BIND 9.8.1-P1 with OpenSSL 1.0.0 issues..
m.seaman at infracaninophile.co.uk
Wed Nov 23 15:27:42 UTC 2011
On 23/11/2011 14:01, Jerry wrote:
> On Wed, 23 Nov 2011 13:18:45 +0000
> Matthew Seaman articulated:
>> I've been using the attached patch with the dns/bind98 port and
>> openssl-1.0.x from ports for months. This disables using the GOST
>> cipher plugins -- which is no big deal as far as I'm concerned. GOST
>> ciphers are only supplied as plugin modules unlike all other ciphers
>> in openssl, which is a new thing with version 1.0.0 in ports. It's
>> that libgost.so plugin shlib not playing well with chroot that
>> apparently causes named to crash.
> Mathew, has anyone filed a PR either here or upstream regarding this
I sent my patch to Doug Barton (bind maintainer in src/ports) but he
didn't accept it. Discussions I've seen around this are that the
OpenSSL guys say that it's not a bug from their side, and that bind is
doing it wrong. I believe the ISC guys are aware but I don't know if
they have a fix in the works or not. Possibly some advanced combination
of LDFLAGS at compile-time might sort things, but I really have no idea.
Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
JID: matthew at infracaninophile.co.uk Kent, CT11 9PW
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 267 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20111123/0d06c71d/signature.pgp
More information about the freebsd-questions