git.openwrt.org Git - openwrt/staging/thess.git/commit

author	Eneas U de Queiroz <cote2004-github@yahoo.com>
	Tue, 12 Mar 2019 13:16:01 +0000 (13:16 +0000)
committer	Hans Dedecker <dedeckeh@gmail.com>
	Tue, 12 Mar 2019 17:26:59 +0000 (18:26 +0100)
commit	2407b1edccc2f2d426333bd7cc1743c8e4da8dbd
tree	be00dce1b17d00abe03b423582c1a8d649dfad7f	tree \| snapshot
parent	8c593804d078f62de981ee0ff05d666b0d1f4df0	commit \| diff

openssl: disable digests by default, misc fixes

Openssh uses digest contexts across forks, which is not supported by the
/dev/crypto engine.  The speed of digests is usually not worth enabling
them anyway.  This changes the default of the DIGESTS option to NONE, so
the user still has the option to enable them.

Added another patch related to the use of encryption contexts across
forks, that ignores a failure to close a previous open session when
reinitializing a context, instead of failing the reinitialization.

Added a link to the Cryptographic Hardware Accelerators document to the
engine pacakges description, to provide more detailed instructions to
configure the engines.

Revert the removal of the OPENSSL_ENGINE_CRYPTO symbol, currently used
by openssh.  There is an open PR to update openssh; when merged, this
symbol can be safely removed.

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [refresh patches]

package/libs/openssl/Config.in		diff \| blob \| history
package/libs/openssl/Makefile		diff \| blob \| history
package/libs/openssl/patches/500-e_devcrypto-default-to-not-use-digests-in-engine.patch	[new file with mode: 0644]	blob
package/libs/openssl/patches/510-e_devcrypto-ignore-error-when-closing-session.patch	[new file with mode: 0644]	blob