[16796] in Kerberos-V5-bugs
[krbdev.mit.edu #9034] git commit
daemon@ATHENA.MIT.EDU (Greg Hudson via RT)
Thu Oct 28 15:34:12 2021
From: "Greg Hudson via RT" <rt-comment@krbdev.mit.edu>
In-Reply-To:
Message-ID: <rt-4.4.3-2-2273939-1635449645-1466.9034-4-0@mit.edu>
To: "AdminCc of krbdev.mit.edu Ticket #9034":;
Date: Thu, 28 Oct 2021 15:34:05 -0400
MIME-Version: 1.0
Reply-To: rt-comment@krbdev.mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krb5-bugs-bounces@mit.edu
Thu Oct 28 15:34:05 2021: Request 9034 was acted upon.
Transaction: Ticket created by ghudson@mit.edu
Queue: krb5
Subject: git commit
Owner: ghudson@mit.edu
Requestors:
Status: new
Ticket <URL: https://krbdev.mit.edu/rt/Ticket/Display.html?id=9034 >
Use builtin MD4, RC4 for OpenSSL 3.0
In OpenSSL 3.0, to use MD4 or RC4 one must load the "legacy" crypto
provider. To do this in libk5crypto, we would need to create and use
an OpenSSL library context to avoid interfering with other users of
the library. Tearing down this context at finalization time would be
further complicated by OpenSSL's use of atexit() for library
finalization, which causes its finalizer to be run earlier than
properly registered finalizers on Linux.
For simplicity, use the builtin implementations of MD4 and RC4 for
OpenSSL 3.0 and later. Also use the builtin DES key parity
implementation since OpenSSL 3.0 deprecates DES_set_odd_parity() with
no replacement.
https://github.com/krb5/krb5/commit/e557f051d1605ee980b136cae020866873ffb223
Author: Greg Hudson <ghudson@mit.edu>
Commit: e557f051d1605ee980b136cae020866873ffb223
Branch: master
src/lib/crypto/krb/crypto_int.h | 21 ++++++++++++++++++---
1 files changed, 18 insertions(+), 3 deletions(-)
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs
