Date: Fri, 19 Apr 2024 23:47:02 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 278469] OpenSSL in the base system is being built incorrectly: resulting in incorrect built/linked providers (fips, legacy, etc) Message-ID: <bug-278469-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D278469 Bug ID: 278469 Summary: OpenSSL in the base system is being built incorrectly: resulting in incorrect built/linked providers (fips, legacy, etc) Product: Base System Version: 14.0-RELEASE Hardware: Any OS: Any Status: New Severity: Affects Many People Priority: --- Component: bin Assignee: bugs@FreeBSD.org Reporter: ngie@FreeBSD.org In short... - There are a variety of objects which are being built with the fips provid= er that only apply to the legacy provider. - A number of non-fips provider sources appear to be incorrectly built with CFLAGS+=3D -DFIPS_MODULE. This results in non-deterministic behavior compared to the upstream provided version of OpenSSL and the equivalent ports versions of OpenSSL. There are likely more issues; these are the ones that are known at this tim= e. This was originally filed with the OpenSSL project as: https://github.com/openssl/openssl/issues/24202 . --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-278469-227>