Re: GPL-licensed packages with depend-chain to OpenSSL

To: David Schleef <ds@schleef.org>
Cc: debian-legal@lists.debian.org
Subject: Re: GPL-licensed packages with depend-chain to OpenSSL
From: Måns Rullgård <mru@mru.ath.cx>
Date: Fri, 20 Aug 2004 00:45:06 +0200
Message-id: <[🔎] yw1x4qmy693h.fsf@mru.ath.cx>
In-reply-to: <[🔎] 20040819221041.GA7890@comedi.org> (David Schleef's message of "Thu, 19 Aug 2004 15:10:41 -0700")
References: <[🔎] Pine.LNX.4.60.0408121358540.22401@yvahk3.pbagnpgbe.fr> <[🔎] 20040812231720.GC23851@quetzlcoatl.dodds.net> <[🔎] 20040819080206.GC13413@ba.issia.cnr.it> <[🔎] 20040819083847.GD10426@mauritius.dodds.net> <[🔎] yw1xbrh7h4ug.fsf@mru.ath.cx> <[🔎] 20040819221041.GA7890@comedi.org>

David Schleef <ds@schleef.org> writes:

> On Thu, Aug 19, 2004 at 11:09:11AM +0200, Måns Rullgård wrote:
>> When using dynamic linking that is not necessarily the case.  Most
>> dynamic linkers use lazy loading of libraries, such that the openssl
>> libraries would not actually be mapped in to the process address space
>> until one of its functions is called.
>
> This is not how an ELF runtime linker works.  Run ldd on a binary --
> this lists all the shared object files that are mapped into the
> address space of the process before main() is called.

Sorry, I was a little too quick there.  The file is mapped, but is not
read from disk until the code is required.  The mapping is also shared
with other applications using the library.  Are all these applications
derived from each other?

> Symbol references are not necessarily resolved at that time, unless
> you define LD_BIND_NOW or are using prelinking.  There's really no
> method of doing "lazy linking" as you suggest with C, since it would
> either fail (such as with global variables in libraries) or be
> required to violate the ISO standard, such as taking the address of
> a function.

There is no requirement that the linker be written in C, or that it
follow any standard whatsoever as long as the interface and operation
visible to applications is as expected.

-- 
Måns Rullgård
mru@mru.ath.cx

Reply to:

Follow-Ups:
- Re: GPL-licensed packages with depend-chain to OpenSSL
  - From: Lewis Jardine <lewisjardine@tiscali.co.uk>

References:
- GPL-licensed packages with depend-chain to OpenSSL
  - From: Daniel Stenberg <daniel@haxx.se>
- Re: GPL-licensed packages with depend-chain to OpenSSL
  - From: Steve Langasek <vorlon@debian.org>
- Re: GPL-licensed packages with depend-chain to OpenSSL
  - From: "Francesco P. Lovergine" <frankie@debian.org>
- Re: GPL-licensed packages with depend-chain to OpenSSL
  - From: Steve Langasek <vorlon@debian.org>
- Re: GPL-licensed packages with depend-chain to OpenSSL
  - From: Måns Rullgård <mru@mru.ath.cx>
- Re: GPL-licensed packages with depend-chain to OpenSSL
  - From: David Schleef <ds@schleef.org>

Prev by Date: Re: GPL-licensed packages with depend-chain to OpenSSL
Next by Date: Re: GPL-licensed packages with depend-chain to OpenSSL
Previous by thread: Re: GPL-licensed packages with depend-chain to OpenSSL
Next by thread: Re: GPL-licensed packages with depend-chain to OpenSSL
Index(es):
- Date
- Thread