#64008 closed defect (fixed)

openssl3 @3.0.0_5+legacy Random number generation broken on macOS < 10.12 Also affects openssh

Reported by: snowflake (Dave Evans) Owned by: larryv (Lawrence Velázquez)
Priority: Normal Milestone:
Component: ports Version: 2.7.99
Keywords: Cc: neverpanic (Clemens Lang)
Port: openssl3 openssh


I was having problems adding RSA keys to the openssh ssh-agent. This is partly discussed in #63405 . ssh-agent was crashing every time I added an RSA key.

After some debugging I found the problem may be in libcrypto.3.dylib from openssl.

I searched the commits in openssl repo and found

commit: 24cdb1bfecbd765e829b9932a5a60ff63a7dff4b


Author: lprimak <lenny@flowlogix.com>
Date:   2021-09-13 02:21:30 +0100

    MacOS prior to 10.12 does not support random API correctly
    Fixes 16517


and https://github.com/openssl/openssl/pull/16591

I checked out the commit in my local git repo and copied the file include/crypto/rand.h mentioned in the commit to my port work directory and rebuilt and installed openssl3

Adding an RSA key to ssh-agent now worked.

Change History (2)

comment:1 Changed 10 months ago by jmroot (Joshua Root)

Cc: neverpanic added

comment:2 Changed 10 months ago by Chris Jones <jonesc@…>

Resolution: fixed
Status: assignedclosed

In 7314eda2045ddc5dea2a0f970a6fd898f49b9ff2/macports-ports (master):

openssl3: Add Pre-macOS10.12 patch
Closes: #64008

Note: See TracTickets for help on using tickets.