8

I have an inconsistency, and I could not align their versions properly, so I just wanted to remove the library version. Can I do this? Is the header version for PHP while the library is from my distro? Can I upgrade PHP's library version? If so, how? I am using PHP 5.4.4

For example, phpinfo

Alex Howansky
  • 50,515
  • 8
  • 78
  • 98
Strawberry
  • 66,024
  • 56
  • 149
  • 197

5 Answers5

4

Is the header version for PHP while the library is from my distro?

It means it was compiled against the 1.0.1 headers, but is now dynamically linking against 0.9.8. So you are using an older version than what was used when PHP was compiled.

Many libraries store the version in the header files. So when a program uses the library, it can do something like int HEADER_FOO_VERSION = LIBRARY_VERSION, which embeds that version number into the program (e.g., php). Now when that program runs, it links dynamically against the library, which may be a different one than was on the host system.

That library may have a function call, say int get_library_version(). So the program (PHP) can check if HEADER_FOO_VERSION == get_library_version(). If it's different, then there could be a compatibility issue. (Of course, it doesn't have to be assign to a local variable... I'm just trying to drive home the point that the header version number can be compiled into php, and remains constant no matter which version of the library is being used at run time.)

Whether or not it is a problem depends on if the two versions are compatible.

Usually if the library is > than the header, you are okay. It's definitely more likely to be a problem if the library is older than the version it was linked against. Of course, this is because it's impossible to know what changes future versions may have.

So in your case, I would try to update your system's SSL libraries via apt-get, yum, etc, to match the version PHP is expecting.

To check which version php is using on Linux:

$ ldd `which php` | grep ssl
  libssl.so.1.0.0 => /lib/i386-linux-gnu/libssl.so.1.0.0

Note that which php is just a short-cut to find the full path. You can hard code any executable you'd like to check: ldd /usr/sbin/httpd.

Matthew
  • 47,584
  • 11
  • 86
  • 98
  • 1
    @Strawberry, I added a command that lets you check which version PHP is using. Perhaps it's picking up a different library than you are expecting it. – Matthew Jul 15 '12 at 20:26
  • `libssl.so.1.0.0 => /usr/lib/x86_64-linux-gnu/libssl.so.1.0.0 (0x00007f48c32ef000)` – Strawberry Jul 15 '12 at 20:31
  • 1
    You may also want to do the same thing with Apache's executable (maybe `httpd`) and `mod_php.so`, or whatever your web server version is named. If those too are linked to the proper version, I'm not sure where PHP is getting it's numbers from. – Matthew Jul 15 '12 at 20:33
  • I just recompiled Apache and it worked! How can I avoid having to re-compile apache every time I upgrade a library (like this situation)? Also, what is the command `ldd \`which httpd\` | grep ssl`? How do you do it for mod_php.so? – Strawberry Jul 15 '12 at 20:35
  • 1
    Every time you do what? Now that you've rebuilt it, it should probably honor your local settings. Perhaps before it was compiled with SSL built in to its core. (I don't know.) But just keep an eye on it, the next time you upgrade SSL to see. (See my edit: You can hard code any executable that you'd like to check.) – Matthew Jul 15 '12 at 20:38
  • You were the MOST informative, but James did give the solution. I really wish I could give 2 best answers. No hard feelings! Thanks a lot Matthew! – Strawberry Jul 15 '12 at 20:43
  • 2
    Don't worry, I'm here to help people, not increase my e-score. – Matthew Jul 15 '12 at 20:44
  • "Usually if the library is > than the header, you are okay" I was unlucky in that case, getting segmentation faults :-) (p.s. see my answer below for another possible solution if you are building from source.) – lm713 Aug 15 '15 at 22:47
2

I dont know the answer myself, but when searched on google some nice resources explaining the same.....

What's the difference between a header file and a library?

The version of the files are the one mentioned in the phpinfo used to create a library.

Hope it helps, there are lot of resource available if searched on google.

Still will like to hear from someone in great details about the question

Community
  • 1
  • 1
swapnilsarwe
  • 1,290
  • 1
  • 8
  • 13
2

The header version is the functionality version, whereas the library version is the code version.

The header defines the interface - it tells you what functions are within the library. If a header gets updated, then you need to check to make sure all the functions are the same, and see if any are added or subtracted.

But if a library gets updated, and not the header, it means all the function calls are the same, but some of the code may be changed (eg, bug fixes).

In your example, PHP is seeing functionality for OpenSSL 1.0.1, but the actual version of the source code that OpenSSL is loading is 0.9.8o

cegfault
  • 6,442
  • 3
  • 27
  • 49
1

This is commonly seen on updated versions of openssl. What happens is the newer versions for the libraries are stored in different folder. The original folder located at /usr/bin/openssl would need a symbolic link to the new folder /usr/local/bin/openssl. That would get both to be the same version or just show OpenSSL Version _(Whatever)

Normally there is no concern for this, since it still works the way it is intended. This is seen a lot on shared servers.

EDIT:

The information in this post is generic and can be different if you are running
CentOS, RedHat, Ubuntu, or another Linux/BSD version. Check documentation or man
pages for the best information

If you do update your OpenSSL, some versions of *nix Require for you to rebuild PHP and Apache for it to update

James Williams
  • 4,221
  • 1
  • 19
  • 35
  • 1
    @Strawberry, it makes sense. If you were to run the same commands from my answer on Apache, you'd see it was loading the old version of SSL before PHP got a chance to load the newer one. This is why `php`, the CLI version was reporting the proper version. – Matthew Jul 15 '12 at 20:36
  • @Strawberry We have the same case. I would like to ask how did you rebuild apache? Like do I need to do a reconfiguration or something. Thanks. – whoknows Aug 02 '16 at 02:15
0

If you are rebuilding PHP from source, I have found another possible reason for a mismatch. It's so simple yet if you are not familiar with building from source on Linux, not knowing it can cost you a lot of time.

The answer is here: https://serverfault.com/a/567705/305059 - unfortunately I cannot up-vote it over the not-so-useful answer, so if you have the reputation there, please do.

You need to run "make clean" before "make" in order for it to rebuild all binaries. Strangely, without this step I was getting an updated library version, but the old header version - so I think it must have rebuilt something, but not everything. My rebuild involved linking to a version of curl in another location (built with ssl), which might be the reason behind it.

Anyway, I hope this helps someone. Thank you to @velcrow on serverfault.

Community
  • 1
  • 1
lm713
  • 312
  • 5
  • 16