HardenedBSD/SUPPORT.md
Enji Cooper e4520c8bd1 openssl: Vendor import of OpenSSL-3.0.8
Summary:

Release notes can be found at
https://www.openssl.org/news/openssl-3.0-notes.html .

Obtained from:  https://www.openssl.org/source/openssl-3.0.8.tar.gz
Differential Revision:	https://reviews.freebsd.org/D38835

Test Plan:
```
$ git status
On branch vendor/openssl-3.0
nothing to commit, working tree clean
$ (cd ..; fetch http://www.openssl.org/source/openssl-${OSSLVER}.tar.gz http://www.openssl.org/source/openssl-${OSSLVER}.tar.gz.asc)
openssl-3.0.8.tar.gz                                    14 MB 4507 kBps    04s
openssl-3.0.8.tar.gz.asc                               833  B   10 MBps    00s
$ set | egrep '(XLIST|OSSLVER)='
OSSLVER=3.0.8
XLIST=FREEBSD-Xlist
$ gpg --list-keys
/home/ngie/.gnupg/pubring.kbx
-----------------------------
pub   rsa4096 2014-10-04 [SC]
      7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C
uid           [ unknown] Richard Levitte <richard@levitte.org>
uid           [ unknown] Richard Levitte <levitte@lp.se>
uid           [ unknown] Richard Levitte <levitte@openssl.org>
sub   rsa4096 2014-10-04 [E]

$ gpg --verify openssl-${OSSLVER}.tar.gz.asc openssl-${OSSLVER}.tar.gz
gpg: Signature made Tue Feb  7 05:43:55 2023 PST
gpg:                using RSA key 7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C
gpg: Good signature from "Richard Levitte <richard@levitte.org>" [unknown]
gpg:                 aka "Richard Levitte <levitte@lp.se>" [unknown]
gpg:                 aka "Richard Levitte <levitte@openssl.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 7953 AC1F BC3D C8B3 B292  393E D5E9 E43F 7DF9 EE8C
$ (cd vendor.checkout/; git status; find . -type f -or -type l | cut -c 3- | sort > ../old)
On branch vendor/openssl-3.0
nothing to commit, working tree clean
$ tar -x -X $XLIST -f ../openssl-${OSSLVER}.tar.gz -C ..
$ rsync --exclude FREEBSD.* --delete -avzz ../openssl-${OSSLVER}/* .
$ cat .git
gitdir: /home/ngie/git/freebsd-src/.git/worktrees/vendor.checkout
$ diff -arq ../openssl-3.0.8  .
Only in .: .git
Only in .: FREEBSD-Xlist
Only in .: FREEBSD-upgrade
$ git status FREEBSD*
On branch vendor/openssl-3.0
nothing to commit, working tree clean
$
```

Reviewers: emaste, jkim

Subscribers: imp, andrew, dab

Differential Revision: https://reviews.freebsd.org/D38835
2023-03-06 12:41:29 -08:00

3.8 KiB

OpenSSL User Support resources

See the https://www.openssl.org/support/contracts.html for details on how to obtain commercial technical support.

If you have general questions about using OpenSSL

In this case the openssl-users mailing list is the right place for you. The list is not only watched by the OpenSSL team members, but also by many other OpenSSL users. Here you will most likely get the answer to your questions. An overview over the mailing lists can be found below.

If you think you found a Bug

NOTE: this section assumes that you want to report it or figure it out and fix it. What's written here is not to be taken as a recipe for how to get a working production installation

If you have any problems with OpenSSL then please take the following steps first:

  • Search the mailing lists and/or the GitHub issues to find out whether the problem has already been reported.
  • Download the latest version from the repository to see if the problem has already been addressed.
  • Configure without assembler support (no-asm) and check whether the problem persists.
  • Remove compiler optimization flags.

Please keep in mind: Just because something doesn't work the way you expect does not mean it is necessarily a bug in OpenSSL. If you are not sure, consider searching the mail archives and posting a question to the openssl-users mailing list first.

Open an Issue

If you wish to report a bug, please open an issue on GitHub and include the following information:

  • OpenSSL version: output of openssl version -a
  • Configuration data: output of perl configdata.pm --dump
  • OS Name, Version, Hardware platform
  • Compiler Details (name, version)
  • Application Details (name, version)
  • Problem Description (steps that will reproduce the problem, if known)
  • Stack Traceback (if the application dumps core)

Not only errors in the software, also errors in the documentation, in particular the manual pages, can be reported as issues.

Submit a Pull Request

The fastest way to get a bug fixed is to fix it yourself ;-). If you are experienced in programming and know how to fix the bug, you can open a pull request. The details are covered in the Contributing section.

Don't hesitate to open a pull request, even if it's only a small change like a grammatical or typographical error in the documentation.

Mailing Lists

The OpenSSL maintains a number of mailing lists for various purposes. The most important lists are:

  • openssl-users for general questions about using the OpenSSL software and discussions between OpenSSL users.

  • openssl-announce for official announcements to the OpenSSL community.

  • openssl-project for discussion about the development roadmap and governance.

Only subscribers can post to openssl-users or openssl-project. The archives are made public, however. For more information, see the mailing lists page.

There was an openssl-dev list that has been discontinued since development is now taking place in the form of GitHub pull requests. Although not active anymore, the searchable archive may still contain useful information.