[csw-maintainers] Symbol versioning for openssl ?

Yann Rouillard yann at pleiades.fr.eu.org
Tue Jul 24 00:15:17 CEST 2012 

Oh, I think I've found something interesting.

To have the linker works as I expect, I have to enable Direct Linking. Here
are some links about it:
http://docs.oracle.com/cd/E19963-01/html/819-0690/aehzq.html
https://blogs.oracle.com/msw/entry/library_bindings_let_s_be
https://blogs.oracle.com/rie/entry/direct_binding_now_the_default

The problem is that the exemples explains how to enable direct linking when
you compile a binary against a program but it doesn't tell if it's possible
to compile a library in order to require direct linking when a program
tries to link with it.

I tried to change the mapfile like this (for openssl 0.9.8):
  OPENSSL_0.9.8 {
          global:
                  BIO_f_ssl = DIRECT;
                  BIO_new_buffer_ssl_connect = DIRECT;
                  BIO_new_ssl = DIRECT;
                  BIO_new_ssl_connect = DIRECT;
   [...]

But it didn't work so far.
I might require every library / program that link with openssl to enable
direct linking but that would be more intrusive.

I am still searching but any help is welcome.

Yann



2012/7/23 Yann Rouillard <yann at pleiades.fr.eu.org>

> Yes, its works at the symbol level but:
>>   - the linker doesn't seem to use that information when it links a given
>> symbol, it only uses it to check wether or not it can load a library,
>>   - it is not registered at the symbol level in the solaris elf file
>> (that could perfectly work without it, but it seems that the version is
>> stored for each symbol in Linux elf files).
>>
>
> Seems I was wrong on the last point. Solaris definitely stores the version
> for each symbol. You can get the information through pvs:
>
> # pvs -ors /opt/csw/lib/libneon.so.27.2.6
> [...]
> /opt/csw/lib/libneon.so.27.2.6 -        libssl.so.0.9.8 (OPENSSL_0.9.8):
> SSL_set_ex_data;
> /opt/csw/lib/libneon.so.27.2.6 -        libssl.so.0.9.8 (OPENSSL_0.9.8):
> SSL_write;
> /opt/csw/lib/libneon.so.27.2.6 -        libssl.so.0.9.8 (OPENSSL_0.9.8):
> SSL_load_error_strings;
> /opt/csw/lib/libneon.so.27.2.6 -        libssl.so.0.9.8 (OPENSSL_0.9.8):
> SSL_accept;
> /opt/csw/lib/libneon.so.27.2.6 -        libssl.so.0.9.8 (OPENSSL_0.9.8):
> SSL_new;
> [...]
>
> I am very surprised that the linker doesn't use that information at
> runtime to link the symbol.
>
> Yann
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opencsw.org/pipermail/maintainers/attachments/20120724/e2a78a73/attachment.html>

More information about the maintainers mailing list