Peter Breitenlohner
2002-Jan-10 17:20 UTC
An openssl shared library versioning problem (fwd)
Hi, Below a message I had originally sent to openssl-bugs. The version mismatch mentioned below was OpenSSL 0x0090603f vs. OpenSSL 0x0090601f Meanwhile Richard Levitte <levitte at stacken.kth.se> has sent me the following:>>>>>>>>> Begin excerpt from levitte (first msg.)peb> If, on the other hand, the libraries from 0.9.6a and 0.9.6c are peb> binary compatible they certainly deserve the same soname, but peb> then ssh shouln't be able to notice the difference. They are binary compatible. I suggest you look in the openssh source to see how it detects the version, and yes, it's a bit oversensitive.>>>>>>>>> End excerpt from levitte>>>>>>>>> Begin excerpt from levitte (second msg.)peb> Now ssh may be a bit oversensitive, but certainly should protect peb> itself against incompatible library versions. Of course, and considering we keep OpenSSL binary compatible between patch levels, the test could be performed like this: if (((OPENSSL_VERSION_NUMBER ^ SSLeay()) & 0xffffff0f) == 0) /* success */ else /* failure */ (note: I haven't tested that, but it should mask the patch level. Also, the version number scheme was different before 0.9.5, so the above would only work starting with 0.9.5)>>>>>>>>> End excerpt from levitteNB: I think according to the OPENSSL_VERSION_NUMBER.3 manpage it should actually be & 0xffffff00fL for ssl version>=0.9.5 It would be really nice if this could be taken into account. regards Peter Breitenlohner <peb at mppmu.mpg.de> ---------- Forwarded message ---------- Date: Thu, 10 Jan 2002 13:32:27 +0100 (CET) From: Peter Breitenlohner <peb at mppmu.mpg.de> To: openssl-bugs at openssl.org Subject: An openssl shared library versioning problem Hi, I want to report an openssl shared library versioning problem (ix86-linux). Recently I have built and installed openssh-3.0.2p1 (using a shared library version of libcrypto), because the former version had some security holes. Before doing so I have upgraded from openssl-0.9.6a to 0.9.6c. After installing openssl, and thereby replacing libcrypto.so.0.9.6 from 0.9.6a by a library of the same name from 0.9.6c, but before building the new ssh, ssh complained about a build/use library version mismatch and failed. .......... rest deleted regards Peter Breitenlohner <peb at mppmu.mpg.de>
Possibly Parallel Threads
Wisdom of the Ancients
