summaryrefslogtreecommitdiff
path: root/INSTALL.md
Commit message (Collapse)AuthorAgeFilesLines
* Add ZSTD compression support (RFC8478bis)Todd Short2022-10-181-0/+37
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18186)
* Add brotli compression support (RFC7924)Todd Short2022-10-181-3/+45
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18186)
* crypto: add preemptive threading supportČestmír Kalina2022-10-171-0/+21
| | | | | | | | | | | | | | | | | | | | | Some primitives are designed to be used in a multi-threaded environment, if supported, e.g., Argon2. This patch adds support for preemptive threading and basic synchronization primitives for platforms compliant with POSIX threads or Windows CRT. Native functions are wrapped to provide a common (internal) API. Threading support can be disabled at compile time. If enabled, threading is disabled by default and needs to be explicitly enabled by the user. Thread enablement requires an explicit limit on the number of threads that OpenSSL may spawn (non-negative integer/infinity). The limit may be changed. Signed-off-by: Čestmír Kalina <ckalina@redhat.com> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12255)
* Fixed some grammar and spellingThiago Suchorski2022-10-091-1/+1
| | | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/19262)
* Remove `no-{ssl|tls|tls1_3|dtls}-method` in INSTALL.mdSlanterns2022-07-271-1/+1
| | | | | | | | | | CLA: trivial Actually there is no option called `no-{ssl|tls|tls1_3|dtls}-method`. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18872)
* Configure: Add disablable for QUIC, disabled by defaultTomas Mraz2022-06-031-0/+5
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18307)
* Add TFO support to socket BIO and s_client/s_serverTodd Short2022-03-101-0/+4
| | | | | | | | | | | Supports Linux, MacOS and FreeBSD Disabled by default, enabled via `enabled-tfo` Some tests Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8692)
* Fix typosDimitris Apostolou2022-01-051-1/+1
| | | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17392)
* Documentation for RNDR and RNDRRSOrr Toledano2021-12-161-1/+2
| | | | | | Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15361)
* Use '[option...]' not '[[ options ]]' in textRich Salz2021-09-071-21/+12
| | | | | | | | | | Looks more like manpage format. :) Also remove `{{..}}` notation and rewrite around it. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16329)
* always use the same perl in $PATHa13460542021-09-021-1/+1
| | | | | | | | | | | | | | | Different tests may use unexpectedly different versions of perl, depending on whether they hardcode the path to the perl executable or if they resolve the path from the environment. This fixes it so that the same perl is always used. Fix some trailing whitespace and spelling mistakes as well. CLA: trivial Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16362)
* Replace CONFIG_NOWAIT env var with -w optionRich Salz2021-08-201-6/+7
| | | | | | | | And document the -w option Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16325)
* Minor doc enhancements to INSTALL.mdRich Salz2021-08-191-14/+23
| | | | | | | | | | | Describe current relationship between config and Configure. Put the environment variable list in alphabetical order. Add description of KERNEL_BITS. Add new variable CONFIG_NOWAIT. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16325)
* Add documentation about the multilib postfix and libdirTomas Mraz2021-08-131-2/+6
| | | | | | | Fixes #16244 Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/16281)
* Enable ssl-trace by defaultArran Cudbard-Bell2021-06-101-3/+6
| | | | | | | | There doesn't appear to be a good reason to omit protocol message tracing by default. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15665)
* Add --banner config optionRich Salz2021-05-141-0/+5
| | | | | | | | | | Use it in the automated workflows. Fixes: #15247 Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15248)
* acvp-test: disable the ACVP testing code by defaultPauli2021-05-021-2/+2
| | | | | | | It's only useful for the FIPS lab and shouldn't be in production. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/15092)
* acvp: fix the no-acvp_test buildPauli2021-04-301-1/+1
| | | | | | | | A pair of the disabled string checks were incorrect. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/15082)
* README-FIPS: document the installation of the FIPS providerDr. Matthias St. Pierre2021-04-291-2/+2
| | | | | | | | | | | | | | | Note that configuration and installation procedure has changed: - The FIPS provider is now disabled by default and needs to be enabled by configuring with `enable-fips`. - If the FIPS provider is enabled, it gets installed automatically. There is no extra installation step required anymore. This is more natural and coincides with the expectation of the user, namely "what's configured, gets installed". Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13684)
* Moved build instructions from the man pageAndrey Matyukov2021-03-291-2/+38
| | | | | | | | | | | Some requirements and build hints for assembler modules compilation were moved from doc/man3/OPENSSL_ia32cap.pod to INSTALL.md. Fixes #14674 Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14683)
* Remove the external BoringSSL testTomas Mraz2021-03-261-1/+1
| | | | | | | Fixes #14424 Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14682)
* Fix error-checking compiles for mutexRich Salz2021-03-121-0/+7
| | | | | | | | Fixes: #14229 Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14264)
* Unify the markdown links to the NOTES and README filesDr. Matthias St. Pierre2021-02-121-7/+7
| | | | | | | | | | | | | In many locations, the files have been converted to markdown syntactically, but don't utilize the power of markdown yet. Here, instead of just repeating the file name, the markdown link now shows the title of the document. Additionally, the notes are now reference in the same order in both the README and the INSTALL file. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14042)
* Revise some renamings of NOTES and README filesDr. Matthias St. Pierre2021-02-121-8/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some of the notes and readme files have been converted to markdown format recently and renamed during this process. While adding the .md extension was a natural step, switching to mixed cases was not a change to the better, it gives them a ragged appearance: NOTES.ANDROID => NOTES-Android.md NOTES.DJGPP => NOTES-DJGPP.md NOTES.PERL => NOTES-Perl.md NOTES.UNIX => NOTES-Unix.md NOTES.VMS => NOTES-VMS.md NOTES.VALGRIND => NOTES-Valgrind.md NOTES.WIN => NOTES-Windows.txt README.ENGINE => README-Engine.md README.FIPS => README-FIPS.md Moreover, the NOTES-Windows.txt file is the only file which has been converted to markdown but has received a .txt file extension. This doesn't make sense, because the OpenSSL users on Windows will need to read the other markdown documents as well. Since they are developers, we can trust them to be able to associate their favorite editor with the .md extension. In fact, having a comment at the beginning of the file saying that it is in markdown format but we didn't dare to add the correct extension in order not to overwhelm our Windows users can be interpreted either as unintentionally funny or disrespectful ;-) This commit suggests the following more consistent renaming: NOTES.ANDROID => NOTES-ANDROID.md NOTES.DJGPP => NOTES-DJGPP.md NOTES.PERL => NOTES-PERL.md NOTES.UNIX => NOTES-UNIX.md NOTES.VMS => NOTES-VMS.md NOTES.VALGRIND => NOTES-VALGRIND.md NOTES.WIN => NOTES-WINDOWS.md README.ENGINE => README-ENGINES.md README.FIPS => README-FIPS.md (note the plural in README-ENGINES, anticipating a README-PROVIDERS) Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14042)
* VMS documentation fixesRichard Levitte2021-02-121-6/+6
| | | | | | | | | This mostly clarifies details. Fixes #13789 Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13835)
* Add a configure time option to disable the fetch cache.Pauli2021-02-121-0/+8
| | | | | | Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14126)
* {.travis,ci,appveyor}.yml: Make minimal config consistent, add no-deprecated ↵Dr. David von Oheimb2020-12-041-0/+5
| | | | | | | | | no-ec no-ktls no-siv This works nicely by addin a new no-bulk option to Configure. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13110)
* [DOC]Fix two broken links in INSTALL.md; Change name of zlib flag to the ↵Liang Liu2020-11-281-2/+2
| | | | | | | | | | current one. CLA: trivial Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13519)
* Change markdown link style in README, INSTALL, SUPPORT and CONTRIBUTINGDr. Matthias St. Pierre2020-10-181-9/+9
| | | | | | | | | | | | | | | Replace [collapsed reference links][] by [shortcut reference links], in order to to improve the readability of the raw markdown text, see also commit d8dc853825 (Change CVE link style in CHANGES and NEWS). [collapsed reference links]: https://github.github.com/gfm/#collapsed-reference-link [shortcut reference links]: https://github.github.com/gfm/#shortcut-reference-link Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13165)
* INSTALL.md: Drop trailing spaces on a lineTomas Mraz2020-10-091-1/+1
| | | | | Reviewed-by: Paul Yang <kaishen.yy@antfin.com> (Merged from https://github.com/openssl/openssl/pull/13097)
* Document install_fips in INSTALL.mdRichard Levitte2020-10-081-0/+3
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13032)
* Add option to fipsinstall to disable fips security checks at run time.Shane Lontis2020-09-181-0/+5
| | | | | | | Changes merged from a patch by @richsalz. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12745)
* install: add notes about ignored seed sources in the FIPS provider.Pauli2020-07-171-1/+5
| | | | | Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12325)
* Fix many MarkDown issues in {NOTES*,README*,HACKING,LICENSE}.md filesDr. David von Oheimb2020-07-051-12/+12
| | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12109)
* Rename NOTES*, README*, VERSION, HACKING, LICENSE to .md or .txtDr. David von Oheimb2020-07-051-15/+19
| | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12109)
* Fix typos and repeated wordsGustaf Neumann2020-07-051-7/+7
| | | | | | | | CLA: trivial Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/12320)
* test/run_tests.pl: Enhance the semantics of HARNESS_VERBOSE_FAILURES (VF)Dr. David von Oheimb2020-07-031-3/+3
| | | | | | | | Make the improved semantics of VFO replace the previous VF and remove VFO Add warnings about overriding use of HARNESS_VERBOSE* variables Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12279)
* Add --fips-key configuration parameter to fipsinstall application.Rich Salz2020-06-291-0/+14
| | | | | | | | | | | | | | Change default FIPS HMAC KEY from all-zero's Use default FIPSKEY if not given on command line. Make all -macopt in fipsinstall optional Make all tests, except fipsinstall, use the default -macopt and -mac_name flags. Define and use FIPSDIR variable on VMS/MMS. Also use SRCDIR/BLDDIR in SRCTOP/BLDTOP. Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12235)
* INSTALL.md and NOTES.VALGRIND: Further cleanup of references and code/symbol ↵Dr. David von Oheimb2020-06-281-116/+120
| | | | | | | | quotation layout Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/12232)
* Move test-related info from INSTALL.md to new test/README.md, updating ↵Dr. David von Oheimb2020-06-281-112/+22
| | | | | | | | references Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/12232)
* DOC: Mention Configure consistentlyRichard Levitte2020-06-281-77/+52
| | | | | | | | 'config' is now a mere wrapper for backward compatibility. All documentation is changed accordingly. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11230)
* INSTALL.md: Restore $ as command prompt indicatorRichard Levitte2020-06-271-22/+22
| | | | | | | | | | | | | | | | | | | We have a notational convention in INSTALL.md, which says this among others: > Any line starting with a dollar sign is a command line. > > $ command > > The dollar sign indicates the shell prompt and is not to be entered as > part of the command. That notation exists to make it clear what is a command line and what's output from that command line. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/12257)
* DOC: Fix link to test/README.external in INSTALL.mdJean-Christophe Fillion-Robin2020-06-231-1/+1
| | | | | | | | CLA: trivial Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12198)
* test/run_tests.pl: Document new VFO and VFP modes in INSTALL.mdDr. David von Oheimb2020-06-221-22/+30
| | | | | Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/12175)
* Add ACVP fips module testsShane Lontis2020-06-171-0/+10
| | | | | | | | | | | | | | | | | | | | | | | | For FIPS validation purposes - Automated Cryptographic Validation Protocol (ACVP) tests need to be performed. (See https://github.com/usnistgov/ACVP). These tests are very similiar to the old CAVS tests. This PR uses a hardwired subset of these test vectors to perform similiar operations, to show the usage and prove that the API's are able to perform the required operations. It may also help with communication with the lab (i.e- The lab could add a test here to show a unworking use case - which we can then address). The EVP layer performs these tests instead of calling lower level API's as was done in the old FOM. Some of these tests require access to internals that are not normally allowed/required. The config option 'acvp_tests' (enabled by default) has been added so that this access may be removed. The mechanism has been implemented as additional OSSL_PARAM values that can be set and get. A callback mechanism did not seem to add any additional benefit. These params will not be added to the gettables lists. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11572)
* Fix all MD036 (emphasis used instead of heading)Rich Salz2020-05-151-3/+4
| | | | | | | | The main fixes were errors in itemized lists "*)" instead of "*" Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/11770)
* Fix issues reported by markdownlintRich Salz2020-05-081-170/+142
| | | | | | Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/11739)
* Build files: add module installation targetsRichard Levitte2020-04-191-0/+15
| | | | | | | | | We only installed engines, now we also install other modules. Fixes #11559 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11566)
* INSTALL: document 'no-ui-console' rather than 'no-ui'Richard Levitte2020-04-171-3/+3
| | | | | | | | | | | | The UI interface itself is never disabled, but the console backend may be. 'no-ui' is a deprecated backward compatibility alias for 'no-ui-console'. Fixes #11551 Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11553)
* Replace util/shlib_wrap.sh with util/wrap.pl in diverse docsRichard Levitte2020-02-271-1/+1
| | | | | Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/11110)
View Lorry Controller Status