summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/Symbols.list (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Reinstate PKCS12_key_gen_uni()tb10 days1-0/+1
| | | | | | | Unfortunately, this is used in acsm-calibre-plugin, via oscrypto. Fixes https://github.com/Leseratte10/acsm-calibre-plugin/issues/112 ok jsing
* Remove EC_POINTs_* APItb10 days1-2/+0
| | | | | | | | | | And another one... Completely overengineered for the sake of academic credentials and only Ruby ever picked this garbage up. Fortunately, it's no longer used with LibreSSL since we defanged this in 2018. The latest version of ruby/openssl has completely removed this as part of their post 1.0.x cleanup. ok jsing
* Remove Jprojective_coordinates APItb10 days1-2/+0
| | | | | | | There goes another implementation detail that should never have been leaked out of the library. ok jsing
* Unexport EC_GROUP_*precompute_mult()tb10 days1-2/+0
| | | | | | | These have been noops for a while and as usual some Perl module was the only thing "using" it. ok jsing
* Unexport EC_GROUP_copy()tb10 days1-1/+0
| | | | | | Without EC_GROUP_new(), this API is useless. There's EC_GROUP_dup(). ok jsing
* Unexport EC_METHOD and all API using ittb10 days1-6/+0
| | | | | | | | | | | | This is an implementation detail and there is no reason to leak it from the library. This removes EC_GFp_{mont,simple}_method(), EC_GROUP_{method_of,new}(), EC_METHOD_get_field_type(), EC_POINT_method_of() from the public API. EC_GROUP_copy() is now quite useless, so it will go as well. ok jsing
* Align CRYPTO_set_mem*_functions with OpenSSL 1.1tb10 days1-1/+0
| | | | | | | | | | | | | | CRYPTO_set_mem_ex_functions() was renamed to CRYPTO_set_mem_functions(), replacing the latter while also correcting the arguments for the free pointer. The backstory is that a commit that was never compiled was fixed the wrong way an hour later (both committed without review, obviously), and here we are, still cleaning up the mess 23 years later. We carry patches in cjose and stunnel for this; dovecot and links+ have autoconf checks and will adapt. Oh, and then there's the mariadb configure time insanity passing wrong function pointers... ok jsing
* Unexport the weird X509_OBJECT_up_ref_count()tb10 days1-1/+0
| | | | | | | | It's only used in x509_lu.c, so move it there. X509_OBJECT is not itself refcounted. This API bumps the refcount of its cert or CRL member. This isn't really useful outside of the library. ok jsing
* Unexport X509_NAME_print()tb10 days1-1/+0
| | | | | | | | | | Nothing uses this anymore. M2Crypto has been patched and a fix for opensc has been upstreamed. ok jsing This is the start of a major bump. Don't build the tree until I have synced sets in about 20 commits.
* Expose X509_get_signature_infotb2024-08-311-0/+1
| | | | | | | | To compensate for all the removals, a single, small, constructive piece of this bump: expose X509_get_signature_info() so that libssl's security level API can handle RSA-PSS certificates correctly. ok beck jsing
* Make X509at_* API internaltb2024-08-311-10/+0
| | | | | | | | The only consumer, yara, has been adjusted. It will be some more work to remove this idiocy internally, but at least we will no longer have to care about external consumers. ok beck jsing
* Unexport OPENSSL_cpuid_setup and OPENSSL_ia32cap_Ptb2024-08-311-1/+0
| | | | | | | | | This allows us in particular to get rid of the MD Symbols.list which were needed on amd64 and i386 for llvm 16 a while back. OPENSSL_ia32cap_P was never properly exported since the symbols were marked .hidden in the asm. ok beck jsing
* Zap HMAC_Inittb2024-08-311-1/+0
| | | | | | Long deprecated, last users have been fixed. ok beck jsing
* Nuke the whrlpool (named after the galaxy) from orbittb2024-08-311-6/+0
| | | | | | | It's just gross. Only used by a popular disk encryption utility on an all-too-popular OS one or two decades back. ok beck jsing
* Remove DES_enc_{read,write} and DES_rw_modetb2024-08-311-3/+0
| | | | | | | Unfortunately we'll probably never be able to get rid of DES entirely. One part of it that is old enough to be a grandparent can go, though. ok beck jsing
* Garbage collec UI_UTIL remnantstb2024-08-311-2/+0
| | | | ok beck jsing
* Remove EVP_PKEY.*attr* APItb2024-08-311-9/+0
| | | | | | I ranted enough about this recently. PKCS#12. Microsoft. 'nuff said. ok beck jsing
* Remove X509_REQ_{set,get}_extension_nids()tb2024-08-311-2/+0
| | | | | | | | LibreSSL no longer supports non-standard OIDs for use in the extensions attribute of CSRs. The API that enabled that (and nobody used of course) can now go. ok beck jsing
* Remove X509_check_trust() and some related definestb2024-08-311-1/+0
| | | | | | | | | Someone thought it would be a good idea to append non-standard trust information to the certs in the trust store. This API is used to inspect that depending on the intended purpose of the cert. Only M2Crypto thought it necessary to expose this. It was adjusted. ok beck jsing
* Remove ERR_add_{,v}data()tb2024-08-311-2/+0
| | | | | | Another unused bit of legacy API... ok beck jsing
* Make some more x509 conf stuff internaltb2024-08-311-11/+0
| | | | | | | This internalizes a particularly scary layer of conf used for X.509 extensions. Again unused public API... ok beck jsing
* Retire X509V3_set_conf_lhash()tb2024-08-311-1/+0
| | | | | | | | Thankfully sthen removed the out-of-support PHP versions 7.4 and 8.0, which were the last users of this API, which in turn permitted much of this conf rampage. Now the stub can join its guts in the attic. ok beck jsing
* Retire X509V3_EXT_{,CRL_,REQ_}add_conf()tb2024-08-311-3/+0
| | | | | | | | Fortunately all projects who want to configure their extensions using a dangerous string DSL/API figured out the fact that one was supposed to be using the nconf version of these (the hint is the 'n', as in new). ok beck jsing
* Remove OPENSSL_load_builtin_modulestb2024-08-311-1/+0
| | | | | | | This became obsolete with the automatic library initialization. Now it is time for it to become an internal API. ok beck jsing
* Remove more CONF_* functions that are no longer neededtb2024-08-311-5/+0
| | | | | | | | This is the next layer of unused cruft that can now go. The code lovingly called it 'the "CONF classic" functions'. No tear was shed. Don't worry, we still have the "New CONF" functions! ok beck jsing
* Unexport NCONF_defaulttb2024-08-311-1/+0
| | | | | | | | The only project I'm aware of that ever used this was rust-openssl and they did so for no good reason. So remove this API, the crate's code is already adjusted accordingly. ok beck jsing
* Inline NCONF_free_data in its only usertb2024-08-311-1/+0
| | | | ok beck jsing
* Remove NCONF_WIN32tb2024-08-311-1/+0
| | | | | | | Undocumented and entirely unused. Gets rid of a big, modifiable, global table. ok beck jsing
* Retire conf_api.h and the API thereintb2024-08-311-7/+0
| | | | | | | This makes the _CONF_* layer of the conf module internal and gets rid of the entirely unused conf_api.h. ok beck jsing
* Unexport some conf layers unused outside of libcryptotb2024-08-311-16/+0
| | | | | | | | | | | | | imodules are called imodules because they contain Information about modules that have been Initialized. Which one of these two I it is is anyone's best guess. Why anything outside of libcrypto would ever possibly care will also remain a mystery. Remove the old way of adding a conf module, user data, stop allowing to set a method (it's opaque now, remember?) and drop a couple bits more from the public api interface. ok beck jsing
* Remove unused {,N}CONF_dump_{bio,fp}()tb2024-08-311-4/+0
| | | | | | | | It's time to start removing some horrors from the conf/ garbage. If the current top layer wasn't terrible enough, you could always slap another one on top of it and it would then be truly marvellous. ok beck jsing
* Remove EVP_PKEY_*check againtb2024-08-311-3/+0
| | | | | | | | | | | | | | | This API turned out to be a really bad idea. OpenSSL 3 extended it, with the result that basically every key type had its own DoS issues fixed in a recent security release. We eschewed these by having some upper bounds that kick in when keys get insanely large. Initially added on tobhe's request who fortunately never used it in iked, this was picked up only by ruby/openssl (one of the rare projects doing proper configure checks rather than branching on VERSION defines) and of course xca, since it uses everything it can. So it was easy to get rid of this again. ok beck jsing
* sorttb2024-04-161-1/+1
|
* Bye, bye, OPENSSL_str{,n}casecmp()tb2024-04-151-2/+0
| | | | ok jsing
* And a pile of TS ASN.1 stuff becomes internal-only, tootb2024-04-151-9/+0
| | | | ok jsing
* X509_NAME_ENTRIES_it and X509_NAME_INTERNAL_it go internaltb2024-04-151-2/+0
| | | | | | It's always good to see something called internal in the public API. ok jsing
* And here go {,EC}DSA_SIG_ittb2024-04-151-2/+0
| | | | ok jsing
* DHparam_it becomes static, tootb2024-04-151-1/+0
| | | | ok jsing
* More X9.62 stuff was never used outside of ec_asn1.ctb2024-04-151-8/+0
| | | | | | We only need the ASN.1 items. ok jsing
* EC_PRIVATEKEY becomes internal-only, tootb2024-04-151-5/+0
| | | | ok jsing
* Unexport the ECPKPARAMETERS APItb2024-04-151-5/+0
| | | | ok jsing
* Make ECPARAMETERS_{new,free,it} internal-onlytb2024-04-151-3/+0
| | | | ok jsing
* Move BIO_CONNECT_{new,free}() to internal-onlytb2024-04-151-2/+0
| | | | ok jsing
* Remove ASN1_time_clamp_not_after() from Symbols.listtb2024-04-151-1/+0
| | | | | | | This was only ever semi-public and libtls no longer uses it since it was switched to the BoringSSL POSIX time API. ok jsing
* Make CRYPTO_THREADID opaquetb2024-03-021-4/+0
| | | | | | | | With ERR_STATE out of the way, we can make CRYPTO_THREADID opaque. The type is still accessed by used public API, but some of the public API can also go away. ok jsing
* Remove CRYPTO_*infotb2024-03-021-3/+0
| | | | | | | Long time neutered, only used (pointlessly without error checking) in the error code until very recently. ok jsing
* Remove a bunch of CRYPTO memory APItb2024-03-021-24/+0
| | | | | | | | This was neutered early on in the fork and has been rotting ever since. Some parts of the API are still used, but it's easier to clean up when most of the mess is gone. ok jsing
* Remove sk_find_ex()tb2024-03-021-1/+0
| | | | | | | This API intends to find the closest match to the needle. M2Crypto exposes it because it can. This will be fixed by patching the port. ok jsing
* Unhook and remove GOST and STREEBOGtb2024-03-021-50/+0
| | | | | | | | | | | | This stops compiling the GOST source. The current implementation is low quality and got in the way, especially in libssl. While we would be open for GOST support, it needs to be significantly better than what we have had and it also needs a maintainer. Add OPENSSL_NO_GOST to opensslfeatures and stop installing gost.h. Some code wrapped in #ifndef OPENSSL_NO_GOST will be removed later. ok jsing
* Make LHASH_OF() and STACK_OF() use opaque structstb2024-03-021-0/+1
| | | | | | | | | | | | | This removes internals of these two special snowflakes and will allow further simplifications. Unfortunately, there are some pieces of software that actually use LHASH_OF() (looking at you, pound, Ruby, and openssl(1)), so we get to keep exposing this garbage, at least for now. Expose lh_error() as a symbol to replace a macro reaching into _LHASH. lh_down_load() is no longer available. _LHASH and _STACK are now opaque, LHASH_NODE becomes internal-only. from jsing
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-19 12:55:15 +0000