mirrors/openssl
0
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-24 02:23:51 +08:00
Code Issues Packages Projects Releases Wiki Activity
531df8185f
openssl/ssl
History
Richard Levitte 848af5e8fe Drop libimplementations.a 
libimplementations.a was a nice idea, but had a few flaws:

1.  The idea to have common code in libimplementations.a and FIPS
    sensitive helper functions in libfips.a / libnonfips.a didn't
    catch on, and we saw full implementation ending up in them instead
    and not appearing in libimplementations.a at all.

2.  Because more or less ALL algorithm implementations were included
    in libimplementations.a (the idea being that the appropriate
    objects from it would be selected automatically by the linker when
    building the shared libraries), it's very hard to find only the
    implementation source that should go into the FIPS module, with
    the result that the FIPS checksum mechanism include source files
    that it shouldn't

To mitigate, we drop libimplementations.a, but retain the idea of
collecting implementations in static libraries.  With that, we not
have:

libfips.a

    Includes all implementations that should become part of the FIPS
    provider.

liblegacy.a

    Includes all implementations that should become part of the legacy
    provider.

libdefault.a

    Includes all implementations that should become part of the
    default and base providers.

With this, libnonfips.a becomes irrelevant and is dropped.
libcommon.a is retained to include common provider code that can be
used uniformly by all providers.

Fixes #15157

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15171)
2021-05-07 10:17:23 +02:00
..
record Update copyright year 2021-04-22 14:38:44 +01:00
statem Use OCSP-specific error code for clarity 2021-05-01 13:09:15 +02:00
bio_ssl.c Update copyright year 2021-04-08 13:04:41 +01:00
build.info Drop libimplementations.a 2021-05-07 10:17:23 +02:00
d1_lib.c Update copyright year 2021-01-28 13:54:57 +01:00
d1_msg.c Update copyright year 2020-11-26 14:18:57 +00:00
d1_srtp.c Convert all {NAME}err() in ssl/ to their corresponding ERR_raise() call 2020-11-11 12:12:11 +01:00
ktls.c Only enable KTLS if it is explicitly configured 2021-04-12 11:32:05 +01:00
methods.c Update some inclusions of <openssl/macros.h> 2019-11-07 11:37:25 +01:00
pqueue.c Update copyright year 2020-11-26 14:18:57 +00:00
s3_cbc.c TLS fixes for CBC mode and no-deprecated 2020-09-09 17:59:08 +10:00
s3_enc.c Remove all OPENSSL_NO_XXX from libssl where XXX is a crypto alg 2021-02-05 15:22:43 +00:00
s3_lib.c OBJ_nid2sn(NID_sha256) is completely equivalent to OSSL_DIGEST_NAME_SHA2_256 2021-04-01 14:39:53 +02:00
s3_msg.c Avoid sending alerts after shutdown 2021-05-06 17:07:11 +02:00
ssl_asn1.c Update copyright year 2020-11-26 14:18:57 +00:00
ssl_cert_table.h Following the license change, modify the boilerplates in ssl/ 2018-12-06 14:20:59 +01:00
ssl_cert.c Fix NULL access in ssl_build_cert_chain() when ctx is NULL. 2021-03-03 16:16:19 +10:00
ssl_ciph.c ssl: fix problem where MAC IDs were globally cached. 2021-03-30 18:59:42 +02:00
ssl_conf.c Correct ssl_conf logic for "legacy_server_connect" 2021-05-05 08:13:51 -07:00
ssl_err_legacy.c Modify the ERR init functions to use the internal ERR string loaders 2020-11-24 15:21:44 +01:00
ssl_err.c Remove all trace of FIPS_mode functions 2021-05-06 09:54:37 +10:00
ssl_init.c Modify the ERR init functions to use the internal ERR string loaders 2020-11-24 15:21:44 +01:00
ssl_lib.c Enforce secure renegotiation support by default 2021-05-05 08:13:51 -07:00
ssl_local.h ssl: fix problem where MAC IDs were globally cached. 2021-03-30 18:59:42 +02:00
ssl_mcnf.c SSL: refactor all SSLfatal() calls 2020-11-11 12:12:23 +01:00
ssl_rsa_legacy.c Deprecate RSA harder 2020-11-18 23:38:34 +01:00
ssl_rsa.c ssl: coverity 1465527 - dereference after null check 2021-03-20 10:18:32 +10:00
ssl_sess.c Update copyright year 2021-04-08 13:04:41 +01:00
ssl_stat.c Reorganize local header files 2019-09-28 20:26:35 +02:00
ssl_txt.c Convert all {NAME}err() in ssl/ to their corresponding ERR_raise() call 2020-11-11 12:12:11 +01:00
ssl_utst.c Reorganize local header files 2019-09-28 20:26:35 +02:00
sslerr.h Make supported_groups code independent of EC and DH 2021-02-05 15:20:37 +00:00
t1_enc.c Only enable KTLS if it is explicitly configured 2021-04-12 11:32:05 +01:00
t1_lib.c Fix some TODO(3.0) occurrences in ssl/t1_lib.c 2021-04-19 10:39:12 +01:00
t1_trce.c Update copyright year 2021-02-18 15:05:17 +00:00
tls13_enc.c Only enable KTLS if it is explicitly configured 2021-04-12 11:32:05 +01:00
tls_depr.c Remove OPENSSL_NO_DH guards from libssl 2021-02-05 15:20:36 +00:00
tls_srp.c Update copyright year 2021-02-18 15:05:17 +00:00