From owner-freebsd-stable Sun Aug 20 3:57:22 2000 Delivered-To: freebsd-stable@freebsd.org Received: from maynard.mail.mindspring.net (maynard.mail.mindspring.net [207.69.200.243]) by hub.freebsd.org (Postfix) with ESMTP id 8E84837B423; Sun, 20 Aug 2000 03:57:15 -0700 (PDT) Received: from netcom1.netcom.com (user-2initcs.dialup.mindspring.com [165.121.117.156]) by maynard.mail.mindspring.net (8.9.3/8.8.5) with ESMTP id GAA21072; Sun, 20 Aug 2000 06:57:07 -0400 (EDT) Received: by netcom1.netcom.com (Postfix, from userid 1000) id 87BE6E6A02; Sun, 20 Aug 2000 03:56:42 -0700 (PDT) From: Mike Harding To: kris@FreeBSD.org Cc: stable@FreeBSD.org In-reply-to: (message from Kris Kennaway on Sun, 20 Aug 2000 02:30:52 -0700 (PDT)) Subject: Re: HEADS UP: OpenSSL 0.9.5a merge References: Message-Id: <20000820105642.87BE6E6A02@netcom1.netcom.com> Date: Sun, 20 Aug 2000 03:56:42 -0700 (PDT) Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Kris - is there going to be a way in make.conf or similar to pick up the assembly routines for RSA and the bulk crypto? It's twice as fast as the C version that was being built for 0.9.4, at least for RSA. Some of us commercial users have to double up the boxes or buy accelerators or explain why we're not using Linux to support lots of cold RSA connections. Failing that, can the ports be used to build Apache_modssl for 4-stable users? The update only took 5 minutes with a 56K modem. I can't try it right now as dial-on-demand dynamic ppp seems to be flaky with yesterday's buildworld - the 'sticky' default entry isn't working. Anyone else seeing this? - Mike H. X-Authentication-Warning: freefall.freebsd.org: kris owned process doing -bs Date: Sun, 20 Aug 2000 02:30:52 -0700 (PDT) From: Kris Kennaway Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-stable@FreeBSD.ORG X-Loop: FreeBSD.ORG Precedence: bulk X-RULES: lists I've just merged OpenSSL version 0.9.5a back to -stable. It's a bit of a large update (sorry, modem users) but it's worth it for the number of bugfixes, etc, since 0.9.4. I feel obliged to mention that one or two people had complained of weird problems using apache+modssl where netscape refused to authenticate to a server running -current (but IE worked fine) - but try as I might I could never replicate these problems on multiple machines, nor could I analyse a fault from the information they provided to me. In the end, the number of people who are successfully using SSL in -current, and the number of other people who need 0.9.5a, convinced me to do the merge. If you do have problems with the new version, please check the docs on www.openssl.org and www.modssl.org (or wherever) in case it's a FAQ and unrelated to my work, but tell me if not so I can look into it again. Kris -- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message