[openssl-dev] Upcoming build system change
Corinna Vinschen
vinschen at redhat.com
Sun Jan 24 14:54:35 UTC 2016
On Jan 24 14:35, Kurt Roeckx wrote:
> On Sun, Jan 24, 2016 at 01:19:00PM +0100, Corinna Vinschen wrote:
> > On Jan 23 22:12, Richard Levitte wrote:
> > > This is interesting, actually. OSSL_DYNAMIC_OLDEST has some design
> > > around it that's meant to permit EXACTLY that kind of mixture. It's
> > > in the macro IMPLEMENT_DYNAMIC_BIND_FN. However, it's possible it's
> > > not doing enough, and figuring out what else it needs to do is a
> > > venture I think is worth spending some time on.
> >
> > The problem here is Windows and how DLL dependencies are resolved.
> > We're using versioned DLLs, e.g.
> >
> > /usr/bin/cygcrypto-0.9.8.dll
> > /usr/bin/cygcrypto-1.0.0.dll
> > /usr/bin/cygcrypto-1.1.dll
>
> So it's name is like the soname on Linux and others? I'm guessing
> only cygwin is doing that and other windows versions still use
> things like libeay32.dll?
Yes, exactly. Cygwin is much more trying to be like a Linux distro on
top of Windows. This includes how we handle shared libs, within the
bounds of [history and] what can be done under Windows, of course.
> So engines build for 1.0.X can be loaded with any
> "cygcrypto-1.0.0.dll"?
Yep.
> > When building engines, the engines are shared libs linking against the
> > crypto DLL. This creates a hard dependency to the DLL the engine has
> > been linked against. So, consider using an application linked against
> > cygcrypto-1.1.dll. It loads an engine built with and thus linked
> > against cygcrypto-1.0.0.dll. While the application will use functions
> > from cygcrypto-1.1.dll, the engine will use functions from
> > cygcrypto-1.0.0.dll. Hilarity ensues. Unless cygcrypto-1.0.0.dll has
> > been deprecated and removed. In which case loading the engine fails.
> >
> > To decouple an engine from a DLL version, what we would have to do is
> > to change the engines not to link against libcrypto, but rather to load
> > *all* functions dynamically at runtime (dlload/dlsym(*)). Only this
> > would allow to decouple the engines from a specific versioned DLL.
>
> Note that OSSL_DYNAMIC_OLDEST changed in 1.1.
>
> Even if the engines for 1.1 were compatible with 1.0, we'd have
> the same problem on Linux, it also knows to which soname it was
> linked.
Ah, good to know.
Thanks,
Corinna
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20160124/b88bdfb9/attachment.sig>
More information about the openssl-dev
mailing list