openssl & openssh inconsistency?

[Keary Suska]

on 4/5/02 10:23 AM, jeglin@4pi.com purportedly said:

> I've seen this libcrypto.so.1 vs. libcrypto.0.9.6 thing for a long
> time. Just wondering how to understand it and when/if it will ever be
> cleared up by developers. What's more confusing is that some apps
> seem to think that a symlink between the two is fine, while others
> seem to reject such.

If I recall the situation correctly, it is a matter of convention change.
Previously it was the convention to use .so.X (which I think was a BSD
convention, but I could be wrong), which is being abandoned in favor of
.so.version. It may be unfair, but I blame the distros (at least RH, I am
not as familiar with the others), who neglected to update their openssl
distro when 0.9.6a came out (until 7.x for RH). Probably just laziness,
since it requires the recompilation of many RPMs and the following QA. Thus
all the little applications that use openssl where stuck looking for the
archaic .so.1.

Why the symlink doesn't always work is that some applications do a version
check of the openssl libraries (openssh, for instance), and choke if there
is a mismatch. Re-buidling the src.rpm often solves this problem. Other apps
don't check, but that doesn't mean they will work, as some versions of the
openssl libraries are not binary compatible.

Keary Suska
Esoteritech, Inc.
"Leveraging Open Source for a better Internet"