Currently, on many Unix platforms I link my application against
libssl.so and libcrypto.so. Typically, these are links set to resolve
down to the versioned types of these files, like libssl.so.0.9.7 and
libcrypto.so.0.9.7. The internal names of these shared objects
include the major and minor version so even though I link against the
shared objects without the version, such as libssl.so, my application
becomes tied to the versioned shared objects at link time, for
instance libssl.so.0.9.7.
So, when OpenSSL eventually comes out with security upgrades in a
new version, like 0.9.8, I will be forced to relink my application
against the new openssl version and redistribute it. Ideally, since I
linked against the non versioned openssl shared objects, my users
should be able to get the new openssl and rebuild its shared objects
and run against those without any involvement from me.
Since symbollic links are provided on all Unix platforms please
remove the major and minor versions from the internal names of
libssl.so and libcrypto.so on these platforms to allow users to
upgrade version independent shared objects. I have found this
condition on solaris (32&64 bit), hpux (32 & 64 bit), sco5, and
unixware7. This will involve changes to Makefile.org.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]