A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=OPENBSD_7_8_BASE 2025-05-10T05:54:39+00:00 2025-05-10T05:54:39+00:00 tb 2025-05-10T05:54:39+00:00 urn:sha1:41e8f99dd1625a9f0c80ce9d4383e95b18e85709 ok jsing 2024-11-05T09:35:40+00:00 tb 2024-11-05T09:35:40+00:00 urn:sha1:c2524247aca69c609c97775f05ea83457f5865f4 discussed with jsing 2024-11-01T18:34:06+00:00 tb 2024-11-01T18:34:06+00:00 urn:sha1:f9a68fe280d96dbf02f5338a1e3437222592c77b Clean up the other includes while there. 2024-08-31T09:26:18+00:00 tb 2024-08-31T09:26:18+00:00 urn:sha1:465ca291ecb667ff9b02fa56937b3f5ee1ae84cd imodules are called imodules because they contain Information about modules that have been Initialized. Which one of these two I it is is anyone's best guess. Why anything outside of libcrypto would ever possibly care will also remain a mystery. Remove the old way of adding a conf module, user data, stop allowing to set a method (it's opaque now, remember?) and drop a couple bits more from the public api interface. ok beck jsing 2024-08-08T23:50:29+00:00 tb 2024-08-08T23:50:29+00:00 urn:sha1:e755f6ee9bfab63d12a1136307e8805df17147a1 2024-07-13T15:08:58+00:00 tb 2024-07-13T15:08:58+00:00 urn:sha1:3a6927c782869fec9a91b17f3757e56538e5d418 Use C99 initializers for all structs (some were forgotten). Make all the structs static, call them x509v3_ext_* matching NID_*. Add accessors called x509v3_ext_method_* and use these to implement X509V3_EXT_get_nid(). This adds consistency and avoids a few contortions like grouping a few extensions in arrays to save a couple externs. ok beck jsing 2024-06-24T06:43:23+00:00 tb 2024-06-24T06:43:23+00:00 urn:sha1:c9802a5afe29675d69b605ce906d34fd89c024ac These constitute the bulk of the remaining global mutable state in libcrypto. This commit moves most of them into data.rel.ro, leaving out ERR_str_{functs,libraries,reasons} (which require a slightly different approach) and SYS_str_reasons which is populated on startup. The main observation is that if ERR_load_strings() is called with a 0 lib argument, the ERR_STRING_DATA argument is not actually modified. We could use this fact to cast away const on the caller side and be done with it. We can make this cleaner by adding a helper ERR_load_const_strings() which explicitly avoids the assignment to str->error overriding the error code already set in the table. In order for this to work, we need to sprinkle some const in err/err.c. CMS called ERR_load_strings() with non-0 lib argument, but this didn't actually modify the error data since it ored in the value already stored in the table. Annoyingly, we need to cast const away once, namely in the call to lh_insert() in int_err_set_item(). Fixing this would require changing the public API and is going to be tricky since it requires that the LHASH_DOALL_FN_* types adjust. ok jsing 2023-07-22T17:02:49+00:00 tb 2023-07-22T17:02:49+00:00 urn:sha1:2de05d438fc2f9dd7991c8a1107792eb49afc25a This does not need tls1.h (upstream used TLSEXT constants we don't have) nor does it need evp.h. But it does need asn1.h, objects.h for STACK_OF and NID_*, among other things and it also uses uint64_t and allocates, so it needs stdint.h and stdlib.h. 2023-07-08T07:22:58+00:00 beck 2023-07-08T07:22:58+00:00 urn:sha1:76f3e45e5e334b3d6431f9c0e76ac816fc551075 ok jsing@ 2022-07-12T14:42:50+00:00 kn 2022-07-12T14:42:50+00:00 urn:sha1:89e42d5857196a8071fbafb5565388d0e20ec32b This script is not used at all and files are edited by hand instead. Thus remove misleading comments incl. the obsolete script/config. Feedback OK jsing tb