GH issue #1916 affects only big-endian platforms. TLS is not affected,
because TLS fragment is never big enough.
Reviewed-by: Matt Caswell <matt@openssl.org>
Add -DBIO_DEBUG to --strict-warnings.
Remove comments about outdated debugging ifdef guards.
Remove md_rand ifdef guarding an assert; it doesn't seem used.
Remove the conf guards in conf_api since we use OPENSSL_assert, not assert.
For pkcs12 stuff put OPENSSL_ in front of the macro name.
Merge TLS_DEBUG into SSL_DEBUG.
Various things just turned on/off asserts, mainly for checking non-NULL
arguments, which is now removed: camellia, bn_ctx, crypto/modes.
Remove some old debug code, that basically just printed things to stderr:
DEBUG_PRINT_UNKNOWN_CIPHERSUITES, DEBUG_ZLIB, OPENSSL_RI_DEBUG,
RL_DEBUG, RSA_DEBUG, SCRYPT_DEBUG.
Remove OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL.
Reviewed-by: Richard Levitte <levitte@openssl.org>
It's never problem if CRYPTO_ctr128_encrypt is called from EVP, because
buffer in question is always aligned within EVP_CIPHER_CTX structure.
RT#4218
Reviewed-by: Richard Levitte <levitte@openssl.org>
rely on indirect call to block functions, they are not as fast as
non-consolidated routines. However, performance loss(*) is within
measurement error and consolidation advantages are considered to
outweigh it.
(*) actually one can observe performance *improvement* on e.g.
CBC benchmarks thanks to optimization, which also becomes
shared among ciphers.