[OpenIndiana-discuss] why is an old version of openssl still active

Andreas Wacknitz A.Wacknitz at gmx.de
Thu Feb 27 18:15:58 UTC 2025


Am 27.02.25 um 19:10 schrieb Predrag Zecevic via openindiana-discuss:
> Hi all,
>
> I usually set desired version to be first in PATH
> (/usr/openssl/VERSION/bin, in separate shell):
>
> :; ls -dlh /usr/openssl/*/bin/openssl
> -r-xr-xr-x 1 root bin 762K Feb  5  2024 /usr/openssl/1.0/bin/openssl
> -r-xr-xr-x 1 root bin 684K Feb 17 16:53 /usr/openssl/1.1/bin/openssl
> -r-xr-xr-x 1 root bin 1,2M Feb 17 16:53 /usr/openssl/3/bin/openssl
>
That would only be sufficient for applications that use the binaries.
For library usage you'd typically need more.
We have several examples in the sources of oi-userland where we dealt
with those needed settings.
In many cases our build defaults (version 3) are sufficient but some
projects ignore things like pkgconfig and need more fine tuning.


> HTH
> Regards.
>
>
> On 2025-02-27 18:40, Marc Lobelle via openindiana-discuss wrote:
>> Hello
>>
>> Today I updated openindiana on my server (that I use also as desktop).
>>
>> I had tried to compile the last version of emailrelay (the one I was
>> using was more than 15 years old) and make complains that my openssl
>> was too old. this was my main motivation to update openindiana.
>>
>> After that I verified if openssl was now up to date
>>
>> ml at spitfire:/home/ml$ pkg list |grep ssl
>> library/perl-5/io-socket-ssl-536 2.89-2024.0.0.0            i--
>> library/perl-5/io-socket-ssl-538 2.89-2024.0.0.0            i--
>> library/perl-5/io-socket-ssl-540 2.89-2024.0.0.0            i--
>> library/perl-5/net-ssleay-536 1.94-2024.0.0.2            i--
>> library/perl-5/net-ssleay-538 1.94-2024.0.0.2            i--
>> library/perl-5/net-ssleay-540 1.94-2024.0.0.2            i--
>> library/python/pyopenssl 25.0.0-2025.0.0.0          i--
>> library/python/pyopenssl-39 25.0.0-2025.0.0.0          i--
>> *library/security/openssl 1.0.2.21-2024.0.0.16       i--
>> library/security/openssl-11 1.1.1.23-2025.0.0.5        i--
>> library/security/openssl-3 3.4.1-2025.0.0.0           i--
>> library/security/openssl-3/32 3.4.1-2025.0.0.0           i--
>> library/security/openssl-31 3.1.7-2024.0.0.1           i-r*
>>
>> The old version (1.0.2) is still there but  the new version (3.4.1)
>> is there too
>>
>> However if I type "openssl version"
>>
>> I get the answer
>>
>> ml at spitfire:/home/ml$ openssl version
>> OpenSSL 1.0.2u  20 Dec 2019
>>
>> I understand that the old openssl is still there because at least the
>> old emailrelay uses it but how can I replace it with the new one for
>> the application that need the new version or for all applications if
>> the new version is upward-compatible with the old one ?
>>
>> Thanks
>>
>> Best regards
>>
>> Marc
>> _______________________________________________
>> openindiana-discuss mailing list
>> openindiana-discuss at openindiana.org
>> https://openindiana.org/mailman/listinfo/openindiana-discuss
>




More information about the openindiana-discuss mailing list