On 2012-04-07 20:39 +0200, Marc Singer wrote:
> On Sat, Apr 7, 2012 at 10:55 AM, Sven Joachim <[email protected]> wrote:
>>
>> Apparently shellinaboxd is statically linked with ssl, which is bad.
Sorry, should have read the build logs more carefully and actually
peeked in the source code.
> No, it's dynamically link at runtime which is good. :-)
It dlopens libssl.so which is not good, since that file only exists if
libssl-dev is installed.
> I'm looking into how to get a Recommends: dependency on libssl without
> knowing the soname a priori.
Trick upstream into linking against ssl rather than dlopening it? Until
that happens, I don't have a better idea than to patch libhttp/ssl.c:
--8<---------------cut here---------------start------------->8---
diff --git a/libhttp/ssl.c b/libhttp/ssl.c
index f9cb37f..0d39079 100755
--- a/libhttp/ssl.c
+++ b/libhttp/ssl.c
@@ -298,7 +298,7 @@ static void loadSSL(void) {
{ { &X509_free }, "X509_free" }
};
for (unsigned i = 0; i < sizeof(symbols)/sizeof(symbols[0]); i++) {
- if (!(*symbols[i].var = loadSymbol("libssl.so", symbols[i].fn))) {
+ if (!(*symbols[i].var = loadSymbol("libssl.so.1.0.0", symbols[i].fn))) {
debug("Failed to load SSL support. Could not find \"%s\"",
symbols[i].fn);
for (unsigned j = 0; j < sizeof(symbols)/sizeof(symbols[0]); j++) {
--8<---------------cut here---------------end--------------->8---
and to add a "Recommends: libssl1.0.0" to debian/control. Of course,
this will break on the next libssl soname change.
Cheers,
Sven
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
