* [ANNOUNCEMENT] openssl 1.1.1b-1
@ 2019-03-18 1:57 Yaakov Selkowitz
2019-03-20 18:47 ` Brian Inglis
0 siblings, 1 reply; 3+ messages in thread
From: Yaakov Selkowitz @ 2019-03-18 1:57 UTC (permalink / raw)
To: cygwin
The following packages have been uploaded to the Cygwin distribution:
* openssl-1.1.1b-1
* openssl-perl-1.1.1b-1
* libssl1.1-1.1.1b-1
* libssl-devel-1.1.1b-1
* libssl1.0-1.0.2r-2
* libssl1.0-devel-1.0.2r-2
The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and protocols.
This is a major update to the latest upstream release, which includes
the following changes:
* 1.1 changes the API to make data structures opaque to applications. By
now, most active projects have updated their code for 1.1 compatibility,
which is why we waited until now to switch to the 1.1 branch. If you
have code that still needs to be ported, the following may be of help:
https://wiki.openssl.org/index.php/OpenSSL_1.1.0_Changes
* Most of Fedora's patchset has been applied.
* The /usr/ssl directory has been replaced by /etc/pki/tls. In that
directory, there are two separate config files, openssl.cnf for 1.1 and
openssl10.conf for 1.0.
* Due to this change, ca-certificates 2.26 is required.
* Support for system crypto policies has been enabled.
* The upstream location of engines has changed for 1.1, and 1.0 has moved
for consistency. This should be mostly transparent, except for users which
have built their own engines, which should now be rebuilt anyway.
* The 1.0 library is still provided for binary compatibility with existing
packages.
* For those (hopefully rare) packages which are not compatible with 1.1
and for which such a patch cannot be found, a -devel package for 1.0 is
also available. In order to use it, when pkg-config is used to find
openssl, you must add /usr/lib/openssl-1.0/lib/pkgconfig to PKG_CONFIG_PATH,
otherwise you must add /usr/lib/openssl-1.0/include to your includepath and
/usr/lib/openssl-1.0/lib to your libpath. (The exact method will depend on
the package.)
However, please note that 1.0 will only be supported with security fixes
for the remainder of the calendar year, so now is the time to rebuild
your code and packages with, or port them to, 1.1.
--
Yaakov
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [ANNOUNCEMENT] openssl 1.1.1b-1
2019-03-18 1:57 [ANNOUNCEMENT] openssl 1.1.1b-1 Yaakov Selkowitz
@ 2019-03-20 18:47 ` Brian Inglis
2019-03-22 18:16 ` Yaakov Selkowitz
0 siblings, 1 reply; 3+ messages in thread
From: Brian Inglis @ 2019-03-20 18:47 UTC (permalink / raw)
To: cygwin
May be related to
"gost.dll required but missing after latest Cygwin update"
https://cygwin.com/ml/cygwin/2019-03/msg00511.html
--
Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada
This email may be disturbing to some readers as it contains
too much technical detail. Reader discretion is advised.
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [ANNOUNCEMENT] openssl 1.1.1b-1
2019-03-20 18:47 ` Brian Inglis
@ 2019-03-22 18:16 ` Yaakov Selkowitz
0 siblings, 0 replies; 3+ messages in thread
From: Yaakov Selkowitz @ 2019-03-22 18:16 UTC (permalink / raw)
To: cygwin
On Wed, 2019-03-20 at 12:47 -0600, Brian Inglis wrote:
> May be related to
> "gost.dll required but missing after latest Cygwin update"
> https://cygwin.com/ml/cygwin/2019-03/msg00511.html
Not exactly. BIND has a configure-time test for the GOST engine, which
is no longer bundled with OpenSSL 1.1, but I happened to have the
standalone version installed on my system (for testing purposes) at the
time I built bind-9.11.5. Unfortunately, the BIND code clearly does
not attempt to verify that the engine(s) present during the build are
actually present at runtime, leading to the reported error.
bind-9.11.6 will be up soon with the GOST engine now absent from my
system.
--
Yaakov
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2019-03-22 18:16 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-03-18 1:57 [ANNOUNCEMENT] openssl 1.1.1b-1 Yaakov Selkowitz
2019-03-20 18:47 ` Brian Inglis
2019-03-22 18:16 ` Yaakov Selkowitz
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).