upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-06-04 14:26:03 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
opnsense-src/crypto
History
Cy Schubert c7db2e15e4 kerberos: Fix numerous segfaults when using weak crypto 
Weak crypto is provided by the openssl legacy provider which is
not load by default. Load the legacy providers as needed.

When the legacy provider is loaded into the default context the default
provider will no longer be automatically loaded. Without the default
provider the various kerberos applicaions and functions will abort().

This is the second attempt at this patch. Instead of linking
secure/lib/libcrypto at build time we now link it at runtime, avoiding
buildworld failures under Linux and MacOS. This is because
TARGET_ENDIANNESS is undefined at pre-build time.

PR:		272835
Tested by:	netchild
		Joerg Pulz <Joerg.Pulz@frm2.tum.de> (previous version)

(cherry picked from commit 476d63e091)
2024-01-22 07:48:51 -08:00
..
heimdal kerberos: Fix numerous segfaults when using weak crypto 2024-01-22 07:48:51 -08:00
openssh ssh: Update to OpenSSH 9.6p1 2024-01-07 14:31:11 -05:00
openssl OpenSSL: update to 3.0.12 2023-10-25 16:20:31 -04:00
README Two more $FreeBSD$ stragglers 2023-09-17 08:34:41 -06:00

README 

This directory is for the EXACT same use as src/contrib, except it
holds crypto sources.  In other words, this holds raw sources obtained
from various third party vendors, with FreeBSD patches applied.  No
compilation is done from this directory, it is all done from the
src/secure directory.  The separation between src/contrib and src/crypto
is the result of an old USA law, which made these sources export
controlled, so they had to be kept separate.