On Mon, 29 Mar 2021, Jeffrey Walton wrote:
On Mon, Mar 29, 2021 at 12:11 AM Jason Mitchell <jar%bigjar.com@localhost> wrote:Sorry for top posting, but the app is compiled against libcrypyo.so.14 (openssl 1.1.1g) whereas I want it to use libcrypto.so.1.1 (OpenSSL 1.1.1i)OpenSSL 1.1.x are all binary compatible. You can swap them in and out. For example, you can swap OpenSSL 1.1.0a and 1.1.1k and everything will work as expected. Also see https://www.openssl.org/policies/releasestrat.html in the OpenSSL FAQ.
In that case, user can try one of 2 methods to use the newer OpenSSL libs. 1. Symlink + LD_LIBRARY_PATH method # install -d -m 755 /usr/local/lib # cd /usr/local/lib # ln -s ../../pkg/lib/libcrypto.so.1.1 libcrypto.so.14 ... etc ... # env LD_LIBRARY_PATH=/usr/local/lib stunnel ... This shouldn't affect any other programs because /usr/local/lib is not in the library search path on NetBSD. 2. LD_PRELOAD method env LD_PRELOAD=/usr/pkg/lib/libcrypto.so:/usr/pkg/lib/libssl.so \ stunnel ... This loads the newer SSL libs. before the normal shared libs. are tried. The runtime linker will then be able to satisfy program function dependencies using the preloaded libraries. I still prefer the "building stunnel from source against the pkgsrc OpenSSL" method. -RVP