<div class="gmail_quote">2012/7/24 Joerg Schilling <span dir="ltr"><<a href="mailto:Joerg.Schilling@fokus.fraunhofer.de" target="_blank">Joerg.Schilling@fokus.fraunhofer.de</a>></span><br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div class="im">Yann Rouillard <<a href="mailto:yann@pleiades.fr.eu.org">yann@pleiades.fr.eu.org</a>> wrote:<br></div>
<div class="im"><br>
> The problem is that the exemples explains how to enable direct linking when<br>
> you compile a binary against a program but it doesn't tell if it's possible<br>
> to compile a library in order to require direct linking when a program<br>
> tries to link with it.<br>
<br>
</div>A library is bound by calling:<br>
<br>
cc -o libname -dy -G -ztext -h soname -M mapfile *.o -lneeded-libs<br>
<br>
I see no problem to add -Bdirect to this commandline.<br></blockquote><div><br></div><div>Yes, but I need to ask for a modification of builds of every package linked against ssl.</div><div>That's more difficult than to only make a modification in openssl.</div>
<div><br></div><div>It might also cause some problem if direct linking should be used against libssl but not against another lib (you can workaround this by using "-z direct -lssl" I think that we would need to insert this).</div>
<div>But I think there must not be many cases where direct linking is a problem.</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div class="im"><br>
> I tried to change the mapfile like this (for openssl 0.9.8):<br>
> OPENSSL_0.9.8 {<br>
> global:<br>
> BIO_f_ssl = DIRECT;<br>
> BIO_new_buffer_ssl_connect = DIRECT;<br>
> BIO_new_ssl = DIRECT;<br>
> BIO_new_ssl_connect = DIRECT;<br>
> [...]<br>
><br>
> But it didn't work so far.<br>
> I might require every library / program that link with openssl to enable<br>
> direct linking but that would be more intrusive.<br>
<br>
</div>Wouldn't it be sufficient to just make the high level libs and the final binary<br>
use -Bdirect?<br></blockquote><div><br></div><div>Well after having read what "-B direct" is, I think it would be a even better idea to enable it for all packages in Opencsw.</div><div>That is supposed to more efficient and that would solve runtime dual linking problem for every library without having to enable symbol versioning (symbol versioning is a good thing but is more work, I still have to figure how to easily manage and update this file for openssl).</div>
<div><br></div><div>I am trying to gather some more information and I will send a proposal.</div><div><br></div><div><br></div><div>BTW, a real-life test with neon linked against openssl 0.9.8 with "-B direct" shows that it works:</div>
<div># LD_DEBUG=all,detail cadaver</div><div>[...]</div><div><div>01175: file=/opt/csw/bin/cadaver; add binding to:</div><div>01175: file=/opt/csw/lib/i386/libssl.so.1.0.0 [ NEEDED ]</div></div><div>[...]</div><div>
<div>01175: version needed processing: file=/opt/csw/lib/libneon.so.27</div><div>01175: file version</div><div>01175: libcrypto.so.0.9.8 OPENSSL_0.9.8</div><div>01175: </div>
<div>01175: file=/opt/csw/lib/libneon.so.27; add binding to:</div><div>01175: file=/opt/csw/lib/libcrypto.so.0.9.8 [ NEEDED ]</div></div><div>[...]</div><div><div>01175: 1: binding file=/opt/csw/lib/libneon.so.27 (0xfecbe86b:0x1e86b) at plt[349]:full to file=/opt/csw/lib/libssl.so.0.9.8 (0xfe4f2f30:0x32f30): symbol 'SSL_load_error_strings' (direct)</div>
</div><div><div>01175: 1: binding file=/opt/csw/lib/libneon.so.27 (0xfecbe870:0x1e870) at plt[350]:full to file=/opt/csw/lib/libssl.so.0.9.8 (0xfe4fd9f0:0x3d9f0): symbol 'SSL_library_init' (direct)</div></div><div>
[...]</div><div><br></div><div>Yann</div></div>