openbsd/src/lib/libcrypto/engine, branch libressl-v2.8.3

openbsd/src/lib/libcrypto/engine, branch libressl-v2.8.3 A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=libressl-v2.8.3 2018-08-24T19:25:31+00:00 In ENGINE_up_ref(), check return value of CRYPTO_add() and report 2018-08-24T19:25:31+00:00 tb 2018-08-24T19:25:31+00:00 urn:sha1:8091272653c9a290a7ec27ea8fd28dd54debaf4a failure accordingly. ok jsing Make ENGINE_free() succeed on NULL. Matches OpenSSL's behavior and 2018-04-14T07:18:37+00:00 tb 2018-04-14T07:18:37+00:00 urn:sha1:e2303054291a1a9cf6ea192af2df63e77c3f65fd simplifies the caller side. tested by & ok inoguchi; discussed with schwarze make ENGINE_finish() succeed on NULL and simplify callers as in 2018-04-14T07:09:21+00:00 tb 2018-04-14T07:09:21+00:00 urn:sha1:0c5418014797b1fadca3f270eb2f140fd6f5bdf8 OpenSSL commit 7c96dbcdab9 by Rich Salz. This cleans up the caller side quite a bit and reduces the number of lines enclosed in #ifndef OPENSSL_NO_ENGINE. codesearch.debian.net shows that almost nothing checks the return value of ENGINE_finish(). While there, replace a few nearby 'if (!ptr)' with 'if (ptr == NULL)'. ok jsing, tested by & ok inoguchi Bring in compatibility for OpenSSL 1.1 style init functions. 2018-03-17T16:20:01+00:00 beck 2018-03-17T16:20:01+00:00 urn:sha1:035770aca4c8c1f0d36f1b8da62c9e1fb9a4f09b This adds OPENSSL_init_crypto and OPENSSL_init_ssl, as well thread safety modifications for the existing LibreSSL init functions. The initialization routines are called automatically by the normal entry points into the library, as in newer OpenSSL ok jsing@, nits by tb@ and deraadt@ Send the function codes from the error functions to the bit bucket, 2017-01-29T17:49:23+00:00 beck 2017-01-29T17:49:23+00:00 urn:sha1:d1f47bd292f36094480caa49ada36b99a69c59b0 as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@ Explicitly export a list of symbols from libcrypto. 2016-12-21T15:49:29+00:00 jsing 2016-12-21T15:49:29+00:00 urn:sha1:18adabd97858ed28289c9dc31e8042c515840be4 Move the "internal" BN functions from bn.h to bn_lcl.h and stop exporting the bn_* symbols. These are documented as only being intended for internal use, so why they were placed in a public header is beyond me... This hides 363 previously exported symbols, most of which exist in headers that are not installed and were never intended to be public. This also removes a few crusty old things that should have died long ago (like _ossl_old_des_read_pw). But don't worry... there are still 3451 symbols exported from the library. With input and testing from inoguchi@. ok beck@ inoguchi@ Replace all uses of magic numbers when operating on OPENSSL_ia32_P[] by 2016-11-04T17:30:30+00:00 miod 2016-11-04T17:30:30+00:00 urn:sha1:1a12fc8399638223feca8f853e2ac2cc22eeb471 meaningful constants in a private header file, so that reviewers can actually get a chance to figure out what the code is attempting to do without knowing all cpuid bits. While there, turn it from an array of two 32-bit ints into a properly aligned 64-bit int. Use of OPENSSL_ia32_P is now restricted to the assembler parts. C code will now always use OPENSSL_cpu_caps() and check for the proper bits in the whole 64-bit word it returns. i386 tests and ok jsing@ Remove I386_ONLY define. It was only used to prefer a 2016-11-04T13:56:05+00:00 miod 2016-11-04T13:56:05+00:00 urn:sha1:098856ba6c9340c7f8061be62dd042763fe233a3 faster-on-genuine-80386-but-slower-on-80486-onwards innstruction sequence in the SHA512 code, and had not been enabled in years, if at all. ok tom@ bcook@ Remove SHA0 check, as we did in v1.21 of sha.h. 2015-12-07T03:30:09+00:00 bcook 2015-12-07T03:30:09+00:00 urn:sha1:08dd703b6936f9d0ce2247d4d0b74a9ad398474d This enables ENGINE_get_digest to work again with SHA1. noted by NARUSE, Yui, @nurse from github Kill coverity 128475 2015-08-28T01:06:09+00:00 beck 2015-08-28T01:06:09+00:00 urn:sha1:3afc5208a3a2aff4b6e13f31fcbe99c2ca94151c ok doug@