mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-11-22 03:04:34 +01:00
476d63e091
Weak crypto is provided by the openssl legacy provider which is not load by default. Load the legacy providers as needed. When the legacy provider is loaded into the default context the default provider will no longer be automatically loaded. Without the default provider the various kerberos applicaions and functions will abort(). This is the second attempt at this patch. Instead of linking secure/lib/libcrypto at build time we now link it at runtime, avoiding buildworld failures under Linux and MacOS. This is because TARGET_ENDIANNESS is undefined at pre-build time. PR: 272835 MFC after: 3 days X-MFC: only to stable/14 Tested by: netchild Joerg Pulz <Joerg.Pulz@frm2.tum.de> (previous version)
26 lines
639 B
C
26 lines
639 B
C
#ifndef __crypto_headers_h__
|
|
#define __crypto_headers_h__
|
|
|
|
#include <openssl/evp.h>
|
|
#include <openssl/des.h>
|
|
#include <openssl/rc4.h>
|
|
#include <openssl/rc2.h>
|
|
#include <openssl/md4.h>
|
|
#include <openssl/md5.h>
|
|
#include <openssl/sha.h>
|
|
#include <openssl/ui.h>
|
|
#include <openssl/rand.h>
|
|
#include <openssl/engine.h>
|
|
#include <openssl/pkcs12.h>
|
|
#include <openssl/pem.h>
|
|
#include <openssl/hmac.h>
|
|
#include <openssl/ec.h>
|
|
#include <openssl/ecdsa.h>
|
|
#include <openssl/ecdh.h>
|
|
#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3)
|
|
#include <openssl/provider.h>
|
|
#include "fbsd_ossl_provider.h"
|
|
#endif
|
|
|
|
#endif /* __crypto_headers_h__ */
|