Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 25 Aug 2025 17:13:00 GMT
From:      Gleb Smirnoff <glebius@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org
Subject:   git: 9ab31f821ad1 - main - heimdal: fix wrt OpenSSL 3.5
Message-ID:  <202508251713.57PHD05H062480@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
The branch main has been updated by glebius:

URL: https://cgit.FreeBSD.org/src/commit/?id=9ab31f821ad1c6bad474510447387c50bef2c24c

commit 9ab31f821ad1c6bad474510447387c50bef2c24c
Author:     Gleb Smirnoff <glebius@FreeBSD.org>
AuthorDate: 2025-08-25 17:12:52 +0000
Commit:     Gleb Smirnoff <glebius@FreeBSD.org>
CommitDate: 2025-08-25 17:12:52 +0000

    heimdal: fix wrt OpenSSL 3.5
    
    - Bump the library version.
    - Don't load the legacy provider.  It is no longer enabled by default
      and looks like kdc doesn't actually need it.
    
    Reviewed by:            cy
    Differential Revision:  https://reviews.freebsd.org/D52114
---
 kerberos5/lib/libroken/fbsd_ossl_provider_load.c | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/kerberos5/lib/libroken/fbsd_ossl_provider_load.c b/kerberos5/lib/libroken/fbsd_ossl_provider_load.c
index 2328041bc166..b8812f207af8 100644
--- a/kerberos5/lib/libroken/fbsd_ossl_provider_load.c
+++ b/kerberos5/lib/libroken/fbsd_ossl_provider_load.c
@@ -5,10 +5,9 @@
 #include <openssl/provider.h>
 
 #if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3)
-#define CRYPTO_LIBRARY "/lib/libcrypto.so.30"
+#define CRYPTO_LIBRARY "/lib/libcrypto.so.35"
 static void fbsd_ossl_provider_unload(void);
 static void print_dlerror(char *);
-static OSSL_PROVIDER *legacy;
 static OSSL_PROVIDER *deflt;
 static int providers_loaded = 0;
 static OSSL_PROVIDER * (*ossl_provider_load)(OSSL_LIB_CTX *, const char*) = NULL;
@@ -25,7 +24,6 @@ fbsd_ossl_provider_unload(void)
 		}
 	}
 	if (providers_loaded == 1) {
-		(*ossl_provider_unload)(legacy);
 		(*ossl_provider_unload)(deflt);
 		providers_loaded = 0;
 	}
@@ -61,10 +59,7 @@ fbsd_ossl_provider_load(void)
 	}
 
 	if (providers_loaded == 0) {
-		if ((legacy = (*ossl_provider_load)(NULL, "legacy")) == NULL)
-			return (EINVAL);
 		if ((deflt = (*ossl_provider_load)(NULL, "default")) == NULL) {
-			(*ossl_provider_unload)(legacy);
 			return (EINVAL);
 		}
 		if (atexit(fbsd_ossl_provider_unload)) {

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202508251713.57PHD05H062480>