[DragonFlyBSD - Bug #3333] Update LibreSSL to 3.6.1

bugtracker-admin at leaf.dragonflybsd.org bugtracker-admin at leaf.dragonflybsd.org
Fri Nov 25 15:11:35 PST 2022 

Issue #3333 has been updated by tuxillo.


h3. Test openssl

<pre>
<code class="terminal">
root@:~ # openssl version 
LibreSSL 3.6.1

root@:~ # echo | openssl s_client -connect google.com:443 | openssl x509 -issuer -noout            
depth=2 C = US, O = Google Trust Services LLC, CN = GTS Root R1
verify return:1
depth=1 C = US, O = Google Trust Services LLC, CN = GTS CA 1C3
verify return:1
depth=0 CN = *.google.com
verify return:1
issuer= /C=US/O=Google Trust Services LLC/CN=GTS CA 1C3
DONE

root@:~ # openssl speed sha256     
Doing sha256 for 3s on 16 size blocks: 12803356 sha256's in 3.02s
Doing sha256 for 3s on 64 size blocks: 6832362 sha256's in 3.02s
Doing sha256 for 3s on 256 size blocks: 3006491 sha256's in 3.02s
Doing sha256 for 3s on 1024 size blocks: 911102 sha256's in 3.02s
Doing sha256 for 3s on 8192 size blocks: 111166 sha256's in 3.02s
LibreSSL 3.6.1
built on: date not available
options:bn(64,64) rc4(16x,int) des(idx,cisc,16,int) aes(partial) idea(int) blowfish(idx)
compiler: information not available
The 'numbers' are in 1000s of bytes per second processed.
type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
sha256           67793.60k   144878.18k   254571.21k   309190.00k   301323.08k

root@:~ # openssl req  -nodes -new -x509  -keyout server.key -out server.cert 
Generating a 2048 bit RSA private key
................................ 
.............................
writing new private key to 'server.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) []:US 
State or Province Name (full name) []:California 
Locality Name (eg, city) []:None 
Organization Name (eg, company) []:Here 
Organizational Unit Name (eg, section) []:OU 
Common Name (eg, fully qualified host name) []:mytest.test.com 
Email Address []: 

root@:~ # openssl x509 -in server.cert -noout -subject -issuer 
subject= /C=US/ST=California/L=None/O=Here/OU=OU/CN=mytest.test.com
issuer= /C=US/ST=California/L=None/O=Here/OU=OU/CN=mytest.test.com

</code>
</pre>

----------------------------------------
Bug #3333: Update LibreSSL to 3.6.1
http://bugs.dragonflybsd.org/issues/3333#change-14426

* Author: tuxillo
* Status: In Progress
* Priority: Normal
* Assignee: tuxillo
* Category: Vendor software
* Target version: 6.4
* Start date: 2022-11-25
----------------------------------------
We're currently using LibreSSL 3.2.5 in base, which is quite old. Need to upgrade to the latest stable, which at the moment is 3.6.1

Following tests are required:

# Test encrypted root installation and boot
# Test pkgng
# Test openssl
# Test ldns consumers
# Test usr.bin/dc
# Test usr.bin/nc


---Files--------------------------------
encrypted_root_361.png (29 KB)
install-vim-from-avalon.png (27.9 KB)


-- 
You have received this notification because you have either subscribed to it, or are involved in it.
To change your notification preferences, please click here: http://bugs.dragonflybsd.org/my/account

More information about the Bugs mailing list