Dan Nicholson dbn.lists at
Thu Apr 27 11:23:17 PDT 2006

On 3/11/06, Dan Nicholson <dbn.lists at> wrote:
> Hi,
> I've opened a bug about the new version of OpenSSL
> (


> I would like to ask those in the community if they have run packages
> against the new 0.9.8a version.  Most importantly, I want to know
> about the major servers (apache, postfix, etc.), but any contribution
> would be great.
> If you prefer, you can add information to the bug.
> Below is a list of reverse dependencies I got doing some grepping on
> the BLFS sources.

<snip list of packages - see>

I'm now in a much better place to suggest updating to OpenSSL-0.9.8a. 
In addition to many client apps, I've now tested a few of the major
servers and they work as expected.  The highlights are:

Apache - tested https:// through mod_ssl

Postfix - tested TLS encrypted SMTP sessions for server (smtpd),
client (smtp) and authentication (TLS to cyrus-sasl)

Cyrus-sasl - tested TLS encrypted authentication sessions with the
ldapdb plugin (requires patch for some plugins that is in the patches

OpenLDAP - tested encrypted LDAP over SSL (ldaps:///) and TLS based
(ldap:///) for slapd.  tested client SSL connection to ldaps:///

Subversion - svn+ssh:// authentication for svn and svnserve

OpenSSH - run an ssh session with and without personal keys

Randy and Joe have also provided feedback that didn't find any
problems using this version.  If you want to see something else tested
before the update, speak now or forever hold your peace.  I'll be
going out of town in about 5 hours, so please speak up soon.  I want
to get the update in before I leave.


More information about the blfs-dev mailing list