You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Igor Galić <i....@brainsware.org> on 2010/06/01 17:37:55 UTC
Re: RFC: drop support for OpenSSL < 1.0 in trunk/2.3?
> Deprecating obsolete libraries is a good thing, especially if there is
> a compelling replacement.
>
> I think this goes hand in hand with what operating system versions we
> will be targeting for 2.4. We should inventory which versions of the
> libraries are offered on each and then make the decision whether to
> accomodate:
>
> * Windows: none
> * Mac OS X 10.6: OpenSSL 0.9.8l 5 Nov 2009
> * FreeBSD 6.4-STABLE: OpenSSL 0.9.7e-p1 25 Oct 2004
> * FreeBSD 7.2-STABLE: OpenSSL 0.9.8e 23 Feb 2007
> * FreeBSD 8-STABLE: OpenSSL 0.9.8k 25 Mar 2009
> * OpenBSD 4.6: OpenSSL 0.9.8k 25 Mar 2009
> * Solaris 10: 0.9.7 with backports... don't recall what's in the
> Coolstack but someone else may be able to tell us.
The Coolstack and the Webstack both use the system's SSL bindings.
Coolstack symlinks it: libssl.so.0.9.7 => /usr/sfw/lib/libssl.so.0.9.7
lrwxrwxrwx 1 root root 28 Jul 13 2009 /opt/coolstack/lib/libssl.so.0.9.7 -> /usr/sfw/lib/libssl.so.0.9.7
while webstack links it directly: libcrypto.so.0.9.7 => /usr/sfw/lib/libcrypto.so.0.9.7
Bye,
--
Igor Galić
Tel: +43 (0) 699 122 96 338
Fax: +43(0) 1 91 333 41
Mail: i.galic@brainsware.org
URL: http://brainsware.org/
Re: RFC: drop support for OpenSSL < 1.0 in trunk/2.3?
Posted by Jeff Trawick <tr...@gmail.com>.
On Wed, Jun 2, 2010 at 3:16 AM, Issac Goldstand <ma...@beamartyr.net> wrote:
> On 6/1/2010 6:37 PM, Igor Galić wrote:
>>>
>>> * Solaris 10: 0.9.7 with backports... don't recall what's in the
>>> Coolstack but someone else may be able to tell us.
>>>
>>
>> The Coolstack and the Webstack both use the system's SSL bindings.
>> Coolstack symlinks it: libssl.so.0.9.7 =>
>> /usr/sfw/lib/libssl.so.0.9.7
>>
>> lrwxrwxrwx 1 root root 28 Jul 13 2009 /opt/coolstack/lib/libssl.so.0.9.7
>> -> /usr/sfw/lib/libssl.so.0.9.7
>>
>> while webstack links it directly: libcrypto.so.0.9.7 =>
>> /usr/sfw/lib/libcrypto.so.0.9.7
>>
>> Bye,
>>
>
> Didn't coolstack officially die? It's been replaced by glassfish IIRC...
> As such, it's not a good example
Both Coolstack and GlassFish Web Stack are irrelevant to this
discussion as they do not provide OpenSSL. (As a completely separate
issue, there's no reason to expect a generally available update from
either of them.)
Solaris 10 is apparently stuck at OpenSSL 0.9.7 + a growing number of
back-ported security fixes.
Re: RFC: drop support for OpenSSL < 1.0 in trunk/2.3?
Posted by Issac Goldstand <ma...@beamartyr.net>.
On 6/1/2010 6:37 PM, Igor Galić wrote:
>> * Solaris 10: 0.9.7 with backports... don't recall what's in the
>> Coolstack but someone else may be able to tell us.
>>
> The Coolstack and the Webstack both use the system's SSL bindings.
> Coolstack symlinks it: libssl.so.0.9.7 => /usr/sfw/lib/libssl.so.0.9.7
>
> lrwxrwxrwx 1 root root 28 Jul 13 2009 /opt/coolstack/lib/libssl.so.0.9.7 -> /usr/sfw/lib/libssl.so.0.9.7
>
> while webstack links it directly: libcrypto.so.0.9.7 => /usr/sfw/lib/libcrypto.so.0.9.7
>
> Bye,
>
Didn't coolstack officially die? It's been replaced by glassfish
IIRC... As such, it's not a good example