X-Git-Url: http://git.openwrt.org/?p=openwrt%2Fopenwrt.git;a=blobdiff_plain;f=package%2Flibs%2Fopenssl%2Fpatches%2F500-e_devcrypto-default-to-not-use-digests-in-engine.patch;fp=package%2Flibs%2Fopenssl%2Fpatches%2F500-e_devcrypto-default-to-not-use-digests-in-engine.patch;h=0000000000000000000000000000000000000000;hp=df5c16d8d2ca9a34abb51f731332e94dde293a34;hb=7e7e76afca7877b97bc049d8f5a83a840a20a2af;hpb=eac6fe6f742c7da980799b5583819183a9f33c01

diff --git a/package/libs/openssl/patches/500-e_devcrypto-default-to-not-use-digests-in-engine.patch b/package/libs/openssl/patches/500-e_devcrypto-default-to-not-use-digests-in-engine.patch
deleted file mode 100644
index df5c16d8d2..0000000000
--- a/package/libs/openssl/patches/500-e_devcrypto-default-to-not-use-digests-in-engine.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Eneas U de Queiroz <cote2004-github@yahoo.com>
-Date: Mon, 11 Mar 2019 09:29:13 -0300
-Subject: e_devcrypto: default to not use digests in engine
-
-Digests are almost always slower when using /dev/crypto because of the
-cost of the context switches.  Only for large blocks it is worth it.
-
-Also, when forking, the open context structures are duplicated, but the
-internal kernel sessions are still shared between forks, which means an
-update/close operation in one fork affects all processes using that
-session.
-
-This affects digests, especially for HMAC, where the session with the
-key hash is used as a source for subsequent operations.  At least one
-popular application does this across a fork.  Disabling digests by
-default will mitigate the problem, while still allowing the user to
-turn them on if it is safe and fast enough.
-
-Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
-
---- a/engines/e_devcrypto.c
-+++ b/engines/e_devcrypto.c
-@@ -852,7 +852,7 @@ static void prepare_digest_methods(void)
-     for (i = 0, known_digest_nids_amount = 0; i < OSSL_NELEM(digest_data);
-          i++) {
- 
--        selected_digests[i] = 1;
-+        selected_digests[i] = 0;
- 
-         /*
-          * Check that the digest is usable
-@@ -1072,7 +1072,7 @@ static const ENGINE_CMD_DEFN devcrypto_c
- #ifdef IMPLEMENT_DIGEST
-    {DEVCRYPTO_CMD_DIGESTS,
-     "DIGESTS",
--    "either ALL, NONE, or a comma-separated list of digests to enable [default=ALL]",
-+    "either ALL, NONE, or a comma-separated list of digests to enable [default=NONE]",
-     ENGINE_CMD_FLAG_STRING},
- #endif
-