Date: Tue, 30 Jul 2002 15:15:56 -0400 From: James Snow <snow@teardrop.org> To: Gabriel Ambuehl <gabriel_ambuehl@buz.ch> Cc: freebsd-security@freebsd.org Subject: Re: OpenSSH not using libssl? Message-ID: <20020730151556.A44974@teardrop.org> In-Reply-To: <121122473609.20020730210032@buz.ch>; from gaml@buz.ch on Tue, Jul 30, 2002 at 09:00:32PM %2B0200 References: <121122473609.20020730210032@buz.ch>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jul 30, 2002 at 09:00:32PM +0200, Gabriel Ambuehl wrote: > # ldd /usr/sbin/sshd > /usr/sbin/sshd: ... > libcrypto.so.2 => /usr/lib/libcrypto.so.2 (0x280e2000) ... > Now what's up here? Isn't OpenSSH based on OpenSSL? If so, why doesn't > libssl show up (with stunnel, for one, it does, BTW stunnel will > automatically use /usr/local/lib/libssl upon a recompile)? Guess I > better wait until the CVS contains a fix for the base tree... I scratched my head at this initially as well. But if you build OpenSSL from source, you'll see that it includes libcrypto. It's not as obvious in the FreeBSD /usr/src tree because of the way that things are broken out. (At least, it wasn't obvious to me; I may just be clueless) Since OpenSSH is the only daemon I run that uses OpenSSL, I just ran the patch from the original advisory in /usr/src/crypto/openssl, rebuilt /usr/src/secure/lib/libcrypto, and bounced sshd. This may not have been exactly the correct thing to do, but it seems to have worked out for me. -Snow To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020730151556.A44974>