summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/hidden (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Remove unused {,N}CONF_dump_{bio,fp}()tb2024-08-311-5/+1
| | | | | | | | It's time to start removing some horrors from the conf/ garbage. If the current top layer wasn't terrible enough, you could always slap another one on top of it and it would then be truly marvellous. ok beck jsing
* Remove EVP_PKEY_*check againtb2024-08-311-4/+1
| | | | | | | | | | | | | | | This API turned out to be a really bad idea. OpenSSL 3 extended it, with the result that basically every key type had its own DoS issues fixed in a recent security release. We eschewed these by having some upper bounds that kick in when keys get insanely large. Initially added on tobhe's request who fortunately never used it in iked, this was picked up only by ruby/openssl (one of the rare projects doing proper configure checks rather than branching on VERSION defines) and of course xca, since it uses everything it can. So it was easy to get rid of this again. ok beck jsing
* Get rid of last use of db_methtb2024-08-281-3/+3
| | | | | | | | | | | | Nothing touches db_meth in ports. Thus only way a db_meth can be set is now as a side effect X509V3_set_conf() in which case the db is an NCONF database and the db_meth will be a thin wrapper of NCONF_get_section(). Make that explicit in the implementation, remove the guts of the unused X509V3_get_string() and X509V3_string_free(), turn X509V3_section_free() into a noop and replace several checks for ctx->db, ctx->db->meth, ... with a simple ctx->db != NULL check. ok beck jsing
* Turn X509V3_set_conf_lhash() into a nooptb2024-08-281-2/+2
| | | | | | Another legacy turd that was only used by PHP 7.4 and 8.0. ok beck jsing
* Add LCRYPTO_USED(X509_get_signature_info)tb2024-08-281-1/+2
|
* Disable X509V3_EXT{,_CRL,_REQ}_add_conf()tb2024-08-281-4/+4
| | | | | | | These legacy interfaces were only used by PHP 7.4 and 8.0 and they will be removed in an upcoming bump. ok beck jsing
* Switch UI_UTIL_read_pw* to LCRYPTO_UNUSED()tb2024-08-241-3/+3
| | | | ok jsing
* Mark X509at_get_attr{,_count}() and X509at_delete_attr() as unusedtb2024-07-261-4/+4
| | | | ok jsing
* Switch the EVP_PKEY_*attr* API to LCRYPTO_UNUSED()tb2024-07-151-10/+10
| | | | This would have prevented the PKCS12 oopsie.
* Despite being an ELF citizen, hppa is its own special snowflake and requiresmiod2024-07-111-1/+5
| | | | | | | different asm stanzas to produce strong aliases. This unbreaks libcrypto (and thus ssh, among other things) on hppa after the recent switch to LIBRESSL_CRYPTO_NAMESPACE.
* Hide remaining unused ERR functions in err.hbeck2024-07-091-1/+3
| | | | ok tb@
* Hide CRYPTO_get_dynlock_create_callbackbeck2024-07-091-1/+2
| | | | ok tb@
* Hide DES global variablesbeck2024-07-091-1/+5
| | | | ok tb@
* Hide symbols for two missed public functions in bio.hbeck2024-07-091-1/+3
| | | | ok tb@
* Hide global _it symbols in pkcs12.hbeck2024-07-091-1/+5
| | | | ok tb@
* Hide global _it symbola in cms.hbeck2024-07-091-1/+5
| | | | ok tb@
* Hide global _it symbols in dsa.hbeck2024-07-081-1/+6
| | | | ok tb@
* Hide global _it symbols in rsa.hbeck2024-07-081-1/+7
| | | | ok tb@
* Guard variable declarations to unbreak non-namespaced builds.beck2024-07-086-8/+18
| | | | ok tb@
* Hide global _it symbols in asn1t.hbeck2024-07-081-1/+6
| | | | ok tb@
* Hide global _it symbols in pkcs7.hbeck2024-07-081-1/+14
| | | | ok tb@
* Hide global _it variables in ocsp.hbeck2024-07-081-1/+17
| | | | ok tb@
* Hide global _it variables in asn1.hbeck2024-07-081-1/+24
| | | | ok tb@
* Hide global _it variables in x509.hbeck2024-07-081-1/+22
| | | | ok tb@
* Hide global _it variables in x509v3.hbeck2024-07-081-1/+35
| | | | ok tb@
* Hide deprecated functions in ec.hbeck2024-04-101-1/+10
| | | | | | use LCRYPTO_UNUSED and remove the LIBRESSL_INTERNAL guard ok tb@
* Hide deprecated functions in evp.hbeck2024-04-101-1/+6
| | | | | | use LCRYPTO_UNUSED and remove the LIBRESSL_INTERNAL guard around them. ok tb@
* Hide symbols in bn.hbeck2024-04-101-1/+6
| | | | | | | Mark them LCRYPTO_UNUSED appropriately and remove the LIBRESSL_INTERNAL guards around them ok tb@
* Hide a couple of LCRYPTO_UNUSED in asn1.hbeck2024-04-101-1/+3
| | | | | | and remove the LIBRESSL_INTERNAL guards around them ok tb@
* Finish hiding symbols in rand.hbeck2024-04-101-1/+11
| | | | | This removes the LIBRESSL_INTERNAL guards and marks the functions within as LCRYPTO_UNUSED
* Finish Hiding symbols in crypto.hbeck2024-04-101-1/+32
| | | | | | | | | | | | | crypto.h already had the symbols not hidden behind LIBRESSL_INTERNAL hidden - This now picks up the reset of them marking them as LCRYPTO_UNUSED, and removes the LIBRESSL_INTERNAL guard. These symbols will now be hidden, but if we use them inside the library in a namespaced build we will get a deprecation warning. use outside the library will be as with any other hidden symbol, so fine. ok tb@
* Add hidden conf.h, missed in an earlier committb2024-04-091-0/+74
|
* Hide public symbols in x509.hbeck2024-04-091-1/+195
| | | | | | | This picks up most of the remaining public symbols in x509.h ok tb@
* Hide public symbols in evp.hbeck2024-04-091-0/+378
| | | | | | largely mechanically done by the guentherizer 9000 ok tb@
* Fix LCRYPTO_UNUSED() in namespace buildstb2024-03-301-4/+7
| | | | | | | | | If namespace builds are enabled, static links don't work due to missing _lcry_* symbols. Make LCRYPTO_UNUSED() match LCRYPTO_USED() with an extra deprecated attribute. This way we can remove the !LIBRESSL_INTERNAL #ifdef wrapping in public headers. ok beck joshua
* Hide symbols in aesjoshua2024-03-301-0/+43
| | | | ok jsing
* Hide symbols in camelliajoshua2024-03-301-0/+39
| | | | ok tb
* Hide symbols in whrlpooljoshua2024-03-301-0/+34
| | | | ok tb
* Hide symbols in CMSjoshua2024-03-301-1/+10
| | | | ok jsing
* Hide symbols in Blowfishjoshua2024-03-291-0/+36
| | | | ok jsing tb
* Hide symbols in DESjoshua2024-03-291-0/+64
| | | | ok jsing beck
* Hide symbols in RIPEMDjoshua2024-03-281-0/+34
| | | | ok beck jsing
* Hide symbols in RC4joshua2024-03-281-0/+31
| | | | ok jsing tb beck
* Hide symbols in enginetb2024-03-271-0/+48
| | | | ok jsing
* Remove some GOST relicstb2024-03-021-71/+0
|
* Make CRYPTO_THREADID opaquetb2024-03-021-5/+1
| | | | | | | | With ERR_STATE out of the way, we can make CRYPTO_THREADID opaque. The type is still accessed by used public API, but some of the public API can also go away. ok jsing
* Remove CRYPTO_*infotb2024-03-021-4/+1
| | | | | | | Long time neutered, only used (pointlessly without error checking) in the error code until very recently. ok jsing
* Remove a bunch of CRYPTO memory APItb2024-03-021-21/+1
| | | | | | | | This was neutered early on in the fork and has been rotting ever since. Some parts of the API are still used, but it's easier to clean up when most of the mess is gone. ok jsing
* Remove sk_find_ex()tb2024-03-021-2/+1
| | | | | | | This API intends to find the closest match to the needle. M2Crypto exposes it because it can. This will be fixed by patching the port. ok jsing
* Make LHASH_OF() and STACK_OF() use opaque structstb2024-03-021-1/+2
| | | | | | | | | | | | | This removes internals of these two special snowflakes and will allow further simplifications. Unfortunately, there are some pieces of software that actually use LHASH_OF() (looking at you, pound, Ruby, and openssl(1)), so we get to keep exposing this garbage, at least for now. Expose lh_error() as a symbol to replace a macro reaching into _LHASH. lh_down_load() is no longer available. _LHASH and _STACK are now opaque, LHASH_NODE becomes internal-only. from jsing
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-24 01:39:35 +0000