Debian introduced some time ago additional symbols to some shared libraries to support multiple versions linked to same executable trough multiple other dependencies. This adds version symbols such as: OPENSSL_1.0.2 This is of course outside of Gentoo scope with exception of some binary applications (such as steam games) linking against Ubuntu that also contains these pathes. Not having those symbols causes some games fail to start. This is basically reponenning issue: https://bugs.gentoo.org/show_bug.cgi?id=547444 The progress is that upstream accepted in this case Debian patches and from version 1.1.0 openssl contains version symbols. Problem is that they won't accept it for 1.0 release and there is still a lot of proprietary software build on Ubuntu. I would say that there is even bigger need with Steam and games (at least that is my issue). I think that it makes sense to allow this patch to be optionally applied by users if they need to. Because of that I propose to add versioned use flag. It can be in default disabled so default wont change but it allows others such as steam overlay repository to have it as a dependency.
Github pull request: https://github.com/gentoo/gentoo/pull/10568
The patch was created by somebody for openssl-1.0.2d. The patch adds version scripts with 'local: *'. This results in hiding all symbols not hardcoded in global section in version scripts. It would be good to check which (if any) symbols exactly are hidden by this patch. You can see list of symbols in `readelf -sW ${library}`. Beside above, if versioning is made conditional on a USE flag, then after enabling this USE flag and rebuilding of reverse dependencies, disabling of this USE flag breaks ABI for reverse dependencies, so there would have to be a noticeable warning for users. (Something using 'if has_version "dev-libs/openssl[versioned]" check.)
Instead of hiding all symbols not hardcoded in other nodes (e.g. OPENSSL_1.0.2), it would be better to create a new node without explicit version (called e.g. OPENSSL) and use 'global: *' there.
Example for people not familiar with version scripts: (libA.so represents library not using version script. libB.so represents library using version script with 'local: *'. libC.so represents library using version script with 'global: *' in new node.) $ cat libB.symbols XXX_1.0 { global: myfunction1; local: *; }; $ cat libC.symbols XXX_1.0 { global: myfunction1; }; XXX { global: *; }; $ gcc -shared -fPIC -o libA.so -x c - <<< "int myfunction1() {return 1;} int myfunction2() {return 2;}" $ gcc -shared -fPIC -o libB.so -x c - <<< "int myfunction1() {return 1;} int myfunction2() {return 2;}" -Wl,--version-script=libB.symbols $ gcc -shared -fPIC -o libC.so -x c - <<< "int myfunction1() {return 1;} int myfunction2() {return 2;}" -Wl,--version-script=libC.symbols $ strip --strip-unneeded -R .comment -R .GCC.command.line -R .note.gnu.gold-version libA.so libB.so libC.so $ readelf -sW libA.so | grep myfunction 6: 000000000000115a 50 FUNC GLOBAL DEFAULT 11 myfunction2 9: 0000000000001128 50 FUNC GLOBAL DEFAULT 11 myfunction1 $ readelf -sW libB.so | grep myfunction 6: 0000000000001128 50 FUNC GLOBAL DEFAULT 12 myfunction1@@XXX_1.0 $ readelf -sW libC.so | grep myfunction 6: 000000000000115a 50 FUNC GLOBAL DEFAULT 12 myfunction2@@XXX 11: 0000000000001128 50 FUNC GLOBAL DEFAULT 12 myfunction1@@XXX_1.0 $ gcc -c -o test.o -x c - <<< "int myfunction1(); int myfunction2(); int main() {return myfunction1() + myfunction2();}" $ gcc -o testA test.o -Wl,-rpath,. -L. -lA $ gcc -o testB test.o -Wl,-rpath,. -L. -lB /usr/lib/gcc/x86_64-pc-linux-gnu/8.2.0/../../../../x86_64-pc-linux-gnu/bin/ld: test.o: in function `main': :(.text+0x2a): undefined reference to `myfunction2' collect2: error: ld returned 1 exit status $ gcc -o testC test.o -Wl,-rpath,. -L. -lC $ strip --strip-unneeded -R .comment -R .GCC.command.line -R .note.gnu.gold-version testA testC $ readelf -sW testA | grep myfunction 3: 0000000000000000 0 FUNC GLOBAL DEFAULT UND myfunction1 6: 0000000000000000 0 FUNC GLOBAL DEFAULT UND myfunction2 $ readelf -sW testC | grep myfunction 5: 0000000000000000 0 FUNC GLOBAL DEFAULT UND myfunction2@XXX (4) 7: 0000000000000000 0 FUNC GLOBAL DEFAULT UND myfunction1@XXX_1.0 (5)
I am sorry for my delay. I was busy with christmass and such.. I added check to package pretend phase. I hope that that is what you wanted as a notice. I added new version for slot 1.0.0. I also changed used patch to Ubuntu one. That one is what is really required for games and such and has correct version markings. It was also updated with newer version (g). I changed local to version-less global. It should not break even if patch is updated to new version because if there is some symbol that was not versioned and now is than the old version-less should be still present. That of course require manual edit of Ubuntu patch every time we want to update it but that is future problem.
