[openssl-users] Building libcrypto/libssl without symbolic link

Viktor Dukhovni openssl-users at dukhovni.org
Wed Apr 22 19:49:11 UTC 2015


On Wed, Apr 22, 2015 at 09:04:04PM +0200, Jakob Bohm wrote:

> For parallel installation of OpenSSL 1.0.2a and the OS
> supplied OpenSSL 1.0.1 (with patches equivalent to the
> latest release), modify SHLIB_VERSION_NUMBER from 1.0.0
> to 1.0.2 in the folliwing files from the tarball:

The ABI version really is 1.0.0.  Symbol versioning is the right
way to distinguish between 1.0.[012].  The Debian OpenSSL build
does symbol versioning to avoid conflicts between multiple libraries
that support the 1.0.0 ABI.

Yes, the ABI compatibility is only backwards compatibility, so
applications that link to a newer version of the library at compile
time, need to use the same or newer library at run-time.

Applications using a non-system library need to record a suitable
RPATH (often using "$ORIGIN" is a good bet if the application ships
a copy of the library).  Ideally applications would use the system
supplied library, otherwise patching becomes rather difficult...

-- 
	Viktor.


More information about the openssl-users mailing list