lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <aa561e423906b175c73afbd6248a0a5dff0b079c.camel@linux.intel.com>
Date:   Thu, 21 Jul 2022 13:08:25 -0700
From:   Kristen Carlson Accardi <kristen@...ux.intel.com>
To:     Dave Hansen <dave.hansen@...el.com>, linux-kernel@...r.kernel.org,
        Jarkko Sakkinen <jarkko@...nel.org>,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        Shuah Khan <shuah@...nel.org>
Cc:     linux-sgx@...r.kernel.org, linux-kselftest@...r.kernel.org
Subject: Re: [PATCH] selftests/sgx: Ignore OpenSSL 3.0 deprecated functions
 warning

On Thu, 2022-07-21 at 13:02 -0700, Dave Hansen wrote:
> On 7/21/22 12:40, Kristen Carlson Accardi wrote:
> > OpenSSL 3.0 deprecates some of the functions used in the SGX
> > selftests, causing build errors on new distros. For now ignore
> > the warnings until support for the functions is no longer
> > available.
> 
> Are there some better functions we should be moving to?

I looked into this actually as my first choice, but the problem I had
was that the recommended new functions weren't available on other
OpenSSL libraries, and we'd have to add compatibility macros and stuff,
so it seemed to me that the less complicated thing to do was wait till
OpenSSL 1 was just not widely deployed anymore. This strategy is also
being used in other scripts in the kernel.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ