Hi Everyone,
I build OpenSSH for downlevel machines, like OS X and Solaris. I install into /opt/ssh, and I use a runpath of $ORIGIN/../lib. The LDFLAGS are:
-Wl,-runpath,'$ORIGIN/../lib' -Wl,-runpath,$(prefix)/lib -Wl,--enable-new-dtags
I noticed Nettle does not handle the ORIGIN-based runpath properly:
/opt/ssh/lib/libhogweed.so.6: RUNPATH: RIGIN/../lib:/opt/ssh/lib RPATH: RIGIN/../lib:/opt/ssh/lib
And:
/opt/ssh/lib/libnettle.so.8.0: RUNPATH: RIGIN/../lib:/opt/ssh/lib RPATH: RIGIN/../lib:/opt/ssh/lib
Besides $ORIGIN, Nettle may encounter $LIB and $PLATFORM. Also see ld.so man page (https://man7.org/linux/man-pages/man8/ld.so.8.html).
I believe the fix is to escape the dollar sign in the makefile. That is, when Nettle creates its makefiles, it must use:
-Wl,-runpath,'$$ORIGIN/../lib' ...
Jeff