Using a different version of OpenSSL

ConfD depends on the OpenSSL libcrypto shared library for a number of cryptographic functions. (The libssl library is not used by ConfD.) Currently most ConfD releases, in particular all releases for Linux systems, are built with OpenSSL version 1.0.0, and thus require that the libcrypto library from this version is present when ConfD is run. Some releases for other systems require libcrypto from OpenSSL version 0.9.8 or 0.9.7. It is also possible that a given version, even though it is the one that ConfD requires, has been built with configuration parameters that make the interface incompatible with the build that is expected by ConfD.

However the libcrypto dependency is limited to two components in the ConfD release, the libconfd library used by applications, and a shared object called crypto.so, that is used by the ConfD daemon as an interface to libcrypto. Both these components are included in source form in the confd-.libconfd.tar.gz tar archive that is provided with each ConfD release.

To use a different OpenSSL version than the one the ConfD release is built with, e.g. due to a Linux development or target environment having OpenSSL version 0.9.8 installed for other purposes, it is sufficient to use the provided sources to rebuild these two components with the desired OpenSSL version, and replace them in the ConfD release. The toplevel README file included in the tar archive has instructions on how to do the build of both libconfd and crypto.so.

While libconfd can be located wherever it is convenient for application use, crypto.so must be placed in the $CONFD_DIR/lib/confd/lib/core/crypto/priv/lib directory in the ConfD installation. The Makefiles in the tar archive have install targets for libconfd and crypto.so that will do a copy to the appropriate place in the ConfD installation if CONFD_DIR is set to the installation directory.