openbsd/src/lib/libcrypto/Makefile, branch OPENBSD_6_3

openbsd/src/lib/libcrypto/Makefile, branch OPENBSD_6_3_BASE A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=OPENBSD_6_3_BASE 2018-03-17T16:20:01+00:00 Bring in compatibility for OpenSSL 1.1 style init functions. 2018-03-17T16:20:01+00:00 beck 2018-03-17T16:20:01+00:00 urn:sha1:035770aca4c8c1f0d36f1b8da62c9e1fb9a4f09b This adds OPENSSL_init_crypto and OPENSSL_init_ssl, as well thread safety modifications for the existing LibreSSL init functions. The initialization routines are called automatically by the normal entry points into the library, as in newer OpenSSL ok jsing@, nits by tb@ and deraadt@ Add DSA_meth_{dup,free,new,set_{finish,sign}}() 2018-03-17T15:19:12+00:00 tb 2018-03-17T15:19:12+00:00 urn:sha1:36729dfed048bc0fe100881beaa75ee443855fe4 As in RSA_meth_*, note that these functions return NULL in out-of-memory situations, but they do not set an error explicitly. ok jsing Provide RSA_meth_{dup,free,new,set_{finish,priv_{dec,enc}}}() 2018-03-17T15:12:56+00:00 tb 2018-03-17T15:12:56+00:00 urn:sha1:70a27b396f5f0474f8fd3b9dc443176a0d82f759 Note that these functions return NULL in out-of-memory situations, but contrary to OpenSSL's versions they do not set an error. ok jsing Provide BIO_meth_{free,new}() and BIO_meth_set_{create,crtl,destroy}() 2018-02-17T13:57:14+00:00 tb 2018-02-17T13:57:14+00:00 urn:sha1:c62b2969f3c28178aaa6c7b68a1c8b575fa098aa and BIO_meth_set_{puts,read,write}(). ok jsing Remove RSA_padding_add_SSLv23()/RSA_padding_check_SSLv23() and related 2017-08-28T17:41:59+00:00 jsing 2017-08-28T17:41:59+00:00 urn:sha1:0382c9253ad062352e3b0e86758368e59d99d3ba code. We removed SSLv2/SSLv3 a long time ago... Discussed with doug@ sprinkle a few missing dependencies on perl scripts internal bits. 2017-08-20T17:53:13+00:00 espie 2017-08-20T17:53:13+00:00 urn:sha1:39e376c267c3aa3e7cc588facfbbba9d81cb593b 'it works' deraadt@ Switch to -Werror with clang for libressl. 2017-08-13T19:42:33+00:00 doug 2017-08-13T19:42:33+00:00 urn:sha1:e0d9b6877814aabc7aa1b8a33ad302bf782d8ce3 Discussed with beck@ and jsing@ ok beck@ remove misc. depend and yacc nits that no longer matter. 2017-07-10T21:30:37+00:00 espie 2017-07-10T21:30:37+00:00 urn:sha1:ecf4ad9e94dd924bbce561ab5f2f1e2dcc9d3314 okay millert@ mark files as BUILDFIRST, or write explicit dependencies, so that most 2017-06-16T10:25:54+00:00 espie 2017-06-16T10:25:54+00:00 urn:sha1:8216c8f121c197a76840fb3260e5a44335efefd9 programs will build even without a make depend first. okay tb@ millert@ Randomize link-order of libcrypto as we do with libc. This library 2017-05-29T09:44:01+00:00 deraadt 2017-05-29T09:44:01+00:00 urn:sha1:b4ca6599527e8767077c39409965f099aa3d3769 has many small functions without significant local storage, therefore less tail protection from -fstack-protector-strong to prevent their use as ROP gadgets. It is used in security contexts. Also many functions dribble pointers onto the stack, allowing discovery of gadgets via the fixed relative addresses, so let's randomly bias those. ok tedu jsing The rc script will soon need a strategy for skipping this step on machines with poor IO performance. Or maybe do it less often? However, I don't see many more libraries we'll do this with, these are the two most important ones.