OpenSSL v. 1.0.2

Requests go here. If you fill a request, give it a new thread in the appropriate category and then link to it in the request thread.
Post Reply
Message
Author
User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

OpenSSL v. 1.0.2

#1 Post by 8Geee »

I've been reading the slackware updates/changelogs, etc for a few months. I see that a lot of older pups are running 0.9.8 that is now past End of Life. Today's modern https pages are using security methods that are generally good. But 0.9.8 will no longer be subject to bug-fixes, seecurity alerts etc.

The same is true for OpenSSL v. 1.0.0 This has also been retired as of 1/2016.

The newest pups are still running OpenSSL v. 1.0.1 that will be non-support 12/2016. From what I gather at slackware, 1.0.2 will be the LTS solution. (current revision is 1.0.2g.

There is also LibreSSL by the same crew that gives us OpenSSL. LibreSSL takes a more harsh approach fully depricating SSL2 and tossing SSL3 into a very limited role.

Note that OpenSSL still clings to these two crackable SSL's. In fact some browsers still give a backdoor to SSL3.

What we need are puppies with OpenSSL 1.0.2 or LibreSSL. PAE and non-PAE.
Naturally wikipedia is your friend here.

Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
peebee
Posts: 4370
Joined: Sun 21 Sep 2008, 12:31
Location: Worcestershire, UK
Contact:

Re: OpenSSL v. 1.0.2

#2 Post by peebee »

8Geee wrote:What we need are puppies with OpenSSL 1.0.2 or LibreSSL. PAE and non-PAE.
8Geee
LxPupSc, based on Slackware-Current has 1.0.2g....kernel 4.5 pae in version 16.04.1
ImageLxPup = Puppy + LXDE
Main version used daily: LxPupSc; Assembler of UPups, ScPup & ScPup64, LxPup, LxPupSc & LxPupSc64

User avatar
HoerMirAuf
Posts: 255
Joined: Tue 22 Jan 2008, 12:11
Location: Würzburg

#3 Post by HoerMirAuf »

You can install the current OpenSSL

compiled it in slacko, should work in the most puppys:

openssl-1.0.2g-i486.pet 2MB

openssl_DEV-1.0.2g-i486.pet 2MB
[size=75][color=blue]Bionic64[/color][/size]

User avatar
festus
Posts: 235
Joined: Wed 14 Jan 2015, 19:10

#4 Post by festus »

HoerMirAuf wrote:You can install the current OpenSSL

compiled it in slacko, should work in the most puppys:
Thanks for the update.

I installed this version, openssl-1.0.2g, in both lxtahr-15.12.1 and lxpup-15.11.4-s slacko 6.3.0 based. In both versions this pet installed well, it's just that the "OPENSSLDIR" installed to a different location than where the original was:

Code: Select all

Tahr, before update:
root# openssl version -a
OpenSSL 1.0.1f 6 Jan 2014
OPENSSLDIR: "/usr/lib/ssl"

Tahr after upate:
root# openssl version -a
OpenSSL 1.0.2g  1 Mar 2016
OPENSSLDIR: "/usr/ssl"
--------------------------------------------------
Slacko, before update:
# openssl version -a
OpenSSL 1.0.1s  1 Mar 2016
OPENSSLDIR: "/etc/ssl"

Slacko after update:
# openssl version -a
OpenSSL 1.0.2g  1 Mar 2016
OPENSSLDIR: "/usr/ssl"
Does the change in "OPENSSLDIR" matter? Will it still work in the Pups?

Thank you,

festus :)

User avatar
HoerMirAuf
Posts: 255
Joined: Tue 22 Jan 2008, 12:11
Location: Würzburg

#5 Post by HoerMirAuf »

You are welcome.

Hmmm compiled it with the regular prefix=/usr

maybe openssl has changed the pathes? Don't know why puppy has this openssl path. if i compile it without any prefix, the default is /usr/local.

How ever .... i uninstalled the old openssl bevor i installed the newer one.It works in slacko without any problems since 1.0.2a.

The only thing: there are no certificates in my openssl package. The openssl package from puppy seems to incude some one. So you have to add them manualy if you need them.
[size=75][color=blue]Bionic64[/color][/size]

User avatar
festus
Posts: 235
Joined: Wed 14 Jan 2015, 19:10

#6 Post by festus »

Alright, then to me there doesn't appear to be any conflicts with the minor path change.

Thank you, HoerMirAuf, for your reply and your needed work.

festus

User avatar
OscarTalks
Posts: 2196
Joined: Mon 06 Feb 2012, 00:58
Location: London, England

#7 Post by OscarTalks »

Others more experienced than me may correct me if I am wrong, but I think you will find that --openssldir is a configure option which you can (and should) set when you compile OpenSSL and it is probably a good idea to set this to the same path as the package in the Puppy for which you are compiling. The Puppies I have seen usually have this as /etc/ssl but sometimes there are also symlinks into /usr/lib/ssl as well. Keep an eye on the shared lib version number as well when upgrading things because if that changes some programs that depend on it might stop working. It is true that OpenSSL does not include the certificates. There are ca-certificates packages which provide these.
Oscar in England
Image

User avatar
HoerMirAuf
Posts: 255
Joined: Tue 22 Jan 2008, 12:11
Location: Würzburg

#8 Post by HoerMirAuf »

Hi OscarTalks,

thank you for the hint. You are right. I did not think about this.

I have compiled openssl again. with --prefix=/usr --openssldir=/etc/ssl shared
It's now the same folder structure like the original openssl package from slacko.

Made some symlinks also from libcrypto.so.0 to libcrypto.so.1.0.0 and libssl.so.0 to libssl.so.1.0.0

Added also various certificates in the cert folder (borrowed from debian)

The links above are updated to the current release.
[size=75][color=blue]Bionic64[/color][/size]

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

openssl 1.0.2h in Slacko5.7-nonpae

#9 Post by 8Geee »

@ HoerMirAuf:

I'm late to this thread in response, but I have just loaded the 102g version into my Slacko5.7 based puppy. I have three spins in PuppyLinux to keep 5.7 updated, and to keep netbooks from 2008-9 usable in today's environment.

This went withoit a hitch thanks to your efforts and, and the input of others in the community. My own personal version is first, and will then apply to the 3 spins as I get time.

For others interested, the PPM will install, but will not find, by default.
Therefore, the needed update to 102h must be done by going to slackware dot com.

Click upon Security Advisories

Click upon 2016

Scroll down the list to the first occurance of [slackware-security] openssl
At this time, the line reads...
2016-05-03 - [slackware-security] openssl (SSA:2016-124-01)

Scroll down to "Slackware - current "
Highlight the top line, press CTRL C, and open a new tab in your browser

Click in the new tab's address bar to get a cursor and press SHIFT INSERT
Then press the enter key

A yellow dialog box opens... click YES
Puppy Package Manager will install the "solibs" files

When done, go back to the "Slackware- current" paragraph and highlight the bottom line and repeat the steps afterwards.

At this time, you may open ROX and navigate to /usr. Here you can look for /usr/doc and remove the "documentation files" for the update within /usr/doc.

When all this is done, disconnect from internet and shutdown. Wait a minute or two and power-up.

Using the terminal type openssl version
It should return as 1.0.2h

Hope this helps.

Thanks again for the work done.

regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

watchdog
Posts: 2021
Joined: Fri 28 Sep 2012, 18:04
Location: Italy

#10 Post by watchdog »

The previous 1.0.2g version:

http://murga-linux.com/puppy/viewtopic. ... 4aa#891788

Now compiled in wary openssl-1.0.2h and tested ok for me.

openssl-1.0.2h_i486.pet:

https://drive.google.com/file/d/0B9iMb4 ... sp=sharing

openssl_DEV-1.0.2h_i486.pet:

https://drive.google.com/file/d/0B9iMb4 ... sp=sharing

openssl_DOC-1.0..2h_i486.pet:

https://drive.google.com/file/d/0B9iMb4 ... sp=sharing

Code: Select all

# openssl version -a
OpenSSL 1.0.2h  3 May 2016
built on: reproducible build, date unspecified
platform: linux-elf
options:  bn(64,32) rc4(8x,mmx) des(ptr,risc1,16,long) idea(int) blowfish(idx) 
compiler: gcc -I. -I.. -I../include  -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -Wa,--noexecstack -DL_ENDIAN -O3 -fomit-frame-pointer -Wall -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
OPENSSLDIR: "/etc/ssl"
Other puplets may want ubuntu-debian-slackware packages from repositories.

EDIT:

openssl-1.0.2p-w5.pet:

https://drive.google.com/file/d/1z-v-El ... sp=sharing

openssl_DEV-1.0.2p-w5.pet:

https://drive.google.com/file/d/1kL5DWV ... sp=sharing

openssl-1.0.2p-precise.pet:

https://drive.google.com/file/d/1bdximw ... sp=sharing

openssl_DEV-1.0.2p-precise.pet:

https://drive.google.com/file/d/1LGD88X ... sp=sharing
Last edited by watchdog on Wed 31 Oct 2018, 04:08, edited 1 time in total.

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

#11 Post by 8Geee »

thanks for this watchdog.

I would like to note that in my spins no symlink patches were needed in Slacko5.7. When performing the delta to 1.0.2g and the update to 1.0.2h. For users of the original Slacko5.7, you might want to inspect and make symlinks in /usr/lib and in /lib. As noted in my spins, some updates have reinstalled openssl 0.9.8 though it is unsupported.

regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

|241D3]\[
Posts: 1
Joined: Sun 01 Oct 2017, 07:12

#12 Post by |241D3]\[ »

hi boys here my openssl package.

requisites:
  • devx_slacko-_5.3.3.sfs (MENU->SETUP->Setup puppy->SFS-Load on-the-fly)
    openssl source
download: openssl-1.0.2l.tar.gz
https://www.openssl.org/source/openssl-1.0.2l.tar.gz

*** openssl compilation for puppy slacko 5.3.3 :P ***
console command:

Code: Select all

# ./configure --install_prefix=/tmp/package-root --prefix=/usr/ --openssldir=/etc/ssl zlib-dynamic shared 
# make
# make test
# make install
# mv /tmp/package-root /tmp/openssl-1.0.21
# dir2pet /openssl-1.0.21

download: openssl-1.0.21.pet 3.2mb

https://docs.google.com/uc?id=0B7wHTwvL ... t=download

have a nice day!

belham2
Posts: 1715
Joined: Mon 15 Aug 2016, 22:47

#13 Post by belham2 »

|241D3]\[ wrote:hi boys here my openssl package.

requisites:
  • devx_slacko-_5.3.3.sfs (MENU->SETUP->Setup puppy->SFS-Load on-the-fly)
    openssl source
download: openssl-1.0.2l.tar.gz
https://www.openssl.org/source/openssl-1.0.2l.tar.gz

*** openssl compilation for puppy slacko 5.3.3 :P ***
console command:

Code: Select all

# ./configure --install_prefix=/tmp/package-root --prefix=/usr/ --openssldir=/etc/ssl zlib-dynamic shared 
# make
# make test
# make install
# mv /tmp/package-root /tmp/openssl-1.0.21
# dir2pet /openssl-1.0.21

download: openssl-1.0.21.pet 3.2mb

https://docs.google.com/uc?id=0B7wHTwvL ... t=download

have a nice day!


241D3, you were beaten to the punch on this, some months ago by myself (and also by watchdog). But, hey, better late than never...and good on you, as it would probably shock us all to find out how often pup users overlook this :wink:

http://murga-linux.com/puppy/viewtopic. ... 225#962225

Post Reply