Updating openssl on FreeBSD 9.2
Polytropon
freebsd at edvax.de
Mon Apr 7 09:43:10 UTC 2014
On Mon, 07 Apr 2014 01:39:37 -0700, Darren Pilgrim wrote:
> On 4/6/2014 11:52 PM, Polytropon wrote:
> > On Sun, 6 Apr 2014 23:42:35 -0700 (PDT), Jack Mc Lauren wrote:
> >> Hi
> >> I'm using FreeBSD 9.2 which comes with openssl 0.9.8y.
> >> How can I update it to version 1.0.1f?
> >> Thanks in advance.
> >
> > Probably using the ports version should be the easiest
> > method. Update your ports tree, Install security/openssl,
> > and check if any other applications need to be rebuilt.
>
> You need to add WITH_OPENSSL_PORT=yes to /etc/make.conf to enable
> linking to the openssl port.
Yes, that is also needed.
> > If you're using a custom-built system, you can also
> > disable the integration of SSL into the OS by defining
> > WITHOUT_OPENSSL in /etc/src.conf and rebuilding. See
> > "man src.conf" for details.
>
> Don't do this. OpenSSL is needed by so many things in the base that
> it's effectively mandatory. Just rely on WITH_OPENSSL_PORT making the
> ports framework select the correct library.
Still /etc/src.conf allows you to disable most of those
parts. As I have never tried the "full set", I'm not sure
what would break, but at least I assume that more than
one "crypto" component could be affected, maybe even the
system mailing service.
>From "man src.conf":
WITHOUT_CRYPT
Set to not build any crypto code. When set, it also enforces the
following options:
WITHOUT_GSSAPI (can be overridden with WITH_GSSAPI)
WITHOUT_KERBEROS
WITHOUT_KERBEROS_SUPPORT
WITHOUT_OPENSSH
WITHOUT_OPENSSL
[...]
WITHOUT_OPENSSL
Set to not build OpenSSL. When set, it also enforces the follow-
ing options:
WITHOUT_GSSAPI (can be overridden with WITH_GSSAPI)
WITHOUT_KERBEROS
WITHOUT_KERBEROS_SUPPORT
WITHOUT_OPENSSH
Your suggestion is worth following especially in regards of SSH.
--
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...
More information about the freebsd-questions
mailing list