[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Does Tor need to be recompiled *after* the openssl update?



On Sat, Apr 12, 2014 at 05:51:46PM +0200, Nicolas Vigier wrote:
> On Sat, 12 Apr 2014, Matthew Finkel wrote:
> 
> > On Sat, Apr 12, 2014 at 05:04:27AM -0400, hikki@xxxxxxxxxxxxx wrote:
> > > For those of us who compile Tor from source, does Tor need to be recompiled 
> > > *after* the openssl update from our OS vendors?
> > 
> > "Maybe". If you are upgrading OpenSSL from a much older version then you
> > may need to recompile Tor (so it knows about the newer version and uses
> > the correct headers and such) but if you're simply upgrading from, say,
> > 1.0.1e to 1.0.1g then you should not need to recompile Tor. If you
> > restart Tor it should use the newer version of openssl without issue.
> 
> Unless tor was linked statically to openssl, using for instance the
> --enable-static-openssl or --enable-static-tor configure options.
> 
> Checking that tor is not linked statically can be done with ldd:
> 
>  $ ldd /usr/bin/tor
>  [...]
>  libssl.so.10 => /usr/lib64/libssl.so.10 (0x00007f6081b5c000)

Yes, this is a great point that I forgot to mention. Thanks!
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk