Update OpenSSL to version 3.0.8 in the base system #740

Summary: Release notes can be found at https://www.openssl.org/news/openssl-3.0-notes.html . Obtained from: https://www.openssl.org/source/openssl-3.0.8.tar.gz Differential Revision: https://reviews.freebsd.org/D38835 Test Plan: ``` $ git status On branch vendor/openssl-3.0 nothing to commit, working tree clean $ (cd ..; fetch http://www.openssl.org/source/openssl-${OSSLVER}.tar.gz http://www.openssl.org/source/openssl-${OSSLVER}.tar.gz.asc) openssl-3.0.8.tar.gz 14 MB 4507 kBps 04s openssl-3.0.8.tar.gz.asc 833 B 10 MBps 00s $ set | egrep '(XLIST|OSSLVER)=' OSSLVER=3.0.8 XLIST=FREEBSD-Xlist $ gpg --list-keys /home/ngie/.gnupg/pubring.kbx ----------------------------- pub rsa4096 2014-10-04 [SC] 7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C uid [ unknown] Richard Levitte <[email protected]> uid [ unknown] Richard Levitte <[email protected]> uid [ unknown] Richard Levitte <[email protected]> sub rsa4096 2014-10-04 [E] $ gpg --verify openssl-${OSSLVER}.tar.gz.asc openssl-${OSSLVER}.tar.gz gpg: Signature made Tue Feb 7 05:43:55 2023 PST gpg: using RSA key 7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C gpg: Good signature from "Richard Levitte <[email protected]>" [unknown] gpg: aka "Richard Levitte <[email protected]>" [unknown] gpg: aka "Richard Levitte <[email protected]>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 7953 AC1F BC3D C8B3 B292 393E D5E9 E43F 7DF9 EE8C $ (cd vendor.checkout/; git status; find . -type f -or -type l | cut -c 3- | sort > ../old) On branch vendor/openssl-3.0 nothing to commit, working tree clean $ tar -x -X $XLIST -f ../openssl-${OSSLVER}.tar.gz -C .. $ rsync --exclude FREEBSD.* --delete -avzz ../openssl-${OSSLVER}/* . $ cat .git gitdir: /home/ngie/git/freebsd-src/.git/worktrees/vendor.checkout $ diff -arq ../openssl-3.0.8 . Only in .: .git Only in .: FREEBSD-Xlist Only in .: FREEBSD-upgrade $ git status FREEBSD* On branch vendor/openssl-3.0 nothing to commit, working tree clean $ ``` Reviewers: emaste, jkim Subscribers: imp, andrew, dab Differential Revision: https://reviews.freebsd.org/D38835

Merge commit 'e4520c8bd1d300a7a338d0ed4af171a2d0e583ef' into khorben/openssl-3.0

With the update to OpenSSL 3.0, engines are installed into a different folder, and modular providers can be installed into a dedicated folder as well.

Ed has a better commit message for this in commit 3e98230.

This also requires lowering the level of warnings for archive_hmac.c when building with OpenSSL 3.

This disables warning-errors for: archive_hmac.c:241:64: error: passing argument 2 of 'OSSL_PARAM_construct_utf8_string' discards 'const' qualifier from pointer target type [-Werror=discarded-qualifiers]

This commit leveraged the updated Makefile.asm in order to re-generate the assembly files provided by OpenSSL.

This casts the second parameter to OSSL_PARAM_construct_utf8_string() as a char * for a string litteral, as documented in EVP_MAC(3).

ec_nistp_64_gcc_128 is only supported on 64-bit systems, but also only on little-endian systems. This fixes the build on PowerPC 64 (big-endian).

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update OpenSSL to version 3.0.8 in the base system #740

Update OpenSSL to version 3.0.8 in the base system #740

Commits on Mar 1, 2023

Commits on Mar 6, 2023

Commits on May 23, 2023