| Message ID | 20190925100552.9687-1-ummeegge@ipfire.org |
|---|---|
| State | Accepted |
| Commit | 24f9c830eb2fa3e602a7f3ef8286263a339e1369 |
| Headers |
Return-Path: <development-bounces@lists.ipfire.org> Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 46dYbt30SVz42TG for <patchwork@web04.haj.ipfire.org>; Wed, 25 Sep 2019 10:06:02 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail02.haj.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 46dYbs0fYKz2GS; Wed, 25 Sep 2019 10:06:01 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201909rsa; t=1569405961; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:list-id:list-help:list-unsubscribe: list-subscribe:list-post; bh=XHcPYspVr/El0NvVN55SFyUjLLhtvpO0UCgfTGHSwCQ=; b=jfHpEhJICRubXWl4qvV9PR1hYlZmFZ5Th3Yy7A2lCBhQ/pFqu89tRQ5azfzkMLpyXPqW5T zAFYOhAsRZ33VI/S1TSzfxidQTLwcVjbIbAhXUVa+x3yWUytMGDVp+AHOPR0TtQQcRHU5F x8Mp5+a5dCdNTuiBrP/ykxP4Z2ECrcWL4WvYLbnmFvqYJrYnLgpEB225mpb4hYcX7v33As PTP8yE66hYDryr/6nJ/ymPMWpMUvoc4JLk88YIZjPPXXFrWaf6zbQxKSCnuQod+G8N+WDj 6d+dX6QOjPijBJ0PDWMyOIBci3KyYpjEnMDlhjyHVBJ+lgujg5Nlqa9efvz2JA== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=201909ed25519; t=1569405961; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:list-id:list-help:list-unsubscribe: list-subscribe:list-post; bh=XHcPYspVr/El0NvVN55SFyUjLLhtvpO0UCgfTGHSwCQ=; b=2jMZ0TFHP/qxjsBBGJlE/ZaqessRg73lusfclJpmS5Oj6VQdbuU9KLybxI/TbrZOFHY/8b itjx+Oy1yrUb18BA== Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 46dYbr6ZMsz2ycl; Wed, 25 Sep 2019 10:06:00 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 46dYbq4xHhz2xsH for <development@lists.ipfire.org>; Wed, 25 Sep 2019 10:05:59 +0000 (UTC) Received: from ipfire-server.local (i59F4B7D1.versanet.de [89.244.183.209]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPSA id 46dYbq1KwYz2GS; Wed, 25 Sep 2019 10:05:59 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201909rsa; t=1569405959; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc; bh=XHcPYspVr/El0NvVN55SFyUjLLhtvpO0UCgfTGHSwCQ=; b=AUof4GVjNanzh4hF55KHyKERq3T87PQteIYtIhYodhmjKK1eM19+qn9ZheQGMzfJ05PvE9 HUvYsm00NN8yIvqpF6Wyw90+E7vR1HCykKA/ybKp3Vqjx93ksMSkCoXGRSCCiueV0Scq2c eROc7mMds61bdC8/lXZPIMXFwRoQiqK5uwCzXy0/naQK63kuKnv1msj1clDIQ3iJa9JYuW uecESuIIr/vp4o7UFlmq9Wig7K7mnsPYt2GgHGn07F+ZkD6zooyrPId0Q1+J6reeSBYIQs dd4w4rRLFSKiPdQ9dfKgbnVBft9rIq29Ieo4hqb/0FjG+C1qWohppWrCZ9yjeQ== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=201909ed25519; t=1569405959; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc; bh=XHcPYspVr/El0NvVN55SFyUjLLhtvpO0UCgfTGHSwCQ=; b=Pr5V3XEJ3P6PH4Oj96amHU4IeNxv10nLCOivIFD4M3i3vUKC8w1Gw+2ClisRp8lRO81r8l ZJ/4t4hmHXQ6N7DA== From: Erik Kapfer <ummeegge@ipfire.org> To: development@lists.ipfire.org Subject: [PATCH] Net-SSLeay: Update to version 1.88 Date: Wed, 25 Sep 2019 12:05:52 +0200 Message-Id: <20190925100552.9687-1-ummeegge@ipfire.org> Authentication-Results: mail01.ipfire.org; auth=pass smtp.auth=ummeegge smtp.mailfrom=ummeegge@ipfire.org X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFire development talk <development.lists.ipfire.org> List-Unsubscribe: <https://lists.ipfire.org/mailman/options/development>, <mailto:development-request@lists.ipfire.org?subject=unsubscribe> List-Archive: <http://lists.ipfire.org/pipermail/development/> List-Post: <mailto:development@lists.ipfire.org> List-Help: <mailto:development-request@lists.ipfire.org?subject=help> List-Subscribe: <https://lists.ipfire.org/mailman/listinfo/development>, <mailto:development-request@lists.ipfire.org?subject=subscribe> Errors-To: development-bounces@lists.ipfire.org Sender: "Development" <development-bounces@lists.ipfire.org> |
| Series |
Net-SSLeay: Update to version 1.88
|
|
Commit Message
ummeegge
Sept. 25, 2019, 10:05 a.m. UTC
Signed-off-by: Erik Kapfer <ummeegge@ipfire.org>
---
config/rootfiles/common/Net_SSLeay | 1 -
lfs/Net_SSLeay | 6 +++---
2 files changed, 3 insertions(+), 4 deletions(-)
Comments
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> > On 25 Sep 2019, at 11:05, Erik Kapfer <ummeegge@ipfire.org> wrote: > > Signed-off-by: Erik Kapfer <ummeegge@ipfire.org> > --- > config/rootfiles/common/Net_SSLeay | 1 - > lfs/Net_SSLeay | 6 +++--- > 2 files changed, 3 insertions(+), 4 deletions(-) > > diff --git a/config/rootfiles/common/Net_SSLeay b/config/rootfiles/common/Net_SSLeay > index 4f14b74a7..bba719b03 100644 > --- a/config/rootfiles/common/Net_SSLeay > +++ b/config/rootfiles/common/Net_SSLeay > @@ -4,7 +4,6 @@ usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread-multi/Net/SSLeay.pm > usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread-multi/Net/SSLeay/Handle.pm > #usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread-multi/auto/Net/SSLeay > #usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread-multi/auto/Net/SSLeay/.packlist > -#usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread-multi/auto/Net/SSLeay/SSLeay.bs > usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread-multi/auto/Net/SSLeay/SSLeay.so > usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread-multi/auto/Net/SSLeay/autosplit.ix > usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread-multi/auto/Net/SSLeay/debug_read.al > diff --git a/lfs/Net_SSLeay b/lfs/Net_SSLeay > index 90c0a310a..762bf1f4a 100644 > --- a/lfs/Net_SSLeay > +++ b/lfs/Net_SSLeay > @@ -1,7 +1,7 @@ > ############################################################################### > # # > # IPFire.org - A linux based firewall # > -# Copyright (C) 2007-2018 IPFire Team <info@ipfire.org> # > +# Copyright (C) 2007-2019 IPFire Team <info@ipfire.org> # > # # > # This program is free software: you can redistribute it and/or modify # > # it under the terms of the GNU General Public License as published by # > @@ -24,7 +24,7 @@ > > include Config > > -VER = 1.82 > +VER = 1.88 > > THISAPP = Net-SSLeay-$(VER) > DL_FILE = $(THISAPP).tar.gz > @@ -40,7 +40,7 @@ objects = $(DL_FILE) > > $(DL_FILE) = $(DL_FROM)/$(DL_FILE) > > -$(DL_FILE)_MD5 = 2170469d929d5173bacffd0cb2d7fafa > +$(DL_FILE)_MD5 = fcef4985f5f7e0381e3dddd0ee7878d1 > > install : $(TARGET) > > -- > 2.12.2 >
Hi all, it seems that the updated IO-Socket-SSL also needs this updated version of Net-SSLeay. Have tested sendEmail with an updated IO-Socket-SSL only and it did not worked. After Net-SSLeay has also been updated sendEMail worked again. Am not sure which system components depends on an updated of those moduls too. It might be may an idea to add this update to the core 137 update since the new version of IO-Socket-SSL has been already included with Core 136. Best, Erik On Mi, 2019-09-25 at 14:25 +0100, Michael Tremer wrote: > Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> > > > On 25 Sep 2019, at 11:05, Erik Kapfer <ummeegge@ipfire.org> wrote: > > > > Signed-off-by: Erik Kapfer <ummeegge@ipfire.org> > > --- > > config/rootfiles/common/Net_SSLeay | 1 - > > lfs/Net_SSLeay | 6 +++--- > > 2 files changed, 3 insertions(+), 4 deletions(-) > > > > diff --git a/config/rootfiles/common/Net_SSLeay > > b/config/rootfiles/common/Net_SSLeay > > index 4f14b74a7..bba719b03 100644 > > --- a/config/rootfiles/common/Net_SSLeay > > +++ b/config/rootfiles/common/Net_SSLeay > > @@ -4,7 +4,6 @@ usr/lib/perl5/site_perl/5.30.0/MACHINE-linux- > > thread-multi/Net/SSLeay.pm > > usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- > > multi/Net/SSLeay/Handle.pm > > #usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- > > multi/auto/Net/SSLeay > > #usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- > > multi/auto/Net/SSLeay/.packlist > > -#usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- > > multi/auto/Net/SSLeay/SSLeay.bs > > usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- > > multi/auto/Net/SSLeay/SSLeay.so > > usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- > > multi/auto/Net/SSLeay/autosplit.ix > > usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- > > multi/auto/Net/SSLeay/debug_read.al > > diff --git a/lfs/Net_SSLeay b/lfs/Net_SSLeay > > index 90c0a310a..762bf1f4a 100644 > > --- a/lfs/Net_SSLeay > > +++ b/lfs/Net_SSLeay > > @@ -1,7 +1,7 @@ > > ################################################################### > > ############ > > # > > # > > # IPFire.org - A linux based > > firewall # > > -# Copyright (C) 2007-2018 IPFire Team <info@ipfire.org> > > # > > +# Copyright (C) 2007-2019 IPFire Team <info@ipfire.org> > > # > > # > > # > > # This program is free software: you can redistribute it and/or > > modify # > > # it under the terms of the GNU General Public License as published > > by # > > @@ -24,7 +24,7 @@ > > > > include Config > > > > -VER = 1.82 > > +VER = 1.88 > > > > THISAPP = Net-SSLeay-$(VER) > > DL_FILE = $(THISAPP).tar.gz > > @@ -40,7 +40,7 @@ objects = $(DL_FILE) > > > > $(DL_FILE) = $(DL_FROM)/$(DL_FILE) > > > > -$(DL_FILE)_MD5 = 2170469d929d5173bacffd0cb2d7fafa > > +$(DL_FILE)_MD5 = fcef4985f5f7e0381e3dddd0ee7878d1 > > > > install : $(TARGET) > > > > -- > > 2.12.2 > > > >
Hi, Just to clarify this: Do we need it for software to function or is it a nice to have? The update has already been on the servers, but since we broke so many things we had to revert the patches and build it again. About four times by now. Poor Arne. Therefore I hope that we can avoid building it for a fifth time. Best, -Michael > On 20 Oct 2019, at 15:39, ummeegge <ummeegge@ipfire.org> wrote: > > Hi all, > it seems that the updated IO-Socket-SSL also needs this updated version > of Net-SSLeay. Have tested sendEmail with an updated IO-Socket-SSL only > and it did not worked. After Net-SSLeay has also been updated sendEMail > worked again. Am not sure which system components depends on an updated > of those moduls too. > > It might be may an idea to add this update to the core 137 update since > the new version of IO-Socket-SSL has been already included with Core > 136. > > Best, > > Erik > > > On Mi, 2019-09-25 at 14:25 +0100, Michael Tremer wrote: >> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> >> >>> On 25 Sep 2019, at 11:05, Erik Kapfer <ummeegge@ipfire.org> wrote: >>> >>> Signed-off-by: Erik Kapfer <ummeegge@ipfire.org> >>> --- >>> config/rootfiles/common/Net_SSLeay | 1 - >>> lfs/Net_SSLeay | 6 +++--- >>> 2 files changed, 3 insertions(+), 4 deletions(-) >>> >>> diff --git a/config/rootfiles/common/Net_SSLeay >>> b/config/rootfiles/common/Net_SSLeay >>> index 4f14b74a7..bba719b03 100644 >>> --- a/config/rootfiles/common/Net_SSLeay >>> +++ b/config/rootfiles/common/Net_SSLeay >>> @@ -4,7 +4,6 @@ usr/lib/perl5/site_perl/5.30.0/MACHINE-linux- >>> thread-multi/Net/SSLeay.pm >>> usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- >>> multi/Net/SSLeay/Handle.pm >>> #usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- >>> multi/auto/Net/SSLeay >>> #usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- >>> multi/auto/Net/SSLeay/.packlist >>> -#usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- >>> multi/auto/Net/SSLeay/SSLeay.bs >>> usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- >>> multi/auto/Net/SSLeay/SSLeay.so >>> usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- >>> multi/auto/Net/SSLeay/autosplit.ix >>> usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- >>> multi/auto/Net/SSLeay/debug_read.al >>> diff --git a/lfs/Net_SSLeay b/lfs/Net_SSLeay >>> index 90c0a310a..762bf1f4a 100644 >>> --- a/lfs/Net_SSLeay >>> +++ b/lfs/Net_SSLeay >>> @@ -1,7 +1,7 @@ >>> ################################################################### >>> ############ >>> # >>> # >>> # IPFire.org - A linux based >>> firewall # >>> -# Copyright (C) 2007-2018 IPFire Team <info@ipfire.org> >>> # >>> +# Copyright (C) 2007-2019 IPFire Team <info@ipfire.org> >>> # >>> # >>> # >>> # This program is free software: you can redistribute it and/or >>> modify # >>> # it under the terms of the GNU General Public License as published >>> by # >>> @@ -24,7 +24,7 @@ >>> >>> include Config >>> >>> -VER = 1.82 >>> +VER = 1.88 >>> >>> THISAPP = Net-SSLeay-$(VER) >>> DL_FILE = $(THISAPP).tar.gz >>> @@ -40,7 +40,7 @@ objects = $(DL_FILE) >>> >>> $(DL_FILE) = $(DL_FROM)/$(DL_FILE) >>> >>> -$(DL_FILE)_MD5 = 2170469d929d5173bacffd0cb2d7fafa >>> +$(DL_FILE)_MD5 = fcef4985f5f7e0381e3dddd0ee7878d1 >>> >>> install : $(TARGET) >>> >>> -- >>> 2.12.2 >>> >> >> >
Hi Michael, On Mo, 2019-10-21 at 10:43 +0100, Michael Tremer wrote: > Hi, > > Just to clarify this: Do we need it for software to function or is it > a nice to have? I just tested sendEmail with this combination (IO-Socket-SSL and Net- SSLeay) where it was needed while those tests. > > The update has already been on the servers, but since we broke so > many things we had to revert the patches and build it again. About > four times by now. Poor Arne. Therefore I hope that we can avoid > building it for a fifth time. Understandable, am really not sure what else depends on the combination with IO-Socket-SSL and Net-SSLeay, the git send-email problem for example needed only an updated IO-Socket-SSL . The only problem i have encountered without an updated Net-SSLeay was with sendEmail (IPFire addon). There was also the explanaition from Cpan which i´ve posted in the IO-Socket-SSL patch conversation. That´s why i´d send this patch here too. So i haven´t recognized malfunctioning in the core structure of IPFire until now but am also not using all components. Difficult to say from my side if it is really needed or if it can may wait until the next core update... > > Best, > -Michael Best, Erik > > > On 20 Oct 2019, at 15:39, ummeegge <ummeegge@ipfire.org> wrote: > > > > Hi all, > > it seems that the updated IO-Socket-SSL also needs this updated > > version > > of Net-SSLeay. Have tested sendEmail with an updated IO-Socket-SSL > > only > > and it did not worked. After Net-SSLeay has also been updated > > sendEMail > > worked again. Am not sure which system components depends on an > > updated > > of those moduls too. > > > > It might be may an idea to add this update to the core 137 update > > since > > the new version of IO-Socket-SSL has been already included with > > Core > > 136. > > > > Best, > > > > Erik > > > > > > On Mi, 2019-09-25 at 14:25 +0100, Michael Tremer wrote: > > > Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> > > > > > > > On 25 Sep 2019, at 11:05, Erik Kapfer <ummeegge@ipfire.org> > > > > wrote: > > > > > > > > Signed-off-by: Erik Kapfer <ummeegge@ipfire.org> > > > > --- > > > > config/rootfiles/common/Net_SSLeay | 1 - > > > > lfs/Net_SSLeay | 6 +++--- > > > > 2 files changed, 3 insertions(+), 4 deletions(-) > > > > > > > > diff --git a/config/rootfiles/common/Net_SSLeay > > > > b/config/rootfiles/common/Net_SSLeay > > > > index 4f14b74a7..bba719b03 100644 > > > > --- a/config/rootfiles/common/Net_SSLeay > > > > +++ b/config/rootfiles/common/Net_SSLeay > > > > @@ -4,7 +4,6 @@ usr/lib/perl5/site_perl/5.30.0/MACHINE-linux- > > > > thread-multi/Net/SSLeay.pm > > > > usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- > > > > multi/Net/SSLeay/Handle.pm > > > > #usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- > > > > multi/auto/Net/SSLeay > > > > #usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- > > > > multi/auto/Net/SSLeay/.packlist > > > > -#usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- > > > > multi/auto/Net/SSLeay/SSLeay.bs > > > > usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- > > > > multi/auto/Net/SSLeay/SSLeay.so > > > > usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- > > > > multi/auto/Net/SSLeay/autosplit.ix > > > > usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- > > > > multi/auto/Net/SSLeay/debug_read.al > > > > diff --git a/lfs/Net_SSLeay b/lfs/Net_SSLeay > > > > index 90c0a310a..762bf1f4a 100644 > > > > --- a/lfs/Net_SSLeay > > > > +++ b/lfs/Net_SSLeay > > > > @@ -1,7 +1,7 @@ > > > > ############################################################### > > > > #### > > > > ############ > > > > # > > > > > > > > # > > > > # IPFire.org - A linux based > > > > firewall # > > > > -# Copyright (C) 2007-2018 IPFire Team <info@ipfire.org> > > > > > > > > # > > > > +# Copyright (C) 2007-2019 IPFire Team <info@ipfire.org> > > > > > > > > # > > > > # > > > > > > > > # > > > > # This program is free software: you can redistribute it and/or > > > > modify # > > > > # it under the terms of the GNU General Public License as > > > > published > > > > by # > > > > @@ -24,7 +24,7 @@ > > > > > > > > include Config > > > > > > > > -VER = 1.82 > > > > +VER = 1.88 > > > > > > > > THISAPP = Net-SSLeay-$(VER) > > > > DL_FILE = $(THISAPP).tar.gz > > > > @@ -40,7 +40,7 @@ objects = $(DL_FILE) > > > > > > > > $(DL_FILE) = $(DL_FROM)/$(DL_FILE) > > > > > > > > -$(DL_FILE)_MD5 = 2170469d929d5173bacffd0cb2d7fafa > > > > +$(DL_FILE)_MD5 = fcef4985f5f7e0381e3dddd0ee7878d1 > > > > > > > > install : $(TARGET) > > > > > > > > -- > > > > 2.12.2 > > > > > > > > > > > >
Hi, > On 21 Oct 2019, at 12:14, ummeegge <ummeegge@ipfire.org> wrote: > > Hi Michael, > > On Mo, 2019-10-21 at 10:43 +0100, Michael Tremer wrote: >> Hi, >> >> Just to clarify this: Do we need it for software to function or is it >> a nice to have? > I just tested sendEmail with this combination (IO-Socket-SSL and Net- > SSLeay) where it was needed while those tests. > >> >> The update has already been on the servers, but since we broke so >> many things we had to revert the patches and build it again. About >> four times by now. Poor Arne. Therefore I hope that we can avoid >> building it for a fifth time. > Understandable, am really not sure what else depends on the combination > with IO-Socket-SSL and Net-SSLeay, the git send-email problem for > example needed only an updated IO-Socket-SSL . The only problem i have > encountered without an updated Net-SSLeay was with sendEmail (IPFire > addon). There was also the explanaition from Cpan which i´ve posted in > the IO-Socket-SSL patch conversation. That´s why i´d send this patch > here too. Didn’t we plan to drop sendEmail because it is no longer supported? Best, -Michael > > So i haven´t recognized malfunctioning in the core structure of IPFire > until now but am also not using all components. Difficult to say from > my side if it is really needed or if it can may wait until the next > core update... > >> >> Best, >> -Michael > > Best, > > Erik > >> >>> On 20 Oct 2019, at 15:39, ummeegge <ummeegge@ipfire.org> wrote: >>> >>> Hi all, >>> it seems that the updated IO-Socket-SSL also needs this updated >>> version >>> of Net-SSLeay. Have tested sendEmail with an updated IO-Socket-SSL >>> only >>> and it did not worked. After Net-SSLeay has also been updated >>> sendEMail >>> worked again. Am not sure which system components depends on an >>> updated >>> of those moduls too. >>> >>> It might be may an idea to add this update to the core 137 update >>> since >>> the new version of IO-Socket-SSL has been already included with >>> Core >>> 136. >>> >>> Best, >>> >>> Erik >>> >>> >>> On Mi, 2019-09-25 at 14:25 +0100, Michael Tremer wrote: >>>> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> >>>> >>>>> On 25 Sep 2019, at 11:05, Erik Kapfer <ummeegge@ipfire.org> >>>>> wrote: >>>>> >>>>> Signed-off-by: Erik Kapfer <ummeegge@ipfire.org> >>>>> --- >>>>> config/rootfiles/common/Net_SSLeay | 1 - >>>>> lfs/Net_SSLeay | 6 +++--- >>>>> 2 files changed, 3 insertions(+), 4 deletions(-) >>>>> >>>>> diff --git a/config/rootfiles/common/Net_SSLeay >>>>> b/config/rootfiles/common/Net_SSLeay >>>>> index 4f14b74a7..bba719b03 100644 >>>>> --- a/config/rootfiles/common/Net_SSLeay >>>>> +++ b/config/rootfiles/common/Net_SSLeay >>>>> @@ -4,7 +4,6 @@ usr/lib/perl5/site_perl/5.30.0/MACHINE-linux- >>>>> thread-multi/Net/SSLeay.pm >>>>> usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- >>>>> multi/Net/SSLeay/Handle.pm >>>>> #usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- >>>>> multi/auto/Net/SSLeay >>>>> #usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- >>>>> multi/auto/Net/SSLeay/.packlist >>>>> -#usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- >>>>> multi/auto/Net/SSLeay/SSLeay.bs >>>>> usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- >>>>> multi/auto/Net/SSLeay/SSLeay.so >>>>> usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- >>>>> multi/auto/Net/SSLeay/autosplit.ix >>>>> usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- >>>>> multi/auto/Net/SSLeay/debug_read.al >>>>> diff --git a/lfs/Net_SSLeay b/lfs/Net_SSLeay >>>>> index 90c0a310a..762bf1f4a 100644 >>>>> --- a/lfs/Net_SSLeay >>>>> +++ b/lfs/Net_SSLeay >>>>> @@ -1,7 +1,7 @@ >>>>> ############################################################### >>>>> #### >>>>> ############ >>>>> # >>>>> >>>>> # >>>>> # IPFire.org - A linux based >>>>> firewall # >>>>> -# Copyright (C) 2007-2018 IPFire Team <info@ipfire.org> >>>>> >>>>> # >>>>> +# Copyright (C) 2007-2019 IPFire Team <info@ipfire.org> >>>>> >>>>> # >>>>> # >>>>> >>>>> # >>>>> # This program is free software: you can redistribute it and/or >>>>> modify # >>>>> # it under the terms of the GNU General Public License as >>>>> published >>>>> by # >>>>> @@ -24,7 +24,7 @@ >>>>> >>>>> include Config >>>>> >>>>> -VER = 1.82 >>>>> +VER = 1.88 >>>>> >>>>> THISAPP = Net-SSLeay-$(VER) >>>>> DL_FILE = $(THISAPP).tar.gz >>>>> @@ -40,7 +40,7 @@ objects = $(DL_FILE) >>>>> >>>>> $(DL_FILE) = $(DL_FROM)/$(DL_FILE) >>>>> >>>>> -$(DL_FILE)_MD5 = 2170469d929d5173bacffd0cb2d7fafa >>>>> +$(DL_FILE)_MD5 = fcef4985f5f7e0381e3dddd0ee7878d1 >>>>> >>>>> install : $(TARGET) >>>>> >>>>> -- >>>>> 2.12.2 >>>>> >>>> >>>> >> >> >
Hi Michael, On Di, 2019-10-22 at 12:39 +0100, Michael Tremer wrote: > Hi, > > > On 21 Oct 2019, at 12:14, ummeegge <ummeegge@ipfire.org> wrote: > > > > Hi Michael, > > > > On Mo, 2019-10-21 at 10:43 +0100, Michael Tremer wrote: > > > Hi, > > > > > > Just to clarify this: Do we need it for software to function or > > > is it > > > a nice to have? > > > > I just tested sendEmail with this combination (IO-Socket-SSL and > > Net- > > SSLeay) where it was needed while those tests. > > > > > > > > The update has already been on the servers, but since we broke so > > > many things we had to revert the patches and build it again. > > > About > > > four times by now. Poor Arne. Therefore I hope that we can avoid > > > building it for a fifth time. > > > > Understandable, am really not sure what else depends on the > > combination > > with IO-Socket-SSL and Net-SSLeay, the git send-email problem for > > example needed only an updated IO-Socket-SSL . The only problem i > > have > > encountered without an updated Net-SSLeay was with sendEmail > > (IPFire > > addon). There was also the explanaition from Cpan which i´ve posted > > in > > the IO-Socket-SSL patch conversation. That´s why i´d send this > > patch > > here too. > > Didn’t we plan to drop sendEmail because it is no longer supported? Did some tests with it and it seems that sendEmail uses the current actual Crypto with an updated Net-SSLeay and IO-Socket-SSL and it just works. Spoken from simplicity and functionality, sendEMail is currently a favorit for me. Nevertheless, their is no further development since 2005 and i can understand it if you want to drop it. Since it is only a Perl script, it is easy to add it again fot those which want it to have. > > Best, > -Michael Best, Erik > > > > > So i haven´t recognized malfunctioning in the core structure of > > IPFire > > until now but am also not using all components. Difficult to say > > from > > my side if it is really needed or if it can may wait until the next > > core update... > > > > > > > > Best, > > > -Michael > > > > Best, > > > > Erik > > > > > > > > > On 20 Oct 2019, at 15:39, ummeegge <ummeegge@ipfire.org> wrote: > > > > > > > > Hi all, > > > > it seems that the updated IO-Socket-SSL also needs this updated > > > > version > > > > of Net-SSLeay. Have tested sendEmail with an updated IO-Socket- > > > > SSL > > > > only > > > > and it did not worked. After Net-SSLeay has also been updated > > > > sendEMail > > > > worked again. Am not sure which system components depends on an > > > > updated > > > > of those moduls too. > > > > > > > > It might be may an idea to add this update to the core 137 > > > > update > > > > since > > > > the new version of IO-Socket-SSL has been already included with > > > > Core > > > > 136. > > > > > > > > Best, > > > > > > > > Erik > > > > > > > > > > > > On Mi, 2019-09-25 at 14:25 +0100, Michael Tremer wrote: > > > > > Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> > > > > > > > > > > > On 25 Sep 2019, at 11:05, Erik Kapfer <ummeegge@ipfire.org> > > > > > > wrote: > > > > > > > > > > > > Signed-off-by: Erik Kapfer <ummeegge@ipfire.org> > > > > > > --- > > > > > > config/rootfiles/common/Net_SSLeay | 1 - > > > > > > lfs/Net_SSLeay | 6 +++--- > > > > > > 2 files changed, 3 insertions(+), 4 deletions(-) > > > > > > > > > > > > diff --git a/config/rootfiles/common/Net_SSLeay > > > > > > b/config/rootfiles/common/Net_SSLeay > > > > > > index 4f14b74a7..bba719b03 100644 > > > > > > --- a/config/rootfiles/common/Net_SSLeay > > > > > > +++ b/config/rootfiles/common/Net_SSLeay > > > > > > @@ -4,7 +4,6 @@ usr/lib/perl5/site_perl/5.30.0/MACHINE- > > > > > > linux- > > > > > > thread-multi/Net/SSLeay.pm > > > > > > usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- > > > > > > multi/Net/SSLeay/Handle.pm > > > > > > #usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- > > > > > > multi/auto/Net/SSLeay > > > > > > #usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- > > > > > > multi/auto/Net/SSLeay/.packlist > > > > > > -#usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- > > > > > > multi/auto/Net/SSLeay/SSLeay.bs > > > > > > usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- > > > > > > multi/auto/Net/SSLeay/SSLeay.so > > > > > > usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- > > > > > > multi/auto/Net/SSLeay/autosplit.ix > > > > > > usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- > > > > > > multi/auto/Net/SSLeay/debug_read.al > > > > > > diff --git a/lfs/Net_SSLeay b/lfs/Net_SSLeay > > > > > > index 90c0a310a..762bf1f4a 100644 > > > > > > --- a/lfs/Net_SSLeay > > > > > > +++ b/lfs/Net_SSLeay > > > > > > @@ -1,7 +1,7 @@ > > > > > > ########################################################### > > > > > > #### > > > > > > #### > > > > > > ############ > > > > > > # > > > > > > > > > > > > > > > > > > # > > > > > > # IPFire.org - A linux based > > > > > > firewall # > > > > > > -# Copyright (C) 2007-2018 IPFire Team <info@ipfire.org> > > > > > > > > > > > > > > > > > > # > > > > > > +# Copyright (C) 2007-2019 IPFire Team <info@ipfire.org> > > > > > > > > > > > > > > > > > > # > > > > > > # > > > > > > > > > > > > > > > > > > # > > > > > > # This program is free software: you can redistribute it > > > > > > and/or > > > > > > modify # > > > > > > # it under the terms of the GNU General Public License as > > > > > > published > > > > > > by # > > > > > > @@ -24,7 +24,7 @@ > > > > > > > > > > > > include Config > > > > > > > > > > > > -VER = 1.82 > > > > > > +VER = 1.88 > > > > > > > > > > > > THISAPP = Net-SSLeay-$(VER) > > > > > > DL_FILE = $(THISAPP).tar.gz > > > > > > @@ -40,7 +40,7 @@ objects = $(DL_FILE) > > > > > > > > > > > > $(DL_FILE) = $(DL_FROM)/$(DL_FILE) > > > > > > > > > > > > -$(DL_FILE)_MD5 = 2170469d929d5173bacffd0cb2d7fafa > > > > > > +$(DL_FILE)_MD5 = fcef4985f5f7e0381e3dddd0ee7878d1 > > > > > > > > > > > > install : $(TARGET) > > > > > > > > > > > > -- > > > > > > 2.12.2 > > > > > > > > > > > > > > > > > > > > > > > >
Hi Michael, On Di, 2019-10-22 at 12:39 +0100, Michael Tremer wrote: > Hi, > > > On 21 Oct 2019, at 12:14, ummeegge <ummeegge@ipfire.org> wrote: > > > > Hi Michael, > > > > On Mo, 2019-10-21 at 10:43 +0100, Michael Tremer wrote: > > > Hi, > > > > > > Just to clarify this: Do we need it for software to function or > > > is it > > > a nice to have? > > > > I just tested sendEmail with this combination (IO-Socket-SSL and > > Net- > > SSLeay) where it was needed while those tests. > > > > > > > > The update has already been on the servers, but since we broke so > > > many things we had to revert the patches and build it again. > > > About > > > four times by now. Poor Arne. Therefore I hope that we can avoid > > > building it for a fifth time. > > > > Understandable, am really not sure what else depends on the > > combination > > with IO-Socket-SSL and Net-SSLeay, the git send-email problem for > > example needed only an updated IO-Socket-SSL . The only problem i > > have > > encountered without an updated Net-SSLeay was with sendEmail > > (IPFire > > addon). There was also the explanaition from Cpan which i´ve posted > > in > > the IO-Socket-SSL patch conversation. That´s why i´d send this > > patch > > here too. > > Didn’t we plan to drop sendEmail because it is no longer supported? Did some tests with it and it seems that sendEmail uses the current actual Crypto with an updated Net-SSLeay and IO-Socket-SSL and it just works. Spoken from simplicity and functionality, sendEMail is currently a favorit for me. Nevertheless, their is no further development since 2005 and i can understand it if you want to drop it. Since it is only a Perl script, it is easy to add it again fot those which want it to have. > > Best, > -Michael Best, Erik > > > > > So i haven´t recognized malfunctioning in the core structure of > > IPFire > > until now but am also not using all components. Difficult to say > > from > > my side if it is really needed or if it can may wait until the next > > core update... > > > > > > > > Best, > > > -Michael > > > > Best, > > > > Erik > > > > > > > > > On 20 Oct 2019, at 15:39, ummeegge <ummeegge@ipfire.org> wrote: > > > > > > > > Hi all, > > > > it seems that the updated IO-Socket-SSL also needs this updated > > > > version > > > > of Net-SSLeay. Have tested sendEmail with an updated IO-Socket- > > > > SSL > > > > only > > > > and it did not worked. After Net-SSLeay has also been updated > > > > sendEMail > > > > worked again. Am not sure which system components depends on an > > > > updated > > > > of those moduls too. > > > > > > > > It might be may an idea to add this update to the core 137 > > > > update > > > > since > > > > the new version of IO-Socket-SSL has been already included with > > > > Core > > > > 136. > > > > > > > > Best, > > > > > > > > Erik > > > > > > > > > > > > On Mi, 2019-09-25 at 14:25 +0100, Michael Tremer wrote: > > > > > Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> > > > > > > > > > > > On 25 Sep 2019, at 11:05, Erik Kapfer <ummeegge@ipfire.org> > > > > > > wrote: > > > > > > > > > > > > Signed-off-by: Erik Kapfer <ummeegge@ipfire.org> > > > > > > --- > > > > > > config/rootfiles/common/Net_SSLeay | 1 - > > > > > > lfs/Net_SSLeay | 6 +++--- > > > > > > 2 files changed, 3 insertions(+), 4 deletions(-) > > > > > > > > > > > > diff --git a/config/rootfiles/common/Net_SSLeay > > > > > > b/config/rootfiles/common/Net_SSLeay > > > > > > index 4f14b74a7..bba719b03 100644 > > > > > > --- a/config/rootfiles/common/Net_SSLeay > > > > > > +++ b/config/rootfiles/common/Net_SSLeay > > > > > > @@ -4,7 +4,6 @@ usr/lib/perl5/site_perl/5.30.0/MACHINE- > > > > > > linux- > > > > > > thread-multi/Net/SSLeay.pm > > > > > > usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- > > > > > > multi/Net/SSLeay/Handle.pm > > > > > > #usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- > > > > > > multi/auto/Net/SSLeay > > > > > > #usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- > > > > > > multi/auto/Net/SSLeay/.packlist > > > > > > -#usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- > > > > > > multi/auto/Net/SSLeay/SSLeay.bs > > > > > > usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- > > > > > > multi/auto/Net/SSLeay/SSLeay.so > > > > > > usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- > > > > > > multi/auto/Net/SSLeay/autosplit.ix > > > > > > usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- > > > > > > multi/auto/Net/SSLeay/debug_read.al > > > > > > diff --git a/lfs/Net_SSLeay b/lfs/Net_SSLeay > > > > > > index 90c0a310a..762bf1f4a 100644 > > > > > > --- a/lfs/Net_SSLeay > > > > > > +++ b/lfs/Net_SSLeay > > > > > > @@ -1,7 +1,7 @@ > > > > > > ########################################################### > > > > > > #### > > > > > > #### > > > > > > ############ > > > > > > # > > > > > > > > > > > > > > > > > > # > > > > > > # IPFire.org - A linux based > > > > > > firewall # > > > > > > -# Copyright (C) 2007-2018 IPFire Team <info@ipfire.org> > > > > > > > > > > > > > > > > > > # > > > > > > +# Copyright (C) 2007-2019 IPFire Team <info@ipfire.org> > > > > > > > > > > > > > > > > > > # > > > > > > # > > > > > > > > > > > > > > > > > > # > > > > > > # This program is free software: you can redistribute it > > > > > > and/or > > > > > > modify # > > > > > > # it under the terms of the GNU General Public License as > > > > > > published > > > > > > by # > > > > > > @@ -24,7 +24,7 @@ > > > > > > > > > > > > include Config > > > > > > > > > > > > -VER = 1.82 > > > > > > +VER = 1.88 > > > > > > > > > > > > THISAPP = Net-SSLeay-$(VER) > > > > > > DL_FILE = $(THISAPP).tar.gz > > > > > > @@ -40,7 +40,7 @@ objects = $(DL_FILE) > > > > > > > > > > > > $(DL_FILE) = $(DL_FROM)/$(DL_FILE) > > > > > > > > > > > > -$(DL_FILE)_MD5 = 2170469d929d5173bacffd0cb2d7fafa > > > > > > +$(DL_FILE)_MD5 = fcef4985f5f7e0381e3dddd0ee7878d1 > > > > > > > > > > > > install : $(TARGET) > > > > > > > > > > > > -- > > > > > > 2.12.2 > > > > > > > > > > > > > > > > > > > > > > > >
Hi,
Does it support TLSv1.3?
Debian is shipping a patch because sendEmail is hardcoded to TLSv1.0. Those are the things I find not okay and why such a project needs to be actively maintained.
If you like, please check some other distributions and add the patches. If it is somewhat maintained by a Debian maintainer I am okay with having it in IPFire.
For this, I searched for about 2 minutes and this is a bad bad problem.
Best,
-Michael
Description: Fix ssl enabled bug.
Bug-Debian: http://bugs.debian.org/679911
Author: Alejandro Garrido Mota <alejandro@debian.org>
--- a/sendEmail
+++ b/sendEmail
@@ -1903,7 +1903,7 @@
if ($conf{'tls_server'} == 1 and $conf{'tls_client'} == 1 and $opt{'tls'} =~ /^(yes|auto)$/) {
printmsg("DEBUG => Starting TLS", 2);
if (SMTPchat('STARTTLS')) { quit($conf{'error'}, 1); }
- if (! IO::Socket::SSL->start_SSL($SERVER, SSL_version => 'SSLv3 TLSv1')) {
+ if (! IO::Socket::SSL->start_SSL($SERVER, SSL_version => 'SSLv23:!SSLv2')) {
quit("ERROR => TLS setup failed: " . IO::Socket::SSL::errstr(), 1);
}
printmsg("DEBUG => TLS: Using cipher: ". $SERVER->get_cipher(), 3);
> On 22 Oct 2019, at 15:33, ummeegge <ummeegge@ipfire.org> wrote:
>
> Hi Michael,
>
> On Di, 2019-10-22 at 12:39 +0100, Michael Tremer wrote:
>> Hi,
>>
>>> On 21 Oct 2019, at 12:14, ummeegge <ummeegge@ipfire.org> wrote:
>>>
>>> Hi Michael,
>>>
>>> On Mo, 2019-10-21 at 10:43 +0100, Michael Tremer wrote:
>>>> Hi,
>>>>
>>>> Just to clarify this: Do we need it for software to function or
>>>> is it
>>>> a nice to have?
>>>
>>> I just tested sendEmail with this combination (IO-Socket-SSL and
>>> Net-
>>> SSLeay) where it was needed while those tests.
>>>
>>>>
>>>> The update has already been on the servers, but since we broke so
>>>> many things we had to revert the patches and build it again.
>>>> About
>>>> four times by now. Poor Arne. Therefore I hope that we can avoid
>>>> building it for a fifth time.
>>>
>>> Understandable, am really not sure what else depends on the
>>> combination
>>> with IO-Socket-SSL and Net-SSLeay, the git send-email problem for
>>> example needed only an updated IO-Socket-SSL . The only problem i
>>> have
>>> encountered without an updated Net-SSLeay was with sendEmail
>>> (IPFire
>>> addon). There was also the explanaition from Cpan which i´ve posted
>>> in
>>> the IO-Socket-SSL patch conversation. That´s why i´d send this
>>> patch
>>> here too.
>>
>> Didn’t we plan to drop sendEmail because it is no longer supported?
>
> Did some tests with it and it seems that sendEmail uses the current
> actual Crypto with an updated Net-SSLeay and IO-Socket-SSL and it just
> works. Spoken from simplicity and functionality, sendEMail is currently
> a favorit for me.
> Nevertheless, their is no further development since 2005 and i can
> understand it if you want to drop it. Since it is only a Perl script,
> it is easy to add it again fot those which want it to have.
>
>>
>> Best,
>> -Michael
>
> Best,
>
> Erik
>
>>
>>>
>>> So i haven´t recognized malfunctioning in the core structure of
>>> IPFire
>>> until now but am also not using all components. Difficult to say
>>> from
>>> my side if it is really needed or if it can may wait until the next
>>> core update...
>>>
>>>>
>>>> Best,
>>>> -Michael
>>>
>>> Best,
>>>
>>> Erik
>>>
>>>>
>>>>> On 20 Oct 2019, at 15:39, ummeegge <ummeegge@ipfire.org> wrote:
>>>>>
>>>>> Hi all,
>>>>> it seems that the updated IO-Socket-SSL also needs this updated
>>>>> version
>>>>> of Net-SSLeay. Have tested sendEmail with an updated IO-Socket-
>>>>> SSL
>>>>> only
>>>>> and it did not worked. After Net-SSLeay has also been updated
>>>>> sendEMail
>>>>> worked again. Am not sure which system components depends on an
>>>>> updated
>>>>> of those moduls too.
>>>>>
>>>>> It might be may an idea to add this update to the core 137
>>>>> update
>>>>> since
>>>>> the new version of IO-Socket-SSL has been already included with
>>>>> Core
>>>>> 136.
>>>>>
>>>>> Best,
>>>>>
>>>>> Erik
>>>>>
>>>>>
>>>>> On Mi, 2019-09-25 at 14:25 +0100, Michael Tremer wrote:
>>>>>> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
>>>>>>
>>>>>>> On 25 Sep 2019, at 11:05, Erik Kapfer <ummeegge@ipfire.org>
>>>>>>> wrote:
>>>>>>>
>>>>>>> Signed-off-by: Erik Kapfer <ummeegge@ipfire.org>
>>>>>>> ---
>>>>>>> config/rootfiles/common/Net_SSLeay | 1 -
>>>>>>> lfs/Net_SSLeay | 6 +++---
>>>>>>> 2 files changed, 3 insertions(+), 4 deletions(-)
>>>>>>>
>>>>>>> diff --git a/config/rootfiles/common/Net_SSLeay
>>>>>>> b/config/rootfiles/common/Net_SSLeay
>>>>>>> index 4f14b74a7..bba719b03 100644
>>>>>>> --- a/config/rootfiles/common/Net_SSLeay
>>>>>>> +++ b/config/rootfiles/common/Net_SSLeay
>>>>>>> @@ -4,7 +4,6 @@ usr/lib/perl5/site_perl/5.30.0/MACHINE-
>>>>>>> linux-
>>>>>>> thread-multi/Net/SSLeay.pm
>>>>>>> usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread-
>>>>>>> multi/Net/SSLeay/Handle.pm
>>>>>>> #usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread-
>>>>>>> multi/auto/Net/SSLeay
>>>>>>> #usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread-
>>>>>>> multi/auto/Net/SSLeay/.packlist
>>>>>>> -#usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread-
>>>>>>> multi/auto/Net/SSLeay/SSLeay.bs
>>>>>>> usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread-
>>>>>>> multi/auto/Net/SSLeay/SSLeay.so
>>>>>>> usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread-
>>>>>>> multi/auto/Net/SSLeay/autosplit.ix
>>>>>>> usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread-
>>>>>>> multi/auto/Net/SSLeay/debug_read.al
>>>>>>> diff --git a/lfs/Net_SSLeay b/lfs/Net_SSLeay
>>>>>>> index 90c0a310a..762bf1f4a 100644
>>>>>>> --- a/lfs/Net_SSLeay
>>>>>>> +++ b/lfs/Net_SSLeay
>>>>>>> @@ -1,7 +1,7 @@
>>>>>>> ###########################################################
>>>>>>> ####
>>>>>>> ####
>>>>>>> ############
>>>>>>> #
>>>>>>>
>>>>>>>
>>>>>>> #
>>>>>>> # IPFire.org - A linux based
>>>>>>> firewall #
>>>>>>> -# Copyright (C) 2007-2018 IPFire Team <info@ipfire.org>
>>>>>>>
>>>>>>>
>>>>>>> #
>>>>>>> +# Copyright (C) 2007-2019 IPFire Team <info@ipfire.org>
>>>>>>>
>>>>>>>
>>>>>>> #
>>>>>>> #
>>>>>>>
>>>>>>>
>>>>>>> #
>>>>>>> # This program is free software: you can redistribute it
>>>>>>> and/or
>>>>>>> modify #
>>>>>>> # it under the terms of the GNU General Public License as
>>>>>>> published
>>>>>>> by #
>>>>>>> @@ -24,7 +24,7 @@
>>>>>>>
>>>>>>> include Config
>>>>>>>
>>>>>>> -VER = 1.82
>>>>>>> +VER = 1.88
>>>>>>>
>>>>>>> THISAPP = Net-SSLeay-$(VER)
>>>>>>> DL_FILE = $(THISAPP).tar.gz
>>>>>>> @@ -40,7 +40,7 @@ objects = $(DL_FILE)
>>>>>>>
>>>>>>> $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>>>>>>>
>>>>>>> -$(DL_FILE)_MD5 = 2170469d929d5173bacffd0cb2d7fafa
>>>>>>> +$(DL_FILE)_MD5 = fcef4985f5f7e0381e3dddd0ee7878d1
>>>>>>>
>>>>>>> install : $(TARGET)
>>>>>>>
>>>>>>> --
>>>>>>> 2.12.2
Hi Michael, On Mi, 2019-10-23 at 10:14 +0100, Michael Tremer wrote: > Hi, > > Does it support TLSv1.3? If the new Net-SSLeay is available it should yes. > > Debian is shipping a patch because sendEmail is hardcoded to TLSv1.0. > Those are the things I find not okay and why such a project needs to > be actively maintained. > > If you like, please check some other distributions and add the > patches. If it is somewhat maintained by a Debian maintainer I am > okay with having it in IPFire. > > For this, I searched for about 2 minutes and this is a bad bad > problem. > > Best, > -Michael > > Description: Fix ssl enabled bug. > Bug-Debian: http://bugs.debian.org/679911 > Author: Alejandro Garrido Mota <alejandro@debian.org> > --- a/sendEmail > +++ b/sendEmail > @@ -1903,7 +1903,7 @@ > if ($conf{'tls_server'} == 1 and $conf{'tls_client'} == 1 and > $opt{'tls'} =~ /^(yes|auto)$/) { > printmsg("DEBUG => Starting TLS", 2); > if (SMTPchat('STARTTLS')) { quit($conf{'error'}, 1); } > - if (! IO::Socket::SSL->start_SSL($SERVER, SSL_version => > 'SSLv3 TLSv1')) { > + if (! IO::Socket::SSL->start_SSL($SERVER, SSL_version => > 'SSLv23:!SSLv2')) { > quit("ERROR => TLS setup failed: " . > IO::Socket::SSL::errstr(), 1); > } > printmsg("DEBUG => TLS: Using cipher: ". $SERVER- > >get_cipher(), 3); This patch is already in the IPFire sources from sendEmail integrated and i think it is in first case because of compatibility reasons since it admits SSLv3, TLSv1.0, TLSv1.1+ and forbids only SSLv2. In IO- Socket-SSL documentation it is also explained like that: " SSL_version Sets the version of the SSL protocol used to transmit data. 'SSLv23' uses a handshake compatible with SSL2.0, SSL3.0 and TLS1.x, while 'SSLv2', 'SSLv3', 'TLSv1', 'TLSv1_1', 'TLSv1_2', or 'TLSv1_3' restrict handshake and protocol to the specified version. All values are case-insensitive. Instead of 'TLSv1_1', 'TLSv1_2', and 'TLSv1_3' one can also use 'TLSv11', 'TLSv12', and 'TLSv13'. Support for 'TLSv1_1', 'TLSv1_2', and 'TLSv1_3' requires recent versions of Net::SSLeay and openssl. " <-- From https://metacpan.org/pod/IO::Socket::SSL . To permit only TLSv1.2 and TLSv1.3 something like this --- /tmp/sendEmail.orig 2019-10-24 13:32:31.704118956 +0000 +++ /tmp/sendEmail 2019-10-24 13:39:48.855084039 +0000 @@ -1903,7 +1903,7 @@ if ($conf{'tls_server'} == 1 and $conf{'tls_client'} == 1 and $opt{'tls'} =~ /^(yes|auto)$/) { printmsg("DEBUG => Starting TLS", 2); if (SMTPchat('STARTTLS')) { quit($conf{'error'}, 1); } - if (! IO::Socket::SSL->start_SSL($SERVER, SSL_version => 'SSLv23:!SSLv2')) { + if (! IO::Socket::SSL->start_SSL($SERVER, SSL_version => '!SSLv2:!SSLv3:!TLSv1:!TLSv1_1:TLSv1_2')) { quit("ERROR => TLS setup failed: " . IO::Socket::SSL::errstr(), 1); } printmsg("DEBUG => TLS: Using cipher: ". $SERVER->get_cipher(), 3); is needed. Have tested both version, the regular source and the above patch and grab the traffic via tshark. Both versions used TLSv1.2 since it is the best one which web.de in that case has offered. > > > > On 22 Oct 2019, at 15:33, ummeegge <ummeegge@ipfire.org> wrote: > > > > Hi Michael, > > > > On Di, 2019-10-22 at 12:39 +0100, Michael Tremer wrote: > > > Hi, > > > > > > > On 21 Oct 2019, at 12:14, ummeegge <ummeegge@ipfire.org> wrote: > > > > > > > > Hi Michael, > > > > > > > > On Mo, 2019-10-21 at 10:43 +0100, Michael Tremer wrote: > > > > > Hi, > > > > > > > > > > Just to clarify this: Do we need it for software to function > > > > > or > > > > > is it > > > > > a nice to have? > > > > > > > > I just tested sendEmail with this combination (IO-Socket-SSL > > > > and > > > > Net- > > > > SSLeay) where it was needed while those tests. > > > > > > > > > > > > > > The update has already been on the servers, but since we > > > > > broke so > > > > > many things we had to revert the patches and build it again. > > > > > About > > > > > four times by now. Poor Arne. Therefore I hope that we can > > > > > avoid > > > > > building it for a fifth time. > > > > > > > > Understandable, am really not sure what else depends on the > > > > combination > > > > with IO-Socket-SSL and Net-SSLeay, the git send-email problem > > > > for > > > > example needed only an updated IO-Socket-SSL . The only problem > > > > i > > > > have > > > > encountered without an updated Net-SSLeay was with sendEmail > > > > (IPFire > > > > addon). There was also the explanaition from Cpan which i´ve > > > > posted > > > > in > > > > the IO-Socket-SSL patch conversation. That´s why i´d send this > > > > patch > > > > here too. > > > > > > Didn’t we plan to drop sendEmail because it is no longer > > > supported? > > > > Did some tests with it and it seems that sendEmail uses the current > > actual Crypto with an updated Net-SSLeay and IO-Socket-SSL and it > > just > > works. Spoken from simplicity and functionality, sendEMail is > > currently > > a favorit for me. > > Nevertheless, their is no further development since 2005 and i can > > understand it if you want to drop it. Since it is only a Perl > > script, > > it is easy to add it again fot those which want it to have. > > > > > > > > Best, > > > -Michael > > > > Best, > > > > Erik > > > > > > > > > > > > > So i haven´t recognized malfunctioning in the core structure of > > > > IPFire > > > > until now but am also not using all components. Difficult to > > > > say > > > > from > > > > my side if it is really needed or if it can may wait until the > > > > next > > > > core update... > > > > > > > > > > > > > > Best, > > > > > -Michael > > > > > > > > Best, > > > > > > > > Erik > > > > > > > > > > > > > > > On 20 Oct 2019, at 15:39, ummeegge <ummeegge@ipfire.org> > > > > > > wrote: > > > > > > > > > > > > Hi all, > > > > > > it seems that the updated IO-Socket-SSL also needs this > > > > > > updated > > > > > > version > > > > > > of Net-SSLeay. Have tested sendEmail with an updated IO- > > > > > > Socket- > > > > > > SSL > > > > > > only > > > > > > and it did not worked. After Net-SSLeay has also been > > > > > > updated > > > > > > sendEMail > > > > > > worked again. Am not sure which system components depends > > > > > > on an > > > > > > updated > > > > > > of those moduls too. > > > > > > > > > > > > It might be may an idea to add this update to the core 137 > > > > > > update > > > > > > since > > > > > > the new version of IO-Socket-SSL has been already included > > > > > > with > > > > > > Core > > > > > > 136. > > > > > > > > > > > > Best, > > > > > > > > > > > > Erik > > > > > > > > > > > > > > > > > > On Mi, 2019-09-25 at 14:25 +0100, Michael Tremer wrote: > > > > > > > Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> > > > > > > > > > > > > > > > On 25 Sep 2019, at 11:05, Erik Kapfer < > > > > > > > > ummeegge@ipfire.org> > > > > > > > > wrote: > > > > > > > > > > > > > > > > Signed-off-by: Erik Kapfer <ummeegge@ipfire.org> > > > > > > > > --- > > > > > > > > config/rootfiles/common/Net_SSLeay | 1 - > > > > > > > > lfs/Net_SSLeay | 6 +++--- > > > > > > > > 2 files changed, 3 insertions(+), 4 deletions(-) > > > > > > > > > > > > > > > > diff --git a/config/rootfiles/common/Net_SSLeay > > > > > > > > b/config/rootfiles/common/Net_SSLeay > > > > > > > > index 4f14b74a7..bba719b03 100644 > > > > > > > > --- a/config/rootfiles/common/Net_SSLeay > > > > > > > > +++ b/config/rootfiles/common/Net_SSLeay > > > > > > > > @@ -4,7 +4,6 @@ usr/lib/perl5/site_perl/5.30.0/MACHINE- > > > > > > > > linux- > > > > > > > > thread-multi/Net/SSLeay.pm > > > > > > > > usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- > > > > > > > > multi/Net/SSLeay/Handle.pm > > > > > > > > #usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- > > > > > > > > multi/auto/Net/SSLeay > > > > > > > > #usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- > > > > > > > > multi/auto/Net/SSLeay/.packlist > > > > > > > > -#usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- > > > > > > > > multi/auto/Net/SSLeay/SSLeay.bs > > > > > > > > usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- > > > > > > > > multi/auto/Net/SSLeay/SSLeay.so > > > > > > > > usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- > > > > > > > > multi/auto/Net/SSLeay/autosplit.ix > > > > > > > > usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- > > > > > > > > multi/auto/Net/SSLeay/debug_read.al > > > > > > > > diff --git a/lfs/Net_SSLeay b/lfs/Net_SSLeay > > > > > > > > index 90c0a310a..762bf1f4a 100644 > > > > > > > > --- a/lfs/Net_SSLeay > > > > > > > > +++ b/lfs/Net_SSLeay > > > > > > > > @@ -1,7 +1,7 @@ > > > > > > > > ####################################################### > > > > > > > > #### > > > > > > > > #### > > > > > > > > #### > > > > > > > > ############ > > > > > > > > # > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > # > > > > > > > > # IPFire.org - A linux based > > > > > > > > firewall # > > > > > > > > -# Copyright (C) 2007-2018 IPFire Team < > > > > > > > > info@ipfire.org> > > > > > > > > > > > > > > > > > > > > > > > > # > > > > > > > > +# Copyright (C) 2007-2019 IPFire Team < > > > > > > > > info@ipfire.org> > > > > > > > > > > > > > > > > > > > > > > > > # > > > > > > > > # > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > # > > > > > > > > # This program is free software: you can redistribute > > > > > > > > it > > > > > > > > and/or > > > > > > > > modify # > > > > > > > > # it under the terms of the GNU General Public License > > > > > > > > as > > > > > > > > published > > > > > > > > by # > > > > > > > > @@ -24,7 +24,7 @@ > > > > > > > > > > > > > > > > include Config > > > > > > > > > > > > > > > > -VER = 1.82 > > > > > > > > +VER = 1.88 > > > > > > > > > > > > > > > > THISAPP = Net-SSLeay-$(VER) > > > > > > > > DL_FILE = $(THISAPP).tar.gz > > > > > > > > @@ -40,7 +40,7 @@ objects = $(DL_FILE) > > > > > > > > > > > > > > > > $(DL_FILE) = $(DL_FROM)/$(DL_FILE) > > > > > > > > > > > > > > > > -$(DL_FILE)_MD5 = 2170469d929d5173bacffd0cb2d7fafa > > > > > > > > +$(DL_FILE)_MD5 = fcef4985f5f7e0381e3dddd0ee7878d1 > > > > > > > > > > > > > > > > install : $(TARGET) > > > > > > > > > > > > > > > > -- > > > > > > > > 2.12.2 > >
Hi, I am not sure if it is a good idea to disable TLSv1.1 and 1.0, yet. Peter will probably have some idea how common those are still out there. Best, -Michael > On 24 Oct 2019, at 14:57, ummeegge <ummeegge@ipfire.org> wrote: > > Hi Michael, > > On Mi, 2019-10-23 at 10:14 +0100, Michael Tremer wrote: >> Hi, >> >> Does it support TLSv1.3? > If the new Net-SSLeay is available it should yes. > >> >> Debian is shipping a patch because sendEmail is hardcoded to TLSv1.0. >> Those are the things I find not okay and why such a project needs to >> be actively maintained. >> >> If you like, please check some other distributions and add the >> patches. If it is somewhat maintained by a Debian maintainer I am >> okay with having it in IPFire. >> >> For this, I searched for about 2 minutes and this is a bad bad >> problem. >> >> Best, >> -Michael >> >> Description: Fix ssl enabled bug. >> Bug-Debian: http://bugs.debian.org/679911 >> Author: Alejandro Garrido Mota <alejandro@debian.org> >> --- a/sendEmail >> +++ b/sendEmail >> @@ -1903,7 +1903,7 @@ >> if ($conf{'tls_server'} == 1 and $conf{'tls_client'} == 1 and >> $opt{'tls'} =~ /^(yes|auto)$/) { >> printmsg("DEBUG => Starting TLS", 2); >> if (SMTPchat('STARTTLS')) { quit($conf{'error'}, 1); } >> - if (! IO::Socket::SSL->start_SSL($SERVER, SSL_version => >> 'SSLv3 TLSv1')) { >> + if (! IO::Socket::SSL->start_SSL($SERVER, SSL_version => >> 'SSLv23:!SSLv2')) { >> quit("ERROR => TLS setup failed: " . >> IO::Socket::SSL::errstr(), 1); >> } >> printmsg("DEBUG => TLS: Using cipher: ". $SERVER- >>> get_cipher(), 3); > This patch is already in the IPFire sources from sendEmail integrated > and i think it is in first case because of compatibility reasons since > it admits SSLv3, TLSv1.0, TLSv1.1+ and forbids only SSLv2. In IO- > Socket-SSL documentation it is also explained like that: > > " > SSL_version > > Sets the version of the SSL protocol used to transmit data. > 'SSLv23' uses a handshake compatible with SSL2.0, SSL3.0 and TLS1.x, > while 'SSLv2', 'SSLv3', 'TLSv1', 'TLSv1_1', 'TLSv1_2', or 'TLSv1_3' > restrict handshake and protocol to the specified version. All values > are case-insensitive. Instead of 'TLSv1_1', 'TLSv1_2', and 'TLSv1_3' > one can also use 'TLSv11', 'TLSv12', and 'TLSv13'. Support for > 'TLSv1_1', 'TLSv1_2', and 'TLSv1_3' requires recent versions of > Net::SSLeay and openssl. > > " > <-- From https://metacpan.org/pod/IO::Socket::SSL . > > To permit only TLSv1.2 and TLSv1.3 something like this > > --- /tmp/sendEmail.orig 2019-10-24 13:32:31.704118956 +0000 > +++ /tmp/sendEmail 2019-10-24 13:39:48.855084039 +0000 > @@ -1903,7 +1903,7 @@ > if ($conf{'tls_server'} == 1 and $conf{'tls_client'} == 1 and $opt{'tls'} =~ /^(yes|auto)$/) { > printmsg("DEBUG => Starting TLS", 2); > if (SMTPchat('STARTTLS')) { quit($conf{'error'}, 1); } > - if (! IO::Socket::SSL->start_SSL($SERVER, SSL_version => 'SSLv23:!SSLv2')) { > + if (! IO::Socket::SSL->start_SSL($SERVER, SSL_version => '!SSLv2:!SSLv3:!TLSv1:!TLSv1_1:TLSv1_2')) { > quit("ERROR => TLS setup failed: " . IO::Socket::SSL::errstr(), 1); > } > printmsg("DEBUG => TLS: Using cipher: ". $SERVER->get_cipher(), 3); > > is needed. Have tested both version, the regular source and the above > patch and grab the traffic via tshark. Both versions used TLSv1.2 since > it is the best one which web.de in that case has offered. > >> >> >>> On 22 Oct 2019, at 15:33, ummeegge <ummeegge@ipfire.org> wrote: >>> >>> Hi Michael, >>> >>> On Di, 2019-10-22 at 12:39 +0100, Michael Tremer wrote: >>>> Hi, >>>> >>>>> On 21 Oct 2019, at 12:14, ummeegge <ummeegge@ipfire.org> wrote: >>>>> >>>>> Hi Michael, >>>>> >>>>> On Mo, 2019-10-21 at 10:43 +0100, Michael Tremer wrote: >>>>>> Hi, >>>>>> >>>>>> Just to clarify this: Do we need it for software to function >>>>>> or >>>>>> is it >>>>>> a nice to have? >>>>> >>>>> I just tested sendEmail with this combination (IO-Socket-SSL >>>>> and >>>>> Net- >>>>> SSLeay) where it was needed while those tests. >>>>> >>>>>> >>>>>> The update has already been on the servers, but since we >>>>>> broke so >>>>>> many things we had to revert the patches and build it again. >>>>>> About >>>>>> four times by now. Poor Arne. Therefore I hope that we can >>>>>> avoid >>>>>> building it for a fifth time. >>>>> >>>>> Understandable, am really not sure what else depends on the >>>>> combination >>>>> with IO-Socket-SSL and Net-SSLeay, the git send-email problem >>>>> for >>>>> example needed only an updated IO-Socket-SSL . The only problem >>>>> i >>>>> have >>>>> encountered without an updated Net-SSLeay was with sendEmail >>>>> (IPFire >>>>> addon). There was also the explanaition from Cpan which i´ve >>>>> posted >>>>> in >>>>> the IO-Socket-SSL patch conversation. That´s why i´d send this >>>>> patch >>>>> here too. >>>> >>>> Didn’t we plan to drop sendEmail because it is no longer >>>> supported? >>> >>> Did some tests with it and it seems that sendEmail uses the current >>> actual Crypto with an updated Net-SSLeay and IO-Socket-SSL and it >>> just >>> works. Spoken from simplicity and functionality, sendEMail is >>> currently >>> a favorit for me. >>> Nevertheless, their is no further development since 2005 and i can >>> understand it if you want to drop it. Since it is only a Perl >>> script, >>> it is easy to add it again fot those which want it to have. >>> >>>> >>>> Best, >>>> -Michael >>> >>> Best, >>> >>> Erik >>> >>>> >>>>> >>>>> So i haven´t recognized malfunctioning in the core structure of >>>>> IPFire >>>>> until now but am also not using all components. Difficult to >>>>> say >>>>> from >>>>> my side if it is really needed or if it can may wait until the >>>>> next >>>>> core update... >>>>> >>>>>> >>>>>> Best, >>>>>> -Michael >>>>> >>>>> Best, >>>>> >>>>> Erik >>>>> >>>>>> >>>>>>> On 20 Oct 2019, at 15:39, ummeegge <ummeegge@ipfire.org> >>>>>>> wrote: >>>>>>> >>>>>>> Hi all, >>>>>>> it seems that the updated IO-Socket-SSL also needs this >>>>>>> updated >>>>>>> version >>>>>>> of Net-SSLeay. Have tested sendEmail with an updated IO- >>>>>>> Socket- >>>>>>> SSL >>>>>>> only >>>>>>> and it did not worked. After Net-SSLeay has also been >>>>>>> updated >>>>>>> sendEMail >>>>>>> worked again. Am not sure which system components depends >>>>>>> on an >>>>>>> updated >>>>>>> of those moduls too. >>>>>>> >>>>>>> It might be may an idea to add this update to the core 137 >>>>>>> update >>>>>>> since >>>>>>> the new version of IO-Socket-SSL has been already included >>>>>>> with >>>>>>> Core >>>>>>> 136. >>>>>>> >>>>>>> Best, >>>>>>> >>>>>>> Erik >>>>>>> >>>>>>> >>>>>>> On Mi, 2019-09-25 at 14:25 +0100, Michael Tremer wrote: >>>>>>>> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> >>>>>>>> >>>>>>>>> On 25 Sep 2019, at 11:05, Erik Kapfer < >>>>>>>>> ummeegge@ipfire.org> >>>>>>>>> wrote: >>>>>>>>> >>>>>>>>> Signed-off-by: Erik Kapfer <ummeegge@ipfire.org> >>>>>>>>> --- >>>>>>>>> config/rootfiles/common/Net_SSLeay | 1 - >>>>>>>>> lfs/Net_SSLeay | 6 +++--- >>>>>>>>> 2 files changed, 3 insertions(+), 4 deletions(-) >>>>>>>>> >>>>>>>>> diff --git a/config/rootfiles/common/Net_SSLeay >>>>>>>>> b/config/rootfiles/common/Net_SSLeay >>>>>>>>> index 4f14b74a7..bba719b03 100644 >>>>>>>>> --- a/config/rootfiles/common/Net_SSLeay >>>>>>>>> +++ b/config/rootfiles/common/Net_SSLeay >>>>>>>>> @@ -4,7 +4,6 @@ usr/lib/perl5/site_perl/5.30.0/MACHINE- >>>>>>>>> linux- >>>>>>>>> thread-multi/Net/SSLeay.pm >>>>>>>>> usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- >>>>>>>>> multi/Net/SSLeay/Handle.pm >>>>>>>>> #usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- >>>>>>>>> multi/auto/Net/SSLeay >>>>>>>>> #usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- >>>>>>>>> multi/auto/Net/SSLeay/.packlist >>>>>>>>> -#usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- >>>>>>>>> multi/auto/Net/SSLeay/SSLeay.bs >>>>>>>>> usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- >>>>>>>>> multi/auto/Net/SSLeay/SSLeay.so >>>>>>>>> usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- >>>>>>>>> multi/auto/Net/SSLeay/autosplit.ix >>>>>>>>> usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread- >>>>>>>>> multi/auto/Net/SSLeay/debug_read.al >>>>>>>>> diff --git a/lfs/Net_SSLeay b/lfs/Net_SSLeay >>>>>>>>> index 90c0a310a..762bf1f4a 100644 >>>>>>>>> --- a/lfs/Net_SSLeay >>>>>>>>> +++ b/lfs/Net_SSLeay >>>>>>>>> @@ -1,7 +1,7 @@ >>>>>>>>> ####################################################### >>>>>>>>> #### >>>>>>>>> #### >>>>>>>>> #### >>>>>>>>> ############ >>>>>>>>> # >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> # >>>>>>>>> # IPFire.org - A linux based >>>>>>>>> firewall # >>>>>>>>> -# Copyright (C) 2007-2018 IPFire Team < >>>>>>>>> info@ipfire.org> >>>>>>>>> >>>>>>>>> >>>>>>>>> # >>>>>>>>> +# Copyright (C) 2007-2019 IPFire Team < >>>>>>>>> info@ipfire.org> >>>>>>>>> >>>>>>>>> >>>>>>>>> # >>>>>>>>> # >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> # >>>>>>>>> # This program is free software: you can redistribute >>>>>>>>> it >>>>>>>>> and/or >>>>>>>>> modify # >>>>>>>>> # it under the terms of the GNU General Public License >>>>>>>>> as >>>>>>>>> published >>>>>>>>> by # >>>>>>>>> @@ -24,7 +24,7 @@ >>>>>>>>> >>>>>>>>> include Config >>>>>>>>> >>>>>>>>> -VER = 1.82 >>>>>>>>> +VER = 1.88 >>>>>>>>> >>>>>>>>> THISAPP = Net-SSLeay-$(VER) >>>>>>>>> DL_FILE = $(THISAPP).tar.gz >>>>>>>>> @@ -40,7 +40,7 @@ objects = $(DL_FILE) >>>>>>>>> >>>>>>>>> $(DL_FILE) = $(DL_FROM)/$(DL_FILE) >>>>>>>>> >>>>>>>>> -$(DL_FILE)_MD5 = 2170469d929d5173bacffd0cb2d7fafa >>>>>>>>> +$(DL_FILE)_MD5 = fcef4985f5f7e0381e3dddd0ee7878d1 >>>>>>>>> >>>>>>>>> install : $(TARGET) >>>>>>>>> >>>>>>>>> -- >>>>>>>>> 2.12.2
diff --git a/config/rootfiles/common/Net_SSLeay b/config/rootfiles/common/Net_SSLeay index 4f14b74a7..bba719b03 100644 --- a/config/rootfiles/common/Net_SSLeay +++ b/config/rootfiles/common/Net_SSLeay @@ -4,7 +4,6 @@ usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread-multi/Net/SSLeay.pm usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread-multi/Net/SSLeay/Handle.pm #usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread-multi/auto/Net/SSLeay #usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread-multi/auto/Net/SSLeay/.packlist -#usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread-multi/auto/Net/SSLeay/SSLeay.bs usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread-multi/auto/Net/SSLeay/SSLeay.so usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread-multi/auto/Net/SSLeay/autosplit.ix usr/lib/perl5/site_perl/5.30.0/MACHINE-linux-thread-multi/auto/Net/SSLeay/debug_read.al diff --git a/lfs/Net_SSLeay b/lfs/Net_SSLeay index 90c0a310a..762bf1f4a 100644 --- a/lfs/Net_SSLeay +++ b/lfs/Net_SSLeay @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2018 IPFire Team <info@ipfire.org> # +# Copyright (C) 2007-2019 IPFire Team <info@ipfire.org> # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@ include Config -VER = 1.82 +VER = 1.88 THISAPP = Net-SSLeay-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 2170469d929d5173bacffd0cb2d7fafa +$(DL_FILE)_MD5 = fcef4985f5f7e0381e3dddd0ee7878d1 install : $(TARGET)