On Thu, Jul 17, 2014 at 03:22:28PM +1000, James Brown wrote:
> $ locate lib/libssl
> /usr/lib/libssl.0.9.7.dylib
> /usr/lib/libssl.0.9.8.dylib
> /usr/lib/libssl.1.0.0.dylib
> /usr/lib/libssl.a
> /usr/lib/libssl.dylib
> /usr/local/ssl/lib/libssl.a
I expected that you only had static libs in /usr/local, and the
linker searched the path for dynamic libs first. Turns out that's
only part of the story, the libraries are /usr/local/ssl/lib/ (any
symlinks from /usr/local/lib? locate(1) may be telling the whole
story).
> I'm guessing ssl directory at /usr/local/ is the problem?
> If so, mv everything from /usr/local/ssl/ to corresponding place in
> /usr/local?
No, rather adjust AUXLIBS to match the correct install location. But
you built static OpenSSL libraries, and should have build shared ones.
> The Makefile from my OpenSSL 1.0.1h directory has:
>
> PLATFORM=darwin64-x86_64-cc
> OPTIONS=--prefix=/usr/local --with-fipsdir=/usr/local fips
> no-ec_nistp_64_gcc_128 no-gmp no-jpake no-krb5 no-md2 no-rc5 no-rfc3779
> no-rsax no-sctp no-shared no-store no-zlib no-zlib-dynamic static-engine
Why "no-shared"? Why "fips"? Nobody in their right mind wants
"fips" unless forced to sell to the USG, or forced to use by USG.
> I think I just used ./configure darwin64-x86_64-cc
./Configure --prefix=/usr/local shared darwin64-x86_64-cc
But you really should consider homebrew or macports. The only
downside of homebrew is that the libraries belong to a non-root
user. So if that user is compromised, so is root. On a typical
personal system, that's not much of an issue. In any case you need
to choose a package management system (homebrew, macports, pkgsrc,
...) and use it consistently. You're having too much trouble
doing the integration from the ground up.
--
Viktor.
