Author: bdubbs Date: Wed Dec 5 13:39:03 2018 New Revision: 20779 Log: Archive openssl10 and add qca patch.
Added: trunk/BOOK/archive/openssl10.xml - copied unchanged from r20778, trunk/BOOK/postlfs/security/openssl10.xml Deleted: trunk/BOOK/postlfs/security/openssl10.xml Modified: trunk/BOOK/general/genlib/qca.xml trunk/BOOK/introduction/welcome/changelog.xml trunk/BOOK/postlfs/security/security.xml Copied: trunk/BOOK/archive/openssl10.xml (from r20778, trunk/BOOK/postlfs/security/openssl10.xml) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ trunk/BOOK/archive/openssl10.xml Wed Dec 5 13:39:03 2018 (r20779, copy of r20778, trunk/BOOK/postlfs/security/openssl10.xml) @@ -0,0 +1,235 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" + "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [ + <!ENTITY % general-entities SYSTEM "../../general.ent"> + %general-entities; + + <!ENTITY openssl10-download-http + "https://openssl.org/source/openssl-&openssl10-version;.tar.gz"> + <!ENTITY openssl10-download-ftp + "ftp://openssl.org/source/openssl-&openssl10-version;.tar.gz"> + <!ENTITY openssl10-md5sum "7563e1ce046cb21948eeb6ba1a0eb71c"> + <!ENTITY openssl10-size "5.1 MB"> + <!ENTITY openssl10-buildsize "74 MB (with tests)"> + <!ENTITY openssl10-time "1.2 SBU (with tests)"> +]> + +<sect1 id="openssl10" xreflabel="OpenSSL-&openssl10-version; Libraries"> + <?dbhtml filename="openssl10.html"?> + + <sect1info> + <othername>$LastChangedBy$</othername> + <date>$Date$</date> + </sect1info> + + <title>OpenSSL-&openssl10-version;</title> + + <indexterm zone="openssl10"> + <primary sortas="a-OpenSSL10">OpenSSL-&openssl10-version;</primary> + </indexterm> + + <sect2 role="package"> + <title>Introduction to OpenSSL-&openssl10-version; Libraries</title> + + <para> + The <application>OpenSSL-&openssl10-version;</application> package + contains libraries relating to cryptography. These are useful for + providing cryptographic functions to other packages, such as + email applications and web browsers (for accessing HTTPS sites). This + package provides only the libraries and headers for packages that have + not yet been ported to openssl-1.1.x or later. + </para> + + &lfs83_checked; + + <bridgehead renderas="sect3">Package Information</bridgehead> + <itemizedlist spacing="compact"> + <listitem> + <para> + Download (HTTP): <ulink url="&openssl10-download-http;"/> + </para> + </listitem> + <listitem> + <para> + Download (FTP): <ulink url="&openssl10-download-ftp;"/> + </para> + </listitem> + <listitem> + <para> + Download MD5 sum: &openssl10-md5sum; + </para> + </listitem> + <listitem> + <para> + Download size: &openssl10-size; + </para> + </listitem> + <listitem> + <para> + Estimated disk space required: &openssl10-buildsize; + </para> + </listitem> + <listitem> + <para> + Estimated build time: &openssl10-time; + </para> + </listitem> + </itemizedlist> + + <bridgehead renderas="sect3">Additional Downloads</bridgehead> + + <itemizedlist spacing="compact"> + <listitem> + <para>Required patch: <ulink url="&patch-root;/openssl-&openssl10-version;-compat_versioned_symbols-1.patch"/></para> + </listitem> + </itemizedlist> + + <bridgehead renderas="sect3">OpenSSL-&openssl10-version; Dependencies</bridgehead> + + <bridgehead renderas="sect4">Optional</bridgehead> + <para role="optional"> + <xref linkend="mitkrb"/> + </para> + + <para condition="html" role="usernotes"> + User Notes: <ulink url='&blfs-wiki;/OpenSSL'/> + </para> + </sect2> + + <sect2 role="installation"> + <title>Installation of OpenSSL-&openssl10-version; Libraries</title> + + <note> + <para> + This package does not support parallel build. + </para> + </note> + + <para> + Install <application>OpenSSL-&openssl10-version; Libraries</application> + with the following commands: + </para> + + +<screen><userinput> patch -Np1 -i ../openssl-&openssl10-version;-compat_versioned_symbols-1.patch && + +./config --prefix=/usr \ + --openssldir=/etc/ssl \ + --libdir=lib/openssl-1.0 \ + shared \ + zlib-dynamic && + +make depend && +make -j1</userinput></screen> + + <para> + To test the results, issue: <command>make -j1 test</command>. The + test suite does not support parallel jobs. + </para> + + <para> + Now, as the <systemitem class="username">root</systemitem> user: + </para> + +<screen role="root"><userinput>make INSTALL_PREFIX=$PWD/Dest install_sw && + +rm -rf /usr/lib/openssl-1.0 && +install -vdm755 /usr/lib/openssl-1.0 && +cp -Rv Dest/usr/lib/openssl-1.0/* /usr/lib/openssl-1.0 && + +mv -v /usr/lib/openssl-1.0/lib{crypto,ssl}.so.1.0.0 /usr/lib && +ln -sv ../libssl.so.1.0.0 /usr/lib/openssl-1.0 && +ln -sv ../libcrypto.so.1.0.0 /usr/lib/openssl-1.0 && + +install -vdm755 /usr/include/openssl-1.0 && +cp -Rv Dest/usr/include/openssl /usr/include/openssl-1.0 && + +sed 's@/include$@/include/openssl-1.0@' -i /usr/lib/openssl-1.0/pkgconfig/*.pc</userinput></screen> + + </sect2> + + <sect2 role="commands"> + <title>Command Explanations</title> + + <para> + <parameter>shared</parameter>: This parameter forces the creation of + shared libraries along with the static libraries. + </para> + + <para> + <parameter>zlib-dynamic</parameter>: This parameter adds + compression/decompression functionality using the + <filename class="libraryfile">libz</filename> library. + </para> + + <para> + <parameter>rm -rf /usr/lib/openssl-1.0</parameter>: This will do + nothing on a first install, but enables a later update. During the + install the libraries are moved and replaced by symlinks. If you later + upgrade to a future release of <application>openssl-1.0.2</application> + to fix newly discovered vulnerabilities, without this command the move + would fail because the symlinks mean the source and destination files + are identical. + </para> + + </sect2> + + <sect2 role="content"> + <title>Contents</title> + + <segmentedlist> + <segtitle>Installed Libraries</segtitle> + <segtitle>Installed Directories</segtitle> + + <seglistitem> + <seg> + libcrypto.so.1.0.0 and libssl.so.1.0.0 + </seg> + <seg> + /usr/lib/openssl-1.0 and /usr/include/openssl-1.0 + </seg> + </seglistitem> + </segmentedlist> + + <variablelist> + <bridgehead renderas="sect3">Short Descriptions</bridgehead> + <?dbfo list-presentation="list"?> + <?dbhtml list-presentation="table"?> + + <varlistentry id="libcrypto10"> + <term><filename class="libraryfile">libcrypto.so.1.0.0</filename></term> + <listitem> + <para> + implements a wide range of cryptographic algorithms used in various + Internet standards. The services provided by this library are used + by the <application>OpenSSL</application> implementations of SSL, + TLS and S/MIME, and they have also been used to implement + <application>OpenSSH</application>, + <application>OpenPGP</application>, and other cryptographic + standards. + </para> + <indexterm zone="openssl10 libcrypto10"> + <primary sortas="c-libcrypto10">libcrypto.so.1.0.0</primary> + </indexterm> + </listitem> + </varlistentry> + + <varlistentry id="libssl10"> + <term><filename class="libraryfile">libssl.so.1.0.0</filename></term> + <listitem> + <para> + implements the Transport Layer Security (TLS v1) protocol. + It provides a rich API, documentation + on which can be found by running <command>man 3 ssl</command>. + </para> + <indexterm zone="openssl10 libssl10"> + <primary sortas="c-libssl10">libssl.so.1.0.0</primary> + </indexterm> + </listitem> + </varlistentry> + + </variablelist> + + </sect2> + +</sect1> Modified: trunk/BOOK/general/genlib/qca.xml ============================================================================== --- trunk/BOOK/general/genlib/qca.xml Wed Dec 5 09:25:23 2018 (r20778) +++ trunk/BOOK/general/genlib/qca.xml Wed Dec 5 13:39:03 2018 (r20779) @@ -57,6 +57,16 @@ <para>Estimated build time: &qca-time;</para> </listitem> </itemizedlist> + + <bridgehead renderas="sect3">Additional Downloads</bridgehead> + <itemizedlist spacing="compact"> + <listitem> + <para> + Required patch: + <ulink url="&patch-root;/qca-&qca-version;-openssl-1.patch"/> + </para> + </listitem> + </itemizedlist> <bridgehead renderas="sect3">Qca Dependencies</bridgehead> @@ -76,7 +86,6 @@ <xref linkend="libgpg-error"/>, <xref linkend="nss"/>, <xref linkend="nspr"/>, - <xref linkend="openssl10"/>, <xref linkend="p11-kit"/>, <xref linkend="doxygen"/>, and <xref linkend="which"/> @@ -90,6 +99,10 @@ <sect2 role="installation"> <title>Installation of Qca</title> + <para>Use <application>openssl-1.1</application>:</para> + +<screen><userinput>patch -Np1 -i ../qca-2.1.3-openssl-1.patch</userinput></screen> + <para>Fix the location of the CA certificates:</para> <screen><userinput>sed -i 's...@cert.pem@certs/ca-bundle.crt@' CMakeLists.txt</userinput></screen> @@ -110,7 +123,8 @@ make</userinput></screen> - <para>To test the results, issue <command>make test</command>.</para> + <para>To test the results, issue <command>make test</command>. One + test is known to fail.</para> <para>Now, as the <systemitem class="username">root</systemitem> user:</para> @@ -139,7 +153,16 @@ <seglistitem> <seg>mozcerts-qt5 and qcatool-qt5</seg> - <seg>libqca-qt5.so</seg> + <seg> + libqca-qt5.so, + libqca-cyrus-sasl.so, + libqca-gcrypt.so, + libqca-gnupg.so, + libqca-logger.so, + libqca-nss.so, + libqca-ossl.so, and + libqca-softstore.so + </seg> <seg> &qt5-dir;/include/Qca-qt5, &qt5-dir;/lib/cmake/Qca-qt5, and Modified: trunk/BOOK/introduction/welcome/changelog.xml ============================================================================== --- trunk/BOOK/introduction/welcome/changelog.xml Wed Dec 5 09:25:23 2018 (r20778) +++ trunk/BOOK/introduction/welcome/changelog.xml Wed Dec 5 13:39:03 2018 (r20779) @@ -45,6 +45,10 @@ <para>December 5th, 2018</para> <itemizedlist> <listitem> + <para>[bdubbs] - Archive openssl10 and add qca patch. Fixes + <ulink url="&blfs-ticket-root;11407">#11407</ulink>.</para> + </listitem> + <listitem> <para>[timtas] - Update to thunderbird-60.3.2. Fixes <ulink url="&blfs-ticket-root;11394">#11394</ulink>.</para> </listitem> Modified: trunk/BOOK/postlfs/security/security.xml ============================================================================== --- trunk/BOOK/postlfs/security/security.xml Wed Dec 5 09:25:23 2018 (r20778) +++ trunk/BOOK/postlfs/security/security.xml Wed Dec 5 13:39:03 2018 (r20779) @@ -66,8 +66,8 @@ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="nettle.xml"/> <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="nss.xml"/> <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="openssh.xml"/> -<!-- <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="openssl.xml"/> --> - <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="openssl10.xml"/> +<!-- <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="openssl.xml"/> --> +<!-- <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="openssl10.xml"/> --> <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="p11-kit.xml"/> <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="polkit.xml"/> <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="shadow.xml"/> -- http://lists.linuxfromscratch.org/listinfo/blfs-book FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page