I've been poking around in the Configurations/* and all the README* files, and
on the web, and it is not at all clear to me how/where to specify the
inherit_from and shlib_variant options (probably not the right term, but...) or
how the resulting libraries are distinguished from the system defaults from the
app Makefile and resulting application's point of view, particularly w.r.t. how
our app can use 1.1.1 while libraries we also link will use the system default
(1.0.2).
Do I copy an existing .conf file to a new name and edit that? If so, what am I
editing from/to? What's the best way to choose the name for the new file?
How do I get config (or Configure) to use the new conf file, or is that
automatic? If it is automatic, how does that work for "my" platform?
Assuming I use both, do I need to change my source to make use of the new
libraries or just my Makefile (and how)?
Our app links to both crypto/ssl and other shared libraries that use the system
default. How do I tell my Makefile which one to use for both our app and the
other libraries which need to use the system default openssl crypto/ssl libs?
Do I tack the variant at the front or back end of the -L/-l spec lines? What
about our -I specs (I guess that a -I for the custom 1.1.1 build is all our app
needs since we don't care what the other libraries use for compiling)?
As I mentioned, this is all quite new to me.
My apologies if this is as painful for you as it has been for me.
Many, many thanks in advance. I deeply appreciate all your assistance.
Mark
-----Original Message-----
From: openssl-users <openssl-users-boun...@openssl.org> On Behalf Of Viktor
Dukhovni
Sent: Thursday, July 18, 2019 10:19 PM
To: openssl-users@openssl.org
Subject: Re: Error building app on RHEL 7 with openssl 1.1.1
> On Jul 18, 2019, at 4:34 PM, Mark Richter <mrich...@solarflare.com> wrote:
>
> cc -DLOG_LEVEL=LOG_INFO -Wall -Werror -D__ci_driver__ -D__ci_ul_driver__
> -D_GNU_SOURCE -DWITH_MCDI_V2 -DWITH_TLS12=0
> -DSOLAR_SECURE_VERSION="1.0.3.1020 (3bf2875895d5+ Thu Jul 18 13:27:17 PDT
> 2019)" -Isrc/include -I/opt/openssl1.1/include -Isrc/tools/mc-comms
> -Isrc/tools/mc-comms/include -Isrc/emulators/mbedtls/include
> -I/usr/include/json-c -g3 -fno-omit-frame-pointer -Isrc/cntlr
> build/src/cntlr/cntlr.o -o build/bin/cntlr -Lbuild/lib -L/opt/openssl1.1/lib
> -Wl,-rpath,/opt/openssl1.1/lib -lsf_core -lcm -lss -lcrypto -lpci -lcurl
> -lpthread -lrt -lssl -luuid -ljson-c
> /usr/bin/ld: /opt/openssl1.1/lib/libcrypto.a(dso_dlfcn.o): undefined
> reference to symbol 'dlclose@@GLIBC_2.2.5'
> /usr/lib64/libdl.so.2: error adding symbols: DSO missing from command
> line
> collect2: error: ld returned 1 exit status
> make: *** [build/bin/cntlr] Error 1
While dlopen issue can be resolved by including "-ldl" in your linker options.
If you have not managed to get "shlib_variant" working, the above can't
possibly work because the libcurl you're linking with likely expects the
OpenSSL 1.0.2 ABI. If the same symbols are found in your the 1.1.1 library in
/opt, libcurl will likely crash.
If however, the /opt/openssl1.1/lib/lib{ssl,crypto} have the shlib_variant
SONAMEs and symbol variants, it should work. In that case libcurl will find its
symbols in something like:
/usr/lib/libssl.1.0.so
While your application can directly use the OpenSSL 1.1.1 API.
If your use of OpenSSL is entirely via libcurl, then the custom OpenSSL will do
you no good, unless you also built a custom libcurl linked against the custom
OpenSSL.
Perhaps you're looking for "Nix", or similar where multiple versions of
dependents and dependencies coƫxist more broadly on the same system (though
still likely not multiple versions of the same library in the same address
spaces as with the shlib_variant approach), but that's really not RHEL anymore.
--
Viktor.
The information contained in this message is confidential and is intended for
the addressee(s) only. If you have received this message in error, please
notify the sender immediately and delete the message. Unless you are an
addressee (or authorized to receive for an addressee), you may not use, copy or
disclose to anyone this message or any information contained in this message.
The unauthorized use, disclosure, copying or alteration of this message is
strictly prohibited.
