Re: git: cb350ba7bf7c - main - kerberos: Fix numerous segfaults when using weak crypto

Reply: Cy Schubert : "Re: git: cb350ba7bf7c - main - kerberos: Fix numerous segfaults when using weak crypto"
In reply to: Cy Schubert : "git: cb350ba7bf7c - main - kerberos: Fix numerous segfaults when using weak crypto"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Jessica Clarke <jrtc27_at_freebsd.org>
Date: Fri, 12 Jan 2024 06:19:55 UTC

On 11 Jan 2024, at 13:31, Cy Schubert <cy@FreeBSD.org> wrote:
> 
> The branch main has been updated by cy:
> 
> URL: https://cgit.FreeBSD.org/src/commit/?id=cb350ba7bf7ca7c4cb97ed2c20ab45af60382cfb
> 
> commit cb350ba7bf7ca7c4cb97ed2c20ab45af60382cfb
> Author:     Cy Schubert <cy@FreeBSD.org>
> AuthorDate: 2023-12-06 15:30:05 +0000
> Commit:     Cy Schubert <cy@FreeBSD.org>
> CommitDate: 2024-01-11 13:26:42 +0000
> 
>    kerberos: Fix numerous segfaults when using weak crypto
> 
>    Weak crypto is provided by the openssl legacy provider which is
>    not load by default. Load the legacy providers as needed.
> 
>    When the legacy provider is loaded into the default context the default
>    provider will no longer be automatically loaded. Without the default
>    provider the various kerberos applicaions and functions will abort().

Hi,
This has completely broken macOS and Linux cross-building. Please
either fix this quickly or, if unable to, revert until such time as you
can. Note that patches can be tested by creating a PR against the
GitHub mirror.

Jess