for OpenSSL to load engines run-time, e.g. for using the opensc
engine port.
The OpenSSL Configure script enables DSO support on FreeBSD by
default, we just don't use the Configure script during OpenSSL builds
in the base system.
This is committed to -CURRENT now (before OpenSSL 0.9.8b import), so
it can be tested at bit in -CURRENT before being MFC'ed to 6-STABLE.
Prodded by: ale
PR: bin/79570
MFC after: 1 week
a variant of the C code but with some scattered asm and things laid out
more optimally for the platform. This means that we need to the asm
directory to the search path for the amd64 case so that make can find
the source.
environment. This stops some ports keeling over on an OpenSSL assert.
(The patch is not exactly the one from the PR, but has been refined
based on advice from freebsd-threads.)
PR: 51205
Submitted by: Jim Westfall <jwestfall@surrealistic.net>
MFC after: 1 month
binaries in /bin and /sbin installed in /lib. Only the versioned files
reside in /lib, the .so symlink continues to live /usr/lib so the
toolchain doesn't need to be modified.
libdes, and functionally close enough so that we created symlinks
(libdes -> libcrypto) to help older applications. With the import of
OpenSSL 0.9.7, this is no longer true and we no longer install these
symlinks. However, systems that are upgraded may have these symlinks,
which could cause non-obvious breakage at build-time. Therefore, blow
any old symlinks away in the `afterinstall' target.
When libdes was replaced with OpenSSL's libcrypto, there were a few
interfaces that the former implemented but the latter did not. Because
some software in the base system still depended upon these interfaces,
we simply included them in our libcrypto (rnd_keys.c).
Now, finally get around to removing the dependencies on these
interfaces. There were basically two cases:
des_new_random_key -- This is just a wrapper for des_random_key, and
these calls were replaced.
des_init_random_number_generator et. al. -- A few functions were used
by the application to seed libdes's PRNG. These are not necessary
when using libcrypto, as OpenSSL internally seeds the PRNG from
/dev/random. These calls were simply removed.
Again, some of the Kerberos 4 files have been taken off the vendor
branch. I do not expect there to be future imports of KTH Kerberos 4.
can only be built with MIT Kerberos.
If we didn't define this here, then SSL-using applications would have
to define OPENSSL_NO_KRB5 themselves in order to build.
