HardenedBSD/crypto
Cy Schubert 476d63e091 kerberos: Fix numerous segfaults when using weak crypto
Weak crypto is provided by the openssl legacy provider which is
not load by default. Load the legacy providers as needed.

When the legacy provider is loaded into the default context the default
provider will no longer be automatically loaded. Without the default
provider the various kerberos applicaions and functions will abort().

This is the second attempt at this patch. Instead of linking
secure/lib/libcrypto at build time we now link it at runtime, avoiding
buildworld failures under Linux and MacOS. This is because
TARGET_ENDIANNESS is undefined at pre-build time.

PR:		272835
MFC after:	3 days
X-MFC:		only to stable/14
Tested by:	netchild
		Joerg Pulz <Joerg.Pulz@frm2.tum.de> (previous version)
2024-01-17 23:46:57 -08:00
..
heimdal kerberos: Fix numerous segfaults when using weak crypto 2024-01-17 23:46:57 -08:00
openssh ssh: Update to OpenSSH 9.6p1 2024-01-04 22:16:30 -05:00
openssl OpenSSL: update to 3.0.12 2023-10-24 14:55:56 -04:00
README

This directory is for the EXACT same use as src/contrib, except it
holds crypto sources.  In other words, this holds raw sources obtained
from various third party vendors, with FreeBSD patches applied.  No
compilation is done from this directory, it is all done from the
src/secure directory.  The separation between src/contrib and src/crypto
is the result of an old USA law, which made these sources export
controlled, so they had to be kept separate.