Hi, I just had some issues with unvalidated certificates after the update of the mail/fetchmail port. The solution was to add the missing certificates manually, but that involved running the c_rehash script, that currently isn't installed. Of course, I could run it directly from src/crypto/openssl/tools/, but that isn't an option for users that don't have the source installed. So, is there a reaon why the scripts are not installed, or was it just an oversight? From my (very limited) experience, c_rehash is enough, but it might be usefull to have the others available, too. Of course, they could be installed in /usr/share/openssl so /usr/bin is not spammed (but of course this has the drawback that they aren't directly available to users. Opinions? -- Best regards / Viele Gr??e, barner@FreeBSD.org Simon Barner barner@gmx.de -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: not available Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20051211/88a30942/attachment.bin
On Saturday, December 10, 2005 11:21 PM when we last met our heroes, owner-freebsd-security@freebsd.org <> was heard to say:> Hi, > > I just had some issues with unvalidated certificates after > the update of the mail/fetchmail port.Which update? AFAIK 6.3.0_2 should solve that (certainly it did for me, and the whole point of that update was to solve the problem you (and I) saw. You'd probably have had more response if you'd posted this to -ports, given that it is an issue with the ports :) -- Rob | Oh my God! They killed init! You bastards!
On Sun, Dec 11, 2005 at 12:21:26AM +0100, Simon Barner wrote:> Hi, > > I just had some issues with unvalidated certificates after the update of > the mail/fetchmail port. > > The solution was to add the missing certificates manually, but that > involved running the c_rehash script, that currently isn't installed. > > Of course, I could run it directly from src/crypto/openssl/tools/, but > that isn't an option for users that don't have the source installed. > > So, is there a reaon why the scripts are not installed, or was it just > an oversight?One reason is probably that c_rehash is a Perl script, and Perl is not included in the base system, so you would not be able to run the script anyway without first installing Perl. -- <Insert your favourite quote here.> Erik Trulsson ertr1013@student.uu.se