Guideline for OpenSSL linkage / loading

2 posts / 0 new
Last post
Offline
Last seen: 9 months 3 weeks ago
Joined: 02/12/2023
Posts: 1
Guideline for OpenSSL linkage / loading

What possibilities are there to be able to ensure the application uses always the latest version of the OpenSSL libraries? The assumption being it is not possible (or a very large effort) to recompile and ship the application. 

There is the com.rti.serv.secure.openssl_engine property which looks like it would be the one to use (see 12. Support for OpenSSL Engines — RTI Security Plugins User's Manual 7.0.0 documentation). If I compile an application to statically link to the OpenSSL version shipped with the DDS libraries, could this property be used to point to and load the newest OpenSSL library version?

Howard's picture
Offline
Last seen: 4 days 19 hours ago
Joined: 11/29/2012
Posts: 544

I believe that the openssl_engine property is for customers to use custom cryto libraries that implement the openssl engine interface.  Having said that, yes, I guess you can use that to point to any library that implements the interface, including openssl itself...but haven't tried it.

On the other hand...if you just build your application to use the OpenSSL libraries as dynamic libraries, then you can always change exactly which libraries your application uses when it starts.  Of course, they'll have to be backwards compatible with whatever version of the OpenSSL libraries the Connext DDS Secure plugins were compatible with...