Date: Fri, 10 Mar 2023 10:45:02 -0800 From: Enji Cooper <yaneurabeya@gmail.com> To: Baptiste Daroussin <bapt@FreeBSD.org> Cc: "kevans@freebsd.org" <kevans@FreeBSD.org>, =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@freebsd.org>, "src-committers@freebsd.org" <src-committers@FreeBSD.org>, "dev-commits-src-all@freebsd.org" <dev-commits-src-all@FreeBSD.org>, "dev-commits-src-main@freebsd.org" <dev-commits-src-main@FreeBSD.org> Subject: Re: git: e5dd5bfa55dc - main - pkg(7): now that we do use libmd, use it completly Message-ID: <3051E279-F8C3-4AF8-AD21-A6582F3C57D8@gmail.com> In-Reply-To: <202303092031.329KVbCG021742@gitrepo.freebsd.org> References: <202303092031.329KVbCG021742@gitrepo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--Apple-Mail=_255B773E-D6DF-47EC-9AAC-948773DC51AE Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 > On Mar 9, 2023, at 12:31 PM, Baptiste Daroussin <bapt@FreeBSD.org> = wrote: >=20 > The branch main has been updated by bapt: >=20 > URL: = https://cgit.FreeBSD.org/src/commit/?id=3De5dd5bfa55dc82686870330f54793248= 6ba48db2 >=20 > commit e5dd5bfa55dc82686870330f547932486ba48db2 > Author: Baptiste Daroussin <bapt@FreeBSD.org> > AuthorDate: 2023-03-09 20:29:15 +0000 > Commit: Baptiste Daroussin <bapt@FreeBSD.org> > CommitDate: 2023-03-09 20:31:30 +0000 >=20 > pkg(7): now that we do use libmd, use it completly >=20 > Use SHA256_Fd and SHA256_Data instead of home made equivalent. > wrap those functions into hash.c to avoid header collition between > openssl and libmd >=20 > Suggested by: kevans Hi bapt@, Thank you for the quick build fix! - The Makefile wasn=E2=80=99t updated to use just libmd or libcrypto =E2=80= =94 it=E2=80=99s linking both today (there are other areas in base where = this is present, though, so it=E2=80=99s less of an issue). - I don=E2=80=99t remember the details 100%, but I vaguely remember = there being an effort in the past to avoid overlinking binaries with = libmd and libcrypto. Some components like ntp for instance go out of = their way to link one implementation or the other, not both. - The libmd library exports interfaces named like the OpenSSL 3 = deprecated interfaces. Not sure if that=E2=80=99s going to cause issues = in the future. - When going to OpenSSL 3, FreeBSD and third-parties will have access to = a FIPS 140-3 certified crypto provider library =E2=80=94 libmd doesn=E2=80= =99t have that same guarantee. It would be good if the entire system was = linked with either libcrypto or libmd so the crypto interface would be = consistent across the board. I=E2=80=99m going to post an email to arch@ soon about the need for the = OpenSSL 1.1 -> OpenSSL 3 import. I think some of these topics should be = brought up as requirements/prerequisites for doing the work or = considerations to make when doing it. What do you think? Cheers, -Enji --Apple-Mail=_255B773E-D6DF-47EC-9AAC-948773DC51AE Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEtvtxN6kOllEF3nmX5JFNMZeDGN4FAmQLeq4ACgkQ5JFNMZeD GN6IUA/+NDQx/zXwHN1K4OF+3DrPA1izjDCKjzcRkQFRZPQ04L9XMh417hjgneqm nKI/MlirAhFKYWHikr1kxqzJpGRg1xB/M4f7elWLah5ULYFzxu+45Jz0TDyzaZa2 nRFfjg8myWJbIueDdJU5dEQalRRZkQBcxbmYprN9R7WY9AssPQXaPLE9N1B49EFT XL8pq+RNE3JkYA2rwQg4ZA1diVoyRdK+UoxeBzjnFtnnAG9NSVHxi4gAjbAKGQs6 svc4XBWTHgD1+isGHsjIXbI3Ndsv5ID6gLJAuIh/BgOiW8psj8PpcbX5b34WBaLR WiW4KO9dcHDw9HY6qAgYxufox/EknikwVEfy0bbM6bhLsfYx8CMGv+thjV+ftibx kI3RijRDW22iahw/RGMJQSqoUUCC8gZJosBMJ09Bz1I+AQ8HSHHAWaW9dYCSuOLX E9b/M/KVlST+3rg2E6M7+JiMRvJKUhUA2x/3fTagw2k4YV63zxZ+6UX0n+ZvvkUi XGUSk08iu/D1zdkvnafd3akWym2QL+pppyhQ7yWS1a/J/iuImpmB+F+lHmW5pjdO h5AQ3E+lCaF8IVA6yDE+Wpwr0vKdYT7D5fISI7Rf7Vy0qPDJHnIS0lPJ+SvYt7/k JBiGWIpiKzY04XPPSinecG0C9wdV37skISucZvlMY0C1JQ1pIew= =3MNl -----END PGP SIGNATURE----- --Apple-Mail=_255B773E-D6DF-47EC-9AAC-948773DC51AE--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3051E279-F8C3-4AF8-AD21-A6582F3C57D8>