EGD is Entropy Gathering Daemon, a socket-based entropy source supported
by pre-OpenSSL v1.1 versions and now deprecated. curl also deprecated it
a while ago.
Its detection in CMake was broken all along because OpenSSL libs were
not linked at the point of feature check.
Delete detection from both cmake and autotools, along with the related
source snippet, and the `--with-egd-socket=` `./configure` option.
Closes#11556
* Configure changes to detect AWS-LC
* CMakeLists.txt changes to detect AWS-LC
* Compile-time branches needed to support AWS-LC
* Correctly set OSSL_VERSION and report AWS-LC release number
* GitHub Actions script to build with autoconf and cmake against AWS-LC
AWS-LC is a BoringSSL/OpenSSL derivative
For more information see https://github.com/awslabs/aws-lc/Closes#10320
- Define OPENSSL_SUPPRESS_DEPRECATED.
OpenSSL 3 has deprecated some of the functions libcurl uses such as
those with DES, MD5 and ENGINE prefix. We don't have replacements for
those functions so the warnings were disabled in autotools and cmake
builds, but still showed in other builds.
Closes https://github.com/curl/curl/pull/10543
- they are mostly pointless in all major jurisdictions
- many big corporations and projects already don't use them
- saves us from pointless churn
- git keeps history for us
- the year range is kept in COPYING
checksrc is updated to allow non-year using copyright statements
Closes#10205
As OpenSSL's include files are all included using <openssl/*.h> in curl
source code, we just risk that existing openssl files will "shadow"
include files without path if that path is provided.
Fixes#9989Closes#9988
Add licensing and copyright information for all files in this repository. This
either happens in the file itself as a comment header or in the file
`.reuse/dep5`.
This commit also adds a Github workflow to check pull requests and adapts
copyright.pl to the changes.
Closes#8869
When OpenSSL 3.0 is built with `--api=3.0` and `no-deprecated`, the SRP
functions exist in the library, but are disabled for user code. Check
if they are actually usable instead of only if they exist. Also, check
for the functions actually required for TLS-SRP.
TLS-SRP support is still enabled if OpenSSL is configured with just
`--api=3.0` or with `--api=1.1.1 no-deprecated`.
Closes https://github.com/curl/curl/pull/8394
Prior to this change OpenSSL_version was only detected in configure
builds. For other builds the old version parsing code was used which
would result in incorrect versioning for OpenSSL 3:
Before:
curl 7.80.0 (i386-pc-win32) libcurl/7.80.0 OpenSSL/3.0.0a zlib/1.2.11
WinIDN libssh2/1.9.0
After:
curl 7.80.0 (i386-pc-win32) libcurl/7.80.0 OpenSSL/3.0.1 zlib/1.2.11
WinIDN libssh2/1.9.0
Reported-by: lllaffer@users.noreply.github.com
Fixes https://github.com/curl/curl/issues/8154
Closes https://github.com/curl/curl/pull/8155
lcrypto may depend on lz, and configure corrently fails with when
statically linking as the order is "-lz -lcrypto". This commit switches
the order to "-lcrypto -lz".
Closes#7826
... instead of using an escaped double-quote. This is an attempt to make
this work better with ksh that otherwise would insist on a double
escape!
Reported-by: Randall S. Becker
Fixes#7758Closes#7764
Using 3.0.0 versions configure should now show this:
checking for OpenSSL headers version... 3.0.0 - 0x300
checking for OpenSSL library version... 3.0.0
checking for OpenSSL headers and library versions matching... yes
This output doesn't actually change what configure generates but is only
"cosmetic".
Reported-by: Randall S. Becker
Fixes#7606Closes#7608
OpenSSL recently started putting the libs in $prefix/lib64 on 'make
install', so we check that directory for pkg-config data if the 'lib'
check fails.
Closes#7503
Reported by the new script 'scripts/copyright.pl'. The script has a
regex whitelist for the files that don't need copyright headers.
Removed three (mostly usesless) README files from docs/
Closes#5141
- Add OpenSSL 1.1.1 to the header/library version lists.
- Detect OpenSSL 1.1.1 library using its function ERR_clear_last_mark,
which was added in that version.
Prior to this change an erroneous header/library mismatch was caused by
lack of OpenSSL 1.1.1 detection. I tested using openssl-1.1.1-pre1.
