From nobody Mon Mar 04 04:19:51 2024 X-Original-To: bugs@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Tp57r1Z6Qz5BmD1 for ; Mon, 4 Mar 2024 04:19:52 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Tp57r0VBbz47XM for ; Mon, 4 Mar 2024 04:19:52 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1709525992; a=rsa-sha256; cv=none; b=qPxRiwcGVhpwEVb5MkAloIeSseZVSFQevuZqKTuBMbgLdCl7sBXAvBCF/p4N0q3o7mABRZ N/SsxLzTBXFWs4dd8HccFd5a7OP1vLBB6hDYfhnZTrzdXCU1HE2P0tYjQUC5it2LFN/1B7 2l3vuRKTCsaHXs9jfmSYP5IpqHJkVtn8PWv8O03jsPa0xCaae3XYZ/siqWz/l/3IZpKUpU 6o8YmT0sJ2BMUJgOkCEFgk7Ela8QA5Qjtm6cFdX5hf2W9U5918XHjnnJD5gu6Ys6/0/Kst CcoIDsE73GIRgDVsnbZ4xV6BSg9jDPxSBY4aNQuyDqQtWb9Kq/XnZ5jFxgLZJw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1709525992; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Nmp9S6XVBtvGLRCPTHPgVKxstNURHd7O3khNn3yjUAI=; b=pOTUb5uQvJ873fLnbIMYHyWT4u5pCAWj3CBiNTp4kzhQMHl9ELVPLp/9+/YSBdhL7yImZl P6Unocdi59a4Yyh4l5E8HSlq9CWweB3R06SaIC6hiUlJnZplm8cOhU4j7IXBXVx/BTEKLd buhLWwh5P59egv53kXO9Ou/FJQUaRCv0QvvjOXpOGwVm/eD5IoeTp3MnIIjW2E+J4MfN/Q ZXUaGBg0QM+Q9A+yNR7FchMuKIpAGlOJVGFzFQw2RDHyEj2kV+Ey7F6k2nnx5/mbR35ULE 6lsbMg2RE/F+f9EkkxdPt908Rt/QyGNS0WZCoKscKWqv/Q3fs8D61C8wDQty4w== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Tp57q75flz16PY for ; Mon, 4 Mar 2024 04:19:51 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 4244Jpam038219 for ; Mon, 4 Mar 2024 04:19:51 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 4244JpW6038218 for bugs@FreeBSD.org; Mon, 4 Mar 2024 04:19:51 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 271615] Update base system OpenSSL to 3.0.x Date: Mon, 04 Mar 2024 04:19:51 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: misc X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: tracking X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: khorben@defora.org X-Bugzilla-Status: Closed X-Bugzilla-Resolution: FIXED X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Bug reports List-Archive: https://lists.freebsd.org/archives/freebsd-bugs List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-bugs@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D271615 --- Comment #22 from Pierre Pronchery --- (In reply to Gleb Popov from comment #21) When importing OpenSSL 3 in the base system, I used the same options as the security/openssl-devel port (now security/openssl) did at the time, where I believe SM3 was disabled by default. From what I can tell, the security/openssl31 port also defaults to disabling the SM2, SM3, and SM4 algorithms. We can revisit this if some algorithms should really be available but are disabled by default. FWIW, judging from https://en.wikipedia.org/wiki/SM3_(hash_function) it see= ms SM3 is "considered similar to SHA-256 in security and efficiency," and originating from China's National Cryptography Administration in 2010. --=20 You are receiving this mail because: You are the assignee for the bug.=