From jh at opencsw.org Wed Mar 2 15:20:22 2016 From: jh at opencsw.org (Jan Holzhueter) Date: Wed, 2 Mar 2016 15:20:22 +0100 Subject: Openssl Update Message-ID: <56D6F6A6.6010602@opencsw.org> Hi, I pushed the openssl update to unstable yesterday. This disables sslv2 by default now. This seems to cause all kind of funny software breakage. If you hit a problem please let me know. If it's not to much I tend to just rebuild those. Otherwise will rollout a new version which enables sslv2 again. From andy at insitec.com.au Tue Mar 15 06:03:23 2016 From: andy at insitec.com.au (Andy McNeill) Date: Tue, 15 Mar 2016 05:03:23 +0000 (UTC) Subject: Initial install of openCSW References: <0492D9B0A98BE2499F1C3398FD0C7DBE25CA29E7@MOSTLS1MSGUSRFB.ITServices.sbc.com> Message-ID: BRIGGS, RICHARD A writes: > On a machine that does not yet have openCSW >and try to do the pkgadd and I get this?? HTTP/1.1 server?? Why > # pkgadd -d http://get.opencsw.org/now > pkgadd: ERROR: Failure occurred with http(s) > negotiation: > pkgadd: ERROR: unable to download package > datastream from >. ? I'm getting the same error. I can download http and https files fine using wget via the proxy. Did anyone ever find a resolution for this? From jh at opencsw.org Tue Mar 15 08:56:16 2016 From: jh at opencsw.org (Jan Holzhueter) Date: Tue, 15 Mar 2016 08:56:16 +0100 Subject: Initial install of openCSW In-Reply-To: References: <0492D9B0A98BE2499F1C3398FD0C7DBE25CA29E7@MOSTLS1MSGUSRFB.ITServices.sbc.com> Message-ID: <56E7C020.6080008@opencsw.org> Hi, Am 15.03.16 um 06:03 schrieb Andy McNeill: > BRIGGS, RICHARD A writes: > >> On a machine that does not yet have openCSW >> and try to do the pkgadd and I get this? > HTTP/1.1 server? Why >> # pkgadd -d http://get.opencsw.org/now >> pkgadd: ERROR: Failure occurred with http(s) >> negotiation: >> pkgadd: ERROR: unable to download package >> datastream from >> . might be that you pkg tools are to old to support that. Though I think they do for a long time. Or other reasons. > > > I'm getting the same error. > I can download http and https files fine using wget via the proxy. > Did anyone ever find a resolution for this? > Not sure if pkgadd works with proxys. But anyway you can just wget/curl that url. That's a system V package anyway and ust pkgadd that. Greetings Jan From ihsan at opencsw.org Tue Mar 15 09:15:39 2016 From: ihsan at opencsw.org (Ihsan Dogan) Date: Tue, 15 Mar 2016 09:15:39 +0100 Subject: Initial install of openCSW In-Reply-To: <56E7C020.6080008@opencsw.org> References: <0492D9B0A98BE2499F1C3398FD0C7DBE25CA29E7@MOSTLS1MSGUSRFB.ITServices.sbc.com> <56E7C020.6080008@opencsw.org> Message-ID: <20160315081539.GA18323@dogan.ch> Hi, On Tuesday, 15 Mar 2016 08:56 +0100, Jan Holzhueter wrote: > > I'm getting the same error. > > I can download http and https files fine using wget via the proxy. > > Did anyone ever find a resolution for this? > > Not sure if pkgadd works with proxys. > But anyway you can just wget/curl that url. That's a system V package > anyway and ust pkgadd that. Proxies are supported by pkgadd: -x proxy Specify a HTTP[S] proxy to use when downloading packages The format of proxy is host:port, where host is the hostname of the HTTP[S] proxy, and port is the port number associated with the proxy. This switch overrides all other methods of specifying a proxy. See ENVIRONMENT VARIABLES for more information on alternate methods of specifying a default proxy. Ihsan -- ihsan at dogan.ch http://blog.dogan.ch/ From robert.styma at nokia.com Tue Mar 15 14:29:12 2016 From: robert.styma at nokia.com (Styma, Robert (Nokia - US)) Date: Tue, 15 Mar 2016 13:29:12 +0000 Subject: Initial install of openCSW In-Reply-To: References: <0492D9B0A98BE2499F1C3398FD0C7DBE25CA29E7@MOSTLS1MSGUSRFB.ITServices.sbc.com> Message-ID: <90CB6A6A08D55843A6DA957EB08F78F8013B008B7C@US70UWXCHMBA05.zam.alcatel-lucent.com> > > On a machine that does not yet have openCSW > >and try to do the pkgadd and I get this? > HTTP/1.1 server?? Why > > # pkgadd -d http://get.opencsw.org/now > > pkgadd: ERROR: Failure occurred with http(s) > > negotiation: > > pkgadd: ERROR: unable to download package > > datastream from > >. > I would suggest isolating the problem by calling wget separately as in: wget http://mirror.opencsw.org/opencsw/pkgutil.pkg pkgadd -d pkgutil.pkg That may yield more clues. You can generally copy wget from another machine if it is unavailable on the target machine. You can also download independent copies of wget from the Internet. From ihsan at opencsw.org Wed Mar 16 09:45:06 2016 From: ihsan at opencsw.org (Ihsan Dogan) Date: Wed, 16 Mar 2016 09:45:06 +0100 Subject: Openssl Update In-Reply-To: <56D6F6A6.6010602@opencsw.org> References: <56D6F6A6.6010602@opencsw.org> Message-ID: <20160316084506.GA50533@dogan.ch> Hi Jan, On Wednesday, 02 Mar 2016 15:20 +0100, Jan Holzhueter wrote: > I pushed the openssl update to unstable yesterday. > This disables sslv2 by default now. > This seems to cause all kind of funny software breakage. > If you hit a problem please let me know. > If it's not to much I tend to just rebuild those. > Otherwise will rollout a new version which enables sslv2 again. Is 1.0.1s,REV=2016.03.01 with SSLv2 disabled? Ihsan -- ihsan at dogan.ch http://blog.dogan.ch/ From jh at opencsw.org Wed Mar 16 09:47:46 2016 From: jh at opencsw.org (Jan Holzhueter) Date: Wed, 16 Mar 2016 09:47:46 +0100 Subject: Openssl Update In-Reply-To: <20160316084506.GA50533@dogan.ch> References: <56D6F6A6.6010602@opencsw.org> <20160316084506.GA50533@dogan.ch> Message-ID: <56E91DB2.2080802@opencsw.org> Hi, Am 16.03.16 um 09:45 schrieb Ihsan Dogan: > Hi Jan, > > On Wednesday, 02 Mar 2016 15:20 +0100, Jan Holzhueter wrote: > >> I pushed the openssl update to unstable yesterday. >> This disables sslv2 by default now. >> This seems to cause all kind of funny software breakage. >> If you hit a problem please let me know. >> If it's not to much I tend to just rebuild those. >> Otherwise will rollout a new version which enables sslv2 again. > > Is 1.0.1s,REV=2016.03.01 with SSLv2 disabled? yes I have rebuild everything that caused problems. At least the stuff I'm aware off. Greetings Jan From ihsan at opencsw.org Wed Mar 16 18:19:13 2016 From: ihsan at opencsw.org (=?UTF-8?B?xLBoc2FuwqBEb8SfYW4=?=) Date: Wed, 16 Mar 2016 18:19:13 +0100 Subject: Openssl Update In-Reply-To: <56E91DB2.2080802@opencsw.org> References: <56D6F6A6.6010602@opencsw.org> <20160316084506.GA50533@dogan.ch> <56E91DB2.2080802@opencsw.org> Message-ID: <56E99591.6080006@opencsw.org> Hi Jan, Am 16.03.2016 um 09:47 schrieb Jan Holzhueter: >>> I pushed the openssl update to unstable yesterday. >>> This disables sslv2 by default now. >>> This seems to cause all kind of funny software breakage. >>> If you hit a problem please let me know. >>> If it's not to much I tend to just rebuild those. >>> Otherwise will rollout a new version which enables sslv2 again. >> >> Is 1.0.1s,REV=2016.03.01 with SSLv2 disabled? > > yes > > I have rebuild everything that caused problems. At least the stuff I'm > aware off. I hope these issues were not related to SSLv2. Ihsan -- ihsan at dogan.ch http://blog.dogan.ch/ From jh at opencsw.org Thu Mar 17 09:19:40 2016 From: jh at opencsw.org (Jan Holzhueter) Date: Thu, 17 Mar 2016 09:19:40 +0100 Subject: Openssl Update In-Reply-To: <56E99591.6080006@opencsw.org> References: <56D6F6A6.6010602@opencsw.org> <20160316084506.GA50533@dogan.ch> <56E91DB2.2080802@opencsw.org> <56E99591.6080006@opencsw.org> Message-ID: <56EA689C.8000306@opencsw.org> Am 16.03.16 um 18:19 schrieb ?hsan Do?an: > Hi Jan, > > Am 16.03.2016 um 09:47 schrieb Jan Holzhueter: > >>>> I pushed the openssl update to unstable yesterday. >>>> This disables sslv2 by default now. >>>> This seems to cause all kind of funny software breakage. >>>> If you hit a problem please let me know. >>>> If it's not to much I tend to just rebuild those. >>>> Otherwise will rollout a new version which enables sslv2 again. >>> >>> Is 1.0.1s,REV=2016.03.01 with SSLv2 disabled? >> >> yes >> >> I have rebuild everything that caused problems. At least the stuff I'm >> aware off. > > I hope these issues were not related to SSLv2. well it broke ABI. Which kind of sucks too. http://ptribble.blogspot.de/2016/03/moving-goalposts-with-openssl.html Greetings Jan From laurent at opencsw.org Thu Mar 17 11:01:14 2016 From: laurent at opencsw.org (Laurent Blume) Date: Thu, 17 Mar 2016 11:01:14 +0100 Subject: Openssl Update In-Reply-To: <56EA689C.8000306@opencsw.org> References: <56D6F6A6.6010602@opencsw.org> <20160316084506.GA50533@dogan.ch> <56E91DB2.2080802@opencsw.org> <56E99591.6080006@opencsw.org> <56EA689C.8000306@opencsw.org> Message-ID: <56EA806A.6040104@opencsw.org> Le 2016/03/17 09:19 +0100, Jan Holzhueter a ?crit: > well it broke ABI. Which kind of sucks too. > http://ptribble.blogspot.de/2016/03/moving-goalposts-with-openssl.html What's pathetic is that distro makers are now whining that they are forced to get their fingers out of their collective asses, because, boo-hoo, the defaults have changed. Whereas not so long ago, people were whining that OpenSSL sucked because, boo-hoo, its defaults never changed. After checking my calendar again, yep, it's 2016. OpenSSL have been saying for at least 2 years that SSLv2 should have been disabled! It's not NEWS that SSLv2 is broken! So WHY was it kept enabled? Because it's just easier to use defaults, so then they can reject responsibility to somebody else? ?OpenSSL has been around a long time, and it carries around a lot of cruft. For example, from above, SSLv2 is enabled by default. SSLv2 is completely broken, and you should disable it during configuration. You can disable protocols and provide other options through Configure and config, and the following lists some of them.? https://wiki.openssl.org/index.php/Compilation_and_Installation So, here's a thought: stop assuming that OpenSSL, a project that's been underfunded until it got in the news, will magically deal with every.issue with old protocols. Packagers should their brains: if they don't have a compelling reason to keep an old crufty protocol, why is it enabled? Laurent From ihsan at opencsw.org Thu Mar 17 19:03:05 2016 From: ihsan at opencsw.org (=?UTF-8?B?xLBoc2FuwqBEb8SfYW4=?=) Date: Thu, 17 Mar 2016 19:03:05 +0100 Subject: Openssl Update In-Reply-To: <56EA806A.6040104@opencsw.org> References: <56D6F6A6.6010602@opencsw.org> <20160316084506.GA50533@dogan.ch> <56E91DB2.2080802@opencsw.org> <56E99591.6080006@opencsw.org> <56EA689C.8000306@opencsw.org> <56EA806A.6040104@opencsw.org> Message-ID: <56EAF159.5080203@opencsw.org> Am 17.03.2016 um 11:01 schrieb Laurent Blume: >> well it broke ABI. Which kind of sucks too. >> http://ptribble.blogspot.de/2016/03/moving-goalposts-with-openssl.html > > What's pathetic is that distro makers are now whining that they are > forced to get their fingers out of their collective asses, because, > boo-hoo, the defaults have changed. Whereas not so long ago, people were > whining that OpenSSL sucked because, boo-hoo, its defaults never changed. > > After checking my calendar again, yep, it's 2016. OpenSSL have been > saying for at least 2 years that SSLv2 should have been disabled! It's > not NEWS that SSLv2 is broken! So WHY was it kept enabled? Because it's > just easier to use defaults, so then they can reject responsibility to > somebody else? This is really hard to understand, as SSLv2 is broken for more than 10 years! > ?OpenSSL has been around a long time, and it carries around a lot of > cruft. For example, from above, SSLv2 is enabled by default. SSLv2 is > completely broken, and you should disable it during configuration. You > can disable protocols and provide other options through Configure and > config, and the following lists some of them.? > > https://wiki.openssl.org/index.php/Compilation_and_Installation > > So, here's a thought: stop assuming that OpenSSL, a project that's been > underfunded until it got in the news, will magically deal with > every.issue with old protocols. Packagers should their brains: if they > don't have a compelling reason to keep an old crufty protocol, why is it > enabled? LibreSSL seems to be more progressive with removing unneeded code. As it LibreSSL suppose to be 100% compatible with OpenSSL, do you think it makes sense to replace OpenSSL with LibreSSL? Ihsan -- ihsan at dogan.ch http://blog.dogan.ch/ From upendra.gandhi at gmail.com Thu Mar 24 19:18:10 2016 From: upendra.gandhi at gmail.com (upen) Date: Thu, 24 Mar 2016 13:18:10 -0500 Subject: Gnu date Message-ID: Hello everyone. I am wondering what OpenCSW package has GNU date available for Solaris 10 sparc? Thanks, UG. -------------- next part -------------- An HTML attachment was scrubbed... URL: From upendra.gandhi at gmail.com Thu Mar 24 19:36:54 2016 From: upendra.gandhi at gmail.com (upen) Date: Thu, 24 Mar 2016 13:36:54 -0500 Subject: Gnu date In-Reply-To: References: Message-ID: On Thu, Mar 24, 2016 at 1:18 PM, upen wrote: > Hello everyone. > > I am wondering what OpenCSW package has GNU date available for Solaris 10 > sparc? > > Thanks, > UG. > Hi again. I found it in package coreutils . Thanks. Ug -------------- next part -------------- An HTML attachment was scrubbed... URL: