Edgar Fuß <ef%math.uni-bonn.de@localhost> writes: >> A third perspective is that FreeBSD seems to be moving towards hiding >> the base openssl so that only base system programs can use it, leaving >> all ports to use openssl from ports. The point is to enable updating >> base openssl while only considering impacts on the programs in base. >> So this is essentiall two openssl installs with different prefixes. > The downside of this approach is that it renders nss_ldap and pam-ldap > unusuable. If your (base) sshd is linked against base libcrypto and then > pulls in nss_ldap/pam-ldap, openldap-client and openssl, all from pkgsrc, > you have one binary with two libcrypto's, making sshd crash. > > Sure, you can avoid that hassle by using nslcd (hint: pkg/49804). Good point. I wonder if FreeBSD will static link to avoid that.
Attachment:
pgpgzuyPiLIWO.pgp
Description: PGP signature