| #
1.18 |
|
19-Oct-2025 |
riastradh |
openssl: Stop dragging libpthread into every libcrypto user.
With the new _NETBSD_PTHREAD_CREATE_WEAK, libcrypto can have a call
to pthread_create without linking against libpthread, so it is not
necessary to link all libcrypto users against libpthread too.
Applications that link against libcrypto but not libpthread can't use
threaded OpenSSL functionality, of course -- OSSL_set_max_threads
will always fail in such applications.
This reverts all the makefile churn that I found for unnecessary
libpthread linkage since the openssl 3.5 import.
PR lib/59685: libcrypto should not depend on libpthread
|
|
Revision tags: perseant-exfatfs-base-20250801 netbsd-11-base
|
|
| #
1.17 |
|
19-Jul-2025 |
christos |
branches: 1.17.2;
crypto needs threads
|
|
Revision tags: perseant-exfatfs-base-20240630 perseant-exfatfs-base
|
|
| #
1.16 |
|
15-Mar-2024 |
riastradh |
branches: 1.16.2;
libcrypto: Add some trivial tests for truncated SHA-512 variants.
These should use more of the test vectors from
https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/Secure-Hashing#Testing
but this will do for now to detect the buffer overrun rake we left
lying around for ourselves.
PR lib/58039
|
| #
1.15 |
|
08-May-2023 |
christos |
make tests support both 1.x and 3.x.
Lot of work needed to add all the 3.x tests, but that can wait until all
is switched
|
|
Revision tags: netbsd-10-base netbsd-9-3-RELEASE cjep_sun2x-base1 cjep_sun2x-base cjep_staticlib_x-base1 netbsd-9-2-RELEASE cjep_staticlib_x-base netbsd-9-1-RELEASE phil-wifi-20200421 phil-wifi-20200411 is-mlppp-base phil-wifi-20200406 netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 phil-wifi-20191119 netbsd-9-base phil-wifi-20190609 pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930
|
|
| #
1.14 |
|
23-Sep-2018 |
christos |
branches: 1.14.2; 1.14.10;
Merge openssl-1.1.1
|
|
Revision tags: pgoyette-compat-0906 pgoyette-compat-0728 phil-wifi-base pgoyette-compat-0625 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 pgoyette-compat-0415 pgoyette-compat-0407 pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base
|
|
| #
1.13 |
|
22-Feb-2018 |
martin |
branches: 1.13.2; 1.13.4;
PR lib/53044: remove tests not provided by OpenSSL 1.1.x
|
| #
1.12 |
|
08-Feb-2018 |
christos |
adjust tests for 1.1
|
|
Revision tags: netbsd-8-3-RELEASE netbsd-8-2-RELEASE netbsd-8-1-RELEASE netbsd-8-1-RC1 netbsd-8-0-RELEASE netbsd-8-0-RC2 netbsd-8-0-RC1 matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base
|
|
| #
1.11 |
|
21-May-2017 |
riastradh |
Remove MKCRYPTO option.
Originally, MKCRYPTO was introduced because the United States
classified cryptography as a munition and restricted its export. The
export controls were substantially relaxed fifteen years ago, and are
essentially irrelevant for software with published source code.
In the intervening time, nobody bothered to remove the option after
its motivation -- the US export restriction -- was eliminated. I'm
not aware of any other operating system that has a similar option; I
expect it is mainly out of apathy for churn that we still have it.
Today, cryptography is an essential part of modern computing -- you
can't use the internet responsibly without cryptography.
The position of the TNF board of directors is that TNF makes no
representation that MKCRYPTO=no satisfies any country's cryptography
regulations.
My personal position is that the availability of cryptography is a
basic human right; that any local laws restricting it to a privileged
few are fundamentally immoral; and that it is wrong for developers to
spend effort crippling cryptography to work around such laws.
As proposed on tech-crypto, tech-security, and tech-userlevel to no
objections:
https://mail-index.netbsd.org/tech-crypto/2017/05/06/msg000719.html
https://mail-index.netbsd.org/tech-security/2017/05/06/msg000928.html
https://mail-index.netbsd.org/tech-userlevel/2017/05/06/msg010547.html
P.S. Reviewing all the uses of MKCRYPTO in src revealed a lot of
*bad* crypto that was conditional on it, e.g. DES in telnet... That
should probably be removed too, but on the grounds that it is bad,
not on the grounds that it is (nominally) crypto.
|
| #
1.10 |
|
21-May-2017 |
riastradh |
Remove MKCRYPTO_RC5. Unconditionally include RC5 in libcrypto.so.
This option existed only because RC5 is covered by patents that, twenty
years ago, we had reason to suspect the patent holder, RSA, Inc., might
litigate. The two US patents in question are 5,724,428 and 5,835,600.
According to the USPTO Patent Term Calculator web site at
<https://www.uspto.gov/patent/laws-and-regulations/patent-term-calculator#heading-5>
(retrieved 2017-05-21), patents filed after 1995-06-07 expire twenty
years after the filing date.
number filing date
5,724,428 1995-11-01
5,835,600 1997-04-21
Thus, these patents appear to be expired.
As proposed on tech-crypto and tech-security:
https://mail-index.netbsd.org/tech-crypto/2017/05/05/msg000718.html
https://mail-index.netbsd.org/tech-security/2017/05/05/msg000927.html
|
|
Revision tags: netbsd-7-2-RELEASE netbsd-7-1-2-RELEASE netbsd-7-1-1-RELEASE prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1 pgoyette-localcount-20170320 netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 bouyer-socketcan-base pgoyette-localcount-20170107 netbsd-7-1-RC1 pgoyette-localcount-20161104 netbsd-7-0-2-RELEASE localcount-20160914 netbsd-7-nhusb-base pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6 tls-maxphys-base
|
|
| #
1.9 |
|
14-Jul-2012 |
christos |
MKCRYPTO_{IDEA,MDC2} is no more
|
|
Revision tags: netbsd-6-0-RC1 yamt-pagecache-base5 yamt-pagecache-base4 netbsd-6-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base
|
|
| #
1.8 |
|
22-Oct-2011 |
mrg |
branches: 1.8.2; 1.8.4; 1.8.6;
fix a build issue with MKCRYPTO=no.
|
| #
1.7 |
|
09-Jun-2011 |
spz |
add tests for evb and srp
|
|
Revision tags: cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base matt-mips64-premerge-20101231
|
|
| #
1.6 |
|
13-Jul-2010 |
jmmv |
branches: 1.6.4;
Get rid of static Atffiles and let bsd.test.mk generate them on the fly.
|
| #
1.5 |
|
11-Jul-2010 |
mrg |
ldap is configured to depend upon MKCRYPTO no, so force MKLAP=no if
MKCRYPTO=no.
don't build pkg_install, libcrypto tests or rump_smbfs if MKCRYPTO=no.
mark librumpcrypto, rump_smb, pkg_*
fix set lists as appropriate.
|
| #
1.4 |
|
10-Jul-2010 |
jmmv |
Do not use awk to generate the test program. Instead, just expand the
code.
While doing this, split the big monolithic test program into more granular
but cohesive test programs.
|
|
Revision tags: matt-premerge-20091211 jym-xensuspend-base jym-xensuspend-nbase
|
|
| #
1.3 |
|
13-Feb-2009 |
jmmv |
branches: 1.3.2;
Convert the threads libcrypto test to ATF and enable it. Drop the old one
in regress.
|
| #
1.2 |
|
13-Feb-2009 |
jmmv |
Remove threads from the list of subdirs. Commited by mistake.
|
| #
1.1 |
|
13-Feb-2009 |
jmmv |
Convert libcrypto tests to ATF. Original work done by Lukasz Strzygowski
in the GSoC 2008 atfify project. Reorganization of files and build system
reworked by me.
|