| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
| |
ok tb@
|
| |
|
|
| |
ok tb@
|
| |
|
|
| |
ok tb@
|
| |
|
|
| |
ok tb@
|
| |
|
|
| |
ok tb@
|
| |
|
|
| |
ok tb@
|
| |
|
|
| |
ok tb@
|
| |
|
|
| |
ok tb@
|
| |
|
|
| |
ok tb@
|
| |
|
|
| |
ok tb@
|
| |
|
|
|
|
| |
use LCRYPTO_UNUSED and remove the LIBRESSL_INTERNAL guard
ok tb@
|
| |
|
|
|
|
| |
use LCRYPTO_UNUSED and remove the LIBRESSL_INTERNAL guard around them.
ok tb@
|
| |
|
|
|
|
|
| |
Mark them LCRYPTO_UNUSED appropriately and remove the LIBRESSL_INTERNAL
guards around them
ok tb@
|
| |
|
|
|
|
| |
and remove the LIBRESSL_INTERNAL guards around them
ok tb@
|
| |
|
|
|
| |
This removes the LIBRESSL_INTERNAL guards and marks
the functions within as LCRYPTO_UNUSED
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
crypto.h already had the symbols not hidden behind LIBRESSL_INTERNAL
hidden - This now picks up the reset of them marking them as
LCRYPTO_UNUSED, and removes the LIBRESSL_INTERNAL guard.
These symbols will now be hidden, but if we use them inside
the library in a namespaced build we will get a deprecation
warning. use outside the library will be as with any other hidden
symbol, so fine.
ok tb@
|
| | |
|
| |
|
|
|
|
|
| |
This picks up most of the remaining public symbols in
x509.h
ok tb@
|
| |
|
|
|
|
| |
largely mechanically done by the guentherizer 9000
ok tb@
|
| |
|
|
|
|
|
|
|
| |
If namespace builds are enabled, static links don't work due to missing
_lcry_* symbols. Make LCRYPTO_UNUSED() match LCRYPTO_USED() with an extra
deprecated attribute. This way we can remove the !LIBRESSL_INTERNAL #ifdef
wrapping in public headers.
ok beck joshua
|
| |
|
|
| |
ok jsing
|
| |
|
|
| |
ok tb
|
| |
|
|
| |
ok tb
|
| |
|
|
| |
ok jsing
|
| |
|
|
| |
ok jsing tb
|
| |
|
|
| |
ok jsing beck
|
| |
|
|
| |
ok beck jsing
|
| |
|
|
| |
ok jsing tb beck
|
| |
|
|
| |
ok jsing
|
| | |
|
| |
|
|
|
|
|
|
| |
With ERR_STATE out of the way, we can make CRYPTO_THREADID opaque.
The type is still accessed by used public API, but some of the public
API can also go away.
ok jsing
|
| |
|
|
|
|
|
| |
Long time neutered, only used (pointlessly without error checking) in the
error code until very recently.
ok jsing
|
| |
|
|
|
|
|
|
| |
This was neutered early on in the fork and has been rotting ever since.
Some parts of the API are still used, but it's easier to clean up when
most of the mess is gone.
ok jsing
|
| |
|
|
|
|
|
| |
This API intends to find the closest match to the needle. M2Crypto
exposes it because it can. This will be fixed by patching the port.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This removes internals of these two special snowflakes and will allow
further simplifications. Unfortunately, there are some pieces of
software that actually use LHASH_OF() (looking at you, pound, Ruby, and
openssl(1)), so we get to keep exposing this garbage, at least for now.
Expose lh_error() as a symbol to replace a macro reaching into _LHASH.
lh_down_load() is no longer available. _LHASH and _STACK are now opaque,
LHASH_NODE becomes internal-only.
from jsing
|
| |
|
|
|
|
|
| |
This could have been removed in an earlier bump. Now it's time for it to
say goodbye.
ok jsing
|
| |
|
|
|
|
|
|
| |
Yet another bit of extensibility that no one ever really used.
X509_LOOKUP_free() needs to stay because of ... rust-openssl
(and kdelibs4support).
ok jsing
|
| |
|
|
|
|
|
| |
Another thing that should never have leaked out of the library. It
will become internal entirely, where the code can be simplified greatly.
ok jsing
|
| |
|
|
|
|
|
|
|
| |
Most of this is the ability to add custom purposes. Also the astounding
X509_STORE_CTX_purpose_inherit(). The names are used by PHP, and M2Crypto
exposes X509_check_purpose(), so these remain public. Some weird, most
likely invalid, uses also remain in rust-openssl.
ok jsing
|
| |
|
|
|
|
|
|
|
|
| |
You used to be able to define your own X.509 extension handlers. Great.
Even greater: the verifier would ignore any custom extensions. So this
was only ever useful for serialization and deserialization. In other
words, almost entirely pointless. The API was also unused except for
a hack in kore-acme, which was fixed recently.
ok jsing
|
| |
|
|
|
|
|
|
|
| |
The ERR_STATE struct is an unused implementation detail of the horrific
error stack code. It is the last public consumer of CRYPTO_THREAD
internals. Make this and its accessor internal so we can make the
CRYPTO_THREAD struct opaque.
ok jsing
|
| |
|
|
|
|
|
|
| |
PKCS12 is a hot mess. Please participate in the survey at the end of
https://www.cs.auckland.ac.nz/~pgut001/pubs/pfx.html to increase its
credibility and unanimity.
ok jsing
|
| |
|
|
|
|
|
| |
This is another implementation detail that should never have leaked out
of the library. Only OBJ_create() ever used this.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The only reason this has still been part of the public API was that libssl
used it for cipher lookup. This was fixed by replacing the lookup by proper
bsearch() -- why OpenSSL felt the need to reinvent ANSI C API badly will
forever remain a mystery.
The stack code in libcrypto still uses a version of this. This should
be rewritten. It will be a bit easier once sk_find_ex() is removed.
ok jsing
|
| |
|
|
|
|
|
| |
This functionality has been disabled for a few months. Now it is high time
to garbage collect it.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
| |
This was deprecated in 0.9.8 and used until recently by rust-openssl
and by keynote (keynote has the excuse that it was written before the
deprecation). Fortunately Paul Kehrer fixed this in rust-openssl,
so we can garbage collect this turd. (It was replaced with the less
ergonomic DSA_generate_parameters_ex() to expose a new fancy way of
displaying dots, stars and pluses on key generation).
ok jsing
|
| |
|
|
|
|
|
|
|
| |
While it is a neat design detail of CMAC that you can resume it after
having finalized it, nothing uses this functionality and it adds some
gross things such as retaining intermediate secrets in the CMAC ctx.
Once this is gone, we can simplify the CMAC code a bit.
ok jsing
|
| |
|
|
|
|
|
|
| |
The former could be useful but nothing uses it. The latter is a
dangerous implementation detail of Montgomery exponentiation that
should never have been leaked out of the library. Fix this.
ok jsing
|
| |
|
|
|
|
|
| |
This function is very slow and useful for testing purposes only. It
should never have been part of the public API. Remove it from there.
ok jsing
|
| |
|
|
|
|
|
| |
This used to be a dangerous implementation detail of BIO_new() that was
never used outside of libcrypto.
ok jsing
|
