I have FreeBSD 11.3 and I have two OpenSSL ports installed:
A. /usr/ports/security/openssl/ which installs in /usr/local/openssl/ (still holding on old version 1.0.2u)
B. /usr/ports/security/openssl-unsafe/ which installs in /usr/local/openssl-unsafe/ (it is version 1.0.2k)
In /etc/make.conf I do have "DEFAULT_VERSIONS+=ssl=openssl" which means that serverwide I do use the first one - port A. I wish to continue to use it that way (and eventually update it to 1.1.1 after I resolve the issue below) and all software to use it except...
... I need to also run PHP 5.4 which will not work with OpenSSL 1.1.1 when I update. In fact this is the reason why I added the port openssl-unsafe (port B mentioned above). Obviously I need to do a custom installation (5.4 is no longer in ports). So I downloaded the sources and added "--with-openssl=/usr/local/openssl-unsafe" directive in the PHP 5.4 configure script.
So far, so good - it compiles, then it runs, however later on I see that it's compiled against 1.0.2k (which is openssl-unsafe) but it loads dynamically libs from the other one (1.0.2u). I attach an image with the phpinfo() output which shows that.
My guess here is that PHP 5.4 uses the libraries defined in "ssl" from DEFAULT_VERSIONS regardless that it is compiled with another path in the configure script. Any idea how can I resolve this situation?
P.S.1. FreeBSD 11.3 also have OpenSSL 1.0.2s preinstalled in /usr/bin but as mentioned above I am not using it.
P.S.2. Please skip the advice to not use outdated and unsupported software. I know that it is bad and it should not be used in production, etc., thanks.
A. /usr/ports/security/openssl/ which installs in /usr/local/openssl/ (still holding on old version 1.0.2u)
B. /usr/ports/security/openssl-unsafe/ which installs in /usr/local/openssl-unsafe/ (it is version 1.0.2k)
In /etc/make.conf I do have "DEFAULT_VERSIONS+=ssl=openssl" which means that serverwide I do use the first one - port A. I wish to continue to use it that way (and eventually update it to 1.1.1 after I resolve the issue below) and all software to use it except...
... I need to also run PHP 5.4 which will not work with OpenSSL 1.1.1 when I update. In fact this is the reason why I added the port openssl-unsafe (port B mentioned above). Obviously I need to do a custom installation (5.4 is no longer in ports). So I downloaded the sources and added "--with-openssl=/usr/local/openssl-unsafe" directive in the PHP 5.4 configure script.
So far, so good - it compiles, then it runs, however later on I see that it's compiled against 1.0.2k (which is openssl-unsafe) but it loads dynamically libs from the other one (1.0.2u). I attach an image with the phpinfo() output which shows that.
My guess here is that PHP 5.4 uses the libraries defined in "ssl" from DEFAULT_VERSIONS regardless that it is compiled with another path in the configure script. Any idea how can I resolve this situation?
P.S.1. FreeBSD 11.3 also have OpenSSL 1.0.2s preinstalled in /usr/bin but as mentioned above I am not using it.
P.S.2. Please skip the advice to not use outdated and unsupported software. I know that it is bad and it should not be used in production, etc., thanks.
