Active Topics

 



Notices


Reply
Thread Tools
Guest | Posts: n/a | Thanked: 0 times | Joined on
#1
Here is the deb for OpenSSL v1.0.1g for Maemo 5 (N900).

The OpenSSL package contains management tools and libraries relating to cryptography. These are useful for providing cryptography functions to other packages, such as OpenSSH, email applications and web browsers (for accessing HTTPS sites).

Sorry, it is not in repositories, but sharing on my dropbox for you.

https://www.dropbox.com/s/wppzs1vhn9...0.1g_armel.deb

Last edited by nieldk; 2014-04-17 at 06:07.
 

The Following 4 Users Say Thank You to For This Useful Post:
Posts: 802 | Thanked: 1,588 times | Joined on Feb 2010 @ Gdynia, Poland
#2
> crucial security package
> not in repositories, on dropbox
> no sources

No, thank you. Is it packaged in a way that it replaces the default Maemo one? If so, have you checked if it is fully binary compatible with 0.9.8 branch?

Sorry for rants, apart from concerns I stated in this post, nice job
 

The Following 3 Users Say Thank You to misiak For This Useful Post:
Guest | Posts: n/a | Thanked: 0 times | Joined on
#3
Originally Posted by misiak View Post
> crucial security package
> not in repositories, on dropbox
> no sources

No, thank you. Is it packaged in a way that it replaces the default Maemo one? If so, have you checked if it is fully binary compatible with 0.9.8 branch?

Sorry for rants, apart from concerns I stated in this post, nice job
1. Yes, crucial security package propably a fair reason to update
2. On dropbox, simply because I dont have the hang on garage (yet) and - I basically needed this for my own pentesting purposes (together with ruby1.93) for Metasploit.
3. Right, sources are available. This is compiled straight of original sources ( http://www.openssl.org/source/openssl-1.0.1e.tar.gz )

No, not a rant I completely understand Your security concerns, as well as compatibility. I only tested this personally, and I an not guarantee issues, as it does make a replacement of the standard 0.98 installed version (this was needed for me).
So, I am sure further testing and more complex testing will be a good idea, before it will/can/should make it into any official repositories.
 

The Following 2 Users Say Thank You to For This Useful Post:
Posts: 802 | Thanked: 1,588 times | Joined on Feb 2010 @ Gdynia, Poland
#4
Originally Posted by nieldk View Post
1. Yes, crucial security package propably a fair reason to update
2. On dropbox, simply because I dont have the hang on garage (yet) and - I basically needed this for my own pentesting purposes (together with ruby1.93) for Metasploit.
[...]

No, not a rant I completely understand Your security concerns, as well as compatibility. I only tested this personally, and I an not guarantee issues, as it does make a replacement of the standard 0.98 installed version (this was needed for me).
So, I am sure further testing and more complex testing will be a good idea, before it will/can/should make it into any official repositories.
I think there's a reason why openssl keeps updating their old branches at the same time why new and there might be some binary incompatibilities and api breaking changes. In my oppinion we should rather update to 0.9.8y instead of 1.0.1e (they were published the same week, and each contains newest bugfixes, just in different branches). And, if you need 1.0.1e, you could package it e.g. as "openssl1" (i think in MeeGo Harmattan the "libssl.so.0.9.8" was replaced with "libssl1.so.1.0.0", so if we follow the scheme, we could have both openssls installed and the newer one could be distributed via extras).

Originally Posted by nieldk View Post
[...]
3. Right, sources are available. This is compiled straight of original sources ( http://www.openssl.org/source/openssl-1.0.1e.tar.gz )
[...]
If you're paranoid, you can never be sure And, Debian and/or Maemo usually add platform-specific patches for the sources, so it might be good idea to append those while packaging, too.
 

The Following 2 Users Say Thank You to misiak For This Useful Post:
Guest | Posts: n/a | Thanked: 0 times | Joined on
#5
@misiak - good points
 

The Following User Says Thank You to For This Useful Post:
Posts: 1,138 | Thanked: 1,818 times | Joined on Feb 2011 @ The Netherlands
#6
Again same as the other thread is it safe from heartbleed?

Edit: NO, maybe a newer version but definitly a warning is needed.
__________________
N900 loaded with:
CSSU-T (Thumb)
720p recording,
Pierogi, Lanterne, Cooktimer, Frogatto
N9 16GB loaded with:
Kernel-Plus
--
[TCPdump & libpcap | ngrep]
--
donate

Last edited by mr_pingu; 2014-04-16 at 21:01.
 

The Following 2 Users Say Thank You to mr_pingu For This Useful Post:
Guest | Posts: n/a | Thanked: 0 times | Joined on
#7
Originally Posted by mr_pingu View Post
Again same as the other thread is it safe from heartbleed?

Edit: NO, maybe a newer version but definitly a warning is needed.
Updated first post with my version 1.0.1g
Still didnt figure out garage :/
 

The Following 3 Users Say Thank You to For This Useful Post:
www.rzr.online.fr's Avatar
Posts: 1,330 | Thanked: 1,807 times | Joined on Jan 2009 @ fr/35/rennes
#8
same question for harmattan

--
http://rzr.online.fr/q/ssl
__________________
Please help to list all maemo existing apps :

https://wiki.maemo.org/Apps#

I am looking for " 4 inch TFT LCD display screen " for Nokia n950 HandSet

http://rzr.online.fr/q/lcd


Also, I need online storage to archive files :

http://db.tt/gn5Qffd6#

https://hubic.com/home/new/#NWEDND#

https://my.pcloud.com/#page=register...e=g8ikZmcfEJy#

Upcoming contest:

https://wiki.tizen.org/wiki/Store
 

The Following User Says Thank You to www.rzr.online.fr For This Useful Post:
Guest | Posts: n/a | Thanked: 0 times | Joined on
#9
Originally Posted by www.rzr.online.fr View Post
same question for harmattan

--
http://rzr.online.fr/q/ssl
done, is on my openrepos
openssl-1.0.1g and openssl1.0.1g-devel packages
 

The Following 3 Users Say Thank You to For This Useful Post:
Posts: 446 | Thanked: 207 times | Joined on Sep 2012 @ Austria/Germany
#10
could you tell me how to install your harmattan package of openssh?

i always get errors...
 

The Following User Says Thank You to mcbook For This Useful Post:
Reply

Thread Tools

 
Forum Jump


All times are GMT. The time now is 19:09.