| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
CRYPTO_set_mem_ex_functions() was renamed to CRYPTO_set_mem_functions(),
replacing the latter while also correcting the arguments for the free
pointer. The backstory is that a commit that was never compiled was fixed
the wrong way an hour later (both committed without review, obviously),
and here we are, still cleaning up the mess 23 years later.
We carry patches in cjose and stunnel for this; dovecot and links+ have
autoconf checks and will adapt. Oh, and then there's the mariadb
configure time insanity passing wrong function pointers...
ok jsing
|
| |
|
|
|
|
|
|
|
|
| |
Some people are concerned that leaking a user name is a privacy issue.
Allow disabling the __FILE__ and __LINE__ argument in the error stack
to avoid this. This can be improved a bit in tree.
From Viktor Szakats in https://github.com/libressl/portable/issues/761
ok bcook jsing
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
The brilliant idea of installing a fragile non-idempotent cleanup atexit
handler as a library has bitten many people over time. This gets particularly
exciting when you can't control who dlopens the lib first (don't we all love
Python bindings) or if you are in a threaded context. Fake OpenSSL clones
chose not to do this but now get to carry a noop flag since people start
opting out of this madness (there's a good old tradition at work here).
ok beck joshua jsing millert miod
|
| |
|
|
|
|
|
|
|
|
|
| |
OPENSSL_cpu_caps() is currently machine dependent and exposes CPUID data
on amd64 and i386. However, what it is really used for is to indicate
whether specific algorithms are accelerated on the given hardware. Change
OPENSSL_cpu_caps() so that it returns a machine indepent value, which
decouples it from amd64/i386 and will allow it to be used appropriately
on other platforms in the future.
ok tb@
|
| |
|
|
|
|
| |
accidentally not included in crypto.h commit
requested and ok tb@
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
crypto.h already had the symbols not hidden behind LIBRESSL_INTERNAL
hidden - This now picks up the reset of them marking them as
LCRYPTO_UNUSED, and removes the LIBRESSL_INTERNAL guard.
These symbols will now be hidden, but if we use them inside
the library in a namespaced build we will get a deprecation
warning. use outside the library will be as with any other hidden
symbol, so fine.
ok tb@
|
| |
|
|
| |
ok millert miod
|
| |
|
|
| |
Requested by jsing
|
| |
|
|
|
|
|
|
| |
When tedu tedued OPENSSL_isservice(), tedus chainsaw missed crypto.h.
Finish the teduing of the hack for Visual C++ 5.0 (!), which is still
present in the latest and greatest OpenSSL.
ok jsing
|
| |
|
|
|
|
|
|
| |
With ERR_STATE out of the way, we can make CRYPTO_THREADID opaque.
The type is still accessed by used public API, but some of the public
API can also go away.
ok jsing
|
| |
|
|
|
|
|
| |
Importantly, the size in malloc is now a size_t instead of an int. The API
now also takes a file and line to match upstream's signature.
ok jsing
|
| |
|
|
|
|
|
| |
Long time neutered, only used (pointlessly without error checking) in the
error code until very recently.
ok jsing
|
| |
|
|
|
|
|
|
| |
This was neutered early on in the fork and has been rotting ever since.
Some parts of the API are still used, but it's easier to clean up when
most of the mess is gone.
ok jsing
|
| |
|
|
|
|
|
| |
Apart from OPENSSL_gmtime(), which is OpenSSL API, this is BoringSSL's
interface to deal with the time related portability and code mess.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is prepares to expose some internal API as OPENSSL_tm_to_posix() and
OPENSSL_posix_to_tm(). They will be used in libtls and ocspcheck(8) to get
rid of the portability nightmare that is timegm().
Also fix the location of OPENSSL_gmtime() and OPENSSL_timegm() (this API
is not yet exposed). The former is from OpenSSL and surprisingly lives in
crypto.h, not asn1.h, and the latter is BoringSSL API and lives in the new
posix_time.h.
Initial diff from beck, this pulls in further upstream work after review
feedback.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
To state the obvious: library suffers from way too much extensibility. In
theory, applications can implement their own ex_data implementation. In
practice, none did. A glance at ex_data.c might give an idea as to why.
Make this internal so this particular turd can be replaced with something
slightly saner.
Also sync up the CRYPTO_EX_INDEX_* defines with OpenSSL - at least
the parts we support.
ok jsing
|
| |
|
|
|
|
| |
method of indicating that the function does not return.
ok tb@
|
| |
|
|
|
|
| |
The other public headers have function and reason codes at the end because
the error header was inlined. This was also the case here, too, until the
automatic library initialization was appended.
|
| |
|
|
| |
Thanks to orbea for the report
|
| |
|
|
|
|
|
| |
This tells gcc that OPENSSL_assert() will not return and thus avoids a
silly warning that triggers scary gentoo QA warnings.
From claudio
|
| |
|
|
|
|
|
| |
i removed the arithmetics -> arithmetic changes, as i felt they
were not clearly correct
ok tb
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
|
|
|
|
| |
OPENSSL_cleanup() cleans up and deallocates memory in use by the library.
There are a couple of use cases for this, primarily related to memory
leak testing. This will not be called automatically in LibreSSL, which
means that OpenSSL's OPENSSL_NO_INIT_ATEXIT is implied. If code wants to
clean up then they need to explicitly call this themselves.
ok tb@
|
| |
|
|
|
|
|
| |
This script is not used at all and files are edited by hand instead.
Thus remove misleading comments incl. the obsolete script/config.
Feedback OK jsing tb
|
| |
|
|
| |
ok inoguchi jsing
|
| |
|
|
|
|
|
| |
are unused in the end anyway and occupies needless space, especially in ftp(1)
shipped with the ramdisk.
ok tb@
|
| |
|
|
|
|
| |
no longer needed.
ok jsing
|
| |
|
|
|
| |
Symbols.list changes to follow with tb's upcoming bump
ok jsing@
|
| |
|
|
|
|
|
| |
This commit adds init/free, support for signing, setting and
getting the method, engine support as well as extra data.
from markus
|
| |
|
|
| |
ok beck@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This implements automatic thread support initialization in libcrypto.
This does not remove any functions from the ABI, but does turn them into
no-ops. Stub implementations of pthread_mutex_(init|lock|unlock) are
provided for ramdisks.
This does not implement the new OpenSSL 1.1 thread API internally,
keeping the original CRYTPO_lock / CRYPTO_add_lock functions for library
locking. For -portable, crypto_lock.c can be reimplemented with
OS-specific primitives as needed.
ok beck@, tb@, looks sane guenther@
|
| |
|
|
|
|
|
|
|
| |
These functions are no-ops. Their signature was changed by OpenSSL
to allow error checking. This way we return an error and do not
indicate the (non-)existence of memory leaks.
tested in a bulk by sthen
ok jsing
|
| |
|
|
|
|
|
| |
Also place all of the OPENSSL_* memory related prototypes under #ifndef
LIBRESSL_INTERNAL.
ok beck@ tb@
|
| |
|
|
|
|
|
|
| |
This brings in the OPENSSL_INIT_LOAD_CONFIG flag with the same semantics as
OpenSSL. As a result, by default the openssl.conf file is not loaded during
autoinit, which makes autoinit safe for pledge(stdio).
ok jsing@
|
| |
|
|
|
|
| |
Found via port build failures reported by sthen.
ok jsing
|
| |
|
|
|
|
|
|
|
| |
This adds OPENSSL_init_crypto and OPENSSL_init_ssl, as well
thread safety modifications for the existing LibreSSL init
functions. The initialization routines are called automatically
by the normal entry points into the library, as in newer OpenSSL
ok jsing@, nits by tb@ and deraadt@
|
| |
|
|
|
|
|
|
|
|
| |
This will ease the burden on ports and others trying to make software
work with LibreSSL, while avoiding #ifdef mazes. Note that we are not
removing 1.0.1 API or making things opaque, hence software written to
use the older APIs will continue to work, as will software written to
use the 1.1 API (as more functionality become available).
Discussed at length with deraadt@ and others.
|
| |
|
|
|
|
| |
it under #ifndef LIBRESSL_INTERNAL.
ok beck@
|
| |
|
|
| |
noted by Bernard Spil
|
| |
|
|
|
| |
OPENSSL_ia32cap_loc; nothing in ports uses them besides embedded copies of
OpenSSL. This opens the `all hell gets loose' window.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
cpu's specific hardware capabilities users of libcrypto might be interested
in, as an integer value. This deprecates the existing OPENSSL_ia32cap()
macro and the OPENSSL_ia32cap_loc() function (which returns the pointer so
that you can mess with stuff you shouldn't mess with).
Interpreting the value returned by OPENSSL_cpu_caps() is, of course,
machine-dependent.
Minor version bump for libcrypto.
ok beck@ jsing@
|
| | |
|
| |
|
|
|
|
|
|
|
| |
noops, so neuter the CRYPTO_malloc_init and CRYPTO_malloc_debug_init
macros.
With input from miod@
ok beck@ bcook@ miod@
|
| |
|
|
| |
ok doug@ deraadt@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The issetugid() API is supposed to make a strong promise where "0
means it is safe to look at the environment". Way back in the past
someone on the OpenSSL team responded to the environment access danger
by creating a wrapper called OPENSSL_issetugid, and went to use it a
number of places. However, by default on systems lacking true
issetugid(), OPENSSL_issetugid returns 0. 0 indicating safely. False
safety. Which means OPENSSL_issetugid() fails to make any sort of
promise about safety, in fact it is just the opposite.
Can you believe the OpenSSL team?
This nastiness was noticed over the years, however noone could gain traction
and get it fixed in OpenSSL. Also see a paragraph about this in
http://www.tedunangst.com/flak/post/worst-common-denominator-programming
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There are a few instances where #if 1 is removed but the code remains.
Based on the following OpenSSL commits. Some of the commits weren't
strictly deletions so they are going to be split up into separate commits.
6f91b017bbb7140f816721141ac156d1b828a6b3
3d47c1d331fdc7574d2275cda1a630ccdb624b08
dfb56425b68314b2b57e17c82c1df42e7a015132
c8fa2356a00cbaada8963f739e5570298311a060
f16a64d11f55c01f56baa62ebf1dec7f8fe718cb
9ccc00ef6ea65567622e40c49aca43f2c6d79cdb
02a938c953b3e1ced71d9a832de1618f907eb96d
75d0ebef2aef7a2c77b27575b8da898e22f3ccd5
d6fbb194095312f4722c81c9362dbd0de66cb656
6f1a93ad111c7dfe36a09a976c4c009079b19ea1
1a5adcfb5edfe23908b350f8757df405b0f5f71f
8de24b792743d11e1d5a0dcd336a49368750c577
a2b18e657ea1a932d125154f4e13ab2258796d90
8e964419603d2478dfb391c66e7ccb2dcc9776b4
32dfde107636ac9bc62a5b3233fe2a54dbc27008
input + ok jsing@, miod@, tedu@
|
| |
|
|
|
|
|
|
|
| |
an OPENSSL_NO_* define. This avoids relying on something else pulling it
in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is
never going to do anything, since OPENSSL_NO_XYZ will never defined, due
to the fact that opensslconf.h has not been included.
This also includes some miscellaneous sorting/tidying of headers.
|
| |
|
|
| |
of CRYPTO_EX_DATA; riding upon the libcrypto major bump.
|
| | |
|
