aboutsummaryrefslogtreecommitdiffstats
path: root/INSTALL
Commit message (Collapse)AuthorAgeFilesLines
* Introduce a no-pinshared optionMatt Caswell2019-01-041-0/+18
| | | | | | | | | | | This option prevents OpenSSL from pinning itself in memory. Fixes #7598 [extended tests] Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7647)
* Add RFC5297 AES-SIV supportTodd Short2018-12-121-3/+3
| | | | | | | | | | | | | | Based originally on github.com/dfoxfranke/libaes_siv This creates an SIV128 mode that uses EVP interfaces for the CBC, CTR and CMAC code to reduce complexity at the cost of perfomance. The expected use is for short inputs, not TLS-sized records. Add multiple AAD input capacity in the EVP tests. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/3540)
* INSTALL: add note about devcrypto engineEneas U de Queiroz2018-12-101-0/+5
| | | | | | | | Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7585)
* Configure Kernel TLS datapathBoris Pismenny2018-12-071-0/+9
| | | | | | | | | | | | Allow users to disable ktls using the "no-ktls" option. Also, disable ktls when cross-compiling, non-linux, or too-old-kernel. Signed-off-by: Boris Pismenny <borisp@mellanox.com> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Yang <yang.yang@baishancloud.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5253)
* typo-fixes: miscellaneous typo fixesagnosticdev2018-09-211-5/+5
| | | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/7277)
* Turn on TLSv1.3 downgrade protection by defaultMatt Caswell2018-08-151-10/+0
| | | | | | Reviewed-by: Ben Kaduk <kaduk@mit.edu> Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6741)
* INSTALL,NOTES.ANDROID: minor updates.Andy Polyakov2018-08-071-4/+6
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6866)
* INSTALL,NOTES.WIN: classify no-asm as non-production option.Andy Polyakov2018-07-251-2/+4
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6773)
* Document no-sm2Matt Caswell2018-06-211-3/+3
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6532)
* Improve wordingRich Salz2018-06-051-1/+2
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6413)
* Make OS/X more explicit, to avoid questionsRich Salz2018-06-021-2/+2
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6404)
* INSTALL: Provide better documentation for enable-ec_nistp_64_gcc_128Richard Levitte2018-05-231-2/+7
| | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6328)
* Add support for getrandom() or equivalent system calls and use them by defaultKurt Roeckx2018-04-221-1/+2
| | | | | Reviewed-by: Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> GH: #5910
* Add a config option to disable automatic config loadingBernd Edlinger2018-04-171-0/+4
| | | | | | | ./config no-autoload-config Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5959)
* Add documentation for the RAND_DRBG APIDr. Matthias St. Pierre2018-03-301-9/+48
| | | | | | | | | The RAND_DRBG API was added in PR #5462 and modified by PR #5547. This commit adds the corresponding documention. Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5461)
* Add NOTES.ANDROID.Andy Polyakov2018-03-191-0/+1
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5613)
* Clarify a couple of details around "make variables"Richard Levitte2018-03-191-3/+7
| | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5660)
* INSTALL: Add a note about backward compatibility and "make variables"Richard Levitte2018-03-161-1/+19
| | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5641)
* Configure: disallow the mixture of compiling flags and env / make variablesRichard Levitte2018-03-081-21/+3
| | | | | | | | Note that this might give surprising results if someone forgets an environment variable that has been set previously. Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5534)
* Some minor tweaks following TLSv1.3 becoming defaultMatt Caswell2018-02-121-1/+1
| | | | | | | Fix a typo in INSTALL and update the link in CHANGES Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5329)
* Enable TLSv1.3 by defaultMatt Caswell2018-02-071-15/+12
| | | | | | | [extended tests] Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5266)
* Configure: Fix configdata.pm shorthand for --dump, should be -dPeter Meerwald-Stadler2018-01-311-5/+5
| | | | | | | | | | | INSTALL: Mention 'aria' algorithm for no-<alg> Signed-off-by: Peter Meerwald-Stadler <pmeerw@pmeerw.net> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/5215)
* Add a 'reconfigure' make targetRichard Levitte2018-01-301-0/+5
| | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5197)
* Document the use of configdata.pm as a scriptRichard Levitte2018-01-291-0/+16
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5185)
* Create troubleshooting subsection in INSTALL filenickthetait2018-01-281-8/+20
| | | | | | | | Fixes: #5130 Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/5178)
* Processing GNU-style "make variables" - implementationRichard Levitte2018-01-281-1/+69
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Support the following "make variables": AR (GNU compatible) ARFLAGS (GNU Compatible) AS (GNU Compatible) ASFLAGS (GNU Compatible) CC (GNU Compatible) CFLAGS (GNU Compatible) CXX (GNU Compatible) CXXFLAGS (GNU Compatible) CPP (GNU Compatible) CPPFLAGS (GNU Compatible) CPPDEFINES List of CPP macro definitions. Alternative for -D CPPINCLUDES List of CPP inclusion directories. Alternative for -I HASHBANGPERL Perl invocation to be inserted after '#!' in public perl scripts. LDFLAGS (GNU Compatible) LDLIBS (GNU Compatible) RANLIB Program to generate library archive index RC Program to manipulate Windows resources RCFLAGS Flags for $(RC) RM (GNU Compatible) Setting one of these overrides the corresponding data from our config targets. However, flags given directly on the configuration command line are additional, and are therefore added to the flags coming from one of the variables above or the config target. Fixes #2420 Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5177)
* Document how the configuration option 'reconf' worksRichard Levitte2017-12-081-0/+16
| | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4818)
* Document the possibility for command line argument env assignmentsRichard Levitte2017-12-081-0/+8
| | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4818)
* SM3: restructure to EVP internal and update doc to right locationRonald Tse2017-11-061-3/+3
| | | | | | Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4616)
* SM3: Add SM3 hash functionJack Lloyd2017-11-061-3/+3
| | | | | | | | | | SM3 is a secure hash function which is part of the Chinese "Commercial Cryptography" suite of algorithms which use is required for certain commercial applications in China. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4616)
* SM4: Add SM4 block cipher to EVPRonald Tse2017-10-311-3/+3
| | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4552)
* Fix description of how to report a bug in INSTALLMatt Caswell2017-08-251-1/+2
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4259)
* Clarify the meaning of no-stdio in INSTALLMatt Caswell2017-08-251-2/+3
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4259)
* drop some no-longer-relevant TODO(TLS1.3) entriesBenjamin Kaduk2017-06-121-2/+3
| | | | | | | | | | | | | | We prevent compression both when the server is parsing the ClientHello and when the client is constructing the ClientHello. A 1.3 ServerHello has no way to hand us back a compression method, and we already check that the server does not try to give us back a compression method that we did not request, so these checks seem sufficient. Weaken the INSTALL note slightly, as we do now expect to interoperate with other implementations. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3131)
* Fix typo in INSTALL filePaul Yang2017-05-171-1/+1
| | | | | | | | | | | recocognised -> recognised CLA: trivial Signed-off-by: Paul Yang <paulyang.inf@gmail.com> Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3470)
* INSTALL: Remind people to read more if they added configuration optionsRichard Levitte2017-05-151-0/+5
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3469)
* INSTALL: clarify a bit more how Configure treats "unknown" optionsRichard Levitte2017-05-151-10/+15
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3468)
* Make the TLSv1.3 downgrade mechanism a configurable optionMatt Caswell2017-03-241-0/+10
| | | | | | | Make it disabled by default. When TLSv1.3 is out of draft we can remove this option and have it enabled all the time. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3022)
* Document how to select / deselect test group numbersRichard Levitte2017-03-101-1/+20
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2892)
* Add NOTES.UNIX, with a description on how to deal with runpathsRichard Levitte2017-03-021-0/+1
| | | | | | [skip ci] Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2818)
* Add support for parameterized SipHashTodd Short2017-02-011-2/+3
| | | | | | | | | | | The core SipHash supports either 8 or 16-byte output and a configurable number of rounds. The default behavior, as added to EVP, is to use 16-byte output and 2,4 rounds, which matches the behavior of most implementations. There is an EVP_PKEY_CTRL that can control the output size. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2216)
* INSTALL: clarify 386 and no-sse2 options.Andy Polyakov2016-11-251-19/+25
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
* Make it possible to disable building and running testsRichard Levitte2016-11-151-0/+3
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1514)
* Remove heartbeat supportRichard Levitte2016-11-131-3/+0
| | | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1669)
* INSTALL: small typoRichard Levitte2016-11-081-1/+1
| | | | | | libssl, not libddl. Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1871)
* Missed a mention of RTRich Salz2016-11-041-11/+8
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1849)
* Add documentation on the BoringSSL test suite integrationMatt Caswell2016-11-041-1/+2
| | | | | | | Added the file README.external which describes how to build and run OpenSSL to use the BoringSSL test suite. Also updated INSTALL to point to it. Reviewed-by: Richard Levitte <levitte@openssl.org>
* Control building of ossl_shim through ConfigureMatt Caswell2016-11-041-0/+6
| | | | | | | Don't build ossl_shim by default. Switch it on through enable-external-tests. Reviewed-by: Richard Levitte <levitte@openssl.org>
* Update Configure to know about tls1_3Matt Caswell2016-11-021-0/+6
| | | | | | | | | | | Also we disable TLS1.3 by default (use enable-tls1_3 to re-enable). This is because this is a WIP and will not be interoperable with any other TLS1.3 implementation. Finally, we fix some tests that started failing when TLS1.3 was disabled by default. Reviewed-by: Rich Salz <rsalz@openssl.org>
* Revert "Disable MDC2 by default."Rich Salz2016-11-011-2/+2
| | | | | | | This reverts commit ca1574cec20589885000d039eed3a9375fb29a0d. Not suitabled for a minor release as it breaks the ABI. Reviewed-by: Richard Levitte <levitte@openssl.org>
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-20 09:39:11 +0000