On Sat, 9/3/11, Alasdair Lumsden <[email protected]> wrote: From: Alasdair Lumsden <[email protected]> Subject: [oi-dev] OpenSSL 1.0.0 replacing 0.9.8 in userland-gate = massive headache To: "OpenIndiana Developer mailing list" <[email protected]> Date: Saturday, September 3, 2011, 4:56 PM
Hi All, In Oracle's official userland-gate, they have replaced OpenSSL 0.9.8 with 1.0.0. This has massive ramifications, because everything linked against OpenSSL 0.9.8 breaks as soon as library/security/openssl gets upgraded, including pkg, which is all kinds of fun. 3. Do the upgrade. Rebuild everything against OpenSSL 1.0.0, and release rebuilt software with the openssl 1.0.0 upgrade, in one simultaneous release. Obviously 3 has ramifications beyond the base system, because any third party software that depends on OpenSSL 0.9.8 will break. This is why having a compatibility package is probably necessary regardless. -----------> Alasdair. Option #3 w/Option #2 is the preferred method when you can rebuild the core OS distro and value-add packages/consolidations. Providing the OpenSSL 0.9.8 libs only package (within the core OS distro!!) resolves the breakage issue. As meant, new core OS compilation builds and all consolidations will link against the OpenSSL 1.0.0 library only. Legacy pre-built binary software (from third-party ISVs and package builders) will still see and use the OpenSSL 0.9.8 library within basic core OS installs. Therefore, this minimizes breakage issues and provides full backward compatibility. Ken Mays
_______________________________________________ oi-dev mailing list [email protected] http://openindiana.org/mailman/listinfo/oi-dev
