[Bug 271656] [exp-run] with OpenSSL 3.0 in the base system

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=271656

Dimitry Andric <dim@FreeBSD.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |dim@FreeBSD.org

--- Comment #25 from Dimitry Andric <dim@FreeBSD.org> ---
(In reply to Antoine Brodin from comment #23)
The problem is that BN_ULONG is sometimes defined incorrectly on i386;
depending on how the openssl config headers are included, it is sometimes
"unsigned long", and sometimes "unsigned long long". For some files it is the
former, and then the bignum logic tries to shift right with 32 bits, which is
undefined behavior.

In particular, the part here:
https://github.com/khorben/freebsd-src/blob/khorben/openssl-3.0.9/crypto/openssl/include/openssl/configuration.h#L125
:

# if !defined(OPENSSL_SYS_UEFI)
#  undef BN_LLONG
/* Only one for the following should be defined */
#  define SIXTY_FOUR_BIT_LONG
#  undef SIXTY_FOUR_BIT
#  undef THIRTY_TWO_BIT
# endif

SIXTY_FOUR_BIT_LONG should not be defined on i386, it is normally defined in
crypto/bn_conf.h, and I have no idea why openssl tries to define it
superflously in configuration.h.

In bn_conf.h, the definition is guarded with __LP64__:

#ifdef __LP64__
#define SIXTY_FOUR_BIT_LONG
#undef SIXTY_FOUR_BIT
#undef THIRTY_TWO_BIT
#else
#undef SIXTY_FOUR_BIT_LONG
#undef SIXTY_FOUR_BIT
#define THIRTY_TWO_BIT
#endif

In both files there is some comment about "UEFI builds" so I assume this is our
own customization, and this is not upstream in OpenSSL?

-- 
You are receiving this mail because:
You are on the CC list for the bug.