On Thu, Jan 21, 2016 at 12:14 PM, Matt Caswell <m...@openssl.org> wrote: > > > > On 21/01/16 16:53, Tom Kacvinsky wrote: > > I ran into this problem with the OpenSSL 1.0.1e I built from source on a > > Debian based system (Ubuntu): > > > > libssl.so.1.0.0: no version information available (required by python) > > > > Found this page: > > > > http://ubuntuforums.org/showthread.php?t=1905963 > > > > to work around the issue, but the question is, is the version script > > they provide good enough for 1.0.1e? > > A few things spring to mind here. Firstly 1.0.1e is really old > (pre-heartbleed) and really shouldn't be used. I'd suggest you upgrade > to 1.0.2e if you can (or 1.0.1q if it has to be 1.0.1).
Unforuntately, this is a no can do right now. We are using OpenSSL for client code only (OpenSSL support in Qt) and are not in a position to change right now. > > > The simplest fix for this is to ensure that system installed > applications always pick up the system installed libraries, and only use > your locally compiled version for applications that need it. > Using locally compiled version for only our applications. > The version script that debian provide should be fine generally, but > there is always the risk of a mismatch, i.e. if there are symbols > defined in your local version not in the version script. The link in the > above thread is for precise which was based on 1.0.1 (not 1.0.1e) so if > there were any symbols added between 1.0.1 and 1.0.1e then you would be > missing those (generally new symbols are avoided in letter releases so > there may not be any). Only one missing symbol, the memcmp symbol. > > Finally, I'd point out that I recently added symbol version information > (for linux) into the forthcoming 1.1.0, so in the future this > (hopefully) won't be a problem. Nice! I bet Linux distribution maintainers will love this. _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
