| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
Move OpenSSL initialisation back to apr_crypto_openssl, reinstate
DSO support.
git-svn-id: http://svn.apache.org/repos/asf/apr/apr/trunk@1861951 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
| |
Signing and Encryption messages as per RFC7515, RFC7516, RFC7517
and RFC7519.
git-svn-id: http://svn.apache.org/repos/asf/apr/apr/trunk@1839819 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
| |
Submitted by: Moriyoshi Koizumi <mozo mozo jp>
git-svn-id: http://svn.apache.org/repos/asf/apr/apr/trunk@1835348 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Link underlying crypto libraries (openssl, nss, and commoncrypto) with libapr
when the corresponding --with is configured. This allows to initialize, terminate
or check whether initialized respectively with apr_crypto_lib_init(),
apr_crypto_lib_term() or apr_crypto_lib_is_initialized().
Users can now control the (un)initialization of those libraries, notably when
they also use them independently and that doing this multiple times can cause
leaks or unexpected behaviour.
The initialization code is moved from "apr_crypto_{openssl,nss,commoncrypto}.c"
where previously loaded dynamically (DSO) to "apr_crypto_internal.c" which is
linked with libapr.
Also apr_crypto_prng_init() can make sure the underlying crypto lib is ready.
git-svn-id: http://svn.apache.org/repos/asf/apr/apr/trunk@1833421 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
New apr_crypto_prng API and apr_crypto[_thread]_random_bytes() functions.
Allows to generate cryptographically secure random bytes indefinitely
given an initial seed of APR_CRYPTO_PRNG_SEED_SIZE bytes (32), which
is either provided by the caller or automatically gathered from the system.
The CPRNG can also be re-seeded at any time, or after a process is fork()ed.
The internal key is renewed every APR_CRYPTO_PRNG_SEED_SIZE random
bytes produced and those data once returned to the caller are cleared from
the internal state, which ensures forward secrecy.
This CPRNG is fast, based on a stream cipher, and will never block besides
the initial seed or any reseed if it depends on the system entropy.
Finally, it can be used either globally (locked in multithread environment),
per-thread (a lock free instance is automatically created for each thread on
first use), or created as standalone instance (manageable independently).
For now it's only implemented with the OpenSSL library as underlying crypto,
that is --with-crypto --with-openssl needs to be configured, and the latter
links libcrypto with APR.
git-svn-id: http://svn.apache.org/repos/asf/apr/apr/trunk@1833359 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: http://svn.apache.org/repos/asf/apr/apr/trunk@1768269 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: http://svn.apache.org/repos/asf/apr/apr/trunk@1763672 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: http://svn.apache.org/repos/asf/apr/apr/trunk@1462772 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
| |
where OpenSSL has been deprecated.
git-svn-id: http://svn.apache.org/repos/asf/apr/apr/trunk@1394552 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The bcrypt implementation uses code from crypt_blowfish written by Solar
Designer <solar openwall com>. The x86 assembler implementation is not used
becaused it did not result in significant speed-up on my system.
apr_bcrypt_encode creates hashes with "$2y$" prefix, but apr_password_validate
also accepts the old prefix "$2a$".
* crypto/crypt_blowfish.[ch]: Imported from crypt_blowfish 1.2. The only
change compared to the upstream version is setting BF_ASM to 0.
* crypto/apr_passwd.c: Add bcrypt support to apr_password_validate, add
apr_bcrypt_encode
* test/testpass.c: Add new tests, for bcrypt and the old schemes.
* include/apr_md5.h: apr_password_validate() is left here fore backward
compatibility and apr_bcrypt_encode() is added here as well.
git-svn-id: http://svn.apache.org/repos/asf/apr/apr/trunk@1357780 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: http://svn.apache.org/repos/asf/apr/apr/trunk@1357772 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
| |
It was not possible to use this interface without ldap provider internals.
git-svn-id: http://svn.apache.org/repos/asf/apr/apr/trunk@1129809 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
| |
necessary and
cause buildconf to fail on OS/2 with an assert failure in gen-build.py.
git-svn-id: http://svn.apache.org/repos/asf/apr/apr/trunk@922628 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
| |
validate this fix to missing, installed apr_ldap.h
git-svn-id: http://svn.apache.org/repos/asf/apr/apr/trunk@835663 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: http://svn.apache.org/repos/asf/apr/apr/trunk@835658 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
| |
* build.conf: Build util-misc code.
git-svn-id: http://svn.apache.org/repos/asf/apr/apr/trunk@757813 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Makefile.in: Add include/private to include path.
* build/: Merge autoconf macro set, adjust to inherit APR_HAVE_DSO correctly.
* build.conf: Build APR-util code.
* configure.in: Call APR-util macro set.
git-svn-id: http://svn.apache.org/repos/asf/apr/apr/trunk@757740 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
.o images results in the following;
ld: bc out of range (79008 max is +/-64K) from _apr_atomic_add32 in
atomic/unix/.libs/ppc.o to _apr_atomic_add32$stub in .libs/libapr-1.0.dylib
in _apr_atomic_add32 from atomic/unix/.libs/ppc.o
Apparently (and I don't know why we are coupled to the $stub's in the first
place) moving atomic to the end of the code segment places ppc.o in proximity
to the $stub relocations.
Of course this commit may inversely clobber another platform. But not Linux,
at least. Committing before I look for various exceptions to this solution.
git-svn-id: http://svn.apache.org/repos/asf/apr/apr/trunk@588793 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
| |
use optional (hopefully fixes apr-util build).
* build.conf: Define DSP file location.
git-svn-id: http://svn.apache.org/repos/asf/apr/apr/trunk@421276 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
platform independent since it gets included with the tarball, and the
tarball is targeted for all platforms.
In this new scheme, the build-outputs.mk includes symbols named
OBJECTS_<plat> which specifies the necessary object files for each platform.
The apr_rules.mk(.in) file then pulls in the right symbol for the configured
platform. Since apr-util directly uses apr_rules.mk, then it picks up the
same logic with no change.
The build.conf was altered to include a set of platform-independent files,
and subdirectories which contain per-platform subdirectories. This was
needed to help out the logic which selects object files based on whether a
platform is present in each source subdir. (and if a platform subdir is not
present, then "parent" gets used instead; e.g. use 'unix' if 'beos' is not
in the subdir)
Lastly, configure.in was updated to select the appropriate set of objects
for the build.
* build.conf:
(paths): remove per-platform symbols
(platform_dirs): new option to list the dirs which have platform subdirs
* configure.in:
- define and substitute OBJECTS_PLATFORM to reference the platform
specific set of objects, which get defined in build-outputs.mk
* build/apr_rules.mk.in:
- define OBJECTS in terms of the substituted OBJECTS_PLATFORM symbol
* build/gen-build.py:
(PLATFORMS): the various platforms found in APR. unused, actually.
(MAKE_PLATFORMS): the platforms which use a Makefile, and what default
platform should be used if SUBDIR/<platform> is not present.
(main): update logic to generate multiple OBJECTS_* symbols. this now
includes logic to deal with subdirs which may not have a platform subdir
for the platform in question, thus needing to default to another.
(write_objects): some code factored out of main() to process a list of
source files into dependencies lines in the makefile.
(get_files): no more need to substitute for {platform}, and simplified
some of the .split() stuff.
(get_platform): no longer required. we generate for all platforms.
git-svn-id: http://svn.apache.org/repos/asf/apr/apr/trunk@64914 13f79535-47bb-0310-9956-ffa450edef68
|
|
upon Python at packaging time, but not at end-user config/build time. As far
as I can tell, the build continues to function properly. (out-of-dir
config/make not tested, and apr-iconv prolly needs some work)
The buildconf scripts now generate a build-outputs.mk file which is included
by the root's Makefile (via the build/gen-build.py script). bulid-outputs.mk
specifies all of the various files present in the distribution.
The top-level Makefiles were simplified to use an $(OBJECTS) symbol rather
than 'find'ing them. Similarly, a $(HEADERS) symbol is used for the exports.
The corresponding delete-* targets were eliminated since we have a precise
set of inputs.
The subdirs' Makefiles were removed since they are no longer called/used.
The apr-util/uri Makefile was responsible for compiling a C program to
generate the uri_delims.h file. That process was replaced by a Python script
to generate the header (called by buildconf). The .c and .dsp were left for
the Windows build to continue, but that should be revamped.
build/apr_rules.mk was revamped somewhat to avoid recursion, but a lot of
cleanup is still needed. Much of the recursive/local/x- logic is no longer
needed and can be elimianated. rules.mk was created for inclusion by N
makefiles, but that isn't really true any more, so it could probably be
tossed (caveat: test/Makefile). Saved for a phase 2.
Some additional work was added to properly clean up files in */build/,
rather than relying on a makefile in there.
git-svn-id: http://svn.apache.org/repos/asf/apr/apr/trunk@64891 13f79535-47bb-0310-9956-ffa450edef68
|