1bbde19a7c
This provides sufficient functionality to run openssl(1) from a Windows console. This is based on the original select-based version from from songdongsheng@live.cn. Changes: * use nfds_t directly for iterating the fds. * add WSAGetLastError -> errno mappings * handle POLLHUP and the OOB data cases for revents * handle sparse arrays of fds correctly * KNF style updates * teach poll how to handle file handles as well as sockets This handles the socket/non-socket issue by alternating a loop between WaitForMultipleObjects for non-sockets and and select for sockets. One would think this would be terrible for performance, but as of this writing, poll consumes about 6% of the time doing a bulk transfer between a Linux box and 'openssl.exe s_server'. I tried to implement this all in terms of WaitForMultipleObjects with a select 'poll' at the end to get extra specific socket status. However, the cost of setting up an event handle for each socket, setting the WSAEventSelect attributes, and cleaning them up reliably was pretty high. Since the event handle associated with a socket is also global, creating a new one cancels the previous one or can be disabled externally. In addition, the 'FD_WRITE' status of a socket event handle does not behave in an expected fashion, being triggered by an edge on a write event rather than being level triggered. Another fun horror story is how stdin in windows might be a console, it might be a pipe, it might be something else. If these all worked in the same way, it would be great. But, since a console-stdin can also signal on a mouse or window event, it means we can easily get stuck in a blocking read (you can't make stdin non-blocking) if the non-character events are not filtered out. So, poll does that too. See here for various additional horror stories: http://www.postgresql.org/message-id/4351.1336927207@sss.pgh.pa.us |
||
|---|---|---|
| apps | ||
| crypto | ||
| include | ||
| man | ||
| ssl | ||
| tests | ||
| .gitignore | ||
| AUTHORS | ||
| autogen.sh | ||
| ChangeLog | ||
| config | ||
| configure.ac | ||
| dist.sh | ||
| libcrypto.pc.in | ||
| libressl.pub | ||
| libssl.pc.in | ||
| Makefile.am | ||
| Makefile.am.common | ||
| NEWS | ||
| OPENBSD_BRANCH | ||
| openssl.pc.in | ||
| README | ||
| update.sh | ||
| VERSION | ||
This package is the official portable version of LibreSSL
(http://www.libressl.org).
LibreSSL is a fork of OpenSSL developed by the OpenBSD project
(http://www.openbsd.org). LibreSSL is developed on OpenBSD. This
package then adds portability shims for other operating systems.
Official release tarballs are available at your friendly neighborhood
OpenBSD mirror in directory LibreSSL, e.g.:
http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/
although we suggest that you use a mirror:
http://www.openbsd.org/ftp.html
The LibreSSL portable build framework is also mirrored in Github:
https://github.com/libressl-portable/portable
If you have checked this source using Git, follow these initial steps to
prepare the source tree for building:
1. ensure you have the following packages installed:
automake, autoconf, bash, git, libtool, perl, pod2man
2. run './autogen.sh' to prepare the source tree for building
or run './dist.sh' to prepare a tarball.
Once you have a source tree from Git or FTP, run these commands to build and
install the package:
./configure # see ./configure --help for configuration options
make check # runs builtin unit tests
make install # set DESTDIR= to install to an alternate location
The resulting library and 'openssl' utility is largely API-compatible with
OpenSSL 1.0.1. However, it is not ABI compatible - you will need to relink your
programs to LibreSSL in order to use it, just as in moving from OpenSSL 0.9.8
to 1.0.1.
The project attempts to provide working alternatives for operating systems with
limited or broken security primitives (e.g. arc4random(3), issetugid(2)) and
assists with improving OS-native implementations where possible.
LibreSSL portable will build on any reasonably modern version of Linux,
Solaris, or OSX with a standards-compliant compiler and C library.