Bruce Dubbs wrote these words on 02/12/09 15:29 CST: > In some cases, an application can be very sensitive to a specific library and > you would not want to change the underlying library without changing the > application. In that case, a static library will prevent a broken program. > > I believe ssh linking to a static libssl.a is preferred to libssl.so.0. > > Of course that means rebuilding openssh every time openssl is updated.
Just for the record, I've updated OpenSSL on the fly, and OpenSSH had no complaints. In fact the last time I did that, ssh didn't complain, but Heimdal Kerberos did. Kerberos would spew a message similar to (going on memory), "symbols have changed, you should consider relinking Kerberos to the SSL library". Though the programs all worked as expected, I did get the messages, But SSH didn't complain at all. I've never linked OpenSSH to a static OpenSSL library, and have updated OpenSSL many times without ssh ever complaining. Just my experience, however, YMMV. -- Randy rmlscsi: [bogomips 1003.24] [GNU ld version 2.16.1] [gcc (GCC) 4.0.3] [GNU C Library stable release version 2.3.6] [Linux 2.6.14.3 i686] 15:37:00 up 5 days, 8:00, 1 user, load average: 0.03, 0.08, 0.08 -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
