Changeset 939cf0da for postlfs/security
- Timestamp:
- 01/12/2005 07:40:39 PM (19 years ago)
- Branches:
- 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 6.0, 6.1, 6.2, 6.2.0, 6.2.0-rc1, 6.2.0-rc2, 6.3, 6.3-rc1, 6.3-rc2, 6.3-rc3, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gnome, kde5-13430, kde5-14269, kde5-14686, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, systemd-11177, systemd-13485, trunk, upgradedb, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal
- Children:
- 5a7a0e5
- Parents:
- d992ab5
- Location:
- postlfs/security
- Files:
-
- 4 edited
- 1 moved
Legend:
- Unmodified
- Added
- Removed
-
postlfs/security/cyrus-sasl.xml
rd992ab5 r939cf0da 46 46 47 47 <sect4><title>Required</title> 48 <para><xref linkend="openssl "/></para>48 <para><xref linkend="openssl-package"/></para> 49 49 </sect4> 50 50 -
postlfs/security/heimdal.xml
rd992ab5 r939cf0da 59 59 <sect4><title>Required</title> 60 60 <para> 61 <xref linkend="openssl "/> and61 <xref linkend="openssl-package"/> and 62 62 <xref linkend="db"/> 63 63 </para></sect4> -
postlfs/security/openssl.xml
rd992ab5 r939cf0da 12 12 ]> 13 13 14 <sect1 id="openssl " xreflabel="OpenSSL-&openssl-version;">14 <sect1 id="openssl-package" xreflabel="OpenSSL-&openssl-version;"> 15 15 <sect1info> 16 16 <othername>$LastChangedBy$</othername> … … 19 19 <?dbhtml filename="openssl.html"?> 20 20 <title>OpenSSL-&openssl-version;</title> 21 <indexterm zone="openssl-package"> 22 <primary sortas="a-OpenSSL-package">OpenSSL</primary></indexterm> 21 23 22 24 <sect2> … … 24 26 </title> 25 27 26 <para>The <application>Open<acronym>SSL</acronym></application> package contains27 management tools and libraries relating to cryptography. These are useful for28 providing cryptography functions to other packages, notably28 <para>The <application>Open<acronym>SSL</acronym></application> package 29 contains management tools and libraries relating to cryptography. These are 30 useful for providing cryptography functions to other packages, notably 29 31 <application>OpenSSH</application>, email applications and web browsers (for 30 32 accessing <acronym>HTTPS</acronym> sites).</para> … … 32 34 <sect3><title>Package information</title> 33 35 <itemizedlist spacing='compact'> 34 <listitem><para>Download (HTTP): <ulink url="&openssl-download-http;"/></para></listitem> 35 <listitem><para>Download (FTP): <ulink url="&openssl-download-ftp;"/></para></listitem> 36 <listitem><para>Download (HTTP): 37 <ulink url="&openssl-download-http;"/></para></listitem> 38 <listitem><para>Download (FTP): 39 <ulink url="&openssl-download-ftp;"/></para></listitem> 36 40 <listitem><para>Download size: &openssl-size;</para></listitem> 37 <listitem><para>Estimated disk space required: &openssl-buildsize;</para></listitem> 38 <listitem><para>Estimated build time: &openssl-time;</para></listitem></itemizedlist> 41 <listitem><para>Estimated disk space required: 42 &openssl-buildsize;</para></listitem> 43 <listitem><para>Estimated build time: 44 &openssl-time;</para></listitem></itemizedlist> 39 45 </sect3> 40 46 … … 43 49 <sect4><title>Optional</title> 44 50 <para><xref linkend="bc"/> (recommended 45 if you run the test suite during the build)</para></sect4> 51 if you run the test suite during the build)</para> 52 </sect4> 46 53 </sect3> 47 54 … … 83 90 overwriting an existing man page from <application>Perl</application>.</para> 84 91 85 <para><command>sed -i 's%SHLIBDIRS= fips crypto ssl%SHLIBDIRS= crypto ssl%g' Makefile</command>:86 This command prevents installation of the non-existent <filename 87 class="libraryfile">libfips</filename> library.</para>92 <para><command>sed -i 's%SHLIBDIRS= fips crypto ssl%SHLIBDIRS= crypto ssl%g' 93 Makefile</command>: This command prevents installation of the non-existent 94 <filename class="libraryfile">libfips</filename> library.</para> 88 95 89 <para>< screen><command>make MANDIR=/usr/share/man90 make MANDIR=/usr/share/man install</command></screen> These 91 commands install <application>Open<acronym>SSL</acronym></application> with the92 man pages in<filename class='directory'>/usr/share/man</filename> instead of93 the default which is<filename class='directory'>/etc/ssl/man</filename>.</para>96 <para><command>make MANDIR=/usr/share/man; make MANDIR=/usr/share/man 97 install</command>: These commands install 98 <application>Open<acronym>SSL</acronym></application> with the man pages in 99 <filename class='directory'>/usr/share/man</filename> instead of 100 <filename class='directory'>/etc/ssl/man</filename>.</para> 94 101 95 102 <para><command>cp -r certs /etc/ssl</command>: The certificates must be copied … … 101 108 <title>Configuring <application>OpenSSL</application></title> 102 109 103 <sect3 ><title>Config files</title>110 <sect3 id="openssl-config"><title>Config files</title> 104 111 <para><filename>/etc/ssl/openssl.cnf</filename></para> 112 <indexterm zone="openssl-package openssl-config"> 113 <primary sortas="e-etc-ssl-openssl.cnf">/etc/ssl/openssl.cnf</primary> 114 </indexterm> 105 115 </sect3> 106 116 … … 122 132 <title>Contents</title> 123 133 124 <para>The <application>Open<acronym>SSL</acronym></application> package 125 contains <command>c_rehash</command>, <command>openssl</command>, 126 <filename class='libraryfile'>libcrypto</filename> libraries and 127 <filename class='libraryfile'>libssl</filename> libraries.</para> 134 <segmentedlist> 135 <segtitle>Installed Programs</segtitle> 136 <segtitle>Installed Libraries</segtitle> 137 <segtitle>Installed Directories</segtitle> 138 <seglistitem> 139 <seg>c_rehash and openssl</seg> 140 <seg>libcrypto.[so,a] and libssl.[so,a]</seg> 141 <seg>/etc/ssl and /usr/include/ssl</seg> 142 </seglistitem> 143 </segmentedlist> 128 144 129 </sect2> 145 <variablelist> 146 <bridgehead renderas="sect3">Short Descriptions</bridgehead> 147 <?dbfo list-presentation="list"?> 130 148 131 <sect2><title>Description</title> 149 <varlistentry id="c_rehash"> 150 <term><command>c_rehash</command></term> 151 <listitem><para>is a <application>Perl</application> script that scans all 152 files in a directory and adds symbolic links to their hash values.</para> 153 <indexterm zone="openssl-package c_rehash"> 154 <primary sortas="b-c_rehash">c_rehash</primary></indexterm> 155 </listitem> 156 </varlistentry> 132 157 133 <sect3><title>c_rehash</title> 158 <varlistentry id="openssl"> 159 <term><command>openssl</command></term> 160 <listitem><para>is a command-line tool for using the various cryptography 161 functions of <application>Open<acronym>SSL</acronym></application>'s crypto 162 library from the shell. It can be used for various functions which are 163 documented in <command>man 1 openssl</command>.</para> 164 <indexterm zone="openssl-package openssl"> 165 <primary sortas="b-openssl">openssl</primary></indexterm> 166 </listitem> 167 </varlistentry> 134 168 135 <para><command>c_rehash</command> is a <application>Perl</application> script 136 that scans all files in a directory and adds symbolic links to their hash 137 values.</para> 138 139 </sect3> 140 141 <sect3><title>openssl</title> 142 143 <para>The <command>openssl</command> program is a command-line tool for using 144 the various cryptography functions of 145 <application>Open<acronym>SSL</acronym></application>'s 146 crypto library from the shell. It can be used for various functions which are 147 documented in <command>man 1 openssl</command>.</para> 148 149 </sect3> 150 151 <sect3><title>libcrypto</title> 152 153 <para>The <application>Open<acronym>SSL</acronym></application> crypto library 154 implements a wide range of cryptographic algorithms used in various Internet 155 standards. The services provided by this library are used by the 156 <application>Open<acronym>SSL</acronym></application> implementations of 169 <varlistentry id="libcrypto"> 170 <term><filename class='libraryfile'>libcrypto</filename></term> 171 <listitem><para>implements a wide range of cryptographic algorithms used in 172 various Internet standards. The services provided by this library are used by 173 the <application>Open<acronym>SSL</acronym></application> implementations of 157 174 <acronym>SSL</acronym>, <acronym>TLS</acronym> and <acronym>S/MIME</acronym>, 158 175 and they have also been used to implement 159 <application>Open<acronym>SSH</acronym></application>, 176 <application>Open<acronym>SSH</acronym></application>, 160 177 <application>Open<acronym>PGP</acronym></application>, and other cryptographic 161 178 standards.</para> 179 <indexterm zone="openssl-package libcrypto"> 180 <primary sortas="c-libcrypto">libcrypto.[so,a]</primary></indexterm> 181 </listitem> 182 </varlistentry> 162 183 163 </sect3> 164 165 <sect3><title>libssl</title> 166 167 <para>The <application>Open<acronym>SSL</acronym></application> 168 <acronym>SSL</acronym> library implements the Secure Sockets Layer 169 (<acronym>SSL</acronym> v2/v3) and Transport Layer Security 170 (<acronym>TLS</acronym> v1) protocols. It provides a rich 171 <acronym>API</acronym>, documentation on which can be found by running 172 <command>man 3 ssl</command>.</para> 173 174 </sect3> 184 <varlistentry id="libssl"> 185 <term><filename class='libraryfile'>libssl</filename></term> 186 <listitem><para>implements the Secure Sockets Layer (<acronym>SSL</acronym> 187 v2/v3) and Transport Layer Security (<acronym>TLS</acronym> v1) protocols. It 188 provides a rich <acronym>API</acronym>, documentation on which can be found by 189 running <command>man 3 ssl</command>.</para> 190 <indexterm zone="openssl-package libssl"> 191 <primary sortas="c-libssl">libssl.[so,a]</primary></indexterm> 192 </listitem> 193 </varlistentry> 194 </variablelist> 175 195 176 196 </sect2> -
postlfs/security/security.xml
rd992ab5 r939cf0da 25 25 <para>Prevention of breaches, like a trojan, are assisted by applications like 26 26 <application>GnuPG</application>, specifically the ability to confirm signed 27 packages, which recognizes modifications of the <acronym>TAR</acronym> ball after28 the packager creates it.</para>27 packages, which recognizes modifications of the <acronym>TAR</acronym> ball 28 after the packager creates it.</para> 29 29 30 30 <para> Finally, we touch on detection with a package that stores "signatures" … … 32 32 "signatures" and compares for files that have been changed.</para> 33 33 34 <xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="openssl.xml"/> 34 35 <xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="cracklib.xml"/> 35 36 <xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="linux_pam.xml"/> -
postlfs/security/stunnel.xml
rd992ab5 r939cf0da 52 52 <sect3><title><application>Stunnel</application> dependencies</title> 53 53 <sect4><title>Required</title> 54 <para><xref linkend="openssl "/></para>54 <para><xref linkend="openssl-package"/></para> 55 55 </sect4> 56 56
Note:
See TracChangeset
for help on using the changeset viewer.