Date: Sun, 20 May 2007 14:43:24 -0400 From: Kris Kennaway <kris@obsecurity.org> To: Colin Percival <cperciva@freebsd.org> Cc: FreeBSD Current <freebsd-current@freebsd.org> Subject: Re: HEADS UP: OpenSSL problems after GCC 4.2 upgrade Message-ID: <20070520184324.GA41576@xor.obsecurity.org> In-Reply-To: <465034CE.4060802@freebsd.org> References: <20070520022722.1f5a0cda@kan.dnsalias.net> <465034CE.4060802@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, May 20, 2007 at 07:45:18AM -0400, Colin Percival wrote: > Alexander Kabaev wrote: > > there were several reports of OpenSSL being broken when compiled with > > GCC 4.2. It turns out OpenSSL uses function casting feature that was > > aggressively de-supported by GCC 4.2 and GCC goes as far as inserting > > invalid instructions ON PURPOSE to discourage the practice. > > ... > > For the record (since I know several people were asking at BSDCan), this is > a great example of why it makes sense to have libmd as well as libcrypto: A > minimal hashing library which we maintain ourselves is far less likely to > randomly break than a bloated^W more feature-complete library which is > maintained outside of FreeBSD and occasionally imported onto a vendor branch. Well that's kind of a straw man because it's not actually what I suggested. I was advocating compiling a minimal libmd that only compiles (from openssl sources instead of our separate libmd sources) the same subset of the code that we currently use in libmd, without the additional bloat of libcrypto. At least the last time I looked at openssl this was possible, and one ends up with something very similar to our current libmd, plus additional bug fixes. Kris
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070520184324.GA41576>