| Dakon | I made openssl-1.0.2 packages that can be installed in parallel, in case anyone is interested | 11:32 |
|---|---|---|
| Dakon | https://github.com/osm2go/openssl/releases | 11:32 |
| craftyguy | I assume, at the very least, a new openssl package is needed | 09:12 |
|---|---|---|
| Dakon | craftyguy: https://github.com/osm2go/openssl/releases | 09:40 |
| Dakon | oh, and I have OpenSSL 1.0.2 as dpkg for n900 here: https://github.com/community-ssu/hildon.git | 21:44 |
|---|
| drathir | DocScrutinizer05: if may i ask is planned upgrade of openssl/openssh to at least supprt hmac-sha2-256 ? | 16:50 |
|---|
| ilew | No clue, I just ran 'openssl s_client -showcerts -connect supl.nokia.com:7275' to get a list of certs and checked to see if any were removed. | 05:06 |
|---|
| ilew | Ignore the openssl version being wrong, I fixed that in a later commit. | 14:01 |
|---|
| DocScrutinizer05 | https://github.com/community-ssu/openssl/commit/92a20d8b9540cdcef0449a16f8756306fdcf0a5c hehehe, this doesn't look good | 01:32 |
|---|---|---|
| DocScrutinizer05 | sorry, openssl | 02:22 |
| ilew | freemangordon: But wasn't it updated to -zh? - https://github.com/community-ssu/openssl/commit/619d8575b550dc62d9a0dc2339d0d9f282c6de22 | 08:59 |
| ilew | DocScrutinizer05: As for the openssl issue. It looks to me that only libssl in the control file and openssl was missed - https://github.com/community-ssu/mp-fremantle-community-pr/blob/e213afc340e1e8e29f5c128305990e370cffd47d/debian/control#L85 | 09:03 |
| ilew | Am I also correct about the missing openssl-zf dependency in the mp-fremantle-community-pr control file? | 09:28 |
| freemangordon | ilew: there should be no openssl dependency in the control file | 09:29 |
| freemangordon | openssl is not installed by default, afaik | 09:30 |
| ilew | before my commit there was 'openssl (>= 0.9.8n-1+maemo4+0m5+0cssu1)' | 09:31 |
| freemangordon | then -mp should depend on openssl zf as well | 09:32 |
| DocScrutinizer05 | merlin1991: http://paste.opensuse.org/85751869 what's wrong there? (openssl old version that should have been updated when cssu-t Version: 21.2011.38-1Tmaemo11 update happened) | 16:38 |
|---|---|---|
| DocScrutinizer05 | openssl0.98 vs LIBssl0.98 ARRRRGH, sorry | 16:54 |
| DocScrutinizer05 | however http://wiki.maemo.org/Community_SSU/Changelog says OPENssl got updtaed, which I think isn't exactly to the point. Can't wrap my head around what exactly is going on there | 16:56 |
| DocScrutinizer05 | IroN900:~# openssl version ==> OpenSSL 0.9.8n 24 Mar 2010 (Library: OpenSSL 0.9.8zf 19 Mar 2015) | 17:04 |
| DocScrutinizer05 | so what's this `apt-cache policy openssl` thing all about? | 17:04 |
| freemangordon | ilew: https://github.com/community-ssu/openssl/commit/92a20d8b9540cdcef0449a16f8756306fdcf0a5c - actually it was prepared for -zf | 18:21 |
| kerio | freemangordon: gibe openssl 1.0.2 | 18:22 |
| kerio | gibe openssl 1.1.0 | 18:22 |
| kerio | freemangordon: did we ever figure out if there's a way to get the RHEL 5-or-whatever openssl 0.9.8? | 18:23 |
| * freemangordon hands kerio openssl 1.1.0 wrapped in a pink paper and violet ribbon | 18:23 | |
| kerio | freemangordon: there's a RHEL with openssl 0.9.8 | 18:24 |
| bencoh | http://rpmfind.net/linux/RPM/centos/updates/5.11/x86_64/RPMS/openssl-0.9.8e-39.el5_11.x86_64.html | 18:40 |
| ilew | Will do, btw do we care about small typos in 'How to build' files? Like in https://github.com/community-ssu/openssl/blob/master/HOWTOBUILD | 22:24 |
|---|
| bencoh | ah you mean openssl | 19:12 |
|---|---|---|
| bencoh | which parts of maemo depend on gnutls (and not openssl or libnss)? | 19:13 |
| merlin1991 | I found a small problem with our openssl repo | 01:09 |
|---|
| xes | opessl "--api=1.1.0|1.0.0|0.9.8" https://git.openssl.org/gitweb/?p=openssl.git;a=blob;f=NEWS ..??? | 14:45 |
|---|
| kerio | The 0.9.8 and 1.0.0 versions [of openssl] are now out of support and should not be used. | 17:57 |
|---|
| kerio | freemangordon: are we going to update openssl's DEFAULT cipherlist? | 18:57 |
|---|---|---|
| bencoh | kerio: what does openssl 1.x says about those? | 20:00 |
| kerio | alright, openssl HEAD does 37MB/s of chacha20-poly1305 on my sheevaplug | 03:29 |
|---|
| ente | but I didn't find any similar efforts for n9 - can someone point me in the right direction here? I don't want to keep running ages old openssl and glibc | 05:09 |
|---|
| luf_ | Hmmm, I hitted problem with openssl-0.9.8-dbg dependency while apt-get upgrade (installing gcc-linaro) | 02:30 |
|---|
| luf_ | Does it work with openssl s_client? | 03:16 |
|---|---|---|
| jonwil | dont know about openssl but wget (which I believe ultimately uses openssl underneath) gives errors even for domains that work correctly in microb | 03:22 |
| jonwil | yeah wget uses openssl | 03:22 |
| luf_ | jonwil: openssl s_client can show you the error in more verbose form. | 03:27 |
| jonwil | It tells me "unable to get local issuer certificate" (which reads like openssl cant read the ca store) | 03:28 |
| jonwil | so using openssl to see whats wrong with microb is not going to help | 03:29 |
| freemangordon | jonwil: openssl s_client needs certificate path provided, something like -CApath | 07:18 |
| jonwil | so yeah its definatly microb-engine or nss that's at fault, not the set of certificates (openssl s_client works with the right certificate path) | 08:46 |
| bencoh | hmm, looks like the (unofficial) openssl api / x86 abi changelog page disappeared | 22:28 |
|---|
| kerio | openssl 0.9.8zh? | 20:26 |
|---|---|---|
| freemangordon | kerio: https://github.com/community-ssu/openssl | 22:49 |
| freemangordon | and https://github.com/community-ssu/openssl/blob/master/HOWTOBUILD | 22:49 |
| bencoh | we have to modify every single openssl-depend program because openssl had a fucked up API | 15:18 |
|---|---|---|
| bencoh | (it's like going through debian patches of openssl - last they tried, they blowed it ;p) | 23:24 |
| bencoh | merlin1991: in case you're planning a cssu-stable release anytime "soon", maybe it should include openssl-0.9.8zf and glibc from -testing (security updates for both) | 22:21 |
|---|---|---|
| bencoh | we checked ABI for openssl-0.9.8zf | 22:41 |
| bencoh | buiding openssl, checking prototypes / symbols | 22:42 |
| kerio | hasn't cssu-testing been using openssl 0.9.8zf for a while? | 22:42 |
| jonwil | my god openssl takes forever to compile... | 04:10 |
|---|---|---|
| jonwil | plus the latest openssl 0.9.8zf | 10:40 |
| bencoh | hmm, we might need to either try and move to openssl 1.x or backport tls>1.0 support .... | 19:40 |
|---|
| jonwil | ok, so regarding (for example) openssl, what you do is you keep the current openssl0.9.8 (patched with whatever the latest 0.9.8 point release is) right where it is at libcrypto.so.0.9.8 and libssl.so.0.9.8 then you put the new openssl at libcrypto.so.1.x.x and libssl.so.1.x.x or whatever and have the new binaries link to it. | 15:22 |
|---|---|---|
| jonwil | Unless there is something I dont know about, I dont see why having multiple versions of openssl side by side would be an issue | 15:22 |
| kerio | openssl_0.9.8zf-1+maemo1+0m5+0cssu0+thumb0 huh | 23:21 |
|---|
| stryngs | sunweaver: Just cause we're rocking "OpenSSH_5.1p1 Debian-6.maemo5, OpenSSL 0.9.8n 24 Mar 2010 | 22:48 |
|---|---|---|
| bencoh | stryngs: we have a more recent openssl ;) | 22:48 |
| kerio | pls give openssl 1.0.2 | 00:52 |
|---|
| kerio | but why are we talking about modest when openssl is still not properly thumbified? :( | 00:38 |
|---|---|---|
| kerio | ༼ つ ◕_◕ ༽つ Give OPENSSL | 00:38 |
| Pali | openssl | 00:40 |
| kerio | no no, we have an openssl 0.9.8zwhatever package | 00:40 |
| kerio | freemangordon: openssl pls | 14:04 |
|---|
| kerio | freemangordon: btw you're shipping a very old thumby openssl | 18:50 |
|---|
| freemangordon | openssl | 14:26 |
|---|---|---|
| freemangordon | kerio: also, afaik the crypto is done in openssl | 14:29 |
| kerio | hrmpf, OpenSSL version header not found. | 15:08 |
| kerio | oh i guess it depends on openssl 1 | 15:11 |
| kerio | freemangordon: where's the thumby openssl? :( | 18:18 |
| kerio | and openssl | 12:53 |
|---|---|---|
| Wizzup | liking the glibc and openssl updates | 19:08 |
| NIN101 | Wizzup: which openssl updates? https://gitorious.org/community-ssu/openssl/activities there is nothing here | 20:39 |
| freemangordon | on the other hand the new openssl seems stable | 13:30 |
|---|---|---|
| merlin1991 | I think I'll add the openssl update aswell since it's been in -devel for quite some time, and as far as I could see no complaints | 13:31 |
| merlin1991 | I just need to build openssl and mce, but for mce I need hald-addon-bme-dev, it's not in the maemo repos, gitorious or github ... | 16:43 |
| freemangordon | merlin1991: I think it is relatively safe o include openssl in the next -testing | 11:37 |
|---|---|---|
| bencoh | hm, headers look bloated in openssl :D | 11:52 |
| bencoh | most most datatype changes reported in http://upstream.rosalinux.ru/versions/openssl.html say "99 symbols affected" (basically every symbole, more or less) | 12:00 |
| kerio | i like how openssl has shit like "is_probably_safari" | 12:10 |
| freemangordon | https://github.com/community-ssu/openssl/tree/0.9.8zf-1%2Bmaemo1%2B0m5%2B0cssu0/debian/patches | 12:13 |
| bencoh | is this patch what I think ? https://github.com/community-ssu/openssl/blob/master/debian/patches/12_valgrind.patch | 12:15 |
| bencoh | why not use squeeze-lts as upstream for openssl ? | 12:17 |
| freemangordon | http://anonscm.debian.org/viewvc/pkg-openssl/openssl/tags/0.9.8o-4squeeze15/debian/patches/ | 12:17 |
| bencoh | https://packages.qa.debian.org/o/openssl/news/20150320T214900Z.html | 12:18 |
| bencoh | http://ftp.de.debian.org/debian/pool/main/o/openssl/openssl_0.9.8o-4squeeze20.debian.tar.gz | 12:21 |
| freemangordon | ~/workspace/cssu/openssl/git/openssl-0.9.8zf] > grep -r THIRTY * | 12:29 |
| freemangordon | crypto/opensslconf.h:#define THIRTY_TWO_BIT | 12:29 |
| freemangordon | ../../include/openssl/pq_compat.h:113:2: error: #error "# if (defined(THIRTY_TWO_BIT) && !defined(BN_LLONG)) || defined(SIXTEEN_BIT) || defined(EIGHT_BIT) *IS NOT* defined, we are busted :(" | 12:35 |
| bencoh | funny thing is ... I cant find those changes in openssl git (git log between tags) :/ | 12:43 |
| freemangordon | https://github.com/openssl/openssl | 12:44 |
| freemangordon | https://github.com/openssl/openssl/commits/OpenSSL_0_9_8zf/crypto/pqueue/pqueue.h | 12:45 |
100 matches in 2270 log files with 87073 lines (0.7 seconds).
Generated by irclogsearch.py 2.15.1 by Marius Gedminas - find it at mg.pov.lt!