<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">On 05/04/21 22:07, Boris Shpoungin via
openssl-users wrote:<br>
</div>
<blockquote type="cite"
cite="mid:559426246.57031.1617653270887@mail.yahoo.com">
<meta http-equiv="content-type" content="text/html; charset=utf-8">
<div class="ydpa29796dfyahoo-style-wrap"
style="font-family:Helvetica Neue, Helvetica, Arial,
sans-serif;font-size:13px;">
<div dir="ltr" data-setdir="false">Thank you for response.<br>
<br>
Could you suggest best approach for porting application from
1.0.2 to 1.1.1?<br>
So far I've found good manual which describes required
modifications:<br>
<a
href="https://wiki.tizen.org/Security/Tizen_5.X_Migration_from_OpenSSL_1.0.2_to_OpenSSL_1.1.1_guide"
rel="nofollow" target="_blank" moz-do-not-send="true">https://wiki.tizen.org/Security/Tizen_5.X_Migration_from_OpenSSL_1.0.2_to_OpenSSL_1.1.1_guide</a><br>
<br>
The question is whether it describes ALL required
modification?</div>
<div><br>
</div>
</div>
</blockquote>
I'd say you're better off asking this question on a Tizen mailing
list; the list looks pretty exhaustive but does it list everything?
only one way to find out: recompile your application using openssl
1.1.1 and see if/where it breaks.<br>
<br>
If you are worried about the combination of Linux 3.0.8 plus the
switch from openssl 1.0.2 -> 1.1.1 then I'd suggest a three step
process<br>
1) build openssl 1.1.1 on your old kernel and run 'make test' if
that passes, then openssl is functional ; if it does not pass these
tests, then figure out what's wrong before proceeding<br>
2) get yourself a Linux vm with a newer kernel and with a
known-to-work openssl 1.1.1 (Fedora 33 & Ubuntu 20, CentOS 8
would work) then rebuild and relink your application on THAT
platform, recording all required changes<br>
3) finally, rebuild your ported application on the older Linux
kernel<br>
<br>
HTH,<br>
<br>
JJK<br>
<br>
<br>
<br>
<blockquote type="cite"
cite="mid:559426246.57031.1617653270887@mail.yahoo.com">
<div class="ydpa29796dfyahoo-style-wrap"
style="font-family:Helvetica Neue, Helvetica, Arial,
sans-serif;font-size:13px;"> </div>
<div id="ydp369bd37cyahoo_quoted_7705148270"
class="ydp369bd37cyahoo_quoted">
<div style="font-family:'Helvetica Neue', Helvetica, Arial,
sans-serif;font-size:13px;color:#26282a;">
<div> On Monday, April 5, 2021, 03:57:36 PM EDT, Viktor
Dukhovni <a class="moz-txt-link-rfc2396E" href="mailto:openssl-users@dukhovni.org"><openssl-users@dukhovni.org></a> wrote: </div>
<div><br>
</div>
<div><br>
</div>
<div>
<div dir="ltr">
<div class="ydp369bd37cyqt1966886644"
id="ydp369bd37cyqtfd50929"><br clear="none">
> On Apr 5, 2021, at 11:16 AM, Boris Shpoungin via
openssl-users <<a shape="rect"
href="mailto:openssl-users@openssl.org" rel="nofollow"
target="_blank" moz-do-not-send="true">openssl-users@openssl.org</a>>
wrote:<br clear="none">
> <br clear="none">
> Is there minimal requirements for Linux kernel for
usage of openssl library version 1.1.1?<br clear="none">
> <br clear="none">
> I have old application based on Linux kernel 3.0.8
which uses openssl version 1.0.2. My question is whether
it is possible to port this application to use openssl
version 1.1.1 in Linux 3.0.8 environment?</div>
<br clear="none">
<br clear="none">
The version of the Linux kernel is almost certainly
irrelevant. OpenSSL<br clear="none">
makes minimal demands of the operating system. Only
random number generation<br clear="none">
is plausibly something you need to think about. The
getrandom(2) kernel API<br clear="none">
was added in Linux 3.17, so you'll need to use
/dev/urandom instead.<br clear="none">
<br clear="none">
Otherwise, sockets, threads, ... are all present in Linux
even before 3.0.<br clear="none">
<br clear="none">
-- <br clear="none">
Viktor.
<div class="ydp369bd37cyqt1966886644"
id="ydp369bd37cyqtfd21566"><br clear="none">
<br clear="none">
</div>
</div>
</div>
</div>
</div>
</blockquote>
<br>
</body>
</html>