adding opentsa to the system's openssl

Joel rees at
Wed Apr 6 23:53:44 PDT 2005

I know this is kind of like jumping off the high board before I've
checked for water in the pool, but I'm wondering.

Long version of the story -- 

I need to get an opentsa server running, and their site only has patches
for openssl 0.9.7e, not for the latest, 0.9.7f.

The current version in ports is 0.9.7f. I don't know how to massage the
ports collection to get a downlevel version yet, and the boss doesn't
want me to take time to learn how. (Silly boss.) So I just used the
sample stable-supfile to get the system sources and note that the system
version has gone up from 0.9.7d to 0.9.7e .

So, I'm thinking to myself this could be heaven or this could be ...

If this works, we are going to be wanting to build a dedicated time
stamp server anyway, ...

and similar sirens are calling from far away, ...

but I really don't want to find myself in the situation where I can
checkout anytime but never ...

Short version --

What kind of grief am I likely to cause myself if I grab the opentsa
patch, apply it to the openssl source in /usr/sys/crypto, and make world?

There's a voice in my other ear that says the patch was not built to mix
with freebsd patches to openssl, so I should just grab the stock openssl
and build it completely outside the ports tree, configure the timestamp
stuff to use the independently built openssl.

Joel Rees   <rees at>
digitcom, inc.   株式会社デジコム
Kobe, Japan   +81-78-672-8800
** <> **

More information about the freebsd-stable mailing list