Merge OpenSSL 1.0.2k.

1 files changed, 38 insertions, 31 deletions

diff --git a/crypto/openssl/INSTALL b/crypto/openssl/INSTALL
index 679b30d4c790..aa7e35fa79fe 100644
--- a/crypto/openssl/INSTALL
+++ b/crypto/openssl/INSTALL
@@ -74,24 +74,26 @@
 
   no-asm        Do not use assembler code.
 
-  386           Use the 80386 instruction set only (the default x86 code is
-                more efficient, but requires at least a 486). Note: Use
-                compiler flags for any other CPU specific configuration,
-                e.g. "-m32" to build x86 code on an x64 system.
-
-  no-sse2	Exclude SSE2 code pathes. Normally SSE2 extention is
-		detected at run-time, but the decision whether or not the
-		machine code will be executed is taken solely on CPU
-		capability vector. This means that if you happen to run OS
-		kernel which does not support SSE2 extension on Intel P4
-		processor, then your application might be exposed to
-		"illegal instruction" exception. There might be a way
-		to enable support in kernel, e.g. FreeBSD kernel can be
-		compiled with CPU_ENABLE_SSE, and there is a way to
-		disengage SSE2 code pathes upon application start-up,
-		but if you aim for wider "audience" running such kernel,
-		consider no-sse2. Both 386 and no-asm options above imply
-		no-sse2.
+  386           In 32-bit x86 builds, when generating assembly modules,
+                use the 80386 instruction set only (the default x86 code
+                is more efficient, but requires at least a 486). Note:
+                This doesn't affect code generated by compiler, you're
+                likely to complement configuration command line with
+                suitable compiler-specific option.
+
+  no-sse2       Exclude SSE2 code paths from 32-bit x86 assembly modules.
+                Normally SSE2 extension is detected at run-time, but the
+                decision whether or not the machine code will be executed
+                is taken solely on CPU capability vector. This means that
+                if you happen to run OS kernel which does not support SSE2
+                extension on Intel P4 processor, then your application
+                might be exposed to "illegal instruction" exception.
+                There might be a way to enable support in kernel, e.g.
+                FreeBSD kernel can  be compiled with CPU_ENABLE_SSE, and
+                there is a way to disengage SSE2 code paths upon application
+                start-up, but if you aim for wider "audience" running
+                such kernel, consider no-sse2. Both the 386 and
+                no-asm options imply no-sse2.
 
   no-<cipher>   Build without the specified cipher (bf, cast, des, dh, dsa,
                 hmac, md2, md5, mdc2, rc2, rc4, rc5, rsa, sha).
@@ -101,7 +103,12 @@
   -Dxxx, -lxxx, -Lxxx, -fxxx, -mXXX, -Kxxx These system specific options will
                 be passed through to the compiler to allow you to
                 define preprocessor symbols, specify additional libraries,
-                library directories or other compiler options.
+                library directories or other compiler options. It might be
+                worth noting that some compilers generate code specifically
+                for processor the compiler currently executes on. This is
+                not necessarily what you might have in mind, since it might
+                be unsuitable for execution on other, typically older,
+                processor. Consult your compiler documentation.
 
   -DHAVE_CRYPTODEV Enable the BSD cryptodev engine even if we are not using
 		BSD. Useful if you are running ocf-linux or something
@@ -159,18 +166,18 @@
      OpenSSL binary ("openssl"). The libraries will be built in the top-level
      directory, and the binary will be in the "apps" directory.
 
-     If "make" fails, look at the output.  There may be reasons for
-     the failure that aren't problems in OpenSSL itself (like missing
-     standard headers).  If it is a problem with OpenSSL itself, please
-     report the problem to <openssl-bugs@openssl.org> (note that your
-     message will be recorded in the request tracker publicly readable
-     at https://www.openssl.org/community/index.html#bugs and will be
-     forwarded to a public mailing list). Include the output of "make
-     report" in your message.  Please check out the request tracker. Maybe
-     the bug was already reported or has already been fixed.
-
-     [If you encounter assembler error messages, try the "no-asm"
-     configuration option as an immediate fix.]
+     If the build fails, look at the output.  There may be reasons
+     for the failure that aren't problems in OpenSSL itself (like
+     missing standard headers).  If you are having problems you can
+     get help by sending an email to the openssl-users email list (see
+     https://www.openssl.org/community/mailinglists.html for details). If
+     it is a bug with OpenSSL itself, please open an issue on GitHub, at
+     https://github.com/openssl/openssl/issues. Please review the existing
+     ones first; maybe the bug was already reported or has already been
+     fixed.
+
+     (If you encounter assembler error messages, try the "no-asm"
+     configuration option as an immediate fix.)
 
      Compiling parts of OpenSSL with gcc and others with the system
      compiler will result in unresolved symbols on some systems.