https://github.com/ruby/digest/commit/cce9ada85e

The OpenSSL engine of Digest uses the low-level API of OpenSSL, whose
use has been discouraged for years for multiple reasons.

A long-standing issue on a FIPS-enabled system is that using ::Digest
results in crashing the Ruby process, because the low-level API lacks
the mechanism to report an error (the policy violation) and thus kills
the process as a last resort[1][2]. Also, the upcoming OpenSSL 3.0 will
deprecate it for future removal[3]. Compiling with
-Wdeprecated-declarations will start to emit warnings.

A proper fix for this is to make it use the EVP API instead. This is a
non-trivial work as it requires backwards-incompatible changes to the
framework interface of Digest::Base and rb_digest_metadata_t.

It is more than 15 years ago that the openssl library became part of the
standard library. It has implemented the exactly same functionality as
OpenSSL::Digest, in fact, as a subclass of Digest::Class. There is not
much point in having an identical code in the digest library. Let's
just get rid of OpenSSL within digest. This leaves the C implementations
and the CommonCrypto engine for Apple systems.

A patch is being prepared for the openssl library to provide ::Digest
constants for better performance[4].

[1] https://bugs.ruby-lang.org/issues/6946
[2] https://bugs.ruby-lang.org/issues/13681
[3] https://www.openssl.org/docs/OpenSSL300Design.html
[4] https://github.com/ruby/openssl/pull/377

ext/openssl/deprecation.rb has been removed in ext/openssl upstream[1].

It was originally introduced to detect and prevent linking against
Apple's bundled (and very outdated) version of OpenSSL. It is long gone
and the header files do not exist in current versions of macOS.

The dependency in ext/digest was introduced by commit 26e258c807c2.
Note that the original issue[2] is resolved without this dependency.
The commit also added the pkg_config("openss") call to match what
ext/openssl does.

[1] https://github.com/ruby/openssl/pull/333
[2] https://bugs.ruby-lang.org/issues/6379

  * ext/digest/digest_conf.rb: Support to search variaous filenames of
    OpenSSL/LibreSSL libraries.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@59362 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

* lib/mkmf.rb (create_makefile): store $headers in LOCAL_HDRS for
  depend files.
* ext/digest/digest_conf.rb (digest_conf): add implementation
  specific headers to $header.
* ext/digest/{md5,rmd160,sha1,sha2}/depend: add LOCAL_HDRS to the
  dependencies.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55588 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

g -L frozen_string_literal ext/**/*.rb|xargs ruby -Ka -e'ARGV.each{|fn|puts
fn;open(fn,"r+"){|f|s=f.read.sub(/\A(#!.*\n)?(#.*coding.*\n)?/,"\\&#
frozen_string_literal: false\n");f.rewind;f.write s}}'

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53143 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

OpenSSL's SHA1 struct name is SHA_CTX (which is also used for SHA-0),
but function name is SHA1_Transform.
http://openssl.org/docs/man0.9.8/crypto/SHA1.html

also note that LibreSSL 2.3 remove the SHA-0 support but still support SHA-1.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52755 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

* ext/digest/digest_conf.rb (digest_conf): check for CommonDigest.
* ext/digest/*/*cc.h: for Apple CommonCrypto/CommonDigest.h.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@49565 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

* ext/digest/digest.h (DEFINE_FINISH_FUNC_FROM_FINAL): macro for
  finish functions, by inverting arguments order.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@49564 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

* ext/digest/digest_conf.rb (digest_conf): extract common
  configurations.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@49563 b2dd03c8-39d4-4d8f-98ff-823fe69b080e