[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-developers] openssl upgrade

Subject: Re: [cobalt-developers] openssl upgrade
From: "William L. Thomson Jr." <support@xxxxxxxxxxxxxxxxxxxx>
Date: Fri Sep 20 02:02:01 2002
List-id: Discussion Forum for developers on Sun Cobalt Networks products <cobalt-developers.list.cobalt.com>

Thanks goes to Gerald for the brief instructions below. I was able to
upgrade mod_ssl on my XTR with out any problems, but I have a question
in regard to openssl.

In the process I did replace libssl.so in /etc/httpd/modules as told to
in the instructions below.

But what about the other parts of openssl, do they need to be upgraded
as well?

Like
/usr/lib/openssl.cnf
/usr/sbin/openssl
/usr/sbin/ssltest

Which are part of the apache-openssl-1.3.20-RaQXTR_1C3 so I assume them
to be part of the vulnerable openssl.

So as part of compiling the new openssl-engine, should those files be
replaced with newer versions?

Thanks

On Mon, 2002-09-16 at 09:15, Gerald Waugh wrote:
> 
> ================ No guarantees, and no warranties ==========
>                  ====== informational only ======
>             === if you try it please post results ===
> 
> 1) ssh to server
> 2) su -
> 3) cd /usr/local/src
> 4) wget http://www.openssl.org/source/openssl-engine-0.9.6g.tar.gz
> 5) tar -zxvf openssl-engine-0.9.6g.tar.gz
> 6) rm openssl-engine-0.9.6g.tar.gz
> 7) cd openssl-engine-0.9.6g
> 8)  ./configure
> 9)   make
> 10)  make install  (puts ssl in /usr/local/ssl, won't hurt)
> 11) wget http://www.apache.org/dist/httpd/old/apache_1.3.20.tar.gz
>     I did not use this one, but it should work
>     if not holler!
> 12) tar -zxvf apache_1.3.20.tar.gz
> 13) rm apache_1.3.20.tar.gz
> 
> 14) wget http://www.modssl.org/source/mod_ssl-2.8.4-1.3.20.tar.gz
> 15) tar -zxvf mod_ssl-2.8.4-1.3.20.tar.gz
> 16) rm mod_ssl-2.8.4-1.3.20.tar.gz
> 
> 17) cd mod_ssl-2.8.4-1.3.20
> 18) ./configure --with-apache=../apache_1.3.20/ \
>             --with-apxs=/usr/sbin/apxs \
>             --with-ssl=../openssl-engine-0.9.6g
> 
> 19) cp /etc/httpd/modules/libssl.so /etc/httpd/modules/libssl.so.save
> 20) cp pkg.sslmod/libssl.so /etc/httpd/modules/
> 21) /etc/rc.d/init.d reload
>   httpd may need restart, but try reload
> 
> Gerald
> --
> http://frontstreetnetworks.com | http://raqware.com
> 229 Front Street, Ste. C, New Haven, CT. 06513-3203
> Phone: +1 203-785-0699
> 
> 
> _______________________________________________
> cobalt-developers mailing list
> cobalt-developers@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-developers
> 
-- 
Sincerely,
William L. Thomson Jr.
Support Group
Obsidian-Studios Inc.
439 Amber Way
Petaluma, Ca. 94952
Phone  707.766.9509
Fax    707.766.8989
http://www.obsidian-studios.com

Follow-Ups:
- Re: [cobalt-developers] openssl upgrade
  - From: Gerald Waugh

References:
- [cobalt-developers] openssl upgrade
  - From: Gerald Waugh

Prev by Date: [cobalt-developers] Re: OpenSSL - what state is this in?
Next by Date: [cobalt-developers] RAQ 4 - PHP with GD 2.0
Previous by thread: Re: [cobalt-developers] openssl upgrade
Next by thread: Re: [cobalt-developers] openssl upgrade

Sun Cobalt Developers Message Index

Sun Cobalt Developers Thread Index