remove an old note for file

[linux_from_scratch.git] / BOOK / chapter08 / openssl.xml

<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
  <!ENTITY % general-entities SYSTEM "../general.ent">
  %general-entities;
]>

<sect1 id="ch-system-openssl" role="wrap">
  <?dbhtml filename="openssl.html"?>

  <sect1info condition="script">
    <productname>openssl</productname>
    <productnumber>&openssl-version;</productnumber>
    <address>&openssl-url;</address>
  </sect1info>

  <title>OpenSSL-&openssl-version;</title>

  <indexterm zone="ch-system-openssl">
    <primary sortas="a-OpenSSL">OpenSSL</primary>
  </indexterm>

  <sect2 role="package">
    <title/>

    <para>The OpenSSL package contains  management tools and libraries relating
    to cryptography. These are useful for providing cryptographic functions
    to other packages, such as OpenSSH, email applications, and web browsers
    (for accessing HTTPS sites).  </para>

    <segmentedlist>
      <segtitle>&buildtime;</segtitle>
      <segtitle>&diskspace;</segtitle>

      <seglistitem>
        <seg>&openssl-fin-sbu;</seg>
        <seg>&openssl-fin-du;</seg>
      </seglistitem>
    </segmentedlist>

  </sect2>

  <sect2 role="installation">
    <title>Installation of OpenSSL</title>

    <para>Prepare OpenSSL for compilation:</para>

<screen><userinput remap="configure">./config --prefix=/usr         \
         --openssldir=/etc/ssl \
         --libdir=lib          \
         shared                \
         zlib-dynamic</userinput></screen>

    <para>Compile the package:</para>

<screen><userinput remap="make">make</userinput></screen>

    <para>To test the results, issue:</para>

<screen><userinput remap="test">make test</userinput></screen>

    <para>One test 30-test_afalg.t is known to fail on some kernel
    configurations (it apparently assumes certain unspecified crypto
    options have been selected).</para>

    <para>Install the package:</para>

<screen><userinput remap="install">sed -i '/INSTALL_LIBS/s/libcrypto.a libssl.a//' Makefile
make MANSUFFIX=ssl install</userinput></screen>

    <para>Add the version to the documentation directory name, to be
    consistent with other packages:</para>

<screen><userinput remap="install">mv -v /usr/share/doc/openssl /usr/share/doc/openssl-&openssl-version;</userinput></screen>

    <para>If desired, install some additional documentation:</para>

<screen><userinput remap="install">cp -vfr doc/* /usr/share/doc/openssl-&openssl-version;</userinput></screen>

  </sect2>

  <sect2 id="contents-openssl" role="content">
    <title>Contents of OpenSSL</title>

    <segmentedlist>
      <segtitle>Installed programs</segtitle>
      <segtitle>Installed libraries</segtitle>
      <segtitle>Installed directories</segtitle>

      <seglistitem>
        <seg>
          c_rehash and openssl
        </seg>
        <seg>
          libcrypto.so and libssl.so
        </seg>
        <seg>
          /etc/ssl,
          /usr/include/openssl,
          /usr/lib/engines and
          /usr/share/doc/openssl-&openssl-version;
        </seg>
      </seglistitem>
    </segmentedlist>

    <variablelist>
      <bridgehead renderas="sect3">Short Descriptions</bridgehead>
      <?dbfo list-presentation="list"?>
      <?dbhtml list-presentation="table"?>

      <varlistentry id="c_rehash">
        <term><command>c_rehash</command></term>
        <listitem>
          <para>
            is a <application>Perl</application> script that scans all files in
            a directory and adds symbolic links to their hash values
          </para>
          <indexterm zone="ch-system-openssl c_rehash">
            <primary sortas="b-c_rehash">c_rehash</primary>
          </indexterm>
        </listitem>
      </varlistentry>

      <varlistentry id="openssl-prog">
        <term><command>openssl</command></term>
        <listitem>
          <para>
            is a command-line tool for using the various cryptography functions
            of <application>OpenSSL</application>'s crypto library from the
            shell. It can be used for various functions which are documented in
            <command>man 1 openssl</command>
          </para>
          <indexterm zone="ch-system-openssl openssl-prog">
            <primary sortas="b-openssl">openssl</primary>
          </indexterm>
        </listitem>
      </varlistentry>

      <varlistentry id="libcrypto">
        <term><filename class="libraryfile">libcrypto.so</filename></term>
        <listitem>
          <para>
            implements a wide range of cryptographic algorithms used in various
            Internet standards. The services provided by  this library are used
            by the <application>OpenSSL</application> implementations of SSL,
            TLS and S/MIME, and they have also been used to implement
            <application>OpenSSH</application>,
            <application>OpenPGP</application>, and other cryptographic
            standards
          </para>
          <indexterm zone="ch-system-openssl libcrypto">
            <primary sortas="c-libcrypto">libcrypto.so</primary>
          </indexterm>
        </listitem>
      </varlistentry>

      <varlistentry id="libssl">
        <term><filename class="libraryfile">libssl.so</filename></term>
        <listitem>
          <para>
            implements the Transport Layer Security (TLS v1) protocol.
            It provides a rich API, documentation
            on which can be found by running <command>man 3 ssl</command>
          </para>
          <indexterm zone="ch-system-openssl libssl">
            <primary sortas="c-libssl">libssl.so</primary>
          </indexterm>
        </listitem>
      </varlistentry>

    </variablelist>

  </sect2>

</sect1>