httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "William A. Rowe Jr." <>
Subject Re: Linking mod_ssl with a specific OpenSSL version (Re: svn commit: r1358167 - in /httpd/httpd/trunk: acinclude.m4 modules/ssl/ssl_engine_init.c)
Date Thu, 09 Aug 2012 23:55:46 GMT
On 8/8/2012 4:45 AM, Ben Laurie wrote:
> On Wed, Aug 8, 2012 at 2:47 AM, Guenter Knauf <> wrote:
>> Am 08.08.2012 07:39, schrieb Kaspar Brand:
>>> On 06.08.2012 22:08, William A. Rowe Jr. wrote:
>>>> On 8/5/2012 10:10 PM, Kaspar Brand wrote:
>>>>> On 05.08.2012 14:38, Guenter Knauf wrote:
>>>>>> Am 05.08.2012 10:10, schrieb Kaspar Brand:
>>>>>>> 1) use --with-ssl-builddir for linking with the static OpenSSL
>>>>>>> libraries
>>>>>>> in that directory (and ignore --with-ssl in this case)
>>>>>> what about splitting into two arguments:
>>>>>> --with-ssl-include=
>>>>>> --with-ssl-lib=
>>>>>> this would be equal to what many other configure also use ...
>>>>> That's an option, yes, although the way the proposed option would work
>>>>> doesn't mirror the typical case of --with-xyz-include/--with-xyz-lib
>>>>> (i.e., add those args with -I and -L): "--with-ssl-builddir" forces
>>>>> mod_ssl to always be linked with the static libraries in that directory.
>>>>> Maybe --with-ssl-static-libdir would be a more appropriate name?
>>>> Why not simply consume the installed openssl.pc?
>>> In this particular case we're talking about using an OpenSSL build
>>> directory, i.e. the generated openssl.pc is sitting in a temporary
>>> location in that build tree (and when used, would output incorrect
>>> includedir/libdir locations).
>> probably a dumb question and I'm missing something, but:
>> why is this necessary at all? Given someone wants to build/link against a
>> development version of OpenSSL why should he ommit the last step of
>> installing OpenSSL to a separate location?
> Time taken to iterate in development is an important determiner of
> productivity. Having to do an install for every change introduces
> significant delay. It also has a tendency to make debugging hard.

I agree.

An openssl 'make localinstall' could trivially create the lib, include
trees consisting entirely of symlinks to the origin files in the same
build tree, and create an appropriate openssl.pc file describing the
link steps required to

Rather than solving 'for the httpd case', this would allow you to build
most any app or library depending upon openssl in a sensible way, in
order to diagnose openssl's interoperation with any consumer.

This really isn't the repository to solve openssl's contorted build

View raw message