NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Is it possible to force an application to use newer OpenSSL from pkgsrc?

On Mon, 29 Mar 2021, Jeffrey Walton wrote:

On Mon, Mar 29, 2021 at 12:11 AM Jason Mitchell <> wrote:

Sorry for top posting, but the app is compiled against (openssl 1.1.1g) whereas I want it to use (OpenSSL 1.1.1i)

OpenSSL 1.1.x are all binary compatible. You can swap them in and out.
For example, you can swap OpenSSL 1.1.0a and 1.1.1k and everything
will work as expected.

Also see in the OpenSSL FAQ.

In that case, user can try one of 2 methods to use the newer OpenSSL libs.

1. Symlink + LD_LIBRARY_PATH method

# install -d -m 755 /usr/local/lib
# cd /usr/local/lib
# ln -s ../../pkg/lib/
... etc ...
# env LD_LIBRARY_PATH=/usr/local/lib stunnel ...

This shouldn't affect any other programs because /usr/local/lib
is not in the library search path on NetBSD.

2. LD_PRELOAD method

env LD_PRELOAD=/usr/pkg/lib/ \
	stunnel ...

This loads the newer SSL libs. before the normal shared libs. are
tried. The runtime linker will then be able to satisfy program function
dependencies using the preloaded libraries.

I still prefer the "building stunnel from source against the pkgsrc OpenSSL"


Home | Main Index | Thread Index | Old Index