History log of /freebsd/kerberos5/include/fbsd_ossl_provider.h (Results 1 – 1 of 1)
Revision Date Author Comments
# 476d63e0 06-Dec-2023 Cy Schubert <cy@FreeBSD.org>

kerberos: Fix numerous segfaults when using weak crypto

Weak crypto is provided by the openssl legacy provider which is
not load by default. Load the legacy providers as needed.

When the legacy pro

kerberos: Fix numerous segfaults when using weak crypto

Weak crypto is provided by the openssl legacy provider which is
not load by default. Load the legacy providers as needed.

When the legacy provider is loaded into the default context the default
provider will no longer be automatically loaded. Without the default
provider the various kerberos applicaions and functions will abort().

This is the second attempt at this patch. Instead of linking
secure/lib/libcrypto at build time we now link it at runtime, avoiding
buildworld failures under Linux and MacOS. This is because
TARGET_ENDIANNESS is undefined at pre-build time.

PR: 272835
MFC after: 3 days
X-MFC: only to stable/14
Tested by: netchild
Joerg Pulz <Joerg.Pulz@frm2.tum.de> (previous version)

show more ...