![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / lib / libcrypto
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.43 / (download) - annotate - [select for diffs], Sat Mar 2 11:25:46 2024 UTC (3 months, 1 week ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
HEAD
Changes since 1.42: +25 -5 lines
Diff to previous 1.42 (colored)
Update list of OPENSSL_NO_* This syncs the list with some version of upstream and exposes a few OPENSSL_NO_* that may now be relevant. from jsing (a long time ago)
Revision 1.42 / (download) - annotate - [select for diffs], Sat Mar 2 11:17:27 2024 UTC (3 months, 1 week ago) by tb
Branch: MAIN
Changes since 1.41: +2 -2 lines
Diff to previous 1.41 (colored)
Unhook and remove GOST and STREEBOG This stops compiling the GOST source. The current implementation is low quality and got in the way, especially in libssl. While we would be open for GOST support, it needs to be significantly better than what we have had and it also needs a maintainer. Add OPENSSL_NO_GOST to opensslfeatures and stop installing gost.h. Some code wrapped in #ifndef OPENSSL_NO_GOST will be removed later. ok jsing
Revision 1.41 / (download) - annotate - [select for diffs], Fri Jul 28 09:53:55 2023 UTC (10 months, 2 weeks ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_7_4_BASE,
OPENBSD_7_4
Changes since 1.40: +2 -2 lines
Diff to previous 1.40 (colored)
Set OPENSSL_NO_ENGINE, remove engine code ENGINE was special. It's horrible code even by the low standards of this library. Some ports may now try to use the stubs which will fail, but the fallout from this should be minimal. Of course there are various language bindings that expose the ENGINE API. OpenSSL 3 disabling ENGINE by default will likely help fixing this at some point. ok jsing
Revision 1.40 / (download) - annotate - [select for diffs], Fri Jul 28 09:46:36 2023 UTC (10 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.39: +2 -2 lines
Diff to previous 1.39 (colored)
Drop DSO and define OPENSSL_NO_DSO DSO and in particular dlopen() was used for dynamic engines, which we removed a long time ago and for dynamic conf modules, which we removed only very recently. Now remove this dangerous interface. ok jsing
Revision 1.39 / (download) - annotate - [select for diffs], Thu Jul 6 06:38:01 2023 UTC (11 months ago) by beck
Branch: MAIN
Changes since 1.38: +5 -2 lines
Diff to previous 1.38 (colored)
define OPENSSL_NO_DTLS1_1 since we no longer have that either. ok tb@
Revision 1.38 / (download) - annotate - [select for diffs], Thu Jul 6 06:15:36 2023 UTC (11 months ago) by beck
Branch: MAIN
Changes since 1.37: +4 -3 lines
Diff to previous 1.37 (colored)
Define the 'standard' OPENSSL_NO_BLAHBLAH's for no tls 1.0 or 1.1 We have no tls 1.0 or 1.1 or methods for them. These "in theory" will make things that check the openssl #ifdef soup for all the floating eyeballs make the correct decisions, or if they do not they at least can not blame us. ok tb@
Revision 1.37 / (download) - annotate - [select for diffs], Tue Apr 25 19:34:06 2023 UTC (13 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.36: +0 -1 lines
Diff to previous 1.36 (colored)
Remove commented version of OPENSSL_NO_EC2M
Revision 1.36 / (download) - annotate - [select for diffs], Tue Apr 25 19:29:36 2023 UTC (13 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.35: +0 -2 lines
Diff to previous 1.35 (colored)
LIBRESSL_NEXT_API is no longer needed
Revision 1.35 / (download) - annotate - [select for diffs], Tue Apr 25 15:50:09 2023 UTC (13 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.34: +2 -0 lines
Diff to previous 1.34 (colored)
Temporarily define LIBRESSL_NEXT_API in opensslfeatures.h
Revision 1.34 / (download) - annotate - [select for diffs], Tue Apr 25 15:49:42 2023 UTC (13 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.33: +2 -0 lines
Diff to previous 1.33 (colored)
Define OPENSSL_NO_DEPRECATED and OPENSSL_NO_EC2M in opensslfeatures.h ok beck jsing
Revision 1.33 / (download) - annotate - [select for diffs], Sun Sep 11 17:36:34 2022 UTC (20 months, 4 weeks ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_7_3_BASE,
OPENBSD_7_3,
OPENBSD_7_2_BASE,
OPENBSD_7_2
Changes since 1.32: +1 -0 lines
Diff to previous 1.32 (colored)
Define LIBRESSL_HAS_QUIC ok jsing
Revision 1.32 / (download) - annotate - [select for diffs], Fri Jan 14 09:03:53 2022 UTC (2 years, 4 months ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.31: +1 -3 lines
Diff to previous 1.31 (colored)
Unconditionally comment out OPENSSL_NO_RFC3779 ok inoguchi jsing
Revision 1.31 / (download) - annotate - [select for diffs], Fri Jan 14 08:59:30 2022 UTC (2 years, 4 months ago) by tb
Branch: MAIN
Changes since 1.30: +1 -3 lines
Diff to previous 1.30 (colored)
Expose Certificate Transparency symbols in headers ok inoguchi jsing
Revision 1.30 / (download) - annotate - [select for diffs], Fri Dec 24 13:58:15 2021 UTC (2 years, 5 months ago) by tb
Branch: MAIN
Changes since 1.29: +3 -1 lines
Diff to previous 1.29 (colored)
Undo commenting of OPENSSL_NO_RFC3779 The define implies that we have the RFC 3779 API and corresponding symbols publicly exposed. We don't do that since there are still concerns about its suitability and security. oss-fuzz has code depending on this define and this broke its build as tracked down by jsing. This commit gets us oss-fuzz builds back while keeping job happy since the extension pretty printing will continue to work. ok jsing
Revision 1.29 / (download) - annotate - [select for diffs], Wed Nov 24 01:12:43 2021 UTC (2 years, 6 months ago) by beck
Branch: MAIN
Changes since 1.28: +3 -1 lines
Diff to previous 1.28 (colored)
Make the certificate transparency code build with the rest of the library Do not expose it yet, this will wait for an upcoming bump ok tb@
Revision 1.28 / (download) - annotate - [select for diffs], Mon Nov 1 20:53:08 2021 UTC (2 years, 7 months ago) by tb
Branch: MAIN
Changes since 1.27: +0 -2 lines
Diff to previous 1.27 (colored)
Move the now internal X.509-related structs into x509_lcl.h. Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and fix a couple of unnecessary reacharounds. ok jsing
Revision 1.27 / (download) - annotate - [select for diffs], Mon Nov 1 08:14:36 2021 UTC (2 years, 7 months ago) by tb
Branch: MAIN
Changes since 1.26: +0 -1 lines
Diff to previous 1.26 (colored)
Unifdef LIBRESSL_NEW_API. Now that the library is bumped, this is no longer needed. ok jsing
Revision 1.26 / (download) - annotate - [select for diffs], Sun Oct 31 18:22:42 2021 UTC (2 years, 7 months ago) by tb
Branch: MAIN
Changes since 1.25: +1 -1 lines
Diff to previous 1.25 (colored)
Enable RFC 3779 code. From job. Discussed at length with beck, claudio, job during h2k21
Revision 1.25 / (download) - annotate - [select for diffs], Sun Oct 31 16:32:31 2021 UTC (2 years, 7 months ago) by tb
Branch: MAIN
Changes since 1.24: +3 -0 lines
Diff to previous 1.24 (colored)
Expose new API in headers and make X509 structs opaque.
Revision 1.24 / (download) - annotate - [select for diffs], Fri Sep 10 14:39:22 2021 UTC (2 years, 9 months ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0
Changes since 1.23: +2 -2 lines
Diff to previous 1.23 (colored)
Uncomment LIBRESSL_HAS_{TLS1_3,DTLS1_2} in opensslfeatures.h
Revision 1.23 / (download) - annotate - [select for diffs], Wed Mar 31 16:59:32 2021 UTC (3 years, 2 months ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_6_9_BASE,
OPENBSD_6_9
Changes since 1.22: +1 -0 lines
Diff to previous 1.22 (colored)
Expose various DTLSv1.2 specific functions and defines ok bcook inoguchi jsing
Revision 1.22 / (download) - annotate - [select for diffs], Wed Sep 9 12:23:49 2020 UTC (3 years, 9 months ago) by inoguchi
Branch: MAIN
CVS Tags: OPENBSD_6_8_BASE,
OPENBSD_6_8
Changes since 1.21: +8 -0 lines
Diff to previous 1.21 (colored)
Import latest OPENSSL_NO_* flags from OpenSSL 1.1.1g ok tb@
Revision 1.21 / (download) - annotate - [select for diffs], Sat Aug 29 02:29:01 2020 UTC (3 years, 9 months ago) by inoguchi
Branch: MAIN
Changes since 1.20: +1 -1 lines
Diff to previous 1.20 (colored)
define OPENSSL_NO_SSL_TRACE in opensslfeatures.h ok jsing@ tb@
Revision 1.20 / (download) - annotate - [select for diffs], Sat Nov 2 13:38:04 2019 UTC (4 years, 7 months ago) by jsing
Branch: MAIN
CVS Tags: OPENBSD_6_7_BASE,
OPENBSD_6_7
Changes since 1.19: +1 -1 lines
Diff to previous 1.19 (colored)
Enable CMS in LibreSSL. ok bcook@ deraadt@ inoguchi@ job@ tb@
Revision 1.19 / (download) - annotate - [select for diffs], Tue Nov 6 01:27:26 2018 UTC (5 years, 7 months ago) by jsing
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE,
OPENBSD_6_6,
OPENBSD_6_5_BASE,
OPENBSD_6_5
Changes since 1.18: +10 -1 lines
Diff to previous 1.18 (colored)
Start working towards adding feature flags (rather than anti-feature flags) for LibreSSL. Add a (commented out) feature flag for TLSv1.3 and define the OPENSSL_NO_TLS1_3 anti-feature flag based on the feature flag. ok beck@ bluhm@ tb@
Revision 1.18 / (download) - annotate - [select for diffs], Sun Nov 4 23:25:18 2018 UTC (5 years, 7 months ago) by jsing
Branch: MAIN
Changes since 1.17: +1 -1 lines
Diff to previous 1.17 (colored)
Define OPENSSL_NO_ASYNC - our libcryptosink does not have built in async features (and possibly never will).
Revision 1.17 / (download) - annotate - [select for diffs], Sun Nov 4 23:03:40 2018 UTC (5 years, 7 months ago) by jsing
Branch: MAIN
Changes since 1.16: +84 -8 lines
Diff to previous 1.16 (colored)
Update the opensslfeatures.h to include all of the OPENSSL_NO_* flags that currently exist in OpenSSL - comment out that ones that we do not already define. Some OPENSSL_NO_* flags that we define have been removed from OpenSSL (and code that depended on these to know when features are not available now think that the features have been enabled...). We keep these defined but in their own separate group. ok bluhm@ tb@
Revision 1.16 / (download) - annotate - [select for diffs], Sun Nov 4 18:45:19 2018 UTC (5 years, 7 months ago) by jsing
Branch: MAIN
Changes since 1.15: +25 -25 lines
Diff to previous 1.15 (colored)
Reformat and sort the OPENSSL_NO_* defines.
Revision 1.15 / (download) - annotate - [select for diffs], Thu Aug 31 16:27:31 2017 UTC (6 years, 9 months ago) by jsing
Branch: MAIN
CVS Tags: OPENBSD_6_4_BASE,
OPENBSD_6_4,
OPENBSD_6_3_BASE,
OPENBSD_6_3,
OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.14: +0 -1 lines
Diff to previous 1.14 (colored)
Remove OPENSSL_NO_NEXTPROTONEG - some software creates conflicting prototypes if we have both OPENSSL_NO_NEXTPROTONEG and the prototypes defined.
Revision 1.14 / (download) - annotate - [select for diffs], Mon Aug 28 17:37:31 2017 UTC (6 years, 9 months ago) by jsing
Branch: MAIN
Changes since 1.13: +1 -0 lines
Diff to previous 1.13 (colored)
Define OPENSSL_NO_NEXTPROTONEG since there is no longer any NPN.
Revision 1.13 / (download) - annotate - [select for diffs], Mon Sep 14 01:45:03 2015 UTC (8 years, 8 months ago) by doug
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.12: +0 -1 lines
Diff to previous 1.12 (colored)
Temporarily revive MD4 for MS CHAP support.
Revision 1.12 / (download) - annotate - [select for diffs], Sun Sep 13 23:36:21 2015 UTC (8 years, 8 months ago) by doug
Branch: MAIN
Changes since 1.11: +1 -0 lines
Diff to previous 1.11 (colored)
Remove MD4 support from LibreSSL. MD4 should have been removed a long time ago. Also, RFC 6150 moved it to historic in 2011. Rides the major crank from removing SHA-0. Discussed with many including beck@, millert@, djm@, sthen@ ok jsing@, input + ok bcook@
Revision 1.11 / (download) - annotate - [select for diffs], Sun Sep 13 21:09:56 2015 UTC (8 years, 8 months ago) by doug
Branch: MAIN
Changes since 1.10: +1 -0 lines
Diff to previous 1.10 (colored)
Remove SHA-0 support. SHA-0 was withdrawn shortly after publication 20 years ago and replaced with SHA-1. This will require a major crank. ok bcook@, jsing@
Revision 1.10 / (download) - annotate - [select for diffs], Thu Aug 27 06:21:15 2015 UTC (8 years, 9 months ago) by doug
Branch: MAIN
Changes since 1.9: +2 -0 lines
Diff to previous 1.9 (colored)
Remove SSLv3 support from LibreSSL. This is the first wave of SSLv3 removal which removes the main SSLv3 functions. Future commits will remove the rest of the SSLv3 support. Discussed the plan at c2k15. Input from jsing@, beck@, miod@, bcook@, sthen@, naddy@, and deraadt@. ok jsing@, beck@
Revision 1.9 / (download) - annotate - [select for diffs], Sun Jul 19 22:34:27 2015 UTC (8 years, 10 months ago) by doug
Branch: MAIN
Changes since 1.8: +1 -0 lines
Diff to previous 1.8 (colored)
Remove OpenSSL engine RSAX. OpenSSL stopped building it last year and removed it this year. Based on OpenSSL commit c436e05bdc7f49985a750df64122c960240b3ae1. Also cranked major version in libcrypto, libssl and libtls. "fine with me" bcook@ miod@
Revision 1.8 / (download) - annotate - [select for diffs], Sat Jun 20 01:07:24 2015 UTC (8 years, 11 months ago) by doug
Branch: MAIN
Changes since 1.7: +1 -0 lines
Diff to previous 1.7 (colored)
Remove obsolete MDC-2DES from libcrypto. ok deraadt@ jsing@ miod@
Revision 1.7 / (download) - annotate - [select for diffs], Tue May 26 03:05:26 2015 UTC (9 years ago) by bcook
Branch: MAIN
Changes since 1.6: +1 -0 lines
Diff to previous 1.6 (colored)
Add OPENSSL_NO_EGD to opensslfeatures.h. Since RAND_egd has been removed from LibreSSL, simplify porting software that relies on it. See https://github.com/libressl-portable/openbsd/pull/34 from Bernard Spil, ok deraadt@
Revision 1.6 / (download) - annotate - [select for diffs], Tue Nov 18 05:31:47 2014 UTC (9 years, 6 months ago) by miod
Branch: MAIN
Changes since 1.5: +0 -1 lines
Diff to previous 1.5 (colored)
Enable the build of GOST routines in libcrypto. Riding upon the Cammelia libcrypto minor bump.
Revision 1.5 / (download) - annotate - [select for diffs], Mon Nov 17 20:31:22 2014 UTC (9 years, 6 months ago) by miod
Branch: MAIN
Changes since 1.4: +0 -1 lines
Diff to previous 1.4 (colored)
Add the Cammelia cipher to libcrypto. There used to be a strong reluctance to provide this cipher in LibreSSL in the past, because the licence terms under which Cammelia was released by NTT were free-but-not-in-the-corners, by restricting the right to modify the source code, as well retaining the right to enforce their patents against anyone in the future. However, as stated in http://www.ntt.co.jp/news/news06e/0604/060413a.html , NTT changed its mind and made this code truly free. We only wish there had been more visibility of this, for we could have had enabled Cammelia earlier (-: Licence change noticed by deraadt@. General agreement from the usual LibreSSL suspects. Crank libcrypto.so minor version due to the added symbols.
Revision 1.4 / (download) - annotate - [select for diffs], Fri Jul 11 15:14:33 2014 UTC (9 years, 11 months ago) by tedu
Branch: MAIN
Changes since 1.3: +1 -58 lines
Diff to previous 1.3 (colored)
it has been 4888 days since the transient feature to define short macros for apps that haven't had time to make the appropriate changes was added. time's up.
Revision 1.3 / (download) - annotate - [select for diffs], Fri Jul 11 14:07:04 2014 UTC (9 years, 11 months ago) by tedu
Branch: MAIN
Changes since 1.2: +3 -0 lines
Diff to previous 1.2 (colored)
additional features: no buffer freelists and no heartbleed
Revision 1.2 / (download) - annotate - [select for diffs], Fri Jul 11 14:03:40 2014 UTC (9 years, 11 months ago) by tedu
Branch: MAIN
Changes since 1.1: +4 -0 lines
Diff to previous 1.1 (colored)
no compression is also a feature of libressl
Revision 1.1 / (download) - annotate - [select for diffs], Fri Jul 11 14:01:38 2014 UTC (9 years, 11 months ago) by tedu
Branch: MAIN
move all the feature settings to a common header. probably ok beck jsing miod