secure/lib/libcrypto/man/HMAC.3
stable/12/secure/lib/libcrypto/man/MD5.3
stable/12/secure/lib/libcrypto/man/MDC2_Init.3
stable/12/secure/lib/libcrypto/man/OBJ_nid2obj.3
stable/12/secure/lib/libcrypto/man/OCSP_REQUEST_new.3
stable/12/secure/lib/libcrypto/man/OCSP_cert_to_id.3
stable/12/secure/lib/libcrypto/man/OCSP_request_add1_nonce.3
stable/12/secure/lib/libcrypto/man/OCSP_resp_find_status.3
stable/12/secure/lib/libcrypto/man/OCSP_response_status.3
stable/12/secure/lib/libcrypto/man/OCSP_sendreq_new.3
stable/12/secure/lib/libcrypto/man/OPENSSL_Applink.3
stable/12/secure/lib/libcrypto/man/OPENSSL_LH_COMPFUNC.3
stable/12/secure/lib/libcrypto/man/OPENSSL_LH_stats.3
stable/12/secure/lib/libcrypto/man/OPENSSL_VERSION_NUMBER.3
stable/12/secure/lib/libcrypto/man/OPENSSL_config.3
stable/12/secure/lib/libcrypto/man/OPENSSL_fork_prepare.3
stable/12/secure/lib/libcrypto/man/OPENSSL_ia32cap.3
stable/12/secure/lib/libcrypto/man/OPENSSL_init_crypto.3
stable/12/secure/lib/libcrypto/man/OPENSSL_init_ssl.3
stable/12/secure/lib/libcrypto/man/OPENSSL_instrument_bus.3
stable/12/secure/lib/libcrypto/man/OPENSSL_load_builtin_modules.3
stable/12/secure/lib/libcrypto/man/OPENSSL_malloc.3
stable/12/secure/lib/libcrypto/man/OPENSSL_secure_malloc.3
stable/12/secure/lib/libcrypto/man/OSSL_STORE_INFO.3
stable/12/secure/lib/libcrypto/man/OSSL_STORE_LOADER.3
stable/12/secure/lib/libcrypto/man/OSSL_STORE_SEARCH.3
stable/12/secure/lib/libcrypto/man/OSSL_STORE_expect.3
stable/12/secure/lib/libcrypto/man/OSSL_STORE_open.3
stable/12/secure/lib/libcrypto/man/OpenSSL_add_all_algorithms.3
stable/12/secure/lib/libcrypto/man/PEM_bytes_read_bio.3
stable/12/secure/lib/libcrypto/man/PEM_read.3
stable/12/secure/lib/libcrypto/man/PEM_read_CMS.3
stable/12/secure/lib/libcrypto/man/PEM_read_bio_PrivateKey.3
stable/12/secure/lib/libcrypto/man/PEM_read_bio_ex.3
stable/12/secure/lib/libcrypto/man/PEM_write_bio_CMS_stream.3
stable/12/secure/lib/libcrypto/man/PEM_write_bio_PKCS7_stream.3
stable/12/secure/lib/libcrypto/man/PKCS12_create.3
stable/12/secure/lib/libcrypto/man/PKCS12_newpass.3
stable/12/secure/lib/libcrypto/man/PKCS12_parse.3
stable/12/secure/lib/libcrypto/man/PKCS5_PBKDF2_HMAC.3
stable/12/secure/lib/libcrypto/man/PKCS7_decrypt.3
stable/12/secure/lib/libcrypto/man/PKCS7_encrypt.3
stable/12/secure/lib/libcrypto/man/PKCS7_sign.3
stable/12/secure/lib/libcrypto/man/PKCS7_sign_add_signer.3
stable/12/secure/lib/libcrypto/man/PKCS7_verify.3
stable/12/secure/lib/libcrypto/man/RAND_DRBG_generate.3
stable/12/secure/lib/libcrypto/man/RAND_DRBG_get0_master.3
stable/12/secure/lib/libcrypto/man/RAND_DRBG_new.3
stable/12/secure/lib/libcrypto/man/RAND_DRBG_reseed.3
stable/12/secure/lib/libcrypto/man/RAND_DRBG_set_callbacks.3
stable/12/secure/lib/libcrypto/man/RAND_DRBG_set_ex_data.3
stable/12/secure/lib/libcrypto/man/RAND_add.3
stable/12/secure/lib/libcrypto/man/RAND_bytes.3
stable/12/secure/lib/libcrypto/man/RAND_cleanup.3
stable/12/secure/lib/libcrypto/man/RAND_egd.3
stable/12/secure/lib/libcrypto/man/RAND_load_file.3
stable/12/secure/lib/libcrypto/man/RAND_set_rand_method.3
stable/12/secure/lib/libcrypto/man/RC4_set_key.3
stable/12/secure/lib/libcrypto/man/RIPEMD160_Init.3
stable/12/secure/lib/libcrypto/man/RSA_blinding_on.3
stable/12/secure/lib/libcrypto/man/RSA_check_key.3
stable/12/secure/lib/libcrypto/man/RSA_generate_key.3
stable/12/secure/lib/libcrypto/man/RSA_get0_key.3
stable/12/secure/lib/libcrypto/man/RSA_meth_new.3
stable/12/secure/lib/libcrypto/man/RSA_new.3
stable/12/secure/lib/libcrypto/man/RSA_padding_add_PKCS1_type_1.3
stable/12/secure/lib/libcrypto/man/RSA_print.3
stable/12/secure/lib/libcrypto/man/RSA_private_encrypt.3
stable/12/secure/lib/libcrypto/man/RSA_public_encrypt.3
stable/12/secure/lib/libcrypto/man/RSA_set_method.3
stable/12/secure/lib/libcrypto/man/RSA_sign.3
stable/12/secure/lib/libcrypto/man/RSA_sign_ASN1_OCTET_STRING.3
stable/12/secure/lib/libcrypto/man/RSA_size.3
stable/12/secure/lib/libcrypto/man/SCT_new.3
stable/12/secure/lib/libcrypto/man/SCT_print.3
stable/12/secure/lib/libcrypto/man/SCT_validate.3
stable/12/secure/lib/libcrypto/man/SHA256_Init.3
stable/12/secure/lib/libcrypto/man/SMIME_read_CMS.3
stable/12/secure/lib/libcrypto/man/SMIME_read_PKCS7.3
stable/12/secure/lib/libcrypto/man/SMIME_write_CMS.3
stable/12/secure/lib/libcrypto/man/SMIME_write_PKCS7.3
stable/12/secure/lib/libcrypto/man/SSL_CIPHER_get_name.3
stable/12/secure/lib/libcrypto/man/SSL_COMP_add_compression_method.3
stable/12/secure/lib/libcrypto/man/SSL_CONF_CTX_new.3
stable/12/secure/lib/libcrypto/man/SSL_CONF_CTX_set1_prefix.3
stable/12/secure/lib/libcrypto/man/SSL_CONF_CTX_set_flags.3
stable/12/secure/lib/libcrypto/man/SSL_CONF_CTX_set_ssl_ctx.3
stable/12/secure/lib/libcrypto/man/SSL_CONF_cmd.3
stable/12/secure/lib/libcrypto/man/SSL_CONF_cmd_argv.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_add1_chain_cert.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_add_extra_chain_cert.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_add_session.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_config.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_ctrl.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_dane_enable.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_flush_sessions.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_free.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_get0_param.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_get_verify_mode.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_has_client_custom_ext.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_load_verify_locations.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_new.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_sess_number.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_sess_set_cache_size.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_sess_set_get_cb.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_sessions.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set0_CA_list.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set1_curves.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set1_sigalgs.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set1_verify_cert_store.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_alpn_select_cb.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_cert_cb.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_cert_store.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_cert_verify_callback.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_cipher_list.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_client_cert_cb.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_client_hello_cb.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_ct_validation_callback.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_ctlog_list_file.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_default_passwd_cb.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_ex_data.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_generate_session_id.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_info_callback.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_keylog_callback.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_max_cert_list.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_min_proto_version.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_mode.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_msg_callback.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_num_tickets.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_options.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_psk_client_callback.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_quiet_shutdown.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_read_ahead.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_record_padding_callback.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_security_level.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_session_cache_mode.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_session_id_context.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_session_ticket_cb.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_split_send_fragment.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_ssl_version.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_stateless_cookie_generate_cb.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_timeout.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_tlsext_servername_callback.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_tlsext_status_cb.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_tlsext_ticket_key_cb.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_tlsext_use_srtp.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_tmp_dh_callback.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_set_verify.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_use_certificate.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_use_psk_identity_hint.3
stable/12/secure/lib/libcrypto/man/SSL_CTX_use_serverinfo.3
stable/12/secure/lib/libcrypto/man/SSL_SESSION_free.3
stable/12/secure/lib/libcrypto/man/SSL_SESSION_get0_cipher.3
stable/12/secure/lib/libcrypto/man/SSL_SESSION_get0_hostname.3
stable/12/secure/lib/libcrypto/man/SSL_SESSION_get0_id_context.3
stable/12/secure/lib/libcrypto/man/SSL_SESSION_get0_peer.3
stable/12/secure/lib/libcrypto/man/SSL_SESSION_get_compress_id.3
stable/12/secure/lib/libcrypto/man/SSL_SESSION_get_ex_data.3
stable/12/secure/lib/libcrypto/man/SSL_SESSION_get_protocol_version.3
stable/12/secure/lib/libcrypto/man/SSL_SESSION_get_time.3
stable/12/secure/lib/libcrypto/man/SSL_SESSION_has_ticket.3
stable/12/secure/lib/libcrypto/man/SSL_SESSION_is_resumable.3
stable/12/secure/lib/libcrypto/man/SSL_SESSION_print.3
stable/12/secure/lib/libcrypto/man/SSL_SESSION_set1_id.3
stable/12/secure/lib/libcrypto/man/SSL_accept.3
stable/12/secure/lib/libcrypto/man/SSL_alert_type_string.3
stable/12/secure/lib/libcrypto/man/SSL_alloc_buffers.3
stable/12/secure/lib/libcrypto/man/SSL_check_chain.3
stable/12/secure/lib/libcrypto/man/SSL_clear.3
stable/12/secure/lib/libcrypto/man/SSL_connect.3
stable/12/secure/lib/libcrypto/man/SSL_do_handshake.3
stable/12/secure/lib/libcrypto/man/SSL_export_keying_material.3
stable/12/secure/lib/libcrypto/man/SSL_extension_supported.3
stable/12/secure/lib/libcrypto/man/SSL_free.3
stable/12/secure/lib/libcrypto/man/SSL_get0_peer_scts.3
stable/12/secure/lib/libcrypto/man/SSL_get_SSL_CTX.3
stable/12/secure/lib/libcrypto/man/SSL_get_all_async_fds.3
stable/12/secure/lib/libcrypto/man/SSL_get_ciphers.3
stable/12/secure/lib/libcrypto/man/SSL_get_client_random.3
stable/12/secure/lib/libcrypto/man/SSL_get_current_cipher.3
stable/12/secure/lib/libcrypto/man/SSL_get_default_timeout.3
stable/12/secure/lib/libcrypto/man/SSL_get_error.3
stable/12/secure/lib/libcrypto/man/SSL_get_extms_support.3
stable/12/secure/lib/libcrypto/man/SSL_get_fd.3
stable/12/secure/lib/libcrypto/man/SSL_get_peer_cert_chain.3
stable/12/secure/lib/libcrypto/man/SSL_get_peer_certificate.3
stable/12/secure/lib/libcrypto/man/SSL_get_peer_signature_nid.3
stable/12/secure/lib/libcrypto/man/SSL_get_peer_tmp_key.3
stable/12/secure/lib/libcrypto/man/SSL_get_psk_identity.3
stable/12/secure/lib/libcrypto/man/SSL_get_rbio.3
stable/12/secure/lib/libcrypto/man/SSL_get_session.3
stable/12/secure/lib/libcrypto/man/SSL_get_shared_sigalgs.3
stable/12/secure/lib/libcrypto/man/SSL_get_verify_result.3
stable/12/secure/lib/libcrypto/man/SSL_get_version.3
stable/12/secure/lib/libcrypto/man/SSL_in_init.3
stable/12/secure/lib/libcrypto/man/SSL_key_update.3
stable/12/secure/lib/libcrypto/man/SSL_library_init.3
stable/12/secure/lib/libcrypto/man/SSL_load_client_CA_file.3
stable/12/secure/lib/libcrypto/man/SSL_new.3
stable/12/secure/lib/libcrypto/man/SSL_pending.3
stable/12/secure/lib/libcrypto/man/SSL_read.3
stable/12/secure/lib/libcrypto/man/SSL_read_early_data.3
stable/12/secure/lib/libcrypto/man/SSL_rstate_string.3
stable/12/secure/lib/libcrypto/man/SSL_session_reused.3
stable/12/secure/lib/libcrypto/man/SSL_set1_host.3
stable/12/secure/lib/libcrypto/man/SSL_set_bio.3
stable/12/secure/lib/libcrypto/man/SSL_set_connect_state.3
stable/12/secure/lib/libcrypto/man/SSL_set_fd.3
stable/12/secure/lib/libcrypto/man/SSL_set_session.3
stable/12/secure/lib/libcrypto/man/SSL_set_shutdown.3
stable/12/secure/lib/libcrypto/man/SSL_set_verify_result.3
stable/12/secure/lib/libcrypto/man/SSL_shutdown.3
stable/12/secure/lib/libcrypto/man/SSL_state_string.3
stable/12/secure/lib/libcrypto/man/SSL_want.3
stable/12/secure/lib/libcrypto/man/SSL_write.3
stable/12/secure/lib/libcrypto/man/UI_STRING.3
stable/12/secure/lib/libcrypto/man/UI_UTIL_read_pw.3
stable/12/secure/lib/libcrypto/man/UI_create_method.3
stable/12/secure/lib/libcrypto/man/UI_new.3
stable/12/secure/lib/libcrypto/man/X509V3_get_d2i.3
stable/12/secure/lib/libcrypto/man/X509_ALGOR_dup.3
stable/12/secure/lib/libcrypto/man/X509_CRL_get0_by_serial.3
stable/12/secure/lib/libcrypto/man/X509_EXTENSION_set_object.3
stable/12/secure/lib/libcrypto/man/X509_LOOKUP_hash_dir.3
stable/12/secure/lib/libcrypto/man/X509_LOOKUP_meth_new.3
stable/12/secure/lib/libcrypto/man/X509_NAME_ENTRY_get_object.3
stable/12/secure/lib/libcrypto/man/X509_NAME_add_entry_by_txt.3
stable/12/secure/lib/libcrypto/man/X509_NAME_get0_der.3
stable/12/secure/lib/libcrypto/man/X509_NAME_get_index_by_NID.3
stable/12/secure/lib/libcrypto/man/X509_NAME_print_ex.3
stable/12/secure/lib/libcrypto/man/X509_PUBKEY_new.3
stable/12/secure/lib/libcrypto/man/X509_SIG_get0.3
stable/12/secure/lib/libcrypto/man/X509_STORE_CTX_get_error.3
stable/12/secure/lib/libcrypto/man/X509_STORE_CTX_new.3
stable/12/secure/lib/libcrypto/man/X509_STORE_CTX_set_verify_cb.3
stable/12/secure/lib/libcrypto/man/X509_STORE_add_cert.3
stable/12/secure/lib/libcrypto/man/X509_STORE_get0_param.3
stable/12/secure/lib/libcrypto/man/X509_STORE_new.3
stable/12/secure/lib/libcrypto/man/X509_STORE_set_verify_cb_func.3
stable/12/secure/lib/libcrypto/man/X509_VERIFY_PARAM_set_flags.3
stable/12/secure/lib/libcrypto/man/X509_check_ca.3
stable/12/secure/lib/libcrypto/man/X509_check_host.3
stable/12/secure/lib/libcrypto/man/X509_check_issued.3
stable/12/secure/lib/libcrypto/man/X509_check_private_key.3
stable/12/secure/lib/libcrypto/man/X509_cmp_time.3
stable/12/secure/lib/libcrypto/man/X509_digest.3
stable/12/secure/lib/libcrypto/man/X509_dup.3
stable/12/secure/lib/libcrypto/man/X509_get0_notBefore.3
stable/12/secure/lib/libcrypto/man/X509_get0_signature.3
stable/12/secure/lib/libcrypto/man/X509_get0_uids.3
stable/12/secure/lib/libcrypto/man/X509_get_extension_flags.3
stable/12/secure/lib/libcrypto/man/X509_get_pubkey.3
stable/12/secure/lib/libcrypto/man/X509_get_serialNumber.3
stable/12/secure/lib/libcrypto/man/X509_get_subject_name.3
stable/12/secure/lib/libcrypto/man/X509_get_version.3
stable/12/secure/lib/libcrypto/man/X509_new.3
stable/12/secure/lib/libcrypto/man/X509_sign.3
stable/12/secure/lib/libcrypto/man/X509_verify_cert.3
stable/12/secure/lib/libcrypto/man/X509v3_get_ext_by_NID.3
stable/12/secure/lib/libcrypto/man/d2i_DHparams.3
stable/12/secure/lib/libcrypto/man/d2i_PKCS8PrivateKey_bio.3
stable/12/secure/lib/libcrypto/man/d2i_PrivateKey.3
stable/12/secure/lib/libcrypto/man/d2i_SSL_SESSION.3
stable/12/secure/lib/libcrypto/man/d2i_X509.3
stable/12/secure/lib/libcrypto/man/i2d_CMS_bio_stream.3
stable/12/secure/lib/libcrypto/man/i2d_PKCS7_bio_stream.3
stable/12/secure/lib/libcrypto/man/i2d_re_X509_tbs.3
stable/12/secure/lib/libcrypto/man/o2i_SCT_LIST.3
stable/12/secure/usr.bin/openssl/man/CA.pl.1
stable/12/secure/usr.bin/openssl/man/asn1parse.1
stable/12/secure/usr.bin/openssl/man/ca.1
stable/12/secure/usr.bin/openssl/man/ciphers.1
stable/12/secure/usr.bin/openssl/man/cms.1
stable/12/secure/usr.bin/openssl/man/crl.1
stable/12/secure/usr.bin/openssl/man/crl2pkcs7.1
stable/12/secure/usr.bin/openssl/man/dgst.1
stable/12/secure/usr.bin/openssl/man/dhparam.1
stable/12/secure/usr.bin/openssl/man/dsa.1
stable/12/secure/usr.bin/openssl/man/dsaparam.1
stable/12/secure/usr.bin/openssl/man/ec.1
stable/12/secure/usr.bin/openssl/man/ecparam.1
stable/12/secure/usr.bin/openssl/man/enc.1
stable/12/secure/usr.bin/openssl/man/engine.1
stable/12/secure/usr.bin/openssl/man/errstr.1
stable/12/secure/usr.bin/openssl/man/gendsa.1
stable/12/secure/usr.bin/openssl/man/genpkey.1
stable/12/secure/usr.bin/openssl/man/genrsa.1
stable/12/secure/usr.bin/openssl/man/list.1
stable/12/secure/usr.bin/openssl/man/nseq.1
stable/12/secure/usr.bin/openssl/man/ocsp.1
stable/12/secure/usr.bin/openssl/man/openssl.1
stable/12/secure/usr.bin/openssl/man/passwd.1
stable/12/secure/usr.bin/openssl/man/pkcs12.1
stable/12/secure/usr.bin/openssl/man/pkcs7.1
stable/12/secure/usr.bin/openssl/man/pkcs8.1
stable/12/secure/usr.bin/openssl/man/pkey.1
stable/12/secure/usr.bin/openssl/man/pkeyparam.1
stable/12/secure/usr.bin/openssl/man/pkeyutl.1
stable/12/secure/usr.bin/openssl/man/prime.1
stable/12/secure/usr.bin/openssl/man/rand.1
stable/12/secure/usr.bin/openssl/man/req.1
stable/12/secure/usr.bin/openssl/man/rsa.1
stable/12/secure/usr.bin/openssl/man/rsautl.1
stable/12/secure/usr.bin/openssl/man/s_client.1
stable/12/secure/usr.bin/openssl/man/s_server.1
stable/12/secure/usr.bin/openssl/man/s_time.1
stable/12/secure/usr.bin/openssl/man/sess_id.1
stable/12/secure/usr.bin/openssl/man/smime.1
stable/12/secure/usr.bin/openssl/man/speed.1
stable/12/secure/usr.bin/openssl/man/spkac.1
stable/12/secure/usr.bin/openssl/man/srp.1
stable/12/secure/usr.bin/openssl/man/storeutl.1
stable/12/secure/usr.bin/openssl/man/ts.1
stable/12/secure/usr.bin/openssl/man/tsget.1
stable/12/secure/usr.bin/openssl/man/verify.1
stable/12/secure/usr.bin/openssl/man/version.1
stable/12/secure/usr.bin/openssl/man/x509.1
Directory Properties:
stable/12/ (props changed)
Modified: stable/12/crypto/openssl/CHANGES
==============================================================================
--- stable/12/crypto/openssl/CHANGES Tue May 28 21:54:12 2019 (r348340)
+++ stable/12/crypto/openssl/CHANGES Tue May 28 21:57:01 2019 (r348341)
@@ -7,6 +7,77 @@
https://github.com/openssl/openssl/commits/ and pick the appropriate
release branch.
+ Changes between 1.1.1b and 1.1.1c [28 May 2019]
+
+ *) Add build tests for C++. These are generated files that only do one
+ thing, to include one public OpenSSL head file each. This tests that
+ the public header files can be usefully included in a C++ application.
+
+ This test isn't enabled by default. It can be enabled with the option
+ 'enable-buildtest-c++'.
+ [Richard Levitte]
+
+ *) Enable SHA3 pre-hashing for ECDSA and DSA.
+ [Patrick Steuer]
+
+ *) Change the default RSA, DSA and DH size to 2048 bit instead of 1024.
+ This changes the size when using the genpkey app when no size is given. It
+ fixes an omission in earlier changes that changed all RSA, DSA and DH
+ generation apps to use 2048 bits by default.
+ [Kurt Roeckx]
+
+ *) Reorganize the manual pages to consistently have RETURN VALUES,
+ EXAMPLES, SEE ALSO and HISTORY come in that order, and adjust
+ util/fix-doc-nits accordingly.
+ [Paul Yang, Joshua Lock]
+
+ *) Add the missing accessor EVP_PKEY_get0_engine()
+ [Matt Caswell]
+
+ *) Have apps like 's_client' and 's_server' output the signature scheme
+ along with other cipher suite parameters when debugging.
+ [Lorinczy Zsigmond]
+
+ *) Make OPENSSL_config() error agnostic again.
+ [Richard Levitte]
+
+ *) Do the error handling in RSA decryption constant time.
+ [Bernd Edlinger]
+
+ *) Prevent over long nonces in ChaCha20-Poly1305.
+
+ ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input
+ for every encryption operation. RFC 7539 specifies that the nonce value
+ (IV) should be 96 bits (12 bytes). OpenSSL allows a variable nonce length
+ and front pads the nonce with 0 bytes if it is less than 12
+ bytes. However it also incorrectly allows a nonce to be set of up to 16
+ bytes. In this case only the last 12 bytes are significant and any
+ additional leading bytes are ignored.
+
+ It is a requirement of using this cipher that nonce values are
+ unique. Messages encrypted using a reused nonce value are susceptible to
+ serious confidentiality and integrity attacks. If an application changes
+ the default nonce length to be longer than 12 bytes and then makes a
+ change to the leading bytes of the nonce expecting the new value to be a
+ new unique nonce then such an application could inadvertently encrypt
+ messages with a reused nonce.
+
+ Additionally the ignored bytes in a long nonce are not covered by the
+ integrity guarantee of this cipher. Any application that relies on the
+ integrity of these ignored leading bytes of a long nonce may be further
+ affected. Any OpenSSL internal use of this cipher, including in SSL/TLS,
+ is safe because no such use sets such a long nonce value. However user
+ applications that use this cipher directly and set a non-default nonce
+ length to be longer than 12 bytes may be vulnerable.
+
+ This issue was reported to OpenSSL on 16th of March 2019 by Joran Dirk
+ Greef of Ronomon.
+ (CVE-2019-1543)
+ [Matt Caswell]
+
+ *) Ensure that SM2 only uses SM3 as digest algorithm
+ [Paul Yang]
+
Changes between 1.1.1a and 1.1.1b [26 Feb 2019]
*) Added SCA hardening for modular field inversion in EC_GROUP through
Modified: stable/12/crypto/openssl/Configure
==============================================================================
--- stable/12/crypto/openssl/Configure Tue May 28 21:54:12 2019 (r348340)
+++ stable/12/crypto/openssl/Configure Tue May 28 21:57:01 2019 (r348341)
@@ -24,7 +24,7 @@ use OpenSSL::Glob;
my $orig_death_handler = $SIG{__DIE__};
$SIG{__DIE__} = \&death_handler;
-my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n";
+my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n";
# Options:
#
@@ -54,16 +54,14 @@ my $usage="Usage: Configure [no-<cipher> ...] [enable-
# [no-]threads [don't] try to create a library that is suitable for
# multithreaded applications (default is "threads" if we
# know how to do it)
-# [no-]shared [don't] try to create shared libraries when supported.
+# [no-]shared [don't] try to create shared libraries when supported.
# [no-]pic [don't] try to build position independent code when supported.
# If disabled, it also disables shared and dynamic-engine.
# no-asm do not use assembler
-# no-dso do not compile in any native shared-library methods. This
-# will ensure that all methods just return NULL.
# no-egd do not compile support for the entropy-gathering daemon APIs
# [no-]zlib [don't] compile support for zlib compression.
-# zlib-dynamic Like "zlib", but the zlib library is expected to be a shared
-# library and will be loaded in run-time by the OpenSSL library.
+# zlib-dynamic Like "zlib", but the zlib library is expected to be a shared
+# library and will be loaded in run-time by the OpenSSL library.
# sctp include SCTP support
# enable-weak-ssl-ciphers
# Enable weak ciphers that are disabled by default.
@@ -75,7 +73,7 @@ my $usage="Usage: Configure [no-<cipher> ...] [enable-
# -static while -static is also a pass-through compiler option (and
# as such is limited to environments where it's actually
# meaningful), it triggers a number configuration options,
-# namely no-dso, no-pic, no-shared and no-threads. It is
+# namely no-pic, no-shared and no-threads. It is
# argued that the only reason to produce statically linked
# binaries (and in context it means executables linked with
# -static flag, and not just executables linked with static
@@ -90,21 +88,22 @@ my $usage="Usage: Configure [no-<cipher> ...] [enable-
# production quality.
#
# DEBUG_SAFESTACK use type-safe stacks to enforce type-safety on stack items
-# provided to stack calls. Generates unique stack functions for
-# each possible stack type.
-# BN_LLONG use the type 'long long' in crypto/bn/bn.h
-# RC4_CHAR use 'char' instead of 'int' for RC4_INT in crypto/rc4/rc4.h
+# provided to stack calls. Generates unique stack functions for
+# each possible stack type.
+# BN_LLONG use the type 'long long' in crypto/bn/bn.h
+# RC4_CHAR use 'char' instead of 'int' for RC4_INT in crypto/rc4/rc4.h
# Following are set automatically by this script
#
-# MD5_ASM use some extra md5 assembler,
-# SHA1_ASM use some extra sha1 assembler, must define L_ENDIAN for x86
-# RMD160_ASM use some extra ripemd160 assembler,
-# SHA256_ASM sha256_block is implemented in assembler
-# SHA512_ASM sha512_block is implemented in assembler
-# AES_ASM AES_[en|de]crypt is implemented in assembler
+# MD5_ASM use some extra md5 assembler,
+# SHA1_ASM use some extra sha1 assembler, must define L_ENDIAN for x86
+# RMD160_ASM use some extra ripemd160 assembler,
+# SHA256_ASM sha256_block is implemented in assembler
+# SHA512_ASM sha512_block is implemented in assembler
+# AES_ASM AES_[en|de]crypt is implemented in assembler
-# Minimum warning options... any contributions to OpenSSL should at least get
-# past these.
+# Minimum warning options... any contributions to OpenSSL should at least
+# get past these. Note that we only use these with C compilers, not with
+# C++ compilers.
# DEBUG_UNUSED enables __owur (warn unused result) checks.
# -DPEDANTIC complements -pedantic and is meant to mask code that
@@ -119,22 +118,23 @@ my $usage="Usage: Configure [no-<cipher> ...] [enable-
# code, so we just tell compiler to be pedantic about everything
# but 'long long' type.
-my $gcc_devteam_warn = "-DDEBUG_UNUSED"
- . " -DPEDANTIC -pedantic -Wno-long-long"
- . " -Wall"
- . " -Wextra"
- . " -Wno-unused-parameter"
- . " -Wno-missing-field-initializers"
- . " -Wswitch"
- . " -Wsign-compare"
- . " -Wmissing-prototypes"
- . " -Wstrict-prototypes"
- . " -Wshadow"
- . " -Wformat"
- . " -Wtype-limits"
- . " -Wundef"
- . " -Werror"
- ;
+my @gcc_devteam_warn = qw(
+ -DDEBUG_UNUSED
+ -DPEDANTIC -pedantic -Wno-long-long
+ -Wall
+ -Wextra
+ -Wno-unused-parameter
+ -Wno-missing-field-initializers
+ -Wswitch
+ -Wsign-compare
+ -Wshadow
+ -Wformat
+ -Wtype-limits
+ -Wundef
+ -Werror
+ -Wmissing-prototypes
+ -Wstrict-prototypes
+);
# These are used in addition to $gcc_devteam_warn when the compiler is clang.
# TODO(openssl-team): fix problems and investigate if (at least) the
@@ -144,19 +144,16 @@ my $gcc_devteam_warn = "-DDEBUG_UNUSED"
# -Wlanguage-extension-token -- no, we use asm()
# -Wunused-macros -- no, too tricky for BN and _XOPEN_SOURCE etc
# -Wextended-offsetof -- no, needed in CMS ASN1 code
-# -Wunused-function -- no, it forces header use of safestack et al
-# DEFINE macros
-my $clang_devteam_warn = ""
- . " -Wswitch-default"
- . " -Wno-parentheses-equality"
- . " -Wno-language-extension-token"
- . " -Wno-extended-offsetof"
- . " -Wconditional-uninitialized"
- . " -Wincompatible-pointer-types-discards-qualifiers"
- . " -Wmissing-variable-declarations"
- . " -Wno-unknown-warning-option"
- . " -Wno-unused-function"
- ;
+my @clang_devteam_warn = qw(
+ -Wswitch-default
+ -Wno-parentheses-equality
+ -Wno-language-extension-token
+ -Wno-extended-offsetof
+ -Wconditional-uninitialized
+ -Wincompatible-pointer-types-discards-qualifiers
+ -Wno-unknown-warning-option
+ -Wmissing-variable-declarations
+);
# This adds backtrace information to the memory leak info. Is only used
# when crypto-mdebug-backtrace is enabled.
@@ -225,20 +222,20 @@ if (grep /^reconf(igure)?$/, @argvcopy) {
die "reconfiguring with other arguments present isn't supported"
if scalar @argvcopy > 1;
if (-f "./configdata.pm") {
- my $file = "./configdata.pm";
- unless (my $return = do $file) {
- die "couldn't parse $file: $@" if $@;
+ my $file = "./configdata.pm";
+ unless (my $return = do $file) {
+ die "couldn't parse $file: $@" if $@;
die "couldn't do $file: $!" unless defined $return;
die "couldn't run $file" unless $return;
- }
+ }
- @argvcopy = defined($configdata::config{perlargv}) ?
- @{$configdata::config{perlargv}} : ();
- die "Incorrect data to reconfigure, please do a normal configuration\n"
- if (grep(/^reconf/, at argvcopy));
- $config{perlenv} = $configdata::config{perlenv} // {};
+ @argvcopy = defined($configdata::config{perlargv}) ?
+ @{$configdata::config{perlargv}} : ();
+ die "Incorrect data to reconfigure, please do a normal configuration\n"
+ if (grep(/^reconf/, at argvcopy));
+ $config{perlenv} = $configdata::config{perlenv} // {};
} else {
- die "Insufficient data to reconfigure, please do a normal configuration\n";
+ die "Insufficient data to reconfigure, please do a normal configuration\n";
}
}
@@ -253,8 +250,8 @@ $config{shlib_version_history} = "unknown";
collect_information(
collect_from_file(catfile($srcdir,'include/openssl/opensslv.h')),
qr/OPENSSL.VERSION.TEXT.*OpenSSL (\S+) / => sub { $config{version} = $1; },
- qr/OPENSSL.VERSION.NUMBER.*(0x\S+)/ => sub { $config{version_num}=$1 },
- qr/SHLIB_VERSION_NUMBER *"([^"]+)"/ => sub { $config{shlib_version_number}=$1 },
+ qr/OPENSSL.VERSION.NUMBER.*(0x\S+)/ => sub { $config{version_num}=$1 },
+ qr/SHLIB_VERSION_NUMBER *"([^"]+)"/ => sub { $config{shlib_version_number}=$1 },
qr/SHLIB_VERSION_HISTORY *"([^"]*)"/ => sub { $config{shlib_version_history}=$1 }
);
if ($config{shlib_version_history} ne "") { $config{shlib_version_history} .= ":"; }
@@ -266,7 +263,7 @@ if ($config{shlib_version_history} ne "") { $config{sh
die "erroneous version information in opensslv.h: ",
"$config{major}, $config{minor}, $config{shlib_major}, $config{shlib_minor}\n"
if ($config{major} eq "" || $config{minor} eq ""
- || $config{shlib_major} eq "" || $config{shlib_minor} eq "");
+ || $config{shlib_major} eq "" || $config{shlib_minor} eq "");
# Collect target configurations
@@ -335,6 +332,7 @@ my @disablables = (
"autoload-config",
"bf",
"blake2",
+ "buildtest-c\\+\\+",
"camellia",
"capieng",
"cast",
@@ -351,7 +349,6 @@ my @disablables = (
"dgram",
"dh",
"dsa",
- "dso",
"dtls",
"dynamic-engine",
"ec",
@@ -419,71 +416,70 @@ my @disablables = (
"zlib-dynamic",
);
foreach my $proto ((@tls, @dtls))
- {
- push(@disablables, $proto);
- push(@disablables, "$proto-method") unless $proto eq "tls1_3";
- }
+ {
+ push(@disablables, $proto);
+ push(@disablables, "$proto-method") unless $proto eq "tls1_3";
+ }
my %deprecated_disablables = (
"ssl2" => undef,
"buf-freelists" => undef,
"ripemd" => "rmd160",
"ui" => "ui-console",
+ "dso" => "", # Empty string means we're silent about it
);
# All of the following are disabled by default:
our %disabled = ( # "what" => "comment"
- "asan" => "default",
- "crypto-mdebug" => "default",
- "crypto-mdebug-backtrace" => "default",
- "devcryptoeng" => "default",
- "ec_nistp_64_gcc_128" => "default",
- "egd" => "default",
- "external-tests" => "default",
- "fuzz-libfuzzer" => "default",
- "fuzz-afl" => "default",
- "heartbeats" => "default",
- "md2" => "default",
+ "asan" => "default",
+ "buildtest-c++" => "default",
+ "crypto-mdebug" => "default",
+ "crypto-mdebug-backtrace" => "default",
+ "devcryptoeng" => "default",
+ "ec_nistp_64_gcc_128" => "default",
+ "egd" => "default",
+ "external-tests" => "default",
+ "fuzz-libfuzzer" => "default",
+ "fuzz-afl" => "default",
+ "heartbeats" => "default",
+ "md2" => "default",
"msan" => "default",
- "rc5" => "default",
- "sctp" => "default",
- "ssl-trace" => "default",
- "ssl3" => "default",
- "ssl3-method" => "default",
- "ubsan" => "default",
- "unit-test" => "default",
- "weak-ssl-ciphers" => "default",
- "zlib" => "default",
- "zlib-dynamic" => "default",
- );
+ "rc5" => "default",
+ "sctp" => "default",
+ "ssl-trace" => "default",
+ "ssl3" => "default",
+ "ssl3-method" => "default",
+ "ubsan" => "default",
+ "unit-test" => "default",
+ "weak-ssl-ciphers" => "default",
+ "zlib" => "default",
+ "zlib-dynamic" => "default",
+ );
# Note: => pair form used for aesthetics, not to truly make a hash table
my @disable_cascades = (
- # "what" => [ "cascade", ... ]
+ # "what" => [ "cascade", ... ]
sub { $config{processor} eq "386" }
- => [ "sse2" ],
- "ssl" => [ "ssl3" ],
- "ssl3-method" => [ "ssl3" ],
- "zlib" => [ "zlib-dynamic" ],
- "des" => [ "mdc2" ],
- "ec" => [ "ecdsa", "ecdh" ],
+ => [ "sse2" ],
+ "ssl" => [ "ssl3" ],
+ "ssl3-method" => [ "ssl3" ],
+ "zlib" => [ "zlib-dynamic" ],
+ "des" => [ "mdc2" ],
+ "ec" => [ "ecdsa", "ecdh" ],
- "dgram" => [ "dtls", "sctp" ],
- "sock" => [ "dgram" ],
- "dtls" => [ @dtls ],
+ "dgram" => [ "dtls", "sctp" ],
+ "sock" => [ "dgram" ],
+ "dtls" => [ @dtls ],
sub { 0 == scalar grep { !$disabled{$_} } @dtls }
- => [ "dtls" ],
+ => [ "dtls" ],
- "tls" => [ @tls ],
+ "tls" => [ @tls ],
sub { 0 == scalar grep { !$disabled{$_} } @tls }
- => [ "tls" ],
+ => [ "tls" ],
"crypto-mdebug" => [ "crypto-mdebug-backtrace" ],
- # Without DSO, we can't load dynamic engines, so don't build them dynamic
- "dso" => [ "dynamic-engine" ],
-
# Without position independent code, there can be no shared libraries or DSOs
"pic" => [ "shared" ],
"shared" => [ "dynamic-engine" ],
@@ -510,14 +506,14 @@ my @list = (reverse @tls);
while ((my $first, my $second) = (shift @list, shift @list)) {
last unless @list;
push @disable_cascades, ( sub { !$disabled{$first} && $disabled{$second} }
- => [ @list ] );
+ => [ @list ] );
unshift @list, $second;
}
my @list = (reverse @dtls);
while ((my $first, my $second) = (shift @list, shift @list)) {
last unless @list;
push @disable_cascades, ( sub { !$disabled{$first} && $disabled{$second} }
- => [ @list ] );
+ => [ @list ] );
unshift @list, $second;
}
@@ -544,24 +540,24 @@ my %user = (
AS => undef,
ASFLAGS => [],
CC => env('CC'),
- CFLAGS => [],
+ CFLAGS => [ env('CFLAGS') || () ],
CXX => env('CXX'),
- CXXFLAGS => [],
+ CXXFLAGS => [ env('CXXFLAGS') || () ],
CPP => undef,
- CPPFLAGS => [], # -D, -I, -Wp,
+ CPPFLAGS => [ env('CPPFLAGS') || () ], # -D, -I, -Wp,
CPPDEFINES => [], # Alternative for -D
CPPINCLUDES => [], # Alternative for -I
CROSS_COMPILE => env('CROSS_COMPILE'),
HASHBANGPERL=> env('HASHBANGPERL') || env('PERL'),
LD => undef,
- LDFLAGS => [], # -L, -Wl,
- LDLIBS => [], # -l
+ LDFLAGS => [ env('LDFLAGS') || () ], # -L, -Wl,
+ LDLIBS => [ env('LDLIBS') || () ], # -l
MT => undef,
MTFLAGS => [],
PERL => env('PERL') || ($^O ne "VMS" ? $^X : "perl"),
RANLIB => env('RANLIB'),
RC => env('RC') || env('WINDRES'),
- RCFLAGS => [],
+ RCFLAGS => [ env('RCFLAGS') || () ],
RM => undef,
);
# Info about what "make variables" may be prefixed with the cross compiler
@@ -578,6 +574,7 @@ my %useradd = (
CXXFLAGS => [],
LDFLAGS => [],
LDLIBS => [],
+ RCFLAGS => [],
);
my %user_synonyms = (
@@ -625,43 +622,43 @@ my %deprecated_options = ();
my @known_seed_sources = qw(getrandom devrandom os egd none rdcpu librandom);
my @seed_sources = ();
while (@argvcopy)
- {
- $_ = shift @argvcopy;
+ {
+ $_ = shift @argvcopy;
- # Support env variable assignments among the options
- if (m|^(\w+)=(.+)?$|)
- {
- $cmdvars{$1} = $2;
- # Every time a variable is given as a configuration argument,
- # it acts as a reset if the variable.
- if (exists $user{$1})
- {
- $user{$1} = ref $user{$1} eq "ARRAY" ? [] : undef;
- }
- #if (exists $useradd{$1})
- # {
- # $useradd{$1} = [];
- # }
- next;
- }
+ # Support env variable assignments among the options
+ if (m|^(\w+)=(.+)?$|)
+ {
+ $cmdvars{$1} = $2;
+ # Every time a variable is given as a configuration argument,
+ # it acts as a reset if the variable.
+ if (exists $user{$1})
+ {
+ $user{$1} = ref $user{$1} eq "ARRAY" ? [] : undef;
+ }
+ #if (exists $useradd{$1})
+ # {
+ # $useradd{$1} = [];
+ # }
+ next;
+ }
- # VMS is a case insensitive environment, and depending on settings
- # out of our control, we may receive options uppercased. Let's
- # downcase at least the part before any equal sign.
- if ($^O eq "VMS")
- {
- s/^([^=]*)/lc($1)/e;
- }
+ # VMS is a case insensitive environment, and depending on settings
+ # out of our control, we may receive options uppercased. Let's
+ # downcase at least the part before any equal sign.
+ if ($^O eq "VMS")
+ {
+ s/^([^=]*)/lc($1)/e;
+ }
- # some people just can't read the instructions, clang people have to...
- s/^-no-(?!integrated-as)/no-/;
+ # some people just can't read the instructions, clang people have to...
+ s/^-no-(?!integrated-as)/no-/;
- # rewrite some options in "enable-..." form
- s /^-?-?shared$/enable-shared/;
- s /^sctp$/enable-sctp/;
- s /^threads$/enable-threads/;
- s /^zlib$/enable-zlib/;
- s /^zlib-dynamic$/enable-zlib-dynamic/;
+ # rewrite some options in "enable-..." form
+ s /^-?-?shared$/enable-shared/;
+ s /^sctp$/enable-sctp/;
+ s /^threads$/enable-threads/;
+ s /^zlib$/enable-zlib/;
+ s /^zlib-dynamic$/enable-zlib-dynamic/;
if (/^(no|disable|enable)-(.+)$/)
{
@@ -715,21 +712,24 @@ while (@argvcopy)
}
elsif (exists $deprecated_disablables{$1})
{
- $deprecated_options{$_} = 1;
- if (defined $deprecated_disablables{$1})
+ if ($deprecated_disablables{$1} ne "")
{
- $disabled{$deprecated_disablables{$1}} = "option";
+ $deprecated_options{$_} = 1;
+ if (defined $deprecated_disablables{$1})
+ {
+ $disabled{$deprecated_disablables{$1}} = "option";
+ }
}
}
else
{
$disabled{$1} = "option";
}
- # No longer an automatic choice
- $auto_threads = 0 if ($1 eq "threads");
- }
- elsif (/^enable-(.+)$/)
- {
+ # No longer an automatic choice
+ $auto_threads = 0 if ($1 eq "threads");
+ }
+ elsif (/^enable-(.+)$/)
+ {
if ($1 eq "static-engine")
{
$disabled{"dynamic-engine"} = "option";
@@ -742,173 +742,172 @@ while (@argvcopy)
{
delete $disabled{"zlib"};
}
- my $algo = $1;
- delete $disabled{$algo};
+ my $algo = $1;
+ delete $disabled{$algo};
- # No longer an automatic choice
- $auto_threads = 0 if ($1 eq "threads");
- }
- elsif (/^--strict-warnings$/)
- {
- $strict_warnings = 1;
- }
- elsif (/^--debug$/)
- {
- $config{build_type} = "debug";
- }
- elsif (/^--release$/)
- {
- $config{build_type} = "release";
- }
- elsif (/^386$/)
- { $config{processor}=386; }
- elsif (/^fips$/)
- {
- die "FIPS mode not supported\n";
- }
- elsif (/^rsaref$/)
- {
- # No RSAref support any more since it's not needed.
- # The check for the option is there so scripts aren't
- # broken
- }
- elsif (/^nofipscanistercheck$/)
- {
- die "FIPS mode not supported\n";
- }
- elsif (/^[-+]/)
- {
- if (/^--prefix=(.*)$/)
- {
- $config{prefix}=$1;
- die "Directory given with --prefix MUST be absolute\n"
- unless file_name_is_absolute($config{prefix});
- }
- elsif (/^--api=(.*)$/)
- {
- $config{api}=$1;
- }
- elsif (/^--libdir=(.*)$/)
- {
- $config{libdir}=$1;
- }
- elsif (/^--openssldir=(.*)$/)
- {
- $config{openssldir}=$1;
- }
- elsif (/^--with-zlib-lib=(.*)$/)
- {
- $withargs{zlib_lib}=$1;
- }
- elsif (/^--with-zlib-include=(.*)$/)
- {
- $withargs{zlib_include}=$1;
- }
- elsif (/^--with-fuzzer-lib=(.*)$/)
- {
- $withargs{fuzzer_lib}=$1;
- }
- elsif (/^--with-fuzzer-include=(.*)$/)
- {
- $withargs{fuzzer_include}=$1;
- }
- elsif (/^--with-rand-seed=(.*)$/)
- {
- foreach my $x (split(m|,|, $1))
- {
- die "Unknown --with-rand-seed choice $x\n"
- if ! grep { $x eq $_ } @known_seed_sources;
- push @seed_sources, $x;
- }
+ # No longer an automatic choice
+ $auto_threads = 0 if ($1 eq "threads");
+ }
+ elsif (/^--strict-warnings$/)
+ {
+ # Pretend that our strict flags is a C flag, and replace it
+ # with the proper flags later on
+ push @{$useradd{CFLAGS}}, '--ossl-strict-warnings';
+ $strict_warnings=1;
+ }
+ elsif (/^--debug$/)
+ {
+ $config{build_type} = "debug";
+ }
+ elsif (/^--release$/)
+ {
+ $config{build_type} = "release";
+ }
+ elsif (/^386$/)
+ { $config{processor}=386; }
+ elsif (/^fips$/)
+ {
+ die "FIPS mode not supported\n";
+ }
+ elsif (/^rsaref$/)
+ {
+ # No RSAref support any more since it's not needed.
+ # The check for the option is there so scripts aren't
+ # broken
+ }
+ elsif (/^nofipscanistercheck$/)
+ {
+ die "FIPS mode not supported\n";
+ }
+ elsif (/^[-+]/)
+ {
+ if (/^--prefix=(.*)$/)
+ {
+ $config{prefix}=$1;
+ die "Directory given with --prefix MUST be absolute\n"
+ unless file_name_is_absolute($config{prefix});
}
- elsif (/^--cross-compile-prefix=(.*)$/)
- {
- $user{CROSS_COMPILE}=$1;
- }
- elsif (/^--config=(.*)$/)
- {
- read_config $1;
- }
- elsif (/^-l(.*)$/)
- {
- push @{$useradd{LDLIBS}}, $_;
- }
- elsif (/^-framework$/)
- {
- push @{$useradd{LDLIBS}}, $_, shift(@argvcopy);
- }
- elsif (/^-L(.*)$/ or /^-Wl,/)
- {
- push @{$useradd{LDFLAGS}}, $_;
- }
- elsif (/^-rpath$/ or /^-R$/)
- # -rpath is the OSF1 rpath flag
- # -R is the old Solaris rpath flag
- {
- my $rpath = shift(@argvcopy) || "";
- $rpath .= " " if $rpath ne "";
- push @{$useradd{LDFLAGS}}, $_, $rpath;
- }
- elsif (/^-static$/)
- {
- push @{$useradd{LDFLAGS}}, $_;
- $disabled{"dso"} = "forced";
- $disabled{"pic"} = "forced";
- $disabled{"shared"} = "forced";
- $disabled{"threads"} = "forced";
- }
- elsif (/^-D(.*)$/)
- {
- push @{$useradd{CPPDEFINES}}, $1;
- }
- elsif (/^-I(.*)$/)
- {
- push @{$useradd{CPPINCLUDES}}, $1;
- }
- elsif (/^-Wp,$/)
- {
- push @{$useradd{CPPFLAGS}}, $1;
- }
- else # common if (/^[-+]/), just pass down...
- {
- $_ =~ s/%([0-9a-f]{1,2})/chr(hex($1))/gei;
- push @{$useradd{CFLAGS}}, $_;
- push @{$useradd{CXXFLAGS}}, $_;
- }
- }
- else
- {
- die "target already defined - $target (offending arg: $_)\n" if ($target ne "");
- $target=$_;
- }
- unless ($_ eq $target || /^no-/ || /^disable-/)
- {
- # "no-..." follows later after implied deactivations
- # have been derived. (Don't take this too seriously,
- # we really only write OPTIONS to the Makefile out of
- # nostalgia.)
+ elsif (/^--api=(.*)$/)
+ {
+ $config{api}=$1;
+ }
+ elsif (/^--libdir=(.*)$/)
+ {
+ $config{libdir}=$1;
+ }
+ elsif (/^--openssldir=(.*)$/)
+ {
+ $config{openssldir}=$1;
+ }
+ elsif (/^--with-zlib-lib=(.*)$/)
+ {
+ $withargs{zlib_lib}=$1;
+ }
+ elsif (/^--with-zlib-include=(.*)$/)
+ {
+ $withargs{zlib_include}=$1;
+ }
+ elsif (/^--with-fuzzer-lib=(.*)$/)
+ {
+ $withargs{fuzzer_lib}=$1;
+ }
+ elsif (/^--with-fuzzer-include=(.*)$/)
+ {
+ $withargs{fuzzer_include}=$1;
+ }
+ elsif (/^--with-rand-seed=(.*)$/)
+ {
+ foreach my $x (split(m|,|, $1))
+ {
+ die "Unknown --with-rand-seed choice $x\n"
+ if ! grep { $x eq $_ } @known_seed_sources;
+ push @seed_sources, $x;
+ }
+ }
+ elsif (/^--cross-compile-prefix=(.*)$/)
+ {
+ $user{CROSS_COMPILE}=$1;
+ }
+ elsif (/^--config=(.*)$/)
+ {
+ read_config $1;
+ }
+ elsif (/^-l(.*)$/)
+ {
+ push @{$useradd{LDLIBS}}, $_;
+ }
+ elsif (/^-framework$/)
+ {
+ push @{$useradd{LDLIBS}}, $_, shift(@argvcopy);
+ }
+ elsif (/^-L(.*)$/ or /^-Wl,/)
+ {
+ push @{$useradd{LDFLAGS}}, $_;
+ }
+ elsif (/^-rpath$/ or /^-R$/)
+ # -rpath is the OSF1 rpath flag
+ # -R is the old Solaris rpath flag
+ {
+ my $rpath = shift(@argvcopy) || "";
+ $rpath .= " " if $rpath ne "";
+ push @{$useradd{LDFLAGS}}, $_, $rpath;
+ }
+ elsif (/^-static$/)
+ {
+ push @{$useradd{LDFLAGS}}, $_;
+ }
+ elsif (/^-D(.*)$/)
+ {
+ push @{$useradd{CPPDEFINES}}, $1;
+ }
+ elsif (/^-I(.*)$/)
+ {
+ push @{$useradd{CPPINCLUDES}}, $1;
+ }
+ elsif (/^-Wp,$/)
+ {
+ push @{$useradd{CPPFLAGS}}, $1;
+ }
+ else # common if (/^[-+]/), just pass down...
+ {
+ $_ =~ s/%([0-9a-f]{1,2})/chr(hex($1))/gei;
+ push @{$useradd{CFLAGS}}, $_;
+ push @{$useradd{CXXFLAGS}}, $_;
+ }
+ }
+ else
+ {
+ die "target already defined - $target (offending arg: $_)\n" if ($target ne "");
+ $target=$_;
+ }
+ unless ($_ eq $target || /^no-/ || /^disable-/)
+ {
+ # "no-..." follows later after implied deactivations
+ # have been derived. (Don't take this too seriously,
+ # we really only write OPTIONS to the Makefile out of
+ # nostalgia.)
- if ($config{options} eq "")
- { $config{options} = $_; }
- else
- { $config{options} .= " ".$_; }
- }
- }
+ if ($config{options} eq "")
+ { $config{options} = $_; }
+ else
+ { $config{options} .= " ".$_; }
+ }
+ }
if (defined($config{api}) && !exists $apitable->{$config{api}}) {
- die "***** Unsupported api compatibility level: $config{api}\n",
+ die "***** Unsupported api compatibility level: $config{api}\n",
}
if (keys %deprecated_options)
- {
- warn "***** Deprecated options: ",
- join(", ", keys %deprecated_options), "\n";
- }
+ {
+ warn "***** Deprecated options: ",
+ join(", ", keys %deprecated_options), "\n";
+ }
if (keys %unsupported_options)
- {
- die "***** Unsupported options: ",
- join(", ", keys %unsupported_options), "\n";
- }
+ {
+ die "***** Unsupported options: ",
+ join(", ", keys %unsupported_options), "\n";
+ }
# If any %useradd entry has been set, we must check that the "make
# variables" haven't been set. We start by checking of any %useradd entry
@@ -964,36 +963,46 @@ if (grep { /-rpath\b/ } ($user{LDFLAGS} ? @{$user{LDFL
&& !$disabled{shared}
&& !($disabled{asan} && $disabled{msan} && $disabled{ubsan})) {
die "***** Cannot simultaneously use -rpath, shared libraries, and\n",
- "***** any of asan, msan or ubsan\n";
+ "***** any of asan, msan or ubsan\n";
}
-my @tocheckfor = (keys %disabled);
-while (@tocheckfor) {
- my %new_tocheckfor = ();
- my @cascade_copy = (@disable_cascades);
- while (@cascade_copy) {
- my ($test, $descendents) = (shift @cascade_copy, shift @cascade_copy);
- if (ref($test) eq "CODE" ? $test->() : defined($disabled{$test})) {
- foreach(grep { !defined($disabled{$_}) } @$descendents) {
- $new_tocheckfor{$_} = 1; $disabled{$_} = "forced";
- }
- }
+sub disable {
+ my $disable_type = shift;
+
+ for (@_) {
+ $disabled{$_} = $disable_type;
}
- @tocheckfor = (keys %new_tocheckfor);
+
+ my @tocheckfor = (@_ ? @_ : keys %disabled);
+ while (@tocheckfor) {
+ my %new_tocheckfor = ();
+ my @cascade_copy = (@disable_cascades);
+ while (@cascade_copy) {
+ my ($test, $descendents) =
+ (shift @cascade_copy, shift @cascade_copy);
+ if (ref($test) eq "CODE" ? $test->() : defined($disabled{$test})) {
+ foreach (grep { !defined($disabled{$_}) } @$descendents) {
+ $new_tocheckfor{$_} = 1; $disabled{$_} = "cascade";
+ }
+ }
+ }
+ @tocheckfor = (keys %new_tocheckfor);
+ }
}
+disable(); # First cascade run
our $die = sub { die @_; };
if ($target eq "TABLE") {
local $die = sub { warn @_; };
foreach (sort keys %table) {
- print_table_entry($_, "TABLE");
+ print_table_entry($_, "TABLE");
}
exit 0;
}
if ($target eq "LIST") {
foreach (sort keys %table) {
- print $_,"\n" unless $table{$_}->{template};
+ print $_,"\n" unless $table{$_}->{template};
}
exit 0;
}
@@ -1002,7 +1011,7 @@ if ($target eq "HASH") {
local $die = sub { warn @_; };
print "%table = (\n";
foreach (sort keys %table) {
- print_table_entry($_, "HASH");
+ print_table_entry($_, "HASH");
}
exit 0;
}
@@ -1033,7 +1042,7 @@ _____
}
push @{$config{openssl_other_defines}},
map { (my $x = $_) =~ tr|[\-a-z]|[_A-Z]|; "OPENSSL_RAND_SEED_$x" }
- @seed_sources;
+ @seed_sources;
# Backward compatibility?
if ($target =~ m/^CygWin32(-.*)$/) {
@@ -1047,7 +1056,7 @@ if ($d) {
# If we do not find debug-foo in the table, the target is set to foo.
if (!$table{$target}) {
- $target = $t;
+ $target = $t;
}
}
@@ -1064,47 +1073,11 @@ foreach (keys %target_attr_translate) {
%target = ( %{$table{DEFAULTS}}, %target );
-# Make the flags to build DSOs the same as for shared libraries unless they
-# are already defined
-$target{module_cflags} = $target{shared_cflag} unless defined $target{module_cflags};
-$target{module_cxxflags} = $target{shared_cxxflag} unless defined $target{module_cxxflags};
-$target{module_ldflags} = $target{shared_ldflag} unless defined $target{module_ldflags};
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-src-all
mailing list