[openssl-dev] Upcoming build system change
Richard Levitte
levitte at openssl.org
Sat Jan 23 21:12:40 UTC 2016
In message <20160123210116.GB13479 at calimero.vinschen.de> on Sat, 23 Jan 2016 22:01:16 +0100, Corinna Vinschen <vinschen at redhat.com> said:
vinschen> On Jan 23 21:35, Kurt Roeckx wrote:
vinschen> > On Sat, Jan 23, 2016 at 09:27:58PM +0100, Corinna Vinschen wrote:
vinschen> > >
vinschen> > > Last but not least, we have another problem with enginesdir. To allow a
vinschen> > > rolling release cycle, we have to support multiple versions of openssl
vinschen> > > in parallel. The problem here is that the enginesdir needs to be
vinschen> > > versioned to allow per-openssl version engines. The build scripts don't
vinschen> > > allow for this. Right now we're using a patch as the below one to tweak
vinschen> > > the configury to allow specifying the engines dir during build time.
vinschen> > > Would it hurt terribly to include something like the below patch?
vinschen> >
vinschen> > In general, I would like to have a directory for the engines that
vinschen> > relates to OSSL_DYNAMIC_OLDEST.
vinschen>
vinschen> That probably won't work for Cygwin. The engines are linked against the
vinschen> versioned DLLs of the OpenSSL version they have been built for, Even
vinschen> assuming binary compatibility, an engine linked against openssl-1.0 will
vinschen> pull in openssl-1.0 DLLs, even when loaded from openssl-1.1. We have to
vinschen> keep the engines separate.
This is interesting, actually. OSSL_DYNAMIC_OLDEST has some design
around it that's meant to permit EXACTLY that kind of mixture. It's
in the macro IMPLEMENT_DYNAMIC_BIND_FN. However, it's possible it's
not doing enough, and figuring out what else it needs to do is a
venture I think is worth spending some time on.
Cheers,
Richard
--
Richard Levitte levitte at openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
More information about the openssl-dev
mailing list