OpenSSL version 3.0.0-beta1 published

Jan Just Keijser janjust at nikhef.nl
Fri Jun 18 15:51:16 UTC 2021 

Hi,

On 17/06/21 15:36, Matt Caswell wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
>
>     OpenSSL version 3.0 beta 1 released
>     ===================================
>
>     OpenSSL - The Open Source toolkit for SSL/TLS
>     https://www.openssl.org/
>
>     OpenSSL 3.0 is currently in beta.
>
>     OpenSSL 3.0 beta 1 has now been made available.
>
>     Note: This OpenSSL pre-release has been provided for testing ONLY.
>     It should NOT be used for security critical purposes.
>
>     Specific notes on upgrading to OpenSSL 3.0 from previous versions are
>     available in the OpenSSL Migration Guide, here:
>
>          https://www.openssl.org/docs/manmaster/man7/migration_guide.html
>
>     The beta release is available for download via HTTPS and FTP from the
>     following master locations (you can find the various FTP mirrors under
>     https://www.openssl.org/source/mirror.html):
>
>       * https://www.openssl.org/source/
>       * ftp://ftp.openssl.org/source/
>
>     The distribution file name is:
>
>      o openssl-3.0.0-beta1.tar.gz
>        Size: 14878832
>        SHA1 checksum:  4b48947969bb3c989ba95ac4bdc4a78e70212d2b
>        SHA256 checksum:  7bfedc9a1062cbd2aabc294acc93cbd5259e6e7bd5bbe38e454cc6a32564029f
>
>     The checksums were calculated using the following commands:
>
>      openssl sha1 openssl-3.0.0-beta1.tar.gz
>      openssl sha256 openssl-3.0.0-beta1.tar.gz
>
>     Please download and check this beta release as soon as possible.
>     To report a bug, open an issue on GitHub:
>
>      https://github.com/openssl/openssl/issues
>
>     Please check the release notes and mailing lists to avoid duplicate
>     reports of known issues. (Of course, the source is also available
>     on GitHub.)
>
>    
excellent news - I've downloaded it and played with it a bit; it 
compiles fine and all tests pass on CentOS 7 and Fedora 32+33 .
I've managed to compile ppp-2.4.9 with it and apart from the deprecated 
ENGINE functions it builds OK (with a minor patch to ppp itself which I 
will upload shortly).

However, I was wondering if anyone has ported/refactored the pkcs11 
engine stuff for OpenSSL 3.0 already?  is this on the TODO list for the 
OpenSC/pkcs11 team?  If I wanted to try to refactor the opensc-pkcs11 
module, how would I start?

thanks for all your hard work,

JJK / Jan Just Keijser

More information about the openssl-users mailing list