Module Name:    src
Committed By:   christos
Date:           Mon Sep 11 15:12:12 UTC 2023

Modified Files:
        src/crypto/external/bsd/heimdal/dist/include: crypto-headers.h
        src/crypto/external/bsd/heimdal/dist/lib/krb5: context.c

Log Message:
Explicitly load the legacy provider instead of using EVP_CIPHER_fetch() which
leaks memory.


To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 \
    src/crypto/external/bsd/heimdal/dist/include/crypto-headers.h
cvs rdiff -u -r1.7 -r1.8 \
    src/crypto/external/bsd/heimdal/dist/lib/krb5/context.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/heimdal/dist/include/crypto-headers.h
diff -u src/crypto/external/bsd/heimdal/dist/include/crypto-headers.h:1.6 src/crypto/external/bsd/heimdal/dist/include/crypto-headers.h:1.7
--- src/crypto/external/bsd/heimdal/dist/include/crypto-headers.h:1.6	Mon Jun 19 19:10:48 2023
+++ src/crypto/external/bsd/heimdal/dist/include/crypto-headers.h	Mon Sep 11 11:12:12 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: crypto-headers.h,v 1.6 2023/06/19 23:10:48 christos Exp $	*/
+/*	$NetBSD: crypto-headers.h,v 1.7 2023/09/11 15:12:12 christos Exp $	*/
 
 #ifndef __crypto_header__
 #define __crypto_header__
@@ -33,9 +33,6 @@
 #  define BN_set_negative(bn, flag) ((bn)->neg=(flag)?1:0)
 #  define BN_is_negative(bn) ((bn)->neg != 0)
 # endif
-#if OPENSSL_VERSION_NUMBER >= 0x30000000UL
-# define EVP_rc4() EVP_CIPHER_fetch(NULL, "rc4", "provider=legacy")
-#endif
 #endif
 
 #include <hcrypto/ui.h>

Index: src/crypto/external/bsd/heimdal/dist/lib/krb5/context.c
diff -u src/crypto/external/bsd/heimdal/dist/lib/krb5/context.c:1.7 src/crypto/external/bsd/heimdal/dist/lib/krb5/context.c:1.8
--- src/crypto/external/bsd/heimdal/dist/lib/krb5/context.c:1.7	Mon Jun 19 17:41:44 2023
+++ src/crypto/external/bsd/heimdal/dist/lib/krb5/context.c	Mon Sep 11 11:12:12 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: context.c,v 1.7 2023/06/19 21:41:44 christos Exp $	*/
+/*	$NetBSD: context.c,v 1.8 2023/09/11 15:12:12 christos Exp $	*/
 
 /*
  * Copyright (c) 1997 - 2010 Kungliga Tekniska Högskolan
@@ -38,6 +38,9 @@
 #include "krb5_locl.h"
 #include <assert.h>
 #include <krb5/com_err.h>
+#if OPENSSL_VERSION_NUMBER >= 0x30000000UL
+#include <openssl/provider.h>
+#endif
 
 #define INIT_FIELD(C, T, E, D, F)					\
     (C)->E = krb5_config_get_ ## T ## _default ((C), NULL, (D), 	\
@@ -396,6 +399,9 @@ init_context_once(void *ctx)
 	krb5_config_free_strings(dirs);
 
     bindtextdomain(HEIMDAL_TEXTDOMAIN, HEIMDAL_LOCALEDIR);
+#if OPENSSL_VERSION_NUMBER >= 0x30000000UL
+    OSSL_PROVIDER_load(NULL, "legacy");
+#endif
 }
 
 

Reply via email to