OpenSSL v. 1.0.2
OpenSSL v. 1.0.2
I've been reading the slackware updates/changelogs, etc for a few months. I see that a lot of older pups are running 0.9.8 that is now past End of Life. Today's modern https pages are using security methods that are generally good. But 0.9.8 will no longer be subject to bug-fixes, seecurity alerts etc.
The same is true for OpenSSL v. 1.0.0 This has also been retired as of 1/2016.
The newest pups are still running OpenSSL v. 1.0.1 that will be non-support 12/2016. From what I gather at slackware, 1.0.2 will be the LTS solution. (current revision is 1.0.2g.
There is also LibreSSL by the same crew that gives us OpenSSL. LibreSSL takes a more harsh approach fully depricating SSL2 and tossing SSL3 into a very limited role.
Note that OpenSSL still clings to these two crackable SSL's. In fact some browsers still give a backdoor to SSL3.
What we need are puppies with OpenSSL 1.0.2 or LibreSSL. PAE and non-PAE.
Naturally wikipedia is your friend here.
Regards
8Geee
The same is true for OpenSSL v. 1.0.0 This has also been retired as of 1/2016.
The newest pups are still running OpenSSL v. 1.0.1 that will be non-support 12/2016. From what I gather at slackware, 1.0.2 will be the LTS solution. (current revision is 1.0.2g.
There is also LibreSSL by the same crew that gives us OpenSSL. LibreSSL takes a more harsh approach fully depricating SSL2 and tossing SSL3 into a very limited role.
Note that OpenSSL still clings to these two crackable SSL's. In fact some browsers still give a backdoor to SSL3.
What we need are puppies with OpenSSL 1.0.2 or LibreSSL. PAE and non-PAE.
Naturally wikipedia is your friend here.
Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."
"Zuckerberg: a large city inhabited by mentally challenged people."
Re: OpenSSL v. 1.0.2
LxPupSc, based on Slackware-Current has 1.0.2g....kernel 4.5 pae in version 16.04.18Geee wrote:What we need are puppies with OpenSSL 1.0.2 or LibreSSL. PAE and non-PAE.
8Geee
LxPup = Puppy + LXDE
Main version used daily: LxPupSc; Assembler of UPups, ScPup & ScPup64, LxPup, LxPupSc & LxPupSc64
Main version used daily: LxPupSc; Assembler of UPups, ScPup & ScPup64, LxPup, LxPupSc & LxPupSc64
- HoerMirAuf
- Posts: 255
- Joined: Tue 22 Jan 2008, 12:11
- Location: Würzburg
You can install the current OpenSSL
compiled it in slacko, should work in the most puppys:
openssl-1.0.2g-i486.pet 2MB
openssl_DEV-1.0.2g-i486.pet 2MB
compiled it in slacko, should work in the most puppys:
openssl-1.0.2g-i486.pet 2MB
openssl_DEV-1.0.2g-i486.pet 2MB
[size=75][color=blue]Bionic64[/color][/size]
Thanks for the update.HoerMirAuf wrote:You can install the current OpenSSL
compiled it in slacko, should work in the most puppys:
I installed this version, openssl-1.0.2g, in both lxtahr-15.12.1 and lxpup-15.11.4-s slacko 6.3.0 based. In both versions this pet installed well, it's just that the "OPENSSLDIR" installed to a different location than where the original was:
Code: Select all
Tahr, before update:
root# openssl version -a
OpenSSL 1.0.1f 6 Jan 2014
OPENSSLDIR: "/usr/lib/ssl"
Tahr after upate:
root# openssl version -a
OpenSSL 1.0.2g 1 Mar 2016
OPENSSLDIR: "/usr/ssl"
--------------------------------------------------
Slacko, before update:
# openssl version -a
OpenSSL 1.0.1s 1 Mar 2016
OPENSSLDIR: "/etc/ssl"
Slacko after update:
# openssl version -a
OpenSSL 1.0.2g 1 Mar 2016
OPENSSLDIR: "/usr/ssl"
Thank you,
festus
- HoerMirAuf
- Posts: 255
- Joined: Tue 22 Jan 2008, 12:11
- Location: Würzburg
You are welcome.
Hmmm compiled it with the regular prefix=/usr
maybe openssl has changed the pathes? Don't know why puppy has this openssl path. if i compile it without any prefix, the default is /usr/local.
How ever .... i uninstalled the old openssl bevor i installed the newer one.It works in slacko without any problems since 1.0.2a.
The only thing: there are no certificates in my openssl package. The openssl package from puppy seems to incude some one. So you have to add them manualy if you need them.
Hmmm compiled it with the regular prefix=/usr
maybe openssl has changed the pathes? Don't know why puppy has this openssl path. if i compile it without any prefix, the default is /usr/local.
How ever .... i uninstalled the old openssl bevor i installed the newer one.It works in slacko without any problems since 1.0.2a.
The only thing: there are no certificates in my openssl package. The openssl package from puppy seems to incude some one. So you have to add them manualy if you need them.
[size=75][color=blue]Bionic64[/color][/size]
- OscarTalks
- Posts: 2196
- Joined: Mon 06 Feb 2012, 00:58
- Location: London, England
Others more experienced than me may correct me if I am wrong, but I think you will find that --openssldir is a configure option which you can (and should) set when you compile OpenSSL and it is probably a good idea to set this to the same path as the package in the Puppy for which you are compiling. The Puppies I have seen usually have this as /etc/ssl but sometimes there are also symlinks into /usr/lib/ssl as well. Keep an eye on the shared lib version number as well when upgrading things because if that changes some programs that depend on it might stop working. It is true that OpenSSL does not include the certificates. There are ca-certificates packages which provide these.
Oscar in England
- HoerMirAuf
- Posts: 255
- Joined: Tue 22 Jan 2008, 12:11
- Location: Würzburg
Hi OscarTalks,
thank you for the hint. You are right. I did not think about this.
I have compiled openssl again. with --prefix=/usr --openssldir=/etc/ssl shared
It's now the same folder structure like the original openssl package from slacko.
Made some symlinks also from libcrypto.so.0 to libcrypto.so.1.0.0 and libssl.so.0 to libssl.so.1.0.0
Added also various certificates in the cert folder (borrowed from debian)
The links above are updated to the current release.
thank you for the hint. You are right. I did not think about this.
I have compiled openssl again. with --prefix=/usr --openssldir=/etc/ssl shared
It's now the same folder structure like the original openssl package from slacko.
Made some symlinks also from libcrypto.so.0 to libcrypto.so.1.0.0 and libssl.so.0 to libssl.so.1.0.0
Added also various certificates in the cert folder (borrowed from debian)
The links above are updated to the current release.
[size=75][color=blue]Bionic64[/color][/size]
openssl 1.0.2h in Slacko5.7-nonpae
@ HoerMirAuf:
I'm late to this thread in response, but I have just loaded the 102g version into my Slacko5.7 based puppy. I have three spins in PuppyLinux to keep 5.7 updated, and to keep netbooks from 2008-9 usable in today's environment.
This went withoit a hitch thanks to your efforts and, and the input of others in the community. My own personal version is first, and will then apply to the 3 spins as I get time.
For others interested, the PPM will install, but will not find, by default.
Therefore, the needed update to 102h must be done by going to slackware dot com.
Click upon Security Advisories
Click upon 2016
Scroll down the list to the first occurance of [slackware-security] openssl
At this time, the line reads...
2016-05-03 - [slackware-security] openssl (SSA:2016-124-01)
Scroll down to "Slackware - current "
Highlight the top line, press CTRL C, and open a new tab in your browser
Click in the new tab's address bar to get a cursor and press SHIFT INSERT
Then press the enter key
A yellow dialog box opens... click YES
Puppy Package Manager will install the "solibs" files
When done, go back to the "Slackware- current" paragraph and highlight the bottom line and repeat the steps afterwards.
At this time, you may open ROX and navigate to /usr. Here you can look for /usr/doc and remove the "documentation files" for the update within /usr/doc.
When all this is done, disconnect from internet and shutdown. Wait a minute or two and power-up.
Using the terminal type openssl version
It should return as 1.0.2h
Hope this helps.
Thanks again for the work done.
regards
8Geee
I'm late to this thread in response, but I have just loaded the 102g version into my Slacko5.7 based puppy. I have three spins in PuppyLinux to keep 5.7 updated, and to keep netbooks from 2008-9 usable in today's environment.
This went withoit a hitch thanks to your efforts and, and the input of others in the community. My own personal version is first, and will then apply to the 3 spins as I get time.
For others interested, the PPM will install, but will not find, by default.
Therefore, the needed update to 102h must be done by going to slackware dot com.
Click upon Security Advisories
Click upon 2016
Scroll down the list to the first occurance of [slackware-security] openssl
At this time, the line reads...
2016-05-03 - [slackware-security] openssl (SSA:2016-124-01)
Scroll down to "Slackware - current "
Highlight the top line, press CTRL C, and open a new tab in your browser
Click in the new tab's address bar to get a cursor and press SHIFT INSERT
Then press the enter key
A yellow dialog box opens... click YES
Puppy Package Manager will install the "solibs" files
When done, go back to the "Slackware- current" paragraph and highlight the bottom line and repeat the steps afterwards.
At this time, you may open ROX and navigate to /usr. Here you can look for /usr/doc and remove the "documentation files" for the update within /usr/doc.
When all this is done, disconnect from internet and shutdown. Wait a minute or two and power-up.
Using the terminal type openssl version
It should return as 1.0.2h
Hope this helps.
Thanks again for the work done.
regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."
"Zuckerberg: a large city inhabited by mentally challenged people."
The previous 1.0.2g version:
http://murga-linux.com/puppy/viewtopic. ... 4aa#891788
Now compiled in wary openssl-1.0.2h and tested ok for me.
openssl-1.0.2h_i486.pet:
https://drive.google.com/file/d/0B9iMb4 ... sp=sharing
openssl_DEV-1.0.2h_i486.pet:
https://drive.google.com/file/d/0B9iMb4 ... sp=sharing
openssl_DOC-1.0..2h_i486.pet:
https://drive.google.com/file/d/0B9iMb4 ... sp=sharing
Other puplets may want ubuntu-debian-slackware packages from repositories.
EDIT:
openssl-1.0.2p-w5.pet:
https://drive.google.com/file/d/1z-v-El ... sp=sharing
openssl_DEV-1.0.2p-w5.pet:
https://drive.google.com/file/d/1kL5DWV ... sp=sharing
openssl-1.0.2p-precise.pet:
https://drive.google.com/file/d/1bdximw ... sp=sharing
openssl_DEV-1.0.2p-precise.pet:
https://drive.google.com/file/d/1LGD88X ... sp=sharing
http://murga-linux.com/puppy/viewtopic. ... 4aa#891788
Now compiled in wary openssl-1.0.2h and tested ok for me.
openssl-1.0.2h_i486.pet:
https://drive.google.com/file/d/0B9iMb4 ... sp=sharing
openssl_DEV-1.0.2h_i486.pet:
https://drive.google.com/file/d/0B9iMb4 ... sp=sharing
openssl_DOC-1.0..2h_i486.pet:
https://drive.google.com/file/d/0B9iMb4 ... sp=sharing
Code: Select all
# openssl version -a
OpenSSL 1.0.2h 3 May 2016
built on: reproducible build, date unspecified
platform: linux-elf
options: bn(64,32) rc4(8x,mmx) des(ptr,risc1,16,long) idea(int) blowfish(idx)
compiler: gcc -I. -I.. -I../include -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -Wa,--noexecstack -DL_ENDIAN -O3 -fomit-frame-pointer -Wall -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
OPENSSLDIR: "/etc/ssl"
EDIT:
openssl-1.0.2p-w5.pet:
https://drive.google.com/file/d/1z-v-El ... sp=sharing
openssl_DEV-1.0.2p-w5.pet:
https://drive.google.com/file/d/1kL5DWV ... sp=sharing
openssl-1.0.2p-precise.pet:
https://drive.google.com/file/d/1bdximw ... sp=sharing
openssl_DEV-1.0.2p-precise.pet:
https://drive.google.com/file/d/1LGD88X ... sp=sharing
Last edited by watchdog on Wed 31 Oct 2018, 04:08, edited 1 time in total.
thanks for this watchdog.
I would like to note that in my spins no symlink patches were needed in Slacko5.7. When performing the delta to 1.0.2g and the update to 1.0.2h. For users of the original Slacko5.7, you might want to inspect and make symlinks in /usr/lib and in /lib. As noted in my spins, some updates have reinstalled openssl 0.9.8 though it is unsupported.
regards
8Geee
I would like to note that in my spins no symlink patches were needed in Slacko5.7. When performing the delta to 1.0.2g and the update to 1.0.2h. For users of the original Slacko5.7, you might want to inspect and make symlinks in /usr/lib and in /lib. As noted in my spins, some updates have reinstalled openssl 0.9.8 though it is unsupported.
regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."
"Zuckerberg: a large city inhabited by mentally challenged people."
hi boys here my openssl package.
requisites:
https://www.openssl.org/source/openssl-1.0.2l.tar.gz
download: openssl-1.0.21.pet 3.2mb
https://docs.google.com/uc?id=0B7wHTwvL ... t=download
have a nice day!
requisites:
- devx_slacko-_5.3.3.sfs (MENU->SETUP->Setup puppy->SFS-Load on-the-fly)
openssl source
https://www.openssl.org/source/openssl-1.0.2l.tar.gz
console command:*** openssl compilation for puppy slacko 5.3.3 ***
Code: Select all
# ./configure --install_prefix=/tmp/package-root --prefix=/usr/ --openssldir=/etc/ssl zlib-dynamic shared
# make
# make test
# make install
# mv /tmp/package-root /tmp/openssl-1.0.21
# dir2pet /openssl-1.0.21
download: openssl-1.0.21.pet 3.2mb
https://docs.google.com/uc?id=0B7wHTwvL ... t=download
have a nice day!
|241D3]\[ wrote:hi boys here my openssl package.
requisites:download: openssl-1.0.2l.tar.gz
- devx_slacko-_5.3.3.sfs (MENU->SETUP->Setup puppy->SFS-Load on-the-fly)
openssl source
https://www.openssl.org/source/openssl-1.0.2l.tar.gz
console command:*** openssl compilation for puppy slacko 5.3.3 ***
Code: Select all
# ./configure --install_prefix=/tmp/package-root --prefix=/usr/ --openssldir=/etc/ssl zlib-dynamic shared # make # make test # make install # mv /tmp/package-root /tmp/openssl-1.0.21 # dir2pet /openssl-1.0.21
download: openssl-1.0.21.pet 3.2mb
https://docs.google.com/uc?id=0B7wHTwvL ... t=download
have a nice day!
241D3, you were beaten to the punch on this, some months ago by myself (and also by watchdog). But, hey, better late than never...and good on you, as it would probably shock us all to find out how often pup users overlook this
http://murga-linux.com/puppy/viewtopic. ... 225#962225