Author: bdubbs
Date: Wed Dec 5 13:39:03 2018
New Revision: 20779
Log:
Archive openssl10 and add qca patch.
Added:
trunk/BOOK/archive/openssl10.xml
- copied unchanged from r20778, trunk/BOOK/postlfs/security/openssl10.xml
Deleted:
trunk/BOOK/postlfs/security/openssl10.xml
Modified:
trunk/BOOK/general/genlib/qca.xml
trunk/BOOK/introduction/welcome/changelog.xml
trunk/BOOK/postlfs/security/security.xml
Copied: trunk/BOOK/archive/openssl10.xml (from r20778,
trunk/BOOK/postlfs/security/openssl10.xml)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ trunk/BOOK/archive/openssl10.xml Wed Dec 5 13:39:03 2018
(r20779, copy of r20778, trunk/BOOK/postlfs/security/openssl10.xml)
@@ -0,0 +1,235 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd"; [
+ <!ENTITY % general-entities SYSTEM "../../general.ent">
+ %general-entities;
+
+ <!ENTITY openssl10-download-http
+ "https://openssl.org/source/openssl-&openssl10-version;.tar.gz";>
+ <!ENTITY openssl10-download-ftp
+ "ftp://openssl.org/source/openssl-&openssl10-version;.tar.gz";>
+ <!ENTITY openssl10-md5sum "7563e1ce046cb21948eeb6ba1a0eb71c">
+ <!ENTITY openssl10-size "5.1 MB">
+ <!ENTITY openssl10-buildsize "74 MB (with tests)">
+ <!ENTITY openssl10-time "1.2 SBU (with tests)">
+]>
+
+<sect1 id="openssl10" xreflabel="OpenSSL-&openssl10-version; Libraries">
+ <?dbhtml filename="openssl10.html"?>
+
+ <sect1info>
+ <othername>$LastChangedBy$</othername>
+ <date>$Date$</date>
+ </sect1info>
+
+ <title>OpenSSL-&openssl10-version;</title>
+
+ <indexterm zone="openssl10">
+ <primary sortas="a-OpenSSL10">OpenSSL-&openssl10-version;</primary>
+ </indexterm>
+
+ <sect2 role="package">
+ <title>Introduction to OpenSSL-&openssl10-version; Libraries</title>
+
+ <para>
+ The <application>OpenSSL-&openssl10-version;</application> package
+ contains libraries relating to cryptography. These are useful for
+ providing cryptographic functions to other packages, such as
+ email applications and web browsers (for accessing HTTPS sites). This
+ package provides only the libraries and headers for packages that have
+ not yet been ported to openssl-1.1.x or later.
+ </para>
+
+ &lfs83_checked;
+
+ <bridgehead renderas="sect3">Package Information</bridgehead>
+ <itemizedlist spacing="compact">
+ <listitem>
+ <para>
+ Download (HTTP): <ulink url="&openssl10-download-http;"/>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Download (FTP): <ulink url="&openssl10-download-ftp;"/>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Download MD5 sum: &openssl10-md5sum;
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Download size: &openssl10-size;
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Estimated disk space required: &openssl10-buildsize;
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Estimated build time: &openssl10-time;
+ </para>
+ </listitem>
+ </itemizedlist>
+
+ <bridgehead renderas="sect3">Additional Downloads</bridgehead>
+
+ <itemizedlist spacing="compact">
+ <listitem>
+ <para>Required patch: <ulink
url="&patch-root;/openssl-&openssl10-version;-compat_versioned_symbols-1.patch"/></para>
+ </listitem>
+ </itemizedlist>
+
+ <bridgehead renderas="sect3">OpenSSL-&openssl10-version;
Dependencies</bridgehead>
+
+ <bridgehead renderas="sect4">Optional</bridgehead>
+ <para role="optional">
+ <xref linkend="mitkrb"/>
+ </para>
+
+ <para condition="html" role="usernotes">
+ User Notes: <ulink url='&blfs-wiki;/OpenSSL'/>
+ </para>
+ </sect2>
+
+ <sect2 role="installation">
+ <title>Installation of OpenSSL-&openssl10-version; Libraries</title>
+
+ <note>
+ <para>
+ This package does not support parallel build.
+ </para>
+ </note>
+
+ <para>
+ Install <application>OpenSSL-&openssl10-version; Libraries</application>
+ with the following commands:
+ </para>
+
+
+<screen><userinput> patch -Np1 -i
../openssl-&openssl10-version;-compat_versioned_symbols-1.patch &&
+
+./config --prefix=/usr \
+ --openssldir=/etc/ssl \
+ --libdir=lib/openssl-1.0 \
+ shared \
+ zlib-dynamic &&
+
+make depend &&
+make -j1</userinput></screen>
+
+ <para>
+ To test the results, issue: <command>make -j1 test</command>. The
+ test suite does not support parallel jobs.
+ </para>
+
+ <para>
+ Now, as the <systemitem class="username">root</systemitem> user:
+ </para>
+
+<screen role="root"><userinput>make INSTALL_PREFIX=$PWD/Dest install_sw
&&
+
+rm -rf /usr/lib/openssl-1.0 &&
+install -vdm755 /usr/lib/openssl-1.0 &&
+cp -Rv Dest/usr/lib/openssl-1.0/* /usr/lib/openssl-1.0 &&
+
+mv -v /usr/lib/openssl-1.0/lib{crypto,ssl}.so.1.0.0 /usr/lib &&
+ln -sv ../libssl.so.1.0.0 /usr/lib/openssl-1.0 &&
+ln -sv ../libcrypto.so.1.0.0 /usr/lib/openssl-1.0 &&
+
+install -vdm755 /usr/include/openssl-1.0 &&
+cp -Rv Dest/usr/include/openssl /usr/include/openssl-1.0 &&
+
+sed 's@/include$@/include/openssl-1.0@' -i
/usr/lib/openssl-1.0/pkgconfig/*.pc</userinput></screen>
+
+ </sect2>
+
+ <sect2 role="commands">
+ <title>Command Explanations</title>
+
+ <para>
+ <parameter>shared</parameter>: This parameter forces the creation of
+ shared libraries along with the static libraries.
+ </para>
+
+ <para>
+ <parameter>zlib-dynamic</parameter>: This parameter adds
+ compression/decompression functionality using the
+ <filename class="libraryfile">libz</filename> library.
+ </para>
+
+ <para>
+ <parameter>rm -rf /usr/lib/openssl-1.0</parameter>: This will do
+ nothing on a first install, but enables a later update. During the
+ install the libraries are moved and replaced by symlinks. If you later
+ upgrade to a future release of <application>openssl-1.0.2</application>
+ to fix newly discovered vulnerabilities, without this command the move
+ would fail because the symlinks mean the source and destination files
+ are identical.
+ </para>
+
+ </sect2>
+
+ <sect2 role="content">
+ <title>Contents</title>
+
+ <segmentedlist>
+ <segtitle>Installed Libraries</segtitle>
+ <segtitle>Installed Directories</segtitle>
+
+ <seglistitem>
+ <seg>
+ libcrypto.so.1.0.0 and libssl.so.1.0.0
+ </seg>
+ <seg>
+ /usr/lib/openssl-1.0 and /usr/include/openssl-1.0
+ </seg>
+ </seglistitem>
+ </segmentedlist>
+
+ <variablelist>
+ <bridgehead renderas="sect3">Short Descriptions</bridgehead>
+ <?dbfo list-presentation="list"?>
+ <?dbhtml list-presentation="table"?>
+
+ <varlistentry id="libcrypto10">
+ <term><filename
class="libraryfile">libcrypto.so.1.0.0</filename></term>
+ <listitem>
+ <para>
+ implements a wide range of cryptographic algorithms used in various
+ Internet standards. The services provided by this library are used
+ by the <application>OpenSSL</application> implementations of SSL,
+ TLS and S/MIME, and they have also been used to implement
+ <application>OpenSSH</application>,
+ <application>OpenPGP</application>, and other cryptographic
+ standards.
+ </para>
+ <indexterm zone="openssl10 libcrypto10">
+ <primary sortas="c-libcrypto10">libcrypto.so.1.0.0</primary>
+ </indexterm>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="libssl10">
+ <term><filename class="libraryfile">libssl.so.1.0.0</filename></term>
+ <listitem>
+ <para>
+ implements the Transport Layer Security (TLS v1) protocol.
+ It provides a rich API, documentation
+ on which can be found by running <command>man 3 ssl</command>.
+ </para>
+ <indexterm zone="openssl10 libssl10">
+ <primary sortas="c-libssl10">libssl.so.1.0.0</primary>
+ </indexterm>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
+
+ </sect2>
+
+</sect1>
Modified: trunk/BOOK/general/genlib/qca.xml
==============================================================================
--- trunk/BOOK/general/genlib/qca.xml Wed Dec 5 09:25:23 2018 (r20778)
+++ trunk/BOOK/general/genlib/qca.xml Wed Dec 5 13:39:03 2018 (r20779)
@@ -57,6 +57,16 @@
<para>Estimated build time: &qca-time;</para>
</listitem>
</itemizedlist>
+
+ <bridgehead renderas="sect3">Additional Downloads</bridgehead>
+ <itemizedlist spacing="compact">
+ <listitem>
+ <para>
+ Required patch:
+ <ulink url="&patch-root;/qca-&qca-version;-openssl-1.patch"/>
+ </para>
+ </listitem>
+ </itemizedlist>
<bridgehead renderas="sect3">Qca Dependencies</bridgehead>
@@ -76,7 +86,6 @@
<xref linkend="libgpg-error"/>,
<xref linkend="nss"/>,
<xref linkend="nspr"/>,
- <xref linkend="openssl10"/>,
<xref linkend="p11-kit"/>,
<xref linkend="doxygen"/>, and
<xref linkend="which"/>
@@ -90,6 +99,10 @@
<sect2 role="installation">
<title>Installation of Qca</title>
+ <para>Use <application>openssl-1.1</application>:</para>
+
+<screen><userinput>patch -Np1 -i
../qca-2.1.3-openssl-1.patch</userinput></screen>
+
<para>Fix the location of the CA certificates:</para>
<screen><userinput>sed -i '[email protected]@certs/ca-bundle.crt@'
CMakeLists.txt</userinput></screen>
@@ -110,7 +123,8 @@
make</userinput></screen>
- <para>To test the results, issue <command>make test</command>.</para>
+ <para>To test the results, issue <command>make test</command>. One
+ test is known to fail.</para>
<para>Now, as the <systemitem class="username">root</systemitem>
user:</para>
@@ -139,7 +153,16 @@
<seglistitem>
<seg>mozcerts-qt5 and qcatool-qt5</seg>
- <seg>libqca-qt5.so</seg>
+ <seg>
+ libqca-qt5.so,
+ libqca-cyrus-sasl.so,
+ libqca-gcrypt.so,
+ libqca-gnupg.so,
+ libqca-logger.so,
+ libqca-nss.so,
+ libqca-ossl.so, and
+ libqca-softstore.so
+ </seg>
<seg>
&qt5-dir;/include/Qca-qt5,
&qt5-dir;/lib/cmake/Qca-qt5, and
Modified: trunk/BOOK/introduction/welcome/changelog.xml
==============================================================================
--- trunk/BOOK/introduction/welcome/changelog.xml Wed Dec 5 09:25:23
2018 (r20778)
+++ trunk/BOOK/introduction/welcome/changelog.xml Wed Dec 5 13:39:03
2018 (r20779)
@@ -45,6 +45,10 @@
<para>December 5th, 2018</para>
<itemizedlist>
<listitem>
+ <para>[bdubbs] - Archive openssl10 and add qca patch. Fixes
+ <ulink url="&blfs-ticket-root;11407">#11407</ulink>.</para>
+ </listitem>
+ <listitem>
<para>[timtas] - Update to thunderbird-60.3.2. Fixes
<ulink url="&blfs-ticket-root;11394">#11394</ulink>.</para>
</listitem>
Modified: trunk/BOOK/postlfs/security/security.xml
==============================================================================
--- trunk/BOOK/postlfs/security/security.xml Wed Dec 5 09:25:23 2018
(r20778)
+++ trunk/BOOK/postlfs/security/security.xml Wed Dec 5 13:39:03 2018
(r20779)
@@ -66,8 +66,8 @@
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude"; href="nettle.xml"/>
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude"; href="nss.xml"/>
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude"; href="openssh.xml"/>
-<!-- <xi:include xmlns:xi="http://www.w3.org/2001/XInclude";
href="openssl.xml"/> -->
- <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"; href="openssl10.xml"/>
+<!-- <xi:include xmlns:xi="http://www.w3.org/2001/XInclude";
href="openssl.xml"/> -->
+<!-- <xi:include xmlns:xi="http://www.w3.org/2001/XInclude";
href="openssl10.xml"/> -->
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude"; href="p11-kit.xml"/>
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude"; href="polkit.xml"/>
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude"; href="shadow.xml"/>
--
http://lists.linuxfromscratch.org/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
