OpenSSL-0.9.8a

Dan Nicholson dbn.lists at gmail.com
Thu Apr 27 11:23:17 PDT 2006


On 3/11/06, Dan Nicholson <dbn.lists at gmail.com> wrote:
> Hi,
>
> I've opened a bug about the new version of OpenSSL
> (http://wiki.linuxfromscratch.org/blfs/ticket/1838).

<snip>

> I would like to ask those in the community if they have run packages
> against the new 0.9.8a version.  Most importantly, I want to know
> about the major servers (apache, postfix, etc.), but any contribution
> would be great.
>
> If you prefer, you can add information to the bug.
>
> Below is a list of reverse dependencies I got doing some grepping on
> the BLFS sources.

<snip list of packages - see
http://linuxfromscratch.org/pipermail/blfs-dev/2006-March/013900.html>

I'm now in a much better place to suggest updating to OpenSSL-0.9.8a. 
In addition to many client apps, I've now tested a few of the major
servers and they work as expected.  The highlights are:

Apache - tested https:// through mod_ssl

Postfix - tested TLS encrypted SMTP sessions for server (smtpd),
client (smtp) and authentication (TLS to cyrus-sasl)

Cyrus-sasl - tested TLS encrypted authentication sessions with the
ldapdb plugin (requires patch for some plugins that is in the patches
repo)

OpenLDAP - tested encrypted LDAP over SSL (ldaps:///) and TLS based
(ldap:///) for slapd.  tested client SSL connection to ldaps:///

Subversion - svn+ssh:// authentication for svn and svnserve

OpenSSH - run an ssh session with and without personal keys


Randy and Joe have also provided feedback that didn't find any
problems using this version.  If you want to see something else tested
before the update, speak now or forever hold your peace.  I'll be
going out of town in about 5 hours, so please speak up soon.  I want
to get the update in before I leave.

--
Dan



More information about the blfs-dev mailing list