[Bug 278469] OpenSSL in the base system is being built incorrectly: resulting in incorrect built/linked providers (fips, legacy, etc)
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 278469] OpenSSL in the base system is being built incorrectly: resulting in incorrectly built/linked providers (fips, legacy, etc)"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 278469] OpenSSL in the base system is being built incorrectly: resulting in incorrectly built/linked providers (fips, legacy, etc)"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 19 Apr 2024 23:47:02 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=278469 Bug ID: 278469 Summary: OpenSSL in the base system is being built incorrectly: resulting in incorrect built/linked providers (fips, legacy, etc) Product: Base System Version: 14.0-RELEASE Hardware: Any OS: Any Status: New Severity: Affects Many People Priority: --- Component: bin Assignee: bugs@FreeBSD.org Reporter: ngie@FreeBSD.org In short... - There are a variety of objects which are being built with the fips provider that only apply to the legacy provider. - A number of non-fips provider sources appear to be incorrectly built with CFLAGS+= -DFIPS_MODULE. This results in non-deterministic behavior compared to the upstream provided version of OpenSSL and the equivalent ports versions of OpenSSL. There are likely more issues; these are the ones that are known at this time. This was originally filed with the OpenSSL project as: https://github.com/openssl/openssl/issues/24202 . -- You are receiving this mail because: You are the assignee for the bug.