openbsd - A mirror of https://github.com/libressl/openbsd.git

	Commit message (Collapse)	Author	Age	Files	Lines
*	Remove EVP_MD_meth* again	tb	2024-03-02	1	-113/+1
\| \| \| \| \| \| \| \| \| \| \|	Erlang upstream disabled the otp_test_engine for LibreSSL >= 3.5 without explanation. It was the only reason we added this garbage API in the first place. Meanwhile libfido2 started using it for a mock up of OpenSSL 3's broken fetch design with old API. This is pointless, so all this garbage goes away again (in particular we can remove the absolutely horrifying EVP_MD_meth_set_app_datasize() again). ok jsing
*	Fix signature and semantics of EVP_{CIPHER,MD}_CTX_init()	tb	2024-03-02	1	-5/+5
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	When the EVP_CIPHER_CTX and the EVP_MD_CTX were still expected to live on the stack, these initialization APIs were wrappers around memset. In OpenSSL 1.1, somebody removed them and carelessly made _init() an alias of _reset() aka _cleanup(). As a consequence, both signature and semantics changed. Unsurprisingly, there is now code out there that actually uses the new semantics, which causes leaks on LibreSSL and older OpenSSL. This aligns our _init() with OpenSSL 1.1 semantics. ok jsing
*	Use EVP_MD_CTX_legacy_clear() internally	tb	2024-02-18	1	-4/+4
\| \| \| \|	ok jsing
*	Add EVP_MD_CTX_legacy_clear()	tb	2024-02-18	1	-1/+7
\| \| \| \| \| \| \| \| \|	This is analogous to EVP_CIPHER_CTX_legacy_clear() and will serve as an internal replacement for EVP_MD_CTX_init() until the conversion to heap allocated ctx is completed. This way EVP_MD_CTX_init() can be changed to match the OpenSSL 1.1 API. ok jsing
*	Make EVP_{CIPHER,MD}_CTX_{cleanup,reset}() NULL-safe	tb	2024-01-30	1	-2/+4
\| \| \| \| \| \| \| \|	We have a bunch of code that relies on this. Surely there is code out there in the wider ecosystem that relies on these being NULL-safe by now since upstream sprinkles NULL checks wherever they can. ok beck joshua
*	Move the EVP_MD block size accessor down	tb	2023-12-29	1	-7/+11
\| \| \| \| \| \|	This way all the EVP_MD accessors are in the order of the struct fields. Well, arguably the EVP_MD_meth* should come first, but they are scheduled to go meet the dodo.
*	Move the EVP_MD_CTX flag accessors up a bit	tb	2023-12-29	1	-19/+19
\| \| \| \|	This way the accessors are sorted the same way as the struct.
*	Hoist EVP_MD_CTX accessors to after EVP_MD_CTX_ctrl	tb	2023-12-29	1	-63/+62
\| \| \| \| \| \| \|	This way the file has EVP_Digest*, then EVP_MD_CTX new/free/clean, then ctrl then the EVP_MD_CTX accessors, then the EVP_MD accessors and finally the EVP_MD_meth stuff and the order of things starts making a wee bit of sense.
*	Move init/reset next to cleanup	tb	2023-12-29	1	-13/+13
\| \| \| \| \| \|	This way new/free aka create/destroy are next to each other. reset/cleanup are the same thing and init will join the club after some other fixing because two APIs that do the exact same thing aren't enough.
*	Move the copy/copy_ex stuff down below the new/free/clear mess	tb	2023-12-29	1	-63/+64
\|
*	Move the middle part of evp_lib.c to evp_digest.c	tb	2023-12-29	1	-1/+204
\| \| \| \| \|	These are ~200 lines of EVP_MD API that separated two parts of the file dedicated to EVP_CIPHER thingies.
*	Use more consistent naming for some files in evp	tb	2023-12-29	1	-0/+369
	EVP_Digest{Init,Update,Final}() move from digest.c to evp_digest.c which will become the home of all things related to EVP_MD{,_CTX} handling. EVP_Cipher{Init,Update,Final}() move from evp_enc.c to evp_cipher.c which will become the home of all things related to EVP_CIPHER{,_CTX} handling. EVP_Encode{Init,Update,Final}() move from encode.c to evp_encode.c which already is the home of EVP_ENCODE_CTX_{new,free}(). discussed with jsing