openbsd/src/lib/libcrypto/hidden, branch libressl-v3.9.1

openbsd/src/lib/libcrypto/hidden, branch libressl-v3.9.1 A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=libressl-v3.9.1 2024-03-02T13:39:28+00:00 Remove some GOST relics 2024-03-02T13:39:28+00:00 tb 2024-03-02T13:39:28+00:00 urn:sha1:b67dd091b5f82f671c4de5665606d30a7de36db5 Make CRYPTO_THREADID opaque 2024-03-02T11:37:13+00:00 tb 2024-03-02T11:37:13+00:00 urn:sha1:17579c0eb7910d89f824a0cb4f9967d3af8a04ac With ERR_STATE out of the way, we can make CRYPTO_THREADID opaque. The type is still accessed by used public API, but some of the public API can also go away. ok jsing Remove CRYPTO_*info 2024-03-02T11:32:31+00:00 tb 2024-03-02T11:32:31+00:00 urn:sha1:442f5bad00cacf2ea72b97c3bdfe8b35b23ada3c Long time neutered, only used (pointlessly without error checking) in the error code until very recently. ok jsing Remove a bunch of CRYPTO memory API 2024-03-02T11:28:46+00:00 tb 2024-03-02T11:28:46+00:00 urn:sha1:0b6deb78b28f14c6fe58749806ff4e6774c9cbe9 This was neutered early on in the fork and has been rotting ever since. Some parts of the API are still used, but it's easier to clean up when most of the mess is gone. ok jsing Remove sk_find_ex() 2024-03-02T11:20:36+00:00 tb 2024-03-02T11:20:36+00:00 urn:sha1:b56b72805aa516348080e8769435cb6cae2c3c5d This API intends to find the closest match to the needle. M2Crypto exposes it because it can. This will be fixed by patching the port. ok jsing Make LHASH_OF() and STACK_OF() use opaque structs 2024-03-02T11:11:11+00:00 tb 2024-03-02T11:11:11+00:00 urn:sha1:26367add3db68a3e89bda58a3c85174507f8e71a This removes internals of these two special snowflakes and will allow further simplifications. Unfortunately, there are some pieces of software that actually use LHASH_OF() (looking at you, pound, Ruby, and openssl(1)), so we get to keep exposing this garbage, at least for now. Expose lh_error() as a symbol to replace a macro reaching into _LHASH. lh_down_load() is no longer available. _LHASH and _STACK are now opaque, LHASH_NODE becomes internal-only. from jsing Remove lh stats 2024-03-02T11:04:52+00:00 tb 2024-03-02T11:04:52+00:00 urn:sha1:792421b3f220abcbd1405485edc9bf6b39485769 This could have been removed in an earlier bump. Now it's time for it to say goodbye. ok jsing Garbage collect most of the public LOOKUP API 2024-03-02T10:57:03+00:00 tb 2024-03-02T10:57:03+00:00 urn:sha1:71f803228f85a85e040f88d8df2af4393f0d64c6 Yet another bit of extensibility that no one ever really used. X509_LOOKUP_free() needs to stay because of ... rust-openssl (and kdelibs4support). ok jsing Remove unused public X509_TRUST API 2024-03-02T10:48:17+00:00 tb 2024-03-02T10:48:17+00:00 urn:sha1:bd61e1e1013cfd2b6462e4fbf774072eb184c44c Another thing that should never have leaked out of the library. It will become internal entirely, where the code can be simplified greatly. ok jsing Remove unused parts of the purpose API 2024-03-02T10:40:05+00:00 tb 2024-03-02T10:40:05+00:00 urn:sha1:7b018fc829c78dbce4b7cd8a28aa798b3e03d6a4 Most of this is the ability to add custom purposes. Also the astounding X509_STORE_CTX_purpose_inherit(). The names are used by PHP, and M2Crypto exposes X509_check_purpose(), so these remain public. Some weird, most likely invalid, uses also remain in rust-openssl. ok jsing