[Bug 271656] [exp-run] with OpenSSL 3.0 in the base system

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 271656] [exp-run] with OpenSSL 3.0 in the base system"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Sat, 08 Jul 2023 08:44:46 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=271656

Gert Doering <gert@greenie.muc.de> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |gert@greenie.muc.de

--- Comment #52 from Gert Doering <gert@greenie.muc.de> ---
I can confirm that loading the legacy provider works again for OpenVPN (and
also for openssl CLI, "openssl list -provider legacy -cipher-algorithms").

Loading the FIPS provider still fails - not sure if this is known/intentional?

$ openssl list -provider fips -cipher-algorithms
list: unable to load provider fips
Hint: use -provider-path option or OPENSSL_MODULES environment variable.
0020A189C32C0000:error:1C8000D5:Provider routines:SELF_TEST_post:missing config
data:/usr/src/crypto/openssl/providers/fips/self_test.c:290:
0020A189C32C0000:error:1C8000E0:Provider routines:ossl_set_error_state:fips
module entering error
state:/usr/src/crypto/openssl/providers/fips/self_test.c:388:
0020A189C32C0000:error:1C8000D8:Provider routines:OSSL_provider_init_int:self
test post failure:/usr/src/crypto/openssl/providers/fips/fipsprov.c:707:
0020A189C32C0000:error:078C0105:common libcrypto routines:provider_init:init
fail:/usr/src/crypto/openssl/crypto/provider_core.c:932:name=fips

(this is with src at commit c81495a621c4)

-- 
You are receiving this mail because:
You are on the CC list for the bug.