diff options
| author | nectar <nectar@FreeBSD.org> | 2002-07-30 13:38:06 +0000 |
|---|---|---|
| committer | nectar <nectar@FreeBSD.org> | 2002-07-30 13:38:06 +0000 |
| commit | 2f13e0916590f8488178999aec4874ed5662a031 (patch) | |
| tree | f3c141823975717e132c7687cf833f6378cc87d4 /crypto/openssl/FAQ | |
| parent | 0aed2eea83b351d68092e43b5a9496ce3dd5043d (diff) | |
| download | FreeBSD-src-2f13e0916590f8488178999aec4874ed5662a031.zip FreeBSD-src-2f13e0916590f8488178999aec4874ed5662a031.tar.gz | |
Import of OpenSSL 0.9.6e.
Diffstat (limited to 'crypto/openssl/FAQ')
| -rw-r--r-- | crypto/openssl/FAQ | 57 |
1 files changed, 54 insertions, 3 deletions
diff --git a/crypto/openssl/FAQ b/crypto/openssl/FAQ index 3b69d8b..ad75299 100644 --- a/crypto/openssl/FAQ +++ b/crypto/openssl/FAQ @@ -38,6 +38,8 @@ OpenSSL - Frequently Asked Questions * Why does the OpenSSL compilation fail on Alpha Tru64 Unix? * Why does the OpenSSL compilation fail with "ar: command not found"? * Why does the OpenSSL compilation fail on Win32 with VC++? +* What is special about OpenSSL on Redhat? +* Why does the OpenSSL test suite fail on MacOS X? [PROG] Questions about programming with OpenSSL @@ -59,7 +61,7 @@ OpenSSL - Frequently Asked Questions * Which is the current version of OpenSSL? The current version is available from <URL: http://www.openssl.org>. -OpenSSL 0.9.6d was released on 9 May, 2002. +OpenSSL 0.9.6e was released on 30 May, 2002. In addition to the current stable release, you can also access daily snapshots of the OpenSSL development version at <URL: @@ -215,8 +217,11 @@ For Solaris 2.6, Tim Nibbe <tnibbe@sprint.net> and others have suggested installing the SUNski package from Sun patch 105710-01 (Sparc) which adds a /dev/random device and make sure it gets used, usually through $RANDFILE. There are probably similar patches for the other Solaris -versions. However, be warned that /dev/random is usually a blocking -device, which may have some effects on OpenSSL. +versions. An official statement from Sun with respect to /dev/random +support can be found at + http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsrdb/27606&zone_32=SUNWski +However, be warned that /dev/random is usually a blocking device, which +may have some effects on OpenSSL. * Why do I get an "unable to write 'random state'" error message? @@ -451,6 +456,52 @@ under 'Program Files'). This needs to be done prior to running NMAKE, and the changes are only valid for the current DOS session. +* What is special about OpenSSL on Redhat? + +Red Hat Linux (release 7.0 and later) include a preinstalled limited +version of OpenSSL. For patent reasons, support for IDEA, RC5 and MDC2 +is disabled in this version. The same may apply to other Linux distributions. +Users may therefore wish to install more or all of the features left out. + +To do this you MUST ensure that you do not overwrite the openssl that is in +/usr/bin on your Red Hat machine. Several packages depend on this file, +including sendmail and ssh. /usr/local/bin is a good alternative choice. The +libraries that come with Red Hat 7.0 onwards have different names and so are +not affected. (eg For Red Hat 7.2 they are /lib/libssl.so.0.9.6b and +/lib/libcrypto.so.0.9.6b with symlinks /lib/libssl.so.2 and +/lib/libcrypto.so.2 respectively). + +Please note that we have been advised by Red Hat attempting to recompile the +openssl rpm with all the cryptography enabled will not work. All other +packages depend on the original Red Hat supplied openssl package. It is also +worth noting that due to the way Red Hat supplies its packages, updates to +openssl on each distribution never change the package version, only the +build number. For example, on Red Hat 7.1, the latest openssl package has +version number 0.9.6 and build number 9 even though it contains all the +relevant updates in packages up to and including 0.9.6b. + +A possible way around this is to persuade Red Hat to produce a non-US +version of Red Hat Linux. + +FYI: Patent numbers and expiry dates of US patents: +MDC-2: 4,908,861 13/03/2007 +IDEA: 5,214,703 25/05/2010 +RC5: 5,724,428 03/03/2015 + + +* Why does the OpenSSL test suite fail on MacOS X? + +If the failure happens when running 'make test' and the RC4 test fails, +it's very probable that you have OpenSSL 0.9.6b delivered with the +operating system (you can find out by running '/usr/bin/openssl version') +and that you were trying to build OpenSSL 0.9.6d. The problem is that +the loader ('ld') in MacOS X has a misfeature that's quite difficult to +go around and has linked the programs "openssl" and the test programs +with /usr/lib/libcrypto.dylib and /usr/lib/libssl.dylib instead of the +libraries you just built. +Look in the file PROBLEMS for a more detailed explanation and for possible +solutions. + [PROG] ======================================================================== * Is OpenSSL thread-safe? |
