X-Git-Url: https://git.exim.org/users/heiko/exim.git/blobdiff_plain/c9169e679abc0239694b382290b3dec1ccf7fcce..0800ef83ee2e0f769c96b7d4b972038188331627:/doc/doc-txt/openssl.txt

diff --git a/doc/doc-txt/openssl.txt b/doc/doc-txt/openssl.txt
index f57203405..194ae7cf8 100644
--- a/doc/doc-txt/openssl.txt
+++ b/doc/doc-txt/openssl.txt
@@ -36,10 +36,16 @@ Extract the current source of OpenSSL.  Change into that directory.
 This assumes that `/opt/openssl` is not in use.  If it is, pick
 something else.  `/opt/exim/openssl` perhaps.
 
-    ./config --prefix=/opt/openssl --openssldir=/etc/ssl enable-ssl-trace
+    ./config --prefix=/opt/openssl --openssldir=/etc/ssl  \
+        -L/opt/openssl/lib -Wl,-R/opt/openssl/lib         \
+        enable-ssl-trace shared
     make
     make install
 
+On some systems, the linker uses `-rpath` instead of `-R`; on such systems,
+replace the parameter starting `-Wl` with: `-Wl,-rpath,/opt/openssl/lib`.
+There are more variations on less common systems.
+
 You now have an installed OpenSSL under /opt/openssl which will not be
 used by any system programs.
 
@@ -47,17 +53,21 @@ When you copy `src/EDITME` to `Local/Makefile` to make your build edits,
 choose the pkg-config approach in that file, but also tell Exim to add
 the relevant directory into the rpath stamped into the binary:
 
+    PKG_CONFIG_PATH=/opt/openssl/lib/pkgconfig
+
     SUPPORT_TLS=yes
     USE_OPENSSL_PC=openssl
-    EXTRALIBS_EXIM=-ldl -Wl,-rpath,/opt/openssl/lib
+    LDFLAGS+=-ldl -Wl,-rpath,/opt/openssl/lib
+
+[jgh: I've see /usr/local/lib used]
 
-The -ldl is needed by OpenSSL 1.1+ on Linux and is not needed on most
-other platforms.
+The -ldl is needed by OpenSSL 1.0.2+ on Linux and is not needed on most
+other platforms.  The LDFLAGS is needed because `pkg-config` doesn't know
+how to emit information about RPATH-stamping, but we can still leverage
+`pkg-config` for everything else.
 
-Then tell pkg-config how to find the configuration files for your new
-OpenSSL install, and build Exim:
+Then build Exim:
 
-    export PKG_CONFIG_PATH=/opt/openssl/lib/pkgconfig
     make
     sudo make install
 
@@ -85,6 +95,12 @@ If the `chrpath` package is installed, then:
 
 will show the DT_RPATH stamped into the binary.
 
+Your `binutils` package should come with `readelf`, so an alternative
+is to run:
+
+    readelf -d $(which exim) | grep RPATH
+
+[jgh: I've seen that spelled RUNPATH]
 
 Very Advanced
 -------------