openbsd/src/lib/libcrypto/crypto/Makefile, branch libressl-v2.3.0

openbsd/src/lib/libcrypto/crypto/Makefile, branch libressl-v2.3.0 A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=libressl-v2.3.0 2015-09-14T01:45:03+00:00 Temporarily revive MD4 for MS CHAP support. 2015-09-14T01:45:03+00:00 doug 2015-09-14T01:45:03+00:00 urn:sha1:ea990ff7851a189e7a61b56357a6d6e0de88a040 Remove MD4 support from LibreSSL. 2015-09-13T23:36:21+00:00 doug 2015-09-13T23:36:21+00:00 urn:sha1:785c6ad9250acc090d76964e9c21e550856a22f3 MD4 should have been removed a long time ago. Also, RFC 6150 moved it to historic in 2011. Rides the major crank from removing SHA-0. Discussed with many including beck@, millert@, djm@, sthen@ ok jsing@, input + ok bcook@ Remove SHA-0 support. 2015-09-13T21:09:56+00:00 doug 2015-09-13T21:09:56+00:00 urn:sha1:f84194ca116d8e28c7eb7098c2c8d88f43bd56ac SHA-0 was withdrawn shortly after publication 20 years ago and replaced with SHA-1. This will require a major crank. ok bcook@, jsing@ Merge ech_ossl.c into ech_key.c - not much point having one file with a 2015-09-13T12:27:14+00:00 jsing 2015-09-13T12:27:14+00:00 urn:sha1:7aad11835631635218a8c6cff256232a97116994 four line function and a tonne of license text. ok beck@ Nuke openssl/e_os2.h, since nothing should be using it. 2015-09-13T12:13:02+00:00 jsing 2015-09-13T12:13:02+00:00 urn:sha1:464203fc6f0f7c192427eebc2b31b32285b5514c ok deraadt@ "hurray! finally!" miod@ "Yay!" sthen@ Remove OpenSSL engine RSAX. 2015-07-19T22:34:27+00:00 doug 2015-07-19T22:34:27+00:00 urn:sha1:25841ddc7e1d255a907b71bc100b10c363287a75 OpenSSL stopped building it last year and removed it this year. Based on OpenSSL commit c436e05bdc7f49985a750df64122c960240b3ae1. Also cranked major version in libcrypto, libssl and libtls. "fine with me" bcook@ miod@ Fix pointer to unsigned long conversion. 2015-06-27T22:42:02+00:00 doug 2015-06-27T22:42:02+00:00 urn:sha1:d788c94c3402544911d6c17ebe52027adc5f4c42 bcook@ notes that this check really only impacted 64-bit Windows. Also, changed the check to be unsigned for consistency. ok bcook@ Remove obsolete MDC-2DES from libcrypto. 2015-06-20T01:07:25+00:00 doug 2015-06-20T01:07:25+00:00 urn:sha1:13b44077b7b29b4c5c4e74960c560bfe55f3fde8 ok deraadt@ jsing@ miod@ Send OPENSSL_issetugid() straight to hell, no final cigarette. 2015-04-11T16:16:15+00:00 deraadt 2015-04-11T16:16:15+00:00 urn:sha1:01d65208fd8dd61fb0f8c5d92ff80c7630a7c2b5 The issetugid() API is supposed to make a strong promise where "0 means it is safe to look at the environment". Way back in the past someone on the OpenSSL team responded to the environment access danger by creating a wrapper called OPENSSL_issetugid, and went to use it a number of places. However, by default on systems lacking true issetugid(), OPENSSL_issetugid returns 0. 0 indicating safely. False safety. Which means OPENSSL_issetugid() fails to make any sort of promise about safety, in fact it is just the opposite. Can you believe the OpenSSL team? This nastiness was noticed over the years, however noone could gain traction and get it fixed in OpenSSL. Also see a paragraph about this in http://www.tedunangst.com/flak/post/worst-common-denominator-programming ok jsing unifdef OPENSSL_NO_RFC3779 - this is currently disabled and unlikely to 2015-02-10T13:28:17+00:00 jsing 2015-02-10T13:28:17+00:00 urn:sha1:b5dcc59b2cf1dad7e9ebcc08266a1bf71c384886 be enabled, mostly since people use SANs instead. ok beck@ guenther@