OpenSSL 1.0.2 transition

Jan Holzhueter jh at opencsw.org
Mon May 15 15:35:11 CEST 2017


Am 15.05.17 um 08:56 schrieb Riccardo Mottola:
> Hi all,
> 
> 
> Dagobert Michelsen wrote:
>> I suggest to
>>   mkdir /home/experimental/openssl
>>   mv <package> /home/experimental/openssl
>> so we have a catalog to test these in experimental first before pushing.
> 
> Just did it, sorry for the delay over the weekend.
> 
> One immediate test would be OpenSSH I guess? And try things like sftp.
> I remember when a bad openssl version broke our build system, was it due
> to ssh? I wonder if we can test that without risking a block again.

First we can roll out it to experimental*
I would start with openssl speed to test if nothing obvious is broken.
I did not check what patches you pulled from oracle yet.
But if the openssl speed is like 10x slower then the old one we shoud
look into the patches form oracle what might help etc.

I have to dig out the test cases for Intel und T5 aes enc support tests.
other test case would be setting up some apache lightty and nginx to
test tsl stuff there if anything is broken there.

Again I hope I have some time this week to look.



More information about the maintainers mailing list