| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
x-ref:
"issues migrating lighttpd mod_mbedtls to mbedtls 3.0.0"
https://github.com/ARMmbed/mbedtls/issues/5331
|
| | |
|
| |
|
|
|
| |
x-ref:
https://github.com/lighttpd/lighttpd1.4/pull/107
|
| | |
|
| | |
|
| |
|
|
| |
avoid multiple definition of SHA512_CTX when using Nettle
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
include wolfssl/options.h crypto lib config
after selecting crypto lib to use
wolfSSL does not prefix its defines with a wolfSSL-specific namespace
(so we would like to avoid unnecessarily polluting preproc namespace)
This commit further isolates wolfSSL after split from mod_openssl.
Cleans up some preprocessor logic that was put in place when using
the wolfSSL compatibility layer for openssl, before creating a
dedicated mod_wolfssl.
|
| |
|
|
|
| |
include mbedtls/config.h crypto lib config
after selecting crypto lib to use
|
| |
|
|
|
| |
some distro packages deploy NSS includes under nss/, others nss3/
(and similar for nspr/ vs nspr4/)
|
| |
|
|
|
|
|
|
| |
basic algorithms fail if NSS library has not been init'd (WTH)
lighttpd defers initialization of rand and crypto until first use
to attempt to avoid long, blocking init at startup while waiting
for sufficient system entropy to become available
|
| |
|
|
|
| |
use inline funcs in sys-crypto-md.h for consistency
and to avoid compiler warnings when result is ignored
|
| |
|
|
|
|
|
| |
use NSS crypto if no other crypto avail, but NSS crypto is available
"NSS crypto support" is not included in tests/LightyTest.pm:has_crypto()
due to NSS libraries (freebl3) lacking public export for HMAC funcs
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
return values for sys-crypto-md.h interfaces
While some library implementations do not fail and have no return value,
others might fail on memory allocation or on failure to communicate with
an external or dedicated engine or device, e.g. which might store a
private key.
future: lighttpd callers of sys-crypto-md.h do not currently expect
or check for errors from these digest functions, but should
consider doing so.
|
| |
|
|
|
|
|
|
|
|
|
| |
provide implementations for conventional digest interfaces
but use the newer openssl digest interfaces under the hood
<rant>
It is baffling that the openssl library -- with *thousands* of public
interfaces -- does not provide these, and suggests that openssl
developers do not frequently write apps which utilize these interfaces.
</rant>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
quiet openssl 3.0.0 deprecation warnings for
low-level digest algorithm interfaces
future: migrate to openssl interfaces:
EVP_DigestInit_ex(3), EVP_DigestUpdate(3), and EVP_DigestFinal_ex(3)
x-ref:
https://github.com/openssl/openssl/pull/10791
https://www.openssl.org/docs/manmaster/man3/EVP_DigestInit_ex.html
https://wiki.openssl.org/index.php/EVP_Message_Digests
|
| |
|
|
| |
standalone module forked from mod_openssl
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
Prefer some WolfSSL native APIs when building with WolfSSL.
However, some functionality in WolfSSL is available only through the
WolfSSL compatibility layer for OpenSSL, so the effort to create a
native mod_wolfssl halted here.
|
|
|
sys-crypto-md.h w/ inline message digest functions; shared code
|
