Since there is some conclusion that we shouldn't build with yassl (that all our packages and binary tarball should be built with openssl) and for security reasons seems we don't want static openssl builds the only solution I see is creating more then one binary tarball so that users can use the one that works out-of-the-box for them.
I did some testing and for now I'm settled on 4 builds:
- debian wheezy - to be used for all debian/ubuntu except squeeze
(libssl.so.1.0.0 => /usr/lib/x86_64-linux-gnu/libssl.so.1.0.0 (0x00007f2e389a5000))
- debian squeeze - only for squeeze and ubuntu lucid (which is irrelevant since it's EOL is 04/2015)
(libssl.so.0.9.8 => /usr/lib/libssl.so.0.9.8 (0x00007f9b30db6000))
- centos 6 - to be used for centos 6 and centos 7
(libssl.so.10 => /usr/lib64/libssl.so.10 (0x00007facbe8c4000))
- centos 5 - to be used only for centos 5
(libssl.so.6 => /lib64/libssl.so.6 (0x00002aed5b64d000))
Apart from adding more distros to jenkins matrix for release builds minor change in naming of binary tarball is necessary so that it reflects the distro on which it was built so that users know which one to use - probably a doc update somewhere will also be needed for this.
Since there is some conclusion that we shouldn't build with yassl (that all our packages and binary tarball should be built with openssl) and for security reasons seems we don't want static openssl builds the only solution I see is creating more then one binary tarball so that users can use the one that works out-of-the-box for them.
I did some testing and for now I'm settled on 4 builds: x86_64- linux-gnu/ libssl. so.1.0. 0 (0x00007f2e389a 5000)) libssl. so.0.9. 8 (0x00007f9b30db 6000)) libssl. so.10 (0x00007facbe8c 4000)) d000))
- debian wheezy - to be used for all debian/ubuntu except squeeze
(libssl.so.1.0.0 => /usr/lib/
- debian squeeze - only for squeeze and ubuntu lucid (which is irrelevant since it's EOL is 04/2015)
(libssl.so.0.9.8 => /usr/lib/
- centos 6 - to be used for centos 6 and centos 7
(libssl.so.10 => /usr/lib64/
- centos 5 - to be used only for centos 5
(libssl.so.6 => /lib64/libssl.so.6 (0x00002aed5b64
Apart from adding more distros to jenkins matrix for release builds minor change in naming of binary tarball is necessary so that it reflects the distro on which it was built so that users know which one to use - probably a doc update somewhere will also be needed for this.