diff options
| author | Eneas U de Queiroz <cotequeiroz@gmail.com> | 2023-02-07 18:14:27 -0300 |
|---|---|---|
| committer | Christian Marangi <ansuelsmth@gmail.com> | 2023-02-20 11:24:17 +0100 |
| commit | 7e7e76afca7877b97bc049d8f5a83a840a20a2af (patch) | |
| tree | 8bb6e0ecd3642d724da768557468653b65ff232e /package/libs/openssl/patches/500-e_devcrypto-default-to-not-use-digests-in-engine.patch | |
| parent | eac6fe6f742c7da980799b5583819183a9f33c01 (diff) | |
| download | upstream-7e7e76afca7877b97bc049d8f5a83a840a20a2af.tar.gz upstream-7e7e76afca7877b97bc049d8f5a83a840a20a2af.tar.bz2 upstream-7e7e76afca7877b97bc049d8f5a83a840a20a2af.zip | |
openssl: bump to 3.0.8
This is a major update to the current LTS version, supported until
2026-09-07.
Changelog:
https://github.com/openssl/openssl/blob/openssl-3.0.8/CHANGES.md
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Diffstat (limited to 'package/libs/openssl/patches/500-e_devcrypto-default-to-not-use-digests-in-engine.patch')
| -rw-r--r-- | package/libs/openssl/patches/500-e_devcrypto-default-to-not-use-digests-in-engine.patch | 41 |
1 files changed, 0 insertions, 41 deletions
diff --git a/package/libs/openssl/patches/500-e_devcrypto-default-to-not-use-digests-in-engine.patch b/package/libs/openssl/patches/500-e_devcrypto-default-to-not-use-digests-in-engine.patch deleted file mode 100644 index df5c16d8d2..0000000000 --- a/package/libs/openssl/patches/500-e_devcrypto-default-to-not-use-digests-in-engine.patch +++ /dev/null @@ -1,41 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Eneas U de Queiroz <cote2004-github@yahoo.com> -Date: Mon, 11 Mar 2019 09:29:13 -0300 -Subject: e_devcrypto: default to not use digests in engine - -Digests are almost always slower when using /dev/crypto because of the -cost of the context switches. Only for large blocks it is worth it. - -Also, when forking, the open context structures are duplicated, but the -internal kernel sessions are still shared between forks, which means an -update/close operation in one fork affects all processes using that -session. - -This affects digests, especially for HMAC, where the session with the -key hash is used as a source for subsequent operations. At least one -popular application does this across a fork. Disabling digests by -default will mitigate the problem, while still allowing the user to -turn them on if it is safe and fast enough. - -Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com> - ---- a/engines/e_devcrypto.c -+++ b/engines/e_devcrypto.c -@@ -852,7 +852,7 @@ static void prepare_digest_methods(void) - for (i = 0, known_digest_nids_amount = 0; i < OSSL_NELEM(digest_data); - i++) { - -- selected_digests[i] = 1; -+ selected_digests[i] = 0; - - /* - * Check that the digest is usable -@@ -1072,7 +1072,7 @@ static const ENGINE_CMD_DEFN devcrypto_c - #ifdef IMPLEMENT_DIGEST - {DEVCRYPTO_CMD_DIGESTS, - "DIGESTS", -- "either ALL, NONE, or a comma-separated list of digests to enable [default=ALL]", -+ "either ALL, NONE, or a comma-separated list of digests to enable [default=NONE]", - ENGINE_CMD_FLAG_STRING}, - #endif - |