Currently, on many Unix platforms I link my application against 
libssl.so and libcrypto.so. Typically, these are links set to resolve 
down to the versioned types of these files, like libssl.so.0.9.7 and 
libcrypto.so.0.9.7.  The internal names of these shared objects 
include the major and minor version so even though I link against the 
shared objects without the version, such as libssl.so, my application 
becomes tied to the versioned shared objects at link time, for 
instance libssl.so.0.9.7.
   So, when OpenSSL eventually comes out with security upgrades in a 
new version, like 0.9.8, I will be forced to relink my application 
against the new openssl version and redistribute it.  Ideally, since I 
linked against the non versioned openssl shared objects, my users 
should be able to get the new openssl and rebuild its shared objects 
and run against those without any involvement from me. 
  Since symbollic links are provided on all Unix platforms please 
remove the major and minor versions from the internal names of 
libssl.so and libcrypto.so on these platforms to allow users to 
upgrade version independent shared objects. I have found this 
condition on solaris (32&64 bit), hpux (32 & 64 bit), sco5, and 
unixware7. This will involve changes to Makefile.org.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]


Reply via email to