On 08/03/2016 05:33 PM, Thomas Eriksson wrote:
On 08/03/2016 05:23 PM, Alice Wonder wrote:
On 08/03/2016 05:20 PM, Alice Wonder wrote:
On 08/03/2016 05:11 PM, Alice Wonder wrote:
I'm having a major frustration with curl.
When building curl, if libssl.so.10 is present the curl binary WILL link
against it.
*snip*
Go ahead and ldd on the CentOS curl binary and library - you will see
openssl linked even though the spec file has --disable-ssl and
--enable-nss
It's clearly broken.
And building the CentOS curl package doesn't even BuildRequires the
openssl-devel package.
It's linking against a library it doesn't have the headers for.
That's broken.
I haven't looked at how curl is built, butit is likely that the build
links against some other package that is, in turn, built against
OpenSSL.
You would not need the openssl-devel package to do that, only the
runtime libraries.
It looks like that package could be libssh2...
It's not libssh2 because I built libssh2 against LibreSSL and tested it
with ldd and it doesn't use OpenSSL nor pull it in.
And in trying to create a curl that doesn't link against anything TLS I
put --disable-libssh2 into the configure.
The curl library respects that configure switch when building, the curl
binary does not - it links against it anyway (mock pulls it in for other
things, pulling in the version I built against OpenSSL)
I also built custom OpenSSH against LibreSSL (which required ripping out
all the fips stuff) for the mock build too - it also isn't pulling in
OpenSSL libs.
Something in the curl build will always link the binary against OpenSSL
if the openssl-lib package is present, and will always link the library
against OpenSSL if any TLS option is enabled in the configure.
This happens even openssl-devel is not installed in the mock build
environment.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
