Home > Software design >  Does curl need openssl at runtime?
Does curl need openssl at runtime?

Time:08-09

Curl lists openSSL as an external dependency on https://curl.se/docs/libs.html.

However, if I do otool -L $(which curl) (macOS 12.5) I get the following output:

/usr/bin/curl:
    /usr/lib/libcurl.4.dylib (compatibility version 7.0.0, current version 9.0.0)
    /usr/lib/libz.1.dylib (compatibility version 1.0.0, current version 1.2.11)
    /usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 1311.120.1)

No openSSL. Is this because it is only needed to compile/build curl but is not needed as an external library at runtime?

Will curl still work if I delete openSSL?

CodePudding user response:

If your curl knows how to speak HTTPS or any other protocol that needs TLS, then your curl depends on a TLS library.

OpenSSL is one such a library, but curl currently supports 13 different TLS libraries that it can be built to use.

If your curl speaks a TLS protocol, it depends on one of those supported libraries. On macOS, Apple seems to have favored libressl lately but in the past they also made builds using Secure Transport directly.

The curl -V output shows which TLS library it uses in the first line, but it might take a little experience to fully understand it. TLS libraries mentioned within parentheses there are optionally enabled by the application at start.

The libraries showed in the otool output are dynamically linked at run-time. It means they need to be present and loadable when you invoke curl so that the run-time linker can load them and execute curl fine.

If you build curl yourself or download someone else's build, you can also link it statically and then all the libraries can be built into a single huge binary blob, but that is not how curl is usually built and shipped in operating systems like macOS and Linux distributions.

  • Related