From owner-freebsd-current@FreeBSD.ORG Sat May 19 23:06:00 2007 Return-Path: X-Original-To: freebsd-current@freebsd.org Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id B53E416A468 for ; Sat, 19 May 2007 23:06:00 +0000 (UTC) (envelope-from h.schmalzbauer@omnisec.de) Received: from host.omnisec.de (host.omnisec.de [62.245.232.135]) by mx1.freebsd.org (Postfix) with ESMTP id 3488813C46A for ; Sat, 19 May 2007 23:05:59 +0000 (UTC) (envelope-from h.schmalzbauer@omnisec.de) Received: from tek.flintsbach.schmalzbauer.de (tek.flintsbach.schmalzbauer.de [172.21.2.3]) by host.omnisec.de (8.13.8/8.13.8) with ESMTP id l4JN5rqP061849 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sun, 20 May 2007 01:05:58 +0200 (CEST) (envelope-from h.schmalzbauer@omnisec.de) Received: from titan.flintsbach.schmalzbauer.de (titan.flintsbach.schmalzbauer.de [IPv6:fec0::1:0:0:1:1]) by tek.flintsbach.schmalzbauer.de (8.13.8/8.13.8) with ESMTP id l4JN5rQG089911 for ; Sun, 20 May 2007 01:05:53 +0200 (CEST) (envelope-from h.schmalzbauer@omnisec.de) Received: from localhost (localhost [[UNIX: localhost]]) by titan.flintsbach.schmalzbauer.de (8.14.1/8.14.1/Submit) id l4JN5qFl006647 for freebsd-current@freebsd.org; Sun, 20 May 2007 01:05:52 +0200 (CEST) (envelope-from h.schmalzbauer@omnisec.de) From: Harald Schmalzbauer Organization: OmniSEC To: freebsd-current@freebsd.org User-Agent: KMail/1.9.4 References: <299DD8FD-0E7A-4E3D-9902-2C7FE45AA7BC@lerctr.org> <9F2A10A0-2B58-4BE4-8DD0-9D7811B6BCE6@lerctr.org> <200705192151.34547.pieter@degoeje.nl> In-Reply-To: <200705192151.34547.pieter@degoeje.nl> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200705200105.52657.h.schmalzbauer@omnisec.de> Subject: libssl broken by gcc4.2 import [Was: Re: PINE: SIG 6] X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Date: Sat, 19 May 2007 23:06:00 -0000 X-Original-Date: Sun, 20 May 2007 01:05:52 +0200 X-List-Received-Date: Sat, 19 May 2007 23:06:00 -0000 Am Samstag, 19. Mai 2007 21:51 schrieb Pieter de Goeje: [...] > I believe libssl is broken if not compiled with -DOPENSSL_NO_DH. Gcc will > warn that the program will abort if the code reaches any call to > DHparams_dup() when compiling libssl. > > ssl3_send_client_key_exchange calls this (macro) at s3_clnt.c:1856. There > are other places too. I can confirm that many applications don't work with SSL protocolls any more, like kmail and opera. Your solution sounds reasonable. How is -DOPENSSL_NO_DH best implemented? Best regards, -Harry > > - Pieter de Goeje > _______________________________________________ > freebsd-current@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-current > To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"