Out openssl package is currently at 0.9.6g. However, both 0.9.6h and
0.9.7 are out for some time now. Naturally I decided to skip directly
to 0.9.7.
This posed some problems, since the openssl package used to hardcode
0.9.6 into the .dylib filename, and also used 0.9.6 in the
compatibility version. For comparision, the "normal" openssl build
also hardcodes the full version into th filename, but uses 0.9 as the
compat version. Apple's openssl has 0.9 in the file name and 0.9 as
compat version.
Due to this, I assumed it should be binary compatible. However, after
long testing and some neat tricks to get a smooth update possible (I
believed), I had to finally conclude that openssl 0.9.7 is *NOT*
binary compatible!
First of, openssh refuses to work with 0.9.7 when linked against 0.9.6:
OpenSSL version mismatch. Built against 90607f, you have 90700f
(this is a manual check performed by all ssh* tools).
Secondly, wget-ssl crashed:
dyld: wget Undefined symbols:
wget undefined reference to _OpenSSL_add_all_algorithms expected to
be defined in /sw/lib/libcrypto.0.9.6.dylib
Trace/BPT trap
The crash is not a surprise of course as they removed an API.
I really have to wonder about the compatibity version choice of the
openssl team, but I guess maybe they are not aware of its meaning or
something, I probably should contact them.
Anyway: it seems openssl is source compatible at least (wget-ssl
rebuild fine against openssl 0.9.7. So this leads me to the following
clean update strategy, which has potential pitfalls but might
otherwise be suitable for other packages, too:
1) All packages that currently depends on openssl-shlibs should
remove that dependency - Dave's shlib code should add it
automatically anyway (right, Dave?)
2) Optionally: I release a new revision of openssl (0.9.6h)
3) I release 0.9.7 of openssl - however, it won't have openssl-shlibs
anymore. Rather, it has openssl097-shlibs (or somesuch). It will be
installed parallel to openssl-shlibs. Packges that uses the old
version work fine, anything newly compiled will automatically depend
on openssl097-shlibs (since openssl-dev will symlink to files from
that)
4) If they make 0.9.8 and it is binary compatible, I only have to
rename the shlibs splitoff again
The only thing i am not sure about is how well (if at all?) our
current shlibs code deals with the compatibility field information. I
hardly have looked at the relevant code at all, but will change that
ASAP. In the meantime, any feedback on this idea is most welcome.
Max
-------------------------------------------------------
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com
_______________________________________________
Fink-devel mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/fink-devel
- Re: [Fink-devel] openssl woes Max Horn
- Re: [Fink-devel] openssl woes David
- Re: [Fink-devel] openssl woes David R. Morrison
- Re: [Fink-devel] openssl woes Max Horn
