From nobody Fri Mar 10 18:45:02 2023 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PYFNM3KgBz3xp89; Fri, 10 Mar 2023 18:45:07 +0000 (UTC) (envelope-from yaneurabeya@gmail.com) Received: from mail-pf1-x435.google.com (mail-pf1-x435.google.com [IPv6:2607:f8b0:4864:20::435]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PYFNM18rVz4DyB; Fri, 10 Mar 2023 18:45:07 +0000 (UTC) (envelope-from yaneurabeya@gmail.com) Authentication-Results: mx1.freebsd.org; none Received: by mail-pf1-x435.google.com with SMTP id fd25so4263993pfb.1; Fri, 10 Mar 2023 10:45:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; t=1678473905; h=to:references:message-id:cc:date:in-reply-to:from:subject :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=HX3Gd9abdOqbC60ZGa0FQbWhbAGKsrXM8KMv6Nb88Dg=; b=bPMz0xLVejDgHYY4+7dxJPFtzyiO9cHIaviX7L4l6LfNAqsVDUghlu8CnjZdrBVood I7UmNvtDY/sdLXAEklFrhNK7WnoqkN+zxoH04sSFQp3WrkIUk7wfSmJBrhRUrGh9+tYM z+vYAdGdOPsCvT49SD9x0KqAyD09E7GNkZ2AvMz9xL9ZEt9oqh5rzLWzDtnpOH1e6oNl RFNGtGIA7Yz2rkDozepFfJ8/X+Z2fFRbjaqAPl8usIUhT9nDNTecYGIGlNY+G3w+G80O D0ILykv/MFCC2KOvrCGgP5P7OzfdqlVkBjUBh1skiSRkO9WP1YUXkbv5tsyATv7xSsTw EDQg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1678473905; h=to:references:message-id:cc:date:in-reply-to:from:subject :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=HX3Gd9abdOqbC60ZGa0FQbWhbAGKsrXM8KMv6Nb88Dg=; b=kAOjMkB3gm3bbgeIt5egh6aqWVynZHLrO8gJTxDUeXGKpVvYDFfqzRgPKI0duopx3q HjVPg3bWJek0rriOAYY6Fhu1KmfpUvPE8smAW8tCEB3NG09hY4IrmscrlxMupzB3CTqE bPd09DUDnJlFhALCc5LyRQaVAHdtBh15Y8zwpEBLq1DdY7FUlqEKLuVKB4MOV+MLp3ob Sh+uA2KoC94bKPz+FiHfq9VIHUFUrnnfNr09ATFyBWodNnTggfKAcM6CzgyeCq9Nxvfb Iay/f6fejJ2rAifVCJ6O1jXbSQBDwW5YWxRf49fwvILdXqgGE9jyW6BvwmGK0atTKWmx SJ2g== X-Gm-Message-State: AO0yUKXZlYd6pfTr+fKn3/QirSw6Uk9Tbswe6CZ6LKlhCXxIv2IygC36 z57fdQq6wjiCzaSSf64Ns+Vf74kdzvPjbw== X-Google-Smtp-Source: AK7set926aGM14M5XpB/jp+H6H4anpd2B85PgOpbzFW6BNr/0dX2D6pMWg7CKksUlBztwbi6NACbCg== X-Received: by 2002:aa7:9496:0:b0:5a8:ae97:2273 with SMTP id z22-20020aa79496000000b005a8ae972273mr21506662pfk.25.1678473905007; Fri, 10 Mar 2023 10:45:05 -0800 (PST) Received: from smtpclient.apple (c-73-19-52-228.hsd1.wa.comcast.net. [73.19.52.228]) by smtp.gmail.com with ESMTPSA id t27-20020aa7939b000000b0058bca264253sm136533pfe.126.2023.03.10.10.45.03 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 10 Mar 2023 10:45:04 -0800 (PST) Content-Type: multipart/signed; boundary="Apple-Mail=_255B773E-D6DF-47EC-9AAC-948773DC51AE"; protocol="application/pgp-signature"; micalg=pgp-sha256 List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-main@freebsd.org X-BeenThere: dev-commits-src-main@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.2\)) Subject: Re: git: e5dd5bfa55dc - main - pkg(7): now that we do use libmd, use it completly From: Enji Cooper In-Reply-To: <202303092031.329KVbCG021742@gitrepo.freebsd.org> Date: Fri, 10 Mar 2023 10:45:02 -0800 Cc: "kevans@freebsd.org" , =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= , "src-committers@freebsd.org" , "dev-commits-src-all@freebsd.org" , "dev-commits-src-main@freebsd.org" Message-Id: <3051E279-F8C3-4AF8-AD21-A6582F3C57D8@gmail.com> References: <202303092031.329KVbCG021742@gitrepo.freebsd.org> To: Baptiste Daroussin X-Mailer: Apple Mail (2.3696.120.41.1.2) X-Rspamd-Queue-Id: 4PYFNM18rVz4DyB X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US] X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-ThisMailContainsUnwantedMimeParts: N --Apple-Mail=_255B773E-D6DF-47EC-9AAC-948773DC51AE Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 > On Mar 9, 2023, at 12:31 PM, Baptiste Daroussin = wrote: >=20 > The branch main has been updated by bapt: >=20 > URL: = https://cgit.FreeBSD.org/src/commit/?id=3De5dd5bfa55dc82686870330f54793248= 6ba48db2 >=20 > commit e5dd5bfa55dc82686870330f547932486ba48db2 > Author: Baptiste Daroussin > AuthorDate: 2023-03-09 20:29:15 +0000 > Commit: Baptiste Daroussin > CommitDate: 2023-03-09 20:31:30 +0000 >=20 > pkg(7): now that we do use libmd, use it completly >=20 > Use SHA256_Fd and SHA256_Data instead of home made equivalent. > wrap those functions into hash.c to avoid header collition between > openssl and libmd >=20 > Suggested by: kevans Hi bapt@, Thank you for the quick build fix! - The Makefile wasn=E2=80=99t updated to use just libmd or libcrypto =E2=80= =94 it=E2=80=99s linking both today (there are other areas in base where = this is present, though, so it=E2=80=99s less of an issue). - I don=E2=80=99t remember the details 100%, but I vaguely remember = there being an effort in the past to avoid overlinking binaries with = libmd and libcrypto. Some components like ntp for instance go out of = their way to link one implementation or the other, not both. - The libmd library exports interfaces named like the OpenSSL 3 = deprecated interfaces. Not sure if that=E2=80=99s going to cause issues = in the future. - When going to OpenSSL 3, FreeBSD and third-parties will have access to = a FIPS 140-3 certified crypto provider library =E2=80=94 libmd doesn=E2=80= =99t have that same guarantee. It would be good if the entire system was = linked with either libcrypto or libmd so the crypto interface would be = consistent across the board. I=E2=80=99m going to post an email to arch@ soon about the need for the = OpenSSL 1.1 -> OpenSSL 3 import. I think some of these topics should be = brought up as requirements/prerequisites for doing the work or = considerations to make when doing it. What do you think? Cheers, -Enji --Apple-Mail=_255B773E-D6DF-47EC-9AAC-948773DC51AE Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEtvtxN6kOllEF3nmX5JFNMZeDGN4FAmQLeq4ACgkQ5JFNMZeD GN6IUA/+NDQx/zXwHN1K4OF+3DrPA1izjDCKjzcRkQFRZPQ04L9XMh417hjgneqm nKI/MlirAhFKYWHikr1kxqzJpGRg1xB/M4f7elWLah5ULYFzxu+45Jz0TDyzaZa2 nRFfjg8myWJbIueDdJU5dEQalRRZkQBcxbmYprN9R7WY9AssPQXaPLE9N1B49EFT XL8pq+RNE3JkYA2rwQg4ZA1diVoyRdK+UoxeBzjnFtnnAG9NSVHxi4gAjbAKGQs6 svc4XBWTHgD1+isGHsjIXbI3Ndsv5ID6gLJAuIh/BgOiW8psj8PpcbX5b34WBaLR WiW4KO9dcHDw9HY6qAgYxufox/EknikwVEfy0bbM6bhLsfYx8CMGv+thjV+ftibx kI3RijRDW22iahw/RGMJQSqoUUCC8gZJosBMJ09Bz1I+AQ8HSHHAWaW9dYCSuOLX E9b/M/KVlST+3rg2E6M7+JiMRvJKUhUA2x/3fTagw2k4YV63zxZ+6UX0n+ZvvkUi XGUSk08iu/D1zdkvnafd3akWym2QL+pppyhQ7yWS1a/J/iuImpmB+F+lHmW5pjdO h5AQ3E+lCaF8IVA6yDE+Wpwr0vKdYT7D5fISI7Rf7Vy0qPDJHnIS0lPJ+SvYt7/k JBiGWIpiKzY04XPPSinecG0C9wdV37skISucZvlMY0C1JQ1pIew= =3MNl -----END PGP SIGNATURE----- --Apple-Mail=_255B773E-D6DF-47EC-9AAC-948773DC51AE--