Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PfSense 2.1 still using OpenSSL 0.9.8y?

    Scheduled Pinned Locked Moved General pfSense Questions
    11 Posts 5 Posters 2.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P Offline
      phil.davis
      last edited by

      [2.1-RELEASE][root@xxx]/home/phil.davis(6): openssl version
      OpenSSL 0.9.8y 5 Feb 2013
      [2.1-RELEASE][root@xxx]/home/phil.davis(12): /usr/bin/openssl version                                        
      OpenSSL 0.9.8y 5 Feb 2013
      [2.1-RELEASE][root@xxx]/home/phil.davis(7): /usr/local/bin/openssl version
      OpenSSL 1.0.1e 11 Feb 2013
      

      The one used by the pfSense code is in /usr/local/bin/openssl and is explicitly run from there.

      As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
      If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

      1 Reply Last reply Reply Quote 0
      • D Offline
        dreamslacker
        last edited by

        Brilliant! Thank you sir. .

        1 Reply Last reply Reply Quote 0
        • jimpJ Offline
          jimp Rebel Alliance Developer Netgate
          last edited by

          And it'll be 1.0.1.f in pfSense 2.1.1

          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

          Need help fast? Netgate Global Support!

          Do not Chat/PM for help!

          1 Reply Last reply Reply Quote 0
          • D Offline
            dreamslacker
            last edited by

            Hi jimp, nice to know.  I didn't see any information regarding the cryptodev but would like to know if 2.1.1 includes the tweaked cryptodev (pipelining to utilize AES-NI properly) or would we have to wait till 2.2 for this?

            1 Reply Last reply Reply Quote 0
            • jimpJ Offline
              jimp Rebel Alliance Developer Netgate
              last edited by

              That will have to wait for 2.2

              Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

              Need help fast? Netgate Global Support!

              Do not Chat/PM for help!

              1 Reply Last reply Reply Quote 0
              • D Offline
                dreamslacker
                last edited by

                Thank you for the information update!

                I'll look forward to 2.2 being rolled-out then.

                1 Reply Last reply Reply Quote 0
                • J Offline
                  jasonlitka
                  last edited by

                  Why is the old version included if it isn't used?  Seems like it would just take up space and present a risk that a program would accidentally use it.

                  I can break anything.

                  1 Reply Last reply Reply Quote 0
                  • jimpJ Offline
                    jimp Rebel Alliance Developer Netgate
                    last edited by

                    @Jason:

                    Why is the old version included if it isn't used?  Seems like it would just take up space and present a risk that a program would accidentally use it.

                    It is the version from FreeBSD's base used for things like ssh. It's very difficult to get some parts to work with only the ports OpenSSL on FreeBSD. It'll be a non-issue once we're on FreeBSD 10 and the base is up-to-date.

                    Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                    Need help fast? Netgate Global Support!

                    Do not Chat/PM for help!

                    1 Reply Last reply Reply Quote 0
                    • J Offline
                      jasonlitka
                      last edited by

                      @jimp:

                      @Jason:

                      Why is the old version included if it isn't used?  Seems like it would just take up space and present a risk that a program would accidentally use it.

                      It is the version from FreeBSD's base used for things like ssh. It's very difficult to get some parts to work with only the ports OpenSSL on FreeBSD. It'll be a non-issue once we're on FreeBSD 10 and the base is up-to-date.

                      That's kind of what I figured.  Thanks for the confirmation.

                      I can break anything.

                      1 Reply Last reply Reply Quote 0
                      • N Offline
                        NOYB
                        last edited by

                        @jimp:

                        It'll be a non-issue once we're on FreeBSD 10 and the base is up-to-date.

                        By then will the base still be up to date?  ;)

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.