openssl and openssh
Dan Ports
dports at macports.org
Thu Mar 15 16:55:40 PDT 2012
On Thu, Mar 15, 2012 at 05:46:04PM -0500, Ryan Schmidt wrote:
> WTF? According to "otool -L', the library version numbers of libcrypto and libssl in openssl 1.0.1 are still 1.0.0, which is their guarantee to us that they have not changed the library interface. Do the openssl developers not understand what a library version number is?
The problem isn't that openssl isn't ABI-compatible between these two
versions -- as far as I know, it is -- but that openssh and neon are
checking that the version of openssl they were compiled against matches
the one loaded at runtime.
Part of the problem is that openssl 1.0.x versions are supposed to be
binary-compatible, but this wasn't true in the past (e.g. 0.9.8 and
0.9.7 weren't). So the check openssh is doing is now bogus. See
https://bugzilla.mindrot.org/show_bug.cgi?id=1991
Dan
--
Dan R. K. Ports MIT CSAIL http://drkp.net/
More information about the macports-users
mailing list