[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Does Tor need to be recompiled *after* the opensslupdate?

-------- Original Message --------
From: Nicolas Vigier <boklm@xxxxxxxxxxxxxxxx>
Apparently from: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx
To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Does Tor need to be recompiled *after* the opensslupdate?
Date: Sat, 12 Apr 2014 17:51:46 +0200

> On Sat, 12 Apr 2014, Matthew Finkel wrote:
> > On Sat, Apr 12, 2014 at 05:04:27AM -0400, hikki@xxxxxxxxxxxxx wrote:
> > > For those of us who compile Tor from source, does Tor need to be recompiled 
> > > *after* the openssl update from our OS vendors?
> > 
> > "Maybe". If you are upgrading OpenSSL from a much older version then you
> > may need to recompile Tor (so it knows about the newer version and uses
> > the correct headers and such) but if you're simply upgrading from, say,
> > 1.0.1e to 1.0.1g then you should not need to recompile Tor. If you
> > restart Tor it should use the newer version of openssl without issue.
> Unless tor was linked statically to openssl, using for instance the
> --enable-static-openssl or --enable-static-tor configure options.
> Checking that tor is not linked statically can be done with ldd:
>  $ ldd /usr/bin/tor
>  [...]
>  libssl.so.10 => /usr/lib64/libssl.so.10 (0x00007f6081b5c000)

I'm not sure what this means.

$ ldd src/or/tor on my system says:
libssl.so.1.0.0 => /lib/x86_64-linux-gnu/libssl.so.1.0.0 (0x0000...)

Is my system *still* at risk?
Do I need to recompile?
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to