[OmniOS-discuss] OpenSSL futures
Bob Friesenhahn
bfriesen at simple.dallas.tx.us
Thu Mar 31 14:56:43 UTC 2016
On Thu, 31 Mar 2016, Dan McDonald wrote:
>
> I'm starting this thread to hear what the community has to say about
> where OmniOS should go w.r.t. its OpenSSL release. I have internal
> customers too, of course, but I'll engage them separately. We need
> to have an OpenSSL because illumos requires one. We *could* do the
> SmartOS thing and keep our own SUNW/OMNI*...() api set, though.
Currently many OmniOS users are building their own applications using
the OpenSSL that comes with OmniOS. If OmniOS removes the OpenSSL
version that these applications were using, then the applications will
fail to run. While it is useful to offer the current OpenSSL release
branch (OmniOS provides "fresh" software), there needs to be a way to
bridge so that OmniOS users are not struck with severely broken
servers (requiring that all packages depending on OpenSSL be rebuilt)
due to stepping to the next OmniOS release.
With sufficient advance notice we can build our own OpenSSL and
rebuild all of our packages to use our own OpenSSL and update
application configurations (e.g certificates) so that they still work.
By doing so we lose the security-fix support that OmniOS has been
providing and need to take this reposibility for ourselves.
Bob
--
Bob Friesenhahn
bfriesen at simple.dallas.tx.us, http://www.simplesystems.org/users/bfriesen/
GraphicsMagick Maintainer, http://www.GraphicsMagick.org/
More information about the OmniOS-discuss
mailing list