openbsd/src/lib/libcrypto/crypto, branch libressl-v2.2.4

openbsd/src/lib/libcrypto/crypto, branch libressl-v2.2.4 A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=libressl-v2.2.4 2015-07-19T22:34:27+00:00 Remove OpenSSL engine RSAX. 2015-07-19T22:34:27+00:00 doug 2015-07-19T22:34:27+00:00 urn:sha1:25841ddc7e1d255a907b71bc100b10c363287a75 OpenSSL stopped building it last year and removed it this year. Based on OpenSSL commit c436e05bdc7f49985a750df64122c960240b3ae1. Also cranked major version in libcrypto, libssl and libtls. "fine with me" bcook@ miod@ Fix pointer to unsigned long conversion. 2015-06-27T22:42:02+00:00 doug 2015-06-27T22:42:02+00:00 urn:sha1:d788c94c3402544911d6c17ebe52027adc5f4c42 bcook@ notes that this check really only impacted 64-bit Windows. Also, changed the check to be unsigned for consistency. ok bcook@ Crank major for libcrypto, ssl and tls due to MDC-2DES removal. 2015-06-20T01:09:31+00:00 doug 2015-06-20T01:09:31+00:00 urn:sha1:bedaa1810c5bb6d8b84e1bec8033245abf6e95dc ok miod@ jsing@ Remove obsolete MDC-2DES from libcrypto. 2015-06-20T01:07:25+00:00 doug 2015-06-20T01:07:25+00:00 urn:sha1:13b44077b7b29b4c5c4e74960c560bfe55f3fde8 ok deraadt@ jsing@ miod@ Disable ENGINE_load_dynamic (dynamic engine support). 2015-06-19T06:05:11+00:00 bcook 2015-06-19T06:05:11+00:00 urn:sha1:1ef7c35782edea8e65610a2d9d6d6d08ea90983c We do not build, test or ship any dynamic engines, so we can remove the dynamic engine loader as well. This leaves a stub initialization function in its place. ok beck@, reyk@, miod@ Remove unneeded sys/sysctl.h on linux. 2015-06-13T02:33:58+00:00 bcook 2015-06-13T02:33:58+00:00 urn:sha1:7046960ffae4141275822862cb7065584b59d3ae This only provides the sysctl wrapper in glibc, which we do not use and is not available in other libc implementations for Linux. Thanks to ncopa from github. Record inter-library dependencies between libcrypto, libssl and libtls 2015-05-17T22:39:39+00:00 kettenis 2015-05-17T22:39:39+00:00 urn:sha1:c5f087c6c031837a968277278b7d6de4ae1692fb Not all Linux libc's include linux/sysctl.h in sys/sysctl.h. 2015-04-27T03:37:06+00:00 bcook 2015-04-27T03:37:06+00:00 urn:sha1:29b3e8caf044d209b7dcfe76059033f1e5174a65 Include it if we have the sysctl syscall. Support AIX versions without WPAR support. 2015-04-27T03:34:43+00:00 bcook 2015-04-27T03:34:43+00:00 urn:sha1:218560577e54c8df6beb6f07c4ce700f230c8fe1 From Michael Felt. Send OPENSSL_issetugid() straight to hell, no final cigarette. 2015-04-11T16:16:15+00:00 deraadt 2015-04-11T16:16:15+00:00 urn:sha1:01d65208fd8dd61fb0f8c5d92ff80c7630a7c2b5 The issetugid() API is supposed to make a strong promise where "0 means it is safe to look at the environment". Way back in the past someone on the OpenSSL team responded to the environment access danger by creating a wrapper called OPENSSL_issetugid, and went to use it a number of places. However, by default on systems lacking true issetugid(), OPENSSL_issetugid returns 0. 0 indicating safely. False safety. Which means OPENSSL_issetugid() fails to make any sort of promise about safety, in fact it is just the opposite. Can you believe the OpenSSL team? This nastiness was noticed over the years, however noone could gain traction and get it fixed in OpenSSL. Also see a paragraph about this in http://www.tedunangst.com/flak/post/worst-common-denominator-programming ok jsing