OpenSSL

Brian Inglis Brian.Inglis@SystematicSw.ab.ca
Tue Jan 5 04:37:59 GMT 2021


On 2021-01-04 08:11, Marco Atzeri via Cygwin wrote:
> On 04.01.2021 13:21, tommie.king@alverservices.com wrote:
>> But im struggling to see how I can upgrade openssl >1.1.1f
>> Compliance checks state that we must have a more up to date version, I know
>> that it exists (1.1.1g, 1.1.1h, 1.1.1i)
> 
> https://cygwin.com/packages/summary/openssl.html
> 
> the last one available on cygwin is 1.1.1f
> 
>> But I can only seem to upgrade to 1.1.1f in Cygwin  - is there a new upgrade
>> package for Cygwin/Openssl coming in the near future?
> 
> It will depends on the maintainer (Corinna) availability.
> Maybe after the holiday season

What are your compliance timing constraints in terms of releases and time?
I see Cygwin openssl is now 3 versions and 9 months behind the latest.

If you have a compliance timing issue, your organization will have to take 
responsibility for meeting your compliance needs, either by having staff or 
contracting others to meet those needs, by building packages more up to date 
than those available from the distros you use.

All recent, and certainly all important, Cygwin packages use the common cygport 
package build and maintenance system, which takes a lot of the burden off the 
rote tasks required of maintainers to update packages to newer versions.
Any package user may also do so by installing the cygport package and all its 
toolchain dependencies, downloading the package sources, most of which contain a 
<package>.cygport file, or cloning the package repo:

https://cygwin.com/git-cygwin-packages/?p=git/cygwin-packages/openssl.git;a=summary

to get the <package>.cygport file, change the package version within to the 
latest, and within that directory run:

	$ cygport <package>.cygport download all check

to download all source and patch files and build the package.

In some cases, you may need to install the package source to get the patch 
sources if they have not been pushed to the package repo (as there is not really 
much in the way of common policies or practices about that as yet), or search 
and find the online locations of distros patches.

You may also have to tweak the <package>.cygport files to skip patches already 
applied to the upstream package so redundant, tweak patches that are still 
required but no longer apply without error, drop patches as the package has been 
tweaked in some other way so they are no longer required, or make your own 
patches to get the package to build under Cygwin.

You will also have to install the development versions of libraries required by 
packages, often named lib/...-devel, and those available on Cygwin which support 
additional functionality provided by the package, which may have to be 
explicitly configured into the build specified in the <package>.cygport files.

Some background and help is available in the pages under Contributing on the 
home page, in the archives of the cygwin-apps list, by searching online, and 
asking on this list, if nothing else works.

-- 
Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada

This email may be disturbing to some readers as it contains
too much technical detail. Reader discretion is advised.
[Data in binary units and prefixes, physical quantities in SI.]


More information about the Cygwin mailing list