Re: Spam:******, RE: [users@httpd] How do I pick up correct version of SSL

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 2010-23-02 at 09:23 +0000, daniel.goulder@xxxxxxxxx wrote:
> Hi Paul
>  
> Sorry it's the other way round.  The ldd command tells you which
> libraries that the linker will call at runtime when the binary is
> executed.
>  
> Igor was correct
>  
> If you want to specify the library you need to set LD_LIBRARY_PATH to
> include the library you are after before execution
>  
> To check what libraries will be linked, use ldd as Igor has specified.
>  
> To check what libraries have been linked by a running PID, take a look
> at /proc/<pid>/maps
>  
> Danny
> 
> 
> ________________________________
> 
> 	From: Paul Jacques <devexplorer@xxxxxxxxxxx> [mailto:Paul
> Jacques <devexplorer@xxxxxxxxxxx>] 
> 	Sent: 23 February 2010 08:49
> 	To: users@xxxxxxxxxxxxxxxx
> 	Subject: RE:  How do I pick up correct version of
> SSL
> 	
> 	
> 	For static linking but the command does not help for dynamic
> libraries...
> 	
> 	
> ________________________________
> 
> 	Date: Tue, 23 Feb 2010 18:53:27 +1100
> 	From: icicimov@xxxxxxxxx
> 	To: users@xxxxxxxxxxxxxxxx
> 	Subject: Re: RE:  How do I pick up correct version
> of SSL
> 	
> 	Run the ldd command against httpd executive binary too see the
> linked libraries
> 	
> 	
> 	
> 
> 		On Feb 23, 2010 6:39 PM, "Paul Jacques"
> <devexplorer@xxxxxxxxxxx> wrote:
> 		
> 		
> 		Thanks for the clarification onthis topic... but any tip
> how we can cope with httpd linked with openssl 0.9.8x on redhat?
> 		
> 		Apparently there is a requirement of openssl not to
> overwrite the default version provided with the OS. 
> 		
> 		How do we specify to httpd the library to take at
> runtime?
> 		How can we check which library is taken by httpd at
> runtime?
> 		
> 		Thanks a lot for help,
> 		
> 		P.
> 		
> 		> From: sctemme@xxxxxxxxxx
> 		> Date: Mon, 22 Feb 2010 17:15:22 -0800
> 		> To: users@xxxxxxxxxxxxxxxx
> 		> Subject: Re:  How do I pick up correct
> version of SSL > > > On Feb 21, 2010, at 7:17 PM, John Iliffe wrote: > >
> > I have just created a new server run...
> 		
> ________________________________
> 
I seem to have started quite a flurry of comments here.

To summarize, am I correct in my understanding that I cannot use the
normal "with-ssl = <path to proper ssl>" in the compile and get the
correct result?

The issue here is that RHEL 5.4 comes with the current ssl (0.9.8l) BUT
for PCI compliance (this is an e-commerce site) I need to be able to
keep the version in use of ssl current.  Correct ssl version is one of
the things that gets checked on the quarterly scans.

Red Hat provides updates that do work but ONLY if your subscription has
not expired :-(  

For other than Apache, I can just point the execution to the correct ssl
(/dir/ssl-0.9.8l) on the command line and the non-Red Hat version runs
OK, as one would expect.  Is there a way to make Apache load ssl on
demand like that?

John



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx


[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux