Module Name: src Committed By: christos Date: Mon Sep 11 15:12:12 UTC 2023
Modified Files: src/crypto/external/bsd/heimdal/dist/include: crypto-headers.h src/crypto/external/bsd/heimdal/dist/lib/krb5: context.c Log Message: Explicitly load the legacy provider instead of using EVP_CIPHER_fetch() which leaks memory. To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 \ src/crypto/external/bsd/heimdal/dist/include/crypto-headers.h cvs rdiff -u -r1.7 -r1.8 \ src/crypto/external/bsd/heimdal/dist/lib/krb5/context.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/crypto/external/bsd/heimdal/dist/include/crypto-headers.h diff -u src/crypto/external/bsd/heimdal/dist/include/crypto-headers.h:1.6 src/crypto/external/bsd/heimdal/dist/include/crypto-headers.h:1.7 --- src/crypto/external/bsd/heimdal/dist/include/crypto-headers.h:1.6 Mon Jun 19 19:10:48 2023 +++ src/crypto/external/bsd/heimdal/dist/include/crypto-headers.h Mon Sep 11 11:12:12 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: crypto-headers.h,v 1.6 2023/06/19 23:10:48 christos Exp $ */ +/* $NetBSD: crypto-headers.h,v 1.7 2023/09/11 15:12:12 christos Exp $ */ #ifndef __crypto_header__ #define __crypto_header__ @@ -33,9 +33,6 @@ # define BN_set_negative(bn, flag) ((bn)->neg=(flag)?1:0) # define BN_is_negative(bn) ((bn)->neg != 0) # endif -#if OPENSSL_VERSION_NUMBER >= 0x30000000UL -# define EVP_rc4() EVP_CIPHER_fetch(NULL, "rc4", "provider=legacy") -#endif #endif #include <hcrypto/ui.h> Index: src/crypto/external/bsd/heimdal/dist/lib/krb5/context.c diff -u src/crypto/external/bsd/heimdal/dist/lib/krb5/context.c:1.7 src/crypto/external/bsd/heimdal/dist/lib/krb5/context.c:1.8 --- src/crypto/external/bsd/heimdal/dist/lib/krb5/context.c:1.7 Mon Jun 19 17:41:44 2023 +++ src/crypto/external/bsd/heimdal/dist/lib/krb5/context.c Mon Sep 11 11:12:12 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: context.c,v 1.7 2023/06/19 21:41:44 christos Exp $ */ +/* $NetBSD: context.c,v 1.8 2023/09/11 15:12:12 christos Exp $ */ /* * Copyright (c) 1997 - 2010 Kungliga Tekniska Högskolan @@ -38,6 +38,9 @@ #include "krb5_locl.h" #include <assert.h> #include <krb5/com_err.h> +#if OPENSSL_VERSION_NUMBER >= 0x30000000UL +#include <openssl/provider.h> +#endif #define INIT_FIELD(C, T, E, D, F) \ (C)->E = krb5_config_get_ ## T ## _default ((C), NULL, (D), \ @@ -396,6 +399,9 @@ init_context_once(void *ctx) krb5_config_free_strings(dirs); bindtextdomain(HEIMDAL_TEXTDOMAIN, HEIMDAL_LOCALEDIR); +#if OPENSSL_VERSION_NUMBER >= 0x30000000UL + OSSL_PROVIDER_load(NULL, "legacy"); +#endif }