Date: Wed, 06 Apr 2011 09:25:18 -0400 From: "Frank J. Cameron" <cameron@ctc.com> To: Dan Lukes <dan@obluda.cz> Cc: freebsd-security <freebsd-security@freebsd.org> Subject: Re: SSL is broken on FreeBSD Message-ID: <1302096318.3271.114.camel@linux116.ctc.com> In-Reply-To: <4D9BACF6.4060205@obluda.cz> References: <AANLkTin_zZgHRg7QtEwH2V8WOd=nvBcKdYvJkshGCt-R@mail.gmail.com> <BANLkTi=zOG0_tWbkAOex4ojXHdC8f-1v1w@mail.gmail.com> <1302042612.3271.100.camel@linux116.ctc.com> <4D9BACF6.4060205@obluda.cz>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 2011-04-05 at 19:59 -0400, Dan Lukes wrote: > > So, should the port be linking?: > > /usr/local/ssl/cert.pem > -> /usr/local/share/certs/ca-root-nss.crt > > Even in the case I'm not true and there IS "implicit -CApath" then my > answer to your question is "No". > > 1. Installation of ca-root-nss.crt doesn't mean it's installed for > use > with openssl. So we should not affect the openssl behavior > automatically. It was my assumption that the port build was offering to create the link (Dmytro Pryanyshnikov: 'ETCSYMLINK=on "Add symlink to /etc/ssl/cert.pem"') and I assume that the default would be no (though that would be up to the port maintainer I suppose). ------------------------------------------------------------ This message and any files transmitted within are intended solely for the addressee or its representative and may contain company sensitive information. If you are not the intended recipient, notify the sender immediately and delete this message. Publication, reproduction, forwarding, or content disclosure is prohibited without the consent of the original sender and may be unlawful. Concurrent Technologies Corporation and its Affiliates. www.ctc.com 1-800-282-4392 ------------------------------------------------------------
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1302096318.3271.114.camel>