tb [Mon, 4 Mar 2024 08:37:40 +0000 (08:37 +0000)]
fix weekday
jsg [Mon, 4 Mar 2024 05:34:36 +0000 (05:34 +0000)]
regen
jsg [Mon, 4 Mar 2024 05:34:07 +0000 (05:34 +0000)]
update Intel DG2 device names
checked against ark.intel.com and windows infs
dlg [Mon, 4 Mar 2024 04:44:12 +0000 (04:44 +0000)]
white space fixes. no functional change
djm [Mon, 4 Mar 2024 04:13:18 +0000 (04:13 +0000)]
fix leak of CanonicalizePermittedCNAMEs on error path; spotted
by Coverity (CID 438039)
deraadt [Mon, 4 Mar 2024 04:11:52 +0000 (04:11 +0000)]
freq is unsigned, kernel builds again
jsg [Mon, 4 Mar 2024 02:39:09 +0000 (02:39 +0000)]
drm/amd/display: Fix memory leak in dm_sw_fini()
From Armin Wolf
10c6b90e975358c17856a578419dc449887899c2 in linux-6.6.y/6.6.19
bae67893578d608e35691dcdfa90c4957debf1d3 in mainline linux
jsg [Mon, 4 Mar 2024 02:37:13 +0000 (02:37 +0000)]
drm/syncobj: handle NULL fence in syncobj_eventfd_entry_func
From Erik Kurzinger
20e1e1a2b8a4525301a76bd9afb856a7606a3a34 in linux-6.6.y/6.6.19
2aa6f5b0fd052e363bb9d4b547189f0bf6b3d6d3 in mainline linux
jsg [Mon, 4 Mar 2024 02:35:45 +0000 (02:35 +0000)]
drm/syncobj: call drm_syncobj_fence_add_wait when WAIT_AVAILABLE flag is set
From Erik Kurzinger
716cfee8053e608b4ff8c698e91843bd985f4553 in linux-6.6.y/6.6.19
3c43177ffb54ea5be97505eb8e2690e99ac96bc9 in mainline linux
jsg [Mon, 4 Mar 2024 02:34:01 +0000 (02:34 +0000)]
drm/i915/tv: Fix TV mode
From Maxime Ripard
16bc939f224dfeed6cafbb78860179d4c2586e8c in linux-6.6.y/6.6.19
fb1e881273f432e593f8789f99e725b09304cc97 in mainline linux
jsg [Mon, 4 Mar 2024 02:32:03 +0000 (02:32 +0000)]
drm/amd/display: Fix buffer overflow in 'get_host_router_total_dp_tunnel_bw()'
From Srinivasan Shanmugam
7211800091a9e2d49ad34f59d47321ca09ae30a7 in linux-6.6.y/6.6.19
97cba232549b9fe7e491fb60a69cf93075015f29 in mainline linux
jsg [Mon, 4 Mar 2024 02:30:03 +0000 (02:30 +0000)]
drm/amd/display: Avoid enum conversion warning
From Nathan Chancellor
a1baf5734231dd3ee5d98022b2da474bc972f9c7 in linux-6.6.y/6.6.19
d7643fe6fb76edb1f2f1497bf5e8b8f4774b5129 in mainline linux
jsg [Mon, 4 Mar 2024 02:28:24 +0000 (02:28 +0000)]
drm/amd/display: adjust few initialization order in dm
From Wayne Lin
fec5aea66916069d67b27e70ea88c99f15dc72fa in linux-6.6.y/6.6.19
22e1dc4b2fec17af70f297a4295c5f19a0f3fbeb in mainline linux
jsg [Mon, 4 Mar 2024 02:26:20 +0000 (02:26 +0000)]
drm/ttm: Fix an invalid freeing on already freed page in error path
From Thomas Hellstrom
47bacc3c7fbbf573415c7ce1e7223bed3d691bfd in linux-6.6.y/6.6.19
40510a941d27d405a82dc3320823d875f94625df in mainline linux
jsg [Mon, 4 Mar 2024 02:24:27 +0000 (02:24 +0000)]
drm/amd/display: fixed integer types and null check locations
From Sohaib Nadeem
71783d1ff65204d69207fd156d4b2eb1d3882375 in linux-6.6.y/6.6.19
0484e05d048b66d01d1f3c1d2306010bb57d8738 in mainline linux
jsg [Mon, 4 Mar 2024 02:21:40 +0000 (02:21 +0000)]
drm/amd/display: Request usb4 bw for mst streams
From Peichen Huang
622c827544ef300899a757f5b1d61554c2c3abcc in linux-6.6.y/6.6.19
5f3bce13266e6fe2f7a46f94d8bc94d5274e276b in mainline linux
jsg [Mon, 4 Mar 2024 02:18:12 +0000 (02:18 +0000)]
drm/amd/display: Add dpia display mode validation logic
From Meenakshikumar Somasundaram
c3682b63c60fdef04fc503d36d08bb84ee9758ad in linux-6.6.y/6.6.19
59f1622a5f05d948a7c665a458a3dd76ba73015e in mainline linux
djm [Mon, 4 Mar 2024 02:16:11 +0000 (02:16 +0000)]
Separate parsing of string array options from applying them to the
active configuration. This fixes the config parser from erroneously
rejecting cases like:
AuthenticationMethods password
Match User ivy
AuthenticationMethods any
bz3657 ok markus@
jsg [Mon, 4 Mar 2024 02:13:13 +0000 (02:13 +0000)]
drm/amdgpu: Fix HDP flush for VFs on nbio v7.9
From Lijo Lazar
c19453cc16ad5d90f9ed40686203103e57085580 in linux-6.6.y/6.6.19
534c8a5b9d5d41d30cdcac93cfa1bca5e17be009 in mainline linux
jsg [Mon, 4 Mar 2024 02:11:22 +0000 (02:11 +0000)]
drm/amdgpu: Fix shared buff copy to user
From Stanley.Yang
cb4541cabb531ce230489a2930c5eaaa91d779ce in linux-6.6.y/6.6.19
2dcf82a8e8dc930655787797ef8a3692b527c7a9 in mainline linux
jsg [Mon, 4 Mar 2024 02:09:44 +0000 (02:09 +0000)]
drm/amdgpu: reset gpu for s3 suspend abort case
From Prike Liang
61c0a633bdc644b064f0c9fe6412df247b2fbcca in linux-6.6.y/6.6.19
6ef82ac664bb9568ca3956e0d9c9c478e25077ff in mainline linux
jsg [Mon, 4 Mar 2024 02:08:07 +0000 (02:08 +0000)]
drm/amdgpu: skip to program GFXDEC registers for suspend abort
From Prike Liang
7a3a0b0c7f4720cbac79d991ebb3ab1cd2cd065a in linux-6.6.y/6.6.19
93bafa32a6918154aa0caf9f66679a32c2431357 in mainline linux
jsg [Mon, 4 Mar 2024 02:05:20 +0000 (02:05 +0000)]
drm/amdkfd: Use correct drm device for cgroup permission check
From Mukul Joshi
5a1bd2143fd70f35a255c02611731b509d1cebac in linux-6.6.y/6.6.19
4119734e06a7f30e7e8eb666692a58b85dca0269 in mainline linux
kettenis [Sun, 3 Mar 2024 21:42:41 +0000 (21:42 +0000)]
Add support for the "NG" clock bindings for sun5i SoCs.
ok patrick@
deraadt [Sun, 3 Mar 2024 18:24:07 +0000 (18:24 +0000)]
better estimate
kettenis [Sun, 3 Mar 2024 17:00:14 +0000 (17:00 +0000)]
Flush the D-cache before we disable the cache. This makes more sense and
fixes booting on my A10S-OLinuXino-MICRO board. Since the cache is still
enabled, the CPU might bring back some of the cache lines we just flushed.
So invalidate the cache after disabling.
ok deraadt@
millert [Sun, 3 Mar 2024 15:24:45 +0000 (15:24 +0000)]
Clarify which part of the path name is considered for substitution.
Also use "name" instead of "file name" is some places since the
result could be either a file or a directory. Work done with jmc@
tb [Sun, 3 Mar 2024 13:29:19 +0000 (13:29 +0000)]
Reinstate a test that was accidentally removed in previous
miod [Sun, 3 Mar 2024 11:15:38 +0000 (11:15 +0000)]
Fill the list of expected test failures for m88k.
miod [Sun, 3 Mar 2024 11:14:34 +0000 (11:14 +0000)]
Cope with the rare case of an imprecise FPU exception caught when
reenabling the FPU as part of the regular processing of another exception.
miod [Sun, 3 Mar 2024 11:03:13 +0000 (11:03 +0000)]
Workaround a 88100 errata where a FPU imprecise exception may be raised
for floating-point-to-int conversions by mistake (these instructions are
not supposed to raise this exception).
gkoehler [Sun, 3 Mar 2024 03:09:39 +0000 (03:09 +0000)]
For macppc, add missing CFI for cr2, cr3, cr4
clang -S was missing a line like ".cfi_offset cr2, -16" in functions
that spill cr2 (or cr3, cr4) to the stack. This was breaking a few
C++ exceptions. This fix adds the missing CFI.
This will fix the C++ exception that was crashing egdb from
ports/devel/gdb when you did "q to quit" in the pager.
ok kettenis@ tobhe@
gkoehler [Sun, 3 Mar 2024 02:40:10 +0000 (02:40 +0000)]
Fix awacs(4) audio on some iMac G3 models
This code affects iMac G3s with a slot-loading CD drive (from late
1999 to 2001, after the older tray-loading iMac G3s, and before the
iMac G4s). Detect such iMacs by their model string (PowerMac2,1 or
PowerMac2,2 or PowerMac4,1), and configure their headphones and
internal speakers in a different way. These iMacs have 3 places to
connect headphones (2 on front, 1 on right side). They also have no
audio connection to the CD drive, so turn off the noisy CD input.
From evan (dot) jss (at) protonmail (dot) ch; I edited the code to get
the model string.
deraadt [Sun, 3 Mar 2024 00:22:23 +0000 (00:22 +0000)]
snc
benno [Sat, 2 Mar 2024 23:38:00 +0000 (23:38 +0000)]
examples should show how to check the signature of the next release
op [Sat, 2 Mar 2024 22:40:28 +0000 (22:40 +0000)]
bump version to 7.5.0
deraadt [Sat, 2 Mar 2024 22:17:19 +0000 (22:17 +0000)]
sync
jmc [Sat, 2 Mar 2024 22:08:50 +0000 (22:08 +0000)]
add rkpmic(4); ok kettenis
kettenis [Sat, 2 Mar 2024 20:22:13 +0000 (20:22 +0000)]
This driver can now attach to SPI and supports the RK806 PMIC.
kettenis [Sat, 2 Mar 2024 20:21:33 +0000 (20:21 +0000)]
rkspi(4)
kettenis [Sat, 2 Mar 2024 19:53:17 +0000 (19:53 +0000)]
Enable rkspi(4) and rkpmic(4) at spi.
ok patrick@
kettenis [Sat, 2 Mar 2024 19:52:41 +0000 (19:52 +0000)]
Add support for attaching rkpmic(4) to an SPI bus. Add support for
the RK806 PMIC which can attach to both I2C and SPI. Based on an old
diff from patrick@
ok patrick@
kettenis [Sat, 2 Mar 2024 19:50:30 +0000 (19:50 +0000)]
Add rkspi(4), a driver for the SPI controller found on various Rockchip
SoCs. Based on an earlier diff from patrick@
ok patrick@
kettenis [Sat, 2 Mar 2024 19:48:13 +0000 (19:48 +0000)]
Add clocks for the RK3588 SPI controller.
From patrick@
miod [Sat, 2 Mar 2024 16:51:00 +0000 (16:51 +0000)]
Shorter and simpler version which does not need to use the stack.
tobhe [Sat, 2 Mar 2024 16:16:07 +0000 (16:16 +0000)]
Trigger retransmission only for fragment 1/x, otherwise each received
fragment can trigger retransmission of the full fragment queue.
From RFC7383, 2.6.1:
"[...] that even MUST only trigger a retransmission of the response message
(fragmented or no) if the Fragment Number field in the received
fragments is set to 1; otherwise, it MUST be ignored."
from markus
tobhe [Sat, 2 Mar 2024 15:55:58 +0000 (15:55 +0000)]
Bump to OpenIKED 7.4
tb [Sat, 2 Mar 2024 15:40:05 +0000 (15:40 +0000)]
include <time.h> for time_t and struct tm, needed for macos
ok millert miod
stsp [Sat, 2 Mar 2024 15:18:57 +0000 (15:18 +0000)]
implement qwx(4) monitor status ring polling
On QCNFA765 the monitor status ring does not trigger any interrupts.
Unless the driver keeps polling this ring from a timer the device
will eventually lock up if this ring is enabled.
Even though we're not using this ring yet, add the tiny bits of code
required to poll it so that the next person who enables this code
won't have to waste time figuring out why the device stops working.
The monitor status ring provides details about received frames in special
TLV-format packets which the driver can parse and update statistics with.
Interesting info includes per-frame RSSI. Which we already learn from
beacons, so we don't need to enable an entire extra ring just for that.
Another reason to keep this disabled is that it triggers mbuf corruption
for reasons I haven't been able to figure out. Help welcome.
stsp [Sat, 2 Mar 2024 15:06:20 +0000 (15:06 +0000)]
silently ignore update-stats events from qwx(4) firmware
Reduces noise with QWX_DEBUG enabled.
stsp [Sat, 2 Mar 2024 15:04:27 +0000 (15:04 +0000)]
repair QWX_DEBUG build
tb [Sat, 2 Mar 2024 13:39:28 +0000 (13:39 +0000)]
Remove some GOST relics
tb [Sat, 2 Mar 2024 13:28:22 +0000 (13:28 +0000)]
sync (lh_stats.3 removal)
miod [Sat, 2 Mar 2024 12:02:42 +0000 (12:02 +0000)]
Provide the missing fabsl alias to fabs.
No shlib_version change needed, jumping on the version bump of the mkdtems
addition.
tb [Sat, 2 Mar 2024 11:53:55 +0000 (11:53 +0000)]
Unhook some gost tests
tb [Sat, 2 Mar 2024 11:53:30 +0000 (11:53 +0000)]
Crank libressl version to 3.9.0 (finally!)
tb [Sat, 2 Mar 2024 11:52:43 +0000 (11:52 +0000)]
sync (libressl major, gost.h removal)
tb [Sat, 2 Mar 2024 11:50:36 +0000 (11:50 +0000)]
crank libtls major
same bump as libcrypto and libssl
tb [Sat, 2 Mar 2024 11:49:22 +0000 (11:49 +0000)]
crank libssl major
same bump as libcrypto; symbol removal and addition
tb [Sat, 2 Mar 2024 11:48:55 +0000 (11:48 +0000)]
Remove SSL_debug
The garbage truck is quite full by now. Collect the last symbol
straggler for this bump.
ok jsing
tb [Sat, 2 Mar 2024 11:47:41 +0000 (11:47 +0000)]
Garbage collect TLS1_FLAGS_SKIP_CERT_VERIFY
And here goes another weird-ass thing of dubious pedigree.
ok jsing
tb [Sat, 2 Mar 2024 11:46:55 +0000 (11:46 +0000)]
Make {SSL3,TLS}_CT_* internal
And here goes a bunch of unused macros that just had to be in two
headers so they could get out of sync. Three of these constants
are used in a single function...
ok jsing
tb [Sat, 2 Mar 2024 11:45:51 +0000 (11:45 +0000)]
Remove SSL_CIPHER_get_by_{id,value}()
While this undocumented API would have been much nicer and saner than
SSL_CIPHER_find(), nothing used this except for the exporter test.
Let's get rid of it again. libssl uses ssl3_get_cipher_by_{id,value}()
directly.
ok jsing
tb [Sat, 2 Mar 2024 11:44:47 +0000 (11:44 +0000)]
Export SSL_get_{peer_,}signature_type_nid()
Also move the prototypes to the correct header.
Oversight reported by Frank Lichtenheld, thanks!
Fixes https://github.com/libressl/openbsd/issues/147
ok jsing
tb [Sat, 2 Mar 2024 11:41:53 +0000 (11:41 +0000)]
crank libcrypto major
There were symbol addition, removal, function signature changes and
struct visibility changes.
tb [Sat, 2 Mar 2024 11:40:53 +0000 (11:40 +0000)]
Change sk in CRYPTO_EX_DATA from STACK_OF(void) * to void *
Requested by jsing
tb [Sat, 2 Mar 2024 11:39:11 +0000 (11:39 +0000)]
tedu OPENSSL_isservice() prototype
When tedu tedued OPENSSL_isservice(), tedus chainsaw missed crypto.h.
Finish the teduing of the hack for Visual C++ 5.0 (!), which is still
present in the latest and greatest OpenSSL.
ok jsing
tb [Sat, 2 Mar 2024 11:37:13 +0000 (11:37 +0000)]
Make CRYPTO_THREADID opaque
With ERR_STATE out of the way, we can make CRYPTO_THREADID opaque.
The type is still accessed by used public API, but some of the public
API can also go away.
ok jsing
tb [Sat, 2 Mar 2024 11:35:09 +0000 (11:35 +0000)]
Fix CRYPTO_malloc/free signatures
Importantly, the size in malloc is now a size_t instead of an int. The API
now also takes a file and line to match upstream's signature.
ok jsing
tb [Sat, 2 Mar 2024 11:32:31 +0000 (11:32 +0000)]
Remove CRYPTO_*info
Long time neutered, only used (pointlessly without error checking) in the
error code until very recently.
ok jsing
tb [Sat, 2 Mar 2024 11:28:46 +0000 (11:28 +0000)]
Remove a bunch of CRYPTO memory API
This was neutered early on in the fork and has been rotting ever since.
Some parts of the API are still used, but it's easier to clean up when
most of the mess is gone.
ok jsing
tb [Sat, 2 Mar 2024 11:25:46 +0000 (11:25 +0000)]
Update list of OPENSSL_NO_*
This syncs the list with some version of upstream and exposes a few
OPENSSL_NO_* that may now be relevant.
from jsing (a long time ago)
tb [Sat, 2 Mar 2024 11:22:48 +0000 (11:22 +0000)]
Remove a few no longer used sk_FOO_* stanzas
ok jsing
tb [Sat, 2 Mar 2024 11:20:36 +0000 (11:20 +0000)]
Remove sk_find_ex()
This API intends to find the closest match to the needle. M2Crypto
exposes it because it can. This will be fixed by patching the port.
ok jsing
tb [Sat, 2 Mar 2024 11:17:27 +0000 (11:17 +0000)]
Unhook and remove GOST and STREEBOG
This stops compiling the GOST source. The current implementation is low
quality and got in the way, especially in libssl. While we would be open
for GOST support, it needs to be significantly better than what we have
had and it also needs a maintainer.
Add OPENSSL_NO_GOST to opensslfeatures and stop installing gost.h.
Some code wrapped in #ifndef OPENSSL_NO_GOST will be removed later.
ok jsing
tb [Sat, 2 Mar 2024 11:11:11 +0000 (11:11 +0000)]
Make LHASH_OF() and STACK_OF() use opaque structs
This removes internals of these two special snowflakes and will allow
further simplifications. Unfortunately, there are some pieces of
software that actually use LHASH_OF() (looking at you, pound, Ruby, and
openssl(1)), so we get to keep exposing this garbage, at least for now.
Expose lh_error() as a symbol to replace a macro reaching into _LHASH.
lh_down_load() is no longer available. _LHASH and _STACK are now opaque,
LHASH_NODE becomes internal-only.
from jsing
tb [Sat, 2 Mar 2024 11:04:51 +0000 (11:04 +0000)]
Remove lh stats
This could have been removed in an earlier bump. Now it's time for it to
say goodbye.
ok jsing
tb [Sat, 2 Mar 2024 10:59:41 +0000 (10:59 +0000)]
Remove X509_CRL_METHOD API
I would keep repeating myself... In the bit bucket you go.
ok jsing
tb [Sat, 2 Mar 2024 10:57:03 +0000 (10:57 +0000)]
Garbage collect most of the public LOOKUP API
Yet another bit of extensibility that no one ever really used.
X509_LOOKUP_free() needs to stay because of ... rust-openssl
(and kdelibs4support).
ok jsing
tb [Sat, 2 Mar 2024 10:54:39 +0000 (10:54 +0000)]
Expose X509_STORE_get1_objects()
Safer replacement API for the unsafe X509_STORE_get0_objects().
ok jsing
tb [Sat, 2 Mar 2024 10:52:24 +0000 (10:52 +0000)]
Make X509_CERT_AUX internal
Another struct/API that should never have leaked out of the library.
ok jsing
tb [Sat, 2 Mar 2024 10:50:26 +0000 (10:50 +0000)]
Remove X509_TRUST from the public API
With API and other users internal, this struct can now go.
ok jsing
tb [Sat, 2 Mar 2024 10:49:03 +0000 (10:49 +0000)]
Remove DECLARE_STACK_OF(X509_TRUST)
Unused since the extensibility was neutered.
ok jsing
tb [Sat, 2 Mar 2024 10:48:17 +0000 (10:48 +0000)]
Remove unused public X509_TRUST API
Another thing that should never have leaked out of the library. It
will become internal entirely, where the code can be simplified greatly.
ok jsing
tb [Sat, 2 Mar 2024 10:43:52 +0000 (10:43 +0000)]
const correct X509_PURPOSE_get0{,_{,s}name}()
Unfortunately, PHP and rust-openssl still need this API. At least we
can make the table read-only now since we disabled its extensibility.
ok jsing
tb [Sat, 2 Mar 2024 10:41:46 +0000 (10:41 +0000)]
Make X509_PURPOSE opaque
Code using details of X509_PURPOSE does so by using API. So we can make
this struct opaque.
ok jsing
tb [Sat, 2 Mar 2024 10:40:05 +0000 (10:40 +0000)]
Remove unused parts of the purpose API
Most of this is the ability to add custom purposes. Also the astounding
X509_STORE_CTX_purpose_inherit(). The names are used by PHP, and M2Crypto
exposes X509_check_purpose(), so these remain public. Some weird, most
likely invalid, uses also remain in rust-openssl.
ok jsing
tb [Sat, 2 Mar 2024 10:35:32 +0000 (10:35 +0000)]
Remove X509V3_EXT extensibility API
You used to be able to define your own X.509 extension handlers. Great.
Even greater: the verifier would ignore any custom extensions. So this
was only ever useful for serialization and deserialization. In other
words, almost entirely pointless. The API was also unused except for
a hack in kore-acme, which was fixed recently.
ok jsing
tb [Sat, 2 Mar 2024 10:33:51 +0000 (10:33 +0000)]
Remove X509_ALGOR_set_md()
One of those void APIs that are super hard to use safely since they can
fail but can't communicate failure. Nothing uses this. Internal uses have
been converted to error checked X509_ALGOR_set_evp_md().
ok jsing
tb [Sat, 2 Mar 2024 10:32:26 +0000 (10:32 +0000)]
Adjust signature of ERR_load_strings()
This aligns the prototypes with OpenSSL 1.1.
ok jsing
tb [Sat, 2 Mar 2024 10:30:48 +0000 (10:30 +0000)]
Remove ERR_get_state
The ERR_STATE struct is an unused implementation detail of the horrific
error stack code. It is the last public consumer of CRYPTO_THREAD
internals. Make this and its accessor internal so we can make the
CRYPTO_THREAD struct opaque.
ok jsing
tb [Sat, 2 Mar 2024 10:22:07 +0000 (10:22 +0000)]
Simplify engine.h
Garbage collect some more of this former horror show.
ok jsing
tb [Sat, 2 Mar 2024 10:21:12 +0000 (10:21 +0000)]
Garbage collect CUSTOM_KEY_LENGTH/SET_KEY_LENGTH
These are unused defines that used to add unwanted complications in
EVP_CIPHER_CTX_set_key_lenght().
ok jsing
tb [Sat, 2 Mar 2024 10:20:27 +0000 (10:20 +0000)]
Remove more PBE stuff from the public API
This is still needed internally for CMS and its predecessors. This
removal will enable disentangling some of its innards.
ok jsing
tb [Sat, 2 Mar 2024 10:17:37 +0000 (10:17 +0000)]
Remove most PBEPARAM stuff from public visibility
The struct itself needs to remain public, unfortunately.
ok jsing
tb [Sat, 2 Mar 2024 10:15:15 +0000 (10:15 +0000)]
Remove a lot of PKCS12 garbage from the public API
PKCS12 is a hot mess. Please participate in the survey at the end of
https://www.cs.auckland.ac.nz/~pgut001/pubs/pfx.html to increase its
credibility and unanimity.
ok jsing
jsg [Sat, 2 Mar 2024 10:14:31 +0000 (10:14 +0000)]
list install.img in contents where it is built
landry@ noted it wasn't in arm64 contents
tb [Sat, 2 Mar 2024 10:13:12 +0000 (10:13 +0000)]
Remove RC4-HMAC-MD5 and AES-{128,256}-CBC-HMAC-SHA-1
"Stitched" mode AEADs were removed from libssl a long time ago. Nothing
uses these CIPHERs anymore.
ok jsing
tb [Sat, 2 Mar 2024 10:08:29 +0000 (10:08 +0000)]
Make legacy cipher methods internal
These are ASN.1 handlers for CIPHERs, still used by CMS and its
predecessors. They should never have been public.
ok jsing
tb [Sat, 2 Mar 2024 10:06:48 +0000 (10:06 +0000)]
Remove EVP_PBE_* API from public visibility
You can no longer add your custom PBE algorithm. Pity. EVP_PBE_CipherInit()
stays for internal use, the rest goes away copmletely.
ok jsing