From nobody Thu Jun 29 13:14:59 2023
X-Original-To: freebsd-current@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QsJpT5bVDz4kFSf
	for <freebsd-current@mlmmj.nyi.freebsd.org>; Thu, 29 Jun 2023 13:15:13 +0000 (UTC)
	(envelope-from mad@madpilot.net)
Received: from mail.madpilot.net (vogon.madpilot.net [159.69.1.99])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mx1.freebsd.org (Postfix) with ESMTPS id 4QsJpS5Djgz4Lq2
	for <freebsd-current@freebsd.org>; Thu, 29 Jun 2023 13:15:12 +0000 (UTC)
	(envelope-from mad@madpilot.net)
Authentication-Results: mx1.freebsd.org;
	dkim=pass header.d=madpilot.net header.s=bjowvop61wgh header.b="B 79gLTE";
	spf=pass (mx1.freebsd.org: domain of mad@madpilot.net designates 159.69.1.99 as permitted sender) smtp.mailfrom=mad@madpilot.net;
	dmarc=pass (policy=quarantine) header.from=madpilot.net
Received: from mail (mail [IPv6:fd5c:5351:d272::3])
	by mail.madpilot.net (Postfix) with ESMTP id 4QsJpK5jCjz6fPf
	for <freebsd-current@freebsd.org>; Thu, 29 Jun 2023 15:15:05 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=madpilot.net; h=
	content-transfer-encoding:content-type:content-type:in-reply-to
	:subject:subject:from:from:content-language:references:date:date
	:message-id:received; s=bjowvop61wgh; t=1688044499; x=
	1689858900; bh=4sQpDelldWcn4lrphEfT6nndkePaRMNqvUc0Sm0u2BA=; b=B
	79gLTETwiiKQAvg/AYmlwQeOHFUJfHNWBFGzVOeoiwHL3eMladagASJGtnjLGQUv
	ij5I1O99Ni6ByjFZ5WnJYzIS+ovmdfIXdmmPPWYvUQZmRtE535ZBVBvHkiow/H/m
	uuxfY9nRCntIg7vHdle6vXy3K+nkZ1eHufu4FggYjYBbyFMOGcXA6P5Z1nwcU9Xq
	WTg7nZbGO92USo6cmXK8ZCwRlLnT4D9yk1tVBYHkurNyn/jP3TooklJdds+iOfKP
	4C9GaH3NpymFc8Ts8TXUfNJuKdHgQtpfB9V69uAQub0Z7LsskuS2JYKoSgB1RZvV
	xwwZee0JmQfrdyIroLhTg==
Received: from mail.madpilot.net ([IPv6:fd5c:5351:d272::3])
	by mail (mail.madpilot.net [IPv6:fd5c:5351:d272::3]) (amavisd-new, port 10026)
	with ESMTP id EmpAdjlnHGiJ for <freebsd-current@freebsd.org>;
	Thu, 29 Jun 2023 15:14:59 +0200 (CEST)
Message-ID: <203b3fed-6fdd-0a19-72ce-fa2eea891222@madpilot.net>
Date: Thu, 29 Jun 2023 15:14:59 +0200
To: FreeBSD Current <freebsd-current@freebsd.org>
References: <CAPyFy2CsxgfQh_Q7gjeDBjrNprfA_MMXgcnQfSmMSjx9-pRRUQ@mail.gmail.com>
Content-Language: en-US
From: Guido Falsi <mad@madpilot.net>
Subject: Re: OpenSSL 3.0 is in the tree
In-Reply-To: <CAPyFy2CsxgfQh_Q7gjeDBjrNprfA_MMXgcnQfSmMSjx9-pRRUQ@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Spamd-Result: default: False [-0.40 / 15.00];
	MISSING_MIME_VERSION(2.00)[];
	NEURAL_HAM_LONG(-1.00)[-1.000];
	NEURAL_HAM_MEDIUM(-0.98)[-0.977];
	NEURAL_SPAM_SHORT(0.58)[0.577];
	DMARC_POLICY_ALLOW(-0.50)[madpilot.net,quarantine];
	R_DKIM_ALLOW(-0.20)[madpilot.net:s=bjowvop61wgh];
	R_SPF_ALLOW(-0.20)[+mx];
	MIME_GOOD(-0.10)[text/plain];
	MIME_TRACE(0.00)[0:+];
	FROM_EQ_ENVFROM(0.00)[];
	RCVD_TLS_LAST(0.00)[];
	MLMMJ_DEST(0.00)[freebsd-current@freebsd.org];
	ARC_NA(0.00)[];
	RCVD_COUNT_THREE(0.00)[3];
	TO_DN_ALL(0.00)[];
	TO_MATCH_ENVRCPT_ALL(0.00)[];
	FROM_HAS_DN(0.00)[];
	DKIM_TRACE(0.00)[madpilot.net:+];
	PREVIOUSLY_DELIVERED(0.00)[freebsd-current@freebsd.org];
	ASN(0.00)[asn:24940, ipnet:159.69.0.0/16, country:DE];
	RCPT_COUNT_ONE(0.00)[1];
	MID_RHS_MATCH_FROM(0.00)[]
X-Rspamd-Queue-Id: 4QsJpS5Djgz4Lq2
X-Spamd-Bar: /
X-ThisMailContainsUnwantedMimeParts: N
List-Id: Discussions about the use of FreeBSD-current <freebsd-current.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-current
List-Help: <mailto:freebsd-current+help@freebsd.org>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Subscribe: <mailto:freebsd-current+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-current+unsubscribe@freebsd.org>
Sender: owner-freebsd-current@freebsd.org

On 24/06/23 16:22, Ed Maste wrote:
> Last night I merged OpenSSL 3.0 to main. This, along with the update
> to Clang 16 and other recent changes may result in some challenges
> over the next few days or weeks for folks following -CURRENT, such as
> ports that need to be updated or unanticipated issues in the base
> system.
> 
> We need to get this work done so that we can continue moving on with
> FreeBSD 14; I apologize for the trouble it might cause in the short
> term. Please follow up to report any trouble you encounter.
> 

Not sure where to ask this, following up to this announcement looks like 
a reasonable choice.

After updating head to this version I have had some ports provided 
software fail with messages including: "Unable to load legacy provider."

Most of the time I am able to workaround it by forcing newer algorithms 
via some configuration. Some other times I have no direct control of 
what is being asked (like values hardcoded in npm modules)/

This is also happening to me with node, for example, has happened with 
RDP (looks like windows by default prefers RC4 for RDP sessions), where 
I was able to fix it though.

Question is, does FreeBSD provide this legacy provider module? Or is it 
available via ports or some other solution? Or maybe it can be provided 
via a port? Would make the transition much easier!

-- 
Guido Falsi <mad@madpilot.net>