[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Does Tor need to be recompiled *after* the opensslupdate?
-------- Original Message --------
From: Nicolas Vigier <boklm@xxxxxxxxxxxxxxxx>
Apparently from: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx
To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Does Tor need to be recompiled *after* the opensslupdate?
Date: Sat, 12 Apr 2014 17:51:46 +0200
> On Sat, 12 Apr 2014, Matthew Finkel wrote:
>
> > On Sat, Apr 12, 2014 at 05:04:27AM -0400, hikki@xxxxxxxxxxxxx wrote:
> > > For those of us who compile Tor from source, does Tor need to be recompiled
> > > *after* the openssl update from our OS vendors?
> >
> > "Maybe". If you are upgrading OpenSSL from a much older version then you
> > may need to recompile Tor (so it knows about the newer version and uses
> > the correct headers and such) but if you're simply upgrading from, say,
> > 1.0.1e to 1.0.1g then you should not need to recompile Tor. If you
> > restart Tor it should use the newer version of openssl without issue.
>
> Unless tor was linked statically to openssl, using for instance the
> --enable-static-openssl or --enable-static-tor configure options.
>
> Checking that tor is not linked statically can be done with ldd:
>
> $ ldd /usr/bin/tor
> [...]
> libssl.so.10 => /usr/lib64/libssl.so.10 (0x00007f6081b5c000)
I'm not sure what this means.
$ ldd src/or/tor on my system says:
[...]
libssl.so.1.0.0 => /lib/x86_64-linux-gnu/libssl.so.1.0.0 (0x0000...)
Is my system *still* at risk?
Do I need to recompile?
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk