Discussion about Redhat's specialties for the FAQ.
Submitted by: John.Airey@rnib.org.uk Reviewed by: PR: 128
This commit is contained in:
Lutz Jänicke
parent
2edcb4ac71
commit
c4da6dd38a
1 changed files with 36 additions and 0 deletions
36
FAQ
36
FAQ
|
|
@ -39,6 +39,7 @@ OpenSSL - Frequently Asked Questions
|
|||
* Why does the OpenSSL compilation fail on Alpha Tru64 Unix?
|
||||
* Why does the OpenSSL compilation fail with "ar: command not found"?
|
||||
* Why does the OpenSSL compilation fail on Win32 with VC++?
|
||||
* What is special about OpenSSL on Redhat?
|
||||
|
||||
[PROG] Questions about programming with OpenSSL
|
||||
|
||||
|
|
@ -463,6 +464,41 @@ under 'Program Files'). This needs to be done prior to running NMAKE,
|
|||
and the changes are only valid for the current DOS session.
|
||||
|
||||
|
||||
* What is special about OpenSSL on Redhat?
|
||||
|
||||
Red Hat Linux 7.0 and following versions already have a limited version of
|
||||
openssl already installed. This may well apply to other Linux distributions
|
||||
also. This version does not have support for the IDEA, RC5 and MDC-2
|
||||
algorithms as these are patented within the United States. For information
|
||||
these patent numbers and expiry dates are:
|
||||
|
||||
MDC-2: 4,908,861 13/03/2007
|
||||
IDEA: 5,214,703 25/05/2010
|
||||
RC5: 5,724,428 03/03/2015
|
||||
|
||||
However, Europeans and other non-Americans may wish to install all the
|
||||
features.
|
||||
|
||||
To do this you MUST ensure that you do not overwrite the openssl that is in
|
||||
/usr/bin on your Red Hat machine. Several packages depend on this file,
|
||||
including sendmail and ssh. /usr/local/bin is a good alternative choice. The
|
||||
libraries that come with Red Hat 7.0 onwards have different names and so are
|
||||
not affected. (eg For Red Hat 7.2 they are /lib/libssl.so.0.9.6b and
|
||||
/lib/libcrypto.so.0.9.6b with symlinks /lib/libssl.so.2 and
|
||||
/lib/libcrypto.so.2 respectively).
|
||||
|
||||
Please note that we have been advised by Red Hat attempting to recompile the
|
||||
openssl rpm with all the cryptography enabled will not work. All other
|
||||
packages depend on the original Red Hat supplied openssl package. It is also
|
||||
worth noting that due to the way Red Hat supplies its packages, updates to
|
||||
openssl on each distribution never change the package version, only the
|
||||
build number. For example, on Red Hat 7.1, the latest openssl package has
|
||||
version number 0.9.6 and build number 9 even though it contains all the
|
||||
relevant updates in packages up to and including 0.9.6b.
|
||||
|
||||
A possible way around this is to persuade Red Hat to produce a non-US
|
||||
version of Red Hat Linux.
|
||||
|
||||
[PROG] ========================================================================
|
||||
|
||||
* Is OpenSSL thread-safe?
|
||||
|
|
|
|||
Loading…
Reference in a new issue