[Pkg-openssl-devel] Building alpha3 with -DOPENSSL_TLS_SECURITY_LEVEL=2
Sebastian Andrzej Siewior
sebastian at breakpoint.cc
Wed Jun 17 22:17:39 BST 2020
On 2020-06-17 22:27:48 [+0200], Kurt Roeckx wrote:
> We do not seem to be installing the providers (fips.so and
> legacy.so). I think legacy.so is at least going to be a
> requirement to have available.
Yeah. I fixed that among other things. I have now:
/usr/lib/x86_64-linux-gnu/engines-3/afalg.so
/usr/lib/x86_64-linux-gnu/engines-3/padlock.so
/usr/lib/x86_64-linux-gnu/libcrypto.so.3
/usr/lib/x86_64-linux-gnu/libssl.so.3
/usr/lib/x86_64-linux-gnu/ossl-modules/fips.so
/usr/lib/x86_64-linux-gnu/ossl-modules/legacy.so
I learned that `capi' s a Windows thing I will probably drop it from
unstable, too. It is kind of stupid to enable it by default on !Windoze
platforms.
> Providers probably need a version specific directory, like we do
> for the engines, otherwise we're not going to be able to install
> multiple versions when the soname changes next time.
Good that you point that out, I was about to ask that. I think we need a
so number like we have for engines.
> We might also want to ship fips.so. See here for some details:
> https://wiki.openssl.org/index.php/OpenSSL_3.0#Completing_the_installation_of_the_FIPS_Module
>
>
> Kurt
Sebastian
More information about the Pkg-openssl-devel
mailing list