OpenSolaris

1. Community: OS/Net (ON)
   1. Blogs
   2. Development Process
   3. Developer's Reference
      1. Introduction
      2. Prerequisites
      3. The Source Tree, part 1
      4. The Source Tree, part 2
      5. Building OpenSolaris
      6. Installing and Testing OpenSolaris
      7. Integration Procedure
      8. Best Practices and Requirements
      9. Glossary
   4. Discussions
   5. Installation (from source) Quickstart
      1. Annotated nightly(1) Mail Example
   6. Currently Known Issues
   7. CRT
      1. Advocates & Sponsors
      2. Becoming a CRT Advocate
      3. Charter
      4. RTI nits to avoid
      5. Sponsor Tasks
      6. Becoming a Sponsor
   8. Schedule
   9. ONNV Flag Days, Heads Ups, and Project Integration History
      1. All
      2. Builds 91-95
      3. Builds 86-90
      4. Builds 81-85
      5. Builds 76-80
      6. Builds 71-75
      7. Builds 66-70
      8. Builds 61-65
      9. Builds 56-60
      10. Builds 51-55
      11. Builds 46-50
      12. Builds 41-45
      13. Builds 36-40
      14. Builds 31-35
      15. Builds 26-30
      16. Builds 21-25
   10. Leaders
   11. Observers
   12. Putback Logs
   13. Developing Solaris
       1. Quality Death Spiral
   14. wx
   15. findunref and unreferenced files
   16. Bourne/Korn Shell Coding Conventions

Flag day: OpenSSL upgrade from 0.9.7d -> 0.9.8a

Date: Wed, 07 Jun 2006 17:41:02 +0200 (CEST)
From: Jan Pechanec <Jan dot Pechanec at Sun dot COM>
To: on-all at eng dot sun dot com, onnv-gate at onnv dot eng dot sun dot com
Subject: Flag day: OpenSSL upgrade from 0.9.7d -> 0.9.8a


	hi, if you build ON please read this message.

	with the integration of RFE-6352999:
	
	PSARC 2006/019: OpenSSL upgrade to 0.9.8a

	the OpenSSL libraries, header files, commands and man pages are 
upgraded from OpenSSL 0.9.7d to 0.9.8a. Some important information follows:


	- those two versions are not binary compatible and new Nevada 
installations will have only 0.9.8a version. Live Upgrade will also remove 
old version of libraries. There are also slight API changes in headers 
installed in /usr/sfw/include/openssl.

	- after the next bringover please do a full clobber build since some 
commands/libraries in your proto area could already have been linked against 
0.9.7d libraries.

	- if you bringover and build within the next 24 hours, you might see 
several warnings like this in your nightly mail/log:

	./usr/sfw/lib/libcrypto_extra.so.0.9.8: symbol not found:
	EVP_CIPHER_set_asn1_iv
	(/builds/jp161948/workspace/cr-6352999/proto/root_sparc/usr/sfw/lib/libcrypt
	o_extra.so.0.9.8)       <no -zdefs?>

	...you can safely ignore those warnings. They will disappear around 
11pm Pacific when check_rtime is upgraded in /ws/onnv-tools or you can use 
add '-t' to your NIGHTLY_OPTIONS. If you maintain your local copy of build 
tools please resync or upgrade your SUNWonbld package.

	- if you use OpenSSL for your own development then note that OpenSSL 
version changed (-> SONAME changed in ELF headers) which means that you will 
have to recompile your code to work with the new libraries. Due to ABI 
changes you cannot just link old libraries to the new ones.

	- after BFU you will have both versions of OpenSSL libraries - old 
libraries are still needed since other consolidations depend on OpenSSL, 
too. Dependent applications include but are not limited to pkg*/patch 
commands from Install gate, GNOME/JDS and some SFW packages (apache, wget, 
...), another dependent consolidation is Sun Update Connection. Companion CD 
also have a few apps linked against OpenSSL.

	- if you modified /etc/sfw/openssl/openssl.cnf then backup that 
version before upgrading (current SUNWopensslr package has no class action 
script for openssl.cnf). Most probably you don't have to be worried about 
this config file because it's mostly used for creation of certificates and 
default values are usually fine for most users - probably you never changed 
that file.


	more information about OpenSSL in Solaris will be on 
http://openssl.eng which is work in progress now.

	you can see what version of OpenSSL you have by running 
'/usr/sfw/bin/openssl version'.

	
	Jan.

-- 
Jan Pechanec