Hello!
Jack Lloyd via RT wrote:
> Here's a WAG: ldd the test binaries on the FC2 box -- it's possible they ended
> up getting linked with the FC2 OpenSSL libs.
Checking the "evp_test" binary with "ldd" is a very good point and
leads to an interesting result.
On both, Solaris and Linux, "ldd test/evp_test" shows that it
uses the installed OpenSSL package in /usr/local/ssl (my old
OpenSSL 0.9.6d installation). But that's okay, and that's the
reason why "make test" modifies LD_LIBRARY_PATH to contain
the source directory ("/usr/local/src/openssl-0.9.7e" on my
machine) so that "evp_test" uses the new library from there.
On Solaris (where "make test" runs fine) this works as expected:
env LD_LIBRARY_PATH=/usr/local/src/openssl-0.9.7e ldd test/evp_test
libcrypto.so.0.9.7 => /usr/local/src/openssl-0.9.7e/libcrypto.so.0.9.7
^^^^^^^^^^^^^^^^^^
On Linux (where "make test" fails) the wrong library is used:
env LD_LIBRARY_PATH=/usr/local/src/openssl-0.9.7e ldd test/evp_test
libcrypto.so.0.9.7 => /usr/local/ssl/lib/libcrypto.so.0.9.7
^^^^^^^
(but /usr/local/src/openssl-0.9.7e/libcrypto.so.0.9.7 exists!)
If I skip "make test", do a "make install" (-> /usr/local/ssl)
and then run "make test" again (which now uses the freshly installed
OpenSSL 0.9.7e instead of the previously installed OpenSSL 0.9.7d),
the tests succeed!
Funny, I work a lot on Solaris and Fedora systems, but I've never
noticed that difference before.
On Solaris, LD_LIBRARY_PATH seems to be searched _before_ any library
pathes compiled into the binary. That's the usual way (as I know it).
On Linux (or at least Fedora), LD_LIBRARY_PATH is searched _after_
any library pathes compiled into the binary. If I remove /usr/local/ssl,
then "env LD_LIBRARY_PATH=/usr/local/src/openssl-0.9.7e ldd test/evp_test"
finds "/usr/local/src/openssl-0.9.7e/libcrypto.so.0.9.7".
That's strange.
I'm wondering if this is a special "feature" (security?) of
Fedora Core 2 Linux or if this is now the default behaviour
on Linux (with same or newer kernel/gcc/ld/ld.so etc.)
If I use "LD_PRELOAD" instead of LD_LIBRARY_PATH,
I can make "evp_test" use the correct library:
env LD_PRELOAD=/usr/local/src/openssl-0.9.7e/libcrypto.so.0.9.7 ldd test/evp_test
/usr/local/src/openssl-0.9.7e/libcrypto.so.0.9.7 =>
/usr/local/src/openssl-0.9.7e/libcrypto.so.0.9.7 (0x00784000)
Thanks a lot for your hint with ldd. That different handling
of LD_LIBRARY_PATH is something I didn't expect (so I've never
checked if evp_test is really using the new library). Maybe
the use of LD_PRELOAD is worth a thought to be put into the
OpenSSL test procedures (make test).
Again, thanks for your help! OpenSSL is great!
Greetings, Andreas
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
