Require OpenSSL 1.1.0 or later. This gets rid of some backwards compatibility code, and avoids calling deprecated OpenSSL functions.
Don't call ERR_remove_state(). It's impossible to write portable code that properly cleans up after OpenSSL without resulting in compile time warnings, so don't try.
Use CFB mode for meta-connections to improve security.
Use AES in CTR mode instead of OFB mode for meta-connections. This gives a very nice speedup while preserving the stream characteristics.
Ensure compatibility with OpenSSL 1.1.0.
Explicitly mention that LibreSSL can be used as well.
Reorder checks for libraries to allow ./configure LDFLAGS=-static. OpenSSL depends on libdl and libz. When linking dynamically, libcrypto will automatically link with the other two libraries. However, when linking statically, these libraries need to be specified explicitly while linking. By moving the autoconf checks for libdl and libz before those for libcrypto, we ensure the latter test will be done with the proper libraries.
Ensure proper linking with OpenSSL with recent versions of MinGW.
Check for EVP_EncryptInit_ex instead of SHA1_Version in OpenSSL. The latter function disappeared, and wasn't actually used in tinc, so now we check on a function that we do use.
OpenSSL 1.0.0 compiled for 64 bit Windows requires linking with -lcrypt32.
Enable OpenSSL ENGINE, so crypto hardware gets used. Thanks to Andreas van Cranenburgh.
Remove autogen.sh, the autoreconf program does exactly that. Update everything for the latest autoconf and automake versions.
Use CPPFLAGS, LDFLAGS and LIBS as appropiate.
Update configure scripts.
- simplify configure.in - drop support for OpenSSL < 0.9.7 - add some missing definitions/includes
Various fixes for autoconf and OpenSSL 0.9.7 and a missing header.
Autoconf cleanup. Works for both 2.13 and 2.53, although running autoconf 2.53 still gives some errors.
Merging of the entire pre5 branch.
- Always use <openssl/include.h> instead of just <include.h> - Check if RAND_pseudo_bytes() exists, otherwise just use RAND_bytes()
Check for dlopen in standard libraries first (needed for DEC OSF).