From owner-freebsd-security@FreeBSD.ORG Thu Dec 15 10:34:47 2005 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7AC3716A41F for ; Thu, 15 Dec 2005 10:34:47 +0000 (GMT) (envelope-from barner@gmx.de) Received: from mail.gmx.net (mail.gmx.de [213.165.64.21]) by mx1.FreeBSD.org (Postfix) with SMTP id 89BDA43D64 for ; Thu, 15 Dec 2005 10:34:46 +0000 (GMT) (envelope-from barner@gmx.de) Received: (qmail invoked by alias); 15 Dec 2005 10:34:45 -0000 Received: from unknown (EHLO zi025.glh.mhn.de) [129.187.43.241] by mail.gmx.net (mp039) with SMTP; 15 Dec 2005 11:34:45 +0100 X-Authenticated: #147403 Received: by zi025.glh.mhn.de (Postfix, from userid 1000) id 6A94DC207; Thu, 15 Dec 2005 11:34:57 +0100 (CET) Date: Thu, 15 Dec 2005 11:34:57 +0100 From: Simon Barner To: Tony Holmes Message-ID: <20051215103457.GA68072@zi025.glh.mhn.de> References: <20051214150233.GA36436@crosswinds.net> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="W/nzBZO5zC0uMSeA" Content-Disposition: inline In-Reply-To: <20051214150233.GA36436@crosswinds.net> User-Agent: Mutt/1.5.11 X-Y-GMX-Trusted: 0 Cc: freebsd-security@freebsd.org Subject: Re: Not-So-Newbie Openssl Question X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Dec 2005 10:34:47 -0000 --W/nzBZO5zC0uMSeA Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hello, is remove OpenSSL entirely form the base system and rebuilding that port that were linked against it an option for you? The should pick up OpenSSL from ports, and after moving your certificates to the right location everything should work just fine. Having tow instances of a library on the system is not desirable. If you choose this path, be sure to include NO_OPENSSL into your /etc/make.conf. If you do this, you should also install OpenSSH from the ports system: (from make.conf(5)): NO_OPENSSL (bool) Set to not build OpenSSL (implies NO_KERBEROS and NO_OPENSSH). --=20 Best regards / Viele Gr=FC=DFe, barner@FreeBSD.= org Simon Barner barner@gmx.de --W/nzBZO5zC0uMSeA Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFDoUbRCkn+/eutqCoRAmqMAJwN0bSjo7JXO7kjOj3aSMo12Bp24ACfawoF iN8kbkpIUw4a2Yc1vf2/JH8= =hUGo -----END PGP SIGNATURE----- --W/nzBZO5zC0uMSeA--