Using statically compiled openssl libs in applications #21680
Replies: 5 comments 3 replies
-
The search path will have to be set for fips.dll. It cannot be included statically. |
Beta Was this translation helpful? Give feedback.
-
I'm a bit confused by the initial question. In your problem statement you indicated that B.dll was compiled such that it included openssl statically during the link. that reads to me that when you compile B.dll you have a line in your makefile(cmakefile, project file etc), that looks like this: If your compliation is working, that line above should be providing the paths to your custom openssl libraries, and no runtime library discovery should be needed. As for fips.dll and legacy.dll, if you link them with -llegacy and -lfips the loader will at run time search the LD_LIBRARY_PATH, followed by the standard library paths for your system, which may or may not be the libs you want. That can be overridden with the linkers -rpath option (which as I write this may be what @paulidale was referring to) As for your applink issue, I believe the answer is in the man page: You need to include applink.c in your dll compilation so as to provide the BIO=>Win32 runtime bridge to implement the BIO provider |
Beta Was this translation helpful? Give feedback.
-
B.dll does not necessarily need to have a completely separate OpenSSL instance just because it is using different provider settings. It can instead use a different OSSL_LIB_CTX to A.dll |
Beta Was this translation helpful? Give feedback.
-
Ok, thats reasonble, I think what you're saying is you should never specify -lfips or -llegacy on the command line, as libcrypto will load them at run time via dlopen, or via the builtin option that may occur during static linking, correct? If so, then I think we're on the same page. if a separate openssl instance is required (i.e. if a different OSSL_LIB_CTX isn't used) for whatever reason, then you can still get the fips.dll/legacy.dll you need either via static linking, or via the use of -rpath to specify the runtime library search path when linking B.dll |
Beta Was this translation helpful? Give feedback.
-
Correct.
The normal runtime library search path is not used for provider dlls. We look in the following locations for them:
|
Beta Was this translation helpful? Give feedback.
-
Discussed in #21639
Originally posted by casidapulak August 3, 2023
Hello,
I have a c++ application App.exe which loads 2 dlls:
My question is if openssl search path needs to be set in B.dll to look for legacy.dll and fips.dll that are part of static lib compilation. Currently I have not done that and my application seems to work fine and B.dll seems to use legacy.dll and fips.dll which are part of dynamic lib compilation of openssl ( but if I check in dependency walker legacy.dll seems to have a dependency on the openssl dlls)
Thanks in advance!
Beta Was this translation helpful? Give feedback.
All reactions