Difference between libssl.a in static openssl build versus libssl.a in dynamic openssl build ???

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Difference between libssl.a in static openssl build versus libssl.a in dynamic openssl build ???

Joe Flowers-4
Hi Everyone,

1.
I am trying to upgrade some libraries of an older version of openssl (~0.9.7) with the libraries of a less old version of openssl (1.0.0e).


2.
When I perform a dynamic openssl build with the following commands, I get (among other files) a libssl.a file.

cd /joe/openssl-1.0.1e/dynamic/64bit/openssl-1.0.1e
make clean
setarch x86_64 ./config -m64 -D_GNU_SOURCE -fPIC shared no-zlib
make



3.
When I perform a static openssl build with the following commands, I get (among other files) another libssl.a file.

cd /joe/openssl-1.0.1e/static/64bit/openssl-1.0.1e
./config -D_GNU_SOURCE
make clean
make



4.
I am trying to determine which one of these two newer libssl.a files I should use to replace the older ~0.9.7 libssl.a file.


Any ideas how to do this?

I have been trying to use the "readelf " and "file" commands on these 3 different libssl.a files, but I am not seeing a pattern in the files which allows me to determine which one should be used.

5.
I am compiling on a SLES11 SP1 64-bit machine.


Thanks!!!

Joe
----------------


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: Difference between libssl.a in static openssl build versus libssl.a in dynamic openssl build ???

OpenSSL - User mailing list

You know you are going from something horribly out of date to something very out of date, right?

 

Can’t you at least move to 1.0.2?


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: Difference between libssl.a in static openssl build versus libssl.a in dynamic openssl build ???

Joe Flowers-4
You know you are going from something horribly out of date to something very out of date, right?

Yes.

> Can’t you at least move to 1.0.2?

That is out of my hands and is almost entirely irrelevant to the information I asked for and need. Even if I could upgrade to 1.0.2 the same problem and same question would remain.






On Mon, Jul 24, 2017 at 7:42 AM, Salz, Rich via openssl-users <[hidden email]> wrote:

You know you are going from something horribly out of date to something very out of date, right?

 

Can’t you at least move to 1.0.2?


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users



--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: Difference between libssl.a in static openssl build versus libssl.a in dynamic openssl build ???

Michael Wojcik
> From: openssl-users [mailto:[hidden email]] On Behalf Of Joe Flowers
> Sent: Monday, July 24, 2017 08:54
> To: Salz, Rich; [hidden email]
> Subject: Re: [openssl-users] Difference between libssl.a in static openssl build versus libssl.a in dynamic openssl build ???

>> You know you are going from something horribly out of date to something very out of date, right?

> Yes.

>> Can’t you at least move to 1.0.2?

> That is out of my hands and is almost entirely irrelevant to the information I asked for and need.

Perhaps, but it's not irrelevant to your question, because:

- The OpenSSL build process has been updated significantly since the days of 1.0.0 or 1.0.1 (your original message said 1.0.0e, but the directory paths you quoted say 1.0.1e), so it's easier for people to comment on build questions regarding supported releases.

- More importantly, the people who participate on this list have limited resources and other responsibilities. It makes sense for them to focus on questions from people who are using supported releases. That doesn't mean no one should help you, or that no one will; but it would be courteous to acknowledge that fact.

Now, on to your original question:

> When I perform a dynamic openssl build with the following commands, I get (among other files) a libssl.a file.
> ...
> When I perform a static openssl build with the following commands, I get (among other files) another libssl.a file.
> ...
> I am trying to determine which one of these two newer libssl.a files I should use to replace the older ~0.9.7 libssl.a file.

For Linux, I believe it depends on whether you need PIC code, and whether you need the OpenSSL FIPS module. I'm going to ignore the latter case, because FIPS is a nightmarish wasteland of horrors. FIPS aside, I don't know of any reason *not* to use PIC code. The OpenSSL builds I work with always build sharable (PIC, on Linux and appropriate UNIXes) code, which we then put into static libraries, which are linked into dynamic libraries / shared objects containing our own cover routines.

There might be some other use case for building OpenSSL statically on Linux, but I'm not aware of one. Other list members may be.

Now, whether a dynamic-build libssl.a (and libcrypto.a) can be used as drop-in replacements for your 0.9.7 versions is another question entirely, of course.

--
Michael Wojcik
Distinguished Engineer, Micro Focus

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users