Move legacy ciphers into the legacy provider#11419
Move legacy ciphers into the legacy provider#11419slontis wants to merge 5 commits intoopenssl:masterfrom
Conversation
DES, idea, seed, rc2, rc4, rc5, cast and blowfish have been moved out of the default provider. Code shared between desx and tdes has been moved into a seperate file (cipher_tdes_common.c). 3 test recipes failed due to using app/openssl calls that used legacy ciphers. These calls have been updated to supply both the default and legacy providers.
slontis
added
branch: master
|
The no-asm no-deprecated travis build had a few issues.. |
levitte
left a comment
levitte
left a comment
There was a problem hiding this comment.
I'm surprised, shouldn't this demand a set of added AvailableIn lines in the files in test/recipes/30-test_evp_data?
|
will look - I am curently fixing the memory leaks cause by using -provider in the apps. |
|
Have a look at Travis, you have a memleak that's wreaking havoc... |
|
Fixed pre existing memory leak (functionality had not been used yet in a test). The reason the evp_tests all work is because it loads a default_and_legacy.cnf file. Manually testing a file confrms that it fails if the legacy provider is not loaded. Then we would iterate over all of these.. Note some tests do for example RSA + MD5 . |
|
In regards to #11419 (comment), I was trying to do that (as discussed on the fips-sponsors mailing list). See #11124. Unfortunately, the pre-requisite PR's for that -- #11369, #11347, #11177 etc -- are not being reviewed. :( So I am moving on to something that will get review attention, "fetchable RAND" While I'm here: this situation sucks, frankly. |
|
ping |
|
re-ping @openssl/committers |
|
I don't see any issues with the PR as it stands - but @levitte or @mattcaswell should be the ones reviewing this. If it remains unaddressed for much longer I will approve it myself. |
|
Gah! All those timeouts (yeahok, only two) |
levitte
added
approval: done
|
I'd prefer a penguin over a bitten apple. 😄 |
|
24 hours has passed since 'approval: done' was set, but as this PR has been updated in that time the label 'approval: ready to merge' is not being automatically set. Please review the updates and set the label manually. |
slontis
removed
the
approval: done
slontis
added
the
approval: ready to merge
DES, idea, seed, rc2, rc4, rc5, cast and blowfish have been moved out of the default provider. Code shared between desx and tdes has been moved into a seperate file (cipher_tdes_common.c). 3 test recipes failed due to using app/openssl calls that used legacy ciphers. These calls have been updated to supply both the default and legacy providers. Fixed openssl app '-provider' memory leak Reviewed-by: Richard Levitte <[email protected]> (Merged from #11419)
|
Thanks. Merged to master. |
|
@slontis This (most probably) caused a regression in one of the Travis builds which was added when PR #11468 was merged. |
|
The reason it was not caught in this PR CI run is that there was no no-deprecated build without no-asm. |
8 participants
DES, idea, seed, rc2, rc4, rc5, cast and blowfish have been moved out of the default provider.
Code shared between desx and tdes has been moved into a seperate file (cipher_tdes_common.c).
3 test recipes failed due to using app/openssl calls that used legacy ciphers.
These calls have been updated to supply both the default and legacy providers.
Checklist