[Pkg-openssl-devel] Bug#941987: Bug#941987: Bug#941987: libssl1.1: Ciphers AES-*-CBC-HMAC-* are missing in libssl 1.1.1d, but available in 1.1.1c
Sebastian Andrzej Siewior
sebastian at breakpoint.cc
Tue Oct 8 22:21:23 BST 2019
On 2019-10-08 22:51:02 [+0200], Kurt Roeckx wrote:
> On Tue, Oct 08, 2019 at 10:15:33PM +0200, Ondřej Surý wrote:
> > The one package particularly hit by this is PHP.
> >
> > The openssl_get_cipher_methods() function does list the hmac variants with 1.1.1c, but it doesn’t with 1.1.1d, so there’s definitely a regression somewhere.
>
> Is this something that's fixed by
> https://github.com/openssl/openssl/pull/10074?
| #include <openssl/ssl.h>
|
| static void show_ciphers(const OBJ_NAME *name, void *arg)
| {
| printf("%-25s\n", name->name);
| }
|
| int main(void)
| {
| if (!OPENSSL_init_ssl(OPENSSL_INIT_ENGINE_ALL_BUILTIN |
| OPENSSL_INIT_LOAD_CONFIG, NULL))
| return 1;
|
| printf("Supported:\n");
| OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH, show_ciphers, NULL);
| return 0;
| }
shows
|$ diff -u c d
|--- c 2019-10-08 23:18:02.336236444 +0200
|+++ d 2019-10-08 23:17:48.064177075 +0200
|@@ -1,7 +1,5 @@
| Supported:
| aes-128-cbc
|-aes-128-cbc-hmac-sha1
|-aes-128-cbc-hmac-sha256
| aes-128-ccm
| aes-128-cfb
| aes-128-cfb1
|@@ -23,8 +21,6 @@
| aes-192-ocb
| aes-192-ofb
| aes-256-cbc
|-aes-256-cbc-hmac-sha1
|-aes-256-cbc-hmac-sha256
| aes-256-ccm
| aes-256-cfb
| aes-256-cfb1
> Kurt
Sebastian
More information about the Pkg-openssl-devel
mailing list