Linux,共享库使用主程序中的函数而不是其他共享库
[英]Linux, Shared library uses functions from main program instead of other shared libraries
问题描述
I'm building a shared library that is loaded from an application (which I have no control of). 
我正在构建一个从应用程序加载的共享库(我无法控制)。 My library uses other shared libraries which in turn uses other shared libraries, complex but not unusual. 我的库使用其他共享库,而这些库又使用其他共享库,复杂但并不罕见。
The problem is that the main application have functions present in one of the libraries further down in the chain, to be more specific it is openLDAP that in turn uses openSSL functions: 问题是主应用程序的功能存在于链中的一个库中,更具体地说, openLDAP又使用openSSL函数:
Main app->My library->openLDAP libraries->openSSL libraries
My guess is that the main application is implementing openSSL either by a static linkage or a simple copy/paste of source code. 我的猜测是主应用程序是通过静态链接或简单的源代码复制/粘贴来实现openSSL 。
My question is: can I control which functions openLDAP uses from my library or do I have to recompile openLDAP with a static linkage to openSSL ? 我的问题是:我可以控制哪些功能openLDAP从我的图书馆使用或做我必须重新编译openLDAP一个静态链接到openSSL ?
Since openSSL is updated quite frequently due to security issues I don't want a static copy of it if I don't have to. 由于安全问题, openSSL经常更新,如果我不需要,我不想要它的静态副本。 And why re-distribute a proprietary copy of openLDAP when it's part of most distributions packages... 当它是大多数发行包的一部分时,为什么要重新分发openLDAP的专有副本......
3 个解决方案
解决方案1
3 2014-10-09 06:45:56
Right now what you have is the executable overriding what would otherwise be the system's default choice of OpenSSL library. 现在你所拥有的是可执行文件,它会覆盖系统默认选择的OpenSSL库。 It is within the executable's rights to do that, and you can't really stop it. 这样做是可执行的权利,你不能真正阻止它。
Statically linking OpenSSL in your library may not really be a solution either. 静态链接库中的OpenSSL可能也不是真正的解决方案。 For one thing, what if the executable really does was to use a different version? 首先,如果可执行文件真的是使用不同的版本怎么办? For another, what if OpenSSL has some global variables? 另一方面,如果OpenSSL有一些全局变量怎么办? Now you will have two copies of the library in the same process, which is not a good idea and may cause bugs. 现在,您将在同一个进程中拥有该库的两个副本,这不是一个好主意,可能会导致错误。
To me, the best answer we have on Linux is to not consider this sort of thing to be a problem. 对我来说,我们在Linux上的最佳答案是不要将此类问题视为一个问题。 If an executable loads a bad version of OpenSSL, that is not your library's fault. 如果可执行文件加载了错误版本的OpenSSL,那不是您库的错误。 At most you can check which version is loaded and refuse to run if it's known to be incompatible with your library for some reason. 最多可以检查加载的版本,如果由于某种原因已知与您的库不兼容,则拒绝运行。
解决方案2
0 2014-10-09 06:55:36
My guess is that the main application is implementing openSSL either by a static linkage or a simple copy/paste of source code.
This is wrong things. 这是错误的事情。 If application developer shoots on his foot then you can not do anythings. 如果应用程序开发人员在他的脚上射击那么你就不能做任何事情。
App developer should see that your library is dependent on OpenSSL library (using ldd command) then he should not link OpenSSL again as staticly or copy paste its code. 应用程序开发人员应该看到您的库依赖于OpenSSL库(使用ldd命令),然后他不应该OpenSSL again as staticly or copy paste its code.链接OpenSSL again as staticly or copy paste its code.
If some functions from OpenSSL does not creating any messy and if they can be used just like any static method of any java class then only App developer should take risk of implementing that code in app. 如果OpenSSL中的某些函数没有创建任何混乱,并且如果它们可以像任何java类的任何静态方法一样使用,那么只有App开发人员应该承担在app中实现该代码的风险。
解决方案3
0 已采纳 2014-10-23 12:13:57
The solution was to use RTLD_DEEPBIND in dlopen(3): 解决方案是在dlopen(3)中使用RTLD_DEEPBIND:
RTLD_DEEPBIND (since glibc 2.3.4)
Place the lookup scope of the symbols in this library ahead of the global scope.
This might not be the the best solution but it works in this case when the process is created by closed source software. 这可能不是最好的解决方案,但在这种情况下,当流程由封闭源软件创建时,它可以工作。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.