FreeRADIUS SSL version check

Fajar A. Nugraha list at fajar.net
Thu Jan 8 04:49:01 CET 2015


On Thu, Jan 8, 2015 at 8:16 AM, Michael Richardson <mcr at sandelman.ca> wrote:
>
> Alan DeKok <aland at deployingradius.com> wrote:
>     > On Jan 7, 2015, at 1:54 PM, Michael Richardson <mcr at sandelman.ca>
>     > wrote:
>     >> Could static linking libssl in be made easier?
>
>     >   Systems ship with static libraries?
>
> whenever you install the -dev package, you usually get the .a as well.
> So, they don't ship with static libraries, because being static, they
> are included in the binary :-)

IIRC solaris stops providing static libs since solaris 10. Redhat did
the same around fedora core 6.

>     >   Then be sure that both systems have the same version of OpenSSL.
>
> It's hard if you also have other things which want *different* versions of
> OpenSSL... really, if they shared libraries are not compatible, the .so files
> should have their version number bumped, but I know that this is hard for
> some distros.

Distros that I know are sane enough to have compatible versions of
programs and libs. Some (like RH) backports necessary security fixes
only without bumping major/minor version numbers. There are also ways
(e.g. ubuntu ppa, opensuse build service) to enable building for
multiple distro versions in the correct environment.

Is there a particular case where you experience a distro release two
supported programs where one uses lib version X and the other version
Y?

-- 
Fajar


More information about the Freeradius-Devel mailing list