| Age | Commit message (Collapse) | Author |
|---|
|
consign it to the Attic.
ok deraadt@
|
|
I will note that some were missing, looking at you Solaris!!! Anyone home?
Using my own copyright on the file now, since this is a rewrite of
a trivial wrapper around a system call I invented.
ok beck
|
|
Use log_debug() instead of log_info().
ok reyk@
|
|
|
|
|
|
|
|
|
|
|
|
Makefile. The directory is empty and will silently disappear in the
Attic (but there are more engines in another directory).
|
|
|
|
in the process, always include ssl3 and tls1, we don't need config options
for them. when the time comes to expire ssl3, it will be with an ax.
checked by miod
|
|
|
|
I wonder when these scripts were last used...
|
|
whack a dose of unneccessary Em;
ok millert
|
|
|
|
|
|
|
|
|
|
more comfortable.
Reminded by brad@
|
|
The man page says "Compatibility des_ functions are provided for a short
while" and indeed even the original commit message says "The compatibility
functions will be removed in some future release, at the latest in
version 1.0." So here we are, a short while later.
Now I've only been an OpenBSD developer for 11 years, one year less than
this header has existed, but in that brief time, I've learned a thing or
two about deleting obsolete code. It doesn't delete itself. And worse,
people will continue using it until you force them onto a better path.
|
|
The man page says "Compatibility des_ functions are provided for a short
while" and indeed even the original commit message says "The compatibility
functions will be removed in some future release, at the latest in
version 1.0." So here we are, a short while later.
Now I've only been an OpenBSD developer for 11 years, one year less than
this header has existed, but in that brief time, I've learned a thing or
two about deleting obsolete code. It doesn't delete itself. And worse,
people will continue using it until you force them onto a better path.
|
|
|
|
|
|
|
|
next few moments, don't rush your update.
Requested by deraadt@
|
|
obsolete (and mostly internal) routines to be compiled out.
We don't expect any reasonable software to stick to these interfaces, so better
clean up the view and unifdef -DNO_ASN1_OLD.
The astute reader will notice the existence of NO_OLD_ASN1 which serves a
similar purpose, but is more entangled. Its time will come, soon.
|
|
ok deraadt@ tedu@
|
|
library expands until it has its own dlfcn wrapper, and libcrypto is no
exception.
Remove the non-dlfcn DSO methods.
This causes public DSO_METHOD_{beos,dl,vms,win32} to disappear (major bump
coming soon). Note that portable software ought to use DSO_METHOD_openssl
instead of picking the backend directly (which makes one wonder why the
backends are exposed, as it is unlikely that more than one can work on
your system).
ok beck@ deraadt@
|
|
meets their needs, but dumping it in here only penalizes the rest of us.
ok beck deraadt
|
|
A: Rare.
|
|
|
|
meets their needs, but dumping it in here only penalizes the rest of us.
ok miod
|
|
before attempting to invoke it; trivial one-liner in OpenSSL RT #2569 ignored
for 2.5 years.
|
|
`compressed' EC point representation.
First, as researched by djb, quoting from http://cr.yp.to/ecdh/patents.html :
``It should, in any case, be obvious to the reader that a patent cannot
cover compression mechanisms published seven years before the patent
was filed.''
Second, that define was actually removed from the code in in OpenSSL 1.0.0.
|
|
|
|
|
|
|
|
"dynamic engine" feature that is not enabled in our build. People who
need it can still pull it out of the Attic; if it is to have a Russian
engine just because it's a Russian engine.
OK deraadt@ beck@
|
|
|
|
infrastructure.
The following tests have not been imported, for their code lacks a licence:
asn1, rsa, sha256, sha512, wp.
|
|
with the bearded ones...
some API's that nobody should be using will dissapear with this commit.
|
|
- macro cleanup
ok millert sobrado
|
|
ok miod@
|
|
readable. This pass is whitespace only and can readily be verified using
tr and md5.
|
|
as a build time option...
ok deraadt@ miod@
|
|
|
|
ok miod@ beck@
|
|
|
|
existing RAND interfaces unchanged.
All interfaces allowing external feed or seed of the RNG (either from a file
or a local entropy gathering daemon) are kept for ABI compatibility, but are
no longer do anything.
While the OpenSSL PRNG was required 15+ years ago when many systems lacked
proper entropy collection, things have evolved and one can reasonably assume
it is better to use the kernel (system global) entropy pool rather than trying
to build one's own and having to compensate for thread scheduling...
<RANT>
Whoever thought that RAND_screen(), feeding the PRNG with the contents of the
local workstation's display, under Win32, was a smart idea, ought to be banned
from security programming.
</RANT>
ok beck@ deraadt@ tedu@
|
|
|
