From owner-freebsd-hackers  Wed Mar  5 14:10:51 2003
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 2F58C37B401
	for <hackers@freebsd.org>; Wed,  5 Mar 2003 14:10:49 -0800 (PST)
Received: from sccrmhc02.attbi.com (sccrmhc02.attbi.com [204.127.202.62])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 78B2F43FBF
	for <hackers@freebsd.org>; Wed,  5 Mar 2003 14:10:48 -0800 (PST)
	(envelope-from julian@elischer.org)
Received: from interjet.elischer.org (12-232-168-4.client.attbi.com[12.232.168.4])
          by sccrmhc02.attbi.com (sccrmhc02) with ESMTP
          id <200303052210470020081bu7e>; Wed, 5 Mar 2003 22:10:47 +0000
Received: from localhost (localhost.elischer.org [127.0.0.1])
	by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id OAA63075
	for <hackers@freebsd.org>; Wed, 5 Mar 2003 14:10:47 -0800 (PST)
Date: Wed, 5 Mar 2003 14:10:45 -0800 (PST)
From: Julian Elischer <julian@elischer.org>
To: hackers@freebsd.org
Subject: Re: ssh/ssl linkage
In-Reply-To: <Pine.BSF.4.21.0303051350510.61509-100000@InterJet.elischer.org>
Message-ID: <Pine.BSF.4.21.0303051408280.61509-100000@InterJet.elischer.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG

to answer myself a bit..

On Wed, 5 Mar 2003, Julian Elischer wrote:

> 
> OpenSSH uses openssl to a great extent, however when you do
> 
> ldd ssh
> 
> you get:
>         libssh.so.2 => /usr/lib/libssh.so.2 (0x28078000)
>         libcrypto.so.2 => /usr/lib/libcrypto.so.2 (0x280a9000)
>         libutil.so.3 => /usr/lib/libutil.so.3 (0x28161000)
>         libz.so.2 => /usr/lib/libz.so.2 (0x2816a000)
>         libc.so.4 => /usr/lib/libc.so.4 (0x28177000)
> 
> or in earlier versions:
>         libcrypto.so.2 => /usr/lib/libcrypto.so.2 (0x2808a000)
>         libutil.so.3 => /usr/lib/libutil.so.3 (0x28143000)
>         libz.so.2 => /usr/lib/libz.so.2 (0x2814b000)
>         libc.so.4 => /usr/lib/libc.so.4 (0x28158000)
> 
> 
> so my question is:
> how is the connection made to libssl?
> is it via libcrypto?
> is it statically built into the ssh binary?
> 
> If I upgrade openssl due to teh security upgrade, 
> should I recompile ssh as well?
> 

It looks like openssl generates two parts:
libcrypto and libssl

If I upgrade openssl,
I should make a new libcrypto and libssl
and since ssh uses only libcrypto, I should not need to 
upgrade ssh..

If I'm wrong.. let me know :-)

> 
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-hackers" in the body of the message
> 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message