On 5/31/17 3:16 AM, Wouter Verhelst wrote:
> On 30-05-17 18:12, PGNet Dev wrote:
> [...]
>> with lots of apps still not at all v110
>> compatible, or at best broken in their attempts, having local builds of
>> both v110x and v102x is extremely useful -- and RPATH'ing makes that
>> trivially manageable.
> 
> That's exactly my point -- you don't need to use RPATH to handle that
> (very common) case. You just need to link against the correct .so file
> at compile time (which can be handled by installing them in separate
> directories and using -L to specify which one to link to); the runtime
> dynamic linker will then find a v1.1 version of OpenSSL for applications
> compiled against 1.1.0x, or a v1.0.2 version for applications compiled
> against 1.0.2x. It's that simple.
> 
> RPATH is useful if the SONAME is the same but the libraries aren't, for
> whatever reason (e.g., local patches). Other than that, you don't need
> it, 

Not quite.

System Install
        ls -al /usr/lib64/lib{ssl,crypto}.*
                lrwxrwxrwx 1 root root 25 Feb 16 16:54 /usr/lib64/libcrypto.so 
-> /lib64/libcrypto.so.1.0.0*
                lrwxrwxrwx 1 root root 22 Feb 16 16:54 /usr/lib64/libssl.so -> 
/lib64/libssl.so.1.0.0*
        ldd /usr/lib64/libssl.so | egrep "ssl|crypto"
                libcrypto.so.1.0.0 => /lib64/libcrypto.so.1.0.0 
(0x00007f390d0eb000)

Local Install
        ls -al /usr/local/openssl10/lib64/lib{ssl,crypto}.*
                -rw-r--r--+ 1 root root 4.7M May 30 08:38 
/usr/local/openssl10/lib64/libcrypto.a
                lrwxrwxrwx  1 root root   18 May 30 08:38 
/usr/local/openssl10/lib64/libcrypto.so -> libcrypto.so.1.0.0*
                -r-xr-xr-x+ 1 root root 2.9M May 30 08:38 
/usr/local/openssl10/lib64/libcrypto.so.1.0.0*
                -rw-r--r--+ 1 root root 737K May 30 08:38 
/usr/local/openssl10/lib64/libssl.a
                lrwxrwxrwx  1 root root   15 May 30 08:38 
/usr/local/openssl10/lib64/libssl.so -> libssl.so.1.0.0*
                -r-xr-xr-x+ 1 root root 503K May 30 08:38 
/usr/local/openssl10/lib64/libssl.so.1.0.0*
        ldd /usr/local/openssl10/lib64/libssl.so | egrep "ssl|crypto"
                libcrypto.so.1.0.0 => 
/usr/local/openssl10/lib64/libcrypto.so.1.0.0 (0x00007f3bcd526000)

Local Install
        ls -al /usr/local/openssl11/lib64/lib{ssl,crypto}.*
                -rw-r--r--+ 1 root root 4.9M May 30 08:50 
/usr/local/openssl11/lib64/libcrypto.a
                lrwxrwxrwx  1 root root   16 May 30 08:50 
/usr/local/openssl11/lib64/libcrypto.so -> libcrypto.so.1.1*
                -rwxr-xr-x+ 1 root root 3.0M May 30 08:50 
/usr/local/openssl11/lib64/libcrypto.so.1.1*
                -rw-r--r--+ 1 root root 745K May 30 08:50 
/usr/local/openssl11/lib64/libssl.a
                lrwxrwxrwx  1 root root   13 May 30 08:50 
/usr/local/openssl11/lib64/libssl.so -> libssl.so.1.1*
                -rwxr-xr-x+ 1 root root 509K May 30 08:50 
/usr/local/openssl11/lib64/libssl.so.1.1*
        ldd /usr/local/openssl11/lib64/libssl.so | egrep "ssl|crypto"
                libcrypto.so.1.1 => /usr/local/openssl11/lib64/libcrypto.so.1.1 
(0x00007f4be3d5d000)

etc ...

> and it's generally a bad idea.

And, IMO, that's just bad advice.  RPATH is perfectly fine, and this^ is 
exactly what it exists for.  Feel free to use it or not, but don't FUD 
perfectly legitimate functionality as a 'bad idea'.


-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Reply via email to