<div dir="ltr"><div style="font-family:monospace,monospace" class="gmail_default">The "which package depends on which openssl ver" issue's been around a long time.</div><div style="font-family:monospace,monospace" class="gmail_default"><br></div><div>F<span class="gmail_default" style="font-family:monospace,monospace">WIW, in general, I *never* touch openssl libs/headers in the default distro path, /usr.</span></div><div><span class="gmail_default" style="font-family:monospace,monospace">Just leave that alone -- too many distro packages (still) make (invalid) assumptions about that being the only/preferred openssl version.</span></div><div><span class="gmail_default" style="font-family:monospace,monospace"><br></span></div><div><span class="gmail_default" style="font-family:monospace,monospace">Also, some-not-all distros include /usr/local/ libs & headers in search path; with a higher priority than /usr.  Drop the 'wrong version' there, and you can cause yourself similar headaches.</span></div><div><span class="gmail_default" style="font-family:monospace,monospace"><br></span></div><div><span class="gmail_default" style="font-family:monospace,monospace">Instead, I build openssl versions into standalone-dirs. E.g.,</span></div><div><span class="gmail_default" style="font-family:monospace,monospace"><br></span></div><div><span class="gmail_default" style="font-family:monospace,monospace">  /usr/local/openssl102</span></div><div><span class="gmail_default" style="font-family:monospace,monospace">  /usr/local/openssl110</span><div><span class="gmail_default" style="font-family:monospace,monospace">  /usr/local/openssl111</span><div><span class="gmail_default" style="font-family:monospace,monospace"><br></span></div><div><span class="gmail_default" style="font-family:monospace,monospace">and then build any apps I want/need to use a specific version with appropriate CFLAGS/CPPFLAGS/INCLUDE, as well as LIBS with rpath.</span></div><div><span class="gmail_default" style="font-family:monospace,monospace">Yes, it's a slog.  But for my use, it's been the only way to manage the mess.</span></div><div><span class="gmail_default" style="font-family:monospace,monospace"><br></span></div><div><span class="gmail_default" style="font-family:monospace,monospace">With the release of openssl 111, I suspect/hope things will begin to stabilize in app-land; but, I'm not holding my breath.<br></span></div><span class="gmail_default" style="font-family:monospace,monospace"></span></div><span class="gmail_default" style="font-family:monospace,monospace"></span></div><div><span class="gmail_default" style="font-family:monospace,monospace"><br></span></div><div style="font-family:monospace,monospace" class="gmail_default"><span class="gmail_default" style="font-family:monospace,monospace"></span>And, of course, different strokes ...</div><br></div>