Re: Is it possible to force an application to use newer OpenSSL from pkgsrc?
On Mon, Mar 29, 2021 at 12:11 AM Jason Mitchell wrote: > > Sorry for top posting, but the app is compiled against libcrypyo.so.14 > (openssl 1.1.1g) whereas I want it to use libcrypto.so.1.1 (OpenSSL 1.1.1i) OpenSSL 1.1.x are all binary compatible. You can swap them in and out. For example, you can swap OpenSSL 1.1.0a and 1.1.1k and everything will work as expected. Also see https://www.openssl.org/policies/releasestrat.html in the OpenSSL FAQ. Jeff
Re: Is it possible to force an application to use newer OpenSSL from pkgsrc?
Sorry for top posting, but the app is compiled against libcrypyo.so.14 (openssl 1.1.1g) whereas I want it to use libcrypto.so.1.1 (OpenSSL 1.1.1i) But your solution is useful info. Thanks! Jason M. Get BlueMail for Android On Mar 28, 2021, 5:22 PM, at 5:22 PM, RVP wrote: >On Sun, 28 Mar 2021, Jason Mitchell wrote: > >> I'm running into some problems with stunnel and I'd like to have >stunnel use >> the newer stunnel in pkgsrc. Currently it's using 1.1.1g (which I >assume is >> installed with 9.1). Recompiling stunnel didn't help matters. >> >> Any suggestions are welcome. If I should/could provide more >information >> please let me know. >> > >As the library versions seem the same, try: > >echo /usr/pkg/lib >> /etc/ld.so.conf > >This is a global change. Another way is to set >LD_LIBRARY_PATH=/usr/pkg/lib _only_ for stunnel: > >env LD_LIBRARY_PATH=/usr/pkg/lib stunnel ... > >Wrap it up in a shell-script. > >-RVP
Re: Is it possible to force an application to use newer OpenSSL from pkgsrc?
On Sun, 28 Mar 2021, Jason Mitchell wrote: Sorry for top posting, but the app is compiled against libcrypyo.so.14 (openssl 1.1.1g) whereas I want it to use libcrypto.so.1.1 (OpenSSL 1.1.1i) Well, there are ways of working around that problem too, for security-related apps, best to recompile against the version you want. -RVP
Re: Is it possible to force an application to use newer OpenSSL from pkgsrc?
On Sun, 28 Mar 2021, Jason Mitchell wrote: I'm running into some problems with stunnel and I'd like to have stunnel use the newer stunnel in pkgsrc. Currently it's using 1.1.1g (which I assume is installed with 9.1). Recompiling stunnel didn't help matters. Any suggestions are welcome. If I should/could provide more information please let me know. As the library versions seem the same, try: echo /usr/pkg/lib >> /etc/ld.so.conf This is a global change. Another way is to set LD_LIBRARY_PATH=/usr/pkg/lib _only_ for stunnel: env LD_LIBRARY_PATH=/usr/pkg/lib stunnel ... Wrap it up in a shell-script. -RVP
Is it possible to force an application to use newer OpenSSL from pkgsrc?
Hello, I'm running into some problems with stunnel and I'd like to have stunnel use the newer stunnel in pkgsrc. Currently it's using 1.1.1g (which I assume is installed with 9.1). Recompiling stunnel didn't help matters. Any suggestions are welcome. If I should/could provide more information please let me know. Thanks! Jason M. root@sevenofnine:/usr/lib# /usr/pkg/bin/openssl version OpenSSL 1.1.1i 8 Dec 2020 root@sevenofnine:/usr/lib# /usr/bin/openssl version OpenSSL 1.1.1g 21 Apr 2020 root@sevenofnine:/usr/lib# ldd /usr/bin/openssl /usr/bin/openssl: -lssl.14 => /usr/lib/libssl.so.14 -lcrypto.14 => /usr/lib/libcrypto.so.14 -lcrypt.1 => /usr/lib/libcrypt.so.1 -lc.12 => /usr/lib/libc.so.12 root@sevenofnine:/usr/lib# ldd /usr/lib/bin/openssl ldd: /usr/lib/bin/openssl: No such file or directory root@sevenofnine:/usr/lib# ldd /usr/pkg/bin/openssl /usr/pkg/bin/openssl: -lssl.1.1 => /usr/pkg/lib/libssl.so.1.1 -lcrypto.1.1 => /usr/pkg/lib/libcrypto.so.1.1 -lpthread.1 => /usr/lib/libpthread.so.1 -lc.12 => /usr/lib/libc.so.12 root@sevenofnine:/usr/lib# ldd /usr/pkg/bin/stunnel /usr/pkg/bin/stunnel: -lssl.14 => /usr/lib/libssl.so.14 -lcrypto.14 => /usr/lib/libcrypto.so.14 -lcrypt.1 => /lib/libcrypt.so.1 -lc.12 => /usr/lib/libc.so.12 -lutil.7 => /usr/lib/libutil.so.7 -lwrap.1 => /usr/lib/libwrap.so.1 -lpthread.1 => /usr/lib/libpthread.so.1 root@sevenofnine:/usr/lib# /usr/pkg/bin/stunnel -v [ ] Initializing inetd mode configuration [ ] Clients allowed=500 [.] stunnel 5.57 on x86_64--netbsd platform [.] Compiled/running with OpenSSL 1.1.1g 21 Apr 2020 [.] Threading:PTHREAD Sockets:POLL,IPv6 TLS:ENGINE,OCSP,PSK,SNI Auth:LIBWRAP
project primarily for experienced users?
would netbsd be categorized as a project that is primarily meant for people who are experienced at the unix way? i haven't experienced any hostility out here (unlike at openbsd), but the typical default install does feel scary.
Re: project primarily for experienced users?
On 393 Mar 2020, Ottavio Caruso wrote: > You're right in thinking NetBSD/pkgsrc have the best community around. > However, the OpenBSD crowd are not really hostile. They bark a lot but > don't bite. Heh, still, thanks guys for not unduly barking. Even when some directness or correction is called for, this list typically still affords some benefit of the doubt and remains politely helpful. -- Mark
Re: project primarily for experienced users?
On 28/03/2021 14:15, Mayuresh Kathe wrote: would netbsd be categorized as a project that is primarily meant for people who are experienced at the unix way? i haven't experienced any hostility out here (unlike at openbsd), but the typical default install does feel scary. Any exposure to Unix is good, whether it is BSD, Solaris, Linux or even Android or MacOS. You're right in thinking NetBSD/pkgsrc have the best community around. However, the OpenBSD crowd are not really hostile. They bark a lot but don't bite. -- Ottavio Caruso
