It didn't break api compatibly but it sure did break backwards compatibility. I'm pretty sure if you link against 1.0.2 you can't run with an older 1.0.x library. Which is what appears to happen in Mario's case.
I'm speculating as to why - being related to improperly replacing a system package management maintained library. Andy _______________________________________ From: William A Rowe Jr [[email protected]] Sent: Friday, May 29, 2015 11:30 AM To: httpd Subject: Re: httpd and OpenSSL 1.0.2 Don't be fooled. OpenSSL 1.0.1 did not break binary compatibility, the lib designation remains .so.1.0.0. Can someone confirm whether this was changed in 1.0.2? On May 29, 2015 10:26 AM, "Mario Brandt" <[email protected]<mailto:[email protected]>> wrote: Hi Andy, it seems that you are right. After cheking the lib I saw this -rw-r--r-- 1 root root 4,4M Mai 29 10:51 libcrypto.a lrwxrwxrwx 1 root root 18 Mai 29 10:51 libcrypto.so -> libcrypto.so.1.0.0 -r-xr-xr-x 1 root root 2,6M Mai 29 10:51 libcrypto.so.1.0.0 -rw-r--r-- 1 root root 744K Mai 29 10:51 libssl.a lrwxrwxrwx 1 root root 15 Mai 29 10:51 libssl.so -> libssl.so.1.0.0 -r-xr-xr-x 1 root root 499K Mai 29 10:51 libssl.so.1.0.0 that shows the current date, but the old version number. Mario On 29 May 2015 at 15:16, Wang, Andy <[email protected]<mailto:[email protected]>> wrote: > You might want to reconsider that unless you really really are sure you know > what you're doing. > On a linux distro, the system installed openssl is considered a fundamental > platform infrastructure library. I.e. many many things rely on it. openssl > versions are not backward compatible. > > So if you don't rebuild all of your distro installed dependencies on openssl, > you've likedly just screwed up runtime linking of alot of things. > > Also, the system installed library and the openssl config makefiles may be > using incompatible soname mechanisms, which could explain why you're able to > link but not run (i.e. at linktime it may be finding the right library, but > at runtime it's not). > > Andy > > ________________________________________ > From: Mario Brandt [[email protected]<mailto:[email protected]>] > Sent: Friday, May 29, 2015 3:57 AM > To: Tom Browder > Cc: [email protected]<mailto:[email protected]> > Subject: Re: httpd and OpenSSL 1.0.2 > > Hi Tom, > > nope setting LD_LIBRARY_PATH did not solve my problem. That is a bit > tricky since I install the new openssl version system wide > > ./config --prefix=/usr zlib-dynamic --openssldir=/etc/ssl shared no-ssl2 > > > Mario > >> -Tom
