openbsd/src/lib/libcrypto/crypto, branch libressl-v2.1.10

openbsd/src/lib/libcrypto/crypto, branch libressl-v2.1.10 A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=libressl-v2.1.10 2015-03-05T20:35:28+00:00 Do not use sha512-parisc for now, as it is subtly bugged - passes the sha 2015-03-05T20:35:28+00:00 miod 2015-03-05T20:35:28+00:00 urn:sha1:edab9f054cd9e7b7c2bb8b5683f63e8a6eaea617 regress tests but causes tls ciphersuite using sha386 to fail; found the hard way by henning@. I can't see anything wrong in the generated assembly code yet, but building a libcrypto with no assembler code but sha512_block_data_order() is enough to trigger Henning's issue, so the bug lies there. No ABI change; ok deraadt@ Bump libcrypto and libssl majors, due to various recent churn. 2015-02-22T16:03:06+00:00 jsing 2015-02-22T16:03:06+00:00 urn:sha1:bb820e160520888599d0966ac5d4a5270c855a23 Discussed with/requested by deraadt@ at the conclusion of s2k15. unifdef OPENSSL_NO_RFC3779 - this is currently disabled and unlikely to 2015-02-10T13:28:17+00:00 jsing 2015-02-10T13:28:17+00:00 urn:sha1:b5dcc59b2cf1dad7e9ebcc08266a1bf71c384886 be enabled, mostly since people use SANs instead. ok beck@ guenther@ Remove RC5 code - this is not currently enabled and is not likely to ever 2015-02-10T11:37:58+00:00 jsing 2015-02-10T11:37:58+00:00 urn:sha1:f1d598735f0b0ffb1d0c0a4960577043026a928e be enabled. Removes one symbol from libcrypto, however there is no ABI change. ok beck@ miod@ tedu@ Remove crypto/store - part of which is "currently highly experimental". 2015-02-10T11:16:33+00:00 jsing 2015-02-10T11:16:33+00:00 urn:sha1:cdb7be83319e074737e0c8a1a62fed485bd1c0de This code is not compiled in and OPENSSL_NO_STORE is already defined in opensslfeatures.h. No symbol removal for libcrypto. ok beck@ Crank major for libcrypto since symbols have been removed. 2015-02-07T06:20:00+00:00 jsing 2015-02-07T06:20:00+00:00 urn:sha1:f890c33ffb541a5f8ab6f17b6b90c906bc74cacc Requested by deraadt@ Combine c_allc.c and c_alld.c into c_all.c - there is not much point having 2015-02-07T03:23:05+00:00 jsing 2015-02-07T03:23:05+00:00 urn:sha1:6389a5eaca6608f6d86d874f1ec6b5155822b208 this split across files, especially when two of them have less code than license text. ok bcook@ beck@ doug@ miod@ Add X509_STORE_load_mem() to load certificates from a memory buffer 2015-01-22T09:06:39+00:00 reyk 2015-01-22T09:06:39+00:00 urn:sha1:862d0b8723d1dd780e301615518a21818f474a9c instead of disk. OpenSSL didn't provide a built-in API from loading certificates in a chroot'ed process that doesn't have direct access to the files. X509_STORE_load_mem() provides a new backend that will be used by libssl and libtls to implement such privsep-friendly functionality. Adopted for LibreSSL based on older code from relayd (by pyr@ and myself) With feedback and OK bluhm@ Add arc4random/getentropy shims for NetBSD. 2015-01-19T20:21:40+00:00 bcook 2015-01-19T20:21:40+00:00 urn:sha1:8da41a08c1b0ad547a78765a94025ba2a25b5fb0 The latest NetBSD (6.1.5) arc4random does not appear to reseed the CRNG state after a fork, so provide an override until the fork-safe version in CVS appears in a release. These are the same as the FreeBSD shims. ok deraadt@ back in september I did the large abstraction refactoring to allow these 2015-01-15T06:57:18+00:00 deraadt 2015-01-15T06:57:18+00:00 urn:sha1:2c0fa7a33267776e90c29aa1b640595e92c0d8f7 other systems to fit into the same mold, so add copyright