Changeset 939cf0da for postlfs/security


Ignore:
Timestamp:
01/12/2005 07:40:39 PM (19 years ago)
Author:
Randy McMurchy <randy@…>
Branches:
10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 6.0, 6.1, 6.2, 6.2.0, 6.2.0-rc1, 6.2.0-rc2, 6.3, 6.3-rc1, 6.3-rc2, 6.3-rc3, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gnome, kde5-13430, kde5-14269, kde5-14686, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, systemd-11177, systemd-13485, trunk, upgradedb, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal
Children:
5a7a0e5
Parents:
d992ab5
Message:

Moved OpenSSL from Chapter 8 to Chapter 4

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@3268 af4574ff-66df-0310-9fd7-8a98e5e911e0

Location:
postlfs/security
Files:
4 edited
1 moved

Legend:

Unmodified
Added
Removed

  • postlfs/security/cyrus-sasl.xml

    rd992ab5 r939cf0da  
    4646
    4747<sect4><title>Required</title>
    48 <para><xref linkend="openssl"/></para>
     48<para><xref linkend="openssl-package"/></para>
    4949</sect4>
    5050

  • postlfs/security/heimdal.xml

    rd992ab5 r939cf0da  
    5959<sect4><title>Required</title>
    6060<para>
    61 <xref linkend="openssl"/> and
     61<xref linkend="openssl-package"/> and
    6262<xref linkend="db"/>
    6363</para></sect4>

  • postlfs/security/openssl.xml

    rd992ab5 r939cf0da  
    1212]>
    1313
    14 <sect1 id="openssl" xreflabel="OpenSSL-&openssl-version;">
     14<sect1 id="openssl-package" xreflabel="OpenSSL-&openssl-version;">
    1515<sect1info>
    1616<othername>$LastChangedBy$</othername>
     
    1919<?dbhtml filename="openssl.html"?>
    2020<title>OpenSSL-&openssl-version;</title>
     21<indexterm zone="openssl-package">
     22<primary sortas="a-OpenSSL-package">OpenSSL</primary></indexterm>
    2123
    2224<sect2>
     
    2426</title>
    2527
    26 <para>The <application>Open<acronym>SSL</acronym></application> package contains
    27 management tools and libraries relating to cryptography.  These are useful for
    28 providing cryptography functions to other packages, notably
     28<para>The <application>Open<acronym>SSL</acronym></application> package
     29contains management tools and libraries relating to cryptography.  These are
     30useful for providing cryptography functions to other packages, notably
    2931<application>OpenSSH</application>, email applications and web browsers (for
    3032accessing <acronym>HTTPS</acronym> sites).</para>
     
    3234<sect3><title>Package information</title>
    3335<itemizedlist spacing='compact'>
    34 <listitem><para>Download (HTTP): <ulink url="&openssl-download-http;"/></para></listitem>
    35 <listitem><para>Download (FTP): <ulink url="&openssl-download-ftp;"/></para></listitem>
     36<listitem><para>Download (HTTP):
     37<ulink url="&openssl-download-http;"/></para></listitem>
     38<listitem><para>Download (FTP):
     39<ulink url="&openssl-download-ftp;"/></para></listitem>
    3640<listitem><para>Download size: &openssl-size;</para></listitem>
    37 <listitem><para>Estimated disk space required: &openssl-buildsize;</para></listitem>
    38 <listitem><para>Estimated build time: &openssl-time;</para></listitem></itemizedlist>
     41<listitem><para>Estimated disk space required:
     42&openssl-buildsize;</para></listitem>
     43<listitem><para>Estimated build time:
     44&openssl-time;</para></listitem></itemizedlist>
    3945</sect3>
    4046
     
    4349<sect4><title>Optional</title>
    4450<para><xref linkend="bc"/> (recommended
    45 if you run the test suite during the build)</para></sect4>
     51if you run the test suite during the build)</para>
     52</sect4>
    4653</sect3>
    4754
     
    8390overwriting an existing man page from <application>Perl</application>.</para>
    8491
    85 <para><command>sed -i 's%SHLIBDIRS= fips crypto ssl%SHLIBDIRS= crypto ssl%g' Makefile</command>:
    86 This command prevents installation of the non-existent <filename
    87 class="libraryfile">libfips</filename> library.</para>
     92<para><command>sed -i 's%SHLIBDIRS= fips crypto ssl%SHLIBDIRS= crypto ssl%g'
     93Makefile</command>: This command prevents installation of the non-existent
     94<filename class="libraryfile">libfips</filename> library.</para>
    8895
    89 <para><screen><command>make MANDIR=/usr/share/man
    90 make MANDIR=/usr/share/man install</command></screen> These
    91 commands install <application>Open<acronym>SSL</acronym></application> with the
    92 man pages in <filename class='directory'>/usr/share/man</filename> instead of
    93 the default which is <filename class='directory'>/etc/ssl/man</filename>.</para>
     96<para><command>make MANDIR=/usr/share/man; make MANDIR=/usr/share/man
     97install</command>: These commands install
     98<application>Open<acronym>SSL</acronym></application> with the man pages in
     99<filename class='directory'>/usr/share/man</filename> instead of
     100<filename class='directory'>/etc/ssl/man</filename>.</para>
    94101
    95102<para><command>cp -r certs /etc/ssl</command>: The certificates must be copied
     
    101108<title>Configuring <application>OpenSSL</application></title>
    102109
    103 <sect3><title>Config files</title>
     110<sect3 id="openssl-config"><title>Config files</title>
    104111<para><filename>/etc/ssl/openssl.cnf</filename></para>
     112<indexterm zone="openssl-package openssl-config">
     113<primary sortas="e-etc-ssl-openssl.cnf">/etc/ssl/openssl.cnf</primary>
     114</indexterm>
    105115</sect3>
    106116
     
    122132<title>Contents</title>
    123133
    124 <para>The <application>Open<acronym>SSL</acronym></application> package
    125 contains <command>c_rehash</command>, <command>openssl</command>,
    126 <filename class='libraryfile'>libcrypto</filename> libraries and
    127 <filename class='libraryfile'>libssl</filename> libraries.</para>
     134<segmentedlist>
     135<segtitle>Installed Programs</segtitle>
     136<segtitle>Installed Libraries</segtitle>
     137<segtitle>Installed Directories</segtitle>
     138<seglistitem>
     139<seg>c_rehash and openssl</seg>
     140<seg>libcrypto.[so,a] and libssl.[so,a]</seg>
     141<seg>/etc/ssl and /usr/include/ssl</seg>
     142</seglistitem>
     143</segmentedlist>
    128144
    129 </sect2>
     145<variablelist>
     146<bridgehead renderas="sect3">Short Descriptions</bridgehead>
     147<?dbfo list-presentation="list"?>
    130148
    131 <sect2><title>Description</title>
     149<varlistentry id="c_rehash">
     150<term><command>c_rehash</command></term>
     151<listitem><para>is a <application>Perl</application> script that scans all
     152files in a directory and adds symbolic links to their hash values.</para>
     153<indexterm zone="openssl-package c_rehash">
     154<primary sortas="b-c_rehash">c_rehash</primary></indexterm>
     155</listitem>
     156</varlistentry>
    132157
    133 <sect3><title>c_rehash</title>
     158<varlistentry id="openssl">
     159<term><command>openssl</command></term>
     160<listitem><para>is a command-line tool for using the various cryptography
     161functions of <application>Open<acronym>SSL</acronym></application>'s crypto
     162library from the shell. It can be used for various functions which are
     163documented in <command>man 1 openssl</command>.</para>
     164<indexterm zone="openssl-package openssl">
     165<primary sortas="b-openssl">openssl</primary></indexterm>
     166</listitem>
     167</varlistentry>
    134168
    135 <para><command>c_rehash</command> is a <application>Perl</application> script
    136 that scans all files in a directory and adds symbolic links to their hash
    137 values.</para>
    138 
    139 </sect3>
    140 
    141 <sect3><title>openssl</title>
    142 
    143 <para>The <command>openssl</command> program is a command-line tool for using
    144 the various cryptography functions of
    145 <application>Open<acronym>SSL</acronym></application>'s
    146 crypto library from the shell. It can be used for various functions which are
    147 documented in <command>man 1 openssl</command>.</para>
    148 
    149 </sect3>
    150 
    151 <sect3><title>libcrypto</title>
    152 
    153 <para>The <application>Open<acronym>SSL</acronym></application> crypto library
    154 implements a wide range of cryptographic algorithms used in various Internet
    155 standards. The services provided by  this library are used by the
    156 <application>Open<acronym>SSL</acronym></application> implementations of
     169<varlistentry id="libcrypto">
     170<term><filename class='libraryfile'>libcrypto</filename></term>
     171<listitem><para>implements a wide range of cryptographic algorithms used in
     172various Internet standards. The services provided by  this library are used by
     173the <application>Open<acronym>SSL</acronym></application> implementations of
    157174<acronym>SSL</acronym>, <acronym>TLS</acronym> and <acronym>S/MIME</acronym>,
    158175and they have also been used to implement
    159 <application>Open<acronym>SSH</acronym></application>,
     176<application>Open<acronym>SSH</acronym></application>, 
    160177<application>Open<acronym>PGP</acronym></application>, and other cryptographic
    161178standards.</para>
     179<indexterm zone="openssl-package libcrypto">
     180<primary sortas="c-libcrypto">libcrypto.[so,a]</primary></indexterm>
     181</listitem>
     182</varlistentry>
    162183
    163 </sect3>
    164 
    165 <sect3><title>libssl</title>
    166 
    167 <para>The <application>Open<acronym>SSL</acronym></application>
    168 <acronym>SSL</acronym> library implements the Secure Sockets Layer
    169 (<acronym>SSL</acronym> v2/v3) and Transport Layer Security
    170 (<acronym>TLS</acronym> v1) protocols. It provides a rich
    171 <acronym>API</acronym>, documentation on which can be found by running
    172 <command>man 3 ssl</command>.</para>
    173 
    174 </sect3>
     184<varlistentry id="libssl">
     185<term><filename class='libraryfile'>libssl</filename></term>
     186<listitem><para>implements the Secure Sockets Layer (<acronym>SSL</acronym>
     187v2/v3) and Transport Layer Security (<acronym>TLS</acronym> v1) protocols. It
     188provides a rich <acronym>API</acronym>, documentation on which can be found by
     189running <command>man 3 ssl</command>.</para>
     190<indexterm zone="openssl-package libssl">
     191<primary sortas="c-libssl">libssl.[so,a]</primary></indexterm>
     192</listitem>
     193</varlistentry>
     194</variablelist>
    175195
    176196</sect2>

  • postlfs/security/security.xml

    rd992ab5 r939cf0da  
    2525<para>Prevention of breaches, like a trojan, are assisted by applications like
    2626<application>GnuPG</application>, specifically the ability to confirm signed
    27 packages, which recognizes modifications of the <acronym>TAR</acronym> ball after
    28 the packager creates it.</para>
     27packages, which recognizes modifications of the <acronym>TAR</acronym> ball
     28after the packager creates it.</para>
    2929
    3030<para> Finally, we touch on detection with a package that stores "signatures"
     
    3232"signatures" and compares for files that have been changed.</para>
    3333
     34<xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="openssl.xml"/>
    3435<xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="cracklib.xml"/>
    3536<xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="linux_pam.xml"/>

  • postlfs/security/stunnel.xml

    rd992ab5 r939cf0da  
    5252<sect3><title><application>Stunnel</application> dependencies</title>
    5353<sect4><title>Required</title>
    54 <para><xref linkend="openssl"/></para>
     54<para><xref linkend="openssl-package"/></para>
    5555</sect4>
    5656
Note: See TracChangeset for help on using the changeset viewer.