[TriLUG] Openssh update failure

Jeremy Katz katzj at linuxpower.org
Fri Dec 14 22:50:24 EST 2001


On Friday, December 14 2001, Kevin - The Alchemist - Sonney said:
> On Fri, Dec 14, 2001 at 03:44:14PM -0500, Tanner Lovelace spoke thusly:
> > Do you already have a version of openssh and openssl installed?
> > It looks like, from your error messages that the problem is that
> > the new version of openssh you're trying to install needs the
> > libcrypto.so.1 library provided by the new version of openssl
> > you're trying to install, but that several other programs need
> > the libcrypto.so.0 provided by the previous version of openssl.
> 
> Actually, there's a reason for this. The openssl group built the file
> libcrypto.so.0 for all releases prior to 0.9.6. At 0.9.6, they decide
> to update their version, so suddenly, everything that depended on
> libcrypto.so.0 was broken, because openssl now provides libcrypto.so.1
> 
> In other words, while they are binary compatible, the openssl group
> broke binary compatibility. Meaning you eithe r(a) recompile *ALL*
> your ssl programs, or (b) hack the openssl 0.9.6 build process to make
> libcrypt.so.0 instead (and hack openssh to use that)

Bzzt! 
1001 katzj at rivendell:~> rpm -q openssl
openssl-0.9.6b-8
1002 katzj at rivendell:~> rpm -q openssl --provides |grep libcrypto
libcrypto.so.2  

For libcrypto.so.0, use the openssl095a compat package still provided and
for libcrypto.so.1, use the openssl096 compat package.
 
> Guess whickh one the red hat rpms use to insure that you don;t ahve to
> rebuild every ssl-dependant binary on your system? eah, that's right,
> rather than recompile everythiign on an incremental upgrade, they
> modified the 0.9.6 openssl rpm to build libcrypto.so.0 instead of the
> default libcrypto.so.1 - mostly becuse the 0/.9.6 "update" happened
> after 7.1 came out, meaning about half the distro would need
> recompiling. Since 7.2 isn't a "binary incompatible" verison of redhat
> (read, major version upgrade) we'll consider that a "legacy feature"
> from 7.1 *grin*

Nope, Nalin has done some backporting of patches (although for 7.0, the
current update is the 0.9.6 package, but the 095a compat package is
provided in that update set also)

Cheers,

Jeremy

-- 
Jeremy Katz
katzj at linuxpower.org	| jlkatz at eos.ncsu.edu
http://linuxpower.org	| Developer, NCSU Realm Kit for Red Hat Linux
GPG fingerprint: 367E 8B6B 5E57 2BDB 972A 4D73 C83C B4E8 89FE 392D



More information about the TriLUG mailing list