On 23/11/2011 14:01, Jerry wrote: > On Wed, 23 Nov 2011 13:18:45 +0000 > Matthew Seaman articulated: > >> I've been using the attached patch with the dns/bind98 port and >> openssl-1.0.x from ports for months. This disables using the GOST >> cipher plugins -- which is no big deal as far as I'm concerned. GOST >> ciphers are only supplied as plugin modules unlike all other ciphers >> in openssl, which is a new thing with version 1.0.0 in ports. It's >> that libgost.so plugin shlib not playing well with chroot that >> apparently causes named to crash. > > Mathew, has anyone filed a PR either here or upstream regarding this > phenomena?
I sent my patch to Doug Barton (bind maintainer in src/ports) but he
didn't accept it. Discussions I've seen around this are that the
OpenSSL guys say that it's not a bug from their side, and that bind is
doing it wrong. I believe the ISC guys are aware but I don't know if
they have a fix in the works or not. Possibly some advanced combination
of LDFLAGS at compile-time might sort things, but I really have no idea.
Cheers,
Matthew
--
Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard
Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
JID: matt...@infracaninophile.co.uk Kent, CT11 9PW
signature.asc
Description: OpenPGP digital signature
