A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=libressl-v3.9.1 2024-03-02T11:11:11+00:00 2024-03-02T11:11:11+00:00 tb 2024-03-02T11:11:11+00:00 urn:sha1:26367add3db68a3e89bda58a3c85174507f8e71a This removes internals of these two special snowflakes and will allow further simplifications. Unfortunately, there are some pieces of software that actually use LHASH_OF() (looking at you, pound, Ruby, and openssl(1)), so we get to keep exposing this garbage, at least for now. Expose lh_error() as a symbol to replace a macro reaching into _LHASH. lh_down_load() is no longer available. _LHASH and _STACK are now opaque, LHASH_NODE becomes internal-only. from jsing 2024-03-02T09:51:36+00:00 tb 2024-03-02T09:51:36+00:00 urn:sha1:9c25037b962e7ec9fbd5b3f3abb73f588d8d3a30 This is an alias for OBJ_create(). I haven't dug into its history. ok jsing 2024-03-02T09:50:47+00:00 tb 2024-03-02T09:50:47+00:00 urn:sha1:328a8b94e02107beca6feae33daca3da2ecf6710 OBJ_NAME_TYPE_PKEY_METH and OBJ_NAME_TYPE_COMP_METH were never used as far as I can tell. Unfortunately, PHP and Python still use the weirdly named OBJ_NAME_do_all*() API to list available ciphers and digests, so the MD and CIPHER variants need to remain public. ok jsing 2024-03-02T09:49:45+00:00 tb 2024-03-02T09:49:45+00:00 urn:sha1:c2a8b27418d4c367c3ff2673c6d47caada8c4b1a This is another implementation detail that should never have leaked out of the library. Only OBJ_create() ever used this. ok jsing 2024-03-02T09:47:16+00:00 tb 2024-03-02T09:47:16+00:00 urn:sha1:348fad0a9df90c576a11c7beeef17fa70cae611f The only reason this has still been part of the public API was that libssl used it for cipher lookup. This was fixed by replacing the lookup by proper bsearch() -- why OpenSSL felt the need to reinvent ANSI C API badly will forever remain a mystery. The stack code in libcrypto still uses a version of this. This should be rewritten. It will be a bit easier once sk_find_ex() is removed. ok jsing 2024-03-02T09:43:10+00:00 tb 2024-03-02T09:43:10+00:00 urn:sha1:3f22814f63ba66035d2e72f3a89f12dab47db39b Because this is the type it should have had from the get go. ok jsing 2024-03-02T09:41:02+00:00 tb 2024-03-02T09:41:02+00:00 urn:sha1:0afd4713583c48a961d60ae9f02ee1384b6989a1 This functionality has been disabled for a few months. Now it is high time to garbage collect it. ok jsing 2024-02-26T15:00:30+00:00 tb 2024-02-26T15:00:30+00:00 urn:sha1:d205418700609e87c645eee6eb8de486ec6bd3e3 Make these functions always fail. A copy of OBJ_bsearch_ex_() is kept in stack.c, where it is still used by internal_find() for sk_find{,_ex}(). sk_find_ex() will be removed in the upcoming bump, and then we can simplify or rewrite what's still needed. ok jsing 2024-01-29T20:37:03+00:00 job 2024-01-29T20:37:03+00:00 urn:sha1:82a2b52bbca491037fb2e86f6c9567ead7b7b8b6 References: https://datatracker.ietf.org/doc/draft-ietf-sidrops-rpki-prefixlist/ https://www.iana.org/assignments/smi-numbers/smi-numbers.xhtml#security-smime-1 OK tb@ 2024-01-29T20:36:19+00:00 job 2024-01-29T20:36:19+00:00 urn:sha1:41d816cea007efd336630f417b794a8d48830613 References: https://datatracker.ietf.org/doc/draft-ietf-sidrops-rpki-prefixlist/ https://www.iana.org/assignments/smi-numbers/smi-numbers.xhtml#security-smime-1 OK tb@