From owner-freebsd-stable@FreeBSD.ORG Thu Apr 7 06:53:44 2005 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BCD5E16A4CE for ; Thu, 7 Apr 2005 06:53:44 +0000 (GMT) Received: from proxy.ddcom.co.jp (proxy.ddcom.co.jp [211.121.191.163]) by mx1.FreeBSD.org (Postfix) with SMTP id 0358B43D31 for ; Thu, 7 Apr 2005 06:53:44 +0000 (GMT) (envelope-from rees@ddcom.co.jp) Received: (qmail 4806 invoked by alias); 7 Apr 2005 07:06:13 -0000 Received: from unknown (HELO matthew) (10.10.10.11) by mail.ddcom.local with SMTP; 7 Apr 2005 07:06:13 -0000 Date: Thu, 07 Apr 2005 15:53:43 +0900 From: Joel To: freebsd-stable@freebsd.org Message-Id: <20050407153902.D347.REES@ddcom.co.jp> MIME-Version: 1.0 Content-Type: text/plain; charset="ISO-2022-JP" Content-Transfer-Encoding: 7bit X-Mailer: Becky! ver. 2.00.06 Subject: adding opentsa to the system's openssl X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Apr 2005 06:53:44 -0000 I know this is kind of like jumping off the high board before I've checked for water in the pool, but I'm wondering. Long version of the story -- I need to get an opentsa server running, and their site only has patches for openssl 0.9.7e, not for the latest, 0.9.7f. The current version in ports is 0.9.7f. I don't know how to massage the ports collection to get a downlevel version yet, and the boss doesn't want me to take time to learn how. (Silly boss.) So I just used the sample stable-supfile to get the system sources and note that the system version has gone up from 0.9.7d to 0.9.7e . So, I'm thinking to myself this could be heaven or this could be ... If this works, we are going to be wanting to build a dedicated time stamp server anyway, ... and similar sirens are calling from far away, ... but I really don't want to find myself in the situation where I can checkout anytime but never ... Short version -- What kind of grief am I likely to cause myself if I grab the opentsa patch, apply it to the openssl source in /usr/sys/crypto, and make world? There's a voice in my other ear that says the patch was not built to mix with freebsd patches to openssl, so I should just grab the stock openssl and build it completely outside the ports tree, configure the timestamp stuff to use the independently built openssl. -- Joel Rees digitcom, inc. 株式会社デジコム Kobe, Japan +81-78-672-8800 ** **