openbsd/src/lib/libcrypto/crypto/Makefile, branch libressl-v2.2.4A mirror of https://github.com/libressl/openbsd.git
https://git.lua4.win/openbsd/atom?h=libressl-v2.2.42015-07-19T22:34:27+00:00Remove OpenSSL engine RSAX.2015-07-19T22:34:27+00:00doug2015-07-19T22:34:27+00:00urn:sha1:25841ddc7e1d255a907b71bc100b10c363287a75
OpenSSL stopped building it last year and removed it this year.
Based on OpenSSL commit c436e05bdc7f49985a750df64122c960240b3ae1.
Also cranked major version in libcrypto, libssl and libtls.
"fine with me" bcook@ miod@
Fix pointer to unsigned long conversion.2015-06-27T22:42:02+00:00doug2015-06-27T22:42:02+00:00urn:sha1:d788c94c3402544911d6c17ebe52027adc5f4c42
bcook@ notes that this check really only impacted 64-bit Windows. Also,
changed the check to be unsigned for consistency.
ok bcook@
Remove obsolete MDC-2DES from libcrypto.2015-06-20T01:07:25+00:00doug2015-06-20T01:07:25+00:00urn:sha1:13b44077b7b29b4c5c4e74960c560bfe55f3fde8
ok deraadt@ jsing@ miod@
Send OPENSSL_issetugid() straight to hell, no final cigarette.2015-04-11T16:16:15+00:00deraadt2015-04-11T16:16:15+00:00urn:sha1:01d65208fd8dd61fb0f8c5d92ff80c7630a7c2b5
The issetugid() API is supposed to make a strong promise where "0
means it is safe to look at the environment". Way back in the past
someone on the OpenSSL team responded to the environment access danger
by creating a wrapper called OPENSSL_issetugid, and went to use it a
number of places. However, by default on systems lacking true
issetugid(), OPENSSL_issetugid returns 0. 0 indicating safely. False
safety. Which means OPENSSL_issetugid() fails to make any sort of
promise about safety, in fact it is just the opposite.
Can you believe the OpenSSL team?
This nastiness was noticed over the years, however noone could gain traction
and get it fixed in OpenSSL. Also see a paragraph about this in
http://www.tedunangst.com/flak/post/worst-common-denominator-programming
ok jsing
unifdef OPENSSL_NO_RFC3779 - this is currently disabled and unlikely to2015-02-10T13:28:17+00:00jsing2015-02-10T13:28:17+00:00urn:sha1:b5dcc59b2cf1dad7e9ebcc08266a1bf71c384886
be enabled, mostly since people use SANs instead.
ok beck@ guenther@
Remove RC5 code - this is not currently enabled and is not likely to ever2015-02-10T11:37:58+00:00jsing2015-02-10T11:37:58+00:00urn:sha1:f1d598735f0b0ffb1d0c0a4960577043026a928e
be enabled.
Removes one symbol from libcrypto, however there is no ABI change.
ok beck@ miod@ tedu@
Remove crypto/store - part of which is "currently highly experimental".2015-02-10T11:16:33+00:00jsing2015-02-10T11:16:33+00:00urn:sha1:cdb7be83319e074737e0c8a1a62fed485bd1c0de
This code is not compiled in and OPENSSL_NO_STORE is already defined in
opensslfeatures.h. No symbol removal for libcrypto.
ok beck@
Combine c_allc.c and c_alld.c into c_all.c - there is not much point having2015-02-07T03:23:05+00:00jsing2015-02-07T03:23:05+00:00urn:sha1:6389a5eaca6608f6d86d874f1ec6b5155822b208
this split across files, especially when two of them have less code than
license text.
ok bcook@ beck@ doug@ miod@
Add X509_STORE_load_mem() to load certificates from a memory buffer2015-01-22T09:06:39+00:00reyk2015-01-22T09:06:39+00:00urn:sha1:862d0b8723d1dd780e301615518a21818f474a9c
instead of disk. OpenSSL didn't provide a built-in API from loading
certificates in a chroot'ed process that doesn't have direct access to
the files. X509_STORE_load_mem() provides a new backend that will be
used by libssl and libtls to implement such privsep-friendly
functionality.
Adopted for LibreSSL based on older code from relayd (by pyr@ and myself)
With feedback and OK bluhm@
Move Windows OS-specific functions to make porting easier.2014-12-03T22:14:38+00:00bcook2014-12-03T22:14:38+00:00urn:sha1:dce88910ead3a43bc663d7d9e46e2689189ac19d
Several functions that need to be redefined for a Windows port are right
in the middle of other code that is relatively portable. This patch
isolates the functions that need Windows-specific implementations so
they can be built conditionally in the portable tree.
ok jsing@ deraadt@