MAL: >Firstly, restart it if it's a daemon. If it's a library, I'd again do >a qpkg -I -q <library>, to find any services which use that library, and >restart them. You can also use ldd to see whether a binary, (or >library), is linked to openssl, and make sure it's re-invoked to use >the new library.
Well, yes, but that's the problem, too. This case is a bit thorny that way. Restarting apache (version 1.3.28) didn't make apache use the newly compiled openssl-0.9.6k. Recompiling mod_ssl did the trick, though. Running 'qpkg -I -q openssl' gives a list of programs that use openssl. Ok, I got that. But which of those merely have to be restarted, and which need to be recompiled? Running ldd on wget, for example, reveals: libssl.so.0.9.6 => /usr/lib/libssl.so.0.9.6 (0x40018000) libcrypto.so.0.9.6 => /usr/lib/libcrypto.so.0.9.6 (0x40048000) libdl.so.2 => /lib/libdl.so.2 (0x4011c000) libc.so.6 => /lib/libc.so.6 (0x4011f000) /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000) I'm not sure if this really helps, though. -jto -- [EMAIL PROTECTED] mailing list