[Pkg-openssl-devel] Statement(s) on libssl situation desired
Nathanael Nerode
neroden at twcny.rr.com
Sat Oct 15 20:30:28 UTC 2005
kurt at roeckx.be wrote:
> Please note that libssl0.9.7 and libssl0.9.8 have a different
> SONAME. There can only be a problem when a program (indirectly)
> links to both of them. In that case, there isn't even an option
> not to install both of them.
>
> If a program is linked to both of them, and it was not linked to
> a lib with versioned symbols, there really isn't much you can
> tell about which symbols it's going to pick.
Right. Thanks for being clearer than me.
Consider the fate of a binary built against libssl0.9.8 with unversioned
symbols, once libssl0.9.8 with versioned symbols is installed. Suppose also
that libssl0.9.7 -- with unversioned symbols -- is indirectly linked in (very
likely in complicated situations like KDE, and because libssl may be
dlopened).
The dynamic linker will resolve the unversioned symbols from the binary --
supposed to be, at least in some cases, libssl0.9.8 symbols -- to the
unversioned symbols it finds, namely, the ones in libssl0.9.7. This is bad
if the ABI has actually changed between 0.9.7 and 0.9.8, as it will lead to
tricky-to-track-down bugs at runtime.
It would be best, therefore, if nothing were built against libssl0.9.8 until
the libssl0.9.8 with versioned symbols is available (after which everything
will be hunky-dory).
More information about the Pkg-openssl-devel
mailing list