Upgrading openssl 0.9.8g to 1.0.1e

Question

I have an old linux machine (fedeora 9 sulphur) that i think comes with Openssl version 0.9.8g. I upgraded openssl version to more recent one but getting different outputs (see below) for different commands (see below)

# yum update openssl
Loaded plugins: refresh-packagekit
Setting up Update Process
Could not find update match for openssl
No Packages marked for Update


# yum info openssl
Loaded plugins: refresh-packagekit
Installed Packages
Name       : openssl
Arch       : i686
Version    : 0.9.8g
Release    : 6.fc9
Size       : 3.5 M
Repo       : installed
Summary    : The OpenSSL toolkit
URL        : http://www.openssl.org/
License    : OpenSSL
Description: The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared
           : libraries which provide various cryptographic algorithms and protocols.

Available Packages
Name       : openssl
Arch       : i386
Version    : 0.9.8g
Release    : 6.fc9
Size       : 1.5 M
Repo       : fedora
Summary    : The OpenSSL toolkit
URL        : http://www.openssl.org/
License    : OpenSSL
Description: The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared
           : libraries which provide various cryptographic algorithms and protocols.


# yum install openssl
Loaded plugins: refresh-packagekit
Setting up Install Process
Parsing package install arguments
Package openssl-0.9.8g-6.fc9.i686 already installed and latest version
Nothing to do


# openssl version
OpenSSL 1.0.1e 11 Feb 2013

Based on above outputs, what openssl version is installed on my machine? is it 1.0.1 or 0.9.8g? If i try using openssl thru some script, it seems its using 0.9.8 version.

Answer 1

Probably you have more than one openssl version installed, one via yum and the other either via rpm or compiled manually. which openssl would tell you where the version (1.0.1e) in your path is located at and rpm -ql openssl will show you where the package's files are.

Answer 2

YUM will only know about software that is installed via RPM packages. If you installed any software without using YUM or RPM packages, YUM will not have any record of it.

You are definitely running OpenSSL 1.0.1e in your root shell, so it is in your $PATH somewhere. Though you also have OpenSSL 0.9.8g installed via RPM somewhere, some files could have been removed or changed depending on how you installed your newer version of OpenSSL.

You can check where your current openssl binary is with the which command, and you can combine that with an RPM query to ask if that file is accounted for in the package database:

rpm -qf $(which openssl)

If you get the output of "file /usr/bin/openssl is not owned by any package" then it was not installed with YUM/RPM, otherwise it will output the package it belongs to.

Since it seems you could have multiple versions of OpenSSL installed, you would want to make sure that all of your software that would use OpenSSL is using the correct version. Installing the new version won't help much if nothing is using it.