So what exactly is the point of dynamic libraries if the applications behave as if statically compiled? Could it be that the OpenSSH boys are too paranoid? Or just perpetuating a very cruel joke at our expense?
A few days ago Smirk received an updated security scan of a customer's box and they didn't like our version of OpenSSL (it being more than 20 minutes old, you see). Yesterday Smirk called and told me to update OpenSSL with the latest buggy version instead of the buggy version 30 minutes old.
In theory, it's easy enough. I mean, the whole point of shared libraries is that you can update just the library without having to recompile and relink a bazillion applications. So I download the latest version, compile and install. In checking over the programs that use SSL, it seemed just easier to reboot the box than to restart the bazillion processes (sorry Pinocchio). In theory, everything should just work.
In theory, there is no difference between theory and practice. In practice, there is.
Everthing came back up, except OpenSSH.
So today, at the office, I check into the problem. OpenSSH basically said, “Sorry, you're trying to use a version I wasnt' compiled against. Even though I'm dynamically linked against that library, I'm refusing to run. So Nyah!”
XXXXXXX piece of XXXX do as you're XXXXXXX told you XXXXXXXXXXXXX XXXXXXXXXX!
I was better.
Multiple attempts at recompiling later, it worked. Although I think I hurt my foot in the process …
[And I managed to botch the posting of this entry. Tells you how my day has been … ]
[TWICE! This got botched TWICE! And when I attempted to fix the problem, I ran into Linux's schizophrenic approach to the Backspace key. Hey Linus! It's XXXXXXX Ctrl-H you moron! ASCII value of 8! Eight! EIGHT! Not the XXXXXXX DEL character! BACKSPACE!
Bad Linus! No cookie for you!
And to further continue my downward spiral I clicked somewhere on Firefox and I lost the nagivation toolbar.
Hate hate hate hate hate hate hate.]