RE: RPM Source code version
-Original Message- From: Richard Levitte - VMS Whacker [mailto:[EMAIL PROTECTED]] Sent: 20 November 2001 19:42 To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: RPM Source code version From: Eric Daigneault [EMAIL PROTECTED] scouby At 03:40 PM CN=a2011in.O=acv0111 +, you wrote: scouby RedHat use libcrypto.so.1 (name of the file), but when you install the scouby source, the name of the file is libcrypto.so.0. Go ask RH why they did scouby that, cause it's was stupid ! The reason is probably that RH started producing shared libraries of OpenSSL before we had gotten started on it. So they probably had some idea of what scheme they wanted to use and went ahead with it. The stupid part was probably that they didn't bother talking with us (or perhaps they did, but that was before my time as OpenSSL developer then). I think openssl was released for RedHat 6.2 on April 17th this year (see http://www.redhat.com/support/errata/RHSA-2001-051.html) although this may have been an update to a previous version. I never touched it, as it wasn't necessary and the OS didn't require it. Since RedHat 7.0 it's basically been an essential part of the OS (although I've only tried it on 7.1 and 7.2). It does look like they didn't consult openssl developers before they produced their shared libraries, but I don't think they would object to being contacted now. Any changes could be put into a future edition. However, the version they package has a number of changes, eg they remove certain crypto algorithms that are patented in the US. I had a brief discussion with one of their staff on this list about making a non-US package available, but the sticking point with that is how to integrate it with their up2date tool. Unless we have US and non-US versions of RedHat I think we'll be stuck with that one. Incidentally, the hack of using a symlink doesn't work for all packages, eg openssh still doesn't like the existence of different libraries to the libraries it was compiled against. - John Airey Internet systems support officer, ITCSD, Royal National Institute for the Blind, Bakewell Road, Peterborough PE2 6XU, Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 [EMAIL PROTECTED] - NOTICE: The information contained in this email and any attachments is confidential and may be legally privileged. If you are not the intended recipient you are hereby notified that you must not use, disclose, distribute, copy, print or rely on this email's content. If you are not the intended recipient, please notify the sender immediately and then delete the email and any attachments from your system. RNIB has made strenuous efforts to ensure that emails and any attachments generated by its staff are free from viruses. However, it cannot accept any responsibility for any viruses which are transmitted. We therefore recommend you scan all attachments. Please note that the statements and views expressed in this email and any attachments are those of the author and do not necessarily represent those of RNIB. RNIB Registered Charity Number: 226227 Website: http://www.rnib.org.uk __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: RPM Source code version
Anyone knows how to install Redhat 7.2 RPM version of openssl over the Redhat 7.1 RPM version openssl? It seems that even if I do this rpm -Fvh --nodeps openssl-0.9.6b-8.i386.rpm there will be some ssl library files missing when I launch KDE or some other apps. Thanks Joe Orton wrote: On Tue, Nov 20, 2001 at 03:40:32PM +, [EMAIL PROTECTED] wrote: Hi Sirs, I'm running RedHat 7.1 with kernel 2.4.3-12 on my Intel P3 866 system. Recently, I just removed the openssl package that came with RedHat 7.1 and I installed the source package from the openssl website. After this I was not able to use most of my apps(like ssh, dig, nslookup, KDE) There is always an error saying libcrypto.so.1 not found. I really need the source code version cause sendmail STARTTLS requires it. In general it is not a good idea to replace packaged system libraries with ones you have compiled yourself, this is a recipe for disaster. Can both type of openssl package work happily on the same machine? If its not possible, is there any way for me to use the source code version without affecting my other apps? I would reinstalling the RPM, and installing your compiled OpenSSL somewhere other than /usr, e.g. using ./Configure --prefix=/opt/myopenssl (and then make sendmail pick up your compiled OpenSSL rather than the system one) Regards, joe __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: RPM Source code version
On Thu, Nov 22, 2001 at 01:44:57AM +0800, Lim Kwang Eng wrote: Anyone knows how to install Redhat 7.2 RPM version of openssl over the Redhat 7.1 RPM version openssl? You need to get the openssl096 compatibility package; ftp://rpmfind.net/linux/redhat/7.2/en/os/i386/RedHat/RPMS/openssl096-0.9.6-6.i386.rpm then upgrade them in a single command; rpm -Uvh openssl-0.9.6b-8.i386.rpm openssl096-0.9.6-6.i386 (and add the new openssl-devel package in there too if you need that) Regards, joe __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RPM Source code version
Hi Sirs, I'm running RedHat 7.1 with kernel 2.4.3-12 on my Intel P3 866 system. Recently, I just removed the openssl package that came with RedHat 7.1 and I installed the source package from the openssl website. After this I was not able to use most of my apps(like ssh, dig, nslookup, KDE) There is always an error saying libcrypto.so.1 not found. I really need the source code version cause sendmail STARTTLS requires it. Can both type of openssl package work happily on the same machine? If its not possible, is there any way for me to use the source code version without affecting my other apps? sincerely Thanks for your help ddl _ The simple way to read all your emails at ThatWeb http://www.thatweb.com __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: RPM Source code version
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: 20 November 2001 15:41 To: [EMAIL PROTECTED] Subject: RPM Source code version Hi Sirs, I'm running RedHat 7.1 with kernel 2.4.3-12 on my Intel P3 866 system. Recently, I just removed the openssl package that came with RedHat 7.1 and I installed the source package from the openssl website. After this I was not able to use most of my apps(like ssh, dig, nslookup, KDE) There is always an error saying libcrypto.so.1 not found. I really need the source code version cause sendmail STARTTLS requires it. Can both type of openssl package work happily on the same machine? If its not possible, is there any way for me to use the source code version without affecting my other apps? sincerely Thanks for your help ddl This gets asked so often it should be in the FAQ! Basically, it's best with RedHat 7.x to stick with what you get. If you need some of the stuff that doesn't come with the RedHat 7.x (certain US patented code that can be used anywhere outside of the US), drop me a line off the list. I can then give you instructions on how to rebuild the RPM to include these. I've counted up over 20 packages that break if you remove openssl on RedHat 7.x. Some people have said that they have installed the latest from source over the RPM, but what they've actually succeeded in doing is corrupting their RPM database. Any updates released by RedHat cannot now be guaranteed to work, since it may depend on the version of a file that isn't there any more. At the risk of starting a flame war, I prefer managing servers with RPMs. It's easy enough to find out what is in them, and one RPM install on one machine is the same on another. (I know that you can create a custom configuration file and use that to compile and install on every machine, but frankly all that compiling and copying is a lot more work for multiple servers. If I build an RPM I do it from source on one machine and install the same one everywhere). - John Airey Internet systems support officer, ITCSD, Royal National Institute for the Blind, Bakewell Road, Peterborough PE2 6XU, Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 [EMAIL PROTECTED] - NOTICE: The information contained in this email and any attachments is confidential and may be legally privileged. If you are not the intended recipient you are hereby notified that you must not use, disclose, distribute, copy, print or rely on this email's content. If you are not the intended recipient, please notify the sender immediately and then delete the email and any attachments from your system. RNIB has made strenuous efforts to ensure that emails and any attachments generated by its staff are free from viruses. However, it cannot accept any responsibility for any viruses which are transmitted. We therefore recommend you scan all attachments. Please note that the statements and views expressed in this email and any attachments are those of the author and do not necessarily represent those of RNIB. RNIB Registered Charity Number: 226227 Website: http://www.rnib.org.uk __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
