Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Version of OpenSSL being used
Operating Systems Solaris Version of OpenSSL being used Post 302770940 by CHoggarth on Tuesday 19th of February 2013 06:10:53 AM
Old 02-19-2013
Version of OpenSSL being used
Hello

I'm relatively new to technologies like Apache & ssl but have some years
experience with Unix. My question concerns the version of OpenSSL which is
genuinely being used on our server & how is that set.

The server is running Solaris 10. I'll show output from various commands:

Code:
:/usr/local/ssl # pkginfo -l SMCossl
   PKGINST:  SMCossl
      NAME:  openssl
  CATEGORY:  application
      ARCH:  sparc
   VERSION:  1.0.1c
   BASEDIR:  /usr/local
    VENDOR:  The OpenSSL Group
    PSTAMP:  Steve Christensen
  INSTDATE:  Aug 17 2012 07:27
     EMAIL:  steve@smc.vnet.net
    STATUS:  completely installed
     FILES:     1871 installed pathnames
                   1 shared pathnames
                  43 directories
                  32 executables
               30745 blocks used (approx)

:/usr/local/ssl #

Code:
:/usr/local/ssl # openssl version -a
OpenSSL 1.0.1c 10 May 2012
built on: Sun May 13 18:44:13 EDT 2012
platform: solaris-sparcv9-gcc
options:  bn(64,32) rc4(ptr,char) des(idx,cisc,16,long) idea(int) blowfish(ptr)
compiler: gcc -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS -D_REENTRANT -
DDSO_DLFCN -DHAVE_DLFCN_H -m32 -mcpu=ultrasparc -O3 -fomit-frame-
pointer -Wall -DB_ENDIAN -DBN_DIV2W -DOPENSSL_BN_ASM_MONT -DSHA1
_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DGHASH_ASM
OPENSSLDIR: "/usr/local/ssl"
:/usr/local/ssl #

But if I run telnet xxx.xxx.xxx.xxx 80 & OPTIONS / HTTP1.0 from our network it reports 0.9.8x:

Code:
HTTP/1.1 200 OK
Date: Tue, 19 Feb 2013 10:20:37 GMT
Server: Apache/2.2.23 (Unix) mod_ssl/2.2.22 OpenSSL/0.9.8x DAV/2
Allow: POST,OPTIONS,GET,HEAD
Vary: Accept-Encoding
Content-Length: 0
Connection: close
Content-Type: text/html



Connection to host lost.

W:\>

I've been advised to use OPTIONS / HTTP1.0 to determine which version is genuinely being used.

We have in the past installed SSL by package (the most recent being 1.0.1) & source (presumably the most recent being 0.9.8x).

I need to upgrade SSL on this server & I would like to use the 1.0.1 stream (I understand packages are more likely to be available for this & that's certainly easier to install). But I can't figure out why the system is really using 0.9.8x when the server itself is saying that 1.0.1 is being used.

I am assuming that the OPTIONS / HTTP1.0 command is giving me the true version.

Can anyone clarify what might be happening & advise how I can start using 1.0.1?

Thanks, Chris
 

9 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

openssl help

I ungraded my openssl on sun solaris 8 from openssl 0.9.6c to openssl 0.9.6g the ungrade went fine but when I tried to ssh in to server, I received the following error message "ld.so.1: ./sshd: fatal: relocation error: file /usr/local/ssl/lib/libcrypto.so.0.9.6: symbol main: referenced symbol... (2 Replies)
Discussion started by: hassan2
2 Replies

2. Solaris

Migrate unix version 8 to version 9

i have a program writing in PRO C which currently running in unix version 8 tie with oracle 8i, but in the future company gonna migrate this OS to version 9. Anything i have to prepare for my PRO C program to run in unix version 9? or anything would that impact my program couldn't run well? what... (2 Replies)
Discussion started by: lsy
2 Replies

3. Solaris

OpenSSL version and OpenSSH

Hi, I need an advise. Is it possible to compile binary of ssh that will work on more than one computer with installed different versions of openssl. I read it is not possible to compile static program over solaris but anyway? I am confused. (3 Replies)
Discussion started by: alekkz
3 Replies

4. UNIX for Advanced & Expert Users

Advanced Search * View * Edit JAVA version to WORK in GLASSFISH Forum topic JAVA version

Would like to confirm the ff. I got confused actually with the version I needed to download that will work on glassfish 3.0.1 a. Debian Squeeze (HP DL360). Need to use java version6 On Debian, I did apt-get install sun-java6-jdk. So when I check it's java version "1.6.0_22" Java(TM) SE... (1 Reply)
Discussion started by: lhareigh890
1 Replies

5. UNIX for Advanced & Expert Users

Using openssl

All, I am new to openssl and I have not been able to figure out exactly how to use it. What I need to do is to create a shell script which FTPS's (SFTP is not allowed on my project) a file to a mainframe. The mainframe will not initiate a session with my server. Question. Are the packages... (7 Replies)
Discussion started by: MichaelInDC
7 Replies

6. Solaris

Openssl 0.9.8r

Hi Peeps, Having trouble compiling openssl 0.9.8r on Solaris 10 x86. The make test fails when running the shatests (segmentation faults). There is a PROBLEM file that references a file called values.c. Anyone know whereabouts in the source tree you put this file as the file doesn't tell you... (2 Replies)
Discussion started by: callmebob
2 Replies

7. Shell Programming and Scripting

Copy a file from directroy/ prior version to the directory/ new version

How to copy a file from directroy/ prior version to the directory/ new version automatically. (4 Replies)
Discussion started by: roy1912
4 Replies

8. Cybersecurity

OpenSSL

I just started playing around with Unix's OpenSSL utility. I can't seem to get the hang of it, and the man page isn't helping much. I wanted to experiment with file encryption, so I created a dummy text file with one line of text and tried to encrypt it using DES. I used the following command: ... (2 Replies)
Discussion started by: Ultrix
2 Replies

9. HP-UX

Uninstall OpenSSL

We have a legacy HP-UX 11.11 server that has a number of security vulnerabilities associated with OpenSSL. We have a project in the works to replace this server but until then I need to deal with the vulnerabilities. No applications on the server utilize SSL, so my plan was to simply remove it. ... (8 Replies)
Discussion started by: jduehmig
8 Replies

LEARN ABOUT OPENSOLARIS

ssl_free

SSL_free(3openssl)						      OpenSSL							SSL_free(3openssl)

NAME

       SSL_free - free an allocated SSL structure

SYNOPSIS

	#include <openssl/ssl.h>

	void SSL_free(SSL *ssl);

DESCRIPTION

       SSL_free() decrements the reference count of ssl, and removes the SSL structure pointed to by ssl and frees up the allocated memory if the
       the reference count has reached 0.

NOTES

       SSL_free() also calls the free()ing procedures for indirectly affected items, if applicable: the buffering BIO, the read and write BIOs,
       cipher lists specially created for this ssl, the SSL_SESSION.  Do not explicitly free these indirectly freed up items before or after call-
       ing SSL_free(), as trying to free things twice may lead to program failure.

       The ssl session has reference counts from two users: the SSL object, for which the reference count is removed by SSL_free() and the inter-
       nal session cache. If the session is considered bad, because SSL_shutdown(3) was not called for the connection and SSL_set_shutdown(3) was
       not used to set the SSL_SENT_SHUTDOWN state, the session will also be removed from the session cache as required by RFC2246.

RETURN VALUES

       SSL_free() does not provide diagnostic information.

       SSL_new(3), SSL_clear(3), SSL_shutdown(3), SSL_set_shutdown(3), ssl(3)

OpenSSL-0.9.8							    Oct 11 2005 						SSL_free(3openssl)
All times are GMT -4. The time now is 02:11 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy