On Thu, Feb 12, 2009 at 1:41 PM, Randy McMurchy <[email protected]> wrote: > Bruce Dubbs wrote these words on 02/12/09 15:29 CST: > >> In some cases, an application can be very sensitive to a specific library and >> you would not want to change the underlying library without changing the >> application. In that case, a static library will prevent a broken program. >> >> I believe ssh linking to a static libssl.a is preferred to libssl.so.0. >> >> Of course that means rebuilding openssh every time openssl is updated. > > Just for the record, I've updated OpenSSL on the fly, and OpenSSH had > no complaints. In fact the last time I did that, ssh didn't complain, > but Heimdal Kerberos did.
The reason why it's recommended to static link libssl is because the developer's have a terrible habit of changing the API frequently. Static linking avoids API breakage. But if you're going to rebuild ssh when you update libssl anyway, then that advantage is gone. You might as well just use the DSO. -- Dan -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
