This is not really a bug report -- it is more to call attention to some not-entirely-correct information in one of the documentation files, and a plea for better support for shared libraries.
The INSTALL file for OpenSSL 0.9.7c says: Note on shared libraries ------------------------ Shared library is currently an experimental feature. The only reason to have them would be to conserve memory on systems where several program are using OpenSSL. Binary backward compatibility can't be guaranteed before OpenSSL version 1.0. There is (at least) one other (VERY valid) reason to have shared libraries: if applications (such as apache, curl, or wget) have been staticly linked with the OpenSSL library, then, when a security vulnerability in OpenSSL is found (as was recently the case), then all of these other applications must be re-linked as well. With shared object libraries, only the library would have to be rebuilt. Following the recent CERT advisory for OpenSSL 0.9.7b (CA-2003-26), I had to build OpenSSL 0.9.7c on 37 machines and then re-compile and re-link 32 instances of curl, 33 instance of wget, and 12 instances of apache. Having a shared library would have made these last 77 compiles/links unnecessary. Peter Vernam Email: [EMAIL PROTECTED] Draper Laboratory, Inc. Voice: 617-258-2735 555 Technology Square Fax: 617-258-2705 Cambridge, MA 02139 ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
