Hi Gustaf, Thank you for your response and the information.
I did not have any issues with previous OpenSSL updates, although I had not installed 3.x versions. Best regards. Thorpe Thorpe Mayes (512) 394-8766 > On 6 Nov 2022, at 11:34, Gustaf Neumann <neum...@wu.ac.at> wrote: > > > Dear Thorpe, > > it looks like you have now two versions of openssl installed on your system, > since the output "1.0.2k-fips" comes straight from the library. So, if you > see this string, the library is still there. > > One can check the version used during linkage via > > ldd /usr/local/ns/bin/nsd > > When upgrading to OpenSSL 3.*, it is recommended to recompile NaviServer > (make clean, configure ..., make, make install) such that NaviServer can use > the newer library calls. When the path to the openssl libary is not specified > explicitly, configure uses "pkg-config --libs openssl" to determine the > path the the library. > > all the best > > -g > > PS Btw, OpenACS.org runs with OpenSSL 3.2.0-dev > > On 06.11.22 13:47, THORPE MAYES via naviserver-devel wrote: >> Hi, >> >> I updated OpenSSL on my server to version 3.0.7. >> >> Prior to updating, openssl version -a showed: >> >> OpenSSL 1.0.2k-fips 26 Jan 2017 >> built on: reproducible build, date unspecified >> platform: linux-x86_64 >> options: bn(64,64) md2(int) rc4(16x,int) des(idx,cisc,16,int) idea(int) >> blowfish(idx) >> compiler: gcc -I. -I.. -I../include -fPIC -DOPENSSL_PIC -DZLIB >> -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DKRB5_MIT -m64 >> -DL_ENDIAN -Wall -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions >> -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches >> -m64 -mtune=generic -Wa,--noexecstack -DPURIFY -DOPENSSL_IA32_SSE2 >> -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DRC4_ASM >> -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM >> -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM >> OPENSSLDIR: "/etc/pki/tls" >> engines: rdrand dynamic >> >> After updating, openssl version -a showed: >> >> OpenSSL 3.0.7 1 Nov 2022 (Library: OpenSSL 3.0.7 1 Nov 2022) >> built on: Sat Nov 5 14:56:48 2022 UTC >> platform: linux-x86_64 >> options: bn(64,64) >> compiler: gcc -fPIC -pthread -m64 -Wa,--noexecstack -Wall -O3 >> -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_BUILDING_OPENSSL >> -DZLIB -DNDEBUG >> OPENSSLDIR: "/etc/ssl" >> ENGINESDIR: "/etc/ssl/lib64/engines-3" >> MODULESDIR: "/etc/ssl/lib64/ossl-modules" >> Seeding source: os-specific >> CPUINFO: OPENSSL_ia32cap=0xfffa3203478bffff:0x7a9 >> >> When I restart naviserver I see this in the log file: >> >> Notice: OpenSSL OpenSSL 1.0.2k-fips 26 Jan 2017 initialized >> >> That is the previous version of OpenSSL on the server. >> >> What do I need to change in order for naviserver to use the current version >> of OpenSSL? Or, does it matter? >> >> When I updated to naviserver version 4.99.24 my configuration was: >> ./configure --prefix=/usr/local/ns --with-tcl=/usr/local/ns/lib >> --enable-symbols >> >> >> Thorpe > _______________________________________________ > naviserver-devel mailing list > naviserver-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/naviserver-devel
_______________________________________________ naviserver-devel mailing list naviserver-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/naviserver-devel
